perplexity-user-mcp 0.8.39 → 0.8.44

package/dist/manual-login-runner.d.ts

@@ -1,150 +1 @@
-import { existsSync, mkdirSync, writeFileSync } from 'node:fs';
-import { chromium } from 'patchright';
-import { Vault } from './vault.d-BSJWDLhp.js';
-import { resolveBrowserExecutable } from './config.js';
-import { recordLoginSuccess, getActiveName, getProfilePaths } from './profiles.d-DqS1oZWr.js';
-import { redact } from './redact.js';
-import { c as collectSessionMetadata } from './session-metadata-B9aV_n5g.js';
-
-// Headed login runner. User drives the browser; we poll cookies until the
-// session token appears, then write the vault + meta + models-cache +
-// .reinit sentinel, and exit.
-
-
-const ORIGIN = process.env.PERPLEXITY_ORIGIN || "https://www.perplexity.ai";
-// Perplexity's login flow lives at /account (the `/login` path doesn't exist
-// on www.perplexity.ai). Integration tests override via env var to point at
-// the mock server's /login route.
-const LOGIN_PATH = process.env.PERPLEXITY_LOGIN_PATH || "/account";
-const POLL_MS = Number(process.env.PERPLEXITY_POLL_MS ?? 2000);
-const MAX_WAIT_MS = 180_000;
-const CF_TIMEOUT_MS = Number(process.env.PERPLEXITY_CF_TIMEOUT_MS ?? 20_000);
-
-function resolveProfile() {
-  return process.env.PERPLEXITY_PROFILE || getActiveName() || "default";
-}
-
-const isTest = !!process.env.PERPLEXITY_TEST_AUTO_LOGIN_EMAIL || !!process.env.PERPLEXITY_TEST_BROWSER_CLOSE_AFTER_MS;
-
-function ipc(msg) { if (process.send) process.send(msg); }
-function emit(obj) { process.stdout.write(JSON.stringify(obj) + "\n"); }
-
-async function main() {
-  const PROFILE = resolveProfile();
-
-  let executablePath;
-  let channel;
-  if (!isTest) {
-    try {
-      ({ path: executablePath, channel } = await resolveBrowserExecutable());
-    } catch (err) {
-      emit({ ok: false, reason: "chrome_missing", error: redact(String(err?.message ?? err)) });
-      process.exit(4);
-    }
-  }
-
-  const browser = await chromium.launch({
-    headless: isTest,
-    ...(executablePath ? { executablePath } : {}),
-    ...(channel && ["chrome", "msedge", "chromium"].includes(channel) ? { channel } : {}),
-  });  // isTest = headless in CI; humans see headed.
-  const ctx = await browser.newContext({ ignoreHTTPSErrors: true });
-  const page = await ctx.newPage();
-
-  let cfClosed = false;
-  browser.on("disconnected", () => { cfClosed = true; });
-
-  // Navigate to the login page so the page has a same-origin context for
-  // subsequent credentialed fetch() calls. Going to ORIGIN's root path can
-  // land on a marketing page that may not set a usable document origin for
-  // in-page fetch. Path is env-var-configurable for the mock server tests.
-  try { await page.goto(`${ORIGIN}${LOGIN_PATH}`, { waitUntil: "domcontentloaded", timeout: 30_000 }); }
-  catch { /* continue; next phase checks CF */ }
-  if (!isTest) await page.bringToFront().catch(() => {});
-
-  // CF resolve check
-  const cfStart = Date.now();
-  while (Date.now() - cfStart < CF_TIMEOUT_MS) {
-    try {
-      const title = await page.title();
-      if (!/just a moment/i.test(title)) break;
-    } catch { break; }
