replicas-cli 0.2.23 → 0.2.26

package/dist/index.js

@@ -1,371 +1,2948 @@
 #!/usr/bin/env node
+#!/usr/bin/env node
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
 };
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.CLI_VERSION = void 0;
-require("dotenv/config");
-const commander_1 = require("commander");
-const chalk_1 = __importDefault(require("chalk"));
-const login_1 = require("./commands/login");
-const logout_1 = require("./commands/logout");
-const whoami_1 = require("./commands/whoami");
-const connect_1 = require("./commands/connect");
-const code_1 = require("./commands/code");
-const org_1 = require("./commands/org");
-const config_1 = require("./commands/config");
-const tools_1 = require("./commands/tools");
-const codex_auth_1 = require("./commands/codex-auth");
-const claude_auth_1 = require("./commands/claude-auth");
-const dev_sync_1 = require("./commands/dev-sync");
-const init_1 = require("./commands/init");
-const version_check_1 = require("./lib/version-check");
-const replica_1 = require("./commands/replica");
-const repositories_1 = require("./commands/repositories");
-exports.CLI_VERSION = '0.2.23';
-const program = new commander_1.Command();
-program
-    .name('replicas')
-    .description('CLI for managing Replicas workspaces')
-    .version(exports.CLI_VERSION);
-program
-    .command('login')
-    .description('Authenticate with your Replicas account')
-    .action(async () => {
-    try {
-        await (0, login_1.loginCommand)();
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  CLI_VERSION: () => CLI_VERSION
+});
+module.exports = __toCommonJS(index_exports);
+var import_config17 = require("dotenv/config");
+var import_commander = require("commander");
+var import_chalk18 = __toESM(require("chalk"));
+
+// src/commands/login.ts
+var import_http = __toESM(require("http"));
+var import_url = require("url");
+var import_open = __toESM(require("open"));
+var import_chalk = __toESM(require("chalk"));
+
+// src/lib/config.ts
+var import_fs = __toESM(require("fs"));
+var import_path = __toESM(require("path"));
+var import_os = __toESM(require("os"));
+var CONFIG_DIR = import_path.default.join(import_os.default.homedir(), ".replicas");
+var CONFIG_FILE = import_path.default.join(CONFIG_DIR, "config.json");
+function ensureConfigDir() {
+  if (!import_fs.default.existsSync(CONFIG_DIR)) {
+    import_fs.default.mkdirSync(CONFIG_DIR, { recursive: true, mode: 448 });
+  }
+}
+function readConfig() {
+  if (!import_fs.default.existsSync(CONFIG_FILE)) {
+    return null;
+  }
+  try {
+    const data = import_fs.default.readFileSync(CONFIG_FILE, "utf-8");
+    return JSON.parse(data);
+  } catch (error) {
+    console.error("Error reading config file:", error);
+    return null;
+  }
+}
+function writeConfig(config2) {
+  ensureConfigDir();
+  try {
+    import_fs.default.writeFileSync(CONFIG_FILE, JSON.stringify(config2, null, 2), {
+      mode: 384
+      // Only owner can read/write
+    });
+  } catch (error) {
+    console.error("Error writing config file:", error);
+    throw error;
+  }
+}
+function deleteConfig() {
+  if (import_fs.default.existsSync(CONFIG_FILE)) {
+    import_fs.default.unlinkSync(CONFIG_FILE);
+  }
+}
+function isAuthenticated() {
+  const config2 = readConfig();
+  return config2 !== null && !!config2.access_token;
+}
+function setOrganizationId(organizationId) {
+  const config2 = readConfig();
+  if (!config2) {
+    throw new Error("No config file found. Please login first.");
+  }
+  config2.organization_id = organizationId;
+  writeConfig(config2);
+}
+function getOrganizationId() {
+  const config2 = readConfig();
+  return config2?.organization_id || null;
+}
+function setIdeCommand(ideCommand) {
+  const config2 = readConfig();
+  if (!config2) {
+    throw new Error("No config file found. Please login first.");
+  }
+  config2.ide_command = ideCommand;
+  writeConfig(config2);
+}
+function getIdeCommand() {
+  const config2 = readConfig();
+  return config2?.ide_command || "code";
+}
+
+// src/lib/supabase.ts
+var import_supabase_js = require("@supabase/supabase-js");
+var supabaseUrl = process.env.REPLICAS_SUPABASE_URL || "https://mxeqiomwgdgaesecwtct.supabase.co";
+var supabaseAnonKey = process.env.REPLICAS_SUPABASE_ANON_KEY || "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Im14ZXFpb213Z2RnYWVzZWN3dGN0Iiwicm9sZSI6ImFub24iLCJpYXQiOjE3NTk4OTk2ODAsImV4cCI6MjA3NTQ3NTY4MH0.zLRoK4r9Zep-WaLNkvWcb7DXlJBZFH26QXWO1ljMctM";
+var supabase = (0, import_supabase_js.createClient)(supabaseUrl, supabaseAnonKey, {
+  auth: {
+    persistSession: false,
+    autoRefreshToken: false
+  }
+});
+
+// src/lib/auth.ts
+function isTokenExpired(expiresAt) {
+  const now = Math.floor(Date.now() / 1e3);
+  return expiresAt - now < 60;
+}
+async function refreshToken() {
+  const config2 = readConfig();
+  if (!config2) {
+    throw new Error('Not authenticated. Please run "replicas login"');
+  }
+  try {
+    const { data, error } = await supabase.auth.refreshSession({
+      refresh_token: config2.refresh_token
+    });
+    if (error) throw error;
+    if (!data.session) throw new Error("Failed to refresh session");
+    writeConfig({
+      ...config2,
+      access_token: data.session.access_token,
+      refresh_token: data.session.refresh_token,
+      expires_at: data.session.expires_at || 0
+    });
+  } catch (error) {
+    throw new Error('Failed to refresh token. Please run "replicas login" again.');
+  }
+}
+async function getValidToken() {
+  const config2 = readConfig();
+  if (!config2) {
+    throw new Error('Not authenticated. Please run "replicas login"');
+  }
+  if (isTokenExpired(config2.expires_at)) {
+    await refreshToken();
+    const newConfig = readConfig();
+    if (!newConfig) {
+      throw new Error("Failed to get valid token");
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+    return newConfig.access_token;
+  }
+  return config2.access_token;
+}
+async function getCurrentUser() {
+  const token = await getValidToken();
+  const { data: { user }, error } = await supabase.auth.getUser(token);
+  if (error) throw error;
+  if (!user) throw new Error("User not found");
+  return {
+    id: user.id,
+    email: user.email || "Unknown"
+  };
+}
+
+// src/lib/api.ts
+var MONOLITH_URL = process.env.REPLICAS_MONOLITH_URL || "https://api.replicas.dev";
+async function authenticatedFetch(url, options) {
+  const token = await getValidToken();
+  if (!token) {
+    throw new Error("No access token available");
+  }
+  const headers = {
+    "Authorization": `Bearer ${token}`,
+    "Content-Type": "application/json",
+    ...options?.headers || {}
+  };
+  const absoluteUrl = `${MONOLITH_URL}${url}`;
+  const requestInit = {
+    ...options,
+    headers,
+    body: options?.body !== void 0 ? JSON.stringify(options.body) : void 0
+  };
+  const response = await fetchWithRedirects(absoluteUrl, requestInit);
+  if (!response.ok) {
+    const error = await response.json().catch(() => ({ error: "Request failed" }));
+    throw new Error(error.error || `Request failed with status ${response.status}`);
+  }
+  return response.json();
+}
+var REDIRECT_STATUSES = /* @__PURE__ */ new Set([301, 302, 303, 307, 308]);
+var MAX_REDIRECTS = 5;
+async function fetchWithRedirects(url, init, attempt = 0) {
+  const response = await fetch(url, { ...init, redirect: "manual" });
+  if (REDIRECT_STATUSES.has(response.status)) {
+    if (attempt >= MAX_REDIRECTS) {
+      throw new Error("Too many redirects while contacting the Replicas API");
     }
-});
-program
-    .command('init')
-    .description('Create a replicas.json configuration file')
-    .option('-f, --force', 'Overwrite existing replicas.json file')
-    .action((options) => {
-    try {
-        (0, init_1.initCommand)(options);
+    const location = response.headers.get("location");
+    if (!location) {
+      throw new Error(`Redirect status ${response.status} missing Location header`);
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+    const nextUrl = new URL(location, url).toString();
+    const shouldForceGet = response.status === 303 && init.method !== void 0 && init.method.toUpperCase() !== "GET";
+    const nextInit = {
+      ...init,
+      method: shouldForceGet ? "GET" : init.method,
+      body: shouldForceGet ? void 0 : init.body
+    };
+    return fetchWithRedirects(nextUrl, nextInit, attempt + 1);
+  }
+  return response;
+}
+async function orgAuthenticatedFetch(url, options) {
+  const token = await getValidToken();
+  const organizationId = getOrganizationId();
+  if (!organizationId) {
+    throw new Error(
+      'No organization selected. Please run "replicas org switch" to select an organization.'
+    );
+  }
+  const headers = {
+    "Authorization": `Bearer ${token}`,
+    "Replicas-Org-Id": organizationId,
+    "Content-Type": "application/json",
+    ...options?.headers || {}
+  };
+  const absoluteUrl = `${MONOLITH_URL}${url}`;
+  const requestInit = {
+    ...options,
+    headers,
+    body: options?.body !== void 0 ? JSON.stringify(options.body) : void 0
+  };
+  const response = await fetchWithRedirects(absoluteUrl, requestInit);
+  if (!response.ok) {
+    const error = await response.json().catch(() => ({ error: "Request failed" }));
+    throw new Error(error.error || `Request failed with status ${response.status}`);
+  }
+  return response.json();
+}
+
+// src/lib/organization.ts
+async function fetchOrganizations() {
+  const response = await authenticatedFetch(
+    "/v1/user/organizations"
+  );
+  return response.organizations;
+}
+async function setActiveOrganization(organizationId) {
+  const organizations = await fetchOrganizations();
+  const organization = organizations.find((org2) => org2.id === organizationId);
+  if (!organization) {
+    throw new Error(`Organization with ID ${organizationId} not found or you don't have access to it.`);
+  }
+  setOrganizationId(organizationId);
+}
+async function ensureOrganization() {
+  const organizations = await fetchOrganizations();
+  if (organizations.length === 0) {
+    throw new Error("You are not a member of any organization. Please contact support.");
+  }
+  const defaultOrg = organizations[0];
+  setOrganizationId(defaultOrg.id);
+  return defaultOrg.id;
+}
+
+// src/commands/login.ts
+var WEB_APP_URL = process.env.REPLICAS_WEB_URL || "https://replicas.dev";
+function generateState() {
+  return Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 15);
+}
+async function loginCommand() {
+  const state = generateState();
+  return new Promise((resolve, reject) => {
+    let authTimeout;
+    let hasHandledCallback = false;
+    let lastRedirectUrl = null;
+    let lastMessage = null;
+    const pendingResponses = /* @__PURE__ */ new Set();
+    function respondWithRedirect(res) {
+      if (lastRedirectUrl) {
+        res.writeHead(302, {
+          "Location": lastRedirectUrl,
+          "Connection": "close"
+        });
+        res.end();
+      } else {
+        res.writeHead(200, {
+          "Content-Type": "text/html; charset=utf-8",
+          "Connection": "close"
+        });
+        res.end(`
+          <!DOCTYPE html>
+          <html lang="en">
+            <head>
+              <meta charset="utf-8" />
+              <title>Replicas CLI Login</title>
+              <style>
+                body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif; background:#09090b; color:#f4f4f5; display:flex; align-items:center; justify-content:center; height:100vh; margin:0; }
+                .card { border:1px solid #27272a; padding:32px; border-radius:12px; background:#0f0f12; max-width:420px; text-align:center; }
+                .title { font-size:20px; margin-bottom:12px; letter-spacing:0.08em; text-transform:uppercase; color:#a855f7; }
+                .message { font-family: 'Menlo', 'Source Code Pro', monospace; font-size:14px; line-height:1.6; color:#d4d4d8; white-space:pre-line; }
+              </style>
+            </head>
+            <body>
+              <div class="card">
+                <div class="title">Replicas CLI</div>
+                <div class="message">${lastMessage || "Authentication already processed. You can close this tab."}</div>
+              </div>
+            </body>
+          </html>
+        `);
+      }
     }
-});
-program
-    .command('logout')
-    .description('Clear stored credentials')
-    .action(() => {
-    try {
-        (0, logout_1.logoutCommand)();
+    function flushPendingResponses() {
+      for (const response of pendingResponses) {
+        respondWithRedirect(response);
+      }
+      pendingResponses.clear();
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
+    const server = import_http.default.createServer(async (req, res) => {
+      const url = new import_url.URL(req.url || "", `http://${req.headers.host}`);
+      if (url.pathname === "/callback") {
+        if (hasHandledCallback) {
+          if (!lastRedirectUrl) {
+            pendingResponses.add(res);
+            res.on("close", () => pendingResponses.delete(res));
+            return;
+          }
+          respondWithRedirect(res);
+          return;
         }
-        process.exit(1);
+        const returnedState = url.searchParams.get("state");
+        const accessToken = url.searchParams.get("access_token");
+        const refreshToken2 = url.searchParams.get("refresh_token");
+        const expiresAt = url.searchParams.get("expires_at");
+        const error = url.searchParams.get("error");
+        if (error) {
+          const errorUrl = `${WEB_APP_URL}/cli-login/error?message=${encodeURIComponent(error)}`;
+          lastRedirectUrl = errorUrl;
+          lastMessage = `Authentication failed: ${error}`;
+          respondWithRedirect(res);
+          flushPendingResponses();
+          clearTimeout(authTimeout);
+          setImmediate(() => {
+            server.closeAllConnections?.();
+            server.close();
+            reject(new Error(`Authentication failed: ${error}`));
+          });
+          return;
+        }
+        if (returnedState !== state) {
+          const errorUrl = `${WEB_APP_URL}/cli-login/error?message=${encodeURIComponent("Invalid state parameter. This might be a CSRF attack.")}`;
+          lastRedirectUrl = errorUrl;
+          lastMessage = "Invalid state parameter. This might be a CSRF attack.";
+          respondWithRedirect(res);
+          flushPendingResponses();
+          clearTimeout(authTimeout);
+          setImmediate(() => {
+            server.closeAllConnections?.();
+            server.close();
+            reject(new Error("Invalid state parameter"));
