npm - shiva-code - Versions diffs - 0.7.3 → 0.7.5 - Mend

shiva-code 0.7.3 → 0.7.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/dist/index.js CHANGED Viewed

@@ -2,7 +2,7 @@
 import {
   hookCommand,
   packageScanner
-} from "./chunk-UAP4ZKEJ.js";
+} from "./chunk-RQ75X32M.js";
 import {
   copyToClipboard,
   getClipboardInstallInstructions,
@@ -17,7 +17,7 @@ import {
   getPackageLaunchConfig,
   getPackageStats,
   removeProjectFromPackage
-} from "./chunk-LBTCSQAX.js";
+} from "./chunk-KUA6TMQJ.js";
 import {
   deviceTrustService,
   displayBackupCodes,
@@ -26,14 +26,15 @@ import {
   loginCommand,
   logout,
   twoFactorService
-} from "./chunk-UZKDLLPA.js";
+} from "./chunk-KW3LP3K3.js";
 import {
   colors,
   log
 } from "./chunk-Z6NXFC4Q.js";
 import {
-  api
-} from "./chunk-QQZRCJZK.js";
+  api,
+  enableDebug
+} from "./chunk-J5IS642F.js";
 import {
   CONFIG_PATH,
   clearAuth,
@@ -42,6 +43,7 @@ import {
   getClaudeLaunchArgs,
   getClaudeSkipPermissions,
   getConfig,
+  getConfigPath,
   getDefaultTerminal,
   getExtendedConfig,
   getToken,
@@ -93,6 +95,7 @@ import {
   updateTimeControl
 } from "./chunk-PMA6MGQW.js";
 import {
+  containsShellMetacharacters,
   encodeProjectPath,
   findProject,
   findProjectForCurrentDir,
@@ -114,7 +117,7 @@ import {
   maskSecret,
   sanitizeForLog,
   saveRecoveredContext
-} from "./chunk-H5OFO4VS.js";
+} from "./chunk-W3DKHCXB.js";
 import {
   cache
 } from "./chunk-HIQO2DBA.js";
@@ -123,7 +126,7 @@ import {
 } from "./chunk-3RG5ZIWI.js";
 // src/index.ts
-import { Command as Command38 } from "commander";
+import { Command as Command39 } from "commander";
 import * as readline from "readline";
 // src/services/onboarding/welcome.ts
@@ -261,7 +264,7 @@ async function promptLogin() {
     log.newline();
     log.info("\xD6ffne Browser f\xFCr Anmeldung...");
     log.newline();
-    const { loginCommand: loginCommand2 } = await import("./login-ZEKMSKVH.js");
+    const { loginCommand: loginCommand2 } = await import("./login-Y6EJABSP.js");
     await loginCommand2.parseAsync(["login"], { from: "user" });
     return isAuthenticated();
   }
@@ -333,7 +336,7 @@ async function promptHooks() {
   if (installHooks) {
     log.newline();
     log.info("Installiere Hooks...");
-    const { hookCommand: hookCommand2 } = await import("./hook-SZAVQGEA.js");
+    const { hookCommand: hookCommand2 } = await import("./hook-GIK5RFRC.js");
     await hookCommand2.parseAsync(["hook", "install", "--all"], { from: "user" });
     onboardingStore.set("hooksInstalled", true);
     return true;
@@ -388,6 +391,86 @@ function getStartupStatus() {
   };
 }
+// src/utils/fuzzy.ts
+function levenshtein(a, b) {
+  const matrix = [];
+  for (let i = 0; i <= b.length; i++) {
+    matrix[i] = [i];
+  }
+  for (let j = 0; j <= a.length; j++) {
+    matrix[0][j] = j;
+  }
+  for (let i = 1; i <= b.length; i++) {
+    for (let j = 1; j <= a.length; j++) {
+      if (b[i - 1] === a[j - 1]) {
+        matrix[i][j] = matrix[i - 1][j - 1];
+      } else {
+        matrix[i][j] = Math.min(
+          matrix[i - 1][j - 1] + 1,
+          // substitution
+          matrix[i][j - 1] + 1,
+          // insertion
+          matrix[i - 1][j] + 1
+          // deletion
+        );
+      }
+    }
+  }
+  return matrix[b.length][a.length];
+}
+function findSimilarCommands(input, commands, maxDistance = 3) {
+  return commands.map((cmd) => ({
+    cmd,
+    distance: levenshtein(input.toLowerCase(), cmd.toLowerCase())
+  })).filter(({ distance }) => distance <= maxDistance).sort((a, b) => a.distance - b.distance).slice(0, 3).map(({ cmd }) => cmd);
+}
+// src/commands/aliases.ts
+var COMMAND_ALIASES = {
+  // Session management
+  sessions: ["ss", "sess"],
+  resume: ["res"],
+  restore: ["rst"],
+  start: ["st"],
+  // Memory commands
+  remember: ["rem", "r"],
+  search: ["s", "find", "f"],
+  forget: ["fg"],
+  // Project commands
+  init: ["i"],
+  sync: ["sy"],
+  status: ["stat"],
+  projects: ["proj", "p"],
+  config: ["cfg", "conf"],
+  // GitHub commands
+  github: ["gh"],
+  issues: ["iss"],
+  prs: ["pr"],
+  // Security
+  secrets: ["sec"],
+  scan: ["sc"],
+  // Advanced
+  package: ["pkg"],
+  docker: ["dk"],
+  sandbox: ["sb"],
+  workflow: ["wf"],
+  hook: ["hk"],
+  // System
+  doctor: ["doc", "dr"],
+  stats: ["analytics"],
+  upgrade: ["up"],
+  user: ["u"]
+};
+var aliasToCommand = /* @__PURE__ */ new Map();
+for (const [command, aliases] of Object.entries(COMMAND_ALIASES)) {
+  for (const alias of aliases) {
+    aliasToCommand.set(alias, command);
+  }
+}
+function getCommandFromAlias(alias) {
+  return aliasToCommand.get(alias.toLowerCase()) || null;
+}
 // src/commands/auth/logout.ts
 import { Command } from "commander";
 var logoutCommand = new Command("logout").description("Abmelden").action(() => {
@@ -1185,14 +1268,49 @@ import { resolve as resolve4 } from "path";
 import ora2 from "ora";
 // src/utils/errors.ts
+var ERROR_SUGGESTIONS = {
+  // Network errors
+  ENOTFOUND: "Netzwerkfehler. Pr\xFCfe deine Internetverbindung.",
+  ECONNREFUSED: "Server nicht erreichbar. Versuche es sp\xE4ter erneut.",
+  ETIMEDOUT: "Anfrage Timeout. Server antwortet nicht.",
+  ECONNRESET: "Verbindung abgebrochen. Versuche es erneut.",
+  CERT_HAS_EXPIRED: "SSL-Zertifikat abgelaufen. Pr\xFCfe die Systemzeit.",
+  // HTTP errors
+  "401": "Nicht autorisiert. Versuche: shiva login",
+  "403": "Zugriff verweigert. Pr\xFCfe deine Berechtigungen.",
+  "404": "Nicht gefunden. Pr\xFCfe ob die Resource existiert.",
+  "429": "Rate Limit erreicht. Warte einen Moment.",
+  "500": "Server Fehler. Versuche es sp\xE4ter erneut.",
+  "502": "Bad Gateway. Server tempor\xE4r nicht erreichbar.",
+  "503": "Service nicht verf\xFCgbar. Wartungsarbeiten m\xF6glich.",
+  "504": "Gateway Timeout. Server \xFCberlastet.",
+  // File system errors
+  ENOENT: "Datei oder Verzeichnis nicht gefunden.",
+  EACCES: "Keine Berechtigung. Pr\xFCfe die Dateirechte.",
+  EPERM: "Operation nicht erlaubt.",
+  EEXIST: "Datei oder Verzeichnis existiert bereits.",
+  ENOSPC: "Kein Speicherplatz mehr verf\xFCgbar.",
+  EMFILE: "Zu viele offene Dateien. Schlie\xDFe andere Programme."
