nexusapp-cli 3.0.0 → 3.1.1

package/src/commands/domain.ts

@@ -1,167 +0,0 @@
-import { Command } from 'commander';
-import inquirer from 'inquirer';
-import { client, apiError, unwrap } from '../client.js';
-import { printTable, printJson, success, errorMsg, timeAgo } from '../output.js';
-import chalk from 'chalk';
-
-const UUID_RE = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
-
-async function resolveDeployment(nameOrId: string): Promise<any> {
-  if (UUID_RE.test(nameOrId)) {
-    try {
-      const res = await client.get(`/api/deployments/${nameOrId}`);
-      return unwrap(res.data);
-    } catch { /* fall through */ }
-  }
-  const listRes = await client.get('/api/deployments');
-  const all: any[] = Array.isArray(unwrap(listRes.data)) ? unwrap(listRes.data) : [];
-  const match = all.find((d) => d.name === nameOrId || d.displayName === nameOrId);
-  if (!match) throw new Error(`Deployment not found: "${nameOrId}"`);
-  const res = await client.get(`/api/deployments/${match.id}`);
-  return unwrap(res.data);
-}
-
-function verificationBadge(status: string): string {
-  switch ((status || '').toUpperCase()) {
-    case 'VERIFIED': return chalk.green('VERIFIED');
-    case 'PENDING':  return chalk.yellow('PENDING');
-    case 'FAILED':   return chalk.red('FAILED');
-    default:         return chalk.gray(status || 'UNKNOWN');
-  }
-}
-
-export function registerDomain(program: Command): void {
-  const domain = program.command('domain').description('Custom domain management');
-
-  // list
-  domain
-    .command('list <deployment>')
-    .description('List custom domains for a deployment')
-    .option('--json', 'Output raw JSON')
-    .action(async (nameOrId, opts) => {
-      try {
-        const d = await resolveDeployment(nameOrId);
-        const res = await client.get(`/api/deployments/${d.id}/domains`);
-        const domains: any[] = unwrap(res.data) || [];
-
-        if (opts.json) { printJson(domains); return; }
-        if (!domains.length) {
-          console.log(`No custom domains on "${d.displayName || d.name}".`);
-          return;
-        }
-
-        printTable(
-          ['ID', 'DOMAIN', 'STATUS', 'SSL', 'ADDED'],
-          domains.map((dom: any) => [
-            dom.id,
-            dom.domain,
-            verificationBadge(dom.verificationStatus),
-            dom.sslStatus ? chalk.green('✓') : chalk.gray('—'),
-            dom.createdAt ? timeAgo(dom.createdAt) : '—',
-          ])
-        );
-      } catch (err) {
-        errorMsg(apiError(err));
-        process.exit(1);
-      }
-    });
-
-  // add
-  domain
-    .command('add <deployment> <domain>')
-    .description('Add a custom domain to a deployment')
-    .option('--json', 'Output raw JSON')
-    .action(async (nameOrId, domainName, opts) => {
-      try {
-        const d = await resolveDeployment(nameOrId);
-        const res = await client.post(`/api/deployments/${d.id}/domains`, { domain: domainName });
-        const dom = unwrap(res.data);
-
-        if (opts.json) { printJson(dom); return; }
-
-        success(`Domain "${dom.domain}" added to "${d.displayName || d.name}"`);
-        console.log('');
-        console.log('  Next steps to verify ownership:');
-        if (dom.txtRecord || dom.verificationToken) {
-          console.log(`  1. Add a DNS TXT record:`);
-          console.log(`     Name:  ${chalk.cyan(dom.txtRecordName || `_nexusai-verify.${domainName}`)}`);
-          console.log(`     Value: ${chalk.cyan(dom.txtRecord || dom.verificationToken)}`);
-        } else {
-          console.log(`  1. Point your DNS to the deployment URL`);
-        }
-        console.log(`  2. Run: ${chalk.bold(`nexus domain verify ${nameOrId} ${dom.id}`)}`);
-      } catch (err) {
-        errorMsg(apiError(err));
-        process.exit(1);
-      }