+          });
+          return;
+        }
+        if (!accessToken || !refreshToken2 || !expiresAt) {
+          const errorUrl = `${WEB_APP_URL}/cli-login/error?message=${encodeURIComponent("Missing required authentication tokens.")}`;
+          lastRedirectUrl = errorUrl;
+          lastMessage = "Missing required authentication tokens.";
+          respondWithRedirect(res);
+          flushPendingResponses();
+          clearTimeout(authTimeout);
+          setImmediate(() => {
+            server.closeAllConnections?.();
+            server.close();
+            reject(new Error("Missing authentication tokens"));
+          });
+          return;
+        }
+        hasHandledCallback = true;
+        const existingConfig = readConfig();
+        const config2 = {
+          access_token: accessToken,
+          refresh_token: refreshToken2,
+          expires_at: parseInt(expiresAt, 10),
+          organization_id: existingConfig?.organization_id,
+          ide_command: existingConfig?.ide_command
+        };
+        try {
+          writeConfig(config2);
+          const user = await getCurrentUser();
+          try {
+            const orgId = await ensureOrganization();
+            console.log(import_chalk.default.gray(`  Organization: ${orgId}`));
+          } catch (orgError) {
+            console.log(import_chalk.default.yellow("  Warning: Could not fetch organizations"));
+            console.log(import_chalk.default.gray("  You can set your organization later with: replicas org switch"));
+          }
+          const successUrl = `${WEB_APP_URL}/cli-login/success?email=${encodeURIComponent(user.email)}`;
+          lastRedirectUrl = successUrl;
+          lastMessage = `Successfully logged in as ${user.email}. You can close this tab.`;
+          respondWithRedirect(res);
+          flushPendingResponses();
+          console.log(import_chalk.default.green("\n\u2713 Successfully logged in!"));
+          console.log(import_chalk.default.gray(`  Email: ${user.email}
+`));
+          clearTimeout(authTimeout);
+          setImmediate(() => {
+            server.closeAllConnections?.();
+            server.close();
+            resolve();
+          });
+        } catch (error2) {
+          const errorUrl = `${WEB_APP_URL}/cli-login/error?message=${encodeURIComponent("Failed to verify authentication.")}`;
+          lastRedirectUrl = errorUrl;
+          lastMessage = "Failed to verify authentication.";
+          respondWithRedirect(res);
+          flushPendingResponses();
+          clearTimeout(authTimeout);
+          setImmediate(() => {
+            server.closeAllConnections?.();
+            server.close();
+            reject(error2);
+          });
+        }
+      } else {
+        res.writeHead(404);
+        res.end("Not found");
+      }
+    });
+    server.listen(0, "localhost", () => {
+      const address = server.address();
+      if (!address || typeof address === "string") {
+        reject(new Error("Failed to start server"));
+        return;
+      }
+      const port = address.port;
+      const loginUrl = `${WEB_APP_URL}/cli-login?port=${port}&state=${state}`;
+      console.log(import_chalk.default.blue("\nOpening browser for authentication..."));
+      console.log(import_chalk.default.gray(`If the browser doesn't open automatically, visit:
+${loginUrl}
+`));
+      (0, import_open.default)(loginUrl).catch((error) => {
+        console.log(import_chalk.default.yellow("Failed to open browser automatically."));
+        console.log(import_chalk.default.gray(`Please open this URL manually:
+${loginUrl}
+`));
+      });
+    });
+    authTimeout = setTimeout(() => {
+      server.closeAllConnections?.();
+      server.close();
+      reject(new Error("Authentication timeout. Please try again."));
+    }, 5 * 60 * 1e3);
+  });
+}
+
+// src/commands/logout.ts
+var import_chalk2 = __toESM(require("chalk"));
+function logoutCommand() {
+  if (!isAuthenticated()) {
+    console.log(import_chalk2.default.yellow("You are not logged in."));
+    return;
+  }
+  deleteConfig();
+  console.log(import_chalk2.default.green("\u2713 Successfully logged out!"));
+}
+
+// src/commands/whoami.ts
+var import_chalk3 = __toESM(require("chalk"));
+async function whoamiCommand() {
+  if (!isAuthenticated()) {
+    console.log(import_chalk3.default.yellow("You are not logged in."));
+    console.log(import_chalk3.default.gray('Run "replicas login" to authenticate.'));
+    return;
+  }
+  try {
+    const user = await getCurrentUser();
+    console.log(import_chalk3.default.blue("\nCurrent User:"));
+    console.log(import_chalk3.default.gray(`  ID:    ${user.id}`));
+    console.log(import_chalk3.default.gray(`  Email: ${user.email}
+`));
+  } catch (error) {
+    console.error(import_chalk3.default.red("Failed to get user information."));
+    if (error instanceof Error) {
+      console.error(import_chalk3.default.gray(error.message));
     }
-});
-program
-    .command('whoami')
-    .description('Display current authenticated user')
-    .action(async () => {
-    try {
-        await (0, whoami_1.whoamiCommand)();
+    console.log(import_chalk3.default.gray('\nTry running "replicas login" again.'));
+    process.exit(1);
+  }
+}
+
+// src/commands/connect.ts
+var import_chalk5 = __toESM(require("chalk"));
+
+// src/lib/ssh.ts
+var import_fs2 = __toESM(require("fs"));
+var import_path2 = __toESM(require("path"));
+var import_child_process = require("child_process");
+var SSH_KEYS_DIR = import_path2.default.join(CONFIG_DIR, "keys");
+function ensureSSHKeysDir() {
+  if (!import_fs2.default.existsSync(SSH_KEYS_DIR)) {
+    import_fs2.default.mkdirSync(SSH_KEYS_DIR, { recursive: true, mode: 448 });
+  }
+}
+function getSSHKeyPath(sshKeyId) {
+  return import_path2.default.join(SSH_KEYS_DIR, `${sshKeyId}.pem`);
+}
+async function getSSHKey(sshKeyId) {
+  const keyPath = getSSHKeyPath(sshKeyId);
+  if (import_fs2.default.existsSync(keyPath)) {
+    return import_fs2.default.readFileSync(keyPath, "utf-8");
+  }
+  const response = await orgAuthenticatedFetch(
+    `/v1/keys/${sshKeyId}?includePrivateKey=true`
+  );
+  if (!response.privateKey) {
+    throw new Error("Failed to retrieve private key from server");
+  }
+  ensureSSHKeysDir();
+  import_fs2.default.writeFileSync(keyPath, response.privateKey, { mode: 384 });
+  return response.privateKey;
+}
+async function scpCopyFile(privateKeyPath, localPath, remotePath, remoteHost) {
+  return new Promise((resolve, reject) => {
+    const scp = (0, import_child_process.spawn)("scp", [
+      "-i",
+      privateKeyPath,
+      "-o",
+      "StrictHostKeyChecking=no",
+      "-o",
+      "UserKnownHostsFile=/dev/null",
+      localPath,
+      `ubuntu@${remoteHost}:${remotePath}`
+    ], {
+      stdio: "inherit"
+    });
+    scp.on("close", (code) => {
+      if (code === 0) {
+        resolve();
+      } else {
+        reject(new Error(`scp failed with exit code ${code}`));
+      }
+    });
+    scp.on("error", reject);
+  });
+}
+async function connectSSH(privateKeyPath, remoteHost, portMappings) {
+  return new Promise((resolve, reject) => {
+    const sshArgs = [
+      "-i",
+      privateKeyPath,
+      "-o",
+      "StrictHostKeyChecking=no",
+      "-o",
+      "UserKnownHostsFile=/dev/null"
+    ];
+    for (const [remotePort, localPort] of portMappings) {
+      sshArgs.push("-L", `${localPort}:localhost:${remotePort}`);
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+    sshArgs.push(`ubuntu@${remoteHost}`);
+    const ssh = (0, import_child_process.spawn)("ssh", sshArgs, {
+      stdio: "inherit"
+    });
+    ssh.on("close", (code) => {
+      resolve();
+    });
+    ssh.on("error", reject);
+  });
+}
+
+// src/lib/workspace-connection.ts
+var import_chalk4 = __toESM(require("chalk"));
+var import_prompts = __toESM(require("prompts"));
+var import_path5 = __toESM(require("path"));
+var import_fs4 = __toESM(require("fs"));
+
+// src/lib/git.ts
+var import_child_process2 = require("child_process");
+var import_path3 = __toESM(require("path"));
+function getGitRoot() {
+  try {
+    const root = (0, import_child_process2.execSync)("git rev-parse --show-toplevel", {
+      encoding: "utf-8",
+      stdio: ["pipe", "pipe", "pipe"]
+    }).trim();
+    return root;
+  } catch (error) {
+    throw new Error("Not inside a git repository");
+  }
+}
+function getGitRepoName() {
+  const root = getGitRoot();
+  return import_path3.default.basename(root);
+}
+function isInsideGitRepo() {
+  try {
+    (0, import_child_process2.execSync)("git rev-parse --is-inside-work-tree", {
+      encoding: "utf-8",
+      stdio: ["pipe", "pipe", "pipe"]
+    });
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+// src/lib/replicas-config.ts
+var import_fs3 = __toESM(require("fs"));
+var import_path4 = __toESM(require("path"));
+function readReplicasConfig() {
+  try {
+    const gitRoot = getGitRoot();
+    const configPath = import_path4.default.join(gitRoot, "replicas.json");
+    if (!import_fs3.default.existsSync(configPath)) {
+      return null;
     }
-});
-program
-    .command('tools')
-    .description('List tools available on the Replicas Machine Image')
-    .action(async () => {
-    try {
-        await (0, tools_1.toolsCommand)();
+    const data = import_fs3.default.readFileSync(configPath, "utf-8");
+    const config2 = JSON.parse(data);
+    if (config2.copy && !Array.isArray(config2.copy)) {
+      throw new Error('Invalid replicas.json: "copy" must be an array of file paths');
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+    if (config2.ports && !Array.isArray(config2.ports)) {
+      throw new Error('Invalid replicas.json: "ports" must be an array of port numbers');
     }
-});
-program
-    .command('codex-auth')
-    .description('Authenticate Replicas with your Codex credentials')
-    .option('-u, --user', 'Store credentials for your personal account')
-    .action(async (options) => {
-    try {
-        await (0, codex_auth_1.codexAuthCommand)(options);
+    if (config2.ports && !config2.ports.every((p) => typeof p === "number")) {
+      throw new Error("Invalid replicas.json: all ports must be numbers");
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+    if (config2.organizationId && typeof config2.organizationId !== "string") {
+      throw new Error('Invalid replicas.json: "organizationId" must be a string');
     }
-});
-program
-    .command('claude-auth')
-    .description('Authenticate Replicas with your Claude Code credentials')
-    .option('-u, --user', 'Store credentials for your personal account')
-    .action(async (options) => {
-    try {
-        await (0, claude_auth_1.claudeAuthCommand)(options);
+    if (config2.systemPrompt && typeof config2.systemPrompt !== "string") {
+      throw new Error('Invalid replicas.json: "systemPrompt" must be a string');
+    }
+    return config2;
+  } catch (error) {
+    if (error instanceof Error) {
+      throw error;
+    }
+    throw new Error("Failed to read replicas.json");
+  }
+}
+function validateCopyFiles(copyFiles) {
+  const gitRoot = getGitRoot();
+  const valid = [];
+  const invalid = [];
+  for (const file of copyFiles) {
+    const fullPath = import_path4.default.join(gitRoot, file);
+    if (import_fs3.default.existsSync(fullPath)) {
+      valid.push(file);
+    } else {
+      invalid.push(file);
+    }
+  }
+  return { valid, invalid };
+}
+function getAbsoluteCopyPath(relativePath) {
+  const gitRoot = getGitRoot();
+  return import_path4.default.join(gitRoot, relativePath);
+}
+
+// src/lib/ports.ts
+var import_child_process3 = require("child_process");
+async function isPortAvailable(port) {
+  try {
+    (0, import_child_process3.execSync)(`lsof -i :${port} -P -n | grep LISTEN`, {
+      encoding: "utf-8",
+      stdio: ["pipe", "pipe", "pipe"]
+    });
+    return false;
+  } catch (error) {
+    return true;
+  }
+}
+async function findAvailablePort(desiredPort) {
+  const baseHundred = Math.floor(desiredPort / 100) * 100;
+  const maxPort = desiredPort >= baseHundred && desiredPort < baseHundred + 100 ? baseHundred + 99 : desiredPort + 100;
+  for (let port = desiredPort; port <= maxPort; port++) {
+    if (await isPortAvailable(port)) {
+      return port;
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
+  }
+  throw new Error(
+    `Could not find available port in range ${desiredPort}-${maxPort}`
+  );
+}
+async function mapPortsToLocal(remotePorts) {
+  const portMap = /* @__PURE__ */ new Map();
+  for (const remotePort of remotePorts) {
+    const localPort = await findAvailablePort(remotePort);
+    portMap.set(remotePort, localPort);
+  }
+  return portMap;
+}
+
+// src/lib/workspace-connection.ts
+async function prepareWorkspaceConnection(workspaceName, options) {
+  const orgId = getOrganizationId();
+  if (!orgId) {
+    throw new Error('No organization selected. Please run "replicas org switch" first.');
+  }
+  console.log(import_chalk4.default.blue(`
+Searching for workspace: ${workspaceName}...`));
+  const response = await orgAuthenticatedFetch(
+    `/v1/workspaces?name=${encodeURIComponent(workspaceName)}`
+  );
+  if (response.workspaces.length === 0) {
+    throw new Error(`No workspaces found with name matching "${workspaceName}".`);
+  }
+  let selectedWorkspace;
+  if (response.workspaces.length === 1) {
+    selectedWorkspace = response.workspaces[0];
+  } else {
+    console.log(import_chalk4.default.yellow(`
+Found ${response.workspaces.length} workspaces matching "${workspaceName}":`));
+    const selectResponse = await (0, import_prompts.default)({
+      type: "select",
+      name: "workspaceId",
+      message: "Select a workspace:",
+      choices: response.workspaces.map((ws) => ({
+        title: `${ws.name} (${ws.status || "unknown"})`,
+        value: ws.id,
+        description: `IP: ${ws.ipv4_address || "N/A"} | Instance: ${ws.instance_type || "N/A"}`
+      }))
+    });
+    if (!selectResponse.workspaceId) {
+      throw new Error("Workspace selection cancelled.");
+    }
+    selectedWorkspace = response.workspaces.find((ws) => ws.id === selectResponse.workspaceId);
+  }
+  console.log(import_chalk4.default.green(`
+\u2713 Selected workspace: ${selectedWorkspace.name}`));
+  console.log(import_chalk4.default.gray(`  IP: ${selectedWorkspace.ipv4_address}`));
+  console.log(import_chalk4.default.gray(`  Status: ${selectedWorkspace.status || "unknown"}`));
+  if (selectedWorkspace.status === "sleeping") {
+    throw new Error(
+      "Workspace is currently sleeping. Please wake it up in the dashboard at https://replicas.dev before connecting."