+};
+function getErrorSuggestion(error) {
+  const errorStr = error instanceof Error ? error.message : error;
+  for (const [key, suggestion] of Object.entries(ERROR_SUGGESTIONS)) {
+    if (errorStr.includes(key)) {
+      return suggestion;
+    }
+  }
+  return null;
+}
 var ShivaError = class _ShivaError extends Error {
   code;
   suggestion;
-  constructor(code, message, suggestion) {
+  context;
+  constructor(code, message, suggestion, context) {
     super(message);
     this.name = "ShivaError";
     this.code = code;
-    this.suggestion = suggestion;
+    this.suggestion = suggestion || getErrorSuggestion(message) || void 0;
+    this.context = context;
     Object.setPrototypeOf(this, _ShivaError.prototype);
   }
   /**
@@ -1206,6 +1324,18 @@ var ShivaError = class _ShivaError extends Error {
     }
     return result;
   }
+  /**
+   * Convert to a user-friendly message
+   */
+  toUserMessage() {
+    let msg = this.message;
+    if (this.suggestion) {
+      msg += `
+${this.suggestion}`;
+    }
+    return msg;
+  }
 };
 var Errors = {
   // Authentication errors
@@ -2116,13 +2246,13 @@ claudeConfig.command("terminal").description("Standard-Terminal f\xFCr Multi-Pro
   setDefaultTerminal(type2);
   log.success(`Default Terminal: ${type2}`);
 });
-claudeConfig.command("args").description("Custom Claude Argumente verwalten").argument("[args...]", "Argumente zum Hinzuf\xFCgen").option("--clear", "Alle Custom Args entfernen").option("--list", "Aktuelle Args anzeigen").action((args, options) => {
+claudeConfig.command("args").description("Custom Claude Argumente verwalten").argument("[args...]", "Argumente zum Hinzuf\xFCgen").option("--clear", "Alle Custom Args entfernen").option("--list", "Aktuelle Args anzeigen").action((args2, options) => {
   if (options.clear) {
     setClaudeArgs([]);
     log.success("Custom Args entfernt");
     return;
   }
-  if (options.list || !args || args.length === 0) {
+  if (options.list || !args2 || args2.length === 0) {
     const current2 = getClaudeArgs();
     if (current2.length === 0) {
       log.dim("Keine Custom Args gesetzt");
@@ -2135,7 +2265,7 @@ claudeConfig.command("args").description("Custom Claude Argumente verwalten").ar
     return;
   }
   const current = getClaudeArgs();
-  const newArgs = [...current, ...args];
+  const newArgs = [...current, ...args2];
   setClaudeArgs(newArgs);
   log.success("Args hinzugef\xFCgt");
   log.keyValue("Custom Args", newArgs.join(" "));
@@ -3620,30 +3750,30 @@ var DockerService = class {
    */
   async createContainer(config) {
     const cmd = this.getCommand();
-    const args = ["create"];
+    const args2 = ["create"];
     if (config.name) {
       if (!this.isValidContainerNameInternal(config.name)) {
         throw new Error(`Invalid container name: ${sanitizeForLog(config.name)}`);
       }
-      args.push("--name", config.name);
+      args2.push("--name", config.name);
     }
     if (!isValidProjectPath(config.workdir)) {
       throw new Error(`Invalid workdir: ${sanitizeForLog(config.workdir)}`);
     }
-    args.push("--workdir", config.workdir);
+    args2.push("--workdir", config.workdir);
     for (const mount of config.mounts) {
       if (!isValidProjectPath(mount.host)) {
         log.warn(`Skipping invalid mount path: ${sanitizeForLog(mount.host)}`);
         continue;
       }
-      args.push("-v", `${mount.host}:${mount.container}:${mount.mode}`);
+      args2.push("-v", `${mount.host}:${mount.container}:${mount.mode}`);
     }
     for (const [key, value] of Object.entries(config.env)) {
       if (!/^[A-Z_][A-Z0-9_]*$/i.test(key)) {
         log.warn(`Skipping invalid env var name: ${sanitizeForLog(key)}`);
         continue;
       }
-      args.push("-e", `${key}=${value}`);
+      args2.push("-e", `${key}=${value}`);
     }
     if (config.ports) {
       for (const [host, container] of Object.entries(config.ports)) {
@@ -3651,21 +3781,21 @@ var DockerService = class {
           log.warn(`Skipping invalid port mapping: ${host}:${container}`);
           continue;
         }
-        args.push("-p", `${host}:${container}`);
+        args2.push("-p", `${host}:${container}`);
       }
     }
     if (config.interactive) {
-      args.push("-it");
+      args2.push("-it");
     }
     if (config.autoRemove) {
-      args.push("--rm");
+      args2.push("--rm");
     }
     if (!this.isValidImage(config.image)) {
       throw new Error(`Invalid image: ${sanitizeForLog(config.image)}`);
     }
-    args.push(config.image);
+    args2.push(config.image);
     try {
-      const result = spawnSync(cmd, args, {
+      const result = spawnSync(cmd, args2, {
         encoding: "utf8",
         stdio: ["pipe", "pipe", "pipe"]
       });
@@ -3746,13 +3876,13 @@ var DockerService = class {
       return "";
     }
     const cmd = this.getCommand();
-    const args = ["logs"];
+    const args2 = ["logs"];
     if (tail && tail > 0) {
-      args.push("--tail", String(tail));
+      args2.push("--tail", String(tail));
     }
-    args.push(containerId);
+    args2.push(containerId);
     try {
-      const result = spawnSync(cmd, args, {
+      const result = spawnSync(cmd, args2, {
         encoding: "utf8",
         stdio: ["pipe", "pipe", "pipe"]
       });
@@ -3796,7 +3926,7 @@ var DockerService = class {
       secrets = await api.getSecretsForInjection();
     } catch {
     }
-    const args = [
+    const args2 = [
       "run",
       "-it",
       "--rm",
@@ -3816,22 +3946,22 @@ var DockerService = class {
     ];
     for (const [host, container] of Object.entries(settings.volumeMounts || {})) {
       if (isValidProjectPath(host)) {
-        args.push("-v", `${host}:${container}:rw`);
+        args2.push("-v", `${host}:${container}:rw`);
       }
     }
     for (const [key, value] of Object.entries(settings.environment || {})) {
       if (/^[A-Z_][A-Z0-9_]*$/i.test(key)) {
-        args.push("-e", `${key}=${value}`);
+        args2.push("-e", `${key}=${value}`);
       }
     }
     for (const [key, value] of Object.entries(secrets)) {
       if (/^[A-Z_][A-Z0-9_]*$/i.test(key)) {
-        args.push("-e", `${key}=${value}`);
+        args2.push("-e", `${key}=${value}`);
       }
     }
-    args.push(image);
-    args.push("claude", ...claudeArgs);
-    const dockerProcess = spawn(cmd, args, {
+    args2.push(image);
+    args2.push("claude", ...claudeArgs);
+    const dockerProcess = spawn(cmd, args2, {
       stdio: "inherit"
     });
     return dockerProcess;
@@ -4110,7 +4240,7 @@ var DockerService = class {
