blodemd 0.0.11 → 0.0.13

package/dist/cli.mjs

@@ -3,8 +3,7 @@ import { createRequire } from "node:module";
 import { spawn, spawnSync } from "node:child_process";
 import fs, { mkdir, readFile, rm, writeFile } from "node:fs/promises";
 import path, { join } from "node:path";
-import { confirm, intro, isCancel, log, password, select, spinner, text } from "@clack/prompts";
-import { shouldIgnoreRootDocsFile, slugify } from "@repo/common";
+import { confirm, intro, isCancel, log, select, spinner, text } from "@clack/prompts";
 import chalk from "chalk";
 import { Command, InvalidArgumentError } from "commander";
 import open from "open";
@@ -13,11 +12,34 @@ import { once } from "node:events";
 import { createServer } from "node:net";
 import { setTimeout as setTimeout$1 } from "node:timers/promises";
 import { fileURLToPath } from "node:url";
-import { createFsSource, loadSiteConfig } from "@repo/previewing";
+import { z } from "zod";
+import "yaml";
 import { watch } from "chokidar";
 import { createServer as createServer$1 } from "node:http";
 import { createHash, randomBytes } from "node:crypto";
 import { readFileSync } from "node:fs";
+//#region ../../packages/common/dist/index.js
+const BACKSLASH_TO_SLASH_REGEX = /\\/g;
+const TRAILING_SLASHES_REGEX = /\/+$/g;
+const LEADING_SLASHES_REGEX = /^\/+/;
+const normalizePath = (value) => {
+	return value.replace(BACKSLASH_TO_SLASH_REGEX, "/").replace(TRAILING_SLASHES_REGEX, "").replace(LEADING_SLASHES_REGEX, "");
+};
+const slugify = (value) => value.toLowerCase().trim().replaceAll(/[^a-z0-9]+/g, "-").replaceAll(/(^-|-$)+/g, "");
+const IGNORED_ROOT_DOCS_FILES = new Set([
+	".gitignore",
+	"AGENTS.md",
+	"CLAUDE.md",
+	"LICENSE",
+	"LICENSE.md",
+	"README.md"
+]);
+const shouldIgnoreRootDocsFile = (value) => {
+	const normalized = normalizePath(value);
+	if (!normalized || normalized.includes("/")) return false;
+	return IGNORED_ROOT_DOCS_FILES.has(normalized);
+};
+//#endregion
 //#region src/constants.ts
 const CLI_NAME = "blodemd";
 const BLODE_PROJECT_ENV = "BLODEMD_PROJECT";
@@ -31,30 +53,6 @@ const getDefaultConfigBaseDir = () => {
 const CONFIG_DIR = join(getDefaultConfigBaseDir(), CLI_NAME);
 const CREDENTIALS_FILE = join(CONFIG_DIR, "credentials.json");
 //#endregion
-//#region src/jwt.ts
-const parseJwtBase64Url = (input) => {
-	const normalized = input.replaceAll("-", "+").replaceAll("_", "/");
-	const padded = normalized.padEnd(Math.ceil(normalized.length / 4) * 4, "=");
-	return Buffer.from(padded, "base64").toString("utf8");
-};
-const parseJwtClaims = (token) => {
-	const payloadPart = token.split(".").at(1);
-	if (!payloadPart) return null;
-	try {
-		const payload = parseJwtBase64Url(payloadPart);
-		const parsed = JSON.parse(payload);
-		if (typeof parsed !== "object" || parsed === null) return null;
-		const claims = parsed;
-		return {
-			email: typeof claims.email === "string" ? claims.email : void 0,
-			exp: typeof claims.exp === "number" ? claims.exp : void 0,
-			sub: typeof claims.sub === "string" ? claims.sub : void 0
-		};
-	} catch {
-		return null;
-	}
-};
-//#endregion
 //#region src/errors.ts
 const EXIT_CODES = {
 	AUTH_REQUIRED: 4,
@@ -150,14 +148,6 @@ const parseStoredAuthSession = (value) => {
 		user
 	};
 };
-const parseApiKeyCredentials = (value) => {
-	if (!isRecord(value)) return null;
-	if (typeof value.apiKey !== "string") return null;
-	return {
-		apiKey: value.apiKey,
-		type: "api-key"
-	};
-};
 const createInvalidCredentialsError = (detail) => new CliError(detail ? `Invalid credentials format in ${CREDENTIALS_FILE}: ${detail}` : `Invalid credentials format in ${CREDENTIALS_FILE}`, EXIT_CODES.ERROR);
 const parseAuthFile = (raw) => {
 	let parsed;
@@ -168,13 +158,9 @@ const parseAuthFile = (raw) => {
 	}
 	if (!isRecord(parsed) || parsed.version !== 1) throw createInvalidCredentialsError();
 	const hasSession = Object.hasOwn(parsed, "session");
-	const hasApiKey = Object.hasOwn(parsed, "apiKey");
 	const session = hasSession && parsed.session !== void 0 ? parseStoredAuthSession(parsed.session) : void 0;
-	const apiKey = hasApiKey && parsed.apiKey !== void 0 ? parseApiKeyCredentials(parsed.apiKey) : void 0;
 	if (hasSession && parsed.session !== void 0 && !session) throw createInvalidCredentialsError("stored session is malformed.");
-	if (hasApiKey && parsed.apiKey !== void 0 && !apiKey) throw createInvalidCredentialsError("stored API key is malformed.");
 	return {
-		apiKey: apiKey ?? void 0,
 		session: session ?? void 0,
 		version: 1
 	};
@@ -204,16 +190,34 @@ const writeStoredAuthSession = async (session) => {
 		version: 1
 	});
 };
-const writeStoredApiKey = async (apiKey) => {
-	await writeAuthFile({
-		apiKey,
-		version: 1
-	});
-};
