npm - poe-code - Versions diffs - 3.0.102 → 3.0.104 - Mend

poe-code 3.0.102 → 3.0.104

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/index.js CHANGED Viewed

@@ -5210,33 +5210,251 @@ var init_prompts2 = __esm({
   }
 });
-// src/cli/options.ts
-function stripBracketedPaste(value) {
-  return value.replace(/\x1b\[200~/g, "").replace(/\x1b\[201~/g, "").replace(/undefinedndefined$/, "").replace(/undefined$/, "").replace(/ndefined$/, "");
+// packages/poe-oauth/src/check-auth.ts
+async function checkAuth(options) {
+  try {
+    const fetchImplementation = options.fetch ?? globalThis.fetch;
+    const response = await fetchImplementation(
+      createCurrentBalanceUrl(options.baseUrl ?? DEFAULT_BASE_URL),
+      {
+        method: "GET",
+        headers: {
+          Authorization: `Bearer ${options.apiKey}`
+        }
+      }
+    );
+    if (!response.ok) {
+      return null;
+    }
+    const data = await response.json();
+    if (typeof data.email !== "string" || data.email.length === 0) {
+      return null;
+    }
+    return {
+      email: data.email,
+      balance: typeof data.current_point_balance === "number" ? data.current_point_balance : null
+    };
+  } catch {
+    return null;
+  }
 }
-function isAlphanumericWithSeparators(value) {
-  for (let i = 0; i < value.length; i++) {
-    const code = value.charCodeAt(i);
-    const isDigit = code >= 48 && code <= 57;
-    const isUpper = code >= 65 && code <= 90;
-    const isLower = code >= 97 && code <= 122;
-    const isHyphen = code === 45;
-    const isUnderscore = code === 95;
-    if (!isDigit && !isUpper && !isLower && !isHyphen && !isUnderscore)
-      return false;
+function createCurrentBalanceUrl(baseUrl) {
+  const normalizedBaseUrl = baseUrl.endsWith("/") ? baseUrl.slice(0, -1) : baseUrl;
+  return `${normalizedBaseUrl}/usage/current_balance`;
+}
+var DEFAULT_BASE_URL;
+var init_check_auth = __esm({
+  "packages/poe-oauth/src/check-auth.ts"() {
+    "use strict";
+    DEFAULT_BASE_URL = "https://poe.com";
+  }
+});
+// packages/poe-oauth/src/oauth-client.ts
+import http from "node:http";
+import crypto from "node:crypto";
+function createOAuthClient(config2) {
+  const fetchFn = config2.fetch ?? globalThis.fetch;
+  return {
+    authorize: () => startAuthorization(config2, fetchFn)
+  };
+}
+function generateCodeVerifier() {
+  return crypto.randomBytes(32).toString("base64url");
+}
+function generateCodeChallenge(verifier) {
+  return crypto.createHash("sha256").update(verifier).digest("base64url");
+}
+async function startAuthorization(config2, fetchFn) {
+  const authorizationEndpoint = config2.authorizationEndpoint ?? DEFAULT_AUTHORIZATION_ENDPOINT;
+  const tokenEndpoint = config2.tokenEndpoint ?? DEFAULT_TOKEN_ENDPOINT;
+  const codeVerifier = generateCodeVerifier();
+  const codeChallenge = generateCodeChallenge(codeVerifier);
+  const server = config2.createServer ? config2.createServer() : http.createServer();
+  const port = await startServer(server);
+  const redirectUri = `http://127.0.0.1:${port}/callback`;
+  const authorizationUrl = buildAuthorizationUrl({
+    endpoint: authorizationEndpoint,
+    clientId: config2.clientId,
+    redirectUri,
+    codeChallenge
+  });
+  const waitForResult = async () => {
+    try {
+      const code = await waitForAuthorizationCode(server, config2, authorizationUrl);
+      return await exchangeCodeForApiKey({
+        tokenEndpoint,
+        code,
+        codeVerifier,
+        clientId: config2.clientId,
+        redirectUri,
+        fetchFn
+      });
+    } finally {
+      server.closeAllConnections?.();
+      server.close();
+    }
+  };
+  return { authorizationUrl, waitForResult };
+}
+function startServer(server) {
+  return new Promise((resolve) => {
+    server.listen(0, "127.0.0.1", () => {
+      const address = server.address();
+      resolve(address.port);
+    });
+  });
+}
+function buildAuthorizationUrl(params) {
+  const url2 = new URL(params.endpoint);
+  url2.searchParams.set("response_type", "code");
+  url2.searchParams.set("client_id", params.clientId);
+  url2.searchParams.set("scope", "apikey:create");
+  url2.searchParams.set("code_challenge", params.codeChallenge);
+  url2.searchParams.set("code_challenge_method", "S256");
+  url2.searchParams.set("redirect_uri", params.redirectUri);
+  return url2.toString();
+}
+function waitForAuthorizationCode(server, config2, authorizationUrl) {
+  return new Promise((resolve, reject) => {
+    let settled = false;
+    const settle = (fn) => {
+      if (!settled) {
+        settled = true;
+        fn();
+      }
+    };
+    server.on("request", (req, res) => {
+      const url2 = new URL(req.url, `http://127.0.0.1`);
+      if (url2.pathname !== "/callback") {
+        res.writeHead(404);
+        res.end("Not found");
+        return;
+      }
+      const error2 = url2.searchParams.get("error");
+      if (error2) {
+        const description = url2.searchParams.get("error_description") ?? error2;
+        res.writeHead(400);
+        res.end(`Authorization failed: ${description}`);
