run402 2.15.3 → 2.16.1

package/README.md

@@ -66,7 +66,7 @@ run402 subdomains claim my-app                # → my-app.run402.com (auto-reas
 ```
 
 `deploy-dir` hashes each file client-side and only uploads bytes the gateway doesn't already have. Re-deploying an unchanged tree returns immediately with `bytes_uploaded: 0`. Progress events stream to stderr.
-Release inspection commands print `{ status: "ok", release: ... }` or `{ status: "ok", diff: ... }`; use them after deploys to compare release inventory without starting another mutation. Inventories include `release_generation`, `static_manifest_sha256`, and nullable `static_manifest_metadata`; diffs include `static_assets` counters such as unchanged/changed/added/removed and CAS byte reuse. `deploy diagnose` / `deploy resolve --url` print URL-first diagnostics with `would_serve`, `diagnostic_status`, `match`, warnings, and next steps; host misses are successful diagnostic calls with `would_serve: false`. Stable-host resolve fields can include `authorization_result`, `cas_object`, `response_variant`, `allow`, `route_pattern`, `target_type`, `target_name`, and `target_file`.
+Release inspection commands print `{ release: ... }` or `{ diff: ... }` (raw payload, no envelope — see the "Output Contract" section in [llms-cli.txt](llms-cli.txt)); use them after deploys to compare release inventory without starting another mutation. Inventories include `release_generation`, `static_manifest_sha256`, and nullable `static_manifest_metadata`; diffs include `static_assets` counters such as unchanged/changed/added/removed and CAS byte reuse. `deploy diagnose` / `deploy resolve --url` print URL-first diagnostics with `would_serve`, `diagnostic_status`, `match`, warnings, and next steps; host misses are successful diagnostic calls with `would_serve: false`. Stable-host resolve fields can include `authorization_result`, `cas_object`, `response_variant`, `allow`, `route_pattern`, `target_type`, `target_name`, and `target_file`.
 
 ### GitHub Actions OIDC deploys
 

package/lib/ai.mjs

@@ -151,7 +151,7 @@ async function translate(args) {
 
   try {
     const data = await getSdk().ai.translate(projectId, { text, to, from: from ?? undefined, context: context ?? undefined });
-    console.log(JSON.stringify({ status: "ok", text: data.text, from: data.from, to: data.to }));
+    console.log(JSON.stringify({ text: data.text, from: data.from, to: data.to }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -194,7 +194,7 @@ async function moderate(args) {
 
   try {
     const data = await getSdk().ai.moderate(projectId, text);
-    console.log(JSON.stringify({ status: "ok", flagged: data.flagged, categories: data.categories, category_scores: data.category_scores }));
+    console.log(JSON.stringify({ flagged: data.flagged, categories: data.categories, category_scores: data.category_scores }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -216,7 +216,7 @@ async function usage(args) {
 
   try {
     const data = await getSdk().ai.usage(projectId);
-    console.log(JSON.stringify({ status: "ok", ...data }));
+    console.log(JSON.stringify(data));
   } catch (err) {
     reportSdkError(err);
   }

package/lib/allowance.mjs

@@ -82,23 +82,24 @@ async function status() {
   try {
     const data = await getSdk().allowance.status();
     if (!data.configured) {
-      console.log(JSON.stringify({ status: "no_wallet", message: "No agent allowance found. Run: run402 allowance create" }));
-      process.exit(1);
+      console.log(JSON.stringify({ wallet: null, hint: "Run: run402 allowance create" }));
+      return;
     }
     // Preserve CLI's rail field (SDK doesn't surface it; read from local allowance).
     const w = readAllowance();
     console.log(JSON.stringify({
-      status: "ok",
-      address: data.address,
-      created: data.created,
-      configured: data.configured,
-      // GH-109: `funded` used to leak an on-disk marker that only tracks
-      // faucet invocation, not actual pay-readiness. Renamed to `faucet_used`
-      // to match its real semantics. For a true "can this account pay right
-      // now" check, use `run402 allowance balance`.
-      faucet_used: !!data.faucet_used,
-      rail: w?.rail || "x402",
-      path: data.path ?? ALLOWANCE_FILE,
+      wallet: {
+        address: data.address,
+        created: data.created,
+        configured: data.configured,
+        // GH-109: `funded` used to leak an on-disk marker that only tracks
+        // faucet invocation, not actual pay-readiness. Renamed to `faucet_used`
+        // to match its real semantics. For a true "can this account pay right
+        // now" check, use `run402 allowance balance`.
