backdot 1.8.1 → 1.8.2

package/dist/cli.js

@@ -30,10 +30,17 @@ cli.command("backup", "Run a backup now").action(async () => {
 });
 cli
     .command("restore [url]", "Restore files")
+    .option("--machine <name>", "Restore a specific machine")
     .option("--commit <sha>", "Restore from a specific backup commit")
-    .option("-y, --yes", "Accept defaults without prompting")
+    .option("--no-overwrite", "Restore only new files; never overwrite existing ones (non-interactive)")
     .action(async (url, options) => {
-    await restore({ repoUrl: url, commit: options.commit, yes: !!options.yes });
+    await restore({
+        repoUrl: url,
+        commit: options.commit,
+        // cac defaults `overwrite` to true and `--no-overwrite` flips it to false.
+        skipExisting: options.overwrite === false,
+        machine: options.machine,
+    });
 });
 cli
     .command("history [url]", "List and restore a previous backup")
@@ -51,8 +58,14 @@ cli.command("", "").action(() => {
         console.log(`  No config found. Run ${chalk.bold("backdot init")} to get started.\n`);
     }
 });
-// cac auto-adds a --help flag; remove its redundant section from help output
-cli.help((sections) => sections.filter((s) => !s.body?.includes("--help")));
+cli.help((sections) => sections.filter((section) => {
+    if (!section.body) {
+        return true;
+    }
+    const contentLines = section.body.split("\n").filter((line) => line.trim() !== "");
+    const listsOnlyHelpAndVersion = contentLines.every((line) => /--(help|version)/.test(line));
+    return !listsOnlyHelpAndVersion;
+}));
 cli.version(getVersion());
 async function main() {
     try {

package/dist/commands/backup.js

@@ -2,6 +2,7 @@ import fs from "node:fs";
 import path from "node:path";
 import ora from "ora";
 import { loadConfig, CONFIG_PATH } from "../config.js";
+import { POST_RESTORE_HOOK_PATH } from "../paths.js";
 import { resolveFiles } from "../resolveFiles.js";
 import { cleanStaging, copyToStaging, writeRepoReadme, machineDir } from "../staging.js";
 import { gitPull, gitCommitAndPush } from "../git.js";
@@ -61,6 +62,10 @@ export async function backup() {
             return;
         }
         const files = [...userFiles, CONFIG_PATH];
+        // Automatically backup the "post-restore" hook if it exists
+        if (fs.existsSync(POST_RESTORE_HOOK_PATH)) {
+            files.push(POST_RESTORE_HOOK_PATH);
+        }
         spinner.text = "Syncing with remote";
         await gitPull(config.repository);
         if (derivedKey) {

package/dist/commands/init.js

@@ -1,5 +1,6 @@
 import { execFileSync } from "node:child_process";
 import fs from "node:fs";
+import path from "node:path";
 import os from "node:os";
 import chalk from "chalk";
 import { CONFIG_PATH } from "../config.js";
@@ -42,6 +43,7 @@ export function init() {
         console.log(`  ${chalk.yellow(`${CONFIG_PATH} already exists — skipping creation.`)}`);
     }
     else {
+        fs.mkdirSync(path.dirname(CONFIG_PATH), { recursive: true });
         fs.writeFileSync(CONFIG_PATH, JSON.stringify(DEFAULT_CONFIG, null, 2) + "\n");
         console.log(`  Created ${CONFIG_PATH} with defaults.`);
     }

package/dist/commands/restore.d.ts

@@ -1,5 +1,6 @@
-export declare function restore({ repoUrl, commit, yes, }?: {
+export declare function restore({ repoUrl, commit, skipExisting, machine: machineOverride, }?: {
     repoUrl?: string;
     commit?: string;
-    yes?: boolean;
+    skipExisting?: boolean;
+    machine?: string;
 }): Promise<void>;

