slickenv 0.0.1

package/dist/commands/versions.js

@@ -0,0 +1,42 @@
+import { Flags } from "@oclif/core";
+import { BaseCommand } from "../base-command.js";
+import { createApiClient } from "../lib/api.js";
+import { colors } from "../lib/output.js";
+export default class Versions extends BaseCommand {
+    static description = "List version history for the current environment";
+    static examples = [
+        "slickenv versions",
+        "slickenv versions --limit 10",
+    ];
+    static flags = {
+        ...BaseCommand.baseFlags,
+        limit: Flags.integer({
+            description: "Number of versions to show",
+            default: 20,
+        }),
+    };
+    async run() {
+        const { flags } = await this.parse(Versions);
+        const client = createApiClient(this.slickenvConfig.apiUrl, this.authToken);
+        const result = await client.query("versions:list", {
+            projectId: this.slickenvConfig.projectId,
+            label: this.slickenvConfig.defaultEnvironment,
+            limit: flags.limit,
+        });
+        if (!result.versions || result.versions.length === 0) {
+            this.info("No versions found. Push first with `slickenv push`.");
+            return;
+        }
+        this.log("");
+        this.log(`  ${colors.key(this.slickenvConfig.projectName)} / ${this.slickenvConfig.defaultEnvironment}`);
+        this.log("");
+        for (const v of result.versions) {
+            const date = new Date(v.createdAt).toLocaleString();
+            const activeMarker = v.isActive ? ` ${colors.success("(active)")}` : "";
+            const summary = v.changeSummary ? `  ${colors.info(v.changeSummary)}` : "";
+            this.log(`  ${colors.version(`v${v.version}`)}  ${colors.timestamp(date)}  ${v.variableCount} vars${activeMarker}${summary}`);
+        }
+        this.log("");
+    }
+}
+//# sourceMappingURL=versions.js.map

package/dist/commands/versions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"versions.js","sourceRoot":"","sources":["../../src/commands/versions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACpC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAE1C,MAAM,CAAC,OAAO,OAAO,QAAS,SAAQ,WAAW;IAC/C,MAAM,CAAU,WAAW,GAAG,kDAAkD,CAAC;IAEjF,MAAM,CAAU,QAAQ,GAAG;QACzB,mBAAmB;QACnB,8BAA8B;KAC/B,CAAC;IAEF,MAAM,CAAU,KAAK,GAAG;QACtB,GAAG,WAAW,CAAC,SAAS;QACxB,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC;YACnB,WAAW,EAAE,4BAA4B;YACzC,OAAO,EAAE,EAAE;SACZ,CAAC;KACH,CAAC;IAEF,KAAK,CAAC,GAAG;QACP,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;QAE3E,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,KAAK,CAAC,eAAsB,EAAE;YACxD,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,SAAS;YACxC,KAAK,EAAE,IAAI,CAAC,cAAc,CAAC,kBAAkB;YAC7C,KAAK,EAAE,KAAK,CAAC,KAAK;SACnB,CAAQ,CAAC;QAEV,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrD,IAAI,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAAC;YACjE,OAAO;QACT,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACb,IAAI,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,kBAAkB,EAAE,CAAC,CAAC;QACzG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAEb,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YAChC,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,cAAc,EAAE,CAAC;YACpD,MAAM,YAAY,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACxE,MAAM,OAAO,GAAG,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3E,IAAI,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC,KAAK,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,aAAa,QAAQ,YAAY,GAAG,OAAO,EAAE,CAAC,CAAC;QAChI,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACf,CAAC"}

package/dist/lib/api.d.ts

@@ -0,0 +1,11 @@
+import { ConvexHttpClient } from "convex/browser";
+/**
+ * Create an authenticated Convex HTTP client.
+ */
+export declare function createApiClient(apiUrl?: string, token?: string): ConvexHttpClient;
+/**
+ * Log an API request with sensitive headers redacted.
+ * Only outputs in verbose mode.
+ */
+export declare function logRequest(method: string, url: string, headers: Record<string, string>, verbose: boolean): void;
+//# sourceMappingURL=api.d.ts.map

package/dist/lib/api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../../src/lib/api.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAKlD;;GAEG;AACH,wBAAgB,eAAe,CAC7B,MAAM,CAAC,EAAE,MAAM,EACf,KAAK,CAAC,EAAE,MAAM,GACb,gBAAgB,CAelB;AAED;;;GAGG;AACH,wBAAgB,UAAU,CACxB,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,MAAM,EACX,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EAC/B,OAAO,EAAE,OAAO,GACf,IAAI,CASN"}