+        faucet_used: !!data.faucet_used,
+        rail: w?.rail || "x402",
+        path: data.path ?? ALLOWANCE_FILE,
+      },
     }));
   } catch (err) {
     reportSdkError(err);
@@ -109,9 +110,9 @@ async function create() {
   try {
     const result = await getSdk().allowance.create();
     console.log(JSON.stringify({
-      status: "ok",
       address: result.address,
-      message: `Agent allowance created. Stored locally at ${result.path ?? ALLOWANCE_FILE}`,
+      path: result.path ?? ALLOWANCE_FILE,
+      created: true,
     }));
   } catch (err) {
     const msg = (err instanceof Error) ? err.message : String(err);
@@ -199,7 +200,7 @@ async function fund() {
   }
 
   saveAllowance({ ...w, funded: true, lastFaucet: new Date().toISOString() });
-  console.log(JSON.stringify({ status: "ok", message: "Faucet request sent but balance not yet confirmed", ...data }));
+  console.log(JSON.stringify({ ...data, balance_confirmed: false, hint: "Faucet request sent but on-chain balance not yet confirmed" }));
 }
 
 async function readUsdcBalance(client, usdc, address) {

package/lib/apps.mjs

@@ -276,7 +276,7 @@ async function update(projectId, versionId, args) {
   if (parsedArgs.includes("--no-fork")) opts.fork_allowed = false;
   try {
     await getSdk().apps.updateVersion(positionals[0], positionals[1], opts);
-    console.log(JSON.stringify({ status: "ok", project_id: positionals[0], version_id: positionals[1] }));
+    console.log(JSON.stringify({ project_id: positionals[0], version_id: positionals[1], updated: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -294,7 +294,7 @@ async function deleteVersion(projectId, versionId, args = []) {
   }
   try {
     await getSdk().apps.deleteVersion(positionals[0], positionals[1]);
-    console.log(JSON.stringify({ status: "ok", message: `Version ${positionals[1]} deleted.` }));
+    console.log(JSON.stringify({ project_id: positionals[0], version_id: positionals[1], deleted: true }));
   } catch (err) {
     reportSdkError(err);
   }

package/lib/assets.mjs

@@ -505,7 +505,7 @@ async function get(projectId, argv) {
 
   mkdirSync(dirname(resolvePath(opts.output)), { recursive: true });
   await pipeline(res.body, createWriteStream(opts.output));
-  console.log(JSON.stringify({ status: "ok", key, output: opts.output }));
+  console.log(JSON.stringify({ key, project_id: resolvedId, output: opts.output }));
 }
 
 // ---------------------------------------------------------------------------
@@ -548,7 +548,7 @@ async function rm(projectId, argv) {
 
   try {
     await getSdk().assets.rm(resolvedId, key);
-    console.log(JSON.stringify({ status: "ok", key }));
+    console.log(JSON.stringify({ key, project_id: resolvedId, deleted: true }));
   } catch (err) {
     reportSdkError(err);
   }

package/lib/auth.mjs

@@ -351,7 +351,7 @@ async function magicLink(args) {
       intent: intent ?? undefined,
       clientState: state ?? undefined,
     });
-    console.log(JSON.stringify({ status: "ok", email, redirect_url: redirect, intent: intent || "signin" }));
+    console.log(JSON.stringify({ email, redirect_url: redirect, intent: intent || "signin", sent: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -380,7 +380,7 @@ async function createUser(args) {
       redirectUrl: redirectUrl ?? undefined,
       clientState: clientState ?? undefined,
     });
-    console.log(JSON.stringify({ status: "ok", ...data }));
+    console.log(JSON.stringify(data));
   } catch (err) {
     reportSdkError(err);
   }
@@ -407,7 +407,7 @@ async function inviteUser(args) {
       isAdmin,
       clientState: clientState ?? undefined,
     });
-    console.log(JSON.stringify({ status: "ok", ...data }));
+    console.log(JSON.stringify(data));
   } catch (err) {
     reportSdkError(err);
   }
@@ -423,7 +423,7 @@ async function verify(args) {
 
   try {
     const data = await getSdk().auth.verifyMagicLink(projectId, token);
-    console.log(JSON.stringify({ status: "ok", ...data }));
+    console.log(JSON.stringify(data));
   } catch (err) {
     reportSdkError(err);
   }
@@ -448,7 +448,7 @@ async function setPassword(args) {
       newPassword,
       currentPassword: currentPassword ?? undefined,
     });
-    console.log(JSON.stringify({ status: "ok" }));
+    console.log(JSON.stringify({ project_id: projectId, password_set: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -496,7 +496,7 @@ async function settings(args) {