package/dist/commands/restore.js

@@ -1,16 +1,16 @@
 import fs from "node:fs";
 import path from "node:path";
-import os from "node:os";
 import ora from "ora";
 import { checkbox, select, Separator } from "@inquirer/prompts";
 import { loadConfig } from "../config.js";
 import { gitPull } from "../git.js";
-import { STAGING_DIR, machineDir } from "../staging.js";
+import { STAGING_DIR, machineDir, getRestoreTarget, HOME_NAMESPACE, ROOT_NAMESPACE, } from "../staging.js";
+import { POST_RESTORE_HOOK_PATH } from "../paths.js";
+import { runPostRestoreHook } from "../postRestoreHook.js";
 import { logger } from "../log.js";
 import { pluralize } from "../utils.js";
 import { decrypt, deriveKey } from "../crypto/encryption.js";
 import { resolvePassword, offerToSaveKeyFile, ENC_SUFFIX } from "../crypto/password.js";
-const HOME = os.homedir();
 function listFilesRecursively(dir) {
     return fs
         .readdirSync(dir, { withFileTypes: true })
@@ -29,10 +29,15 @@ function listMachines() {
         .filter((entry) => entry.isDirectory() && entry.name !== ".git")
         .map((entry) => entry.name);
 }
-async function resolveRepoAndMachine(repoUrl, commit) {
+function formatMachineList(machines) {
+    return machines.map((machine) => `    - ${machine}`).join("\n");
+}
+async function resolveRepoAndMachine(repoUrl, commit, machineOverride) {
     if (!repoUrl) {
         const config = loadConfig();
-        return { repository: config.repository, machine: config.machine };
+        // An explicit --machine wins over the configured machine; the repository
+        // still comes from config.
+        return { repository: config.repository, machine: machineOverride ?? config.machine };
     }
     const spinner = ora("Cloning backup repository").start();
     try {
@@ -47,22 +52,28 @@ async function resolveRepoAndMachine(repoUrl, commit) {
     if (machines.length === 0) {
         throw new Error("The backup repository is empty (no machine directories found).");
     }
-    let machine;
+    if (machineOverride) {
+        if (!machines.includes(machineOverride)) {
+            throw new Error(`No backup found for machine "${machineOverride}".\n  Available machines:\n${formatMachineList(machines)}`);
+        }
+        return { repository: repoUrl, machine: machineOverride };
+    }
     if (machines.length === 1) {
-        machine = machines[0];
+        return { repository: repoUrl, machine: machines[0] };
     }
-    else {
-        machine = await select({
-            message: "Multiple machines found. Which one do you want to restore?",
-            loop: false,
-            choices: machines.map((machine) => ({ name: machine, value: machine })),
-        });
+    if (!process.stdin.isTTY) {
+        throw new Error(`Multiple machines found in the backup repository. Re-run with --machine <name>:\n${formatMachineList(machines)}`);
     }
+    const machine = await select({
+        message: "Multiple machines found. Which one do you want to restore?",
+        loop: false,
+        choices: machines.map((machine) => ({ name: machine, value: machine })),
+    });
     return { repository: repoUrl, machine };
 }
-export async function restore({ repoUrl, commit, yes, } = {}) {
+export async function restore({ repoUrl, commit, skipExisting, machine: machineOverride, } = {}) {
     logger.info("Starting restore");
-    const { repository, machine } = await resolveRepoAndMachine(repoUrl, commit);
+    const { repository, machine } = await resolveRepoAndMachine(repoUrl, commit, machineOverride);
     const spinner = ora("Fetching latest backup").start();
     const machineStagingDir = machineDir(machine);
     try {
@@ -87,7 +98,12 @@ export async function restore({ repoUrl, commit, yes, } = {}) {
         }
         return;
     }
-    const backupFiles = listFilesRecursively(machineStagingDir);
+    // Restore only the two managed namespaces; anything else in the machine dir
+    // (e.g. a user-authored README.md) is documentation, not a file to restore.
+    const backupFiles = [HOME_NAMESPACE, ROOT_NAMESPACE]
+        .map((namespace) => path.join(machineStagingDir, namespace))
+        .filter((namespaceDir) => fs.existsSync(namespaceDir))
+        .flatMap(listFilesRecursively);
     logger.info(`Found ${pluralize(backupFiles.length, "file")} in backup repository`);
     if (backupFiles.length === 0) {
         spinner.stop();
@@ -95,11 +111,12 @@ export async function restore({ repoUrl, commit, yes, } = {}) {
         return;
     }
     const fileMappings = backupFiles.map((backupFilePath) => {
-        let relativePath = path.relative(machineStagingDir, backupFilePath);
-        if (relativePath.endsWith(ENC_SUFFIX)) {
-            relativePath = relativePath.slice(0, -ENC_SUFFIX.length);
+        let machineRelativePath = path.relative(machineStagingDir, backupFilePath);
+        if (machineRelativePath.endsWith(ENC_SUFFIX)) {
+            machineRelativePath = machineRelativePath.slice(0, -ENC_SUFFIX.length);
         }
-        return { src: backupFilePath, dest: path.join(HOME, relativePath), relativePath };
+        const { destination, displayPath } = getRestoreTarget(machineRelativePath);
+        return { src: backupFilePath, dest: destination, displayPath };
     });
     const filesAlreadyOnDisk = fileMappings.filter((file) => fs.existsSync(file.dest));
     const newFiles = fileMappings.filter((file) => !fs.existsSync(file.dest));
@@ -107,10 +124,10 @@ export async function restore({ repoUrl, commit, yes, } = {}) {
     spinner.stop();
     console.log();
     let filesToRestore;
-    if (yes) {
+    if (skipExisting) {
         filesToRestore = newFiles;
         if (filesAlreadyOnDisk.length > 0) {
-            console.log(`  Skipped ${pluralize(filesAlreadyOnDisk.length, "existing file")}. Run without --yes to select them.`);
+            console.log(`  Skipped ${pluralize(filesAlreadyOnDisk.length, "existing file")}. Run without --no-overwrite to select them.`);
             console.log();
         }
     }
@@ -119,13 +136,13 @@ export async function restore({ repoUrl, commit, yes, } = {}) {
         if (newFiles.length > 0) {
             choices.push(new Separator(`── New files (${newFiles.length}) ──`));
             for (const file of newFiles) {
-                choices.push({ name: file.relativePath, value: file, checked: true });
+                choices.push({ name: file.displayPath, value: file, checked: true });
             }
         }
         if (filesAlreadyOnDisk.length > 0) {
             choices.push(new Separator(`── Existing files — will overwrite (${filesAlreadyOnDisk.length}) ──`));
             for (const file of filesAlreadyOnDisk) {
-                choices.push({ name: file.relativePath, value: file, checked: false });
+                choices.push({ name: file.displayPath, value: file, checked: false });
             }
         }
         filesToRestore = await checkbox({
@@ -163,4 +180,9 @@ export async function restore({ repoUrl, commit, yes, } = {}) {
         await offerToSaveKeyFile(password);
     }
     logger.info(`Restored ${pluralize(filesToRestore.length, "file")}`);
+    // Run the hook only if it was among the files just restored, so we
+    // never execute a stale on-disk script the user chose not to restore.
+    if (filesToRestore.some(({ dest }) => dest === POST_RESTORE_HOOK_PATH)) {
+        runPostRestoreHook();
+    }
 }

package/dist/commands/status.js

@@ -1,3 +1,4 @@
+import fs from "node:fs";
 import os from "node:os";
 import chalk from "chalk";
 import ora from "ora";
@@ -24,6 +25,11 @@ function formatVisibility(visibility) {
     }
 }
 export async function status() {
+    if (!fs.existsSync(CONFIG_PATH)) {
+        console.log();
+        console.log(`  No config found. Run ${chalk.bold("backdot init")} to get started.\n`);
+        return;
+    }
     const scheduled = isScheduled();
     console.log();
     console.log(`  Schedule:    ${scheduled ? "active (daily at 02:00)" : `not active  (run ${chalk.bold("backdot schedule")} to enable)`}`);
@@ -46,29 +52,35 @@ export async function status() {
         console.log();
         return;
     }
-    const derivedKey = config.encrypt ? deriveKey((await resolvePassword()).password) : undefined;
+    const resolveKey = config.encrypt
+        ? async () => deriveKey((await resolvePassword()).password)
+        : undefined;
     console.log();
     const spinner = ora("Resolving files").start();
     try {
         const userFiles = resolveFiles(config);
         if (userFiles.length === 0) {
-            spinner.warn("No files resolved. Check your ~/.backdot.json entries.");
+            spinner.warn("No files resolved. Check your ~/.backdot/config.json entries.");
             console.log();
             return;
         }
         const files = [...userFiles, CONFIG_PATH];
         spinner.text = "Comparing with remote backup";
-        const { backedUp, modified, notBackedUp, error } = await compareFiles({
+        const { backedUp, modified, notBackedUp, remoteIsEmpty, error } = await compareFiles({
             files,
             machine: config.machine,
             repository: config.repository,
-            derivedKey,
+            resolveKey,
         });
         spinner.stop();
         if (error) {
             console.log(chalk.yellow(`  Could not fetch status: ${error}`));
             return;
         }
+        if (remoteIsEmpty) {
+            console.log(`  No backup yet — showing what ${chalk.bold("backdot backup")} would back up.`);
+            console.log();
+        }
         if (modified.length === 0 && notBackedUp.length === 0) {
             console.log(chalk.green(`  All ${pluralize(files.length, "file")} are backed up ✓`));
         }

