elit 3.6.5 → 3.6.6

package/dist/cli.mjs

@@ -60469,6 +60469,71 @@ function lookup(path) {
 // src/server.ts
 init_runtime();
 
+// src/smtp-server.ts
+import { SMTPServer } from "smtp-server";
+var DEFAULT_SMTP_PORT = 2525;
+var DEFAULT_SMTP_HOST = "127.0.0.1";
+function resolveSmtpServerConfig(config = {}) {
+  const { port = DEFAULT_SMTP_PORT, host = DEFAULT_SMTP_HOST, label, ...serverOptions } = config;
+  return {
+    ...serverOptions,
+    port,
+    host,
+    label
+  };
+}
+function normalizeSmtpServerConfigs(input) {
+  const configs = Array.isArray(input) ? input : input ? [input] : [];
+  return configs.map((config) => resolveSmtpServerConfig(config));
+}
+function closeSmtpServer(server) {
+  return new Promise((resolve9, reject) => {
+    let settled = false;
+    const finish = (error) => {
+      if (settled) {
+        return;
+      }
+      settled = true;
+      if (error) {
+        reject(error);
+        return;
+      }
+      resolve9();
+    };
+    const handleCloseError = (error) => {
+      const errorCode = error.code;
+      if (errorCode === "ERR_SERVER_NOT_RUNNING") {
+        finish();
+        return;
+      }
+      finish(error);
+    };
+    try {
+      server.close(() => finish());
+    } catch (error) {
+      handleCloseError(error);
+    }
+  });
+}
+function createSmtpServer(config = {}) {
+  const resolvedConfig = resolveSmtpServerConfig(config);
+  const { port, host, label: _label, ...serverOptions } = resolvedConfig;
+  const server = new SMTPServer(serverOptions);
+  return {
+    server,
+    config: resolvedConfig,
+    listen(callback) {
+      return callback ? server.listen(port, host, callback) : server.listen(port, host);
+    },
+    address() {
+      return server.server.address();
+    },
+    close() {
+      return closeSmtpServer(server);
+    }
+  };
+}
+
 // src/render-context.ts
 var RUNTIME_TARGET_KEY = "__ELIT_RUNTIME_TARGET__";
 var CAPTURED_RENDER_KEY = "__ELIT_CAPTURED_RENDER__";
@@ -60922,6 +60987,7 @@ var DomNode = class {
       html += `</${tagName}>${newLine}`;
       return html;
     }
+    const isRawText = tagName === "script" || tagName === "style";
     if (children && children.length > 0) {
       const resolvedChildren = children.map((c) => {
         const resolved = this.resolveStateValue(c);
@@ -60937,11 +61003,11 @@ var DomNode = class {
           if (Array.isArray(child)) {
             for (const c of child) {
               if (!shouldSkipChild(c)) {
-                html += this.renderToString(c, { pretty, indent: indent5 + 1 });
+                html += isRawText && typeof c === "string" ? c : this.renderToString(c, { pretty, indent: indent5 + 1 });
               }
             }
           } else {
-            html += this.renderToString(child, { pretty, indent: indent5 + 1 });
+            html += isRawText && typeof child === "string" ? child : this.renderToString(child, { pretty, indent: indent5 + 1 });
           }
         }
         html += indentStr;
@@ -60951,11 +61017,11 @@ var DomNode = class {
           if (Array.isArray(child)) {
             for (const c of child) {
               if (!shouldSkipChild(c)) {
-                html += this.renderToString(c, { pretty: false, indent: 0 });
+                html += isRawText && typeof c === "string" ? c : this.renderToString(c, { pretty: false, indent: 0 });
               }
             }
           } else {
-            html += this.renderToString(child, { pretty: false, indent: 0 });
+            html += isRawText && typeof child === "string" ? child : this.renderToString(child, { pretty: false, indent: 0 });
           }
         }
       }
@@ -61883,6 +61949,56 @@ var defaultOptions = {
   worker: [],
   mode: "dev"
 };
+function createSmtpBindingKey(config) {
+  return `${config.host}:${config.port}`;
+}
+function createSmtpServerLabel(config) {
+  return config.label || createSmtpBindingKey(config);
+}
+function formatSmtpServerAddress(address, fallback) {
+  if (typeof address === "string") {
+    return address;
+  }
+  if (address) {
+    return `${address.address}:${address.port}`;
+  }
+  return createSmtpBindingKey(fallback);
+}
+function collectSmtpServerConfigs(config, usesClientArray) {
+  const modeLabel = config.mode || "dev";
+  const smtpConfigs = normalizeSmtpServerConfigs(config.smtp).map((smtpConfig, index) => ({
+    ...smtpConfig,
+    label: smtpConfig.label || `${modeLabel}.smtp[${index}]`
+  }));