package/dist/lib/api.js

@@ -0,0 +1,32 @@
+import { ConvexHttpClient } from "convex/browser";
+import { sanitizeForLogging } from "./output.js";
+const DEFAULT_API_URL = process.env.SLICKENV_API_URL ?? "https://apienv.slickspender.com";
+/**
+ * Create an authenticated Convex HTTP client.
+ */
+export function createApiClient(apiUrl, token) {
+    const url = apiUrl ?? DEFAULT_API_URL;
+    const isLocalhost = url.startsWith("http://localhost") || url.startsWith("http://127.0.0.1");
+    if (!url.startsWith("https://") && !isLocalhost) {
+        throw new Error("API URL must use HTTPS.");
+    }
+    const client = new ConvexHttpClient(url);
+    if (token) {
+        client.setAuth(token);
+    }
+    return client;
+}
+/**
+ * Log an API request with sensitive headers redacted.
+ * Only outputs in verbose mode.
+ */
+export function logRequest(method, url, headers, verbose) {
+    if (!verbose)
+        return;
+    const safeHeaders = { ...headers };
+    if (safeHeaders["Authorization"]) {
+        safeHeaders["Authorization"] = "Bearer [REDACTED]";
+    }
+    console.debug(`→ ${method} ${url}`, sanitizeForLogging(safeHeaders));
+}
+//# sourceMappingURL=api.js.map

package/dist/lib/api.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.js","sourceRoot":"","sources":["../../src/lib/api.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAEjD,MAAM,eAAe,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,iCAAiC,CAAC;AAE1F;;GAEG;AACH,MAAM,UAAU,eAAe,CAC7B,MAAe,EACf,KAAc;IAEd,MAAM,GAAG,GAAG,MAAM,IAAI,eAAe,CAAC;IAEtC,MAAM,WAAW,GAAG,GAAG,CAAC,UAAU,CAAC,kBAAkB,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC;IAC7F,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,GAAG,CAAC,CAAC;IAEzC,IAAI,KAAK,EAAE,CAAC;QACV,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACxB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,UAAU,CACxB,MAAc,EACd,GAAW,EACX,OAA+B,EAC/B,OAAgB;IAEhB,IAAI,CAAC,OAAO;QAAE,OAAO;IAErB,MAAM,WAAW,GAAG,EAAE,GAAG,OAAO,EAAE,CAAC;IACnC,IAAI,WAAW,CAAC,eAAe,CAAC,EAAE,CAAC;QACjC,WAAW,CAAC,eAAe,CAAC,GAAG,mBAAmB,CAAC;IACrD,CAAC;IAED,OAAO,CAAC,KAAK,CAAC,KAAK,MAAM,IAAI,GAAG,EAAE,EAAE,kBAAkB,CAAC,WAAW,CAAC,CAAC,CAAC;AACvE,CAAC"}

package/dist/lib/auth.d.ts

@@ -0,0 +1,24 @@
+/**
+ * Decode a JWT payload without verifying the signature.
+ * Signature verification is done server-side by Convex.
+ */
+export declare function decodeJwt(token: string): Record<string, unknown>;
+/**
+ * Check if a JWT is expired.
+ */
+export declare function isExpired(token: string): boolean;
+/**
+ * Check if a JWT is within 5 minutes of expiry.
+ */
+export declare function isNearExpiry(token: string): boolean;
+/**
+ * Resolve token from all sources.
+ * Priority: SLICKENV_TOKEN env → OS keychain → file fallback.
+ */
+export declare function resolveToken(): Promise<string | null>;
+/**
+ * Get a valid auth token, refreshing if near expiry.
+ * Throws AuthError if no token or token is expired.
+ */
+export declare function getValidToken(): Promise<string>;
+//# sourceMappingURL=auth.d.ts.map

package/dist/lib/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/lib/auth.ts"],"names":[],"mappings":"AAKA;;;GAGG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAYhE;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAIhD;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAKnD;AAED;;;GAGG;AACH,wBAAsB,YAAY,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAQ3D;AAmBD;;;GAGG;AACH,wBAAsB,aAAa,IAAI,OAAO,CAAC,MAAM,CAAC,CA6BrD"}