 const clearStoredCredentials = async () => {
 	await rm(CREDENTIALS_FILE, { force: true });
 };
 //#endregion
+//#region src/jwt.ts
+const parseJwtBase64Url = (input) => {
+	const normalized = input.replaceAll("-", "+").replaceAll("_", "/");
+	const padded = normalized.padEnd(Math.ceil(normalized.length / 4) * 4, "=");
+	return Buffer.from(padded, "base64").toString("utf8");
+};
+const parseJwtClaims = (token) => {
+	const payloadPart = token.split(".").at(1);
+	if (!payloadPart) return null;
+	try {
+		const payload = parseJwtBase64Url(payloadPart);
+		const parsed = JSON.parse(payload);
+		if (typeof parsed !== "object" || parsed === null) return null;
+		const claims = parsed;
+		return {
+			email: typeof claims.email === "string" ? claims.email : void 0,
+			exp: typeof claims.exp === "number" ? claims.exp : void 0,
+			sub: typeof claims.sub === "string" ? claims.sub : void 0
+		};
+	} catch {
+		return null;
+	}
+};
+//#endregion
 //#region src/supabase.ts
 const resolveSupabaseConfig = () => {
 	return { url: process.env.SUPABASE_URL ?? process.env.NEXT_PUBLIC_SUPABASE_URL ?? "https://bwnxwgkgyklzzmpbzuoz.supabase.co" };
@@ -254,53 +258,30 @@ const shouldRefresh = (session) => {
 	const ms = expiresInMs(session);
 	return ms !== null && ms <= 6e4;
 };
-const tokenFromRaw = (token, source) => {
-	const claims = parseJwtClaims(token);
-	return {
-		expiresAt: typeof claims?.exp === "number" ? (/* @__PURE__ */ new Date(claims.exp * 1e3)).toISOString() : null,
-		source,
-		token,
-		user: claims?.sub || claims?.email ? {
-			email: claims.email ?? null,
-			id: claims.sub ?? "unknown"
-		} : null
-	};
-};
 const sessionToResolvedToken = (session) => ({
 	expiresAt: session.expiresAt,
 	source: "stored",
 	token: session.accessToken,
 	user: session.user
 });
-const resolveAuthToken = async (optApiKey) => {
-	const envToken = (optApiKey ?? process.env["BLODEMD_API_KEY"])?.trim();
-	if (envToken) return tokenFromRaw(envToken, optApiKey ? "flag" : "environment");
-	const data = await readAuthFile();
-	const session = data?.session;
-	if (session) {
-		if (!(shouldRefresh(session) || isExpired(session))) return sessionToResolvedToken(session);
-		if (session.refreshToken) try {
-			const { tokenUrl } = buildOAuthUrls(resolveSupabaseConfig());
-			const updatedSession = tokenResponseToStoredSession(await refreshAccessToken({
-				clientId: OAUTH_CLIENT_ID,
-				tokenUrl
-			}, session.refreshToken));
-			await writeStoredAuthSession(updatedSession);
-			return sessionToResolvedToken(updatedSession);
-		} catch {}
-		if (isExpired(session)) {
-			await clearStoredCredentials();
-			return null;
-		}
-		return sessionToResolvedToken(session);
+const resolveAuthToken = async () => {
+	const session = (await readAuthFile())?.session;
+	if (!session) return null;
+	if (!(shouldRefresh(session) || isExpired(session))) return sessionToResolvedToken(session);
+	if (session.refreshToken) try {
+		const { tokenUrl } = buildOAuthUrls(resolveSupabaseConfig());
+		const updatedSession = tokenResponseToStoredSession(await refreshAccessToken({
+			clientId: OAUTH_CLIENT_ID,
+			tokenUrl
+		}, session.refreshToken));
+		await writeStoredAuthSession(updatedSession);
+		return sessionToResolvedToken(updatedSession);
+	} catch {}
+	if (isExpired(session)) {
+		await clearStoredCredentials();
+		return null;
 	}
-	if (data?.apiKey) return {
-		expiresAt: null,
-		source: "stored",
-		token: data.apiKey.apiKey,
-		user: null
-	};
-	return null;
+	return sessionToResolvedToken(session);
 };
 const resolveTokenStatus = (token) => {
 	if (!token.expiresAt) return {
@@ -334,6 +315,642 @@ const parsePort = (value, label = "Port") => {
 	return parsed;
 };
 //#endregion
+//#region ../../packages/models/dist/docs-config.js
+const UrlOrPathSchema = z.string().min(1);
+const SlugSchema = z.string().min(1).regex(/^[a-z0-9-]+$/);
+const DocsColorsSchema = z.object({
+	background: z.string().optional(),
+	border: z.string().optional(),
+	dark: z.string().optional(),
+	light: z.string().optional(),
+	muted: z.string().optional(),
+	primary: z.string().min(1),
+	surface: z.string().optional()
+}).strict();
+const DocsFontsSchema = z.object({
+	body: z.string().optional(),
+	cssUrl: z.string().optional(),
+	heading: z.string().optional(),
+	mono: z.string().optional(),
+	provider: z.enum([
+		"google",
+		"local",
+		"custom"
+	]).optional()
+}).strict();
+const DocsLogoSchema = z.object({
+	alt: z.string().optional(),
+	dark: UrlOrPathSchema.optional(),
+	href: z.string().min(1).optional(),
+	light: UrlOrPathSchema.optional()
+}).strict();
+const DocsNavLinkSchema = z.object({
+	href: z.string().min(1),
+	label: z.string().min(1)
+}).strict();
+const DocsNavAnchorSchema = z.object({
