create-paratix 0.10.0 → 0.12.3

package/dist/index.js

@@ -1,8 +1,42 @@
 #!/usr/bin/env node
 
 // src/index.ts
-import { existsSync, mkdirSync, writeFileSync } from "fs";
-import { basename as basename2, join as join2, resolve } from "path";
+import { rmSync as rmSync2 } from "fs";
+import { posix as pathPosix, win32 as pathWin32, resolve as resolve3 } from "path";
+
+// src/cliFormat.ts
+var HEX_RADIX = 16;
+var MINIMUM_ESCAPE_WIDTH = 4;
+var TERMINAL_CONTROL_CODEPOINTS = new RegExp(
+  // oxlint-disable-next-line no-control-regex
+  "[\\u0000-\\u001F\\u007F-\\u009F\\u200E\\u200F\\u202A-\\u202E\\u2066-\\u2069]",
+  "gu"
+);
+function formatCodePointEscape(character) {
+  const codePoint = character.codePointAt(0);
+  if (codePoint == null) return "";
+  return `\\u{${codePoint.toString(HEX_RADIX).toUpperCase().padStart(MINIMUM_ESCAPE_WIDTH, "0")}}`;
+}
+function escapeCliControlCharacters(value) {
+  return value.replace(TERMINAL_CONTROL_CODEPOINTS, formatCodePointEscape);
+}
+function formatCliValue(value) {
+  return `"${escapeCliControlCharacters(value)}"`;
+}
+
+// src/cliExitError.ts
+var CliExitError = class extends Error {
+  cliMessage;
+  exitCode;
+  reported;
+  constructor(message, exitCode = 1, options) {
+    super(message);
+    this.name = "CliExitError";
+    this.cliMessage = message;
+    this.exitCode = exitCode;
+    this.reported = options?.reported ?? false;
+  }
+};
 
 // src/interactivePrompts.ts
 import { createInterface } from "readline/promises";
@@ -10,8 +44,225 @@ import { createInterface } from "readline/promises";
 // src/hostFingerprintBootstrap.ts
 import { createHash } from "crypto";
 import { Client } from "ssh2";
+
+// src/hostKeyBlobValidation.ts
+import { createPublicKey } from "crypto";
+var SSH_WIRE_LENGTH_FIELD_BYTES = 4;
+var ED25519_PUBLIC_KEY_BYTE_LENGTH = 32;
+var NISTP256_UNCOMPRESSED_POINT_BYTE_LENGTH = 65;
+var NISTP384_UNCOMPRESSED_POINT_BYTE_LENGTH = 97;
+var NISTP521_UNCOMPRESSED_POINT_BYTE_LENGTH = 133;
+var UNCOMPRESSED_EC_POINT_PREFIX = 4;
+var PRINTABLE_ASCII_MIN = 32;
+var PRINTABLE_ASCII_MAX = 126;
+var ECDSA_CURVE_NAMES = /* @__PURE__ */ new Map([
+  ["ecdsa-sha2-nistp256", "nistp256"],
+  ["ecdsa-sha2-nistp384", "nistp384"],
+  ["ecdsa-sha2-nistp521", "nistp521"]
+]);
+var ECDSA_POINT_LENGTHS = /* @__PURE__ */ new Map([
+  ["nistp256", NISTP256_UNCOMPRESSED_POINT_BYTE_LENGTH],
+  ["nistp384", NISTP384_UNCOMPRESSED_POINT_BYTE_LENGTH],
+  ["nistp521", NISTP521_UNCOMPRESSED_POINT_BYTE_LENGTH]
+]);
+var ECDSA_JWK_CURVE_NAMES = /* @__PURE__ */ new Map([
+  ["nistp256", "P-256"],
+  ["nistp384", "P-384"],
+  ["nistp521", "P-521"]
+]);
+function readWireString(value, offset) {
+  if (offset + SSH_WIRE_LENGTH_FIELD_BYTES > value.length) return null;
+  const length = value.readUInt32BE(offset);
+  const start = offset + SSH_WIRE_LENGTH_FIELD_BYTES;
+  const end = start + length;
+  if (end > value.length) return null;
+  return { nextOffset: end, value: value.subarray(start, end) };
+}
+function throwInvalidHostKeyBlob(algorithm, detail) {
+  throw new Error(
+    `Refusing to capture host fingerprint: malformed "${algorithm}" host key blob (${detail}). This may indicate a man-in-the-middle attack or a broken SSH peer.`
+  );
+}
+function isPrintableAsciiByte(byte) {
+  return byte >= PRINTABLE_ASCII_MIN && byte <= PRINTABLE_ASCII_MAX;
+}
+function validateEd25519HostKeyBlob(keyBuffer, offset, algorithm) {
+  const publicKey = readWireString(keyBuffer, offset);
+  if (publicKey == null) {
+    throwInvalidHostKeyBlob(algorithm, "missing or truncated public-key field");
+  }
+  if (publicKey.value.length !== ED25519_PUBLIC_KEY_BYTE_LENGTH) {
+    throwInvalidHostKeyBlob(
+      algorithm,
+      `expected ${String(ED25519_PUBLIC_KEY_BYTE_LENGTH)}-byte public key, got ${String(publicKey.value.length)}`
+    );
+  }
+  if (publicKey.nextOffset !== keyBuffer.length) {
+    throwInvalidHostKeyBlob(algorithm, "trailing data after public key");
+  }
+}
+function assertEcdsaPointIsOnCurve(point, curveName, algorithm) {
+  const jwkCurveName = ECDSA_JWK_CURVE_NAMES.get(curveName);
+  if (jwkCurveName == null) {
+    throwInvalidHostKeyBlob(algorithm, `unknown ECDSA curve "${curveName}"`);
+  }
+  const coordinateLength = (point.length - 1) / 2;
+  const x = point.subarray(1, 1 + coordinateLength);
+  const y = point.subarray(1 + coordinateLength);
+  try {
+    createPublicKey({
+      format: "jwk",
+      key: {
+        crv: jwkCurveName,
+        kty: "EC",
+        x: x.toString("base64url"),
+        y: y.toString("base64url")
+      }
+    });
+  } catch {
+    throwInvalidHostKeyBlob(algorithm, "EC point is not on the expected curve");
+  }
+}
+function readEcdsaCurveName(parameters) {
+  const { algorithm, expectedCurveName, keyBuffer, offset } = parameters;
+  const curveName = readWireString(keyBuffer, offset);
+  if (curveName == null) {
+    throwInvalidHostKeyBlob(algorithm, "missing or truncated curve identifier");
+  }
+  for (const byte of curveName.value) {
+    if (!isPrintableAsciiByte(byte)) {
+      throwInvalidHostKeyBlob(algorithm, "curve identifier contains non-printable bytes");
+    }
+  }
+  const curveNameValue = curveName.value.toString("ascii");
+  if (curveNameValue !== expectedCurveName) {
+    throwInvalidHostKeyBlob(
+      algorithm,
+      `curve identifier "${curveNameValue}" does not match "${expectedCurveName}"`
+    );
+  }
+  return curveName;
+}
+function readEcdsaPoint(parameters) {
+  const { algorithm, expectedPointLength, keyBuffer, offset } = parameters;
+  const point = readWireString(keyBuffer, offset);
+  if (point == null) {
+    throwInvalidHostKeyBlob(algorithm, "missing or truncated EC point field");
+  }
+  if (point.value.length !== expectedPointLength) {
+    throwInvalidHostKeyBlob(
+      algorithm,
+      `expected ${String(expectedPointLength)}-byte EC point, got ${String(point.value.length)}`
+    );
+  }
+  if (point.value[0] !== UNCOMPRESSED_EC_POINT_PREFIX) {
+    throwInvalidHostKeyBlob(algorithm, "EC point is not in uncompressed form");
+  }
+  if (point.nextOffset !== keyBuffer.length) {
+    throwInvalidHostKeyBlob(algorithm, "trailing data after EC point");
+  }
+  return point;
+}
+function validateEcdsaHostKeyBlob(keyBuffer, offset, algorithm) {
+  const expectedCurveName = ECDSA_CURVE_NAMES.get(algorithm);
+  const expectedPointLength = expectedCurveName == null ? void 0 : ECDSA_POINT_LENGTHS.get(expectedCurveName);
+  if (expectedCurveName == null || expectedPointLength === void 0) {
+    throwInvalidHostKeyBlob(algorithm, "no curve mapping for algorithm");
+  }
+  const curveName = readEcdsaCurveName({
+    algorithm,
+    expectedCurveName,
+    keyBuffer,
+    offset
+  });
+  const point = readEcdsaPoint({
+    algorithm,
+    expectedPointLength,
+    keyBuffer,
+    offset: curveName.nextOffset
+  });
+  assertEcdsaPointIsOnCurve(point.value, expectedCurveName, algorithm);
+}
+function resolvePayloadOffset(keyBuffer, algorithm, payloadOffsetHint) {
+  const algorithmField = readWireString(keyBuffer, 0);
+  if (algorithmField == null) {
+    throwInvalidHostKeyBlob(algorithm, "missing or truncated algorithm field");
+  }
+  const wireAlgorithm = algorithmField.value.toString("ascii");
+  if (wireAlgorithm !== algorithm) {
+    throwInvalidHostKeyBlob(
+      algorithm,
+      `algorithm field "${wireAlgorithm}" does not match expected "${algorithm}"`
+    );
+  }
+  const payloadOffset = algorithmField.nextOffset;
+  if (payloadOffsetHint !== void 0 && payloadOffsetHint !== payloadOffset) {
+    throwInvalidHostKeyBlob(
+      algorithm,
+      `payload offset hint ${String(payloadOffsetHint)} does not match parsed offset ${String(payloadOffset)}`
+    );
+  }
+  return payloadOffset;
+}
+function validateHostKeyBlob(keyBuffer, algorithm, payloadOffsetHint) {
+  const payloadOffset = resolvePayloadOffset(keyBuffer, algorithm, payloadOffsetHint);
+  if (algorithm === "ssh-ed25519") {
+    validateEd25519HostKeyBlob(keyBuffer, payloadOffset, algorithm);
+    return;
+  }
+  if (algorithm === "ecdsa-sha2-nistp256" || algorithm === "ecdsa-sha2-nistp384" || algorithm === "ecdsa-sha2-nistp521") {
+    validateEcdsaHostKeyBlob(keyBuffer, payloadOffset, algorithm);
+    return;
+  }
+  throwInvalidHostKeyBlob(algorithm, "no validator registered for algorithm");
+}
+
+// src/hostFingerprintBootstrap.ts
 var DEFAULT_HOST_FINGERPRINT_PORT = 22;
 var DEFAULT_READY_TIMEOUT_MS = 1e4;
+var SSH_KEY_ALGO_LENGTH_FIELD_BYTES = 4;
+var ACCEPTED_HOST_KEY_ALGORITHMS = /* @__PURE__ */ new Set([
+  "ecdsa-sha2-nistp256",
+  "ecdsa-sha2-nistp384",
+  "ecdsa-sha2-nistp521",
+  "ssh-ed25519"
+]);
+var PRINTABLE_ASCII_MIN2 = 32;
+var PRINTABLE_ASCII_MAX2 = 126;
+function isPrintableAsciiByte2(byte) {
+  return byte >= PRINTABLE_ASCII_MIN2 && byte <= PRINTABLE_ASCII_MAX2;
+}
+function extractHostKeyAlgorithm(keyBuffer) {
+  if (keyBuffer.length < SSH_KEY_ALGO_LENGTH_FIELD_BYTES) {
+    throw new Error("Invalid SSH host key buffer: too short to contain an algorithm length field");
+  }
+  const algoLength = keyBuffer.readUInt32BE(0);
+  if (algoLength === 0 || SSH_KEY_ALGO_LENGTH_FIELD_BYTES + algoLength > keyBuffer.length) {
+    throw new Error("Invalid SSH host key buffer: algorithm length exceeds buffer size");
+  }
+  const algorithmBytes = keyBuffer.subarray(
+    SSH_KEY_ALGO_LENGTH_FIELD_BYTES,
+    SSH_KEY_ALGO_LENGTH_FIELD_BYTES + algoLength
+  );
+  for (const byte of algorithmBytes) {
+    if (!isPrintableAsciiByte2(byte)) {
+      throw new Error("Invalid SSH host key buffer: algorithm field contains non-printable bytes");
+    }
+  }
+  return {
+    algorithm: algorithmBytes.toString("ascii"),
+    nextOffset: SSH_KEY_ALGO_LENGTH_FIELD_BYTES + algoLength
+  };
+}
+function assertSupportedHostKeyAlgorithm(keyBuffer) {
+  const extraction = extractHostKeyAlgorithm(keyBuffer);
+  if (!ACCEPTED_HOST_KEY_ALGORITHMS.has(extraction.algorithm)) {
+    throw new Error(
+      `Refusing to capture host fingerprint: unsupported SSH host key algorithm "${extraction.algorithm}". This may indicate a man-in-the-middle attack. Expected one of: ${[...ACCEPTED_HOST_KEY_ALGORITHMS].sort().join(", ")}.`
+    );
+  }
+  return extraction;
+}
 function computeFingerprint(key) {
   const hash = createHash("sha256").update(key).digest("base64");
   return `SHA256:${hash.replaceAll("=", "")}`;
@@ -21,11 +272,18 @@ function toError(error, host, port) {
   return new Error(`Failed to read the host key from ${host}:${port}: ${message}`);
 }
 function createConnectionConfig(parameters) {
-  const { captureFingerprint, host, port, readyTimeoutMs } = parameters;