package/dist/lib/auth.js

@@ -0,0 +1,91 @@
+import { getStoredToken, storeToken } from "./keychain.js";
+import { AuthError } from "./errors.js";
+const CLERK_API_URL = "https://api.clerk.dev";
+/**
+ * Decode a JWT payload without verifying the signature.
+ * Signature verification is done server-side by Convex.
+ */
+export function decodeJwt(token) {
+    const parts = token.split(".");
+    if (parts.length !== 3) {
+        throw new AuthError("TOKEN_INVALID", "Authentication token is invalid. Run `slickenv login`.");
+    }
+    try {
+        const payload = Buffer.from(parts[1], "base64url").toString("utf8");
+        return JSON.parse(payload);
+    }
+    catch {
+        throw new AuthError("TOKEN_INVALID", "Authentication token is invalid. Run `slickenv login`.");
+    }
+}
+/**
+ * Check if a JWT is expired.
+ */
+export function isExpired(token) {
+    const { exp } = decodeJwt(token);
+    if (typeof exp !== "number")
+        return true;
+    return exp < Math.floor(Date.now() / 1000);
+}
+/**
+ * Check if a JWT is within 5 minutes of expiry.
+ */
+export function isNearExpiry(token) {
+    const { exp } = decodeJwt(token);
+    if (typeof exp !== "number")
+        return true;
+    const fiveMinutesFromNow = Math.floor(Date.now() / 1000) + 300;
+    return exp < fiveMinutesFromNow;
+}
+/**
+ * Resolve token from all sources.
+ * Priority: SLICKENV_TOKEN env → OS keychain → file fallback.
+ */
+export async function resolveToken() {
+    // 1. Environment variable (CI/CD)
+    if (process.env.SLICKENV_TOKEN) {
+        return process.env.SLICKENV_TOKEN;
+    }
+    // 2. OS keychain + file fallback
+    return getStoredToken();
+}
+/**
+ * Attempt to refresh an expiring token via Clerk.
+ */
+async function refreshToken(token) {
+    const response = await fetch(`${CLERK_API_URL}/tokens/refresh`, {
+        method: "POST",
+        headers: { Authorization: `Bearer ${token}` },
+    });
+    if (!response.ok) {
+        throw new Error("Refresh failed");
+    }
+    const data = (await response.json());
+    return data.jwt;
+}
+/**
+ * Get a valid auth token, refreshing if near expiry.
+ * Throws AuthError if no token or token is expired.
+ */
+export async function getValidToken() {
+    const token = await resolveToken();
+    if (!token) {
+        throw new AuthError("NOT_AUTHENTICATED", "Not authenticated. Run `slickenv login`.");
+    }
+    if (isExpired(token)) {
+        throw new AuthError("TOKEN_EXPIRED", "Session expired. Run `slickenv login` to reconnect.");
+    }
+    if (isNearExpiry(token)) {
+        try {
+            const refreshed = await refreshToken(token);
+            await storeToken(refreshed);
+            return refreshed;
+        }
+        catch {
+            // Refresh failed but token still valid — proceed
+            return token;
+        }
+    }
+    return token;
+}
+//# sourceMappingURL=auth.js.map

package/dist/lib/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/lib/auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,MAAM,aAAa,GAAG,uBAAuB,CAAC;AAE9C;;;GAGG;AACH,MAAM,UAAU,SAAS,CAAC,KAAa;IACrC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,SAAS,CAAC,eAAe,EAAE,wDAAwD,CAAC,CAAC;IACjG,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QACrE,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAA4B,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,SAAS,CAAC,eAAe,EAAE,wDAAwD,CAAC,CAAC;IACjG,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,KAAa;IACrC,MAAM,EAAE,GAAG,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IACzC,OAAO,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;AAC7C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,KAAa;IACxC,MAAM,EAAE,GAAG,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IACzC,MAAM,kBAAkB,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,GAAG,CAAC;IAC/D,OAAO,GAAG,GAAG,kBAAkB,CAAC;AAClC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY;IAChC,kCAAkC;IAClC,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC;QAC/B,OAAO,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;IACpC,CAAC;IAED,iCAAiC;IACjC,OAAO,cAAc,EAAE,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,YAAY,CAAC,KAAa;IACvC,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,aAAa,iBAAiB,EAAE;QAC9D,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,KAAK,EAAE,EAAE;KAC9C,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;IACpC,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAoB,CAAC;IACxD,OAAO,IAAI,CAAC,GAAG,CAAC;AAClB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,MAAM,KAAK,GAAG,MAAM,YAAY,EAAE,CAAC;IAEnC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,SAAS,CACjB,mBAAmB,EACnB,0CAA0C,CAC3C,CAAC;IACJ,CAAC;IAED,IAAI,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;QACrB,MAAM,IAAI,SAAS,CACjB,eAAe,EACf,qDAAqD,CACtD,CAAC;IACJ,CAAC;IAED,IAAI,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;QACxB,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,KAAK,CAAC,CAAC;YAC5C,MAAM,UAAU,CAAC,SAAS,CAAC,CAAC;YAC5B,OAAO,SAAS,CAAC;QACnB,CAAC;QAAC,MAAM,CAAC;YACP,iDAAiD;YACjD,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/lib/config.d.ts

