terminal-pilot 0.0.21 → 0.0.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (61) hide show
  1. package/dist/cli.js +614 -250
  2. package/dist/cli.js.map +4 -4
  3. package/dist/commands/close-session.js +6 -4
  4. package/dist/commands/close-session.js.map +3 -3
  5. package/dist/commands/create-session.js +6 -4
  6. package/dist/commands/create-session.js.map +3 -3
  7. package/dist/commands/fill.js +6 -4
  8. package/dist/commands/fill.js.map +3 -3
  9. package/dist/commands/get-session.js +6 -4
  10. package/dist/commands/get-session.js.map +3 -3
  11. package/dist/commands/index.d.ts +35 -35
  12. package/dist/commands/index.js +97 -36
  13. package/dist/commands/index.js.map +4 -4
  14. package/dist/commands/install.js +74 -20
  15. package/dist/commands/install.js.map +4 -4
  16. package/dist/commands/installer.js +36 -2
  17. package/dist/commands/installer.js.map +4 -4
  18. package/dist/commands/list-sessions.js +6 -4
  19. package/dist/commands/list-sessions.js.map +3 -3
  20. package/dist/commands/press-key.js +6 -4
  21. package/dist/commands/press-key.js.map +3 -3
  22. package/dist/commands/read-history.js +6 -4
  23. package/dist/commands/read-history.js.map +3 -3
  24. package/dist/commands/read-screen.js +6 -4
  25. package/dist/commands/read-screen.js.map +3 -3
  26. package/dist/commands/resize.js +6 -4
  27. package/dist/commands/resize.js.map +3 -3
  28. package/dist/commands/runtime.js +6 -4
  29. package/dist/commands/runtime.js.map +3 -3
  30. package/dist/commands/screenshot.js +22 -8
  31. package/dist/commands/screenshot.js.map +4 -4
  32. package/dist/commands/send-signal.js +6 -4
  33. package/dist/commands/send-signal.js.map +3 -3
  34. package/dist/commands/type.js +6 -4
  35. package/dist/commands/type.js.map +3 -3
  36. package/dist/commands/uninstall.js +39 -5
  37. package/dist/commands/uninstall.js.map +4 -4
  38. package/dist/commands/wait-for-exit.js +6 -4
  39. package/dist/commands/wait-for-exit.js.map +3 -3
  40. package/dist/commands/wait-for.js +6 -4
  41. package/dist/commands/wait-for.js.map +3 -3
  42. package/dist/errors.d.ts +1 -0
  43. package/dist/errors.js +8 -0
  44. package/dist/errors.js.map +7 -0
  45. package/dist/index.js +8 -4
  46. package/dist/index.js.map +3 -3
  47. package/dist/terminal-pilot.js +6 -4
  48. package/dist/terminal-pilot.js.map +3 -3
  49. package/dist/terminal-session.js +6 -4
  50. package/dist/terminal-session.js.map +3 -3
  51. package/dist/testing/cli-repl.js +614 -250
  52. package/dist/testing/cli-repl.js.map +4 -4
  53. package/dist/testing/qa-cli.js +614 -250
  54. package/dist/testing/qa-cli.js.map +4 -4
  55. package/node_modules/@poe-code/agent-skill-config/dist/apply.js +2 -1
  56. package/node_modules/@poe-code/agent-skill-config/dist/bridge-active-skills.js +8 -9
  57. package/node_modules/@poe-code/agent-skill-config/dist/error-codes.d.ts +1 -0
  58. package/node_modules/@poe-code/agent-skill-config/dist/error-codes.js +5 -0
  59. package/node_modules/@poe-code/agent-skill-config/dist/git-exclude.js +18 -12
  60. package/node_modules/@poe-code/agent-skill-config/dist/templates.js +2 -1
  61. package/package.json +1 -1
@@ -90,7 +90,7 @@ import path23 from "node:path";
90
90
  import { fileURLToPath as fileURLToPath5 } from "node:url";
91
91
 
92
92
  // ../toolcraft/src/cli.ts
93
- import { access as access2, lstat as lstat3, readFile as readFile4, rename as rename3, unlink as unlink2, writeFile as writeFile5 } from "node:fs/promises";
93
+ import { access as access2, lstat as lstat3, readFile as readFile4, rename as rename3, unlink as unlink3, writeFile as writeFile5 } from "node:fs/promises";
94
94
  import path14 from "node:path";
95
95
  import {
96
96
  Command as CommanderCommand,
@@ -2786,6 +2786,11 @@ function getCommandSourcePath(command) {
2786
2786
  return command[commandSourcePathSymbol];
2787
2787
  }
2788
2788
 
2789
+ // ../toolcraft/src/error-codes.ts
2790
+ function hasOwnErrorCode(error3, code) {
2791
+ return typeof error3 === "object" && error3 !== null && Object.prototype.hasOwnProperty.call(error3, "code") && error3.code === code;
2792
+ }
2793
+
2789
2794
  // ../task-list/src/open.ts
2790
2795
  import * as fsPromises from "node:fs/promises";
2791
2796
 
@@ -2806,27 +2811,27 @@ function validateMachine(machine) {
2806
2811
  if (!isRecord(machine)) {
2807
2812
  throw new TypeError("State machine must be an object.");
2808
2813
  }
2809
- if (!isStateList(machine.states)) {
2814
+ if (!hasOwnRecordField(machine, "states") || !isStateList(machine.states)) {
2810
2815
  throw new TypeError("State machine states must be a string array.");
2811
2816
  }
2812
2817
  const states = new Set(machine.states);
2813
- if (typeof machine.initial !== "string") {
2818
+ if (!hasOwnRecordField(machine, "initial") || typeof machine.initial !== "string") {
2814
2819
  throw new TypeError("State machine initial must be a string.");
2815
2820
  }
2816
2821
  if (!states.has(machine.initial)) {
2817
2822
  throw new Error(`Initial state "${machine.initial}" is not declared.`);
2818
2823
  }
2819
- if (!isRecord(machine.events)) {
2824
+ if (!hasOwnRecordField(machine, "events") || !isRecord(machine.events)) {
2820
2825
  throw new TypeError("State machine events must be an object.");
2821
2826
  }
2822
2827
  for (const [eventName, event] of Object.entries(machine.events)) {
2823
2828
  if (!isRecord(event)) {
2824
2829
  throw new TypeError(`Event "${eventName}" must be an object.`);
2825
2830
  }
2826
- if (event.from !== "*" && !isStateList(event.from)) {
2831
+ if (!hasOwnRecordField(event, "from") || event.from !== "*" && !isStateList(event.from)) {
2827
2832
  throw new TypeError(`Event "${eventName}" has an invalid "from" definition.`);
2828
2833
  }
2829
- if (typeof event.to !== "string") {
2834
+ if (!hasOwnRecordField(event, "to") || typeof event.to !== "string") {
2830
2835
  throw new TypeError(`Event "${eventName}" target state must be a string.`);
2831
2836
  }
2832
2837
  if (!states.has(event.to)) {
@@ -2841,6 +2846,9 @@ function validateMachine(machine) {
2841
2846
  }
2842
2847
  }
2843
2848
  }
2849
+ function hasOwnRecordField(record, key2) {
2850
+ return Object.prototype.hasOwnProperty.call(record, key2);
2851
+ }
2844
2852
  function eventsFromState(machine, fromState) {
2845
2853
  const events = [];
2846
2854
  for (const [eventName, event] of Object.entries(machine.events)) {
@@ -2951,10 +2959,12 @@ import path5 from "node:path";
2951
2959
  // ../process-runner/src/host/host-runner.ts
2952
2960
  import { spawn as spawnChildProcess } from "node:child_process";
2953
2961
  function createHostRunner(options = {}) {
2954
- const detachedByDefault = options.detached === true;
2962
+ const runnerOptions = normalizeHostRunnerOptions(options);
2963
+ const detachedByDefault = runnerOptions.detached === true;
2955
2964
  return {
2956
2965
  name: "host",
2957
- exec(spec) {
2966
+ exec(inputSpec) {
2967
+ const spec = normalizeRunSpec(inputSpec);
2958
2968
  if (spec.signal?.aborted === true) {
2959
2969
  return {
2960
2970
  pid: null,
@@ -2971,12 +2981,16 @@ function createHostRunner(options = {}) {
2971
2981
  const stderrMode = spec.stderr ?? "pipe";
2972
2982
  const killProcessGroup = detachedByDefault || spec.killProcessGroup === true;
2973
2983
  const stdio = stdinMode === "inherit" && stdoutMode === "inherit" && stderrMode === "inherit" ? "inherit" : [stdinMode, stdoutMode, stderrMode];
2974
- const child = spawnChildProcess(spec.command, spec.args ?? [], {
2975
- cwd: spec.cwd,
2976
- env: spec.env,
2977
- stdio,
2978
- ...killProcessGroup ? { detached: true } : {}
2979
- });
2984
+ const child = spawnChildProcess(
2985
+ spec.command,
2986
+ spec.args ?? [],
2987
+ createNullRecord({
2988
+ cwd: spec.cwd,
2989
+ env: spec.env,
2990
+ stdio,
2991
+ ...killProcessGroup ? { detached: true } : {}
2992
+ })
2993
+ );
2980
2994
  if (killProcessGroup) {
2981
2995
  child.unref();
2982
2996
  }
@@ -3022,6 +3036,38 @@ function createHostRunner(options = {}) {
3022
3036
  }
3023
3037
  };
3024
3038
  }
3039
+ function normalizeHostRunnerOptions(options) {
3040
+ return createNullRecord({
3041
+ ...optionalOwnProperty(options, "detached")
3042
+ });
3043
+ }
3044
+ function normalizeRunSpec(spec) {
3045
+ return createNullRecord({
3046
+ command: getOwnProperty(spec, "command"),
3047
+ ...optionalOwnProperty(spec, "args"),
3048
+ ...optionalOwnProperty(spec, "cwd"),
3049
+ ...optionalOwnProperty(spec, "env"),
3050
+ ...optionalOwnProperty(spec, "stdin"),
3051
+ ...optionalOwnProperty(spec, "stdout"),
3052
+ ...optionalOwnProperty(spec, "stderr"),
3053
+ ...optionalOwnProperty(spec, "tty"),
3054
+ ...optionalOwnProperty(spec, "signal"),
3055
+ ...optionalOwnProperty(spec, "killProcessGroup")
3056
+ });
3057
+ }
3058
+ function optionalOwnProperty(value, name) {
3059
+ const property = getOwnProperty(value, name);
3060
+ return property === void 0 ? {} : { [name]: property };
3061
+ }
3062
+ function getOwnProperty(value, name) {
3063
+ return hasOwnProperty(value, name) ? value[name] : void 0;
3064
+ }
3065
+ function hasOwnProperty(value, name) {
3066
+ return Object.prototype.hasOwnProperty.call(value, name);
3067
+ }
3068
+ function createNullRecord(value) {
3069
+ return Object.assign(/* @__PURE__ */ Object.create(null), value);
3070
+ }
3025
3071
  function bindAbortSignal(signal, onAbort) {
3026
3072
  if (signal === void 0) {
3027
3073
  return () => {
@@ -3112,6 +3158,7 @@ function resolveEndpoint(options = {}) {
3112
3158
  }
3113
3159
 
