trustlocal 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Sahil Kashyap
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,129 @@
+# trustlocal
+
+> One command. HTTPS everywhere. Zero config.
+
+[![npm version](https://img.shields.io/npm/v/trustlocal)](https://www.npmjs.com/package/trustlocal)
+[![npm downloads](https://img.shields.io/npm/dw/trustlocal)](https://www.npmjs.com/package/trustlocal)
+[![license](https://img.shields.io/npm/l/trustlocal)](LICENSE)
+
+`trustlocal` automates local HTTPS setup for web development projects. It uses [mkcert](https://github.com/FiloSottile/mkcert) to generate locally trusted certificates, then detects your framework and injects the correct SSL configuration — eliminating every manual step between *"I want HTTPS locally"* and *"it works."*
+
+---
+
+## Quick start
+
+```bash
+npx trustlocal init
+```
+
+That's it. `trustlocal` will:
+
+1. Install mkcert if not already present
+2. Register the local CA (prompts for sudo once)
+3. Detect your framework (Next.js, Vite, Express, Nginx, or plain)
+4. Generate trusted certificates for `localhost` and `127.0.0.1`
+5. Inject HTTPS config into your framework's config file
+6. Set `NODE_EXTRA_CA_CERTS` in `.env`
+7. Add `.trustlocal/` to `.gitignore`
+8. Write `trustlocal.json` so teammates can sync with one command
+
+---
+
+## Commands
+
+### `init` — First-time setup
+
+```bash
+npx trustlocal init [--domains myapp.local] [--force] [--dry-run]
+```
+
+| Flag | Description |
+|------|-------------|
+| `--domains <list>` | Comma-separated extra domains (e.g. `--domains myapp.local,api.local`) |
+| `--force` | Re-initialise even if `trustlocal.json` already exists |
+| `--dry-run` | Preview what would happen without writing any files |
+
+### `sync` — Onboard a new teammate
+
+```bash
+npx trustlocal sync
+```
+
+Reads `trustlocal.json`, generates fresh certs on the new machine (no private key sharing), injects config identically, and gets HTTPS working in under 30 seconds.
+
+### `renew` — Renew expiring certs
+
+```bash
+npx trustlocal renew [--force]
+```
+
+Certs expire after 2 years. Deletes old certs and generates fresh ones. Framework config files are **not** touched — cert paths stay the same.
+
+### `status` — Check your setup
+
+```bash
+npx trustlocal status
+```
+
+Shows framework, cert expiry, config injection status, `NODE_EXTRA_CA_CERTS`, and `.gitignore` — with coloured OK / WARNING / ERROR indicators.
+
+---
+
+## Supported frameworks
+
+| Framework | Detection | Config target |
+|-----------|-----------|---------------|
+| **Next.js** | `next` in `package.json` | `next.config.js/ts` — `experimental.https` |
+| **Vite** | `vite` in `package.json` | `vite.config.js/ts` — `server.https` |
+| **Express / Node** | `express` in deps or `server.js` found | `.env` — `NODE_EXTRA_CA_CERTS` + printed snippet |
+| **Nginx** | `nginx.conf` in project root | `nginx.conf` — `ssl_certificate` block |
+| **Plain** | fallback | Certs placed in `.trustlocal/` with instructions |
+
+---
+
+## How it works
+
+```
+npx trustlocal init
+
+  → Checking mkcert...
+  ✓  mkcert 1.4.4 found
+  → Detecting framework...
+  ✓  Detected: Next.js (next.config.ts)
+  → Generating certificates for: localhost, 127.0.0.1
+  ✓  Certificates generated → .trustlocal/
+  → Injecting HTTPS config into next.config.ts...
+  ✓  Config updated
+  → Updating .env...
+  ✓  NODE_EXTRA_CA_CERTS set
+  → Updating .gitignore...
+  ✓  .trustlocal/ added to .gitignore
+
+  ✓  Done! Open https://localhost:3000
+
+  Teammates: run  npx trustlocal sync  to get HTTPS on their machines.
+  Cert expires: 2028-03-31
+```
+
+---
+
+## Security
+
+- `.trustlocal/` (containing `.pem` files) is automatically added to `.gitignore` — **private keys are never committed**
+- `trustlocal.json` is safe to commit — it contains no keys, only config metadata
+- All cert generation happens locally via `mkcert`. `trustlocal` never reads, stores, or transmits any private key
+
+---
+
+## Requirements
+
+- Node.js 18+
+- macOS or Linux (Windows support is post-v1)
+
+---
+
+## License
+
+MIT © Sahil Kashyap
+
+Built with [Claude Code](https://claude.ai/claude-code)