       require_passkey_for_project_admin: requireAdminPasskey,
     };
     const data = await getSdk().auth.settings(projectId, patch);
-    console.log(JSON.stringify({ status: "ok", ...patch, ...data }));
+    console.log(JSON.stringify({ ...patch, ...data }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -534,7 +534,7 @@ async function passkeyRegisterVerify(args) {
       response,
       label: label ?? undefined,
     });
-    console.log(JSON.stringify({ status: "ok", ...data }));
+    console.log(JSON.stringify(data));
   } catch (err) {
     reportSdkError(err);
   }
@@ -566,7 +566,7 @@ async function passkeyLoginVerify(args) {
       challengeId,
       response,
     });
-    console.log(JSON.stringify({ status: "ok", ...data }));
+    console.log(JSON.stringify(data));
   } catch (err) {
     reportSdkError(err);
   }
@@ -595,7 +595,7 @@ async function deletePasskey(args) {
       accessToken,
       passkeyId,
     });
-    console.log(JSON.stringify({ status: "ok", passkey_id: passkeyId }));
+    console.log(JSON.stringify({ passkey_id: passkeyId, deleted: true }));
   } catch (err) {
     reportSdkError(err);
   }

package/lib/billing.mjs

@@ -275,7 +275,7 @@ async function autoRecharge(args) {
       enabled: state === "on",
       threshold,
     });
-    console.log(JSON.stringify({ status: "ok", billing_account_id: accountId, enabled: state === "on" }));
+    console.log(JSON.stringify({ billing_account_id: accountId, enabled: state === "on", updated: true }));
   } catch (err) {
     reportSdkError(err);
   }

package/lib/ci.mjs

@@ -346,7 +346,6 @@ async function linkGithub(args) {
     mkdirSync(dirname(absWorkflowPath), { recursive: true });
     writeFileSync(absWorkflowPath, workflow, { encoding: "utf8", mode: 0o644 });
     console.log(JSON.stringify({
-      status: "ok",
       binding_id: binding.id,
       project_id: projectId,
       provider: CI_GITHUB_ACTIONS_PROVIDER,
@@ -383,7 +382,7 @@ async function list(args) {
   const project = resolveProjectId(flags.project);
   try {
     const result = await getSdk({ disablePaidFetch: true }).ci.listBindings({ project });
-    console.log(JSON.stringify({ status: "ok", project_id: project, ...result }, null, 2));
+    console.log(JSON.stringify({ project_id: project, ...result }, null, 2));
   } catch (err) {
     reportSdkError(err);
   }
@@ -401,8 +400,8 @@ async function revoke(args) {
   try {
     const binding = await getSdk({ disablePaidFetch: true }).ci.revokeBinding(bindingId);
     console.log(JSON.stringify({
-      status: "ok",
       binding,
+      revoked: true,
       revocation_residuals: [
         "Revocation stops future CI gateway requests.",
         "Revocation does not undo already-deployed code, stop in-flight deploy operations, rotate exfiltrated keys, or remove deployed functions.",
@@ -435,7 +434,7 @@ async function setAssetScopes(args) {
       bindingId,
       scopes,
     );
-    console.log(JSON.stringify({ status: "ok", binding }, null, 2));
+    console.log(JSON.stringify({ binding }, null, 2));
   } catch (err) {
     reportSdkError(err);
   }

package/lib/contracts.mjs

@@ -266,7 +266,7 @@ async function setRecovery(projectId, walletId, args) {
   if (address) validateEvmAddress(address, "--address");
   try {
     await getSdk().contracts.setRecovery(projectId, walletId, clear ? null : address);
-    console.log(JSON.stringify({ status: "ok", wallet_id: walletId, recovery_address: clear ? null : address }));
+    console.log(JSON.stringify({ wallet_id: walletId, recovery_address: clear ? null : address, updated: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -287,7 +287,7 @@ async function setAlert(projectId, walletId, args) {
   validateWeiFlag("--threshold-wei", threshold);
   try {
     await getSdk().contracts.setLowBalanceAlert(projectId, walletId, threshold);
-    console.log(JSON.stringify({ status: "ok", wallet_id: walletId, threshold_wei: threshold }));
+    console.log(JSON.stringify({ wallet_id: walletId, threshold_wei: threshold, updated: true }));
   } catch (err) {
     reportSdkError(err);
   }

package/lib/deploy-v2.mjs

@@ -255,7 +255,7 @@ Options:
   --method <method>       HTTP method to diagnose (default: GET)
 
 Do not combine --url with --host or --path. Successful diagnostic misses still
-exit 0 with status: "ok"; inspect would_serve and diagnostic_status.
