onveloz 0.0.0-beta.32 → 0.0.0-beta.33

package/dist/index.mjs

@@ -1260,7 +1260,7 @@ async function requireAuth(options) {
 
 //#endregion
 //#region src/lib/client.ts
-const CLI_VERSION = "0.0.0-beta.32";
+const CLI_VERSION = "0.0.0-beta.33";
 const USER_AGENT = `veloz-cli/${CLI_VERSION}`;
 /**
 * Client source — "cli" by default; the init wizard sets this to "cli-wizard"
@@ -24221,7 +24221,7 @@ const LOGO_LINES$1 = [
 ];
 const BRAND_COLOR$1 = "#FF4D00";
 function getVersion() {
-	return "0.0.0-beta.32";
+	return "0.0.0-beta.33";
 }
 function printBanner(subtitle) {
 	const version$2 = getVersion();
@@ -25327,7 +25327,7 @@ async function fetchLatestVersion() {
 	}
 }
 function getCurrentVersion() {
-	return "0.0.0-beta.32";
+	return "0.0.0-beta.33";
 }
 /**
 * Install a specific CLI version. Returns true on success.
@@ -30407,7 +30407,7 @@ function PickerMenu({ items, onSelect, onCancel }) {
 
 //#endregion
 //#region src/wizard/ui/primitives/ScreenLayout.tsx
-const version = "0.0.0-beta.32";
+const version = "0.0.0-beta.33";
 const LOGO_LINES = [
 	"██╗   ██╗███████╗██╗      ██████╗ ███████╗",
 	"██║   ██║██╔════╝██║     ██╔═══██╗╚══███╔╝",
@@ -30596,6 +30596,7 @@ function createInitialSession() {
 		selectedOrgId: null,
 		newOrgName: null,
 		orgCreateError: null,
+		reauthNotice: null,
 		detectedFramework: null,
 		detectedFrameworkLabel: null,
 		selectedFramework: null,
@@ -30729,29 +30730,45 @@ function AuthScreen({ store }) {
 			})]
 		})] });
 	}
-	if (session.authPhase === "browser" || session.authPhase === "polling") return /* @__PURE__ */ jsxs(ScreenLayout, { children: [/* @__PURE__ */ jsx(Spinner, { label: COPY.authPolling }), session.authDeviceCode ? /* @__PURE__ */ jsxs(Box, {
-		marginTop: 1,
-		flexDirection: "column",
-		gap: 1,
-		children: [/* @__PURE__ */ jsxs(Box, {
-			gap: 1,
-			children: [/* @__PURE__ */ jsx(Text, { children: COPY.authDeviceCode }), /* @__PURE__ */ jsx(Text, {
-				bold: true,
-				color: BRAND_COLOR,
-				children: session.authDeviceCode
-			})]
-		}), session.authVerificationUrl ? /* @__PURE__ */ jsxs(Box, {
+	if (session.authPhase === "browser" || session.authPhase === "polling") return /* @__PURE__ */ jsxs(ScreenLayout, { children: [
+		session.reauthNotice ? /* @__PURE__ */ jsx(Box, {
+			marginBottom: 1,
+			children: /* @__PURE__ */ jsxs(Text, {
+				color: "yellow",
+				children: ["⚠ ", session.reauthNotice]
+			})
+		}) : null,
+		/* @__PURE__ */ jsx(Spinner, { label: COPY.authPolling }),
+		session.authDeviceCode ? /* @__PURE__ */ jsxs(Box, {
+			marginTop: 1,
 			flexDirection: "column",
-			children: [/* @__PURE__ */ jsx(Text, {
-				dimColor: true,
-				children: COPY.authBrowserFallback
-			}), /* @__PURE__ */ jsx(Text, {
-				dimColor: true,
-				children: session.authVerificationUrl
-			})]
-		}) : null]
-	}) : null] });
-	return /* @__PURE__ */ jsx(ScreenLayout, { children: /* @__PURE__ */ jsx(Spinner, { label: COPY.authChecking }) });
+			gap: 1,
+			children: [/* @__PURE__ */ jsxs(Box, {
+				gap: 1,