+  const { captureHostVerifierError, captureScanResult, host, port, readyTimeoutMs } = parameters;
   return {
     host,
-    hostVerifier: (key) => {
-      captureFingerprint(computeFingerprint(Buffer.from(key)));
+    hostVerifier(key) {
+      const buffer = Buffer.from(key);
+      try {
+        const { algorithm, nextOffset } = assertSupportedHostKeyAlgorithm(buffer);
+        validateHostKeyBlob(buffer, algorithm, nextOffset);
+        captureScanResult({ algorithm, fingerprint: computeFingerprint(buffer) });
+      } catch (error) {
+        captureHostVerifierError(error);
+      }
       return false;
     },
     port,
@@ -43,51 +301,86 @@ function resolveBootstrapOptions(options) {
 }
 function cleanupClient(client) {
   client.removeAllListeners();
+  client.on("error", () => {
+  });
   try {
     client.end();
   } catch {
   }
 }
 function createSettlementHandlers(parameters) {
-  const { cleanup, host, port, reject, resolve: resolve2 } = parameters;
+  const { cleanup, host, port, reject, resolve: resolve4 } = parameters;
   let settled = false;
   return {
-    rejectOnce: (error) => {
+    rejectOnce(error) {
       if (settled) return;
       settled = true;
       cleanup();
       reject(toError(error, host, port));
     },
-    resolveOnce: (fingerprint) => {
+    resolveOnce(result) {
       if (settled) return;
       settled = true;
       cleanup();
-      resolve2(fingerprint);
+      resolve4(result);
     }
   };
 }
 function registerFingerprintListeners(parameters) {
-  const { client, onFingerprint, rejectOnce, resolveOnce } = parameters;
+  const { client, onHostVerifierError, onScanResult, rejectOnce, resolveOnce } = parameters;
   client.on("close", () => {
-    const capturedFingerprint = onFingerprint();
-    if (capturedFingerprint != null) {
-      resolveOnce(capturedFingerprint);
+    const hostVerifierError = onHostVerifierError();
+    if (hostVerifierError != null) {
+      rejectOnce(hostVerifierError);
+      return;
+    }
+    const capturedResult = onScanResult();
+    if (capturedResult != null) {
+      resolveOnce(capturedResult);
     }
   });
   client.on("error", (error) => {
-    const capturedFingerprint = onFingerprint();
-    if (capturedFingerprint != null) {
-      resolveOnce(capturedFingerprint);
+    const hostVerifierError = onHostVerifierError();
+    if (hostVerifierError != null) {
+      rejectOnce(hostVerifierError);
+      return;
+    }
+    const capturedResult = onScanResult();
+    if (capturedResult != null) {
+      resolveOnce(capturedResult);
       return;
     }
     rejectOnce(error);
   });
 }
+function armHalfOpenWatchdog(parameters) {
+  const { readyTimeoutMs, rejectOnce } = parameters;
+  const tcpConnectTimeout = setTimeout(() => {
+    rejectOnce(
+      new Error(
+        `host key scan TCP connect timed out after ${String(readyTimeoutMs)}ms (no SYN-ACK?)`
+      )
+    );
+  }, readyTimeoutMs);
+  const halfOpenWatchdog = setTimeout(() => {
+    rejectOnce(
+      new Error(`host key scan timed out after ${String(readyTimeoutMs * 2)}ms (TCP half-open?)`)
+    );
+  }, readyTimeoutMs * 2);
+  return () => {
+    clearTimeout(tcpConnectTimeout);
+    clearTimeout(halfOpenWatchdog);
+  };
+}
 async function readFingerprintFromClient(client, parameters) {
   const { host, port, readyTimeoutMs } = parameters;
-  let capturedFingerprint = null;
-  return new Promise((resolve2, reject) => {
+  let capturedResult = null;
+  let hostVerifierError = null;
+  return new Promise((resolve4, reject) => {
+    let disarmWatchdog = null;
     const cleanup = () => {
+      disarmWatchdog?.();
+      disarmWatchdog = null;
       cleanupClient(client);
     };
     const { rejectOnce, resolveOnce } = createSettlementHandlers({
@@ -95,19 +388,24 @@ async function readFingerprintFromClient(client, parameters) {
       host,
       port,
       reject,
-      resolve: resolve2
+      resolve: resolve4
     });
+    disarmWatchdog = armHalfOpenWatchdog({ readyTimeoutMs, rejectOnce });
     registerFingerprintListeners({
       client,
-      onFingerprint: () => capturedFingerprint,
+      onHostVerifierError: () => hostVerifierError,
+      onScanResult: () => capturedResult,
       rejectOnce,
       resolveOnce
     });
     try {
       client.connect(
         createConnectionConfig({
-          captureFingerprint: (fingerprint) => {
-            capturedFingerprint = fingerprint;
+          captureHostVerifierError(error) {
+            hostVerifierError = error;
+          },
+          captureScanResult(result) {
+            capturedResult = result;
           },
           host,
           port,
@@ -120,6 +418,11 @@ async function readFingerprintFromClient(client, parameters) {
   });
 }
 async function readHostFingerprintViaSsh2(host, options = {}) {
+  if (options.allowSsh2HostKeyScan !== true) {
+    throw new Error(
+      "Refusing to start ssh2 host-key scan without explicit opt-in. Pass allowSsh2HostKeyScan: true only after the operator requested a live SSH scan."
+    );
+  }
   const { client, port, readyTimeoutMs } = resolveBootstrapOptions(options);
   return readFingerprintFromClient(client, { host, port, readyTimeoutMs });
 }
@@ -127,13 +430,17 @@ async function readHostFingerprintViaSsh2(host, options = {}) {
 // src/promptUi.ts
 import { emitKeypressEvents } from "readline";
 function createSelectLines(prompt, options, selectedIndex) {
+  const escapedPrompt = escapeCliControlCharacters(prompt);
   return [
-    prompt,
+    escapedPrompt,
     "",
     "Use the arrow keys to choose an option:",
     ...options.flatMap((option, index) => {
       const prefix = index === selectedIndex ? ">" : " ";
-      return [`${prefix} ${option.label}`, `   ${option.description}`];
+      return [
+        `${prefix} ${escapeCliControlCharacters(option.label)}`,
+        `   ${escapeCliControlCharacters(option.description)}`
+      ];
     }),
     "",
     "Press Enter to confirm."
@@ -164,7 +471,9 @@ function prepareSelectInput() {
   return { previousRawMode };
 }
 function cleanupSelectInput(previousRawMode) {
-  process.stdin.setRawMode(previousRawMode ?? false);
+  if (typeof previousRawMode === "boolean") {
+    process.stdin.setRawMode(previousRawMode);
+  }
   process.stdin.pause();
   process.stdout.write("\x1B[?25h");
 }
@@ -172,13 +481,13 @@ function createSelectRenderer(prompt, options) {
   let renderedLines = 0;
   let selectedIndex = 0;
   return {
-    moveDown: () => {
+    moveDown() {
       selectedIndex = (selectedIndex + 1) % options.length;
     },
-    moveUp: () => {
+    moveUp() {
       selectedIndex = (selectedIndex - 1 + options.length) % options.length;
     },
-    render: () => {
+    render() {
       renderedLines = redrawSelect(createSelectLines(prompt, options, selectedIndex), renderedLines);
     },
     selectedValue: () => options[selectedIndex].value
@@ -220,9 +529,10 @@ async function runTerminalSelect(prompt, options) {
   ensureInteractiveTerminal();
   const { previousRawMode } = prepareSelectInput();
   const renderer = createSelectRenderer(prompt, options);
-  return new Promise((resolve2, reject) => {
+  return new Promise((resolve4, reject) => {
     const cleanup = () => {
       process.stdin.removeListener("keypress", onKeypress);
+      process.stdin.removeListener("error", onStdinError);
       cleanupSelectInput(previousRawMode);
     };
     const onKeypress = (_character, key) => {
@@ -230,15 +540,20 @@ async function runTerminalSelect(prompt, options) {
         return;
       }
       if (handleConfirmationKey(key.name, renderer, (value) => {
-        finishSelection(cleanup, resolve2, value);
+        finishSelection(cleanup, resolve4, value);
       })) {
         return;
       }
       handleCancelKey(key, cleanup, reject);
     };
+    const onStdinError = (error) => {
+      cleanup();
+      reject(error);
+    };
     process.stdout.write("\x1B[?25l");
     renderer.render();
     process.stdin.on("keypress", onKeypress);
+    process.stdin.on("error", onStdinError);
   });
 }
 function createTerminalSelect() {
@@ -249,48 +564,192 @@ function createTerminalSelect() {
 }
 
 // src/publicKeySelection.ts
-import { readdirSync, readFileSync } from "fs";
+import {
+  closeSync,
+  fstatSync,
+  lstatSync,
+  openSync,
+  readdirSync,
+  readSync,
+  realpathSync
+} from "fs";
 import { homedir } from "os";
-import { basename, join } from "path";
-var PUBLIC_KEY_PROMPT_OPTIONS = [
-  {
-    description: "Read a public key from ~/.ssh and embed it directly into server.ts for the bootstrap admin user.",
-    label: "Use local public key",
-    value: "local"
-  },
-  {
-    description: "Keep the placeholder in server.ts and paste your public key manually before the first apply.",
-    label: "Keep placeholder",
-    value: "placeholder"
-  }
-];
-var supportedOpenSshAlgorithms = /* @__PURE__ */ new Set([
-  "ecdsa-sha2-nistp256",
-  "ecdsa-sha2-nistp384",
-  "ecdsa-sha2-nistp521",
-  "sk-ecdsa-sha2-nistp256@openssh.com",
-  "sk-ssh-ed25519@openssh.com",
-  "ssh-ed25519",
-  "ssh-rsa"
+import { basename, join, resolve } from "path";
+
+// src/openSshPublicKeyWire.ts
+import { createPublicKey as createPublicKey2 } from "crypto";
+var UINT32_BYTE_LENGTH = 4;
+var ED25519_PUBLIC_KEY_BYTE_LENGTH2 = 32;
+var NISTP256_UNCOMPRESSED_POINT_BYTE_LENGTH2 = 65;
+var NISTP384_UNCOMPRESSED_POINT_BYTE_LENGTH2 = 97;
+var NISTP521_UNCOMPRESSED_POINT_BYTE_LENGTH2 = 133;
+var MPINT_SIGN_BIT = 128;
+var UNCOMPRESSED_EC_POINT_PREFIX2 = 4;
+var MINIMUM_RSA_MODULUS_BITS = 2048;
+var MINIMUM_RSA_EXPONENT = 3n;
+var BITS_PER_BYTE = 8;
+var ecdsaCurveNames = /* @__PURE__ */ new Map([
+  ["ecdsa-sha2-nistp256", "nistp256"],
+  ["ecdsa-sha2-nistp384", "nistp384"],
+  ["ecdsa-sha2-nistp521", "nistp521"],
+  ["sk-ecdsa-sha2-nistp256@openssh.com", "nistp256"]
 ]);
-function parseOpenSshPublicKey(value) {
-  if (value.length === 0 || value.includes("\n")) {
-    return null;
+var ecdsaPointLengths = /* @__PURE__ */ new Map([
+  ["nistp256", NISTP256_UNCOMPRESSED_POINT_BYTE_LENGTH2],
+  ["nistp384", NISTP384_UNCOMPRESSED_POINT_BYTE_LENGTH2],
+  ["nistp521", NISTP521_UNCOMPRESSED_POINT_BYTE_LENGTH2]
+]);
+var ecdsaJwkCurveNames = /* @__PURE__ */ new Map([
+  ["nistp256", "P-256"],
+  ["nistp384", "P-384"],
+  ["nistp521", "P-521"]
+]);
+function readUint32(value, offset) {
+  if (offset + UINT32_BYTE_LENGTH > value.length) return null;
+  return {
+    nextOffset: offset + UINT32_BYTE_LENGTH,
+    value: value.readUInt32BE(offset)
+  };
+}
+function readWireString2(value, offset) {
+  const lengthResult = readUint32(value, offset);
+  if (lengthResult == null) return null;