+	href: z.string().min(1),
+	label: z.string().min(1)
+}).strict();
+const DocsNavLocaleSchema = z.object({
+	label: z.string().min(1),
+	locale: z.string().optional(),
+	url: z.string().min(1)
+}).strict();
+const DocsNavVersionSchema = z.object({
+	label: z.string().min(1),
+	url: z.string().min(1)
+}).strict();
+const DocsOpenApiSourceSchema = z.object({
+	basePath: z.string().optional(),
+	directory: z.string().optional(),
+	include: z.array(z.string()).optional(),
+	source: z.string().min(1)
+}).strict();
+const DocsNavGroupSchema = z.object({
+	expanded: z.boolean().optional(),
+	group: z.string().optional(),
+	hidden: z.boolean().optional(),
+	openapi: z.union([z.string().min(1), DocsOpenApiSourceSchema]).optional(),
+	pages: z.array(z.string()).optional()
+}).strict();
+const DocsNavTabSchema = z.object({
+	groups: z.array(DocsNavGroupSchema).optional(),
+	href: z.string().min(1).optional(),
+	icon: z.string().optional(),
+	label: z.string().min(1),
+	pages: z.array(z.string()).optional()
+}).strict().refine((value) => Boolean(value.groups?.length || value.pages?.length || value.href), {
+	message: "tab must define groups, pages, or href",
+	path: []
+});
+const DocsNavigationSchema = z.object({
+	global: z.object({
+		anchors: z.array(DocsNavAnchorSchema).optional(),
+		links: z.array(DocsNavLinkSchema).optional()
+	}).strict().optional(),
+	groups: z.array(DocsNavGroupSchema).optional(),
+	hidden: z.array(z.string()).optional(),
+	languages: z.array(DocsNavLocaleSchema).optional(),
+	pages: z.array(z.string()).optional(),
+	tabs: z.array(DocsNavTabSchema).optional(),
+	versions: z.array(DocsNavVersionSchema).optional()
+}).strict();
+const DocsScriptsSchema = z.object({
+	body: z.array(z.string()).optional(),
+	head: z.array(z.string()).optional()
+}).strict();
+const DocsSeoSchema = z.object({ indexing: z.enum(["all", "default"]).optional() }).strict();
+const DocsFeatureFlagsSchema = z.object({
+	rightToc: z.boolean().optional(),
+	search: z.boolean().optional(),
+	themeToggle: z.boolean().optional(),
+	toc: z.boolean().optional()
+}).strict();
+const DocsOpenApiProxySchema = z.object({
+	allowedHosts: z.array(z.string()).optional(),
+	enabled: z.boolean().optional()
+}).strict();
+const MintlifyLogoSchema = z.union([UrlOrPathSchema, z.object({
+	dark: UrlOrPathSchema,
+	href: z.string().min(1).optional(),
+	light: UrlOrPathSchema
+}).strict()]);
+const MintlifyFaviconSchema = z.union([UrlOrPathSchema, z.object({
+	dark: UrlOrPathSchema,
+	light: UrlOrPathSchema
+}).strict()]);
+const MintlifyNavbarLinkSchema = z.object({
+	href: z.string().min(1),
+	icon: z.string().optional(),
+	iconType: z.string().optional(),
+	label: z.string().optional(),
+	type: z.enum(["discord", "github"]).optional()
+}).strict();
+const MintlifyNavbarPrimarySchema = z.object({
+	href: z.string().min(1),
+	label: z.string().optional(),
+	type: z.enum([
+		"button",
+		"discord",
+		"github"
+	])
+}).strict();
+const MintlifyNavbarSchema = z.object({
+	links: z.array(MintlifyNavbarLinkSchema).optional(),
+	primary: MintlifyNavbarPrimarySchema.optional()
+}).strict();
+const MintlifyNavigationGlobalSchema = z.object({ anchors: z.array(z.object({
+	anchor: z.string().min(1),
+	color: z.object({
+		dark: z.string().optional(),
+		light: z.string().optional()
+	}).strict().optional(),
+	hidden: z.boolean().optional(),
+	href: z.string().min(1),
+	icon: z.string().optional(),
+	iconType: z.string().optional()
+}).strict()).optional() }).strict();
+const MintlifyNavigationGroupSchema = z.object({
+	expanded: z.boolean().optional(),
+	group: z.string().min(1),
+	hidden: z.boolean().optional(),
+	icon: z.string().optional(),
+	pages: z.array(z.string()).optional(),
+	root: z.string().optional(),
+	tag: z.string().optional()
+}).strict();
+const MintlifyNavTabSchema = z.object({
+	groups: z.array(MintlifyNavigationGroupSchema).optional(),
+	hidden: z.boolean().optional(),
+	href: z.string().min(1).optional(),
+	icon: z.string().optional(),
+	pages: z.array(z.string()).optional(),
+	tab: z.string().min(1)
+}).strict();
+const MintlifyNavigationSchema = z.object({
+	global: MintlifyNavigationGlobalSchema.optional(),
+	groups: z.array(MintlifyNavigationGroupSchema).optional(),
+	languages: z.array(z.object({
+		default: z.boolean().optional(),
+		hidden: z.boolean().optional(),
+		href: z.string().min(1),
+		language: z.string().min(1)
+	}).strict()).optional(),
+	pages: z.array(z.string()).optional(),
+	tabs: z.array(MintlifyNavTabSchema).optional(),
+	versions: z.array(z.object({
+		default: z.boolean().optional(),
+		hidden: z.boolean().optional(),
+		href: z.string().min(1),
+		version: z.string().min(1)
+	}).strict()).optional()
