rulesync 8.5.0 → 8.6.0

package/dist/cli/index.cjs

@@ -21288,15 +21288,156 @@ function mapBashActionToDecision(action) {
 
 // src/features/permissions/geminicli-permissions.ts
 var import_node_path139 = require("path");
+var smolToml6 = __toESM(require("smol-toml"), 1);
 var import_mini72 = require("zod/mini");
-var GeminiCliSettingsSchema = import_mini72.z.looseObject({
-  tools: import_mini72.z.optional(
-    import_mini72.z.looseObject({
-      allowed: import_mini72.z.optional(import_mini72.z.array(import_mini72.z.string())),
-      exclude: import_mini72.z.optional(import_mini72.z.array(import_mini72.z.string()))
-    })
-  )
-});
+
+// src/utils/logger.ts
+var BaseLogger = class {
+  _verbose = false;
+  _silent = false;
+  constructor({ verbose = false, silent = false } = {}) {
+    this._silent = silent;
+    this._verbose = verbose && !silent;
+  }
+  get verbose() {
+    return this._verbose;
+  }
+  get silent() {
+    return this._silent;
+  }
+  configure({ verbose, silent }) {
+    if (verbose && silent) {
+      this._silent = false;
+      if (!isEnvTest()) {
+        this.onConflictingFlags();
+      }
+    }
+    this._silent = silent;
+    this._verbose = verbose && !silent;
+  }
+  onConflictingFlags() {
+    console.warn("Both --verbose and --silent specified; --silent takes precedence");
+  }
+};
+var ConsoleLogger = class extends BaseLogger {
+  isSuppressed() {
+    return isEnvTest() || this._silent;
+  }
+  get jsonMode() {
+    return false;
+  }
+  captureData(_key, _value) {
+  }
+  getJsonData() {
+    return {};
+  }
+  outputJson(_success, _error) {
+  }
+  info(message, ...args) {
+    if (this.isSuppressed()) return;
+    console.log(message, ...args);
+  }
+  success(message, ...args) {
+    if (this.isSuppressed()) return;
+    console.log(message, ...args);
+  }
+  warn(message, ...args) {
+    if (this.isSuppressed()) return;
+    console.warn(message, ...args);
+  }
+  // Errors are always emitted, even in silent mode
+  error(message, _code, ...args) {
+    if (isEnvTest()) return;
+    const errorMessage = message instanceof Error ? message.message : message;
+    console.error(errorMessage, ...args);
+  }
+  debug(message, ...args) {
+    if (!this._verbose || this.isSuppressed()) return;
+    console.log(message, ...args);
+  }
+};
+var JsonLogger = class extends BaseLogger {
+  _jsonOutputDone = false;
+  _jsonData = {};
+  _commandName;
+  _version;
+  constructor({
+    command,
+    version,
+    verbose = false,
+    silent = false
+  }) {
+    super({ verbose, silent });
+    this._commandName = command;
+    this._version = version;
+  }
+  // Suppress raw console.warn in JSON mode to avoid non-JSON text on stderr
+  onConflictingFlags() {
+  }
+  get jsonMode() {
+    return true;
+  }
+  captureData(key, value) {
+    this._jsonData[key] = value;
+  }
+  getJsonData() {
+    return { ...this._jsonData };
+  }
+  outputJson(success, error) {
+    if (this._jsonOutputDone) return;
+    this._jsonOutputDone = true;
+    const output = {
+      success,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      command: this._commandName,
+      version: this._version
+    };
+    if (success) {
+      output.data = this._jsonData;
+    } else if (error) {
+      output.error = {
+        code: error.code,
+        message: error.message
+      };
+      if (error.details) {
+        output.error.details = error.details;
+      }
+      if (error.stack) {
+        output.error.stack = error.stack;
+      }