package/dist/config.d.ts

@@ -1,5 +1,6 @@
 import { z } from "zod";
-export declare const CONFIG_PATH: string;
+import { CONFIG_PATH } from "./paths.js";
+export { CONFIG_PATH };
 export declare function expandTilde(pattern: string): string;
 declare const ConfigSchema: z.ZodObject<{
     repository: z.ZodString;
@@ -9,4 +10,3 @@ declare const ConfigSchema: z.ZodObject<{
 }, z.core.$strip>;
 export type Config = z.infer<typeof ConfigSchema>;
 export declare function loadConfig(): Config;
-export {};

package/dist/config.js

@@ -2,7 +2,8 @@ import fs from "node:fs";
 import path from "node:path";
 import os from "node:os";
 import { z } from "zod";
-export const CONFIG_PATH = path.join(os.homedir(), ".backdot.json");
+import { CONFIG_PATH } from "./paths.js";
+export { CONFIG_PATH };
 export function expandTilde(pattern) {
     // fast-glob uses "!" for negation patterns — preserve the prefix, expand the rest
     if (pattern.startsWith("!")) {

package/dist/crypto/password.d.ts

@@ -1,5 +1,7 @@
-export declare const KEY_FILE_PATH: string;
+import { KEY_FILE_PATH } from "../paths.js";
+export { KEY_FILE_PATH };
 export declare const ENC_SUFFIX = ".encrypted";
+export declare function hashPassword(password: string): string;
 export declare function checkKeyFilePermissions(): void;
 export declare function saveKeyFile(password: string): void;
 export type PasswordSource = "env" | "file" | "prompt";

package/dist/crypto/password.js

@@ -1,11 +1,10 @@
 import crypto from "node:crypto";
 import fs from "node:fs";
-import path from "node:path";
-import os from "node:os";
 import { password as passwordPrompt, confirm } from "@inquirer/prompts";
-export const KEY_FILE_PATH = path.join(os.homedir(), ".backdot.key");
+import { KEY_FILE_PATH } from "../paths.js";
+export { KEY_FILE_PATH };
 export const ENC_SUFFIX = ".encrypted";
-function hashPassword(password) {
+export function hashPassword(password) {
     return crypto.createHash("sha256").update(password).digest("hex");
 }
 export function checkKeyFilePermissions() {

package/dist/launchd.js

@@ -5,6 +5,7 @@ import os from "node:os";
 import ora from "ora";
 import { logger } from "./log.js";
 import { errorMessage } from "./utils.js";
+import { LOG_DIR, LAUNCHD_LOG_PATH } from "./paths.js";
 function escapeXml(text) {
     return text
         .replace(/&/g, "&")
@@ -22,7 +23,6 @@ function buildPlist() {
     const nodePath = process.execPath;
     const scriptPath = getScriptPath();
     const workingDir = path.dirname(scriptPath);
-    const logPath = path.join(os.homedir(), ".backdot", "launchd.log");
     return `<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
@@ -45,9 +45,9 @@ function buildPlist() {
     <integer>0</integer>
   </dict>
   <key>StandardOutPath</key>
-  <string>${escapeXml(logPath)}</string>
+  <string>${escapeXml(LAUNCHD_LOG_PATH)}</string>
   <key>StandardErrorPath</key>
-  <string>${escapeXml(logPath)}</string>
+  <string>${escapeXml(LAUNCHD_LOG_PATH)}</string>
   <key>RunAtLoad</key>
   <false/>
 </dict>
@@ -72,9 +72,8 @@ export function setupLaunchd() {
     const spinner = ora("Installing schedule").start();
     const plistContent = buildPlist();
     const launchAgentsDir = path.dirname(PLIST_PATH);
-    if (!fs.existsSync(launchAgentsDir)) {
-        fs.mkdirSync(launchAgentsDir, { recursive: true });
-    }
+    fs.mkdirSync(launchAgentsDir, { recursive: true });
+    fs.mkdirSync(LOG_DIR, { recursive: true });
     try {
         execFileSync("launchctl", ["unload", PLIST_PATH], { stdio: "pipe" });
     }

package/dist/log.js

@@ -1,9 +1,6 @@
 import fs from "node:fs";
-import path from "node:path";
-import os from "node:os";
 import winston from "winston";
-const LOG_DIR = path.join(os.homedir(), ".backdot");
-const LOG_FILE = path.join(LOG_DIR, "backup.log");
+import { LOG_DIR, CLI_LOG_PATH } from "./paths.js";
 let _logger;
 function getLogger() {
     if (!_logger) {
@@ -11,7 +8,7 @@ function getLogger() {
         _logger = winston.createLogger({
             level: "info",
             format: winston.format.combine(winston.format.timestamp({ format: "YYYY-MM-DD HH:mm:ss" }), winston.format.printf(({ timestamp, level, message }) => `${timestamp} [${level}] ${message}`)),
-            transports: [new winston.transports.File({ filename: LOG_FILE })],
+            transports: [new winston.transports.File({ filename: CLI_LOG_PATH })],
         });
     }
     return _logger;

package/dist/paths.d.ts

@@ -1,3 +1,9 @@
+export declare const CONFIG_PATH: string;
+export declare const KEY_FILE_PATH: string;
+export declare const POST_RESTORE_HOOK_PATH: string;
 export declare const STAGING_DIR: string;
 export declare const STAGING_GIT_DIR: string;
+export declare const LOG_DIR: string;
+export declare const CLI_LOG_PATH: string;
+export declare const LAUNCHD_LOG_PATH: string;
 export declare function machineDir(machine: string): string;

package/dist/paths.js

@@ -1,8 +1,15 @@
 import path from "node:path";
 import os from "node:os";
 const HOME = os.homedir();
-export const STAGING_DIR = path.join(HOME, ".backdot", "repo");
+const BACKDOT_DIR = path.join(HOME, ".backdot");
+export const CONFIG_PATH = path.join(BACKDOT_DIR, "config.json");
+export const KEY_FILE_PATH = path.join(BACKDOT_DIR, "encryption.key");
+export const POST_RESTORE_HOOK_PATH = path.join(BACKDOT_DIR, "post-restore");
+export const STAGING_DIR = path.join(BACKDOT_DIR, "repo");
 export const STAGING_GIT_DIR = path.join(STAGING_DIR, ".git");
+export const LOG_DIR = path.join(BACKDOT_DIR, "logs");
+export const CLI_LOG_PATH = path.join(LOG_DIR, "cli.log");
+export const LAUNCHD_LOG_PATH = path.join(LOG_DIR, "launchd.log");
 export function machineDir(machine) {
     return path.join(STAGING_DIR, machine);
 }