@@ -0,0 +1,22 @@
+import type { SlickEnvConfig, GlobalConfig } from "@slickenv/types";
+export declare const CONFIG_FILENAME = ".slickenv";
+/**
+ * Walk up from `startDir` looking for a .slickenv config file.
+ * Returns the directory containing it, or null if not found.
+ */
+export declare function findConfigDir(startDir?: string): Promise<string | null>;
+/**
+ * Load the .slickenv config from the current or parent directory.
+ * Throws ConfigError if not found or invalid.
+ */
+export declare function loadConfig(startDir?: string): Promise<SlickEnvConfig>;
+/**
+ * Write a .slickenv config file to the given directory.
+ */
+export declare function writeConfig(config: SlickEnvConfig, dir: string): Promise<void>;
+/**
+ * Load global CLI config from ~/.slickenv/config.json.
+ * Returns empty config if file doesn't exist.
+ */
+export declare function loadGlobalConfig(): Promise<GlobalConfig>;
+//# sourceMappingURL=config.d.ts.map

package/dist/lib/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/lib/config.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAGpE,eAAO,MAAM,eAAe,cAAc,CAAC;AAI3C;;;GAGG;AACH,wBAAsB,aAAa,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAc7E;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CA0B3E;AAED;;GAEG;AACH,wBAAsB,WAAW,CAAC,MAAM,EAAE,cAAc,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAGpF;AAED;;;GAGG;AACH,wBAAsB,gBAAgB,IAAI,OAAO,CAAC,YAAY,CAAC,CAO9D"}

package/dist/lib/config.js

@@ -0,0 +1,71 @@
+import { readFile, writeFile } from "node:fs/promises";
+import { join, dirname } from "node:path";
+import { homedir } from "node:os";
+import { ConfigError } from "./errors.js";
+export const CONFIG_FILENAME = ".slickenv";
+const GLOBAL_CONFIG_DIR = join(homedir(), ".slickenv");
+const GLOBAL_CONFIG_FILE = join(GLOBAL_CONFIG_DIR, "config.json");
+/**
+ * Walk up from `startDir` looking for a .slickenv config file.
+ * Returns the directory containing it, or null if not found.
+ */
+export async function findConfigDir(startDir) {
+    let dir = startDir ?? process.cwd();
+    // eslint-disable-next-line no-constant-condition
+    while (true) {
+        try {
+            await readFile(join(dir, CONFIG_FILENAME), "utf8");
+            return dir;
+        }
+        catch {
+            const parent = dirname(dir);
+            if (parent === dir)
+                return null; // reached filesystem root
+            dir = parent;
+        }
+    }
+}
+/**
+ * Load the .slickenv config from the current or parent directory.
+ * Throws ConfigError if not found or invalid.
+ */
+export async function loadConfig(startDir) {
+    const configDir = await findConfigDir(startDir);
+    if (!configDir) {
+        throw new ConfigError("No .slickenv config found.\nRun `slickenv init` to set up this project.");
+    }
+    try {
+        const raw = await readFile(join(configDir, CONFIG_FILENAME), "utf8");
+        const parsed = JSON.parse(raw);
+        if (!parsed.projectId || !parsed.projectName || !parsed.apiUrl) {
+            throw new ConfigError("Your .slickenv config file appears to be corrupted or invalid.\nTo fix: delete .slickenv and run `slickenv init` to re-link this project.");
+        }
+        return parsed;
+    }
+    catch (error) {
+        if (error instanceof ConfigError)
+            throw error;
+        throw new ConfigError("Your .slickenv config file appears to be corrupted or invalid.\nTo fix: delete .slickenv and run `slickenv init` to re-link this project.");
+    }
+}
+/**
+ * Write a .slickenv config file to the given directory.
+ */
+export async function writeConfig(config, dir) {
+    const content = JSON.stringify(config, null, 2) + "\n";
+    await writeFile(join(dir, CONFIG_FILENAME), content, "utf8");
+}
+/**
+ * Load global CLI config from ~/.slickenv/config.json.
+ * Returns empty config if file doesn't exist.
+ */
+export async function loadGlobalConfig() {
+    try {
+        const raw = await readFile(GLOBAL_CONFIG_FILE, "utf8");
+        return JSON.parse(raw);
+    }
+    catch {
+        return {};
+    }
+}
+//# sourceMappingURL=config.js.map

