npm - replicas-cli - Versions diffs - 0.2.30 → 0.2.33 - Mend

replicas-cli 0.2.30 → 0.2.33

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +1179 -1171
package/package.json +1 -1

package/dist/index.js CHANGED Viewed

@@ -813,1273 +813,1281 @@ Error: ${error instanceof Error ? error.message : "Unknown error"}`));
 var import_chalk6 = __toESM(require("chalk"));
 var import_child_process4 = require("child_process");
-// src/lib/ssh-config.ts
-var import_fs3 = __toESM(require("fs"));
-var import_path4 = __toESM(require("path"));
-var import_os2 = __toESM(require("os"));
-var SSH_CONFIG_PATH = import_path4.default.join(import_os2.default.homedir(), ".ssh", "config");
-var REPLICAS_MARKER_START = "# === REPLICAS CLI MANAGED ENTRY START ===";
-var REPLICAS_MARKER_END = "# === REPLICAS CLI MANAGED ENTRY END ===";
-function ensureSSHDir() {
-  const sshDir = import_path4.default.join(import_os2.default.homedir(), ".ssh");
-  if (!import_fs3.default.existsSync(sshDir)) {
-    import_fs3.default.mkdirSync(sshDir, { recursive: true, mode: 448 });
-  }
-}
-function readSSHConfig() {
-  ensureSSHDir();
-  if (!import_fs3.default.existsSync(SSH_CONFIG_PATH)) {
-    return "";
+// ../shared/src/sandbox.ts
+var SANDBOX_LIFECYCLE = {
+  AUTO_STOP_MINUTES: 60,
+  AUTO_ARCHIVE_MINUTES: 60 * 24 * 7,
+  AUTO_DELETE_MINUTES: -1,
+  SSH_TOKEN_EXPIRATION_MINUTES: 3 * 60
+};
+var SANDBOX_PATHS = {
+  HOME_DIR: "/home/ubuntu",
+  WORKSPACES_DIR: "/home/ubuntu/workspaces",
+  REPLICAS_FILES_DIR: "/home/ubuntu/.replicas/files",
+  REPLICAS_FILES_DISPLAY_DIR: "~/.replicas/files"
+};
+// ../shared/src/routes/workspaces.ts
+var WORKSPACE_FILE_UPLOAD_MAX_SIZE_BYTES = 20 * 1024 * 1024;
+var WORKSPACE_FILE_CONTENT_MAX_SIZE_BYTES = 1 * 1024 * 1024;
+// ../shared/src/display-message/parsers/codex-parser.ts
+function safeJsonParse(str, fallback) {
+  try {
+    return JSON.parse(str);
+  } catch {
+    return fallback;
   }
-  return import_fs3.default.readFileSync(SSH_CONFIG_PATH, "utf-8");
 }
-function writeSSHConfig(content) {
-  ensureSSHDir();
-  import_fs3.default.writeFileSync(SSH_CONFIG_PATH, content, { mode: 384 });
+function getStatusFromExitCode(exitCode) {
+  return exitCode === 0 ? "completed" : "failed";
 }
-function generateConfigBlock(entry) {
-  const lines = [
-    REPLICAS_MARKER_START,
-    `Host ${entry.host}`,
-    `  HostName ${entry.hostname}`,
-    `  User ${entry.user}`,
-    `  StrictHostKeyChecking no`,
-    `  UserKnownHostsFile /dev/null`
-  ];
-  if (entry.portForwards && entry.portForwards.size > 0) {
-    for (const [localPort, remotePort] of entry.portForwards) {
-      lines.push(`  LocalForward ${localPort} localhost:${remotePort}`);
-    }
-  }
-  lines.push(REPLICAS_MARKER_END);
-  return lines.join("\n");
+function parseShellOutput(raw) {
+  const exitCodeMatch = raw.match(/^Exit code: (\d+)/);
+  const exitCode = exitCodeMatch ? parseInt(exitCodeMatch[1], 10) : 0;
+  const outputIndex = raw.indexOf("Output:\n");
+  const output = outputIndex >= 0 ? raw.slice(outputIndex + "Output:\n".length) : raw;
+  return { exitCode, output };
 }
-function addOrUpdateSSHConfigEntry(entry) {
-  let config2 = readSSHConfig();
-  const lines = config2.split("\n");
-  const result = [];
-  let inTargetBlock = false;
-  for (const line of lines) {
-    if (line.trim() === REPLICAS_MARKER_START) {
-      const nextLines = lines.slice(lines.indexOf(line) + 1, lines.indexOf(line) + 3);
-      const hostLine = nextLines.find((l) => l.trim().startsWith("Host "));
-      if (hostLine && hostLine.includes(entry.host)) {
-        inTargetBlock = true;
-        continue;
+function parsePatch(input) {
+  const operations = [];
+  const lines = input.split("\n");
+  let currentOp = null;
+  let diffLines = [];
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    if (line.startsWith("*** Add File:")) {
+      if (currentOp) {
+        if (diffLines.length > 0) currentOp.diff = diffLines.join("\n");
+        operations.push(currentOp);
+        diffLines = [];
       }
-      result.push(line);
-      continue;
-    }
-    if (line.trim() === REPLICAS_MARKER_END) {
-      if (inTargetBlock) {
-        inTargetBlock = false;
-        continue;
+      currentOp = {
+        action: "add",
+        path: line.replace("*** Add File:", "").trim()
+      };
+    } else if (line.startsWith("*** Update File:")) {
+      if (currentOp) {
+        if (diffLines.length > 0) currentOp.diff = diffLines.join("\n");
+        operations.push(currentOp);
+        diffLines = [];
       }
-      result.push(line);
-      continue;
-    }
-    if (inTargetBlock) {
+      currentOp = {
+        action: "update",
+        path: line.replace("*** Update File:", "").trim()
+      };
+    } else if (line.startsWith("*** Delete File:")) {
+      if (currentOp) {
+        if (diffLines.length > 0) currentOp.diff = diffLines.join("\n");
+        operations.push(currentOp);
+        diffLines = [];
+      }
+      currentOp = {
+        action: "delete",
+        path: line.replace("*** Delete File:", "").trim()
+      };
+    } else if (line.startsWith("*** Move to:")) {
+      if (currentOp) {
+        currentOp.moveTo = line.replace("*** Move to:", "").trim();
+      }
+    } else if (line.startsWith("*** Begin Patch") || line.startsWith("*** End Patch")) {
       continue;
+    } else if (currentOp && (line.startsWith("+") || line.startsWith("-") || line.startsWith("@@") || line.trim() === "")) {
+      diffLines.push(line);
     }
-    result.push(line);
-  }
-  config2 = result.join("\n");
-  const newEntry = generateConfigBlock(entry);
-  let finalConfig = config2.trim();
-  if (finalConfig.length > 0) {
-    finalConfig += "\n\n";
-  }
-  finalConfig += newEntry + "\n";
-  writeSSHConfig(finalConfig);
-}
-function getWorkspaceHostAlias(workspaceName) {
-  return `replicas-${workspaceName.toLowerCase().replace(/[^a-z0-9-]/g, "-")}`;
-}
-// src/commands/code.ts
-async function codeCommand(workspaceName, options) {
-  if (!isAuthenticated()) {
-    console.log(import_chalk6.default.red('Not logged in. Please run "replicas login" first.'));
-    process.exit(1);
   }
-  try {
-    const { workspace, sshToken, sshHost, portMappings, repoName } = await prepareWorkspaceConnection(
-      workspaceName,
-      options
-    );
-    const hostAlias = getWorkspaceHostAlias(workspace.name);
-    console.log(import_chalk6.default.blue("\nConfiguring SSH connection..."));
-    addOrUpdateSSHConfigEntry({
-      host: hostAlias,
-      hostname: sshHost,
-      user: sshToken,
-      portForwards: portMappings
-    });
-    console.log(import_chalk6.default.green(`\u2713 SSH config entry created: ${hostAlias}`));
-    const remotePath = repoName ? `/home/ubuntu/workspaces/${repoName}` : "/home/ubuntu";
-    const ideCommand = getIdeCommand();
-    const fullCommand = `${ideCommand} --remote ssh-remote+${hostAlias} ${remotePath}`;
-    console.log(import_chalk6.default.blue(`
-Opening ${ideCommand} for workspace ${workspace.name}...`));
-    console.log(import_chalk6.default.gray(`Command: ${fullCommand}`));
-    if (portMappings.size > 0) {
-      console.log(import_chalk6.default.cyan("\nPort forwarding configured:"));
-      for (const [remotePort, localPort] of portMappings) {
-        console.log(import_chalk6.default.cyan(`  \u2022 localhost:${localPort} \u2192 workspace:${remotePort}`));
-      }
-    }
-    console.log(import_chalk6.default.yellow(`
-Note: SSH tokens expire after 3 hours. Run this command again to refresh.`));
-    const ide = (0, import_child_process4.spawn)(ideCommand, [
-      "--remote",
-      `ssh-remote+${hostAlias}`,
-      remotePath
-    ], {
-      stdio: "inherit",
-      detached: false
-    });
-    ide.on("error", (error) => {
-      console.error(import_chalk6.default.red(`
-Failed to launch ${ideCommand}: ${error.message}`));
-      console.log(import_chalk6.default.yellow(`
-Make sure ${ideCommand} is installed and available in your PATH.`));
-      console.log(import_chalk6.default.gray(`You can configure a different IDE with: replicas config set ide <command>`));
-      process.exit(1);
-    });
-    ide.on("close", (code) => {
-      if (code === 0) {
-        console.log(import_chalk6.default.green(`
-\u2713 ${ideCommand} closed successfully.