3114
3160
  // ../task-list/src/backends/utils.ts
3161
+ import { randomUUID as randomUUID2 } from "node:crypto";
3115
3162
  import path6 from "node:path";
3116
3163
  function compareCreated(left, right) {
3117
3164
  const leftCreated = typeof left.raw.created === "string" ? left.raw.created : "";
@@ -3132,9 +3179,8 @@ function applyOrder(entries, order) {
3132
3179
  }
3133
3180
  return entries.map((entry) => entry.task);
3134
3181
  }
3135
- var tmpFileCounter = 0;
3136
3182
  function hasErrorCode(error3, code) {
3137
- return !!error3 && typeof error3 === "object" && "code" in error3 && error3.code === code;
3183
+ return !!error3 && typeof error3 === "object" && Object.prototype.hasOwnProperty.call(error3, "code") && error3.code === code;
3138
3184
  }
3139
3185
  function isRecord2(value) {
3140
3186
  return typeof value === "object" && value !== null && !Array.isArray(value);
@@ -3181,18 +3227,22 @@ async function rejectSymbolicLinkComponents(fs4, filePath) {
3181
3227
  }
3182
3228
  }
3183
3229
  async function writeAtomically(fs4, filePath, content) {
3184
- const tempPath = `${filePath}.tmp-${process.pid}-${tmpFileCounter}`;
3185
- tmpFileCounter += 1;
3230
+ const tempPath = `${filePath}.${process.pid}.${randomUUID2()}.tmp`;
3231
+ let tempCreated = false;
3186
3232
  await fs4.mkdir(path6.dirname(filePath), { recursive: true });
3187
3233
  try {
3188
3234
  await fs4.writeFile(tempPath, content, { encoding: "utf8", flag: "wx" });
3235
+ tempCreated = true;
3189
3236
  await fs4.rename(tempPath, filePath);
3237
+ tempCreated = false;
3190
3238
  } catch (error3) {
3191
- try {
3192
- await fs4.unlink(tempPath);
3193
- } catch (unlinkError) {
3194
- if (!hasErrorCode(unlinkError, "ENOENT")) {
3195
- throw unlinkError;
3239
+ if (tempCreated || !hasErrorCode(error3, "EEXIST")) {
3240
+ try {
3241
+ await fs4.unlink(tempPath);
3242
+ } catch (unlinkError) {
3243
+ if (!hasErrorCode(unlinkError, "ENOENT")) {
3244
+ throw unlinkError;
3245
+ }
3196
3246
  }
3197
3247
  }
3198
3248
  throw error3;
@@ -3206,6 +3256,7 @@ async function withFileLock(fs4, lockPath, operation) {
3206
3256
  break;
3207
3257
  } catch (error3) {
3208
3258
  if (!hasErrorCode(error3, "EEXIST")) {
3259
+ await fs4.unlink(lockPath).catch(() => void 0);
3209
3260
  throw error3;
3210
3261
  }
3211
3262
  if (await removeAbandonedLock(fs4, lockPath)) {
@@ -4489,27 +4540,30 @@ function readFrontmatter(frontmatterContent, filePath) {
4489
4540
  return parsed;
4490
4541
  }
4491
4542
  function assertValidTaskRecord(frontmatter, filePath, validStates) {
4492
- if ("$schema" in frontmatter && frontmatter.$schema !== TASK_SCHEMA_ID) {
4543
+ if (hasOwnTaskField(frontmatter, "$schema") && frontmatter.$schema !== TASK_SCHEMA_ID) {
4493
4544
  throw malformedTask(filePath, "$schema");
4494
4545
  }
4495
- if ("kind" in frontmatter && frontmatter.kind !== TASK_KIND) {
4546
+ if (hasOwnTaskField(frontmatter, "kind") && frontmatter.kind !== TASK_KIND) {
4496
4547
  throw malformedTask(filePath, "kind");
4497
4548
  }
4498
- if ("version" in frontmatter) {
4549
+ if (hasOwnTaskField(frontmatter, "version")) {
4499
4550
  if (typeof frontmatter.version !== "number" || !Number.isInteger(frontmatter.version) || frontmatter.version !== TASK_VERSION) {
4500
4551
  throw malformedTask(filePath, "version");
4501
4552
  }
4502
4553
  }
4503
- if (typeof frontmatter.name !== "string" || frontmatter.name.length === 0) {
4554
+ if (!hasOwnTaskField(frontmatter, "name") || typeof frontmatter.name !== "string" || frontmatter.name.length === 0) {
4504
4555
  throw malformedTask(filePath, "name");
4505
4556
  }
4506
- if (typeof frontmatter.state !== "string" || !validStates.has(frontmatter.state)) {
4557
+ if (!hasOwnTaskField(frontmatter, "state") || typeof frontmatter.state !== "string" || !validStates.has(frontmatter.state)) {
4507
4558
  throw malformedTask(filePath, "state");
4508
4559
  }
4509
- if ("description" in frontmatter && typeof frontmatter.description !== "string") {
4560
+ if (hasOwnTaskField(frontmatter, "description") && typeof frontmatter.description !== "string") {
4510
4561
  throw malformedTask(filePath, "description");
4511
4562
  }
4512
4563
  }
4564
+ function hasOwnTaskField(frontmatter, key2) {
4565
+ return Object.prototype.hasOwnProperty.call(frontmatter, key2);
4566
+ }
4513
4567
  function reservedFrontmatterKeys(mode) {
4514
4568
  return mode === "passthrough" ? PASSTHROUGH_RESERVED_FRONTMATTER_KEYS : RESERVED_FRONTMATTER_KEYS;
4515
4569
  }
@@ -5358,7 +5412,8 @@ function parseQualifiedId3(qualifiedId) {
5358
5412
  };
5359
5413
  }
5360
5414
  function descriptionFromTaskRecord(taskRecord) {
5361
- return typeof taskRecord.description === "string" ? taskRecord.description : "";
5415
+ const description = getOwnEntry(taskRecord, "description");
5416
+ return typeof description === "string" ? description : "";
5362
5417
  }
5363
5418
  function metadataFromTaskRecord(taskRecord) {
5364
5419
  const metadata = /* @__PURE__ */ Object.create(null);
@@ -5374,8 +5429,8 @@ function createTask2(list, id, taskRecord, sourcePath) {
5374
5429
  list,
5375
5430
  id,
5376
5431
  qualifiedId: `${list}/${id}`,
5377
- name: taskRecord.name,
5378
- state: taskRecord.state,
5432
+ name: getOwnEntry(taskRecord, "name"),
5433
+ state: getOwnEntry(taskRecord, "state"),
5379
5434
  description: descriptionFromTaskRecord(taskRecord),
5380
5435
  metadata: metadataFromTaskRecord(taskRecord),
5381
5436
  ...sourcePath !== void 0 && { sourcePath: path8.resolve(sourcePath) }
@@ -5472,16 +5527,17 @@ function assertValidStoreRecord(store, filePath) {
5472
5527
  if (!isRecord2(store)) {
5473
5528
  throw malformedStore(filePath, "store");
5474
5529
  }
5475
- if (store.$schema !== STORE_SCHEMA_ID) {
5530
+ if (getOwnEntry(store, "$schema") !== STORE_SCHEMA_ID) {
5476
5531
  throw malformedStore(filePath, "$schema");
5477
5532
  }
5478
- if (store.kind !== STORE_KIND) {
5533
+ if (getOwnEntry(store, "kind") !== STORE_KIND) {
5479
5534
  throw malformedStore(filePath, "kind");
5480
5535
  }
5481
- if (typeof store.version !== "number" || !Number.isInteger(store.version) || store.version !== STORE_VERSION) {
5536
+ const version = getOwnEntry(store, "version");
5537
+ if (typeof version !== "number" || !Number.isInteger(version) || version !== STORE_VERSION) {
5482
5538
  throw malformedStore(filePath, "version");
5483
5539
  }
5484
- if (!isRecord2(store.lists)) {
5540
+ if (!isRecord2(getOwnEntry(store, "lists"))) {
5485
5541
  throw malformedStore(filePath, "lists");
5486
5542
  }
5487
5543
  }
@@ -5489,29 +5545,38 @@ function assertValidTaskRecord2(taskRecord, list, id, validStates) {
5489
5545
  if (!isRecord2(taskRecord)) {
5490
5546
  throw malformedTask2(list, id, "task");
5491
5547
  }
5492
- if ("$schema" in taskRecord && taskRecord.$schema !== TASK_SCHEMA_ID2) {
5548
+ if (hasOwnTaskField2(taskRecord, "$schema") && getOwnEntry(taskRecord, "$schema") !== TASK_SCHEMA_ID2) {
5493
5549
  throw malformedTask2(list, id, "$schema");
5494
5550
  }
5495
- if ("kind" in taskRecord && taskRecord.kind !== TASK_KIND2) {
5551
+ if (hasOwnTaskField2(taskRecord, "kind") && getOwnEntry(taskRecord, "kind") !== TASK_KIND2) {
5496
5552
  throw malformedTask2(list, id, "kind");
5497
5553
  }
5498
- if ("version" in taskRecord) {
5499
- if (typeof taskRecord.version !== "number" || !Number.isInteger(taskRecord.version) || taskRecord.version !== TASK_VERSION2) {
5554
+ if (hasOwnTaskField2(taskRecord, "version")) {
5555
+ const version = getOwnEntry(taskRecord, "version");
5556
+ if (typeof version !== "number" || !Number.isInteger(version) || version !== TASK_VERSION2) {
5500
5557
  throw malformedTask2(list, id, "version");
5501
5558
  }
5502
5559
  }
5503
- if (typeof taskRecord.name !== "string" || taskRecord.name.length === 0) {
5560
+ const name = getOwnEntry(taskRecord, "name");
5561
+ if (!hasOwnTaskField2(taskRecord, "name") || typeof name !== "string" || name.length === 0) {
5504
5562
  throw malformedTask2(list, id, "name");
5505
5563
  }
5506
- if (typeof taskRecord.state !== "string" || !validStates.has(taskRecord.state)) {
5564
+ const state = getOwnEntry(taskRecord, "state");
5565
+ if (!hasOwnTaskField2(taskRecord, "state") || typeof state !== "string" || !validStates.has(state)) {
5507
5566
  throw malformedTask2(list, id, "state");
5508
5567
  }
5509
- if ("description" in taskRecord && typeof taskRecord.description !== "string") {
5568
+ if (hasOwnTaskField2(taskRecord, "description") && typeof getOwnEntry(taskRecord, "description") !== "string") {
5510
5569
  throw malformedTask2(list, id, "description");
5511
5570
  }
5512
5571
  }
5572
+ function hasOwnTaskField2(taskRecord, key2) {
5573
+ return Object.prototype.hasOwnProperty.call(taskRecord, key2);
5574
+ }
5575
+ function getOwnEntry(record, key2) {
5576
+ return Object.prototype.hasOwnProperty.call(record, key2) ? record[key2] : void 0;
5577
+ }
5513
5578
  function validateStoreEntries(store, filePath, validStates) {
5514
- const lists = store.lists;
5579
+ const lists = getOwnEntry(store, "lists");
5515
5580
  if (!isRecord2(lists)) {
5516
5581
  throw malformedStore(filePath, "lists");
5517
5582
  }
@@ -5551,10 +5616,11 @@ async function readStore(fs4, filePath, validStates) {
5551
5616
  };
5552
5617
  }
5553
5618
  function getListsRecord(store) {
5554
- return store.lists;
5619
+ const lists = getOwnEntry(store, "lists");
5620
+ return isRecord2(lists) ? lists : {};
5555
5621
  }
5556
5622
  function getListRecord(store, list) {
5557
- const listRecord = getListsRecord(store)[list];
5623
+ const listRecord = getOwnEntry(getListsRecord(store), list);
5558
5624
  return isRecord2(listRecord) ? listRecord : void 0;
5559
5625
  }
5560
5626
  function getTaskRecord(store, list, id) {
@@ -5847,7 +5913,7 @@ async function yamlFileBackend(deps) {
5847
5913
  const result = [];
5848
5914
  const listNames = sortStrings(Object.keys(getListsRecord(store)));
5849
5915
  for (const listName of listNames) {
5850
- const listRecord = getListsRecord(store)[listName];
5916
+ const listRecord = getOwnEntry(getListsRecord(store), listName);
5851
5917
  if (!isRecord2(listRecord)) continue;
5852
5918
  const entries = Object.entries(listRecord).map(([id, taskRecord]) => ({
5853
5919
  task: createTask2(listName, id, taskRecord, deps.path),
@@ -5895,51 +5961,74 @@ function createDefaultFs() {
5895
5961
  return fsPromises;
5896
5962
  }
5897
5963
  async function openTaskList(options) {
5898
- switch (options.type) {
5964
+ const type2 = getOwnProperty2(options, "type");
5965
+ switch (type2) {
5899
5966
  case "markdown-dir":
5900
5967
  case "yaml-file":
5901
5968
  return openFileBackend(options);
5902
5969
  case "gh-issues":
5903
5970
  return openGhIssuesBackend(options);
5904
5971
  default:
5905
- throw new Error(`Unknown task list backend type "${options.type}".`);
5972
+ throw new Error(`Unknown task list backend type "${String(type2)}".`);
5906
5973
  }
5907
5974
  }
5908
5975
  async function openFileBackend(options) {
5909
- const factory = backendFactories[options.type];
5910
- const stateMachine = resolveStateMachine(options.stateMachine);
5976
+ const type2 = getOwnProperty2(options, "type");
5977
+ const factory = backendFactories[type2];
5978
+ const stateMachine = resolveStateMachine(
5979
+ getOwnProperty2(options, "stateMachine")
5980
+ );
5911
5981
  validateMachine(stateMachine);
5912
- const markdownOptions = options.type === "markdown-dir" ? options : void 0;
5982
+ const markdownOptions = type2 === "markdown-dir" ? options : void 0;
5983
+ const defaults2 = getOwnProperty2(options, "defaults");
5913
5984
  const deps = {
5914
- path: options.path,
5985
+ path: getOwnProperty2(options, "path"),
5915
5986
  defaults: {
5916
- metadata: { ...options.defaults?.metadata ?? {} }
5987
+ metadata: readDefaultMetadata(defaults2)
5917
5988
  },
5918
- singleList: markdownOptions?.singleList,
5919
- frontmatterMode: markdownOptions?.frontmatterMode ?? "strict",
5920
- create: options.create ?? false,
5921
- fs: options.fs ?? createDefaultFs(),
5989
+ singleList: markdownOptions === void 0 ? void 0 : getOwnProperty2(markdownOptions, "singleList"),
5990
+ frontmatterMode: markdownOptions === void 0 ? "strict" : getOwnProperty2(
5991
+ markdownOptions,
5992
+ "frontmatterMode"
5993
+ ) ?? "strict",
5994
+ create: getOwnProperty2(options, "create") ?? false,
5995
+ fs: getOwnProperty2(options, "fs") ?? createDefaultFs(),
5922
5996
  stateMachine
5923
5997
  };
5924
5998
  return factory(deps);
5925
5999
  }
5926
6000
  async function openGhIssuesBackend(options) {
5927
- const token = await resolveAuth({ explicitToken: options.auth?.token });
6001
+ const auth = getOwnProperty2(options, "auth");
6002
+ const explicitToken = auth && hasOwnProperty2(auth, "token") ? auth.token : void 0;
5928
6003
  const endpoint = resolveEndpoint();
6004
+ const defaults2 = getOwnProperty2(options, "defaults");
5929
6005
  return ghIssuesBackend({
5930
- repo: options.repo,
5931
- project: options.project,
5932
- filter: options.filter,
5933
- state: options.state,
5934
- stateMachine: options.stateMachine,
6006
+ repo: getOwnProperty2(options, "repo"),
6007
+ project: getOwnProperty2(options, "project"),
6008
+ filter: getOwnProperty2(options, "filter"),
6009
+ state: getOwnProperty2(options, "state"),
6010
+ stateMachine: getOwnProperty2(options, "stateMachine"),
5935
6011
  defaults: {
5936
- metadata: { ...options.defaults?.metadata ?? {} }
6012
+ metadata: readDefaultMetadata(defaults2)
5937
6013
  },
5938
- token,
6014
+ token: await resolveAuth({ explicitToken }),
5939
6015
  endpoint,
5940
- fetch: options.fetch
6016
+ fetch: getOwnProperty2(options, "fetch")
5941
6017
  });
5942
6018
  }
6019
+ function readDefaultMetadata(defaults2) {
6020
+ const metadata = defaults2 === void 0 ? void 0 : getOwnProperty2(defaults2, "metadata");
6021
+ return isRecord4(metadata) ? { ...metadata } : {};
6022
+ }
6023
+ function getOwnProperty2(value, name) {
6024
+ return hasOwnProperty2(value, name) ? value[name] : void 0;
6025
+ }
6026
+ function hasOwnProperty2(value, name) {
6027
+ return Object.prototype.hasOwnProperty.call(value, name);
6028
+ }
6029
+ function isRecord4(value) {
6030
+ return typeof value === "object" && value !== null && !Array.isArray(value);
6031
+ }
5943
6032
 