-    });
-
-  // verify
-  domain
-    .command('verify <deployment> <domain-id>')
-    .description('Trigger DNS verification for a custom domain')
-    .option('--json', 'Output raw JSON')
-    .action(async (nameOrId, domainId, opts) => {
-      try {
-        const d = await resolveDeployment(nameOrId);
-        const res = await client.post(`/api/deployments/${d.id}/domains/${domainId}/verify`);
-        const result = unwrap(res.data);
-
-        if (opts.json) { printJson(result); return; }
-
-        const dom = result.domain || result;
-        const status = (dom.verificationStatus || '').toUpperCase();
-
-        if (status === 'VERIFIED') {
-          success(`Domain "${dom.domain}" verified successfully`);
-          if (dom.sslStatus) {
-            console.log(`  SSL: ${chalk.green('active')}`);
-          }
-        } else {
-          console.log(`  Status: ${verificationBadge(status)}`);
-          console.log('');
-          if (result.verificationResult?.error) {
-            console.log(`  ${chalk.yellow('!')} ${result.verificationResult.error}`);
-          }
-          console.log(`  DNS changes can take up to 48h to propagate.`);
-          console.log(`  Run this command again once DNS has updated.`);
-        }
-      } catch (err) {
-        errorMsg(apiError(err));
-        process.exit(1);
-      }
-    });
-
-  // remove
-  domain
-    .command('remove <deployment> <domain-id>')
-    .description('Remove a custom domain from a deployment')
-    .option('--yes', 'Skip confirmation prompt')
-    .action(async (nameOrId, domainId, opts) => {
-      try {
-        const d = await resolveDeployment(nameOrId);
-
-        if (!opts.yes) {
-          // Show the domain name in the prompt
-          let domainName = domainId;
-          try {
-            const listRes = await client.get(`/api/deployments/${d.id}/domains`);
-            const domains: any[] = unwrap(listRes.data) || [];
-            const found = domains.find((dom) => dom.id === domainId);
-            if (found) domainName = found.domain;
-          } catch { /* use id */ }
-
-          const { confirm } = await inquirer.prompt([
-            { type: 'confirm', name: 'confirm', message: `Remove domain "${domainName}" from "${d.displayName || d.name}"?`, default: false },
-          ]);
-          if (!confirm) { console.log('Cancelled.'); return; }
-        }
-
-        await client.delete(`/api/deployments/${d.id}/domains/${domainId}`);
-        success(`Domain removed.`);
-      } catch (err) {
-        errorMsg(apiError(err));
-        process.exit(1);
-      }
-    });
-}

package/src/commands/exec.ts

@@ -1,154 +0,0 @@
-import { Command } from 'commander';
-import * as fs from 'fs';
-import * as path from 'path';
-import { client, apiError, unwrap } from '../client.js';
-import { success, errorMsg, printJson } from '../output.js';
-
-function formatBytes(n: number): string {
-  if (n < 1024) return `${n} B`;
-  if (n < 1024 * 1024) return `${(n / 1024).toFixed(1)} KB`;
-  if (n < 1024 * 1024 * 1024) return `${(n / (1024 * 1024)).toFixed(1)} MB`;
-  return `${(n / (1024 * 1024 * 1024)).toFixed(2)} GB`;
-}
-
-/**
- * Parse a "<deploymentId>:<path>" argument. Returns null if the arg has no
- * colon (i.e. it's a local path). UUIDs contain hyphens but no colons, so the
- * first ":" cleanly separates the two halves.
- */
-function parseRemoteRef(arg: string): { deploymentId: string; remotePath: string } | null {
-  const idx = arg.indexOf(':');
-  if (idx < 0) return null;
-  const deploymentId = arg.slice(0, idx);
-  const remotePath = arg.slice(idx + 1);
-  if (!deploymentId || !remotePath) return null;
-  return { deploymentId, remotePath };
-}
-
-export function registerExec(program: Command): void {
-  program
-    .command('exec <deploymentId> [command...]')
