dineway 0.1.18 → 0.1.20

package/dist/cli/index.mjs

@@ -20,22 +20,22 @@ import "../loader-dt5DoyI1.mjs";
 import "../settings-D2k1JraC.mjs";
 import { i as pluginManifestSchema } from "../manifest-schema-CU0XL_ZK.mjs";
 import "../ssrf-z3oH8wjK.mjs";
-import { t as validateSeed } from "../validate-CaKEnLed.mjs";
-import { t as applySeed } from "../apply-Wyg77UOb.mjs";
-import { n as fingerprintKey, r as generateEncryptionKey, t as DinewaySecretsError } from "../secrets-BIrqds5c.mjs";
+import { t as validateSeed } from "../validate-BGpmNtMe.mjs";
+import { t as applySeed } from "../apply-D7vu4aFn.mjs";
+import { n as fingerprintKey, r as generateEncryptionKey, t as DinewaySecretsError } from "../secrets-DfeNNoLa.mjs";
+import { o as convertDataForRead } from "../transport-Dt7A12-i.mjs";
 import { createHeaderAwareFetch, customHeadersInterceptor, isRedirectResponse, resolveCustomHeaders } from "../client/external-auth-headers.mjs";
-import { o as convertDataForRead } from "../transport-B3jxvfio.mjs";
 import { DinewayClient } from "../client/index.mjs";
 import { LocalStorage } from "../storage/local.mjs";
 import { imageSize } from "image-size";
 import { createGzipDecoder, unpackTar } from "modern-tar";
 import { createHash } from "node:crypto";
-import { createWriteStream, existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
-import { basename, dirname, extname, isAbsolute, join, resolve } from "node:path";
+import { createReadStream, createWriteStream, existsSync, mkdirSync, readFileSync, writeFileSync } from "node:fs";
+import { basename, dirname, extname, isAbsolute, join, relative, resolve } from "node:path";
 import { defineCommand, runCommand, runMain } from "citty";
 import consola, { consola as consola$1 } from "consola";
 import pc from "picocolors";
-import { access, copyFile, mkdir, readFile, readdir, rm, stat, symlink, writeFile } from "node:fs/promises";
+import { access, chmod, copyFile, mkdir, readFile, readdir, rm, stat, symlink, writeFile } from "node:fs/promises";
 import { homedir } from "node:os";
 import { createInterface } from "node:readline/promises";
 import { spawn } from "node:child_process";
@@ -132,7 +132,7 @@ function findProjectRoot(from) {
 	}
 	return null;
 }
-function readStore() {
+function readStore$1() {
 	const path = getCredentialPath();
 	try {
 		if (existsSync(path)) {
@@ -142,7 +142,7 @@ function readStore() {
 	} catch {}
 	return {};
 }
-function writeStore(store) {
+function writeStore$1(store) {
 	mkdirSync(getConfigDir(), {
 		recursive: true,
 		mode: 448
@@ -157,7 +157,7 @@ function writeStore(store) {
 */
 function getCredentials(baseUrl) {
 	const key = resolveCredentialKey(baseUrl);
-	const cred = readStore()[key];
+	const cred = readStore$1()[key];
 	if (!cred || !("accessToken" in cred)) return null;
 	return cred;
 }
@@ -166,19 +166,19 @@ function getCredentials(baseUrl) {
 */
 function saveCredentials(baseUrl, cred) {
 	const key = resolveCredentialKey(baseUrl);
-	const store = readStore();
+	const store = readStore$1();
 	store[key] = cred;
-	writeStore(store);
+	writeStore$1(store);
 }
 /**
 * Remove credentials for a URL.
 */
 function removeCredentials(baseUrl) {
 	const key = resolveCredentialKey(baseUrl);
-	const store = readStore();
+	const store = readStore$1();
 	if (key in store) {
 		delete store[key];
-		writeStore(store);
+		writeStore$1(store);
 		return true;
 	}
 	return false;
@@ -195,7 +195,7 @@ function marketplaceKey(registryUrl) {
 */
 function getMarketplaceCredential(registryUrl) {
 	const key = marketplaceKey(registryUrl);
-	const cred = readStore()[key];
+	const cred = readStore$1()[key];
 	if (!cred || !("token" in cred)) return null;
 	if (new Date(cred.expiresAt) < /* @__PURE__ */ new Date()) return null;
 	return cred;
@@ -205,19 +205,19 @@ function getMarketplaceCredential(registryUrl) {
 */
 function saveMarketplaceCredential(registryUrl, cred) {
 	const key = marketplaceKey(registryUrl);
-	const store = readStore();
+	const store = readStore$1();
 	store[key] = cred;
-	writeStore(store);
+	writeStore$1(store);
 }
 /**
 * Remove marketplace credential for a registry URL.