+    );
+  }
+  if (!selectedWorkspace.ipv4_address) {
+    throw new Error("Workspace does not have an IP address. It may not be running yet.");
+  }
+  console.log(import_chalk4.default.blue("\nRetrieving SSH key..."));
+  const privateKey = await getSSHKey(selectedWorkspace.ssh_key_id);
+  const keyPath = import_path5.default.join(CONFIG_DIR, "keys", `${selectedWorkspace.ssh_key_id}.pem`);
+  import_fs4.default.writeFileSync(keyPath, privateKey, { mode: 384 });
+  console.log(import_chalk4.default.green("\u2713 SSH key ready"));
+  let repoName = null;
+  if (options.copy) {
+    if (!isInsideGitRepo()) {
+      console.log(import_chalk4.default.yellow("\nWarning: Not inside a git repository. Skipping file copy."));
+    } else {
+      repoName = getGitRepoName();
+      const replicasConfig = readReplicasConfig();
+      if (!replicasConfig || !replicasConfig.copy || replicasConfig.copy.length === 0) {
+        console.log(import_chalk4.default.yellow("\nNo files to copy (replicas.json not found or empty)."));
+      } else {
+        console.log(import_chalk4.default.blue(`
+Copying files to workspace (repo: ${repoName})...`));
+        const { valid, invalid } = validateCopyFiles(replicasConfig.copy);
+        if (invalid.length > 0) {
+          console.log(import_chalk4.default.yellow(`
+Warning: ${invalid.length} file(s) not found locally:`));
+          invalid.forEach((file) => console.log(import_chalk4.default.gray(`  - ${file}`)));
         }
-        process.exit(1);
+        for (const file of valid) {
+          const localPath = getAbsoluteCopyPath(file);
+          const remotePath = `/home/ubuntu/workspaces/${repoName}/${file}`;
+          console.log(import_chalk4.default.gray(`  Copying ${file}...`));
+          try {
+            await scpCopyFile(keyPath, localPath, remotePath, selectedWorkspace.ipv4_address);
+            console.log(import_chalk4.default.green(`  \u2713 ${file}`));
+          } catch (error) {
+            console.log(import_chalk4.default.red(`  \u2717 Failed to copy ${file}: ${error instanceof Error ? error.message : "Unknown error"}`));
+          }
+        }
+        console.log(import_chalk4.default.green(`
+\u2713 File copy complete (${valid.length} files)`));
+      }
     }
-});
-// Organization commands
-const org = program
-    .command('org')
-    .description('Manage organizations');
-org
-    .command('switch')
-    .description('Switch to a different organization')
-    .action(async () => {
+  }
+  if (!repoName && isInsideGitRepo()) {
     try {
-        await (0, org_1.orgSwitchCommand)();
+      repoName = getGitRepoName();
+    } catch {
+    }
+  }
+  const portMappings = /* @__PURE__ */ new Map();
+  console.log(import_chalk4.default.blue("\nSetting up port forwarding..."));
+  if (isInsideGitRepo()) {
+    const replicasConfig = readReplicasConfig();
+    if (replicasConfig && replicasConfig.ports && replicasConfig.ports.length > 0) {
+      const mappings = await mapPortsToLocal(replicasConfig.ports);
+      for (const [remotePort, localPort] of mappings) {
+        portMappings.set(remotePort, localPort);
+        console.log(import_chalk4.default.gray(`  Forwarding localhost:${localPort} -> workspace:${remotePort}`));
+      }
+    }
+  }
+  console.log(import_chalk4.default.green("\u2713 Port forwarding configured"));
+  return {
+    workspace: selectedWorkspace,
+    sshKeyPath: keyPath,
+    portMappings,
+    repoName
+  };
+}
+
+// src/commands/connect.ts
+async function connectCommand(workspaceName, options) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk5.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    const { workspace, sshKeyPath, portMappings } = await prepareWorkspaceConnection(
+      workspaceName,
+      options
+    );
+    console.log(import_chalk5.default.blue(`
+Connecting to ${workspace.name}...`));
+    let sshCommand = `ssh -i ${sshKeyPath}`;
+    for (const [remotePort, localPort] of portMappings) {
+      sshCommand += ` -L ${localPort}:localhost:${remotePort}`;
+    }
+    sshCommand += ` ubuntu@${workspace.ipv4_address}`;
+    console.log(import_chalk5.default.gray(`SSH command: ${sshCommand}`));
+    if (portMappings.size > 0) {
+      console.log(import_chalk5.default.cyan("\nPort forwarding active:"));
+      for (const [remotePort, localPort] of portMappings) {
+        console.log(import_chalk5.default.cyan(`  \u2022 localhost:${localPort} \u2192 workspace:${remotePort}`));
+      }
+    }
+    console.log(import_chalk5.default.gray("\nPress Ctrl+D to disconnect.\n"));
+    await connectSSH(sshKeyPath, workspace.ipv4_address, portMappings);
+    console.log(import_chalk5.default.green("\n\u2713 Disconnected from workspace.\n"));
+  } catch (error) {
+    console.error(import_chalk5.default.red(`
+Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+
+// src/commands/code.ts
+var import_chalk6 = __toESM(require("chalk"));
+var import_child_process4 = require("child_process");
+
+// src/lib/ssh-config.ts
+var import_fs5 = __toESM(require("fs"));
+var import_path6 = __toESM(require("path"));
+var import_os2 = __toESM(require("os"));
+var SSH_CONFIG_PATH = import_path6.default.join(import_os2.default.homedir(), ".ssh", "config");
+var REPLICAS_MARKER_START = "# === REPLICAS CLI MANAGED ENTRY START ===";
+var REPLICAS_MARKER_END = "# === REPLICAS CLI MANAGED ENTRY END ===";
+function ensureSSHDir() {
+  const sshDir = import_path6.default.join(import_os2.default.homedir(), ".ssh");
+  if (!import_fs5.default.existsSync(sshDir)) {
+    import_fs5.default.mkdirSync(sshDir, { recursive: true, mode: 448 });
+  }
+}
+function readSSHConfig() {
+  ensureSSHDir();
+  if (!import_fs5.default.existsSync(SSH_CONFIG_PATH)) {
+    return "";
+  }
+  return import_fs5.default.readFileSync(SSH_CONFIG_PATH, "utf-8");
+}
+function writeSSHConfig(content) {
+  ensureSSHDir();
+  import_fs5.default.writeFileSync(SSH_CONFIG_PATH, content, { mode: 384 });
+}
+function generateConfigBlock(entry) {
+  const lines = [
+    REPLICAS_MARKER_START,
+    `Host ${entry.host}`,
+    `  HostName ${entry.hostname}`,
+    `  User ${entry.user}`,
+    `  IdentityFile ${entry.identityFile}`,
+    `  StrictHostKeyChecking no`,
+    `  UserKnownHostsFile /dev/null`
+  ];
+  if (entry.portForwards && entry.portForwards.size > 0) {
+    for (const [localPort, remotePort] of entry.portForwards) {
+      lines.push(`  LocalForward ${localPort} localhost:${remotePort}`);
+    }
+  }
+  lines.push(REPLICAS_MARKER_END);
+  return lines.join("\n");
+}
+function addOrUpdateSSHConfigEntry(entry) {
+  let config2 = readSSHConfig();
+  const lines = config2.split("\n");
+  const result = [];
+  let inTargetBlock = false;
+  for (const line of lines) {
+    if (line.trim() === REPLICAS_MARKER_START) {
+      const nextLines = lines.slice(lines.indexOf(line) + 1, lines.indexOf(line) + 3);
+      const hostLine = nextLines.find((l) => l.trim().startsWith("Host "));
+      if (hostLine && hostLine.includes(entry.host)) {
+        inTargetBlock = true;
+        continue;
+      }
+      result.push(line);
+      continue;
+    }
+    if (line.trim() === REPLICAS_MARKER_END) {
+      if (inTargetBlock) {
+        inTargetBlock = false;
+        continue;
+      }
+      result.push(line);
+      continue;
+    }
+    if (inTargetBlock) {
+      continue;
+    }
+    result.push(line);
+  }
+  config2 = result.join("\n");
+  const newEntry = generateConfigBlock(entry);
+  let finalConfig = config2.trim();
+  if (finalConfig.length > 0) {
+    finalConfig += "\n\n";
+  }
+  finalConfig += newEntry + "\n";
+  writeSSHConfig(finalConfig);
+}
+function getWorkspaceHostAlias(workspaceName) {
+  return `replicas-${workspaceName.toLowerCase().replace(/[^a-z0-9-]/g, "-")}`;
+}
+
+// src/commands/code.ts
+async function codeCommand(workspaceName, options) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk6.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    const { workspace, sshKeyPath, portMappings, repoName } = await prepareWorkspaceConnection(
+      workspaceName,
+      options
+    );
+    const hostAlias = getWorkspaceHostAlias(workspace.name);
+    console.log(import_chalk6.default.blue("\nConfiguring SSH connection..."));
+    addOrUpdateSSHConfigEntry({
+      host: hostAlias,
+      hostname: workspace.ipv4_address,
+      user: "ubuntu",
+      identityFile: sshKeyPath,
+      portForwards: portMappings
+    });
+    console.log(import_chalk6.default.green(`\u2713 SSH config entry created: ${hostAlias}`));
+    const remotePath = repoName ? `/home/ubuntu/workspaces/${repoName}` : "/home/ubuntu";
+    const ideCommand = getIdeCommand();
+    const fullCommand = `${ideCommand} --remote ssh-remote+${hostAlias} ${remotePath}`;
+    console.log(import_chalk6.default.blue(`
+Opening ${ideCommand} for workspace ${workspace.name}...`));
+    console.log(import_chalk6.default.gray(`Command: ${fullCommand}`));
+    if (portMappings.size > 0) {
+      console.log(import_chalk6.default.cyan("\nPort forwarding configured:"));
+      for (const [remotePort, localPort] of portMappings) {
+        console.log(import_chalk6.default.cyan(`  \u2022 localhost:${localPort} \u2192 workspace:${remotePort}`));
+      }
+    }
+    const ide = (0, import_child_process4.spawn)(ideCommand, [
+      "--remote",
+      `ssh-remote+${hostAlias}`,
+      remotePath
+    ], {
+      stdio: "inherit",
+      detached: false
+    });
+    ide.on("error", (error) => {
+      console.error(import_chalk6.default.red(`
+Failed to launch ${ideCommand}: ${error.message}`));
+      console.log(import_chalk6.default.yellow(`
+Make sure ${ideCommand} is installed and available in your PATH.`));
+      console.log(import_chalk6.default.gray(`You can configure a different IDE with: replicas config set ide <command>`));
+      process.exit(1);
+    });
+    ide.on("close", (code) => {
+      if (code === 0) {
+        console.log(import_chalk6.default.green(`
+\u2713 ${ideCommand} closed successfully.