-    .description('Run a command inside the running deployment container (LOCAL_DOCKER only)')
-    .option('--timeout <seconds>', 'Max seconds before the command is killed (default 60, max 1800)', (v) => parseInt(v, 10))
-    .option('--workdir <path>', 'Working directory inside the container')
-    .option('--json', 'Output raw JSON result')
-    .allowUnknownOption(false)
-    .action(async (deploymentId, commandParts, opts) => {
-      if (!commandParts || commandParts.length === 0) {
-        errorMsg('Provide a command to run, e.g. `nexus exec <id> ls -la /app`');
-        process.exit(2);
-      }
-
-      try {
-        const res = await client.post(
-          `/api/deployments/${deploymentId}/exec`,
-          {
-            command: commandParts,
-            timeoutSeconds: opts.timeout,
-            workingDir: opts.workdir,
-          },
-          { timeout: 0 }
-        );
-        const result = unwrap(res.data);
-
-        if (opts.json) {
-          printJson(result);
-          process.exit(result.exitCode === 0 ? 0 : 1);
-        }
-
-        if (result.stdout) process.stdout.write(result.stdout);
-        if (result.stderr) process.stderr.write(result.stderr);
-        if (result.truncated) {
-          process.stderr.write('\n[output truncated at 2MB per stream]\n');
-        }
-        process.exit(result.exitCode === 0 ? 0 : result.exitCode || 1);
-      } catch (err) {
-        errorMsg(apiError(err));
-        process.exit(1);
-      }
-    });
-
-  program
-    .command('cp <source> <destination>')
-    .description(
-      'Copy a single file between a local path and a running deployment container.\n' +
-      '  Upload:   nexus cp ./index.html <deploymentId>:/app/public/index.html\n' +
-      '  Download: nexus cp <deploymentId>:/app/config.json ./config.json'
-    )
-    .action(async (source, destination) => {
-      const srcRemote = parseRemoteRef(source);
-      const dstRemote = parseRemoteRef(destination);
-
-      if (srcRemote && dstRemote) {
-        errorMsg('Container-to-container copy is not supported. Download first, then upload.');
-        process.exit(2);
-      }
-      if (!srcRemote && !dstRemote) {
-        errorMsg('At least one side must be a container reference (e.g. `<deploymentId>:/app/file.txt`).');
-        process.exit(2);
-      }
-
-      try {
-        if (!srcRemote && dstRemote) {
-          // Upload: local -> container
-          const localPath = path.resolve(source);
-          if (!fs.existsSync(localPath)) {
-            errorMsg(`Local file not found: ${localPath}`);
-            process.exit(1);
-          }
-          const stat = fs.statSync(localPath);
-          if (!stat.isFile()) {
-            errorMsg(`Not a regular file: ${localPath} (directory uploads not supported — tar + exec instead)`);
-            process.exit(1);
-          }
-          const stream = fs.createReadStream(localPath);
-          const res = await client.post(
-            `/api/deployments/${dstRemote.deploymentId}/files`,
-            stream,
-            {
-              params: { path: dstRemote.remotePath },
-              headers: {
-                'Content-Type': 'application/octet-stream',
-                'Content-Length': String(stat.size),
-              },
-              timeout: 0,
-              maxBodyLength: Infinity,
-              maxContentLength: Infinity,
-            }
-          );
-          const data = unwrap(res.data);
-          success(`Uploaded ${formatBytes(data.bytesWritten || stat.size)} → ${dstRemote.deploymentId}:${data.targetPath || dstRemote.remotePath}`);
-          return;
-        }
-
-        // Download: container -> local
-        const remote = srcRemote!;
-        const localPath = path.resolve(destination);
-        const dir = path.dirname(localPath);
-        if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
-
-        const res = await client.get(`/api/deployments/${remote.deploymentId}/files`, {
-          params: { path: remote.remotePath },
-          responseType: 'stream',
-          timeout: 0,
-          maxContentLength: Infinity,
-        });
-
-        let bytes = 0;
-        res.data.on('data', (chunk: Buffer) => { bytes += chunk.length; });
-
-        await new Promise<void>((resolve, reject) => {
-          const writer = fs.createWriteStream(localPath);
-          res.data.pipe(writer);
-          writer.on('finish', () => resolve());