package/dist/commands/init.d.ts

@@ -0,0 +1,25 @@
+/**
+ * `npx trustlocal init`
+ *
+ * Full execution flow (per spec §5.1):
+ *  1. Check Node version >= 18
+ *  2. Check if trustlocal.json already exists (require --force to continue)
+ *  3. Check / install mkcert
+ *  4. Run mkcert -install
+ *  5. Detect framework
+ *  6. Prompt user to confirm / override
+ *  7. Collect domains
+ *  8. Create .trustlocal/ and generate certs
+ *  9. Backup + inject HTTPS config
+ * 10. Add NODE_EXTRA_CA_CERTS to .env
+ * 11. Add .trustlocal/ to .gitignore
+ * 12. Write trustlocal.json
+ * 13. Print success summary
+ */
+export interface InitOptions {
+    domains?: string[];
+    force?: boolean;
+    dryRun?: boolean;
+}
+export declare function runInit(options?: InitOptions): Promise<void>;
+//# sourceMappingURL=init.d.ts.map

package/dist/commands/init.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../src/commands/init.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAmBH,MAAM,WAAW,WAAW;IAC1B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AA+GD,wBAAsB,OAAO,CAAC,OAAO,GAAE,WAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,CAoItE"}

package/dist/commands/init.js

@@ -0,0 +1,289 @@
+"use strict";
+/**
+ * `npx trustlocal init`
+ *
+ * Full execution flow (per spec §5.1):
+ *  1. Check Node version >= 18
+ *  2. Check if trustlocal.json already exists (require --force to continue)
+ *  3. Check / install mkcert
+ *  4. Run mkcert -install
+ *  5. Detect framework
+ *  6. Prompt user to confirm / override
+ *  7. Collect domains
+ *  8. Create .trustlocal/ and generate certs
+ *  9. Backup + inject HTTPS config
+ * 10. Add NODE_EXTRA_CA_CERTS to .env
+ * 11. Add .trustlocal/ to .gitignore
+ * 12. Write trustlocal.json
+ * 13. Print success summary
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runInit = runInit;
+const promises_1 = require("fs/promises");
+const path_1 = require("path");
+const readline = __importStar(require("readline"));
+const logger_1 = require("../utils/logger");
+const framework_1 = require("../detector/framework");
+const check_1 = require("../mkcert/check");
+const install_1 = require("../mkcert/install");
+const generate_1 = require("../mkcert/generate");
+const trustlocal_1 = require("../config/trustlocal");
+const nextjs_1 = require("../injectors/nextjs");
+const vite_1 = require("../injectors/vite");
+const express_1 = require("../injectors/express");
+const nginx_1 = require("../injectors/nginx");
+const plain_1 = require("../injectors/plain");
+const check_2 = require("../mkcert/check");
+/** Prompt the user with a question and return their answer. */
+async function prompt(question) {
+    const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
+    return new Promise((resolve) => {
+        rl.question(`  ${question} `, (answer) => {
+            rl.close();
+            resolve(answer.trim());
+        });
+    });
+}
+/** Collect extra .local domains from .env file */
+async function collectEnvDomains(cwd) {
+    try {
+        const content = await (0, promises_1.readFile)((0, path_1.join)(cwd, '.env'), 'utf-8');
+        const matches = content.matchAll(/(?:HOST|DOMAIN|URL)[^=]*=\s*([a-zA-Z0-9.-]+\.local)/g);
+        return [...matches].map((m) => m[1]);
+    }
+    catch {
+        return [];
+    }
+}
+/** Add a path to .gitignore if not already present. */
+async function ensureGitignore(cwd, entry) {
+    const gitignorePath = (0, path_1.join)(cwd, '.gitignore');
+    let content = '';
+    try {
+        content = await (0, promises_1.readFile)(gitignorePath, 'utf-8');
+    }
+    catch {
+        // File doesn't exist — create it
+    }
+    if (content.includes(entry))
+        return;
+    const newContent = content
+        ? `${content.trimEnd()}\n\n# trustlocal — local TLS certs (never commit private keys)\n${entry}/\n`
+        : `# trustlocal — local TLS certs (never commit private keys)\n${entry}/\n`;
+    await (0, promises_1.writeFile)(gitignorePath, newContent, 'utf-8');
+}
+/** Add NODE_EXTRA_CA_CERTS to .env */
+async function ensureNodeExtraCA(cwd, caRootPem) {
+    const envPath = (0, path_1.join)(cwd, '.env');
+    let content = '';
+    try {