+				children: [/* @__PURE__ */ jsx(Text, { children: COPY.authDeviceCode }), /* @__PURE__ */ jsx(Text, {
+					bold: true,
+					color: BRAND_COLOR,
+					children: session.authDeviceCode
+				})]
+			}), session.authVerificationUrl ? /* @__PURE__ */ jsxs(Box, {
+				flexDirection: "column",
+				children: [/* @__PURE__ */ jsx(Text, {
+					dimColor: true,
+					children: COPY.authBrowserFallback
+				}), /* @__PURE__ */ jsx(Text, {
+					dimColor: true,
+					children: session.authVerificationUrl
+				})]
+			}) : null]
+		}) : null
+	] });
+	return /* @__PURE__ */ jsxs(ScreenLayout, { children: [session.reauthNotice ? /* @__PURE__ */ jsx(Box, {
+		marginBottom: 1,
+		children: /* @__PURE__ */ jsxs(Text, {
+			color: "yellow",
+			children: ["⚠ ", session.reauthNotice]
+		})
+	}) : null, /* @__PURE__ */ jsx(Spinner, { label: COPY.authChecking })] });
 }
 function OrgCreateForm({ store }) {
 	const [value, setValue] = useState("");
@@ -33884,6 +33901,15 @@ var WizardStore = class {
 		this.$session.setKey("authPhase", "browser");
 		this.emitChange();
 	}
+	/** Show a banner on AuthScreen explaining why we're re-running device auth. */
+	setReauthNotice(message) {
+		this.$session.setKey("reauthNotice", message);
+		this.emitChange();
+	}
+	clearReauthNotice() {
+		this.$session.setKey("reauthNotice", null);
+		this.emitChange();
+	}
 	setAvailableOrgs(orgs) {
 		this.$session.setKey("availableOrgs", orgs);
 		this.$session.setKey("authPhase", "org-select");
@@ -34157,7 +34183,6 @@ async function uploadInitTelemetry(sessionDir) {
 		return;
 	}
 	const authConfig = loadConfig();
-	if (!authConfig.apiKey) return;
 	const files = readdirSync(sessionDir).filter((name) => {
 		const full = join(sessionDir, name);
 		try {
@@ -34170,9 +34195,10 @@ async function uploadInitTelemetry(sessionDir) {
 	if (files.length === 0) return;
 	const client = createClient(authConfig.apiUrl, () => {
 		const headers = {
-			Authorization: `Bearer ${authConfig.apiKey}`,
-			"User-Agent": "veloz-cli/telemetry"
+			"User-Agent": "veloz-cli/telemetry",
+			"X-Veloz-Client-Source": "cli-wizard"
 		};
+		if (authConfig.apiKey) headers.Authorization = `Bearer ${authConfig.apiKey}`;
 		if (authConfig.organizationId) headers["X-Organization-Id"] = authConfig.organizationId;
 		return headers;
 	});
@@ -34263,7 +34289,7 @@ function startTUI(cwd) {
 	}));
 	teardown = unmount;
 	const cleanup = () => {
-		if (process.stdout.isTTY) process.stdout.write("\x1B[0m\x1B[2J\x1B[H");
+		if (process.stdout.isTTY) process.stdout.write("\x1B[0m");
 	};
 	process.on("exit", cleanup);
 	let sigintCount = 0;
@@ -34304,6 +34330,20 @@ function describeError(err) {
 	};
 	return { message: typeof err === "string" ? err : JSON.stringify(err) };
 }
+/**
+* Detect an ORPC / HTTP 401 from a thrown value. Covers the three shapes we see
+* in practice: ORPCError instances (`.code === "UNAUTHORIZED"`), ORPC fetch
+* failures that preserve `.status === 401`, and raw Error messages containing
+* "Unauthorized".