 */
 function removeMarketplaceCredential(registryUrl) {
 	const key = marketplaceKey(registryUrl);
-	const store = readStore();
+	const store = readStore$1();
 	if (key in store) {
 		delete store[key];
-		writeStore(store);
+		writeStore$1(store);
 		return true;
 	}
 	return false;
@@ -917,7 +917,7 @@ volumes:
 
 //#endregion
 //#region src/cli/commands/deploy/targets/docker.ts
-async function fileExists$9(path) {
+async function fileExists$10(path) {
 	try {
 		await access(path);
 		return true;
@@ -927,7 +927,7 @@ async function fileExists$9(path) {
 }
 async function writeGeneratedFile$2(cwd, relativePath, content, dryRun) {
 	const path = join(cwd, relativePath);
-	if (await fileExists$9(path)) return {
+	if (await fileExists$10(path)) return {
 		path: relativePath,
 		action: "exists"
 	};
@@ -1013,7 +1013,7 @@ const EDGE_HYPHENS_RE$2 = /^-|-$/g;
 const LINE_SPLIT_RE = /\r?\n/;
 const DEFAULT_REGION$1 = "iad";
 const FLY_VOLUME_NAME = "dineway_data";
-async function fileExists$8(path) {
+async function fileExists$9(path) {
 	try {
 		await access(path);
 		return true;
@@ -1023,7 +1023,7 @@ async function fileExists$8(path) {
 }
 async function writeGeneratedFile$1(cwd, relativePath, content, dryRun) {
 	const path = join(cwd, relativePath);
-	if (await fileExists$8(path)) return {
+	if (await fileExists$9(path)) return {
 		path: relativePath,
 		action: "exists"
 	};
@@ -1211,6 +1211,747 @@ const flyTarget = {
 	}
 };
 
+//#endregion
+//#region src/cli/commands/deploy/utils/config.ts
+async function readDeployPackageJson(cwd) {
+	const content = await readFile(join(cwd, "package.json"), "utf-8");
+	return JSON.parse(content);
+}
+async function readSavedDeployTarget(cwd) {
+	return (await readDeployPackageJson(cwd)).dineway?.deploy?.target;
+}
+async function writeDeployTarget(cwd, target) {
+	const pkgPath = join(cwd, "package.json");
+	const pkg = await readDeployPackageJson(cwd);
+	pkg.dineway = {
+		...pkg.dineway,
+		deploy: {
+			...pkg.dineway?.deploy,
+			target
+		}
+	};
+	await writeFile(pkgPath, JSON.stringify(pkg, null, "	") + "\n", "utf-8");
+}
+async function writeForgewayDeployMetadata(cwd, metadata, restaurant) {
+	const pkgPath = join(cwd, "package.json");
+	const pkg = await readDeployPackageJson(cwd);
+	pkg.dineway = {
+		...pkg.dineway,
+		...restaurant ? { restaurant: {
+			...pkg.dineway?.restaurant,
+			...restaurant
+		} } : {},
+		deploy: {
+			...pkg.dineway?.deploy,
+			forgeway: {
+				...pkg.dineway?.deploy?.forgeway,
+				...metadata
+			}
+		}
+	};
+	await writeFile(pkgPath, JSON.stringify(pkg, null, "	") + "\n", "utf-8");
+}
+
+//#endregion
+//#region src/cli/commands/deploy/utils/forgeway-secrets.ts
+function getDinewayConfigDir() {
+	const xdg = process.env["XDG_CONFIG_HOME"];
+	return join(xdg || join(homedir(), ".config"), "dineway");
+}
+function getForgewaySecretPath() {
+	return join(getDinewayConfigDir(), "forgeway.json");
+}
+async function readStore() {
+	try {
+		const raw = await readFile(getForgewaySecretPath(), "utf-8");
+		return JSON.parse(raw);
+	} catch {
+		return {};
+	}
+}
+async function writeStore(store) {
+	await mkdir(getDinewayConfigDir(), {
+		recursive: true,
+		mode: 448
+	});
+	const file = getForgewaySecretPath();
+	await writeFile(file, JSON.stringify(store, null, "	") + "\n", {
+		encoding: "utf-8",
+		mode: 384
+	});
+	await chmod(file, 384);
+}
+async function readForgewayCredentials() {
+	return (await readStore()).credentials ?? null;
+}
+async function writeForgewayCredentials(credentials) {
+	const store = await readStore();
+	store.credentials = credentials;
+	await writeStore(store);
+}
+async function readForgewayProjectSecret(projectId) {
+	return (await readStore()).projects?.[projectId] ?? null;
+}
+async function writeForgewayProjectSecret(projectId, secret) {
+	const store = await readStore();
+	store.projects = {
+		...store.projects,
+		[projectId]: secret
+	};
+	await writeStore(store);
+}
+
+//#endregion
+//#region src/cli/commands/deploy/targets/forgeway.ts
+const DEFAULT_PLATFORM_API_URL = "https://api.dineway.ai";
+const DEFAULT_SITE_BASE_DOMAIN = "dineway.site";
+const DATABASE_ENV_VAR_NAMES = ["DINEWAY_DATABASE_URL", "DINEWAY_DATABASE_AUTH_TOKEN"];
+const POLL_INTERVAL_MS$1 = 5e3;
+const POLL_TIMEOUT_MS$1 = 3e5;
+const DIRECT_UPLOAD_CONCURRENCY = 8;
+const UUID_PATTERN = /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$/i;
+const SLUG_SEPARATOR_PATTERN = /[^a-z0-9]+/g;
+const LEADING_TRAILING_HYPHEN_PATTERN = /^-+|-+$/g;
+const JWT_PATTERN = /[A-Za-z0-9_-]{32,}\.[A-Za-z0-9_-]{16,}\.[A-Za-z0-9_-]{16,}/g;
+const TOKEN_ASSIGNMENT_PATTERN = /(DINEWAY_DATABASE_AUTH_TOKEN|DATABASE_AUTH_TOKEN|AUTH_TOKEN)=\S+/gi;
+const TRAILING_SLASH_PATTERN = /\/$/;
+const BACKSLASH_PATTERN = /\\/g;
+const EXCLUDE_PATTERNS = [
+	"node_modules",
+	".git",
+	".next",
+	".env",
