primcli 1.2.0

package/dist/cli-config-B5hrwe8q.js

@@ -0,0 +1,1330 @@
+import { Errors } from "@oclif/core";
+import { chmodSync, mkdirSync, readFileSync, renameSync, rmSync, statSync, writeFileSync } from "node:fs";
+import { randomUUID } from "node:crypto";
+import { join } from "node:path";
+//#region ../packages/api-core/src/api/core/bodySerializer.gen.ts
+const jsonBodySerializer = { bodySerializer: (body) => JSON.stringify(body, (_key, value) => typeof value === "bigint" ? value.toString() : value) };
+//#endregion
+//#region ../packages/api-core/src/api/core/serverSentEvents.gen.ts
+function createSseClient({ onRequest, onSseError, onSseEvent, responseTransformer, responseValidator, sseDefaultRetryDelay, sseMaxRetryAttempts, sseMaxRetryDelay, sseSleepFn, url, ...options }) {
+	let lastEventId;
+	const sleep = sseSleepFn ?? ((ms) => new Promise((resolve) => setTimeout(resolve, ms)));
+	const createStream = async function* () {
+		let retryDelay = sseDefaultRetryDelay ?? 3e3;
+		let attempt = 0;
+		const signal = options.signal ?? new AbortController().signal;
+		while (true) {
+			if (signal.aborted) break;
+			attempt++;
+			const headers = options.headers instanceof Headers ? options.headers : new Headers(options.headers);
+			if (lastEventId !== void 0) headers.set("Last-Event-ID", lastEventId);
+			try {
+				const requestInit = {
+					redirect: "follow",
+					...options,
+					body: options.serializedBody,
+					headers,
+					signal
+				};
+				let request = new Request(url, requestInit);
+				if (onRequest) request = await onRequest(url, requestInit);
+				const response = await (options.fetch ?? globalThis.fetch)(request);
+				if (!response.ok) throw new Error(`SSE failed: ${response.status} ${response.statusText}`);
+				if (!response.body) throw new Error("No body in SSE response");
+				const reader = response.body.pipeThrough(new TextDecoderStream()).getReader();
+				let buffer = "";
+				const abortHandler = () => {
+					try {
+						reader.cancel();
+					} catch {}
+				};
+				signal.addEventListener("abort", abortHandler);
+				try {
+					while (true) {
+						const { done, value } = await reader.read();
+						if (done) break;
+						buffer += value;
+						buffer = buffer.replace(/\r\n?/g, "\n");
+						const chunks = buffer.split("\n\n");
+						buffer = chunks.pop() ?? "";
+						for (const chunk of chunks) {
+							const lines = chunk.split("\n");
+							const dataLines = [];
+							let eventName;
+							for (const line of lines) if (line.startsWith("data:")) dataLines.push(line.replace(/^data:\s*/, ""));
+							else if (line.startsWith("event:")) eventName = line.replace(/^event:\s*/, "");
+							else if (line.startsWith("id:")) lastEventId = line.replace(/^id:\s*/, "");
+							else if (line.startsWith("retry:")) {
+								const parsed = Number.parseInt(line.replace(/^retry:\s*/, ""), 10);
+								if (!Number.isNaN(parsed)) retryDelay = parsed;
+							}
+							let data;
+							let parsedJson = false;
+							if (dataLines.length) {
+								const rawData = dataLines.join("\n");
+								try {
+									data = JSON.parse(rawData);
+									parsedJson = true;
+								} catch {
+									data = rawData;
+								}
+							}
+							if (parsedJson) {
+								if (responseValidator) await responseValidator(data);
+								if (responseTransformer) data = await responseTransformer(data);
+							}
+							onSseEvent?.({
+								data,
+								event: eventName,
+								id: lastEventId,
+								retry: retryDelay
+							});
+							if (dataLines.length) yield data;
+						}
+					}
+				} finally {
+					signal.removeEventListener("abort", abortHandler);
+					reader.releaseLock();
+				}
+				break;
+			} catch (error) {
+				onSseError?.(error);
+				if (sseMaxRetryAttempts !== void 0 && attempt >= sseMaxRetryAttempts) break;
+				await sleep(Math.min(retryDelay * 2 ** (attempt - 1), sseMaxRetryDelay ?? 3e4));
+			}
+		}
+	};
+	return { stream: createStream() };
+}
+//#endregion
+//#region ../packages/api-core/src/api/core/pathSerializer.gen.ts
+const separatorArrayExplode = (style) => {
+	switch (style) {
+		case "label": return ".";
+		case "matrix": return ";";
+		case "simple": return ",";
+		default: return "&";
+	}
+};
+const separatorArrayNoExplode = (style) => {
+	switch (style) {
+		case "form": return ",";
+		case "pipeDelimited": return "|";
+		case "spaceDelimited": return "%20";
+		default: return ",";
+	}
+};
+const separatorObjectExplode = (style) => {
+	switch (style) {
+		case "label": return ".";
+		case "matrix": return ";";
+		case "simple": return ",";
+		default: return "&";
+	}
+};
+const serializeArrayParam = ({ allowReserved, explode, name, style, value }) => {
+	if (!explode) {
+		const joinedValues = (allowReserved ? value : value.map((v) => encodeURIComponent(v))).join(separatorArrayNoExplode(style));
+		switch (style) {
+			case "label": return `.${joinedValues}`;
+			case "matrix": return `;${name}=${joinedValues}`;
+			case "simple": return joinedValues;
+			default: return `${name}=${joinedValues}`;
+		}
+	}
+	const separator = separatorArrayExplode(style);
+	const joinedValues = value.map((v) => {
+		if (style === "label" || style === "simple") return allowReserved ? v : encodeURIComponent(v);
+		return serializePrimitiveParam({
+			allowReserved,
+			name,
+			value: v
+		});
+	}).join(separator);
+	return style === "label" || style === "matrix" ? separator + joinedValues : joinedValues;
+};
+const serializePrimitiveParam = ({ allowReserved, name, value }) => {
+	if (value === void 0 || value === null) return "";
+	if (typeof value === "object") throw new Error("Deeply-nested arrays/objects aren’t supported. Provide your own `querySerializer()` to handle these.");
+	return `${name}=${allowReserved ? value : encodeURIComponent(value)}`;
+};
+const serializeObjectParam = ({ allowReserved, explode, name, style, value, valueOnly }) => {
+	if (value instanceof Date) return valueOnly ? value.toISOString() : `${name}=${value.toISOString()}`;
+	if (style !== "deepObject" && !explode) {
+		let values = [];
+		Object.entries(value).forEach(([key, v]) => {
+			values = [
+				...values,
+				key,
+				allowReserved ? v : encodeURIComponent(v)
+			];
+		});
+		const joinedValues = values.join(",");
+		switch (style) {
+			case "form": return `${name}=${joinedValues}`;
+			case "label": return `.${joinedValues}`;
+			case "matrix": return `;${name}=${joinedValues}`;
+			default: return joinedValues;
+		}
+	}
+	const separator = separatorObjectExplode(style);
+	const joinedValues = Object.entries(value).map(([key, v]) => serializePrimitiveParam({