+`));
+      }
+    });
+  } catch (error) {
+    console.error(import_chalk6.default.red(`
+Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+
+// src/commands/org.ts
+var import_chalk7 = __toESM(require("chalk"));
+var import_prompts2 = __toESM(require("prompts"));
+async function orgCommand() {
+  if (!isAuthenticated()) {
+    console.log(import_chalk7.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    const currentOrgId = getOrganizationId();
+    const organizations = await fetchOrganizations();
+    if (!currentOrgId) {
+      console.log(import_chalk7.default.yellow("No organization selected."));
+      console.log(import_chalk7.default.gray('Run "replicas org switch" to select an organization.\n'));
+      return;
+    }
+    const currentOrg = organizations.find((org2) => org2.id === currentOrgId);
+    if (!currentOrg) {
+      console.log(import_chalk7.default.yellow(`Current organization ID (${currentOrgId}) not found.`));
+      console.log(import_chalk7.default.gray('Run "replicas org switch" to select a new organization.\n'));
+      return;
+    }
+    console.log(import_chalk7.default.green("\nCurrent organization:"));
+    console.log(import_chalk7.default.gray(`  Name: ${currentOrg.name}`));
+    console.log(import_chalk7.default.gray(`  ID: ${currentOrg.id}
+`));
+  } catch (error) {
+    console.error(import_chalk7.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+async function orgSwitchCommand() {
+  if (!isAuthenticated()) {
+    console.log(import_chalk7.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    const organizations = await fetchOrganizations();
+    if (organizations.length === 0) {
+      console.log(import_chalk7.default.yellow("You are not a member of any organization."));
+      console.log(import_chalk7.default.gray("Please contact support.\n"));
+      return;
+    }
+    if (organizations.length === 1) {
+      await setActiveOrganization(organizations[0].id);
+      console.log(import_chalk7.default.green(`
+\u2713 Organization set to: ${organizations[0].name}
+`));
+      return;
+    }
+    const currentOrgId = getOrganizationId();
+    const response = await (0, import_prompts2.default)({
+      type: "select",
+      name: "organizationId",
+      message: "Select an organization:",
+      choices: organizations.map((org2) => ({
+        title: `${org2.name}${org2.id === currentOrgId ? " (current)" : ""}`,
+        value: org2.id,
+        description: org2.id
+      })),
+      initial: organizations.findIndex((org2) => org2.id === currentOrgId)
+    });
+    if (!response.organizationId) {
+      console.log(import_chalk7.default.yellow("\nCancelled."));
+      return;
+    }
+    await setActiveOrganization(response.organizationId);
+    const selectedOrg = organizations.find((org2) => org2.id === response.organizationId);
+    console.log(import_chalk7.default.green(`
+\u2713 Switched to organization: ${selectedOrg?.name}
+`));
+  } catch (error) {
+    console.error(import_chalk7.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+
+// src/commands/config.ts
+var import_chalk8 = __toESM(require("chalk"));
+async function configGetCommand(key) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk8.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    if (key === "ide") {
+      const ideCommand = getIdeCommand();
+      console.log(import_chalk8.default.green(`
+IDE command: ${ideCommand}
+`));
+    } else {
+      console.log(import_chalk8.default.red(`Unknown config key: ${key}`));
+      console.log(import_chalk8.default.gray("Available keys: ide"));
+      process.exit(1);
+    }
+  } catch (error) {
+    console.error(import_chalk8.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+async function configSetCommand(key, value) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk8.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    if (key === "ide") {
+      setIdeCommand(value);
+      console.log(import_chalk8.default.green(`
+\u2713 IDE command set to: ${value}
+`));
+    } else {
+      console.log(import_chalk8.default.red(`Unknown config key: ${key}`));
+      console.log(import_chalk8.default.gray("Available keys: ide"));
+      process.exit(1);
+    }
+  } catch (error) {
+    console.error(import_chalk8.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+async function configListCommand() {
+  if (!isAuthenticated()) {
+    console.log(import_chalk8.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    const config2 = readConfig();
+    if (!config2) {
+      console.log(import_chalk8.default.red("No config found. Please login first."));
+      process.exit(1);
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
+    console.log(import_chalk8.default.green("\nCurrent configuration:"));
+    console.log(import_chalk8.default.gray(`  Organization ID: ${config2.organization_id || "(not set)"}`));
+    console.log(import_chalk8.default.gray(`  IDE command: ${config2.ide_command || "code (default)"}`));
+    console.log();
+  } catch (error) {
+    console.error(import_chalk8.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+
+// src/commands/tools.ts
+var import_chalk9 = __toESM(require("chalk"));
+var import_figlet = __toESM(require("figlet"));
+async function toolsCommand() {
+  const banner = import_figlet.default.textSync("Replicas Machine Image", {
+    horizontalLayout: "default",
+    verticalLayout: "default",
+    whitespaceBreak: true
+  });
+  console.log(import_chalk9.default.cyan(banner));
+  console.log();
+  console.log(import_chalk9.default.bold("RMI Version: v0.1.3"));
+  console.log();
+  console.log(
+    import_chalk9.default.gray(
+      "The following tooling and dependencies are provided by default on the Replicas Machine Image.\n"
+    )
+  );
+  const sections = [
+    {
+      title: "Python",
+      tools: ["Python 3.12.3", "pip 24", "Poetry 2.2.1", "uv 0.9.5"]
+    },
+    {
+      title: "Node.js",
+      tools: [
+        "Node.js 22.21.0",
+        "npm 10.9.4",
+        "nvm 0.40.3",
+        "Yarn 1.22.22",
+        "pnpm 10.18.3",
+        "ESLint 9.38.0",
+        "Prettier 3.6.2"
+      ]
+    },
+    {
+      title: "C/C++",
+      tools: ["gcc 13.3.0", "g++ 13.3.0", "make 4.3"]
+    },
+    {
+      title: "Perl",
+      tools: ["Perl 5.38.2"]
+    },
+    {
+      title: "AI Coding Assistants",
+      tools: ["Claude Code (@anthropic-ai/claude-code)", "OpenAI Codex (@openai/codex)"]
+    },
+    {
+      title: "Misc",
+      tools: [
+        "git 2.43.0",
+        "vim 9.1.697",
+        "nano 7.2",
+        "curl",
+        "wget",
+        "GitHub CLI (gh)",
+        "Docker Engine"
+      ]
+    }
+  ];
+  sections.forEach((section) => {
+    console.log(import_chalk9.default.blue(section.title));
+    section.tools.forEach((tool) => {
+      console.log(`  - ${tool}`);
+    });
+    console.log();
+  });
+}
+
+// src/commands/codex-auth.ts
+var import_chalk10 = __toESM(require("chalk"));
+
+// src/lib/codex-oauth.ts
+var import_http2 = __toESM(require("http"));
+var import_url2 = require("url");
+var import_open2 = __toESM(require("open"));
+
+// src/lib/pkce.ts
+var import_crypto = require("crypto");
+function generatePkceCodes() {
+  const verifierBytes = (0, import_crypto.randomBytes)(32);
+  const codeVerifier = verifierBytes.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+  const hash = (0, import_crypto.createHash)("sha256");
+  hash.update(codeVerifier);
+  const codeChallenge = hash.digest("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+  return {
+    codeVerifier,
+    codeChallenge
+  };
+}
+function generateState2() {
+  return (0, import_crypto.randomBytes)(16).toString("hex");
+}
+
+// src/lib/codex-oauth.ts
+var CODEX_OAUTH_CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann";
+var AUTHORIZATION_ENDPOINT = "https://auth.openai.com/oauth/authorize";
+var TOKEN_ENDPOINT = "https://auth.openai.com/oauth/token";
+var CALLBACK_PORT = 1455;
+var CALLBACK_PATH = "/auth/callback";
+var WEB_APP_URL2 = process.env.REPLICAS_WEB_URL || "https://replicas.dev";
+function buildAuthorizationUrl(codeChallenge, state) {
+  const redirectUri = `http://localhost:${CALLBACK_PORT}${CALLBACK_PATH}`;
+  const params = new URLSearchParams({
+    response_type: "code",
+    client_id: CODEX_OAUTH_CLIENT_ID,
+    redirect_uri: redirectUri,
+    scope: "openid profile email offline_access",
+    code_challenge: codeChallenge,
+    code_challenge_method: "S256",
+    id_token_add_organizations: "true",
+    codex_cli_simplified_flow: "true",
+    state,
+    originator: "codex_cli_rs"
+  });
+  return `${AUTHORIZATION_ENDPOINT}?${params.toString()}`;
+}
+async function exchangeCodeForTokens(code, codeVerifier) {
+  const redirectUri = `http://localhost:${CALLBACK_PORT}${CALLBACK_PATH}`;
+  const params = new URLSearchParams({
+    grant_type: "authorization_code",
+    code,
+    redirect_uri: redirectUri,
+    client_id: CODEX_OAUTH_CLIENT_ID,
+    code_verifier: codeVerifier
+  });
+  const response = await fetch(TOKEN_ENDPOINT, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded"
+    },
+    body: params.toString()
+  });
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(`Failed to exchange code for tokens: ${response.status} ${errorText}`);
+  }
+  const data = await response.json();
+  return {
+    idToken: data.id_token,
+    accessToken: data.access_token,
+    refreshToken: data.refresh_token
+  };
+}
+function startCallbackServer(expectedState, codeVerifier) {
+  return new Promise((resolve, reject) => {
+    const server = import_http2.default.createServer(async (req, res) => {
+      try {
+        if (!req.url) {
+          res.writeHead(400);
+          res.end("Bad Request");
+          return;
         }
-        process.exit(1);
+        const url = new import_url2.URL(req.url, `http://127.0.0.1:${CALLBACK_PORT}`);
+        if (url.pathname === CALLBACK_PATH) {
+          const code = url.searchParams.get("code");
+          const state = url.searchParams.get("state");
+          const error = url.searchParams.get("error");
+          const errorDescription = url.searchParams.get("error_description");
+          if (error) {
+            const errorMessage = encodeURIComponent(`${error}: ${errorDescription || "Unknown error"}`);
+            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/error?message=${errorMessage}` });
+            res.end();
+            server.close();
+            reject(new Error(`OAuth error: ${error} - ${errorDescription}`));
+            return;
+          }
+          if (state !== expectedState) {
+            const errorMessage = encodeURIComponent("State parameter mismatch. Possible CSRF attack.");
+            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/error?message=${errorMessage}` });
+            res.end();
+            server.close();
+            reject(new Error("State mismatch - possible CSRF attack"));
+            return;
+          }
+          if (!code) {
+            const errorMessage = encodeURIComponent("No authorization code received.");
+            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/error?message=${errorMessage}` });
+            res.end();
+            server.close();
+            reject(new Error("No authorization code received"));
+            return;
+          }
+          try {
+            const tokens = await exchangeCodeForTokens(code, codeVerifier);
+            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/success` });
+            res.end();
+            server.close();
+            resolve(tokens);
+          } catch (tokenError) {
+            const errorMessage = encodeURIComponent(tokenError instanceof Error ? tokenError.message : "Unknown error");
+            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/error?message=${errorMessage}` });
+            res.end();
+            server.close();
+            reject(tokenError);
+          }
+        } else {
+          res.writeHead(404);
+          res.end("Not Found");
+        }
+      } catch (serverError) {
+        res.writeHead(500);
+        res.end("Internal Server Error");
+        server.close();
+        reject(serverError);
+      }
+    });
+    server.on("error", (err) => {
+      if (err.code === "EADDRINUSE") {
+        reject(new Error(`Port ${CALLBACK_PORT} is already in use. Please close any other OAuth flows and try again.`));
+      } else {
+        reject(err);
+      }
+    });
+    server.listen(CALLBACK_PORT, "127.0.0.1");
+  });
+}
+async function runCodexOAuthFlow() {
+  const pkce = generatePkceCodes();
+  const state = generateState2();
+  const authUrl = buildAuthorizationUrl(pkce.codeChallenge, state);
+  const tokensPromise = startCallbackServer(state, pkce.codeVerifier);
+  await new Promise((resolve) => setTimeout(resolve, 500));
+  console.log("If the browser does not open automatically, visit:");
+  console.log(authUrl);
+  console.log();
+  try {
+    await (0, import_open2.default)(authUrl);
+  } catch (openError) {
+    console.warn("Failed to open browser automatically. Please open the URL manually.");
+  }
+  console.log("Waiting for authentication...");
+  const tokens = await tokensPromise;
+  console.log("\u2713 Successfully obtained Codex credentials");
+  return tokens;
+}
+
+// src/commands/codex-auth.ts
+async function codexAuthCommand(options = {}) {
+  const isUserScoped = options.user === true;
+  const scopeLabel = isUserScoped ? "personal" : "organization";
+  console.log(import_chalk10.default.cyan(`Authenticating with Codex (${scopeLabel})...