       secrets = await api.getSecretsForInjection();
     } catch {
     }
-    const args = [
+    const args2 = [
       "run",
       "-it",
       "--rm",
@@ -4120,42 +4250,42 @@ var DockerService = class {
       "/workspace"
     ];
     if (effectiveConfig.network === "none") {
-      args.push("--network", "none");
+      args2.push("--network", "none");
     } else if (effectiveConfig.network === "host") {
-      args.push("--network", "host");
+      args2.push("--network", "host");
     }
     if (effectiveConfig.resources.cpuLimit && /^[\d.]+$/.test(effectiveConfig.resources.cpuLimit)) {
-      args.push("--cpus", effectiveConfig.resources.cpuLimit);
+      args2.push("--cpus", effectiveConfig.resources.cpuLimit);
     }
     if (effectiveConfig.resources.memoryLimit && /^[\d]+[kmgKMG]?$/.test(effectiveConfig.resources.memoryLimit)) {
-      args.push("--memory", effectiveConfig.resources.memoryLimit);
+      args2.push("--memory", effectiveConfig.resources.memoryLimit);
     }
     for (const opt of effectiveConfig.securityOpts) {
       if (/^[a-z:=_-]+$/i.test(opt)) {
-        args.push("--security-opt", opt);
+        args2.push("--security-opt", opt);
       }
     }
-    args.push("-v", `${launch.projectPath}:/workspace:rw`);
-    args.push("-v", `${path.join(os.homedir(), ".claude")}:/root/.claude:rw`);
-    args.push("-v", `${path.join(os.homedir(), ".config", "shiva-code")}:/root/.config/shiva-code:rw`);
+    args2.push("-v", `${launch.projectPath}:/workspace:rw`);
+    args2.push("-v", `${path.join(os.homedir(), ".claude")}:/root/.claude:rw`);
+    args2.push("-v", `${path.join(os.homedir(), ".config", "shiva-code")}:/root/.config/shiva-code:rw`);
     for (const mount of effectiveConfig.mounts) {
       if (isValidProjectPath(mount.host)) {
-        args.push("-v", `${mount.host}:${mount.container}:${mount.mode}`);
+        args2.push("-v", `${mount.host}:${mount.container}:${mount.mode}`);
       }
     }
     for (const [key, value] of Object.entries(effectiveConfig.environment)) {
       if (/^[A-Z_][A-Z0-9_]*$/i.test(key)) {
-        args.push("-e", `${key}=${value}`);
+        args2.push("-e", `${key}=${value}`);
       }
     }
     for (const [key, value] of Object.entries(secrets)) {
       if (/^[A-Z_][A-Z0-9_]*$/i.test(key)) {
-        args.push("-e", `${key}=${value}`);
+        args2.push("-e", `${key}=${value}`);
       }
     }
-    args.push(effectiveConfig.image);
-    args.push("claude", ...claudeArgs);
-    const dockerProcess = spawn(cmd, args, {
+    args2.push(effectiveConfig.image);
+    args2.push("claude", ...claudeArgs);
+    const dockerProcess = spawn(cmd, args2, {
       stdio: "inherit"
     });
     return dockerProcess;
@@ -4224,13 +4354,13 @@ function validateProject(project) {
   return { valid: true };
 }
 function buildClaudeArgs(project) {
-  const args = [];
+  const args2 = [];
   if (!project.newSession && project.sessionId) {
-    args.push("--resume", project.sessionId);
+    args2.push("--resume", project.sessionId);
   }
   const launchArgs = getClaudeLaunchArgs();
-  args.push(...launchArgs);
-  return args;
+  args2.push(...launchArgs);
+  return args2;
 }
 function sanitizeProjectName(name) {
   return name.replace(/[^a-zA-Z0-9_.-]/g, "-").substring(0, 50);
@@ -4301,7 +4431,7 @@ async function spawnInTmux(projects, sessionName) {
   }
 }
 async function spawnInGnomeTerminal(projects) {
-  const args = [];
+  const args2 = [];
   for (const project of projects) {
     const validation = validateProject(project);
     if (!validation.valid) {
@@ -4311,7 +4441,7 @@ async function spawnInGnomeTerminal(projects) {
     const claudeArgs = buildClaudeArgs(project);
     const safeName = sanitizeProjectName(project.projectName);
     const wrapperScript = `cd ${escapeShellArg(project.projectPath)} && exec claude ${claudeArgs.map(escapeShellArg).join(" ")}`;
-    args.push(
+    args2.push(
       "--tab",
       "--title",
       safeName,
@@ -4321,8 +4451,8 @@ async function spawnInGnomeTerminal(projects) {
       wrapperScript
     );
   }
-  if (args.length > 0) {
-    spawn2("gnome-terminal", args, {
+  if (args2.length > 0) {
+    spawn2("gnome-terminal", args2, {
       stdio: "ignore",
       detached: true
     }).unref();
@@ -4493,7 +4623,7 @@ Attaching to: ${sanitizeForLog(firstProject.projectName)}`);
 function buildSecureDockerArgs(project, settings, containerName) {
   const cmd = dockerService.getDockerInfo().runtime === "podman" ? "podman" : "docker";
   const homeDir = os2.homedir();
-  const args = [
+  const args2 = [
     cmd,
     "run",
     "-it",
@@ -4511,19 +4641,19 @@ function buildSecureDockerArgs(project, settings, containerName) {
   ];
   for (const [hostPath, containerPath] of Object.entries(settings.volumeMounts || {})) {
     if (isValidProjectPath(hostPath)) {
-      args.push("-v", `${hostPath}:${containerPath}:rw`);
+      args2.push("-v", `${hostPath}:${containerPath}:rw`);
     }
   }
   for (const [key, value] of Object.entries(settings.environment || {})) {
     if (/^[A-Z_][A-Z0-9_]*$/.test(key)) {
-      args.push("-e", `${key}=${value}`);
+      args2.push("-e", `${key}=${value}`);
     }
   }
-  args.push(settings.defaultImage, "claude");
+  args2.push(settings.defaultImage, "claude");
   if (project.sessionId && !project.newSession) {
-    args.push("--resume", project.sessionId);
+    args2.push("--resume", project.sessionId);
   }
-  return args;
+  return args2;
 }
 function escapeShellArg(arg) {
   return `'${arg.replace(/'/g, "'\\''")}'`;
@@ -4574,11 +4704,119 @@ function getTerminalName(terminal) {
 }
 // src/services/sandbox/sandbox.ts
-import { execSync as execSync2 } from "child_process";
 import { existsSync as existsSync8, mkdirSync, rmSync, readdirSync as readdirSync2, copyFileSync, readFileSync as readFileSync4 } from "fs";
 import { join as join4, dirname } from "path";
 import { randomUUID } from "crypto";
 import Conf3 from "conf";
+// src/utils/secure-exec.ts
+import { spawnSync as spawnSync3, spawn as spawn3 } from "child_process";
+var ALLOWED_COMMANDS = /* @__PURE__ */ new Set([
+  // Git commands
+  "git",
+  // Docker commands
+  "docker",
+  "podman",
+  // System commands
+  "which",
+  "tar",
+  "claude",
+  "gh",
+  // Terminal emulators
+  "tmux",
+  "gnome-terminal",
+  "kitty",
+  "kitten",
+  "alacritty",
+  // Clipboard tools
+  "wl-copy",
+  "xclip",
+  "xsel",
+  "pbcopy",
+  // Package managers (for version check)
+  "npm",
+  "yarn",
+  "pnpm",
+  "node"
+]);
+function isAllowedCommand(command) {
+  return ALLOWED_COMMANDS.has(command);