package/dist/postRestoreHook.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Runs the restored `~/.backdot/post-restore` script (a POSIX `sh` script) so a
+ * restored machine can provision itself. The caller decides when to invoke this
+ * (only when the hook was actually among the restored files). A non-zero exit is
+ * surfaced as an error — never swallowed — but files have already been restored.
+ */
+export declare function runPostRestoreHook(): void;

package/dist/postRestoreHook.js

@@ -0,0 +1,35 @@
+import { execFileSync } from "node:child_process";
+import os from "node:os";
+import { logger } from "./log.js";
+import { errorMessage } from "./utils.js";
+import { POST_RESTORE_HOOK_PATH } from "./paths.js";
+/**
+ * Runs the restored `~/.backdot/post-restore` script (a POSIX `sh` script) so a
+ * restored machine can provision itself. The caller decides when to invoke this
+ * (only when the hook was actually among the restored files). A non-zero exit is
+ * surfaced as an error — never swallowed — but files have already been restored.
+ */
+export function runPostRestoreHook() {
+    if (process.platform === "win32") {
+        console.log("  Post-restore hook found, but hooks are not supported on Windows. Skipping.\n");
+        logger.warn("Post-restore hook skipped (not supported on Windows)");
+        return;
+    }
+    console.log(`  Running post-restore hook (${POST_RESTORE_HOOK_PATH})…\n`);
+    logger.info("Running post-restore hook");
+    try {
+        execFileSync("/bin/sh", [POST_RESTORE_HOOK_PATH], {
+            cwd: os.homedir(),
+            stdio: "inherit",
+        });
+    }
+    catch (err) {
+        logger.error(`Post-restore hook failed: ${errorMessage(err)}`);
+        const exitCode = err.status;
+        const exitNote = typeof exitCode === "number" ? ` (exit code ${exitCode})` : "";
+        throw new Error(`Files were restored, but the post-restore hook failed${exitNote}.\n` +
+            `  Fix ${POST_RESTORE_HOOK_PATH} and re-run, or run it manually.`, { cause: err });
+    }
+    console.log();
+    logger.info("Post-restore hook completed");
+}

package/dist/repoVisibility.js

@@ -36,7 +36,12 @@ function execGitLsRemote(url) {
     return new Promise((resolve, reject) => {
         const child = execFile("git", ["-c", "credential.helper=", "ls-remote", "--quiet", url], {
             timeout: 10_000,
-            env: { ...process.env, GIT_TERMINAL_PROMPT: "0" },
+            env: {
+                ...process.env,
+                GIT_TERMINAL_PROMPT: "0",
+                GIT_ASKPASS: undefined,
+                SSH_ASKPASS: undefined,
+            },
         }, (error) => {
             if (error) {
                 reject(error);

package/dist/staging.d.ts

@@ -1,19 +1,33 @@
 import { STAGING_DIR, STAGING_GIT_DIR, machineDir } from "./paths.js";
 import { type DerivedKey } from "./crypto/encryption.js";
 export { STAGING_DIR, STAGING_GIT_DIR, machineDir };
+export declare const HOME_NAMESPACE = "home";
+export declare const ROOT_NAMESPACE = "root";
 export declare function getStagedPath(filePath: string, machine: string): string;
+export interface RestoreTarget {
+    /** Absolute path the file is restored to on this machine. */
+    destination: string;
+    /** Path shown in the restore picker (e.g. "~/.zshrc" or "/etc/hosts"). */
+    displayPath: string;
+}
+/**
+ * Inverse of getStagedPath: maps a path relative to the machine dir
+ * (e.g. "home/.zshrc" or "root/etc/hosts") back to its restore destination.
+ */
+export declare function getRestoreTarget(machineRelativePath: string): RestoreTarget;
 export declare function cleanStaging(machine: string): void;
 export declare function copyToStaging(files: string[], machine: string, derivedKey?: DerivedKey): void;
 export interface ComparisonResult {
     backedUp: string[];
     modified: string[];
     notBackedUp: string[];
+    remoteIsEmpty?: boolean;
     error?: string;
 }
 export declare function compareFiles(opts: {
     files: string[];
     machine: string;
     repository: string;
-    derivedKey?: DerivedKey;
+    resolveKey?: () => Promise<DerivedKey>;
 }): Promise<ComparisonResult>;
 export declare function writeRepoReadme(repository: string, encrypted?: boolean): void;