-    await page.waitForTimeout(500);
-  }
-  if (Date.now() - cfStart >= CF_TIMEOUT_MS) {
-    const title = await page.title().catch(() => "");
-    if (/just a moment/i.test(title)) {
-      await browser.close().catch(() => {});
-      emit({ ok: false, reason: "cf_blocked" });
-      process.exit(3);
-    }
-  }
-
-  ipc({ phase: "awaiting_user" });
-  if (!isTest) await page.bringToFront().catch(() => {});
-
-  // Test hook: auto-drive the login so CI doesn't need a human.
-  if (process.env.PERPLEXITY_TEST_AUTO_LOGIN_EMAIL) {
-    const email = process.env.PERPLEXITY_TEST_AUTO_LOGIN_EMAIL;
-    await page.evaluate(async ({ origin, email }) => {
-      await fetch(`${origin}/login/email`, { method: "POST", headers: { "content-type": "application/json" }, body: JSON.stringify({ email }) });
-      await fetch(`${origin}/login/otp`, { method: "POST", headers: { "content-type": "application/json" }, body: JSON.stringify({ email, otp: "123456" }) });
-    }, { origin: ORIGIN, email });
-  }
-
-  // Test hook: force a browser close to exercise the cancelled path.
-  if (process.env.PERPLEXITY_TEST_BROWSER_CLOSE_AFTER_MS) {
-    setTimeout(() => browser.close().catch(() => {}), Number(process.env.PERPLEXITY_TEST_BROWSER_CLOSE_AFTER_MS));
-  }
-
-  const started = Date.now();
-  let sessionCookie = null;
-  while (Date.now() - started < MAX_WAIT_MS) {
-    if (cfClosed) {
-      emit({ ok: false, reason: "cancelled" });
-      process.exit(2);
-    }
-    await new Promise((r) => setTimeout(r, POLL_MS));
-    const cookies = await ctx.cookies().catch(() => []);
-    sessionCookie = cookies.find((c) => c.name === "__Secure-next-auth.session-token");
-    if (sessionCookie) break;
-  }
-  if (!sessionCookie) {
-    await browser.close().catch(() => {});
-    emit({ ok: false, reason: "timeout" });
-    process.exit(2);
-  }
-
-  const allCookies = await ctx.cookies();
-  const metadata = await collectSessionMetadata(page, ORIGIN, { sessionTimeoutMs: 10_000 });
-
-  const vault = new Vault();
-  await vault.set(PROFILE, "cookies", JSON.stringify(allCookies));
-  if (metadata.sessionData?.user?.email) await vault.set(PROFILE, "email", metadata.sessionData.user.email);
-  if (metadata.sessionData?.user?.id) await vault.set(PROFILE, "userId", metadata.sessionData.user.id);
-
-  const paths = getProfilePaths(PROFILE);
-  if (!existsSync(paths.dir)) mkdirSync(paths.dir, { recursive: true });
-  writeFileSync(paths.modelsCache, JSON.stringify(metadata.cache, null, 2));
-
-  recordLoginSuccess(PROFILE, { tier: metadata.tier, loginMode: "manual", lastLogin: new Date().toISOString() });
-
-  writeFileSync(paths.reinit, String(Date.now()));
-
-  await browser.close().catch(() => {});
-  emit({ ok: true, tier: metadata.tier, modelCount: Object.keys(metadata.models?.models ?? {}).length });
-  process.exit(0);
-}
-
-main().catch((err) => {
-  const msg = err?.message ?? err;
-  const stack = err?.stack;
-  emit({
-    ok: false,
-    reason: "crash",
-    error: redact(String(msg ?? "unknown error")),
-    detail: redact(String(msg ?? "unknown error")),
-    ...(stack ? { stack: redact(String(stack)) } : {}),
-  });
-  process.exit(5);
-});
+export {};

