tila-sdk 0.1.0

package/dist/index.cjs

@@ -0,0 +1,2168 @@
+'use strict';
+
+var module$1 = require('module');
+var zod = require('zod');
+
+var _documentCurrentScript = typeof document !== 'undefined' ? document.currentScript : null;
+// src/client.ts
+zod.z.object({
+  id: zod.z.string(),
+  type: zod.z.string(),
+  schema_version: zod.z.number().int(),
+  data: zod.z.record(zod.z.unknown()),
+  archived: zod.z.number().int().default(0),
+  created_at: zod.z.number().int(),
+  updated_at: zod.z.number().int(),
+  created_by: zod.z.string()
+});
+var ClaimModeSchema = zod.z.enum(["exclusive", "owner", "presence"]);
+zod.z.object({
+  resource: zod.z.string(),
+  machine: zod.z.string(),
+  user: zod.z.string(),
+  mode: ClaimModeSchema,
+  fence: zod.z.number().int(),
+  acquired_at: zod.z.number().int(),
+  expires_at: zod.z.number().int(),
+  metadata: zod.z.record(zod.z.unknown()).optional()
+});
+var JournalEventKindSchema = zod.z.enum([
+  "entity.created",
+  "entity.updated",
+  "entity.archived",
+  "claim.acquired",
+  "claim.renewed",
+  "claim.released",
+  "artifact.produced",
+  "artifact.expired",
+  "artifact.tombstoned",
+  "artifact.reconciled",
+  "artifact.search.rebuilt",
+  "schema.applied",
+  "artifact.relationship.added",
+  "entity.artifact.referenced",
+  "gate.created",
+  "gate.resolved",
+  "gate.timed_out",
+  "gate.cancelled",
+  "template.instantiated",
+  "record.created",
+  "record.updated",
+  "record.archived",
+  "record.unarchived"
+]);
+zod.z.object({
+  seq: zod.z.number().int(),
+  t: zod.z.number().int(),
+  kind: JournalEventKindSchema,
+  resource: zod.z.string(),
+  actor: zod.z.string(),
+  token_id: zod.z.string().nullable().optional(),
+  fence: zod.z.number().int().nullable(),
+  data: zod.z.record(zod.z.unknown()),
+  source: zod.z.string().nullable().optional(),
+  source_version: zod.z.string().nullable().optional()
+});
+zod.z.object({
+  r2_key: zod.z.string(),
+  resource: zod.z.string().nullable(),
+  kind: zod.z.string(),
+  // open set, config-defined per tila.schema.toml
+  sha256: zod.z.string(),
+  bytes: zod.z.number().int(),
+  fence: zod.z.number().int().nullable(),
+  mime_type: zod.z.string(),
+  produced_at: zod.z.number().int(),
+  produced_by: zod.z.string(),
+  expires_at: zod.z.number().int().nullable(),
+  tombstoned: zod.z.number().int().default(0)
+});
+zod.z.object({
+  entity_id: zod.z.string(),
+  artifact_key: zod.z.string(),
+  slot: zod.z.string(),
+  metadata: zod.z.record(zod.z.unknown()).default({}),
+  created_at: zod.z.number().int()
+});
+var ArtifactRelationshipTypeSchema = zod.z.enum([
+  "references",
+  "supersedes",
+  "derived-from",
+  "index-of",
+  "entry-of"
+]);
+zod.z.object({
+  from_key: zod.z.string(),
+  to_key: zod.z.string().nullable(),
+  to_uri: zod.z.string().nullable(),
+  type: ArtifactRelationshipTypeSchema,
+  metadata: zod.z.record(zod.z.unknown()).default({}),
+  created_at: zod.z.number().int()
+});
+var ArtifactSearchResultSchema = zod.z.object({
+  r2_key: zod.z.string(),
+  kind: zod.z.string(),
+  resource: zod.z.string().nullable(),
+  mime_type: zod.z.string(),
+  produced_at: zod.z.number().int(),
+  title: zod.z.string().nullable(),
+  snippet: zod.z.string().nullable(),
+  indexed_at: zod.z.number().int()
+});
+var EntitySearchResultSchema = zod.z.object({
+  entity_id: zod.z.string(),
+  entity_type: zod.z.string(),
+  name: zod.z.string().nullable(),
+  snippet: zod.z.string().nullable(),
+  indexed_at: zod.z.number().int()
+});
+zod.z.object({
+  resource: zod.z.string(),
+  current_fence: zod.z.number().int()
+});
+zod.z.object({
+  machine: zod.z.string(),
+  last_seen: zod.z.number().int(),
+  info: zod.z.record(zod.z.unknown())
+});
+var EntityRelationshipTypeSchema = zod.z.enum([
+  "parent-child",
+  "blocks",
+  "soft-blocks",
+  "related",
+  "discovered-from"
+]);
+var EntityRelationshipSchema = zod.z.object({
+  from_id: zod.z.string(),
+  to_id: zod.z.string(),
+  type: EntityRelationshipTypeSchema,
+  schema_version: zod.z.number().int(),
+  created_at: zod.z.number().int()
+});
+var SignalKindSchema = zod.z.enum([
+  "conflict",
+  "ready",
+  "info",
+  "request"
+]);
+var SignalSchema = zod.z.object({
+  id: zod.z.string(),
+  target: zod.z.string(),
+  kind: SignalKindSchema,
+  resource: zod.z.string().nullish(),
+  payload: zod.z.unknown(),
+  created_by: zod.z.string(),
+  created_at: zod.z.number(),
+  expires_at: zod.z.number(),
+  acked_at: zod.z.number().nullable()
+});
+zod.z.object({
+  target: zod.z.string().min(1),
+  kind: SignalKindSchema,
+  resource: zod.z.string().optional(),
+  payload: zod.z.unknown().optional(),
+  ttl_ms: zod.z.number().int().min(1e3).max(864e5).optional()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  id: zod.z.string()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  signals: zod.z.array(SignalSchema)
+});
+zod.z.object({
+  ok: zod.z.literal(true)
+});
+zod.z.object({
+  version: zod.z.number().int(),
+  definition: zod.z.string(),
+  // TOML content as string; SQL column is `definition TEXT NOT NULL`
+  applied_at: zod.z.number().int(),
+  applied_by: zod.z.string()
+});
+zod.z.enum(["relax", "force"]);
+zod.z.object({
+  project_id: zod.z.string(),
+  display_name: zod.z.string().nullable(),
+  created_at: zod.z.number().int(),
+  created_by: zod.z.string(),
+  cloudflare_account_id: zod.z.string(),
+  schema_version: zod.z.number().int(),
+  archived: zod.z.number().int().default(0)
+});
+zod.z.object({
+  token_hash: zod.z.string(),
+  project_id: zod.z.string(),
+  name: zod.z.string(),
+  note: zod.z.string().nullable(),
+  scopes: zod.z.string(),
+  // "full" in v0.1
+  created_at: zod.z.number().int(),
+  created_by: zod.z.string(),
+  last_used_at: zod.z.number().int().nullable(),
+  revoked_at: zod.z.number().int().nullable(),
+  revoked_by: zod.z.string().nullable()
+});
+zod.z.object({
+  key: zod.z.string(),
+  project_id: zod.z.string(),
+  created_at: zod.z.number().int(),
+  response_json: zod.z.string(),
+  status_code: zod.z.number().int(),
+  request_hash: zod.z.string().nullable().optional()
+});
+zod.z.object({
+  project_id: zod.z.string(),
+  backend: zod.z.enum(["cloudflare", "local"]).optional(),
+  worker_url: zod.z.string().url().optional(),
+  custom_domain: zod.z.string().optional(),
+  schema_version: zod.z.number().int(),
+  tila_version: zod.z.string(),
+  created_at: zod.z.string(),
+  // ISO-8601 string from TOML
+  cloudflare: zod.z.object({
+    account_id: zod.z.string()
+  }).optional(),
+  backends: zod.z.object({
+    entity: zod.z.string().default("do-sqlite"),
+    coordination: zod.z.string().default("do-sqlite"),
+    artifact: zod.z.string().default("r2"),
+    auth: zod.z.string().default("d1")
+  }).optional(),
+  local: zod.z.object({
+    db_path: zod.z.string(),
+    artifacts_path: zod.z.string(),
+    org: zod.z.string().optional()
+  }).optional(),
+  auth: zod.z.object({
+    mode: zod.z.enum(["tila-token", "github-repo"]).default("tila-token")
+  }).optional(),
+  github: zod.z.object({
+    host: zod.z.string().default("github.com"),
+    owner: zod.z.string(),
+    repo: zod.z.string(),
+    repo_id: zod.z.number().int().optional()
+  }).optional()
+});
+function arrayToRecord(val) {
+  if (!Array.isArray(val))
+    return val;
+  const entries = val.map((f) => [f.name, f]);
+  return Object.fromEntries(entries);
+}
+var FieldDeclarationSchema = zod.z.object({
+  type: zod.z.string(),
+  required: zod.z.boolean().default(false),
+  default: zod.z.unknown().optional(),
+  default_for_legacy: zod.z.unknown().optional(),
+  name: zod.z.string().optional(),
+  values: zod.z.array(zod.z.string()).optional()
+});
+var ReferenceSlotSchema = zod.z.object({
+  name: zod.z.string(),
+  multiple: zod.z.boolean().default(false),
+  kinds: zod.z.array(zod.z.string())
+});
+var WorkUnitSchema = zod.z.object({
+  fields: zod.z.preprocess(arrayToRecord, zod.z.record(FieldDeclarationSchema)).default({}),
+  parents: zod.z.array(zod.z.string()).default([]),
+  required_parent: zod.z.boolean().default(false),
+  references: zod.z.array(ReferenceSlotSchema).optional()
+});
+var ArtifactKindSchema = zod.z.object({
+  mime_types: zod.z.array(zod.z.string().min(1)).default([]),
+  retention_days: zod.z.number().int().min(0).default(0),
+  requires_reference_to: zod.z.array(zod.z.string()).optional(),
+  searchable: zod.z.boolean().default(false),
+  search_mode: zod.z.enum(["none", "full_text"]).default("none"),
+  auto_supersedes: zod.z.boolean().default(false)
+});
+var TemplateEntitySchema = zod.z.object({
