toolcraft 0.0.25 → 0.0.27

package/dist/cli.js

@@ -9,6 +9,7 @@ import { invokeWithHumanInLoop } from "./human-in-loop/index.js";
 import { resolveMcpProxies } from "./mcp-proxy.js";
 import { getExpectedNumberDescription, isValidNumberSchemaValue } from "./number-schema.js";
 import { findEntrypointPackageMetadata } from "./package-metadata.js";
+import { redactHttpBody, redactHttpHeaderValue } from "./redaction.js";
 import { renderResult } from "./renderer.js";
 import { renderSourceSnippet } from "./source-snippet.js";
 import { enableSourceMaps, formatDebugStack } from "./stack-trim.js";
@@ -2586,17 +2587,18 @@ function formatGraphQLErrorEnvelopeBody(body) {
         .join("\n\n");
 }
 function formatHttpErrorBody(body) {
-    if (typeof body === "string") {
-        return body;
+    const redactedBody = redactHttpBody(body);
+    if (typeof redactedBody === "string") {
+        return redactedBody;
     }
-    if (isProblemDetailsLike(body)) {
-        return formatProblemDetailsBody(body);
+    if (isProblemDetailsLike(redactedBody)) {
+        return formatProblemDetailsBody(redactedBody);
     }
-    if (isGraphQLErrorEnvelopeLike(body)) {
-        return formatGraphQLErrorEnvelopeBody(body);
+    if (isGraphQLErrorEnvelopeLike(redactedBody)) {
+        return formatGraphQLErrorEnvelopeBody(redactedBody);
     }
-    const serialized = JSON.stringify(body, null, 2);
-    return serialized === undefined ? String(body) : serialized;
+    const serialized = JSON.stringify(redactedBody, null, 2);
+    return serialized === undefined ? String(redactedBody) : serialized;
 }
 function indentHttpErrorBlock(value) {
     return value
@@ -2605,7 +2607,7 @@ function indentHttpErrorBlock(value) {
         .join("\n");
 }
 function formatHttpHeaderValue(name, value) {
-    return name.toLowerCase() === "authorization" ? "Bearer ****" : value;
+    return redactHttpHeaderValue(name, value);
 }
 function formatHttpErrorHeaders(headers) {
     return Object.entries(headers).map(([name, value]) => `  ${name}: ${formatHttpHeaderValue(name, value)}`);