-`));
-      }
-    });
-  } catch (error) {
-    console.error(import_chalk6.default.red(`
-Error: ${error instanceof Error ? error.message : "Unknown error"}`));
-    process.exit(1);
+  if (currentOp) {
+    if (diffLines.length > 0) currentOp.diff = diffLines.join("\n");
+    operations.push(currentOp);
   }
+  return operations;
 }
-// src/commands/org.ts
-var import_chalk7 = __toESM(require("chalk"));
-var import_prompts2 = __toESM(require("prompts"));
-async function orgCommand() {
-  if (!isAuthenticated()) {
-    console.log(import_chalk7.default.red('Not logged in. Please run "replicas login" first.'));
-    process.exit(1);
-  }
-  try {
-    const currentOrgId = getOrganizationId();
-    const organizations = await fetchOrganizations();
-    if (!currentOrgId) {
-      console.log(import_chalk7.default.yellow("No organization selected."));
-      console.log(import_chalk7.default.gray('Run "replicas org switch" to select an organization.\n'));
-      return;
+function parseCodexEvents(events) {
+  const messages = [];
+  const pendingCommands = /* @__PURE__ */ new Map();
+  const pendingPatches = /* @__PURE__ */ new Map();
+  events.forEach((event, eventIndex) => {
+    if (event.type === "event_msg" && event.payload?.type === "user_message") {
+      messages.push({
+        id: `user-${event.timestamp}-${eventIndex}`,
+        type: "user",
+        content: event.payload.message || "",
+        timestamp: event.timestamp
+      });
     }
-    const currentOrg = organizations.find((org2) => org2.id === currentOrgId);
-    if (!currentOrg) {
-      console.log(import_chalk7.default.yellow(`Current organization ID (${currentOrgId}) not found.`));
-      console.log(import_chalk7.default.gray('Run "replicas org switch" to select a new organization.\n'));
-      return;
+    if (event.type === "event_msg" && event.payload?.type === "agent_reasoning") {
+      messages.push({
+        id: `reasoning-${event.timestamp}-${eventIndex}-${messages.length}`,
+        type: "reasoning",
+        content: event.payload.text || "",
+        status: "completed",
+        timestamp: event.timestamp
+      });
     }
-    console.log(import_chalk7.default.green("\nCurrent organization:"));
-    console.log(import_chalk7.default.gray(`  Name: ${currentOrg.name}`));
-    console.log(import_chalk7.default.gray(`  ID: ${currentOrg.id}
-`));
-  } catch (error) {
-    console.error(import_chalk7.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
-    process.exit(1);
-  }
-}
-async function orgSwitchCommand() {
-  if (!isAuthenticated()) {
-    console.log(import_chalk7.default.red('Not logged in. Please run "replicas login" first.'));
-    process.exit(1);
-  }
-  try {
-    const organizations = await fetchOrganizations();
-    if (organizations.length === 0) {
-      console.log(import_chalk7.default.yellow("You are not a member of any organization."));
-      console.log(import_chalk7.default.gray("Please contact support.\n"));
-      return;
-    }
-    if (organizations.length === 1) {
-      await setActiveOrganization(organizations[0].id);
-      console.log(import_chalk7.default.green(`
-\u2713 Organization set to: ${organizations[0].name}
-`));
-      return;
-    }
-    const currentOrgId = getOrganizationId();
-    const response = await (0, import_prompts2.default)({
-      type: "select",
-      name: "organizationId",
-      message: "Select an organization:",
-      choices: organizations.map((org2) => ({
-        title: `${org2.name}${org2.id === currentOrgId ? " (current)" : ""}`,
-        value: org2.id,
-        description: org2.id
-      })),
-      initial: organizations.findIndex((org2) => org2.id === currentOrgId)
-    });
-    if (!response.organizationId) {
-      console.log(import_chalk7.default.yellow("\nCancelled."));
-      return;
+    if (event.type === "response_item") {
+      const payloadType = event.payload?.type;
+      if (payloadType === "message" && event.payload?.role === "assistant") {
+        const content = event.payload.content || [];
+        const textContent = content.filter((c) => c.type === "output_text").map((c) => c.text || "").join("\n");
+        if (textContent) {
+          messages.push({
+            id: `agent-${event.timestamp}-${eventIndex}`,
+            type: "agent",
+            content: textContent,
+            timestamp: event.timestamp
+          });
+        }
+      }
+      if (payloadType === "function_call" && (event.payload?.name === "shell" || event.payload?.name === "shell_command")) {
+        const callId = event.payload.call_id;
+        const args = safeJsonParse(event.payload.arguments || "{}", {});
+        const command = Array.isArray(args.command) ? args.command.join(" ") : args.command || "";
+        const msg = {
+          id: `command-${callId || "no-call-id"}-${eventIndex}`,
+          type: "command",
+          command,
+          output: "",
+          status: "in_progress",
+          timestamp: event.timestamp
+        };
+        messages.push(msg);
+        if (callId) {
+          pendingCommands.set(callId, msg);
+        }
+      }
+      if (payloadType === "function_call_output") {
+        const callId = event.payload.call_id;
+        const rawOutput = event.payload.output || "";
+        const commandMsg = callId ? pendingCommands.get(callId) : void 0;
+        if (commandMsg) {
+          const { exitCode, output } = parseShellOutput(rawOutput);
+          commandMsg.output = output;
+          commandMsg.exitCode = exitCode;
+          commandMsg.status = getStatusFromExitCode(exitCode);
+          pendingCommands.delete(callId);
+        }
+      }
+      if (payloadType === "custom_tool_call") {
+        const callId = event.payload.call_id;
+        const name = event.payload.name;
+        const input = event.payload.input || "";
+        const status = event.payload.status || "in_progress";
+        if (name === "apply_patch") {
+          const operations = parsePatch(input);
+          pendingPatches.set(callId, { input, status, timestamp: event.timestamp, operations });
+        } else {
+          messages.push({
+            id: `toolcall-${event.timestamp}-${eventIndex}`,
+            type: "tool_call",
+            server: "custom",
+            tool: name,
+            status,
+            timestamp: event.timestamp
+          });
+        }
+      }
+      if (payloadType === "custom_tool_call_output") {
+        const callId = event.payload.call_id;
+        const output = safeJsonParse(
+          event.payload.output || "{}",
+          {}
+        );
+        const pendingPatch = pendingPatches.get(callId);
+        if (pendingPatch) {
+          messages.push({
+            id: `patch-${pendingPatch.timestamp}-${eventIndex}`,
+            type: "patch",
+            operations: pendingPatch.operations,
+            output: output.output || "",
+            exitCode: output.metadata?.exit_code,
+            status: getStatusFromExitCode(output.metadata?.exit_code),
+            timestamp: pendingPatch.timestamp
+          });
+          pendingPatches.delete(callId);
+        } else {
+          const toolCallMsg = messages.findLast((m) => m.type === "tool_call");
+          if (toolCallMsg) {
+            toolCallMsg.status = getStatusFromExitCode(output.metadata?.exit_code);
+          }
+        }
+      }
+      if (payloadType === "function_call" && event.payload?.name === "update_plan") {
+        const args = safeJsonParse(
+          event.payload.arguments || "{}",
+          {}
+        );
+        if (args.plan && Array.isArray(args.plan)) {
+          const todoItems = args.plan.map((item) => ({
+            text: item.step,
+            completed: item.status === "completed"
+          }));
+          messages.push({
+            id: `todo-${event.timestamp}-${eventIndex}`,
+            type: "todo_list",
+            items: todoItems,
+            status: "completed",
+            timestamp: event.timestamp
+          });
+        }
+      }
     }
-    await setActiveOrganization(response.organizationId);
-    const selectedOrg = organizations.find((org2) => org2.id === response.organizationId);
-    console.log(import_chalk7.default.green(`
-\u2713 Switched to organization: ${selectedOrg?.name}
-`));
-  } catch (error) {
-    console.error(import_chalk7.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
-    process.exit(1);
-  }
+  });
+  return messages;
 }
-// src/commands/config.ts
-var import_chalk8 = __toESM(require("chalk"));
-async function configGetCommand(key) {
-  if (!isAuthenticated()) {
-    console.log(import_chalk8.default.red('Not logged in. Please run "replicas login" first.'));
-    process.exit(1);
-  }
-  try {
-    if (key === "ide") {
-      const ideCommand = getIdeCommand();
-      console.log(import_chalk8.default.green(`
-IDE command: ${ideCommand}
-`));
-    } else {
-      console.log(import_chalk8.default.red(`Unknown config key: ${key}`));
-      console.log(import_chalk8.default.gray("Available keys: ide"));
-      process.exit(1);
-    }
-  } catch (error) {
-    console.error(import_chalk8.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
-    process.exit(1);
-  }
-}
-async function configSetCommand(key, value) {
-  if (!isAuthenticated()) {
-    console.log(import_chalk8.default.red('Not logged in. Please run "replicas login" first.'));
-    process.exit(1);
-  }
+// ../shared/src/display-message/parsers/claude-parser.ts
+function safeJsonParse2(str, fallback) {
   try {
-    if (key === "ide") {
-      setIdeCommand(value);
-      console.log(import_chalk8.default.green(`
-\u2713 IDE command set to: ${value}
-`));
-    } else {
-      console.log(import_chalk8.default.red(`Unknown config key: ${key}`));
-      console.log(import_chalk8.default.gray("Available keys: ide"));
-      process.exit(1);
-    }
-  } catch (error) {
-    console.error(import_chalk8.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
-    process.exit(1);
+    return JSON.parse(str);
+  } catch {
+    return fallback;
   }
 }
-async function configListCommand() {
-  if (!isAuthenticated()) {
-    console.log(import_chalk8.default.red('Not logged in. Please run "replicas login" first.'));
-    process.exit(1);
-  }
-  try {
-    const config2 = readConfig();
-    if (!config2) {
-      console.log(import_chalk8.default.red("No config found. Please login first."));
-      process.exit(1);
-    }
-    console.log(import_chalk8.default.green("\nCurrent configuration:"));
-    console.log(import_chalk8.default.gray(`  Organization ID: ${config2.organization_id || "(not set)"}`));
-    console.log(import_chalk8.default.gray(`  IDE command: ${config2.ide_command || "code (default)"}`));
-    console.log();
-  } catch (error) {
-    console.error(import_chalk8.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
-    process.exit(1);
+function extractToolResultContent(content) {
+  if (!content) return "";
+  if (typeof content === "string") return content;
+  if (Array.isArray(content)) {
+    return content.filter((item) => item.type === "text").map((item) => item.text || "").join("\n");
   }
+  return "";
 }
-// src/commands/tools.ts
-var import_chalk9 = __toESM(require("chalk"));
-var import_figlet = __toESM(require("figlet"));
-async function toolsCommand() {
-  const banner = import_figlet.default.textSync("Replicas Machine Image", {
-    horizontalLayout: "default",
-    verticalLayout: "default",
-    whitespaceBreak: true
-  });
-  console.log(import_chalk9.default.cyan(banner));
-  console.log();
-  console.log(import_chalk9.default.bold("RMI Version: v0.1.3"));
-  console.log();
-  console.log(
-    import_chalk9.default.gray(
-      "The following tooling and dependencies are provided by default on the Replicas Machine Image.\n"
-    )
+function parseClaudeEvents(events, parentToolUseId) {
+  const messages = [];
+  const filterValue = parentToolUseId !== void 0 ? parentToolUseId : null;
+  const filteredEvents = events.filter(
+    (e) => e.payload.parent_tool_use_id === filterValue
   );
-  const sections = [
-    {
-      title: "Python",
-      tools: ["Python 3.12.3", "pip 24", "Poetry 2.2.1", "uv 0.9.5"]
-    },
-    {
-      title: "Node.js",
-      tools: [
-        "Node.js 22.21.0",
-        "npm 10.9.4",
-        "nvm 0.40.3",
-        "Yarn 1.22.22",
-        "pnpm 10.18.3",
-        "ESLint 9.38.0",
-        "Prettier 3.6.2"
-      ]
-    },
-    {
-      title: "C/C++",
-      tools: ["gcc 13.3.0", "g++ 13.3.0", "make 4.3"]
-    },
-    {
-      title: "Perl",
-      tools: ["Perl 5.38.2"]
-    },
-    {
-      title: "AI Coding Assistants",
-      tools: ["Claude Code (@anthropic-ai/claude-code)", "OpenAI Codex (@openai/codex)"]
-    },
-    {
-      title: "Misc",
-      tools: [
-        "git 2.43.0",
-        "vim 9.1.697",
-        "nano 7.2",
-        "curl",
-        "wget",
-        "GitHub CLI (gh)",
-        "Docker Engine"
-      ]
+  const toolCallMap = /* @__PURE__ */ new Map();
+  filteredEvents.forEach((event) => {
+    if (event.type === "claude-user") {
+      const content = event.payload.message?.content || [];
+      const toolResult = content.find((c) => c.type === "tool_result");
+      if (toolResult && toolResult.tool_use_id) {
+        return;
+      }
+      const textContent = content.filter((c) => c.type === "text").map((c) => c.text || "").join("\n");
+      const images = content.filter((c) => c.type === "image" && c.source).map((c) => {
+        const source = c.source;
+        return {
+          type: "image",
+          mediaType: source.media_type || "image/png",
+          data: source.data || ""
+        };
+      }).filter((img) => img.data);
+      if (textContent || images.length > 0) {
+        messages.push({
+          id: `user-${event.timestamp}`,
+          type: "user",