package/dist/manual-login-runner.mjs

@@ -6,16 +6,16 @@ import {
 } from "./chunk-HMKLWVXB.mjs";
 import {
   resolveBrowserExecutable
-} from "./chunk-U7QPUNRH.mjs";
+} from "./chunk-DXR6EEZH.mjs";
 import {
   Vault
-} from "./chunk-S677V2JU.mjs";
+} from "./chunk-C5I7KXHK.mjs";
 import "./chunk-MTDFKNXX.mjs";
 import {
   getActiveName,
   getProfilePaths,
   recordLoginSuccess
-} from "./chunk-HJIXH6CL.mjs";
+} from "./chunk-E3GRJXXJ.mjs";
 import "./chunk-4UEJOM6W.mjs";
 
 // src/manual-login-runner.js
@@ -38,6 +38,7 @@ function emit(obj) {
 }
 async function main() {
   const PROFILE = resolveProfile();
+  const paths = getProfilePaths(PROFILE);
   let executablePath;
   let channel;
   if (!isTest) {
@@ -48,15 +49,15 @@ async function main() {
       process.exit(4);
     }
   }
-  const browser = await chromium.launch({
+  const ctx = await chromium.launchPersistentContext(paths.loginBrowserData, {
     headless: isTest,
+    ignoreHTTPSErrors: true,
     ...executablePath ? { executablePath } : {},
     ...channel && ["chrome", "msedge", "chromium"].includes(channel) ? { channel } : {}
   });
-  const ctx = await browser.newContext({ ignoreHTTPSErrors: true });
   const page = await ctx.newPage();
   let cfClosed = false;
-  browser.on("disconnected", () => {
+  ctx.browser().on("disconnected", () => {
     cfClosed = true;
   });
   try {
@@ -78,7 +79,7 @@ async function main() {
   if (Date.now() - cfStart >= CF_TIMEOUT_MS) {
     const title = await page.title().catch(() => "");
     if (/just a moment/i.test(title)) {
-      await browser.close().catch(() => {
+      await ctx.browser()?.close().catch(() => {
       });
       emit({ ok: false, reason: "cf_blocked" });
       process.exit(3);
@@ -95,7 +96,7 @@ async function main() {
     }, { origin: ORIGIN, email });
   }
   if (process.env.PERPLEXITY_TEST_BROWSER_CLOSE_AFTER_MS) {
-    setTimeout(() => browser.close().catch(() => {
+    setTimeout(() => ctx.browser()?.close().catch(() => {
     }), Number(process.env.PERPLEXITY_TEST_BROWSER_CLOSE_AFTER_MS));
   }
   const started = Date.now();
@@ -111,7 +112,7 @@ async function main() {
     if (sessionCookie) break;
   }
   if (!sessionCookie) {
-    await browser.close().catch(() => {
+    await ctx.browser()?.close().catch(() => {
     });
     emit({ ok: false, reason: "timeout" });
     process.exit(2);
@@ -122,12 +123,11 @@ async function main() {
   await vault.set(PROFILE, "cookies", JSON.stringify(allCookies));
   if (metadata.sessionData?.user?.email) await vault.set(PROFILE, "email", metadata.sessionData.user.email);
   if (metadata.sessionData?.user?.id) await vault.set(PROFILE, "userId", metadata.sessionData.user.id);
-  const paths = getProfilePaths(PROFILE);
   if (!existsSync(paths.dir)) mkdirSync(paths.dir, { recursive: true });
   writeFileSync(paths.modelsCache, JSON.stringify(metadata.cache, null, 2));
   recordLoginSuccess(PROFILE, { tier: metadata.tier, loginMode: "manual", lastLogin: (/* @__PURE__ */ new Date()).toISOString() });
   writeFileSync(paths.reinit, String(Date.now()));
-  await browser.close().catch(() => {
+  await ctx.browser()?.close().catch(() => {
   });
   emit({ ok: true, tier: metadata.tier, modelCount: Object.keys(metadata.models?.models ?? {}).length });
   process.exit(0);

package/dist/{native-deps-IE4B55EL.mjs → native-deps-FCSYDL4W.mjs}

@@ -1,10 +1,10 @@
 import {
   getImpitRuntimeDir
-} from "./chunk-DQQISMYN.mjs";
-import "./chunk-U7QPUNRH.mjs";
-import "./chunk-S677V2JU.mjs";
+} from "./chunk-V4LHDNWJ.mjs";
+import "./chunk-DXR6EEZH.mjs";
+import "./chunk-C5I7KXHK.mjs";
 import "./chunk-MTDFKNXX.mjs";
-import "./chunk-HJIXH6CL.mjs";
+import "./chunk-E3GRJXXJ.mjs";
 import "./chunk-4UEJOM6W.mjs";
 
 // src/native-deps.js

package/dist/native-deps.d.ts

@@ -0,0 +1,36 @@
+/**
+ * @returns {{ installed: boolean; version: string | null; installedAt: string | null; runtimeDir: string }}
+ */
+export function getImpitStatus(): {
+    installed: boolean;
+    version: string | null;
+    installedAt: string | null;
+    runtimeDir: string;
+};
+/**
+ * Install impit into ~/.perplexity-mcp/native-deps/ via `npm install`.
+ * Does NOT depend on the user's project — uses --prefix into our own
+ * runtime dir and ensures a package.json exists there.
+ *
+ * @param {{ log?: (line: string) => void }} [opts]
+ * @returns {Promise<{ ok: boolean; version?: string; error?: string }>}
+ */
+export function installImpit(opts?: {
+    log?: (line: string) => void;
+}): Promise<{
+    ok: boolean;
+    version?: string;
+    error?: string;
+}>;
+/**
+ * Remove the entire native-deps runtime directory.
+ *
+ * @param {{ log?: (line: string) => void }} [opts]
+ * @returns {{ ok: boolean; error?: string }}
+ */
+export function uninstallImpit(opts?: {
+    log?: (line: string) => void;
+}): {
+    ok: boolean;
+    error?: string;
+};