+    }
+    const jsonStr = JSON.stringify(output, null, 2);
+    if (success) {
+      console.log(jsonStr);
+    } else {
+      console.error(jsonStr);
+    }
+  }
+  info(_message, ..._args) {
+  }
+  success(_message, ..._args) {
+  }
+  warn(_message, ..._args) {
+  }
+  error(message, code, ..._args) {
+    if (isEnvTest()) return;
+    const errorMessage = message instanceof Error ? message.message : message;
+    const errorInfo = {
+      code: code || ErrorCodes.UNKNOWN_ERROR,
+      message: errorMessage
+    };
+    if (this._verbose && message instanceof Error && message.stack) {
+      errorInfo.stack = message.stack;
+    }
+    this.outputJson(false, errorInfo);
+  }
+  debug(_message, ..._args) {
+  }
+};
+
+// src/features/permissions/geminicli-permissions.ts
+var GEMINICLI_POLICY_RELATIVE_DIR_PATH = (0, import_node_path139.join)(".gemini", "policies");
+var GEMINICLI_POLICY_FILE_NAME = "rulesync.toml";
 var RULESYNC_TO_GEMINICLI_TOOL_NAME = {
   bash: "run_shell_command",
   read: "read_file",
@@ -21304,16 +21445,32 @@ var RULESYNC_TO_GEMINICLI_TOOL_NAME = {
   write: "write_file",
   webfetch: "web_fetch"
 };
+var GEMINICLI_TO_RULESYNC_TOOL_NAME = Object.fromEntries(
+  Object.entries(RULESYNC_TO_GEMINICLI_TOOL_NAME).map(([k, v]) => [v, k])
+);
+var PRIORITY_DENY = 1e6;
+var PRIORITY_ASK = 1e3;
+var PRIORITY_ALLOW = 1;
+var SINGLE_STAR_REGEX = '[^/\\"]*';
+var DOUBLE_STAR_REGEX = '[^\\"]*';
+var SINGLE_CHAR_REGEX = '[^/\\"]';
+var LEGACY_SINGLE_STAR_REGEX = '[^\\"]*';
+var LEGACY_DOUBLE_STAR_REGEX = ".*";
+var COMMAND_ARGS_ANCHOR = '"command":"';
+var VALUE_END_ANCHOR = '\\"';
+var RESERVED_OBJECT_KEYS = /* @__PURE__ */ new Set([
+  "__proto__",
+  "constructor",
+  "prototype"
+]);
+var moduleLogger = new ConsoleLogger();
 var GeminicliPermissions = class _GeminicliPermissions extends ToolPermissions {
   static getSettablePaths(_options = {}) {
     return {
-      relativeDirPath: ".gemini",
-      relativeFilePath: "settings.json"
+      relativeDirPath: GEMINICLI_POLICY_RELATIVE_DIR_PATH,
+      relativeFilePath: GEMINICLI_POLICY_FILE_NAME
     };
   }
-  isDeletable() {
-    return false;
-  }
   static async fromFile({
     baseDir = process.cwd(),
     validate = true,
@@ -21321,7 +21478,7 @@ var GeminicliPermissions = class _GeminicliPermissions extends ToolPermissions {
   }) {
     const paths = this.getSettablePaths({ global });
     const filePath = (0, import_node_path139.join)(baseDir, paths.relativeDirPath, paths.relativeFilePath);
-    const fileContent = await readFileContentOrNull(filePath) ?? JSON.stringify({}, null, 2);
+    const fileContent = await readFileContentOrNull(filePath) ?? "";
     return new _GeminicliPermissions({
       baseDir,
       relativeDirPath: paths.relativeDirPath,
@@ -21330,63 +21487,72 @@ var GeminicliPermissions = class _GeminicliPermissions extends ToolPermissions {
       validate
     });
   }
-  static async fromRulesyncPermissions({
+  static fromRulesyncPermissions({
     baseDir = process.cwd(),
     rulesyncPermissions,
     validate = true,
-    logger: logger5,
-    global = false
+    global = false,
+    logger: logger5 = moduleLogger
   }) {
     const paths = this.getSettablePaths({ global });
-    const filePath = (0, import_node_path139.join)(baseDir, paths.relativeDirPath, paths.relativeFilePath);
-    const existingContent = await readFileContentOrNull(filePath) ?? JSON.stringify({}, null, 2);
-    const settingsResult = GeminiCliSettingsSchema.safeParse(JSON.parse(existingContent));