+exit 0; inspect would_serve and diagnostic_status in the result payload.
 `;
 
 export async function runDeployV2(sub, args) {
@@ -509,7 +509,7 @@ async function applyCmd(args) {
       allowWarnings: opts.allowWarnings,
       allowWarningCodes: opts.allowWarningCodes,
     });
-    console.log(JSON.stringify({ status: "ok", ...result }, null, 2));
+    console.log(JSON.stringify(result, null, 2));
   } catch (err) {
     reportDeployApplyError(err, useGithubActionsOidc);
   }
@@ -832,7 +832,7 @@ async function resumeCmd(args) {
     const result = await getSdk()._applyEngine.resume(opts.operationId, {
       onEvent: makeStderrEventWriter(opts.quiet),
     });
-    console.log(JSON.stringify({ status: "ok", ...result }, null, 2));
+    console.log(JSON.stringify(result, null, 2));
   } catch (err) {
     reportSdkError(err);
   }
@@ -860,7 +860,7 @@ async function listCmd(args) {
     const sdkOpts = { project };
     if (opts.limit !== null) sdkOpts.limit = opts.limit;
     const result = await getSdk()._applyEngine.list(sdkOpts);
-    console.log(JSON.stringify({ status: "ok", ...result }, null, 2));
+    console.log(JSON.stringify(result, null, 2));
   } catch (err) {
     reportSdkError(err);
   }
@@ -885,7 +885,7 @@ async function eventsCmd(args) {
 
   try {
     const result = await getSdk()._applyEngine.events(opts.operationId, { project });
-    console.log(JSON.stringify({ status: "ok", ...result }, null, 2));
+    console.log(JSON.stringify(result, null, 2));
   } catch (err) {
     reportSdkError(err);
   }
@@ -933,7 +933,7 @@ async function releaseGetCmd(args) {
     const sdkOpts = { project, releaseId: opts.releaseId };
     if (opts.siteLimit !== null) sdkOpts.siteLimit = opts.siteLimit;
     const release = await getSdk()._applyEngine.getRelease(sdkOpts);
-    console.log(JSON.stringify({ status: "ok", release }, null, 2));
+    console.log(JSON.stringify({ release }, null, 2));
   } catch (err) {
     reportSdkError(err);
   }
@@ -962,7 +962,7 @@ async function releaseActiveCmd(args) {
     const sdkOpts = { project };
     if (opts.siteLimit !== null) sdkOpts.siteLimit = opts.siteLimit;
     const release = await getSdk()._applyEngine.getActiveRelease(sdkOpts);
-    console.log(JSON.stringify({ status: "ok", release }, null, 2));
+    console.log(JSON.stringify({ release }, null, 2));
   } catch (err) {
     reportSdkError(err);
   }
@@ -1005,7 +1005,7 @@ async function releaseDiffCmd(args) {
     const sdkOpts = { project, from: opts.from, to: opts.to };
     if (opts.limit !== null) sdkOpts.limit = opts.limit;
     const diff = await getSdk()._applyEngine.diff(sdkOpts);
-    console.log(JSON.stringify({ status: "ok", diff }, null, 2));
+    console.log(JSON.stringify({ diff }, null, 2));
   } catch (err) {
     reportSdkError(err);
   }
@@ -1106,7 +1106,6 @@ async function printResolveEnvelope(input) {
     const resolution = await getSdk()._applyEngine.resolve(input);
     const summary = buildDeployResolveSummary(resolution, request);
     console.log(JSON.stringify({
-      status: "ok",
       would_serve: summary.would_serve,
       diagnostic_status: summary.diagnostic_status,
       match: summary.match,

package/lib/domains.mjs

@@ -193,7 +193,7 @@ async function deleteDomain(args) {
   const projectId = resolveProjectId(project);
   try {
     await getSdk().domains.remove(domain, { projectId });
-    console.log(JSON.stringify({ status: "ok", message: `Domain '${domain}' released.` }));
+    console.log(JSON.stringify({ domain, project_id: projectId, released: true }));
   } catch (err) {
     reportSdkError(err);
   }

package/lib/email.mjs

@@ -222,7 +222,7 @@ async function create(args) {
 
   try {
     const data = await getSdk().email.createMailbox(projectId, slug);
-    console.log(JSON.stringify({ status: "ok", mailbox_id: data.mailbox_id, address: data.address, slug: data.slug }));