+`));
+  try {
+    const tokens = await runCodexOAuthFlow();
+    console.log(import_chalk10.default.gray("\nUploading credentials to Replicas..."));
+    const endpoint = isUserScoped ? "/v1/codex/user/credentials" : "/v1/codex/credentials";
+    const response = await orgAuthenticatedFetch(
+      endpoint,
+      {
+        method: "POST",
+        body: {
+          access_token: tokens.accessToken,
+          refresh_token: tokens.refreshToken,
+          id_token: tokens.idToken
+        }
+      }
+    );
+    if (response.success) {
+      console.log(import_chalk10.default.green("\n\u2713 Codex authentication complete!"));
+      if (response.email) {
+        console.log(import_chalk10.default.gray(`  Account: ${response.email}`));
+      }
+      if (response.planType) {
+        console.log(import_chalk10.default.gray(`  Plan: ${response.planType}`));
+      }
+      if (isUserScoped) {
+        console.log(import_chalk10.default.gray("\nYour personal Codex credentials have been saved.\n"));
+      } else {
+        console.log(import_chalk10.default.gray("\nYou can now use Codex in your workspaces.\n"));
+      }
+    } else {
+      throw new Error(response.error || "Failed to upload Codex credentials to Replicas");
     }
-});
-// Default action for 'org' command (show current org)
-org.action(async () => {
+  } catch (error) {
+    console.log(import_chalk10.default.red("\n\u2717 Error:"), error instanceof Error ? error.message : error);
+    process.exit(1);
+  }
+}
+
+// src/commands/claude-auth.ts
+var import_chalk12 = __toESM(require("chalk"));
+
+// src/lib/claude-oauth.ts
+var import_open3 = __toESM(require("open"));
+var import_readline = __toESM(require("readline"));
+var import_chalk11 = __toESM(require("chalk"));
+var DEFAULT_CLIENT_ID = "9d1c250a-e61b-44d9-88ed-5944d1962f5e";
+var CLAUDE_CLIENT_ID = process.env.CLAUDE_OAUTH_CLIENT_ID || DEFAULT_CLIENT_ID;
+var AUTHORIZATION_ENDPOINT2 = "https://claude.ai/oauth/authorize";
+var TOKEN_ENDPOINT2 = "https://console.anthropic.com/v1/oauth/token";
+var REDIRECT_URI = "https://console.anthropic.com/oauth/code/callback";
+var SCOPES = "org:create_api_key user:profile user:inference";
+function buildAuthorizationUrl2(codeChallenge, state) {
+  const params = new URLSearchParams({
+    code: "true",
+    client_id: CLAUDE_CLIENT_ID,
+    response_type: "code",
+    redirect_uri: REDIRECT_URI,
+    scope: SCOPES,
+    code_challenge: codeChallenge,
+    code_challenge_method: "S256",
+    state
+  });
+  return `${AUTHORIZATION_ENDPOINT2}?${params.toString()}`;
+}
+async function promptForAuthorizationCode(instruction) {
+  const rl = import_readline.default.createInterface({
+    input: process.stdin,
+    output: process.stdout
+  });
+  return new Promise((resolve) => {
+    rl.question(instruction, (answer) => {
+      rl.close();
+      resolve(answer.trim());
+    });
+  });
+}
+function parseUserInput(input) {
+  if (!input.includes("#") && !input.includes("code=")) {
+    return { code: input };
+  }
+  if (input.startsWith("http://") || input.startsWith("https://")) {
     try {
-        await (0, org_1.orgCommand)();
+      const url = new URL(input);
+      const fragment = url.hash.startsWith("#") ? url.hash.slice(1) : url.hash;
+      const params = new URLSearchParams(fragment);
+      const code2 = params.get("code") ?? void 0;
+      const state2 = params.get("state") ?? void 0;
+      if (code2) {
+        return { code: code2, state: state2 };
+      }
+    } catch {
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
+  }
+  const [code, state] = input.split("#");
+  return { code, state };
+}
+async function exchangeCodeForTokens2(code, state, expectedState, codeVerifier) {
+  if (state && state !== expectedState) {
+    throw new Error("State mismatch detected. Please restart the authentication flow.");
+  }
+  const payload = {
+    code,
+    state: state ?? expectedState,
+    grant_type: "authorization_code",
+    client_id: CLAUDE_CLIENT_ID,
+    redirect_uri: REDIRECT_URI,
+    code_verifier: codeVerifier
+  };
+  const response = await fetch(TOKEN_ENDPOINT2, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json"
+    },
+    body: JSON.stringify(payload)
+  });
+  if (!response.ok) {
+    const text = await response.text();
+    throw new Error(`Failed to exchange authorization code: ${response.status} ${text}`);
+  }
+  const data = await response.json();
+  const now = Date.now();
+  const expiresAt = new Date(now + data.expires_in * 1e3).toISOString();
+  const refreshTokenExpiresAt = data.refresh_token_expires_in ? new Date(now + data.refresh_token_expires_in * 1e3).toISOString() : void 0;
+  return {
+    accessToken: data.access_token,
+    refreshToken: data.refresh_token,
+    tokenType: data.token_type,
+    scope: data.scope,
+    expiresAt,
+    refreshTokenExpiresAt
+  };
+}
+async function runClaudeOAuthFlow() {
+  const pkce = generatePkceCodes();
+  const state = generateState2();
+  const authUrl = buildAuthorizationUrl2(pkce.codeChallenge, state);
+  console.log(import_chalk11.default.gray("We will open your browser so you can authenticate with Claude Code."));
+  console.log(import_chalk11.default.gray("If the browser does not open automatically, use the URL below:\n"));
+  console.log(authUrl);
+  console.log();
+  try {
+    await (0, import_open3.default)(authUrl);
+  } catch {
+    console.warn(import_chalk11.default.yellow("Failed to open browser automatically. Please copy and open the URL manually."));
+  }
+  console.log(import_chalk11.default.cyan("After completing authentication, copy the code shown on the success page."));
+  console.log(import_chalk11.default.cyan("You can paste either the full URL, or a value formatted as CODE#STATE.\n"));
+  const userInput = await promptForAuthorizationCode("Paste the authorization code (or URL) here: ");
+  if (!userInput) {
+    throw new Error("No authorization code provided.");
+  }
+  const { code, state: returnedState } = parseUserInput(userInput);
+  if (!code) {
+    throw new Error("Unable to parse authorization code. Please try again.");
+  }
+  console.log(import_chalk11.default.gray("\nExchanging authorization code for tokens..."));
+  const tokens = await exchangeCodeForTokens2(code, returnedState, state, pkce.codeVerifier);
+  console.log(import_chalk11.default.green("\u2713 Successfully obtained Claude credentials"));
+  return tokens;
+}
+
+// src/commands/claude-auth.ts
+async function claudeAuthCommand(options = {}) {
+  const isUserScoped = options.user === true;
+  const scopeLabel = isUserScoped ? "personal" : "organization";
+  console.log(import_chalk12.default.cyan(`Authenticating with Claude Code (${scopeLabel})...
+`));
+  try {
+    const tokens = await runClaudeOAuthFlow();
+    console.log(import_chalk12.default.gray("\nUploading credentials to Replicas..."));
+    const endpoint = isUserScoped ? "/v1/claude/user/credentials" : "/v1/claude/credentials";
+    const response = await orgAuthenticatedFetch(
+      endpoint,
+      {
+        method: "POST",
+        body: {
+          access_token: tokens.accessToken,
+          refresh_token: tokens.refreshToken,
+          token_type: tokens.tokenType,
+          scope: tokens.scope,
+          expires_at: tokens.expiresAt,
+          refresh_token_expires_at: tokens.refreshTokenExpiresAt
         }
-        process.exit(1);
+      }
+    );
+    if (!response.success) {
+      throw new Error(response.error || "Failed to upload Claude credentials to Replicas");
     }
-});
-// Connect command
-program
-    .command('connect <workspace-name>')
-    .description('Connect to a workspace via SSH')
-    .option('-c, --copy', 'Copy files from replicas.json to the workspace')
-    .action(async (workspaceName, options) => {
-    try {
-        await (0, connect_1.connectCommand)(workspaceName, options);
+    console.log(import_chalk12.default.green("\n\u2713 Claude authentication complete!"));
+    if (response.email) {
+      console.log(import_chalk12.default.gray(`  Account: ${response.email}`));
+    }
+    if (response.planType) {
+      console.log(import_chalk12.default.gray(`  Plan: ${response.planType}`));
+    }
+    if (isUserScoped) {
+      console.log(import_chalk12.default.gray("\nYour personal Claude credentials have been saved.\n"));
+    } else {
+      console.log(import_chalk12.default.gray("\nYou can now use Claude Code in your workspaces.\n"));
+    }
+  } catch (error) {
+    console.log(import_chalk12.default.red("\n\u2717 Error:"), error instanceof Error ? error.message : error);
+    process.exit(1);
+  }
+}
+
+// src/commands/dev-sync.ts
+var import_chalk13 = __toESM(require("chalk"));
+var import_child_process5 = require("child_process");
+var import_path7 = __toESM(require("path"));
+async function devSyncCommand(workspaceName) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk13.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    const { workspace, sshKeyPath } = await prepareWorkspaceConnection(workspaceName, {});
+    if (!workspace.ipv4_address) {
+      throw new Error("Workspace does not have an IP address");
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
+    console.log(import_chalk13.default.blue(`
+Syncing engine to ${workspace.name}...`));
+    const scriptPath = import_path7.default.resolve(__dirname, "../../../engine/scripts/dev-sync.sh");
+    const devSync = (0, import_child_process5.spawn)(scriptPath, [
+      "--ip",
+      workspace.ipv4_address,
+      "--key",
+      sshKeyPath
+    ], {
+      stdio: "inherit",
+      shell: true
+    });
+    await new Promise((resolve, reject) => {
+      devSync.on("close", (code) => {
+        if (code === 0) {
+          resolve();
+        } else {
+          reject(new Error(`dev-sync script exited with code ${code}`));
         }
-        process.exit(1);
+      });
+      devSync.on("error", (error) => {
+        reject(error);
+      });
+    });
+    console.log(import_chalk13.default.green("\n\u2713 Engine synced successfully.\n"));
+    console.log(import_chalk13.default.blue("Viewing logs (Ctrl+C to exit)...\n"));
+    const logs = (0, import_child_process5.spawn)("ssh", [
+      "-i",
+      sshKeyPath,
+      `ubuntu@${workspace.ipv4_address}`,
+      "sudo journalctl -fu replicas-engine"
+    ], {
+      stdio: "inherit"
+    });
+    process.on("SIGINT", () => {
+      logs.kill("SIGTERM");
+      console.log(import_chalk13.default.green("\n\n\u2713 Disconnected from logs.\n"));
+      process.exit(0);
+    });
+    await new Promise((resolve) => {
+      logs.on("close", () => {
+        resolve();
+      });
+    });
+  } catch (error) {
+    console.error(import_chalk13.default.red(`
+Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+
+// src/commands/init.ts
+var import_chalk14 = __toESM(require("chalk"));
+var import_fs6 = __toESM(require("fs"));
+var import_path8 = __toESM(require("path"));
+var REPLICAS_CONFIG_FILENAME = "replicas.json";
+function getDefaultConfig() {
+  return {
+    copy: [],
+    ports: [],
+    systemPrompt: "",
+    startHook: {
+      timeout: 3e5,
+      commands: []
     }
-});
-// Code command
-program
-    .command('code <workspace-name>')
-    .description('Open a workspace in VSCode/Cursor via Remote SSH')
-    .option('-c, --copy', 'Copy files from replicas.json to the workspace')
-    .action(async (workspaceName, options) => {
-    try {
-        await (0, code_1.codeCommand)(workspaceName, options);
+  };
+}
+function initCommand(options) {
+  const configPath = import_path8.default.join(process.cwd(), REPLICAS_CONFIG_FILENAME);
+  if (import_fs6.default.existsSync(configPath) && !options.force) {
+    console.log(
+      import_chalk14.default.yellow(
+        `${REPLICAS_CONFIG_FILENAME} already exists in this directory.`
+      )
+    );
+    console.log(import_chalk14.default.gray("Use --force to overwrite the existing file."));
+    return;
+  }
+  const defaultConfig = getDefaultConfig();
+  const configContent = JSON.stringify(defaultConfig, null, 2);
+  try {
+    import_fs6.default.writeFileSync(configPath, configContent + "\n", "utf-8");
+    console.log(import_chalk14.default.green(`\u2713 Created ${REPLICAS_CONFIG_FILENAME}`));
+    console.log("");
+    console.log(import_chalk14.default.gray("Configuration options:"));
+    console.log(
+      import_chalk14.default.gray('  copy        - Files to sync to the workspace (e.g., [".env"])')
+    );
+    console.log(
+      import_chalk14.default.gray("  ports       - Ports to forward from the workspace (e.g., [3000, 8080])")
+    );
+    console.log(
+      import_chalk14.default.gray("  systemPrompt - Custom instructions for AI coding assistants")
+    );
+    console.log(
+      import_chalk14.default.gray("  startHook   - Commands to run on workspace startup")
+    );
+  } catch (error) {
+    throw new Error(
+      `Failed to create ${REPLICAS_CONFIG_FILENAME}: ${error instanceof Error ? error.message : "Unknown error"}`
+    );
+  }
+}
+
+// src/lib/version-check.ts
+var import_chalk15 = __toESM(require("chalk"));
+var MONOLITH_URL2 = process.env.REPLICAS_MONOLITH_URL || "https://api.replicas.dev";
+var VERSION_CHECK_TIMEOUT = 2e3;
+function compareVersions(v1, v2) {
+  const parts1 = v1.split(".").map(Number);
+  const parts2 = v2.split(".").map(Number);
+  for (let i = 0; i < Math.max(parts1.length, parts2.length); i++) {
+    const num1 = parts1[i] || 0;
+    const num2 = parts2[i] || 0;
+    if (num1 > num2) return 1;
+    if (num1 < num2) return -1;
+  }
+  return 0;
+}
+async function checkForUpdates(currentVersion) {
+  try {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), VERSION_CHECK_TIMEOUT);
+    const response = await fetch(`${MONOLITH_URL2}/v1/cli/version`, {
+      signal: controller.signal
+    });
+    clearTimeout(timeoutId);
+    if (!response.ok) return;
+    const data = await response.json();
+    const latestVersion = data.version;
+    if (compareVersions(latestVersion, currentVersion) > 0) {
+      console.error(import_chalk15.default.gray(`
+Update available: ${currentVersion} \u2192 ${latestVersion}`));
+      console.error(import_chalk15.default.gray(`Run: npm i -g replicas-cli@latest
+`));
+    }
+  } catch {
+  }
+}
+
+// src/commands/replica.ts
+var import_chalk16 = __toESM(require("chalk"));
+var import_prompts3 = __toESM(require("prompts"));
+
+// ../shared/src/display-message/parsers/codex-parser.ts
+function safeJsonParse(str, fallback) {
+  try {
+    return JSON.parse(str);
+  } catch {
+    return fallback;
+  }
+}
+function getStatusFromExitCode(exitCode) {
+  return exitCode === 0 ? "completed" : "failed";
+}
+function findLastMessageByType(messages, type) {
+  return messages.findLast((m) => m.type === type);
+}
+function parsePatch(input) {
+  const operations = [];
+  const lines = input.split("\n");
+  let currentOp = null;
+  let diffLines = [];
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    if (line.startsWith("*** Add File:")) {
+      if (currentOp) {
+        if (diffLines.length > 0) currentOp.diff = diffLines.join("\n");
+        operations.push(currentOp);