+        settle(() => reject(new Error(`OAuth authorization failed: ${error2} \u2014 ${description}`)));
+        return;
+      }
+      const code = url2.searchParams.get("code");
+      if (!code) {
+        res.writeHead(400);
+        res.end("Missing authorization code");
+        settle(() => reject(new Error("OAuth callback missing authorization code")));
+        return;
+      }
+      res.writeHead(200, { "Content-Type": "text/html" });
+      res.end(buildSuccessPage(config2.landingPage));
+      settle(() => resolve(code));
+    });
+    if (config2.readLine) {
+      config2.readLine().then((input) => {
+        const code = extractCodeFromInput(input);
+        if (code) {
+          settle(() => resolve(code));
+        }
+      }).catch(() => {
+      });
+    }
+    if (config2.openBrowser) {
+      config2.openBrowser(authorizationUrl).catch(
+        (err) => settle(() => reject(err))
+      );
+    }
+  });
+}
+function extractCodeFromInput(input) {
+  const trimmed = input.replace(/[\r\n]/g, "").trim();
+  if (trimmed.length === 0) {
+    return null;
+  }
+  try {
+    const url2 = new URL(trimmed);
+    return url2.searchParams.get("code");
+  } catch {
+    return trimmed;
+  }
+}
+async function exchangeCodeForApiKey(params) {
+  const body = new URLSearchParams({
+    grant_type: "authorization_code",
+    code: params.code,
+    code_verifier: params.codeVerifier,
+    client_id: params.clientId,
+    redirect_uri: params.redirectUri
+  });
+  const response = await params.fetchFn(params.tokenEndpoint, {
+    method: "POST",
+    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+    body: body.toString()
+  });
+  if (!response.ok) {
+    const text4 = await response.text();
+    const description = parseErrorDescription(text4);
+    throw new Error(description ?? `Token exchange failed (${response.status}): ${text4}`);
+  }
+  const data = await response.json();
+  if (typeof data.api_key !== "string" || data.api_key.length === 0) {
+    throw new Error("Token response missing api_key field");
+  }
+  return {
+    apiKey: data.api_key,
+    expiresIn: typeof data.api_key_expires_in === "number" ? data.api_key_expires_in : null
+  };
+}
+function parseErrorDescription(text4) {
+  try {
+    const data = JSON.parse(text4);
+    if (typeof data.error_description === "string") {
+      return data.error_description;
+    }
+    if (typeof data.error === "string") {
+      return data.error;
+    }
+  } catch {
   }
-  return value.length > 0;
+  return null;
 }
-function hasMinimumApiKeyLength(value) {
-  return value.length >= MIN_API_KEY_LENGTH;
+function escapeHtml(text4) {
+  return text4.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;");
 }
-function isValidApiKeyFormat(key) {
-  if (key.length === 0) return false;
-  if (key.startsWith("sk-poe-")) {
-    const hash2 = key.slice(7);
-    return hasMinimumApiKeyLength(hash2) && isAlphanumericWithSeparators(hash2);
+function buildSuccessPage(landingPage) {
+  const title = landingPage?.title ?? "Connected to Poe";
+  const body = landingPage?.body ?? "You can close this tab and return to your terminal.";
+  return [
+    "<!DOCTYPE html>",
+    `<html><head><meta charset=utf-8><title>${escapeHtml(title)}</title></head>`,
+    '<body style="font-family:system-ui,sans-serif;display:flex;align-items:center;justify-content:center;min-height:100vh;margin:0">',
+    '<div style="text-align:center">',
+    `<h1>${escapeHtml(title)}</h1>`,
+    `<p style="color:#666">${escapeHtml(body)}</p>`,
+    "</div></body></html>"
+  ].join("");
+}
+var DEFAULT_AUTHORIZATION_ENDPOINT, DEFAULT_TOKEN_ENDPOINT;
+var init_oauth_client = __esm({
+  "packages/poe-oauth/src/oauth-client.ts"() {
+    "use strict";
+    DEFAULT_AUTHORIZATION_ENDPOINT = "https://poe.com/oauth/authorize";
+    DEFAULT_TOKEN_ENDPOINT = "https://api.poe.com/token";
+  }
+});
+// packages/poe-oauth/src/index.ts
+var init_src7 = __esm({
+  "packages/poe-oauth/src/index.ts"() {
+    "use strict";
+    init_check_auth();
+    init_oauth_client();
   }
-  return hasMinimumApiKeyLength(key) && isAlphanumericWithSeparators(key);
+});
+// src/cli/options.ts
+function stripBracketedPaste(value) {
+  return value.replace(/\x1b\[200~/g, "").replace(/\x1b\[201~/g, "").replace(/undefinedndefined$/, "").replace(/undefined$/, "").replace(/ndefined$/, "");
 }
 function createOptionResolvers(init) {
   const ensure = async (input) => {
@@ -5253,7 +5471,7 @@ function createOptionResolvers(init) {
     }
     return result;
   };
-  const normalizeApiKey2 = (value) => {
+  const normalizeApiKey = (value) => {
     const sanitized = stripBracketedPaste(value);
     const trimmed = sanitized.trim();
     if (trimmed.length === 0) {
@@ -5261,20 +5479,15 @@ function createOptionResolvers(init) {
     }
     return trimmed;
   };
-  const confirmKeyFormat = async (apiKey, assumeYes) => {
-    if (isValidApiKeyFormat(apiKey)) return true;
-    if (assumeYes) return false;
-    return await init.confirm(
-      "Key doesn't match expected API key format. Use it anyway?"