+  id_suffix: zod.z.string().default(""),
+  type: zod.z.string(),
+  data: zod.z.record(zod.z.unknown()).default({})
+});
+var TemplateRelationshipSchema = zod.z.object({
+  from: zod.z.string(),
+  to: zod.z.string(),
+  type: zod.z.string()
+});
+var TemplateDefinitionSchema = zod.z.object({
+  description: zod.z.string().optional(),
+  entities: zod.z.record(TemplateEntitySchema),
+  relationships: zod.z.array(TemplateRelationshipSchema).default([])
+});
+var RecordDefinitionFieldsSchema = zod.z.preprocess(arrayToRecord, zod.z.record(FieldDeclarationSchema)).default({});
+var RecordDefinitionSchema = zod.z.object({
+  format: zod.z.enum(["json", "yaml"]).default("json"),
+  history: zod.z.enum(["revision", "snapshot"]).default("revision"),
+  key_description: zod.z.string().optional(),
+  writers: zod.z.array(zod.z.enum(["human", "agent"])).optional(),
+  mcp_resource: zod.z.boolean().default(false),
+  schema_ref: zod.z.string().optional(),
+  fields: RecordDefinitionFieldsSchema
+});
+zod.z.object({
+  schema_version: zod.z.number().int().positive(),
+  work_units: zod.z.record(WorkUnitSchema).default({}),
+  hierarchy: zod.z.object({
+    levels: zod.z.array(zod.z.string()).default([]),
+    max_depth: zod.z.number().int().positive().optional()
+  }).optional(),
+  artifacts: zod.z.record(ArtifactKindSchema).optional(),
+  artifact_relationships: zod.z.object({
+    types: zod.z.array(zod.z.string()).optional()
+  }).optional(),
+  entity_artifact_references: zod.z.object({
+    slots: zod.z.array(zod.z.string()).optional()
+  }).optional(),
+  templates: zod.z.record(TemplateDefinitionSchema).optional(),
+  records: zod.z.record(RecordDefinitionSchema).default({})
+});
+zod.z.object({
+  account_id: zod.z.string(),
+  account_name: zod.z.string(),
+  d1_database_id: zod.z.string(),
+  worker_url: zod.z.string().url().optional(),
+  r2_bucket_name: zod.z.string().optional(),
+  hmac_key: zod.z.string().optional(),
+  sweep_secret: zod.z.string().optional(),
+  github_app: zod.z.object({
+    app_id: zod.z.number().int().positive(),
+    installation_id: zod.z.number().int().positive()
+  }).optional(),
+  pages_project_name: zod.z.string().optional(),
+  infra_slug: zod.z.string().optional()
+});
+var RecordTypeSchema = zod.z.string().regex(/^[a-z][a-z0-9_-]*$/, "Record type must start with lowercase letter and contain only lowercase letters, digits, underscores, and hyphens");
+var RecordKeySchema = zod.z.string().superRefine((val, ctx) => {
+  if (val.length === 0) {
+    ctx.addIssue({
+      code: zod.z.ZodIssueCode.custom,
+      message: "Record key must not be empty"
+    });
+    return;
+  }
+  if (val.length > 256) {
+    ctx.addIssue({
+      code: zod.z.ZodIssueCode.custom,
+      message: "Record key must not exceed 256 characters"
+    });
+    return;
+  }
+  const segments = val.split("/");
+  if (segments.some((s) => s === "")) {
+    ctx.addIssue({
+      code: zod.z.ZodIssueCode.custom,
+      message: "Record key must not have empty segments (no leading slash, trailing slash, or consecutive slashes)"
+    });
+    return;
+  }
+  if (segments.length > 8) {
+    ctx.addIssue({
+      code: zod.z.ZodIssueCode.custom,
+      message: "Record key must not exceed 8 segments"
+    });
+    return;
+  }
+  for (const seg of segments) {
+    if (seg.length > 64) {
+      ctx.addIssue({
+        code: zod.z.ZodIssueCode.custom,
+        message: `Segment "${seg}" exceeds 64 characters`
+      });
+      return;
+    }
+    if (seg === "." || seg === "..") {
+      ctx.addIssue({
+        code: zod.z.ZodIssueCode.custom,
+        message: `Segment "${seg}" is reserved`
+      });
+      return;
+    }
+    if (seg.startsWith(".") || seg.startsWith("_")) {
+      ctx.addIssue({
+        code: zod.z.ZodIssueCode.custom,
+        message: `Segment "${seg}" must not start with '.' or '_'`
+      });
+      return;
+    }
+    if (seg.includes("~")) {
+      ctx.addIssue({
+        code: zod.z.ZodIssueCode.custom,
+        message: `Segment "${seg}" must not contain '~'`
+      });
+      return;
+    }
+    if (seg.includes(":")) {
+      ctx.addIssue({
+        code: zod.z.ZodIssueCode.custom,
+        message: `Segment "${seg}" must not contain ':'`
+      });
+      return;
+    }
+    if (!/^[a-zA-Z0-9][a-zA-Z0-9_.-]*$/.test(seg)) {
+      ctx.addIssue({
+        code: zod.z.ZodIssueCode.custom,
+        message: `Segment "${seg}" contains invalid characters`
+      });
+      return;
+    }
+  }
+});
+var RecordTagSchema = zod.z.array(zod.z.string().regex(/^[a-zA-Z0-9][a-zA-Z0-9_:.-]{0,63}$/, "Invalid tag format")).transform((tags) => {
+  const seen = /* @__PURE__ */ new Set();
+  const result = [];
+  for (const tag of tags) {
+    const lower = tag.toLowerCase();
+    if (!seen.has(lower)) {
+      seen.add(lower);
+      result.push(lower);
+    }
+  }
+  return result;
+}).refine((tags) => tags.length <= 20, "Record may not have more than 20 tags");
+function sortKeysDeep(v) {
+  if (Array.isArray(v))
+    return v.map(sortKeysDeep);
+  if (v !== null && typeof v === "object") {
+    const sorted = {};
+    for (const k of Object.keys(v).sort()) {
+      sorted[k] = sortKeysDeep(v[k]);
+    }
+    return sorted;
+  }
+  return v;
+}
+function canonicalJson(value) {
+  return JSON.stringify(sortKeysDeep(value));
+}
+var MAX_RECORD_VALUE_BYTES = 65536;
+zod.z.record(zod.z.unknown()).refine((value) => {
+  const canonical = canonicalJson(value);
+  return new TextEncoder().encode(canonical).length <= MAX_RECORD_VALUE_BYTES;
+}, "Record value exceeds 64 KiB canonical JSON limit");
+
+// ../schemas/dist/api.js
+var ErrorEnvelopeSchema = zod.z.object({
+  ok: zod.z.literal(false),
+  error: zod.z.object({
+    code: zod.z.string(),
+    message: zod.z.string(),
+    retryable: zod.z.boolean(),
+    gateIds: zod.z.array(zod.z.string()).optional()
+  })
+});
+zod.z.object({
+  resource: zod.z.string(),
+  mode: ClaimModeSchema,
+  ttl_ms: zod.z.number().int().positive(),
+  idempotency_key: zod.z.string().optional(),
+  metadata: zod.z.record(zod.z.unknown()).optional()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  fence: zod.z.number().int(),
+  expires_at: zod.z.number().int()
+});
+zod.z.object({
+  resource: zod.z.string(),
+  fence: zod.z.number().int(),
+  ttl_ms: zod.z.number().int().positive()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  expires_at: zod.z.number().int()
+});
+zod.z.object({
+  resource: zod.z.string(),
+  fence: zod.z.number().int()
+});
+zod.z.object({
+  ok: zod.z.literal(true)
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  claim: zod.z.object({
+    resource: zod.z.string(),
+    machine: zod.z.string(),
+    user: zod.z.string(),
+    mode: ClaimModeSchema,
+    fence: zod.z.number().int(),
+    acquired_at: zod.z.number().int(),
+    expires_at: zod.z.number().int(),
+    metadata: zod.z.record(zod.z.unknown()).optional()
+  }).nullable()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  claims: zod.z.array(zod.z.object({
+    resource: zod.z.string(),
+    machine: zod.z.string(),
+    user: zod.z.string(),
+    mode: ClaimModeSchema,
+    fence: zod.z.number().int(),
+    acquired_at: zod.z.number().int(),
+    expires_at: zod.z.number().int(),
+    metadata: zod.z.record(zod.z.unknown()).optional()
+  }))
+});
+zod.z.object({
+  id: zod.z.string(),
+  type: zod.z.string(),
+  data: zod.z.record(zod.z.unknown()).default({})
+});
+zod.z.object({
+  data: zod.z.record(zod.z.unknown()),
+  fence: zod.z.number().int()
+});
+zod.z.object({
+  fence: zod.z.number().int()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  entity: zod.z.object({
+    id: zod.z.string(),
+    type: zod.z.string(),
+    schema_version: zod.z.number().int(),
+    data: zod.z.record(zod.z.unknown()),
+    archived: zod.z.number().int(),
+    created_at: zod.z.number().int(),
+    updated_at: zod.z.number().int(),
+    created_by: zod.z.string()
+  })
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  entities: zod.z.array(zod.z.object({
+    id: zod.z.string(),
+    type: zod.z.string(),
+    schema_version: zod.z.number().int(),
+    data: zod.z.record(zod.z.unknown()),
+    archived: zod.z.number().int(),
+    created_at: zod.z.number().int(),
+    updated_at: zod.z.number().int(),
+    created_by: zod.z.string()
+  }))
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  entities: zod.z.array(zod.z.object({
+    id: zod.z.string(),
+    type: zod.z.string(),
+    schema_version: zod.z.number().int(),
+    data: zod.z.record(zod.z.unknown()),
+    archived: zod.z.number().int(),