+}).strict().refine((value) => Boolean(value.groups?.length || value.pages?.length || value.tabs?.length || value.languages?.length || value.versions?.length), {
+	message: "navigation must define at least one of groups, pages, tabs, languages, or versions",
+	path: []
+});
+const MintlifyApiSchema = z.object({
+	asyncapi: z.union([
+		z.string(),
+		z.array(z.string()),
+		DocsOpenApiSourceSchema
+	]).optional(),
+	examples: z.object({
+		autogenerate: z.boolean().optional(),
+		defaults: z.enum(["all", "required"]).optional(),
+		languages: z.array(z.string()).optional(),
+		prefill: z.boolean().optional()
+	}).strict().optional(),
+	mdx: z.object({
+		auth: z.object({
+			method: z.enum([
+				"basic",
+				"bearer",
+				"cobo",
+				"key"
+			]).optional(),
+			name: z.string().optional()
+		}).strict().optional(),
+		server: z.union([z.string().min(1), z.array(z.string().min(1))]).optional()
+	}).strict().optional(),
+	openapi: z.union([
+		z.string(),
+		z.array(z.string()),
+		DocsOpenApiSourceSchema
+	]).optional(),
+	params: z.object({ expanded: z.enum(["all", "closed"]).optional() }).strict().optional(),
+	playground: z.object({
+		credentials: z.boolean().optional(),
+		display: z.enum([
+			"auth",
+			"interactive",
+			"none",
+			"simple"
+		]).optional(),
+		proxy: z.boolean().optional()
+	}).strict().optional(),
+	url: z.literal("full").optional()
+}).strict();
+const MintlifyAppearanceSchema = z.object({
+	default: z.enum([
+		"dark",
+		"light",
+		"system"
+	]).optional(),
+	strict: z.boolean().optional()
+}).strict();
+const MintlifyMetadataSchema = z.object({ timestamp: z.boolean().optional() }).strict();
+const MintlifySearchSchema = z.object({ prompt: z.string().optional() }).strict();
+const ContextualBuiltinOptionSchema = z.enum([
+	"add-mcp",
+	"aistudio",
+	"assistant",
+	"chatgpt",
+	"claude",
+	"copy",
+	"cursor",
+	"devin",
+	"devin-mcp",
+	"gemini",
+	"grok",
+	"mcp",
+	"perplexity",
+	"view",
+	"vscode",
+	"windsurf"
+]);
+const ContextualCustomHrefQuerySchema = z.object({
+	key: z.string().min(1),
+	value: z.string().min(1)
+}).strict();
+const ContextualCustomHrefObjectSchema = z.object({
+	base: z.string().min(1),
+	query: z.array(ContextualCustomHrefQuerySchema)
+}).strict();
+const ContextualCustomOptionSchema = z.object({
+	description: z.string().min(1),
+	href: z.union([z.string().min(1), ContextualCustomHrefObjectSchema]),
+	icon: z.string().min(1),
+	iconType: z.string().optional(),
+	title: z.string().min(1)
+}).strict();
+const ContextualOptionSchema = z.union([ContextualBuiltinOptionSchema, ContextualCustomOptionSchema]);
+const DocsContextualSchema = z.object({
+	display: z.enum(["header", "toc"]).optional(),
+	options: z.array(ContextualOptionSchema)
+}).strict();
+const DocsConfigSchema = z.object({
+	$schema: z.string().optional(),
+	api: MintlifyApiSchema.optional(),
+	appearance: MintlifyAppearanceSchema.optional(),
+	contextual: DocsContextualSchema.optional(),
+	description: z.string().optional(),
+	favicon: MintlifyFaviconSchema.optional(),
+	logo: MintlifyLogoSchema.optional(),
+	metadata: MintlifyMetadataSchema.optional(),
+	name: z.string().min(1),
+	navbar: MintlifyNavbarSchema.optional(),
+	navigation: MintlifyNavigationSchema,
+	search: MintlifySearchSchema.optional(),
+	seo: DocsSeoSchema.optional(),
+	slug: SlugSchema.optional()
+}).strict();
+const ContentTypeSchema = z.enum([
+	"site",
+	"blog",
+	"docs",
+	"courses",
+	"products",
+	"notes",
+	"forms",
+	"sheets",
+	"slides",
+	"todos"
+]);
+const FrontmatterBaseSchema = z.object({
+	description: z.string().optional(),
+	hidden: z.boolean().optional(),
+	title: z.string().min(1)
+}).passthrough();
+FrontmatterBaseSchema.extend({
+	date: z.string().min(1),
+	tags: z.array(z.string()).optional()
+}).passthrough();
+FrontmatterBaseSchema.extend({ order: z.number() }).passthrough();
+FrontmatterBaseSchema.extend({
+	currency: z.string().min(1),
+	price: z.number(),
+	sku: z.string().min(1)
+}).passthrough();
+FrontmatterBaseSchema.extend({ date: z.string().min(1) }).passthrough();
+const FormFieldSchema = z.object({
+	id: z.string().min(1),
+	label: z.string().min(1),
+	options: z.array(z.string()).optional(),
+	required: z.boolean().optional(),
+	type: z.string().min(1)
+}).passthrough();
+FrontmatterBaseSchema.extend({ fields: z.array(FormFieldSchema).min(1) }).passthrough();
+FrontmatterBaseSchema.extend({ columns: z.array(z.string()).min(1) }).passthrough();
+FrontmatterBaseSchema.extend({ date: z.string().min(1) }).passthrough();
+const PageModeSchema = z.enum([
+	"default",
+	"wide",
+	"custom",
+	"frame",
+	"center"
+]);
+FrontmatterBaseSchema.extend({
+	deprecated: z.boolean().optional(),
+	hideApiMarker: z.boolean().optional(),
+	hideFooterPagination: z.boolean().optional(),