-    );
+  const validateApiKey = async (apiKey) => {
+    return await init.checkAuth(apiKey);
   };
   const resolveApiKey2 = async (input) => {
     const assumeYes = input.assumeYes ?? false;
     const allowStored = input.allowStored ?? true;
     if (input.value != null) {
-      const apiKey = normalizeApiKey2(input.value);
-      const accepted = await confirmKeyFormat(apiKey, assumeYes);
-      if (!accepted) {
+      const apiKey = normalizeApiKey(input.value);
+      if (!await validateApiKey(apiKey)) {
         throw new Error("API key rejected.");
       }
       if (!input.dryRun) {
@@ -5288,9 +5501,8 @@ function createOptionResolvers(init) {
         "Use API key from POE_API_KEY environment variable?"
       );
       if (useEnv) {
-        const apiKey = normalizeApiKey2(envValue);
-        const accepted = await confirmKeyFormat(apiKey, assumeYes);
-        if (accepted) {
+        const apiKey = normalizeApiKey(envValue);
+        if (await validateApiKey(apiKey)) {
           if (!input.dryRun) {
             await init.apiKeyStore.write(apiKey);
           }
@@ -5304,12 +5516,12 @@ function createOptionResolvers(init) {
     if (allowStored) {
       const stored = await init.apiKeyStore.read();
       if (stored) {
-        return normalizeApiKey2(stored);
+        return normalizeApiKey(stored);
       }
     }
     if (init.loginViaOAuth) {
       const apiKey = await init.loginViaOAuth();
-      const normalized = normalizeApiKey2(apiKey);
+      const normalized = normalizeApiKey(apiKey);
       if (!input.dryRun) {
         await init.apiKeyStore.write(normalized);
       }
@@ -5324,15 +5536,14 @@ function createOptionResolvers(init) {
       }
       let apiKey;
       try {
-        apiKey = normalizeApiKey2(result);
+        apiKey = normalizeApiKey(result);
       } catch (error2) {
         if (error2 instanceof Error && error2.message === "POE API key cannot be empty.") {
           continue;
         }
         throw error2;
       }
-      const accepted = await confirmKeyFormat(apiKey, assumeYes);
-      if (!accepted) {
+      if (!await validateApiKey(apiKey)) {
         continue;
       }
       if (!input.dryRun) {
@@ -5395,19 +5606,12 @@ function createOptionResolvers(init) {
     resolveModel: resolveModel2,
     resolveReasoning,
     resolveConfigName,
-    resolveApiKey: resolveApiKey2,
-    normalizeApiKey: normalizeApiKey2
+    resolveApiKey: resolveApiKey2
   };
 }
-var API_KEY_REFERENCE_LENGTH, API_KEY_MIN_LENGTH_RATIO, MIN_API_KEY_LENGTH;
 var init_options = __esm({
   "src/cli/options.ts"() {
     "use strict";
-    API_KEY_REFERENCE_LENGTH = 43;
-    API_KEY_MIN_LENGTH_RATIO = 0.8;
-    MIN_API_KEY_LENGTH = Math.ceil(
-      API_KEY_REFERENCE_LENGTH * API_KEY_MIN_LENGTH_RATIO
-    );
   }
 });
@@ -6270,7 +6474,8 @@ function createSdkContainer(options) {
       read: readApiKey,
       write: writeApiKey
     },
-    confirm: async () => true
+    confirm: async () => true,
+    checkAuth: async (apiKey) => await checkAuth({ apiKey }) !== null
   });
   const registry2 = createServiceRegistry();
   const providers = getDefaultProviders().filter((adapter) => !adapter.disabled);
@@ -6327,6 +6532,7 @@ var init_container = __esm({
     init_service_registry();
     init_context();
     init_prompts2();
+    init_src7();
     init_options();
     init_logger2();
     init_error_logger();
@@ -7671,7 +7877,7 @@ var init_run_report = __esm({
 });
 // packages/poe-acp-client/src/index.ts
-var init_src7 = __esm({
+var init_src8 = __esm({
   "packages/poe-acp-client/src/index.ts"() {
     "use strict";
     init_acp_client();
@@ -9710,7 +9916,7 @@ var AgentHost;
 var init_agent_host = __esm({
   "packages/poe-agent/src/runtime/agent-host.ts"() {
     "use strict";
-    init_src7();
+    init_src8();
     init_agent_session();
     init_acp_core();
     init_run_context();
@@ -10997,7 +11203,7 @@ var init_internal = __esm({
 });
 // packages/tiny-mcp-client/src/index.ts
-var init_src8 = __esm({
+var init_src9 = __esm({
   "packages/tiny-mcp-client/src/index.ts"() {
     "use strict";
     init_internal();
@@ -11046,7 +11252,7 @@ var DEFAULT_MCP_CLIENT_INFO, PluginApiImpl;
 var init_plugin_api_impl = __esm({
   "packages/poe-agent/src/runtime/plugin-api-impl.ts"() {
     "use strict";
-    init_src8();
+    init_src9();
     init_hooks();
     DEFAULT_MCP_CLIENT_INFO = {
       name: "poe-agent",
@@ -11613,7 +11819,7 @@ __export(src_exports, {
   agent: () => agent,
   createAgentSession: () => createAgentSession
 });
-var init_src9 = __esm({
+var init_src10 = __esm({
   "packages/poe-agent/src/index.ts"() {
     "use strict";
     init_agent();
@@ -11951,7 +12157,7 @@ function createInMemoryAcpTransport2(options) {
       }
       if (method === "session/new") {
         const request = params;
-        const { createAgentSession: createAgentSession2 } = await Promise.resolve().then(() => (init_src9(), src_exports));