5944
6033
  // ../task-list/src/move.ts
5945
6034
  import * as fsPromises2 from "node:fs/promises";
@@ -6197,7 +6286,7 @@ function osascriptProvider(options = {}) {
6197
6286
  const { stdout } = await execFileAsync(binary, ["-e", script]);
6198
6287
  return parseStdout(stdout);
6199
6288
  } catch (error3) {
6200
- if (error3.code === "ENOENT") {
6289
+ if (hasOwnErrorCode2(error3, "ENOENT")) {
6201
6290
  throw new Error("osascript not found \u2014 provide a different provider on this platform");
6202
6291
  }
6203
6292
  if (isUserCanceled(error3)) {
@@ -6209,6 +6298,9 @@ function osascriptProvider(options = {}) {
6209
6298
  }
6210
6299
  };
6211
6300
  }
6301
+ function hasOwnErrorCode2(error3, code) {
6302
+ return typeof error3 === "object" && error3 !== null && Object.prototype.hasOwnProperty.call(error3, "code") && error3.code === code;
6303
+ }
6212
6304
 
6213
6305
  // ../toolcraft/src/human-in-loop/default-provider.ts
6214
6306
  function noProviderConfigured() {
@@ -6481,8 +6573,8 @@ function createHandlerContext(command, params17) {
6481
6573
  function createFs() {
6482
6574
  return {
6483
6575
  readFile: async (path25, encoding = "utf8") => readFile2(path25, { encoding }),
6484
- writeFile: async (path25, contents) => {
6485
- await writeFile2(path25, contents);
6576
+ writeFile: async (path25, contents, options) => {
6577
+ await writeFile2(path25, contents, options);
6486
6578
  },
6487
6579
  exists: async (path25) => {
6488
6580
  try {
@@ -6766,21 +6858,21 @@ function escapeMarkdownCell(value) {
6766
6858
  return value.replaceAll("|", "\\|");
6767
6859
  }
6768
6860
  function isMissingStateError(error3) {
6769
- return typeof error3 === "object" && error3 !== null && "code" in error3 && error3.code === "ENOENT";
6861
+ return hasOwnErrorCode(error3, "ENOENT");
6770
6862
  }
6771
6863
 
6772
6864
  // ../toolcraft/src/error-report.ts
6773
6865
  import { mkdir as mkdir2, realpath as realpath2, writeFile as writeFile4 } from "node:fs/promises";
6774
- import { randomUUID as randomUUID3 } from "node:crypto";
6866
+ import { randomUUID as randomUUID5 } from "node:crypto";
6775
6867
  import os from "node:os";
6776
6868
  import path13 from "node:path";
6777
6869
  import { CommanderError } from "commander";
6778
6870
 
6779
6871
  // ../toolcraft/src/mcp-proxy.ts
6780
6872
  import { existsSync as existsSync2 } from "node:fs";
6781
- import { lstat as lstat2, mkdir, readFile as readFile3, rename as rename2, writeFile as writeFile3 } from "node:fs/promises";
6873
+ import { lstat as lstat2, mkdir, readFile as readFile3, rename as rename2, unlink as unlink2, writeFile as writeFile3 } from "node:fs/promises";
6782
6874
  import path12 from "node:path";
6783
- import { createHash as createHash3, randomUUID as randomUUID2 } from "node:crypto";
6875
+ import { createHash as createHash3, randomUUID as randomUUID4 } from "node:crypto";
6784
6876
 
6785
6877
  // ../tiny-mcp-client/src/internal.ts
6786
6878
  import { spawn as spawn5 } from "node:child_process";
@@ -6791,10 +6883,17 @@ import crypto from "node:crypto";
6791
6883
  import path11 from "node:path";
6792
6884
 
6793
6885
  // ../auth-store/src/encrypted-file-store.ts
6794
- import { createCipheriv, createDecipheriv, randomBytes as randomBytes4, scrypt } from "node:crypto";
6886
+ import { createCipheriv, createDecipheriv, randomBytes as randomBytes4, randomUUID as randomUUID3, scrypt } from "node:crypto";
6795
6887
  import { promises as fs } from "node:fs";
6796
6888
  import { homedir, hostname, userInfo } from "node:os";
6797
6889
  import path10 from "node:path";
6890
+
6891
+ // ../auth-store/src/error-codes.ts
6892
+ function hasOwnErrorCode3(error3, code) {
6893
+ return error3 instanceof Error && Object.prototype.hasOwnProperty.call(error3, "code") && error3.code === code;
6894
+ }
6895
+
6896
+ // ../auth-store/src/encrypted-file-store.ts
6798
6897
  var derivedKeyCache = /* @__PURE__ */ new Map();
6799
6898
  var ENCRYPTION_ALGORITHM = "aes-256-gcm";
6800
6899
  var ENCRYPTION_VERSION = 1;
@@ -6802,7 +6901,6 @@ var ENCRYPTION_KEY_BYTES = 32;
6802
6901
  var ENCRYPTION_IV_BYTES = 12;
6803
6902
  var ENCRYPTION_AUTH_TAG_BYTES = 16;
6804
6903
  var ENCRYPTION_FILE_MODE = 384;
6805
- var temporaryFileSequence = 0;
6806
6904
  var EncryptedFileStore = class {
6807
6905
  fs;
6808
6906
  filePath;
@@ -6834,7 +6932,7 @@ var EncryptedFileStore = class {
6834
6932
  this.getRandomBytes = input.getRandomBytes ?? randomBytes4;
6835
6933
  }
6836
6934
  async get() {
6837
- await this.assertRegularCredentialPath();
6935
+ await this.assertCredentialPathHasNoSymbolicLinks(this.filePath);
6838
6936
  let rawDocument;
6839
6937
  try {
6840
6938
  rawDocument = await this.fs.readFile(this.filePath, "utf8");
@@ -6865,7 +6963,7 @@ var EncryptedFileStore = class {
6865
6963
  }
6866
6964
  }
6867
6965
  async set(value) {
6868
- await this.assertRegularCredentialPath();
6966
+ await this.assertCredentialPathHasNoSymbolicLinks(this.filePath);
6869
6967
  const key2 = await this.getEncryptionKey();
6870
6968
  const iv = this.getRandomBytes(ENCRYPTION_IV_BYTES);
6871
6969
  const cipher = createCipheriv(ENCRYPTION_ALGORITHM, key2, iv);
@@ -6881,25 +6979,28 @@ var EncryptedFileStore = class {
6881
6979
  ciphertext: ciphertext.toString("base64")
6882
6980
  };
6883
6981
  await this.fs.mkdir(path10.dirname(this.filePath), { recursive: true });
6884
- await this.assertRegularCredentialPath();
6885
- const temporaryPath = `${this.filePath}.${process.pid}.${temporaryFileSequence++}.tmp`;
6982
+ await this.assertCredentialPathHasNoSymbolicLinks(this.filePath);
6983
+ const temporaryPath = `${this.filePath}.${process.pid}.${randomUUID3()}.tmp`;
6984
+ let temporaryCreated = false;
6886
6985
  try {
6986
+ await this.assertCredentialPathHasNoSymbolicLinks(temporaryPath);
6887
6987
  await this.fs.writeFile(temporaryPath, JSON.stringify(document), {
6888
6988
  encoding: "utf8",
6889
6989
  flag: "wx",
6890
6990
  mode: ENCRYPTION_FILE_MODE
6891
6991
  });
6992
+ temporaryCreated = true;
6892
6993
  await this.fs.chmod(temporaryPath, ENCRYPTION_FILE_MODE);
6893
6994
  await this.fs.rename(temporaryPath, this.filePath);
6894
6995
  } catch (error3) {
6895
- if (!isAlreadyExistsError(error3)) {
6996
+ if (temporaryCreated || !isAlreadyExistsError(error3)) {
6896
6997
  await removeIfPresent(this.fs, temporaryPath).catch(() => void 0);
6897
6998
  }
6898
6999
  throw error3;
6899
7000
  }
6900
7001
  }
6901
7002
  async delete() {
6902
- await this.assertRegularCredentialPath();
7003
+ await this.assertCredentialPathHasNoSymbolicLinks(this.filePath);
6903
7004
  try {
6904
7005
  await this.fs.unlink(this.filePath);
6905
7006
  } catch (error3) {
@@ -6908,8 +7009,8 @@ var EncryptedFileStore = class {
6908
7009
  }
6909
7010
  }
6910
7011
  }
6911
- async assertRegularCredentialPath() {
6912
- const resolvedPath = path10.resolve(this.filePath);
7012
+ async assertCredentialPathHasNoSymbolicLinks(targetPath) {
7013
+ const resolvedPath = path10.resolve(targetPath);
6913
7014
  const protectedPaths = getProtectedCredentialPaths(
6914
7015
  resolvedPath,
6915
7016
  this.symbolicLinkCheckStartPath
@@ -6974,9 +7075,6 @@ async function removeIfPresent(fileSystem, filePath) {
6974
7075
  }
6975
7076
  }
6976
7077
  }
6977
- function isAlreadyExistsError(error3) {
6978
- return typeof error3 === "object" && error3 !== null && "code" in error3 && error3.code === "EEXIST";
6979
- }
6980
7078
  function defaultMachineIdentity() {
6981
7079
  return {
6982
7080
  hostname: hostname(),
@@ -7011,32 +7109,40 @@ async function deriveEncryptionKey(getMachineIdentity, salt) {
7011
7109
  function parseEncryptedDocument(raw) {
7012
7110
  try {
7013
7111
  const parsed = JSON.parse(raw);
7014
- if (!isRecord4(parsed)) {
7112
+ if (!isRecord5(parsed)) {
7015
7113
  return null;
7016
7114
  }
7017
- if (parsed.version !== ENCRYPTION_VERSION) {
7115
+ const version = getOwnEntry2(parsed, "version");
7116
+ const iv = getOwnEntry2(parsed, "iv");
7117
+ const authTag = getOwnEntry2(parsed, "authTag");
7118
+ const ciphertext = getOwnEntry2(parsed, "ciphertext");
7119
+ if (version !== ENCRYPTION_VERSION) {
7018
7120
  return null;
7019
7121
  }
7020
- if (typeof parsed.iv !== "string" || typeof parsed.authTag !== "string" || typeof parsed.ciphertext !== "string") {
7122
+ if (typeof iv !== "string" || typeof authTag !== "string" || typeof ciphertext !== "string") {
7021
7123
  return null;
7022
7124
  }
7023
7125
  return {
7024
- version: parsed.version,
7025
- iv: parsed.iv,
7026
- authTag: parsed.authTag,
7027
- ciphertext: parsed.ciphertext
7126
+ version,
7127
+ iv,
7128
+ authTag,
7129
+ ciphertext
7028
7130
  };
7029
7131
  } catch {
7030
7132
  return null;
7031
7133
  }
7032
7134
  }
7033
- function isRecord4(value) {
7135
+ function isRecord5(value) {
7034
7136
  return Boolean(value && typeof value === "object" && !Array.isArray(value));
7035
7137
  }
7138
+ function getOwnEntry2(record, key2) {
7139
+ return Object.prototype.hasOwnProperty.call(record, key2) ? record[key2] : void 0;
7140
+ }
7036
7141
  function isNotFoundError(error3) {
7037
- return Boolean(
7038
- error3 && typeof error3 === "object" && "code" in error3 && error3.code === "ENOENT"
7039
- );
7142
+ return hasOwnErrorCode3(error3, "ENOENT");
7143
+ }
7144
+ function isAlreadyExistsError(error3) {
7145
+ return hasOwnErrorCode3(error3, "EEXIST");
7040
7146
  }
7041
7147
 