+  const endOffset = lengthResult.nextOffset + lengthResult.value;
+  if (endOffset > value.length) return null;
+  return {
+    nextOffset: endOffset,
+    value: value.subarray(lengthResult.nextOffset, endOffset)
+  };
+}
+function readWireStringUtf8(value, offset) {
+  const result = readWireString2(value, offset);
+  return result == null ? null : {
+    nextOffset: result.nextOffset,
+    value: result.value.toString("utf8")
+  };
+}
+function readMpint(value, offset) {
+  const result = readWireString2(value, offset);
+  if (result == null || result.value.length === 0) return null;
+  return result;
+}
+function isAtEnd(value, offset) {
+  return offset === value.length;
+}
+function isPositiveMpint(value) {
+  return value[0] < MPINT_SIGN_BIT;
+}
+function hasCanonicalMpintEncoding(value) {
+  if (value.length === 0) return false;
+  if (value[0] !== 0) return true;
+  if (value.length < 2) return false;
+  return value[1] >= MPINT_SIGN_BIT;
+}
+function removeMpintSignPadding(value) {
+  let offset = 0;
+  while (offset < value.length - 1 && value[offset] === 0) {
+    offset++;
   }
-  const parts = value.split(new RegExp("\\s+", "v"));
-  if (parts.length < 2) {
-    return null;
+  return value.subarray(offset);
+}
+function mpintToBigInt(value) {
+  const normalizedValue = removeMpintSignPadding(value);
+  let result = 0n;
+  for (const byte of normalizedValue) {
+    result = (result << 8n) + BigInt(byte);
   }
-  const algorithm = parts[0];
-  const encodedKey = parts[1];
-  if (!supportedOpenSshAlgorithms.has(algorithm)) {
-    return null;
+  return result;
+}
+function getMpintBitLength(value) {
+  const normalizedValue = removeMpintSignPadding(value);
+  const firstByte = normalizedValue[0];
+  if (firstByte === 0) return 0;
+  return (normalizedValue.length - 1) * BITS_PER_BYTE + firstByte.toString(2).length;
+}
+function hasValidRsaExponent(value) {
+  const exponent = mpintToBigInt(value);
+  return exponent >= MINIMUM_RSA_EXPONENT && (exponent & 1n) === 1n;
+}
+function hasValidRsaModulus(value) {
+  return getMpintBitLength(value) >= MINIMUM_RSA_MODULUS_BITS;
+}
+function validateRsaWireKey(value, offset) {
+  const exponent = readMpint(value, offset);
+  if (exponent == null || !isPositiveMpint(exponent.value) || !hasCanonicalMpintEncoding(exponent.value) || !hasValidRsaExponent(exponent.value)) {
+    return false;
   }
-  return {
-    algorithm,
-    encodedKey
-  };
+  const modulus = readMpint(value, exponent.nextOffset);
+  return modulus != null && isPositiveMpint(modulus.value) && hasCanonicalMpintEncoding(modulus.value) && hasValidRsaModulus(modulus.value) && isAtEnd(value, modulus.nextOffset);
+}
+function hasValidEcdsaPoint(point, expectedPointLength) {
+  if (point == null) return false;
+  return point.value.length === expectedPointLength && point.value[0] === UNCOMPRESSED_EC_POINT_PREFIX2;
+}
+function toBase64Url(value) {
+  return value.toString("base64url");
+}
+function hasCryptographicallyValidEcdsaPoint(point, curveName) {
+  const jwkCurveName = ecdsaJwkCurveNames.get(curveName);
+  if (jwkCurveName == null) return false;
+  const coordinateLength = (point.length - 1) / 2;
+  const x = point.subarray(1, 1 + coordinateLength);
+  const y = point.subarray(1 + coordinateLength);
+  try {
+    createPublicKey2({
+      format: "jwk",
+      key: {
+        crv: jwkCurveName,
+        kty: "EC",
+        x: toBase64Url(x),
+        y: toBase64Url(y)
+      }
+    });
+    return true;
+  } catch {
+    return false;
+  }
+}
+function validateEcdsaWireKey(value, offset, algorithm) {
+  const expectedCurveName = ecdsaCurveNames.get(algorithm);
+  if (expectedCurveName == null) return false;
+  const curveName = readWireStringUtf8(value, offset);
+  if (curveName?.value !== expectedCurveName) return false;
+  const point = readWireString2(value, curveName.nextOffset);
+  const expectedPointLength = ecdsaPointLengths.get(curveName.value);
+  if (!hasValidEcdsaPoint(point, expectedPointLength)) return false;
+  if (!hasCryptographicallyValidEcdsaPoint(point.value, curveName.value)) return false;
+  if (algorithm !== "sk-ecdsa-sha2-nistp256@openssh.com") {
+    return isAtEnd(value, point.nextOffset);
+  }
+  const application = readWireString2(value, point.nextOffset);
+  if (application?.value.length === void 0 || application.value.length === 0) return false;
+  return isAtEnd(value, application.nextOffset);
+}
+function validateEd25519WireKey(value, offset, algorithm) {
+  const publicKey = readWireString2(value, offset);
+  if (publicKey?.value.length !== ED25519_PUBLIC_KEY_BYTE_LENGTH2) return false;
+  if (algorithm !== "sk-ssh-ed25519@openssh.com") {
+    return isAtEnd(value, publicKey.nextOffset);
+  }
+  const application = readWireString2(value, publicKey.nextOffset);
+  if (application?.value.length === void 0 || application.value.length === 0) return false;
+  return isAtEnd(value, application.nextOffset);
+}
+function hasValidOpenSshPublicKeyWireBlob(algorithm, encodedKey) {
+  const decodedKey = Buffer.from(encodedKey, "base64");
+  const wireAlgorithm = readWireStringUtf8(decodedKey, 0);
+  if (wireAlgorithm?.value !== algorithm) return false;
+  if (algorithm === "ssh-rsa") return validateRsaWireKey(decodedKey, wireAlgorithm.nextOffset);
+  if (algorithm.startsWith("ecdsa-") || algorithm.startsWith("sk-ecdsa-")) {
+    return validateEcdsaWireKey(decodedKey, wireAlgorithm.nextOffset, algorithm);
+  }
+  if (algorithm === "ssh-ed25519" || algorithm === "sk-ssh-ed25519@openssh.com") {
+    return validateEd25519WireKey(decodedKey, wireAlgorithm.nextOffset, algorithm);
+  }
+  return false;
 }
+
+// src/publicKeyBase64.ts
 function trimBase64Padding(value) {
   let endIndex = value.length;
   while (endIndex > 0 && value[endIndex - 1] === "=") {
@@ -352,11 +811,130 @@ function isCanonicalBase64(value) {
     return false;
   }
 }
+
+// src/publicKeyProvenanceLog.ts
+function logAdminPublicKeyRealpath(parameters) {
+  const escapedRealPath = escapeCliControlCharacters(parameters.realPath);
+  const escapedResolvedPath = escapeCliControlCharacters(parameters.resolvedPath);
+  if (parameters.isLeafSymlink) {
+    console.log(
+      `Reading public key from ${escapedRealPath} (symlink target of ${escapedResolvedPath}).`
+    );
+    return;
+  }
+  console.log(
+    `Reading public key from ${escapedRealPath} (resolved via ancestor symlink of ${escapedResolvedPath}).`
+  );
+}
+
+// src/unsafeCodepoints.ts
+var UNSAFE_CODEPOINTS_PATTERN = new RegExp(
+  // oxlint-disable-next-line no-control-regex
+  "[\\u0000-\\u001F\\u007F-\\u009F\\u200E\\u200F\\u202A-\\u202E\\u2066-\\u2069]",
+  "u"
+);
+function containsUnsafeCodepoint(value) {
+  return UNSAFE_CODEPOINTS_PATTERN.test(value);
+}
+
+// src/publicKeySelection.ts
+var adminPublicKeyFileSystem = {
+  closeSync,
+  fstatSync,
+  lstatSync,
+  openSync,
+  readSync,
+  realpathSync
+};
+var PUBLIC_KEY_PROMPT_OPTIONS = [
+  {
+    description: "Read a public key from ~/.ssh and embed it directly into server.ts for the bootstrap admin user.",
+    label: "Use local public key",
+    value: "local"
+  },
+  {
+    description: "Keep the placeholder in server.ts and paste your public key manually before the first apply.",
+    label: "Keep placeholder",
+    value: "placeholder"
+  }
+];
+var supportedOpenSshAlgorithms = /* @__PURE__ */ new Set([
+  "ecdsa-sha2-nistp256",
+  "ecdsa-sha2-nistp384",
+  "ecdsa-sha2-nistp521",
+  "sk-ecdsa-sha2-nistp256@openssh.com",
+  "sk-ssh-ed25519@openssh.com",
+  "ssh-ed25519",
+  "ssh-rsa"
+]);
+var PRIVATE_KEY_MARKERS = [
+  "BEGIN OPENSSH PRIVATE KEY",
+  "BEGIN RSA PRIVATE KEY",
+  "BEGIN DSA PRIVATE KEY",
+  "BEGIN EC PRIVATE KEY",
+  "BEGIN PRIVATE KEY",
+  "BEGIN ENCRYPTED PRIVATE KEY"
+];
+var MAX_PUBLIC_KEY_FILE_BYTES = 16384;
+function readPublicKeyFileContents(path, fileSystem = adminPublicKeyFileSystem) {
+  const fd = fileSystem.openSync(path, "r");
+  try {
+    const stat = fileSystem.fstatSync(fd);
+    if (!stat.isFile() || stat.size > MAX_PUBLIC_KEY_FILE_BYTES) {
+      throw new Error("Invalid public key file");
+    }
+    const buffer = Buffer.alloc(stat.size);
+    let bytesRead = 0;
+    while (bytesRead < buffer.length) {
+      const chunkBytesRead = fileSystem.readSync(
+        fd,
+        buffer,
+        bytesRead,
+        buffer.length - bytesRead,
+        bytesRead
+      );
+      if (chunkBytesRead === 0) break;
+      bytesRead += chunkBytesRead;
+    }
+    return buffer.subarray(0, bytesRead).toString("utf8");
+  } finally {
+    fileSystem.closeSync(fd);
+  }
+}
+function containsPrivateKeyMarker(value) {
+  return PRIVATE_KEY_MARKERS.some((marker) => value.includes(marker));
+}
+function parseOpenSshPublicKey(value) {
+  if (value.length === 0 || new RegExp("[\\r\\n]", "v").test(value)) {
+    return null;
+  }
+  if (containsUnsafeCodepoint(value)) {
+    return null;
+  }
+  const parts = value.split(new RegExp("\\s+", "v"));
+  if (parts.length < 2) {
+    return null;
+  }
+  const algorithm = parts[0];
+  const encodedKey = parts[1];
+  if (!supportedOpenSshAlgorithms.has(algorithm)) {
+    return null;
+  }
+  return {
+    algorithm,
+    encodedKey
+  };
+}
 function isValidAdminPublicKey(value) {
   const parsedKey = parseOpenSshPublicKey(value.trim());
-  return parsedKey != null && isCanonicalBase64(parsedKey.encodedKey);
+  return parsedKey != null && isCanonicalBase64(parsedKey.encodedKey) && hasValidOpenSshPublicKeyWireBlob(parsedKey.algorithm, parsedKey.encodedKey);
 }
 function validateAdminPublicKey(exitWithMessage2, value, optionName = "--admin-public-key") {
+  if (containsPrivateKeyMarker(value)) {
+    exitWithMessage2(
+      `Error: "${optionName}" contains a private key marker. Provide the matching OpenSSH public key (.pub) instead.`
+    );
+  }
   const normalizedValue = value.trim();
   if (!isValidAdminPublicKey(normalizedValue)) {
     exitWithMessage2(
@@ -365,26 +943,82 @@ function validateAdminPublicKey(exitWithMessage2, value, optionName = "--admin-p
   }
   return normalizedValue;
 }
-function readAdminPublicKeyFile(exitWithMessage2, path) {
-  let value;
-  try {
-    value = readFileSync(path, "utf8");
-  } catch (error) {
-    const message = error instanceof Error ? error.message : String(error);
-    exitWithMessage2(`Error: Failed to read "--admin-public-key-file" from "${path}": ${message}`);
+var ADMIN_PUBLIC_KEY_FILE_PATH_MAX_BYTES = 4096;
+function preValidateAdminPublicKeyFilePath(exitWithMessage2, path) {
+  if (path.includes("\0")) {
+    exitWithMessage2(
+      "Error: admin public key file path contains a NUL byte; provide a clean filesystem path."
