trustlocal 0.1.0

package/dist/commands/status.js

@@ -0,0 +1,140 @@
+"use strict";
+/**
+ * `npx trustlocal status`
+ *
+ * Execution flow (per spec §5.4):
+ *  1. Read trustlocal.json — show error if missing
+ *  2. Print: framework, domains, cert location, expiry, days until expiry
+ *  3. Check if config injection is still present in framework config file
+ *  4. Check if NODE_EXTRA_CA_CERTS is set in .env
+ *  5. Check if .trustlocal/ is in .gitignore
+ *  6. Print coloured status line for each check
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runStatus = runStatus;
+const promises_1 = require("fs/promises");
+const path_1 = require("path");
+const chalk_1 = __importDefault(require("chalk"));
+const logger_1 = require("../utils/logger");
+const trustlocal_1 = require("../config/trustlocal");
+const generate_1 = require("../mkcert/generate");
+const nextjs_1 = require("../injectors/nextjs");
+const vite_1 = require("../injectors/vite");
+const nginx_1 = require("../injectors/nginx");
+const express_1 = require("../injectors/express");
+const framework_1 = require("../detector/framework");
+function statusLine(level, label, detail) {
+    const icon = level === 'OK' ? chalk_1.default.green('✓') : level === 'WARNING' ? chalk_1.default.yellow('⚠') : chalk_1.default.red('✗');
+    const color = level === 'OK' ? chalk_1.default.green : level === 'WARNING' ? chalk_1.default.yellow : chalk_1.default.red;
+    console.log(`  ${icon}  ${label.padEnd(30)} ${color(detail)}`);
+}
+async function fileExists(p) {
+    try {
+        await (0, promises_1.access)(p);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+async function fileContains(p, text) {
+    try {
+        const content = await (0, promises_1.readFile)(p, 'utf-8');
+        return content.includes(text);
+    }
+    catch {
+        return false;
+    }
+}
+/** Get the injection marker for the given framework config. */
+function getInjectionMarker(framework) {
+    if (framework === 'nextjs')
+        return nextjs_1.INJECTION_MARKER;
+    if (framework === 'vite')
+        return vite_1.INJECTION_MARKER;
+    if (framework === 'nginx')
+        return nginx_1.INJECTION_MARKER;
+    return 'trustlocal:https';
+}
+async function runStatus() {
+    const cwd = process.cwd();
+    logger_1.logger.title('trustlocal status');
+    // ── 1. Read trustlocal.json ───────────────────────────────────────────────
+    const config = await (0, trustlocal_1.readConfig)(cwd);
+    if (!config) {
+        logger_1.logger.error('trustlocal.json not found.');
+        logger_1.logger.info('Run `npx trustlocal init` first.');
+        process.exit(1);
+    }
+    // ── 2. Print basic info ───────────────────────────────────────────────────
+    logger_1.logger.info(`Framework : ${(0, framework_1.frameworkDisplayName)(config.framework)}`);
+    logger_1.logger.info(`Domains   : ${config.domains.join(', ')}`);
+    logger_1.logger.info(`Cert dir  : ${config.certDir}`);
+    logger_1.logger.blank();
+    // ── Cert expiry ───────────────────────────────────────────────────────────
+    const certPath = (0, path_1.join)(cwd, config.certDir, generate_1.CERT_FILENAME);
+    const certExists = await fileExists(certPath);
+    if (!certExists) {
+        statusLine('ERROR', 'Certificate file', 'Missing — run `npx trustlocal sync`');
+    }
+    else {
+        const expiry = (0, generate_1.getCertExpiry)(certPath);
+        const now = new Date();
+        const daysLeft = Math.floor((expiry.getTime() - now.getTime()) / (1000 * 60 * 60 * 24));
+        const expiryStr = `${expiry.toISOString().split('T')[0]} (${daysLeft} days)`;
+        if (daysLeft < 0) {
+            statusLine('ERROR', 'Certificate expiry', `EXPIRED ${expiryStr}`);
+        }
+        else if (daysLeft < 30) {
+            statusLine('WARNING', 'Certificate expiry', `Expiring soon: ${expiryStr}`);
+        }
+        else {
+            statusLine('OK', 'Certificate expiry', expiryStr);
+        }
+    }
+    // ── 3. Config injection check ─────────────────────────────────────────────
+    if (config.framework === 'express' || config.framework === 'plain') {
+        // Express/plain don't inject into a framework config file
+        statusLine('OK', 'Config injection', 'N/A (Express/plain — use .env)');
+    }
+    else {
+        const configFile = config.configFiles[0];
+        if (!configFile) {
+            statusLine('WARNING', 'Config injection', 'No config file recorded');
+        }
+        else {
+            const configPath = (0, path_1.join)(cwd, configFile);
+            const marker = getInjectionMarker(config.framework);
+            const hasInjection = await fileContains(configPath, marker);
+            if (hasInjection) {
+                statusLine('OK', 'Config injection', `Present in ${configFile}`);
+            }
+            else {
+                statusLine('WARNING', 'Config injection', `Not found in ${configFile} — run sync`);
+            }
+        }
+    }
+    // ── 4. NODE_EXTRA_CA_CERTS in .env ────────────────────────────────────────
+    const envPath = (0, path_1.join)(cwd, '.env');
+    const hasEnvKey = await fileContains(envPath, express_1.ENV_KEY);
+    if (hasEnvKey) {
+        statusLine('OK', 'NODE_EXTRA_CA_CERTS', 'Set in .env');
+    }
+    else {
+        statusLine('WARNING', 'NODE_EXTRA_CA_CERTS', 'Not set in .env');
+    }
+    // ── 5. .gitignore check ───────────────────────────────────────────────────
+    const gitignorePath = (0, path_1.join)(cwd, '.gitignore');
+    const gitignoreOk = await fileContains(gitignorePath, config.certDir);
+    if (gitignoreOk) {
+        statusLine('OK', '.gitignore', `${config.certDir}/ excluded`);
+    }
+    else {
+        statusLine('ERROR', '.gitignore', `${config.certDir}/ is NOT in .gitignore — private keys may be committed!`);
+    }
+    logger_1.logger.blank();
+}
+//# sourceMappingURL=status.js.map