+  if (!usesClientArray || !config.clients) {
+    return smtpConfigs;
+  }
+  for (let clientIndex = 0; clientIndex < config.clients.length; clientIndex += 1) {
+    const client = config.clients[clientIndex];
+    const clientDescriptor = client.basePath || client.root;
+    const clientPrefix = clientDescriptor ? `${modeLabel}.clients[${clientIndex}] (${clientDescriptor})` : `${modeLabel}.clients[${clientIndex}]`;
+    smtpConfigs.push(...normalizeSmtpServerConfigs(client.smtp).map((smtpConfig, smtpIndex) => ({
+      ...smtpConfig,
+      label: smtpConfig.label || `${clientPrefix}.smtp[${smtpIndex}]`
+    })));
+  }
+  return smtpConfigs;
+}
+function assertUniqueSmtpServerBindings(configs) {
+  const seenBindings = /* @__PURE__ */ new Map();
+  for (const smtpConfig of configs) {
+    if (smtpConfig.port === 0) {
+      continue;
+    }
+    const bindingKey = createSmtpBindingKey(smtpConfig);
+    const currentLabel = createSmtpServerLabel(smtpConfig);
+    const previousLabel = seenBindings.get(bindingKey);
+    if (previousLabel) {
+      throw new Error(`Duplicate SMTP server binding "${bindingKey}" configured for ${previousLabel} and ${currentLabel}`);
+    }
+    seenBindings.set(bindingKey, currentLabel);
+  }
+}
 function shouldUseClientFallbackRoot(primaryRoot, fallbackRoot, indexPath) {
   if (!fallbackRoot) {
     return false;
@@ -62017,6 +62133,7 @@ function createDevServer(options) {
   const globalWebSocketEndpoints = usesClientArray ? normalizeWebSocketEndpoints(config.ws) : [];
   const normalizedWebSocketEndpoints = [...normalizedClients.flatMap((client) => client.ws), ...globalWebSocketEndpoints];
   const seenWebSocketPaths = /* @__PURE__ */ new Set();
+  const smtpServerConfigs = collectSmtpServerConfigs(config, usesClientArray);
   for (const endpoint of normalizedWebSocketEndpoints) {
     if (endpoint.path === ELIT_INTERNAL_WS_PATH) {
       throw new Error(`WebSocket path "${ELIT_INTERNAL_WS_PATH}" is reserved for Elit internals`);
@@ -62026,6 +62143,21 @@ function createDevServer(options) {
     }
     seenWebSocketPaths.add(endpoint.path);
   }
+  assertUniqueSmtpServerBindings(smtpServerConfigs);
+  const smtpServers = smtpServerConfigs.map((smtpConfig) => {
+    const smtpServer = createSmtpServer(smtpConfig);
+    const smtpLabel = createSmtpServerLabel(smtpServer.config);
+    smtpServer.server.on("error", (error) => {
+      console.error(`[SMTP] ${smtpLabel} error:`, error);
+    });
+    if (config.logging) {
+      smtpServer.server.server.once("listening", () => {
+        console.log(`[SMTP] ${smtpLabel} listening on ${formatSmtpServerAddress(smtpServer.address(), smtpServer.config)}`);
+      });
+    }
+    smtpServer.listen();
+    return smtpServer;
+  });
   const globalProxyHandler = config.proxy ? createProxyHandler(config.proxy) : null;
   const server = createServer(async (req, res) => {
     const originalUrl = req.url || "/";
@@ -62566,6 +62698,15 @@ ${elitImportMap}`;
     if (config.logging) console.log("\n[Server] Shutting down...");
     transformCache.clear();
     if (watcher) await watcher.close();
+    if (smtpServers.length > 0) {
+      await Promise.all(smtpServers.map(async (smtpServer) => {
+        try {
+          await smtpServer.close();
+        } catch (error) {
+          console.error(`[SMTP] ${createSmtpServerLabel(smtpServer.config)} close error:`, error);
+        }
+      }));
+    }
     if (webSocketServers.length > 0) {
       webSocketServers.forEach((wsServer) => wsServer.close());
       wsClients.clear();
@@ -62582,6 +62723,7 @@ ${elitImportMap}`;
   return {
     server,
     wss,
+    smtpServers,
     url: primaryUrl,
     state: stateManager,
     close
@@ -74461,7 +74603,7 @@ var WAPK_AUTH_TAG_LENGTH = 16;
 var WAPK_SCRYPT_OPTIONS = { N: 16384, r: 8, p: 1 };
 var DEFAULT_GOOGLE_DRIVE_TOKEN_ENV = "GOOGLE_DRIVE_ACCESS_TOKEN";
 var DEFAULT_WAPK_ONLINE_URL_ENV = "ELIT_WAPK_ONLINE_URL";
-var DEFAULT_WAPK_ONLINE_URLS = ["https://wapk.d-osc.com/"];
+var DEFAULT_WAPK_ONLINE_URLS = ["http://wapk.d-osc.com/"];
 var WAPK_ONLINE_CREATE_PATH = "/api/shared-session/create";
 var WAPK_ONLINE_READ_PATH = "/api/shared-session/read";
 var WAPK_ONLINE_CLOSE_PATH = "/api/shared-session/close";
@@ -74499,6 +74641,113 @@ function normalizeNonEmptyString(value) {
   const normalized = value.trim();
   return normalized.length > 0 ? normalized : void 0;
 }
+function normalizeGeneratedIdentifier(value) {