+}
+function validateArgs(args2) {
+  for (const arg of args2) {
+    if (arg.includes("\0")) {
+      return false;
+    }
+    if (!arg.startsWith("-") && !arg.startsWith("--")) {
+      const sanitized = arg.replace(/[a-zA-Z0-9_\-./@ ]/g, "");
+      if (sanitized.length > 0 && containsShellMetacharacters(sanitized)) {
+        return false;
+      }
+    }
+  }
+  return true;
+}
+function secureExecSync(command, args2, options = {}) {
+  if (!isAllowedCommand(command)) {
+    return {
+      success: false,
+      stdout: "",
+      stderr: `Command not allowed: ${command}`,
+      exitCode: -1
+    };
+  }
+  if (options.cwd && !isValidProjectPath(options.cwd)) {
+    return {
+      success: false,
+      stdout: "",
+      stderr: `Invalid working directory: ${options.cwd}`,
+      exitCode: -1
+    };
+  }
+  if (!validateArgs(args2)) {
+    return {
+      success: false,
+      stdout: "",
+      stderr: "Invalid arguments detected",
+      exitCode: -1
+    };
+  }
+  try {
+    const result = spawnSync3(command, args2, {
+      cwd: options.cwd,
+      timeout: options.timeout || 3e4,
+      encoding: options.encoding || "utf-8",
+      env: options.env || process.env,
+      stdio: ["pipe", "pipe", "pipe"],
+      // CRITICAL: shell: false is the default, but we explicitly set it
+      shell: false
+    });
+    return {
+      success: result.status === 0,
+      stdout: result.stdout?.toString() || "",
+      stderr: result.stderr?.toString() || "",
+      exitCode: result.status
+    };
+  } catch (error) {
+    return {
+      success: false,
+      stdout: "",
+      stderr: error instanceof Error ? error.message : "Unknown error",
+      exitCode: -1
+    };
+  }
+}
+function gitExec(args2, cwd) {
+  return secureExecSync("git", args2, { cwd });
+}
+function tarExec(args2, cwd) {
+  return secureExecSync("tar", args2, { cwd });
+}
+function containerExec(runtime, args2, cwd) {
+  return secureExecSync(runtime, args2, { cwd });
+}
+// src/services/sandbox/sandbox.ts
 var DEFAULT_SANDBOX_CONFIG = {
   enabled: false,
   defaultMode: "worktree",
@@ -4616,31 +4854,19 @@ var SandboxService = class {
    * Check if a path is a git repository
    */
   isGitRepo(path15) {
-    try {
-      execSync2("git rev-parse --git-dir", {
-        cwd: path15,
-        stdio: "pipe"
-      });
-      return true;
-    } catch {
-      return false;
-    }
+    const result = gitExec(["rev-parse", "--git-dir"], path15);
+    return result.success;
   }
   /**
    * Check if Docker is available
    */
   isDockerAvailable() {
-    try {
-      execSync2("docker info", { stdio: "pipe" });
+    const dockerResult = containerExec("docker", ["info"]);
+    if (dockerResult.success) {
       return true;
-    } catch {
-      try {
-        execSync2("podman info", { stdio: "pipe" });
-        return true;
-      } catch {
-        return false;
-      }
     }
+    const podmanResult = containerExec("podman", ["info"]);
+    return podmanResult.success;
   }
   /**
    * Detect the best sandbox mode for the current environment
@@ -4722,14 +4948,15 @@ var SandboxService = class {
     const sandboxDir = this.getSandboxDir(projectPath);
     const sandboxPath = join4(sandboxDir, `session-${sessionId}`);
     mkdirSync(dirname(sandboxPath), { recursive: true });
-    const currentRef = execSync2("git rev-parse HEAD", {
-      cwd: projectPath,
-      encoding: "utf-8"
-    }).trim();
-    execSync2(`git worktree add --detach "${sandboxPath}" ${currentRef}`, {
-      cwd: projectPath,
-      stdio: "pipe"
-    });
+    const headResult = gitExec(["rev-parse", "HEAD"], projectPath);
+    if (!headResult.success) {
+      throw new Error("Failed to get current HEAD");
+    }
+    const currentRef = headResult.stdout.trim();
+    const worktreeResult = gitExec(["worktree", "add", "--detach", sandboxPath, currentRef], projectPath);
+    if (!worktreeResult.success) {
+      throw new Error(`Failed to create worktree: ${worktreeResult.stderr}`);
+    }
     await this.copyUntrackedFiles(projectPath, sandboxPath);
     return sandboxPath;
   }
@@ -4738,10 +4965,8 @@ var SandboxService = class {
    */
   async copyUntrackedFiles(projectPath, sandboxPath) {
     try {
-      const untrackedOutput = execSync2("git ls-files --others --exclude-standard", {
-        cwd: projectPath,
-        encoding: "utf-8"
-      });
+      const untrackedResult = gitExec(["ls-files", "--others", "--exclude-standard"], projectPath);
+      const untrackedOutput = untrackedResult.stdout;
       const untrackedFiles = untrackedOutput.split("\n").filter((f) => f.trim().length > 0);
       for (const file of untrackedFiles) {
         const srcPath = join4(projectPath, file);
@@ -4865,22 +5090,12 @@ var SandboxService = class {
       throw new Error(`Sandbox ${sessionId} not found`);
     }
     if (session.mode === "worktree") {
-      try {
-        execSync2(`git worktree remove "${session.sandboxPath}" --force`, {
-          cwd: session.projectPath,
-          stdio: "pipe"
-        });
-      } catch {
+      const removeResult = gitExec(["worktree", "remove", session.sandboxPath, "--force"], session.projectPath);
+      if (!removeResult.success) {
         if (existsSync8(session.sandboxPath)) {
           rmSync(session.sandboxPath, { recursive: true, force: true });
         }
-        try {
-          execSync2("git worktree prune", {
-            cwd: session.projectPath,
-            stdio: "pipe"
-          });
-        } catch {
-        }
+        gitExec(["worktree", "prune"], session.projectPath);
       }
     } else {
       if (existsSync8(session.sandboxPath)) {
@@ -4904,14 +5119,10 @@ var SandboxService = class {
     }
     const changes = [];
     if (session.mode === "worktree") {
-      const diffOutput = execSync2("git diff --stat --numstat HEAD", {
-        cwd: session.sandboxPath,
-        encoding: "utf-8"
-      });
-      const untrackedOutput = execSync2("git ls-files --others --exclude-standard", {
-        cwd: session.sandboxPath,
-        encoding: "utf-8"
-      });
+      const diffResult = gitExec(["diff", "--stat", "--numstat", "HEAD"], session.sandboxPath);
+      const diffOutput = diffResult.stdout;
+      const untrackedResult = gitExec(["ls-files", "--others", "--exclude-standard"], session.sandboxPath);
+      const untrackedOutput = untrackedResult.stdout;
       const lines = diffOutput.split("\n").filter((l) => l.trim().length > 0);
       for (const line of lines) {
         const match = line.match(/^(\d+)\t(\d+)\t(.+)$/);