package/dist/commands/status.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.js","sourceRoot":"","sources":["../../src/commands/status.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;;;;AAiDH,8BAgFC;AA/HD,0CAA+C;AAC/C,+BAA4B;AAC5B,kDAA0B;AAE1B,4CAAyC;AACzC,qDAAkD;AAClD,iDAAkE;AAClE,gDAAwE;AACxE,4CAAoE;AACpE,8CAAsE;AACtE,kDAA+C;AAC/C,qDAA6D;AAI7D,SAAS,UAAU,CAAC,KAAkB,EAAE,KAAa,EAAE,MAAc;IACnE,MAAM,IAAI,GAAG,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,eAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,eAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,eAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC1G,MAAM,KAAK,GAAG,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,eAAK,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,eAAK,CAAC,MAAM,CAAC,CAAC,CAAC,eAAK,CAAC,GAAG,CAAC;IAC5F,OAAO,CAAC,GAAG,CAAC,KAAK,IAAI,KAAK,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;AACjE,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,CAAS;IACjC,IAAI,CAAC;QACH,MAAM,IAAA,iBAAM,EAAC,CAAC,CAAC,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,CAAS,EAAE,IAAY;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,IAAA,mBAAQ,EAAC,CAAC,EAAE,OAAO,CAAC,CAAC;QAC3C,OAAO,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,+DAA+D;AAC/D,SAAS,kBAAkB,CAAC,SAAiB;IAC3C,IAAI,SAAS,KAAK,QAAQ;QAAE,OAAO,yBAAa,CAAC;IACjD,IAAI,SAAS,KAAK,MAAM;QAAE,OAAO,uBAAW,CAAC;IAC7C,IAAI,SAAS,KAAK,OAAO;QAAE,OAAO,wBAAY,CAAC;IAC/C,OAAO,kBAAkB,CAAC;AAC5B,CAAC;AAEM,KAAK,UAAU,SAAS;IAC7B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAE1B,eAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IAElC,6EAA6E;IAC7E,MAAM,MAAM,GAAG,MAAM,IAAA,uBAAU,EAAC,GAAG,CAAC,CAAC;IACrC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,eAAM,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC3C,eAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;QAChD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,6EAA6E;IAC7E,eAAM,CAAC,IAAI,CAAC,eAAe,IAAA,gCAAoB,EAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;IACrE,eAAM,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACxD,eAAM,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAC7C,eAAM,CAAC,KAAK,EAAE,CAAC;IAEf,6EAA6E;IAC7E,MAAM,QAAQ,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,MAAM,CAAC,OAAO,EAAE,wBAAa,CAAC,CAAC;IAC1D,MAAM,UAAU,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,CAAC;IAE9C,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,UAAU,CAAC,OAAO,EAAE,kBAAkB,EAAE,qCAAqC,CAAC,CAAC;IACjF,CAAC;SAAM,CAAC;QACN,MAAM,MAAM,GAAG,IAAA,wBAAa,EAAC,QAAQ,CAAC,CAAC;QACvC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;QACxF,MAAM,SAAS,GAAG,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,QAAQ,QAAQ,CAAC;QAE7E,IAAI,QAAQ,GAAG,CAAC,EAAE,CAAC;YACjB,UAAU,CAAC,OAAO,EAAE,oBAAoB,EAAE,WAAW,SAAS,EAAE,CAAC,CAAC;QACpE,CAAC;aAAM,IAAI,QAAQ,GAAG,EAAE,EAAE,CAAC;YACzB,UAAU,CAAC,SAAS,EAAE,oBAAoB,EAAE,kBAAkB,SAAS,EAAE,CAAC,CAAC;QAC7E,CAAC;aAAM,CAAC;YACN,UAAU,CAAC,IAAI,EAAE,oBAAoB,EAAE,SAAS,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IAED,6EAA6E;IAC7E,IAAI,MAAM,CAAC,SAAS,KAAK,SAAS,IAAI,MAAM,CAAC,SAAS,KAAK,OAAO,EAAE,CAAC;QACnE,0DAA0D;QAC1D,UAAU,CAAC,IAAI,EAAE,kBAAkB,EAAE,gCAAgC,CAAC,CAAC;IACzE,CAAC;SAAM,CAAC;QACN,MAAM,UAAU,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;QACzC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,UAAU,CAAC,SAAS,EAAE,kBAAkB,EAAE,yBAAyB,CAAC,CAAC;QACvE,CAAC;aAAM,CAAC;YACN,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,UAAU,CAAC,CAAC;YACzC,MAAM,MAAM,GAAG,kBAAkB,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YACpD,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;YAE5D,IAAI,YAAY,EAAE,CAAC;gBACjB,UAAU,CAAC,IAAI,EAAE,kBAAkB,EAAE,cAAc,UAAU,EAAE,CAAC,CAAC;YACnE,CAAC;iBAAM,CAAC;gBACN,UAAU,CAAC,SAAS,EAAE,kBAAkB,EAAE,gBAAgB,UAAU,aAAa,CAAC,CAAC;YACrF,CAAC;QACH,CAAC;IACH,CAAC;IAED,6EAA6E;IAC7E,MAAM,OAAO,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,MAAM,YAAY,CAAC,OAAO,EAAE,iBAAO,CAAC,CAAC;IACvD,IAAI,SAAS,EAAE,CAAC;QACd,UAAU,CAAC,IAAI,EAAE,qBAAqB,EAAE,aAAa,CAAC,CAAC;IACzD,CAAC;SAAM,CAAC;QACN,UAAU,CAAC,SAAS,EAAE,qBAAqB,EAAE,iBAAiB,CAAC,CAAC;IAClE,CAAC;IAED,6EAA6E;IAC7E,MAAM,aAAa,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,YAAY,CAAC,CAAC;IAC9C,MAAM,WAAW,GAAG,MAAM,YAAY,CAAC,aAAa,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IACtE,IAAI,WAAW,EAAE,CAAC;QAChB,UAAU,CAAC,IAAI,EAAE,YAAY,EAAE,GAAG,MAAM,CAAC,OAAO,YAAY,CAAC,CAAC;IAChE,CAAC;SAAM,CAAC;QACN,UAAU,CAAC,OAAO,EAAE,YAAY,EAAE,GAAG,MAAM,CAAC,OAAO,yDAAyD,CAAC,CAAC;IAChH,CAAC;IAED,eAAM,CAAC,KAAK,EAAE,CAAC;AACjB,CAAC"}