+        diffLines = [];
+      }
+      currentOp = {
+        action: "add",
+        path: line.replace("*** Add File:", "").trim()
+      };
+    } else if (line.startsWith("*** Update File:")) {
+      if (currentOp) {
+        if (diffLines.length > 0) currentOp.diff = diffLines.join("\n");
+        operations.push(currentOp);
+        diffLines = [];
+      }
+      currentOp = {
+        action: "update",
+        path: line.replace("*** Update File:", "").trim()
+      };
+    } else if (line.startsWith("*** Delete File:")) {
+      if (currentOp) {
+        if (diffLines.length > 0) currentOp.diff = diffLines.join("\n");
+        operations.push(currentOp);
+        diffLines = [];
+      }
+      currentOp = {
+        action: "delete",
+        path: line.replace("*** Delete File:", "").trim()
+      };
+    } else if (line.startsWith("*** Move to:")) {
+      if (currentOp) {
+        currentOp.moveTo = line.replace("*** Move to:", "").trim();
+      }
+    } else if (line.startsWith("*** Begin Patch") || line.startsWith("*** End Patch")) {
+      continue;
+    } else if (currentOp && (line.startsWith("+") || line.startsWith("-") || line.startsWith("@@") || line.trim() === "")) {
+      diffLines.push(line);
+    }
+  }
+  if (currentOp) {
+    if (diffLines.length > 0) currentOp.diff = diffLines.join("\n");
+    operations.push(currentOp);
+  }
+  return operations;
+}
+function parseCodexEvents(events) {
+  const messages = [];
+  const pendingPatches = /* @__PURE__ */ new Map();
+  events.forEach((event) => {
+    if (event.type === "event_msg" && event.payload?.type === "user_message") {
+      messages.push({
+        id: `user-${event.timestamp}`,
+        type: "user",
+        content: event.payload.message || "",
+        timestamp: event.timestamp
+      });
+    }
+    if (event.type === "event_msg" && event.payload?.type === "agent_reasoning") {
+      messages.push({
+        id: `reasoning-${event.timestamp}-${messages.length}`,
+        type: "reasoning",
+        content: event.payload.text || "",
+        status: "completed",
+        timestamp: event.timestamp
+      });
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
+    if (event.type === "response_item") {
+      const payloadType = event.payload?.type;
+      if (payloadType === "message" && event.payload?.role === "assistant") {
+        const content = event.payload.content || [];
+        const textContent = content.filter((c) => c.type === "output_text").map((c) => c.text || "").join("\n");
+        if (textContent) {
+          messages.push({
+            id: `agent-${event.timestamp}`,
+            type: "agent",
+            content: textContent,
+            timestamp: event.timestamp
+          });
         }
-        process.exit(1);
+      }
+      if (payloadType === "function_call" && event.payload?.name === "shell") {
+        const args = safeJsonParse(event.payload.arguments || "{}", {});
+        const command = Array.isArray(args.command) ? args.command.join(" ") : args.command || "";
+        messages.push({
+          id: `command-${event.timestamp}`,
+          type: "command",
+          command,
+          output: "",
+          // Will be filled by function_call_output
+          status: "in_progress",
+          timestamp: event.timestamp
+        });
+      }
+      if (payloadType === "function_call_output") {
+        const output = safeJsonParse(
+          event.payload.output || "{}",
+          {}
+        );
+        if (output.output !== void 0 && output.metadata) {
+          const commandMsg = findLastMessageByType(messages, "command");
+          if (commandMsg) {
+            commandMsg.output = output.output || "";
+            commandMsg.exitCode = output.metadata?.exit_code;
+            commandMsg.status = getStatusFromExitCode(output.metadata?.exit_code);
+          }
+        }
+      }
+      if (payloadType === "custom_tool_call") {
+        const callId = event.payload.call_id;
+        const name = event.payload.name;
+        const input = event.payload.input || "";
+        const status = event.payload.status || "in_progress";
+        if (name === "apply_patch") {
+          const operations = parsePatch(input);
+          pendingPatches.set(callId, { input, status, timestamp: event.timestamp, operations });
+        } else {
+          messages.push({
+            id: `toolcall-${event.timestamp}`,
+            type: "tool_call",
+            server: "custom",
+            tool: name,
+            status,
+            timestamp: event.timestamp
+          });
+        }
+      }
+      if (payloadType === "custom_tool_call_output") {
+        const callId = event.payload.call_id;
+        const output = safeJsonParse(
+          event.payload.output || "{}",
+          {}
+        );
+        const pendingPatch = pendingPatches.get(callId);
+        if (pendingPatch) {
+          messages.push({
+            id: `patch-${pendingPatch.timestamp}`,
+            type: "patch",
+            operations: pendingPatch.operations,
+            output: output.output || "",
+            exitCode: output.metadata?.exit_code,
+            status: getStatusFromExitCode(output.metadata?.exit_code),
+            timestamp: pendingPatch.timestamp
+          });
+          pendingPatches.delete(callId);
+        } else {
+          const toolCallMsg = findLastMessageByType(messages, "tool_call");
+          if (toolCallMsg) {
+            toolCallMsg.status = getStatusFromExitCode(output.metadata?.exit_code);
+          }
+        }
+      }
+      if (payloadType === "function_call" && event.payload?.name === "update_plan") {
+        const args = safeJsonParse(
+          event.payload.arguments || "{}",
+          {}
+        );
+        if (args.plan && Array.isArray(args.plan)) {
+          const todoItems = args.plan.map((item) => ({
+            text: item.step,
+            completed: item.status === "completed"
+          }));
+          messages.push({
+            id: `todo-${event.timestamp}`,
+            type: "todo_list",
+            items: todoItems,
+            status: "completed",
+            timestamp: event.timestamp
+          });
+        }
+      }
     }
-});
-// Dev-sync command (only available if ENABLE_DEV_SYNC_COMMAND is set)
-if (process.env.ENABLE_DEV_SYNC_COMMAND === 'true') {
-    program
-        .command('dev-sync <workspace-name>')
-        .description('[Dev] Sync local engine to workspace VM')
-        .action(async (workspaceName) => {
-        try {
-            await (0, dev_sync_1.devSyncCommand)(workspaceName);
+  });
+  return messages;
+}
+
+// ../shared/src/display-message/parsers/claude-parser.ts
+function safeJsonParse2(str, fallback) {
+  try {
+    return JSON.parse(str);
+  } catch {
+    return fallback;
+  }
+}
+function extractToolResultContent(content) {
+  if (!content) return "";
+  if (typeof content === "string") return content;
+  if (Array.isArray(content)) {
+    return content.filter((item) => item.type === "text").map((item) => item.text || "").join("\n");
+  }
+  return "";
+}
+function parseClaudeEvents(events, parentToolUseId) {
+  const messages = [];
+  const filterValue = parentToolUseId !== void 0 ? parentToolUseId : null;
+  const filteredEvents = events.filter(
+    (e) => e.payload.parent_tool_use_id === filterValue
+  );
+  const toolCallMap = /* @__PURE__ */ new Map();
+  filteredEvents.forEach((event) => {
+    if (event.type === "claude-user") {
+      const content = event.payload.message?.content || [];
+      const toolResult = content.find((c) => c.type === "tool_result");
+      if (toolResult && toolResult.tool_use_id) {
+        return;
+      }
+      const textContent = content.filter((c) => c.type === "text").map((c) => c.text || "").join("\n");
+      const images = content.filter((c) => c.type === "image" && c.source).map((c) => {
+        const source = c.source;
+        return {
+          type: "image",
+          mediaType: source.media_type || "image/png",
+          data: source.data || ""
+        };
+      }).filter((img) => img.data);
+      if (textContent || images.length > 0) {
+        messages.push({
+          id: `user-${event.timestamp}`,
+          type: "user",
+          content: textContent || (images.length > 0 ? `[${images.length} image${images.length > 1 ? "s" : ""} attached]` : ""),
+          images: images.length > 0 ? images : void 0,
+          timestamp: event.timestamp
+        });
+      }
+    }
+    if (event.type === "claude-assistant") {
+      const contentBlocks = event.payload.message?.content || [];
+      contentBlocks.forEach((block) => {
+        if (block.type === "text" && block.text) {
+          messages.push({
+            id: `agent-${event.timestamp}-${messages.length}`,
+            type: "agent",
+            content: block.text,
+            timestamp: event.timestamp
+          });
+        }
+        if (block.type === "thinking" && block.text) {
+          messages.push({
+            id: `reasoning-${event.timestamp}-${messages.length}`,
+            type: "reasoning",
+            content: block.text,
+            status: "completed",
+            timestamp: event.timestamp
+          });
         }
-        catch (error) {
-            if (error instanceof Error) {
-                console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
+        if (block.type === "tool_use" && block.id) {
+          const toolName = block.name || "unknown";
+          const toolInput = block.input || {};
+          const toolUseId = block.id;
+          toolCallMap.set(toolUseId, {
+            messageIndex: messages.length,
+            toolName,
+            input: toolInput
+          });
+          if (toolName === "Task") {
+            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
+            const nestedEvents = events.filter((e) => e.payload.parent_tool_use_id === toolUseId).map((e) => ({
+              timestamp: e.timestamp,
+              type: e.type,
+              payload: e.payload
+            }));
+            messages.push({
+              id: `subagent-${event.timestamp}-${messages.length}`,
+              type: "subagent",
+              toolUseId,
+              description: inputObj.description || "Subagent Task",
+              prompt: inputObj.prompt || "",
+              subagentType: inputObj.subagent_type || "general",
+              model: inputObj.model,
+              status: "in_progress",
+              nestedEvents,
+              timestamp: event.timestamp
+            });
+          } else if (toolName === "Bash" || toolName === "bash" || toolName === "shell") {
+            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
+            const command = inputObj.command || "";
+            messages.push({
+              id: `command-${event.timestamp}-${messages.length}`,
+              type: "command",
+              command,
+              output: "",
+              status: "in_progress",
+              timestamp: event.timestamp
+            });
+          } else if (toolName === "Write" || toolName === "Edit") {
+            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
+            const filePath = inputObj.file_path || "";
+            const action = toolName === "Write" ? "add" : "update";
+            messages.push({
+              id: `file-${event.timestamp}-${messages.length}`,
+              type: "file_change",
+              changes: [{
+                path: filePath,
+                kind: action
+              }],
+              status: "in_progress",
+              timestamp: event.timestamp
+            });
+          } else if (toolName === "TodoWrite") {
+            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
+            const todos = inputObj.todos || [];
+            const todoItems = todos.map((todo) => ({
+              text: todo.content,
+              completed: todo.status === "completed"
+            }));
+            if (todoItems.length > 0) {
+              messages.push({
+                id: `todo-${event.timestamp}-${messages.length}`,
+                type: "todo_list",
+                items: todoItems,
+                status: "completed",
+                timestamp: event.timestamp
+              });
             }
-            process.exit(1);
+          } else if (toolName === "WebSearch") {
+            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
+            const query = inputObj.query || "";
+            messages.push({
+              id: `search-${event.timestamp}-${messages.length}`,
+              type: "web_search",
+              query,
+              status: "in_progress",
+              timestamp: event.timestamp
+            });
+          } else {
+            messages.push({
+              id: `toolcall-${event.timestamp}-${messages.length}`,
+              type: "tool_call",
+              server: "claude",
+              tool: toolName,
+              input: toolInput,
+              status: "in_progress",
+              timestamp: event.timestamp
+            });
+          }
         }
-    });
+      });
+    }
+    if (event.type === "claude-result") {
+      const payload = event.payload;
+      if (payload.is_error || payload.subtype !== "success") {
+        const errorList = payload.errors || [];
+        const errorMessage = errorList.length > 0 ? errorList.join("\n") : "Claude session encountered an unexpected error.";
+        messages.push({
+          id: `error-${event.timestamp}`,
+          type: "error",
+          message: errorMessage,
+          timestamp: event.timestamp
+        });
+      }
+    }
+  });
+  filteredEvents.forEach((event) => {
+    if (event.type === "claude-user") {
+      const content = event.payload.message?.content || [];
+      const toolResult = content.find((c) => c.type === "tool_result");
+      if (toolResult && toolResult.tool_use_id) {
+        const toolInfo = toolCallMap.get(toolResult.tool_use_id);
+        if (!toolInfo) return;
+        const resultContent = extractToolResultContent(toolResult.content);
+        const isError = toolResult.is_error || false;
+        const status = isError ? "failed" : "completed";
+        const message = messages[toolInfo.messageIndex];
+        if (!message) return;
+        if (message.type === "command") {
+          message.output = resultContent;
+          message.status = status;
+          const exitCodeMatch = resultContent.match(/exit code:?\s*(\d+)/i);
+          if (exitCodeMatch) {
+            message.exitCode = parseInt(exitCodeMatch[1], 10);
+          } else {
+            message.exitCode = isError ? 1 : 0;
+          }
+        } else if (message.type === "file_change") {
+          message.status = status;
+        } else if (message.type === "web_search") {
+          message.status = status;
+        } else if (message.type === "tool_call") {
+          message.output = resultContent;
+          message.status = status;
+        } else if (message.type === "subagent") {
+          message.output = resultContent;
+          message.status = status;