+		allowReserved,
+		name: style === "deepObject" ? `${name}[${key}]` : key,
+		value: v
+	})).join(separator);
+	return style === "label" || style === "matrix" ? separator + joinedValues : joinedValues;
+};
+//#endregion
+//#region ../packages/api-core/src/api/core/utils.gen.ts
+const PATH_PARAM_RE = /\{[^{}]+\}/g;
+const defaultPathSerializer = ({ path, url: _url }) => {
+	let url = _url;
+	const matches = _url.match(PATH_PARAM_RE);
+	if (matches) for (const match of matches) {
+		let explode = false;
+		let name = match.substring(1, match.length - 1);
+		let style = "simple";
+		if (name.endsWith("*")) {
+			explode = true;
+			name = name.substring(0, name.length - 1);
+		}
+		if (name.startsWith(".")) {
+			name = name.substring(1);
+			style = "label";
+		} else if (name.startsWith(";")) {
+			name = name.substring(1);
+			style = "matrix";
+		}
+		const value = path[name];
+		if (value === void 0 || value === null) continue;
+		if (Array.isArray(value)) {
+			url = url.replace(match, serializeArrayParam({
+				explode,
+				name,
+				style,
+				value
+			}));
+			continue;
+		}
+		if (typeof value === "object") {
+			url = url.replace(match, serializeObjectParam({
+				explode,
+				name,
+				style,
+				value,
+				valueOnly: true
+			}));
+			continue;
+		}
+		if (style === "matrix") {
+			url = url.replace(match, `;${serializePrimitiveParam({
+				name,
+				value
+			})}`);
+			continue;
+		}
+		const replaceValue = encodeURIComponent(style === "label" ? `.${value}` : value);
+		url = url.replace(match, replaceValue);
+	}
+	return url;
+};
+const getUrl = ({ baseUrl, path, query, querySerializer, url: _url }) => {
+	const pathUrl = _url.startsWith("/") ? _url : `/${_url}`;
+	let url = (baseUrl ?? "") + pathUrl;
+	if (path) url = defaultPathSerializer({
+		path,
+		url
+	});
+	let search = query ? querySerializer(query) : "";
+	if (search.startsWith("?")) search = search.substring(1);
+	if (search) url += `?${search}`;
+	return url;
+};
+function getValidRequestBody(options) {
+	const hasBody = options.body !== void 0;
+	if (hasBody && options.bodySerializer) {
+		if ("serializedBody" in options) return options.serializedBody !== void 0 && options.serializedBody !== "" ? options.serializedBody : null;
+		return options.body !== "" ? options.body : null;
+	}
+	if (hasBody) return options.body;
+}
+//#endregion
+//#region ../packages/api-core/src/api/core/auth.gen.ts
+const getAuthToken = async (auth, callback) => {
+	const token = typeof callback === "function" ? await callback(auth) : callback;
+	if (!token) return;
+	if (auth.scheme === "bearer") return `Bearer ${token}`;
+	if (auth.scheme === "basic") return `Basic ${btoa(token)}`;
+	return token;
+};
+//#endregion
+//#region ../packages/api-core/src/api/client/utils.gen.ts
+const createQuerySerializer = ({ parameters = {}, ...args } = {}) => {
+	const querySerializer = (queryParams) => {
+		const search = [];
+		if (queryParams && typeof queryParams === "object") for (const name in queryParams) {
+			const value = queryParams[name];
+			if (value === void 0 || value === null) continue;
+			const options = parameters[name] || args;
+			if (Array.isArray(value)) {
+				const serializedArray = serializeArrayParam({
+					allowReserved: options.allowReserved,
+					explode: true,
+					name,
+					style: "form",
+					value,
+					...options.array
+				});
+				if (serializedArray) search.push(serializedArray);
+			} else if (typeof value === "object") {
+				const serializedObject = serializeObjectParam({
+					allowReserved: options.allowReserved,
+					explode: true,
+					name,
+					style: "deepObject",
+					value,
+					...options.object
+				});
+				if (serializedObject) search.push(serializedObject);
+			} else {
+				const serializedPrimitive = serializePrimitiveParam({
+					allowReserved: options.allowReserved,
+					name,
+					value
+				});
+				if (serializedPrimitive) search.push(serializedPrimitive);
+			}
+		}
+		return search.join("&");
+	};
+	return querySerializer;
+};
+/**
+* Infers parseAs value from provided Content-Type header.
+*/
+const getParseAs = (contentType) => {
+	if (!contentType) return "stream";
+	const cleanContent = contentType.split(";")[0]?.trim();
+	if (!cleanContent) return;
+	if (cleanContent.startsWith("application/json") || cleanContent.endsWith("+json")) return "json";
+	if (cleanContent === "multipart/form-data") return "formData";
+	if ([
+		"application/",
+		"audio/",
+		"image/",
+		"video/"
+	].some((type) => cleanContent.startsWith(type))) return "blob";
+	if (cleanContent.startsWith("text/")) return "text";
+};
+const checkForExistence = (options, name) => {
+	if (!name) return false;
+	if (options.headers.has(name) || options.query?.[name] || options.headers.get("Cookie")?.includes(`${name}=`)) return true;
+	return false;
+};
+const setAuthParams = async ({ security, ...options }) => {
+	for (const auth of security) {
+		if (checkForExistence(options, auth.name)) continue;
+		const token = await getAuthToken(auth, options.auth);
+		if (!token) continue;
+		const name = auth.name ?? "Authorization";
+		switch (auth.in) {
+			case "query":
+				if (!options.query) options.query = {};
+				options.query[name] = token;
+				break;
+			case "cookie":
+				options.headers.append("Cookie", `${name}=${token}`);
+				break;
+			default:
+				options.headers.set(name, token);
+				break;
+		}
+	}
+};
+const buildUrl = (options) => getUrl({
+	baseUrl: options.baseUrl,
+	path: options.path,
+	query: options.query,
+	querySerializer: typeof options.querySerializer === "function" ? options.querySerializer : createQuerySerializer(options.querySerializer),
+	url: options.url
+});
+const mergeConfigs = (a, b) => {
+	const config = {
+		...a,
+		...b
+	};
+	if (config.baseUrl?.endsWith("/")) config.baseUrl = config.baseUrl.substring(0, config.baseUrl.length - 1);
+	config.headers = mergeHeaders(a.headers, b.headers);
+	return config;
+};
+const headersEntries = (headers) => {
+	const entries = [];
+	headers.forEach((value, key) => {
+		entries.push([key, value]);
+	});
+	return entries;
+};
+const mergeHeaders = (...headers) => {
+	const mergedHeaders = new Headers();
+	for (const header of headers) {
+		if (!header) continue;
+		const iterator = header instanceof Headers ? headersEntries(header) : Object.entries(header);
+		for (const [key, value] of iterator) if (value === null) mergedHeaders.delete(key);
+		else if (Array.isArray(value)) for (const v of value) mergedHeaders.append(key, v);
+		else if (value !== void 0) mergedHeaders.set(key, typeof value === "object" ? JSON.stringify(value) : value);