+	".env.local",
+	"dist",
+	"build",
+	".DS_Store",
+	".forgeway",
+	".claude",
+	".agents",
+	".augment",
+	".kilocode",
+	".kiro",
+	".qoder",
+	".qwen",
+	".roo",
+	".trae",
+	".windsurf",
+	".vercel",
+	".turbo",
+	".cache",
+	"skills",
+	"coverage"
+];
+var ForgewayApiError = class extends Error {
+	constructor(message, status) {
+		super(message);
+		this.status = status;
+		this.name = "ForgewayApiError";
+	}
+};
+function normalizeForgewayUser(user) {
+	return {
+		id: user.id,
+		name: user.profile?.name ?? user.name ?? user.email,
+		email: user.email,
+		avatarUrl: user.profile?.avatar_url ?? user.avatarUrl ?? user.avatar_url ?? null,
+		emailVerified: user.emailVerified ?? user.email_verified ?? true
+	};
+}
+function getFetch(deps) {
+	return deps.fetch ?? fetch;
+}
+async function fileExists$8(path) {
+	try {
+		await access(path);
+		return true;
+	} catch {
+		return false;
+	}
+}
+function normalizePlatformApiUrl(value) {
+	return (value || DEFAULT_PLATFORM_API_URL).replace(TRAILING_SLASH_PATTERN, "");
+}
+function getEnv(name) {
+	const value = process.env[name];
+	return value && value.trim() ? value.trim() : void 0;
+}
+async function readJsonResponse(response) {
+	return await response.json().catch(() => null);
+}
+async function forgewayRequest(url, options, deps) {
+	try {
+		return await getFetch(deps)(url, options);
+	} catch (error) {
+		const message = error instanceof Error ? error.message : String(error);
+		throw new Error(`Network request to ${url} failed: ${message}`, { cause: error });
+	}
+}
+async function parseErrorResponse(response) {
+	const payload = await readJsonResponse(response);
+	if (payload && typeof payload === "object") {
+		const error = payload;
+		let message = error.message ?? error.error ?? `Forgeway request failed: ${response.status}`;
+		if (error.nextActions) message += `\n${error.nextActions}`;
+		return message;
+	}
+	return `Forgeway request failed: ${response.status}`;
+}
+async function loginWithEmail(platformApiUrl, deps) {
+	const email = getEnv("FORGEWAY_EMAIL") ?? await promptRequired("Forgeway email: ", void 0, deps, "Forgeway email is required.");
+	const password = getEnv("FORGEWAY_PASSWORD") ?? await promptRequired("Forgeway password: ", void 0, deps, "Forgeway password is required.");
+	const response = await forgewayRequest(`${platformApiUrl}/api/auth/admin/sessions`, {
+		method: "POST",
+		headers: { "Content-Type": "application/json" },
+		body: JSON.stringify({
+			email,
+			password
+		})
+	}, deps);
+	if (!response.ok) throw new Error(await parseErrorResponse(response));
+	const payload = await response.json();
+	if (!payload.accessToken || !payload.user) throw new Error("Forgeway login response was missing accessToken or user.");
+	return {
+		platformApiUrl,
+		accessToken: payload.accessToken,
+		refreshToken: payload.refreshToken,
+		user: normalizeForgewayUser(payload.user)
+	};
+}
+async function resolveCredentials(platformApiUrl, deps, dryRun) {
+	const envToken = getEnv("FORGEWAY_ACCESS_TOKEN");
+	if (envToken) return {
+		platformApiUrl,
+		accessToken: envToken
+	};
+	const stored = await (deps.readCredentials ?? readForgewayCredentials)();
+	if (stored?.accessToken) return {
+		...stored,
+		platformApiUrl
+	};
+	if (dryRun) throw new Error("Forgeway authentication is required. Set FORGEWAY_ACCESS_TOKEN or deploy without --dry-run after logging in.");
+	const credentials = await loginWithEmail(platformApiUrl, deps);
+	await (deps.writeCredentials ?? writeForgewayCredentials)(credentials);
+	return credentials;
+}
+async function platformFetch(path, context, deps, options = {}) {
+	const request = async (accessToken) => await forgewayRequest(`${context.platformApiUrl}${path}`, {
+		...options,
+		headers: {
+			"Content-Type": "application/json",
+			Authorization: `Bearer ${accessToken}`,
+			...options.headers
+		}
+	}, deps);
+	let response = await request(context.credentials.accessToken);
+	if (response.status === 401 && context.credentials.refreshToken) {
+		const refreshed = await refreshAccessToken(context.platformApiUrl, context.credentials, deps);
+		context.credentials.accessToken = refreshed;
+		response = await request(refreshed);
+	}
+	if (!response.ok) throw new ForgewayApiError(await parseErrorResponse(response), response.status);
+	return await response.json();
+}
+async function refreshAccessToken(platformApiUrl, credentials, deps) {
+	if (!credentials.refreshToken) throw new Error("Forgeway refresh token is missing. Log in again.");
+	const response = await forgewayRequest(`${platformApiUrl}/api/auth/refresh?client_type=server`, {
+		method: "POST",
+		headers: { "Content-Type": "application/json" },
+		body: JSON.stringify({ refreshToken: credentials.refreshToken })
+	}, deps);
+	if (!response.ok) throw new Error("Failed to refresh Forgeway access token. Log in again.");