+        }
+      }
+    }
+  });
+  return messages;
 }
-// Config commands
-const config = program
-    .command('config')
-    .description('Manage CLI configuration');
-config
-    .command('get <key>')
-    .description('Get a configuration value')
-    .action(async (key) => {
-    try {
-        await (0, config_1.configGetCommand)(key);
+
+// ../shared/src/display-message/parsers/index.ts
+function parseAgentEvents(events, agentType) {
+  if (agentType === "codex") {
+    return parseCodexEvents(events);
+  } else if (agentType === "claude") {
+    return parseClaudeEvents(events);
+  }
+  return [];
+}
+
+// src/commands/replica.ts
+function formatDate(dateString) {
+  return new Date(dateString).toLocaleString();
+}
+function formatStatus(status) {
+  switch (status) {
+    case "active":
+      return import_chalk16.default.green(status);
+    case "booting":
+    case "initializing":
+      return import_chalk16.default.yellow(status);
+    case "sleeping":
+      return import_chalk16.default.gray(status);
+    default:
+      return status;
+  }
+}
+function truncate(text, maxLength) {
+  if (text.length <= maxLength) return text;
+  return text.substring(0, maxLength) + "...";
+}
+function formatDisplayMessage(message) {
+  const time = new Date(message.timestamp).toLocaleTimeString();
+  switch (message.type) {
+    case "user":
+      console.log(import_chalk16.default.blue(`
+[${time}] USER:`));
+      console.log(import_chalk16.default.white(`  ${truncate(message.content, 500)}`));
+      break;
+    case "agent":
+      console.log(import_chalk16.default.green(`
+[${time}] ASSISTANT:`));
+      console.log(import_chalk16.default.white(`  ${truncate(message.content, 500)}`));
+      break;
+    case "reasoning":
+      console.log(import_chalk16.default.gray(`
+[${time}] THINKING:`));
+      console.log(import_chalk16.default.gray(`  ${truncate(message.content, 300)}`));
+      break;
+    case "command":
+      console.log(import_chalk16.default.magenta(`
+[${time}] COMMAND:`));
+      console.log(import_chalk16.default.white(`  $ ${message.command}`));
+      if (message.output) {
+        console.log(import_chalk16.default.gray(`  ${truncate(message.output, 200)}`));
+      }
+      if (message.exitCode !== void 0) {
+        const exitColor = message.exitCode === 0 ? import_chalk16.default.green : import_chalk16.default.red;
+        console.log(exitColor(`  Exit code: ${message.exitCode}`));
+      }
+      break;
+    case "file_change":
+      console.log(import_chalk16.default.yellow(`
+[${time}] FILE CHANGES:`));
+      for (const change of message.changes) {
+        const icon = change.kind === "add" ? "+" : change.kind === "delete" ? "-" : "~";
+        const color = change.kind === "add" ? import_chalk16.default.green : change.kind === "delete" ? import_chalk16.default.red : import_chalk16.default.yellow;
+        console.log(color(`  ${icon} ${change.path}`));
+      }
+      break;
+    case "patch":
+      console.log(import_chalk16.default.yellow(`
+[${time}] PATCH:`));
+      for (const op of message.operations) {
+        const icon = op.action === "add" ? "+" : op.action === "delete" ? "-" : "~";
+        const color = op.action === "add" ? import_chalk16.default.green : op.action === "delete" ? import_chalk16.default.red : import_chalk16.default.yellow;
+        console.log(color(`  ${icon} ${op.path}`));
+      }
+      break;
+    case "tool_call":
+      console.log(import_chalk16.default.cyan(`
+[${time}] TOOL: ${message.tool}`));
+      if (message.output) {
+        console.log(import_chalk16.default.gray(`  ${truncate(message.output, 200)}`));
+      }
+      break;
+    case "web_search":
+      console.log(import_chalk16.default.cyan(`
+[${time}] WEB SEARCH:`));
+      console.log(import_chalk16.default.white(`  "${message.query}"`));
+      break;
+    case "todo_list":
+      console.log(import_chalk16.default.blue(`
+[${time}] PLAN:`));
+      for (const item of message.items) {
+        const icon = item.completed ? import_chalk16.default.green("[x]") : import_chalk16.default.gray("[ ]");
+        console.log(`  ${icon} ${item.text}`);
+      }
+      break;
+    case "subagent":
+      console.log(import_chalk16.default.magenta(`
+[${time}] SUBAGENT: ${message.description}`));
+      if (message.output) {
+        console.log(import_chalk16.default.gray(`  ${truncate(message.output, 200)}`));
+      }
+      break;
+    case "error":
+      console.log(import_chalk16.default.red(`
+[${time}] ERROR:`));
+      console.log(import_chalk16.default.red(`  ${message.message}`));
+      break;
+  }
+}
+async function replicaListCommand(options) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk16.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    const params = new URLSearchParams();
+    if (options.page) params.set("page", options.page);
+    if (options.limit) params.set("limit", options.limit);
+    const query = params.toString();
+    const response = await orgAuthenticatedFetch(
+      `/v1/replica${query ? "?" + query : ""}`
+    );
+    if (response.replicas.length === 0) {
+      console.log(import_chalk16.default.yellow("\nNo replicas found.\n"));
+      return;
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
+    console.log(import_chalk16.default.green(`
+Replicas (Page ${response.page} of ${response.totalPages}, Total: ${response.total}):
+`));
+    for (const replica of response.replicas) {
+      console.log(import_chalk16.default.white(`  ${replica.name}`));
+      console.log(import_chalk16.default.gray(`    ID: ${replica.id}`));
+      if (replica.repository) {
+        console.log(import_chalk16.default.gray(`    Repository: ${replica.repository}`));
+      }
+      console.log(import_chalk16.default.gray(`    Instance: ${replica.instance_type}`));
+      console.log(import_chalk16.default.gray(`    Status: ${formatStatus(replica.status)}`));
+      console.log(import_chalk16.default.gray(`    Created: ${formatDate(replica.created_at)}`));
+      if (replica.pull_requests && replica.pull_requests.length > 0) {
+        console.log(import_chalk16.default.gray(`    Pull Requests:`));
+        for (const pr of replica.pull_requests) {
+          console.log(import_chalk16.default.cyan(`      - #${pr.number}: ${pr.url}`));
         }
+      }
+      console.log();
+    }
+  } catch (error) {
+    console.error(import_chalk16.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+async function replicaGetCommand(id) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk16.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    const response = await orgAuthenticatedFetch(`/v1/replica/${id}`);
+    const replica = response.replica;
+    console.log(import_chalk16.default.green(`
+Replica: ${replica.name}
+`));
+    console.log(import_chalk16.default.gray(`  ID: ${replica.id}`));
+    if (replica.repository) {
+      console.log(import_chalk16.default.gray(`  Repository: ${replica.repository}`));
+    }
+    console.log(import_chalk16.default.gray(`  Instance: ${replica.instance_type}`));
+    console.log(import_chalk16.default.gray(`  Status: ${formatStatus(replica.status)}`));
+    console.log(import_chalk16.default.gray(`  Created: ${formatDate(replica.created_at)}`));
+    if (replica.waking) {
+      console.log(import_chalk16.default.yellow("\n  Workspace is waking from sleep. Retry in 30-90 seconds for full details.\n"));
+    } else {
+      if (replica.coding_agent) {
+        console.log(import_chalk16.default.gray(`  Coding Agent: ${replica.coding_agent}`));
+      }
+      if (replica.branch) {
+        console.log(import_chalk16.default.gray(`  Branch: ${replica.branch}`));
+      }
+      if (replica.git_diff) {
+        console.log(import_chalk16.default.gray(`  Changes: ${import_chalk16.default.green(`+${replica.git_diff.added}`)} / ${import_chalk16.default.red(`-${replica.git_diff.removed}`)}`));
+      }
+    }
+    if (replica.pull_requests && replica.pull_requests.length > 0) {
+      console.log(import_chalk16.default.gray(`  Pull Requests:`));
+      for (const pr of replica.pull_requests) {
+        console.log(import_chalk16.default.cyan(`    - #${pr.number}: ${pr.url}`));
+      }
+    }
+    console.log();
+  } catch (error) {
+    console.error(import_chalk16.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+async function replicaCreateCommand(name, options) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk16.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    const repoResponse = await orgAuthenticatedFetch("/v1/repositories");
+    const repositories = repoResponse.repositories;
+    if (repositories.length === 0) {
+      console.log(import_chalk16.default.red("No repositories found. Please add a repository first."));
+      process.exit(1);
+    }
+    let replicaName = name;
+    let message = options.message;
+    let repository = options.repository;
+    let instanceType = options.instanceType;
+    let codingAgent = options.agent;
+    if (!replicaName) {
+      const response2 = await (0, import_prompts3.default)({
+        type: "text",
+        name: "name",
+        message: "Enter replica name (without spaces):",
+        validate: (value) => value.trim() ? true : "Name is required"
+      });
+      if (!response2.name) {
+        console.log(import_chalk16.default.yellow("\nCancelled."));
+        return;
+      }
+      replicaName = response2.name;
+    }
+    if (!repository) {
+      const response2 = await (0, import_prompts3.default)({
+        type: "select",
+        name: "repository",
+        message: "Select a repository:",
+        choices: repositories.map((repo) => ({
+          title: repo.name,
+          value: repo.name,
+          description: repo.url
+        }))
+      });
+      if (!response2.repository) {
+        console.log(import_chalk16.default.yellow("\nCancelled."));
+        return;
+      }
+      repository = response2.repository;
+    }
+    if (!message) {
+      const response2 = await (0, import_prompts3.default)({
+        type: "text",
+        name: "message",
+        message: "Enter initial message for the replica:",
+        validate: (value) => value.trim() ? true : "Message is required"
+      });
+      if (!response2.message) {
+        console.log(import_chalk16.default.yellow("\nCancelled."));
+        return;
+      }
+      message = response2.message;
+    }
+    if (!instanceType) {
+      const response2 = await (0, import_prompts3.default)({
+        type: "select",
+        name: "instanceType",
+        message: "Select instance type:",
+        choices: [
+          { title: "Standard (2 vCPU, 4GB RAM)", value: "standard" },
+          { title: "Large (2 vCPU, 8GB RAM)", value: "large" },
+          { title: "Power (4 vCPU, 16GB RAM)", value: "power" }
+        ],
+        initial: 0
+      });
+      if (!response2.instanceType) {
+        console.log(import_chalk16.default.yellow("\nCancelled."));
+        return;
+      }
+      instanceType = response2.instanceType;
+    }
+    if (!codingAgent) {
+      const response2 = await (0, import_prompts3.default)({
+        type: "select",
+        name: "agent",
+        message: "Select coding agent:",
+        choices: [
+          { title: "Claude", value: "claude" },
+          { title: "Codex", value: "codex" }
+        ],
+        initial: 0
+      });
+      if (!response2.agent) {
+        console.log(import_chalk16.default.yellow("\nCancelled."));
+        return;
+      }
+      codingAgent = response2.agent;
+    }
+    if (!instanceType || !["standard", "large", "power"].includes(instanceType)) {
+      console.log(import_chalk16.default.red(`Invalid instance type: ${instanceType}. Must be one of: standard, large, power`));
+      process.exit(1);
+    }
+    if (!codingAgent || !["claude", "codex"].includes(codingAgent)) {
+      console.log(import_chalk16.default.red(`Invalid coding agent: ${codingAgent}. Must be one of: claude, codex`));
+      process.exit(1);
+    }
+    const body = {
+      name: replicaName,
+      message,
+      repository,
+      instance_type: instanceType,
+      coding_agent: codingAgent
+    };
+    console.log(import_chalk16.default.gray("\nCreating replica..."));
+    const response = await orgAuthenticatedFetch("/v1/replica", {
+      method: "POST",
+      body
+    });
+    const replica = response.replica;
+    console.log(import_chalk16.default.green(`
+Created replica: ${replica.name}`));
+    console.log(import_chalk16.default.gray(`  ID: ${replica.id}`));
+    console.log(import_chalk16.default.gray(`  Instance: ${replica.instance_type}`));
+    console.log(import_chalk16.default.gray(`  Status: ${formatStatus(replica.status)}`));
+    console.log();
+  } catch (error) {
+    console.error(import_chalk16.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+async function replicaSendCommand(id, options) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk16.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    let message = options.message;
+    if (!message) {
+      const response2 = await (0, import_prompts3.default)({
+        type: "text",
+        name: "message",
+        message: "Enter message to send:",
+        validate: (value) => value.trim() ? true : "Message is required"
+      });
+      if (!response2.message) {
+        console.log(import_chalk16.default.yellow("\nCancelled."));
+        return;
+      }
+      message = response2.message;
+    }
+    const body = {
+      message
+    };
+    if (options.agent) {
+      if (!["claude", "codex"].includes(options.agent)) {
+        console.log(import_chalk16.default.red(`Invalid coding agent: ${options.agent}. Must be one of: claude, codex`));
         process.exit(1);
+      }
+      body.coding_agent = options.agent;
+    }
+    const response = await orgAuthenticatedFetch(
+      `/v1/replica/${id}/send`,
+      {
+        method: "POST",
+        body
+      }
+    );
+    const statusColor = response.status === "sent" ? import_chalk16.default.green : import_chalk16.default.yellow;
+    console.log(statusColor(`
+Message ${response.status}`));
+    if (response.position !== void 0 && response.position > 0) {
+      console.log(import_chalk16.default.gray(`  Queue position: ${response.position}`));
+    }
+    console.log();
+  } catch (error) {
+    console.error(import_chalk16.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+async function replicaDeleteCommand(id, options) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk16.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    if (!options.force) {
+      const response = await (0, import_prompts3.default)({
+        type: "confirm",
+        name: "confirm",
+        message: `Are you sure you want to delete replica ${id}?`,
+        initial: false
+      });
+      if (!response.confirm) {
+        console.log(import_chalk16.default.yellow("\nCancelled."));
+        return;
+      }
+    }
+    await orgAuthenticatedFetch(`/v1/replica/${id}`, {
+      method: "DELETE"
+    });
+    console.log(import_chalk16.default.green(`
+Replica ${id} deleted.