package/dist/staging.js

@@ -11,20 +11,44 @@ import { encrypt, decrypt } from "./crypto/encryption.js";
 import { KEY_FILE_PATH, ENC_SUFFIX } from "./crypto/password.js";
 export { STAGING_DIR, STAGING_GIT_DIR, machineDir };
 const HOME = os.homedir();
+// Backed-up files live under one of two namespaces inside the machine dir, which
+// keeps the layout lossless: HOME files restore relative to the restoring machine's
+// own home (portable across machines), while files elsewhere restore to their
+// original absolute path.
+export const HOME_NAMESPACE = "home";
+export const ROOT_NAMESPACE = "root";
+function isOutsideHome(filePath) {
+    const relativeToHome = path.relative(HOME, filePath);
+    return relativeToHome.startsWith("..") || path.isAbsolute(relativeToHome);
+}
 export function getStagedPath(filePath, machine) {
-    const relativePath = path.relative(HOME, filePath);
-    // Files outside HOME (e.g. /etc/foo) produce a relative path starting with "..",
-    // which would escape the machine dir. Use the absolute path minus the leading "/" instead.
-    const pathWithinMachineDir = relativePath.startsWith("..") ? filePath.slice(1) : relativePath;
+    const pathWithinMachineDir = isOutsideHome(filePath)
+        ? path.join(ROOT_NAMESPACE, filePath.slice(1)) // strip leading "/" so it stays inside the machine dir
+        : path.join(HOME_NAMESPACE, path.relative(HOME, filePath));
     return path.join(machineDir(machine), pathWithinMachineDir);
 }
+/**
+ * Inverse of getStagedPath: maps a path relative to the machine dir
+ * (e.g. "home/.zshrc" or "root/etc/hosts") back to its restore destination.
+ */
+export function getRestoreTarget(machineRelativePath) {
+    const [namespace, ...rest] = machineRelativePath.split(path.sep);
+    const subPath = rest.join(path.sep);
+    if (namespace === ROOT_NAMESPACE) {
+        const destination = path.join("/", subPath);
+        return { destination, displayPath: destination };
+    }
+    return { destination: path.join(HOME, subPath), displayPath: path.join("~", subPath) };
+}
 export function cleanStaging(machine) {
-    const machineStagingDir = machineDir(machine);
-    if (!fs.existsSync(machineStagingDir)) {
-        return;
+    // Remove only the backdot-managed namespaces so user-authored files in the
+    // machine dir (e.g. a hand-written README.md with restore notes) survive
+    // across backups. home/ and root/ are still fully rebuilt, so a backup
+    // remains a complete snapshot of the configured files.
+    for (const namespace of [HOME_NAMESPACE, ROOT_NAMESPACE]) {
+        fs.rmSync(path.join(machineDir(machine), namespace), { recursive: true, force: true });
     }
-    fs.rmSync(machineStagingDir, { recursive: true, force: true });
-    logger.info(`Cleaned staging directory for machine "${machine}"`);
+    logger.info(`Cleaned staging namespaces for machine "${machine}"`);
 }
 export function copyToStaging(files, machine, derivedKey) {
     const machineStagingDir = machineDir(machine);
@@ -54,13 +78,18 @@ export function copyToStaging(files, machine, derivedKey) {
 function failedComparisonResult(err) {
     return { backedUp: [], modified: [], notBackedUp: [], error: errorMessage(err) };
 }
+// This machine has no snapshot in the remote yet, so every file counts as "not
+// backed up". Lets `status` preview what a first backup would push instead of erroring.
+function emptyRemoteResult(files) {
+    return { backedUp: [], modified: [], notBackedUp: files, remoteIsEmpty: true };
+}
 export async function compareFiles(opts) {
-    const { files, machine, repository, derivedKey } = opts;
+    const { files, machine, repository, resolveKey } = opts;
     if (files.length === 0) {
         return { backedUp: [], modified: [], notBackedUp: [] };
     }
     if (!fs.existsSync(STAGING_GIT_DIR)) {
-        return failedComparisonResult(new Error('Backup repository not found. Run "backdot backup" first.'));
+        return emptyRemoteResult(files);
     }
     const git = simpleGit(STAGING_DIR);
     try {
@@ -92,7 +121,13 @@ export async function compareFiles(opts) {
     catch (err) {
         return failedComparisonResult(err);
     }
-    if (derivedKey) {
+    // Repo reachable but this machine has nothing backed up yet (empty repo, or it
+    // only holds other machines). Treat as a pre-backup preview.
+    if (remoteBlobHashes.size === 0) {
+        return emptyRemoteResult(files);
+    }
+    if (resolveKey) {
+        const derivedKey = await resolveKey();
         return compareFilesToRemote(files, machine, remoteBlobHashes, ENC_SUFFIX, (file, remoteBlobHash) => {
             try {
                 const blobContent = execFileSync("git", ["cat-file", "blob", remoteBlobHash], {
@@ -152,9 +187,11 @@ ${encryptionNote}
 ## Restore
 
 \`\`\`bash
-npx backdot restore ${repository}
+npx backdot restore ${repository} --machine <machine>
 \`\`\`
 
+Each machine is a top-level directory here; replace \`<machine>\` with the one you want to restore. A machine may also contain its own \`README.md\` with extra, machine-specific restore steps — backdot preserves it across backups.
+
 For full documentation, configuration options, and scheduling, see the [official README](https://github.com/sorenlouv/backdot).
 `;
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "backdot",
-  "version": "1.8.1",
+  "version": "1.8.2",
   "description": "Lightweight CLI to backup dotfiles and gitignored files to a Git repo on a daily schedule",
   "type": "module",
   "license": "MIT",
@@ -30,8 +30,7 @@
     "fmt:check": "prettier --check src/",
     "lint": "eslint src/",
     "lint:fix": "eslint src/ --fix",
-    "prepare": "husky",
-    "release": "./scripts/release.sh",
+    "prepare": "cd .. && husky",
     "start": "node dist/cli.js",
     "test": "vitest run --exclude src/e2e.test.ts --exclude src/git.integration.test.ts",
     "test:all": "npm run build && vitest run",
@@ -40,28 +39,29 @@
     "test:watch": "vitest"
   },
   "dependencies": {
-    "@inquirer/prompts": "^8.3.0",
+    "@inquirer/prompts": "^8.5.2",
     "cac": "^7.0.0",
     "chalk": "^5.6.2",
     "fast-glob": "^3.3.3",
-    "ora": "^9.3.0",
-    "p-retry": "^7.1.1",
-    "simple-git": "^3.32.2",
+    "ora": "^9.4.0",
+    "p-retry": "^8.0.0",
+    "simple-git": "^3.36.0",
     "winston": "^3.19.0",
-    "zod": "^4.3.6"
+    "zod": "^4.4.3"
   },
   "engines": {
-    "node": ">=18"
+    "node": ">=24"
   },
   "devDependencies": {
     "@eslint/js": "^10.0.1",
-    "@types/node": "^22.13.5",
-    "eslint": "^10.0.2",
+    "@types/node": "^25.9.3",
+    "esbuild": "^0.28.1",
+    "eslint": "^10.5.0",
     "eslint-config-prettier": "^10.1.8",
     "husky": "^9.1.7",
-    "prettier": "^3.8.1",
-    "typescript": "^5.7.3",
-    "typescript-eslint": "^8.56.1",
-    "vitest": "^4.0.18"
+    "prettier": "^3.8.4",
+    "typescript": "^6.0.3",
+    "typescript-eslint": "^8.61.0",
+    "vitest": "^4.1.8"
   }
 }