+        const { createAgentSession: createAgentSession2 } = await Promise.resolve().then(() => (init_src10(), src_exports));
         const session = await createAgentSession2({
           model: options.model,
           cwd: request.cwd || options.cwd,
@@ -12101,7 +12307,7 @@ var init_poe_agent = __esm({
   "src/providers/poe-agent.ts"() {
     "use strict";
     init_constants();
-    init_src7();
+    init_src8();
     init_create_provider();
     poeAgentService = createProvider({
       id: "poe-agent",
@@ -13100,7 +13306,7 @@ var init_pipeline = __esm({
 });
 // packages/pipeline/src/index.ts
-var init_src10 = __esm({
+var init_src11 = __esm({
   "packages/pipeline/src/index.ts"() {
     "use strict";
     init_loader();
@@ -13132,18 +13338,62 @@ async function runPipeline2(options) {
 var init_pipeline2 = __esm({
   async "src/sdk/pipeline.ts"() {
     "use strict";
-    init_src10();
+    init_src11();
     init_src5();
     await init_spawn3();
   }
 });
+// packages/ralph/src/frontmatter/frontmatter.ts
+import { stringify, parse as parse6 } from "yaml";
+function parseFrontmatter(content) {
+  const defaults = { status: "pending", iteration: 0 };
+  if (!content.startsWith(`${FENCE}
+`)) {
+    return { data: defaults, body: content };
+  }
+  const closingIndex = content.indexOf(`
+${FENCE}
+`, FENCE.length);
+  if (closingIndex === -1) {
+    return { data: defaults, body: content };
+  }
+  const yamlBlock = content.slice(FENCE.length + 1, closingIndex);
+  const body = content.slice(closingIndex + FENCE.length + 2);
+  const parsed = parse6(yamlBlock);
+  return {
+    data: {
+      status: isValidStatus(parsed?.status) ? parsed.status : defaults.status,
+      iteration: typeof parsed?.iteration === "number" ? parsed.iteration : defaults.iteration
+    },
+    body
+  };
+}
+function writeFrontmatter(data, body) {
+  const yaml = stringify(data).trimEnd();
+  return `${FENCE}
+${yaml}
+${FENCE}
+${body}`;
+}
+function isValidStatus(value) {
+  return typeof value === "string" && ["pending", "in_progress", "completed", "overbake_abort", "cancelled"].includes(
+    value
+  );
+}
+var FENCE;
+var init_frontmatter = __esm({
+  "packages/ralph/src/frontmatter/frontmatter.ts"() {
+    "use strict";
+    FENCE = "---";
+  }
+});
 // packages/ralph/src/discovery/discovery.ts
 import path17 from "node:path";
 import * as fsPromises6 from "node:fs/promises";
 function createDefaultFs4() {
   return {
-    readFile: fsPromises6.readFile,
     readdir: fsPromises6.readdir,
     stat: async (filePath) => {
       const stat8 = await fsPromises6.stat(filePath);
@@ -13266,10 +13516,31 @@ async function runRalph(options) {
     options.cwd,
     options.homeDir
   );
-  const prompt = await fs3.readFile(absoluteDocPath, "utf8");
+  const rawContent = await fs3.readFile(absoluteDocPath, "utf8");
+  const { body: prompt } = parseFrontmatter(rawContent);
   const detector = new OverbakingDetector(threshold);
   const startTime = Date.now();
   let iterationsCompleted = 0;
+  await updateFrontmatter(fs3, absoluteDocPath, prompt, "in_progress", 0);
+  async function finalize2(stopReason) {
+    const status = stopReasonToStatus(stopReason);
+    await updateFrontmatter(
+      fs3,
+      absoluteDocPath,
+      prompt,
+      status,
+      iterationsCompleted
+    );
+    if (stopReason === "max_iterations" && iterationsCompleted > 0) {
+      await archivePlan2(fs3, absoluteDocPath);
+    }
+    return {
+      stopReason,
+      docPath: options.docPath,
+      iterationsCompleted,
+      totalDurationMs: Date.now() - startTime
+    };
+  }
   try {
     for (let iteration = 1; iteration <= options.maxIterations; iteration += 1) {
       assertNotAborted5(options.signal);
@@ -13286,17 +13557,19 @@ async function runRalph(options) {
         });
       } catch (error2) {
         if (isAbortError2(error2)) {
-          return {
-            stopReason: "cancelled",
-            docPath: options.docPath,
-            iterationsCompleted,
-            totalDurationMs: Date.now() - startTime
-          };
+          return finalize2("cancelled");
         }
         throw error2;
       }
       const success2 = result.exitCode === 0;
       iterationsCompleted += 1;
+      await updateFrontmatter(
+        fs3,
+        absoluteDocPath,
+        prompt,
+        "in_progress",
+        iterationsCompleted
+      );
       options.onIterationComplete?.(
         iteration,
         Date.now() - iterationStart,
@@ -13315,35 +13588,21 @@ async function runRalph(options) {
         threshold
       }) : "abort";
       if (action === "abort") {
-        return {
-          stopReason: "overbake_abort",
-          docPath: options.docPath,
-          iterationsCompleted,
-          totalDurationMs: Date.now() - startTime
-        };
+        return finalize2("overbake_abort");
       }
     }
   } catch (error2) {
     if (isAbortError2(error2)) {
-      return {
-        stopReason: "cancelled",
-        docPath: options.docPath,
-        iterationsCompleted,