+          content: textContent || (images.length > 0 ? `[${images.length} image${images.length > 1 ? "s" : ""} attached]` : ""),
+          images: images.length > 0 ? images : void 0,
+          timestamp: event.timestamp
+        });
+      }
     }
-  ];
-  sections.forEach((section) => {
-    console.log(import_chalk9.default.blue(section.title));
-    section.tools.forEach((tool) => {
-      console.log(`  - ${tool}`);
-    });
-    console.log();
-  });
-}
-// src/commands/codex-auth.ts
-var import_chalk10 = __toESM(require("chalk"));
-// src/lib/codex-oauth.ts
-var import_http2 = __toESM(require("http"));
-var import_url2 = require("url");
-var import_open2 = __toESM(require("open"));
-// src/lib/pkce.ts
-var import_crypto = require("crypto");
-function generatePkceCodes() {
-  const verifierBytes = (0, import_crypto.randomBytes)(32);
-  const codeVerifier = verifierBytes.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
-  const hash = (0, import_crypto.createHash)("sha256");
-  hash.update(codeVerifier);
-  const codeChallenge = hash.digest("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
-  return {
-    codeVerifier,
-    codeChallenge
-  };
-}
-function generateState2() {
-  return (0, import_crypto.randomBytes)(16).toString("hex");
-}
-// src/lib/codex-oauth.ts
-var CODEX_OAUTH_CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann";
-var AUTHORIZATION_ENDPOINT = "https://auth.openai.com/oauth/authorize";
-var TOKEN_ENDPOINT = "https://auth.openai.com/oauth/token";
-var CALLBACK_PORT = 1455;
-var CALLBACK_PATH = "/auth/callback";
-var WEB_APP_URL2 = process.env.REPLICAS_WEB_URL || "https://replicas.dev";
-function buildAuthorizationUrl(codeChallenge, state) {
-  const redirectUri = `http://localhost:${CALLBACK_PORT}${CALLBACK_PATH}`;
-  const params = new URLSearchParams({
-    response_type: "code",
-    client_id: CODEX_OAUTH_CLIENT_ID,
-    redirect_uri: redirectUri,
-    scope: "openid profile email offline_access",
-    code_challenge: codeChallenge,
-    code_challenge_method: "S256",
-    id_token_add_organizations: "true",
-    codex_cli_simplified_flow: "true",
-    state,
-    originator: "codex_cli_rs"
-  });
-  return `${AUTHORIZATION_ENDPOINT}?${params.toString()}`;
-}
-async function exchangeCodeForTokens(code, codeVerifier) {
-  const redirectUri = `http://localhost:${CALLBACK_PORT}${CALLBACK_PATH}`;
-  const params = new URLSearchParams({
-    grant_type: "authorization_code",
-    code,
-    redirect_uri: redirectUri,
-    client_id: CODEX_OAUTH_CLIENT_ID,
-    code_verifier: codeVerifier
-  });
-  const response = await fetch(TOKEN_ENDPOINT, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/x-www-form-urlencoded"
-    },
-    body: params.toString()
-  });
-  if (!response.ok) {
-    const errorText = await response.text();
-    throw new Error(`Failed to exchange code for tokens: ${response.status} ${errorText}`);
-  }
-  const data = await response.json();
-  return {
-    idToken: data.id_token,
-    accessToken: data.access_token,
-    refreshToken: data.refresh_token
-  };
-}
-function startCallbackServer(expectedState, codeVerifier) {
-  return new Promise((resolve, reject) => {
-    const server = import_http2.default.createServer(async (req, res) => {
-      try {
-        if (!req.url) {
-          res.writeHead(400);
-          res.end("Bad Request");
-          return;
+    if (event.type === "claude-assistant") {
+      const contentBlocks = event.payload.message?.content || [];
+      contentBlocks.forEach((block) => {
+        if (block.type === "text" && block.text) {
+          messages.push({
+            id: `agent-${event.timestamp}-${messages.length}`,
+            type: "agent",
+            content: block.text,
+            timestamp: event.timestamp
+          });
         }
-        const url = new import_url2.URL(req.url, `http://127.0.0.1:${CALLBACK_PORT}`);
-        if (url.pathname === CALLBACK_PATH) {
-          const code = url.searchParams.get("code");
-          const state = url.searchParams.get("state");
-          const error = url.searchParams.get("error");
-          const errorDescription = url.searchParams.get("error_description");
-          if (error) {
-            const errorMessage = encodeURIComponent(`${error}: ${errorDescription || "Unknown error"}`);
-            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/error?message=${errorMessage}` });
-            res.end();
-            server.close();
-            reject(new Error(`OAuth error: ${error} - ${errorDescription}`));
-            return;
-          }
-          if (state !== expectedState) {
-            const errorMessage = encodeURIComponent("State parameter mismatch. Possible CSRF attack.");
-            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/error?message=${errorMessage}` });
-            res.end();
-            server.close();
-            reject(new Error("State mismatch - possible CSRF attack"));
-            return;
-          }
-          if (!code) {
-            const errorMessage = encodeURIComponent("No authorization code received.");
-            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/error?message=${errorMessage}` });
-            res.end();
-            server.close();
-            reject(new Error("No authorization code received"));
-            return;
-          }
-          try {
-            const tokens = await exchangeCodeForTokens(code, codeVerifier);
-            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/success` });
-            res.end();
-            server.close();
-            resolve(tokens);
-          } catch (tokenError) {
-            const errorMessage = encodeURIComponent(tokenError instanceof Error ? tokenError.message : "Unknown error");
-            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/error?message=${errorMessage}` });
-            res.end();
-            server.close();
-            reject(tokenError);
+        if (block.type === "thinking" && block.text) {
+          messages.push({
+            id: `reasoning-${event.timestamp}-${messages.length}`,
+            type: "reasoning",
+            content: block.text,
+            status: "completed",
+            timestamp: event.timestamp
+          });
+        }
+        if (block.type === "tool_use" && block.id) {
+          const toolName = block.name || "unknown";
+          const toolInput = block.input || {};
+          const toolUseId = block.id;
+          toolCallMap.set(toolUseId, {
+            messageIndex: messages.length,
+            toolName,
+            input: toolInput
+          });
+          if (toolName === "Task") {
+            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
+            const nestedEvents = events.filter((e) => e.payload.parent_tool_use_id === toolUseId).map((e) => ({
+              timestamp: e.timestamp,
+              type: e.type,
+              payload: e.payload
+            }));
+            messages.push({
+              id: `subagent-${event.timestamp}-${messages.length}`,
+              type: "subagent",
+              toolUseId,
+              description: inputObj.description || "Subagent Task",
+              prompt: inputObj.prompt || "",
+              subagentType: inputObj.subagent_type || "general",
+              model: inputObj.model,
+              status: "in_progress",
+              nestedEvents,
+              timestamp: event.timestamp
+            });
+          } else if (toolName === "Bash" || toolName === "bash" || toolName === "shell") {
+            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
+            const command = inputObj.command || "";
+            messages.push({
+              id: `command-${event.timestamp}-${messages.length}`,
+              type: "command",
+              command,
+              output: "",
+              status: "in_progress",
+              timestamp: event.timestamp
+            });
+          } else if (toolName === "Write" || toolName === "Edit") {
+            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
+            const filePath = inputObj.file_path || "";
+            const action = toolName === "Write" ? "add" : "update";
+            messages.push({
+              id: `file-${event.timestamp}-${messages.length}`,
+              type: "file_change",
+              changes: [{
+                path: filePath,
+                kind: action
+              }],
+              status: "in_progress",
+              timestamp: event.timestamp
+            });
+          } else if (toolName === "TodoWrite") {
+            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
+            const todos = inputObj.todos || [];
+            const todoItems = todos.map((todo) => ({
+              text: todo.content,
+              completed: todo.status === "completed"
+            }));
+            if (todoItems.length > 0) {
+              messages.push({
+                id: `todo-${event.timestamp}-${messages.length}`,
+                type: "todo_list",
+                items: todoItems,
+                status: "completed",
+                timestamp: event.timestamp
+              });
+            }
+          } else if (toolName === "WebSearch") {
+            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
+            const query = inputObj.query || "";
+            messages.push({
+              id: `search-${event.timestamp}-${messages.length}`,
+              type: "web_search",
+              query,
+              status: "in_progress",
+              timestamp: event.timestamp
+            });
+          } else {
+            messages.push({
+              id: `toolcall-${event.timestamp}-${messages.length}`,
+              type: "tool_call",
+              server: "claude",
+              tool: toolName,
+              input: toolInput,
+              status: "in_progress",
+              timestamp: event.timestamp
+            });
           }
-        } else {
-          res.writeHead(404);
-          res.end("Not Found");
         }
-      } catch (serverError) {
-        res.writeHead(500);
-        res.end("Internal Server Error");
-        server.close();
-        reject(serverError);
+      });
+    }
+    if (event.type === "claude-result") {
+      const payload = event.payload;
+      if (payload.is_error || payload.subtype !== "success") {
+        const errorList = payload.errors || [];
+        const errorMessage = errorList.length > 0 ? errorList.join("\n") : "Claude session encountered an unexpected error.";
+        messages.push({
+          id: `error-${event.timestamp}`,
+          type: "error",
+          message: errorMessage,
+          timestamp: event.timestamp
+        });
       }
-    });
-    server.on("error", (err) => {
-      if (err.code === "EADDRINUSE") {
-        reject(new Error(`Port ${CALLBACK_PORT} is already in use. Please close any other OAuth flows and try again.`));
-      } else {
-        reject(err);
+    }
+  });
+  filteredEvents.forEach((event) => {
+    if (event.type === "claude-user") {
+      const content = event.payload.message?.content || [];
+      const toolResult = content.find((c) => c.type === "tool_result");
+      if (toolResult && toolResult.tool_use_id) {
+        const toolInfo = toolCallMap.get(toolResult.tool_use_id);
+        if (!toolInfo) return;
+        const resultContent = extractToolResultContent(toolResult.content);
+        const isError = toolResult.is_error || false;
+        const status = isError ? "failed" : "completed";
+        const message = messages[toolInfo.messageIndex];
+        if (!message) return;
+        if (message.type === "command") {
+          message.output = resultContent;
+          message.status = status;
+          const exitCodeMatch = resultContent.match(/exit code:?\s*(\d+)/i);
+          if (exitCodeMatch) {
+            message.exitCode = parseInt(exitCodeMatch[1], 10);
+          } else {
+            message.exitCode = isError ? 1 : 0;
+          }
+        } else if (message.type === "file_change") {
+          message.status = status;
+        } else if (message.type === "web_search") {
+          message.status = status;
+        } else if (message.type === "tool_call") {
+          message.output = resultContent;
+          message.status = status;
+        } else if (message.type === "subagent") {
+          message.output = resultContent;
+          message.status = status;
+        }
       }
-    });
-    server.listen(CALLBACK_PORT, "127.0.0.1");
+    }
   });
+  return messages;
 }
-async function runCodexOAuthFlow() {
-  const pkce = generatePkceCodes();
-  const state = generateState2();
-  const authUrl = buildAuthorizationUrl(pkce.codeChallenge, state);
-  const tokensPromise = startCallbackServer(state, pkce.codeVerifier);
-  await new Promise((resolve) => setTimeout(resolve, 500));
-  console.log("If the browser does not open automatically, visit:");
-  console.log(authUrl);
-  console.log();
-  try {
-    await (0, import_open2.default)(authUrl);
-  } catch (openError) {
-    console.warn("Failed to open browser automatically. Please open the URL manually.");
+// ../shared/src/display-message/parsers/index.ts
+function parseAgentEvents(events, agentType) {
+  if (agentType === "codex") {
+    return parseCodexEvents(events);
+  } else if (agentType === "claude") {
+    return parseClaudeEvents(events);
   }
-  console.log("Waiting for authentication...");
-  const tokens = await tokensPromise;
-  console.log("\u2713 Successfully obtained Codex credentials");
-  return tokens;
+  return [];
 }
-// src/commands/codex-auth.ts
-async function codexAuthCommand(options = {}) {
-  const isUserScoped = options.user === true;
-  const scopeLabel = isUserScoped ? "personal" : "organization";
-  console.log(import_chalk10.default.cyan(`Authenticating with Codex (${scopeLabel})...