package/dist/error-report.js

@@ -6,9 +6,9 @@ import { CommanderError } from "commander";
 import { ApprovalDeclinedError } from "./human-in-loop/types.js";
 import { findProjectRoot } from "./mcp-proxy.js";
 import { findPackageMetadata } from "./package-metadata.js";
+import { isSensitiveName, redactHttpBody, redactHttpHeaderValue } from "./redaction.js";
 import { UserError } from "./user-error.js";
 const ERROR_REPORTS_ENV = "TOOLCRAFT_ERROR_REPORTS";
-const DEFAULT_SENSITIVE_NAMES = ["password", "token", "apikey", "secret"];
 function isPlainObject(value) {
     return typeof value === "object" && value !== null && !Array.isArray(value);
 }
@@ -116,9 +116,24 @@ function redactValue(value) {
     }
     return `<set, ${value.length} chars>`;
 }
-function isSensitiveName(name) {
-    const normalized = name.toLowerCase();
-    return DEFAULT_SENSITIVE_NAMES.some((candidate) => normalized.includes(candidate));
+function collectStringLeaves(value, output) {
+    if (typeof value === "string") {
+        if (value.length > 0) {
+            output.add(value);
+        }
+        return;
+    }
+    if (Array.isArray(value)) {
+        for (const entry of value) {
+            collectStringLeaves(entry, output);
+        }
+        return;
+    }
+    if (isPlainObject(value)) {
+        for (const entry of Object.values(value)) {
+            collectStringLeaves(entry, output);
+        }
+    }
 }
 function schemaSecretValue(schema) {
     const unwrapped = unwrapOptional(schema);
@@ -159,6 +174,52 @@ function redactParams(params, command) {
     }
     return redactParamsValue(params, command.params, "");
 }
+function collectSensitiveParamValues(value, schema, name, output) {
+    if (shouldRedactParam(name, schema)) {
+        collectStringLeaves(value, output);
+        return;
+    }
+    const unwrapped = unwrapOptional(schema);
+    if (unwrapped.kind === "object" && isPlainObject(value)) {
+        for (const [key, childValue] of Object.entries(value)) {
+            const childSchema = unwrapped.shape[key];
+            if (childSchema !== undefined) {
+                collectSensitiveParamValues(childValue, childSchema, key, output);
+            }
+        }
+        return;
+    }
+    if (unwrapped.kind === "array" && Array.isArray(value)) {
+        for (const entry of value) {
+            collectSensitiveParamValues(entry, unwrapped.item, name, output);
+        }
+    }
+}
+function createReportStringRedactor(context, env) {
+    const values = new Set();
+    for (const value of Object.values(context.secrets ?? {})) {
+        if (value !== undefined && value.length > 0) {
+            values.add(value);
+        }
+    }
+    for (const [name, secret] of Object.entries(context.command?.secrets ?? {})) {
+        const value = context.secrets?.[name] ?? env[secret.env];
+        if (value !== undefined && value.length > 0) {
+            values.add(value);
+        }
+    }
+    if (context.command !== undefined) {
+        collectSensitiveParamValues(context.params, context.command.params, "", values);
+    }
+    const orderedValues = [...values].sort((left, right) => right.length - left.length);
+    return (value) => {
+        let redacted = value;
+        for (const secretValue of orderedValues) {
+            redacted = redacted.split(secretValue).join("<redacted>");
+        }
+        return redacted;
+    };
+}
 function commandSecretEnvNames(secrets) {
     if (secrets === undefined) {
         return [];
@@ -207,26 +268,36 @@ function redactArgv(argv, options) {
 function stableJson(value) {
     return JSON.stringify(value, null, 2) ?? "undefined";
 }
-function redactStructuredErrorField(name, value) {
-    if (typeof value === "string" && name.toLowerCase() === "authorization") {
-        return "Bearer ****";
+function redactStructuredErrorField(name, value, redactString) {
+    if (typeof value === "string") {
+        const redactedHeaderValue = redactHttpHeaderValue(name, value);
+        if (redactedHeaderValue !== value) {
+            return redactedHeaderValue;
+        }
+        if (isSensitiveName(name)) {
+            return "<redacted>";
+        }
+        return redactString(value);
     }
     if (Array.isArray(value)) {
-        return value.map((entry) => redactStructuredErrorField(name, entry));
+        return value.map((entry) => redactStructuredErrorField(name, entry, redactString));
     }
     if (isPlainObject(value)) {
-        return Object.fromEntries(Object.entries(value).map(([key, entry]) => [key, redactStructuredErrorField(key, entry)]));
+        return Object.fromEntries(Object.entries(value).map(([key, entry]) => [
+            key,
+            redactStructuredErrorField(key, entry, redactString)
+        ]));
     }
     return value;
 }
-function ownStructuredFields(error) {
+function ownStructuredFields(error, redactString) {
     const fields = {};
     for (const key of Object.keys(error)) {
         if (key === "name" || key === "message" || key === "stack" || key === "cause") {
             continue;
         }
         Object.defineProperty(fields, key, {
-            value: redactStructuredErrorField(key, error[key]),
+            value: redactStructuredErrorField(key, error[key], redactString),