-        totalDurationMs: Date.now() - startTime
-      };
+      return finalize2("cancelled");
     }
     throw error2;
   }
-  return {
-    stopReason: "max_iterations",
-    docPath: options.docPath,
-    iterationsCompleted,
-    totalDurationMs: Date.now() - startTime
-  };
+  return finalize2("max_iterations");
 }
 function createDefaultFs5() {
   return {
     readFile: fsPromises7.readFile,
+    writeFile: (filePath, content) => fsPromises7.writeFile(filePath, content, "utf8"),
     readdir: fsPromises7.readdir,
     stat: async (filePath) => {
       const stat8 = await fsPromises7.stat(filePath);
@@ -13351,7 +13610,11 @@ function createDefaultFs5() {
         isFile: () => stat8.isFile(),
         mtimeMs: stat8.mtimeMs
       };
-    }
+    },
+    mkdir: async (filePath, options) => {
+      await fsPromises7.mkdir(filePath, options);
+    },
+    rename: fsPromises7.rename
   };
 }
 function resolveAbsoluteDocPath(docPath, cwd, homeDir) {
@@ -13374,17 +13637,41 @@ function createAbortError4() {
 function isAbortError2(error2) {
   return error2 instanceof Error && error2.name === "AbortError";
 }
+async function updateFrontmatter(fs3, absoluteDocPath, body, status, iteration) {
+  const content = writeFrontmatter({ status, iteration }, body);
+  await fs3.writeFile(absoluteDocPath, content);
+}
+async function archivePlan2(fs3, absoluteDocPath) {
+  const dir = path18.dirname(absoluteDocPath);
+  const archiveDir = path18.join(dir, "archive");
+  const archivePath = path18.join(archiveDir, path18.basename(absoluteDocPath));
+  await fs3.mkdir(archiveDir, { recursive: true });
+  await fs3.rename(absoluteDocPath, archivePath);
+}
+function stopReasonToStatus(stopReason) {
+  switch (stopReason) {
+    case "completed":
+    case "max_iterations":
+      return "completed";
+    case "overbake_abort":
+      return "overbake_abort";
+    case "cancelled":
+      return "cancelled";
+  }
+}
 var init_ralph = __esm({
   "packages/ralph/src/run/ralph.ts"() {
     "use strict";
     init_detector();
+    init_frontmatter();
   }
 });
 // packages/ralph/src/index.ts
-var init_src11 = __esm({
+var init_src12 = __esm({
   "packages/ralph/src/index.ts"() {
     "use strict";
+    init_frontmatter();
     init_discovery2();
     init_detector();
     init_ralph();
@@ -13411,7 +13698,7 @@ async function runRalph2(options) {
 var init_ralph2 = __esm({
   async "src/sdk/ralph.ts"() {
     "use strict";
-    init_src11();
+    init_src12();
     init_src5();
     await init_spawn3();
   }
@@ -13576,218 +13863,6 @@ var init_client_instance = __esm({
   }
 });
-// packages/poe-oauth/src/check-auth.ts
-var init_check_auth = __esm({
-  "packages/poe-oauth/src/check-auth.ts"() {
-    "use strict";
-  }
-});
-// packages/poe-oauth/src/api-key-validation.ts
-var init_api_key_validation = __esm({
-  "packages/poe-oauth/src/api-key-validation.ts"() {
-    "use strict";
-  }
-});
-// packages/poe-oauth/src/oauth-client.ts
-import http from "node:http";
-import crypto from "node:crypto";
-function createOAuthClient(config2) {
-  const fetchFn = config2.fetch ?? globalThis.fetch;
-  return {
-    authorize: () => startAuthorization(config2, fetchFn)
-  };
-}
-function generateCodeVerifier() {
-  return crypto.randomBytes(32).toString("base64url");
-}
-function generateCodeChallenge(verifier) {
-  return crypto.createHash("sha256").update(verifier).digest("base64url");
-}
-async function startAuthorization(config2, fetchFn) {
-  const authorizationEndpoint = config2.authorizationEndpoint ?? DEFAULT_AUTHORIZATION_ENDPOINT;
-  const tokenEndpoint = config2.tokenEndpoint ?? DEFAULT_TOKEN_ENDPOINT;
-  const codeVerifier = generateCodeVerifier();
-  const codeChallenge = generateCodeChallenge(codeVerifier);
-  const server = config2.createServer ? config2.createServer() : http.createServer();
-  const port = await startServer(server);
-  const redirectUri = `http://127.0.0.1:${port}/callback`;
-  const authorizationUrl = buildAuthorizationUrl({
-    endpoint: authorizationEndpoint,
-    clientId: config2.clientId,
-    redirectUri,
-    codeChallenge
-  });
-  const waitForResult = async () => {
-    try {
-      const code = await waitForAuthorizationCode(server, config2, authorizationUrl);
-      return await exchangeCodeForApiKey({
-        tokenEndpoint,
-        code,
-        codeVerifier,
-        clientId: config2.clientId,
-        redirectUri,
-        fetchFn
-      });
-    } finally {
-      server.closeAllConnections?.();
-      server.close();
-    }
-  };
-  return { authorizationUrl, waitForResult };
-}
-function startServer(server) {
-  return new Promise((resolve) => {
-    server.listen(0, "127.0.0.1", () => {
-      const address = server.address();
-      resolve(address.port);
-    });
-  });
-}
-function buildAuthorizationUrl(params) {
-  const url2 = new URL(params.endpoint);
-  url2.searchParams.set("response_type", "code");
-  url2.searchParams.set("client_id", params.clientId);