+    created_at: zod.z.number().int(),
+    updated_at: zod.z.number().int(),
+    created_by: zod.z.string()
+  })),
+  total: zod.z.number().int(),
+  limit: zod.z.number().int().nullable(),
+  offset: zod.z.number().int(),
+  has_more: zod.z.boolean()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  entities: zod.z.array(zod.z.object({
+    id: zod.z.string(),
+    type: zod.z.string(),
+    schema_version: zod.z.number().int(),
+    data: zod.z.record(zod.z.unknown()),
+    archived: zod.z.number().int(),
+    created_at: zod.z.number().int(),
+    updated_at: zod.z.number().int(),
+    created_by: zod.z.string()
+  }))
+});
+var CompactEntitySchema = zod.z.object({
+  id: zod.z.string(),
+  type: zod.z.string(),
+  title: zod.z.string().nullable(),
+  status: zod.z.string().nullable(),
+  claimed_by: zod.z.string().nullable(),
+  blockers: zod.z.number().int().nonnegative(),
+  artifacts: zod.z.number().int().nonnegative()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  entities: zod.z.array(CompactEntitySchema)
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  entity: CompactEntitySchema
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  entities: zod.z.array(CompactEntitySchema),
+  total: zod.z.number().int(),
+  limit: zod.z.number().int().nullable(),
+  offset: zod.z.number().int(),
+  has_more: zod.z.boolean()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  project: zod.z.object({
+    entity_count: zod.z.number().int(),
+    entity_counts: zod.z.record(zod.z.number().int()),
+    status_counts: zod.z.record(zod.z.number().int()),
+    active_claims: zod.z.number().int(),
+    ready_count: zod.z.number().int(),
+    online_machines: zod.z.array(zod.z.string()),
+    token_estimate: zod.z.number().int(),
+    recent_events: zod.z.array(zod.z.object({
+      seq: zod.z.number().int(),
+      t: zod.z.number().int(),
+      kind: zod.z.string(),
+      resource: zod.z.string(),
+      actor: zod.z.string()
+    }))
+  })
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  entity: zod.z.object({
+    id: zod.z.string(),
+    type: zod.z.string(),
+    schema_version: zod.z.number().int(),
+    data: zod.z.record(zod.z.unknown()),
+    archived: zod.z.number().int(),
+    created_at: zod.z.number().int(),
+    updated_at: zod.z.number().int(),
+    created_by: zod.z.string()
+  }),
+  relationships: zod.z.array(EntityRelationshipSchema).default([])
+});
+zod.z.object({
+  ok: zod.z.literal(true)
+});
+zod.z.object({
+  from_id: zod.z.string().min(1),
+  to_id: zod.z.string().min(1),
+  type: EntityRelationshipTypeSchema
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  created: zod.z.boolean().default(true)
+});
+zod.z.object({
+  from_id: zod.z.string().min(1).optional(),
+  to_id: zod.z.string().min(1).optional(),
+  type: EntityRelationshipTypeSchema.optional()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  relationships: zod.z.array(EntityRelationshipSchema)
+});
+zod.z.object({
+  from_id: zod.z.string().min(1),
+  to_id: zod.z.string().min(1),
+  type: EntityRelationshipTypeSchema
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  removed: zod.z.boolean()
+});
+zod.z.object({
+  resource: zod.z.string().optional(),
+  kind: JournalEventKindSchema.optional(),
+  source: zod.z.string().optional(),
+  after_seq: zod.z.number().int().optional(),
+  limit: zod.z.number().int().positive().default(100)
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  events: zod.z.array(zod.z.object({
+    seq: zod.z.number().int(),
+    t: zod.z.number().int(),
+    kind: zod.z.string(),
+    resource: zod.z.string(),
+    actor: zod.z.string(),
+    token_id: zod.z.string().nullable(),
+    fence: zod.z.number().int().nullable(),
+    data: zod.z.record(zod.z.unknown()),
+    source: zod.z.string().nullable(),
+    source_version: zod.z.string().nullable()
+  }))
+});
+zod.z.object({
+  machine: zod.z.string(),
+  info: zod.z.record(zod.z.unknown()).default({})
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  machines: zod.z.array(zod.z.object({
+    machine: zod.z.string(),
+    last_seen: zod.z.number().int(),
+    info: zod.z.record(zod.z.unknown())
+  }))
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  machines: zod.z.array(zod.z.object({
+    machine: zod.z.string(),
+    last_seen: zod.z.number().int(),
+    info: zod.z.record(zod.z.unknown()),
+    active: zod.z.boolean()
+  }))
+});
+zod.z.object({
+  ok: zod.z.literal(true)
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  version: zod.z.string(),
+  apiVersion: zod.z.number().int(),
+  minCliVersion: zod.z.string(),
+  project_id: zod.z.string().optional()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  project_id: zod.z.string(),
+  token_name: zod.z.string(),
+  scopes: zod.z.string(),
+  auth_kind: zod.z.enum(["d1-token", "session", "cookie-session"]).optional(),
+  github_login: zod.z.string().optional(),
+  permission: zod.z.string().optional(),
+  expires_at: zod.z.number().optional()
+});
+var DOHealthResponseSchema = zod.z.object({
+  ok: zod.z.literal(true),
+  expiredClaimsCount: zod.z.number(),
+  journalRows: zod.z.number(),
+  maxSeq: zod.z.number()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  doRttMs: zod.z.number(),
+  doHealth: DOHealthResponseSchema,
+  r2Reachable: zod.z.boolean()
+});
+var SqliteColumnInfoSchema = zod.z.object({
+  cid: zod.z.number(),
+  name: zod.z.string(),
+  type: zod.z.string(),
+  notnull: zod.z.number(),
+  dflt_value: zod.z.string().nullable(),
+  pk: zod.z.number()
+});
+var SchemaMigrationRecordSchema = zod.z.object({
+  version: zod.z.number(),
+  applied_at: zod.z.number()
+});
+var DoctorSchemaSuccessResponseSchema = zod.z.object({
+  ok: zod.z.literal(true),
+  do_code_version: zod.z.string().optional(),
+  sqlite_version: zod.z.string(),
+  migrations: zod.z.array(SchemaMigrationRecordSchema),
+  tables: zod.z.array(zod.z.string()),
+  columns: zod.z.record(zod.z.array(SqliteColumnInfoSchema)),
+  claims_columns: zod.z.array(SqliteColumnInfoSchema).optional()
+});
+var DoctorSchemaStaleResponseSchema = zod.z.object({
+  ok: zod.z.literal(true),
+  stale_do: zod.z.literal(true),
+  message: zod.z.string(),
+  probe_result: zod.z.unknown()
+});
+zod.z.union([
+  DoctorSchemaSuccessResponseSchema,
+  DoctorSchemaStaleResponseSchema
+]);
+var SearchDriftCheckNameSchema = zod.z.enum([
+  "search-missing-doc",
+  "search-orphan-doc",
+  "search-tombstone-leak",
+  "search-unsupported-kind",
+  "search-stale-index"
+]);
+var SearchDriftFindingSchema = zod.z.object({
+  check: SearchDriftCheckNameSchema,
+  status: zod.z.enum(["pass", "warn", "fail"]),
+  count: zod.z.number().int().nonnegative(),
+  detail: zod.z.string(),
+  examples: zod.z.array(zod.z.string()).max(5)
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  findings: zod.z.array(SearchDriftFindingSchema),
+  checkedAt: zod.z.number().int()
+});
+zod.z.object({
+  name: zod.z.string().min(1).max(64).regex(/^[a-z0-9-]+$/),
+  note: zod.z.string().max(256).optional()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  token: zod.z.string(),
+  name: zod.z.string(),
+  created_at: zod.z.number().int()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  name: zod.z.string(),
+  revoked_at: zod.z.number().int()
+});
+var TokenListItemSchema = zod.z.object({
+  name: zod.z.string(),
+  note: zod.z.string().nullable(),
+  scopes: zod.z.string(),
+  created_at: zod.z.number().int(),
+  created_by: zod.z.string(),
+  last_used_at: zod.z.number().int().nullable(),
+  revoked_at: zod.z.number().int().nullable(),
+  revoked_by: zod.z.string().nullable()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  tokens: zod.z.array(TokenListItemSchema)
+});
+var ReconcileDetailSchema = zod.z.object({
+  key: zod.z.string(),
+  status: zod.z.enum(["recovered", "skipped", "unrecoverable"]),
+  reason: zod.z.string().optional()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  orphans_found: zod.z.number().int(),
+  orphans_recovered: zod.z.number().int(),
+  orphans_unrecoverable: zod.z.number().int(),
+  details: zod.z.array(ReconcileDetailSchema)
+});
+var SearchRebuildDetailSchema = zod.z.object({
+  artifact_key: zod.z.string(),
+  status: zod.z.enum(["written", "tombstoned", "skipped", "unrecoverable"]),
+  reason: zod.z.string().optional()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  candidates_found: zod.z.number().int(),
+  written: zod.z.number().int(),
+  tombstoned: zod.z.number().int(),
+  skipped: zod.z.number().int(),
+  unrecoverable: zod.z.number().int(),