+  const normalized = value.normalize("NFKD").replace(/[\u0300-\u036f]/g, "").toLowerCase().replace(/[^a-z0-9]+/g, "-").replace(/^-+|-+$/g, "");
+  return normalized.length > 0 ? normalized : void 0;
+}
+function joinGeneratedIdentifier(...segments) {
+  const normalizedSegments = segments.map((segment) => segment ? normalizeGeneratedIdentifier(segment) : void 0).filter((segment) => Boolean(segment));
+  return normalizedSegments.length > 0 ? normalizedSegments.join(".") : void 0;
+}
+function parseScopedPackageName(value) {
+  const normalizedValue = normalizeNonEmptyString(value);
+  if (!normalizedValue) {
+    return {};
+  }
+  if (!normalizedValue.startsWith("@")) {
+    return {
+      packageName: normalizedValue
+    };
+  }
+  const scopeSeparatorIndex = normalizedValue.indexOf("/");
+  if (scopeSeparatorIndex === -1) {
+    return {
+      packageName: normalizedValue
+    };
+  }
+  return {
+    scope: normalizedValue.slice(1, scopeSeparatorIndex),
+    packageName: normalizedValue.slice(scopeSeparatorIndex + 1)
+  };
+}
+function readPackageAuthorMetadata(value) {
+  if (typeof value === "string") {
+    const normalizedValue = value.trim();
+    if (!normalizedValue) {
+      return {};
+    }
+    const email = normalizedValue.match(/<([^>]+)>/)?.[1];
+    const url = normalizedValue.match(/\(([^)]+)\)/)?.[1];
+    const name = normalizedValue.replace(/<[^>]+>/g, " ").replace(/\([^)]+\)/g, " ").replace(/\s+/g, " ").trim();
+    return {
+      name: normalizeNonEmptyString(name),
+      email: normalizeNonEmptyString(email),
+      url: normalizeNonEmptyString(url)
+    };
+  }
+  if (!isRecord(value)) {
+    return {};
+  }
+  return {
+    name: normalizeNonEmptyString(value.name),
+    email: normalizeNonEmptyString(value.email),
+    url: normalizeNonEmptyString(value.url)
+  };
+}
+function extractPublisherIdFromRepository(value) {
+  const repositoryUrl = typeof value === "string" ? value : isRecord(value) ? normalizeNonEmptyString(value.url) : void 0;
+  const normalizedRepositoryUrl = normalizeNonEmptyString(repositoryUrl);
+  if (!normalizedRepositoryUrl) {
+    return void 0;
+  }
+  const shorthandMatch = normalizedRepositoryUrl.match(/^(?:github|gitlab|bitbucket):([^/]+)\/.+$/i);
+  if (shorthandMatch?.[1]) {
+    return normalizeGeneratedIdentifier(shorthandMatch[1]);
+  }
+  const sshMatch = normalizedRepositoryUrl.match(/^[^@]+@[^:]+:([^/]+)\/.+$/i);
+  if (sshMatch?.[1]) {
+    return normalizeGeneratedIdentifier(sshMatch[1]);
+  }
+  try {
+    const parsed = new URL(normalizedRepositoryUrl.replace(/^git\+/, ""));
+    const firstPathSegment = parsed.pathname.replace(/\.git$/i, "").split("/").filter(Boolean)[0];
+    return normalizeGeneratedIdentifier(firstPathSegment ?? parsed.hostname.replace(/^www\./i, ""));
+  } catch {
+    return void 0;
+  }
+}
+function extractPublisherIdFromUrl(value) {
+  const normalizedValue = normalizeNonEmptyString(value);
+  if (!normalizedValue) {
+    return void 0;
+  }
+  try {
+    const parsed = new URL(normalizedValue);
+    return normalizeGeneratedIdentifier(parsed.hostname.replace(/^www\./i, ""));
+  } catch {
+    return void 0;
+  }
+}
+function extractPublisherIdFromEmail(value) {
+  const normalizedValue = normalizeNonEmptyString(value);
+  if (!normalizedValue) {
+    return void 0;
+  }
+  const domain = normalizedValue.split("@")[1];
+  return domain ? normalizeGeneratedIdentifier(domain.replace(/^www\./i, "")) : void 0;
+}
+function resolveAutoGeneratedWapkAppId(packageName, fallbackName) {
+  const scopedPackage = parseScopedPackageName(packageName);
+  return joinGeneratedIdentifier(scopedPackage.scope, scopedPackage.packageName ?? fallbackName);
+}
+function resolveAutoGeneratedWapkPublisherId(packageJson, fallbackName) {
+  const scopedPackage = parseScopedPackageName(typeof packageJson?.name === "string" ? packageJson.name : void 0);
+  if (scopedPackage.scope) {
+    return normalizeGeneratedIdentifier(scopedPackage.scope);
+  }
+  const author = readPackageAuthorMetadata(packageJson?.author);
+  return extractPublisherIdFromRepository(packageJson?.repository) ?? extractPublisherIdFromUrl(packageJson?.homepage) ?? extractPublisherIdFromUrl(author.url) ?? extractPublisherIdFromEmail(author.email) ?? normalizeGeneratedIdentifier(author.name ?? fallbackName);
+}
 function normalizeStringMap(value) {
   if (!isRecord(value)) {
     return void 0;
@@ -74538,6 +74787,8 @@ function normalizeWapkConfig(value) {