+	}
+	return mergedHeaders;
+};
+var Interceptors = class {
+	fns = [];
+	clear() {
+		this.fns = [];
+	}
+	eject(id) {
+		const index = this.getInterceptorIndex(id);
+		if (this.fns[index]) this.fns[index] = null;
+	}
+	exists(id) {
+		const index = this.getInterceptorIndex(id);
+		return Boolean(this.fns[index]);
+	}
+	getInterceptorIndex(id) {
+		if (typeof id === "number") return this.fns[id] ? id : -1;
+		return this.fns.indexOf(id);
+	}
+	update(id, fn) {
+		const index = this.getInterceptorIndex(id);
+		if (this.fns[index]) {
+			this.fns[index] = fn;
+			return id;
+		}
+		return false;
+	}
+	use(fn) {
+		this.fns.push(fn);
+		return this.fns.length - 1;
+	}
+};
+const createInterceptors = () => ({
+	error: new Interceptors(),
+	request: new Interceptors(),
+	response: new Interceptors()
+});
+const defaultQuerySerializer = createQuerySerializer({
+	allowReserved: false,
+	array: {
+		explode: true,
+		style: "form"
+	},
+	object: {
+		explode: true,
+		style: "deepObject"
+	}
+});
+const defaultHeaders = { "Content-Type": "application/json" };
+const createConfig = (override = {}) => ({
+	...jsonBodySerializer,
+	headers: defaultHeaders,
+	parseAs: "auto",
+	querySerializer: defaultQuerySerializer,
+	...override
+});
+//#endregion
+//#region ../packages/api-core/src/api/client/client.gen.ts
+const createClient = (config = {}) => {
+	let _config = mergeConfigs(createConfig(), config);
+	const getConfig = () => ({ ..._config });
+	const setConfig = (config) => {
+		_config = mergeConfigs(_config, config);
+		return getConfig();
+	};
+	const interceptors = createInterceptors();
+	const beforeRequest = async (options) => {
+		const opts = {
+			..._config,
+			...options,
+			fetch: options.fetch ?? _config.fetch ?? globalThis.fetch,
+			headers: mergeHeaders(_config.headers, options.headers),
+			serializedBody: void 0
+		};
+		if (opts.security) await setAuthParams({
+			...opts,
+			security: opts.security
+		});
+		if (opts.requestValidator) await opts.requestValidator(opts);
+		if (opts.body !== void 0 && opts.bodySerializer) opts.serializedBody = opts.bodySerializer(opts.body);
+		if (opts.body === void 0 || opts.serializedBody === "") opts.headers.delete("Content-Type");
+		const resolvedOpts = opts;
+		return {
+			opts: resolvedOpts,
+			url: buildUrl(resolvedOpts)
+		};
+	};
+	const request = async (options) => {
+		const { opts, url } = await beforeRequest(options);
+		const requestInit = {
+			redirect: "follow",
+			...opts,
+			body: getValidRequestBody(opts)
+		};
+		let request = new Request(url, requestInit);
+		for (const fn of interceptors.request.fns) if (fn) request = await fn(request, opts);
+		const _fetch = opts.fetch;
+		let response;
+		try {
+			response = await _fetch(request);
+		} catch (error) {
+			let finalError = error;
+			for (const fn of interceptors.error.fns) if (fn) finalError = await fn(error, void 0, request, opts);
+			finalError = finalError || {};
+			if (opts.throwOnError) throw finalError;
+			return opts.responseStyle === "data" ? void 0 : {
+				error: finalError,
+				request,
+				response: void 0
+			};
+		}
+		for (const fn of interceptors.response.fns) if (fn) response = await fn(response, request, opts);
+		const result = {
+			request,
+			response
+		};
+		if (response.ok) {
+			const parseAs = (opts.parseAs === "auto" ? getParseAs(response.headers.get("Content-Type")) : opts.parseAs) ?? "json";
+			if (response.status === 204 || response.headers.get("Content-Length") === "0") {
+				let emptyData;
+				switch (parseAs) {
+					case "arrayBuffer":
+					case "blob":
+					case "text":
+						emptyData = await response[parseAs]();
+						break;
+					case "formData":
+						emptyData = new FormData();
+						break;
+					case "stream":
+						emptyData = response.body;
+						break;
+					default:
+						emptyData = {};
+						break;
+				}
+				return opts.responseStyle === "data" ? emptyData : {
+					data: emptyData,
+					...result
+				};
+			}
+			let data;
+			switch (parseAs) {
+				case "arrayBuffer":
+				case "blob":
+				case "formData":
+				case "text":
+					data = await response[parseAs]();
+					break;
+				case "json": {
+					const text = await response.text();
+					data = text ? JSON.parse(text) : {};
+					break;
+				}
+				case "stream": return opts.responseStyle === "data" ? response.body : {
+					data: response.body,
+					...result
+				};
+			}
+			if (parseAs === "json") {
+				if (opts.responseValidator) await opts.responseValidator(data);
+				if (opts.responseTransformer) data = await opts.responseTransformer(data);
+			}
+			return opts.responseStyle === "data" ? data : {
+				data,
+				...result
+			};
+		}
+		const textError = await response.text();
+		let jsonError;
+		try {
+			jsonError = JSON.parse(textError);
+		} catch {}
+		const error = jsonError ?? textError;
+		let finalError = error;
+		for (const fn of interceptors.error.fns) if (fn) finalError = await fn(error, response, request, opts);
+		finalError = finalError || {};
+		if (opts.throwOnError) throw finalError;
+		return opts.responseStyle === "data" ? void 0 : {
+			error: finalError,
+			...result
+		};
+	};
+	const makeMethodFn = (method) => (options) => request({
+		...options,
+		method
+	});
+	const makeSseFn = (method) => async (options) => {
+		const { opts, url } = await beforeRequest(options);
+		return createSseClient({
+			...opts,
+			body: opts.body,
+			headers: opts.headers,
+			method,
+			onRequest: async (url, init) => {
+				let request = new Request(url, init);
+				for (const fn of interceptors.request.fns) if (fn) request = await fn(request, opts);
+				return request;
+			},
+			serializedBody: getValidRequestBody(opts),
+			url
+		});
+	};
+	const _buildUrl = (options) => buildUrl({
+		..._config,
+		...options
+	});
+	return {
+		buildUrl: _buildUrl,
+		connect: makeMethodFn("CONNECT"),
+		delete: makeMethodFn("DELETE"),
+		get: makeMethodFn("GET"),
+		getConfig,
+		head: makeMethodFn("HEAD"),
+		interceptors,
+		options: makeMethodFn("OPTIONS"),
+		patch: makeMethodFn("PATCH"),
+		post: makeMethodFn("POST"),
+		put: makeMethodFn("PUT"),
+		request,
+		setConfig,
+		sse: {
+			connect: makeSseFn("CONNECT"),
+			delete: makeSseFn("DELETE"),
+			get: makeSseFn("GET"),
+			head: makeSseFn("HEAD"),
+			options: makeSseFn("OPTIONS"),
+			patch: makeSseFn("PATCH"),
+			post: makeSseFn("POST"),
+			put: makeSseFn("PUT"),
+			trace: makeSseFn("TRACE")
+		},
+		trace: makeMethodFn("TRACE")
+	};
+};
+//#endregion
+//#region ../packages/api-core/src/client.ts
+/**
+* Host-aware Primitive API client and shared error type.