+	icon: z.string().optional(),
+	iconType: z.enum([
+		"regular",
+		"solid",
+		"light",
+		"thin",
+		"sharp-solid",
+		"duotone",
+		"brands"
+	]).optional(),
+	keywords: z.array(z.string()).optional(),
+	mode: PageModeSchema.optional(),
+	noindex: z.boolean().optional(),
+	sidebarTitle: z.string().optional(),
+	tag: z.string().optional(),
+	url: z.string().url().optional()
+}).passthrough();
+const CollectionIndexSchema = z.object({
+	description: z.string().optional(),
+	hidden: z.boolean().optional(),
+	slug: z.string().min(1),
+	title: z.string().optional()
+}).strict();
+const CollectionSortSchema = z.object({
+	direction: z.enum(["asc", "desc"]).optional(),
+	field: z.enum([
+		"date",
+		"order",
+		"title",
+		"price"
+	]).optional()
+}).strict();
+const CollectionConfigSchema = z.object({
+	id: z.string().min(1),
+	index: CollectionIndexSchema.optional(),
+	navigation: DocsNavigationSchema.optional(),
+	openapi: z.union([
+		z.string(),
+		z.array(z.string()),
+		DocsOpenApiSourceSchema
+	]).optional(),
+	root: z.string().optional(),
+	slugPrefix: z.string().optional(),
+	sort: CollectionSortSchema.optional(),
+	type: ContentTypeSchema
+}).strict();
+const SiteConfigSchema = z.object({
+	collections: z.array(CollectionConfigSchema).min(1),
+	colors: DocsColorsSchema.optional(),
+	contextual: DocsContextualSchema.optional(),
+	description: z.string().optional(),
+	favicon: UrlOrPathSchema.optional(),
+	features: DocsFeatureFlagsSchema.optional(),
+	fonts: DocsFontsSchema.optional(),
+	logo: DocsLogoSchema.optional(),
+	metadata: z.object({
+		defaultTitle: z.string().optional(),
+		ogImage: UrlOrPathSchema.optional(),
+		titleTemplate: z.string().optional()
+	}).strict().optional(),
+	name: z.string().min(1),
+	navigation: DocsNavigationSchema.optional(),
+	openapiProxy: DocsOpenApiProxySchema.optional(),
+	scripts: DocsScriptsSchema.optional(),
+	seo: DocsSeoSchema.optional(),
+	slug: SlugSchema.optional(),
+	theme: z.string().optional()
+}).strict();
+//#endregion
+//#region ../../packages/validation/dist/index.js
+const formatIssues = (issues) => issues.map((issue) => {
+	return `${issue.path.length ? issue.path.map(String).join(".") : "root"}: ${issue.message}`;
+});
+const validateSiteConfig = (input) => {
+	const result = SiteConfigSchema.safeParse(input);
+	if (result.success) return {
+		data: result.data,
+		success: true
+	};
+	return {
+		errors: formatIssues(result.error.issues),
+		success: false
+	};
+};
+const validateDocsConfig = (input) => {
+	const result = DocsConfigSchema.safeParse(input);
+	if (result.success) return {
+		data: result.data,
+		success: true
+	};
+	return {
+		errors: formatIssues(result.error.issues),
+		success: false
+	};
+};
+//#endregion
+//#region ../../packages/previewing/dist/fs-source.js
+const IGNORED_DIRECTORIES = new Set([
+	"app",
+	"lib",
+	"node_modules",
+	"public"
+]);
+const isNotFoundError = (error) => Boolean(error && typeof error === "object" && "code" in error && error.code === "ENOENT");
+const isWithinRoot = (root, candidate) => candidate === root || candidate.startsWith(`${root}${path.sep}`);
+const resolveWithinRoot = (root, relativePath) => {
+	const normalized = normalizePath(relativePath);
+	const absolutePath = path.resolve(root, normalized);
+	if (!isWithinRoot(root, absolutePath)) throw new Error(`Path "${relativePath}" escapes the content source root.`);
+	return absolutePath;
+};
+const walkFiles = async (directory, prefix) => {
+	const entries = await fs.readdir(directory, { withFileTypes: true });
+	const files = [];
+	for (const entry of entries) {
+		if (entry.name.startsWith(".")) continue;
+		const absolutePath = path.join(directory, entry.name);
+		const relativePath = prefix ? path.join(prefix, entry.name) : entry.name;
+		if (entry.isDirectory()) {
+			if (IGNORED_DIRECTORIES.has(entry.name)) continue;
+			files.push(...await walkFiles(absolutePath, relativePath));
+			continue;
+		}
+		if (entry.isFile()) {
+			if (!prefix && shouldIgnoreRootDocsFile(entry.name)) continue;
+			files.push(normalizePath(relativePath));
+		}
+	}
+	return files;
+};
+var FsContentSource = class {
+	root;
+	constructor(root) {
+		this.root = path.resolve(root);
+	}
+	async readFile(relativePath) {
+		return await fs.readFile(resolveWithinRoot(this.root, relativePath), "utf8");
+	}
+	async listFiles(directory) {
+		return await walkFiles(resolveWithinRoot(this.root, directory), "");
+	}
+	async exists(relativePath) {
+		try {
+			await fs.access(resolveWithinRoot(this.root, relativePath));
+			return true;
+		} catch (error) {
+			if (isNotFoundError(error)) return false;
+			throw error;
+		}
+	}
+	resolveUrl() {
+		return null;
+	}
+};
+const createFsSource = (root) => new FsContentSource(root);