@@ -5107,21 +5318,17 @@ var SandboxService = class {
       throw new Error(`Sandbox ${sessionId} not found`);
     }
     if (session.mode === "worktree") {
-      try {
-        const diff = execSync2(`git diff HEAD -- "${filePath}"`, {
-          cwd: session.sandboxPath,
-          encoding: "utf-8"
-        });
-        return diff || "(no changes)";
-      } catch {
-        const sandboxFilePath2 = join4(session.sandboxPath, filePath);
-        if (existsSync8(sandboxFilePath2)) {
-          const content = readFileSync4(sandboxFilePath2, "utf-8");
-          return `+++ ${filePath} (new file)
+      const diffResult = gitExec(["diff", "HEAD", "--", filePath], session.sandboxPath);
+      if (diffResult.success && diffResult.stdout) {
+        return diffResult.stdout;
+      }
+      const sandboxFilePath2 = join4(session.sandboxPath, filePath);
+      if (existsSync8(sandboxFilePath2)) {
+        const content = readFileSync4(sandboxFilePath2, "utf-8");
+        return `+++ ${filePath} (new file)
 ${content.split("\n").map((l) => `+ ${l}`).join("\n")}`;
-        }
-        return "(file not found)";
       }
+      return "(no changes)";
     }
     const originalPath = join4(session.projectPath, filePath);
     const sandboxFilePath = join4(session.sandboxPath, filePath);
@@ -5687,7 +5894,7 @@ function generatePRReviewContext(pr, repo) {
 // src/commands/session/resume.ts
 import { Command as Command11 } from "commander";
-import { spawn as spawn3 } from "child_process";
+import { spawn as spawn4 } from "child_process";
 import inquirer3 from "inquirer";
 import ora8 from "ora";
 import * as fs2 from "fs";
@@ -5891,8 +6098,8 @@ function truncatePrompt(prompt, maxLength) {
 }
 function launchClaudeResume(projectPath, sessionId) {
   const launchArgs = getClaudeLaunchArgs();
-  const args = ["--resume", sessionId, ...launchArgs];
-  const child = spawn3("claude", args, {
+  const args2 = ["--resume", sessionId, ...launchArgs];
+  const child = spawn4("claude", args2, {
     cwd: projectPath,
     stdio: "inherit",
     shell: true
@@ -5910,7 +6117,7 @@ function launchClaudeResume(projectPath, sessionId) {
 // src/commands/session/restore.ts
 import { Command as Command12 } from "commander";
-import { spawn as spawn4 } from "child_process";
+import { spawn as spawn5 } from "child_process";
 import inquirer4 from "inquirer";
 import ora9 from "ora";
 import * as fs3 from "fs";
@@ -6043,7 +6250,7 @@ var restoreCommand = new Command12("restore").description("Context aus crashed S
           log.info("F\xFCge den Context am Anfang der neuen Session ein:");
           log.dim(`  cat "${outputPath}" | head -100`);
           log.newline();
-          const child = spawn4("claude", [], {
+          const child = spawn5("claude", [], {
             cwd: project.absolutePath,
             stdio: "inherit",
             shell: true
@@ -6223,9 +6430,9 @@ function sessionHasAnyTag(sessionId, tags) {
 // src/utils/command-wrapper.ts
 function withCommandErrorHandling(commandName, fn) {
-  return async (...args) => {
+  return async (...args2) => {
     try {
-      await fn(...args);
+      await fn(...args2);
     } catch (error) {
       const shivaError = fromError(error);
       logErrorWithSuggestion(shivaError, commandName);
@@ -6348,7 +6555,7 @@ async function checkProjectExists(path15) {
   }
 }
 sessionsCommand.command("push").description("Sessions in Cloud sichern").option("-p, --project <pfad>", "Nur Sessions eines Projekts").action(async (options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   const { getProjectConfig: getProjectConfig2 } = await import("./config-D6M6LI6U.js");
   if (!isAuthenticated2()) {
@@ -6408,7 +6615,7 @@ sessionsCommand.command("push").description("Sessions in Cloud sichern").option(
   }
 });
 sessionsCommand.command("pull").description("Sessions aus Cloud laden").option("--json", "JSON Output").action(async (options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -6455,7 +6662,7 @@ sessionsCommand.command("pull").description("Sessions aus Cloud laden").option("
   }
 });
 sessionsCommand.command("sync").description("Sessions mit Cloud synchronisieren").option("-p, --project <pfad>", "Nur Sessions eines Projekts").action(async (options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   const { getProjectConfig: getProjectConfig2 } = await import("./config-D6M6LI6U.js");
   if (!isAuthenticated2()) {
@@ -6508,7 +6715,7 @@ sessionsCommand.command("sync").description("Sessions mit Cloud synchronisieren"
   log.dim("Sessions werden automatisch mit lokalen Claude Sessions verkn\xFCpft");
 });
 sessionsCommand.command("delete <sessionId>").description("Session aus Cloud l\xF6schen").action(async (sessionId) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -6527,7 +6734,7 @@ sessionsCommand.command("delete <sessionId>").description("Session aus Cloud l\x
   }
 });
 sessionsCommand.command("active").description("Aktive Cloud-Sessions anzeigen").option("--json", "JSON Output").action(async (options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -6564,7 +6771,7 @@ sessionsCommand.command("active").description("Aktive Cloud-Sessions anzeigen").
   }
 });
 sessionsCommand.command("stats").description("Cloud-Session-Statistiken anzeigen").option("--json", "JSON Output").action(async (options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -6596,7 +6803,7 @@ sessionsCommand.command("stats").description("Cloud-Session-Statistiken anzeigen
   }
 });
 sessionsCommand.command("resume <sessionId>").description("Cloud-Session fortsetzen").action(async (sessionId) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -6620,7 +6827,7 @@ sessionsCommand.command("resume <sessionId>").description("Cloud-Session fortset
   }
 });
 sessionsCommand.command("export <sessionId>").description("Cloud-Session exportieren").option("-o, --output <file>", "Ausgabedatei").action(async (sessionId, options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   const { writeFileSync: writeFileSync11 } = await import("fs");
   if (!isAuthenticated2()) {
@@ -6644,7 +6851,7 @@ sessionsCommand.command("export <sessionId>").description("Cloud-Session exporti
   }
 });
 sessionsCommand.command("update <sessionId>").description("Cloud-Session aktualisieren").option("--summary <text>", "Session-Zusammenfassung").option("--branch <name>", "Git Branch").action(async (sessionId, options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -7124,7 +7331,7 @@ sessionCommand.command("config").description("Sandbox-Konfiguration verwalten").