package/dist/commands/sync.d.ts

@@ -0,0 +1,13 @@
+/**
+ * `npx trustlocal sync`
+ *
+ * Execution flow (per spec §5.2):
+ *  1. Read trustlocal.json — exit with error if not found
+ *  2. Run mkcert -install on this machine
+ *  3. Regenerate certs for the same domains into .trustlocal/
+ *  4. Re-inject config (idempotent)
+ *  5. Set NODE_EXTRA_CA_CERTS in .env
+ *  6. Print success message
+ */
+export declare function runSync(): Promise<void>;
+//# sourceMappingURL=sync.d.ts.map

package/dist/commands/sync.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sync.d.ts","sourceRoot":"","sources":["../../src/commands/sync.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AA+DH,wBAAsB,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,CA8C7C"}

package/dist/commands/sync.js

@@ -0,0 +1,111 @@
+"use strict";
+/**
+ * `npx trustlocal sync`
+ *
+ * Execution flow (per spec §5.2):
+ *  1. Read trustlocal.json — exit with error if not found
+ *  2. Run mkcert -install on this machine
+ *  3. Regenerate certs for the same domains into .trustlocal/
+ *  4. Re-inject config (idempotent)
+ *  5. Set NODE_EXTRA_CA_CERTS in .env
+ *  6. Print success message
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runSync = runSync;
+const promises_1 = require("fs/promises");
+const path_1 = require("path");
+const logger_1 = require("../utils/logger");
+const trustlocal_1 = require("../config/trustlocal");
+const check_1 = require("../mkcert/check");
+const install_1 = require("../mkcert/install");
+const generate_1 = require("../mkcert/generate");
+const nextjs_1 = require("../injectors/nextjs");
+const vite_1 = require("../injectors/vite");
+const express_1 = require("../injectors/express");
+const nginx_1 = require("../injectors/nginx");
+const plain_1 = require("../injectors/plain");
+async function ensureNodeExtraCA(cwd, caRootPem) {
+    const envPath = (0, path_1.join)(cwd, '.env');
+    let content = '';
+    try {
+        content = await (0, promises_1.readFile)(envPath, 'utf-8');
+    }
+    catch {
+        // file missing — create it
+    }
+    if (content.includes('NODE_EXTRA_CA_CERTS'))
+        return;
+    const line = `\n# trustlocal — allow Node.js to trust the local CA\nNODE_EXTRA_CA_CERTS=${caRootPem}\n`;
+    await (0, promises_1.writeFile)(envPath, content + line, 'utf-8');
+}
+async function runInjector(framework, configFile, cwd, caRootPem) {
+    switch (framework) {
+        case 'nextjs': {
+            const result = await (0, nextjs_1.injectNextjs)((0, path_1.join)(cwd, configFile ?? 'next.config.js'));
+            if (!result.alreadyConfigured)
+                logger_1.logger.success('Next.js config updated');
+            break;
+        }
+        case 'vite': {
+            const result = await (0, vite_1.injectVite)((0, path_1.join)(cwd, configFile ?? 'vite.config.ts'));
+            if (!result.alreadyConfigured)
+                logger_1.logger.success('Vite config updated');
+            break;
+        }
+        case 'express':
+            await (0, express_1.injectExpress)((0, path_1.join)(cwd, '.env'), caRootPem);
+            logger_1.logger.success('NODE_EXTRA_CA_CERTS set in .env');
+            (0, express_1.printExpressSnippet)('.trustlocal');
+            break;
+        case 'nginx': {
+            const result = await (0, nginx_1.injectNginx)((0, path_1.join)(cwd, configFile ?? 'nginx.conf'));
+            if (!result.alreadyConfigured)
+                logger_1.logger.success('nginx.conf updated');
+            break;
+        }
+        case 'plain':
+            (0, plain_1.printPlainInstructions)('.trustlocal');
+            break;
+    }
+}
+async function runSync() {
+    const cwd = process.cwd();
+    logger_1.logger.title('trustlocal sync');
+    // ── 1. Read trustlocal.json ───────────────────────────────────────────────
+    const config = await (0, trustlocal_1.readConfig)(cwd);
+    if (!config) {
+        logger_1.logger.error('trustlocal.json not found.');
+        logger_1.logger.info('Run `npx trustlocal init` first to set up HTTPS for this project.');
+        process.exit(1);
+    }
+    // ── 2. Check / install mkcert ─────────────────────────────────────────────
+    logger_1.logger.step('Checking mkcert...');
+    const mkcertInfo = (0, check_1.checkMkcert)();
+    if (!mkcertInfo.installed) {
+        logger_1.logger.warn('mkcert not found — attempting auto-install...');
+        (0, install_1.installMkcert)();
+    }
+    else {
+        logger_1.logger.success(`mkcert ${mkcertInfo.version ?? ''} found`);
+    }
+    logger_1.logger.step('Installing local CA (may prompt for sudo)...');
+    (0, generate_1.installCA)();
+    logger_1.logger.success('Local CA registered');
+    // ── 3. Regenerate certs ────────────────────────────────────────────────────
+    logger_1.logger.step(`Generating certificates for: ${config.domains.join(', ')}`);
+    await (0, generate_1.generateCerts)(config.certDir, config.domains, cwd);
+    logger_1.logger.success(`Certificates generated → ${config.certDir}/`);
+    // ── 4. Re-inject config (idempotent) ──────────────────────────────────────
+    logger_1.logger.step('Checking framework config...');
+    const caRootPem = `${(0, check_1.getMkcertCARoot)()}/rootCA.pem`;
+    await runInjector(config.framework, config.configFiles[0], cwd, caRootPem);
+    logger_1.logger.success('Config verified');
+    // ── 5. NODE_EXTRA_CA_CERTS ────────────────────────────────────────────────
+    logger_1.logger.step('Updating .env...');
+    await ensureNodeExtraCA(cwd, caRootPem);
+    logger_1.logger.success('NODE_EXTRA_CA_CERTS set');
+    logger_1.logger.blank();
+    logger_1.logger.success('Done! HTTPS is ready on this machine.');
+    logger_1.logger.blank();
+}
+//# sourceMappingURL=sync.js.map