+	const payload = await response.json();
+	if (!payload.accessToken) throw new Error("Forgeway refresh response was missing accessToken.");
+	const updated = {
+		...credentials,
+		platformApiUrl,
+		accessToken: payload.accessToken,
+		refreshToken: payload.refreshToken ?? credentials.refreshToken
+	};
+	await (deps.writeCredentials ?? writeForgewayCredentials)(updated);
+	return payload.accessToken;
+}
+async function promptText(question, initialValue, deps) {
+	if (deps.promptText) return await deps.promptText(question, initialValue);
+	if (!process.stdin.isTTY) return "";
+	const suffix = initialValue ? ` [${initialValue}]` : "";
+	const rl = createInterface({
+		input: process.stdin,
+		output: process.stdout
+	});
+	try {
+		return (await rl.question(`${question}${suffix}`)).trim() || initialValue || "";
+	} finally {
+		rl.close();
+	}
+}
+async function promptRequired(question, initialValue, deps, errorMessage) {
+	const answer = await promptText(question, initialValue, deps);
+	if (!answer) throw new Error(errorMessage);
+	return answer;
+}
+async function chooseSingleOrPrompt(label, items, deps) {
+	if (items.length === 0) throw new Error(`No Forgeway ${label}s found.`);
+	if (items.length === 1) return items[0];
+	if (!process.stdin.isTTY && !deps.promptText) throw new Error(`Multiple Forgeway ${label}s found. Set FORGEWAY_${label.toUpperCase()}_ID.`);
+	consola.info(`Available Forgeway ${label}s:`);
+	items.forEach((item, index) => consola.info(`  ${index + 1}. ${item.name} (${item.id})`));
+	const answer = await promptRequired(`Choose ${label}: `, "1", deps, `${label} is required.`);
+	const index = Number(answer);
+	if (!Number.isInteger(index) || index < 1 || index > items.length) throw new Error(`Invalid Forgeway ${label} selection: ${answer}`);
+	return items[index - 1];
+}
+function getSavedForgewayMetadata(pkg) {
+	return pkg.dineway?.deploy?.forgeway ?? {};
+}
+async function resolveProjectContext(cwd, options, deps) {
+	const saved = getSavedForgewayMetadata(await readDeployPackageJson(cwd));
+	const platformApiUrl = normalizePlatformApiUrl(getEnv("FORGEWAY_API_URL") ?? (typeof saved.platformApiUrl === "string" ? saved.platformApiUrl : void 0));
+	const platformContext = {
+		platformApiUrl,
+		credentials: await resolveCredentials(platformApiUrl, deps, Boolean(options.dryRun))
+	};
+	let projectId = getEnv("FORGEWAY_PROJECT_ID") ?? (typeof saved.projectId === "string" ? saved.projectId : void 0);
+	let project = null;
+	if (!projectId) {
+		const orgId = getEnv("FORGEWAY_ORG_ID");
+		project = await chooseSingleOrPrompt("project", await listProjects((orgId !== void 0 ? {
+			id: orgId,
+			name: orgId
+		} : await chooseSingleOrPrompt("org", await listOrganizations(platformContext, deps), deps)).id, platformContext, deps), deps);
+		projectId = project.id;
+	}
+	if (!project) {
+		if (!projectId) throw new Error("Forgeway project id is required");
+		project = unwrapProjectPayload(await platformFetch(`/projects/v1/${encodeURIComponent(projectId)}`, platformContext, deps));
+	}
+	const savedSecret = await (deps.readProjectSecret ?? readForgewayProjectSecret)(projectId) ?? void 0;
+	const apiKey = getEnv("FORGEWAY_PROJECT_API_KEY") ?? savedSecret?.apiKey ?? await fetchProjectApiKey(projectId, platformContext, deps);
+	const orgId = project.organization_id ?? project.organizationId ?? (typeof saved.orgId === "string" ? saved.orgId : "unknown");
+	const ossHost = getEnv("FORGEWAY_OSS_HOST") ?? savedSecret?.ossHost ?? (typeof saved.ossHost === "string" ? saved.ossHost : void 0) ?? `https://${project.appkey}.${project.region}.${DEFAULT_SITE_BASE_DOMAIN}`;
+	if (!options.dryRun) {
+		await (deps.writeProjectSecret ?? writeForgewayProjectSecret)(projectId, {
+			apiKey,
+			ossHost
+		});
+		await writeForgewayDeployMetadata(cwd, {
+			platformApiUrl,
+			projectId,
+			projectName: project.name,
+			orgId,
+			appkey: project.appkey,
+			region: project.region,
+			ossHost
+		});
+	}
+	return {
+		platformApiUrl,
+		projectId,
+		projectName: project.name,
+		orgId,
+		appkey: project.appkey,
+		region: project.region,
+		apiKey,
+		ossHost
+	};
+}
+function unwrapProjectPayload(payload) {
+	if (isRecord(payload) && "project" in payload) {
+		if (isForgewayProject(payload.project)) return payload.project;
+		throw new Error("Forgeway project response did not include a project");
+	}
+	if (isForgewayProject(payload)) return payload;
+	throw new Error("Forgeway project response did not include a project");
+}
+function isForgewayProject(value) {
+	return isRecord(value) && typeof value.id === "string" && typeof value.name === "string" && typeof value.appkey === "string" && typeof value.region === "string";
+}
+function isRecord(value) {
+	return typeof value === "object" && value !== null;
+}
+async function listOrganizations(context, deps) {