     runtime: normalizeRuntime(value.runtime ?? value.engine),
     entry: typeof value.entry === "string" ? value.entry : void 0,
     scripts: normalizeStringMap(value.scripts ?? value.script),
+    appId: normalizeNonEmptyString(value.appId),
+    publisherId: normalizeNonEmptyString(value.publisherId),
     port: normalizePort(value.port),
     env: normalizeStringMap(value.env),
     desktop: normalizeDesktopConfig(value.desktop),
@@ -74827,6 +75078,7 @@ async function readWapkProjectConfig(directory) {
   const elitConfig = await loadConfig(directory);
   const elitWapkConfig = normalizeWapkConfig(elitConfig?.wapk);
   const packageJson = readJsonFile(packageJsonPath);
+  const packageJsonWapk = isRecord(packageJson?.wapk) ? packageJson.wapk : void 0;
   const packageScripts = normalizeStringMap(packageJson?.scripts) ?? {};
   const selectedScripts = elitWapkConfig.scripts ?? packageScripts;
   const inferred = inferRuntimeAndEntryFromScript(selectedScripts.start ?? packageScripts.start);
@@ -74850,12 +75102,16 @@ async function readWapkProjectConfig(directory) {
   if (!existsSync2(entryPath) || !statSync2(entryPath).isFile()) {
     throw new Error(`WAPK entry not found: ${entryPath}`);
   }
+  const appId = elitWapkConfig.appId ?? normalizeNonEmptyString(packageJson?.appId) ?? normalizeNonEmptyString(packageJsonWapk?.appId) ?? resolveAutoGeneratedWapkAppId(typeof packageJson?.name === "string" ? packageJson.name : void 0, name);
+  const publisherId = elitWapkConfig.publisherId ?? normalizeNonEmptyString(packageJson?.publisherId) ?? normalizeNonEmptyString(packageJsonWapk?.publisherId) ?? resolveAutoGeneratedWapkPublisherId(packageJson, name);
   return {
     name,
     version,
     runtime: runtime2,
     entry,
     scripts: selectedScripts,
+    appId,
+    publisherId,
     port: elitWapkConfig.port,
     env: elitWapkConfig.env,
     desktop: elitWapkConfig.desktop,
@@ -74865,11 +75121,14 @@ async function readWapkProjectConfig(directory) {
 function readIgnorePatterns(directory) {
   return readLineIgnorePatterns(join2(directory, ".wapkignore"));
 }
+function parsePatternLines(content) {
+  return content.split(/\r?\n/).map((line) => line.trim()).filter((line) => line.length > 0 && (!line.startsWith("#") || line.startsWith("\\#")));
+}
 function readLineIgnorePatterns(filePath) {
   if (!existsSync2(filePath)) {
     return [];
   }
-  return readFileSync2(filePath, "utf8").split(/\r?\n/).map((line) => line.trim()).filter((line) => line.length > 0 && (!line.startsWith("#") || line.startsWith("\\#")));
+  return parsePatternLines(readFileSync2(filePath, "utf8"));
 }
 function normalizePackageEntry(value) {
   const normalized = normalizeNonEmptyString(value)?.replace(/^[.][\\/]/, "").split("\\").join("/");
@@ -75148,6 +75407,91 @@ function shouldIgnore(relativePath2, ignorePatterns, isDirectory) {
   }
   return ignored;
 }
+function matchesPatchPattern(relativePath2, pattern) {
+  const normalizedRule = normalizeIgnorePattern(pattern);
+  if (!normalizedRule) {
+    return false;
+  }
+  const normalizedPath = relativePath2.replace(/\\/g, "/");
+  const subtreeSelector = normalizedRule.pattern.endsWith("/*") && !normalizedRule.pattern.slice(0, -2).includes("*") && !normalizedRule.pattern.slice(0, -2).includes("?");
+  if (subtreeSelector) {
+    const directoryPath = normalizedRule.pattern.slice(0, -2);
+    return directoryPath.length > 0 && normalizedPath.startsWith(`${directoryPath}/`);
+  }
+  const hasGlob = /[*?]/.test(normalizedRule.pattern);
+  if (!hasGlob) {
+    if (normalizedRule.directoryOnly) {
+      return normalizedPath === normalizedRule.pattern || normalizedPath.startsWith(`${normalizedRule.pattern}/`);
+    }
+    return normalizedPath === normalizedRule.pattern;
+  }
+  return globPatternToRegex(normalizedRule.pattern, {
+    directoryOnly: normalizedRule.directoryOnly,
+    matchSegmentsOnly: false
+  }).test(normalizedPath);
+}
+function shouldPatchArchivePath(relativePath2, patchPatterns) {
+  let selected = false;
+  for (const pattern of patchPatterns) {
+    const normalizedRule = normalizeIgnorePattern(pattern);
+    if (!normalizedRule) {
+      continue;
+    }
+    if (!matchesPatchPattern(relativePath2, pattern)) {
+      continue;
+    }
+    selected = !normalizedRule.negate;
+  }
+  return selected;
+}
+function resolvePatchManifestPatterns(files) {
+  const patchManifest = files.find((file) => file.path === ".wapkpatch");