package/README.md

@@ -1,82 +0,0 @@
-<p align="center">
-  <img src="logo-small.png" alt="backdot" width="400" />
-</p>
-
-<h1 align="center">backdot</h1>
-
-<p align="center">Automated backup of important files (configs, dotfiles) to your own private Git repo.</p>
-
-## Getting started
-
-```bash
-npm install -g backdot
-backdot init
-```
-
-This creates `~/.backdot.json` with sensible defaults and walks you through setup. Open the config file and set your repository URL and the files you want backed up:
-
-```json
-{
-  "repository": "git@github.com:USERNAME/backdot-backup.git",
-  "machine": "my-work-laptop",
-  "paths": ["~/.zshrc", "~/.oh-my-zsh/custom/*.zsh", "~/.ssh/config", "~/.npmrc"]
-}
-```
-
-Run your first backup:
-
-```bash
-backdot backup
-```
-
-or configure the backport process to run automatically (daily at 2am)
-
-```bash
-backdot schedule
-```
-
-## Configuration
-
-| Key     | Description                                            |
-| ------- | ------------------------------------------------------ |
-| `paths` | Glob patterns matching individual files or directories |
-
-Prefix a pattern with `!` to exclude matching files:
-
-```json
-{
-  "paths": ["~/.config/ghostty/**", "!~/.config/ghostty/crash-reports/**"]
-}
-```
-
-## Encryption
-
-To encrypt files before they are pushed to the remote repo, add `"encrypt": true` to your config.
-
-On first backup you'll be prompted for a password and offered to save it to `~/.backdot.key` so that future backups do not prompt for a password.
-
-## Commands
-
-| Command                        | Description                                    |
-| ------------------------------ | ---------------------------------------------- |
-| `init`                         | Set up backdot for the first time              |
-| `backup`                       | Run a backup now                               |
-| `restore`                      | Restore latest backup from the configured repo |
-| `restore <url>`                | Restore from a specific repo URL               |
-| `restore [url] --commit <sha>` | Restore from a specific backup commit          |
-| `history [url]`                | Browse and restore a previous backup           |
-| `schedule`                     | Schedule automatic daily backup (Mac-only)     |
-| `unschedule`                   | Unschedule the daily backup                    |
-| `status`                       | Show schedule and resolved file list           |
-
-## Development
-
-```bash
-npm install
-npm run build
-npm start
-```
-
-## License
-
-MIT

package/dist/crypto.d.ts

@@ -1,13 +0,0 @@
-export declare const KEY_FILE_PATH: string;
-export declare const ENC_SUFFIX = ".encrypted";
-export declare function encryptBuffer(plaintext: Buffer, password: string): Buffer;
-export declare function decryptBuffer(data: Buffer, password: string): Buffer;
-export declare function checkKeyFilePermissions(): void;
-export declare function saveKeyFile(password: string): void;
-export interface PasswordResult {
-    password: string;
-    interactive: boolean;
-}
-export declare function resolvePassword(): Promise<PasswordResult>;
-export declare function confirmPassword(password: string): Promise<void>;
-export declare function offerToSaveKeyFile(password: string): Promise<void>;

package/dist/crypto.js

@@ -1,129 +0,0 @@
-import crypto from "node:crypto";
-import fs from "node:fs";
-import path from "node:path";
-import os from "node:os";
-import { password as passwordPrompt, confirm } from "@inquirer/prompts";
-// File-format signature identifying backdot-encrypted files
-const MAGIC = Buffer.from("BDOT");
-const VERSION = 0x01;
-const HEADER_SIZE = MAGIC.length + 1; // 5 bytes: magic + version
-const SALT_SIZE = 32;
-const IV_SIZE = 12;
-const TAG_SIZE = 16;
-const KEY_SIZE = 32;
-export const KEY_FILE_PATH = path.join(os.homedir(), ".backdot.key");
-export const ENC_SUFFIX = ".encrypted";
-function deriveKey(password, salt) {
-    return crypto.scryptSync(password, salt, KEY_SIZE, { N: 2 ** 14, r: 8, p: 1 });
-}
-export function encryptBuffer(plaintext, password) {
-    const salt = crypto.randomBytes(SALT_SIZE);
-    const iv = crypto.randomBytes(IV_SIZE);
-    const key = deriveKey(password, salt);
-    const cipher = crypto.createCipheriv("aes-256-gcm", key, iv);
-    const encrypted = Buffer.concat([cipher.update(plaintext), cipher.final()]);
-    const tag = cipher.getAuthTag();
-    return Buffer.concat([MAGIC, Buffer.from([VERSION]), salt, iv, tag, encrypted]);
-}
-export function decryptBuffer(data, password) {
-    if (!isEncrypted(data)) {
-        throw new Error("File is not encrypted (missing BDOT header).");
-    }
-    const minSize = HEADER_SIZE + SALT_SIZE + IV_SIZE + TAG_SIZE;
-    if (data.length < minSize) {
-        throw new Error("Encrypted file is too short or corrupted.");
-    }
-    let offset = HEADER_SIZE;
-    const salt = data.subarray(offset, offset + SALT_SIZE);
-    offset += SALT_SIZE;
-    const iv = data.subarray(offset, offset + IV_SIZE);
-    offset += IV_SIZE;
-    const tag = data.subarray(offset, offset + TAG_SIZE);
-    offset += TAG_SIZE;
-    const ciphertext = data.subarray(offset);
-    const key = deriveKey(password, salt);
-    const decipher = crypto.createDecipheriv("aes-256-gcm", key, iv);
-    decipher.setAuthTag(tag);
-    try {
-        return Buffer.concat([decipher.update(ciphertext), decipher.final()]);
-    }
-    catch {
-        throw new Error("Decryption failed — wrong password or corrupted file.");
-    }
-}
-function isEncrypted(data) {
-    return (data.length >= HEADER_SIZE &&
-        data[0] === MAGIC[0] &&
-        data[1] === MAGIC[1] &&
-        data[2] === MAGIC[2] &&
-        data[3] === MAGIC[3] &&
-        data[4] === VERSION);
-}
-export function checkKeyFilePermissions() {
-    if (process.platform === "win32") {
-        return;
-    }
-    if (!fs.existsSync(KEY_FILE_PATH)) {
-        return;
-    }
-    const stat = fs.statSync(KEY_FILE_PATH);
-    const mode = stat.mode & 0o777;
-    const isAccessibleByGroupOrOthers = (mode & 0o077) !== 0;
-    if (isAccessibleByGroupOrOthers) {
-        throw new Error(`Key file ${KEY_FILE_PATH} has overly permissive permissions (${mode.toString(8)}).\n` +
-            `  Run: chmod 600 ${KEY_FILE_PATH}`);
-    }
-}
-export function saveKeyFile(password) {
-    fs.writeFileSync(KEY_FILE_PATH, password + "\n", { mode: 0o600 });
-}
-function readKeyFile() {
-    if (!fs.existsSync(KEY_FILE_PATH)) {
-        return null;
-    }
-    checkKeyFilePermissions();
-    return fs.readFileSync(KEY_FILE_PATH, "utf-8").trimEnd();
-}
-export async function resolvePassword() {
-    const envPassword = process.env.BACKDOT_PASSWORD;
-    if (envPassword) {
-        return { password: envPassword, interactive: false };
-    }
-    const filePassword = readKeyFile();
-    if (filePassword) {
-        return { password: filePassword, interactive: false };
-    }
-    if (!process.stdin.isTTY) {
-        throw new Error('Encryption is enabled but no password found.\n  Run "backdot backup" interactively to create ~/.backdot.key, or set BACKDOT_PASSWORD.');
-    }
-    const enteredPassword = await passwordPrompt({ message: "Enter encryption password:" });
-    if (!enteredPassword) {
-        throw new Error("No password provided.");
-    }
-    return { password: enteredPassword, interactive: true };
-}
-export async function confirmPassword(password) {
-    const confirmedPassword = await passwordPrompt({ message: "Confirm password:" });
-    if (confirmedPassword !== password) {
-        throw new Error("Passwords do not match.");
-    }
-}
-export async function offerToSaveKeyFile(password) {
-    if (!process.stdin.isTTY) {
-        return;
-    }
-    if (fs.existsSync(KEY_FILE_PATH)) {
-        return;
-    }
-    if (process.env.BACKDOT_PASSWORD) {
-        return;
-    }
-    const save = await confirm({
-        message: "Save password to ~/.backdot.key for automated backups?",
-        default: true,
-    });
-    if (save) {
-        saveKeyFile(password);
-        console.log(`  Created ${KEY_FILE_PATH} (permissions: 600)`);
-    }
-}