package/dist/lib/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/lib/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAElC,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAE1C,MAAM,CAAC,MAAM,eAAe,GAAG,WAAW,CAAC;AAC3C,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,WAAW,CAAC,CAAC;AACvD,MAAM,kBAAkB,GAAG,IAAI,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC;AAElE;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,QAAiB;IACnD,IAAI,GAAG,GAAG,QAAQ,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;IAEpC,iDAAiD;IACjD,OAAO,IAAI,EAAE,CAAC;QACZ,IAAI,CAAC;YACH,MAAM,QAAQ,CAAC,IAAI,CAAC,GAAG,EAAE,eAAe,CAAC,EAAE,MAAM,CAAC,CAAC;YACnD,OAAO,GAAG,CAAC;QACb,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;YAC5B,IAAI,MAAM,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC,CAAC,0BAA0B;YAC3D,GAAG,GAAG,MAAM,CAAC;QACf,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,QAAiB;IAChD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,QAAQ,CAAC,CAAC;IAEhD,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,WAAW,CACnB,yEAAyE,CAC1E,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,SAAS,EAAE,eAAe,CAAC,EAAE,MAAM,CAAC,CAAC;QACrE,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAmB,CAAC;QAEjD,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YAC/D,MAAM,IAAI,WAAW,CACnB,2IAA2I,CAC5I,CAAC;QACJ,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,WAAW;YAAE,MAAM,KAAK,CAAC;QAC9C,MAAM,IAAI,WAAW,CACnB,2IAA2I,CAC5I,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,MAAsB,EAAE,GAAW;IACnE,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC;IACvD,MAAM,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,eAAe,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;AAC/D,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB;IACpC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC;QACvD,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAiB,CAAC;IACzC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC"}

package/dist/lib/crypto.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Derive an AES-256 encryption key from user identity and project context.
+ *
+ * Uses PBKDF2-SHA256 with 100,000 iterations.
+ * The derived key is never stored — re-derived on each operation.
+ */
+export declare function deriveKey(clerkUserId: string, projectId: string, salt: Buffer): Buffer;
+/**
+ * Encrypt a plaintext string using AES-256-GCM.
+ *
+ * Returns base64-encoded ciphertext (with auth tag appended) and IV.
+ * A fresh random 12-byte IV is generated for each call.
+ */
+export declare function encrypt(plaintext: string, key: Buffer): {
+    ciphertext: string;
+    iv: string;
+};
+/**
+ * Decrypt an AES-256-GCM ciphertext.
+ *
+ * Expects base64-encoded ciphertext (with auth tag appended) and IV.
+ * Throws if the auth tag is invalid (tampered data).
+ */
+export declare function decrypt(ciphertext: string, iv: string, key: Buffer): string;
+/**
+ * Generate a random 32-byte salt for project encryption.
+ * Returns base64-encoded string for storage in Convex.
+ */
+export declare function generateProjectSalt(): string;
+//# sourceMappingURL=crypto.d.ts.map

package/dist/lib/crypto.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../src/lib/crypto.ts"],"names":[],"mappings":"AAOA;;;;;GAKG;AACH,wBAAgB,SAAS,CACvB,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,MAAM,EACjB,IAAI,EAAE,MAAM,GACX,MAAM,CAQR;AAED;;;;;GAKG;AACH,wBAAgB,OAAO,CACrB,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,GACV;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,EAAE,EAAE,MAAM,CAAA;CAAE,CAiBpC;AAED;;;;;GAKG;AACH,wBAAgB,OAAO,CACrB,UAAU,EAAE,MAAM,EAClB,EAAE,EAAE,MAAM,EACV,GAAG,EAAE,MAAM,GACV,MAAM,CAcR;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,IAAI,MAAM,CAE5C"}