+  details: zod.z.array(SearchRebuildDetailSchema)
+});
+zod.z.object({
+  artifact_key: zod.z.string().min(1),
+  slot: zod.z.string().min(1),
+  metadata: zod.z.record(zod.z.unknown()).default({})
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  references: zod.z.array(zod.z.object({
+    entity_id: zod.z.string(),
+    artifact_key: zod.z.string(),
+    slot: zod.z.string(),
+    metadata: zod.z.record(zod.z.unknown()),
+    created_at: zod.z.number().int()
+  }))
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  results: zod.z.array(ArtifactSearchResultSchema),
+  total: zod.z.number().int()
+});
+zod.z.object({
+  q: zod.z.string().min(1).max(200),
+  kind: zod.z.string().optional(),
+  resource: zod.z.string().optional(),
+  source_only: zod.z.string().optional().transform((v) => v === "true").pipe(zod.z.boolean()),
+  limit: zod.z.string().optional().default("20").transform((v) => Number.parseInt(v, 10)).pipe(zod.z.number().int().min(1).max(100))
+});
+var ArtifactGrepLineSchema = zod.z.object({
+  line: zod.z.number().int(),
+  // 1-based line number
+  text: zod.z.string(),
+  // matching line, truncated to GREP_MAX_LINE_TEXT chars
+  col: zod.z.number().int()
+  // 1-based column of first match in the line
+});
+var ArtifactGrepResultSchema = zod.z.object({
+  key: zod.z.string(),
+  kind: zod.z.string(),
+  resource: zod.z.string().nullable(),
+  lines: zod.z.array(ArtifactGrepLineSchema),
+  truncated: zod.z.boolean().optional()
+  // this blob hit the per-blob byte cap
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  results: zod.z.array(ArtifactGrepResultSchema),
+  scanned: zod.z.number().int(),
+  // candidates actually scanned
+  skipped: zod.z.number().int(),
+  // candidates skipped (blob missing/expired)
+  truncated: zod.z.boolean()
+  // request-level cap hit (candidate/byte/match cap)
+});
+zod.z.object({
+  pattern: zod.z.string().min(1).max(200),
+  kind: zod.z.string().optional(),
+  resource: zod.z.string().optional(),
+  regex: zod.z.string().optional().default("false").transform((v) => v === "true").pipe(zod.z.boolean()),
+  limit: zod.z.string().optional().default("50").transform((v) => Number.parseInt(v, 10)).pipe(zod.z.number().int().min(1).max(100))
+  // candidate cap, hard ceiling SWEEP_BATCH_SIZE
+});
+var RecordSearchResultSchema = zod.z.object({
+  record_type: zod.z.string(),
+  record_key: zod.z.string(),
+  snippet: zod.z.string().nullable(),
+  indexed_at: zod.z.number().int()
+});
+var UnifiedSearchResultSchema = zod.z.discriminatedUnion("type", [
+  zod.z.object({ type: zod.z.literal("entity") }).merge(EntitySearchResultSchema),
+  zod.z.object({ type: zod.z.literal("artifact") }).merge(ArtifactSearchResultSchema),
+  zod.z.object({ type: zod.z.literal("record") }).merge(RecordSearchResultSchema)
+]);
+zod.z.object({
+  ok: zod.z.literal(true),
+  results: zod.z.array(UnifiedSearchResultSchema),
+  total: zod.z.number().int()
+});
+zod.z.object({
+  q: zod.z.string().min(1).max(200),
+  limit: zod.z.string().optional().default("20").transform((v) => Number.parseInt(v, 10)).pipe(zod.z.number().int().min(1).max(100))
+});
+zod.z.object({
+  content: zod.z.string().min(1),
+  kind: zod.z.string().min(1),
+  mime_type: zod.z.string().default("text/markdown"),
+  resource: zod.z.string().optional(),
+  fence: zod.z.number().int().optional()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  key: zod.z.string(),
+  bytes: zod.z.number(),
+  deduplicated: zod.z.boolean()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  pointers: zod.z.array(zod.z.object({
+    r2_key: zod.z.string(),
+    resource: zod.z.string().nullable(),
+    kind: zod.z.string(),
+    sha256: zod.z.string(),
+    bytes: zod.z.number(),
+    fence: zod.z.number().nullable(),
+    mime_type: zod.z.string(),
+    produced_at: zod.z.number(),
+    produced_by: zod.z.string(),
+    expires_at: zod.z.number().nullable(),
+    tombstoned: zod.z.number()
+  }))
+});
+zod.z.object({
+  ok: zod.z.literal(true)
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  relationships: zod.z.array(zod.z.object({
+    from_key: zod.z.string(),
+    to_key: zod.z.string().nullable(),
+    to_uri: zod.z.string().nullable(),
+    type: zod.z.string(),
+    metadata: zod.z.record(zod.z.unknown()),
+    created_at: zod.z.number()
+  }))
+});
+zod.z.object({
+  template_name: zod.z.string(),
+  root_id: zod.z.string(),
+  vars: zod.z.record(zod.z.string()).default({})
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  created_entities: zod.z.array(zod.z.string()),
+  created_relationships: zod.z.number().int(),
+  journal_seq: zod.z.number().int()
+});
+zod.z.object({
+  owner: zod.z.string().min(1).max(100),
+  repo: zod.z.string().min(1).max(100),
+  github_host: zod.z.string().optional().default("github.com"),
+  github_token: zod.z.string().optional(),
+  min_read_permission: zod.z.string().optional(),
+  min_write_permission: zod.z.string().optional()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  github_repo_id: zod.z.number().int(),
+  full_name: zod.z.string(),
+  registered_at: zod.z.number().int()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  github_repo_id: zod.z.number().int(),
+  removed_at: zod.z.number().int()
+});
+zod.z.object({
+  key: RecordKeySchema,
+  value: zod.z.record(zod.z.unknown()),
+  tags: RecordTagSchema.optional(),
+  message: zod.z.string().optional(),
+  source_artifact_key: zod.z.string().nullable().optional()
+});
+zod.z.object({
+  value: zod.z.record(zod.z.unknown()),
+  fence: zod.z.number().int(),
+  tags: RecordTagSchema.optional(),
+  message: zod.z.string().optional(),
+  source_artifact_key: zod.z.string().nullable().optional()
+});
+zod.z.object({
+  patch: zod.z.record(zod.z.unknown()),
+  fence: zod.z.number().int(),
+  message: zod.z.string().optional()
+});
+zod.z.object({
+  fence: zod.z.number().int(),
+  message: zod.z.string().optional()
+});
+zod.z.object({
+  fence: zod.z.number().int(),
+  message: zod.z.string().optional()
+});
+var RecordItemSchema = zod.z.object({
+  type: RecordTypeSchema,
+  key: RecordKeySchema,
+  schema_version: zod.z.number().int(),
+  value: zod.z.record(zod.z.unknown()),
+  value_sha256: zod.z.string(),
+  revision: zod.z.number().int(),
+  archived: zod.z.number().int(),
+  created_at: zod.z.number().int(),
+  updated_at: zod.z.number().int(),
+  updated_by: zod.z.string(),
+  tags: zod.z.array(zod.z.string())
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  record: RecordItemSchema,
+  fence: zod.z.number().int()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  record: RecordItemSchema,
+  fence: zod.z.number().int(),
+  revision: zod.z.number().int()
+});
+var RecordListItemSchema = zod.z.object({
+  type: RecordTypeSchema,
+  key: RecordKeySchema,
+  revision: zod.z.number().int(),
+  updated_at: zod.z.number().int(),
+  updated_by: zod.z.string(),
+  archived: zod.z.number().int(),
+  tags: zod.z.array(zod.z.string())
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  items: zod.z.array(RecordListItemSchema),
+  meta: zod.z.object({
+    total: zod.z.number().int(),
+    limit: zod.z.number().int(),
+    next_cursor: zod.z.string().nullable()
+  })
+});
+var RecordHistoryItemSchema = zod.z.object({
+  type: RecordTypeSchema,
+  key: RecordKeySchema,
+  revision: zod.z.number().int(),
+  operation: zod.z.enum(["created", "set", "patch", "archived", "unarchived"]),
+  schema_version: zod.z.number().int(),
+  value_sha256: zod.z.string(),
+  canonical_artifact_key: zod.z.string().nullable(),
+  source_artifact_key: zod.z.string().nullable(),
+  actor: zod.z.string(),
+  created_at: zod.z.number().int(),
+  message: zod.z.string().nullable()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  items: zod.z.array(RecordHistoryItemSchema),
+  meta: zod.z.object({
+    total: zod.z.number().int(),
+    limit: zod.z.number().int(),
+    next_cursor: zod.z.string().nullable()
+  })
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  types: zod.z.array(zod.z.string())
+});
+zod.z.object({
+  title: zod.z.string().nullable(),
+  body_text: zod.z.string()
+});
+var SessionPermissionSchema = zod.z.enum(["read", "write", "admin"]);
+zod.z.object({
+  project_id: zod.z.string().min(1),
+  github_host: zod.z.string().min(1),
+  github_repo_id: zod.z.number().int(),
+  github_login: zod.z.string().min(1),
+  github_user_id: zod.z.number().int(),
+  permission: SessionPermissionSchema,
+  expires_at: zod.z.number().int(),
+  issued_at: zod.z.number().int(),
+  /**
+   * JWT ID — a random nonce added to every newly minted session token (C9).