package/dist/package-version.d.ts

@@ -0,0 +1 @@
+export declare function getPackageVersion(): string;

package/dist/profiles.d.ts

@@ -1,41 +1,41 @@
-interface ProfileMeta {
-  name: string;
-  displayName: string;
-  createdAt: string;
-  loginMode?: string;
-  tier?: string;
-  lastLogin?: string;
-}
-
-interface ProfilePaths {
-  dir: string;
-  meta: string;
-  vault: string;
-  vaultPlain: string;
-  browserData: string;
-  modelsCache: string;
-  history: string;
-  attachments: string;
-  researches: string;
-  reinit: string;
-}
-
-declare function getConfigDir(): string;
-declare function getProfilesDir(): string;
-declare function getProfilePaths(name: string): ProfilePaths;
-declare function validateName(name: string): string | null;
-declare function createProfile(name: string, opts?: { displayName?: string; loginMode?: string }): ProfileMeta;
-declare function listProfiles(): ProfileMeta[];
-declare function getProfile(name: string): ProfileMeta | null;
-declare function deleteProfile(name: string): void;
-declare function getActiveName(): string | null;
-declare function getActive(): ProfileMeta | null;
-declare function setActive(name: string): void;
-declare function suggestNextDefaultName(): string;
-declare function renameProfile(oldName: string, newName: string): void;
-declare function recordLoginSuccess(
-  name: string,
-  opts: { tier: string; loginMode: string; lastLogin: string }
-): ProfileMeta;
-
-export { type ProfileMeta, type ProfilePaths, createProfile, deleteProfile, getActive, getActiveName, getConfigDir, getProfile, getProfilePaths, getProfilesDir, listProfiles, recordLoginSuccess, renameProfile, setActive, suggestNextDefaultName, validateName };
+export function getConfigDir(): string;
+export function getProfilesDir(): string;
+export function getProfilePaths(name: any): {
+    dir: string;
+    meta: string;
+    vault: string;
+    vaultPlain: string;
+    browserData: string;
+    loginBrowserData: string;
+    modelsCache: string;
+    daemonStatus: string;
+    history: string;
+    attachments: string;
+    researches: string;
+    reinit: string;
+};
+/**
+ * Validate a profile name. Returns null when valid, or an error string
+ * (suitable for throwing) when invalid. The slug format [a-z0-9_-]{1,32}
+ * structurally excludes @ and . so email-shaped names are impossible.
+ */
+export function validateName(name: any): "Profile name is required." | "Profile name must be 32 characters or fewer." | "Profile name must be lowercase." | "Profile name must contain only lowercase letters, digits, hyphens, and underscores. Invalid characters detected." | null;
+export function createProfile(name: any, opts?: {}): {
+    name: any;
+    displayName: any;
+    createdAt: string;
+    loginMode: any;
+};
+export function listProfiles(): any[];
+export function getProfile(name: any): any;
+export function deleteProfile(name: any): void;
+export function getActiveName(): string | null;
+export function getActive(): any;
+export function setActive(name: any): void;
+export function suggestNextDefaultName(): string;
+export function renameProfile(oldName: any, newName: any): void;
+export function recordLoginSuccess(name: any, { tier, loginMode, lastLogin }: {
+    tier: any;
+    loginMode: any;
+    lastLogin: any;
+}): any;

package/dist/profiles.mjs

@@ -13,7 +13,7 @@ import {
   setActive,
   suggestNextDefaultName,
   validateName
-} from "./chunk-HJIXH6CL.mjs";
+} from "./chunk-E3GRJXXJ.mjs";
 import "./chunk-4UEJOM6W.mjs";
 export {
   createProfile,

package/dist/prompts.d.ts

@@ -0,0 +1,2 @@
+import type { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+export declare function registerPrompts(server: McpServer): void;