7042
7148
  // ../auth-store/src/keychain-store.ts
@@ -7057,8 +7163,8 @@ var KeychainStore = class {
7057
7163
  ["find-generic-password", "-s", this.service, "-a", this.account, "-w"],
7058
7164
  "read secret from macOS Keychain"
7059
7165
  );
7060
- if (result.exitCode === 0) {
7061
- return stripTrailingLineBreak(result.stdout);
7166
+ if (getCommandExitCode(result) === 0) {
7167
+ return stripTrailingLineBreak(getCommandOutput(result, "stdout"));
7062
7168
  }
7063
7169
  if (isKeychainEntryNotFound(result)) {
7064
7170
  return null;
@@ -7082,7 +7188,7 @@ var KeychainStore = class {
7082
7188
  "store secret in macOS Keychain",
7083
7189
  { stdin: value }
7084
7190
  );
7085
- if (result.exitCode !== 0) {
7191
+ if (getCommandExitCode(result) !== 0) {
7086
7192
  throw createSecurityCliFailure("store secret in macOS Keychain", result);
7087
7193
  }
7088
7194
  }
@@ -7091,7 +7197,7 @@ var KeychainStore = class {
7091
7197
  ["delete-generic-password", "-s", this.service, "-a", this.account],
7092
7198
  "delete secret from macOS Keychain"
7093
7199
  );
7094
- if (result.exitCode === 0 || isKeychainEntryNotFound(result)) {
7200
+ if (getCommandExitCode(result) === 0 || isKeychainEntryNotFound(result)) {
7095
7201
  return;
7096
7202
  }
7097
7203
  throw createSecurityCliFailure("delete secret from macOS Keychain", result);
@@ -7170,16 +7276,28 @@ function stripTrailingLineBreak(value) {
7170
7276
  return value;
7171
7277
  }
7172
7278
  function isKeychainEntryNotFound(result) {
7173
- return result.exitCode === KEYCHAIN_ITEM_NOT_FOUND_EXIT_CODE;
7279
+ return getCommandExitCode(result) === KEYCHAIN_ITEM_NOT_FOUND_EXIT_CODE;
7174
7280
  }
7175
7281
  function createSecurityCliFailure(operation, result) {
7176
- const details = result.stderr.trim() || result.stdout.trim();
7282
+ const exitCode = getCommandExitCode(result);
7283
+ const details = getCommandOutput(result, "stderr").trim() || getCommandOutput(result, "stdout").trim();
7177
7284
  if (details) {
7178
7285
  return new Error(
7179
- `Failed to ${operation}: security exited with code ${result.exitCode}: ${details}`
7286
+ `Failed to ${operation}: security exited with code ${exitCode}: ${details}`
7180
7287
  );
7181
7288
  }
7182
- return new Error(`Failed to ${operation}: security exited with code ${result.exitCode}`);
7289
+ return new Error(`Failed to ${operation}: security exited with code ${exitCode}`);
7290
+ }
7291
+ function getCommandExitCode(result) {
7292
+ const value = getOwnEntry3(result, "exitCode");
7293
+ return typeof value === "number" && Number.isInteger(value) ? value : 1;
7294
+ }
7295
+ function getCommandOutput(result, key2) {
7296
+ const value = getOwnEntry3(result, key2);
7297
+ return typeof value === "string" ? value : "";
7298
+ }
7299
+ function getOwnEntry3(record, key2) {
7300
+ return Object.prototype.hasOwnProperty.call(record, key2) ? record[key2] : void 0;
7183
7301
  }
7184
7302
 
7185
7303
  // ../auth-store/src/create-secret-store.ts
@@ -7212,7 +7330,7 @@ function createSecretStore(input) {
7212
7330
  }
7213
7331
  function resolveBackend(input) {
7214
7332
  const envVar = input.backendEnvVar ?? DEFAULT_BACKEND_ENV_VAR;
7215
- const configuredBackend = input.backend ?? input.env?.[envVar] ?? process.env[envVar];
7333
+ const configuredBackend = input.backend ?? getOwnEnvValue(input.env, envVar) ?? getOwnEnvValue(process.env, envVar);
7216
7334
  if (configuredBackend === "keychain") {
7217
7335
  return "keychain";
7218
7336
  }
@@ -7221,6 +7339,9 @@ function resolveBackend(input) {
7221
7339
  }
7222
7340
  throw new Error(`Unsupported auth store backend: ${configuredBackend}`);
7223
7341
  }
7342
+ function getOwnEnvValue(env, key2) {
7343
+ return env !== void 0 && Object.prototype.hasOwnProperty.call(env, key2) ? env[key2] : void 0;
7344
+ }
7224
7345
 
7225
7346
  // ../mcp-oauth/src/resource-indicator.ts
7226
7347
  function canonicalizeResourceIndicator(value) {
@@ -7274,8 +7395,13 @@ function createAuthStoreClientStore(options) {
7274
7395
  return null;
7275
7396
  }
7276
7397
  const parsed = JSON.parse(value);
7277
- if (typeof parsed === "object" && parsed !== null && !Array.isArray(parsed) && typeof parsed.clientId === "string") {
7278
- return parsed;
7398
+ const clientId = isObjectRecord(parsed) ? getOwnString(parsed, "clientId") : void 0;
7399
+ if (clientId !== void 0) {
7400
+ const client = { clientId };
7401
+ if (isObjectRecord(parsed) && Object.prototype.hasOwnProperty.call(parsed, "clientSecret")) {
7402
+ client.clientSecret = getOwnEntry4(parsed, "clientSecret");
7403
+ }
7404
+ return client;
7279
7405
  }
7280
7406
  throw new Error("Stored OAuth client must be a JSON object with clientId");
7281
7407
  },
@@ -7334,6 +7460,16 @@ function createIssuerSecretStore(issuer, options) {
7334
7460
  }
7335
7461
  );
7336
7462
  }
7463
+ function isObjectRecord(value) {
7464
+ return typeof value === "object" && value !== null && !Array.isArray(value);
7465
+ }
7466
+ function getOwnEntry4(record, key2) {
7467
+ return Object.prototype.hasOwnProperty.call(record, key2) ? record[key2] : void 0;
7468
+ }
7469
+ function getOwnString(record, key2) {
7470
+ const value = getOwnEntry4(record, key2);
7471
+ return typeof value === "string" ? value : void 0;
7472
+ }
7337
7473
 
7338
7474
  // ../mcp-oauth/src/client/default-oauth-client-provider.ts
7339
7475
  import { URL as URL2 } from "node:url";
@@ -7359,17 +7495,30 @@ function parseAuthorizationState(value) {
7359
7495
  try {
7360
7496
  const decoded = Buffer.from(value, "base64url").toString("utf8");
7361
7497
  const parsed = JSON.parse(decoded);
7362
- if (parsed.v !== 1 || typeof parsed.n !== "string" || parsed.n.length === 0 || typeof parsed.i !== "string" || parsed.i.length === 0 || typeof parsed.r !== "boolean") {
7498
+ if (!isObjectRecord2(parsed)) {
7499
+ return null;
7500
+ }
7501
+ const version = getOwnEntry5(parsed, "v");
7502
+ const nonce = getOwnEntry5(parsed, "n");
7503
+ const issuer = getOwnEntry5(parsed, "i");
7504
+ const requireIssuer = getOwnEntry5(parsed, "r");
7505
+ if (version !== 1 || typeof nonce !== "string" || nonce.length === 0 || typeof issuer !== "string" || issuer.length === 0 || typeof requireIssuer !== "boolean") {
7363
7506
  return null;
7364
7507
  }
7365
7508
  return {
7366
- issuer: parsed.i,
7367
- requireIssuer: parsed.r
7509
+ issuer,
7510
+ requireIssuer
7368
7511
  };
7369
7512
  } catch {
7370
7513
  return null;
7371
7514
  }
7372
7515
  }
7516
+ function isObjectRecord2(value) {
7517
+ return typeof value === "object" && value !== null && !Array.isArray(value);
7518
+ }
7519
+ function getOwnEntry5(record, key2) {
7520
+ return Object.prototype.hasOwnProperty.call(record, key2) ? record[key2] : void 0;
7521
+ }
7373
7522
 