+        content = await (0, promises_1.readFile)(envPath, 'utf-8');
+    }
+    catch {
+        // File doesn't exist
+    }
+    if (content.includes('NODE_EXTRA_CA_CERTS'))
+        return;
+    const line = `\n# trustlocal — allow Node.js to trust the local CA\nNODE_EXTRA_CA_CERTS=${caRootPem}\n`;
+    await (0, promises_1.writeFile)(envPath, content + line, 'utf-8');
+}
+/** Run the appropriate injector for the detected framework. */
+async function runInjector(framework, configFile, cwd, caRootPem) {
+    switch (framework) {
+        case 'nextjs': {
+            const configPath = (0, path_1.join)(cwd, configFile ?? 'next.config.js');
+            const result = await (0, nextjs_1.injectNextjs)(configPath);
+            if (result.alreadyConfigured) {
+                logger_1.logger.warn('HTTPS already configured in Next.js config — skipping injection.');
+            }
+            else {
+                logger_1.logger.success(`Config updated${result.created ? ' (new file created)' : ''}`);
+            }
+            break;
+        }
+        case 'vite': {
+            const configPath = (0, path_1.join)(cwd, configFile ?? 'vite.config.ts');
+            const result = await (0, vite_1.injectVite)(configPath);
+            if (result.alreadyConfigured) {
+                logger_1.logger.warn('HTTPS already configured in Vite config — skipping injection.');
+            }
+            else {
+                logger_1.logger.success(`Config updated${result.created ? ' (new file created)' : ''}`);
+            }
+            break;
+        }
+        case 'express': {
+            const envPath = (0, path_1.join)(cwd, '.env');
+            await (0, express_1.injectExpress)(envPath, caRootPem);
+            logger_1.logger.success('NODE_EXTRA_CA_CERTS set in .env');
+            (0, express_1.printExpressSnippet)(trustlocal_1.CERT_DIR);
+            break;
+        }
+        case 'nginx': {
+            const configPath = (0, path_1.join)(cwd, configFile ?? 'nginx.conf');
+            const result = await (0, nginx_1.injectNginx)(configPath);
+            if (result.alreadyConfigured) {
+                logger_1.logger.warn('HTTPS already configured in nginx.conf — skipping injection.');
+            }
+            else {
+                logger_1.logger.success('nginx.conf updated');
+            }
+            break;
+        }
+        case 'plain': {
+            (0, plain_1.printPlainInstructions)(trustlocal_1.CERT_DIR);
+            break;
+        }
+    }
+}
+async function runInit(options = {}) {
+    const cwd = process.cwd();
+    logger_1.logger.title('trustlocal init');
+    // ── 1. Node version check ─────────────────────────────────────────────────
+    const [major] = process.versions.node.split('.').map(Number);
+    if ((major ?? 0) < 18) {
+        logger_1.logger.error(`Node.js 18+ is required. You are running ${process.versions.node}.`);
+        process.exit(1);
+    }
+    // ── 2. Existing trustlocal.json ────────────────────────────────────────────
+    const existing = await (0, trustlocal_1.readConfig)(cwd);
+    if (existing && !options.force) {
+        logger_1.logger.warn('trustlocal.json already exists in this project.');
+        logger_1.logger.info('Run with --force to re-initialise, or use `npx trustlocal sync` instead.');
+        process.exit(0);
+    }
+    // ── 3. Check / install mkcert ──────────────────────────────────────────────
+    logger_1.logger.step('Checking mkcert...');
+    const mkcertInfo = (0, check_1.checkMkcert)();
+    if (!mkcertInfo.installed) {
+        logger_1.logger.warn('mkcert not found — attempting auto-install...');
+        (0, install_1.installMkcert)();
+    }
+    else {
+        logger_1.logger.success(`mkcert ${mkcertInfo.version ?? ''} found`);
+    }
+    // ── 4. mkcert -install (register local CA) ────────────────────────────────
+    logger_1.logger.step('Installing local CA (may prompt for sudo)...');
+    if (!options.dryRun) {
+        (0, generate_1.installCA)();
+    }
+    logger_1.logger.success('Local CA registered');
+    // ── 5. Detect framework ────────────────────────────────────────────────────
+    logger_1.logger.step('Detecting framework...');