+*
+* Lives in api-core (instead of sdk-node) so the CLI can build a
+* configured request client without taking a dependency on sdk-node.
+* The higher-level `PrimitiveClient` (with `.send`, `.reply`,
+* `.forward`) still lives in sdk-node because it needs the
+* `ReceivedEmail` type from the webhook parsing surface.
+*/
+const DEFAULT_API_BASE_URL = "https://api.primitive.dev/v1";
+function createDefaultAuth(apiKey) {
+	return (security) => {
+		if (security.type === "http" && security.scheme === "bearer") return apiKey;
+	};
+}
+var PrimitiveApiClient = class {
+	client;
+	constructor(options = {}) {
+		const { apiKey, auth, apiBaseUrl = DEFAULT_API_BASE_URL, ...config } = options;
+		const resolvedAuth = auth ?? createDefaultAuth(apiKey);
+		this.client = createClient(createConfig({
+			...config,
+			auth: resolvedAuth,
+			baseUrl: apiBaseUrl
+		}));
+	}
+	getConfig() {
+		return this.client.getConfig();
+	}
+	setConfig(config) {
+		return this.client.setConfig(config);
+	}
+};
+//#endregion
+//#region src/oclif/chat-state.ts
+const CHAT_STATE_FILE = "chat-state.json";
+const CHAT_STATE_VERSION = 2;
+const MAX_CONVERSATIONS = 50;
+function isRecord$2(value) {
+	return value !== null && typeof value === "object" && !Array.isArray(value);
+}
+function nonEmptyString(value) {
+	return typeof value === "string" && value.trim().length > 0 ? value : null;
+}
+function positiveInteger(value) {
+	return typeof value === "number" && Number.isInteger(value) && value > 0 ? value : null;
+}
+function nonNegativeInteger(value) {
+	return typeof value === "number" && Number.isInteger(value) && value >= 0 ? value : null;
+}
+function parseLocalId(value) {
+	return typeof value === "number" && Number.isInteger(value) && value >= 0 && value <= Number.MAX_SAFE_INTEGER ? value : null;
+}
+function chatStatePath(configDir) {
+	return join(configDir, CHAT_STATE_FILE);
+}
+function deleteChatState(configDir) {
+	rmSync(chatStatePath(configDir), { force: true });
+}
+function chatConversationState(params) {
+	return {
+		...params.input,
+		local_id: params.localId,
+		updated_at: params.input.updated_at ?? (/* @__PURE__ */ new Date()).toISOString()
+	};
+}
+function parseConversation(raw) {
+	if (!isRecord$2(raw)) return null;
+	const localId = parseLocalId(raw.local_id);
+	const recipient = nonEmptyString(raw.recipient);
+	const from = nonEmptyString(raw.from);
+	const lastReplyEmailId = nonEmptyString(raw.last_reply_email_id);
+	const lastSentEmailId = nonEmptyString(raw.last_sent_email_id);
+	const lastReplyReceivedAt = nonEmptyString(raw.last_reply_received_at);
+	const updatedAt = nonEmptyString(raw.updated_at);
+	const timeoutSeconds = nonNegativeInteger(raw.timeout_seconds);
+	const strictPhaseSeconds = positiveInteger(raw.strict_phase_seconds);
+	if (localId === null || !recipient || !from || !lastReplyEmailId || !lastSentEmailId || !lastReplyReceivedAt || !updatedAt || timeoutSeconds === null || strictPhaseSeconds === null || typeof raw.strict_only !== "boolean") return null;
+	const threadId = raw.thread_id !== null && raw.thread_id !== void 0 ? nonEmptyString(raw.thread_id) : null;
+	if (raw.thread_id !== null && raw.thread_id !== void 0 && !threadId) return null;
+	return {
+		from,
+		last_reply_email_id: lastReplyEmailId,
+		last_reply_received_at: lastReplyReceivedAt,
+		last_sent_email_id: lastSentEmailId,
+		local_id: localId,
+		recipient,
+		strict_only: raw.strict_only,
+		strict_phase_seconds: strictPhaseSeconds,
+		thread_id: threadId,
+		timeout_seconds: timeoutSeconds,
+		updated_at: updatedAt
+	};
+}
+function parseLegacyActiveState(raw) {
+	if (!isRecord$2(raw) || raw.version !== 1) return null;
+	const legacy = parseConversation({
+		...raw,
+		local_id: 0
+	});
+	if (!legacy) return null;
+	return {
+		active_local_id: 0,
+		conversations: [legacy],
+		next_local_id: 1,
+		version: CHAT_STATE_VERSION
+	};
+}
+function parseChatState(raw) {
+	if (!isRecord$2(raw)) return null;
+	if (raw.version === 1) return parseLegacyActiveState(raw);
+	if (raw.version !== CHAT_STATE_VERSION) return null;
+	if (!Array.isArray(raw.conversations)) return null;
+	const conversations = raw.conversations.map((entry) => parseConversation(entry)).filter((entry) => entry !== null);
+	if (conversations.length !== raw.conversations.length) return null;
+	const ids = /* @__PURE__ */ new Set();
+	for (const conversation of conversations) {
+		if (ids.has(conversation.local_id)) return null;
+		ids.add(conversation.local_id);
+	}
+	const activeLocalId = raw.active_local_id === null ? null : parseLocalId(raw.active_local_id);
+	if (activeLocalId === null && raw.active_local_id !== null) return null;
+	if (activeLocalId !== null && !ids.has(activeLocalId)) return null;
+	const nextLocalId = nonNegativeInteger(raw.next_local_id) ?? 0;
+	return {
+		active_local_id: activeLocalId,
+		conversations,
+		next_local_id: Math.max(nextLocalId, ...conversations.map((conversation) => conversation.local_id + 1), 0),
+		version: CHAT_STATE_VERSION
+	};
+}
+function loadChatState(configDir) {
+	let contents;
+	try {
+		contents = readFileSync(chatStatePath(configDir), "utf8");
+	} catch {
+		return null;
+	}
+	try {
+		return parseChatState(JSON.parse(contents));
+	} catch {
+		return null;
+	}
+}
+function loadActiveChatState(configDir) {
+	const state = loadChatState(configDir);
+	if (state?.active_local_id === null || state === null) return null;
+	return state.conversations.find((conversation) => conversation.local_id === state.active_local_id) ?? null;
+}
+function loadChatConversationByLocalId(configDir, localId) {
+	return loadChatState(configDir)?.conversations.find((conversation) => conversation.local_id === localId) ?? null;