package/dist/encryption.d.ts

@@ -1,2 +0,0 @@
-export declare function encrypt(plaintext: Buffer, password: string): Buffer;
-export declare function decrypt(encrypted: Buffer, password: string): Buffer;

package/dist/encryption.js

@@ -1,39 +0,0 @@
-import crypto from "node:crypto";
-const ALGORITHM = "aes-256-gcm";
-const SALT_LENGTH = 32;
-const IV_LENGTH = 12;
-const AUTH_TAG_LENGTH = 16;
-const KEY_LENGTH = 32;
-const SCRYPT_PARAMS = { N: 2 ** 14, r: 8, p: 1 };
-const OVERHEAD = SALT_LENGTH + IV_LENGTH + AUTH_TAG_LENGTH;
-function deriveKey(password, salt) {
-    return crypto.scryptSync(password, salt, KEY_LENGTH, SCRYPT_PARAMS);
-}
-export function encrypt(plaintext, password) {
-    const salt = crypto.randomBytes(SALT_LENGTH);
-    const iv = crypto.randomBytes(IV_LENGTH);
-    const key = deriveKey(password, salt);
-    const cipher = crypto.createCipheriv(ALGORITHM, key, iv);
-    const ciphertext = Buffer.concat([cipher.update(plaintext), cipher.final()]);
-    const authTag = cipher.getAuthTag();
-    return Buffer.concat([salt, iv, authTag, ciphertext]);
-}
-export function decrypt(encrypted, password) {
-    if (encrypted.length < OVERHEAD) {
-        throw new Error("Data is too short to be encrypted content.");
-    }
-    let offset = 0;
-    const salt = encrypted.subarray(offset, (offset += SALT_LENGTH));
-    const iv = encrypted.subarray(offset, (offset += IV_LENGTH));
-    const authTag = encrypted.subarray(offset, (offset += AUTH_TAG_LENGTH));
-    const ciphertext = encrypted.subarray(offset);
-    const key = deriveKey(password, salt);
-    const decipher = crypto.createDecipheriv(ALGORITHM, key, iv);
-    decipher.setAuthTag(authTag);
-    try {
-        return Buffer.concat([decipher.update(ciphertext), decipher.final()]);
-    }
-    catch {
-        throw new Error("Decryption failed — wrong password or corrupted data.");
-    }
-}

package/dist/errorMessage.d.ts

@@ -1 +0,0 @@
-export declare function errorMessage(err: unknown): string;

package/dist/errorMessage.js

@@ -1,3 +0,0 @@
-export function errorMessage(err) {
-    return err instanceof Error ? err.message : String(err);
-}

package/dist/password.d.ts

@@ -1,11 +0,0 @@
-export declare const KEY_FILE_PATH: string;
-export declare const ENC_SUFFIX = ".encrypted";
-export declare function checkKeyFilePermissions(): void;
-export declare function saveKeyFile(password: string): void;
-export interface PasswordResult {
-    password: string;
-    interactive: boolean;
-}
-export declare function resolvePassword(): Promise<PasswordResult>;
-export declare function confirmPassword(password: string): Promise<void>;
-export declare function offerToSaveKeyFile(password: string): Promise<void>;

package/dist/password.js

@@ -1,74 +0,0 @@
-import fs from "node:fs";
-import path from "node:path";
-import os from "node:os";
-import { password as passwordPrompt, confirm } from "@inquirer/prompts";
-export const KEY_FILE_PATH = path.join(os.homedir(), ".backdot.key");
-export const ENC_SUFFIX = ".encrypted";
-export function checkKeyFilePermissions() {
-    if (process.platform === "win32") {
-        return;
-    }
-    if (!fs.existsSync(KEY_FILE_PATH)) {
-        return;
-    }
-    const stat = fs.statSync(KEY_FILE_PATH);
-    const mode = stat.mode & 0o777;
-    const isAccessibleByGroupOrOthers = (mode & 0o077) !== 0;
-    if (isAccessibleByGroupOrOthers) {
-        throw new Error(`Key file ${KEY_FILE_PATH} has overly permissive permissions (${mode.toString(8)}).\n` +
-            `  Run: chmod 600 ${KEY_FILE_PATH}`);
-    }
-}
-export function saveKeyFile(password) {
-    fs.writeFileSync(KEY_FILE_PATH, password + "\n", { mode: 0o600 });
-}
-function readKeyFile() {
-    if (!fs.existsSync(KEY_FILE_PATH)) {
-        return null;
-    }
-    checkKeyFilePermissions();
-    return fs.readFileSync(KEY_FILE_PATH, "utf-8").trimEnd();
-}
-export async function resolvePassword() {
-    const envPassword = process.env.BACKDOT_PASSWORD;
-    if (envPassword) {
-        return { password: envPassword, interactive: false };
-    }
-    const filePassword = readKeyFile();
-    if (filePassword) {
-        return { password: filePassword, interactive: false };
-    }
-    if (!process.stdin.isTTY) {
-        throw new Error('Encryption is enabled but no password found.\n  Run "backdot backup" interactively to create ~/.backdot.key, or set BACKDOT_PASSWORD.');
-    }
-    const enteredPassword = await passwordPrompt({ message: "Enter encryption password:" });
-    if (!enteredPassword) {
-        throw new Error("No password provided.");
-    }
-    return { password: enteredPassword, interactive: true };
-}
-export async function confirmPassword(password) {
-    const confirmedPassword = await passwordPrompt({ message: "Confirm password:" });
-    if (confirmedPassword !== password) {
-        throw new Error("Passwords do not match.");
-    }
-}
-export async function offerToSaveKeyFile(password) {
-    if (!process.stdin.isTTY) {
-        return;
-    }
-    if (fs.existsSync(KEY_FILE_PATH)) {
-        return;
-    }
-    if (process.env.BACKDOT_PASSWORD) {
-        return;
-    }
-    const save = await confirm({
-        message: "Save password to ~/.backdot.key for automated backups?",
-        default: true,
-    });
-    if (save) {
-        saveKeyFile(password);
-        console.log(`  Created ${KEY_FILE_PATH} (permissions: 600)`);
-    }
-}