+	const payload = await platformFetch("/organizations/v1", context, deps);
+	return Array.isArray(payload) ? payload : payload.organizations ?? [];
+}
+async function listProjects(orgId, context, deps) {
+	const payload = await platformFetch(`/organizations/v1/${encodeURIComponent(orgId)}/projects`, context, deps);
+	return Array.isArray(payload) ? payload : payload.projects ?? [];
+}
+async function fetchProjectApiKey(projectId, context, deps) {
+	const payload = await platformFetch(`/projects/v1/${encodeURIComponent(projectId)}/access-api-key`, context, deps);
+	const apiKey = payload.access_api_key ?? payload.apiKey;
+	if (!apiKey) throw new Error("Forgeway project API key response was empty.");
+	return apiKey;
+}
+async function ossFetch(context, path, deps, options = {}) {
+	const response = await forgewayRequest(`${context.ossHost.replace(TRAILING_SLASH_PATTERN, "")}${path}`, {
+		...options,
+		headers: {
+			"Content-Type": "application/json",
+			Authorization: `Bearer ${context.apiKey}`,
+			...options.headers
+		}
+	}, deps);
+	if (!response.ok) throw new ForgewayApiError(await parseErrorResponse(response), response.status);
+	return await response.json();
+}
+function parseDatabaseMode(value) {
+	const mode = value ?? "turso";
+	if (mode === "none" || mode === "turso" || UUID_PATTERN.test(mode)) return mode;
+	throw new Error("--database must be \"none\", \"turso\", or a managed database UUID.");
+}
+function deriveForgewaySiteSlug(restaurantName, city) {
+	return `${restaurantName} ${city}`.toLowerCase().normalize("NFKD").replace(SLUG_SEPARATOR_PATTERN, "-").replace(LEADING_TRAILING_HYPHEN_PATTERN, "").slice(0, 63).replace(LEADING_TRAILING_HYPHEN_PATTERN, "") || "site";
+}
+async function resolveSeedPath$1(cwd, explicitSeedPath) {
+	if (explicitSeedPath) {
+		const resolved = resolve(cwd, explicitSeedPath);
+		if (!await fileExists$8(resolved)) throw new Error(`Seed file not found: ${explicitSeedPath}`);
+		return resolved;
+	}
+	const convention = resolve(cwd, ".dineway", "seed.json");
+	if (await fileExists$8(convention)) return convention;
+	const pkg = await readDeployPackageJson(cwd).catch(() => null);
+	if (typeof pkg?.dineway?.seed === "string") {
+		const configured = resolve(cwd, pkg.dineway.seed);
+		if (await fileExists$8(configured)) return configured;
+	}
+	const legacyConvention = resolve(cwd, "seed", "seed.json");
+	if (await fileExists$8(legacyConvention)) return legacyConvention;
+	return null;
+}
+async function readSeedTitle(seedPath) {
+	if (!seedPath) return void 0;
+	try {
+		const title = JSON.parse(await readFile(seedPath, "utf-8")).settings?.title;
+		return typeof title === "string" && title.trim() ? title.trim() : void 0;
+	} catch {
+		return;
+	}
+}
+async function resolveRestaurantInfo(cwd, options, seedPath, deps, requireForSlug) {
+	const savedRestaurant = (await readDeployPackageJson(cwd).catch(() => null))?.dineway?.restaurant;
+	const seedTitle = await readSeedTitle(seedPath);
+	let name = options.restaurantName ?? savedRestaurant?.name ?? seedTitle;
+	let city = options.city ?? savedRestaurant?.city;
+	if (requireForSlug) {
+		if (!name) name = await promptRequired("Restaurant name: ", void 0, deps, "Restaurant name is required. Pass --restaurant-name or set dineway.restaurant.name.");
+		if (!city) city = await promptRequired("City: ", void 0, deps, "City is required. Pass --city or set dineway.restaurant.city.");
+	}
+	return {
+		name,
+		city
+	};
+}
+function normalizeSiteDetail(payload) {
+	if (payload.site) return payload.site;
+	if (!payload.id || !payload.slug || !payload.domain || !payload.framework) throw new Error("Forgeway site response was missing required fields.");
+	return {
+		id: payload.id,
+		slug: payload.slug,
+		domain: payload.domain,
+		framework: payload.framework
+	};
+}
+async function getDeploymentSite(context, site, deps) {
+	try {
+		return normalizeSiteDetail(await ossFetch(context, `/api/deployments/sites/${encodeURIComponent(site)}`, deps));
+	} catch (error) {
+		if (error instanceof ForgewayApiError && error.status === 404) return null;
+		throw error;
+	}
+}
+async function createDeploymentSite(context, input, deps) {
+	return await ossFetch(context, "/api/deployments/sites", deps, {
+		method: "POST",
+		body: JSON.stringify({
+			slug: input.slug,
+			framework: "astro",
+			...input.restaurant?.name ? { placeName: input.restaurant.name } : {},
+			...input.restaurant?.city ? { city: input.restaurant.city } : {}
+		})
+	});
+}
+async function resolveDeploymentSite(cwd, context, options, seedPath, deps) {
+	const pkg = await readDeployPackageJson(cwd).catch(() => null);
+	const saved = pkg ? getSavedForgewayMetadata(pkg) : {};
+	const explicitSite = options.site;
+	const savedSite = typeof saved.siteId === "string" ? saved.siteId : saved.siteSlug;
+	const siteRef = explicitSite ?? savedSite;