-`));
-  try {
-    const tokens = await runCodexOAuthFlow();
-    console.log(import_chalk10.default.gray("\nUploading credentials to Replicas..."));
-    const endpoint = isUserScoped ? "/v1/codex/user/credentials" : "/v1/codex/credentials";
-    const response = await orgAuthenticatedFetch(
-      endpoint,
-      {
-        method: "POST",
-        body: {
-          access_token: tokens.accessToken,
-          refresh_token: tokens.refreshToken,
-          id_token: tokens.idToken
-        }
+// src/lib/ssh-config.ts
+var import_fs3 = __toESM(require("fs"));
+var import_path4 = __toESM(require("path"));
+var import_os2 = __toESM(require("os"));
+var SSH_CONFIG_PATH = import_path4.default.join(import_os2.default.homedir(), ".ssh", "config");
+var REPLICAS_MARKER_START = "# === REPLICAS CLI MANAGED ENTRY START ===";
+var REPLICAS_MARKER_END = "# === REPLICAS CLI MANAGED ENTRY END ===";
+function ensureSSHDir() {
+  const sshDir = import_path4.default.join(import_os2.default.homedir(), ".ssh");
+  if (!import_fs3.default.existsSync(sshDir)) {
+    import_fs3.default.mkdirSync(sshDir, { recursive: true, mode: 448 });
+  }
+}
+function readSSHConfig() {
+  ensureSSHDir();
+  if (!import_fs3.default.existsSync(SSH_CONFIG_PATH)) {
+    return "";
+  }
+  return import_fs3.default.readFileSync(SSH_CONFIG_PATH, "utf-8");
+}
+function writeSSHConfig(content) {
+  ensureSSHDir();
+  import_fs3.default.writeFileSync(SSH_CONFIG_PATH, content, { mode: 384 });
+}
+function generateConfigBlock(entry) {
+  const lines = [
+    REPLICAS_MARKER_START,
+    `Host ${entry.host}`,
+    `  HostName ${entry.hostname}`,
+    `  User ${entry.user}`,
+    `  StrictHostKeyChecking no`,
+    `  UserKnownHostsFile /dev/null`
+  ];
+  if (entry.portForwards && entry.portForwards.size > 0) {
+    for (const [localPort, remotePort] of entry.portForwards) {
+      lines.push(`  LocalForward ${localPort} localhost:${remotePort}`);
+    }
+  }
+  lines.push(REPLICAS_MARKER_END);
+  return lines.join("\n");
+}
+function addOrUpdateSSHConfigEntry(entry) {
+  let config2 = readSSHConfig();
+  const lines = config2.split("\n");
+  const result = [];
+  let inTargetBlock = false;
+  for (const line of lines) {
+    if (line.trim() === REPLICAS_MARKER_START) {
+      const nextLines = lines.slice(lines.indexOf(line) + 1, lines.indexOf(line) + 3);
+      const hostLine = nextLines.find((l) => l.trim().startsWith("Host "));
+      if (hostLine && hostLine.includes(entry.host)) {
+        inTargetBlock = true;
+        continue;
       }
-    );
-    if (response.success) {
-      console.log(import_chalk10.default.green("\n\u2713 Codex authentication complete!"));
-      if (response.email) {
-        console.log(import_chalk10.default.gray(`  Account: ${response.email}`));
+      result.push(line);
+      continue;
+    }
+    if (line.trim() === REPLICAS_MARKER_END) {
+      if (inTargetBlock) {
+        inTargetBlock = false;
+        continue;
       }
-      if (response.planType) {
-        console.log(import_chalk10.default.gray(`  Plan: ${response.planType}`));
+      result.push(line);
+      continue;
+    }
+    if (inTargetBlock) {
+      continue;
+    }
+    result.push(line);
+  }
+  config2 = result.join("\n");
+  const newEntry = generateConfigBlock(entry);
+  let finalConfig = config2.trim();
+  if (finalConfig.length > 0) {
+    finalConfig += "\n\n";
+  }
+  finalConfig += newEntry + "\n";
+  writeSSHConfig(finalConfig);
+}
+function getWorkspaceHostAlias(workspaceName) {
+  return `replicas-${workspaceName.toLowerCase().replace(/[^a-z0-9-]/g, "-")}`;
+}
+// src/commands/code.ts
+async function codeCommand(workspaceName, options) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk6.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    const { workspace, sshToken, sshHost, portMappings, repoName } = await prepareWorkspaceConnection(
+      workspaceName,
+      options
+    );
+    const hostAlias = getWorkspaceHostAlias(workspace.name);
+    console.log(import_chalk6.default.blue("\nConfiguring SSH connection..."));
+    addOrUpdateSSHConfigEntry({
+      host: hostAlias,
+      hostname: sshHost,
+      user: sshToken,
+      portForwards: portMappings
+    });
+    console.log(import_chalk6.default.green(`\u2713 SSH config entry created: ${hostAlias}`));
+    const remotePath = repoName ? `${SANDBOX_PATHS.WORKSPACES_DIR}/${repoName}` : SANDBOX_PATHS.HOME_DIR;
+    const ideCommand = getIdeCommand();
+    const fullCommand = `${ideCommand} --remote ssh-remote+${hostAlias} ${remotePath}`;
+    console.log(import_chalk6.default.blue(`
+Opening ${ideCommand} for workspace ${workspace.name}...`));
+    console.log(import_chalk6.default.gray(`Command: ${fullCommand}`));
+    if (portMappings.size > 0) {
+      console.log(import_chalk6.default.cyan("\nPort forwarding configured:"));
+      for (const [remotePort, localPort] of portMappings) {
+        console.log(import_chalk6.default.cyan(`  \u2022 localhost:${localPort} \u2192 workspace:${remotePort}`));
       }
-      if (isUserScoped) {
-        console.log(import_chalk10.default.gray("\nYour personal Codex credentials have been saved.\n"));
-      } else {
-        console.log(import_chalk10.default.gray("\nYou can now use Codex in your workspaces.\n"));
+    }
+    console.log(import_chalk6.default.yellow(`
+Note: SSH tokens expire after 3 hours. Run this command again to refresh.`));
+    const ide = (0, import_child_process4.spawn)(ideCommand, [
+      "--remote",
+      `ssh-remote+${hostAlias}`,
+      remotePath
+    ], {
+      stdio: "inherit",
+      detached: false
+    });
+    ide.on("error", (error) => {
+      console.error(import_chalk6.default.red(`
+Failed to launch ${ideCommand}: ${error.message}`));
+      console.log(import_chalk6.default.yellow(`
+Make sure ${ideCommand} is installed and available in your PATH.`));
+      console.log(import_chalk6.default.gray(`You can configure a different IDE with: replicas config set ide <command>`));
+      process.exit(1);
+    });
+    ide.on("close", (code) => {
+      if (code === 0) {
+        console.log(import_chalk6.default.green(`
+\u2713 ${ideCommand} closed successfully.
+`));
       }
-    } else {
-      throw new Error(response.error || "Failed to upload Codex credentials to Replicas");
-    }
+    });
   } catch (error) {
-    console.log(import_chalk10.default.red("\n\u2717 Error:"), error instanceof Error ? error.message : error);
+    console.error(import_chalk6.default.red(`
+Error: ${error instanceof Error ? error.message : "Unknown error"}`));
     process.exit(1);
   }
 }
-// src/commands/claude-auth.ts
-var import_chalk12 = __toESM(require("chalk"));
-// src/lib/claude-oauth.ts
-var import_open3 = __toESM(require("open"));
-var import_readline = __toESM(require("readline"));
-var import_chalk11 = __toESM(require("chalk"));
-var DEFAULT_CLIENT_ID = "9d1c250a-e61b-44d9-88ed-5944d1962f5e";
-var CLAUDE_CLIENT_ID = process.env.CLAUDE_OAUTH_CLIENT_ID || DEFAULT_CLIENT_ID;
-var AUTHORIZATION_ENDPOINT2 = "https://claude.ai/oauth/authorize";
-var TOKEN_ENDPOINT2 = "https://console.anthropic.com/v1/oauth/token";
-var REDIRECT_URI = "https://console.anthropic.com/oauth/code/callback";
-var SCOPES = "org:create_api_key user:profile user:inference";
-function buildAuthorizationUrl2(codeChallenge, state) {
-  const params = new URLSearchParams({
-    code: "true",
-    client_id: CLAUDE_CLIENT_ID,
-    response_type: "code",
-    redirect_uri: REDIRECT_URI,
-    scope: SCOPES,
-    code_challenge: codeChallenge,
-    code_challenge_method: "S256",
-    state
-  });
-  return `${AUTHORIZATION_ENDPOINT2}?${params.toString()}`;
-}
-async function promptForAuthorizationCode(instruction) {
-  const rl = import_readline.default.createInterface({
-    input: process.stdin,
-    output: process.stdout
-  });
-  return new Promise((resolve) => {
-    rl.question(instruction, (answer) => {
-      rl.close();
-      resolve(answer.trim());
-    });
-  });
-}
-function parseUserInput(input) {
-  if (!input.includes("#") && !input.includes("code=")) {
-    return { code: input };
+// src/commands/org.ts
+var import_chalk7 = __toESM(require("chalk"));
+var import_prompts2 = __toESM(require("prompts"));
+async function orgCommand() {
+  if (!isAuthenticated()) {
+    console.log(import_chalk7.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
   }
-  if (input.startsWith("http://") || input.startsWith("https://")) {
-    try {
-      const url = new URL(input);
-      const fragment = url.hash.startsWith("#") ? url.hash.slice(1) : url.hash;
-      const params = new URLSearchParams(fragment);
-      const code2 = params.get("code") ?? void 0;
-      const state2 = params.get("state") ?? void 0;
-      if (code2) {
-        return { code: code2, state: state2 };
-      }
-    } catch {
+  try {
+    const currentOrgId = getOrganizationId();
+    const organizations = await fetchOrganizations();
+    if (!currentOrgId) {
+      console.log(import_chalk7.default.yellow("No organization selected."));
+      console.log(import_chalk7.default.gray('Run "replicas org switch" to select an organization.\n'));
+      return;
     }
+    const currentOrg = organizations.find((org2) => org2.id === currentOrgId);
+    if (!currentOrg) {
+      console.log(import_chalk7.default.yellow(`Current organization ID (${currentOrgId}) not found.`));
+      console.log(import_chalk7.default.gray('Run "replicas org switch" to select a new organization.\n'));
+      return;
+    }
+    console.log(import_chalk7.default.green("\nCurrent organization:"));
+    console.log(import_chalk7.default.gray(`  Name: ${currentOrg.name}`));
+    console.log(import_chalk7.default.gray(`  ID: ${currentOrg.id}
+`));
+  } catch (error) {
+    console.error(import_chalk7.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
   }
-  const [code, state] = input.split("#");
-  return { code, state };
 }
-async function exchangeCodeForTokens2(code, state, expectedState, codeVerifier) {
-  if (state && state !== expectedState) {
-    throw new Error("State mismatch detected. Please restart the authentication flow.");
-  }
-  const payload = {
-    code,
-    state: state ?? expectedState,
-    grant_type: "authorization_code",
-    client_id: CLAUDE_CLIENT_ID,
-    redirect_uri: REDIRECT_URI,
-    code_verifier: codeVerifier
-  };
-  const response = await fetch(TOKEN_ENDPOINT2, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/json"
-    },
-    body: JSON.stringify(payload)
-  });
-  if (!response.ok) {
-    const text = await response.text();
-    throw new Error(`Failed to exchange authorization code: ${response.status} ${text}`);
+async function orgSwitchCommand() {
+  if (!isAuthenticated()) {
+    console.log(import_chalk7.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
   }
-  const data = await response.json();
-  const now = Date.now();
-  const expiresAt = new Date(now + data.expires_in * 1e3).toISOString();
-  const refreshTokenExpiresAt = data.refresh_token_expires_in ? new Date(now + data.refresh_token_expires_in * 1e3).toISOString() : void 0;
-  return {
-    accessToken: data.access_token,
-    refreshToken: data.refresh_token,
-    tokenType: data.token_type,
-    scope: data.scope,
-    expiresAt,
-    refreshTokenExpiresAt
-  };
-}
-async function runClaudeOAuthFlow() {
-  const pkce = generatePkceCodes();
-  const state = generateState2();
-  const authUrl = buildAuthorizationUrl2(pkce.codeChallenge, state);
-  console.log(import_chalk11.default.gray("We will open your browser so you can authenticate with Claude Code."));