+   * Optional for backward compatibility with tokens minted before this field
+   * was added. Tokens without jti are not revocable via the revocation store.
+   */
+  jti: zod.z.string().optional()
+});
+zod.z.object({
+  project_id: zod.z.string().min(1),
+  github_token: zod.z.string().min(1)
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  session_token: zod.z.string(),
+  expires_at: zod.z.number().int(),
+  project_id: zod.z.string(),
+  github_login: zod.z.string(),
+  github_repo_id: zod.z.number().int(),
+  permission: SessionPermissionSchema
+});
+zod.z.object({
+  project_id: zod.z.string().min(1),
+  installation_id: zod.z.number().int().positive()
+});
+zod.z.object({
+  project_id: zod.z.string().min(1),
+  user_token: zod.z.string().min(1),
+  auth_method: zod.z.literal("user_token")
+});
+zod.z.object({
+  app_id: zod.z.number().int(),
+  client_id: zod.z.string().min(1)
+});
+zod.z.object({
+  project_id: zod.z.string().min(1),
+  oidc_token: zod.z.string().min(1)
+});
+zod.z.object({
+  token: zod.z.string().min(1),
+  project_id: zod.z.string().min(1)
+});
+zod.z.object({ ok: zod.z.literal(true) });
+zod.z.object({
+  ok: zod.z.literal(true),
+  projectId: zod.z.string()
+});
+var GateAwaitTypeSchema = zod.z.enum([
+  "ci",
+  "pr",
+  "timer",
+  "human",
+  "webhook"
+]);
+var GateStatusSchema = zod.z.enum([
+  "pending",
+  "resolved",
+  "timed_out",
+  "cancelled"
+]);
+var GateSchema = zod.z.object({
+  id: zod.z.string(),
+  resource: zod.z.string(),
+  await_type: GateAwaitTypeSchema,
+  status: GateStatusSchema,
+  fence: zod.z.number().int(),
+  timeout_at: zod.z.number().int().nullable(),
+  resolved_at: zod.z.number().int().nullable(),
+  resolution: zod.z.string().nullable(),
+  created_at: zod.z.number().int(),
+  created_by: zod.z.string(),
+  token_id: zod.z.string().nullable().optional(),
+  data: zod.z.record(zod.z.unknown())
+});
+zod.z.object({
+  resource: zod.z.string(),
+  await_type: GateAwaitTypeSchema,
+  fence: zod.z.number().int(),
+  timeout_at: zod.z.number().int().optional(),
+  data: zod.z.record(zod.z.unknown()).optional()
+});
+zod.z.object({
+  resolution: zod.z.string().optional()
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  gate: GateSchema
+});
+zod.z.object({
+  ok: zod.z.literal(true),
+  gates: zod.z.array(GateSchema)
+});
+
+// src/client.ts
+var require2 = module$1.createRequire((typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('index.cjs', document.baseURI).href)));
+var SDK_VERSION = require2("../package.json").version;
+var TilaClient = class _TilaClient {
+  baseUrl;
+  token;
+  validate;
+  timeoutMs;
+  extraHeaders;
+  constructor(opts) {
+    this.baseUrl = opts.baseUrl.replace(/\/+$/, "");
+    this.token = opts.token;
+    this.validate = opts.validate ?? false;
+    this.timeoutMs = opts.timeoutMs ?? 3e4;
+    this.extraHeaders = {
+      "X-Tila-Source": `sdk/${SDK_VERSION}`,
+      ...opts.extraHeaders
+    };
+  }
+  /**
+   * Creates an AbortSignal that fires after this.timeoutMs.
+   * Uses AbortSignal.timeout() when available (Node 18.8+, Bun 0.5+, browsers),
+   * falls back to manual setTimeout + AbortController for older runtimes.
+   *
+   * Note: Cloudflare Workers has supported AbortSignal.timeout() since 2023;
+   * the fallback branch will never execute there.
+   */
+  createAbortSignal() {
+    if (typeof AbortSignal.timeout === "function") {
+      return AbortSignal.timeout(this.timeoutMs);
+    }
+    const controller = new AbortController();
+    setTimeout(
+      () => controller.abort(
+        new DOMException(
+          "The operation was aborted due to timeout",
+          "TimeoutError"
+        )
+      ),
+      this.timeoutMs
+    );
+    return controller.signal;
+  }
+  static fromConfig(config, token) {
+    if (!config.worker_url) {
+      throw new Error(
+        `Cannot create TilaClient: config has no worker_url. Use 'tila project create' or set backend = "cloudflare" in .tila/config.toml.`
+      );
+    }
+    return new _TilaClient({ baseUrl: config.worker_url, token });
+  }
+  async request(method, path, opts) {
+    const url = new URL(path, `${this.baseUrl}/`);
+    if (opts?.query) {
+      for (const [key, value] of Object.entries(opts.query)) {
+        if (value !== void 0) {
+          url.searchParams.set(key, value);
+        }
+      }
+    }
+    const headers = {
+      Authorization: `Bearer ${this.token}`,
+      Accept: "application/json",
+      ...this.extraHeaders
+    };
+    const init = {
+      method,
+      headers,
+      signal: this.createAbortSignal()
+    };
+    if (opts?.body !== void 0) {
+      headers["Content-Type"] = "application/json";
+      init.body = JSON.stringify(opts.body);
+    }
+    let res;
+    try {
+      res = await fetch(url.toString(), init);
+    } catch (err) {
+      if (err instanceof Error && (err.name === "AbortError" || err.name === "TimeoutError")) {
+        throw new Error(
+          `Request to ${url.origin} timed out after ${this.timeoutMs}ms`
+        );
+      }
+      throw new Error(
+        `Network error connecting to ${url.origin}: ${err instanceof Error ? err.message : String(err)}`
+      );
+    }
+    if (!res.ok) {
+      await this.throwApiError(res);
+    }
+    const body = await res.json();
+    const shouldValidate = opts?.validate ?? this.validate;
+    if (shouldValidate && opts?.schema) {
+      const result = opts.schema.safeParse(body);
+      if (!result.success) {
+        const issues = result.error.issues.map((i) => `  - ${i.path.join(".")}: ${i.message}`).join("\n");
+        throw new Error(
+          `Unexpected response shape from ${method} ${path}:
+${issues}`
+        );
+      }
+      return result.data;
+    }
+    return body;
+  }
+  async get(path, opts) {
+    return this.request("GET", path, {
+      schema: opts?.schema,
+      query: opts?.query,
+      validate: opts?.validate
+    });
+  }
+  async post(path, body, opts) {
+    return this.request("POST", path, {
+      body,
+      schema: opts?.schema,
+      validate: opts?.validate
+    });
+  }
+  async put(path, body, opts) {
+    return this.request("PUT", path, {
+      body,
+      schema: opts?.schema,
+      validate: opts?.validate
+    });
+  }
+  async patch(path, body, opts) {
+    return this.request("PATCH", path, {
+      body,
+      schema: opts?.schema,
+      validate: opts?.validate
+    });
+  }
+  async delete(path, opts) {
+    return this.request("DELETE", path, {
+      schema: opts?.schema,
+      validate: opts?.validate
+    });
+  }
+  async requestRaw(method, path, opts) {
+    const url = new URL(path, `${this.baseUrl}/`);
+    if (opts?.query) {
+      for (const [key, value] of Object.entries(opts.query)) {
+        if (value !== void 0) {
+          url.searchParams.set(key, value);
+        }
+      }
+    }
+    const headers = {
+      Authorization: `Bearer ${this.token}`,
+      ...this.extraHeaders
+    };
+    let res;
+    try {
+      res = await fetch(url.toString(), {
+        method,
+        headers,
+        signal: this.createAbortSignal()
+      });
+    } catch (err) {
+      if (err instanceof Error && (err.name === "AbortError" || err.name === "TimeoutError")) {
+        throw new Error(
+          `Request to ${url.origin} timed out after ${this.timeoutMs}ms`
+        );
+      }
+      throw new Error(
+        `Network error connecting to ${url.origin}: ${err instanceof Error ? err.message : String(err)}`
+      );
+    }
+    if (!res.ok) {
+      await this.throwApiError(res);
+    }
+    return res;
+  }
+  async postFormData(path, formData, opts) {
+    const url = new URL(path, `${this.baseUrl}/`);
+    const headers = {
+      Authorization: `Bearer ${this.token}`,
+      Accept: "application/json",
+      ...this.extraHeaders
+    };
+    let res;
+    try {
+      res = await fetch(url.toString(), {
+        method: "POST",
+        headers,
+        body: formData,
+        signal: this.createAbortSignal()
+      });
+    } catch (err) {
+      if (err instanceof Error && (err.name === "AbortError" || err.name === "TimeoutError")) {
+        throw new Error(