-          writer.on('error', reject);
-          res.data.on('error', reject);
-        });
-
-        success(`Downloaded ${formatBytes(bytes)} → ${localPath}`);
-      } catch (err) {
-        errorMsg(apiError(err));
-        process.exit(1);
-      }
-    });
-}

package/src/commands/managedDb.ts

@@ -1,170 +0,0 @@
-import { Command } from 'commander';
-import { client, apiError } from '../client.js';
-import { printTable, printJson, success, errorMsg, timeAgo } from '../output.js';
-
-export function registerManagedDb(program: Command): void {
-  const md = program
-    .command('managed-db')
-    .description('Managed cloud databases (AWS RDS instances)');
-
-  md
-    .command('list')
-    .description('List managed databases')
-    .option('--json', 'Output raw JSON')
-    .action(async (opts) => {
-      try {
-        const res = await client.get('/api/managed-databases');
-        const dbs: any[] = res.data?.managedDatabases || [];
-        if (opts.json) { printJson(dbs); return; }
-        if (!dbs.length) { console.log('No managed databases found.'); return; }
-        printTable(
-          ['ID', 'NAME', 'ENGINE', 'STATUS', 'ENDPOINT', 'CREATED'],
-          dbs.map((d: any) => [
-            d.id,
-            d.displayName ? `${d.name} (${d.displayName})` : d.name,
-            `${d.engine} ${d.engineVersion}`,
-            d.status,
-            d.endpointHost ? `${d.endpointHost}:${d.endpointPort}` : '—',
-            d.createdAt ? timeAgo(d.createdAt) : '—',
-          ])
-        );
-      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
-    });
-
-  md
-    .command('create <name>')
-    .description('Provision a new managed database')
-    .requiredOption('--engine <engine>', 'POSTGRES or MYSQL')
-    .requiredOption('--engine-version <version>', 'e.g. 17.10 (postgres), 8.0.46 (mysql)')
-    .option('--provider <provider>', 'AWS_RDS, GCP_CLOUD_SQL, or AZURE_DATABASE', 'AWS_RDS')
-    .option('--network-mode <mode>', 'public or vpc (AWS only; vpc = private, App Runner-only)')
-    .option('--display-name <name>', 'Friendly display name')
-    .option('--instance-class <class>', 'e.g. db.t3.micro (AWS) / db-custom-1-3840 (GCP)')
-    .option('--allocated-gb <gb>', 'Storage in GB (20-1000)')
-    .option('--region <region>', 'Cloud region')
-    .option('--json', 'Output raw JSON')
-    .action(async (name, opts) => {
-      try {
-        const res = await client.post('/api/managed-databases', {
-          name,
-          provider: opts.provider,
-          networkMode: opts.networkMode,
-          engine: opts.engine,
-          engineVersion: opts.engineVersion,
-          displayName: opts.displayName,
-          instanceClass: opts.instanceClass,
-          allocatedGb: opts.allocatedGb ? Number(opts.allocatedGb) : undefined,
-          region: opts.region,
-        });
-        const db = res.data?.managedDatabase;
-        if (opts.json) { printJson(db); return; }
-        success(`Managed database created: ${db?.id} (${db?.status})`);
-        console.log('Provisioning is async — run `nexus managed-db list` until status is AVAILABLE.');
-      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
-    });
-
-  md
-    .command('delete <id>')
-    .description('Delete a managed database (destroys data)')
-    .option('--json', 'Output raw JSON')
-    .action(async (id, opts) => {
-      try {
-        await client.delete(`/api/managed-databases/${id}`);
-        if (opts.json) { printJson({ success: true }); return; }
-        success(`Managed database ${id} deleted.`);
-      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
-    });
-
-  md
-    .command('attach <id>')
-    .description('Attach a managed database to a deployment')
-    .requiredOption('--deployment <deploymentId>', 'Deployment ID')
-    .option('--env-prefix <prefix>', 'Env var namespace (default DATABASE)')
-    .option('--json', 'Output raw JSON')
-    .action(async (id, opts) => {
-      try {
-        const res = await client.post(`/api/managed-databases/${id}/attach`, {
-          deploymentId: opts.deployment,
-          envPrefix: opts.envPrefix,
-        });
-        if (opts.json) { printJson(res.data?.attachment); return; }
-        success(`Attached to ${opts.deployment}. Redeploy for DATABASE_* env vars to take effect.`);
-      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
-    });
-