+    console.log(JSON.stringify({ mailbox_id: data.mailbox_id, address: data.address, slug: data.slug, created: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -254,7 +254,7 @@ async function send(args) {
       text: text ?? undefined,
       from_name: fromName ?? undefined,
     });
-    console.log(JSON.stringify({ status: "ok", message_id: data.message_id, to: data.to, template: data.template, subject: data.subject }));
+    console.log(JSON.stringify({ message_id: data.message_id, to: data.to, template: data.template, subject: data.subject, sent: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -317,7 +317,7 @@ async function getRaw(args) {
     if (outputFile) {
       const { writeFileSync } = await import("node:fs");
       writeFileSync(outputFile, buf);
-      console.log(JSON.stringify({ status: "ok", message_id: messageId, bytes: buf.length, output: outputFile }));
+      console.log(JSON.stringify({ message_id: messageId, bytes: buf.length, output: outputFile }));
     } else {
       process.stdout.write(buf);
     }
@@ -375,7 +375,7 @@ async function reply(args) {
       from_name: fromName ?? undefined,
       in_reply_to: messageId,
     });
-    console.log(JSON.stringify({ status: "ok", message_id: data.message_id, to: data.to, subject: replySubject, in_reply_to: messageId }));
+    console.log(JSON.stringify({ message_id: data.message_id, to: data.to, subject: replySubject, in_reply_to: messageId, sent: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -396,7 +396,7 @@ async function deleteMailbox(args) {
 
   try {
     const data = await getSdk().email.deleteMailbox(projectId, positional ?? undefined);
-    console.log(JSON.stringify({ status: "ok", mailbox_id: data.mailbox_id, address: data.address, deleted: true }));
+    console.log(JSON.stringify({ mailbox_id: data.mailbox_id, address: data.address, deleted: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -407,7 +407,7 @@ async function status(args) {
   const projectId = resolveProjectId(strictFlagValue(args, "--project"));
   try {
     const mb = await getSdk().email.getMailbox(projectId);
-    console.log(JSON.stringify({ status: "ok", mailbox_id: mb.mailbox_id, address: mb.address, slug: mb.slug }));
+    console.log(JSON.stringify({ mailbox_id: mb.mailbox_id, address: mb.address, slug: mb.slug }));
   } catch (err) {
     reportSdkError(err);
   }

package/lib/functions.mjs

@@ -411,7 +411,7 @@ async function deleteFunction(projectId, name, args = []) {
   assertNoExtraPositionals(args, "run402 functions delete <project_id> <name>");
   try {
     await getSdk().functions.delete(projectId, name);
-    console.log(JSON.stringify({ status: "ok", message: `Function '${name}' deleted.` }));
+    console.log(JSON.stringify({ name, project_id: projectId, deleted: true }));
   } catch (err) {
     reportSdkError(err);
   }

package/lib/image.mjs

@@ -103,9 +103,9 @@ export async function run(sub, args) {
     if (opts.output) {
       const buf = Buffer.from(data.image, "base64");
       writeFileSync(opts.output, buf);
-      console.log(JSON.stringify({ status: "ok", file: opts.output, size: buf.length, aspect: data.aspect }));
+      console.log(JSON.stringify({ file: opts.output, size: buf.length, aspect: data.aspect }));
     } else {
-      console.log(JSON.stringify({ status: "ok", aspect: data.aspect, content_type: data.content_type, image: data.image }));
+      console.log(JSON.stringify({ aspect: data.aspect, content_type: data.content_type, image: data.image }));
     }
   } catch (err) {
     reportSdkError(err);

package/lib/init-astro.mjs

@@ -250,9 +250,9 @@ export const POST: APIRoute = async ({ request }) => {
     console.log(
       JSON.stringify(
         {
-          status: "ok",
           dir: targetDir,