-    if (!settingsResult.success) {
-      throw new Error(
-        `Failed to parse existing Gemini CLI settings at ${filePath}: ${formatError(settingsResult.error)}`
-      );
-    }
-    const { allowed, exclude } = convertRulesyncToGeminicliTools({
-      config: rulesyncPermissions.getJson(),
-      logger: logger5
-    });
-    const merged = {
-      ...settingsResult.data,
-      tools: {
-        ...settingsResult.data.tools,
-        ...allowed.length > 0 ? { allowed } : {},
-        ...exclude.length > 0 ? { exclude } : {}
-      }
-    };
+    const fileContent = buildGeminicliPolicyContent(rulesyncPermissions.getJson(), logger5);
     return new _GeminicliPermissions({
       baseDir,
       relativeDirPath: paths.relativeDirPath,
       relativeFilePath: paths.relativeFilePath,
-      fileContent: JSON.stringify(merged, null, 2),
+      fileContent,
       validate
     });
   }
   toRulesyncPermissions() {
-    let settings;
-    try {
-      const parsed = JSON.parse(this.getFileContent());
-      settings = GeminiCliSettingsSchema.parse(parsed);
-    } catch (error) {
-      throw new Error(
-        `Failed to parse Gemini CLI permissions content in ${(0, import_node_path139.join)(this.getRelativeDirPath(), this.getRelativeFilePath())}: ${formatError(error)}`,
-        { cause: error }
-      );
-    }
     const permission = {};
-    for (const toolEntry of settings.tools?.allowed ?? []) {
-      const mapped = parseGeminicliToolEntry({ entry: toolEntry });
-      const rules = permission[mapped.category] ??= {};
-      rules[mapped.pattern] = "allow";
-    }
-    for (const toolEntry of settings.tools?.exclude ?? []) {
-      const mapped = parseGeminicliToolEntry({ entry: toolEntry });
-      const rules = permission[mapped.category] ??= {};
-      rules[mapped.pattern] = "deny";
+    const fileContent = this.getFileContent();
+    if (fileContent.trim().length > 0) {
+      let parsed;
+      try {
+        parsed = smolToml6.parse(fileContent);
+      } catch (error) {
+        throw new Error(
+          `Failed to parse Gemini CLI policy TOML in ${(0, import_node_path139.join)(this.getRelativeDirPath(), this.getRelativeFilePath())}: ${formatError(error)}`,
+          { cause: error }
+        );
+      }
+      const rules = extractRules(parsed, moduleLogger);
+      for (const [index, rule] of rules.entries()) {
+        const mappedCategory = Object.hasOwn(GEMINICLI_TO_RULESYNC_TOOL_NAME, rule.toolName) ? GEMINICLI_TO_RULESYNC_TOOL_NAME[rule.toolName] : void 0;
+        const category = mappedCategory ?? rule.toolName;
+        if (RESERVED_OBJECT_KEYS.has(category)) {
+          moduleLogger.warn(
+            `Skipping rule #${index} in ${this.getRelativeFilePath()}: toolName "${rule.toolName}" maps to a reserved object key ("${category}") and would risk prototype pollution.`
+          );
+          continue;
+        }
+        const action = mapFromGeminicliDecision(rule.decision);
+        if (!action) {
+          moduleLogger.warn(
+            `Skipping rule #${index} (toolName="${rule.toolName}", commandPrefix=${JSON.stringify(rule.commandPrefix)}, argsPattern=${JSON.stringify(rule.argsPattern)}) in ${this.getRelativeFilePath()}: unknown decision ${JSON.stringify(rule.decision)}`
+          );
+          continue;
+        }
+        if (rule.toolName === "run_shell_command" && rule.commandPrefix !== void 0 && rule.argsPattern !== void 0) {
+          moduleLogger.warn(