package/dist/lib/crypto.js

@@ -0,0 +1,56 @@
+import { createCipheriv, createDecipheriv, randomBytes, pbkdf2Sync, } from "node:crypto";
+/**
+ * Derive an AES-256 encryption key from user identity and project context.
+ *
+ * Uses PBKDF2-SHA256 with 100,000 iterations.
+ * The derived key is never stored — re-derived on each operation.
+ */
+export function deriveKey(clerkUserId, projectId, salt) {
+    return pbkdf2Sync(`${clerkUserId}:${projectId}`, salt, 100_000, 32, // 256 bits
+    "sha256");
+}
+/**
+ * Encrypt a plaintext string using AES-256-GCM.
+ *
+ * Returns base64-encoded ciphertext (with auth tag appended) and IV.
+ * A fresh random 12-byte IV is generated for each call.
+ */
+export function encrypt(plaintext, key) {
+    const iv = randomBytes(12); // 96-bit IV as recommended for GCM
+    const cipher = createCipheriv("aes-256-gcm", key, iv);
+    const encrypted = Buffer.concat([
+        cipher.update(plaintext, "utf8"),
+        cipher.final(),
+    ]);
+    const tag = cipher.getAuthTag(); // 128-bit auth tag
+    // Append auth tag to ciphertext for storage
+    const combined = Buffer.concat([encrypted, tag]);
+    return {
+        ciphertext: combined.toString("base64"),
+        iv: iv.toString("base64"),
+    };
+}
+/**
+ * Decrypt an AES-256-GCM ciphertext.
+ *
+ * Expects base64-encoded ciphertext (with auth tag appended) and IV.
+ * Throws if the auth tag is invalid (tampered data).
+ */
+export function decrypt(ciphertext, iv, key) {
+    const combined = Buffer.from(ciphertext, "base64");
+    const ivBuf = Buffer.from(iv, "base64");
+    // Last 16 bytes are the GCM auth tag
+    const tag = combined.subarray(combined.length - 16);
+    const encrypted = combined.subarray(0, combined.length - 16);
+    const decipher = createDecipheriv("aes-256-gcm", key, ivBuf);
+    decipher.setAuthTag(tag);
+    return Buffer.concat([decipher.update(encrypted), decipher.final()]).toString("utf8");
+}
+/**
+ * Generate a random 32-byte salt for project encryption.
+ * Returns base64-encoded string for storage in Convex.
+ */
+export function generateProjectSalt() {
+    return randomBytes(32).toString("base64");
+}
+//# sourceMappingURL=crypto.js.map

package/dist/lib/crypto.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../src/lib/crypto.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,cAAc,EACd,gBAAgB,EAChB,WAAW,EACX,UAAU,GACX,MAAM,aAAa,CAAC;AAErB;;;;;GAKG;AACH,MAAM,UAAU,SAAS,CACvB,WAAmB,EACnB,SAAiB,EACjB,IAAY;IAEZ,OAAO,UAAU,CACf,GAAG,WAAW,IAAI,SAAS,EAAE,EAC7B,IAAI,EACJ,OAAO,EACP,EAAE,EAAE,WAAW;IACf,QAAQ,CACT,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,OAAO,CACrB,SAAiB,EACjB,GAAW;IAEX,MAAM,EAAE,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC,mCAAmC;IAC/D,MAAM,MAAM,GAAG,cAAc,CAAC,aAAa,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;IAEtD,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;QAC9B,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC;QAChC,MAAM,CAAC,KAAK,EAAE;KACf,CAAC,CAAC;IACH,MAAM,GAAG,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC,mBAAmB;IAEpD,4CAA4C;IAC5C,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC,CAAC;IAEjD,OAAO;QACL,UAAU,EAAE,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACvC,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC;KAC1B,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,OAAO,CACrB,UAAkB,EAClB,EAAU,EACV,GAAW;IAEX,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IAExC,qCAAqC;IACrC,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IACpD,MAAM,SAAS,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,QAAQ,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IAE7D,MAAM,QAAQ,GAAG,gBAAgB,CAAC,aAAa,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7D,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IAEzB,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,QAAQ,CAC3E,MAAM,CACP,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB;IACjC,OAAO,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAC5C,CAAC"}

package/dist/lib/errors.d.ts

@@ -0,0 +1,17 @@
+export declare class ConfigError extends Error {
+    constructor(message: string);
+}
+export declare class AuthError extends Error {
+    code: string;
+    constructor(code: string, message: string);
+}
+export declare class ParseError extends Error {
+    line?: number;
+    constructor(message: string, line?: number);
+}
+export declare class ApiRequestError extends Error {
+    code: string;
+    data?: Record<string, unknown>;
+    constructor(code: string, message: string, data?: Record<string, unknown>);
+}
+//# sourceMappingURL=errors.d.ts.map

package/dist/lib/errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.d.ts","sourceRoot":"","sources":["../../src/lib/errors.ts"],"names":[],"mappings":"AAAA,qBAAa,WAAY,SAAQ,KAAK;gBACxB,OAAO,EAAE,MAAM;CAI5B;AAED,qBAAa,SAAU,SAAQ,KAAK;IAClC,IAAI,EAAE,MAAM,CAAC;gBAED,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;CAK1C;AAED,qBAAa,UAAW,SAAQ,KAAK;IACnC,IAAI,CAAC,EAAE,MAAM,CAAC;gBAEF,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM;CAK3C;AAED,qBAAa,eAAgB,SAAQ,KAAK;IACxC,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAEnB,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;CAM1E"}