+  if (!patchManifest) {
+    throw new Error("Patch archive must include a .wapkpatch manifest file.");
+  }
+  const patterns = parsePatternLines(patchManifest.content.toString("utf8"));
+  if (patterns.length === 0) {
+    throw new Error("Patch archive .wapkpatch must define at least one patch rule.");
+  }
+  return patterns;
+}
+function applyPatchEntriesToFiles(targetFiles, patchFiles) {
+  const fileMap = new Map(targetFiles.map((file) => [file.path, file]));
+  const fileOrder = targetFiles.map((file) => file.path);
+  const addedPaths = [];
+  const updatedPaths = [];
+  const unchangedPaths = [];
+  for (const patchFile of [...patchFiles].sort((left, right) => left.path.localeCompare(right.path))) {
+    const existing = fileMap.get(patchFile.path);
+    const nextEntry = {
+      path: patchFile.path,
+      content: Buffer.from(patchFile.content),
+      mode: patchFile.mode
+    };
+    if (!existing) {
+      addedPaths.push(patchFile.path);
+      fileOrder.push(patchFile.path);
+    } else if (existing.mode === patchFile.mode && existing.content.equals(patchFile.content)) {
+      unchangedPaths.push(patchFile.path);
+    } else {
+      updatedPaths.push(patchFile.path);
+    }
+    fileMap.set(patchFile.path, nextEntry);
+  }
+  return {
+    files: fileOrder.map((filePath) => {
+      const file = fileMap.get(filePath);
+      if (!file) {
+        throw new Error(`Internal WAPK patch error: missing file entry for ${filePath}`);
+      }
+      return file;
+    }),
+    patchedPaths: [...updatedPaths, ...addedPaths],
+    addedPaths,
+    updatedPaths,
+    unchangedPaths
+  };
+}
 function collectFiles(directory, baseDirectory, ignorePatterns) {
   const files = [];
   const entries = readdirSync2(directory, { withFileTypes: true });
@@ -75303,6 +75647,8 @@ function decodeWapkPayload(buffer) {
     runtime: normalizeRuntime(rawHeader.runtime ?? rawHeader.engine) ?? "node",
     entry: typeof rawHeader.entry === "string" ? rawHeader.entry : "index.js",
     scripts: normalizeStringMap(rawHeader.scripts) ?? {},
+    appId: normalizeNonEmptyString(rawHeader.appId),
+    publisherId: normalizeNonEmptyString(rawHeader.publisherId),
     port: normalizePort(rawHeader.port),
     env: normalizeStringMap(rawHeader.env),
     desktop: normalizeDesktopConfig(rawHeader.desktop),
@@ -75800,11 +76146,14 @@ function sanitizeOnlineArchiveFileName(label, fallback) {
   const fileName = sanitized.length > 0 ? sanitized : "app.wapk";
   return fileName.toLowerCase().endsWith(".wapk") ? fileName : `${fileName}.wapk`;
 }
+var WAPK_ONLINE_JOIN_SOURCE_QUERY_PARAM = "launchSource";
+var WAPK_ONLINE_JOIN_SOURCE_QUERY_VALUE = "elit-wapk-online";
 function buildOnlineJoinUrl(baseUrl, joinKey) {
   const joinUrl = new URL(baseUrl.toString());
   joinUrl.search = "";
   joinUrl.hash = "";
   joinUrl.searchParams.set("join", joinKey);
+  joinUrl.searchParams.set(WAPK_ONLINE_JOIN_SOURCE_QUERY_PARAM, WAPK_ONLINE_JOIN_SOURCE_QUERY_VALUE);
   return joinUrl.toString();
 }
 async function probeOnlineLauncherUrl(url) {
@@ -75985,11 +76334,16 @@ async function closeWapkOnlineSharedSession(launcherUrl, session) {
 function isPmWapkOnlineShutdownEnabled() {
   return process.env[WAPK_ONLINE_PM_SHUTDOWN_ENV] === "1" && Boolean(process.stdin) && !process.stdin.isTTY;
 }
-async function waitForWapkOnlineSessionShutdown(launcherUrl, session, archiveHandle, lock) {
+function getWapkOnlineProcessDetails() {
+  return `pid ${process.pid}, ppid ${process.ppid}`;
+}
+async function waitForWapkOnlineSessionShutdown(launcherUrl, session, archiveHandle, lock, options = {}) {
   let snapshotRevision = 0;
   let snapshotSyncPending = false;
   let snapshotSyncPromise = Promise.resolve();
   let lastSnapshotSyncError = null;
+  const allowSigtermClose = options.allowSigtermClose === true;
+  const processDetails = getWapkOnlineProcessDetails();
   const syncGuestSnapshotUpdates = () => {
     if (snapshotSyncPending) {
       return snapshotSyncPromise;
@@ -76023,6 +76377,7 @@ async function waitForWapkOnlineSessionShutdown(launcherUrl, session, archiveHan
       void syncGuestSnapshotUpdates();
     }, WAPK_ONLINE_KEEPALIVE_INTERVAL_MS);
     const pmManaged = isPmWapkOnlineShutdownEnabled();
+    let ignoredSigTermLogged = false;
     let stdinBuffer = "";
     const cleanup = () => {
       clearInterval(keepAlive);
@@ -76041,7 +76396,17 @@ async function waitForWapkOnlineSessionShutdown(launcherUrl, session, archiveHan