package/dist/redact.d.ts

@@ -1,47 +1,3 @@
-// Security-critical: scrubs sensitive patterns from strings before logging
-// or before sending to external destinations (GitHub issue reports, debug
-// exports). Pattern list ordered from most-specific to least-specific to
-// avoid accidental re-matching by a more general rule.
-
-// Scope: this module is called on OUR OWN trusted log/debug data (logger
-// output, doctor reports, cookies). It is NOT a user-input sanitizer.
-// Deliberate trade-offs in the current pattern set:
-//   - Emails are matched post-URL-decode only (raw %40 encoded forms pass through)
-//   - Unix home paths assume no whitespace in usernames
-//   - Windows home paths only cover C:\Users\... (UNC paths pass through)
-//   - Long-token redaction (≥20 base64/hex chars) may over-redact legitimate
-//     long URLs or JSON values — accepted trade-off for safety over debuggability
-// If any of these assumptions changes (e.g., we start redacting user-supplied
-// payloads), the pattern set must be revisited.
-
-/**
- * Canonical secret-shape regex list. Distinct from the legacy PATTERNS array
- * below because every match emits a kind-tagged `<redacted:<kind>>` placeholder
- * so the redactor's output is unambiguous for audit / test / grep-gate
- * purposes. Applied BEFORE the legacy PATTERNS inside redactString so specific
- * shapes win over the generic long-token catchall.
- */
-const SECRET_PATTERNS = Object.freeze([
-  // OAuth / local prefixes come FIRST so a value like `"bearer":"pplx_at_…"`
-  // gets the specific oauth-access tag instead of the generic daemon-bearer
-  // one from the bearer-json catchall below.
-  { name: "oauth-access",         kind: "oauth-access",       re: /pplx_at_[A-Za-z0-9_\-]{10,}/g },
-  { name: "oauth-refresh",        kind: "oauth-refresh",      re: /pplx_rt_[A-Za-z0-9_\-]{10,}/g },
-  { name: "oauth-code",           kind: "oauth-code",         re: /pplx_ac_[A-Za-z0-9_\-]{10,}/g },
-  { name: "local-bearer",         kind: "local-bearer",       re: /pplx_local_[a-z0-9-]+_[A-Za-z0-9_\-]{10,}/g },
-  { name: "daemon-bearer-json",   kind: "daemon-bearer",      re: /"bearerToken"\s*:\s*"[A-Za-z0-9_\-]{30,}"/g },
-  // Matches the `"bearer":"..."` shape used by daemon:bearer:reveal:response
-  // so reveal-payload logs stay leak-free. Value is only required to be
-  // 20+ safe-identifier chars — covers both raw daemon bearers and future
-  // short-lived tokens.
-  { name: "bearer-json",          kind: "daemon-bearer",      re: /"bearer"\s*:\s*"[A-Za-z0-9_\-]{20,}"/g },
-  { name: "authorization-header", kind: "bearer-header",      re: /[Aa]uthorization\s*:\s*Bearer\s+[A-Za-z0-9_\-\.]{20,}/g },
-  { name: "ngrok-authtoken",      kind: "ngrok-authtoken",    re: /"authtoken"\s*:\s*"\d+[A-Za-z0-9]{20,}"/g },
-  { name: "jwt",                  kind: "jwt",                re: /eyJ[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+\.[A-Za-z0-9_\-]+/g },
-  { name: "cf-clearance",         kind: "cf-clearance",       re: /cf_clearance=[^;\s]+/g },
-  { name: "perplexity-session",   kind: "perplexity-session", re: /__Secure-next-auth\.session-token=[^;\s]+/g },
-]);
-
 /**
  * String-only secret redactor. Applies SECRET_PATTERNS and returns a string
  * with kind-tagged placeholders. Does NOT apply the legacy PATTERNS
@@ -50,71 +6,7 @@ const SECRET_PATTERNS = Object.freeze([
  * @param {string} input
  * @returns {string}
  */
-function redactSecrets(input) {
-  if (typeof input !== "string") return input;
-  let out = input;
-  for (const { re, kind } of SECRET_PATTERNS) {
-    out = out.replace(re, (match) => {
-      if (match.startsWith('"bearerToken"')) return `"bearerToken":"<redacted:${kind}>"`;
-      if (match.startsWith('"bearer"')) return `"bearer":"<redacted:${kind}>"`;
-      if (/^[Aa]uthorization\s*:/i.test(match)) return match.replace(/Bearer\s+[A-Za-z0-9_\-\.]{20,}/, `Bearer <redacted:${kind}>`);
-      if (match.startsWith('"authtoken"')) return `"authtoken":"<redacted:${kind}>"`;
-      if (match.startsWith("cf_clearance=")) return `cf_clearance=<redacted:${kind}>`;