-  console.log(import_chalk11.default.gray("If the browser does not open automatically, use the URL below:\n"));
-  console.log(authUrl);
-  console.log();
   try {
-    await (0, import_open3.default)(authUrl);
-  } catch {
-    console.warn(import_chalk11.default.yellow("Failed to open browser automatically. Please copy and open the URL manually."));
-  }
-  console.log(import_chalk11.default.cyan("After completing authentication, copy the code shown on the success page."));
-  console.log(import_chalk11.default.cyan("You can paste either the full URL, or a value formatted as CODE#STATE.\n"));
-  const userInput = await promptForAuthorizationCode("Paste the authorization code (or URL) here: ");
-  if (!userInput) {
-    throw new Error("No authorization code provided.");
-  }
-  const { code, state: returnedState } = parseUserInput(userInput);
-  if (!code) {
-    throw new Error("Unable to parse authorization code. Please try again.");
+    const organizations = await fetchOrganizations();
+    if (organizations.length === 0) {
+      console.log(import_chalk7.default.yellow("You are not a member of any organization."));
+      console.log(import_chalk7.default.gray("Please contact support.\n"));
+      return;
+    }
+    if (organizations.length === 1) {
+      await setActiveOrganization(organizations[0].id);
+      console.log(import_chalk7.default.green(`
+\u2713 Organization set to: ${organizations[0].name}
+`));
+      return;
+    }
+    const currentOrgId = getOrganizationId();
+    const response = await (0, import_prompts2.default)({
+      type: "select",
+      name: "organizationId",
+      message: "Select an organization:",
+      choices: organizations.map((org2) => ({
+        title: `${org2.name}${org2.id === currentOrgId ? " (current)" : ""}`,
+        value: org2.id,
+        description: org2.id
+      })),
+      initial: organizations.findIndex((org2) => org2.id === currentOrgId)
+    });
+    if (!response.organizationId) {
+      console.log(import_chalk7.default.yellow("\nCancelled."));
+      return;
+    }
+    await setActiveOrganization(response.organizationId);
+    const selectedOrg = organizations.find((org2) => org2.id === response.organizationId);
+    console.log(import_chalk7.default.green(`
+\u2713 Switched to organization: ${selectedOrg?.name}
+`));
+  } catch (error) {
+    console.error(import_chalk7.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
   }
-  console.log(import_chalk11.default.gray("\nExchanging authorization code for tokens..."));
-  const tokens = await exchangeCodeForTokens2(code, returnedState, state, pkce.codeVerifier);
-  console.log(import_chalk11.default.green("\u2713 Successfully obtained Claude credentials"));
-  return tokens;
 }
-// src/commands/claude-auth.ts
-async function claudeAuthCommand(options = {}) {
-  const isUserScoped = options.user === true;
-  const scopeLabel = isUserScoped ? "personal" : "organization";
-  console.log(import_chalk12.default.cyan(`Authenticating with Claude Code (${scopeLabel})...
-`));
+// src/commands/config.ts
+var import_chalk8 = __toESM(require("chalk"));
+async function configGetCommand(key) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk8.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
   try {
-    const tokens = await runClaudeOAuthFlow();
-    console.log(import_chalk12.default.gray("\nUploading credentials to Replicas..."));
-    const endpoint = isUserScoped ? "/v1/claude/user/credentials" : "/v1/claude/credentials";
-    const response = await orgAuthenticatedFetch(
-      endpoint,
-      {
-        method: "POST",
-        body: {
-          access_token: tokens.accessToken,
-          refresh_token: tokens.refreshToken,
-          token_type: tokens.tokenType,
-          scope: tokens.scope,
-          expires_at: tokens.expiresAt,
-          refresh_token_expires_at: tokens.refreshTokenExpiresAt
-        }
-      }
-    );
-    if (!response.success) {
-      throw new Error(response.error || "Failed to upload Claude credentials to Replicas");
-    }
-    console.log(import_chalk12.default.green("\n\u2713 Claude authentication complete!"));
-    if (response.email) {
-      console.log(import_chalk12.default.gray(`  Account: ${response.email}`));
-    }
-    if (response.planType) {
-      console.log(import_chalk12.default.gray(`  Plan: ${response.planType}`));
+    if (key === "ide") {
+      const ideCommand = getIdeCommand();
+      console.log(import_chalk8.default.green(`
+IDE command: ${ideCommand}
+`));
+    } else {
+      console.log(import_chalk8.default.red(`Unknown config key: ${key}`));
+      console.log(import_chalk8.default.gray("Available keys: ide"));
+      process.exit(1);
     }
-    if (isUserScoped) {
-      console.log(import_chalk12.default.gray("\nYour personal Claude credentials have been saved.\n"));
+  } catch (error) {
+    console.error(import_chalk8.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
+  }
+}
+async function configSetCommand(key, value) {
+  if (!isAuthenticated()) {
+    console.log(import_chalk8.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
+  }
+  try {
+    if (key === "ide") {
+      setIdeCommand(value);
+      console.log(import_chalk8.default.green(`
+\u2713 IDE command set to: ${value}
+`));
     } else {
-      console.log(import_chalk12.default.gray("\nYou can now use Claude Code in your workspaces.\n"));
+      console.log(import_chalk8.default.red(`Unknown config key: ${key}`));
+      console.log(import_chalk8.default.gray("Available keys: ide"));
+      process.exit(1);
     }
   } catch (error) {
-    console.log(import_chalk12.default.red("\n\u2717 Error:"), error instanceof Error ? error.message : error);
+    console.error(import_chalk8.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
     process.exit(1);
   }
 }
-// src/commands/init.ts
-var import_chalk13 = __toESM(require("chalk"));
-var import_fs4 = __toESM(require("fs"));
-var import_path5 = __toESM(require("path"));
-var REPLICAS_CONFIG_FILENAME = "replicas.json";
-function getDefaultConfig() {
-  return {
-    copy: [],
-    ports: [],
-    systemPrompt: "",
-    startHook: {
-      timeout: 3e5,
-      commands: []
-    }
-  };
-}
-function initCommand(options) {
-  const configPath = import_path5.default.join(process.cwd(), REPLICAS_CONFIG_FILENAME);
-  if (import_fs4.default.existsSync(configPath) && !options.force) {
-    console.log(
-      import_chalk13.default.yellow(
-        `${REPLICAS_CONFIG_FILENAME} already exists in this directory.`
-      )
-    );
-    console.log(import_chalk13.default.gray("Use --force to overwrite the existing file."));
-    return;
+async function configListCommand() {
+  if (!isAuthenticated()) {
+    console.log(import_chalk8.default.red('Not logged in. Please run "replicas login" first.'));
+    process.exit(1);
   }
-  const defaultConfig = getDefaultConfig();
-  const configContent = JSON.stringify(defaultConfig, null, 2);
   try {
-    import_fs4.default.writeFileSync(configPath, configContent + "\n", "utf-8");
-    console.log(import_chalk13.default.green(`\u2713 Created ${REPLICAS_CONFIG_FILENAME}`));
-    console.log("");
-    console.log(import_chalk13.default.gray("Configuration options:"));
-    console.log(
-      import_chalk13.default.gray('  copy        - Files to sync to the workspace (e.g., [".env"])')
-    );
-    console.log(
-      import_chalk13.default.gray("  ports       - Ports to forward from the workspace (e.g., [3000, 8080])")
-    );
-    console.log(
-      import_chalk13.default.gray("  systemPrompt - Custom instructions for AI coding assistants")
-    );
-    console.log(
-      import_chalk13.default.gray("  startHook   - Commands to run on workspace startup")
-    );
+    const config2 = readConfig();
+    if (!config2) {
+      console.log(import_chalk8.default.red("No config found. Please login first."));
+      process.exit(1);
+    }
+    console.log(import_chalk8.default.green("\nCurrent configuration:"));
+    console.log(import_chalk8.default.gray(`  Organization ID: ${config2.organization_id || "(not set)"}`));
+    console.log(import_chalk8.default.gray(`  IDE command: ${config2.ide_command || "code (default)"}`));
+    console.log();
   } catch (error) {
-    throw new Error(
-      `Failed to create ${REPLICAS_CONFIG_FILENAME}: ${error instanceof Error ? error.message : "Unknown error"}`
-    );
+    console.error(import_chalk8.default.red(`Error: ${error instanceof Error ? error.message : "Unknown error"}`));
+    process.exit(1);
   }
 }
-// src/lib/version-check.ts
-var import_chalk14 = __toESM(require("chalk"));
-var MONOLITH_URL2 = process.env.REPLICAS_MONOLITH_URL || "https://api.replicas.dev";
-var VERSION_CHECK_TIMEOUT = 2e3;
-function compareVersions(v1, v2) {
-  const parts1 = v1.split(".").map(Number);
-  const parts2 = v2.split(".").map(Number);
-  for (let i = 0; i < Math.max(parts1.length, parts2.length); i++) {
-    const num1 = parts1[i] || 0;
-    const num2 = parts2[i] || 0;
-    if (num1 > num2) return 1;
-    if (num1 < num2) return -1;
-  }
-  return 0;
-}
-async function checkForUpdates(currentVersion) {
-  try {
-    const controller = new AbortController();
-    const timeoutId = setTimeout(() => controller.abort(), VERSION_CHECK_TIMEOUT);
-    const response = await fetch(`${MONOLITH_URL2}/v1/cli/version`, {
-      signal: controller.signal
-    });
-    clearTimeout(timeoutId);
-    if (!response.ok) return;
-    const data = await response.json();
-    const latestVersion = data.version;
-    if (compareVersions(latestVersion, currentVersion) > 0) {
-      console.error(import_chalk14.default.gray(`
-Update available: ${currentVersion} \u2192 ${latestVersion}`));
-      console.error(import_chalk14.default.gray(`Run: npm i -g replicas-cli@latest
-`));
+// src/commands/tools.ts
+var import_chalk9 = __toESM(require("chalk"));
+var import_figlet = __toESM(require("figlet"));
+async function toolsCommand() {
+  const banner = import_figlet.default.textSync("Replicas Machine Image", {
+    horizontalLayout: "default",
+    verticalLayout: "default",
+    whitespaceBreak: true
+  });
+  console.log(import_chalk9.default.cyan(banner));
+  console.log();
+  console.log(import_chalk9.default.bold("RMI Version: v0.1.3"));
+  console.log();
+  console.log(
+    import_chalk9.default.gray(
+      "The following tooling and dependencies are provided by default on the Replicas Machine Image.\n"
+    )
+  );
+  const sections = [
+    {
+      title: "Python",
+      tools: ["Python 3.12.3", "pip 24", "Poetry 2.2.1", "uv 0.9.5"]
+    },
+    {
+      title: "Node.js",
+      tools: [
+        "Node.js 22.21.0",
+        "npm 10.9.4",
+        "nvm 0.40.3",
+        "Yarn 1.22.22",
+        "pnpm 10.18.3",
+        "ESLint 9.38.0",
+        "Prettier 3.6.2"
+      ]
+    },
+    {
+      title: "C/C++",
+      tools: ["gcc 13.3.0", "g++ 13.3.0", "make 4.3"]
+    },
+    {
+      title: "Perl",
+      tools: ["Perl 5.38.2"]
+    },
+    {
+      title: "AI Coding Assistants",
+      tools: ["Claude Code (@anthropic-ai/claude-code)", "OpenAI Codex (@openai/codex)"]
+    },
+    {
+      title: "Misc",
+      tools: [
+        "git 2.43.0",
+        "vim 9.1.697",
+        "nano 7.2",
+        "curl",
+        "wget",
+        "GitHub CLI (gh)",
+        "Docker Engine"
+      ]
     }
-  } catch {
-  }
+  ];
+  sections.forEach((section) => {
+    console.log(import_chalk9.default.blue(section.title));
+    section.tools.forEach((tool) => {
+      console.log(`  - ${tool}`);
+    });
+    console.log();
+  });
 }
-// src/commands/replica.ts