+    );
+    throw new Error("admin public key file path contains a NUL byte");
   }
+  const pathByteLength = Buffer.byteLength(path, "utf8");
+  if (pathByteLength > ADMIN_PUBLIC_KEY_FILE_PATH_MAX_BYTES) {
+    exitWithMessage2(
+      `Error: admin public key file path is too long (${String(pathByteLength)} bytes, limit ${String(ADMIN_PUBLIC_KEY_FILE_PATH_MAX_BYTES)}); provide a shorter path.`
+    );
+    throw new Error("admin public key file path exceeds PATH_MAX");
+  }
+}
+function readAdminPublicKeyFile(exitWithMessage2, path, fileSystem = adminPublicKeyFileSystem) {
+  preValidateAdminPublicKeyFilePath(exitWithMessage2, path);
+  const resolvedPath = resolve(path);
+  const failWithReadError = () => {
+    exitWithMessage2(`Error: Failed to read admin public key file.`);
+    throw new Error(`Error: Failed to read admin public key file.`);
+  };
+  const linkStat = (() => {
+    try {
+      return fileSystem.lstatSync(resolvedPath);
+    } catch {
+      return failWithReadError();
+    }
+  })();
+  const materialisedPath = (() => {
+    try {
+      const realPath = fileSystem.realpathSync(resolvedPath);
+      if (realPath !== resolvedPath) {
+        logAdminPublicKeyRealpath({
+          isLeafSymlink: linkStat.isSymbolicLink(),
+          realPath,
+          resolvedPath
+        });
+      }
+      return realPath;
+    } catch {
+      return resolvedPath;
+    }
+  })();
+  const value = (() => {
+    try {
+      return readPublicKeyFileContents(materialisedPath, fileSystem);
+    } catch {
+      return failWithReadError();
+    }
+  })();
   return validateAdminPublicKey(exitWithMessage2, value, "--admin-public-key-file");
 }
-function discoverLocalPublicKeys(sshDirectory = join(homedir(), ".ssh")) {
+function buildLocalPublicKeyLabel(entry, path, realPath) {
+  if (realPath === path) return basename(entry);
+  return `${basename(entry)} -> ${realPath}`;
+}
+function resolveDiscoveredEntryPath(path, fileSystem) {
+  try {
+    return fileSystem.realpathSync(path);
+  } catch {
+    return path;
+  }
+}
+function discoverLocalPublicKeys(sshDirectory = join(homedir(), ".ssh"), fileSystem = adminPublicKeyFileSystem) {
   try {
     return readdirSync(sshDirectory).filter((entry) => entry.endsWith(".pub")).sort((left, right) => left.localeCompare(right)).flatMap((entry) => {
       const path = join(sshDirectory, entry);
       try {
-        const key = readFileSync(path, "utf8").trim();
+        const resolvedPath = resolveDiscoveredEntryPath(path, fileSystem);
+        const key = readPublicKeyFileContents(resolvedPath, fileSystem).trim();
         if (!isValidAdminPublicKey(key)) {
           return [];
         }
-        return [{ key, label: basename(entry), path }];
+        return [{ key, label: buildLocalPublicKeyLabel(entry, path, resolvedPath), path }];
       } catch {
         return [];
       }
@@ -400,23 +1034,33 @@ function createPublicKeyOptions(publicKeys) {
     value: publicKey.path
   }));
 }
-async function promptForAdminPublicKey(select, publicKeys = discoverLocalPublicKeys()) {
+function createPublicKeyModeOptions(allowPlaceholder) {
+  if (allowPlaceholder) return PUBLIC_KEY_PROMPT_OPTIONS;
+  return PUBLIC_KEY_PROMPT_OPTIONS.filter((option) => option.value !== "placeholder");
+}
+function printNoLocalPublicKeysMessage() {
+  console.error(
+    "No readable public keys were found in ~/.ssh. Keeping the placeholder in server.ts."
+  );
+}
+async function promptForAdminPublicKey(select, publicKeys = discoverLocalPublicKeys(), options) {
+  const allowPlaceholder = options?.allowPlaceholder ?? true;
   const publicKeyMode = await select(
     "How should create-paratix configure the admin SSH public key?",
-    PUBLIC_KEY_PROMPT_OPTIONS
+    createPublicKeyModeOptions(allowPlaceholder)
   );
   if (publicKeyMode !== "local") {
     return void 0;
   }
   if (publicKeys.length === 0) {
-    console.error(
-      "No readable public keys were found in ~/.ssh. Keeping the placeholder in server.ts."
-    );
+    if (!allowPlaceholder) {
+      throw new CliExitError(
+        "Error: Root bootstrap requires an admin SSH public key, but no readable public keys were found in ~/.ssh. Provide one via --admin-public-key or --admin-public-key-file."
+      );
+    }
+    printNoLocalPublicKeysMessage();
     return void 0;
   }
-  if (publicKeys.length === 1) {
-    return publicKeys[0]?.key;
-  }
   const selectedPath = await select(
     "Select the public key to embed into server.ts:",
     createPublicKeyOptions(publicKeys)
@@ -425,7 +1069,10 @@ async function promptForAdminPublicKey(select, publicKeys = discoverLocalPublicK
 }
 
 // src/scaffoldConfig.ts
-var CLI_USAGE = "Usage: create-paratix <project-name> [--host <domain-or-ip>] [--initial-user <root|name>] [--admin-public-key <ssh-public-key>] [--admin-public-key-file <path>]";
+var CLI_USAGE = "Usage: create-paratix <project-name> [--host <domain-or-ip>] [--initial-user <root|name>] [--expected-host-fingerprint <fingerprint>] [--admin-public-key <ssh-public-key>] [--admin-public-key-file <path>]";
+var OPENSSH_SHA256_FINGERPRINT_PATTERN = new RegExp("^SHA256:[A-Za-z0-9+\\/]{43}$", "v");
+var SHA256_FINGERPRINT_PREFIX = "SHA256:";
+var SHA256_FINGERPRINT_RAW_BYTE_LENGTH = 32;
 function normalizeInitialUserName(name) {
   return name.trim();
 }
@@ -436,7 +1083,7 @@ function parseInitialUserConfig(exitWithMessage2, value) {
   const normalizedValue = normalizeInitialUserName(value);
   if (!isValidInitialUserName(normalizedValue)) {
     exitWithMessage2(
-      `Error: Invalid initial user "${value}" \u2014 use "root" or a valid lowercase Linux username.`
+      `Error: Invalid initial user ${formatCliValue(value)} \u2014 use "root" or a valid lowercase Linux username.`
     );
   }
   return normalizedValue === "root" ? { kind: "root" } : { kind: "admin", user: normalizedValue };
@@ -446,30 +1093,94 @@ function normalizeHost(value) {
 }
 function isValidHost(value) {
   const normalizedValue = normalizeHost(value);
-  return normalizedValue.length > 0 && !new RegExp("\\s", "v").test(normalizedValue);
+  if (normalizedValue.length === 0) return false;
+  if (new RegExp("\\s", "v").test(normalizedValue)) return false;
+  if (containsUnsafeCodepoint(normalizedValue)) return false;
+  return true;
 }
 function validateHost(exitWithMessage2, value) {
   const normalizedValue = normalizeHost(value);
   if (!isValidHost(normalizedValue)) {
     exitWithMessage2(
-      `Error: Invalid host "${value}" \u2014 use a domain name, IPv4, or IPv6 address without spaces.`
+      `Error: Invalid host ${formatCliValue(value)} \u2014 use a domain name, IPv4, or IPv6 address without spaces.`
     );
   }
   return normalizedValue;
 }
-async function promptForHost(prompt) {
-  for (; ; ) {
-    const host = normalizeHost(await prompt("Server host (domain or IP): "));
-    if (isValidHost(host)) {
-      return host;
-    }
-    console.error("Error: Please enter a domain name, IPv4, or IPv6 address without spaces.");
+function isValidExpectedHostFingerprint(value) {
+  if (!OPENSSH_SHA256_FINGERPRINT_PATTERN.test(value)) {
+    return false;
   }
+  const encoded = value.slice(SHA256_FINGERPRINT_PREFIX.length);
+  const decoded = Buffer.from(encoded, "base64");
+  if (decoded.length !== SHA256_FINGERPRINT_RAW_BYTE_LENGTH) {
+    return false;
+  }
+  const canonical = decoded.toString("base64");
+  let trimmedEnd = canonical.length;
+  while (trimmedEnd > 0 && canonical[trimmedEnd - 1] === "=") {
+    trimmedEnd--;
+  }
+  return canonical.slice(0, trimmedEnd) === encoded;
+}
+function validateExpectedHostFingerprint(exitWithMessage2, value) {
+  if (!isValidExpectedHostFingerprint(value)) {
+    exitWithMessage2(
+      `Error: Invalid expected host fingerprint ${formatCliValue(value)} \u2014 use an OpenSSH SHA256 fingerprint.`
+    );
+  }
+  return value;
+}
+function throwValidationError(message) {
+  throw new Error(message);
+}
+function normalizeProgrammaticScaffoldStringOptions(options) {
+  return {
+    adminPublicKey: options?.adminPublicKey == null ? void 0 : validateAdminPublicKey(throwValidationError, options.adminPublicKey),
+    expectedHostFingerprint: options?.expectedHostFingerprint == null ? void 0 : validateExpectedHostFingerprint(throwValidationError, options.expectedHostFingerprint),
+    host: options?.host == null ? "1.2.3.4" : validateHost(throwValidationError, options.host)
+  };
+}
+var MAX_PROMPT_ATTEMPTS = 5;
+async function promptForHost(prompt) {
+  for (let attempt = 0; attempt < MAX_PROMPT_ATTEMPTS; attempt++) {
+    const rawAnswer = await prompt("Server host (domain or IP): ");
+    const host = normalizeHost(rawAnswer);
+    if (isValidHost(host)) {
+      return host;
+    }
+    if (rawAnswer === "") {
+      throw new CliExitError(
+        "Error: No host provided \u2014 stdin is closed or empty. Pass --host <domain-or-ip>."
+      );
+    }
+    console.error("Error: Please enter a domain name, IPv4, or IPv6 address without spaces.");
+  }
+  throw new CliExitError(
+    `Error: Too many invalid host entries (${String(MAX_PROMPT_ATTEMPTS)}). Pass --host <domain-or-ip> instead.`
+  );
 }
 function parseArgumentValue(argv, index, parameters) {
+  function failMissing(message) {
+    parameters.exitWithMessage(message);
+    throw new Error(message);
+  }
   const value = argv.at(index + 1);
-  if (value == null || value.startsWith("--")) {
-    parameters.exitWithMessage(`Error: Missing value for "${parameters.optionName}".`);
+  if (value == null) {
+    failMissing(`Error: Missing value for "${parameters.optionName}".`);
+  }
+  if (value.startsWith("--")) {
+    failMissing(
+      `Error: Expected a value for "${parameters.optionName}" but got the flag "${value}". If the value really starts with "--", separate it from the option with "--" or quote it explicitly.`
+    );
+  }
+  if (value.trim() === "") {
+    failMissing(`Error: Empty value for "${parameters.optionName}" \u2014 provide a non-empty value.`);
+  }
+  if (new RegExp("[\\r\\n]", "v").test(value)) {
+    failMissing(
+      `Error: Multi-line value for "${parameters.optionName}" \u2014 provide a single-line value.`
+    );
   }
   return value;
 }
@@ -477,7 +1188,7 @@ function handleUnknownOption(argument, exitWithMessage2) {
   if (argument === "--bootstrap-root") {
     exitWithMessage2('Error: "--bootstrap-root" was removed. Use "--initial-user root" instead.');
   }
-  exitWithMessage2(`Error: Unknown option "${argument}".`);
+  exitWithMessage2(`Error: Unknown option ${formatCliValue(argument)}.`);
 }
 function parseOptionAssignment(parameters) {
   if (parameters.argument === "--host") {
@@ -496,6 +1207,18 @@ function parseOptionAssignment(parameters) {
       })
     };
   }
+  if (parameters.argument === "--expected-host-fingerprint") {
+    const expectedHostFingerprint = parseArgumentValue(parameters.argv, parameters.index, {
+      exitWithMessage: parameters.exitWithMessage,
+      optionName: "--expected-host-fingerprint"
+    });
+    return {
+      expectedHostFingerprint: validateExpectedHostFingerprint(
+        parameters.exitWithMessage,
+        expectedHostFingerprint
+      )
+    };
+  }
   if (parameters.argument === "--admin-public-key") {
     return {
       adminPublicKey: parseArgumentValue(parameters.argv, parameters.index, {
@@ -518,6 +1241,7 @@ function parseCliArguments(argv, exitWithMessage2) {
   const parsed = {
     adminPublicKey: void 0,
     adminPublicKeyFile: void 0,
+    expectedHostFingerprint: void 0,
     host: void 0,
     initialUser: void 0,
     projectName: void 0
@@ -557,10 +1281,19 @@ function validatePublicKeyOptions(parsed, exitWithMessage2) {
 
 // src/interactivePrompts.ts
 var NOOP = () => void 0;
-var INTERACTIVE_SELECTION_UNAVAILABLE = "Interactive selection is unavailable.";
+var INTERACTIVE_SELECTION_UNAVAILABLE = "Interactive selection is unavailable. Pass --initial-user <root|name> to skip the prompt.";
 var UNAVAILABLE_SELECT = (() => {
-  throw new Error(INTERACTIVE_SELECTION_UNAVAILABLE);
+  throw new CliExitError(INTERACTIVE_SELECTION_UNAVAILABLE, 1);
 });
+var GENERIC_NON_TTY_HINT = "Pass --admin-public-key/--admin-public-key-file and --expected-host-fingerprint (or run create-paratix from an interactive shell) to skip the prompt.";
+var INITIAL_USER_NON_TTY_HINT = "Pass --initial-user <root|name> (or run create-paratix from an interactive shell) to skip the prompt.";
+function enforceInteractivePromptTty(remediationHint) {
+  if (process.stdin.isTTY && process.stdout.isTTY) return;
+  throw new CliExitError(`Interactive prompt requires a TTY. ${remediationHint}`, 1);
+}
+function ensureInteractivePromptTty() {
+  enforceInteractivePromptTty(GENERIC_NON_TTY_HINT);
+}
 var INITIAL_USER_OPTIONS = [
   {
     description: "Fresh server with SSH access only as root. Paratix bootstraps a dedicated admin user first.",
@@ -580,15 +1313,40 @@ var HOST_FINGERPRINT_OPTIONS = [
     value: "scan"
   },
   {
-    description: "Keep the expectedHostFingerprint placeholder in server.ts and verify the host key manually later.",
-    label: "Keep placeholder",
+    description: "Skip pinning now. The generated project will fail closed until known_hosts is prepared or a verified expectedHostFingerprint/PublicKey is added.",
+    label: "Skip pinning",
     value: "placeholder"
   }
 ];
+var HOST_FINGERPRINT_CONFIRM_OPTIONS = [
+  {
+    description: "Skip pinning now. The generated project will fail closed until known_hosts is prepared or a verified host-key pin is added.",
+    label: "Discard and skip",
+    value: "discard"
+  },
+  {
+    description: "Pin the scanned fingerprint into server.ts. Only choose this if the algorithm and fingerprint match an out-of-band reference (server console, provider dashboard, ssh-keyscan over a trusted network).",
+    label: "Pin this fingerprint",
+    value: "pin"
+  }
+];
+function describeScanResult(host, result) {
+  const escapedHost = escapeCliControlCharacters(host);
+  return [
+    "",
+    `Scanned SSH host key for ${escapedHost}:22`,
+    `  algorithm:   ${escapeCliControlCharacters(result.algorithm)}`,
+    `  fingerprint:`,
+    `    ${escapeCliControlCharacters(result.fingerprint)}`,
+    "",
+    "Compare this value against an out-of-band reference before pinning it.",
+    ""
+  ].join("\n");
+}
 function createTerminalPrompt() {
   const readline = createInterface({ input: process.stdin, output: process.stdout });
   return {
-    close: () => {
+    close() {
       readline.close();
     },
     prompt: async (question) => readline.question(question)
@@ -615,17 +1373,25 @@ function createPromptSession(prompt) {
     closeSelect: NOOP
   };
 }
-async function promptForAdminUser(ask, closePrompt) {
-  for (; ; ) {
-    const adminUser = normalizeInitialUserName(await ask("Admin username: "));
+async function promptForAdminUser(ask) {
+  for (let attempt = 0; attempt < MAX_PROMPT_ATTEMPTS; attempt++) {
+    const rawAnswer = await ask("Admin username: ");
+    const adminUser = normalizeInitialUserName(rawAnswer);
     if (isValidInitialUserName(adminUser) && adminUser !== "root") {
-      closePrompt();
       return { kind: "admin", user: adminUser };
     }
+    if (rawAnswer === "") {
+      throw new CliExitError(
+        "Error: No admin username provided \u2014 stdin is closed or empty. Pass --initial-user <root|name>."