+            `Rule #${index} in ${this.getRelativeFilePath()} sets both commandPrefix and argsPattern; rulesync will honor argsPattern and ignore commandPrefix=${JSON.stringify(rule.commandPrefix)}.`
+          );
+        }
+        const pattern = extractPattern(rule);
+        if (RESERVED_OBJECT_KEYS.has(pattern)) {
+          moduleLogger.warn(
+            `Skipping rule #${index} in ${this.getRelativeFilePath()}: pattern "${pattern}" is a reserved object key.`
+          );
+          continue;
+        }
+        const existing = Object.hasOwn(permission, category) ? permission[category] : void 0;
+        const target = existing ?? {};
+        if (existing === void 0) {
+          permission[category] = target;
+        }
+        target[pattern] = action;
+      }
     }
     return this.toRulesyncPermissionsDefault({
       fileContent: JSON.stringify({ permission }, null, 2)
@@ -21404,50 +21570,238 @@ var GeminicliPermissions = class _GeminicliPermissions extends ToolPermissions {
       baseDir,
       relativeDirPath,
       relativeFilePath,
-      fileContent: JSON.stringify({}, null, 2),
+      fileContent: "",
       validate: false
     });
   }
 };
-function convertRulesyncToGeminicliTools({
-  config,
-  logger: logger5
-}) {
-  const allowed = [];
-  const exclude = [];
-  for (const [toolName, rules] of Object.entries(config.permission)) {
+function buildGeminicliPolicyContent(config, logger5) {
+  const rules = [];
+  let order = 0;
+  for (const [toolName, entries] of Object.entries(config.permission)) {
     const mappedToolName = RULESYNC_TO_GEMINICLI_TOOL_NAME[toolName] ?? toolName;
-    if (!RULESYNC_TO_GEMINICLI_TOOL_NAME[toolName]) {
-      logger5?.warn(`Gemini CLI permissions use direct tool names. Mapping as-is: ${toolName}`);
-    }
-    for (const [pattern, action] of Object.entries(rules)) {
-      if (action === "ask") {
-        logger5?.warn(
-          `Gemini CLI does not support explicit "ask" rules in settings. Skipping ${toolName}:${pattern}`
+    for (const [pattern, action] of Object.entries(entries)) {
+      if (pattern === "") {
+        logger5.warn(
+          `Skipping rule "${toolName}: "": empty pattern is not a valid permission target and would silently match every invocation (bash) or nothing (other tools).`
         );
         continue;
       }
-      const geminiEntry = pattern === "*" ? mappedToolName : `${mappedToolName}(${pattern})`;
-      if (action === "allow") {
-        allowed.push(geminiEntry);
-      } else {
-        exclude.push(geminiEntry);
+      if (hasUnsafeAnchorChar(pattern)) {
+        logger5.warn(
+          `Skipping rule "${toolName}: ${pattern}": pattern contains a character (" or \\) that would break JSON-anchor matching in the Gemini CLI Policy Engine.`
+        );
+        continue;
+      }
+      const decision = mapToGeminicliDecision(action);
+      if (mappedToolName === "run_shell_command" && (pattern === "*" || pattern === "**") && decision !== "ask_user") {
+        logger5.warn(
+          `Skipping rule "${toolName}: ${pattern}" with decision ${decision}: bash match-all patterns are only supported with "ask" because they would otherwise affect every shell command.`
+        );
+        continue;
+      }
+      const currentRule = {
+        toolName: mappedToolName,
+        decision,
+        priority: priorityForDecision(decision)
+      };
+      if (mappedToolName === "run_shell_command") {
+        applyShellPattern({ rule: currentRule, pattern, toolName, logger: logger5 });
