Replace a single file inside a pack (org-owned packs only)
const url = 'https://your-org.evershell.ai/v1/packs/example/files/example';const options = { method: 'PUT', headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/octet-stream'}, body: 'binary'};
try { const response = await fetch(url, options); const data = await response.json(); console.log(data);} catch (error) { console.error(error);}curl --request PUT \ --url https://your-org.evershell.ai/v1/packs/example/files/example \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/octet-stream' \ --data binaryPermissions: caps:write. Tier must be community and
origin must be upload — system-shipped (recommended /
verified) packs and registry-origin packs can’t be edited
file-by-file.
Rebuilds the underlying image with the file replaced and
creates a new image digest. The pack version stays the
same; use PUT /packs/{id} for a full version bump.
Authorizations
Section titled “Authorizations ”Parameters
Section titled “ Parameters ”Path Parameters
Section titled “Path Parameters ”Slash-separated path of the file inside the pack root. URL-encode each segment individually; do NOT encode the path separators.
Request Body required
Section titled “Request Body required ”Responses
Section titled “ Responses ”OK
object
Owning org id. Redacted to absent on packs the caller
doesn’t own (platform-shipped + foreign community
packs) — use owned to distinguish.
Caps.yaml fragment shipped by the pack
Comma-separated names of related packs (display hint).
Where the image was pushed from (upload, image_ref, clone).
True when the pack is org-scoped to the caller’s org.
Example
{ "id": "pack_01HZ", "version": "1.2.0", "tier": "recommended", "visibility": "org"}Validation failure
object
object
Closed-enum slug (e.g. permission_denied, validation_error, workspace_not_found)
Human-readable summary
Server-generated request id for correlating logs
Optional structured context. Validation errors land at
details.fields as a per-field map.
object
Example
{ "error": { "code": "permission_denied", "message": "caller lacks required scope", "request_id": "7f3a9c2e" }}Caller lacks the required scope, or cross-org access attempted
object
object
Closed-enum slug (e.g. permission_denied, validation_error, workspace_not_found)
Human-readable summary
Server-generated request id for correlating logs
Optional structured context. Validation errors land at
details.fields as a per-field map.
object
Example
{ "error": { "code": "permission_denied", "message": "caller lacks required scope", "request_id": "7f3a9c2e" }}Resource not found in the caller’s org
object
object
Closed-enum slug (e.g. permission_denied, validation_error, workspace_not_found)
Human-readable summary
Server-generated request id for correlating logs
Optional structured context. Validation errors land at
details.fields as a per-field map.
object
Example
{ "error": { "code": "permission_denied", "message": "caller lacks required scope", "request_id": "7f3a9c2e" }}Tenant is past_due, decommissioning, or trial-expired
object
object
Closed-enum slug (e.g. permission_denied, validation_error, workspace_not_found)
Human-readable summary
Server-generated request id for correlating logs
Optional structured context. Validation errors land at
details.fields as a per-field map.
object
Example
{ "error": { "code": "permission_denied", "message": "caller lacks required scope", "request_id": "7f3a9c2e" }}