+      );
+    }
     console.error(
       'Error: Invalid admin username. Use a valid lowercase Linux username other than "root".'
     );
   }
+  throw new CliExitError(
+    `Error: Too many invalid admin username entries (${String(MAX_PROMPT_ATTEMPTS)}). Pass --initial-user <root|name> instead.`
+  );
 }
 async function promptForHost2(prompt, closePrompt = NOOP) {
   if (prompt != null) {
@@ -635,6 +1401,7 @@ async function promptForHost2(prompt, closePrompt = NOOP) {
       closePrompt();
     }
   }
+  ensureInteractivePromptTty();
   const terminalPrompt = createTerminalPrompt();
   try {
     return await promptForHost(terminalPrompt.prompt);
@@ -642,8 +1409,11 @@ async function promptForHost2(prompt, closePrompt = NOOP) {
     terminalPrompt.close();
   }
 }
-async function promptForInitialUserConfig(prompt, select) {
-  const promptSession = createPromptSession(prompt);
+async function promptForInitialUserConfig(prompt, select, createSession = createPromptSession) {
+  if (prompt == null && createSession === createPromptSession) {
+    enforceInteractivePromptTty(INITIAL_USER_NON_TTY_HINT);
+  }
+  const promptSession = createSession(prompt);
   const chooseInitialUser = select ?? promptSession.chooseInitialUser;
   try {
     const initialUserType = await chooseInitialUser(
@@ -651,117 +1421,458 @@ async function promptForInitialUserConfig(prompt, select) {
       INITIAL_USER_OPTIONS
     );
     if (initialUserType === "root") {
-      promptSession.closeSelect();
-      promptSession.closePrompt();
       return { kind: "root" };
     }
-    return await promptForAdminUser(promptSession.ask, promptSession.closePrompt);
+    return await promptForAdminUser(promptSession.ask);
   } finally {
     promptSession.closeSelect();
+    promptSession.closePrompt();
   }
 }
-async function promptForAdminPublicKey2(select, publicKeys) {
+async function promptForAdminPublicKey2(select, publicKeys, options) {
+  if (select == null) ensureInteractivePromptTty();
   const terminalSelect = select == null ? createTerminalSelect() : null;
   const choose = select ?? terminalSelect?.select;
   if (choose == null) {
     throw new Error(INTERACTIVE_SELECTION_UNAVAILABLE);
   }
   try {
-    return await promptForAdminPublicKey(choose, publicKeys);
+    return await promptForAdminPublicKey(choose, publicKeys, options);
   } finally {
     terminalSelect?.close();
   }
 }
-async function promptForHostFingerprint(host, select, scanner = readHostFingerprintViaSsh2) {
+async function scanHostFingerprint(host) {
+  return readHostFingerprintViaSsh2(host, { allowSsh2HostKeyScan: true });
+}
+async function chooseFrom(choose, prompt, options) {
+  const result = await choose(prompt, options);
+  const matchedOption = options.find((option) => option.value === result);
+  if (matchedOption == null) {
+    throw new Error(
+      `Internal error: select returned an unexpected option for prompt ${JSON.stringify(prompt)}.`
+    );
+  }
+  return matchedOption.value;
+}
+function failAfterScanFailure(host, error) {
+  const reason = escapeCliControlCharacters(error instanceof Error ? error.message : String(error));
+  const escapedHost = escapeCliControlCharacters(host);
+  console.error(
+    [
+      "",
+      `Warning: failed to scan SSH host key for ${escapedHost}.`,
+      `  reason: ${reason}`,
+      "  This may indicate a man-in-the-middle attempt or a firewall blocking",
+      "  the SSH handshake. Verify the host key out of band before pinning",
+      "  any fingerprint into server.ts.",
+      ""
+    ].join("\n")
+  );
+  throw new Error(
+    `Aborting scaffolding: host-key scan for ${escapedHost} failed (${reason}). Re-run create-paratix once the SSH handshake to ${escapedHost}:22 succeeds, or pass --expected-host-fingerprint with an out-of-band verified fingerprint.`
+  );
+}
+async function scanAndConfirmFingerprint(parameters) {
+  const { choose, host, scanner } = parameters;
+  let result;
+  try {
+    result = await scanner(host);
+  } catch (error) {
+    failAfterScanFailure(host, error);
+  }
+  console.log(describeScanResult(host, result));
+  const confirmation = await chooseFrom(
+    choose,
+    `Pin the scanned host fingerprint for ${escapeCliControlCharacters(host)}?`,
+    HOST_FINGERPRINT_CONFIRM_OPTIONS
+  );
+  if (confirmation !== "pin") {
+    const escapedHost = escapeCliControlCharacters(host);
+    throw new Error(
+      `Aborting scaffolding: scanned host fingerprint for ${escapedHost} was not pinned. Re-run create-paratix and pin a verified fingerprint, or pass --expected-host-fingerprint.`
+    );
+  }
+  return result.fingerprint;
+}
+async function promptForHostFingerprint(host, select, scanner = scanHostFingerprint) {
+  if (select == null) ensureInteractivePromptTty();
   const terminalSelect = select == null ? createTerminalSelect() : null;
   const choose = select ?? terminalSelect?.select;
   if (choose == null) {
     throw new Error(INTERACTIVE_SELECTION_UNAVAILABLE);
   }
   try {
-    const hostKeyMode = await choose(
-      `How should create-paratix bootstrap the SSH host key for ${host}?`,
+    const hostKeyMode = await chooseFrom(
+      choose,
+      `How should create-paratix bootstrap the SSH host key for ${escapeCliControlCharacters(host)}?`,
       HOST_FINGERPRINT_OPTIONS
     );
     if (hostKeyMode !== "scan") {
       return void 0;
     }
-    try {
-      return await scanner(host);
-    } catch (error) {
-      console.error(
-        `${error instanceof Error ? error.message : String(error)} Keeping the expectedHostFingerprint placeholder in server.ts.`
-      );
-      return void 0;
-    }
+    return await scanAndConfirmFingerprint({ choose, host, scanner });
   } finally {
     terminalSelect?.close();
   }
 }
 
-// src/scaffoldRuntime.ts
-import { execSync } from "child_process";
-var MS_PER_MINUTE = 6e4;
-var INSTALL_TIMEOUT_MS = 12e4;
-function detectPackageManager() {
-  const agent = process.env.npm_config_user_agent ?? "";
-  if (agent.startsWith("pnpm")) {
-    return { command: "pnpm install", name: "pnpm" };
+// src/cliValidation.ts
+function exitWithMessage(message) {
+  console.error(escapeCliControlCharacters(message));
+  throw new CliExitError(message, 1, { reported: true });
+}
+function restoreInteractiveTerminal() {
+  if (process.stdout.isTTY) {
+    process.stdout.write("\x1B[?25h");
   }
-  if (agent.startsWith("yarn")) {
-    return { command: "yarn install", name: "yarn" };
+  if (process.stdin.isTTY && typeof process.stdin.setRawMode === "function") {
+    try {
+      process.stdin.setRawMode(false);
+    } catch {
+    }
   }
-  if (agent.startsWith("bun")) {
-    return { command: "bun install", name: "bun" };
+}
+function handleCliExit(error) {
+  restoreInteractiveTerminal();
+  if (error instanceof CliExitError) {
+    if (!error.reported) {
+      console.error(escapeCliControlCharacters(error.cliMessage));
+    }
+    process.exitCode = error.exitCode;
+    return;
   }
-  return { command: "npm install", name: "npm" };
+  console.error(escapeCliControlCharacters(error instanceof Error ? error.message : String(error)));
+  process.exitCode = 1;
 }
-function installDependencies(projectDirectory, pm) {
-  console.log(`Installing dependencies with ${pm.name}...`);
+function parseCliArguments2(argv) {
+  return parseCliArguments(argv, exitWithMessage);
+}
+function parseInitialUserConfig2(value) {
+  return parseInitialUserConfig(exitWithMessage, value);
+}
+function validateHost2(value) {
+  return validateHost(exitWithMessage, value);
+}
+function validateExpectedHostFingerprint2(value) {
+  return validateExpectedHostFingerprint(exitWithMessage, value);
+}
+async function resolveCliOrPromptAdminPublicKey(parameters) {
+  const { adminPublicKey, adminPublicKeyFile, allowPlaceholder = true } = parameters;
+  if (adminPublicKey !== void 0) {
+    return validateAdminPublicKey(exitWithMessage, adminPublicKey);
+  }
+  if (adminPublicKeyFile !== void 0) {
+    return readAdminPublicKeyFile(exitWithMessage, adminPublicKeyFile);
+  }
+  if (process.stdin.isTTY && process.stdout.isTTY) {
+    return promptForAdminPublicKey2(void 0, void 0, { allowPlaceholder });
+  }
+  return void 0;
+}
+async function resolveCliOrPromptHost(host, prompt = promptForHost2) {
+  if (host !== void 0) return validateHost2(host);
+  if (process.stdin.isTTY && process.stdout.isTTY) return prompt();
+  exitWithMessage("Missing --host in non-interactive environment. Pass --host <domain-or-ip>.");
+}
+
+// src/directExecution.ts
+import { realpathSync as realpathSync2 } from "fs";
+import { resolve as resolve2 } from "path";
+import { fileURLToPath } from "url";
+function normalizeExecutionPath(path) {
+  const resolvedPath = resolve2(path);
   try {
-    execSync(pm.command, { cwd: projectDirectory, stdio: "inherit", timeout: INSTALL_TIMEOUT_MS });
-    return true;
+    return realpathSync2.native(resolvedPath);
+  } catch {
+    return resolvedPath;
+  }
+}
+function isDirectExecution(moduleUrl, argv1) {
+  if (argv1 == null) return false;
+  try {
+    return normalizeExecutionPath(fileURLToPath(moduleUrl)) === normalizeExecutionPath(argv1);
+  } catch {
+    return false;
+  }
+}
+
+// src/projectDirectory.ts
+import { randomBytes } from "crypto";
+import {
+  existsSync,
+  lstatSync as lstatSync2,
+  mkdirSync,
+  mkdtempSync,
+  readdirSync as readdirSync2,
+  renameSync,
+  rmdirSync,
+  rmSync,
+  writeFileSync
+} from "fs";
+import { dirname, join as join2 } from "path";
+var RESERVATION_SENTINEL_PREFIX = ".paratix-reservation-";
+var RESERVATION_SENTINEL_TOKEN_BYTES = 16;
+function isErrnoException(error) {
+  return error instanceof Error && "code" in error && typeof error.code === "string";
+}
+function exitWithDirectoryAlreadyExists(normalizedProjectName) {
+  exitWithMessage(`Error: Directory ${formatCliValue(normalizedProjectName)} already exists.`);
+  throw new Error(`Error: Directory ${formatCliValue(normalizedProjectName)} already exists.`);
+}
+function readProjectDirectoryIdentity(projectDirectory) {
+  const stats = lstatSync2(projectDirectory);
+  return { dev: stats.dev, ino: stats.ino };
+}
+function reserveProjectDirectoryWithSentinel(projectDirectory, normalizedProjectName) {
+  try {
+    mkdirSync(projectDirectory, { recursive: false });
   } catch (error) {
-    if (error instanceof Error && "signal" in error && error.signal === "SIGTERM") {
-      console.error(
-        `Installation timed out after ${Math.round(INSTALL_TIMEOUT_MS / MS_PER_MINUTE)} minutes.`
-      );
-    } else {
-      const message = error instanceof Error ? error.message : String(error);
-      console.error(`Failed to install dependencies: ${message}`);
+    if (isErrnoException(error) && error.code === "EEXIST") {
+      exitWithDirectoryAlreadyExists(normalizedProjectName);
     }
-    console.error("Run install manually.");
-    return false;
+    throw error;
   }
+  const reservationSentinel = `${RESERVATION_SENTINEL_PREFIX}${randomBytes(
+    RESERVATION_SENTINEL_TOKEN_BYTES
+  ).toString("hex")}`;
+  try {
+    writeFileSync(join2(projectDirectory, reservationSentinel), "");
+  } catch (error) {
+    rmdirSync(projectDirectory);
+    throw error;
+  }
+  return reservationSentinel;
 }
-function getCommandPrefix(pm) {
-  return pm.name === "npm" ? "npm run" : pm.name;
+function createStagedProjectDirectory(projectDirectory, normalizedProjectName) {
+  const reservationSentinel = reserveProjectDirectoryWithSentinel(
+    projectDirectory,
+    normalizedProjectName
+  );
+  const projectDirectoryIdentity = readProjectDirectoryIdentity(projectDirectory);
+  const stagingParentDirectory = dirname(projectDirectory);
+  const stagingPrefix = join2(stagingParentDirectory, `.${normalizedProjectName}-staging-`);
+  try {
+    return {
+      projectDirectory,
+      projectDirectoryIdentity,
+      reservationSentinel,
+      stagingDirectory: mkdtempSync(stagingPrefix)
+    };
+  } catch (error) {
+    removeReservedProjectDirectoryIfEmpty({
+      projectDirectory,
+      projectDirectoryIdentity,
+      reservationSentinel
+    });
+    throw error;
+  }
 }
-function printSuccessMessage(projectName, pm) {
-  const prefix = getCommandPrefix(pm);
-  console.log(`
-Project created successfully!