package/dist/commands/sync.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sync.js","sourceRoot":"","sources":["../../src/commands/sync.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;GAUG;;AA+DH,0BA8CC;AA3GD,0CAAkD;AAClD,+BAA4B;AAE5B,4CAAyC;AACzC,qDAAkD;AAClD,2CAA+D;AAC/D,+CAAkD;AAClD,iDAA8D;AAC9D,gDAAmD;AACnD,4CAA+C;AAC/C,kDAA0E;AAC1E,8CAAiD;AACjD,8CAA4D;AAG5D,KAAK,UAAU,iBAAiB,CAAC,GAAW,EAAE,SAAiB;IAC7D,MAAM,OAAO,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAClC,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,IAAA,mBAAQ,EAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAAC,MAAM,CAAC;QACP,2BAA2B;IAC7B,CAAC;IACD,IAAI,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC;QAAE,OAAO;IACpD,MAAM,IAAI,GAAG,6EAA6E,SAAS,IAAI,CAAC;IACxG,MAAM,IAAA,oBAAS,EAAC,OAAO,EAAE,OAAO,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;AACpD,CAAC;AAED,KAAK,UAAU,WAAW,CACxB,SAAoB,EACpB,UAA8B,EAC9B,GAAW,EACX,SAAiB;IAEjB,QAAQ,SAAS,EAAE,CAAC;QAClB,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,MAAM,MAAM,GAAG,MAAM,IAAA,qBAAY,EAAC,IAAA,WAAI,EAAC,GAAG,EAAE,UAAU,IAAI,gBAAgB,CAAC,CAAC,CAAC;YAC7E,IAAI,CAAC,MAAM,CAAC,iBAAiB;gBAAE,eAAM,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC;YACxE,MAAM;QACR,CAAC;QACD,KAAK,MAAM,CAAC,CAAC,CAAC;YACZ,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAU,EAAC,IAAA,WAAI,EAAC,GAAG,EAAE,UAAU,IAAI,gBAAgB,CAAC,CAAC,CAAC;YAC3E,IAAI,CAAC,MAAM,CAAC,iBAAiB;gBAAE,eAAM,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC;YACrE,MAAM;QACR,CAAC;QACD,KAAK,SAAS;YACZ,MAAM,IAAA,uBAAa,EAAC,IAAA,WAAI,EAAC,GAAG,EAAE,MAAM,CAAC,EAAE,SAAS,CAAC,CAAC;YAClD,eAAM,CAAC,OAAO,CAAC,iCAAiC,CAAC,CAAC;YAClD,IAAA,6BAAmB,EAAC,aAAa,CAAC,CAAC;YACnC,MAAM;QACR,KAAK,OAAO,CAAC,CAAC,CAAC;YACb,MAAM,MAAM,GAAG,MAAM,IAAA,mBAAW,EAAC,IAAA,WAAI,EAAC,GAAG,EAAE,UAAU,IAAI,YAAY,CAAC,CAAC,CAAC;YACxE,IAAI,CAAC,MAAM,CAAC,iBAAiB;gBAAE,eAAM,CAAC,OAAO,CAAC,oBAAoB,CAAC,CAAC;YACpE,MAAM;QACR,CAAC;QACD,KAAK,OAAO;YACV,IAAA,8BAAsB,EAAC,aAAa,CAAC,CAAC;YACtC,MAAM;IACV,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,OAAO;IAC3B,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAE1B,eAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;IAEhC,6EAA6E;IAC7E,MAAM,MAAM,GAAG,MAAM,IAAA,uBAAU,EAAC,GAAG,CAAC,CAAC;IACrC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,eAAM,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAC3C,eAAM,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;QACjF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,6EAA6E;IAC7E,eAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IAClC,MAAM,UAAU,GAAG,IAAA,mBAAW,GAAE,CAAC;IACjC,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,CAAC;QAC1B,eAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;QAC7D,IAAA,uBAAa,GAAE,CAAC;IAClB,CAAC;SAAM,CAAC;QACN,eAAM,CAAC,OAAO,CAAC,UAAU,UAAU,CAAC,OAAO,IAAI,EAAE,QAAQ,CAAC,CAAC;IAC7D,CAAC;IAED,eAAM,CAAC,IAAI,CAAC,8CAA8C,CAAC,CAAC;IAC5D,IAAA,oBAAS,GAAE,CAAC;IACZ,eAAM,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC;IAEtC,8EAA8E;IAC9E,eAAM,CAAC,IAAI,CAAC,gCAAgC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACzE,MAAM,IAAA,wBAAa,EAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACzD,eAAM,CAAC,OAAO,CAAC,4BAA4B,MAAM,CAAC,OAAO,GAAG,CAAC,CAAC;IAE9D,6EAA6E;IAC7E,eAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,GAAG,IAAA,uBAAe,GAAE,aAAa,CAAC;IACpD,MAAM,WAAW,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC;IAC3E,eAAM,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;IAElC,6EAA6E;IAC7E,eAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAChC,MAAM,iBAAiB,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IACxC,eAAM,CAAC,OAAO,CAAC,yBAAyB,CAAC,CAAC;IAE1C,eAAM,CAAC,KAAK,EAAE,CAAC;IACf,eAAM,CAAC,OAAO,CAAC,uCAAuC,CAAC,CAAC;IACxD,eAAM,CAAC,KAAK,EAAE,CAAC;AACjB,CAAC"}