       finish({ kind: "signal", signal: "SIGINT" });
     };
     const onSigTerm = () => {
-      finish({ kind: "signal", signal: "SIGTERM" });
+      if (allowSigtermClose) {
+        finish({ kind: "signal", signal: "SIGTERM" });
+        return;
+      }
+      if (ignoredSigTermLogged) {
+        return;
+      }
+      ignoredSigTermLogged = true;
+      console.warn(
+        pmManaged ? `[wapk] Ignoring SIGTERM while shared session ${session.joinKey} is active (${processDetails}). Use elit pm stop, restart, or delete to close the session.` : `[wapk] Ignoring SIGTERM while shared session ${session.joinKey} is active (${processDetails}). Press Ctrl+C to stop sharing, or pass --allow-sigterm-close to close on SIGTERM.`
+      );
     };
     const onStdinData = (chunk) => {
       stdinBuffer += typeof chunk === "string" ? chunk : chunk.toString("utf8");
@@ -76066,9 +76431,12 @@ async function waitForWapkOnlineSessionShutdown(launcherUrl, session, archiveHan
   if (shutdownTrigger.kind === "pm") {
     console.log(`
 [wapk] PM requested shutdown for shared session ${session.joinKey}...`);
+  } else if (shutdownTrigger.signal === "SIGTERM") {
+    console.log(`
+[wapk] Received SIGTERM for shared session ${session.joinKey} (${processDetails}); closing because --allow-sigterm-close is enabled...`);
   } else {
     console.log(`
-[wapk] Closing shared session ${session.joinKey}...`);
+[wapk] Received ${shutdownTrigger.signal}; closing shared session ${session.joinKey}...`);
   }
   try {
     await closeWapkOnlineSharedSession(launcherUrl, session);
@@ -76108,7 +76476,9 @@ async function runWapkOnline(archiveSpecifier, options) {
   process.exitCode = await waitForWapkOnlineSessionShutdown(launcherUrl, {
     joinKey: response.joinKey,
     adminToken: response.adminToken
-  }, archiveHandle, onlineArchiveLock);
+  }, archiveHandle, onlineArchiveLock, {
+    allowSigtermClose: options.allowSigtermClose
+  });
 }
 async function writeWapkArchiveFromMemory(archiveHandle, header, files, lock) {
   const updatedHeader = {
@@ -76365,6 +76735,8 @@ async function packWapkDirectory(directory, options = {}) {
     runtime: config.runtime,
     entry: config.entry,
     scripts: config.scripts,
+    appId: config.appId,
+    publisherId: config.publisherId,
     port: config.port,
     env: config.env,
     desktop: config.desktop,
@@ -76396,6 +76768,56 @@ function extractWapkArchive(wapkPath, outputDir = ".", options = {}) {
   console.log(`Extracted ${archive.files.length} files to: ${extractDirectory}`);
   return extractDirectory;
 }
+async function patchWapkArchive(wapkPath, options) {
+  const targetHandle = resolveArchiveHandle(wapkPath);
+  const targetSnapshot = await targetHandle.readSnapshot();
+  const targetEnvelope = parseWapkEnvelope(targetSnapshot.buffer);
+  const targetArchive = decodeWapk(targetSnapshot.buffer, options);
+  const targetLock = targetEnvelope.version === WAPK_LOCKED_VERSION ? resolveArchiveCredentials(options) : void 0;
+  const patchArchive = readWapkArchive(options.from, {
+    password: options.fromPassword ?? options.password
+  });
+  const patchPatterns = resolvePatchManifestPatterns(patchArchive.files);
+  const selectedPatchFiles = patchArchive.files.filter((file) => file.path !== ".wapkpatch").filter((file) => shouldPatchArchivePath(file.path, patchPatterns));
+  const patchResult = applyPatchEntriesToFiles(targetArchive.files, selectedPatchFiles);
+  console.log(`[wapk] Target: ${targetSnapshot.label ?? targetHandle.label}`);
+  console.log(`[wapk] Patch:  ${options.from}`);
+  console.log(`[wapk] Rules:  ${patchPatterns.length}`);
+  if (selectedPatchFiles.length === 0) {
+    console.log("[wapk] No files matched .wapkpatch. Archive was not modified.");
+    return {
+      archiveLabel: targetSnapshot.label ?? targetHandle.label,
+      patchedPaths: [],
+      addedPaths: [],
+      updatedPaths: [],
+      unchangedPaths: []
+    };
+  }
+  if (patchResult.patchedPaths.length === 0) {
+    console.log("[wapk] Matching patch files were already up to date. Archive was not modified.");
+    return {
+      archiveLabel: targetSnapshot.label ?? targetHandle.label,
+      patchedPaths: [],
+      addedPaths: [],
+      updatedPaths: [],
+      unchangedPaths: patchResult.unchangedPaths
+    };
+  }
+  const writeResult = await writeWapkArchiveFromMemory(
+    targetHandle,
+    targetArchive.header,
+    patchResult.files,