package/dist/lib/errors.js

@@ -0,0 +1,33 @@
+export class ConfigError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = "ConfigError";
+    }
+}
+export class AuthError extends Error {
+    code;
+    constructor(code, message) {
+        super(message);
+        this.name = "AuthError";
+        this.code = code;
+    }
+}
+export class ParseError extends Error {
+    line;
+    constructor(message, line) {
+        super(message);
+        this.name = "ParseError";
+        this.line = line;
+    }
+}
+export class ApiRequestError extends Error {
+    code;
+    data;
+    constructor(code, message, data) {
+        super(message);
+        this.name = "ApiRequestError";
+        this.code = code;
+        this.data = data;
+    }
+}
+//# sourceMappingURL=errors.js.map

package/dist/lib/errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../src/lib/errors.ts"],"names":[],"mappings":"AAAA,MAAM,OAAO,WAAY,SAAQ,KAAK;IACpC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,aAAa,CAAC;IAC5B,CAAC;CACF;AAED,MAAM,OAAO,SAAU,SAAQ,KAAK;IAClC,IAAI,CAAS;IAEb,YAAY,IAAY,EAAE,OAAe;QACvC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;QACxB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;CACF;AAED,MAAM,OAAO,UAAW,SAAQ,KAAK;IACnC,IAAI,CAAU;IAEd,YAAY,OAAe,EAAE,IAAa;QACxC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,YAAY,CAAC;QACzB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;CACF;AAED,MAAM,OAAO,eAAgB,SAAQ,KAAK;IACxC,IAAI,CAAS;IACb,IAAI,CAA2B;IAE/B,YAAY,IAAY,EAAE,OAAe,EAAE,IAA8B;QACvE,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;QAC9B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;CACF"}

package/dist/lib/keychain.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Store auth token. Tries OS keychain first, falls back to file.
+ */
+export declare function storeToken(token: string): Promise<void>;
+/**
+ * Retrieve stored auth token.
+ * Priority: OS keychain → file fallback.
+ */
+export declare function getStoredToken(): Promise<string | null>;
+/**
+ * Delete stored auth token from all storage locations.
+ */
+export declare function deleteToken(): Promise<void>;
+//# sourceMappingURL=keychain.d.ts.map

package/dist/lib/keychain.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"keychain.d.ts","sourceRoot":"","sources":["../../src/lib/keychain.ts"],"names":[],"mappings":"AA6BA;;GAEG;AACH,wBAAsB,UAAU,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAe7D;AAED;;;GAGG;AACH,wBAAsB,cAAc,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAmB7D;AAED;;GAEG;AACH,wBAAsB,WAAW,IAAI,OAAO,CAAC,IAAI,CAAC,CAgBjD"}

package/dist/lib/keychain.js

@@ -0,0 +1,85 @@
+import { readFile, writeFile, mkdir } from "node:fs/promises";
+import { join, dirname } from "node:path";
+import { homedir } from "node:os";
+import { unlink } from "node:fs/promises";
+const SERVICE = "slickenv-cli";
+const ACCOUNT = "auth-token";
+const TOKEN_FILE = join(homedir(), ".slickenv", "token");
+/**
+ * Try to import keytar at runtime. Returns null if unavailable.
+ * keytar is a soft dependency — it requires native bindings.
+ */
+async function getKeytar() {
+    try {
+        // Dynamic import with variable to prevent TS from resolving the module
+        const moduleName = "keytar";
+        return (await import(moduleName));
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Store auth token. Tries OS keychain first, falls back to file.
+ */
+export async function storeToken(token) {
+    const keytar = await getKeytar();
+    if (keytar) {
+        try {
+            await keytar.setPassword(SERVICE, ACCOUNT, token);
+            return;
+        }
+        catch {
+            // Keychain failed — fall through to file
+        }
+    }
+    // File fallback (chmod 600)
+    await mkdir(dirname(TOKEN_FILE), { recursive: true });
+    await writeFile(TOKEN_FILE, token, { encoding: "utf8", mode: 0o600 });
+}
+/**
+ * Retrieve stored auth token.
+ * Priority: OS keychain → file fallback.
+ */
+export async function getStoredToken() {
+    const keytar = await getKeytar();
+    if (keytar) {
+        try {
+            const token = await keytar.getPassword(SERVICE, ACCOUNT);
+            if (token)
+                return token;
+        }
+        catch {
+            // Keychain failed — fall through to file
+        }
+    }
+    // File fallback
+    try {
+        const token = await readFile(TOKEN_FILE, "utf8");
+        return token.trim() || null;
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Delete stored auth token from all storage locations.
+ */
+export async function deleteToken() {
+    const keytar = await getKeytar();
+    if (keytar) {
+        try {
+            await keytar.deletePassword(SERVICE, ACCOUNT);
+        }
+        catch {
+            // Ignore — may not exist
+        }
+    }
+    try {
+        await unlink(TOKEN_FILE);
+    }
+    catch {
+        // Ignore — file may not exist
+    }
+}
+//# sourceMappingURL=keychain.js.map