           files_created: files.map((f) => f.path),
+          created: true,
           next_steps: [
             `cd ${positionals[0] ?? "."}`,
             "npm install",

package/lib/init.mjs

@@ -1,5 +1,6 @@
 import { readAllowance, saveAllowance, loadKeyStore, CONFIG_DIR } from "./config.mjs";
 import { getSdk } from "./sdk.mjs";
+import { fail } from "./sdk-errors.mjs";
 import { mkdirSync } from "fs";
 
 const USDC_ABI = [{ name: "balanceOf", type: "function", stateMutability: "view", inputs: [{ name: "account", type: "address" }], outputs: [{ name: "", type: "uint256" }] }];
@@ -67,13 +68,11 @@ export async function run(args = []) {
 
   const existingAllowance = readAllowance();
   if (existingAllowance?.rail && existingAllowance.rail !== requestedRail && !switchRailConfirmed) {
-    console.error(JSON.stringify({
-      status: "error",
+    fail({
       code: "RAIL_SWITCH_REQUIRES_CONFIRM",
       message: `Already on rail '${existingAllowance.rail}'. Pass --switch-rail to switch to '${requestedRail}'.`,
       details: { current_rail: existingAllowance.rail, requested_rail: requestedRail },
-    }));
-    process.exit(1);
+    });
   }
 
   // In --json mode, human-readable lines go to stderr so stdout stays clean for

package/lib/message.mjs

@@ -69,9 +69,8 @@ async function send(text) {
   try {
     await getSdk().admin.sendMessage(text);
     console.log(JSON.stringify({
-      status: "ok",
-      message: "Message sent to Run402 developers.",
       bytes_sent: bytes,
+      sent: true,
     }));
   } catch (err) {
     reportSdkError(err);

package/lib/projects.mjs

@@ -346,7 +346,7 @@ async function validateExpose(args = []) {
       ...(project ? { project } : {}),
       ...(migration !== null && migration !== undefined ? { migrationSql: migration } : {}),
     });
-    console.log(JSON.stringify({ status: "ok", ...data }, null, 2));
+    console.log(JSON.stringify(data, null, 2));
   } catch (err) {
     reportSdkError(err);
   }
@@ -364,7 +364,7 @@ async function getExpose(projectId) {
 async function list() {
   const store = loadKeyStore();
   const entries = Object.entries(store.projects);
-  if (entries.length === 0) { console.log(JSON.stringify({ status: "ok", projects: [], message: "No projects yet." })); return; }
+  if (entries.length === 0) { console.log(JSON.stringify([])); return; }
   const activeId = store.active_project_id;
   console.log(JSON.stringify(entries.map(([id, p]) => ({ project_id: id, active: id === activeId, site_url: p.site_url })), null, 2));
 }
@@ -500,7 +500,7 @@ async function use(projectId) {
   }
   try {
     await getSdk().projects.use(projectId);
-    console.log(JSON.stringify({ status: "ok", active_project_id: projectId }));
+    console.log(JSON.stringify({ active_project_id: projectId, set: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -532,7 +532,7 @@ async function promoteUser(projectId, email) {
   }
   try {
     await getSdk().projects.promoteUser(projectId, email);
-    console.log(JSON.stringify({ status: "ok", email }));
+    console.log(JSON.stringify({ project_id: projectId, email, promoted: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -548,7 +548,7 @@ async function demoteUser(projectId, email) {
   }
   try {
     await getSdk().projects.demoteUser(projectId, email);
-    console.log(JSON.stringify({ status: "ok", email }));
+    console.log(JSON.stringify({ project_id: projectId, email, demoted: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -557,17 +557,15 @@ async function demoteUser(projectId, email) {
 async function deleteProject(projectId, args = []) {
   const confirmed = Array.isArray(args) && args.includes("--confirm");
   if (!confirmed) {
-    console.error(JSON.stringify({
-      status: "error",
+    fail({
       code: "CONFIRMATION_REQUIRED",