+    let detection = await (0, framework_1.detectFramework)(cwd);
+    logger_1.logger.success(`Detected: ${(0, framework_1.frameworkDisplayName)(detection.framework)}${detection.configFile ? ` (${detection.configFile})` : ''}`);
+    // ── 6. Confirm / override ─────────────────────────────────────────────────
+    if (!options.dryRun) {
+        const answer = await prompt(`Use ${(0, framework_1.frameworkDisplayName)(detection.framework)}? [Y/n/override]`);
+        if (answer.toLowerCase() === 'n') {
+            logger_1.logger.info('Aborting. Run again to retry.');
+            process.exit(0);
+        }
+        const overrides = {
+            nextjs: 'nextjs', next: 'nextjs',
+            vite: 'vite',
+            express: 'express', node: 'express',
+            nginx: 'nginx',
+            plain: 'plain',
+        };
+        if (answer && answer.toLowerCase() !== 'y' && overrides[answer.toLowerCase()]) {
+            detection = { framework: overrides[answer.toLowerCase()] };
+            logger_1.logger.info(`Using ${(0, framework_1.frameworkDisplayName)(detection.framework)}`);
+        }
+    }
+    // ── 7. Collect domains ─────────────────────────────────────────────────────
+    const envDomains = await collectEnvDomains(cwd);
+    const extraDomains = options.domains ?? [];
+    const domains = ['localhost', '127.0.0.1', ...envDomains, ...extraDomains].filter((d, i, arr) => arr.indexOf(d) === i);
+    logger_1.logger.step(`Generating certificates for: ${domains.join(', ')}`);
+    // ── 8. Create .trustlocal/ and generate certs ─────────────────────────────
+    //    .gitignore must be updated BEFORE writing cert files (per spec)
+    logger_1.logger.step('Updating .gitignore...');
+    if (!options.dryRun) {
+        await ensureGitignore(cwd, trustlocal_1.CERT_DIR);
+    }
+    logger_1.logger.success(`.trustlocal/ added to .gitignore`);
+    if (!options.dryRun) {
+        await (0, generate_1.generateCerts)(trustlocal_1.CERT_DIR, domains, cwd);
+    }
+    logger_1.logger.success(`Certificates generated → ${trustlocal_1.CERT_DIR}/`);
+    // ── 9. Inject HTTPS config ────────────────────────────────────────────────
+    logger_1.logger.step(`Injecting HTTPS config into ${detection.configFile ?? detection.framework}...`);
+    const caRootPem = mkcertInfo.caRoot
+        ? `${mkcertInfo.caRoot}/rootCA.pem`
+        : `${(0, check_2.getMkcertCARoot)()}/rootCA.pem`;
+    if (!options.dryRun) {
+        await runInjector(detection.framework, detection.configFile, cwd, caRootPem);
+    }
+    else {
+        logger_1.logger.success('Config updated (dry-run)');
+    }
+    // ── 10. NODE_EXTRA_CA_CERTS in .env ──────────────────────────────────────
+    logger_1.logger.step('Updating .env...');
+    if (!options.dryRun) {
+        await ensureNodeExtraCA(cwd, caRootPem);
+    }
+    logger_1.logger.success('NODE_EXTRA_CA_CERTS set');
+    // ── 12. Write trustlocal.json ─────────────────────────────────────────────
+    const config = (0, trustlocal_1.buildConfig)({
+        framework: detection.framework,
+        domains,
+        certDir: trustlocal_1.CERT_DIR,
+        configFiles: detection.configFile ? [detection.configFile] : [],
+    });
+    if (!options.dryRun) {
+        await (0, trustlocal_1.writeConfig)(cwd, config);
+    }
+    // ── 13. Success summary ────────────────────────────────────────────────────
+    const certPath = (0, path_1.join)(cwd, trustlocal_1.CERT_DIR, generate_1.CERT_FILENAME);
+    const expiry = await (async () => {
+        if (options.dryRun)
+            return new Date(Date.now() + 2 * 365 * 24 * 3600 * 1000);
+        try {
+            return (0, generate_1.getCertExpiry)(certPath);
+        }
+        catch {
+            return new Date(Date.now() + 2 * 365 * 24 * 3600 * 1000);
+        }
+    })();
+    logger_1.logger.blank();
+    logger_1.logger.success('Done! Open https://localhost:3000');
+    logger_1.logger.blank();
+    logger_1.logger.info('Teammates: run  npx trustlocal sync  to get HTTPS on their machines.');
+    logger_1.logger.info(`Cert expires: ${expiry.toISOString().split('T')[0]}`);
+    logger_1.logger.blank();
+}
+//# sourceMappingURL=init.js.map