+*/
+function isUnauthorizedError(err) {
+	if (!err || typeof err !== "object") return false;
+	const e = err;
+	if (e.code === "UNAUTHORIZED") return true;
+	if (e.status === 401) return true;
+	if (typeof e.message === "string" && /unauthorized/i.test(e.message)) return true;
+	return false;
+}
 /** Compose the error string we persist on `meta.error`. */
 function formatErrorForMeta(prefix, err) {
 	const { message, stack } = describeError(err);
@@ -34421,6 +34461,29 @@ async function runInitFlow(c, logger, cwd) {
 	const tui = startTUI();
 	const { store } = tui;
 	logger.log("tui", "TUI started");
+	try {
+		return await runInteractiveFlow({
+			tui,
+			store,
+			logger,
+			cwd,
+			analysis,
+			detectedFrameworkId,
+			detectedLabel,
+			forcedFramework
+		});
+	} catch (err) {
+		try {
+			tui.unmount();
+		} catch {}
+		const { message } = describeError(err);
+		process.stderr.write(`\n✗ Erro: ${message}\n`);
+		process.stderr.write(`  Logs de depuração: ${logger.dir}\n\n`);
+		throw err;
+	}
+}
+async function runInteractiveFlow(opts) {
+	const { tui, store, logger, cwd, analysis, detectedFrameworkId, detectedLabel, forcedFramework } = opts;
 	store.setDetection({
 		framework: detectedFrameworkId,
 		frameworkLabel: detectedLabel,
@@ -34842,6 +34905,31 @@ async function listOrganizations() {
 	}));
 }
 /**
+* Fetch orgs, handling an expired local API key by transparently re-running
+* the device auth flow inside the TUI. The user sees: "Verificando autenticação…"
+* → "Sessão expirou, autenticando novamente…" → device-code screen →
+* org picker, without ever bailing back to the shell.
+*/
+async function listOrgsOrReauth(store) {
+	const logger = getSessionLogger();
+	try {
+		return await listOrganizations();
+	} catch (err) {
+		if (!isUnauthorizedError(err)) throw err;
+		logger.log("auth", "stale api key detected (401) — forcing re-login", { message: describeError(err).message });
+		store.setReauthNotice("Sua sessão expirou. Vamos autenticar novamente para continuar.");
+		saveConfig({ apiKey: "" });
+		const config = loadConfig();
+		store.setAuthPhase("browser");
+		const token = await performDeviceAuth(store, config.apiUrl);
+		if (!token) throw new Error("Autenticação cancelada ou expirada.");
+		logger.log("auth", "re-login succeeded — retrying org fetch");
+		saveConfig({ apiKey: token });
+		store.clearReauthNotice();
+		return await listOrganizations();
+	}
+}
+/**
 * Create a new organization via Better Auth. The slug is derived from the name
 * and suffixed with a random token when a collision occurs.
 */
@@ -34910,8 +34998,9 @@ async function resolveAuthAndOrg(store) {
 		}
 	} else logger.log("auth", "already authenticated from config");
 	logger.log("auth", "fetching organizations");
-	const orgs = await listOrganizations();
+	const orgs = await listOrgsOrReauth(store);
 	logger.log("auth", "organizations loaded", { count: orgs.length });
+	config = loadConfig();
 	let chosen;
 	if (orgs.length === 0) {
 		store.setAuthPhase("org-create");
@@ -34962,7 +35051,7 @@ async function runOrgCreationFlow(store, apiUrl) {
 //#region src/index.ts
 if (process.argv.includes("--mcp")) process.env.VELOZ_MCP = "true";
 const cli = Cli.create("veloz", {
-	version: "0.0.0-beta.32",
+	version: "0.0.0-beta.33",
 	description: "CLI da plataforma Veloz — deploy rápido para o Brasil",
 	env: z.object({ VELOZ_ENV: z.string().optional().describe("Ambiente alvo (ex: preview, staging)") }),
 	mcp: { command: "npx -y onveloz --mcp" }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "onveloz",
-  "version": "0.0.0-beta.32",
+  "version": "0.0.0-beta.33",
   "description": "CLI da plataforma Veloz — deploy rápido para o Brasil",
   "keywords": [
     "brasil",