-  url2.searchParams.set("scope", "apikey:create");
-  url2.searchParams.set("code_challenge", params.codeChallenge);
-  url2.searchParams.set("code_challenge_method", "S256");
-  url2.searchParams.set("redirect_uri", params.redirectUri);
-  return url2.toString();
-}
-function waitForAuthorizationCode(server, config2, authorizationUrl) {
-  return new Promise((resolve, reject) => {
-    let settled = false;
-    const settle = (fn) => {
-      if (!settled) {
-        settled = true;
-        fn();
-      }
-    };
-    server.on("request", (req, res) => {
-      const url2 = new URL(req.url, `http://127.0.0.1`);
-      if (url2.pathname !== "/callback") {
-        res.writeHead(404);
-        res.end("Not found");
-        return;
-      }
-      const error2 = url2.searchParams.get("error");
-      if (error2) {
-        const description = url2.searchParams.get("error_description") ?? error2;
-        res.writeHead(400);
-        res.end(`Authorization failed: ${description}`);
-        settle(() => reject(new Error(`OAuth authorization failed: ${error2} \u2014 ${description}`)));
-        return;
-      }
-      const code = url2.searchParams.get("code");
-      if (!code) {
-        res.writeHead(400);
-        res.end("Missing authorization code");
-        settle(() => reject(new Error("OAuth callback missing authorization code")));
-        return;
-      }
-      res.writeHead(200, { "Content-Type": "text/html" });
-      res.end(buildSuccessPage());
-      settle(() => resolve(code));
-    });
-    if (config2.readLine) {
-      config2.readLine().then((input) => {
-        const code = extractCodeFromInput(input);
-        if (code) {
-          settle(() => resolve(code));
-        }
-      }).catch(() => {
-      });
-    }
-    if (config2.openBrowser) {
-      config2.openBrowser(authorizationUrl).catch(
-        (err) => settle(() => reject(err))
-      );
-    }
-  });
-}
-function extractCodeFromInput(input) {
-  const trimmed = input.replace(/[\r\n]/g, "").trim();
-  if (trimmed.length === 0) {
-    return null;
-  }
-  try {
-    const url2 = new URL(trimmed);
-    return url2.searchParams.get("code");
-  } catch {
-    return trimmed;
-  }
-}
-async function exchangeCodeForApiKey(params) {
-  const body = new URLSearchParams({
-    grant_type: "authorization_code",
-    code: params.code,
-    code_verifier: params.codeVerifier,
-    client_id: params.clientId,
-    redirect_uri: params.redirectUri
-  });
-  const response = await params.fetchFn(params.tokenEndpoint, {
-    method: "POST",
-    headers: { "Content-Type": "application/x-www-form-urlencoded" },
-    body: body.toString()
-  });
-  if (!response.ok) {
-    const text4 = await response.text();
-    const description = parseErrorDescription(text4);
-    throw new Error(description ?? `Token exchange failed (${response.status}): ${text4}`);
-  }
-  const data = await response.json();
-  if (typeof data.api_key !== "string" || data.api_key.length === 0) {
-    throw new Error("Token response missing api_key field");
-  }
-  return {
-    apiKey: data.api_key,
-    expiresIn: typeof data.api_key_expires_in === "number" ? data.api_key_expires_in : null
-  };
-}
-function parseErrorDescription(text4) {
-  try {
-    const data = JSON.parse(text4);
-    if (typeof data.error_description === "string") {
-      return data.error_description;
-    }
-    if (typeof data.error === "string") {
-      return data.error;
-    }
-  } catch {
-  }
-  return null;
-}
-function buildSuccessPage() {
-  return [
-    "<!DOCTYPE html>",
-    "<html><head><meta charset=utf-8><title>Connected to Poe</title></head>",
-    '<body style="font-family:system-ui,sans-serif;display:flex;align-items:center;justify-content:center;min-height:100vh;margin:0">',
-    '<div style="text-align:center">',
-    "<h1>Connected to Poe</h1>",
-    '<p style="color:#666">You can close this tab and return to your terminal.</p>',
-    "</div></body></html>"
-  ].join("");
-}
-var DEFAULT_AUTHORIZATION_ENDPOINT, DEFAULT_TOKEN_ENDPOINT;
-var init_oauth_client = __esm({
-  "packages/poe-oauth/src/oauth-client.ts"() {
-    "use strict";
-    DEFAULT_AUTHORIZATION_ENDPOINT = "https://poe.com/oauth/authorize";
-    DEFAULT_TOKEN_ENDPOINT = "https://api.poe.com/token";
-  }
-});
-// packages/poe-oauth/src/index.ts
-var init_src12 = __esm({
-  "packages/poe-oauth/src/index.ts"() {
-    "use strict";
-    init_check_auth();
-    init_api_key_validation();
-    init_oauth_client();
-  }
-});
 // src/cli/oauth-login.ts
 import { exec as exec2 } from "node:child_process";
 import readline from "node:readline";
@@ -13830,7 +13905,7 @@ function openInBrowser(url2) {
 var init_oauth_login = __esm({
   "src/cli/oauth-login.ts"() {
     "use strict";
-    init_src12();
+    init_src7();
     init_src4();
   }
 });
@@ -13900,6 +13975,7 @@ function createCliContainer(dependencies) {
       read: readApiKey,
       write: writeApiKey
     },
+    checkAuth: async (apiKey) => await checkAuth({ apiKey }) !== null,