+      } else if (pattern !== "*") {
+        currentRule.argsPattern = buildNonShellArgsPattern(pattern);
       }
+      rules.push({ rule: currentRule, order: order++ });
     }
   }
-  return { allowed, exclude };
+  rules.sort((a, b) => {
+    const diff = toNumber(b.rule.priority) - toNumber(a.rule.priority);
+    return diff !== 0 ? diff : a.order - b.order;
+  });
+  return smolToml6.stringify({ rule: rules.map((entry) => entry.rule) });
 }
-function parseGeminicliToolEntry({ entry }) {
-  const match = /^([^()]+?)(?:\((.*)\))?$/.exec(entry);
-  if (!match) return { category: entry, pattern: "*" };
-  const rawToolName = match[1]?.trim() ?? entry;
-  const mappedCategory = Object.entries(RULESYNC_TO_GEMINICLI_TOOL_NAME).find(
-    ([, value]) => value === rawToolName
-  )?.[0];
-  return {
-    category: mappedCategory ?? rawToolName,
-    pattern: (match[2] ?? "*").trim()
-  };
+function buildNonShellArgsPattern(pattern) {
+  return `"${globPatternToRegex(pattern)}${VALUE_END_ANCHOR}`;
+}
+function hasUnsafeAnchorChar(pattern) {
+  return pattern.includes('"') || pattern.includes("\\");
+}
+function toNumber(value) {
+  return typeof value === "number" ? value : 0;
+}
+function applyShellPattern({
+  rule,
+  pattern,
+  toolName,
+  logger: logger5
+}) {
+  if (pattern === "*") {
+    return;
+  }
+  const trailingWildcardStripped = pattern.endsWith(" *") ? pattern.slice(0, -2) : pattern;
+  if (hasGlobMetacharacter(trailingWildcardStripped)) {
+    rule.argsPattern = `${COMMAND_ARGS_ANCHOR}${globPatternToRegex(pattern)}`;
+    logger5.warn(
+      `Gemini CLI does not support glob metacharacters inside a bash command prefix; emitting argsPattern for rule "${toolName}: ${pattern}".`
+    );
+    return;
+  }
+  rule.commandPrefix = trailingWildcardStripped;
+}
+function hasGlobMetacharacter(pattern) {
+  return /[*?[\]]/.test(pattern);
+}
+function priorityForDecision(decision) {
+  if (decision === "deny") return PRIORITY_DENY;
+  if (decision === "ask_user") return PRIORITY_ASK;
+  return PRIORITY_ALLOW;
+}
+function mapToGeminicliDecision(action) {
+  if (action === "ask") {
+    return "ask_user";
+  }
+  return action;
+}
+function mapFromGeminicliDecision(decision) {
+  if (decision === "allow") return "allow";
+  if (decision === "deny") return "deny";
+  if (decision === "ask_user") return "ask";
+  return null;
+}
+function globPatternToRegex(pattern) {
+  let regex = "";
+  let i = 0;
+  while (i < pattern.length) {
+    const char = pattern[i];
+    if (char === void 0) {
+      break;
+    }
+    if (char === "*" && pattern[i + 1] === "*") {
+      regex += DOUBLE_STAR_REGEX;
+      i += 2;
+      continue;
+    }
+    if (char === "*") {
+      regex += SINGLE_STAR_REGEX;
+      i += 1;
+      continue;
+    }
+    if (char === "?") {
+      regex += SINGLE_CHAR_REGEX;
+      i += 1;
+      continue;
+    }
+    if (char === "[") {
+      regex += escapeRegexChar(char);
+      i += 1;
+      continue;
+    }
+    if (char === "]") {
+      regex += escapeRegexChar(char);
+      i += 1;
+      continue;
+    }
+    if (isRegexMetacharacter(char)) {
+      regex += `\\${char}`;
+      i += 1;
+      continue;
+    }
+    regex += char;
+    i += 1;
+  }
+  return regex;
+}
+function escapeRegexChar(char) {
+  return `\\${char}`;
+}
+function isRegexMetacharacter(char) {
+  return /[.+^${}()|\\]/.test(char);
+}
+function regexToGlobPattern(regex) {
+  let source = regex;
+  if (source.endsWith(VALUE_END_ANCHOR)) {