+//#endregion
+//#region ../../packages/previewing/dist/index.js
+const LEGACY_PROJECT_NAME_FALLBACK_WARNING$1 = "docs.json.slug is recommended. Falling back to docs.json.name as the deployment slug is deprecated.";
+new Set(PageModeSchema.options);
+const DOCS_CONFIG_FILE = "docs.json";
+const defaultLinkLabel = (input) => {
+	if (input.label) return input.label;
+	if (input.type === "github") return "GitHub";
+	if (input.type === "discord") return "Discord";
+	try {
+		return new URL(input.href).hostname;
+	} catch {
+		return input.href;
+	}
+};
+const mapDocsConfig = (docs) => {
+	const navigation = {
+		global: docs.navbar?.links?.length || docs.navigation.global?.anchors?.length ? {
+			anchors: docs.navigation.global?.anchors?.map((anchor) => ({
+				href: anchor.href,
+				label: anchor.anchor
+			})),
+			links: docs.navbar?.links?.map((link) => ({
+				href: link.href,
+				label: defaultLinkLabel(link)
+			}))
+		} : void 0,
+		groups: docs.navigation.groups?.map((group) => ({
+			expanded: group.expanded,
+			group: group.group,
+			hidden: group.hidden,
+			pages: group.root ? [group.root, ...(group.pages ?? []).filter((page) => page !== group.root)] : group.pages
+		})),
+		languages: docs.navigation.languages?.map((language) => ({
+			label: language.language,
+			locale: language.language,
+			url: language.href
+		})),
+		pages: docs.navigation.pages,
+		tabs: docs.navigation.tabs?.map((tab) => ({
+			groups: tab.groups?.map((group) => ({
+				expanded: group.expanded,
+				group: group.group,
+				hidden: group.hidden,
+				pages: group.root ? [group.root, ...(group.pages ?? []).filter((page) => page !== group.root)] : group.pages
+			})),
+			href: tab.href,
+			icon: tab.icon,
+			label: tab.tab,
+			pages: tab.pages
+		})),
+		versions: docs.navigation.versions?.map((version) => ({
+			label: version.version,
+			url: version.href
+		}))
+	};
+	return {
+		collections: [{
+			id: "docs",
+			navigation,
+			openapi: docs.api?.openapi,
+			root: "",
+			type: "docs"
+		}],
+		contextual: docs.contextual,
+		description: docs.description,
+		favicon: typeof docs.favicon === "string" ? docs.favicon : docs.favicon?.light,
+		features: {
+			rightToc: true,
+			search: true,
+			themeToggle: docs.appearance?.strict !== true,
+			toc: true
+		},
+		logo: docs.logo ? {
+			dark: typeof docs.logo === "string" ? docs.logo : docs.logo.dark,
+			href: typeof docs.logo === "string" ? void 0 : docs.logo.href,
+			light: typeof docs.logo === "string" ? docs.logo : docs.logo.light
+		} : void 0,
+		name: docs.name,
+		navigation,
+		openapiProxy: { enabled: docs.api?.playground?.proxy !== false && Boolean(docs.api?.openapi || docs.api?.asyncapi) },
+		seo: docs.seo,
+		slug: docs.slug
+	};
+};
+const getProjectWarnings = (config) => config.slug ? [] : [LEGACY_PROJECT_NAME_FALLBACK_WARNING$1];
+const readJsonConfig = async (source, relativePath) => JSON.parse(await source.readFile(relativePath));
+const normalizeRefPath = (baseDirectory, reference) => {
+	if (reference.startsWith("/") || reference.startsWith("\\") || reference.startsWith("http://") || reference.startsWith("https://")) throw new Error(`Invalid $ref "${reference}". Only relative JSON files are supported.`);
+	const normalized = normalizePath(path.posix.join(baseDirectory, reference));
+	if (!normalized || normalized === "." || normalized.startsWith("../") || normalized.includes("/../")) throw new Error(`Invalid $ref "${reference}".`);
+	return normalized;
+};
+const resolveJsonRefs = async (source, value, baseDirectory, seen) => {
+	if (Array.isArray(value)) return await Promise.all(value.map((item) => resolveJsonRefs(source, item, baseDirectory, seen)));
+	if (!value || typeof value !== "object") return value;
+	const record = value;
+	const reference = record.$ref;
+	if (typeof reference === "string") {
+		const resolvedPath = normalizeRefPath(baseDirectory, reference);
+		if (seen.has(resolvedPath)) throw new Error(`Circular $ref detected for "${resolvedPath}".`);
+		const nextSeen = new Set(seen);
+		nextSeen.add(resolvedPath);
+		const referencedValue = await resolveJsonRefs(source, await readJsonConfig(source, resolvedPath), path.posix.dirname(resolvedPath) === "." ? "" : normalizePath(path.posix.dirname(resolvedPath)), nextSeen);
+		const siblingEntries = Object.entries(record).filter(([key]) => key !== "$ref");
+		if (!siblingEntries.length || !referencedValue || typeof referencedValue !== "object" || Array.isArray(referencedValue)) return referencedValue;
+		const siblingValue = await resolveJsonRefs(source, Object.fromEntries(siblingEntries), baseDirectory, seen);
+		return {
+			...referencedValue,
+			...siblingValue
+		};
+	}