     confirm: async (message) => {
       const result = await confirm2({ message });
       if (isCancel2(result)) {
@@ -13948,6 +14024,7 @@ var init_container2 = __esm({
     init_service_registry();
     init_context();
     init_prompts2();
+    init_src7();
     init_options();
     init_logger2();
     init_error_logger();
@@ -14329,7 +14406,7 @@ function registerAgentCommand(program, container) {
     }
     let session;
     try {
-      const { createAgentSession: createAgentSession2 } = await Promise.resolve().then(() => (init_src9(), src_exports));
+      const { createAgentSession: createAgentSession2 } = await Promise.resolve().then(() => (init_src10(), src_exports));
       session = await createAgentSession2({
         model: options.model,
         apiKey: options.apiKey,
@@ -21680,7 +21757,7 @@ var init_errors4 = __esm({
 });
 // node_modules/zod/v4/core/parse.js
-var _parse, parse6, _parseAsync, parseAsync, _safeParse, safeParse, _safeParseAsync, safeParseAsync, _encode, _decode, _encodeAsync, _decodeAsync, _safeEncode, _safeDecode, _safeEncodeAsync, _safeDecodeAsync;
+var _parse, parse7, _parseAsync, parseAsync, _safeParse, safeParse, _safeParseAsync, safeParseAsync, _encode, _decode, _encodeAsync, _decodeAsync, _safeEncode, _safeDecode, _safeEncodeAsync, _safeDecodeAsync;
 var init_parse = __esm({
   "node_modules/zod/v4/core/parse.js"() {
     init_core();
@@ -21699,7 +21776,7 @@ var init_parse = __esm({
       }
       return result.value;
     };
-    parse6 = /* @__PURE__ */ _parse($ZodRealError);
+    parse7 = /* @__PURE__ */ _parse($ZodRealError);
     _parseAsync = (_Err) => async (schema, value, _ctx, params) => {
       const ctx = _ctx ? Object.assign(_ctx, { async: true }) : { async: true };
       let result = schema._zod.run({ value, issues: [] }, ctx);
@@ -24418,10 +24495,10 @@ var init_schemas = __esm({
           throw new Error("implement() must be called with a function");
         }
         return function(...args) {
-          const parsedArgs = inst._def.input ? parse6(inst._def.input, args) : args;
+          const parsedArgs = inst._def.input ? parse7(inst._def.input, args) : args;
           const result = Reflect.apply(func, this, parsedArgs);
           if (inst._def.output) {
-            return parse6(inst._def.output, result);
+            return parse7(inst._def.output, result);
           }
           return result;
         };
@@ -26977,12 +27054,12 @@ var init_errors5 = __esm({
 });
 // node_modules/zod/v4/classic/parse.js
-var parse7, parseAsync2, safeParse2, safeParseAsync2, encode2, decode2, encodeAsync2, decodeAsync2, safeEncode2, safeDecode2, safeEncodeAsync2, safeDecodeAsync2;
+var parse8, parseAsync2, safeParse2, safeParseAsync2, encode2, decode2, encodeAsync2, decodeAsync2, safeEncode2, safeDecode2, safeEncodeAsync2, safeDecodeAsync2;
 var init_parse3 = __esm({
   "node_modules/zod/v4/classic/parse.js"() {
     init_core2();
     init_errors5();
-    parse7 = /* @__PURE__ */ _parse(ZodRealError);
+    parse8 = /* @__PURE__ */ _parse(ZodRealError);
     parseAsync2 = /* @__PURE__ */ _parseAsync(ZodRealError);
     safeParse2 = /* @__PURE__ */ _safeParse(ZodRealError);
     safeParseAsync2 = /* @__PURE__ */ _safeParseAsync(ZodRealError);
@@ -27658,7 +27735,7 @@ var init_schemas3 = __esm({
         reg.add(inst, meta3);
         return inst;
       });
-      inst.parse = (data, params) => parse7(inst, data, params, { callee: inst.parse });
+      inst.parse = (data, params) => parse8(inst, data, params, { callee: inst.parse });
       inst.safeParse = (data, params) => safeParse2(inst, data, params);
       inst.parseAsync = async (data, params) => parseAsync2(inst, data, params, { callee: inst.parseAsync });
       inst.safeParseAsync = async (data, params) => safeParseAsync2(inst, data, params);
@@ -30509,10 +30586,10 @@ var require_code = __commonJS({
     function interpolate2(x) {
       return typeof x == "number" || typeof x == "boolean" || x === null ? x : safeStringify2(Array.isArray(x) ? x.join(",") : x);
     }
-    function stringify(x) {
+    function stringify2(x) {
       return new _Code(safeStringify2(x));
     }
-    exports.stringify = stringify;
+    exports.stringify = stringify2;
     function safeStringify2(x) {
       return JSON.stringify(x).replace(/\u2028/g, "\\u2028").replace(/\u2029/g, "\\u2029");
     }
@@ -33927,24 +34004,24 @@ var require_fast_uri = __commonJS({
     function normalize(uri, options) {
       if (typeof uri === "string") {
         uri = /** @type {T} */
-        serialize3(parse8(uri, options), options);
+        serialize3(parse9(uri, options), options);
       } else if (typeof uri === "object") {
         uri = /** @type {T} */
-        parse8(serialize3(uri, options), options);
+        parse9(serialize3(uri, options), options);
       }
       return uri;
     }
     function resolve(baseURI, relativeURI, options) {
       const schemelessOptions = options ? Object.assign({ scheme: "null" }, options) : { scheme: "null" };