-
-  cd ${projectName}
-
-Edit server.ts with your server details, then:
-
-  ${prefix} apply:dry
-  ${prefix} apply
-`);
+function assertReservedProjectDirectory({ projectDirectory, projectDirectoryIdentity, reservationSentinel }, normalizedProjectName) {
+  if (!isSameProjectDirectoryIdentity(projectDirectory, projectDirectoryIdentity)) {
+    exitWithDirectoryAlreadyExists(normalizedProjectName);
+  }
+  if (!existsSync(join2(projectDirectory, reservationSentinel))) {
+    exitWithDirectoryAlreadyExists(normalizedProjectName);
+  }
+  const foreignEntries = readdirSync2(projectDirectory).filter(
+    (name) => name !== reservationSentinel
+  );
+  if (foreignEntries.length > 0) {
+    exitWithDirectoryAlreadyExists(normalizedProjectName);
+  }
+}
+function createQuarantinePath(parentDirectory, normalizedProjectName) {
+  const quarantineDirectory = mkdtempSync(
+    join2(parentDirectory, `.${normalizedProjectName}-quarantine-`)
+  );
+  rmdirSync(quarantineDirectory);
+  return quarantineDirectory;
+}
+function restoreQuarantinedDirectory(quarantineDirectory, projectDirectory) {
+  try {
+    renameSync(quarantineDirectory, projectDirectory);
+  } catch {
+  }
+}
+function quarantineReservedProjectDirectory({
+  projectDirectory,
+  projectDirectoryIdentity,
+  reservationSentinel
+}, normalizedProjectName) {
+  const quarantineDirectory = createQuarantinePath(dirname(projectDirectory), normalizedProjectName);
+  renameSync(projectDirectory, quarantineDirectory);
+  if (!isSameProjectDirectoryIdentity(quarantineDirectory, projectDirectoryIdentity)) {
+    restoreQuarantinedDirectory(quarantineDirectory, projectDirectory);
+    exitWithDirectoryAlreadyExists(normalizedProjectName);
+  }
+  if (!existsSync(join2(quarantineDirectory, reservationSentinel))) {
+    restoreQuarantinedDirectory(quarantineDirectory, projectDirectory);
+    exitWithDirectoryAlreadyExists(normalizedProjectName);
+  }
+  const foreignEntries = readdirSync2(quarantineDirectory).filter(
+    (name) => name !== reservationSentinel
+  );
+  if (foreignEntries.length > 0) {
+    restoreQuarantinedDirectory(quarantineDirectory, projectDirectory);
+    exitWithDirectoryAlreadyExists(normalizedProjectName);
+  }
+  return quarantineDirectory;
+}
+function publishStagedProjectDirectory(stagedProjectDirectory, normalizedProjectName) {
+  const { projectDirectory, reservationSentinel, stagingDirectory } = stagedProjectDirectory;
+  const quarantineDirectory = quarantineReservedProjectDirectory(
+    stagedProjectDirectory,
+    normalizedProjectName
+  );
+  try {
+    renameSync(stagingDirectory, projectDirectory);
+  } catch (error) {
+    restoreQuarantinedDirectory(quarantineDirectory, projectDirectory);
+    throw error;
+  }
+  rmSync(join2(quarantineDirectory, reservationSentinel), { force: true });
+  rmdirSync(quarantineDirectory);
+}
+function finalizeStagedProjectDirectory(stagedProjectDirectory, normalizedProjectName) {
+  try {
+    assertReservedProjectDirectory(stagedProjectDirectory, normalizedProjectName);
+    publishStagedProjectDirectory(stagedProjectDirectory, normalizedProjectName);
+  } catch (error) {
+    const errorCode = isErrnoException(error) ? error.code : void 0;
+    if (errorCode === "EEXIST" || errorCode === "ENOTEMPTY") {
+      exitWithDirectoryAlreadyExists(normalizedProjectName);
+    }
+    throw error;
+  }
+  return readProjectDirectoryIdentity(stagedProjectDirectory.projectDirectory);
+}
+function isSameProjectDirectoryIdentity(projectDirectory, identity) {
+  try {
+    const currentIdentity = readProjectDirectoryIdentity(projectDirectory);
+    return currentIdentity.dev === identity.dev && currentIdentity.ino === identity.ino;
+  } catch (error) {
+    if (isErrnoException(error) && error.code === "ENOENT") {
+      return false;
+    }
+    throw error;
+  }
+}
+function readForeignReservationEntries(projectDirectory, reservationSentinel) {
+  try {
+    return readdirSync2(projectDirectory).filter((name) => name !== reservationSentinel);
+  } catch (error) {
+    if (isErrnoException(error) && error.code === "ENOENT") {
+      return null;
+    }
+    throw error;
+  }
+}
+function removeReservedProjectDirectoryIfEmpty({
+  projectDirectory,
+  projectDirectoryIdentity,
+  reservationSentinel
+}) {
+  if (!isSameProjectDirectoryIdentity(projectDirectory, projectDirectoryIdentity)) {
+    return;
+  }
+  const foreignEntries = readForeignReservationEntries(projectDirectory, reservationSentinel);
+  if (foreignEntries === null || foreignEntries.length > 0) {
+    return;
+  }
+  try {
+    rmSync(join2(projectDirectory, reservationSentinel), { force: true });
+    rmdirSync(projectDirectory);
+  } catch (error) {
+    const errorCode = isErrnoException(error) ? error.code : void 0;
+    if (errorCode === "ENOENT" || errorCode === "ENOTEMPTY") {
+      return;
+    }
+    throw error;
+  }
+}
+function removePublishedProjectDirectory(projectDirectory, projectDirectoryIdentity, normalizedProjectName) {
+  const quarantineDirectory = createQuarantinePath(dirname(projectDirectory), normalizedProjectName);
+  try {
+    renameSync(projectDirectory, quarantineDirectory);
+  } catch (error) {
+    if (isErrnoException(error) && error.code === "ENOENT") {
+      return;
+    }
+    throw error;
+  }
+  if (!isSameProjectDirectoryIdentity(quarantineDirectory, projectDirectoryIdentity)) {
+    restoreQuarantinedDirectory(quarantineDirectory, projectDirectory);
+    return;
+  }
+  rmSync(quarantineDirectory, { force: true, recursive: true });
 }
-function printPartialSuccessMessage(projectName, pm) {
-  const prefix = getCommandPrefix(pm);
-  console.log(`
-Project files created, but dependency installation failed.