-  md
-    .command('detach <id>')
-    .description('Detach a managed database from a deployment')
-    .requiredOption('--deployment <deploymentId>', 'Deployment ID')
-    .option('--json', 'Output raw JSON')
-    .action(async (id, opts) => {
-      try {
-        await client.post(`/api/managed-databases/${id}/detach`, { deploymentId: opts.deployment });
-        if (opts.json) { printJson({ success: true }); return; }
-        success(`Detached from ${opts.deployment}.`);
-      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
-    });
-
-  md
-    .command('snapshot <id>')
-    .description('Create a snapshot backup of a managed database')
-    .option('--notes <notes>', 'Optional notes')
-    .option('--json', 'Output raw JSON')
-    .action(async (id, opts) => {
-      try {
-        const res = await client.post(`/api/managed-databases/${id}/snapshots`, { notes: opts.notes });
-        const snap = res.data?.snapshot;
-        if (opts.json) { printJson(snap); return; }
-        success(`Snapshot ${snap?.id} started (${snap?.status}).`);
-      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
-    });
-
-  md
-    .command('snapshots <id>')
-    .description('List snapshot backups for a managed database')
-    .option('--json', 'Output raw JSON')
-    .action(async (id, opts) => {
-      try {
-        const res = await client.get(`/api/managed-databases/${id}/snapshots`);
-        const snaps: any[] = res.data?.snapshots || [];
-        if (opts.json) { printJson(snaps); return; }
-        if (!snaps.length) { console.log('No snapshots found.'); return; }
-        printTable(
-          ['ID', 'STATUS', 'SIZE (B)', 'NOTES', 'CREATED'],
-          snaps.map((s: any) => [s.id, s.status, String(s.sizeBytes), s.notes || '—', s.createdAt ? timeAgo(s.createdAt) : '—'])
-        );
-      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
-    });
-
-  md
-    .command('query <id> <sql>')
-    .description('Run a SQL statement against a managed database')
-    .option('--json', 'Output raw JSON')
-    .action(async (id, sql, opts) => {
-      try {
-        const res = await client.post(`/api/managed-databases/${id}/query`, { sql });
-        if (opts.json) { printJson(res.data); return; }
-        const rows = res.data?.rows || [];
-        console.log(`${res.data?.classification}: ${res.data?.rowCount} row(s)`);
-        if (rows.length) printJson(rows);
-      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
-    });
-
-  md
-    .command('restore <id>')
-    .description('Restore a snapshot into a NEW managed database (non-destructive)')
-    .requiredOption('--snapshot <snapshotId>', 'Snapshot ID to restore from')
-    .requiredOption('--new-name <name>', 'Name for the restored database')
-    .option('--json', 'Output raw JSON')
-    .action(async (id, opts) => {
-      try {
-        const res = await client.post(`/api/managed-databases/${id}/restore`, {
-          snapshotId: opts.snapshot,
-          newName: opts.newName,
-        });
-        const db = res.data?.managedDatabase;
-        if (opts.json) { printJson(db); return; }
-        success(`Restore started: new database ${db?.id} (${db?.status}). Run \`nexus managed-db list\` until AVAILABLE.`);
-      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
-    });
-}

package/src/commands/member.ts

@@ -1,168 +0,0 @@
-import { Command } from 'commander';
-import inquirer from 'inquirer';
-import chalk from 'chalk';
-import { client, apiError, unwrap } from '../client.js';
-import { printTable, printJson, success, errorMsg, timeAgo } from '../output.js';
-
-const VALID_ROLES = ['OWNER', 'ADMIN', 'MEMBER', 'DEPLOYMENT_MANAGER', 'AUDITOR', 'BILLING_MANAGER'];
-
-const ROLE_LABELS: Record<string, string> = {
-  OWNER: 'Owner',
-  ADMIN: 'Admin',
-  MEMBER: 'Developer',
-  DEPLOYMENT_MANAGER: 'Deployment Manager',
-  AUDITOR: 'Auditor',
-  BILLING_MANAGER: 'Billing Manager',
-};
-
-function roleLabel(role: string): string {
-  return ROLE_LABELS[role] || role;
-}
-
-function statusBadge(status: string): string {
-  if (status === 'active') return chalk.green(status);
-  if (status === 'suspended') return chalk.yellow(status);
-  return chalk.gray(status);
-}
-
-export function registerMember(program: Command): void {
-  const member = program.command('member').description('Team member management commands');
-
-  // list
-  member
-    .command('list')