+    targetLock
+  );
+  console.log(`[wapk] Applied ${patchResult.patchedPaths.length} patch file${patchResult.patchedPaths.length === 1 ? "" : "s"}.`);
+  return {
+    archiveLabel: writeResult.label,
+    patchedPaths: patchResult.patchedPaths,
+    addedPaths: patchResult.addedPaths,
+    updatedPaths: patchResult.updatedPaths,
+    unchangedPaths: patchResult.unchangedPaths
+  };
+}
 async function prepareWapkApp(wapkPath, options = {}) {
   const archiveHandle = resolveArchiveHandle(wapkPath, options.googleDrive);
   const archivePath = archiveHandle.identifier;
@@ -76504,6 +76926,8 @@ function inspectWapkArchive(wapkPath, options = {}) {
   console.log(`App:      ${decoded.header.version}`);
   console.log(`Runtime:  ${decoded.header.runtime}`);
   console.log(`Entry:    ${decoded.header.entry}`);
+  console.log(`App ID:   ${decoded.header.appId ?? "n/a"}`);
+  console.log(`Publisher:${decoded.header.publisherId ? ` ${decoded.header.publisherId}` : " n/a"}`);
   console.log(`Port:     ${decoded.header.port ?? "default"}`);
   console.log(`Created:  ${decoded.header.createdAt}`);
   if (decoded.header.env && Object.keys(decoded.header.env).length > 0) {
@@ -76535,6 +76959,8 @@ function printWapkHelp() {
     "  elit wapk gdrive://<fileId> --online",
     "  elit wapk pack [directory]",
     "  elit wapk pack [directory] --password secret-123",
+    "  elit wapk patch <file.wapk> --from <patch.wapk>",
+    "  elit wapk patch <file.wapk> --use <patch.wapk>",
     "  elit wapk inspect <file.wapk>",
     "  elit wapk extract <file.wapk>",
     "",
@@ -76546,24 +76972,32 @@ function printWapkHelp() {
     "  --archive-watch              Pull external archive changes back into the temp workdir",
     "  --no-archive-watch           Disable external archive read sync",
     "  --online                     Create an Elit Run share session, stay alive, and close on Ctrl+C",
+    "  --allow-sigterm-close        Allow SIGTERM to close an online shared session",
     "  --online-url <url>           Elit Run URL (default: auto-detect localhost:4177 or localhost:4179)",
     "  --google-drive-file-id <id>  Run a remote .wapk directly from Google Drive",
     "  --google-drive-token-env <name>  Env var containing the Google Drive OAuth token",
     "  --google-drive-access-token <value>  OAuth token for Google Drive API calls",
     "  --google-drive-shared-drive  Include supportsAllDrives=true for shared drives",
+    "  --from <file.wapk>           Patch source archive for elit wapk patch",
+    "  --use <file.wapk>            Alias for --from",
+    "  --from-password <value>      Password for unlocking the patch archive",
     "  --include-deps               Legacy compatibility flag; node_modules are packed by default",
     "  --password <value>           Password for locking or unlocking the archive",
     "  -h, --help                   Show this help",
     "",
     "Notes:",
     "  - Pack reads wapk from elit.config.* and falls back to package.json.",
+    "  - If appId or publisherId is not configured, pack auto-generates stable defaults from package metadata.",
     "  - Pack includes node_modules by default; use .wapkignore if you need to exclude them, and !pattern to re-include later matches.",
+    "  - Patch reads .wapkpatch from the patch archive and applies only matching archive-relative paths.",
+    "  - Patch keeps the target archive metadata and lock mode; use --from-password when the patch archive uses a different password.",
     "  - Run never installs dependencies automatically; archives must include the runtime dependencies they need.",
     "  - Run mode can read config.wapk.run for default file/runtime/live-sync options.",
     "  - Browser-style archives with scripts.start or wapk.script.start run that start script automatically.",
     "  - Run mode keeps files in RAM and syncs changes both to and from the archive source.",
     "  - Google Drive mode talks to the Drive API directly; no local archive file is required.",
     "  - Online mode creates a shared session on Elit Run directly, keeps the CLI alive, and closes it on Ctrl+C.",
+    "  - Online mode ignores SIGTERM by default; pass --allow-sigterm-close if an external supervisor should close the shared session with SIGTERM.",
     "  - Locked archives in online mode must provide --password so the CLI can build the shared snapshot.",
     "  - Locked archives require the same password for run/extract/inspect.",