-
-  cd ${projectName}
 
-Install dependencies manually, then run:
+// src/scaffoldFiles.ts
+import { lstatSync as lstatSync3, mkdirSync as mkdirSync2, writeFileSync as writeFileSync2 } from "fs";
+import { dirname as dirname2, join as join3 } from "path";
 
-  ${prefix} apply:dry
-  ${prefix} apply
-`);
+// src/dependencyRange.ts
+import { readFileSync } from "fs";
+var SEMVER_CORE_IDENTIFIER_COUNT = 3;
+function isDigit(value) {
+  return value >= "0" && value <= "9";
+}
+function isIdentifierCharacter(value) {
+  return value >= "a" && value <= "z" || value >= "A" && value <= "Z" || isDigit(value);
+}
+function isNumericIdentifier(value) {
+  if (value === "") return false;
+  for (const character of value) {
+    if (!isDigit(character)) return false;
+  }
+  return value === "0" || !value.startsWith("0");
+}
+function isValidLabel(value) {
+  if (value === "") return false;
+  for (const character of value) {
+    if (character !== "-" && !isIdentifierCharacter(character)) return false;
+  }
+  return true;
+}
+function isValidPrereleaseLabel(value) {
+  if (!isValidLabel(value)) return false;
+  for (const character of value) {
+    if (!isDigit(character)) return true;
+  }
+  return isNumericIdentifier(value);
+}
+function splitSemverSuffix(version, separator) {
+  const firstIndex = version.indexOf(separator);
+  if (firstIndex === -1) return [version, void 0];
+  if (separator === "+" && version.includes(separator, firstIndex + 1)) {
+    return [version, ""];
+  }
+  return [version.slice(0, firstIndex), version.slice(firstIndex + 1)];
+}
+function areDotSeparatedLabelsValid(value, validateLabel) {
+  if (value === void 0) return true;
+  return value.split(".").every((label) => validateLabel(label));
+}
+function isValidSemverVersion(version) {
+  const [withoutBuild, build] = splitSemverSuffix(version, "+");
+  const [coreVersion, prerelease] = splitSemverSuffix(withoutBuild, "-");
+  const coreIdentifiers = coreVersion.split(".");
+  return coreIdentifiers.length === SEMVER_CORE_IDENTIFIER_COUNT && coreIdentifiers.every((identifier) => isNumericIdentifier(identifier)) && areDotSeparatedLabelsValid(prerelease, isValidPrereleaseLabel) && areDotSeparatedLabelsValid(build, isValidLabel);
+}
+function isPackageJsonWithVersion(value) {
+  return typeof value === "object" && value !== null && "version" in value && typeof value.version === "string" && isValidSemverVersion(value.version);
+}
+function readCreateParatixPackageVersion() {
+  const packageJsonUrl = new URL("../package.json", import.meta.url);
+  const packageJson = JSON.parse(readFileSync(packageJsonUrl, "utf8"));
+  if (!isPackageJsonWithVersion(packageJson)) {
+    throw new Error("create-paratix package.json must contain a valid semver version.");
+  }
+  return packageJson.version;
+}
+function deriveParatixDependencyRange() {
+  return `^${readCreateParatixPackageVersion()}`;
 }
 
 // src/templates.ts
@@ -831,15 +1942,15 @@ function createBaseServerHeader({
   host,
   sshUser
 }) {
-  const strictHostKeyCheckingDeclaration = expectedHostFingerprint == null ? 'const strictHostKeyChecking = FIRST_RUN ? "accept-new" : "yes";' : 'const strictHostKeyChecking = "yes";';
+  const strictHostKeyCheckingDeclaration = 'const strictHostKeyChecking = "yes";';
   const expectedHostFingerprintLine = expectedHostFingerprint == null ? '    // expectedHostFingerprint: "SHA256:REPLACE_ME_WITH_YOUR_HOST_FINGERPRINT",' : `    expectedHostFingerprint: ${JSON.stringify(expectedHostFingerprint)}, // captured from port 22 during scaffolding`;
-  return `import { firstRun, recipe, server } from "paratix";
-import { file, hostname, net, package as packages, ssh, sshd, sysctl, ufw, user } from "paratix/modules";
+  return `import { firstRun, isFirstRun, recipe, server, when } from "paratix";
+import { command, file, hostname, net, package as packages, ssh, sshd, sysctl, ufw, user } from "paratix/modules";
 
 ${adminUserDeclaration}
 const adminPublicKey = ${JSON.stringify(adminPublicKey ?? "ssh-ed25519 REPLACE_ME_WITH_YOUR_PUBLIC_KEY")};
 const serverName = "my-server";
-const FIRST_RUN = process.env["PARATIX_FIRST_RUN"] === "true";
+const FIRST_RUN = isFirstRun();
 const sshPorts = FIRST_RUN ? [22] : [2222];
 const firewallTcpPorts = FIRST_RUN ? [22, 2222, 80, 443] : [2222, 80, 443];
 ${strictHostKeyCheckingDeclaration}
@@ -850,9 +1961,10 @@ export default server({
   ssh: {
     ports: sshPorts,
     privateKey: "~/.ssh/id_ed25519", // "~" is expanded by Paratix
-    // FIRST_RUN keeps the bootstrap path explicit:
+    // FIRST_RUN keeps the bootstrap path explicit and fail-closed:
     // - pass "paratix apply ... --first-run" for the bootstrap run
-    // - later runs omit that flag and go through port 2222 with strict host-key checking again
+    // - pin expectedHostFingerprint/PublicKey or pre-populate known_hosts before connecting
+    // - later runs omit that flag and go through port 2222 with the same strict host-key checking
     strictHostKeyChecking,
     user: ${sshUser},
 ${expectedHostFingerprintLine}
@@ -874,6 +1986,13 @@ function createFirewallRecipe() {
   return `
     recipe("firewall", [
       ufw.rule("allow", firewallTcpPorts),
+      when(
+        (env) => env["FIRST_RUN"] !== true,
+        command.shell("ufw --force delete allow 22 || true; ufw --force delete allow 22/tcp || true; ! ufw status | grep -Eq '^22(/tcp)?[[:space:]]+(\\\\(v6\\\\)[[:space:]]+)?ALLOW'", {
+          check: "! ufw status | grep -Eq '^22(/tcp)?[[:space:]]+(\\\\(v6\\\\)[[:space:]]+)?ALLOW'",
+          name: "remove bootstrap ssh firewall rule",
+        })
+      ),
       ufw.enabled(),
     ]),
 `;
@@ -913,20 +2032,24 @@ function createFirstRunStopModule() {
     // Add application and user-facing services below this line.
 `;
 }
-function createAdminRecipe(recipeName) {
+function createAdminRecipe(recipeName, adminPublicKey) {
+  const authorizedKeysLine = adminPublicKey == null ? [
+    "      // Add a valid OpenSSH public key before enabling this line:",
+    "      // ssh.authorizedKeys(adminUser, adminPublicKey),"
+  ].join("\n") : "      ssh.authorizedKeys(adminUser, adminPublicKey),";
   return `
     recipe("${recipeName}", [
       user.present(adminUser, {
         groups: ["sudo"],
         shell: "/bin/bash",
       }),
-      ssh.authorizedKeys(adminUser, adminPublicKey),
+${authorizedKeysLine}
     ]),
 `;
 }
 function createHardenedAdminServerTemplate(parameters) {
   const { adminPublicKey, expectedHostFingerprint, host, initialAdminUser } = parameters;
-  const adminUserDeclaration = `const adminUser = "${initialAdminUser}";`;
+  const adminUserDeclaration = `const adminUser = ${JSON.stringify(initialAdminUser)};`;
   return `${createBaseServerHeader({
     adminPublicKey,
     adminUserDeclaration,
@@ -934,7 +2057,7 @@ function createHardenedAdminServerTemplate(parameters) {
     host,
     sshUser: "adminUser"
   })}
-${createAdminRecipe("admin-access")}
+${createAdminRecipe("admin-access", adminPublicKey)}
 ${createFirewallRecipe()}
     recipe("ssh-hardening", [
       sshd.port(2222),
@@ -959,7 +2082,7 @@ function createBootstrapRootServerTemplate(host, adminPublicKey, expectedHostFin
     host,
     sshUser: 'FIRST_RUN ? "root" : adminUser'
   })}
-${createAdminRecipe("bootstrap-admin-user")}
+${createAdminRecipe("bootstrap-admin-user", adminPublicKey)}
     recipe("bootstrap-admin-sudo", [
       file.copy(
         "/etc/sudoers.d/90-paratix-admin-nopasswd",
@@ -1003,69 +2126,260 @@ function createServerTemplate(options) {
   });
 }
 
-// src/index.ts
+// src/scaffoldFiles.ts
+function lstatPathIfExists(path) {
+  try {
+    return lstatSync3(path);
+  } catch (error) {
+    if (hasErrorCode(error, "ENOENT")) {
+      return void 0;
+    }
+    throw error;
+  }
+}
+function hasErrorCode(error, code) {
+  return error instanceof Error && "code" in error && error.code === code;
+}
+function throwScaffoldPathAlreadyExists(path) {
+  throw new Error(
+    `Error: Scaffold file ${formatCliValue(path)} already exists; refusing to overwrite it.`
+  );
+}
+function assertWritableScaffoldDirectory(path) {
+  try {
+    mkdirSync2(path, { recursive: false });
+  } catch (error) {
+    if (!hasErrorCode(error, "EEXIST")) {
+      throw error;
+    }
+  }
+  const stats = lstatPathIfExists(path);
+  if (stats == null || !stats.isDirectory() || stats.isSymbolicLink()) {
+    throwScaffoldPathAlreadyExists(path);
+  }
+}
+function writeManagedScaffoldFile(projectDirectory, relativePath, content) {
+  const targetPath = join3(projectDirectory, relativePath);
+  const targetStats = lstatPathIfExists(targetPath);
+  if (targetStats != null) {
+    throwScaffoldPathAlreadyExists(targetPath);
+  }
+  assertWritableScaffoldDirectory(dirname2(targetPath));
+  try {
+    writeFileSync2(targetPath, content, { flag: "wx" });
+  } catch (error) {
+    if (hasErrorCode(error, "EEXIST")) {
+      throwScaffoldPathAlreadyExists(targetPath);
+    }
+    throw error;
+  }
+}
 function writeSharedScaffoldFiles(projectDirectory) {
-  writeFileSync(join2(projectDirectory, "tsconfig.json"), TSCONFIG_TEMPLATE);
-  writeFileSync(join2(projectDirectory, ".gitignore"), GITIGNORE_TEMPLATE);
-  writeFileSync(join2(projectDirectory, ".prettierrc"), PRETTIER_RC_TEMPLATE);
-  writeFileSync(join2(projectDirectory, ".prettierignore"), PRETTIER_IGNORE_TEMPLATE);
-  writeFileSync(join2(projectDirectory, "eslint.config.ts"), ESLINT_CONFIG_TEMPLATE);
-  writeFileSync(join2(projectDirectory, ".env.example"), ENV_EXAMPLE_TEMPLATE);
+  writeManagedScaffoldFile(projectDirectory, "tsconfig.json", TSCONFIG_TEMPLATE);
+  writeManagedScaffoldFile(projectDirectory, ".gitignore", GITIGNORE_TEMPLATE);
+  writeManagedScaffoldFile(projectDirectory, ".prettierrc", PRETTIER_RC_TEMPLATE);
+  writeManagedScaffoldFile(projectDirectory, ".prettierignore", PRETTIER_IGNORE_TEMPLATE);
+  writeManagedScaffoldFile(projectDirectory, "eslint.config.ts", ESLINT_CONFIG_TEMPLATE);
+  writeManagedScaffoldFile(projectDirectory, ".env.example", ENV_EXAMPLE_TEMPLATE);
 }
 function writeScaffoldSupportFiles(projectDirectory, initialUser) {
-  writeFileSync(join2(projectDirectory, "files", ".gitkeep"), "");
-  writeFileSync(join2(projectDirectory, "files", "20auto-upgrades"), AUTO_UPGRADES_20_TEMPLATE);
-  writeFileSync(
-    join2(projectDirectory, "files", "50unattended-upgrades"),
+  writeManagedScaffoldFile(projectDirectory, join3("files", ".gitkeep"), "");
+  writeManagedScaffoldFile(
+    projectDirectory,
+    join3("files", "20auto-upgrades"),
+    AUTO_UPGRADES_20_TEMPLATE
+  );
+  writeManagedScaffoldFile(
+    projectDirectory,
+    join3("files", "50unattended-upgrades"),
     UNATTENDED_UPGRADES_50_TEMPLATE
   );
   if (initialUser.kind !== "root") return;
-  writeFileSync(
-    join2(projectDirectory, "files", "admin-nopasswd-sudoers"),
+  writeManagedScaffoldFile(
+    projectDirectory,
+    join3("files", "admin-nopasswd-sudoers"),
     createAdminNopasswdSudoersContent("paratix")
   );
 }
-function writeProjectFiles(projectDirectory, options) {
-  mkdirSync(projectDirectory, { recursive: true });
-  mkdirSync(join2(projectDirectory, "files"), { recursive: true });
-  const host = options?.host ?? "1.2.3.4";
-  const initialUser = options?.initialUser ?? { kind: "admin", user: "paratix" };
-  const adminPublicKey = options?.adminPublicKey;
-  const expectedHostFingerprint = options?.expectedHostFingerprint;
+function writeScaffoldFiles(projectDirectory, { adminPublicKey, expectedHostFingerprint, host, initialUser, packageName }) {
+  assertWritableScaffoldDirectory(projectDirectory);
+  assertWritableScaffoldDirectory(join3(projectDirectory, "files"));
   const packageJson = {
     dependencies: {
-      paratix: "^0.1.0"
+      paratix: deriveParatixDependencyRange()
     },
     devDependencies: {
       "@types/node": "^24.5.2",
       eslint: "^10.0.3",
       "eslint-config-setup": "^0.3.3",
+      jiti: "^2.6.1",
       prettier: "^3.6.2",
-      tsx: "^4.20.6"
+      tsx: "^4.20.6",
+      typescript: "^5.9.2"
     },
     engines: {
       node: ">=24.0.0"
     },
-    name: derivePackageName(projectDirectory),
+    name: packageName,
     private: true,
     scripts: {
       apply: "paratix apply server.ts",
       "apply:dry": "paratix apply server.ts --dry-run",
+      "apply:first-run": "paratix apply server.ts --first-run",
+      "apply:first-run:dry": "paratix apply server.ts --dry-run --first-run",
       "format:check": "prettier --check .",
       "format:fix": "prettier --write .",
       lint: "eslint ."