 // src/commands/github/github-cmd.ts
 import { Command as Command15 } from "commander";
-import { spawn as spawn5, spawnSync as spawnSync5 } from "child_process";
+import { spawn as spawn6, spawnSync as spawnSync5 } from "child_process";
 import * as fs5 from "fs";
 import * as path5 from "path";
 import inquirer5 from "inquirer";
@@ -7203,7 +7410,7 @@ function loginWithGh() {
   log.newline();
   log.info("\xD6ffne GitHub Login...");
   log.newline();
-  const child = spawn5("gh", ["auth", "login"], {
+  const child = spawn6("gh", ["auth", "login"], {
     stdio: "inherit"
   });
   child.on("error", (error) => {
@@ -7624,13 +7831,13 @@ githubCommand.command("map").description("Aktuellen Branch mit einer Session ver
     initShivaDir(cwd);
   }
   if (!sessionId) {
-    const { findProject: findProject3 } = await import("./manager-ZPQWG7E6.js");
+    const { findProject: findProject3 } = await import("./manager-CCRAV6A5.js");
     const project = await findProject3(cwd);
     if (!project || project.sessions.length === 0) {
       log.error("Keine Sessions f\xFCr dieses Projekt gefunden");
       return;
     }
-    const { formatDate: formatDate2 } = await import("./manager-ZPQWG7E6.js");
+    const { formatDate: formatDate2 } = await import("./manager-CCRAV6A5.js");
     const choices = project.sessions.slice(0, 10).map((s) => {
       const time = formatDate2(s.modified);
       const msgs = `${s.messageCount} msgs`;
@@ -10220,7 +10427,7 @@ async function resolveSessionId(input) {
   return null;
 }
 tagsCommand.command("cloud").description("Memory-Tags aus Cloud laden").option("--json", "JSON Output").action(async (options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -10264,7 +10471,6 @@ import inquirer10 from "inquirer";
 // src/services/session/export.ts
 import * as fs9 from "fs";
 import * as path10 from "path";
-import { execSync as execSync3 } from "child_process";
 async function exportSession(sessionId, options = {}) {
   const projects = await getAllClaudeProjects();
   for (const project of projects) {
@@ -10375,11 +10581,9 @@ function createBackupArchive(outputPath, projectPaths) {
     if (includePaths.length === 0) {
       return false;
     }
-    const tarArgs = includePaths.join(" ");
-    execSync3(`tar -czf "${outputPath}" -C "${claudeDir}" ${tarArgs}`, {
-      stdio: "ignore"
-    });
-    return true;
+    const args2 = ["-czf", outputPath, "-C", claudeDir, ...includePaths];
+    const result = tarExec(args2);
+    return result.success;
   } catch {
     return false;
   }
@@ -10484,9 +10688,10 @@ function restoreFromArchive(archivePath, targetDir) {
     if (!fs9.existsSync(extractTo)) {
       fs9.mkdirSync(extractTo, { recursive: true });
     }
-    execSync3(`tar -xzf "${archivePath}" -C "${extractTo}"`, {
-      stdio: "ignore"
-    });
+    const extractResult = tarExec(["-xzf", archivePath, "-C", extractTo]);
+    if (!extractResult.success) {
+      return false;
+    }
     return true;
   } catch {
     return false;
@@ -10786,20 +10991,20 @@ var rememberCommand = new Command26("remember").description("Memory in der Cloud
 // src/commands/system/doctor.ts
 import { Command as Command27 } from "commander";
-import { execSync as execSync4 } from "child_process";
+import { execSync as execSync2 } from "child_process";
 import * as fs11 from "fs";
 import * as path12 from "path";
 import * as os5 from "os";
 function tryExec(command) {
   try {
-    return execSync4(command, { encoding: "utf-8", stdio: ["pipe", "pipe", "pipe"] }).trim();
+    return execSync2(command, { encoding: "utf-8", stdio: ["pipe", "pipe", "pipe"] }).trim();
   } catch {
     return null;
   }
 }
 function commandExists2(cmd) {
   try {
-    execSync4(`which ${cmd}`, { stdio: ["pipe", "pipe", "pipe"] });
+    execSync2(`which ${cmd}`, { stdio: ["pipe", "pipe", "pipe"] });
     return true;
   } catch {
     return false;
@@ -11113,7 +11318,7 @@ var doctorCommand = new Command27("doctor").description("System-Check f\xFCr SHI
 // src/commands/system/upgrade.ts
 import { Command as Command28 } from "commander";
-import { execSync as execSync5, spawn as spawn6 } from "child_process";
+import { execSync as execSync3, spawn as spawn7 } from "child_process";
 import * as fs12 from "fs";
 import * as path13 from "path";
 import * as os6 from "os";
@@ -11133,17 +11338,17 @@ function detectInstallationType() {
     }
   }
   try {
-    const npmGlobal = execSync5("npm list -g --depth=0 2>/dev/null", { encoding: "utf-8" });
+    const npmGlobal = execSync3("npm list -g --depth=0 2>/dev/null", { encoding: "utf-8" });
     if (npmGlobal.includes(PACKAGE_NAME)) return "npm";
   } catch {
   }
   try {
-    const yarnGlobal = execSync5("yarn global list 2>/dev/null", { encoding: "utf-8" });
+    const yarnGlobal = execSync3("yarn global list 2>/dev/null", { encoding: "utf-8" });
     if (yarnGlobal.includes(PACKAGE_NAME)) return "yarn";
   } catch {
   }
   try {
-    const pnpmGlobal = execSync5("pnpm list -g 2>/dev/null", { encoding: "utf-8" });
+    const pnpmGlobal = execSync3("pnpm list -g 2>/dev/null", { encoding: "utf-8" });
     if (pnpmGlobal.includes(PACKAGE_NAME)) return "pnpm";
   } catch {
   }
@@ -11159,7 +11364,7 @@ function getCurrentVersion() {
   } catch {
   }
   try {
-    const output = execSync5(`"${process.execPath}" --version 2>/dev/null`, { encoding: "utf-8" }).trim();
+    const output = execSync3(`"${process.execPath}" --version 2>/dev/null`, { encoding: "utf-8" }).trim();
     return output || "0.0.0";
   } catch {
     return "0.7.0";
@@ -11332,7 +11537,7 @@ del "${backupBinary}" 2>nul
 del "%~f0"
 `;
       fs12.writeFileSync(updateScript, scriptContent);
-      spawn6("cmd", ["/c", updateScript], { detached: true, stdio: "ignore" }).unref();
+      spawn7("cmd", ["/c", updateScript], { detached: true, stdio: "ignore" }).unref();
       log.success("Update wird nach Beenden angewendet");
       log.info("Bitte starte SHIVA neu.");
     } else {
@@ -11375,11 +11580,11 @@ function getUpgradeCommand(pm) {
 }
 async function runPackageManagerUpgrade(pm) {
   const command = getUpgradeCommand(pm);
-  const [cmd, ...args] = command.split(" ");
+  const [cmd, ...args2] = command.split(" ");
   return new Promise((resolve14) => {
     log.info(`F\xFChre aus: ${command}`);
     log.newline();
-    const proc = spawn6(cmd, args, {
+    const proc = spawn7(cmd, args2, {
       stdio: "inherit",
       shell: true
     });
@@ -11458,6 +11663,7 @@ var selfUpdateCommand = new Command28("self-update").description('Alias f\xFCr "
 // src/commands/system/telemetry.ts
 import { Command as Command29 } from "commander";
+import { randomUUID as randomUUID2 } from "crypto";
 import Conf4 from "conf";
 var telemetryConfig = new Conf4({
   projectName: "shiva-code",
@@ -11473,11 +11679,7 @@ var telemetryConfig = new Conf4({
   }
 });
 function generateAnonymousId() {
-  return "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g, (c) => {
-    const r = Math.random() * 16 | 0;
-    const v = c === "x" ? r : r & 3 | 8;
-    return v.toString(16);
-  });
+  return randomUUID2();
 }
 var DATA_COLLECTED = [
   'Verwendete Commands (z.B. "shiva sessions", "shiva start")',
@@ -12137,7 +12339,7 @@ function formatNumber(n) {
   return String(n);
 }
 statsCommand.command("sessions").description("Session Analytics (Pro Feature)").option("--json", "JSON Output").action(async (options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -12189,7 +12391,7 @@ statsCommand.command("sessions").description("Session Analytics (Pro Feature)").