+	const restaurant = await resolveRestaurantInfo(cwd, options, seedPath, deps, !siteRef);
+	const targetSlug = siteRef ?? deriveForgewaySiteSlug(restaurant.name || "", restaurant.city || "");
+	let site = await getDeploymentSite(context, targetSlug, deps);
+	if (!site) site = await createDeploymentSite(context, {
+		slug: targetSlug,
+		restaurant
+	}, deps);
+	if (!options.dryRun) await writeForgewayDeployMetadata(cwd, {
+		siteId: site.id,
+		siteSlug: site.slug,
+		siteDomain: site.domain
+	}, restaurant);
+	return {
+		site,
+		restaurant
+	};
+}
+function redactDatabaseOutput(value, secrets) {
+	let redacted = value;
+	for (const secret of secrets) if (secret.length > 0) redacted = redacted.split(secret).join("[redacted]");
+	return redacted.replace(JWT_PATTERN, "[redacted-token]").replace(TOKEN_ASSIGNMENT_PATTERN, "$1=[redacted]");
+}
+async function runDinewayInitialization(options) {
+	const db = createDatabase({
+		url: options.credentials.databaseUrl,
+		authToken: options.credentials.authToken
+	});
+	try {
+		await runMigrations(db);
+		if (options.seedPath) {
+			const seed = JSON.parse(await readFile(options.seedPath, "utf-8"));
+			const validation = validateSeed(seed);
+			if (!validation.valid) throw new Error(`Seed validation failed: ${validation.errors.join("; ")}`);
+			const uploadsDir = resolve(options.cwd, "uploads");
+			await mkdir(uploadsDir, { recursive: true });
+			await applySeed(db, seed, {
+				includeContent: true,
+				onConflict: "skip",
+				storage: new LocalStorage({
+					directory: uploadsDir,
+					baseUrl: "/_dineway/api/media/file"
+				})
+			});
+		}
+	} catch (error) {
+		const message = error instanceof Error ? error.message : String(error);
+		throw new Error(redactDatabaseOutput(message, [options.credentials.authToken, options.credentials.databaseUrl]), { cause: error });
+	} finally {
+		await db.destroy();
+	}
+}
+async function bindSiteDatabase(context, siteId, database, deps) {
+	return await ossFetch(context, `/api/deployments/sites/${encodeURIComponent(siteId)}/database`, deps, {
+		method: "POST",
+		body: JSON.stringify({
+			database,
+			envVarNames: [...DATABASE_ENV_VAR_NAMES]
+		})
+	});
+}
+async function revealDatabaseRuntimeCredentials(context, databaseId, deps) {
+	return await ossFetch(context, `/api/databases/${encodeURIComponent(databaseId)}/tokens/reveal`, deps, { method: "POST" });
+}
+async function recordSiteDatabaseInitialization(context, siteId, databaseId, status, error, deps) {
+	await ossFetch(context, `/api/deployments/sites/${encodeURIComponent(siteId)}/database/initialization`, deps, {
+		method: "POST",
+		body: JSON.stringify({
+			databaseId,
+			status,
+			...error ? { error } : {}
+		})
+	});
+}
+async function initializeSiteDatabaseBeforeDeploy(options) {
+	const databaseId = (await bindSiteDatabase(options.context, options.siteId, options.database, options.deps)).binding.database.id;
+	const credentials = await revealDatabaseRuntimeCredentials(options.context, databaseId, options.deps);
+	try {
+		await (options.deps.runDinewayInitialization ?? runDinewayInitialization)({
+			cwd: options.cwd,
+			credentials,
+			seedPath: options.seedPath
+		});
+		await recordSiteDatabaseInitialization(options.context, options.siteId, credentials.databaseId || databaseId, "succeeded", void 0, options.deps);
+	} catch (error) {
+		const message = redactDatabaseOutput(error instanceof Error ? error.message : String(error), [credentials.authToken, credentials.databaseUrl]);
+		await recordSiteDatabaseInitialization(options.context, options.siteId, credentials.databaseId || databaseId, "failed", message, options.deps).catch(() => void 0);
+		throw new Error(message, { cause: error });
+	}
+}
+function shouldExclude(name) {
+	const normalized = name.replace(BACKSLASH_PATTERN, "/");
+	for (const pattern of EXCLUDE_PATTERNS) if (normalized === pattern || normalized.startsWith(`${pattern}/`) || normalized.endsWith(`/${pattern}`) || normalized.includes(`/${pattern}/`)) return true;
+	return normalized.endsWith(".log");
+}
+function normalizeRelativePath(sourceDir, absolutePath) {
+	return relative(sourceDir, absolutePath).replace(BACKSLASH_PATTERN, "/");
+}
+async function hashFile(filePath) {
+	const hash = createHash("sha1");
+	let size = 0;
+	for await (const chunk of createReadStream(filePath)) {
+		const buffer = Buffer.isBuffer(chunk) ? chunk : Buffer.from(chunk);
+		size += buffer.length;
+		hash.update(buffer);
+	}
+	return {
+		sha: hash.digest("hex"),
+		size
+	};
+}
+async function collectDeploymentFiles(sourceDir) {
+	const files = [];
+	async function walk(currentDir) {
+		const entries = await readdir(currentDir, { withFileTypes: true });
+		entries.sort((a, b) => a.name.localeCompare(b.name));
+		for (const entry of entries) {
+			const absolutePath = join(currentDir, entry.name);