-      const resolved = resolveComponent(parse8(baseURI, schemelessOptions), parse8(relativeURI, schemelessOptions), schemelessOptions, true);
+      const resolved = resolveComponent(parse9(baseURI, schemelessOptions), parse9(relativeURI, schemelessOptions), schemelessOptions, true);
       schemelessOptions.skipEscape = true;
       return serialize3(resolved, schemelessOptions);
     }
     function resolveComponent(base, relative, options, skipNormalization) {
       const target = {};
       if (!skipNormalization) {
-        base = parse8(serialize3(base, options), options);
-        relative = parse8(serialize3(relative, options), options);
+        base = parse9(serialize3(base, options), options);
+        relative = parse9(serialize3(relative, options), options);
       }
       options = options || {};
       if (!options.tolerant && relative.scheme) {
@@ -33996,13 +34073,13 @@ var require_fast_uri = __commonJS({
     function equal(uriA, uriB, options) {
       if (typeof uriA === "string") {
         uriA = unescape(uriA);
-        uriA = serialize3(normalizeComponentEncoding(parse8(uriA, options), true), { ...options, skipEscape: true });
+        uriA = serialize3(normalizeComponentEncoding(parse9(uriA, options), true), { ...options, skipEscape: true });
       } else if (typeof uriA === "object") {
         uriA = serialize3(normalizeComponentEncoding(uriA, true), { ...options, skipEscape: true });
       }
       if (typeof uriB === "string") {
         uriB = unescape(uriB);
-        uriB = serialize3(normalizeComponentEncoding(parse8(uriB, options), true), { ...options, skipEscape: true });
+        uriB = serialize3(normalizeComponentEncoding(parse9(uriB, options), true), { ...options, skipEscape: true });
       } else if (typeof uriB === "object") {
         uriB = serialize3(normalizeComponentEncoding(uriB, true), { ...options, skipEscape: true });
       }
@@ -34071,7 +34148,7 @@ var require_fast_uri = __commonJS({
       return uriTokens.join("");
     }
     var URI_PARSE = /^(?:([^#/:?]+):)?(?:\/\/((?:([^#/?@]*)@)?(\[[^#/?\]]+\]|[^#/:?]*)(?::(\d*))?))?([^#?]*)(?:\?([^#]*))?(?:#((?:.|[\n\r])*))?/u;
-    function parse8(uri, opts) {
+    function parse9(uri, opts) {
       const options = Object.assign({}, opts);
       const parsed = {
         scheme: void 0,
@@ -34165,7 +34242,7 @@ var require_fast_uri = __commonJS({
       resolveComponent,
       equal,
       serialize: serialize3,
-      parse: parse8
+      parse: parse9
     };
     module.exports = fastUri;
     module.exports.default = fastUri;
@@ -38046,7 +38123,7 @@ var init_configs3 = __esm({
 });
 // packages/agent-skill-config/src/templates.ts
-import { readFile as readFile7 } from "node:fs/promises";
+import { readFile as readFile6 } from "node:fs/promises";
 async function getTemplates() {
   if (templatesCache) {
     return templatesCache;
@@ -38055,7 +38132,7 @@ async function getTemplates() {
     "./templates/poe-generate.md",
     import.meta.url
   );
-  const poeGenerateTemplate = await readFile7(poeGenerateTemplateUrl, "utf8");
+  const poeGenerateTemplate = await readFile6(poeGenerateTemplateUrl, "utf8");
   templatesCache = {
     "poe-generate.md": poeGenerateTemplate
   };
@@ -39022,7 +39099,7 @@ var init_models = __esm({
 // src/cli/commands/pipeline.ts
 import path26 from "node:path";
-import { readFile as readFile8, stat as stat7 } from "node:fs/promises";
+import { readFile as readFile7, stat as stat7 } from "node:fs/promises";
 import { fileURLToPath as fileURLToPath4 } from "node:url";
 function formatDuration(ms) {
   const totalSeconds = Math.round(ms / 1e3);
@@ -39076,8 +39153,8 @@ async function loadPipelineTemplates() {
       continue;
     }
     const [skillPlan, steps] = await Promise.all([
-      readFile8(path26.join(templateRoot, "SKILL_plan.md"), "utf8"),
-      readFile8(path26.join(templateRoot, "steps.yaml.hbs"), "utf8")
+      readFile7(path26.join(templateRoot, "SKILL_plan.md"), "utf8"),
+      readFile7(path26.join(templateRoot, "steps.yaml.hbs"), "utf8")
     ]);
     pipelineTemplatesCache = { skillPlan, steps };
     return pipelineTemplatesCache;
@@ -39408,7 +39485,7 @@ var init_pipeline4 = __esm({
     init_errors();
     init_shared();
     await init_pipeline2();
-    init_src10();
+    init_src11();
     DEFAULT_PIPELINE_AGENT = "claude-code";
     DEFAULT_PIPELINE_SCOPE = "local";
     pipelineTemplatesCache = null;
@@ -39627,7 +39704,7 @@ var init_ralph3 = __esm({
     init_src4();
     init_src3();
     init_src5();
-    init_src11();
+    init_src12();
     init_errors();
     init_shared();
     await init_ralph2();
@@ -39641,7 +39718,7 @@ var init_package = __esm({
   "package.json"() {
     package_default = {
       name: "poe-code",
-      version: "3.0.102",
+      version: "3.0.104",
       description: "CLI tool to configure Poe API for developer workflows.",
       type: "module",
       main: "./dist/index.js",