+          `Request to ${url.origin} timed out after ${this.timeoutMs}ms`
+        );
+      }
+      throw new Error(
+        `Network error connecting to ${url.origin}: ${err instanceof Error ? err.message : String(err)}`
+      );
+    }
+    if (!res.ok) {
+      await this.throwApiError(res);
+    }
+    const body = await res.json();
+    const shouldValidate = opts?.validate ?? this.validate;
+    if (shouldValidate && opts?.schema) {
+      const result = opts.schema.safeParse(body);
+      if (!result.success) {
+        const issues = result.error.issues.map((i) => `  - ${i.path.join(".")}: ${i.message}`).join("\n");
+        throw new Error(
+          `Unexpected response shape from POST ${path}:
+${issues}`
+        );
+      }
+      return result.data;
+    }
+    return body;
+  }
+  async throwApiError(res) {
+    try {
+      const body = await res.json();
+      const parsed = ErrorEnvelopeSchema.safeParse(body);
+      if (parsed.success) {
+        const { code, message, retryable } = parsed.data.error;
+        throw new TilaApiError(res.status, code, message, retryable);
+      }
+    } catch (err) {
+      if (err instanceof TilaApiError) throw err;
+    }
+    throw new TilaApiError(
+      res.status,
+      "UNKNOWN",
+      `HTTP ${res.status}: ${res.statusText}`,
+      false
+    );
+  }
+};
+var TilaApiError = class extends Error {
+  constructor(status, code, message, retryable) {
+    super(message);
+    this.status = status;
+    this.code = code;
+    this.retryable = retryable;
+    this.name = "TilaApiError";
+  }
+  status;
+  code;
+  retryable;
+};
+function isTilaApiError(err) {
+  return err instanceof TilaApiError;
+}
+async function exchangeGitHubToken(baseUrl, projectId, githubToken) {
+  const url = `${baseUrl.replace(/\/+$/, "")}/api/auth/github/exchange`;
+  let res;
+  try {
+    res = await fetch(url, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        project_id: projectId,
+        github_token: githubToken
+      })
+    });
+  } catch (err) {
+    throw new Error(
+      `Network error during GitHub token exchange: ${err instanceof Error ? err.message : String(err)}`
+    );
+  }
+  if (!res.ok) {
+    try {
+      const body2 = await res.json();
+      const parsed = ErrorEnvelopeSchema.safeParse(body2);
+      if (parsed.success) {
+        const { code, message, retryable } = parsed.data.error;
+        throw new TilaApiError(res.status, code, message, retryable);
+      }
+    } catch (err) {
+      if (err instanceof TilaApiError) throw err;
+    }
+    throw new TilaApiError(
+      res.status,
+      "UNKNOWN",
+      `HTTP ${res.status}: ${res.statusText}`,
+      false
+    );
+  }
+  const body = await res.json();
+  if (!body.session_token || typeof body.expires_at !== "number") {
+    throw new TypeError(
+      "Exchange returned unexpected response shape: missing session_token or expires_at"
+    );
+  }
+  return {
+    sessionToken: body.session_token,
+    expiresAt: body.expires_at,
+    permission: body.permission ?? "read"
+  };
+}
+
+// src/retry.ts
+async function withRetry(fn, opts) {
+  const maxRetries = opts?.maxRetries ?? 3;
+  const baseDelayMs = opts?.baseDelayMs ?? 200;
+  const maxDelayMs = opts?.maxDelayMs ?? 3e4;
+  const jitter = opts?.jitter ?? true;
+  for (let attempt = 0; attempt <= maxRetries; attempt++) {
+    try {
+      return await fn();
+    } catch (err) {
+      if (isTilaApiError(err) && err.retryable === false) {
+        throw err;
+      }
+      if (attempt === maxRetries) {
+        throw err;
+      }
+      const cap = Math.min(maxDelayMs, baseDelayMs * 2 ** attempt);
+      const sleepMs = jitter ? Math.random() * cap : cap;
+      await new Promise((resolve) => setTimeout(resolve, sleepMs));
+    }
+  }
+  throw new Error("withRetry: unreachable");
+}
+
+// src/error-codes.ts
+var TILA_ERRORS = {
+  // Auth / middleware (worker layer — SCREAMING_SNAKE_CASE wire values)
+  UNAUTHORIZED: "UNAUTHORIZED",
+  SESSION_EXPIRED: "SESSION_EXPIRED",
+  RATE_LIMITED: "RATE_LIMITED",
+  PERMISSION_DENIED: "PERMISSION_DENIED",
+  PROJECT_MISMATCH: "PROJECT_MISMATCH",
+  CSRF_MISSING_ORIGIN: "CSRF_MISSING_ORIGIN",
+  CSRF_ORIGIN_MISMATCH: "CSRF_ORIGIN_MISMATCH",
+  INTERNAL_ERROR: "INTERNAL_ERROR",
+  DO_UNREACHABLE: "do-unreachable",
+  // Auth endpoint specific
+  REPO_NOT_ALLOWED: "REPO_NOT_ALLOWED",
+  GITHUB_AUTH_FAILED: "GITHUB_AUTH_FAILED",
+  HMAC_NOT_CONFIGURED: "HMAC_NOT_CONFIGURED",
+  // Token endpoint specific
+  TOKEN_NAME_CONFLICT: "TOKEN_NAME_CONFLICT",
+  TOKEN_AUTHZ_DENIED: "TOKEN_AUTHZ_DENIED",
+  TOKEN_NOT_FOUND: "TOKEN_NOT_FOUND",
+  // Validation (worker layer uses SCREAMING_SNAKE for this code)
+  VALIDATION_ERROR: "VALIDATION_ERROR",
+  // DO errors (project-do-router — kebab-case wire values)
+  STALE_FENCE: "stale-fence",
+  NOT_FOUND: "not-found",
+  GATE_ALREADY_SETTLED: "gate-already-settled",
+  NO_FENCE: "no-fence",
+  INTERNAL: "internal",
+  CONSTRAINT_VIOLATION: "constraint-violation",
+  IDEMPOTENCY_KEY_CONFLICT: "idempotency-key-conflict",
+  // DO-layer validation uses kebab-case (distinct from VALIDATION_ERROR above)
+  VALIDATION_ERROR_DO: "validation-error",
+  ALREADY_HELD: "already-held",
+  RENEW_FAILED: "renew-failed",
+  BAD_REQUEST: "bad-request",
+  MISSING_QUERY: "missing-query",
+  INVALID_QUERY: "invalid-query",
+  INVALID_SLOT: "invalid-slot",
+  INVALID_RELATIONSHIP_TYPE: "invalid-relationship-type",
+  // Fallback (SDK-generated when response is unparseable)
+  UNKNOWN: "UNKNOWN"
+};
+
+// src/entities.ts
+function _createMethods(client, base) {
+  return {
+    async create(id, type, data) {
+      return client.post(base, { id, type, data });
+    },
+    async get(id) {
+      return client.get(`${base}/${id}`);
+    },
+    async list(query) {
+      return client.get(base, { query });
+    },
+    async update(id, data, fence) {
+      return client.patch(`${base}/${id}`, { data, fence });
+    },
+    async archive(id, fence) {
+      return client.post(`${base}/${id}/archive`, {
+        fence
+      });
+    },
+    async addRelationship(fromId, toId, type) {
+      return client.post(
+        `${base}/${fromId}/relationships`,
+        {
+          to_id: toId,
+          type
+        }
+      );
+    },
+    async addArtifactRef(entityId, artifactKey, slot, metadata) {
+      return client.post(`${base}/${entityId}/artifact-refs`, {
+        artifact_key: artifactKey,
+        slot,
+        metadata
+      });
+    },
+    async listArtifactRefs(entityId) {
+      return client.get(
+        `${base}/${entityId}/artifact-refs`
+      );
+    }
+  };
+}
+function createTaskMethods(client, projectId) {
+  return _createMethods(client, `/projects/${projectId}/tasks`);
+}
+function createEntityMethods(client, projectId) {
+  return _createMethods(client, `/projects/${projectId}/entities`);
+}
+function createWorkUnitMethods(client, projectId) {
+  return _createMethods(client, `/projects/${projectId}/work-units`);
+}
+
+// src/claims.ts
+function createClaimMethods(client, projectId) {
+  const base = `/projects/${projectId}/claims`;
+  return {
+    async acquire(resource, mode, ttlMs, opts) {
+      return client.post(`${base}/acquire`, {
+        resource,
+        mode,
+        ttl_ms: ttlMs,
+        ...opts
+      });
+    },
+    async renew(resource, fence, ttlMs) {
+      return client.post(`${base}/renew`, {
+        resource,
+        fence,
+        ttl_ms: ttlMs
+      });
+    },
+    async release(resource, fence) {
+      return client.post(`${base}/release`, {
+        resource,
+        fence
+      });
+    },
+    async list() {
+      return client.get(base);
+    },
+    async get(resource) {
+      return client.get(
+        `${base}/${encodeURIComponent(resource)}`
+      );
+    }
+  };
+}
+
+// src/artifacts.ts
+function createArtifactMethods(client, projectId) {
+  const base = `/projects/${projectId}/artifacts`;
+  return {
+    upload: Object.assign(
+      function upload(input, opts) {
+        if (input instanceof ReadableStream) {
+          if (!opts.mimeType) {
+            throw new TypeError(
+              "mimeType is required when uploading a ReadableStream. Pass opts.mimeType explicitly."