+    source = source.slice(0, -VALUE_END_ANCHOR.length);
+  }
+  let glob = "";
+  let i = 0;
+  while (i < source.length) {
+    if (source.startsWith(DOUBLE_STAR_REGEX, i)) {
+      glob += "**";
+      i += DOUBLE_STAR_REGEX.length;
+      continue;
+    }
+    if (source.startsWith(LEGACY_DOUBLE_STAR_REGEX, i)) {
+      glob += "**";
+      i += LEGACY_DOUBLE_STAR_REGEX.length;
+      continue;
+    }
+    if (source.startsWith(SINGLE_STAR_REGEX, i)) {
+      glob += "*";
+      i += SINGLE_STAR_REGEX.length;
+      continue;
+    }
+    if (source.startsWith(LEGACY_SINGLE_STAR_REGEX, i)) {
+      glob += "*";
+      i += LEGACY_SINGLE_STAR_REGEX.length;
+      continue;
+    }
+    if (source.startsWith(SINGLE_CHAR_REGEX, i)) {
+      glob += "?";
+      i += SINGLE_CHAR_REGEX.length;
+      continue;
+    }
+    const char = source[i];
+    if (char === "\\") {
+      const escaped = source[i + 1];
+      if (escaped !== void 0) {
+        glob += escaped;
+        i += 2;
+        continue;
+      }
+    }
+    glob += char ?? "";
+    i += 1;
+  }
+  return glob;
+}
+var GeminicliPolicyRuleSchema = import_mini72.z.looseObject({
+  toolName: import_mini72.z.string(),
+  decision: import_mini72.z.optional(import_mini72.z.unknown()),
+  commandPrefix: import_mini72.z.optional(import_mini72.z.string()),
+  argsPattern: import_mini72.z.optional(import_mini72.z.string())
+});
+var GeminicliPolicyFileSchema = import_mini72.z.looseObject({
+  rule: import_mini72.z.optional(import_mini72.z.array(import_mini72.z.looseObject({})))
+});
+function extractRules(parsed, logger5) {
+  const parsedFile = GeminicliPolicyFileSchema.safeParse(parsed);
+  if (!parsedFile.success || !parsedFile.data.rule) {
+    return [];
+  }
+  const rules = [];
+  for (const [index, entry] of parsedFile.data.rule.entries()) {
+    const result = GeminicliPolicyRuleSchema.safeParse(entry);
+    if (result.success) {
+      rules.push(result.data);
+      continue;
+    }
+    logger5.warn(
+      `Skipping malformed Gemini CLI policy rule at index ${index}: ${formatError(result.error)}`
+    );
+  }
+  return rules;
+}
+function extractPattern(rule) {
+  if (rule.toolName === "run_shell_command") {
+    if (rule.argsPattern) {
+      const stripped = rule.argsPattern.startsWith(COMMAND_ARGS_ANCHOR) ? rule.argsPattern.slice(COMMAND_ARGS_ANCHOR.length) : rule.argsPattern;
+      return regexToGlobPattern(stripped);
+    }
+    if (!rule.commandPrefix) return "*";
+    return rule.commandPrefix.endsWith(" *") || rule.commandPrefix.endsWith("*") ? rule.commandPrefix : `${rule.commandPrefix} *`;
+  }
+  if (!rule.argsPattern) return "*";
+  const regex = rule.argsPattern.startsWith('"') ? rule.argsPattern.slice(1) : rule.argsPattern;
+  return regexToGlobPattern(regex);
 }
 
 // src/features/permissions/kiro-permissions.ts
@@ -24361,152 +24715,6 @@ var import_mini85 = require("zod/mini");
 // src/mcp/commands.ts
 var import_node_path148 = require("path");
 var import_mini77 = require("zod/mini");
-
-// src/utils/logger.ts
-var BaseLogger = class {
-  _verbose = false;
-  _silent = false;
-  constructor({ verbose = false, silent = false } = {}) {
-    this._silent = silent;
-    this._verbose = verbose && !silent;
-  }
-  get verbose() {
-    return this._verbose;
-  }
-  get silent() {
-    return this._silent;
-  }
-  configure({ verbose, silent }) {
-    if (verbose && silent) {
-      this._silent = false;
-      if (!isEnvTest()) {
-        this.onConflictingFlags();
-      }
-    }
-    this._silent = silent;