7374
7523
  // ../mcp-oauth/src/client/loopback-authorization.ts
7375
7524
  async function createLoopbackAuthorizationSession(options = {}) {
@@ -7646,22 +7795,26 @@ async function requestTokens(input) {
7646
7795
  body: body.toString()
7647
7796
  });
7648
7797
  const payload = await readOAuthJsonObjectResponse(response);
7649
- if (typeof payload.access_token !== "string" || payload.access_token.trim().length === 0) {
7798
+ const accessToken = getOwnEntry6(payload, "access_token");
7799
+ if (typeof accessToken !== "string" || accessToken.trim().length === 0) {
7650
7800
  throw new Error("OAuth token response missing access_token");
7651
7801
  }
7652
- const tokenType = normalizeBearerTokenType(payload.token_type);
7802
+ const tokenType = normalizeBearerTokenType(getOwnEntry6(payload, "token_type"));
7653
7803
  if (tokenType === null) {
7654
7804
  throw new Error("OAuth token response missing token_type=Bearer");
7655
7805
  }
7656
- if (typeof payload.expires_in === "number" && Number.isFinite(payload.expires_in) && payload.expires_in < 0) {
7806
+ const expiresIn = getOwnEntry6(payload, "expires_in");
7807
+ if (typeof expiresIn === "number" && Number.isFinite(expiresIn) && expiresIn < 0) {
7657
7808
  throw new Error("OAuth token response has invalid expires_in");
7658
7809
  }
7810
+ const refreshToken = getOwnEntry6(payload, "refresh_token");
7811
+ const scope = getOwnEntry6(payload, "scope");
7659
7812
  return {
7660
- accessToken: payload.access_token,
7661
- refreshToken: typeof payload.refresh_token === "string" && payload.refresh_token.length > 0 ? payload.refresh_token : void 0,
7813
+ accessToken,
7814
+ refreshToken: typeof refreshToken === "string" && refreshToken.length > 0 ? refreshToken : void 0,
7662
7815
  tokenType,
7663
- expiresAt: typeof payload.expires_in === "number" && Number.isFinite(payload.expires_in) ? input.now() + payload.expires_in * 1e3 : null,
7664
- scope: typeof payload.scope === "string" && payload.scope.length > 0 ? payload.scope : void 0
7816
+ expiresAt: typeof expiresIn === "number" && Number.isFinite(expiresIn) ? input.now() + expiresIn * 1e3 : null,
7817
+ scope: typeof scope === "string" && scope.length > 0 ? scope : void 0
7665
7818
  };
7666
7819
  }
7667
7820
  async function readOAuthJsonObjectResponse(response) {
@@ -7688,12 +7841,18 @@ async function readOAuthJsonObjectResponse(response) {
7688
7841
  return record;
7689
7842
  }
7690
7843
  function readOAuthError(payload, fallbackError = "server_error") {
7844
+ const error3 = getOwnEntry6(payload, "error");
7845
+ const errorDescription = getOwnEntry6(payload, "error_description");
7846
+ const errorUri = getOwnEntry6(payload, "error_uri");
7691
7847
  return {
7692
- error: typeof payload.error === "string" ? payload.error : fallbackError,
7693
- error_description: typeof payload.error_description === "string" ? payload.error_description : void 0,
7694
- error_uri: typeof payload.error_uri === "string" ? payload.error_uri : void 0
7848
+ error: typeof error3 === "string" ? error3 : fallbackError,
7849
+ error_description: typeof errorDescription === "string" ? errorDescription : void 0,
7850
+ error_uri: typeof errorUri === "string" ? errorUri : void 0
7695
7851
  };
7696
7852
  }
7853
+ function getOwnEntry6(record, key2) {
7854
+ return Object.prototype.hasOwnProperty.call(record, key2) ? record[key2] : void 0;
7855
+ }
7697
7856
  function createFallbackOAuthError(status) {
7698
7857
  const error3 = status === 503 ? "temporarily_unavailable" : "server_error";
7699
7858
  return new OAuthError({ error: error3 }, status);
@@ -7798,7 +7957,11 @@ function createDefaultOAuthClientProvider(options) {
7798
7957
  while (true) {
7799
7958
  try {
7800
7959
  refreshedTokens = await refreshAccessToken({
7801
- tokenEndpoint: discovery.authorizationServerMetadata.token_endpoint,
7960
+ tokenEndpoint: requireOwnString(
7961
+ discovery.authorizationServerMetadata,
7962
+ "token_endpoint",
7963
+ "Authorization server metadata"
7964
+ ),
7802
7965
  clientId: session.client.clientId,
7803
7966
  clientSecret: session.client.clientSecret,
7804
7967
  refreshToken: session.tokens.refreshToken,
@@ -7886,7 +8049,11 @@ function createDefaultOAuthClientProvider(options) {
7886
8049
  });
7887
8050
  const code = await loopback.waitForCode(authorizationUrl);
7888
8051
  const tokens = await exchangeAuthorizationCode({
7889
- tokenEndpoint: discovery.authorizationServerMetadata.token_endpoint,
8052
+ tokenEndpoint: requireOwnString(
8053
+ discovery.authorizationServerMetadata,
8054
+ "token_endpoint",
8055
+ "Authorization server metadata"
8056
+ ),
7890
8057
  clientId: resolvedClient.client.clientId,
7891
8058
  clientSecret: resolvedClient.client.clientSecret,
7892
8059
  code,
@@ -7939,7 +8106,10 @@ function createDefaultOAuthClientProvider(options) {
7939
8106
  }
7940
8107
  };
7941
8108
  }
7942
- const registrationEndpoint = discovery.authorizationServerMetadata.registration_endpoint;
8109
+ const registrationEndpoint = getOwnString2(
8110
+ discovery.authorizationServerMetadata,
8111
+ "registration_endpoint"
8112
+ );
7943
8113
  if (registrationEndpoint === void 0 && options.client.clientId !== void 0) {
7944
8114
  return {
7945
8115
  kind: "static",
@@ -7991,12 +8161,14 @@ function createDefaultOAuthClientProvider(options) {
7991
8161
  body: JSON.stringify(registrationBody)
7992
8162
  });
7993
8163
  const payload = await readOAuthJsonObjectResponse(response);
7994
- if (typeof payload.client_id !== "string" || payload.client_id.trim().length === 0) {
8164
+ const clientId = getOwnString2(payload, "client_id");
8165
+ if (clientId === void 0 || clientId.trim().length === 0) {
7995
8166
  throw new Error("OAuth client registration response missing client_id");
7996
8167
  }
8168
+ const clientSecret = getOwnString2(payload, "client_secret");
7997
8169
  const registeredClient = {
7998
- clientId: payload.client_id,
7999
- clientSecret: typeof payload.client_secret === "string" && payload.client_secret.length > 0 ? payload.client_secret : void 0
8170
+ clientId,
8171
+ clientSecret: clientSecret !== void 0 && clientSecret.length > 0 ? clientSecret : void 0
8000
8172
  };
8001
8173
  await saveRegisteredClient(discovery.authorizationServer, registeredClient);
8002
8174
  return {
@@ -8022,12 +8194,13 @@ function createDefaultOAuthClientProvider(options) {
8022
8194
  return null;
8023
8195
  }
8024
8196
  const client = await clientStore.load(issuer);
8025
- if (client !== null && !isUsableClient(client)) {
8197
+ const normalizedClient = client === null ? null : normalizeStoredClient(client);
8198
+ if (client !== null && normalizedClient === null) {
8026
8199
  await clientStore.clear(issuer);
8027
8200
  return null;
8028
8201
  }
8029
- registeredClients.set(issuer, client);
8030
- return client;
8202
+ registeredClients.set(issuer, normalizedClient);
8203
+ return normalizedClient;
8031
8204
  }
8032
8205
  async function saveRegisteredClient(issuer, client) {
8033
8206
  registeredClients.set(issuer, client);
@@ -8043,7 +8216,7 @@ function createDefaultOAuthClientProvider(options) {
8043
8216
  }
8044
8217
  }
8045
8218
  function isProviderOptions(options) {
8046
- return "provider" in options;
8219
+ return Object.prototype.hasOwnProperty.call(options, "provider");
8047
8220
  }
8048
8221
  function isExpired(tokens, now) {
8049
8222
  return tokens.expiresAt !== null && tokens.expiresAt <= now();
@@ -8059,7 +8232,14 @@ function resolveDiscovery(discovery, session) {
8059
8232
  return void 0;
8060
8233
  }
8061
8234
  const metadata = session.discovery.authorizationServerMetadata;
8062
- if (typeof metadata.issuer !== "string" || typeof metadata.authorization_endpoint !== "string" || typeof metadata.token_endpoint !== "string" || !Array.isArray(metadata.code_challenge_methods_supported) || !metadata.code_challenge_methods_supported.includes("S256")) {
8235
+ const issuer = getOwnString2(metadata, "issuer");
8236
+ const authorizationEndpoint = getOwnString2(metadata, "authorization_endpoint");
8237
+ const tokenEndpoint = getOwnString2(metadata, "token_endpoint");
8238
+ const codeChallengeMethodsSupported = getOwnStringArray(
8239
+ metadata,
8240
+ "code_challenge_methods_supported"
8241
+ );
8242
+ if (issuer === void 0 || authorizationEndpoint === void 0 || tokenEndpoint === void 0 || codeChallengeMethodsSupported === void 0 || !codeChallengeMethodsSupported.includes("S256")) {
8063
8243
  return void 0;
8064
8244
  }
8065
8245
  return {
@@ -8083,29 +8263,94 @@ function normalizeLoadedSession(session) {
8083
8263
  if (session === null) {
8084
8264
  return null;
8085
8265
  }
8086
- if (!isUsableClient(session.client)) {
8266
+ const client = normalizeStoredClient(getOwnEntry7(session, "client"));
8267
+ if (client === null) {
8087
8268
  return { ...session, client: { clientId: "" }, tokens: void 0 };
8088
8269
  }
8089
- return isUsableTokens(session.tokens) ? session : { ...session, tokens: void 0 };
8270
+ return {
8271
+ ...session,
8272
+ client,
8273
+ tokens: normalizeStoredTokens(getOwnEntry7(session, "tokens"))
8274
+ };
8090
8275
  }
8091
- function isUsableClient(client) {
8092
- return typeof client.clientId === "string" && client.clientId.trim().length > 0 && (client.clientSecret === void 0 || typeof client.clientSecret === "string" && client.clientSecret.trim().length > 0);
8276
+ function normalizeStoredClient(value) {
8277
+ if (!isObjectRecord3(value)) {
8278
+ return null;
8279
+ }
8280
+ const clientId = getOwnString2(value, "clientId");
8281
+ if (clientId === void 0 || clientId.trim().length === 0) {
8282
+ return null;
8283
+ }
8284
+ const clientSecret = getOwnEntry7(value, "clientSecret");
8285
+ if (clientSecret === void 0) {
8286
+ return { clientId };
8287
+ }
8288
+ if (typeof clientSecret !== "string" || clientSecret.trim().length === 0) {
8289
+ return null;
8290
+ }
8291
+ return { clientId, clientSecret };
8093
8292
  }
8094
- function isUsableTokens(tokens) {
8095
- if (tokens === void 0) {
8096
- return true;
8293
+ function normalizeStoredTokens(value) {
8294
+ if (value === void 0 || !isObjectRecord3(value)) {
8295
+ return void 0;
8097
8296
  }
8098
- return typeof tokens.accessToken === "string" && tokens.accessToken.trim().length > 0 && tokens.tokenType === "Bearer" && (tokens.expiresAt === null || typeof tokens.expiresAt === "number" && Number.isFinite(tokens.expiresAt)) && (tokens.refreshToken === void 0 || typeof tokens.refreshToken === "string" && tokens.refreshToken.trim().length > 0);
8297
+ const accessToken = getOwnString2(value, "accessToken");
8298
+ const tokenType = getOwnString2(value, "tokenType");
8299
+ const expiresAt = getOwnEntry7(value, "expiresAt");
8300
+ const refreshToken = getOwnEntry7(value, "refreshToken");
8301
+ const scope = getOwnString2(value, "scope");
8302
+ const normalizedRefreshToken = typeof refreshToken === "string" ? refreshToken : void 0;
8303
+ if (accessToken === void 0 || accessToken.trim().length === 0 || tokenType !== "Bearer" || !(expiresAt === null || typeof expiresAt === "number" && Number.isFinite(expiresAt)) || refreshToken !== void 0 && (typeof refreshToken !== "string" || refreshToken.trim().length === 0)) {
8304
+ return void 0;
8305
+ }
8306
+ return {
8307
+ accessToken,
8308
+ tokenType,
8309
+ expiresAt,
8310
+ ...normalizedRefreshToken === void 0 ? {} : { refreshToken: normalizedRefreshToken },
8311
+ ...scope === void 0 || scope.length === 0 ? {} : { scope }
8312
+ };
8099
8313
  }
8100
8314
  function getClientMetadata(client) {
8101
8315
  return client.metadata;
8102
8316
  }
8317
+ function getOwnEntry7(record, key2) {
8318
+ return Object.prototype.hasOwnProperty.call(record, key2) ? record[key2] : void 0;
8319
+ }
8320
+ function isObjectRecord3(value) {
8321
+ return typeof value === "object" && value !== null && !Array.isArray(value);
8322
+ }
8323
+ function getOwnString2(record, key2) {
8324
+ const value = getOwnEntry7(record, key2);
8325
+ return typeof value === "string" ? value : void 0;
8326
+ }
8327
+ function requireOwnString(record, key2, label) {
8328
+ const value = getOwnString2(record, key2);
8329
+ if (value === void 0) {
8330
+ throw new Error(`${label} is missing ${key2}`);
8331
+ }
8332
+ return value;
8333
+ }
8334
+ function getOwnStringArray(record, key2) {
8335
+ const value = getOwnEntry7(record, key2);
8336
+ return Array.isArray(value) && value.every((entry) => typeof entry === "string") ? value : void 0;
8337
+ }
8103
8338
  function buildAuthorizationUrl(input) {
8104
- const url = new URL2(input.metadata.authorization_endpoint);
8339
+ const authorizationEndpoint = requireOwnString(
8340
+ input.metadata,
8341
+ "authorization_endpoint",
8342
+ "Authorization server metadata"
8343
+ );
8344
+ const issuer = requireOwnString(
8345
+ input.metadata,
8346
+ "issuer",
8347
+ "Authorization server metadata"
8348
+ );
8349
+ const url = new URL2(authorizationEndpoint);
8105
8350
  const resource = canonicalizeResourceIndicator(input.resource);
8106
8351
  const state = createAuthorizationState({
8107
- issuer: input.metadata.issuer,
8108
- requireIssuer: input.metadata.authorization_response_iss_parameter_supported === true
8352
+ issuer,
8353
+ requireIssuer: getOwnEntry7(input.metadata, "authorization_response_iss_parameter_supported") === true
8109
8354
  });
8110
8355
  url.searchParams.set("response_type", "code");
8111
8356
  url.searchParams.set("client_id", input.clientId);
@@ -8120,7 +8365,7 @@ function buildAuthorizationUrl(input) {
8120
8365
  return url.toString();
8121
8366
  }
8122
8367
  function assertS256PkceSupport(metadata) {
8123
- if (!metadata.code_challenge_methods_supported.includes("S256")) {
8368
+ if (!getOwnStringArray(metadata, "code_challenge_methods_supported")?.includes("S256")) {
8124
8369
  throw new Error(
8125
8370
  "Authorization server metadata must advertise code_challenge_methods_supported including S256"
8126
8371
  );
@@ -8144,13 +8389,24 @@ function assertSecureUrl(value, label) {
8144
8389
  throw new Error(`${label} must use https unless it targets a loopback host`);
8145
8390
  }
8146
8391
  function assertSecureOAuthFlowEndpoints(metadata) {
8147
- assertNoAccessTokenInUrl(metadata.authorization_endpoint, "Authorization endpoint");
8148
- assertNoAccessTokenInUrl(metadata.token_endpoint, "Token endpoint");
8149
- assertSecureUrl(metadata.authorization_endpoint, "Authorization endpoint");
8150
- assertSecureUrl(metadata.token_endpoint, "Token endpoint");
8151
- if (metadata.registration_endpoint !== void 0) {
8152
- assertNoAccessTokenInUrl(metadata.registration_endpoint, "Registration endpoint");
8153
- assertSecureUrl(metadata.registration_endpoint, "Registration endpoint");
8392
+ const authorizationEndpoint = requireOwnString(
8393
+ metadata,
8394
+ "authorization_endpoint",
8395
+ "Authorization server metadata"
8396
+ );
8397
+ const tokenEndpoint = requireOwnString(
8398
+ metadata,
8399
+ "token_endpoint",
8400
+ "Authorization server metadata"
8401
+ );
8402
+ const registrationEndpoint = getOwnString2(metadata, "registration_endpoint");
8403
+ assertNoAccessTokenInUrl(authorizationEndpoint, "Authorization endpoint");
8404
+ assertNoAccessTokenInUrl(tokenEndpoint, "Token endpoint");
8405
+ assertSecureUrl(authorizationEndpoint, "Authorization endpoint");
8406
+ assertSecureUrl(tokenEndpoint, "Token endpoint");
8407
+ if (registrationEndpoint !== void 0) {
8408
+ assertNoAccessTokenInUrl(registrationEndpoint, "Registration endpoint");
8409
+ assertSecureUrl(registrationEndpoint, "Registration endpoint");
8154
8410
  }
8155
8411
  }
8156
8412
  function assertNoAccessTokenInUrl(value, label) {
@@ -8173,17 +8429,21 @@ function buildClientRegistrationBody(metadata, redirectUri) {
8173
8429
  response_types: ["code"],
8174
8430
  token_endpoint_auth_method: "none"
8175
8431
  };
8176
- if (metadata?.clientName !== void 0 && metadata.clientName.length > 0) {
8177
- body.client_name = metadata.clientName;
8432
+ const clientName = metadata === void 0 ? void 0 : getOwnString2(metadata, "clientName");
8433
+ const scope = metadata === void 0 ? void 0 : getOwnString2(metadata, "scope");
8434
+ const softwareId = metadata === void 0 ? void 0 : getOwnString2(metadata, "softwareId");
8435
+ const softwareVersion = metadata === void 0 ? void 0 : getOwnString2(metadata, "softwareVersion");
8436
+ if (clientName !== void 0 && clientName.length > 0) {
8437
+ body.client_name = clientName;
8178
8438
  }
8179
- if (metadata?.scope !== void 0 && metadata.scope.length > 0) {
8180
- body.scope = metadata.scope;
8439
+ if (scope !== void 0 && scope.length > 0) {
8440
+ body.scope = scope;
8181
8441
  }
8182
- if (metadata?.softwareId !== void 0 && metadata.softwareId.length > 0) {
8183
- body.software_id = metadata.softwareId;
8442
+ if (softwareId !== void 0 && softwareId.length > 0) {
8443
+ body.software_id = softwareId;
8184
8444
  }
8185
- if (metadata?.softwareVersion !== void 0 && metadata.softwareVersion.length > 0) {
8186
- body.software_version = metadata.softwareVersion;
8445
+ if (softwareVersion !== void 0 && softwareVersion.length > 0) {
8446
+ body.software_version = softwareVersion;
8187
8447
  }
8188
8448
  return body;
8189
8449
  }
@@ -8219,7 +8479,7 @@ import {
8219
8479
  function defaultOAuthMetadataFetch(input, init) {
8220
8480
  return fetch(input, init);
8221
8481
  }
8222
- function isObjectRecord(value) {
8482
+ function isObjectRecord4(value) {
8223
8483
  return typeof value === "object" && value !== null && !Array.isArray(value);
8224
8484
  }
8225
8485
  function isStringArray(value) {
@@ -8242,7 +8502,7 @@ function assertSecureUrl2(url, label) {
8242
8502
  throw new Error(`${label} must use https unless it targets a loopback host`);
8243
8503
  }
8244
8504
  function validateProtectedResourceMetadata(value, resourceUrl) {
8245
- if (!isObjectRecord(value)) {
8505
+ if (!isObjectRecord4(value)) {
8246
8506
  throw new Error("Protected resource metadata must be a JSON object");
8247
8507
  }
8248
8508
  if (typeof value.resource !== "string" || value.resource.length === 0) {
@@ -8265,7 +8525,7 @@ function validateProtectedResourceMetadata(value, resourceUrl) {
8265
8525
  };
8266
8526
  }
8267
8527
  function validateAuthorizationServerMetadata(value, issuer) {
8268
- if (!isObjectRecord(value)) {
8528
+ if (!isObjectRecord4(value)) {
8269
8529
  throw new Error("Authorization server metadata must be a JSON object");
8270
8530
  }
8271
8531
  if (typeof value.issuer !== "string" || value.issuer.length === 0) {
@@ -8718,7 +8978,7 @@ var McpClient = class {
8718
8978
  await onPromptsChanged();
8719
8979
  });
8720
8980
  messageLayer.onNotification("notifications/message", async (params17) => {
8721
- if (onLog === void 0 || !isObjectRecord2(params17) || !isLogLevel(params17.level)) {
8981
+ if (onLog === void 0 || !isObjectRecord5(params17) || !isLogLevel(params17.level)) {
8722
8982
  return;
8723
8983
  }
8724
8984