-      if (match.startsWith("__Secure-next-auth.session-token=")) return `__Secure-next-auth.session-token=<redacted:${kind}>`;
-      return `<redacted:${kind}>`;
-    });
-  }
-  return out;
-}
-
-const PATTERNS = [
-  // Emails: RFC 5322 subset. Must come before generic token rules because
-  // emails contain characters that other rules would catch.
-  {
-    re: /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}\b/g,
-    replace: "<email>",
-  },
-  // Perplexity user IDs: user_ followed by hex/alphanum (>=8 chars).
-  {
-    re: /\buser_[A-Fa-f0-9]{8,}\b/g,
-    replace: "<userId>",
-  },
-  // Home directory paths. Must replace before the "long opaque token" rule
-  // because long path segments would otherwise trip it.
-  {
-    re: /(\/Users\/|\/home\/)[^/\s]+/g,
-    replace: "<home>",
-  },
-  {
-    re: /([A-Z]:)\\Users\\[^\\]+/g,
-    replace: "<home>",
-  },
-  // IPv4
-  {
-    re: /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/g,
-    replace: "<ip>",
-  },
-  // IPv6. Three alternations cover: (1) full 8-group addresses, (2) :: compressed
-  // forms with at least one prefix group (e.g. 2001:db8::1, fe80::1), (3) leading-::
-  // forms like ::1 and ::. A function filter then requires hex letters (a-f/A-F) OR
-  // a double-colon so that pure-digit colon-separated strings like "23:59:59"
-  // (HH:MM:SS wall-clock) and ISO timestamps are left untouched.
-  {
-    re: /\b(?:[0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}\b|\b(?:[0-9a-fA-F]{1,4}:){1,7}:(?:[0-9a-fA-F]{1,4}(?::[0-9a-fA-F]{1,4}){0,6})?\b|(?<!\w)::(?:[0-9a-fA-F]{1,4}(?::[0-9a-fA-F]{1,4}){0,6})?(?!\w)/g,
-    replace: (match) => {
-      const hasHex = /[a-fA-F]/.test(match);
-      const hasDoubleColon = /::/.test(match);
-      return (hasHex || hasDoubleColon) ? "<ip>" : match;
-    },
-  },
-  // Long opaque tokens (base64 / hex, >=20 chars). Applied last so more
-  // specific rules win first. Captures key=value and replaces only the value.
-  {
-    re: /=([A-Za-z0-9+/=]{20,})/g,
-    replace: "=<redacted>",
-  },
-];
-
+export function redactSecrets(input: string): string;
 /**
  * Redact sensitive patterns from a string or object graph.
  * For objects: every string-valued leaf is redacted recursively.
@@ -124,36 +16,16 @@ const PATTERNS = [
  * @param {WeakSet<object>} [_seen]
  * @returns {T}
  */
-function redact(value, _seen) {
-  if (value == null) return value;
-  if (typeof value === "string") return redactString(value);
-  if (typeof value !== "object") return value;
-
-  // Cycle detection for objects/arrays. We use a WeakSet threaded through the
-  // recursion so siblings don't falsely collide with each other.
-  const seen = _seen ?? new WeakSet();
-  if (seen.has(value)) return "<circular>";
-  seen.add(value);
-
-  if (Array.isArray(value)) return value.map((v) => redact(v, seen));
-
-  const out = {};
-  for (const [k, v] of Object.entries(value)) out[k] = redact(v, seen);
-  return out;
-}
-
-function redactString(s) {
-  // SECRET_PATTERNS first: specific bearer / OAuth / JWT / ngrok / cookie
-  // shapes get tagged "<redacted:<kind>>" placeholders. Then the legacy
-  // PATTERNS handle everything else (emails / userIds / home paths / IPs /
-  // generic long-token catchall). Running secrets first prevents the generic
-  // `=(20+chars)` catchall from eating a bearer with a plain `<redacted>`
-  // label when we'd rather have `<redacted:oauth-access>`.
-  let out = redactSecrets(s);
-  for (const { re, replace } of PATTERNS) {
-    out = out.replace(re, replace);
-  }
-  return out;
-}
-
-export { SECRET_PATTERNS, redact, redactSecrets };
+export function redact<T>(value: T, _seen?: WeakSet<object>): T;
+/**
+ * Canonical secret-shape regex list. Distinct from the legacy PATTERNS array
+ * below because every match emits a kind-tagged `<redacted:<kind>>` placeholder
+ * so the redactor's output is unambiguous for audit / test / grep-gate
+ * purposes. Applied BEFORE the legacy PATTERNS inside redactString so specific
+ * shapes win over the generic long-token catchall.
+ */
+export const SECRET_PATTERNS: readonly {
+    name: string;
+    kind: string;
+    re: RegExp;
+}[];