-var import_chalk15 = __toESM(require("chalk"));
-var import_prompts3 = __toESM(require("prompts"));
+// src/commands/codex-auth.ts
+var import_chalk10 = __toESM(require("chalk"));
-// ../shared/src/sandbox.ts
-var SANDBOX_LIFECYCLE = {
-  AUTO_STOP_MINUTES: 60,
-  AUTO_ARCHIVE_MINUTES: 60 * 24 * 7,
-  AUTO_DELETE_MINUTES: -1,
-  SSH_TOKEN_EXPIRATION_MINUTES: 3 * 60
-};
+// src/lib/codex-oauth.ts
+var import_http2 = __toESM(require("http"));
+var import_url2 = require("url");
+var import_open2 = __toESM(require("open"));
-// ../shared/src/display-message/parsers/codex-parser.ts
-function safeJsonParse(str, fallback) {
-  try {
-    return JSON.parse(str);
-  } catch {
-    return fallback;
-  }
-}
-function getStatusFromExitCode(exitCode) {
-  return exitCode === 0 ? "completed" : "failed";
-}
-function parseShellOutput(raw) {
-  const exitCodeMatch = raw.match(/^Exit code: (\d+)/);
-  const exitCode = exitCodeMatch ? parseInt(exitCodeMatch[1], 10) : 0;
-  const outputIndex = raw.indexOf("Output:\n");
-  const output = outputIndex >= 0 ? raw.slice(outputIndex + "Output:\n".length) : raw;
-  return { exitCode, output };
-}
-function parsePatch(input) {
-  const operations = [];
-  const lines = input.split("\n");
-  let currentOp = null;
-  let diffLines = [];
-  for (let i = 0; i < lines.length; i++) {
-    const line = lines[i];
-    if (line.startsWith("*** Add File:")) {
-      if (currentOp) {
-        if (diffLines.length > 0) currentOp.diff = diffLines.join("\n");
-        operations.push(currentOp);
-        diffLines = [];
-      }
-      currentOp = {
-        action: "add",
-        path: line.replace("*** Add File:", "").trim()
-      };
-    } else if (line.startsWith("*** Update File:")) {
-      if (currentOp) {
-        if (diffLines.length > 0) currentOp.diff = diffLines.join("\n");
-        operations.push(currentOp);
-        diffLines = [];
-      }
-      currentOp = {
-        action: "update",
-        path: line.replace("*** Update File:", "").trim()
-      };
-    } else if (line.startsWith("*** Delete File:")) {
-      if (currentOp) {
-        if (diffLines.length > 0) currentOp.diff = diffLines.join("\n");
-        operations.push(currentOp);
-        diffLines = [];
-      }
-      currentOp = {
-        action: "delete",
-        path: line.replace("*** Delete File:", "").trim()
-      };
-    } else if (line.startsWith("*** Move to:")) {
-      if (currentOp) {
-        currentOp.moveTo = line.replace("*** Move to:", "").trim();
-      }
-    } else if (line.startsWith("*** Begin Patch") || line.startsWith("*** End Patch")) {
-      continue;
-    } else if (currentOp && (line.startsWith("+") || line.startsWith("-") || line.startsWith("@@") || line.trim() === "")) {
-      diffLines.push(line);
-    }
-  }
-  if (currentOp) {
-    if (diffLines.length > 0) currentOp.diff = diffLines.join("\n");
-    operations.push(currentOp);
+// src/lib/pkce.ts
+var import_crypto = require("crypto");
+function generatePkceCodes() {
+  const verifierBytes = (0, import_crypto.randomBytes)(32);
+  const codeVerifier = verifierBytes.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+  const hash = (0, import_crypto.createHash)("sha256");
+  hash.update(codeVerifier);
+  const codeChallenge = hash.digest("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+  return {
+    codeVerifier,
+    codeChallenge
+  };
+}
+function generateState2() {
+  return (0, import_crypto.randomBytes)(16).toString("hex");
+}
+// src/lib/codex-oauth.ts
+var CODEX_OAUTH_CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann";
+var AUTHORIZATION_ENDPOINT = "https://auth.openai.com/oauth/authorize";
+var TOKEN_ENDPOINT = "https://auth.openai.com/oauth/token";
+var CALLBACK_PORT = 1455;
+var CALLBACK_PATH = "/auth/callback";
+var WEB_APP_URL2 = process.env.REPLICAS_WEB_URL || "https://replicas.dev";
+function buildAuthorizationUrl(codeChallenge, state) {
+  const redirectUri = `http://localhost:${CALLBACK_PORT}${CALLBACK_PATH}`;
+  const params = new URLSearchParams({
+    response_type: "code",
+    client_id: CODEX_OAUTH_CLIENT_ID,
+    redirect_uri: redirectUri,
+    scope: "openid profile email offline_access",
+    code_challenge: codeChallenge,
+    code_challenge_method: "S256",
+    id_token_add_organizations: "true",
+    codex_cli_simplified_flow: "true",
+    state,
+    originator: "codex_cli_rs"
+  });
+  return `${AUTHORIZATION_ENDPOINT}?${params.toString()}`;
+}
+async function exchangeCodeForTokens(code, codeVerifier) {
+  const redirectUri = `http://localhost:${CALLBACK_PORT}${CALLBACK_PATH}`;
+  const params = new URLSearchParams({
+    grant_type: "authorization_code",
+    code,
+    redirect_uri: redirectUri,
+    client_id: CODEX_OAUTH_CLIENT_ID,
+    code_verifier: codeVerifier
+  });
+  const response = await fetch(TOKEN_ENDPOINT, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded"
+    },
+    body: params.toString()
+  });
+  if (!response.ok) {
+    const errorText = await response.text();
+    throw new Error(`Failed to exchange code for tokens: ${response.status} ${errorText}`);
   }
-  return operations;
+  const data = await response.json();
+  return {
+    idToken: data.id_token,
+    accessToken: data.access_token,
+    refreshToken: data.refresh_token
+  };
 }
-function parseCodexEvents(events) {
-  const messages = [];
-  const pendingCommands = /* @__PURE__ */ new Map();
-  const pendingPatches = /* @__PURE__ */ new Map();
-  events.forEach((event, eventIndex) => {
-    if (event.type === "event_msg" && event.payload?.type === "user_message") {
-      messages.push({
-        id: `user-${event.timestamp}-${eventIndex}`,
-        type: "user",
-        content: event.payload.message || "",
-        timestamp: event.timestamp
-      });
-    }
-    if (event.type === "event_msg" && event.payload?.type === "agent_reasoning") {
-      messages.push({
-        id: `reasoning-${event.timestamp}-${eventIndex}-${messages.length}`,
-        type: "reasoning",
-        content: event.payload.text || "",
-        status: "completed",
-        timestamp: event.timestamp
-      });
-    }
-    if (event.type === "response_item") {
-      const payloadType = event.payload?.type;
-      if (payloadType === "message" && event.payload?.role === "assistant") {
-        const content = event.payload.content || [];
-        const textContent = content.filter((c) => c.type === "output_text").map((c) => c.text || "").join("\n");
-        if (textContent) {
-          messages.push({
-            id: `agent-${event.timestamp}-${eventIndex}`,
-            type: "agent",
-            content: textContent,
-            timestamp: event.timestamp
-          });
-        }
-      }
-      if (payloadType === "function_call" && (event.payload?.name === "shell" || event.payload?.name === "shell_command")) {
-        const callId = event.payload.call_id;
-        const args = safeJsonParse(event.payload.arguments || "{}", {});
-        const command = Array.isArray(args.command) ? args.command.join(" ") : args.command || "";
-        const msg = {
-          id: `command-${callId || "no-call-id"}-${eventIndex}`,
-          type: "command",
-          command,
-          output: "",
-          status: "in_progress",
-          timestamp: event.timestamp
-        };
-        messages.push(msg);
-        if (callId) {
-          pendingCommands.set(callId, msg);
-        }
-      }
-      if (payloadType === "function_call_output") {
-        const callId = event.payload.call_id;
-        const rawOutput = event.payload.output || "";
-        const commandMsg = callId ? pendingCommands.get(callId) : void 0;
-        if (commandMsg) {
-          const { exitCode, output } = parseShellOutput(rawOutput);
-          commandMsg.output = output;
-          commandMsg.exitCode = exitCode;
-          commandMsg.status = getStatusFromExitCode(exitCode);
-          pendingCommands.delete(callId);
-        }
-      }
-      if (payloadType === "custom_tool_call") {
-        const callId = event.payload.call_id;
-        const name = event.payload.name;
-        const input = event.payload.input || "";
-        const status = event.payload.status || "in_progress";
-        if (name === "apply_patch") {
-          const operations = parsePatch(input);
-          pendingPatches.set(callId, { input, status, timestamp: event.timestamp, operations });
-        } else {
-          messages.push({
-            id: `toolcall-${event.timestamp}-${eventIndex}`,
-            type: "tool_call",
-            server: "custom",
-            tool: name,
-            status,
-            timestamp: event.timestamp
-          });
+function startCallbackServer(expectedState, codeVerifier) {
+  return new Promise((resolve, reject) => {
+    const server = import_http2.default.createServer(async (req, res) => {
+      try {
+        if (!req.url) {
+          res.writeHead(400);
+          res.end("Bad Request");
+          return;
         }
-      }
-      if (payloadType === "custom_tool_call_output") {
-        const callId = event.payload.call_id;
-        const output = safeJsonParse(
-          event.payload.output || "{}",
-          {}
-        );
-        const pendingPatch = pendingPatches.get(callId);
-        if (pendingPatch) {
-          messages.push({
-            id: `patch-${pendingPatch.timestamp}-${eventIndex}`,
-            type: "patch",
-            operations: pendingPatch.operations,
-            output: output.output || "",
-            exitCode: output.metadata?.exit_code,
-            status: getStatusFromExitCode(output.metadata?.exit_code),
-            timestamp: pendingPatch.timestamp
-          });
-          pendingPatches.delete(callId);
-        } else {
-          const toolCallMsg = messages.findLast((m) => m.type === "tool_call");
-          if (toolCallMsg) {
-            toolCallMsg.status = getStatusFromExitCode(output.metadata?.exit_code);
+        const url = new import_url2.URL(req.url, `http://127.0.0.1:${CALLBACK_PORT}`);
+        if (url.pathname === CALLBACK_PATH) {
+          const code = url.searchParams.get("code");
+          const state = url.searchParams.get("state");
+          const error = url.searchParams.get("error");
+          const errorDescription = url.searchParams.get("error_description");
+          if (error) {
+            const errorMessage = encodeURIComponent(`${error}: ${errorDescription || "Unknown error"}`);
+            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/error?message=${errorMessage}` });
+            res.end();
+            server.close();
+            reject(new Error(`OAuth error: ${error} - ${errorDescription}`));
+            return;
           }
+          if (state !== expectedState) {
+            const errorMessage = encodeURIComponent("State parameter mismatch. Possible CSRF attack.");
+            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/error?message=${errorMessage}` });
+            res.end();
+            server.close();
+            reject(new Error("State mismatch - possible CSRF attack"));
+            return;
+          }
+          if (!code) {
+            const errorMessage = encodeURIComponent("No authorization code received.");
+            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/error?message=${errorMessage}` });
+            res.end();
+            server.close();
+            reject(new Error("No authorization code received"));
+            return;
+          }
+          try {
+            const tokens = await exchangeCodeForTokens(code, codeVerifier);