+}
+function saveChatState(configDir, state) {
+	mkdirSync(configDir, {
+		mode: 448,
+		recursive: true
+	});
+	const path = chatStatePath(configDir);
+	const tempPath = join(configDir, `${CHAT_STATE_FILE}.${process.pid}.${randomUUID()}.tmp`);
+	try {
+		writeFileSync(tempPath, `${JSON.stringify(state, null, 2)}\n`, { mode: 384 });
+		renameSync(tempPath, path);
+	} catch (error) {
+		rmSync(tempPath, { force: true });
+		throw error;
+	}
+}
+function compareConversationUpdatedAt(left, right) {
+	return right.updated_at.localeCompare(left.updated_at);
+}
+function saveActiveChatState(configDir, input, options = {}) {
+	const existing = loadChatState(configDir) ?? {
+		active_local_id: null,
+		conversations: [],
+		next_local_id: 0,
+		version: CHAT_STATE_VERSION
+	};
+	const existingByPreferredId = options.preferredLocalId === void 0 ? void 0 : existing.conversations.find((conversation) => conversation.local_id === options.preferredLocalId);
+	const existingByThread = input.thread_id === null ? void 0 : existing.conversations.find((conversation) => conversation.thread_id === input.thread_id);
+	const localId = existingByPreferredId?.local_id ?? existingByThread?.local_id ?? existing.next_local_id;
+	const conversation = chatConversationState({
+		input,
+		localId
+	});
+	const conversations = [conversation, ...existing.conversations.filter((item) => item.local_id !== localId)].sort(compareConversationUpdatedAt).slice(0, MAX_CONVERSATIONS);
+	const activeStillPresent = conversations.some((item) => item.local_id === localId);
+	const nextLocalId = Math.max(existing.next_local_id, localId + 1, ...conversations.map((item) => item.local_id + 1));
+	saveChatState(configDir, {
+		active_local_id: activeStillPresent ? localId : null,
+		conversations,
+		next_local_id: nextLocalId,
+		version: CHAT_STATE_VERSION
+	});
+	return conversation;
+}
+//#endregion
+//#region src/oclif/auth.ts
+const CREDENTIALS_FILE = "credentials.json";
+const CREDENTIALS_LOCK_DIR = "credentials.lock";
+const CREDENTIALS_LOCK_OWNER_FILE = "owner.json";
+const CREDENTIALS_LOCK_STALE_MS = 1800 * 1e3;
+const MALFORMED_CREDENTIALS_HINT = "Run `primitive logout` and then `primitive signin`.";
+const CREDENTIALS_LOCK_CLEANUP_SIGNALS = [
+	"SIGINT",
+	"SIGTERM",
+	"SIGHUP"
+];
+function isRecord$1(value) {
+	return value !== null && typeof value === "object" && !Array.isArray(value);
+}
+function requireString(value, key) {
+	const raw = value[key];
+	if (typeof raw !== "string" || raw.trim().length === 0) throw new Error(`Stored Primitive CLI credentials are malformed: ${key} must be a non-empty string. ${MALFORMED_CREDENTIALS_HINT}`);
+	return raw;
+}
+function readStoredApiBaseUrl(raw) {
+	const value = raw.api_base_url ?? raw.api_base_url_2 ?? raw.api_base_url_1;
+	if (typeof value !== "string" || value.trim().length === 0) throw new Error(`Stored Primitive CLI credentials are malformed: api_base_url must be a non-empty string. ${MALFORMED_CREDENTIALS_HINT}`);
+	return normalizeApiBaseUrl(value);
+}
+/**
+* Sentinel returned by parseCredentials when the on-disk credentials were
+* written by an API-key-based CLI. The caller treats this as "not logged in"
+* after clearing the local file. The backing API key is intentionally not
+* revoked; API keys still work when passed explicitly via --api-key/env.
+*/
+var LegacyApiKeyCredentialFormatError = class extends Error {
+	constructor() {
+		super("legacy_api_key_credential_format");
+		this.name = "LegacyApiKeyCredentialFormatError";
+	}
+};
+function parseCredentials(raw) {
+	if (!isRecord$1(raw)) throw new Error(`Stored Primitive CLI credentials are malformed: expected a JSON object. ${MALFORMED_CREDENTIALS_HINT}`);
+	if (raw.auth_method !== "oauth") {
+		if (typeof raw.api_key === "string" || typeof raw.key_id === "string" || typeof raw.base_url === "string") throw new LegacyApiKeyCredentialFormatError();
+		throw new Error(`Stored Primitive CLI credentials are malformed: auth_method must be oauth. ${MALFORMED_CREDENTIALS_HINT}`);
+	}
+	const orgName = raw.org_name;
+	if (orgName !== null && typeof orgName !== "string") throw new Error(`Stored Primitive CLI credentials are malformed: org_name must be a string or null. ${MALFORMED_CREDENTIALS_HINT}`);
+	if (requireString(raw, "token_type") !== "Bearer") throw new Error(`Stored Primitive CLI credentials are malformed: token_type must be Bearer. ${MALFORMED_CREDENTIALS_HINT}`);
+	return {
+		auth_method: "oauth",
+		access_token: requireString(raw, "access_token"),
+		refresh_token: requireString(raw, "refresh_token"),
+		token_type: "Bearer",
+		expires_at: requireString(raw, "expires_at"),
+		oauth_grant_id: requireString(raw, "oauth_grant_id"),
+		oauth_client_id: requireString(raw, "oauth_client_id"),
+		org_id: requireString(raw, "org_id"),
+		org_name: orgName,
+		api_base_url: readStoredApiBaseUrl(raw),
+		created_at: requireString(raw, "created_at")
+	};
+}
+function credentialsPath(configDir) {
+	return join(configDir, CREDENTIALS_FILE);
+}
+function credentialsLockPath(configDir) {
+	return join(configDir, CREDENTIALS_LOCK_DIR);
+}
+function normalize(url, fallback) {
+	const trimmed = url?.trim();
+	if (!trimmed) return fallback;
+	return trimmed.replace(/\/+$/, "");
+}
+function canonicalizeKnownApiBaseUrl(url) {
+	let parsed;
+	try {
+		parsed = new URL(url);
+	} catch {
+		return url;
+	}
+	if (parsed.pathname.replace(/\/+$/, "") !== "/api/v1") return url;
+	if (parsed.hostname === "primitive.dev" || parsed.hostname === "www.primitive.dev") {
+		parsed.hostname = "api.primitive.dev";
+		parsed.pathname = "/v1";
+		return parsed.toString().replace(/\/+$/, "");