+			const normalizedPath = normalizeRelativePath(sourceDir, absolutePath);
+			if (!normalizedPath || shouldExclude(normalizedPath)) continue;
+			if (entry.isDirectory()) {
+				await walk(absolutePath);
+				continue;
+			}
+			if (!entry.isFile()) continue;
+			const { sha, size } = await hashFile(absolutePath);
+			files.push({
+				absolutePath,
+				path: normalizedPath,
+				sha,
+				size
+			});
+		}
+	}
+	await walk(sourceDir);
+	return files;
+}
+async function runWithConcurrency(items, concurrency, worker) {
+	let nextIndex = 0;
+	async function runWorker() {
+		while (nextIndex < items.length) {
+			const index = nextIndex;
+			nextIndex += 1;
+			await worker(items[index]);
+		}
+	}
+	const workerCount = Math.min(concurrency, items.length);
+	const workers = [];
+	for (let index = 0; index < workerCount; index++) workers.push(runWorker());
+	await Promise.all(workers);
+}
+async function uploadDirectDeploymentFile(context, deploymentId, manifestFile, localFile, deps) {
+	await ossFetch(context, `/api/deployments/${encodeURIComponent(deploymentId)}/files/${encodeURIComponent(manifestFile.fileId)}/content`, deps, {
+		method: "PUT",
+		headers: {
+			"Content-Type": "application/octet-stream",
+			"Content-Length": String(localFile.size)
+		},
+		body: createReadStream(localFile.absolutePath),
+		duplex: "half"
+	});
+}
+async function startDirectDeployment(context, deploymentId, startBody, deps) {
+	await ossFetch(context, `/api/deployments/${encodeURIComponent(deploymentId)}/start`, deps, {
+		method: "POST",
+		body: JSON.stringify(startBody)
+	});
+}
+function getDeploymentError(metadata) {
+	if (!metadata || typeof metadata.error !== "object" || metadata.error === null) return null;
+	return metadata.error.errorMessage ?? null;
+}
+async function pollDeployment(context, deploymentId, deps) {
+	const pollIntervalMs = deps.pollIntervalMs ?? POLL_INTERVAL_MS$1;
+	const pollTimeoutMs = deps.pollTimeoutMs ?? POLL_TIMEOUT_MS$1;
+	const startTime = Date.now();
+	let deployment = null;
+	while (Date.now() - startTime < pollTimeoutMs) {
+		if (pollIntervalMs > 0) await new Promise((done) => setTimeout(done, pollIntervalMs));
+		await ossFetch(context, `/api/deployments/${encodeURIComponent(deploymentId)}/sync`, deps, { method: "POST" }).catch(() => void 0);
+		deployment = await ossFetch(context, `/api/deployments/${encodeURIComponent(deploymentId)}`, deps);
+		const status = deployment.status.toUpperCase();
+		if (status === "READY") break;
+		if (status === "ERROR" || status === "CANCELED") throw new Error(getDeploymentError(deployment.metadata) ?? `Deployment failed with status: ${deployment.status}`);
+		if (pollIntervalMs === 0) break;
+	}
+	const isReady = deployment?.status.toUpperCase() === "READY";
+	return {
+		deployment,
+		isReady,
+		liveUrl: isReady ? deployment?.url ?? null : null
+	};
+}
+async function deploySiteProject(options) {
+	options.deps.onEvent?.("scan");
+	const localFiles = await (options.deps.collectDeploymentFiles ?? collectDeploymentFiles)(options.sourceDir);
+	if (localFiles.length === 0) throw new Error("No deployable files found in the source directory.");
+	const createResult = await ossFetch(options.context, `/api/deployments/sites/${encodeURIComponent(options.siteId)}/deploy`, options.deps, {
+		method: "POST",
+		body: JSON.stringify({ files: localFiles.map(({ path: relativePath, sha, size }) => ({
+			path: relativePath,
+			sha,
+			size
+		})) })
+	});
+	const localFileByPath = new Map(localFiles.map((file) => [file.path, file]));
+	await runWithConcurrency(createResult.files.filter((file) => !file.uploadedAt), DIRECT_UPLOAD_CONCURRENCY, async (manifestFile) => {
+		const localFile = localFileByPath.get(manifestFile.path);
+		if (!localFile) throw new Error(`Forgeway returned an unknown file path: ${manifestFile.path}`);
+		if (localFile.sha !== manifestFile.sha || localFile.size !== manifestFile.size) throw new Error(`Forgeway file metadata mismatch for: ${manifestFile.path}`);
+		await uploadDirectDeploymentFile(options.context, createResult.id, manifestFile, localFile, options.deps);
+	});
+	await startDirectDeployment(options.context, createResult.id, options.startBody, options.deps);
+	const result = await pollDeployment(options.context, createResult.id, options.deps);
+	return {
+		deploymentId: createResult.id,
+		...result,
+		site: createResult.site
+	};
+}
+async function deployForgeway(cwd, options, deps = {}) {
+	if (options.dryRun) return { message: "[dry-run] Would resolve Forgeway project, create/reuse site, bind database, initialize Dineway, upload files, and start deployment." };
+	const sourceDir = resolve(cwd);
+	if (!(await stat(sourceDir).catch(() => null))?.isDirectory()) throw new Error(`"${sourceDir}" is not a valid directory.`);