package/dist/commands/init.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"init.js","sourceRoot":"","sources":["../../src/commands/init.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;GAiBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsIH,0BAoIC;AAxQD,0CAAkD;AAClD,+BAA4B;AAC5B,mDAAqC;AAErC,4CAAyC;AACzC,qDAA8F;AAC9F,2CAA8C;AAC9C,+CAAkD;AAClD,iDAA4F;AAC5F,qDAAsF;AACtF,gDAAmD;AACnD,4CAA+C;AAC/C,kDAA0E;AAC1E,8CAAiD;AACjD,8CAA4D;AAC5D,2CAAkD;AAQlD,+DAA+D;AAC/D,KAAK,UAAU,MAAM,CAAC,QAAgB;IACpC,MAAM,EAAE,GAAG,QAAQ,CAAC,eAAe,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACtF,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,EAAE,CAAC,QAAQ,CAAC,KAAK,QAAQ,GAAG,EAAE,CAAC,MAAM,EAAE,EAAE;YACvC,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QACzB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED,kDAAkD;AAClD,KAAK,UAAU,iBAAiB,CAAC,GAAW;IAC1C,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,IAAA,mBAAQ,EAAC,IAAA,WAAI,EAAC,GAAG,EAAE,MAAM,CAAC,EAAE,OAAO,CAAC,CAAC;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,sDAAsD,CAAC,CAAC;QACzF,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,uDAAuD;AACvD,KAAK,UAAU,eAAe,CAAC,GAAW,EAAE,KAAa;IACvD,MAAM,aAAa,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,YAAY,CAAC,CAAC;IAC9C,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,IAAA,mBAAQ,EAAC,aAAa,EAAE,OAAO,CAAC,CAAC;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,iCAAiC;IACnC,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO;IAEpC,MAAM,UAAU,GAAG,OAAO;QACxB,CAAC,CAAC,GAAG,OAAO,CAAC,OAAO,EAAE,mEAAmE,KAAK,KAAK;QACnG,CAAC,CAAC,+DAA+D,KAAK,KAAK,CAAC;IAE9E,MAAM,IAAA,oBAAS,EAAC,aAAa,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;AACtD,CAAC;AAED,sCAAsC;AACtC,KAAK,UAAU,iBAAiB,CAAC,GAAW,EAAE,SAAiB;IAC7D,MAAM,OAAO,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAClC,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,IAAA,mBAAQ,EAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAAC,MAAM,CAAC;QACP,qBAAqB;IACvB,CAAC;IAED,IAAI,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC;QAAE,OAAO;IAEpD,MAAM,IAAI,GAAG,6EAA6E,SAAS,IAAI,CAAC;IACxG,MAAM,IAAA,oBAAS,EAAC,OAAO,EAAE,OAAO,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;AACpD,CAAC;AAED,+DAA+D;AAC/D,KAAK,UAAU,WAAW,CACxB,SAAoB,EACpB,UAA8B,EAC9B,GAAW,EACX,SAAiB;IAEjB,QAAQ,SAAS,EAAE,CAAC;QAClB,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,UAAU,IAAI,gBAAgB,CAAC,CAAC;YAC7D,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAY,EAAC,UAAU,CAAC,CAAC;YAC9C,IAAI,MAAM,CAAC,iBAAiB,EAAE,CAAC;gBAC7B,eAAM,CAAC,IAAI,CAAC,kEAAkE,CAAC,CAAC;YAClF,CAAC;iBAAM,CAAC;gBACN,eAAM,CAAC,OAAO,CAAC,iBAAiB,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACjF,CAAC;YACD,MAAM;QACR,CAAC;QACD,KAAK,MAAM,CAAC,CAAC,CAAC;YACZ,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,UAAU,IAAI,gBAAgB,CAAC,CAAC;YAC7D,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAU,EAAC,UAAU,CAAC,CAAC;YAC5C,IAAI,MAAM,CAAC,iBAAiB,EAAE,CAAC;gBAC7B,eAAM,CAAC,IAAI,CAAC,+DAA+D,CAAC,CAAC;YAC/E,CAAC;iBAAM,CAAC;gBACN,eAAM,CAAC,OAAO,CAAC,iBAAiB,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACjF,CAAC;YACD,MAAM;QACR,CAAC;QACD,KAAK,SAAS,CAAC,CAAC,CAAC;YACf,MAAM,OAAO,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YAClC,MAAM,IAAA,uBAAa,EAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YACxC,eAAM,CAAC,OAAO,CAAC,iCAAiC,CAAC,CAAC;YAClD,IAAA,6BAAmB,EAAC,qBAAQ,CAAC,CAAC;YAC9B,MAAM;QACR,CAAC;QACD,KAAK,OAAO,CAAC,CAAC,CAAC;YACb,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,UAAU,IAAI,YAAY,CAAC,CAAC;YACzD,MAAM,MAAM,GAAG,MAAM,IAAA,mBAAW,EAAC,UAAU,CAAC,CAAC;YAC7C,IAAI,MAAM,CAAC,iBAAiB,EAAE,CAAC;gBAC7B,eAAM,CAAC,IAAI,CAAC,8DAA8D,CAAC,CAAC;YAC9E,CAAC;iBAAM,CAAC;gBACN,eAAM,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;YACvC,CAAC;YACD,MAAM;QACR,CAAC;QACD,KAAK,OAAO,CAAC,CAAC,CAAC;YACb,IAAA,8BAAsB,EAAC,qBAAQ,CAAC,CAAC;YACjC,MAAM;QACR,CAAC;IACH,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,OAAO,CAAC,UAAuB,EAAE;IACrD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAE1B,eAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;IAEhC,6EAA6E;IAC7E,MAAM,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC;QACtB,eAAM,CAAC,KAAK,CAAC,4CAA4C,OAAO,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC;QACnF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,8EAA8E;IAC9E,MAAM,QAAQ,GAAG,MAAM,IAAA,uBAAU,EAAC,GAAG,CAAC,CAAC;IACvC,IAAI,QAAQ,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QAC/B,eAAM,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;QAC/D,eAAM,CAAC,IAAI,CAAC,0EAA0E,CAAC,CAAC;QACxF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,8EAA8E;IAC9E,eAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IAClC,MAAM,UAAU,GAAG,IAAA,mBAAW,GAAE,CAAC;IACjC,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,CAAC;QAC1B,eAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;QAC7D,IAAA,uBAAa,GAAE,CAAC;IAClB,CAAC;SAAM,CAAC;QACN,eAAM,CAAC,OAAO,CAAC,UAAU,UAAU,CAAC,OAAO,IAAI,EAAE,QAAQ,CAAC,CAAC;IAC7D,CAAC;IAED,6EAA6E;IAC7E,eAAM,CAAC,IAAI,CAAC,8CAA8C,CAAC,CAAC;IAC5D,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,IAAA,oBAAS,GAAE,CAAC;IACd,CAAC;IACD,eAAM,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAEtC,8EAA8E;IAC9E,eAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;IACtC,IAAI,SAAS,GAAG,MAAM,IAAA,2BAAe,EAAC,GAAG,CAAC,CAAC;IAC3C,eAAM,CAAC,OAAO,CAAC,aAAa,IAAA,gCAAoB,EAAC,SAAS,CAAC,SAAS,CAAC,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,SAAS,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEpI,6EAA6E;IAC7E,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,MAAM,MAAM,CACzB,OAAO,IAAA,gCAAoB,EAAC,SAAS,CAAC,SAAS,CAAC,kBAAkB,CACnE,CAAC;QACF,IAAI,MAAM,CAAC,WAAW,EAAE,KAAK,GAAG,EAAE,CAAC;YACjC,eAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;YAC7C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,SAAS,GAA8B;YAC3C,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ;YAChC,IAAI,EAAE,MAAM;YACZ,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS;YACnC,KAAK,EAAE,OAAO;YACd,KAAK