             enumerable: true,
             configurable: true,
             writable: true
@@ -234,46 +305,47 @@ function ownStructuredFields(error) {
     }
     return fields;
 }
-function formatStackChain(error) {
+function formatStackChain(error, redactString) {
     const lines = [];
     let current = error;
     let index = 0;
     while (current !== undefined) {
         if (current instanceof Error) {
-            lines.push(index === 0
-                ? (current.stack ?? String(current))
-                : `Caused by: ${current.stack ?? String(current)}`);
+            const stack = current.stack ?? String(current);
+            lines.push(redactString(index === 0 ? stack : `Caused by: ${stack}`));
             current = current.cause;
         }
         else {
-            lines.push(index === 0 ? String(current) : `Caused by: ${String(current)}`);
+            const message = String(current);
+            lines.push(redactString(index === 0 ? message : `Caused by: ${message}`));
             current = undefined;
         }
         index += 1;
     }
     return lines.join("\n");
 }
-function formatHeaderValue(name, value) {
-    return name.toLowerCase() === "authorization" ? "Bearer ****" : value;
+function formatHeaderValue(name, value, redactString) {
+    return redactString(redactHttpHeaderValue(name, value));
 }
-function formatHeaders(headers) {
+function formatHeaders(headers, redactString) {
     return Object.entries(headers)
-        .map(([name, value]) => `${name}: ${formatHeaderValue(name, value)}`)
+        .map(([name, value]) => `${name}: ${formatHeaderValue(name, value, redactString)}`)
         .join("\n");
 }
-function formatBody(body) {
-    if (typeof body === "string") {
-        return body;
+function formatBody(body, redactString) {
+    const redactedBody = redactHttpBody(body);
+    if (typeof redactedBody === "string") {
+        return redactString(redactedBody);
     }
-    return stableJson(body);
+    return redactString(stableJson(redactedBody));
 }
-function formatHttpTranscript(error) {
+function formatHttpTranscript(error, redactString) {
     const requestLines = [
         `${error.request.method} ${error.request.url}`,
-        formatHeaders(error.request.headers)
+        formatHeaders(error.request.headers, redactString)
     ].filter((line) => line.length > 0);
     if (error.request.body !== undefined) {
-        requestLines.push("", formatBody(error.request.body));
+        requestLines.push("", formatBody(error.request.body, redactString));
     }
     return [
         "Request:",
@@ -281,9 +353,9 @@ function formatHttpTranscript(error) {
         "",
         "Response:",
         `${error.response.status} ${error.response.statusText}`,
-        formatHeaders(error.response.headers),
+        formatHeaders(error.response.headers, redactString),
         "",
-        formatBody(error.response.body)
+        formatBody(error.response.body, redactString)
     ].join("\n");
 }
 function resolveToolcraftVersion(version) {
@@ -294,9 +366,10 @@ function resolveToolcraftVersion(version) {
 function buildReport(context) {
     const env = context.env ?? process.env;
     const error = context.error;
+    const redactString = createReportStringRedactor(context, env);
     const errorName = error instanceof Error ? error.name : typeof error;
-    const errorMessage = error instanceof Error ? error.message : String(error);
-    const structuredFields = error instanceof Error ? ownStructuredFields(error) : {};
+    const errorMessage = redactString(error instanceof Error ? error.message : String(error));
+    const structuredFields = error instanceof Error ? ownStructuredFields(error, redactString) : {};
     const secretLines = Object.entries(context.command?.secrets ?? {}).map(([name, secret]) => {
         const value = context.secrets?.[name] ?? env[secret.env];
         return `${secret.env}=${redactValue(value)}`;
@@ -310,7 +383,7 @@ function buildReport(context) {
         `platform: ${process.platform} ${process.arch}`,
         "",
         "Argv",
-        stableJson(redactArgv(context.argv, { command: context.command, secrets: context.secrets })),
+        redactString(stableJson(redactArgv(context.argv, { command: context.command, secrets: context.secrets }))),
         "",
         "Resolved Secrets",
         ...(secretLines.length === 0 ? ["<none>"] : secretLines),
@@ -321,19 +394,19 @@ function buildReport(context) {
             : context.commandPath,
         "",
         "Parsed Params",
-        stableJson(redactParams(context.params, context.command)),
+        redactString(stableJson(redactParams(context.params, context.command))),
         "",
         "Error",
         `name: ${errorName}`,
         `message: ${errorMessage}`,
         "structured fields:",
-        stableJson(structuredFields),
+        redactString(stableJson(structuredFields)),
         "",
         "Stack",
-        formatStackChain(error)
+        formatStackChain(error, redactString)
     ];
     if (hasHttpContext(error)) {
-        lines.push("", "HTTP Transcript", formatHttpTranscript(error));
+        lines.push("", "HTTP Transcript", formatHttpTranscript(error, redactString));
     }
     return `${lines.join("\n")}\n`;
 }