+	if (EXCLUDE_PATTERNS.includes(basename(sourceDir))) throw new Error(`"${basename(sourceDir)}" is an excluded directory and cannot be deployed.`);
+	const context = await resolveProjectContext(cwd, options, deps);
+	const seedPath = await resolveSeedPath$1(cwd, options.seed);
+	const { site } = await resolveDeploymentSite(cwd, context, options, seedPath, deps);
+	const database = parseDatabaseMode(options.database);
+	if (database !== "none") {
+		consola.start("Initializing Forgeway managed database");
+		try {
+			deps.onEvent?.("initialize");
+			await initializeSiteDatabaseBeforeDeploy({
+				context,
+				siteId: site.id,
+				database,
+				cwd,
+				seedPath,
+				deps
+			});
+			consola.success("Database initialized");
+		} catch (error) {
+			consola.error("Database initialization failed");
+			throw error;
+		}
+	}
+	const deployment = await deploySiteProject({
+		context,
+		siteId: site.id,
+		sourceDir,
+		startBody: {},
+		deps
+	});
+	const url = deployment.liveUrl ?? `https://${site.domain}`;
+	return {
+		url,
+		message: deployment.isReady ? `Deploy complete: ${url}` : `Deploy started for ${site.domain}. Check Forgeway for build status.`
+	};
+}
+const forgewayTarget = {
+	name: "forgeway",
+	label: "Forgeway",
+	description: "Deploy through Dineway's first-party Forgeway platform.",
+	recommended: true,
+	remoteBuild: true,
+	supportLevel: "stable",
+	async generateConfig(_cwd, _options) {
+		return [];
+	},
+	async deploy(cwd, options) {
+		return await deployForgeway(cwd, options);
+	}
+};
+
 //#endregion
 //#region src/cli/commands/deploy/targets/gcp.ts
 const CLOUD_RUN_URL_RE = /https:\/\/[^\s"]+\.run\.app[^\s"]*/;
@@ -1629,36 +2370,16 @@ async function ensureTargetCli(target, cwd, options = {}) {
 	});
 }
 
-//#endregion
-//#region src/cli/commands/deploy/utils/config.ts
-async function readDeployPackageJson(cwd) {
-	const content = await readFile(join(cwd, "package.json"), "utf-8");
-	return JSON.parse(content);
-}
-async function readSavedDeployTarget(cwd) {
-	return (await readDeployPackageJson(cwd)).dineway?.deploy?.target;
-}
-async function writeDeployTarget(cwd, target) {
-	const pkgPath = join(cwd, "package.json");
-	const pkg = await readDeployPackageJson(cwd);
-	pkg.dineway = {
-		...pkg.dineway,
-		deploy: {
-			...pkg.dineway?.deploy,
-			target
-		}
-	};
-	await writeFile(pkgPath, JSON.stringify(pkg, null, "	") + "\n", "utf-8");
-}
-
 //#endregion
 //#region src/cli/commands/deploy/index.ts
 const targets = [
+	forgewayTarget,
 	railwayTarget,
 	dockerTarget,
 	flyTarget,
 	gcpTarget
 ];
+const DEFAULT_TARGET = "forgeway";
 function getTarget(name) {
 	return targets.find((target) => target.name === name);
 }
@@ -1699,7 +2420,9 @@ async function resolveTarget(cwd, explicitTarget) {
 		if (!target) throw new Error(`Saved deploy target "${saved}" is unknown. Available targets: ${targetList()}`);
 		return target;
 	}
-	return promptForTarget();
+	const target = getTarget(DEFAULT_TARGET);
+	if (!target) return promptForTarget();
+	return target;
 }
 const deployCommand = defineCommand({
 	meta: {
@@ -1737,6 +2460,31 @@ const deployCommand = defineCommand({
 			type: "boolean",
 			description: "Print planned actions without writing files or deploying",
 			default: false
+		},
+		site: {
+			type: "string",
+			description: "Forgeway deployment site ID or slug",
+			required: false
+		},
+		"restaurant-name": {
+			type: "string",
+			description: "Restaurant name for first Forgeway site creation",
+			required: false
+		},
+		city: {
+			type: "string",
+			description: "Restaurant city for first Forgeway site creation",
+			required: false
+		},
+		database: {
+			type: "string",
+			description: "Forgeway database mode: \"turso\", \"none\", or a managed database UUID",
+			default: "turso"
+		},
+		seed: {
+			type: "string",
+			description: "Seed file path for Forgeway Dineway initialization",
+			required: false
 		}
 	},
 	async run({ args }) {
@@ -1746,7 +2494,12 @@ const deployCommand = defineCommand({
 			skipBuild: args["skip-build"],
 			compose: args.compose,
 			yes: args.yes,
-			dryRun: args["dry-run"]
+			dryRun: args["dry-run"],
+			site: args.site,
+			restaurantName: args["restaurant-name"],
+			city: args.city,
+			database: args.database,
+			seed: args.seed
 		};
 		consola.start(`Preparing ${target.label} deploy`);
 		await ensureTargetCli(target, cwd, {
@@ -1769,7 +2522,7 @@ const deployCommand = defineCommand({
 				await target.link(cwd);
 			}
 		} else consola.info("[dry-run] Would verify provider authentication and project link");
-		if (!options.skipBuild && target.name !== "docker") {
+		if (!options.skipBuild && target.name !== "docker" && !target.remoteBuild) {
 			const build = options.dryRun ? null : await runBuild(cwd, options.env);
 			consola.info(options.dryRun ? "[dry-run] Would run build" : `Built with ${build?.display}`);
 		}