     "  - Archives stay unlocked by default unless a password is provided.",
@@ -76613,6 +77047,7 @@ function parseRunArgs(args) {
   let archiveSyncInterval;
   let online;
   let onlineUrl;
+  let allowSigtermClose;
   let password;
   for (let index = 0; index < args.length; index++) {
     const arg = args[index];
@@ -76664,6 +77099,10 @@ function parseRunArgs(args) {
         onlineUrl = readRequiredOptionValue(args, ++index, "--online-url");
         break;
       }
+      case "--allow-sigterm-close": {
+        allowSigtermClose = true;
+        break;
+      }
       case "--google-drive-file-id": {
         googleDrive = {
           ...googleDrive,
@@ -76706,7 +77145,7 @@ function parseRunArgs(args) {
         break;
     }
   }
-  return { file, googleDrive, runtime: runtime2, syncInterval, useWatcher, watchArchive, archiveSyncInterval, online, onlineUrl, password };
+  return { file, googleDrive, runtime: runtime2, syncInterval, useWatcher, watchArchive, archiveSyncInterval, online, onlineUrl, allowSigtermClose, password };
 }
 function parsePackArgs(args) {
   let directory = ".";
@@ -76732,6 +77171,46 @@ function parsePackArgs(args) {
   }
   return { directory, includeDeps, password };
 }
+function parsePatchArgs(args) {
+  let file;
+  let from;
+  let password;
+  let fromPassword;
+  for (let index = 0; index < args.length; index++) {
+    const arg = args[index];
+    switch (arg) {
+      case "--from":
+      case "--use": {
+        if (from) {
+          throw new Error("WAPK patch accepts exactly one patch archive via --from or --use.");
+        }
+        from = readRequiredOptionValue(args, ++index, arg);
+        break;
+      }
+      case "--password": {
+        password = readRequiredOptionValue(args, ++index, "--password");
+        break;
+      }
+      case "--from-password": {
+        fromPassword = readRequiredOptionValue(args, ++index, "--from-password");
+        break;
+      }
+      default:
+        if (arg.startsWith("-")) {
+          throw new Error(`Unknown WAPK option: ${arg}`);
+        }
+        if (file) {
+          throw new Error("Usage: elit wapk patch <file.wapk> --from <patch.wapk>");
+        }
+        file = arg;
+        break;
+    }
+  }
+  if (!file || !from) {
+    throw new Error("Usage: elit wapk patch <file.wapk> --from <patch.wapk>");
+  }
+  return { file, from, password, fromPassword };
+}
 async function readConfiguredWapkRunDefaults(cwd) {
   const config = await loadConfig(cwd);
   const runConfig = normalizeWapkRunConfig(config?.wapk?.run);
@@ -76771,6 +77250,7 @@ function resolveConfiguredWapkRunOptions(options, defaults) {
     archiveSyncInterval: options.archiveSyncInterval ?? defaults?.archiveSyncInterval,
     online: options.online ?? defaults?.online ?? Boolean(onlineUrl),
     onlineUrl,
+    allowSigtermClose: options.allowSigtermClose === true,
     password: options.password ?? defaults?.password
   };
 }
@@ -76803,6 +77283,15 @@ async function runWapkCommand(args, cwd = process.cwd()) {
     });
     return;
   }
+  if (args[0] === "patch") {
+    const options = parsePatchArgs(args.slice(1));
+    await patchWapkArchive(options.file, {
+      from: options.from,
+      password: options.password,
+      fromPassword: options.fromPassword
+    });
+    return;
+  }
   if (args[0] === "inspect") {
     const options = parseArchiveAccessArgs(args.slice(1), "Usage: elit wapk inspect <file.wapk>");
     inspectWapkArchive(options.file, options);
@@ -76831,6 +77320,7 @@ async function runWapkCommand(args, cwd = process.cwd()) {
     await runWapkOnline(archiveSpecifier, {
       googleDrive: runOptions.googleDrive,
       onlineUrl: runOptions.onlineUrl,
+      allowSigtermClose: runOptions.allowSigtermClose,
       password: runOptions.password
     });
     return;
@@ -83163,6 +83653,7 @@ WAPK Options:
   elit wapk run [file.wapk]                 Run a packaged app or the configured default archive
   elit wapk run --google-drive-file-id <id> Run a packaged app directly from Google Drive
   elit wapk pack [directory]                Pack a directory into a .wapk archive
+  elit wapk patch <file.wapk> --from <patch.wapk>  Apply a manifest-driven patch archive
   elit wapk inspect <file.wapk>             Inspect a .wapk archive
   elit wapk extract <file.wapk>             Extract a .wapk archive
   elit wapk --runtime node|bun|deno [file]  Override the packaged runtime