   }
 });
 statsCommand.command("tokens").description("Token Usage Analytics (Pro Feature)").option("--json", "JSON Output").action(async (options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -12237,7 +12439,7 @@ statsCommand.command("tokens").description("Token Usage Analytics (Pro Feature)"
   }
 });
 statsCommand.command("tools").description("Tool Usage Analytics (Pro Feature)").option("--json", "JSON Output").action(async (options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -12281,7 +12483,7 @@ statsCommand.command("tools").description("Tool Usage Analytics (Pro Feature)").
   }
 });
 statsCommand.command("export").description("Analytics-Daten exportieren (Pro Feature)").option("--start <date>", "Start-Datum (YYYY-MM-DD)").option("--end <date>", "End-Datum (YYYY-MM-DD)").option("--format <format>", "Format: json, csv", "json").option("-o, --output <file>", "Ausgabedatei").action(async (options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   const { writeFileSync: writeFileSync11 } = await import("fs");
   if (!isAuthenticated2()) {
@@ -12316,7 +12518,7 @@ statsCommand.command("export").description("Analytics-Daten exportieren (Pro Fea
   }
 });
 statsCommand.command("track").description("Analytics Event tracken").argument("<type>", "Event-Typ").argument("[data]", "Event-Daten als JSON").action(async (type2, data) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -12648,10 +12850,218 @@ var welcomeCommand = new Command33("welcome").description("Onboarding erneut sta
   await runOnboarding();
 });
-// src/commands/advanced/docker.ts
+// src/commands/system/validate.ts
 import { Command as Command34 } from "commander";
+import { existsSync as existsSync22, readFileSync as readFileSync11 } from "fs";
+import { homedir as homedir7 } from "os";
+import { join as join13 } from "path";
+async function checkConfigFile() {
+  try {
+    const configPath = getConfigPath();
+    if (!existsSync22(configPath)) {
+      return {
+        ok: false,
+        message: "Konfigurationsdatei nicht gefunden",
+        suggestion: "shiva init um Projekt zu initialisieren"
+      };
+    }
+    const content = readFileSync11(configPath, "utf-8");
+    JSON.parse(content);
+    return {
+      ok: true,
+      message: "Konfigurationsdatei OK"
+    };
+  } catch (error) {
+    return {
+      ok: false,
+      message: "Konfigurationsdatei besch\xE4digt",
+      suggestion: "shiva config reset um zur\xFCckzusetzen"
+    };
+  }
+}
+async function checkAuth() {
+  const token = getToken();
+  if (!token) {
+    return {
+      ok: false,
+      message: "Nicht angemeldet",
+      suggestion: "shiva login um dich anzumelden"
+    };
+  }
+  return {
+    ok: true,
+    message: "Authentifiziert"
+  };
+}
+async function checkClaude2() {
+  if (!isClaudeInstalled()) {
+    return {
+      ok: false,
+      message: "Claude Code nicht installiert",
+      suggestion: "curl -fsSL https://claude.ai/install.sh | bash"
+    };
+  }
+  return {
+    ok: true,
+    message: "Claude Code installiert"
+  };
+}
+async function checkHooks() {
+  try {
+    const claudeDir = join13(homedir7(), ".claude");
+    const settingsPath = join13(claudeDir, "settings.json");
+    if (!existsSync22(settingsPath)) {
+      return {
+        ok: true,
+        message: "Keine Hooks konfiguriert (optional)"
+      };
+    }
+    const content = readFileSync11(settingsPath, "utf-8");
+    const settings = JSON.parse(content);
+    if (settings.hooks && Object.keys(settings.hooks).length > 0) {
+      const hookCount = Object.values(settings.hooks).flat().length;
+      return {
+        ok: true,
+        message: `${hookCount} Hook(s) konfiguriert`
+      };
+    }
+    return {
+      ok: true,
+      message: "Keine Hooks konfiguriert (optional)"
+    };
+  } catch (error) {
+    return {
+      ok: false,
+      message: "Hooks-Konfiguration fehlerhaft",
+      suggestion: "shiva hook list um Hooks zu pr\xFCfen"
+    };
+  }
+}
+async function checkNetwork() {
+  try {
+    const controller = new AbortController();
+    const timeout = setTimeout(() => controller.abort(), 5e3);
+    const response = await fetch("https://api.shiva.li/health", {
+      signal: controller.signal
+    });
+    clearTimeout(timeout);
+    if (response.ok) {
+      return {
+        ok: true,
+        message: "Server erreichbar"
+      };
+    }
+    return {
+      ok: false,
+      message: `Server antwortet mit ${response.status}`,
+      suggestion: "Sp\xE4ter erneut versuchen"
+    };
+  } catch (error) {
+    return {
+      ok: false,
+      message: "Server nicht erreichbar",
+      suggestion: "Internetverbindung pr\xFCfen"
+    };
+  }
+}
+async function checkProject() {
+  const shivaDir = join13(process.cwd(), ".shiva");
+  const claudeMd = join13(process.cwd(), "CLAUDE.md");
+  if (!existsSync22(shivaDir)) {
+    return {
+      ok: false,
+      message: "Kein SHIVA-Projekt",
+      suggestion: "shiva init um Projekt zu initialisieren"
+    };
+  }
+  if (!existsSync22(claudeMd)) {
+    return {
+      ok: false,
+      message: "CLAUDE.md fehlt",
+      suggestion: "shiva sync um CLAUDE.md zu generieren"
+    };
+  }
+  return {
+    ok: true,
+    message: "Projekt konfiguriert"
+  };
+}
+async function checkNodeVersion() {
+  const version = process.version;
+  const major = parseInt(version.slice(1).split(".")[0], 10);
+  if (major < 18) {
+    return {
+      ok: false,
+      message: `Node.js ${version} (min. v18 erforderlich)`,
+      suggestion: "Node.js aktualisieren: https://nodejs.org"
+    };
+  }
+  return {
+    ok: true,
+    message: `Node.js ${version}`
+  };
+}
+var validateCommand = new Command34("validate").description("Konfiguration und System validieren").option("--json", "Ausgabe als JSON").action(async (options) => {
+  const checks = [
+    { name: "Node.js", check: checkNodeVersion },
+    { name: "Konfiguration", check: checkConfigFile },
+    { name: "Authentifizierung", check: checkAuth },
+    { name: "Claude Code", check: checkClaude2 },
+    { name: "Hooks", check: checkHooks },
+    { name: "Netzwerk", check: checkNetwork },
+    { name: "Projekt", check: checkProject }
+  ];
+  const results = [];
+  let allPassed = true;
+  if (!options.json) {
+    log.header("SHIVA Configuration Check");
+    log.newline();
+  }
+  for (const { name, check } of checks) {
+    const result = await check();
+    results.push({ name, result });
+    if (!result.ok) {
+      allPassed = false;
+    }
+    if (!options.json) {
+      const icon = result.ok ? colors.green("\u2713") : colors.red("\u2717");
+      console.log(`  ${icon} ${name}: ${result.message}`);
+      if (!result.ok && result.suggestion) {
+        console.log(colors.dim(`    \u2192 ${result.suggestion}`));
+      }
+    }
+  }
+  if (options.json) {
+    console.log(
+      JSON.stringify(
+        {
+          success: allPassed,
+          checks: results.map(({ name, result }) => ({