package/dist/plist.d.ts

@@ -1,3 +0,0 @@
-export declare function isScheduled(): boolean;
-export declare function setupLaunchd(): void;
-export declare function uninstallLaunchd(): void;

package/dist/plist.js

@@ -1,112 +0,0 @@
-import { execFileSync } from "node:child_process";
-import fs from "node:fs";
-import path from "node:path";
-import os from "node:os";
-import ora from "ora";
-import { logger } from "./log.js";
-import { errorMessage } from "./utils.js";
-function escapeXml(s) {
-    return s
-        .replace(/&/g, "&")
-        .replace(/</g, "&lt;")
-        .replace(/>/g, "&gt;")
-        .replace(/"/g, "&quot;");
-}
-const LABEL = "com.backdot.daemon";
-const PLIST_PATH = path.join(os.homedir(), "Library", "LaunchAgents", `${LABEL}.plist`);
-function getScriptPath() {
-    const currentDir = path.dirname(new URL(import.meta.url).pathname);
-    return path.resolve(currentDir, "cli.js");
-}
-function buildPlist() {
-    const nodePath = process.execPath;
-    const scriptPath = getScriptPath();
-    const workingDir = path.dirname(scriptPath);
-    const logPath = path.join(os.homedir(), ".backdot", "launchd.log");
-    return `<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-<plist version="1.0">
-<dict>
-  <key>Label</key>
-  <string>${LABEL}</string>
-  <key>ProgramArguments</key>
-  <array>
-    <string>${escapeXml(nodePath)}</string>
-    <string>${escapeXml(scriptPath)}</string>
-    <string>--backup</string>
-  </array>
-  <key>WorkingDirectory</key>
-  <string>${escapeXml(workingDir)}</string>
-  <key>StartCalendarInterval</key>
-  <dict>
-    <key>Hour</key>
-    <integer>2</integer>
-    <key>Minute</key>
-    <integer>0</integer>
-  </dict>
-  <key>StandardOutPath</key>
-  <string>${escapeXml(logPath)}</string>
-  <key>StandardErrorPath</key>
-  <string>${escapeXml(logPath)}</string>
-  <key>RunAtLoad</key>
-  <false/>
-</dict>
-</plist>`;
-}
-export function isScheduled() {
-    if (!fs.existsSync(PLIST_PATH)) {
-        return false;
-    }
-    try {
-        const output = execFileSync("launchctl", ["list", LABEL], { encoding: "utf-8", stdio: "pipe" });
-        return output.includes(LABEL);
-    }
-    catch {
-        return false;
-    }
-}
-export function setupLaunchd() {
-    const spinner = ora("Installing schedule").start();
-    const plistContent = buildPlist();
-    const dir = path.dirname(PLIST_PATH);
-    if (!fs.existsSync(dir)) {
-        fs.mkdirSync(dir, { recursive: true });
-    }
-    try {
-        execFileSync("launchctl", ["unload", PLIST_PATH], { stdio: "pipe" });
-    }
-    catch {
-        // Not loaded, that's fine
-    }
-    fs.writeFileSync(PLIST_PATH, plistContent);
-    logger.info(`Plist written to ${PLIST_PATH}`);
-    try {
-        execFileSync("launchctl", ["load", PLIST_PATH], { stdio: "pipe" });
-        spinner.succeed("Daily backup scheduled (02:00)");
-        console.log();
-        logger.info("Launchd job loaded");
-    }
-    catch (err) {
-        const msg = errorMessage(err);
-        spinner.fail(`Failed to load launchd job: ${msg}`);
-        console.log();
-        logger.error(`Failed to load launchd job: ${msg}`);
-        throw new Error(`Failed to load launchd job: ${msg}`, { cause: err });
-    }
-}
-export function uninstallLaunchd() {
-    const spinner = ora("Removing schedule").start();
-    try {
-        execFileSync("launchctl", ["unload", PLIST_PATH], { stdio: "pipe" });
-        logger.info("Launchd job unloaded");
-    }
-    catch {
-        logger.info("Launchd job was not loaded");
-    }
-    if (fs.existsSync(PLIST_PATH)) {
-        fs.unlinkSync(PLIST_PATH);
-        logger.info(`Plist removed: ${PLIST_PATH}`);
-    }
-    spinner.succeed("Schedule removed");
-    console.log();
-}

package/dist/resolve.d.ts

@@ -1,6 +0,0 @@
-import { Config } from "./config.js";
-/**
- * Resolve all file entries to absolute paths.
- * Skips entries that fail resolution and logs warnings.
- */
-export declare function resolveFiles(config: Config): string[];

package/dist/resolve.js

@@ -1,44 +0,0 @@
-import fs from "node:fs";
-import fg from "fast-glob";
-import { logger } from "./log.js";
-import { errorMessage, uniq } from "./utils.js";
-function resolveGlobs(patterns) {
-    if (patterns.length === 0) {
-        return [];
-    }
-    try {
-        return fg.sync(patterns, { absolute: true, dot: true, onlyFiles: true });
-    }
-    catch (err) {
-        logger.warn(`Glob pattern resolution failed: ${errorMessage(err)}`);
-        return [];
-    }
-}
-const LARGE_FILE_THRESHOLD = 10 * 1024 * 1024; // 10 MB
-/**
- * Resolve all file entries to absolute paths.
- * Skips entries that fail resolution and logs warnings.
- */
-export function resolveFiles(config) {
-    const unique = uniq(resolveGlobs(config.paths));
-    return unique.filter((filePath) => {
-        try {
-            fs.accessSync(filePath, fs.constants.R_OK);
-            const stat = fs.statSync(filePath);
-            if (!stat.isFile()) {
-                logger.warn(`Not a regular file, skipping: ${filePath}`);
-                return false;
-            }
-            if (stat.size > LARGE_FILE_THRESHOLD) {
-                const sizeMB = (stat.size / 1024 / 1024).toFixed(1);
-                logger.warn(`Large file (${sizeMB} MB), skipping: ${filePath}`);
-                return false;
-            }
-            return true;
-        }
-        catch {
-            logger.warn(`File not readable, skipping: ${filePath}`);
-            return false;
-        }
-    });
-}