-    .description('List all team members in the organization')
-    .option('--json', 'Output raw JSON')
-    .action(async (opts) => {
-      try {
-        const res = await client.get('/api/organizations/users');
-        let members: any[] = unwrap(res.data);
-        if (!Array.isArray(members)) members = [];
-
-        if (opts.json) { printJson(members); return; }
-        if (!members.length) { console.log('No members found.'); return; }
-
-        printTable(
-          ['ID', 'NAME', 'EMAIL', 'ROLE', 'STATUS', 'JOINED'],
-          members.map((m: any) => [
-            m.id,
-            m.name || '—',
-            m.email,
-            roleLabel(m.role),
-            statusBadge(m.status),
-            m.createdAt ? timeAgo(m.createdAt) : '—',
-          ])
-        );
-      } catch (err) {
-        errorMsg(apiError(err));
-        process.exit(1);
-      }
-    });
-
-  // invite
-  member
-    .command('invite <email>')
-    .description('Invite a new member to the organization')
-    .requiredOption('--role <role>', `Role to assign (${VALID_ROLES.filter(r => r !== 'OWNER').join(', ')})`)
-    .option('--json', 'Output raw JSON')
-    .action(async (email, opts) => {
-      const role = opts.role.toUpperCase();
-
-      if (!VALID_ROLES.includes(role) || role === 'OWNER') {
-        errorMsg(`Invalid role "${opts.role}". Valid roles: ${VALID_ROLES.filter(r => r !== 'OWNER').join(', ')}`);
-        process.exit(1);
-      }
-
-      try {
-        const res = await client.post('/api/organizations/users/invite', { email, role });
-        const data = unwrap(res.data);
-        const user = data.user || data;
-
-        if (opts.json) { printJson(data); return; }
-
-        success(`Invited ${email} as ${roleLabel(role)}.`);
-        console.log(`  ${chalk.dim('User ID:')} ${user.id}`);
-        console.log(`  ${chalk.dim('An email with login credentials has been sent.')}`);
-      } catch (err) {
-        errorMsg(apiError(err));
-        process.exit(1);
-      }
-    });
-
-  // role
-  member
-    .command('role <userId> <role>')
-    .description('Update the role of a team member')
-    .option('--json', 'Output raw JSON')
-    .action(async (userId, roleArg, opts) => {
-      const role = roleArg.toUpperCase();
-
-      if (!VALID_ROLES.includes(role) || role === 'OWNER') {
-        errorMsg(`Invalid role "${roleArg}". Valid roles: ${VALID_ROLES.filter(r => r !== 'OWNER').join(', ')}`);
-        process.exit(1);
-      }
-
-      try {
-        const res = await client.patch(`/api/organizations/users/${userId}/role`, { role });
-        const updated = unwrap(res.data);
-
-        if (opts.json) { printJson(updated); return; }
-
-        success(`Updated ${updated.email} to ${roleLabel(updated.role)}.`);
-      } catch (err) {
-        errorMsg(apiError(err));
-        process.exit(1);
-      }
-    });
-
-  // suspend
-  member
-    .command('suspend <userId>')
-    .description('Suspend a team member (blocks their access)')
-    .option('--yes', 'Skip confirmation prompt')
-    .option('--json', 'Output raw JSON')
-    .action(async (userId, opts) => {
-      if (!opts.yes) {
-        const { confirm } = await inquirer.prompt([
-          {
-            type: 'confirm',
-            name: 'confirm',
-            message: `Suspend member "${userId}"? They will lose access immediately.`,
-            default: false,
-          },
-        ]);
-        if (!confirm) { console.log('Cancelled.'); return; }
-      }
-
-      try {
-        const res = await client.post(`/api/organizations/users/${userId}/suspend`, {});
-        const updated = unwrap(res.data);
-
-        if (opts.json) { printJson(updated); return; }
-
-        success(`${updated.email} suspended.`);
-      } catch (err) {
-        errorMsg(apiError(err));
-        process.exit(1);
-      }
-    });
-
-  // activate
-  member
-    .command('activate <userId>')
-    .description('Restore access for a suspended team member')
-    .option('--json', 'Output raw JSON')
-    .action(async (userId, opts) => {
-      try {
-        const res = await client.post(`/api/organizations/users/${userId}/activate`, {});
-        const updated = unwrap(res.data);
-
-        if (opts.json) { printJson(updated); return; }
-
-        success(`${updated.email} activated.`);
-      } catch (err) {
-        errorMsg(apiError(err));
-        process.exit(1);
-      }
-    });
-}