+	const resolvedEntries = await Promise.all(Object.entries(record).map(async ([key, entryValue]) => [key, await resolveJsonRefs(source, entryValue, baseDirectory, seen)]));
+	return Object.fromEntries(resolvedEntries);
+};
+const readResolvedJsonConfig = async (source, relativePath) => await resolveJsonRefs(source, await readJsonConfig(source, relativePath), path.posix.dirname(relativePath) === "." ? "" : normalizePath(path.posix.dirname(relativePath)), new Set([relativePath]));
+const loadDocsConfig = async (source) => {
+	if (!await source.exists(DOCS_CONFIG_FILE)) return null;
+	try {
+		const parsed = await readResolvedJsonConfig(source, DOCS_CONFIG_FILE);
+		const siteResult = validateSiteConfig(parsed);
+		if (siteResult.success) return {
+			config: siteResult.data,
+			ok: true,
+			warnings: getProjectWarnings(siteResult.data)
+		};
+		const docsResult = validateDocsConfig(parsed);
+		if (docsResult.success) return {
+			config: mapDocsConfig(docsResult.data),
+			ok: true,
+			warnings: getProjectWarnings(docsResult.data)
+		};
+		return {
+			errors: docsResult.errors,
+			ok: false
+		};
+	} catch (error) {
+		return {
+			errors: [error instanceof Error ? error.message : `Failed to load ${DOCS_CONFIG_FILE}`],
+			ok: false
+		};
+	}
+};
+const loadSiteConfig = async (source) => {
+	const docsConfig = await loadDocsConfig(source);
+	if (docsConfig) return docsConfig;
+	return {
+		errors: [`${DOCS_CONFIG_FILE} not found.`],
+		ok: false
+	};
+};
+//#endregion
 //#region src/site-config.ts
 const CONFIG_FILE$2 = "docs.json";
 const getSiteConfigHint = (errors) => {
@@ -579,6 +1196,19 @@ const createStandaloneRuntimeRoot = async (configDir = CONFIG_DIR) => {
 	await cleanupStandaloneRuntimeRoots(configDir);
 	return await fs.mkdtemp(path.join(configDir, STANDALONE_RUNTIME_PREFIX));
 };
+/**
+* Locate the `node_modules` directory that actually contains the CLI's
+* transitive dependencies. Package managers like npm/yarn-classic (and
+* `npx` caches) hoist shared deps above the package directory, so
+* `<cliPackageRoot>/node_modules` may not exist or may not contain `next`.
+* Resolve `next/package.json` and use the directory that owns it.
+*/
+const resolveRuntimeNodeModules = async (cliPackageRoot) => {
+	const localNodeModules = path.join(cliPackageRoot, "node_modules");
+	if (await fileExists(path.join(localNodeModules, "next", "package.json"))) return localNodeModules;
+	const nextPkgPath = createRequire(path.join(cliPackageRoot, "package.json")).resolve("next/package.json");
+	return path.dirname(path.dirname(nextPkgPath));
+};
 const materializeStandaloneRuntime = async (cliPackageRoot) => {
 	const runtimeRoot = await createStandaloneRuntimeRoot();
 	try {
@@ -587,9 +1217,17 @@ const materializeStandaloneRuntime = async (cliPackageRoot) => {
 			"docs",
 			"packages"
 		]) await copyStandaloneTree(path.join(cliPackageRoot, dir), path.join(runtimeRoot, dir));
-		await fs.symlink(path.join(cliPackageRoot, "node_modules"), path.join(runtimeRoot, "node_modules"), process.platform === "win32" ? "junction" : "dir");
-		await fs.mkdir(path.join(runtimeRoot, "dev-server", "node_modules"), { recursive: true });
-		await fs.symlink(path.join(runtimeRoot, "packages", "@repo"), path.join(runtimeRoot, "dev-server", "node_modules", "@repo"), process.platform === "win32" ? "junction" : "dir");
+		const runtimeNodeModules = await resolveRuntimeNodeModules(cliPackageRoot);
+		await fs.symlink(runtimeNodeModules, path.join(runtimeRoot, "node_modules"), process.platform === "win32" ? "junction" : "dir");
+		const linkTarget = path.join(runtimeRoot, "packages", "@repo");
+		for (const consumer of [
+			"dev-server",
+			"docs",
+			"packages"
+		]) {
+			await fs.mkdir(path.join(runtimeRoot, consumer, "node_modules"), { recursive: true });
+			await fs.symlink(linkTarget, path.join(runtimeRoot, consumer, "node_modules", "@repo"), process.platform === "win32" ? "junction" : "dir");
+		}
 		await fs.writeFile(path.join(runtimeRoot, "dev-server", "package.json"), `${JSON.stringify({
 			dependencies: {
 				next: "16.2.1",
@@ -1616,7 +2254,7 @@ const resolvePushConfig = async (config, options) => {
 		envProject: process.env[BLODE_PROJECT_ENV]
 	});
 	const apiUrl = options.apiUrl ?? process.env["BLODEMD_API_URL"] ?? "https://api.blode.md";
-	const authToken = (await resolveAuthToken(options.apiKey))?.token;
+	const authToken = (await resolveAuthToken())?.token;
 	const branch = options.branch ?? process.env["BLODEMD_BRANCH"] ?? process.env.GITHUB_REF_NAME ?? readGitValue([
 		"rev-parse",
 		"--abbrev-ref",
@@ -1633,7 +2271,7 @@ const resolvePushConfig = async (config, options) => {