,EAAE,OAAO;SACf,CAAC;QACF,IAAI,MAAM,IAAI,MAAM,CAAC,WAAW,EAAE,KAAK,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;YAC9E,SAAS,GAAG,EAAE,SAAS,EAAE,SAAS,CAAC,MAAM,CAAC,WAAW,EAAE,CAAc,EAAE,CAAC;YACxE,eAAM,CAAC,IAAI,CAAC,SAAS,IAAA,gCAAoB,EAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACpE,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,MAAM,UAAU,GAAG,MAAM,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAChD,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC;IAC3C,MAAM,OAAO,GAAG,CAAC,WAAW,EAAE,WAAW,EAAE,GAAG,UAAU,EAAE,GAAG,YAAY,CAAC,CAAC,MAAM,CAC/E,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CACpC,CAAC;IACF,eAAM,CAAC,IAAI,CAAC,gCAAgC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAElE,6EAA6E;IAC7E,qEAAqE;IACrE,eAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;IACtC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,MAAM,eAAe,CAAC,GAAG,EAAE,qBAAQ,CAAC,CAAC;IACvC,CAAC;IACD,eAAM,CAAC,OAAO,CAAC,kCAAkC,CAAC,CAAC;IAEnD,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,MAAM,IAAA,wBAAa,EAAC,qBAAQ,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC;IAC9C,CAAC;IACD,eAAM,CAAC,OAAO,CAAC,4BAA4B,qBAAQ,GAAG,CAAC,CAAC;IAExD,6EAA6E;IAC7E,eAAM,CAAC,IAAI,CAAC,+BAA+B,SAAS,CAAC,UAAU,IAAI,SAAS,CAAC,SAAS,KAAK,CAAC,CAAC;IAC7F,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM;QACjC,CAAC,CAAC,GAAG,UAAU,CAAC,MAAM,aAAa;QACnC,CAAC,CAAC,GAAG,IAAA,uBAAe,GAAE,aAAa,CAAC;IAEtC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,MAAM,WAAW,CAAC,SAAS,CAAC,SAAS,EAAE,SAAS,CAAC,UAAU,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC;IAC/E,CAAC;SAAM,CAAC;QACN,eAAM,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC;IAC7C,CAAC;IAED,4EAA4E;IAC5E,eAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAChC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,MAAM,iBAAiB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IAC1C,CAAC;IACD,eAAM,CAAC,OAAO,CAAC,yBAAyB,CAAC,CAAC;IAE1C,6EAA6E;IAC7E,MAAM,MAAM,GAAG,IAAA,wBAAW,EAAC;QACzB,SAAS,EAAE,SAAS,CAAC,SAAS;QAC9B,OAAO;QACP,OAAO,EAAE,qBAAQ;QACjB,WAAW,EAAE,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE;KAChE,CAAC,CAAC;IACH,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QACpB,MAAM,IAAA,wBAAW,EAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IACjC,CAAC;IAED,8EAA8E;IAC9E,MAAM,QAAQ,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,qBAAQ,EAAE,wBAAa,CAAC,CAAC;IACpD,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE;QAC/B,IAAI,OAAO,CAAC,MAAM;YAAE,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;QAC7E,IAAI,CAAC;YACH,OAAO,IAAA,wBAAa,EAAC,QAAQ,CAAC,CAAC;QACjC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,GAAG,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC,CAAC,EAAE,CAAC;IAEL,eAAM,CAAC,KAAK,EAAE,CAAC;IACf,eAAM,CAAC,OAAO,CAAC,mCAAmC,CAAC,CAAC;IACpD,eAAM,CAAC,KAAK,EAAE,CAAC;IACf,eAAM,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;IACpF,eAAM,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACnE,eAAM,CAAC,KAAK,EAAE,CAAC;AACjB,CAAC"}

