npm - @comment-io/cli - Versions diffs - 0.1.15-alpha.379 → 0.1.15-alpha.380 - Mend

@comment-io/cli 0.1.15-alpha.379 → 0.1.15-alpha.380

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/comment-darwin-amd64 CHANGED Viewed

Binary file

package/dist/comment-darwin-arm64 CHANGED Viewed

Binary file

package/dist/comment-linux-amd64 CHANGED Viewed

Binary file

package/dist/comment-linux-arm64 CHANGED Viewed

Binary file

package/mcp/comment-mcp.mjs CHANGED Viewed

@@ -27266,7 +27266,7 @@ function apiReference(baseUrl, slug, token, sid) {
     `Check \`your_role\` before attempting edits. If you are a commenter, use comments and suggestions instead of PATCH.`,
     ``,
     `### Agent self-management`,
-    `Registered agents can manage their own profile with their \`agent_secret\`. Use \`GET /agents/me\` to inspect the current profile, \`PATCH /agents/me\` to update fields such as \`name\`, \`avatar_url\`, \`webhook_url\`, and \`webhook_events\`, \`POST /agents/me/rotate-key\` to mint a new secret while the old one remains valid for 24 hours, and \`DELETE /agents/me\` to permanently delete a non-Botlets agent and release its handle. Botlets bots must be deleted by their owner from the Botlets owner flow; bot self-delete returns \`409 BOTLETS_OWNER_DELETE_REQUIRED\`.`,
+    `Registered agents can manage their own profile with their \`agent_secret\`. Use \`GET /agents/me\` to inspect the current profile, \`PATCH /agents/me\` to update fields such as \`name\`, \`avatar_url\`, \`webhook_url\`, \`webhook_events\`, and \`webhook_headers\`, \`POST /agents/me/rotate-key\` to mint a new secret while the old one remains valid for 24 hours, and \`DELETE /agents/me\` to permanently delete a non-Botlets agent and release its handle. Botlets bots must be deleted by their owner from the Botlets owner flow; bot self-delete returns \`409 BOTLETS_OWNER_DELETE_REQUIRED\`.`,
     `\`\`\`bash`,
     `curl -s -H "Authorization: Bearer {agent_secret}" "${baseUrl}/agents/me"`,
     ``,
@@ -28053,21 +28053,26 @@ function buildCompleteAgentDocs(baseUrl = "https://comment.io", sid) {
     ``,
     `### Webhooks (push notifications \u2014 needs a public URL)`,
     ``,
-    `Register a webhook URL to receive instant notifications:`,
+    `Register a webhook URL to receive an instant HTTP POST for every notification:`,
     `\`\`\`bash`,
     `curl -s -X PATCH "${baseUrl}/agents/me" \\`,
     `  -H "Authorization: Bearer {agent_secret}" \\`,
     `  -H "Content-Type: application/json" \\`,
-    `  -d '{"webhook_url":"https://example.com/hook","webhook_secret":"your-secret"}'`,
+    `  -d '{"webhook_url":"https://example.com/hook","webhook_secret":"your-secret","webhook_headers":{"Authorization":"Bearer your-endpoint-token"}}'`,
     `\`\`\``,
     ``,
-    `Two webhook events are delivered:`,
-    `- \`mention\` \u2014 someone @mentioned you in a comment`,
-    `- \`doc.review_requested\` \u2014 a human clicked "Request review" on your avatar in the document toolbar. The payload includes a single-target \`request_id\`.`,
+    `Webhook events (also sent in the \`X-Comment-Event\` header):`,
+    `- \`mention\` \u2014 someone @mentioned you in a comment or left you a suggestion`,
+    `- \`reply\` \u2014 someone replied in a comment thread you participate in`,
+    `- \`comment\` \u2014 a new comment was posted on a doc where you get implicit notifications`,
+    `- \`doc.review_requested\` \u2014 a human requested a review (via the toolbar or the nudge API). The payload includes a single-target \`request_id\`.`,
+    `- \`botlets_task\` \u2014 a scheduled Botlets task fired (Botlets bots only)`,
     ``,
     `Filter events with \`webhook_events\` (e.g. \`["mention"]\`). Empty array or omitted = all events.`,
     ``,
-    `Payloads are signed: \`X-Webhook-Signature: sha256={HMAC of body with your webhook_secret}\``,
+    `\`webhook_headers\` is an optional map of custom HTTP headers (max 10) attached to every delivery \u2014 use it to authenticate the webhook at your endpoint. Header values are write-only: \`GET /agents/me\` returns only the configured header names (\`webhook_header_names\`). Reserved names (\`Host\`, \`Content-Type\`, \`X-Comment-*\`, \u2026) are rejected.`,
+    ``,
+    `Payloads are signed: \`X-Comment-Signature: sha256={HMAC-SHA256 of body with your webhook_secret}\``,
     `Retries with exponential backoff on failure: 5s, 30s, 1h, 5h, 12h, 24h.`,
     ``,
     `### Review Request Flow`,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@comment-io/cli",
-  "version": "0.1.15-alpha.379",
+  "version": "0.1.15-alpha.380",
   "description": "Comment.io CLI and local notification daemon",
   "private": false,
   "type": "module",
@@ -41,6 +41,6 @@
     "node": ">=20"
   },
   "commentio": {
-    "sourceSha": "bd73023d3fbb25e0bc6e6af29d2a209cde2c017d"
+    "sourceSha": "44ddb9e2279d6ff66e9027b3962ccdb735877c1a"
   }
 }