 		if (usedLegacyNameFallback) throw new Error(`docs.json.name is not a valid deployment slug. Add "slug" to docs.json, pass --project, or set BLODEMD_PROJECT. ${projectSlugError}`);
 		throw new Error(`Invalid project slug "${project}". ${projectSlugError}`);
 	}
-	if (!authToken) throw new Error("Missing credentials. Run \"blodemd login\", pass --api-key, or set BLODEMD_API_KEY.");
+	if (!authToken) throw new Error("Not logged in. Run \"blodemd login\" to authenticate.");
 	return {
 		apiUrl,
 		authToken,
@@ -1656,8 +2294,7 @@ const autoCreateProject = async (project, projectDisplayName, apiUrl, headers) =
 		headers,
 		method: "POST"
 	}, "Failed to create project");
-	log.success(`Project ${chalk.cyan(createResult.project.slug)} created`);
-	log.info(`API key for CI: ${chalk.dim(createResult.token)}`);
+	log.success(`Project ${chalk.cyan(createResult.slug)} created`);
 	return true;
 };
 const scaffoldDocsSite = async (directory, options) => {
@@ -1727,29 +2364,9 @@ program.name("blodemd").description("Blode.md CLI").version(cliVersion);
 program.hook("preAction", () => {
 	assertSupportedNodeVersion();
 });
-program.command("login").description("Authenticate with Blode.md").option("--token", "Paste an API key instead of using browser login").option("--port <port>", "Loopback callback port", String(DEFAULT_OAUTH_CALLBACK_PORT)).option("--timeout <seconds>", "OAuth timeout in seconds", String(180)).option("--no-open", "Print URL instead of opening the browser").action(async (options) => {
+program.command("login").description("Authenticate with Blode.md via GitHub in your browser").option("--port <port>", "Loopback callback port", String(DEFAULT_OAUTH_CALLBACK_PORT)).option("--timeout <seconds>", "OAuth timeout in seconds", String(180)).option("--no-open", "Print URL instead of opening the browser").action(async (options) => {
 	intro(chalk.bold("blodemd login"));
 	try {
-		if (options.token) {
-			const apiKey = await password({
-				message: "Enter your API key",
-				validate: (value) => {
-					if (!value) return "API key is required.";
-				}
-			});
-			if (isCancel(apiKey)) {
-				log.warn("Cancelled");
-				return;
-			}
-			await writeStoredApiKey({
-				apiKey,
-				type: "api-key"
-			});
-			const prefix = apiKey.split(".")[0] ?? apiKey.slice(0, 12);
-			log.success(`Authenticated as ${chalk.cyan(prefix)}`);
-			log.info("Done");
-			return;
-		}
 		const { authorizeUrl, tokenUrl } = buildOAuthUrls(resolveSupabaseConfig());
 		const clientId = OAUTH_CLIENT_ID;
 		const port = parsePort(options.port);
@@ -1766,6 +2383,7 @@ program.command("login").description("Authenticate with Blode.md").option("--tok
 		authUrl.searchParams.set("code_challenge_method", "S256");
 		authUrl.searchParams.set("state", state);
 		authUrl.searchParams.set("scope", "openid email profile");
+		authUrl.searchParams.set("provider", "github");
 		const callbackPromise = waitForOAuthCode({
 			expectedState: state,
 			redirectUrl,
@@ -1818,15 +2436,6 @@ program.command("whoami").description("Show current authentication").action(asyn
 			log.warn("Not logged in. Run \"blodemd login\" to authenticate.");
 			return;
 		}
-		if (resolved.source === "environment") {
-			log.info("Authenticated via BLODEMD_API_KEY environment variable");
-			return;
-		}
-		if (!resolved.expiresAt && !resolved.user) {
-			const prefix = resolved.token.split(".")[0] ?? resolved.token.slice(0, 12);
-			log.info(`Logged in with API key ${chalk.cyan(prefix)}`);
-			return;
-		}
 		const status = resolveTokenStatus(resolved);
 		const email = resolved.user?.email ?? await fetchUserEmail(process.env["BLODEMD_API_URL"] ?? "https://api.blode.md", resolved.token);
 		if (email) log.info(`Logged in as ${chalk.cyan(email)}`);
@@ -1866,7 +2475,7 @@ program.command("validate").description("Validate docs.json").argument("[dir]",
 		reportCommandError("Validation failed", error);
 	}
 });
-program.command("push").description("Deploy docs").argument("[dir]", "docs directory").option("--project <slug>", "project slug (env: BLODEMD_PROJECT)").option("--api-url <url>", "API URL (env: BLODEMD_API_URL)").option("--api-key <token>", "API key (env: BLODEMD_API_KEY)").option("--branch <name>", "git branch (env: BLODEMD_BRANCH)").option("--message <msg>", "deploy message (env: BLODEMD_COMMIT_MESSAGE)").action(async (dir, options) => {
+program.command("push").description("Deploy docs").argument("[dir]", "docs directory").option("--project <slug>", "project slug (env: BLODEMD_PROJECT)").option("--api-url <url>", "API URL (env: BLODEMD_API_URL)").option("--branch <name>", "git branch (env: BLODEMD_BRANCH)").option("--message <msg>", "deploy message (env: BLODEMD_COMMIT_MESSAGE)").action(async (dir, options) => {
 	intro(chalk.bold("blodemd push"));
 	const s = spinner();
 	try {