+            );
+          }
+          return new Response(input).arrayBuffer().then((bytes) => {
+            const uploadFile = new Blob([bytes], {
+              type: opts.mimeType
+            });
+            const formData2 = new FormData();
+            formData2.append("file", uploadFile);
+            formData2.append("kind", opts.kind);
+            formData2.append("mime_type", opts.mimeType);
+            if (opts.resource) formData2.append("resource", opts.resource);
+            if (opts.fence !== void 0)
+              formData2.append("fence", String(opts.fence));
+            if (opts.flavor) formData2.append("flavor", opts.flavor);
+            return client.postFormData(base, formData2);
+          });
+        }
+        const contentType = opts.mimeType || (input instanceof File ? input.type : "") || "";
+        if (!contentType) {
+          throw new TypeError(
+            "contentType is required for uploads when file.type is absent. Pass opts.mimeType explicitly."
+          );
+        }
+        const formData = new FormData();
+        formData.append("file", input);
+        formData.append("kind", opts.kind);
+        formData.append("mime_type", contentType);
+        if (opts.resource) formData.append("resource", opts.resource);
+        if (opts.fence !== void 0)
+          formData.append("fence", String(opts.fence));
+        if (opts.flavor) formData.append("flavor", opts.flavor);
+        return client.postFormData(base, formData);
+      },
+      {}
+    ),
+    async download(key) {
+      const res = await client.requestRaw(
+        "GET",
+        `${base}/${encodeURIComponent(key)}`
+      );
+      return {
+        body: res.body ?? new ReadableStream(),
+        contentType: res.headers.get("content-type") || "application/octet-stream",
+        contentLength: res.headers.has("content-length") ? Number(res.headers.get("content-length")) : null
+      };
+    },
+    async list(query) {
+      return client.get(base, { query });
+    },
+    async search(q, opts) {
+      return client.get(`${base}/search`, {
+        query: { q, ...opts }
+      });
+    },
+    async grep(pattern, opts) {
+      const query = { pattern };
+      if (opts?.kind) query.kind = opts.kind;
+      if (opts?.resource) query.resource = opts.resource;
+      if (opts?.regex) query.regex = "true";
+      if (opts?.limit != null) query.limit = String(opts.limit);
+      return client.get(`${base}/grep`, { query });
+    },
+    async addRelationship(fromKey, toKeyOrUri, type, metadata) {
+      const isUri = toKeyOrUri.includes("://");
+      return client.post(
+        `${base}/${encodeURIComponent(fromKey)}/relationships`,
+        {
+          [isUri ? "to_uri" : "to_key"]: toKeyOrUri,
+          type,
+          metadata
+        }
+      );
+    },
+    async listRelationships(key) {
+      return client.get(
+        `${base}/${encodeURIComponent(key)}/relationships`
+      );
+    },
+    async getLatest(kind, resource) {
+      const res = await client.requestRaw("GET", `${base}/latest`, {
+        query: { kind, resource }
+      });
+      if (res.status === 404) return null;
+      if (!res.ok) {
+        const body2 = await res.json().catch(() => ({}));
+        throw new Error(
+          `getLatest failed with status ${res.status}: ${JSON.stringify(body2)}`
+        );
+      }
+      const body = await res.json();
+      return body.pointer;
+    },
+    async writeText(content, opts) {
+      return client.post(`${base}/text`, {
+        content,
+        kind: opts.kind,
+        mime_type: opts.mimeType ?? "text/markdown",
+        resource: opts.resource,
+        fence: opts.fence
+      });
+    },
+    async readText(key) {
+      const res = await client.requestRaw(
+        "GET",
+        `${base}/${encodeURIComponent(key)}`
+      );
+      const contentType = res.headers.get("content-type") || "application/octet-stream";
+      if (!contentType.startsWith("text/")) {
+        throw new TypeError(
+          `Artifact ${key} has MIME type ${contentType} \u2014 readText only supports text/* artifacts`
+        );
+      }
+      const text = await res.text();
+      return { content: text, mimeType: contentType };
+    }
+  };
+}
+
+// src/tokens.ts
+function createTokenMethods(client) {
+  const base = "/api/tokens";
+  return {
+    async issue(name, note) {
+      return client.post(base, { name, note });
+    },
+    async revoke(name) {
+      return client.delete(
+        `${base}/${encodeURIComponent(name)}`
+      );
+    },
+    async list() {
+      return client.get(base);
+    }
+  };
+}
+
+// src/journal.ts
+function createJournalMethods(client, projectId) {
+  const base = `/projects/${projectId}/journal`;
+  return {
+    async query(opts) {
+      return client.get(base, { query: opts });
+    }
+  };
+}
+
+// src/presence.ts
+function createPresenceMethods(client, projectId) {
+  const base = `/projects/${projectId}/presence`;
+  return {
+    async heartbeat(machine, ttlMs) {
+      return client.post(base, {
+        machine,
+        ttl_ms: ttlMs
+      });
+    },
+    async list() {
+      return client.get(base);
+    },
+    /**
+     * List all presence records across all machines, including whether each is active.