+            name,
+            ok: result.ok,
+            message: result.message,
+            suggestion: result.suggestion
+          }))
+        },
+        null,
+        2
+      )
+    );
+  } else {
+    log.newline();
+    if (allPassed) {
+      log.success("Alle Checks bestanden!");
+    } else {
+      log.warn("Einige Checks fehlgeschlagen");
+    }
+  }
+  process.exit(allPassed ? 0 : 1);
+});
+// src/commands/advanced/docker.ts
+import { Command as Command35 } from "commander";
 import ora21 from "ora";
-var dockerCommand = new Command34("docker").description("Docker-Integration verwalten");
+var dockerCommand = new Command35("docker").description("Docker-Integration verwalten");
 dockerCommand.command("status").description("Docker-Verf\xFCgbarkeit pr\xFCfen").action(() => {
   log.brand();
   log.header("Docker Status");
@@ -12881,7 +13291,7 @@ dockerCommand.action(() => {
 });
 // src/commands/advanced/workflow.ts
-import { Command as Command35 } from "commander";
+import { Command as Command36 } from "commander";
 import * as fs13 from "fs";
 import * as path14 from "path";
 import * as os7 from "os";
@@ -12905,7 +13315,7 @@ var builtInWorkflows = {
     ]
   }
 };
-var workflowCommand = new Command35("workflow").description("Automatisierte Workflows ausf\xFChren").action(async () => {
+var workflowCommand = new Command36("workflow").description("Automatisierte Workflows ausf\xFChren").action(async () => {
   await listWorkflows();
 });
 workflowCommand.command("list").alias("ls").description("Verf\xFCgbare Workflows anzeigen").action(async () => {
@@ -13160,11 +13570,11 @@ async function executeStep(step) {
 }
 // src/commands/advanced/package.ts
-import { Command as Command36 } from "commander";
+import { Command as Command37 } from "commander";
 import * as fs14 from "fs";
 import inquirer12 from "inquirer";
 import ora23 from "ora";
-var packageCommand = new Command36("package").description("Projekt-Gruppen (Packages) verwalten").action(() => {
+var packageCommand = new Command37("package").description("Projekt-Gruppen (Packages) verwalten").action(() => {
   listPackages();
 });
 packageCommand.command("list").description("Alle Packages auflisten").option("--json", "JSON Output").action((options) => {
@@ -13309,7 +13719,7 @@ packageCommand.command("start <name>").description("Alle Projekte eines Packages
   }
 });
 packageCommand.command("push").description("Packages in Cloud sichern").option("-n, --name <name>", "Nur ein bestimmtes Package").action(async (options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -13355,7 +13765,7 @@ packageCommand.command("push").description("Packages in Cloud sichern").option("
   }
 });
 packageCommand.command("pull").description("Packages aus Cloud laden").option("-f, --force", "Lokale Packages \xFCberschreiben").option("--json", "JSON Output").action(async (options) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -13417,7 +13827,7 @@ packageCommand.command("pull").description("Packages aus Cloud laden").option("-
   }
 });
 packageCommand.command("sync").description("Packages mit Cloud synchronisieren").action(async () => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -13470,7 +13880,7 @@ packageCommand.command("sync").description("Packages mit Cloud synchronisieren")
   log.tree.item(`${localPackages.length + pulledCount} Packages total`);
 });
 packageCommand.command("cloud-delete <name>").description("Package aus Cloud l\xF6schen").action(async (name) => {
-  const { api: api2 } = await import("./client-GIGZFXT5.js");
+  const { api: api2 } = await import("./client-RPSJP4Z5.js");
   const { isAuthenticated: isAuthenticated2 } = await import("./config-FGMZONWV.js");
   if (!isAuthenticated2()) {
     log.error("Nicht angemeldet");
@@ -13527,9 +13937,9 @@ function listPackages() {
 }
 // src/commands/advanced/sandbox.ts
-import { Command as Command37 } from "commander";
+import { Command as Command38 } from "commander";
 import ora24 from "ora";
-var sandboxCommand = new Command37("sandbox").description("Sandbox-Management mit Cloud-Sync");
+var sandboxCommand = new Command38("sandbox").description("Sandbox-Management mit Cloud-Sync");
 sandboxCommand.command("list").description("Alle Sandboxes auflisten").option("--local", "Nur lokale Sandboxes").option("--cloud", "Nur Cloud Sandboxes").option("--status <status>", "Nach Status filtern: active, pending-review, applied, discarded").option("--json", "JSON Output").action(async (options) => {
   const spinner = ora24("Lade Sandboxes...").start();
   try {
@@ -13880,8 +14290,13 @@ sandboxCommand.command("delete <id>").description("Sandbox l\xF6schen").option("
 });
 // src/index.ts
-var program = new Command38();
-program.name("shiva").description("SHIVA Code - Control Station for Claude Code").version("0.7.0");
+var program = new Command39();
+program.name("shiva").description("SHIVA Code - Control Station for Claude Code").version("0.7.5").option("--debug", "Debug-Modus aktivieren").hook("preAction", (thisCommand) => {
+  const opts = thisCommand.opts();
+  if (opts.debug) {
+    enableDebug();
+  }
+});
 program.addCommand(loginCommand);
 program.addCommand(logoutCommand);
 program.addCommand(sessionsCommand);
@@ -13924,6 +14339,7 @@ program.addCommand(packageCommand);
 program.addCommand(sandboxCommand);
 program.addCommand(userCommand);
 program.addCommand(welcomeCommand);
+program.addCommand(validateCommand);
 program.action(async () => {
   if (needsOnboarding()) {
     await runOnboarding();
@@ -14108,7 +14524,7 @@ async function showDashboard() {
       const packageName = selected.data;
       log.newline();
       log.success(`Starte Package ${packageName}...`);
-      const { getPackageLaunchConfig: getPackageLaunchConfig2 } = await import("./package-manager-NHNQATBH.js");
+      const { getPackageLaunchConfig: getPackageLaunchConfig2 } = await import("./package-manager-UORON74F.js");
       const launches = await getPackageLaunchConfig2(packageName);
       if (launches.length > 0) {
         await spawnProjects(launches, detectTerminal());
@@ -14195,5 +14611,27 @@ program.exitOverride((err) => {
   }
   process.exit(1);
 });
+program.on("command:*", (operands) => {
+  const unknown = operands[0];
+  const allCommands = program.commands.map((c) => c.name());
+  const suggestions = findSimilarCommands(unknown, allCommands);
+  log.error(`Unbekannter Befehl: ${unknown}`);
+  if (suggestions.length > 0) {
+    log.newline();
+    log.info("Meintest du vielleicht:");
+    suggestions.forEach((s) => log.plain(`  shiva ${s}`));
+  }
+  log.newline();
+  log.dim("Hilfe: shiva --help");
+  process.exit(1);
+});
 migrateConfig();
+var args = process.argv.slice(2);
+if (args.length > 0 && !args[0].startsWith("-")) {
+  const firstArg = args[0];
+  const resolved = getCommandFromAlias(firstArg);
+  if (resolved) {
+    process.argv[2] = resolved;
+  }
+}
 program.parse();