     },
     type: "module"
   };
-  writeFileSync(join2(projectDirectory, "package.json"), `${JSON.stringify(packageJson, null, 2)}
-`);
-  writeFileSync(
-    join2(projectDirectory, "server.ts"),
+  writeManagedScaffoldFile(
+    projectDirectory,
+    "package.json",
+    `${JSON.stringify(packageJson, null, 2)}
+`
+  );
+  writeManagedScaffoldFile(
+    projectDirectory,
+    "server.ts",
     createServerTemplate({ adminPublicKey, expectedHostFingerprint, host, initialUser })
   );
   writeSharedScaffoldFiles(projectDirectory);
   writeScaffoldSupportFiles(projectDirectory, initialUser);
 }
+
+// src/scaffoldRuntime.ts
+import { spawnSync } from "child_process";
+var MS_PER_MINUTE = 6e4;
+var INSTALL_TIMEOUT_MS = 12e4;
+var PNPM_INSTALL = { args: ["install"], executable: "pnpm" };
+var YARN_INSTALL = { args: ["install"], executable: "yarn" };
+var BUN_INSTALL = { args: ["install"], executable: "bun" };
+var NPM_INSTALL = { args: ["install"], executable: "npm" };
+function detectPackageManager() {
+  const agent = process.env.npm_config_user_agent ?? "";
+  if (agent.startsWith("pnpm")) {
+    return { command: PNPM_INSTALL, name: "pnpm" };
+  }
+  if (agent.startsWith("yarn")) {
+    return { command: YARN_INSTALL, name: "yarn" };
+  }
+  if (agent.startsWith("bun")) {
+    return { command: BUN_INSTALL, name: "bun" };
+  }
+  return { command: NPM_INSTALL, name: "npm" };
+}
+var RUN_INSTALL_MANUALLY_HINT = "Run install manually.";
+function reportInstallFailure(message) {
+  console.error(`Failed to install dependencies: ${message}`);
+  console.error(RUN_INSTALL_MANUALLY_HINT);
+  return false;
+}
+function reportInstallTimeout() {
+  console.error(
+    `Installation timed out after ${Math.round(INSTALL_TIMEOUT_MS / MS_PER_MINUTE)} minutes.`
+  );
+  console.error(RUN_INSTALL_MANUALLY_HINT);
+  return false;
+}
+function installDependencies(projectDirectory, pm) {
+  console.log(`Installing dependencies with ${pm.name}...`);
+  const result = spawnSync(pm.command.executable, [...pm.command.args], {
+    cwd: projectDirectory,
+    shell: false,
+    stdio: "inherit",
+    timeout: INSTALL_TIMEOUT_MS
+  });
+  if (result.signal === "SIGTERM") {
+    return reportInstallTimeout();
+  }
+  if (result.error) {
+    return reportInstallFailure(
+      result.error instanceof Error ? result.error.message : String(result.error)
+    );
+  }
+  if (result.status !== 0) {
+    return reportInstallFailure(
+      `${pm.command.executable} exited with status ${String(result.status)}`
+    );
+  }
+  return true;
+}
+function getCommandPrefix(pm) {
+  return pm.name === "npm" ? "npm run" : pm.name;
+}
+function printSuccessMessage(projectName, pm) {
+  const prefix = getCommandPrefix(pm);
+  const escapedProjectName = escapeCliControlCharacters(projectName);
+  console.log(`
+Project created successfully!
+
+  cd ${escapedProjectName}
+
+Edit server.ts with your server details, then:
+
+  ${prefix} apply:first-run:dry
+  ${prefix} apply:first-run
+  ${prefix} apply:dry
+  ${prefix} apply
+`);
+}
+function printPartialSuccessMessage(projectName, pm) {
+  const prefix = getCommandPrefix(pm);
+  const escapedProjectName = escapeCliControlCharacters(projectName);
+  console.log(`
+Project files created, but dependency installation failed.
+
+  cd ${escapedProjectName}
+
+Install dependencies manually, then run:
+
+  ${prefix} apply:first-run:dry
+  ${prefix} apply:first-run
+  ${prefix} apply:dry
+  ${prefix} apply
+`);
+}
+
+// src/index.ts
+function normalizeProgrammaticInitialUserConfig(initialUser) {
+  if (initialUser == null) return { kind: "admin", user: "paratix" };
+  if (initialUser.kind === "root") return { kind: "root" };
+  const parsedInitialUser = parseInitialUserConfig((message) => {
+    throw new Error(message);
+  }, initialUser.user);
+  if (parsedInitialUser.kind !== "admin") {
+    throw new Error(
+      `Error: Invalid initial user ${formatCliValue(initialUser.user)} \u2014 use a non-root lowercase Linux username for admin mode.`
+    );
+  }
+  return parsedInitialUser;
+}
+function validateRootBootstrapConfiguration(initialUser, adminPublicKey) {
+  if (initialUser.kind === "root" && adminPublicKey == null) {
+    throw new Error(
+      "Root bootstrap requires --admin-public-key or --admin-public-key-file so the generated admin user can log in after the first run."
+    );
+  }
+}
+function writeProjectFiles(projectDirectory, options) {
+  const initialUser = normalizeProgrammaticInitialUserConfig(options?.initialUser);
+  validateRootBootstrapConfiguration(initialUser, options?.adminPublicKey);
+  const { adminPublicKey, expectedHostFingerprint, host } = normalizeProgrammaticScaffoldStringOptions(options);
+  const packageName = derivePackageName(projectDirectory);
+  if (!isSecureDerivedPackageName(packageName)) {
+    throw new Error(
+      `Error: Invalid project directory ${formatCliValue(projectDirectory)} \u2014 the derived package name contains control or bidi codepoints.`
+    );
+  }
+  writeScaffoldFiles(projectDirectory, {
+    adminPublicKey,
+    expectedHostFingerprint,
+    host,
+    initialUser,
+    packageName
+  });
+}
 function isValidProjectName(name) {
   const trimmed = name.trim();
   return new RegExp("^[a-z0-9][a-z0-9\\x2d]*$", "v").test(trimmed);
@@ -1074,77 +2388,128 @@ function normalizeProjectName(name) {
   return name.trim();
 }
 function derivePackageName(projectDirectory) {
-  return basename2(projectDirectory.replaceAll("\\", "/"));
-}
-function exitWithMessage(message) {
-  console.error(message);
-  process.exit(1);
+  if (process.platform === "win32") {
+    return pathWin32.basename(projectDirectory);
+  }
+  return pathPosix.basename(projectDirectory);
 }
-function parseCliArguments2(argv) {
-  return parseCliArguments(argv, exitWithMessage);
+function isSecureDerivedPackageName(name) {
+  if (name.length === 0) return false;
+  if (name.trim().length === 0) return false;
+  if (new RegExp("[\\r\\n]", "v").test(name)) return false;
+  if (containsUnsafeCodepoint(name)) return false;
+  return true;
 }
-function parseInitialUserConfig2(value) {
-  return parseInitialUserConfig(exitWithMessage, value);
+function failWithUsage() {
+  exitWithMessage("Usage: create-paratix <project-name>");
+  throw new Error("Usage: create-paratix <project-name>");
 }
-function validateHost2(value) {
-  return validateHost(exitWithMessage, value);
+function failWithInvalidName(rawName) {
+  const message = `Error: Invalid project name ${formatCliValue(rawName)} \u2014 use only lowercase letters, numbers, and hyphens.`;
+  exitWithMessage(message);
+  throw new Error(message);
 }
 function validateProjectName(name) {
   if (name == null || name === "") {
-    exitWithMessage("Usage: create-paratix <project-name>");
+    return failWithUsage();
   }
   const normalizedName = normalizeProjectName(name);
   if (!isValidProjectName(normalizedName)) {
-    exitWithMessage(
-      `Error: Invalid project name "${name}" \u2014 use only lowercase letters, numbers, and hyphens.`
-    );
+    return failWithInvalidName(name);
   }
   return normalizedName;
 }
+function prepareScaffold(projectName, options) {
+  const normalizedProjectName = validateProjectName(projectName);
+  const projectDirectory = resolve3(normalizedProjectName);
+  const initialUser = normalizeProgrammaticInitialUserConfig(options?.initialUser);
+  const normalizedStringOptions = normalizeProgrammaticScaffoldStringOptions(options);
+  validateRootBootstrapConfiguration(initialUser, normalizedStringOptions.adminPublicKey);
+  const stagedProjectDirectory = createStagedProjectDirectory(
+    projectDirectory,
+    normalizedProjectName
+  );
+  return {
+    initialUser,
+    normalizedProjectName,
+    normalizedStringOptions,
+    projectDirectory,
+    stagedProjectDirectory
+  };
+}
+function runScaffoldOrCleanup(prepared, pm, options) {
+  const { stagingDirectory } = prepared.stagedProjectDirectory;
+  let publishedProjectIdentity;
+  try {
+    writeScaffoldFiles(stagingDirectory, {
+      ...prepared.normalizedStringOptions,
+      initialUser: prepared.initialUser,
+      packageName: prepared.normalizedProjectName
+    });
+    publishedProjectIdentity = finalizeStagedProjectDirectory(
+      prepared.stagedProjectDirectory,
+      prepared.normalizedProjectName
+    );
+    const installer = options?.installer ?? installDependencies;
+    return installer(prepared.projectDirectory, pm);
+  } catch (error) {
+    rmSync2(stagingDirectory, { force: true, recursive: true });
+    if (publishedProjectIdentity == null) {
+      removeReservedProjectDirectoryIfEmpty(prepared.stagedProjectDirectory);
+    } else {
+      removePublishedProjectDirectory(
+        prepared.projectDirectory,
+        publishedProjectIdentity,
+        prepared.normalizedProjectName
+      );
+    }
+    throw error;
+  }
+}
 function scaffoldProject(projectName, pm, options) {
-  const normalizedProjectName = normalizeProjectName(projectName);
-  const projectDirectory = resolve(normalizedProjectName);
-  if (existsSync(projectDirectory)) {
-    exitWithMessage(`Error: Directory "${normalizedProjectName}" already exists.`);
-  }
-  console.log(`Creating Paratix project in ${projectDirectory}...`);
-  writeProjectFiles(projectDirectory, options);
-  const installer = options?.installer ?? installDependencies;
-  const installed = installer(projectDirectory, pm);
-  if (!installed) {
+  const prepared = prepareScaffold(projectName, options);
+  console.log(`Creating Paratix project in ${prepared.projectDirectory}...`);
+  const installerSucceeded = runScaffoldOrCleanup(prepared, pm, options);
+  if (!installerSucceeded) {
     process.exitCode = 1;
-    printPartialSuccessMessage(normalizedProjectName, pm);
+    printPartialSuccessMessage(prepared.normalizedProjectName, pm);
     return false;
   }
-  printSuccessMessage(normalizedProjectName, pm);
+  printSuccessMessage(prepared.normalizedProjectName, pm);
   return true;
 }
-async function resolveCliOrPromptAdminPublicKey(parameters) {
-  const { adminPublicKey, adminPublicKeyFile } = parameters;
-  if (adminPublicKey !== void 0) {
-    return validateAdminPublicKey(exitWithMessage, adminPublicKey);
-  }
-  if (adminPublicKeyFile !== void 0) {
-    return readAdminPublicKeyFile(exitWithMessage, adminPublicKeyFile);
-  }
-  if (process.stdin.isTTY && process.stdout.isTTY) {
-    return promptForAdminPublicKey2();
-  }
-  return void 0;
+function forceExitAfterHandling() {
+  setImmediate(() => {
+    process.exit(process.exitCode ?? 1);
+  });
 }
 function main() {
-  const { adminPublicKey, adminPublicKeyFile, host, initialUser, projectName } = parseCliArguments2(
-    process.argv.slice(2)
-  );
-  const normalizedProjectName = validateProjectName(projectName);
-  const pm = detectPackageManager();
+  process.on("unhandledRejection", (reason) => {
+    handleCliExit(reason);
+    forceExitAfterHandling();
+  });
+  process.on("uncaughtException", (error) => {
+    handleCliExit(error);
+    forceExitAfterHandling();
+  });
   void (async () => {
-    const validatedHost = host == null ? await promptForHost2() : validateHost2(host);
-    const resolvedExpectedHostFingerprint = process.stdin.isTTY && process.stdout.isTTY ? await promptForHostFingerprint(validatedHost) : void 0;
+    const {
+      adminPublicKey,
+      adminPublicKeyFile,
+      expectedHostFingerprint,
+      host,
+      initialUser,
+      projectName
+    } = parseCliArguments2(process.argv.slice(2));
+    const normalizedProjectName = validateProjectName(projectName);
+    const pm = detectPackageManager();
+    const validatedHost = await resolveCliOrPromptHost(host);
+    const resolvedExpectedHostFingerprint = expectedHostFingerprint ?? (process.stdin.isTTY && process.stdout.isTTY ? await promptForHostFingerprint(validatedHost) : void 0);
     const initialUserConfig = initialUser == null ? await promptForInitialUserConfig() : parseInitialUserConfig2(initialUser);
     const resolvedAdminPublicKey = await resolveCliOrPromptAdminPublicKey({
       adminPublicKey,
-      adminPublicKeyFile
+      adminPublicKeyFile,
+      allowPlaceholder: initialUserConfig.kind !== "root"
     });
     scaffoldProject(normalizedProjectName, pm, {
       adminPublicKey: resolvedAdminPublicKey,
@@ -1153,18 +2518,18 @@ function main() {
       initialUser: initialUserConfig
     });
   })().catch((error) => {
-    console.error(error instanceof Error ? error.message : String(error));
-    process.exitCode = 1;
+    handleCliExit(error);
   });
 }
-function isDirectExecution(moduleUrl, argv1) {
-  return argv1 != null && moduleUrl.endsWith(argv1.replaceAll("\\", "/"));
-}
 if (isDirectExecution(import.meta.url, process.argv[1])) {
   main();
 }
 export {
+  CliExitError,
+  deriveParatixDependencyRange,
+  handleCliExit,
   isDirectExecution,
+  isValidExpectedHostFingerprint,
   isValidHost,
   isValidInitialUserName,
   isValidProjectName,
@@ -1177,7 +2542,10 @@ export {
   promptForHost2 as promptForHost,
   promptForHostFingerprint,
   promptForInitialUserConfig,
+  resolveCliOrPromptHost,
+  restoreInteractiveTerminal,
   scaffoldProject,
+  validateExpectedHostFingerprint2 as validateExpectedHostFingerprint,
   validateHost2 as validateHost,
   writeProjectFiles
 };