+            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/success` });
+            res.end();
+            server.close();
+            resolve(tokens);
+          } catch (tokenError) {
+            const errorMessage = encodeURIComponent(tokenError instanceof Error ? tokenError.message : "Unknown error");
+            res.writeHead(302, { "Location": `${WEB_APP_URL2}/codex/oauth/error?message=${errorMessage}` });
+            res.end();
+            server.close();
+            reject(tokenError);
+          }
+        } else {
+          res.writeHead(404);
+          res.end("Not Found");
         }
+      } catch (serverError) {
+        res.writeHead(500);
+        res.end("Internal Server Error");
+        server.close();
+        reject(serverError);
       }
-      if (payloadType === "function_call" && event.payload?.name === "update_plan") {
-        const args = safeJsonParse(
-          event.payload.arguments || "{}",
-          {}
-        );
-        if (args.plan && Array.isArray(args.plan)) {
-          const todoItems = args.plan.map((item) => ({
-            text: item.step,
-            completed: item.status === "completed"
-          }));
-          messages.push({
-            id: `todo-${event.timestamp}-${eventIndex}`,
-            type: "todo_list",
-            items: todoItems,
-            status: "completed",
-            timestamp: event.timestamp
-          });
-        }
+    });
+    server.on("error", (err) => {
+      if (err.code === "EADDRINUSE") {
+        reject(new Error(`Port ${CALLBACK_PORT} is already in use. Please close any other OAuth flows and try again.`));
+      } else {
+        reject(err);
       }
-    }
+    });
+    server.listen(CALLBACK_PORT, "127.0.0.1");
   });
-  return messages;
 }
-// ../shared/src/display-message/parsers/claude-parser.ts
-function safeJsonParse2(str, fallback) {
+async function runCodexOAuthFlow() {
+  const pkce = generatePkceCodes();
+  const state = generateState2();
+  const authUrl = buildAuthorizationUrl(pkce.codeChallenge, state);
+  const tokensPromise = startCallbackServer(state, pkce.codeVerifier);
+  await new Promise((resolve) => setTimeout(resolve, 500));
+  console.log("If the browser does not open automatically, visit:");
+  console.log(authUrl);
+  console.log();
   try {
-    return JSON.parse(str);
-  } catch {
-    return fallback;
-  }
-}
-function extractToolResultContent(content) {
-  if (!content) return "";
-  if (typeof content === "string") return content;
-  if (Array.isArray(content)) {
-    return content.filter((item) => item.type === "text").map((item) => item.text || "").join("\n");
+    await (0, import_open2.default)(authUrl);
+  } catch (openError) {
+    console.warn("Failed to open browser automatically. Please open the URL manually.");
   }
-  return "";
+  console.log("Waiting for authentication...");
+  const tokens = await tokensPromise;
+  console.log("\u2713 Successfully obtained Codex credentials");
+  return tokens;
 }
-function parseClaudeEvents(events, parentToolUseId) {
-  const messages = [];
-  const filterValue = parentToolUseId !== void 0 ? parentToolUseId : null;
-  const filteredEvents = events.filter(
-    (e) => e.payload.parent_tool_use_id === filterValue
-  );
-  const toolCallMap = /* @__PURE__ */ new Map();
-  filteredEvents.forEach((event) => {
-    if (event.type === "claude-user") {
-      const content = event.payload.message?.content || [];
-      const toolResult = content.find((c) => c.type === "tool_result");
-      if (toolResult && toolResult.tool_use_id) {
-        return;
+// src/commands/codex-auth.ts
+async function codexAuthCommand(options = {}) {
+  const isUserScoped = options.user === true;
+  const scopeLabel = isUserScoped ? "personal" : "organization";
+  console.log(import_chalk10.default.cyan(`Authenticating with Codex (${scopeLabel})...
+`));
+  try {
+    const tokens = await runCodexOAuthFlow();
+    console.log(import_chalk10.default.gray("\nUploading credentials to Replicas..."));
+    const endpoint = isUserScoped ? "/v1/codex/user/credentials" : "/v1/codex/credentials";
+    const response = await orgAuthenticatedFetch(
+      endpoint,
+      {
+        method: "POST",
+        body: {
+          access_token: tokens.accessToken,
+          refresh_token: tokens.refreshToken,
+          id_token: tokens.idToken
+        }
       }
-      const textContent = content.filter((c) => c.type === "text").map((c) => c.text || "").join("\n");
-      const images = content.filter((c) => c.type === "image" && c.source).map((c) => {
-        const source = c.source;
-        return {
-          type: "image",
-          mediaType: source.media_type || "image/png",
-          data: source.data || ""
-        };
-      }).filter((img) => img.data);
-      if (textContent || images.length > 0) {
-        messages.push({
-          id: `user-${event.timestamp}`,
-          type: "user",
-          content: textContent || (images.length > 0 ? `[${images.length} image${images.length > 1 ? "s" : ""} attached]` : ""),
-          images: images.length > 0 ? images : void 0,
-          timestamp: event.timestamp
-        });
+    );
+    if (response.success) {
+      console.log(import_chalk10.default.green("\n\u2713 Codex authentication complete!"));
+      if (response.email) {
+        console.log(import_chalk10.default.gray(`  Account: ${response.email}`));
       }
+      if (response.planType) {
+        console.log(import_chalk10.default.gray(`  Plan: ${response.planType}`));
+      }
+      if (isUserScoped) {
+        console.log(import_chalk10.default.gray("\nYour personal Codex credentials have been saved.\n"));
+      } else {
+        console.log(import_chalk10.default.gray("\nYou can now use Codex in your workspaces.\n"));
+      }
+    } else {
+      throw new Error(response.error || "Failed to upload Codex credentials to Replicas");
     }
-    if (event.type === "claude-assistant") {
-      const contentBlocks = event.payload.message?.content || [];
-      contentBlocks.forEach((block) => {
-        if (block.type === "text" && block.text) {
-          messages.push({
-            id: `agent-${event.timestamp}-${messages.length}`,
-            type: "agent",
-            content: block.text,
-            timestamp: event.timestamp
-          });
-        }
-        if (block.type === "thinking" && block.text) {
-          messages.push({
-            id: `reasoning-${event.timestamp}-${messages.length}`,
-            type: "reasoning",
-            content: block.text,
-            status: "completed",
-            timestamp: event.timestamp
-          });
-        }
-        if (block.type === "tool_use" && block.id) {
-          const toolName = block.name || "unknown";
-          const toolInput = block.input || {};
-          const toolUseId = block.id;
-          toolCallMap.set(toolUseId, {
-            messageIndex: messages.length,
-            toolName,
-            input: toolInput
-          });
-          if (toolName === "Task") {
-            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
-            const nestedEvents = events.filter((e) => e.payload.parent_tool_use_id === toolUseId).map((e) => ({
-              timestamp: e.timestamp,
-              type: e.type,
-              payload: e.payload
-            }));
-            messages.push({
-              id: `subagent-${event.timestamp}-${messages.length}`,
-              type: "subagent",
-              toolUseId,
-              description: inputObj.description || "Subagent Task",
-              prompt: inputObj.prompt || "",
-              subagentType: inputObj.subagent_type || "general",
-              model: inputObj.model,
-              status: "in_progress",
-              nestedEvents,
-              timestamp: event.timestamp
-            });
-          } else if (toolName === "Bash" || toolName === "bash" || toolName === "shell") {
-            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
-            const command = inputObj.command || "";
-            messages.push({
-              id: `command-${event.timestamp}-${messages.length}`,
-              type: "command",
-              command,
-              output: "",
-              status: "in_progress",
-              timestamp: event.timestamp
-            });
-          } else if (toolName === "Write" || toolName === "Edit") {
-            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
-            const filePath = inputObj.file_path || "";
-            const action = toolName === "Write" ? "add" : "update";
-            messages.push({
-              id: `file-${event.timestamp}-${messages.length}`,
-              type: "file_change",
-              changes: [{
-                path: filePath,
-                kind: action
-              }],
-              status: "in_progress",
-              timestamp: event.timestamp
-            });
-          } else if (toolName === "TodoWrite") {
-            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
-            const todos = inputObj.todos || [];
-            const todoItems = todos.map((todo) => ({
-              text: todo.content,
-              completed: todo.status === "completed"
-            }));
-            if (todoItems.length > 0) {
-              messages.push({
-                id: `todo-${event.timestamp}-${messages.length}`,
-                type: "todo_list",
-                items: todoItems,
-                status: "completed",
-                timestamp: event.timestamp
-              });
-            }
-          } else if (toolName === "WebSearch") {
-            const inputObj = typeof toolInput === "string" ? safeJsonParse2(toolInput, {}) : toolInput;
-            const query = inputObj.query || "";
-            messages.push({
-              id: `search-${event.timestamp}-${messages.length}`,
-              type: "web_search",
-              query,
-              status: "in_progress",
-              timestamp: event.timestamp
-            });
-          } else {
-            messages.push({
-              id: `toolcall-${event.timestamp}-${messages.length}`,
-              type: "tool_call",
-              server: "claude",
-              tool: toolName,
-              input: toolInput,
-              status: "in_progress",
-              timestamp: event.timestamp
-            });
-          }
-        }
-      });
-    }
-    if (event.type === "claude-result") {
-      const payload = event.payload;
-      if (payload.is_error || payload.subtype !== "success") {
-        const errorList = payload.errors || [];
-        const errorMessage = errorList.length > 0 ? errorList.join("\n") : "Claude session encountered an unexpected error.";
-        messages.push({
-          id: `error-${event.timestamp}`,
-          type: "error",
-          message: errorMessage,
-          timestamp: event.timestamp
-        });
+  } catch (error) {
+    console.log(import_chalk10.default.red("\n\u2717 Error:"), error instanceof Error ? error.message : error);
+    process.exit(1);
+  }
+}
+// src/commands/claude-auth.ts
+var import_chalk12 = __toESM(require("chalk"));
+// src/lib/claude-oauth.ts
+var import_open3 = __toESM(require("open"));
+var import_readline = __toESM(require("readline"));
+var import_chalk11 = __toESM(require("chalk"));
+var DEFAULT_CLIENT_ID = "9d1c250a-e61b-44d9-88ed-5944d1962f5e";
+var CLAUDE_CLIENT_ID = process.env.CLAUDE_OAUTH_CLIENT_ID || DEFAULT_CLIENT_ID;
+var AUTHORIZATION_ENDPOINT2 = "https://claude.ai/oauth/authorize";
+var TOKEN_ENDPOINT2 = "https://console.anthropic.com/v1/oauth/token";