+	}
+	if (parsed.hostname === "primitive-staging-1.com") {
+		parsed.hostname = "api.primitive-staging-1.com";
+		parsed.pathname = "/v1";
+		return parsed.toString().replace(/\/+$/, "");
+	}
+	return url;
+}
+function normalizeApiBaseUrl(url) {
+	return canonicalizeKnownApiBaseUrl(normalize(url, DEFAULT_API_BASE_URL));
+}
+function cliAccessTokenExpiresAt(expiresInSeconds, now = Date.now) {
+	return new Date(now() + expiresInSeconds * 1e3).toISOString();
+}
+function loadCliCredentials(configDir) {
+	const path = credentialsPath(configDir);
+	let contents;
+	try {
+		contents = readFileSync(path, "utf8");
+	} catch (error) {
+		if (error && typeof error === "object" && error.code === "ENOENT") return null;
+		const detail = error instanceof Error ? error.message : String(error);
+		throw new Error(`Could not read Primitive CLI credentials: ${detail}`);
+	}
+	try {
+		return parseCredentials(JSON.parse(contents));
+	} catch (error) {
+		if (error instanceof LegacyApiKeyCredentialFormatError) {
+			try {
+				rmSync(path, { force: true });
+				deleteChatState(configDir);
+			} catch {}
+			process.stderr.write("Removed local Primitive CLI API-key login state. API keys are still valid when passed explicitly, but saved CLI auth now uses OAuth. Run `primitive signin` to create an OAuth session. No API key was revoked.\n");
+			return null;
+		}
+		if (error instanceof SyntaxError) throw new Error("Stored Primitive CLI credentials are not valid JSON. Run `primitive logout` and then `primitive signin`.");
+		throw error;
+	}
+}
+function saveCliCredentials(configDir, credentials) {
+	mkdirSync(configDir, {
+		mode: 448,
+		recursive: true
+	});
+	const path = credentialsPath(configDir);
+	const tempPath = join(configDir, `${CREDENTIALS_FILE}.${process.pid}.${randomUUID()}.tmp`);
+	try {
+		writeFileSync(tempPath, `${JSON.stringify(credentials, null, 2)}\n`, { mode: 384 });
+		chmodSync(tempPath, 384);
+		renameSync(tempPath, path);
+		chmodSync(path, 384);
+	} catch (error) {
+		rmSync(tempPath, { force: true });
+		throw error;
+	}
+}
+function deleteCliCredentials(configDir) {
+	rmSync(credentialsPath(configDir), { force: true });
+	deleteChatState(configDir);
+}
+function saveSignupCredentials(params) {
+	deleteChatState(params.configDir);
+	saveCliCredentials(params.configDir, {
+		access_token: params.signup.access_token,
+		api_base_url: params.apiBaseUrl,
+		auth_method: "oauth",
+		created_at: (/* @__PURE__ */ new Date()).toISOString(),
+		expires_at: cliAccessTokenExpiresAt(params.signup.expires_in),
+		oauth_client_id: params.signup.oauth_client_id,
+		oauth_grant_id: params.signup.oauth_grant_id,
+		org_id: params.signup.org_id,
+		org_name: params.signup.org_name,
+		refresh_token: params.signup.refresh_token,
+		token_type: params.signup.token_type
+	});
+}
+function deleteCliCredentialsLock(configDir) {
+	rmSync(credentialsLockPath(configDir), {
+		force: true,
+		recursive: true
+	});
+}
+function errorCode(error) {
+	return error && typeof error === "object" ? error.code : void 0;
+}
+function removeStaleCliCredentialsLock(lockPath, staleMs, now) {
+	try {
+		const stats = statSync(lockPath);
+		if (now() - stats.mtimeMs < staleMs) return false;
+	} catch (error) {
+		if (errorCode(error) === "ENOENT") return true;
+		throw error;
+	}
+	rmSync(lockPath, {
+		force: true,
+		recursive: true
+	});
+	return true;
+}
+function readCliCredentialsLockOwner(lockPath) {
+	let raw;
+	try {
+		raw = readFileSync(join(lockPath, CREDENTIALS_LOCK_OWNER_FILE), "utf8");
+	} catch (error) {
+		if (errorCode(error) === "ENOENT") return null;
+		throw error;
+	}
+	try {
+		const pid = JSON.parse(raw)?.pid;
+		return Number.isInteger(pid) && pid > 0 ? { pid } : null;
+	} catch {
+		return null;
+	}
+}
+function processIsRunning(pid) {
+	try {
+		process.kill(pid, 0);
+		return true;
+	} catch (error) {
+		if (errorCode(error) === "ESRCH") return false;
+		return true;
+	}
+}
+function removeRecoverableCliCredentialsLock(params) {
+	const owner = readCliCredentialsLockOwner(params.lockPath);
+	if (owner && params.isRunning(owner.pid)) return false;
+	if (owner) {
+		rmSync(params.lockPath, {
+			force: true,
+			recursive: true
+		});
+		return true;
+	}
+	return removeStaleCliCredentialsLock(params.lockPath, params.staleMs, params.now);
+}
+function writeCliCredentialsLockOwner(lockPath) {
+	const ownerPath = join(lockPath, CREDENTIALS_LOCK_OWNER_FILE);
+	writeFileSync(ownerPath, `${JSON.stringify({
+		created_at: (/* @__PURE__ */ new Date()).toISOString(),
+		pid: process.pid
+	})}\n`, { mode: 384 });
+	chmodSync(ownerPath, 384);
+}
+function installCredentialsLockSignalCleanup(lockPath) {
+	let active = true;
+	const listeners = CREDENTIALS_LOCK_CLEANUP_SIGNALS.map((signal) => {
+		const listener = () => {
+			if (!active) return;
+			active = false;
+			rmSync(lockPath, {
+				force: true,
+				recursive: true
+			});
+			process.exit(signal === "SIGINT" ? 130 : signal === "SIGTERM" ? 143 : 129);
+		};
+		process.once(signal, listener);
+		return {
+			listener,
+			signal
+		};
+	});
+	return () => {
+		if (!active) return;
+		active = false;
+		for (const { listener, signal } of listeners) process.removeListener(signal, listener);
+	};
+}
+function credentialsLockInProgressMessage(lockPath) {
+	return `Another Primitive CLI credential operation is already in progress. Wait for it to finish, then retry. If no Primitive auth command is still running, run \`primitive logout --force\` to clear local CLI auth state and remove ${lockPath}.`;
+}
+function acquireCliCredentialsLock(configDir, options = {}) {
+	mkdirSync(configDir, {
+		mode: 448,
+		recursive: true
+	});