package/dist/config/trustlocal.d.ts

@@ -0,0 +1,40 @@
+/**
+ * trustlocal.json reader / writer
+ *
+ * This file is committed to the project repo. It contains NO secrets —
+ * only metadata needed for teammates to reproduce the setup.
+ */
+import type { Framework } from '../detector/framework';
+export declare const CONFIG_FILENAME = "trustlocal.json";
+export declare const CERT_DIR = ".trustlocal";
+export interface TrustlocalConfig {
+    /** Schema version — currently always "1" */
+    version: '1';
+    framework: Framework;
+    domains: string[];
+    /** Relative path from project root to the cert directory */
+    certDir: string;
+    /** Config files that were injected (relative paths) */
+    configFiles: string[];
+    createdAt: string;
+}
+/**
+ * Read and parse trustlocal.json from the project root.
+ * Returns null if the file does not exist.
+ * Throws if the file exists but is malformed.
+ */
+export declare function readConfig(cwd: string): Promise<TrustlocalConfig | null>;
+/**
+ * Write trustlocal.json to the project root.
+ */
+export declare function writeConfig(cwd: string, config: TrustlocalConfig): Promise<void>;
+/**
+ * Build a new TrustlocalConfig from the given parameters.
+ */
+export declare function buildConfig(params: {
+    framework: Framework;
+    domains: string[];
+    certDir?: string;
+    configFiles: string[];
+}): TrustlocalConfig;
+//# sourceMappingURL=trustlocal.d.ts.map

package/dist/config/trustlocal.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"trustlocal.d.ts","sourceRoot":"","sources":["../../src/config/trustlocal.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAEvD,eAAO,MAAM,eAAe,oBAAoB,CAAC;AACjD,eAAO,MAAM,QAAQ,gBAAgB,CAAC;AAEtC,MAAM,WAAW,gBAAgB;IAC/B,4CAA4C;IAC5C,OAAO,EAAE,GAAG,CAAC;IACb,SAAS,EAAE,SAAS,CAAC;IACrB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,4DAA4D;IAC5D,OAAO,EAAE,MAAM,CAAC;IAChB,uDAAuD;IACvD,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;;GAIG;AACH,wBAAsB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC,CAS9E;AAED;;GAEG;AACH,wBAAsB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC,CAGtF;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,MAAM,EAAE;IAClC,SAAS,EAAE,SAAS,CAAC;IACrB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB,GAAG,gBAAgB,CASnB"}

package/dist/config/trustlocal.js

@@ -0,0 +1,54 @@
+"use strict";
+/**
+ * trustlocal.json reader / writer
+ *
+ * This file is committed to the project repo. It contains NO secrets —
+ * only metadata needed for teammates to reproduce the setup.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CERT_DIR = exports.CONFIG_FILENAME = void 0;
+exports.readConfig = readConfig;
+exports.writeConfig = writeConfig;
+exports.buildConfig = buildConfig;
+const promises_1 = require("fs/promises");
+const path_1 = require("path");
+exports.CONFIG_FILENAME = 'trustlocal.json';
+exports.CERT_DIR = '.trustlocal';
+/**
+ * Read and parse trustlocal.json from the project root.
+ * Returns null if the file does not exist.
+ * Throws if the file exists but is malformed.
+ */
+async function readConfig(cwd) {
+    const configPath = (0, path_1.join)(cwd, exports.CONFIG_FILENAME);
+    try {
+        const raw = await (0, promises_1.readFile)(configPath, 'utf-8');
+        return JSON.parse(raw);
+    }
+    catch (err) {
+        if (err.code === 'ENOENT')
+            return null;
+        throw new Error(`Failed to parse ${exports.CONFIG_FILENAME}: ${String(err)}`);
+    }
+}
+/**
+ * Write trustlocal.json to the project root.
+ */
+async function writeConfig(cwd, config) {
+    const configPath = (0, path_1.join)(cwd, exports.CONFIG_FILENAME);
+    await (0, promises_1.writeFile)(configPath, JSON.stringify(config, null, 2) + '\n', 'utf-8');
+}
+/**
+ * Build a new TrustlocalConfig from the given parameters.
+ */
+function buildConfig(params) {
+    return {
+        version: '1',
+        framework: params.framework,
+        domains: params.domains,
+        certDir: params.certDir ?? exports.CERT_DIR,
+        configFiles: params.configFiles,
+        createdAt: new Date().toISOString(),
+    };
+}
+//# sourceMappingURL=trustlocal.js.map

package/dist/config/trustlocal.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"trustlocal.js","sourceRoot":"","sources":["../../src/config/trustlocal.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AA0BH,gCASC;AAKD,kCAGC;AAKD,kCAcC;AA5DD,0CAAkD;AAClD,+BAA4B;AAGf,QAAA,eAAe,GAAG,iBAAiB,CAAC;AACpC,QAAA,QAAQ,GAAG,aAAa,CAAC;AActC;;;;GAIG;AACI,KAAK,UAAU,UAAU,CAAC,GAAW;IAC1C,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,uBAAe,CAAC,CAAC;IAC9C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,IAAA,mBAAQ,EAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAChD,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAqB,CAAC;IAC7C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAK,GAA6B,CAAC,IAAI,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAClE,MAAM,IAAI,KAAK,CAAC,mBAAmB,uBAAe,KAAK,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACxE,CAAC;AACH,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,WAAW,CAAC,GAAW,EAAE,MAAwB;IACrE,MAAM,UAAU,GAAG,IAAA,WAAI,EAAC,GAAG,EAAE,uBAAe,CAAC,CAAC;IAC9C,MAAM,IAAA,oBAAS,EAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;AAC/E,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,MAK3B;IACC,OAAO;QACL,OAAO,EAAE,GAAG;QACZ,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,gBAAQ;QACnC,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;AACJ,CAAC"}