+     * Hits GET /projects/:projectId/presence/all
+     */
+    async listAll() {
+      return client.get(`${base}/all`);
+    }
+  };
+}
+
+// src/records.ts
+function encodeKey(key) {
+  return key.split("/").map(encodeURIComponent).join("/");
+}
+function createRecordMethods(client, projectId) {
+  const base = `/projects/${projectId}/records`;
+  return {
+    async create(type, req) {
+      return client.post(`${base}/${type}`, req);
+    },
+    async set(type, key, req) {
+      return client.put(
+        `${base}/${type}/${encodeKey(key)}`,
+        req
+      );
+    },
+    async get(type, key) {
+      return client.get(`${base}/${type}/${encodeKey(key)}`);
+    },
+    async patch(type, key, req) {
+      return client.patch(
+        `${base}/${type}/${encodeKey(key)}`,
+        req
+      );
+    },
+    async archive(type, key, req) {
+      return client.post(
+        `${base}/${type}/~/archive/${encodeKey(key)}`,
+        req
+      );
+    },
+    async unarchive(type, key, req) {
+      return client.post(
+        `${base}/${type}/~/unarchive/${encodeKey(key)}`,
+        req
+      );
+    },
+    async history(type, key, opts) {
+      const query = {};
+      if (opts?.limit !== void 0) query.limit = String(opts.limit);
+      if (opts?.values !== void 0) query.values = String(opts.values);
+      return client.get(
+        `${base}/${type}/~/history/${encodeKey(key)}`,
+        { query }
+      );
+    },
+    async list(type, query) {
+      return client.get(`${base}/${type}`, { query });
+    },
+    async types() {
+      return client.get(`${base}/_types`);
+    },
+    async typesInUse() {
+      const raw = await client.get(`${base}/_types`);
+      return { ok: true, types: raw.in_use_types ?? [] };
+    }
+  };
+}
+
+// src/schema.ts
+function createSchemaMethods(client, projectId) {
+  const base = `/projects/${projectId}/schema`;
+  return {
+    async get() {
+      return client.get(base);
+    },
+    async apply(schema, strategy) {
+      return client.post(`${base}/apply`, { schema, strategy });
+    },
+    async history(opts) {
+      return client.get(`${base}/history`, { query: opts });
+    }
+  };
+}
+
+// src/signals.ts
+function createSignalMethods(client, projectId) {
+  const base = `/projects/${projectId}/signals`;
+  return {
+    /** Fetch the signal inbox for the current token. GET /projects/:id/signals */
+    async inbox() {
+      return client.get(base);
+    },
+    /** Send a signal to a target. POST /projects/:id/signals/send */
+    async send(req) {
+      return client.post(`${base}/send`, req);
+    },
+    /** Acknowledge a signal. POST /projects/:id/signals/:signalId/ack */
+    async ack(signalId) {
+      return client.post(`${base}/${signalId}/ack`, {});
+    }
+  };
+}
+
+// src/gates.ts
+function createGateMethods(client, projectId) {
+  const base = `/projects/${projectId}/gates`;
+  return {
+    /** List gates with optional filters. GET /projects/:id/gates */
+    async list(query) {
+      return client.get(base, { query });
+    },
+    /** Create a new gate. POST /projects/:id/gates */
+    async create(req) {
+      return client.post(base, req);
+    },
+    /** Resolve a gate. POST /projects/:id/gates/:gateId/resolve */
+    async resolve(gateId, req) {
+      return client.post(`${base}/${gateId}/resolve`, req ?? {});
+    },
+    /** Delete a gate. DELETE /projects/:id/gates/:gateId */
+    async remove(gateId) {
+      return client.delete(`${base}/${gateId}`);
+    }
+  };
+}
+
+// src/templates.ts
+function createTemplateMethods(client, projectId) {
+  const base = `/projects/${projectId}/templates`;
+  return {
+    /** Instantiate an entity template. POST /projects/:id/templates/instantiate */
+    async instantiate(req) {
+      return client.post(
+        `${base}/instantiate`,
+        req
+      );
+    },
+    /** List available templates from the project schema. GET /projects/:id/templates */
+    async list() {
+      return client.get(base);
+    }
+  };
+}
+
+// src/indexes.ts
+function createIndexMethods(client, projectId) {
+  const base = `/projects/${projectId}/artifacts`;
+  return {
+    /**
+     * Create an index artifact. Uploads file content with flavor=index.
+     * Returns the artifact key and byte count.
+     */
+    async create(input, opts) {
+      const mimeType = opts?.mimeType || (input instanceof File ? input.type : "") || "application/octet-stream";
+      const formData = new FormData();
+      formData.append("file", input);
+      formData.append("kind", opts?.kind ?? "index");
+      formData.append("mime_type", mimeType);
+      formData.append("flavor", opts?.flavor ?? "index");
+      if (opts?.resource) formData.append("resource", opts.resource);
+      return client.postFormData(base, formData);
+    },
+    /**
+     * Add an entry artifact to an index. Records the relationship
+     * entry_key -> index_key with type "entry-of".
+     */
+    async addEntry(entryKey, indexKey) {
+      return client.post(
+        `${base}/${encodeURIComponent(entryKey)}/relationships`,
+        { to_key: indexKey, type: "entry-of" }
+      );
+    },
+    /**
+     * List relationships FROM the given index key. Note: this returns
+     * forward relationships (what the index points to), not a reverse
+     * lookup of entries pointing to this index. The HTTP API does not
+     * expose a reverse-lookup endpoint; for that, use the CLI's
+     * `tila index list-entries` which queries ops-sqlite directly.
+     */
+    async listEntries(indexKey) {
+      return client.get(
+        `${base}/${encodeURIComponent(indexKey)}/relationships`
+      );
+    }
+  };
+}
+
+// src/summary.ts
+function createSummaryMethods(client, projectId) {
+  return {
+    /** Get project summary. GET /projects/:id/summary */
+    async get() {
+      return client.get(`/projects/${projectId}/summary`);
+    }
+  };
+}
+
+// src/search.ts
+function createSearchMethods(client, projectId) {
+  const base = `/projects/${projectId}`;
+  return {
+    async search(q, opts) {
+      const query = { q };
+      if (opts?.limit !== void 0) query.limit = String(opts.limit);
+      return client.get(`${base}/search`, { query });
+    }
+  };
+}
+
+// src/claim-handle.ts
+var ClaimHandle = class {
+  resource;
+  fence;
+  expiresAt;
+  client;
+  projectId;
+  errorListeners = [];
+  constructor(opts) {
+    this.client = opts.client;
+    this.projectId = opts.projectId;
+    this.resource = opts.resource;
+    this.fence = opts.fence;
+    this.expiresAt = opts.expiresAt;
+  }
+  on(event, listener) {
+    if (event === "error") {
+      this.errorListeners.push(listener);
+    }
+  }
+  emitError(err) {
+    for (const listener of this.errorListeners) {
+      listener(err);
+    }
+  }
+  async updateEntity(id, data) {
+    const entities = createEntityMethods(this.client, this.projectId);
+    return entities.update(id, data, this.fence);
+  }
+  async uploadArtifact(input, opts) {
+    const artifacts = createArtifactMethods(this.client, this.projectId);
+    return artifacts.upload(input, { ...opts, fence: this.fence });
+  }
+  async addArtifactRef(entityId, artifactKey, slot) {
+    const entities = createEntityMethods(this.client, this.projectId);
+    await entities.addArtifactRef(entityId, artifactKey, slot);
+  }
+  startHeartbeat(ttlMs, opts) {
+    const intervalMs = opts?.intervalMs ?? Math.floor(ttlMs * 0.4);
+    const timer = setInterval(async () => {
+      try {
+        await this.client.post(`/projects/${this.projectId}/claims/renew`, {
+          resource: this.resource,
+          fence: this.fence,
+          ttl_ms: ttlMs
+        });
+      } catch (err) {
+        if (err instanceof TilaApiError && (err.status === 409 || err.status === 401)) {
+          this.emitError(err);
+        } else if (err instanceof Error) {
+          this.emitError(err);
+        }
+      }
+    }, intervalMs);
+    return {
+      stop() {
+        clearInterval(timer);
+      }
+    };
+  }
+  onClaimExpiring(leadMs, callback) {
+    const delay = this.expiresAt - Date.now() - leadMs;
+    if (delay <= 0) {
+      callback();
+      return { stop() {
+      } };
+    }
+    const timer = setTimeout(callback, delay);
+    return {
+      stop() {
+        clearTimeout(timer);
+      }
+    };
+  }
+  /** @internal Release the claim. Errors are swallowed by withClaim's finally. */
+  async _release() {
+    await this.client.post(`/projects/${this.projectId}/claims/release`, {
+      resource: this.resource,
+      fence: this.fence
+    });
+  }
+};
+async function withClaim(client, projectId, resource, mode, ttlMs, callback) {
+  const result = await client.post(`/projects/${projectId}/claims/acquire`, {
+    resource,
+    mode,
+    ttl_ms: ttlMs
+  });
+  const handle = new ClaimHandle({
+    client,
+    projectId,
+    resource,
+    fence: result.fence,
+    expiresAt: result.expires_at
+  });
+  try {
+    return await callback(handle);
+  } finally {
+    try {
+      await handle._release();
+    } catch (err) {
+      console.warn(
+        `[tila-sdk] Failed to release claim on ${resource} (fence=${handle.fence}):`,
+        err instanceof Error ? err.message : String(err)
+      );
+    }
+  }
+}
+
+exports.ClaimHandle = ClaimHandle;
+exports.TILA_ERRORS = TILA_ERRORS;
+exports.TilaApiError = TilaApiError;
+exports.TilaClient = TilaClient;
+exports.createArtifactMethods = createArtifactMethods;
+exports.createClaimMethods = createClaimMethods;
+exports.createEntityMethods = createEntityMethods;
+exports.createGateMethods = createGateMethods;
+exports.createIndexMethods = createIndexMethods;
+exports.createJournalMethods = createJournalMethods;
+exports.createPresenceMethods = createPresenceMethods;
+exports.createRecordMethods = createRecordMethods;
+exports.createSchemaMethods = createSchemaMethods;
+exports.createSearchMethods = createSearchMethods;
+exports.createSignalMethods = createSignalMethods;
+exports.createSummaryMethods = createSummaryMethods;
+exports.createTaskMethods = createTaskMethods;
+exports.createTemplateMethods = createTemplateMethods;
+exports.createTokenMethods = createTokenMethods;
+exports.createWorkUnitMethods = createWorkUnitMethods;
+exports.exchangeGitHubToken = exchangeGitHubToken;
+exports.isTilaApiError = isTilaApiError;
+exports.withClaim = withClaim;
+exports.withRetry = withRetry;