package/dist/lib/keychain.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"keychain.js","sourceRoot":"","sources":["../../src/lib/keychain.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAC9D,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAE1C,MAAM,OAAO,GAAG,cAAc,CAAC;AAC/B,MAAM,OAAO,GAAG,YAAY,CAAC;AAC7B,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;AAQzD;;;GAGG;AACH,KAAK,UAAU,SAAS;IACtB,IAAI,CAAC;QACH,uEAAuE;QACvE,MAAM,UAAU,GAAG,QAAQ,CAAC;QAC5B,OAAO,CAAC,MAAM,MAAM,CAAC,UAAU,CAAC,CAA4B,CAAC;IAC/D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,KAAa;IAC5C,MAAM,MAAM,GAAG,MAAM,SAAS,EAAE,CAAC;IAEjC,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;YAClD,OAAO;QACT,CAAC;QAAC,MAAM,CAAC;YACP,yCAAyC;QAC3C,CAAC;IACH,CAAC;IAED,4BAA4B;IAC5B,MAAM,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACtD,MAAM,SAAS,CAAC,UAAU,EAAE,KAAK,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;AACxE,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,MAAM,MAAM,GAAG,MAAM,SAAS,EAAE,CAAC;IAEjC,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACzD,IAAI,KAAK;gBAAE,OAAO,KAAK,CAAC;QAC1B,CAAC;QAAC,MAAM,CAAC;YACP,yCAAyC;QAC3C,CAAC;IACH,CAAC;IAED,gBAAgB;IAChB,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;QACjD,OAAO,KAAK,CAAC,IAAI,EAAE,IAAI,IAAI,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,MAAM,MAAM,GAAG,MAAM,SAAS,EAAE,CAAC;IAEjC,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAChD,CAAC;QAAC,MAAM,CAAC;YACP,yBAAyB;QAC3B,CAAC;IACH,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;IAC3B,CAAC;IAAC,MAAM,CAAC;QACP,8BAA8B;IAChC,CAAC;AACH,CAAC"}

package/dist/lib/output.d.ts

@@ -0,0 +1,29 @@
+import type { Variable } from "@slickenv/types";
+export declare const symbols: {
+    readonly success: "✓";
+    readonly warning: "⚠";
+    readonly error: "✗";
+    readonly info: "→";
+    readonly unchanged: "·";
+    readonly modified: "~";
+    readonly added: "+";
+    readonly removed: "-";
+};
+export declare const colors: {
+    readonly success: import("chalk").ChalkInstance;
+    readonly warning: import("chalk").ChalkInstance;
+    readonly error: import("chalk").ChalkInstance;
+    readonly info: import("chalk").ChalkInstance;
+    readonly key: import("chalk").ChalkInstance;
+    readonly value: import("chalk").ChalkInstance;
+    readonly privateValue: import("chalk").ChalkInstance;
+    readonly version: import("chalk").ChalkInstance;
+    readonly email: import("chalk").ChalkInstance;
+    readonly timestamp: import("chalk").ChalkInstance;
+};
+export declare const isTTY: boolean;
+export declare function mask(): string;
+export declare function displayVariable(variable: Pick<Variable, "key" | "value" | "visibility" | "isEncrypted">): string;
+export declare function sanitizeForLogging(obj: unknown): unknown;
+export declare function confirm(message: string): Promise<boolean>;
+//# sourceMappingURL=output.d.ts.map

package/dist/lib/output.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"output.d.ts","sourceRoot":"","sources":["../../src/lib/output.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAIhD,eAAO,MAAM,OAAO;;;;;;;;;CASV,CAAC;AAIX,eAAO,MAAM,MAAM;;;;;;;;;;;CAWT,CAAC;AAIX,eAAO,MAAM,KAAK,SAAuD,CAAC;AAI1E,wBAAgB,IAAI,IAAI,MAAM,CAE7B;AAED,wBAAgB,eAAe,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,KAAK,GAAG,OAAO,GAAG,YAAY,GAAG,aAAa,CAAC,GAAG,MAAM,CAKhH;AAMD,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,OAAO,GAAG,OAAO,CAWxD;AAID,wBAAsB,OAAO,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAgB/D"}