package/dist/detector/framework.d.ts

@@ -0,0 +1,14 @@
+export type Framework = 'nextjs' | 'vite' | 'express' | 'nginx' | 'plain';
+export interface DetectionResult {
+    framework: Framework;
+    /** Relative path to the config file that will be injected, if applicable. */
+    configFile?: string;
+}
+/**
+ * Detect the project framework by scanning package.json and the filesystem.
+ * Returns the framework type and the config file that should be injected into.
+ */
+export declare function detectFramework(cwd: string): Promise<DetectionResult>;
+/** Human-readable name for display in the terminal. */
+export declare function frameworkDisplayName(framework: Framework): string;
+//# sourceMappingURL=framework.d.ts.map

package/dist/detector/framework.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"framework.d.ts","sourceRoot":"","sources":["../../src/detector/framework.ts"],"names":[],"mappings":"AAGA,MAAM,MAAM,SAAS,GAAG,QAAQ,GAAG,MAAM,GAAG,SAAS,GAAG,OAAO,GAAG,OAAO,CAAC;AAE1E,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,SAAS,CAAC;IACrB,6EAA6E;IAC7E,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAuCD;;;GAGG;AACH,wBAAsB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC,CA0C3E;AAED,uDAAuD;AACvD,wBAAgB,oBAAoB,CAAC,SAAS,EAAE,SAAS,GAAG,MAAM,CASjE"}

package/dist/detector/framework.js

@@ -0,0 +1,89 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.detectFramework = detectFramework;
+exports.frameworkDisplayName = frameworkDisplayName;
+const promises_1 = require("fs/promises");
+const path_1 = require("path");
+async function fileExists(filePath) {
+    try {
+        await (0, promises_1.access)(filePath);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+async function readPackageJson(cwd) {
+    try {
+        const content = await (0, promises_1.readFile)((0, path_1.join)(cwd, 'package.json'), 'utf-8');
+        return JSON.parse(content);
+    }
+    catch {
+        return null;
+    }
+}
+function hasDependency(pkg, name) {
+    return !!(pkg.dependencies?.[name] ?? pkg.devDependencies?.[name]);
+}
+/** Find the first existing file among candidates (relative to cwd). */
+async function findFirstExisting(cwd, candidates) {
+    for (const candidate of candidates) {
+        if (await fileExists((0, path_1.join)(cwd, candidate))) {
+            return candidate;
+        }
+    }
+    return undefined;
+}
+/**
+ * Detect the project framework by scanning package.json and the filesystem.
+ * Returns the framework type and the config file that should be injected into.
+ */
+async function detectFramework(cwd) {
+    const pkg = await readPackageJson(cwd);
+    // ── Next.js ────────────────────────────────────────────────────────────────
+    if (pkg && hasDependency(pkg, 'next')) {
+        const configFile = await findFirstExisting(cwd, [
+            'next.config.ts',
+            'next.config.js',
+            'next.config.mjs',
+        ]);
+        return { framework: 'nextjs', configFile: configFile ?? 'next.config.js' };
+    }
+    // ── Vite ──────────────────────────────────────────────────────────────────
+    if (pkg && hasDependency(pkg, 'vite')) {
+        const configFile = await findFirstExisting(cwd, [
+            'vite.config.ts',
+            'vite.config.js',
+            'vite.config.mts',
+            'vite.config.mjs',
+        ]);
+        return { framework: 'vite', configFile: configFile ?? 'vite.config.ts' };
+    }
+    // ── Express / Node ─────────────────────────────────────────────────────────
+    if (pkg && hasDependency(pkg, 'express')) {
+        const serverFile = await findFirstExisting(cwd, ['server.ts', 'server.js', 'app.ts', 'app.js']);
+        return { framework: 'express', configFile: serverFile };
+    }
+    // server.js without express in package.json
+    if (await fileExists((0, path_1.join)(cwd, 'server.js'))) {
+        return { framework: 'express', configFile: 'server.js' };
+    }
+    // ── Nginx ──────────────────────────────────────────────────────────────────
+    if (await fileExists((0, path_1.join)(cwd, 'nginx.conf'))) {
+        return { framework: 'nginx', configFile: 'nginx.conf' };
+    }
+    // ── Plain fallback ─────────────────────────────────────────────────────────
+    return { framework: 'plain' };
+}
+/** Human-readable name for display in the terminal. */
+function frameworkDisplayName(framework) {
+    const names = {
+        nextjs: 'Next.js',
+        vite: 'Vite',
+        express: 'Express / Node',
+        nginx: 'Nginx',
+        plain: 'Plain (no framework detected)',
+    };
+    return names[framework];
+}
+//# sourceMappingURL=framework.js.map