package/dist/refresh.d.ts

@@ -1,6 +1,3 @@
-import { PlaywrightCookie } from './config.js';
-import 'patchright';
-
 /**
  * Live refresh of account info (models/config, ASI access, rate limits, experiments).
  *
@@ -23,9 +20,9 @@ import 'patchright';
  * as "try the next tier". Anything else (network error, 5xx, unparseable)
  * also cascades.
  */
-
-type RefreshTier = "got-scraping" | "impit" | "browser";
-interface RefreshResult {
+import { type PlaywrightCookie } from "./config.js";
+export type RefreshTier = "got-scraping" | "impit" | "browser";
+export interface RefreshResult {
     ok: boolean;
     source: "live" | "no-cookies" | "cf-challenge" | "failed";
     tier: RefreshTier | null;
@@ -41,7 +38,7 @@ interface RefreshResult {
         error?: string;
     }>;
 }
-interface RefreshOptions {
+export interface RefreshOptions {
     log?: (line: string) => void;
     timeoutMs?: number;
     /** Force a particular tier for testing. Omit for normal cascade. */
@@ -52,7 +49,7 @@ interface RefreshOptions {
  * Full types aren't declared in our tsconfig because impit is NOT a build-time
  * dependency — it's installed at runtime by the user via "Install Speed Boost".
  */
-interface ImpitModule {
+export interface ImpitModule {
     Impit: new (opts: {
         browser: string;
         ignoreTlsErrors?: boolean;
@@ -85,8 +82,8 @@ interface ImpitModule {
  * file path string per the docs) and resolves impit's peer native binding
  * from native-deps/node_modules correctly.
  */
-declare function loadImpit(): Promise<ImpitModule | null>;
-declare function isImpitAvailable(): boolean;
+export declare function loadImpit(): Promise<ImpitModule | null>;
+export declare function isImpitAvailable(): boolean;
 /**
  * Browser-free authenticated fetch via impit. Used as a fast path for REST
  * endpoints that only need cookies + a Chrome-ish TLS fingerprint
@@ -97,7 +94,7 @@ declare function isImpitAvailable(): boolean;
  * the network level. Returns `{ challenged: true }` when the response body
  * looks like a Cloudflare interstitial.
  */
-declare function impitFetchJson(url: string, init: {
+export declare function impitFetchJson(url: string, init: {
     method?: string;
     body?: unknown;
     headers?: Record<string, string>;
@@ -106,13 +103,11 @@ declare function impitFetchJson(url: string, init: {
     data: unknown;
     challenged?: boolean;
 } | null>;
-declare function refreshAccountInfo(opts?: RefreshOptions): Promise<RefreshResult>;
-declare function getModelsCacheInfo(): {
+export declare function refreshAccountInfo(opts?: RefreshOptions): Promise<RefreshResult>;
+export declare function getModelsCacheInfo(): {
     path: string;
     exists: boolean;
     mtime: Date | null;
     ageHours: number | null;
 };
-declare function getImpitRuntimeDir(): string;
-
-export { type ImpitModule, type RefreshOptions, type RefreshResult, type RefreshTier, getImpitRuntimeDir, getModelsCacheInfo, impitFetchJson, isImpitAvailable, loadImpit, refreshAccountInfo };
+export declare function getImpitRuntimeDir(): string;

package/dist/refresh.mjs

@@ -5,11 +5,11 @@ import {
   isImpitAvailable,
   loadImpit,
   refreshAccountInfo
-} from "./chunk-DQQISMYN.mjs";
-import "./chunk-U7QPUNRH.mjs";
-import "./chunk-S677V2JU.mjs";
+} from "./chunk-V4LHDNWJ.mjs";
+import "./chunk-DXR6EEZH.mjs";
+import "./chunk-C5I7KXHK.mjs";
 import "./chunk-MTDFKNXX.mjs";
-import "./chunk-HJIXH6CL.mjs";
+import "./chunk-E3GRJXXJ.mjs";
 import "./chunk-4UEJOM6W.mjs";
 export {
   getImpitRuntimeDir,