+	const lockPath = credentialsLockPath(configDir);
+	const installSignalHandlers = options.installSignalHandlers ?? true;
+	const isRunning = options.isProcessRunning ?? processIsRunning;
+	const now = options.now ?? Date.now;
+	const staleMs = options.staleMs ?? CREDENTIALS_LOCK_STALE_MS;
+	let acquired = false;
+	for (let attempt = 0; attempt < 2; attempt += 1) try {
+		mkdirSync(lockPath, { mode: 448 });
+		acquired = true;
+		break;
+	} catch (error) {
+		if (errorCode(error) !== "EEXIST") throw error;
+		if (removeRecoverableCliCredentialsLock({
+			isRunning,
+			lockPath,
+			now,
+			staleMs
+		})) continue;
+		throw new Error(credentialsLockInProgressMessage(lockPath));
+	}
+	if (!acquired) throw new Error(credentialsLockInProgressMessage(lockPath));
+	try {
+		writeCliCredentialsLockOwner(lockPath);
+	} catch (error) {
+		rmSync(lockPath, {
+			force: true,
+			recursive: true
+		});
+		throw error;
+	}
+	const removeSignalCleanup = installSignalHandlers ? installCredentialsLockSignalCleanup(lockPath) : () => void 0;
+	let released = false;
+	return () => {
+		if (released) return;
+		released = true;
+		removeSignalCleanup();
+		rmSync(lockPath, {
+			force: true,
+			recursive: true
+		});
+	};
+}
+/**
+* Detect the PRIMITIVE_KEY vs PRIMITIVE_API_KEY rename trap.
+*
+* AGX feedback: users on older docs (or coming from other tools) set
+* `PRIMITIVE_KEY` and then cannot figure out why the CLI reports no
+* API key. The CLI reads `PRIMITIVE_API_KEY` only. Returns a stderr
+* hint when `PRIMITIVE_KEY` is set but `PRIMITIVE_API_KEY` is not,
+* otherwise null. Exported as a helper so both `doctor` and the
+* general auth-resolution path surface the same guidance from the
+* first command the user runs, instead of forcing them to discover
+* the rename via `doctor` after the fact.
+*/
+function detectPrimitiveKeyEnvMisname(env = process.env) {
+	const primitiveKey = env.PRIMITIVE_KEY;
+	const primitiveApiKey = env.PRIMITIVE_API_KEY;
+	if ((primitiveKey?.length ?? 0) > 0 && (primitiveApiKey?.length ?? 0) === 0) return "PRIMITIVE_KEY is set but the CLI reads PRIMITIVE_API_KEY. Rename your env var, or re-run with PRIMITIVE_API_KEY=$PRIMITIVE_KEY.";
+	return null;
+}
+function resolveCliAuth(params) {
+	const apiKey = params.apiKey?.trim();
+	const apiBaseUrl = normalizeApiBaseUrl(params.apiBaseUrl);
+	if (apiKey) return {
+		apiKey,
+		apiBaseUrl,
+		credentials: null,
+		source: "flag-or-env"
+	};
+	const credentials = loadCliCredentials(params.configDir);
+	if (credentials) return {
+		apiKey: credentials.access_token,
+		apiBaseUrl: credentials.api_base_url,
+		credentials,
+		source: "stored"
+	};
+	return {
+		apiKey: void 0,
+		apiBaseUrl,
+		credentials: null,
+		source: "none"
+	};
+}
+//#endregion
+//#region src/oclif/cli-config.ts
+const CONFIG_FILE = "config.json";
+const CONFIG_VERSION = 1;
+const DEFAULT_ENVIRONMENT = "default";
+function cliConfigPath(configDir) {
+	return join(configDir, CONFIG_FILE);
+}
+function cliConfigError(message) {
+	return new Errors.CLIError(`${message} Run \`primitive config reset\` to clear the local CLI config.`, { exit: 1 });
+}
+function isRecord(value) {
+	return value !== null && typeof value === "object" && !Array.isArray(value);
+}
+function normalizeCliEnvironmentName(name) {
+	const trimmed = name?.trim();
+	if (!trimmed) throw new Errors.CLIError("Environment name must be a non-empty string.", { exit: 1 });
+	if (!/^[A-Za-z0-9][A-Za-z0-9._-]{0,62}$/.test(trimmed)) throw new Errors.CLIError("Environment name must start with a letter or number and may only contain letters, numbers, '.', '_', or '-'.", { exit: 1 });
+	return trimmed;
+}
+function validateCliHeaderName(name) {
+	const trimmed = name.trim();
+	if (!trimmed) throw new Errors.CLIError("Header name must be a non-empty string.", { exit: 1 });
+	if (!/^[!#$%&'*+\-.^_`|~0-9A-Za-z]+$/.test(trimmed)) throw new Errors.CLIError(`Invalid header name: ${name}`, { exit: 1 });
+	if (trimmed.toLowerCase() === "authorization") throw new Errors.CLIError("The Authorization header is managed by PRIMITIVE_API_KEY or saved OAuth CLI credentials.", { exit: 1 });
+	return trimmed;
+}
+function validateCliHeaderValue(value, name) {
+	if (value.length === 0) throw new Errors.CLIError(`Header ${name} value must not be empty.`, { exit: 1 });
+	if (/[\r\n\0]/.test(value)) throw new Errors.CLIError(`Header ${name} value must not contain CR, LF, or NUL characters.`, { exit: 1 });
+	return value;
+}
+function parseHeaderAssignment(assignment) {
+	const separator = assignment.indexOf("=");
+	if (separator <= 0) throw new Errors.CLIError("Header values must use name=value syntax, for example `x-custom=secret`.", { exit: 1 });
+	const name = validateCliHeaderName(assignment.slice(0, separator));
+	return [name, validateCliHeaderValue(assignment.slice(separator + 1), name)];
+}
+function parseHeaders(raw, context) {
+	if (raw === void 0) return {};
+	if (!isRecord(raw)) throw cliConfigError(`${context} headers must be a JSON object.`);
+	const headers = {};
+	for (const [rawName, rawValue] of Object.entries(raw)) {
+		const name = validateCliHeaderName(rawName);
+		if (typeof rawValue !== "string") throw cliConfigError(`${context} header ${name} must be a string.`);
+		headers[name] = validateCliHeaderValue(rawValue, name);
+	}
+	return headers;
+}
+function parseEnvironmentConfig(raw, context) {
+	if (!isRecord(raw)) throw cliConfigError(`${context} must be a JSON object.`);
+	const env = {};
+	const rawApiBaseUrl = raw.api_base_url ?? raw.api_base_url_2 ?? raw.api_base_url_1;
+	if (rawApiBaseUrl !== void 0) {
+		if (typeof rawApiBaseUrl !== "string") throw cliConfigError(`${context}.api_base_url must be a string.`);