package/dist/detector/framework.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"framework.js","sourceRoot":"","sources":["../../src/detector/framework.ts"],"names":[],"mappings":";;AAoDA,0CA0CC;AAGD,oDASC;AA1GD,0CAA+C;AAC/C,+BAA4B;AAe5B,KAAK,UAAU,UAAU,CAAC,QAAgB;IACxC,IAAI,CAAC;QACH,MAAM,IAAA,iBAAM,EAAC,QAAQ,CAAC,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,GAAW;IACxC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,IAAA,mBAAQ,EAAC,IAAA,WAAI,EAAC,GAAG,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,CAAC;QACnE,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAgB,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,GAAgB,EAAE,IAAY;IACnD,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,eAAe,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;AACrE,CAAC;AAED,uEAAuE;AACvE,KAAK,UAAU,iBAAiB,CAAC,GAAW,EAAE,UAAoB;IAChE,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,IAAI,MAAM,UAAU,CAAC,IAAA,WAAI,EAAC,GAAG,EAAE,SAAS,CAAC,CAAC,EAAE,CAAC;YAC3C,OAAO,SAAS,CAAC;QACnB,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,eAAe,CAAC,GAAW;IAC/C,MAAM,GAAG,GAAG,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC;IAEvC,8EAA8E;IAC9E,IAAI,GAAG,IAAI,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,CAAC;QACtC,MAAM,UAAU,GAAG,MAAM,iBAAiB,CAAC,GAAG,EAAE;YAC9C,gBAAgB;YAChB,gBAAgB;YAChB,iBAAiB;SAClB,CAAC,CAAC;QACH,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,UAAU,EAAE,UAAU,IAAI,gBAAgB,EAAE,CAAC;IAC7E,CAAC;IAED,6EAA6E;IAC7E,IAAI,GAAG,IAAI,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,CAAC;QACtC,MAAM,UAAU,GAAG,MAAM,iBAAiB,CAAC,GAAG,EAAE;YAC9C,gBAAgB;YAChB,gBAAgB;YAChB,iBAAiB;YACjB,iBAAiB;SAClB,CAAC,CAAC;QACH,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,IAAI,gBAAgB,EAAE,CAAC;IAC3E,CAAC;IAED,8EAA8E;IAC9E,IAAI,GAAG,IAAI,aAAa,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,CAAC;QACzC,MAAM,UAAU,GAAG,MAAM,iBAAiB,CAAC,GAAG,EAAE,CAAC,WAAW,EAAE,WAAW,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC;QAChG,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU,EAAE,CAAC;IAC1D,CAAC;IAED,4CAA4C;IAC5C,IAAI,MAAM,UAAU,CAAC,IAAA,WAAI,EAAC,GAAG,EAAE,WAAW,CAAC,CAAC,EAAE,CAAC;QAC7C,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,EAAE,WAAW,EAAE,CAAC;IAC3D,CAAC;IAED,8EAA8E;IAC9E,IAAI,MAAM,UAAU,CAAC,IAAA,WAAI,EAAC,GAAG,EAAE,YAAY,CAAC,CAAC,EAAE,CAAC;QAC9C,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,CAAC;IAC1D,CAAC;IAED,8EAA8E;IAC9E,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC;AAChC,CAAC;AAED,uDAAuD;AACvD,SAAgB,oBAAoB,CAAC,SAAoB;IACvD,MAAM,KAAK,GAA8B;QACvC,MAAM,EAAE,SAAS;QACjB,IAAI,EAAE,MAAM;QACZ,OAAO,EAAE,gBAAgB;QACzB,KAAK,EAAE,OAAO;QACd,KAAK,EAAE,+BAA+B;KACvC,CAAC;IACF,OAAO,KAAK,CAAC,SAAS,CAAC,CAAC;AAC1B,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,8 @@
+#!/usr/bin/env node
+/**
+ * trustlocal — One command. HTTPS everywhere. Zero config.
+ *
+ * CLI entry point. Sets up commander with all four sub-commands.
+ */
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA;;;;GAIG"}