package/dist/redaction.d.ts

@@ -0,0 +1,4 @@
+export declare function isSensitiveName(name: string): boolean;
+export declare function redactSecretLikeFields(value: unknown, name?: string): unknown;
+export declare function redactHttpBody(body: unknown): unknown;
+export declare function redactHttpHeaderValue(name: string, value: string): string;

package/dist/redaction.js

@@ -0,0 +1,70 @@
+const REDACTED_VALUE = "<redacted>";
+const SENSITIVE_NAME_PARTS = ["password", "token", "apikey", "secret"];
+const AUTHORIZATION_HEADER_NAMES = new Set(["authorization", "proxyauthorization"]);
+const SECRET_HEADER_NAMES = new Set(["cookie", "setcookie"]);
+function isPlainObject(value) {
+    return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function normalizeName(name) {
+    return name.toLowerCase().replace(/[^a-z0-9]/g, "");
+}
+export function isSensitiveName(name) {
+    const normalized = normalizeName(name);
+    return SENSITIVE_NAME_PARTS.some((candidate) => normalized.includes(candidate));
+}
+function redactSecretLikeFieldsValue(value, name, seen) {
+    if (name.length > 0 && isSensitiveName(name)) {
+        return REDACTED_VALUE;
+    }
+    if (Array.isArray(value)) {
+        if (seen.has(value)) {
+            return "[Circular]";
+        }
+        seen.add(value);
+        return value.map((entry) => redactSecretLikeFieldsValue(entry, name, seen));
+    }
+    if (isPlainObject(value)) {
+        if (seen.has(value)) {
+            return "[Circular]";
+        }
+        seen.add(value);
+        return Object.fromEntries(Object.entries(value).map(([key, entry]) => [
+            key,
+            redactSecretLikeFieldsValue(entry, key, seen)
+        ]));
+    }
+    return value;
+}
+export function redactSecretLikeFields(value, name = "") {
+    return redactSecretLikeFieldsValue(value, name, new WeakSet());
+}
+function parseJsonObjectOrArray(value) {
+    const trimmed = value.trim();
+    if (!trimmed.startsWith("{") && !trimmed.startsWith("[")) {
+        return undefined;
+    }
+    try {
+        const parsed = JSON.parse(trimmed);
+        return isPlainObject(parsed) || Array.isArray(parsed) ? parsed : undefined;
+    }
+    catch {
+        return undefined;
+    }
+}
+export function redactHttpBody(body) {
+    if (typeof body === "string") {
+        const parsed = parseJsonObjectOrArray(body);
+        return parsed === undefined ? body : redactSecretLikeFields(parsed);
+    }
+    return redactSecretLikeFields(body);
+}
+export function redactHttpHeaderValue(name, value) {
+    const normalized = normalizeName(name);
+    if (AUTHORIZATION_HEADER_NAMES.has(normalized)) {
+        return "Bearer ****";
+    }
+    if (SECRET_HEADER_NAMES.has(normalized) || isSensitiveName(name)) {
+        return REDACTED_VALUE;
+    }
+    return value;
+}