+		env.api_base_url = normalizeApiBaseUrl(rawApiBaseUrl);
+	}
+	const headers = parseHeaders(raw.headers, context);
+	if (Object.keys(headers).length > 0) env.headers = headers;
+	return env;
+}
+function parseStoredCliConfig(raw) {
+	if (!isRecord(raw)) throw cliConfigError("Primitive CLI config must be a JSON object.");
+	if (raw.version !== CONFIG_VERSION) throw cliConfigError(`Primitive CLI config version must be ${CONFIG_VERSION}.`);
+	const currentRaw = raw.current_environment;
+	const current_environment = currentRaw === null || currentRaw === void 0 ? null : typeof currentRaw === "string" ? normalizeCliEnvironmentName(currentRaw) : (() => {
+		throw cliConfigError("Primitive CLI config current_environment must be a string or null.");
+	})();
+	if (!isRecord(raw.environments)) throw cliConfigError("Primitive CLI config environments must be an object.");
+	const environments = {};
+	for (const [rawName, rawEnv] of Object.entries(raw.environments)) {
+		const name = normalizeCliEnvironmentName(rawName);
+		environments[name] = parseEnvironmentConfig(rawEnv, `Primitive CLI config environment ${name}`);
+	}
+	if (current_environment && !environments[current_environment]) throw cliConfigError(`Primitive CLI config current environment ${current_environment} does not exist.`);
+	return {
+		version: CONFIG_VERSION,
+		current_environment,
+		environments
+	};
+}
+function emptyCliConfig() {
+	return {
+		version: CONFIG_VERSION,
+		current_environment: null,
+		environments: {}
+	};
+}
+function loadCliConfig(configDir) {
+	const path = cliConfigPath(configDir);
+	let contents;
+	try {
+		contents = readFileSync(path, "utf8");
+	} catch (error) {
+		if (error && typeof error === "object" && error.code === "ENOENT") return null;
+		throw cliConfigError(`Could not read Primitive CLI config: ${error instanceof Error ? error.message : String(error)}.`);
+	}
+	try {
+		return parseStoredCliConfig(JSON.parse(contents));
+	} catch (error) {
+		if (error instanceof SyntaxError) throw cliConfigError("Primitive CLI config is not valid JSON.");
+		throw error;
+	}
+}
+function saveCliConfig(configDir, config) {
+	mkdirSync(configDir, {
+		mode: 448,
+		recursive: true
+	});
+	const path = cliConfigPath(configDir);
+	const tempPath = join(configDir, `${CONFIG_FILE}.${process.pid}.${randomUUID()}.tmp`);
+	try {
+		writeFileSync(tempPath, `${JSON.stringify(config, null, 2)}\n`, { mode: 384 });
+		renameSync(tempPath, path);
+	} catch (error) {
+		rmSync(tempPath, { force: true });
+		throw error;
+	}
+}
+function deleteCliConfig(configDir) {
+	rmSync(cliConfigPath(configDir), { force: true });
+}
+function resolveConfigEnvironment(config) {
+	if (!config) return null;
+	const current = config.current_environment;
+	if (current) {
+		const environment = config.environments[current];
+		return environment ? {
+			name: current,
+			config: environment
+		} : null;
+	}
+	const defaultEnvironment = config.environments[DEFAULT_ENVIRONMENT];
+	return defaultEnvironment ? {
+		name: DEFAULT_ENVIRONMENT,
+		config: defaultEnvironment
+	} : null;
+}
+function upsertCliEnvironment(params) {
+	const name = normalizeCliEnvironmentName(params.environmentName ?? resolveConfigEnvironment(params.config)?.name ?? "default");
+	const existing = params.config.environments[name] ?? {};
+	const nextHeaders = { ...existing.headers ?? {} };
+	for (const assignment of params.headers ?? []) {
+		const [headerName, value] = parseHeaderAssignment(assignment);
+		nextHeaders[headerName] = value;
+	}
+	for (const rawName of params.unsetHeaders ?? []) delete nextHeaders[validateCliHeaderName(rawName)];
+	const nextEnvironment = {
+		...existing,
+		...params.apiBaseUrl !== void 0 ? { api_base_url: normalizeApiBaseUrl(params.apiBaseUrl) } : {},
+		...Object.keys(nextHeaders).length > 0 ? { headers: nextHeaders } : {}
+	};
+	if (Object.keys(nextHeaders).length === 0) delete nextEnvironment.headers;
+	return {
+		...params.config,
+		current_environment: params.use === false ? params.config.current_environment : name,
+		environments: {
+			...params.config.environments,
+			[name]: nextEnvironment
+		}
+	};
+}
+function removeCliEnvironment(config, environmentName) {
+	const name = normalizeCliEnvironmentName(environmentName);
+	const environments = { ...config.environments };
+	delete environments[name];
+	return {
+		...config,
+		current_environment: config.current_environment === name ? null : config.current_environment,
+		environments
+	};
+}
+function redactCliEnvironment(environment) {
+	const headers = environment.headers && Object.keys(environment.headers).length > 0 ? Object.fromEntries(Object.keys(environment.headers).map((name) => [name, "***"])) : void 0;
+	return {
+		...environment,
+		...headers ? { headers } : {}
+	};
+}
+//#endregion
+export { PrimitiveApiClient as A, saveCliCredentials as C, loadActiveChatState as D, deleteChatState as E, createConfig as M, loadChatConversationByLocalId as O, resolveCliAuth as S, chatStatePath as T, deleteCliCredentials as _, normalizeCliEnvironmentName as a, loadCliCredentials as b, resolveConfigEnvironment as c, validateCliHeaderName as d, validateCliHeaderValue as f, credentialsPath as g, credentialsLockPath as h, loadCliConfig as i, createClient as j, saveActiveChatState as k, saveCliConfig as l, cliAccessTokenExpiresAt as m, deleteCliConfig as n, redactCliEnvironment as o, acquireCliCredentialsLock as p, emptyCliConfig as r, removeCliEnvironment as s, DEFAULT_ENVIRONMENT as t, upsertCliEnvironment as u, deleteCliCredentialsLock as v, saveSignupCredentials as w, normalizeApiBaseUrl as x, detectPrimitiveKeyEnvMisname as y };