-    this._verbose = verbose && !silent;
-  }
-  onConflictingFlags() {
-    console.warn("Both --verbose and --silent specified; --silent takes precedence");
-  }
-};
-var ConsoleLogger = class extends BaseLogger {
-  isSuppressed() {
-    return isEnvTest() || this._silent;
-  }
-  get jsonMode() {
-    return false;
-  }
-  captureData(_key, _value) {
-  }
-  getJsonData() {
-    return {};
-  }
-  outputJson(_success, _error) {
-  }
-  info(message, ...args) {
-    if (this.isSuppressed()) return;
-    console.log(message, ...args);
-  }
-  success(message, ...args) {
-    if (this.isSuppressed()) return;
-    console.log(message, ...args);
-  }
-  warn(message, ...args) {
-    if (this.isSuppressed()) return;
-    console.warn(message, ...args);
-  }
-  // Errors are always emitted, even in silent mode
-  error(message, _code, ...args) {
-    if (isEnvTest()) return;
-    const errorMessage = message instanceof Error ? message.message : message;
-    console.error(errorMessage, ...args);
-  }
-  debug(message, ...args) {
-    if (!this._verbose || this.isSuppressed()) return;
-    console.log(message, ...args);
-  }
-};
-var JsonLogger = class extends BaseLogger {
-  _jsonOutputDone = false;
-  _jsonData = {};
-  _commandName;
-  _version;
-  constructor({
-    command,
-    version,
-    verbose = false,
-    silent = false
-  }) {
-    super({ verbose, silent });
-    this._commandName = command;
-    this._version = version;
-  }
-  // Suppress raw console.warn in JSON mode to avoid non-JSON text on stderr
-  onConflictingFlags() {
-  }
-  get jsonMode() {
-    return true;
-  }
-  captureData(key, value) {
-    this._jsonData[key] = value;
-  }
-  getJsonData() {
-    return { ...this._jsonData };
-  }
-  outputJson(success, error) {
-    if (this._jsonOutputDone) return;
-    this._jsonOutputDone = true;
-    const output = {
-      success,
-      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-      command: this._commandName,
-      version: this._version
-    };
-    if (success) {
-      output.data = this._jsonData;
-    } else if (error) {
-      output.error = {
-        code: error.code,
-        message: error.message
-      };
-      if (error.details) {
-        output.error.details = error.details;
-      }
-      if (error.stack) {
-        output.error.stack = error.stack;
-      }
-    }
-    const jsonStr = JSON.stringify(output, null, 2);
-    if (success) {
-      console.log(jsonStr);
-    } else {
-      console.error(jsonStr);
-    }
-  }
-  info(_message, ..._args) {
-  }
-  success(_message, ..._args) {
-  }
-  warn(_message, ..._args) {
-  }
-  error(message, code, ..._args) {
-    if (isEnvTest()) return;
-    const errorMessage = message instanceof Error ? message.message : message;
-    const errorInfo = {
-      code: code || ErrorCodes.UNKNOWN_ERROR,
-      message: errorMessage
-    };
-    if (this._verbose && message instanceof Error && message.stack) {
-      errorInfo.stack = message.stack;
-    }
-    this.outputJson(false, errorInfo);
-  }
-  debug(_message, ..._args) {
-  }
-};
-
-// src/mcp/commands.ts
 var logger = new ConsoleLogger({ verbose: false, silent: true });
 var maxCommandSizeBytes = 1024 * 1024;
 var maxCommandsCount = 1e3;
@@ -26362,7 +26570,7 @@ function wrapCommand({
 }
 
 // src/cli/index.ts
-var getVersion = () => "8.5.0";
+var getVersion = () => "8.6.0";
 function wrapCommand2(name, errorCode, handler) {
   return wrapCommand({ name, errorCode, handler, getVersion });
 }