  if (!hasOwn(params17, "data")) {
@@ -8737,7 +8997,7 @@ var McpClient = class {
8737
8997
  await onLog(message2);
8738
8998
  });
8739
8999
  messageLayer.onNotification("notifications/progress", async (params17) => {
8740
- if (onProgress === void 0 || !isObjectRecord2(params17)) {
9000
+ if (onProgress === void 0 || !isObjectRecord5(params17)) {
8741
9001
  return;
8742
9002
  }
8743
9003
  const { progressToken, progress } = params17;
@@ -9938,7 +10198,7 @@ var JsonRpcMessageLayer = class {
9938
10198
  })();
9939
10199
  }
9940
10200
  handleCancellationNotification(params17) {
9941
- if (!isObjectRecord2(params17)) {
10201
+ if (!isObjectRecord5(params17)) {
9942
10202
  return;
9943
10203
  }
9944
10204
  const requestId = params17.requestId;
@@ -9953,34 +10213,34 @@ var JsonRpcMessageLayer = class {
9953
10213
  this.activeIncomingRequests.delete(requestId);
9954
10214
  }
9955
10215
  };
9956
- function isObjectRecord2(value) {
10216
+ function isObjectRecord5(value) {
9957
10217
  return typeof value === "object" && value !== null && !Array.isArray(value);
9958
10218
  }
9959
10219
  function isInitializeResult(value) {
9960
- if (!isObjectRecord2(value) || typeof value.protocolVersion !== "string") {
10220
+ if (!isObjectRecord5(value) || typeof value.protocolVersion !== "string") {
9961
10221
  return false;
9962
10222
  }
9963
10223
  if (!isServerCapabilities(value.capabilities)) {
9964
10224
  return false;
9965
10225
  }
9966
- if (!isObjectRecord2(value.serverInfo) || typeof value.serverInfo.name !== "string" || value.serverInfo.name.length === 0 || typeof value.serverInfo.version !== "string" || value.serverInfo.version.length === 0) {
10226
+ if (!isObjectRecord5(value.serverInfo) || typeof value.serverInfo.name !== "string" || value.serverInfo.name.length === 0 || typeof value.serverInfo.version !== "string" || value.serverInfo.version.length === 0) {
9967
10227
  return false;
9968
10228
  }
9969
10229
  return value.instructions === void 0 || typeof value.instructions === "string";
9970
10230
  }
9971
10231
  function isServerCapabilities(value) {
9972
- if (!isObjectRecord2(value)) {
10232
+ if (!isObjectRecord5(value)) {
9973
10233
  return false;
9974
10234
  }
9975
10235
  for (const capability of ["prompts", "resources", "tools", "logging", "completions", "experimental"]) {
9976
- if (value[capability] !== void 0 && !isObjectRecord2(value[capability])) {
10236
+ if (value[capability] !== void 0 && !isObjectRecord5(value[capability])) {
9977
10237
  return false;
9978
10238
  }
9979
10239
  }
9980
10240
  return true;
9981
10241
  }
9982
10242
  function isCallToolResult(value) {
9983
- if (!isObjectRecord2(value) || !Array.isArray(value.content)) {
10243
+ if (!isObjectRecord5(value) || !Array.isArray(value.content)) {
9984
10244
  return false;
9985
10245
  }
9986
10246
  if (value.isError !== void 0 && typeof value.isError !== "boolean") {
@@ -9989,10 +10249,10 @@ function isCallToolResult(value) {
9989
10249
  return value.content.every(isContentItem);
9990
10250
  }
9991
10251
  function isToolsListResult(value) {
9992
- return isObjectRecord2(value) && Array.isArray(value.tools) && (value.nextCursor === void 0 || typeof value.nextCursor === "string");
10252
+ return isObjectRecord5(value) && Array.isArray(value.tools) && (value.nextCursor === void 0 || typeof value.nextCursor === "string");
9993
10253
  }
9994
10254
  function isContentItem(value) {
9995
- if (!isObjectRecord2(value)) {
10255
+ if (!isObjectRecord5(value)) {
9996
10256
  return false;
9997
10257
  }
9998
10258
  if (value.type === "text") {
@@ -10001,7 +10261,7 @@ function isContentItem(value) {
10001
10261
  if (value.type === "image" || value.type === "audio") {
10002
10262
  return typeof value.data === "string" && typeof value.mimeType === "string";
10003
10263
  }
10004
- if (value.type !== "resource" || !isObjectRecord2(value.resource)) {
10264
+ if (value.type !== "resource" || !isObjectRecord5(value.resource)) {
10005
10265
  return false;
10006
10266
  }
10007
10267
  return typeof value.resource.uri === "string" && (value.resource.mimeType === void 0 || typeof value.resource.mimeType === "string") && (typeof value.resource.text === "string" || typeof value.resource.blob === "string");
@@ -10025,7 +10285,7 @@ function invalidRequest() {
10025
10285
  return new McpError(ERROR_INVALID_REQUEST, "Invalid Request");
10026
10286
  }
10027
10287
  function isJsonRpcErrorObject(value) {
10028
- if (!isObjectRecord2(value)) {
10288
+ if (!isObjectRecord5(value)) {
10029
10289
  return false;
10030
10290
  }
10031
10291
  if (typeof value.code !== "number" || typeof value.message !== "string") {
@@ -10034,7 +10294,7 @@ function isJsonRpcErrorObject(value) {
10034
10294
  return value.data === void 0 || hasOwn(value, "data");
10035
10295
  }
10036
10296
  function parseJsonRpcPayload(parsed) {
10037
- if (!isObjectRecord2(parsed)) {
10297
+ if (!isObjectRecord5(parsed)) {
10038
10298
  return {
10039
10299
  type: "invalid",
10040
10300
  id: null,
@@ -10361,7 +10621,11 @@ function convertObjectSchema(schema, root, options) {
10361
10621
  "properties",
10362
10622
  key2
10363
10623
  ]);
10364
- shape[key2] = requiredKeys.has(key2) ? convertedProperty : S.Optional(convertedProperty);
10624
+ setOwnShapeProperty(
10625
+ shape,
10626
+ key2,
10627
+ requiredKeys.has(key2) ? convertedProperty : S.Optional(convertedProperty)
10628
+ );
10365
10629
  }
10366
10630
  return applyMetadata(
10367
10631
  S.Object(shape, {
@@ -10373,6 +10637,14 @@ function convertObjectSchema(schema, root, options) {
10373
10637
  }
10374
10638
  );
10375
10639
  }
10640
+ function setOwnShapeProperty(shape, key2, value) {
10641
+ Object.defineProperty(shape, key2, {
10642
+ configurable: true,
10643
+ enumerable: true,
10644
+ writable: true,
10645
+ value
10646
+ });
10647
+ }
10376
10648
  function createCommonOptions(schema, nullable, defaultValue) {
10377
10649
  return {
10378
10650
  ...schema.description === void 0 ? {} : { description: schema.description },
@@ -10623,6 +10895,9 @@ function resolveLocalRef(root, ref) {
10623
10895
  if (!isPlainObject(current)) {
10624
10896
  return void 0;
10625
10897
  }
10898
+ if (!Object.prototype.hasOwnProperty.call(current, segment)) {
10899
+ return void 0;
10900
+ }
10626
10901
  current = current[segment];
10627
10902
  }
10628
10903
  return isPlainObject(current) ? current : void 0;
@@ -10862,8 +11137,7 @@ async function readCache(cachePath) {
10862
11137
  version: parsed.version === 1 ? 1 : 1
10863
11138
  };
10864
11139
  } catch (error3) {
10865
- const code = error3.code;
10866
- if (code === "ENOENT" || error3 instanceof SyntaxError) {
11140
+ if (hasOwnErrorCode(error3, "ENOENT") || error3 instanceof SyntaxError) {
10867
11141
  return void 0;
10868
11142
  }
10869
11143
  return void 0;
@@ -10871,16 +11145,32 @@ async function readCache(cachePath) {
10871
11145
  }
10872
11146
  async function writeCache(cachePath, cache) {
10873
11147
  const directory = path12.dirname(cachePath);
10874
- const tempPath = `${cachePath}.tmp-${randomUUID2()}`;
11148
+ const tempPath = `${cachePath}.tmp-${randomUUID4()}`;
11149
+ let tempCreated = false;
10875
11150
  await assertCachePathHasNoSymlinks(cachePath);
10876
11151
  await assertCachePathHasNoSymlinks(tempPath);
10877
11152
  await mkdir(directory, { recursive: true });
10878
11153
  await assertCachePathHasNoSymlinks(directory);
10879
- await writeFile3(tempPath, `${JSON.stringify(cache, null, 2)}
10880
- `);
10881
- await assertCachePathHasNoSymlinks(tempPath);
10882
- await assertCachePathHasNoSymlinks(cachePath);
10883
- await rename2(tempPath, cachePath);
11154
+ try {
11155
+ await writeFile3(tempPath, `${JSON.stringify(cache, null, 2)}
11156
+ `, {
11157
+ encoding: "utf8",
11158
+ flag: "wx"
11159
+ });
11160
+ tempCreated = true;
11161
+ await assertCachePathHasNoSymlinks(tempPath);
11162
+ await assertCachePathHasNoSymlinks(cachePath);
11163
+ await rename2(tempPath, cachePath);
11164
+ tempCreated = false;
11165
+ } catch (error3) {
11166
+ if (tempCreated || !isAlreadyExistsError2(error3)) {
11167
+ await unlink2(tempPath).catch(() => void 0);
11168
+ }
11169
+ throw error3;
11170
+ }
11171
+ }
11172
+ function isAlreadyExistsError2(error3) {
11173
+ return hasOwnErrorCode(error3, "EEXIST");
10884
11174
  }
10885
11175
  async function fetchCache(name, config2) {
10886
11176
  const logger2 = createLogger((message2) => {
@@ -11084,7 +11374,7 @@ async function assertCachePathHasNoSymlinks(filePath) {
11084
11374
  throw new Error(`MCP cache path must not contain symbolic links: ${currentPath}.`);
11085
11375
  }
11086
11376
  } catch (error3) {
11087
- if (error3.code !== "ENOENT") {
11377
+ if (!hasOwnErrorCode(error3, "ENOENT")) {
11088
11378
  throw error3;
11089
11379
  }
11090
11380
  }
@@ -11620,7 +11910,7 @@ async function writeErrorReport(context) {
11620
11910
  }
11621
11911
  const projectRoot = resolveProjectRoot(context.projectRoot);
11622
11912
  const reportDir = resolveReportDir(context.errorReports, projectRoot);
11623
- const fileName = `${formatTimestamp(/* @__PURE__ */ new Date())}-${slugifyCommandPath(context.commandPath)}-${randomUUID3()}.log`;
11913
+ const fileName = `${formatTimestamp(/* @__PURE__ */ new Date())}-${slugifyCommandPath(context.commandPath)}-${randomUUID5()}.log`;
11624
11914
  const absolutePath = path13.join(reportDir, fileName);
11625
11915
  await mkdir2(reportDir, { recursive: true });
11626
11916
  if (reportDirMustStayWithinProject(context.errorReports)) {
@@ -12532,7 +12822,7 @@ function getJsonParseErrorLocation(error3, source) {
12532
12822
  return null;
12533
12823
  }
12534
12824
  function getJsonParseCauseLocation(error3) {
12535
- if (typeof error3 !== "object" || error3 === null || !("cause" in error3)) {
12825
+ if (typeof error3 !== "object" || error3 === null || !hasOwnProperty3(error3, "cause")) {
12536
12826
  return null;
12537
12827
  }
12538
12828
  const cause = error3.cause;
@@ -12544,7 +12834,7 @@ function getJsonParseCauseLocation(error3) {
12544
12834
  return { line, column };
12545
12835
  }
12546
12836
  function getNumericProperty(value, key2) {
12547
- if (typeof value !== "object" || value === null || !(key2 in value)) {
12837
+ if (typeof value !== "object" || value === null || !hasOwnProperty3(value, key2)) {
12548
12838
  return null;
12549
12839
  }
12550
12840
  const propertyValue = value[key2];
@@ -13099,10 +13389,10 @@ function renderHelpSections(sections) {
13099
13389
  return sections.filter((section) => section.length > 0).join("\n\n");
13100
13390
  }
13101
13391
  function formatHelpCommandList(rows) {
13102
- return process.stdout.isTTY === false ? help_formatter_plain_exports.formatCommandList(rows) : formatCommandList(rows);
13392
+ return process.stdout.isTTY !== true ? help_formatter_plain_exports.formatCommandList(rows) : formatCommandList(rows);
13103
13393
  }
13104
13394
  function formatHelpOptionList(rows) {
13105
- return process.stdout.isTTY === false ? help_formatter_plain_exports.formatOptionList(rows) : formatOptionList(rows);
13395
+ return process.stdout.isTTY !== true ? help_formatter_plain_exports.formatOptionList(rows) : formatOptionList(rows);
13106
13396
  }
13107
13397
  function buildUsageLine(breadcrumb, rootUsageName, suffix) {
13108
13398
  const visibleBreadcrumb = breadcrumb.filter((segment) => segment.length > 0);
@@ -13390,11 +13680,18 @@ function formatResolvedValue(value) {
13390
13680
  function fieldPromptLabel(field) {
13391
13681
  return field.positionalIndex === void 0 ? field.optionFlag : `<${field.displayPath}>`;
13392
13682
  }
13683
+ function enumOptionLabel(schema, value) {
13684
+ const key2 = String(value);
13685
+ if (schema.labels === void 0 || !Object.prototype.hasOwnProperty.call(schema.labels, key2)) {
13686
+ return key2;
13687
+ }
13688
+ return schema.labels[key2] ?? key2;
13689
+ }
13393
13690
  async function promptForField(field) {
13394
13691
  const schema = field.schema;
13395
13692
  if (schema.kind === "enum") {
13396
13693
  const options = schema.loadOptions ? await schema.loadOptions() : schema.values.map((value) => ({
13397
- label: schema.labels?.[String(value)] ?? String(value),
13694
+ label: enumOptionLabel(schema, value),
13398
13695
  value
13399
13696
  }));
13400
13697
  const selected = await select2({
@@ -13479,8 +13776,8 @@ async function withOutputFormat2(output, fn) {
13479
13776
  function createFs2() {
13480
13777
  return {
13481
13778
  readFile: async (path25, encoding = "utf8") => readFile4(path25, { encoding }),
13482
- writeFile: async (path25, contents) => {
13483
- await writeFile5(path25, contents);
13779
+ writeFile: async (path25, contents, options) => {
13780
+ await writeFile5(path25, contents, options);
13484
13781
  },
13485
13782
  exists: async (path25) => {
13486
13783
  try {
@@ -13492,7 +13789,7 @@ function createFs2() {
13492
13789
  },
13493
13790
  lstat: async (path25) => lstat3(path25),
13494
13791
  rename: async (fromPath, toPath) => rename3(fromPath, toPath),
13495
- unlink: async (path25) => unlink2(path25)
13792
+ unlink: async (path25) => unlink3(path25)
13496
13793
  };
13497
13794
  }
13498
13795
  function createEnv2(values = process.env) {
@@ -13594,7 +13891,7 @@ async function loadPresetValues(fields, presetPath) {
13594
13891
  encoding: "utf8"
13595
13892
  });
13596
13893
  } catch (error3) {
13597
- if (typeof error3 === "object" && error3 !== null && "code" in error3 && error3.code === "ENOENT") {
13894
+ if (hasOwnErrorCode(error3, "ENOENT")) {
13598
13895
  throw new UserError(`Preset file "${presetPath}" was not found.`);
13599
13896
  }
13600
13897
  const message2 = error3 instanceof Error && error3.message.length > 0 ? error3.message : "Unknown read error.";
@@ -14693,10 +14990,10 @@ function isHttpErrorLike(error3) {
14693
14990
  }
14694
14991
  const request = error3.request;
14695
14992
  const response = error3.response;
14696
- return isPlainObject4(request) && typeof request.method === "string" && typeof request.url === "string" && isStringRecord(request.headers) && isPlainObject4(response) && typeof response.status === "number" && typeof response.statusText === "string" && isStringRecord(response.headers) && "body" in response;
14993
+ return isPlainObject4(request) && typeof request.method === "string" && typeof request.url === "string" && isStringRecord(request.headers) && isPlainObject4(response) && typeof response.status === "number" && typeof response.statusText === "string" && isStringRecord(response.headers) && hasOwnProperty3(response, "body");
14697
14994
  }
14698
14995
  function hasTypedOptionalField(value, field, type2) {
14699
- return !(field in value) || typeof value[field] === type2;
14996
+ return !hasOwnProperty3(value, field) || typeof value[field] === type2;
14700
14997
  }
14701
14998
  function isNonEmptyString(value) {
14702
14999
  return typeof value === "string" && value.trim().length > 0;
@@ -14720,7 +15017,7 @@ function isProblemDetailsLike(body) {
14720
15017
  if (!hasTypedOptionalField(body, "instance", "string")) {
14721
15018
  return false;
14722
15019
  }
14723
- return isNonEmptyString(body.title) || isNonEmptyString(body.detail);
15020
+ return hasOwnNonEmptyString(body, "title") || hasOwnNonEmptyString(body, "detail");
14724
15021
  }
14725
15022
  function isGraphQLErrorEnvelopeLike(body) {
14726
15023
  if (!isPlainObject4(body) || !Array.isArray(body.errors) || body.errors.length === 0) {
@@ -14730,44 +15027,50 @@ function isGraphQLErrorEnvelopeLike(body) {
14730
15027
  if (!isPlainObject4(error3) || typeof error3.message !== "string") {
14731
15028
  return false;
14732
15029
  }
14733
- if ("path" in error3) {
15030
+ if (hasOwnProperty3(error3, "path")) {
14734
15031
  const pathValue = error3.path;
14735
15032
  if (!Array.isArray(pathValue) || !pathValue.every((entry) => typeof entry === "string" || typeof entry === "number")) {
14736
15033
  return false;
14737
15034
  }
14738
15035
  }
14739
- if ("extensions" in error3) {
15036
+ if (hasOwnProperty3(error3, "extensions")) {
14740
15037
  if (!isPlainObject4(error3.extensions)) {
14741
15038
  return false;
14742
15039
  }
14743
- if ("code" in error3.extensions && typeof error3.extensions.code !== "string") {
15040
+ if (hasOwnProperty3(error3.extensions, "code") && typeof error3.extensions.code !== "string") {
14744
15041
  return false;
14745
15042
  }
14746
15043
  }
14747
15044
  return true;
14748
15045
  });
14749
15046
  }
15047
+ function hasOwnProperty3(value, name) {
15048
+ return Object.prototype.hasOwnProperty.call(value, name);
15049
+ }
15050
+ function hasOwnNonEmptyString(value, name) {
15051
+ return hasOwnProperty3(value, name) && isNonEmptyString(value[name]);
15052
+ }
14750
15053
  function styleHttpErrorLine(value, style) {
14751
- return process.stdout.isTTY === false ? value : style(value);
15054
+ return process.stdout.isTTY !== true ? value : style(value);
14752
15055
  }
14753
15056
  function formatHttpErrorStatus(value) {
14754
15057
  return styleHttpErrorLine(value, text.error);
14755
15058
  }
14756
15059
  function formatProblemDetailsBody(body) {
14757
15060
  const lines = [];
14758
- if (isNonEmptyString(body.title)) {
15061
+ if (hasOwnNonEmptyString(body, "title")) {
14759
15062
  lines.push(`Problem: ${body.title}`);
14760
15063
  }
14761
- if (isNonEmptyString(body.detail)) {
15064
+ if (hasOwnNonEmptyString(body, "detail")) {
14762
15065
  lines.push(`Detail: ${body.detail}`);
14763
15066
  }
14764
- if (body.type !== void 0) {
15067
+ if (hasOwnProperty3(body, "type") && body.type !== void 0) {
14765
15068
  lines.push(`Type: ${body.type}`);
14766
15069
  }
14767
- if (body.instance !== void 0) {
15070
+ if (hasOwnProperty3(body, "instance") && body.instance !== void 0) {
14768
15071
  lines.push(`Instance: ${body.instance}`);
14769
15072
  }
14770
- if (body.status !== void 0) {
15073
+ if (hasOwnProperty3(body, "status") && body.status !== void 0) {
14771
15074
  lines.push(`Status: ${body.status}`);
14772
15075
  }
14773
15076
  return lines.join("\n");
@@ -14775,10 +15078,10 @@ function formatProblemDetailsBody(body) {
14775
15078
  function formatGraphQLErrorEnvelopeBody(body) {
14776
15079
  return body.errors.map((error3) => {
14777
15080
  const lines = [`GraphQL error: ${error3.message}`];
14778
- if (error3.path !== void 0) {
15081
+ if (hasOwnProperty3(error3, "path") && error3.path !== void 0) {
14779
15082
  lines.push(` at path: ${error3.path.join(".")}`);
14780
15083
  }
14781
- if (error3.extensions?.code !== void 0) {
15084
+ if (hasOwnProperty3(error3, "extensions") && error3.extensions !== void 0 && hasOwnProperty3(error3.extensions, "code") && error3.extensions.code !== void 0) {
14782
15085
  lines.push(` code: ${error3.extensions.code}`);
14783
15086
  }
14784
15087
  return lines.join("\n");
@@ -15230,7 +15533,7 @@ async function runCLI(roots, options = {}) {
15230
15533
  }
15231
15534
 