+`));
+  } catch (error) {
+    console.error(import_chalk16.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+async function replicaReadCommand(id, options) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk16.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    const params = new URLSearchParams();
+    if (options.limit) params.set("limit", options.limit);
+    if (options.offset) params.set("offset", options.offset);
+    const query = params.toString();
+    const response = await orgAuthenticatedFetch(
+      `/v1/replica/${id}/read${query ? "?" + query : ""}`
+    );
+    if (response.waking) {
+      console.log(import_chalk16.default.yellow("\nWorkspace is waking from sleep. Retry in 30-90 seconds.\n"));
+      return;
+    }
+    console.log(import_chalk16.default.green(`
+Conversation History
+`));
+    if (response.coding_agent) {
+      console.log(import_chalk16.default.gray(`  Agent: ${response.coding_agent}`));
+    }
+    if (response.thread_id) {
+      console.log(import_chalk16.default.gray(`  Thread ID: ${response.thread_id}`));
+    }
+    console.log(import_chalk16.default.gray(`  Total Events: ${response.total}`));
+    console.log(import_chalk16.default.gray(`  Showing: ${response.events.length} events`));
+    if (response.hasMore) {
+      console.log(import_chalk16.default.gray(`  Has More: yes (use --offset to paginate)`));
     }
+    console.log();
+    if (response.events.length === 0) {
+      console.log(import_chalk16.default.yellow("  No events found.\n"));
+      return;
+    }
+    console.log(import_chalk16.default.gray("-".repeat(60)));
+    const agentType = response.coding_agent || "claude";
+    const displayMessages = parseAgentEvents(response.events, agentType);
+    for (const message of displayMessages) {
+      formatDisplayMessage(message);
+    }
+    console.log(import_chalk16.default.gray("\n" + "-".repeat(60)));
+    console.log();
+  } catch (error) {
+    console.error(import_chalk16.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+
+// src/commands/repositories.ts
+var import_chalk17 = __toESM(require("chalk"));
+function formatDate2(dateString) {
+  return new Date(dateString).toLocaleString();
+}
+async function repositoriesListCommand() {
+  if (!isAuthenticated()) {
+    console.log(import_chalk17.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    const response = await orgAuthenticatedFetch("/v1/repositories");
+    if (response.repositories.length === 0) {
+      console.log(import_chalk17.default.yellow("\nNo repositories found.\n"));
+      return;
+    }
+    console.log(import_chalk17.default.green(`
+Repositories (${response.repositories.length}):
+`));
+    for (const repo of response.repositories) {
+      console.log(import_chalk17.default.white(`  ${repo.name}`));
+      console.log(import_chalk17.default.gray(`    URL: ${repo.url}`));
+      console.log(import_chalk17.default.gray(`    Default Branch: ${repo.default_branch}`));
+      console.log(import_chalk17.default.gray(`    Created: ${formatDate2(repo.created_at)}`));
+      if (repo.github_repository_id) {
+        console.log(import_chalk17.default.gray(`    GitHub ID: ${repo.github_repository_id}`));
+      }
+      console.log();
+    }
+  } catch (error) {
+    console.error(import_chalk17.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+
+// src/index.ts
+var CLI_VERSION = "0.2.26";
+var program = new import_commander.Command();
+program.name("replicas").description("CLI for managing Replicas workspaces").version(CLI_VERSION);
+program.command("login").description("Authenticate with your Replicas account").action(async () => {
+  try {
+    await loginCommand();
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
+    }
+    process.exit(1);
+  }
 });
-config
-    .command('set <key> <value>')
-    .description('Set a configuration value')
-    .action(async (key, value) => {
-    try {
-        await (0, config_1.configSetCommand)(key, value);
+program.command("init").description("Create a replicas.json configuration file").option("-f, --force", "Overwrite existing replicas.json file").action((options) => {
+  try {
+    initCommand(options);
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+    process.exit(1);
+  }
+});
+program.command("logout").description("Clear stored credentials").action(() => {
+  try {
+    logoutCommand();
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
+    process.exit(1);
+  }
 });
-config
-    .command('list')
-    .description('List all configuration values')
-    .action(async () => {
-    try {
-        await (0, config_1.configListCommand)();
+program.command("whoami").description("Display current authenticated user").action(async () => {
+  try {
+    await whoamiCommand();
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+    process.exit(1);
+  }
+});
+program.command("tools").description("List tools available on the Replicas Machine Image").action(async () => {
+  try {
+    await toolsCommand();
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
+    process.exit(1);
+  }
 });
-// Replica management commands (top-level since replicas are the main primitive)
-program
-    .command('list')
-    .description('List all replicas')
-    .option('-p, --page <page>', 'Page number')
-    .option('-l, --limit <limit>', 'Number of items per page')
-    .action(async (options) => {
-    try {
-        await (0, replica_1.replicaListCommand)(options);
+program.command("codex-auth").description("Authenticate Replicas with your Codex credentials").option("-u, --user", "Store credentials for your personal account").action(async (options) => {
+  try {
+    await codexAuthCommand(options);
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+    process.exit(1);
+  }
+});
+program.command("claude-auth").description("Authenticate Replicas with your Claude Code credentials").option("-u, --user", "Store credentials for your personal account").action(async (options) => {
+  try {
+    await claudeAuthCommand(options);
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
+    process.exit(1);
+  }
 });
-program
-    .command('get <id>')
-    .description('Get replica details by ID')
-    .action(async (id) => {
-    try {
-        await (0, replica_1.replicaGetCommand)(id);
+var org = program.command("org").description("Manage organizations");
+org.command("switch").description("Switch to a different organization").action(async () => {
+  try {
+    await orgSwitchCommand();
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+    process.exit(1);
+  }
+});
+org.action(async () => {
+  try {
+    await orgCommand();
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
+    process.exit(1);
+  }
 });
-program
-    .command('create [name]')
-    .description('Create a new replica')
-    .option('-m, --message <message>', 'Initial message for the replica')
-    .option('-r, --repository <repository>', 'Repository name')
-    .option('-i, --instance-type <type>', 'Instance type (standard, large, power)')
-    .option('-a, --agent <agent>', 'Coding agent (claude, codex)')
-    .action(async (name, options) => {
-    try {
-        await (0, replica_1.replicaCreateCommand)(name, options);
+program.command("connect <workspace-name>").description("Connect to a workspace via SSH").option("-c, --copy", "Copy files from replicas.json to the workspace").action(async (workspaceName, options) => {
+  try {
+    await connectCommand(workspaceName, options);
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+    process.exit(1);
+  }
+});
+program.command("code <workspace-name>").description("Open a workspace in VSCode/Cursor via Remote SSH").option("-c, --copy", "Copy files from replicas.json to the workspace").action(async (workspaceName, options) => {
+  try {
+    await codeCommand(workspaceName, options);
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
+    process.exit(1);
+  }
 });
-program
-    .command('send <id>')
-    .description('Send a message to a replica')
-    .option('-m, --message <message>', 'Message to send')
-    .option('-a, --agent <agent>', 'Coding agent (claude, codex)')
-    .action(async (id, options) => {
+if (process.env.ENABLE_DEV_SYNC_COMMAND === "true") {
+  program.command("dev-sync <workspace-name>").description("[Dev] Sync local engine to workspace VM").action(async (workspaceName) => {
     try {
-        await (0, replica_1.replicaSendCommand)(id, options);
+      await devSyncCommand(workspaceName);
+    } catch (error) {
+      if (error instanceof Error) {
+        console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
+      }
+      process.exit(1);
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+  });
+}
+var config = program.command("config").description("Manage CLI configuration");
+config.command("get <key>").description("Get a configuration value").action(async (key) => {
+  try {
+    await configGetCommand(key);
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
+    process.exit(1);
+  }
 });
-program
-    .command('delete <id>')
-    .description('Delete a replica')
-    .option('-f, --force', 'Skip confirmation prompt')
-    .action(async (id, options) => {
-    try {
-        await (0, replica_1.replicaDeleteCommand)(id, options);
+config.command("set <key> <value>").description("Set a configuration value").action(async (key, value) => {
+  try {
+    await configSetCommand(key, value);
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+    process.exit(1);
+  }
+});
+config.command("list").description("List all configuration values").action(async () => {
+  try {
+    await configListCommand();
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
+    process.exit(1);
+  }
 });
-// Repositories commands
-const repos = program
-    .command('repos')
-    .description('Manage repositories');
-repos
-    .command('list')
-    .description('List all repositories')
-    .action(async () => {
-    try {
-        await (0, repositories_1.repositoriesListCommand)();
+program.command("list").description("List all replicas").option("-p, --page <page>", "Page number").option("-l, --limit <limit>", "Number of items per page").action(async (options) => {
+  try {
+    await replicaListCommand(options);
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+    process.exit(1);
+  }
+});
+program.command("get <id>").description("Get replica details by ID").action(async (id) => {
+  try {
+    await replicaGetCommand(id);
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
+    process.exit(1);
+  }
 });
-// Default action for 'repos' command (list repos)
-repos.action(async () => {
-    try {
-        await (0, repositories_1.repositoriesListCommand)();
+program.command("create [name]").description("Create a new replica").option("-m, --message <message>", "Initial message for the replica").option("-r, --repository <repository>", "Repository name").option("-i, --instance-type <type>", "Instance type (standard, large, power)").option("-a, --agent <agent>", "Coding agent (claude, codex)").action(async (name, options) => {
+  try {
+    await replicaCreateCommand(name, options);
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
-    catch (error) {
-        if (error instanceof Error) {
-            console.error(chalk_1.default.red(`\n✗ ${error.message}\n`));
-        }
-        process.exit(1);
+    process.exit(1);
+  }
+});
+program.command("send <id>").description("Send a message to a replica").option("-m, --message <message>", "Message to send").option("-a, --agent <agent>", "Coding agent (claude, codex)").action(async (id, options) => {
+  try {
+    await replicaSendCommand(id, options);
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
+    }
+    process.exit(1);
+  }
+});
+program.command("delete <id>").description("Delete a replica").option("-f, --force", "Skip confirmation prompt").action(async (id, options) => {
+  try {
+    await replicaDeleteCommand(id, options);
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
     }
+    process.exit(1);
+  }
 });
-const versionCheckPromise = (0, version_check_1.checkForUpdates)(exports.CLI_VERSION);
+program.command("read <id>").description("Read conversation history of a replica").option("-l, --limit <limit>", "Maximum number of events to return").option("-o, --offset <offset>", "Number of events to skip from the end").action(async (id, options) => {
+  try {
+    await replicaReadCommand(id, options);
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
+    }
+    process.exit(1);
+  }
+});
+var repos = program.command("repos").description("Manage repositories");
+repos.command("list").description("List all repositories").action(async () => {
+  try {
+    await repositoriesListCommand();
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
+    }
+    process.exit(1);
+  }
+});
+repos.action(async () => {
+  try {
+    await repositoriesListCommand();
+  } catch (error) {
+    if (error instanceof Error) {
+      console.error(import_chalk18.default.red(`
+\u2717 ${error.message}
+`));
+    }
+    process.exit(1);
+  }
+});
+var versionCheckPromise = checkForUpdates(CLI_VERSION);
 program.parse();
-versionCheckPromise.catch(() => { });
-//# sourceMappingURL=index.js.map
+versionCheckPromise.catch(() => {
+});
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  CLI_VERSION
+});