       message: `Destructive: deleting project ${projectId} drops all DB schemas, functions, subdomains, mailbox, blobs, and secrets. This is irreversible. Re-run with --confirm to proceed.`,
       details: { project_id: projectId, destroys: ["schemas", "functions", "subdomains", "mailbox", "blobs", "secrets"] },
-    }));
-    process.exit(1);
+    });
   }
   try {
     await getSdk().projects.delete(projectId);
-    console.log(JSON.stringify({ status: "ok", message: `Project ${projectId} deleted.` }));
+    console.log(JSON.stringify({ project_id: projectId, deleted: true }));
   } catch (err) {
     reportSdkError(err);
   }

package/lib/secrets.mjs

@@ -129,7 +129,7 @@ async function set(projectId, key, args = []) {
   }
   try {
     await getSdk().secrets.set(projectId, key, val);
-    console.log(JSON.stringify({ status: "ok", message: `Secret '${key}' set for project ${projectId}.` }));
+    console.log(JSON.stringify({ key, project_id: projectId, set: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -200,7 +200,7 @@ async function deleteSecret(projectId, key, args = []) {
   }
   try {
     await getSdk().secrets.delete(projectId, key);
-    console.log(JSON.stringify({ status: "ok", message: `Secret '${key}' deleted.` }));
+    console.log(JSON.stringify({ key, project_id: projectId, deleted: true }));
   } catch (err) {
     reportSdkError(err);
   }

package/lib/sender-domain.mjs

@@ -160,7 +160,7 @@ async function remove(args) {
   const projectId = resolveProjectId(parseFlag(args, "--project"));
   try {
     await getSdk().senderDomain.remove(projectId);
-    console.log(JSON.stringify({ status: "ok" }));
+    console.log(JSON.stringify({ project_id: projectId, removed: true }));
   } catch (err) {
     reportSdkError(err);
   }
@@ -192,7 +192,7 @@ async function inboundToggle(action, args) {
       console.log(JSON.stringify(data, null, 2));
     } else {
       await getSdk().senderDomain.disableInbound(projectId, domain);
-      console.log(JSON.stringify({ status: "ok", domain }));
+      console.log(JSON.stringify({ project_id: projectId, domain, inbound_enabled: false }));
     }
   } catch (err) {
     reportSdkError(err);

package/lib/sites.mjs

@@ -207,11 +207,10 @@ async function deploy(args) {
   for (let i = 0; i < parsedArgs.length; i++) {
     if (parsedArgs[i] === "--help" || parsedArgs[i] === "-h") { console.log(HELP); process.exit(0); }
     if (parsedArgs[i] === "--inherit") {
-      console.error(JSON.stringify({
-        status: "error",
+      fail({
+        code: "BAD_FLAG",
         message: "--inherit is removed; the SDK now uploads only changed files automatically.",
-      }));
-      process.exit(1);
+      });
     }
   }
   if (opts.target !== undefined) failUnsupportedTarget();
@@ -304,8 +303,7 @@ async function deployDir(args) {
     !opts.confirmPrune &&
     !opts.dryRun
   ) {
-    console.error(JSON.stringify({
-      status: "error",
+    fail({
       code: "PRUNE_CONFIRMATION_REQUIRED",
       message:
         `sites deploy-dir would replace the entire site with ${fileCount} ` +
@@ -317,8 +315,7 @@ async function deployDir(args) {
         threshold: SMALL_DIR_THRESHOLD,
         dir: opts.dir,
       },
-    }));
-    process.exit(1);
+    });
   }
 
   if (opts.dryRun) {
@@ -328,7 +325,6 @@ async function deployDir(args) {
         site: { replace: fileSet },
       }, { dryRun: true });
       console.log(JSON.stringify({
-        status: "ok",
         dry_run: true,
         local_file_count: fileCount,
         plan_id: plan.plan_id,
@@ -355,7 +351,7 @@ async function deployDir(args) {
     if (data.deployment_id) {
       updateProject(projectId, { last_deployment_id: data.deployment_id });
     }
-    console.log(JSON.stringify({ status: "ok", ...data }, null, 2));
+    console.log(JSON.stringify(data, null, 2));
   } catch (err) {
     reportSdkError(err);
   }