package/dist/commands/renew.d.ts

@@ -0,0 +1,16 @@
+/**
+ * `npx trustlocal renew`
+ *
+ * Execution flow (per spec §5.3):
+ *  1. Read trustlocal.json
+ *  2. Check cert expiry — warn if > 30 days remaining (require --force)
+ *  3. Delete old certs from .trustlocal/
+ *  4. Generate fresh certs
+ *  5. Print new expiry date
+ *  (Config injection NOT repeated — cert file paths don't change)
+ */
+export interface RenewOptions {
+    force?: boolean;
+}
+export declare function runRenew(options?: RenewOptions): Promise<void>;
+//# sourceMappingURL=renew.d.ts.map

package/dist/commands/renew.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"renew.d.ts","sourceRoot":"","sources":["../../src/commands/renew.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAQH,MAAM,WAAW,YAAY;IAC3B,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAID,wBAAsB,QAAQ,CAAC,OAAO,GAAE,YAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,CA0CxE"}

package/dist/commands/renew.js

@@ -0,0 +1,54 @@
+"use strict";
+/**
+ * `npx trustlocal renew`
+ *
+ * Execution flow (per spec §5.3):
+ *  1. Read trustlocal.json
+ *  2. Check cert expiry — warn if > 30 days remaining (require --force)
+ *  3. Delete old certs from .trustlocal/
+ *  4. Generate fresh certs
+ *  5. Print new expiry date
+ *  (Config injection NOT repeated — cert file paths don't change)
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runRenew = runRenew;
+const path_1 = require("path");
+const logger_1 = require("../utils/logger");
+const trustlocal_1 = require("../config/trustlocal");
+const generate_1 = require("../mkcert/generate");
+const DAYS_WARN_THRESHOLD = 30;
+async function runRenew(options = {}) {
+    const cwd = process.cwd();
+    logger_1.logger.title('trustlocal renew');
+    // ── 1. Read trustlocal.json ───────────────────────────────────────────────
+    const config = await (0, trustlocal_1.readConfig)(cwd);
+    if (!config) {
+        logger_1.logger.error('trustlocal.json not found.');
+        logger_1.logger.info('Run `npx trustlocal init` first.');
+        process.exit(1);
+    }
+    // ── 2. Check cert expiry ──────────────────────────────────────────────────
+    const certPath = (0, path_1.join)(cwd, config.certDir, generate_1.CERT_FILENAME);
+    const expiry = (0, generate_1.getCertExpiry)(certPath);
+    const now = new Date();
+    const daysLeft = Math.floor((expiry.getTime() - now.getTime()) / (1000 * 60 * 60 * 24));
+    logger_1.logger.info(`Current cert expires: ${expiry.toISOString().split('T')[0]} (${daysLeft} days remaining)`);
+    if (daysLeft > DAYS_WARN_THRESHOLD && !options.force) {
+        logger_1.logger.warn(`Cert is still valid for ${daysLeft} days.`);
+        logger_1.logger.info('Use --force to renew anyway.');
+        process.exit(0);
+    }
+    // ── 3. Delete old certs ───────────────────────────────────────────────────
+    logger_1.logger.step('Removing old certificates...');
+    await (0, generate_1.deleteCerts)(config.certDir, cwd);
+    logger_1.logger.success('Old certificates removed');
+    // ── 4. Generate fresh certs ────────────────────────────────────────────────
+    logger_1.logger.step(`Generating new certificates for: ${config.domains.join(', ')}`);
+    await (0, generate_1.generateCerts)(config.certDir, config.domains, cwd);
+    const newExpiry = (0, generate_1.getCertExpiry)(certPath);
+    logger_1.logger.success(`Certificates renewed → ${config.certDir}/`);
+    logger_1.logger.blank();
+    logger_1.logger.success(`New cert expires: ${newExpiry.toISOString().split('T')[0]}`);
+    logger_1.logger.blank();
+}
+//# sourceMappingURL=renew.js.map

package/dist/commands/renew.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"renew.js","sourceRoot":"","sources":["../../src/commands/renew.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;AAcH,4BA0CC;AAtDD,+BAA4B;AAE5B,4CAAyC;AACzC,qDAAkD;AAClD,iDAA8F;AAM9F,MAAM,mBAAmB,GAAG,EAAE,CAAC;AAExB,KAAK,UAAU,QAAQ,CAAC,UAAwB,EAAE;IACvD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAE1B,eAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;IAEjC,6EAA6E;IAC7E,MAAM,MAAM,GAAG,MAAM,IAAA,uBAAU,EAAC,GAAG,CAAC,CAAC;IACrC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,eAAM,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC3C,eAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;QAChD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,6EAA6E;IAC7E,MAAM,QAAQ,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,MAAM,CAAC,OAAO,EAAE,wBAAa,CAAC,CAAC;IAC1D,MAAM,MAAM,GAAG,IAAA,wBAAa,EAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;IAExF,eAAM,CAAC,IAAI,CAAC,yBAAyB,MAAM,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,QAAQ,kBAAkB,CAAC,CAAC;IAExG,IAAI,QAAQ,GAAG,mBAAmB,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACrD,eAAM,CAAC,IAAI,CAAC,2BAA2B,QAAQ,QAAQ,CAAC,CAAC;QACzD,eAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC5C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,6EAA6E;IAC7E,eAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;IAC5C,MAAM,IAAA,sBAAW,EAAC,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACvC,eAAM,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC;IAE3C,8EAA8E;IAC9E,eAAM,CAAC,IAAI,CAAC,oCAAoC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC7E,MAAM,IAAA,wBAAa,EAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAEzD,MAAM,SAAS,GAAG,IAAA,wBAAa,EAAC,QAAQ,CAAC,CAAC;IAC1C,eAAM,CAAC,OAAO,CAAC,0BAA0B,MAAM,CAAC,OAAO,GAAG,CAAC,CAAC;IAE5D,eAAM,CAAC,KAAK,EAAE,CAAC;IACf,eAAM,CAAC,OAAO,CAAC,qBAAqB,SAAS,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC7E,eAAM,CAAC,KAAK,EAAE,CAAC;AACjB,CAAC"}

package/dist/commands/status.d.ts

@@ -0,0 +1,13 @@
+/**
+ * `npx trustlocal status`
+ *
+ * Execution flow (per spec §5.4):
+ *  1. Read trustlocal.json — show error if missing
+ *  2. Print: framework, domains, cert location, expiry, days until expiry
+ *  3. Check if config injection is still present in framework config file
+ *  4. Check if NODE_EXTRA_CA_CERTS is set in .env
+ *  5. Check if .trustlocal/ is in .gitignore
+ *  6. Print coloured status line for each check
+ */
+export declare function runStatus(): Promise<void>;
+//# sourceMappingURL=status.d.ts.map

package/dist/commands/status.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.d.ts","sourceRoot":"","sources":["../../src/commands/status.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAiDH,wBAAsB,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC,CAgF/C"}