15232
15535
  // src/terminal-pilot.ts
15233
- import { randomUUID as randomUUID4 } from "node:crypto";
15536
+ import { randomUUID as randomUUID6 } from "node:crypto";
15234
15537
 
15235
15538
  // src/terminal-session.ts
15236
15539
  import { EventEmitter } from "node:events";
@@ -15239,6 +15542,11 @@ import { createRequire } from "node:module";
15239
15542
  import { dirname, join } from "node:path";
15240
15543
  import * as nodePty from "node-pty";
15241
15544
 
15545
+ // src/errors.ts
15546
+ function hasOwnErrorCode4(error3, code) {
15547
+ return error3 instanceof Error && Object.prototype.hasOwnProperty.call(error3, "code") && error3.code === code;
15548
+ }
15549
+
15242
15550
  // src/terminal-buffer.ts
15243
15551
  var RESET_SGR = "\x1B[0m";
15244
15552
  var DEC_SPECIAL_GRAPHICS = {
@@ -16338,10 +16646,7 @@ function ensureSpawnHelperExecutable() {
16338
16646
  }
16339
16647
  }
16340
16648
  function isMissingFileError(error3) {
16341
- if (!(error3 instanceof Error)) {
16342
- return false;
16343
- }
16344
- return "code" in error3 && error3.code === "ENOENT";
16649
+ return hasOwnErrorCode4(error3, "ENOENT");
16345
16650
  }
16346
16651
  function matchPattern(buffer, pattern) {
16347
16652
  const clean = normalizeHistoryBuffer(stripAnsi(buffer));
@@ -16432,7 +16737,7 @@ var TerminalPilot = class _TerminalPilot {
16432
16737
  }
16433
16738
  async newSession(opts) {
16434
16739
  const session = new TerminalSession({
16435
- id: randomUUID4(),
16740
+ id: randomUUID6(),
16436
16741
  command: opts.command,
16437
16742
  args: opts.args,
16438
16743
  cwd: opts.cwd,
@@ -16718,6 +17023,11 @@ var claudeCodeAgent = {
16718
17023
  aliases: ["claude"],
16719
17024
  binaryName: "claude",
16720
17025
  apiShapes: ["anthropic-messages"],
17026
+ otelCapture: {
17027
+ env: {
17028
+ CLAUDE_CODE_ENABLE_TELEMETRY: "1"
17029
+ }
17030
+ },
16721
17031
  configPath: "~/.claude/settings.json",
16722
17032
  branding: {
16723
17033
  colors: {
@@ -16750,6 +17060,16 @@ var codexAgent = {
16750
17060
  summary: "Configure Codex to use Poe as the model provider.",
16751
17061
  binaryName: "codex",
16752
17062
  apiShapes: ["openai-responses"],
17063
+ otelCapture: {
17064
+ args: (endpoint, content) => [
17065
+ "-c",
17066
+ `otel.trace_exporter={"otlp-http"={endpoint=${JSON.stringify(`${endpoint}/v1/traces`)},protocol="json"}}`,
17067
+ "-c",
17068
+ `otel.exporter={"otlp-http"={endpoint=${JSON.stringify(`${endpoint}/v1/logs`)},protocol="json"}}`,
17069
+ "-c",
17070
+ `otel.log_user_prompt=${content}`
17071
+ ]
17072
+ },
16753
17073
  configPath: "~/.codex/config.toml",
16754
17074
  branding: {
16755
17075
  colors: {
@@ -16785,6 +17105,11 @@ var openCodeAgent = {
16785
17105
  summary: "Configure OpenCode CLI to use the Poe API.",
16786
17106
  binaryName: "opencode",
16787
17107
  apiShapes: ["openai-chat-completions"],
17108
+ otelCapture: {
17109
+ env: {
17110
+ OPENCODE_CONFIG_CONTENT: '{"experimental":{"openTelemetry":true}}'
17111
+ }
17112
+ },
16788
17113
  configPath: "~/.config/opencode/config.json",
16789
17114
  branding: {
16790
17115
  colors: {
@@ -16820,6 +17145,7 @@ var gooseAgent = {
16820
17145
  summary: "Block's open-source AI agent with ACP support.",
16821
17146
  binaryName: "goose",
16822
17147
  apiShapes: ["openai-chat-completions"],
17148
+ otelCapture: {},
16823
17149
  configPath: "~/.config/goose/config.yaml",
16824
17150
  branding: {
16825
17151
  colors: {
@@ -16853,6 +17179,12 @@ function freezeAgent(agent) {
16853
17179
  if (agent.apiShapes !== void 0) {
16854
17180
  Object.freeze(agent.apiShapes);
16855
17181
  }
17182
+ if (agent.otelCapture?.env !== void 0) {
17183
+ Object.freeze(agent.otelCapture.env);
17184
+ }
17185
+ if (agent.otelCapture !== void 0) {
17186
+ Object.freeze(agent.otelCapture);
17187
+ }
16856
17188
  Object.freeze(agent.branding.colors);
16857
17189
  Object.freeze(agent.branding);
16858
17190
  return Object.freeze(agent);
@@ -17016,6 +17348,7 @@ var templateMutation = {
17016
17348
  };
17017
17349
 