+var REDIRECT_URI = "https://console.anthropic.com/oauth/code/callback";
+var SCOPES = "org:create_api_key user:profile user:inference";
+function buildAuthorizationUrl2(codeChallenge, state) {
+  const params = new URLSearchParams({
+    code: "true",
+    client_id: CLAUDE_CLIENT_ID,
+    response_type: "code",
+    redirect_uri: REDIRECT_URI,
+    scope: SCOPES,
+    code_challenge: codeChallenge,
+    code_challenge_method: "S256",
+    state
+  });
+  return `${AUTHORIZATION_ENDPOINT2}?${params.toString()}`;
+}
+async function promptForAuthorizationCode(instruction) {
+  const rl = import_readline.default.createInterface({
+    input: process.stdin,
+    output: process.stdout
+  });
+  return new Promise((resolve) => {
+    rl.question(instruction, (answer) => {
+      rl.close();
+      resolve(answer.trim());
+    });
+  });
+}
+function parseUserInput(input) {
+  if (!input.includes("#") && !input.includes("code=")) {
+    return { code: input };
+  }
+  if (input.startsWith("http://") || input.startsWith("https://")) {
+    try {
+      const url = new URL(input);
+      const fragment = url.hash.startsWith("#") ? url.hash.slice(1) : url.hash;
+      const params = new URLSearchParams(fragment);
+      const code2 = params.get("code") ?? void 0;
+      const state2 = params.get("state") ?? void 0;
+      if (code2) {
+        return { code: code2, state: state2 };
       }
+    } catch {
     }
+  }
+  const [code, state] = input.split("#");
+  return { code, state };
+}
+async function exchangeCodeForTokens2(code, state, expectedState, codeVerifier) {
+  if (state && state !== expectedState) {
+    throw new Error("State mismatch detected. Please restart the authentication flow.");
+  }
+  const payload = {
+    code,
+    state: state ?? expectedState,
+    grant_type: "authorization_code",
+    client_id: CLAUDE_CLIENT_ID,
+    redirect_uri: REDIRECT_URI,
+    code_verifier: codeVerifier
+  };
+  const response = await fetch(TOKEN_ENDPOINT2, {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json"
+    },
+    body: JSON.stringify(payload)
   });
-  filteredEvents.forEach((event) => {
-    if (event.type === "claude-user") {
-      const content = event.payload.message?.content || [];
-      const toolResult = content.find((c) => c.type === "tool_result");
-      if (toolResult && toolResult.tool_use_id) {
-        const toolInfo = toolCallMap.get(toolResult.tool_use_id);
-        if (!toolInfo) return;
-        const resultContent = extractToolResultContent(toolResult.content);
-        const isError = toolResult.is_error || false;
-        const status = isError ? "failed" : "completed";
-        const message = messages[toolInfo.messageIndex];
-        if (!message) return;
-        if (message.type === "command") {
-          message.output = resultContent;
-          message.status = status;
-          const exitCodeMatch = resultContent.match(/exit code:?\s*(\d+)/i);
-          if (exitCodeMatch) {
-            message.exitCode = parseInt(exitCodeMatch[1], 10);
-          } else {
-            message.exitCode = isError ? 1 : 0;
-          }
-        } else if (message.type === "file_change") {
-          message.status = status;
-        } else if (message.type === "web_search") {
-          message.status = status;
-        } else if (message.type === "tool_call") {
-          message.output = resultContent;
-          message.status = status;
-        } else if (message.type === "subagent") {
-          message.output = resultContent;
-          message.status = status;
+  if (!response.ok) {
+    const text = await response.text();
+    throw new Error(`Failed to exchange authorization code: ${response.status} ${text}`);
+  }
+  const data = await response.json();
+  const now = Date.now();
+  const expiresAt = new Date(now + data.expires_in * 1e3).toISOString();
+  const refreshTokenExpiresAt = data.refresh_token_expires_in ? new Date(now + data.refresh_token_expires_in * 1e3).toISOString() : void 0;
+  return {
+    accessToken: data.access_token,
+    refreshToken: data.refresh_token,
+    tokenType: data.token_type,
+    scope: data.scope,
+    expiresAt,
+    refreshTokenExpiresAt
+  };
+}
+async function runClaudeOAuthFlow() {
+  const pkce = generatePkceCodes();
+  const state = generateState2();
+  const authUrl = buildAuthorizationUrl2(pkce.codeChallenge, state);
+  console.log(import_chalk11.default.gray("We will open your browser so you can authenticate with Claude Code."));
+  console.log(import_chalk11.default.gray("If the browser does not open automatically, use the URL below:\n"));
+  console.log(authUrl);
+  console.log();
+  try {
+    await (0, import_open3.default)(authUrl);
+  } catch {
+    console.warn(import_chalk11.default.yellow("Failed to open browser automatically. Please copy and open the URL manually."));
+  }
+  console.log(import_chalk11.default.cyan("After completing authentication, copy the code shown on the success page."));
+  console.log(import_chalk11.default.cyan("You can paste either the full URL, or a value formatted as CODE#STATE.\n"));
+  const userInput = await promptForAuthorizationCode("Paste the authorization code (or URL) here: ");
+  if (!userInput) {
+    throw new Error("No authorization code provided.");
+  }
+  const { code, state: returnedState } = parseUserInput(userInput);
+  if (!code) {
+    throw new Error("Unable to parse authorization code. Please try again.");
+  }
+  console.log(import_chalk11.default.gray("\nExchanging authorization code for tokens..."));
+  const tokens = await exchangeCodeForTokens2(code, returnedState, state, pkce.codeVerifier);
+  console.log(import_chalk11.default.green("\u2713 Successfully obtained Claude credentials"));
+  return tokens;
+}
+// src/commands/claude-auth.ts
+async function claudeAuthCommand(options = {}) {
+  const isUserScoped = options.user === true;
+  const scopeLabel = isUserScoped ? "personal" : "organization";
+  console.log(import_chalk12.default.cyan(`Authenticating with Claude Code (${scopeLabel})...
+`));
+  try {
+    const tokens = await runClaudeOAuthFlow();
+    console.log(import_chalk12.default.gray("\nUploading credentials to Replicas..."));
+    const endpoint = isUserScoped ? "/v1/claude/user/credentials" : "/v1/claude/credentials";
+    const response = await orgAuthenticatedFetch(
+      endpoint,
+      {
+        method: "POST",
+        body: {
+          access_token: tokens.accessToken,
+          refresh_token: tokens.refreshToken,
+          token_type: tokens.tokenType,
+          scope: tokens.scope,
+          expires_at: tokens.expiresAt,
+          refresh_token_expires_at: tokens.refreshTokenExpiresAt
         }
       }
+    );
+    if (!response.success) {
+      throw new Error(response.error || "Failed to upload Claude credentials to Replicas");
     }
-  });
-  return messages;
+    console.log(import_chalk12.default.green("\n\u2713 Claude authentication complete!"));
+    if (response.email) {
+      console.log(import_chalk12.default.gray(`  Account: ${response.email}`));
+    }
+    if (response.planType) {
+      console.log(import_chalk12.default.gray(`  Plan: ${response.planType}`));
+    }
+    if (isUserScoped) {
+      console.log(import_chalk12.default.gray("\nYour personal Claude credentials have been saved.\n"));
+    } else {
+      console.log(import_chalk12.default.gray("\nYou can now use Claude Code in your workspaces.\n"));
+    }
+  } catch (error) {
+    console.log(import_chalk12.default.red("\n\u2717 Error:"), error instanceof Error ? error.message : error);
+    process.exit(1);
+  }
 }
-// ../shared/src/display-message/parsers/index.ts
-function parseAgentEvents(events, agentType) {
-  if (agentType === "codex") {
-    return parseCodexEvents(events);
-  } else if (agentType === "claude") {
-    return parseClaudeEvents(events);
+// src/commands/init.ts
+var import_chalk13 = __toESM(require("chalk"));
+var import_fs4 = __toESM(require("fs"));
+var import_path5 = __toESM(require("path"));
+var REPLICAS_CONFIG_FILENAME = "replicas.json";
+function getDefaultConfig() {
+  return {
+    copy: [],
+    ports: [],
+    systemPrompt: "",
+    startHook: {
+      timeout: 3e5,
+      commands: []
+    }
+  };
+}
+function initCommand(options) {
+  const configPath = import_path5.default.join(process.cwd(), REPLICAS_CONFIG_FILENAME);
+  if (import_fs4.default.existsSync(configPath) && !options.force) {
+    console.log(
+      import_chalk13.default.yellow(
+        `${REPLICAS_CONFIG_FILENAME} already exists in this directory.`
+      )
+    );
+    console.log(import_chalk13.default.gray("Use --force to overwrite the existing file."));
+    return;
+  }
+  const defaultConfig = getDefaultConfig();
+  const configContent = JSON.stringify(defaultConfig, null, 2);
+  try {
+    import_fs4.default.writeFileSync(configPath, configContent + "\n", "utf-8");
+    console.log(import_chalk13.default.green(`\u2713 Created ${REPLICAS_CONFIG_FILENAME}`));
+    console.log("");
+    console.log(import_chalk13.default.gray("Configuration options:"));
+    console.log(
+      import_chalk13.default.gray('  copy        - Files to sync to the workspace (e.g., [".env"])')
+    );
+    console.log(
+      import_chalk13.default.gray("  ports       - Ports to forward from the workspace (e.g., [3000, 8080])")
+    );
+    console.log(
+      import_chalk13.default.gray("  systemPrompt - Custom instructions for AI coding assistants")
+    );
+    console.log(
+      import_chalk13.default.gray("  startHook   - Commands to run on workspace startup")
+    );
+  } catch (error) {
+    throw new Error(
+      `Failed to create ${REPLICAS_CONFIG_FILENAME}: ${error instanceof Error ? error.message : "Unknown error"}`
+    );
+  }
+}
+// src/lib/version-check.ts
+var import_chalk14 = __toESM(require("chalk"));
+var MONOLITH_URL2 = process.env.REPLICAS_MONOLITH_URL || "https://api.replicas.dev";
+var VERSION_CHECK_TIMEOUT = 2e3;
+function compareVersions(v1, v2) {
+  const parts1 = v1.split(".").map(Number);
+  const parts2 = v2.split(".").map(Number);
+  for (let i = 0; i < Math.max(parts1.length, parts2.length); i++) {
+    const num1 = parts1[i] || 0;
+    const num2 = parts2[i] || 0;
+    if (num1 > num2) return 1;
+    if (num1 < num2) return -1;
+  }
+  return 0;
+}
+async function checkForUpdates(currentVersion) {
+  try {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), VERSION_CHECK_TIMEOUT);
+    const response = await fetch(`${MONOLITH_URL2}/v1/cli/version`, {
+      signal: controller.signal
+    });
+    clearTimeout(timeoutId);
+    if (!response.ok) return;
+    const data = await response.json();
+    const latestVersion = data.version;
+    if (compareVersions(latestVersion, currentVersion) > 0) {
+      console.error(import_chalk14.default.yellow(`
+Update available: ${currentVersion} \u2192 ${latestVersion}`));
+      console.error(import_chalk14.default.cyan(`Run: npm i -g replicas-cli@latest
+`));
+    }
+  } catch {
   }
-  return [];
 }
 // src/commands/replica.ts
+var import_chalk15 = __toESM(require("chalk"));
+var import_prompts3 = __toESM(require("prompts"));
 function formatDate(dateString) {
   return new Date(dateString).toLocaleString();
 }
@@ -2541,7 +2549,7 @@ Repositories (${response.repositories.length}):
 }
 // src/index.ts
-var CLI_VERSION = "0.2.30";
+var CLI_VERSION = "0.2.33";
 var program = new import_commander.Command();
 program.name("replicas").description("CLI for managing Replicas workspaces").version(CLI_VERSION);
 program.command("login").description("Authenticate with your Replicas account").action(async () => {