package/dist/index.js

@@ -0,0 +1,69 @@
+#!/usr/bin/env node
+"use strict";
+/**
+ * trustlocal — One command. HTTPS everywhere. Zero config.
+ *
+ * CLI entry point. Sets up commander with all four sub-commands.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+const commander_1 = require("commander");
+const init_1 = require("./commands/init");
+const sync_1 = require("./commands/sync");
+const renew_1 = require("./commands/renew");
+const status_1 = require("./commands/status");
+const program = new commander_1.Command();
+program
+    .name('trustlocal')
+    .description('Automate local HTTPS setup using mkcert. One command — certs generated, framework configured, teammates synced.')
+    .version('0.1.0');
+// ── init ─────────────────────────────────────────────────────────────────────
+program
+    .command('init')
+    .description('Set up local HTTPS for this project.\n' +
+    '  Installs mkcert if needed, detects your framework, generates trusted certs,\n' +
+    '  injects HTTPS config, and writes trustlocal.json for teammates to use.')
+    .option('--domains <domains>', 'Comma-separated extra domains to include (e.g. myapp.local)', (val) => val.split(',').map((d) => d.trim()))
+    .option('--force', 'Re-initialise even if trustlocal.json already exists')
+    .option('--dry-run', 'Preview what would happen without writing any files')
+    .action(async (opts) => {
+    await (0, init_1.runInit)({
+        domains: opts.domains,
+        force: opts.force,
+        dryRun: opts.dryRun,
+    }).catch(handleError);
+});
+// ── sync ──────────────────────────────────────────────────────────────────────
+program
+    .command('sync')
+    .description('Set up HTTPS on a new machine for an existing project.\n' +
+    '  Reads trustlocal.json, generates fresh certs (no key sharing),\n' +
+    '  and re-injects config identically. Run after cloning a repo.')
+    .action(async () => {
+    await (0, sync_1.runSync)().catch(handleError);
+});
+// ── renew ─────────────────────────────────────────────────────────────────────
+program
+    .command('renew')
+    .description('Renew expiring certificates.\n' +
+    '  Certificates expire after 2 years. Deletes old certs and generates fresh ones.\n' +
+    '  Config files are not touched — cert paths remain the same.')
+    .option('--force', 'Renew even if the cert has more than 30 days remaining')
+    .action(async (opts) => {
+    await (0, renew_1.runRenew)({ force: opts.force }).catch(handleError);
+});
+// ── status ────────────────────────────────────────────────────────────────────
+program
+    .command('status')
+    .description('Show the current HTTPS setup status for this project.\n' +
+    '  Checks cert expiry, config injection, NODE_EXTRA_CA_CERTS, and .gitignore.\n' +
+    '  Prints OK / WARNING / ERROR for each check.')
+    .action(async () => {
+    await (0, status_1.runStatus)().catch(handleError);
+});
+function handleError(err) {
+    const message = err instanceof Error ? err.message : String(err);
+    console.error(`\n  ✗  ${message}\n`);
+    process.exit(1);
+}
+program.parse(process.argv);
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;AACA;;;;GAIG;;AAEH,yCAAoC;AACpC,0CAA0C;AAC1C,0CAA0C;AAC1C,4CAA4C;AAC5C,8CAA8C;AAE9C,MAAM,OAAO,GAAG,IAAI,mBAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,YAAY,CAAC;KAClB,WAAW,CAAC,iHAAiH,CAAC;KAC9H,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,gFAAgF;AAChF,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CACV,wCAAwC;IACxC,iFAAiF;IACjF,0EAA0E,CAC3E;KACA,MAAM,CAAC,qBAAqB,EAAE,6DAA6D,EAAE,CAAC,GAAG,EAAE,EAAE,CACpG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CACpC;KACA,MAAM,CAAC,SAAS,EAAE,sDAAsD,CAAC;KACzE,MAAM,CAAC,WAAW,EAAE,qDAAqD,CAAC;KAC1E,MAAM,CAAC,KAAK,EAAE,IAA+D,EAAE,EAAE;IAChF,MAAM,IAAA,cAAO,EAAC;QACZ,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,MAAM,EAAE,IAAI,CAAC,MAAM;KACpB,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;AACxB,CAAC,CAAC,CAAC;AAEL,iFAAiF;AACjF,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CACV,0DAA0D;IAC1D,oEAAoE;IACpE,gEAAgE,CACjE;KACA,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,cAAO,GAAE,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;AACrC,CAAC,CAAC,CAAC;AAEL,iFAAiF;AACjF,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CACV,gCAAgC;IAChC,oFAAoF;IACpF,8DAA8D,CAC/D;KACA,MAAM,CAAC,SAAS,EAAE,wDAAwD,CAAC;KAC3E,MAAM,CAAC,KAAK,EAAE,IAAyB,EAAE,EAAE;IAC1C,MAAM,IAAA,gBAAQ,EAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;AAC3D,CAAC,CAAC,CAAC;AAEL,iFAAiF;AACjF,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CACV,yDAAyD;IACzD,gFAAgF;IAChF,+CAA+C,CAChD;KACA,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,kBAAS,GAAE,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;AACvC,CAAC,CAAC,CAAC;AAEL,SAAS,WAAW,CAAC,GAAY;IAC/B,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACjE,OAAO,CAAC,KAAK,CAAC,UAAU,OAAO,IAAI,CAAC,CAAC;IACrC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC"}

package/dist/injectors/astHelper.d.ts

@@ -0,0 +1,35 @@
+/**
+ * Lightweight AST helpers for reading JavaScript/TypeScript config files.
+ *
+ * Uses @babel/parser for parsing only — no @babel/generator dependency.
+ * Injection is done by precise string-slice insertion at AST-located positions,
+ * which preserves the original file's formatting.
+ */
+import type { File, ObjectExpression, Node } from '@babel/types';
+/** Deep-first search for nodes matching a predicate. */
+export declare function findNodes<T extends Node>(root: Node, predicate: (node: Node) => node is T): T[];
+/** Parse a JS/TS source string into a Babel AST. */
+export declare function parseSource(source: string): File;
+/** Check if an ObjectExpression already has a direct property with the given key. */
+export declare function hasProperty(obj: ObjectExpression, key: string): boolean;
+/**
+ * Get the character position immediately after the opening `{` of an
+ * ObjectExpression so we can insert properties at the top.
+ */
+export declare function getObjectOpenBraceEnd(obj: ObjectExpression, source: string): number;
+/**
+ * Find the top-level exported config ObjectExpression.
+ *
+ * Handles:
+ *  - `export default { ... }`
+ *  - `export default defineConfig({ ... })`
+ *  - `module.exports = { ... }`
+ *  - `const config = { ... }` (last top-level ObjectExpression as fallback)
+ */
+export declare function findTopLevelConfigObject(ast: File): ObjectExpression | null;
+/**
+ * Check whether a nested path like `server.https` already exists inside an
+ * ObjectExpression. `path` is given as an array of key names.
+ */
+export declare function hasNestedProperty(obj: ObjectExpression, path: string[]): boolean;
+//# sourceMappingURL=astHelper.d.ts.map

package/dist/injectors/astHelper.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"astHelper.d.ts","sourceRoot":"","sources":["../../src/injectors/astHelper.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,KAAK,EACV,IAAI,EACJ,gBAAgB,EAOhB,IAAI,EACL,MAAM,cAAc,CAAC;AAuBtB,wDAAwD;AACxD,wBAAgB,SAAS,CAAC,CAAC,SAAS,IAAI,EACtC,IAAI,EAAE,IAAI,EACV,SAAS,EAAE,CAAC,IAAI,EAAE,IAAI,KAAK,IAAI,IAAI,CAAC,GACnC,CAAC,EAAE,CASL;AAED,oDAAoD;AACpD,wBAAgB,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAWhD;AAED,qFAAqF;AACrF,wBAAgB,WAAW,CAAC,GAAG,EAAE,gBAAgB,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAOvE;AAED;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,GAAG,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAKnF;AAED;;;;;;;;GAQG;AACH,wBAAgB,wBAAwB,CAAC,GAAG,EAAE,IAAI,GAAG,gBAAgB,GAAG,IAAI,CAoD3E;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,gBAAgB,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAkBhF"}