package/node_modules/@poe-code/config-mutations/dist/execution/apply-mutation.js

@@ -1,6 +1,7 @@
 import path from "node:path";
 import { renderTemplate } from "@poe-code/design-system";
 import { getConfigFormat, detectFormat } from "../formats/index.js";
+import { cloneConfigObject, setConfigEntry } from "../formats/object.js";
 import { resolvePath } from "./path-utils.js";
 import { isNotFound, readFileIfExists, pathExists, createTimestamp } from "../fs-utils.js";
 // ============================================================================
@@ -120,7 +121,7 @@ function pruneKeysByPrefix(table, prefix) {
     const result = {};
     for (const [key, value] of Object.entries(table)) {
         if (!key.startsWith(prefix)) {
-            result[key] = value;
+            setConfigEntry(result, key, value);
         }
     }
     return result;
@@ -129,25 +130,44 @@ function isConfigObject(value) {
     return typeof value === "object" && value !== null && !Array.isArray(value);
 }
 function mergeWithPruneByPrefix(base, patch, pruneByPrefix) {
-    const result = { ...base };
+    const result = cloneConfigObject(base);
     const prefixMap = pruneByPrefix ?? {};
     for (const [key, value] of Object.entries(patch)) {
+        if (value === undefined) {
+            continue;
+        }
         const current = result[key];
         const prefix = prefixMap[key];
         if (isConfigObject(current) && isConfigObject(value)) {
             if (prefix) {
                 const pruned = pruneKeysByPrefix(current, prefix);
-                result[key] = { ...pruned, ...value };
+                setConfigEntry(result, key, mergePrunedConfigObject(pruned, value));
             }
             else {
-                result[key] = mergeWithPruneByPrefix(current, value, prefixMap);
+                setConfigEntry(result, key, mergeWithPruneByPrefix(current, value, prefixMap));
             }
             continue;
         }
-        result[key] = value;
+        setConfigEntry(result, key, value);
     }
     return result;
 }
+function mergePrunedConfigObject(base, patch) {
+    const result = cloneConfigObject(base);
+    for (const [key, value] of Object.entries(patch)) {
+        if (value === undefined) {
+            continue;
+        }
+        setConfigEntry(result, key, value);
+    }
+    return result;
+}
+function serializeConfigUpdate(format, rawContent, current, next) {
+    if (rawContent !== null && format.serializeUpdate) {
+        return format.serializeUpdate(rawContent, current, next);
+    }
+    return format.serialize(next);
+}
 // ============================================================================
 // Apply Mutation
 // ============================================================================
@@ -480,6 +500,7 @@ async function applyConfigMerge(mutation, context, options) {
     }
     const format = getConfigFormat(formatName);
     const rawContent = await readFileIfExists(context.fs, targetPath);
+    let preserveContent = rawContent;
     let current;
     try {
         current = rawContent === null ? {} : format.parse(rawContent);
@@ -490,9 +511,10 @@ async function applyConfigMerge(mutation, context, options) {
             await backupInvalidDocument(context, targetPath, rawContent);
         }
         current = {};
+        preserveContent = null;
     }
     const value = resolveValue(mutation.value, options);
-    // Use mergeWithPruneByPrefix for TOML files with pruneByPrefix option
+    // Keep prefix pruning on the same proto-safe object-write path as normal merges.
     let merged;
     if (mutation.pruneByPrefix) {
         merged = mergeWithPruneByPrefix(current, value, mutation.pruneByPrefix);
@@ -500,7 +522,7 @@ async function applyConfigMerge(mutation, context, options) {
     else {
         merged = format.merge(current, value);
     }
-    const serialized = format.serialize(merged);
+    const serialized = serializeConfigUpdate(format, preserveContent, current, merged);
     const changed = serialized !== rawContent;
     if (changed && !context.dryRun) {
         await writeAtomically(context, targetPath, serialized);
@@ -570,7 +592,7 @@ async function applyConfigPrune(mutation, context, options) {
             details
         };
     }
-    const serialized = format.serialize(result);
+    const serialized = serializeConfigUpdate(format, rawContent, current, result);
     if (!context.dryRun) {
         await writeAtomically(context, targetPath, serialized);
     }
@@ -593,6 +615,7 @@ async function applyConfigTransform(mutation, context, options) {
     }
     const format = getConfigFormat(formatName);
     const rawContent = await readFileIfExists(context.fs, targetPath);
+    let preserveContent = rawContent;
     let current;
     try {
         current = rawContent === null ? {} : format.parse(rawContent);
@@ -602,6 +625,7 @@ async function applyConfigTransform(mutation, context, options) {
             await backupInvalidDocument(context, targetPath, rawContent);
         }
         current = {};
+        preserveContent = null;
     }
     const { content: transformed, changed } = mutation.transform(current, options);
     if (!changed) {
@@ -626,7 +650,7 @@ async function applyConfigTransform(mutation, context, options) {
             details
         };
     }
-    const serialized = format.serialize(transformed);
+    const serialized = serializeConfigUpdate(format, preserveContent, current, transformed);
     if (!context.dryRun) {
         await writeAtomically(context, targetPath, serialized);
     }

package/node_modules/@poe-code/config-mutations/dist/formats/json.d.ts

@@ -27,5 +27,6 @@ declare function mergePreservingComments(content: string, patch: ConfigObject):
  * @returns The modified JSON content with comments preserved
  */
 declare function removeAtPath(content: string, path: (string | number)[]): string;
-export { detectIndent, modifyAtPath, mergePreservingComments, removeAtPath };
+declare function serializeUpdate(content: string, current: ConfigObject, next: ConfigObject): string;
+export { detectIndent, modifyAtPath, mergePreservingComments, removeAtPath, serializeUpdate };
 export declare const jsonFormat: ConfigFormat;