17018
17350
  // ../config-mutations/src/execution/apply-mutation.ts
17351
+ import { randomUUID as randomUUID7 } from "node:crypto";
17019
17352
  import path17 from "node:path";
17020
17353
 
17021
17354
  // ../config-mutations/src/formats/json.ts
@@ -17091,7 +17424,7 @@ function merge(base, patch) {
17091
17424
  if (value === void 0) {
17092
17425
  continue;
17093
17426
  }
17094
- const existing = result[key2];
17427
+ const existing = hasConfigEntry(result, key2) ? result[key2] : void 0;
17095
17428
  if (isConfigObject(existing) && isConfigObject(value)) {
17096
17429
  setConfigEntry(result, key2, merge(existing, value));
17097
17430
  continue;
@@ -17219,7 +17552,7 @@ function merge2(base, patch) {
17219
17552
  if (value === void 0) {
17220
17553
  continue;
17221
17554
  }
17222
- const existing = result[key2];
17555
+ const existing = hasConfigEntry(result, key2) ? result[key2] : void 0;
17223
17556
  if (isConfigObject2(existing) && isConfigObject2(value)) {
17224
17557
  setConfigEntry(result, key2, merge2(existing, value));
17225
17558
  continue;
@@ -17299,7 +17632,7 @@ function merge3(base, patch) {
17299
17632
  if (value === void 0) {
17300
17633
  continue;
17301
17634
  }
17302
- const existing = result[key2];
17635
+ const existing = hasConfigEntry(result, key2) ? result[key2] : void 0;
17303
17636
  if (isConfigObject3(existing) && isConfigObject3(value)) {
17304
17637
  setConfigEntry(result, key2, merge3(existing, value));
17305
17638
  continue;
@@ -17434,9 +17767,14 @@ function resolvePath(rawPath, homeDir, pathMapper) {
17434
17767
  return filename.length === 0 ? mappedDirectory : path16.join(mappedDirectory, filename);
17435
17768
  }
17436
17769
 
17770
+ // ../config-mutations/src/error-codes.ts
17771
+ function hasOwnErrorCode5(error3, code) {
17772
+ return typeof error3 === "object" && error3 !== null && Object.prototype.hasOwnProperty.call(error3, "code") && error3.code === code;
17773
+ }
17774
+
17437
17775
  // ../config-mutations/src/fs-utils.ts
17438
17776
  function isNotFound(error3) {
17439
- return typeof error3 === "object" && error3 !== null && "code" in error3 && error3.code === "ENOENT";
17777
+ return hasOwnErrorCode5(error3, "ENOENT");
17440
17778
  }
17441
17779
  async function readFileIfExists(fs4, target) {
17442
17780
  try {
@@ -17485,6 +17823,7 @@ async function backupInvalidDocument(context, targetPath, content) {
17485
17823
  return;
17486
17824
  } catch (error3) {
17487
17825
  if (!isAlreadyExists(error3)) {
17826
+ await context.fs.unlink(backupPath).catch(() => void 0);
17488
17827
  throw error3;
17489
17828
  }
17490
17829
  attempt += 1;
@@ -17492,7 +17831,7 @@ async function backupInvalidDocument(context, targetPath, content) {
17492
17831
  }
17493
17832
  }
17494
17833
  function isAlreadyExists(error3) {
17495
- return Boolean(error3 && typeof error3 === "object" && "code" in error3 && error3.code === "EEXIST");
17834
+ return hasOwnErrorCode5(error3, "EEXIST");
17496
17835
  }
17497
17836
  async function assertRegularWriteTarget(context, targetPath) {
17498
17837
  const boundary = path17.dirname(path17.resolve(context.homeDir));
@@ -17516,28 +17855,34 @@ async function assertRegularWriteTarget(context, targetPath) {
17516
17855
  }
17517
17856
  async function writeAtomically2(context, targetPath, content) {
17518
17857
  await assertRegularWriteTarget(context, targetPath);
17519
- let attempt = 0;
17520
- while (true) {
17521
- const tempPath = `${targetPath}.mutation-tmp-${attempt}`;
17858
+ for (let attempt = 0; attempt < 10; attempt += 1) {
17859
+ const tempPath = `${targetPath}.mutation-tmp-${process.pid}-${randomUUID7()}`;
17860
+ let tempCreated = false;
17522
17861
  try {
17862
+ await assertRegularWriteTarget(context, tempPath);
17523
17863
  await context.fs.writeFile(tempPath, content, { encoding: "utf8", flag: "wx" });
17864
+ tempCreated = true;
17524
17865
  await context.fs.rename(tempPath, targetPath);
17866
+ tempCreated = false;
17525
17867
  return;
17526
17868
  } catch (error3) {
17527
- if (isAlreadyExists(error3)) {
17528
- attempt += 1;
17529
- continue;
17530
- }
17531
- try {
17532
- await context.fs.unlink(tempPath);
17533
- } catch (cleanupError) {
17534
- if (!isNotFound(cleanupError)) {
17535
- void cleanupError;
17869
+ const alreadyExists = isAlreadyExists(error3);
17870
+ if (tempCreated || !alreadyExists) {
17871
+ try {
17872
+ await context.fs.unlink(tempPath);
17873
+ } catch (cleanupError) {
17874
+ if (!isNotFound(cleanupError)) {
17875
+ void cleanupError;
17876
+ }
17536
17877
  }
17537
17878
  }
17879
+ if (alreadyExists) {
17880
+ continue;
17881
+ }
17538
17882
  throw error3;
17539
17883
  }
17540
17884
  }
17885
+ throw new Error(`Unable to create temporary mutation file for ${targetPath}.`);
17541
17886
  }
17542
17887
  function describeMutation(kind, targetPath) {
17543
17888
  const displayPath = targetPath ?? "target";
@@ -17829,6 +18174,7 @@ async function applyBackup(mutation, context, options) {
17829
18174
  break;
17830
18175
  } catch (error3) {
17831
18176
  if (!isAlreadyExists(error3)) {
18177
+ await context.fs.unlink(backupPath).catch(() => void 0);
17832
18178
  throw error3;
17833
18179
  }
17834
18180
  attempt += 1;
@@ -18212,6 +18558,11 @@ async function executeMutation(mutation, context, options) {
18212
18558
  }
18213
18559
  }
18214
18560
 
18561
+ // ../agent-skill-config/src/error-codes.ts
18562
+ function hasOwnErrorCode6(error3, code) {
18563
+ return error3 instanceof Error && Object.prototype.hasOwnProperty.call(error3, "code") && error3.code === code;
18564
+ }
18565
+
18215
18566
  // ../agent-skill-config/src/templates.ts
18216
18567
  import { readFile as readFile5, stat } from "node:fs/promises";
18217
18568
  import path18 from "node:path";
@@ -18236,7 +18587,7 @@ async function pathExists2(fs4, targetPath) {
18236
18587
  await fs4.stat(targetPath);
18237
18588
  return true;
18238
18589
  } catch (error3) {
18239
- if (error3 && typeof error3 === "object" && "code" in error3 && error3.code === "ENOENT") {
18590
+ if (hasOwnErrorCode6(error3, "ENOENT")) {
18240
18591
  return false;
18241
18592
  }
18242
18593
  throw error3;
@@ -18295,12 +18646,13 @@ import path19 from "node:path";
18295
18646
 
18296
18647
  // ../agent-skill-config/src/git-exclude.ts
18297
18648
  import { execFileSync } from "node:child_process";
18649
+ import { randomUUID as randomUUID8 } from "node:crypto";
18298
18650
  import * as fs2 from "node:fs";
18299
18651
  import path20 from "node:path";
18300
18652
 
18301
18653
  // ../agent-skill-config/src/bridge-active-skills.ts
18302
18654
  import * as fs3 from "node:fs";
18303
- import { createHash as createHash4, randomUUID as randomUUID5 } from "node:crypto";
18655
+ import { createHash as createHash4, randomUUID as randomUUID9 } from "node:crypto";
18304
18656
  import path21 from "node:path";
18305
18657
 
18306
18658
  // src/commands/installer.ts
@@ -18313,7 +18665,7 @@ var DEFAULT_INSTALL_SCOPE = "local";
18313
18665
  var TERMINAL_PILOT_SKILL_NAME = "terminal-pilot";
18314
18666
  var installableAgents = supportedAgents;
18315
18667
  function isNotFoundError2(error3) {
18316
- return typeof error3 === "object" && error3 !== null && "code" in error3 && error3.code === "ENOENT";
18668
+ return hasOwnErrorCode4(error3, "ENOENT");
18317
18669
  }
18318
18670
  function resolveInstallerServices(installer) {
18319
18671
  return {
@@ -18544,7 +18896,7 @@ var resize = defineCommand({
18544
18896
  });
18545
18897
 
18546
18898
  // ../terminal-png/src/index.ts
18547
- import { randomUUID as randomUUID6 } from "node:crypto";
18899
+ import { randomUUID as randomUUID10 } from "node:crypto";
18548
18900
  import { rename as rename4, rm, writeFile as writeFile6 } from "node:fs/promises";
18549
18901
 
18550
18902
  // ../terminal-png/src/ansi-parser.ts
@@ -18931,6 +19283,11 @@ function parseAnsi2(input) {
18931
19283
  return buildRuns(lines, lineBreakStyles);
18932
19284
  }
18933
19285
 
19286
+ // ../terminal-png/src/error-codes.ts
19287
+ function hasOwnErrorCode7(error3, code) {
19288
+ return typeof error3 === "object" && error3 !== null && Object.prototype.hasOwnProperty.call(error3, "code") && error3.code === code;
19289
+ }
19290
+
18934
19291
  // ../terminal-png/src/png-renderer.ts
18935
19292
  import { Resvg } from "@resvg/resvg-js";
18936
19293
 
@@ -19484,21 +19841,28 @@ async function renderTerminalPng(ansiText, options = {}) {
19484
19841
  });
19485
19842
  const png = renderPng(svg);
19486
19843
  if (options.output) {
19487
- const temporaryPath = `${options.output}.${randomUUID6()}.tmp`;
19844
+ const temporaryPath = `${options.output}.${randomUUID10()}.tmp`;
19845
+ let temporaryCreated = false;
19488
19846
  try {
19489
19847
  await writeFile6(temporaryPath, png, { flag: "wx" });
19848
+ temporaryCreated = true;
19490
19849
  await rename4(temporaryPath, options.output);
19491
19850
  } catch (error3) {
19492
- try {
19493
- await rm(temporaryPath, { force: true });
19494
- } catch (cleanupError) {
19495
- void cleanupError;
19851
+ if (temporaryCreated || !isAlreadyExistsError3(error3)) {
19852
+ try {
19853
+ await rm(temporaryPath, { force: true });
19854
+ } catch (cleanupError) {
19855
+ void cleanupError;
19856
+ }
19496
19857
  }
19497
19858
  throw error3;
19498
19859
  }
19499
19860
  }
19500
19861
  return png;
19501
19862
  }
19863
+ function isAlreadyExistsError3(error3) {
19864
+ return error3 instanceof Error && hasOwnErrorCode7(error3, "EEXIST");
19865
+ }
19502
19866
 
19503
19867
  // src/commands/screenshot.ts
19504
19868
  var params11 = S.Object({
@@ -19561,7 +19925,7 @@ var type = defineCommand({
19561
19925
  });
19562
19926
 
19563
19927
  // src/commands/uninstall.ts
19564
- import { randomUUID as randomUUID7 } from "node:crypto";
19928
+ import { randomUUID as randomUUID11 } from "node:crypto";
19565
19929
  var params14 = S.Object({
19566
19930
  agent: S.Enum(installableAgents, {
19567
19931
  description: "Agent to uninstall terminal-pilot from",
@@ -19597,7 +19961,7 @@ var uninstall = defineCommand({
19597
19961
  if (!await folderExists(services.fs, skill.fullPath)) {
19598
19962
  continue;
19599
19963
  }
19600
- const stagingPath = `${skill.fullPath}.removing-${randomUUID7()}`;
19964
+ const stagingPath = `${skill.fullPath}.removing-${randomUUID11()}`;
19601
19965
  await services.fs.rename(skill.fullPath, stagingPath);
19602
19966
  staged.push({ ...skill, stagingPath });
19603
19967
  }
@@ -19623,7 +19987,7 @@ async function folderExists(fs4, folderPath) {
19623
19987
  await fs4.stat(folderPath);
19624
19988
  return true;
19625
19989
  } catch (error3) {
19626
- if (typeof error3 === "object" && error3 !== null && "code" in error3 && error3.code === "ENOENT") {
19990
+ if (hasOwnErrorCode4(error3, "ENOENT")) {
19627
19991
  return false;
19628
19992
  }
19629
19993
  throw error3;
@@ -19677,8 +20041,6 @@ var waitForExit2 = defineCommand({
19677
20041
 
19678
20042
  // src/commands/index.ts
19679
20043
  var children = [
19680
- install,
19681
- uninstall,
19682
20044
  createSession,
19683
20045
  fill,
19684
20046
  type,
@@ -19692,7 +20054,9 @@ var children = [
19692
20054
  resize,
19693
20055
  closeSession,
19694
20056
  getSession,
19695
- listSessions
20057
+ listSessions,
20058
+ install,
20059
+ uninstall
19696
20060
  ];
19697
20061
  function createTerminalPilotGroup() {
19698
20062
  return defineGroup({
@@ -19715,7 +20079,7 @@ async function main(argv = process.argv) {
19715
20079
  const originalArgv = process.argv;
19716
20080
  process.argv = normalizeArgv(argv);
19717
20081
  try {
19718
- await runCLI(createTerminalPilotGroup());
20082
+ await runCLI(createTerminalPilotGroup(), { approvals: false });
19719
20083
  } finally {
19720
20084
  process.argv = originalArgv;
19721
20085
  }