package/node_modules/@poe-code/config-mutations/dist/formats/json.js

@@ -48,6 +48,9 @@ function merge(base, patch) {
     }
     return result;
 }
+function configValuesEqual(left, right) {
+    return JSON.stringify(left) === JSON.stringify(right);
+}
 function prune(obj, shape) {
     let changed = false;
     const result = cloneConfigObject(obj);
@@ -116,14 +119,8 @@ function modifyAtPath(content, path, value) {
  * @returns The modified JSON content with comments preserved
  */
 function mergePreservingComments(content, patch) {
-    let result = content || "{}";
-    for (const [key, value] of Object.entries(patch)) {
-        if (value === undefined) {
-            continue;
-        }
-        result = modifyAtPath(result, [key], value);
-    }
-    return result;
+    const current = parse(content);
+    return serializeUpdate(content || "{}", current, merge(current, patch));
 }
 /**
  * Remove a key from JSON content while preserving comments and formatting.
@@ -135,10 +132,40 @@ function mergePreservingComments(content, patch) {
 function removeAtPath(content, path) {
     return modifyAtPath(content, path, undefined);
 }
-export { detectIndent, modifyAtPath, mergePreservingComments, removeAtPath };
+function serializeUpdate(content, current, next) {
+    let result = content || "{}";
+    result = applyObjectUpdate(result, [], current, next);
+    if (!result.endsWith("\n")) {
+        result += "\n";
+    }
+    return result;
+}
+function applyObjectUpdate(content, path, current, next) {
+    let result = content;
+    for (const key of Object.keys(current)) {
+        if (!hasConfigEntry(next, key)) {
+            result = removeAtPath(result, [...path, key]);
+        }
+    }
+    for (const [key, nextValue] of Object.entries(next)) {
+        const nextPath = [...path, key];
+        const hasCurrent = hasConfigEntry(current, key);
+        const currentValue = hasCurrent ? current[key] : undefined;
+        if (hasCurrent && isConfigObject(currentValue) && isConfigObject(nextValue)) {
+            result = applyObjectUpdate(result, nextPath, currentValue, nextValue);
+            continue;
+        }
+        if (!hasCurrent || !configValuesEqual(currentValue, nextValue)) {
+            result = modifyAtPath(result, nextPath, nextValue);
+        }
+    }
+    return result;
+}
+export { detectIndent, modifyAtPath, mergePreservingComments, removeAtPath, serializeUpdate };
 export const jsonFormat = {
     parse,
     serialize,
+    serializeUpdate,
     merge,
     prune
 };

package/node_modules/@poe-code/config-mutations/dist/types.d.ts

@@ -35,6 +35,8 @@ export interface ConfigFormat {
     parse(content: string): ConfigObject;
     /** Serialize object to string (with consistent formatting) */
     serialize(obj: ConfigObject): string;
+    /** Serialize an update against original content while preserving comments when possible */
+    serializeUpdate?(content: string, current: ConfigObject, next: ConfigObject): string;
     /** Deep merge patch into base, returning new object */
     merge(base: ConfigObject, patch: ConfigObject): ConfigObject;
     /** Remove keys matching shape from object, returning new object */

package/node_modules/@poe-code/design-system/dist/components/browser.js

@@ -10,7 +10,7 @@ function browserCommand(url, platform) {
         return { command: "open", args: [url] };
     }
     if (platform === "win32") {
-        return { command: "cmd", args: ["/c", "start", "", url] };
+        return { command: "rundll32.exe", args: ["url.dll,FileProtocolHandler", url] };
     }
     return { command: "xdg-open", args: [url] };
 }

package/node_modules/@poe-code/design-system/dist/explorer/actions.js

@@ -32,7 +32,7 @@ function currentDetailItem(state) {
     return state.detail.items?.[state.detail.cursor];
 }
 function selectedRows(state, fallback) {
-    if (state.selected.size === 0) {
+    if (!state.multiSelect || state.selected.size === 0) {
         return fallback.id === "" ? [] : [fallback];
     }
     return state.rows.filter((row) => state.selected.has(row.id));

package/node_modules/@poe-code/design-system/dist/explorer/keymap.js

@@ -45,14 +45,24 @@ const baseBuiltinCommands = [
     "extendSelectionDown"
 ];
 const reorderCommands = ["reorderUp", "reorderDown"];
+const selectionCommands = new Set([
+    "toggleSelect",
+    "selectAll",
+    "clearSelection",
+    "extendSelectionUp",
+    "extendSelectionDown"
+]);
 const reservedActionIds = new Set(["quit"]);
 export function resolveBindings(config, defaults = {}) {
-    const commands = config.reorder === undefined
+    const baseCommands = config.reorder === undefined
         ? baseBuiltinCommands
         : [
             ...baseBuiltinCommands.filter((command) => command !== "extendSelectionUp" && command !== "extendSelectionDown"),
             ...reorderCommands
         ];
+    const commands = config.multiSelect === false
+        ? baseCommands.filter((command) => !selectionCommands.has(command))
+        : baseCommands;
     const commandBindings = new Map();
     const flatBindings = new Map();
     const targetKeys = new Map();