@general-liquidity/gordon-cli 0.8.19 → 0.8.22

package/README.md

@@ -1,455 +1,126 @@
-<p align="center">
-  <img src="gordon_ascii.png" alt="Gordon" width="400">
-</p>
-
-<h1 align="center">The Frontier Trading Agent</h1>
-
-<p align="center">
-  <em>Talk naturally. Trade confidently. Sleep peacefully.</em>
-</p>
+<h1 align="center">Gordon CLI</h1>
 
 <p align="center">
-  <a href="https://www.npmjs.com/package/@general-liquidity/gordon-cli"><img src="https://img.shields.io/npm/v/@general-liquidity/gordon-cli.svg?style=flat-square&color=d4a27f" alt="npm version"></a>
-  <a href="https://github.com/general-liquidity/gordon-cli/actions"><img src="https://img.shields.io/github/actions/workflow/status/general-liquidity/gordon-cli/release.yml?style=flat-square&label=build" alt="build status"></a>
-  <a href="https://github.com/general-liquidity/gordon-cli/blob/main/LICENSE"><img src="https://img.shields.io/npm/l/@general-liquidity/gordon-cli.svg?style=flat-square" alt="license"></a>
-  <a href="https://discord.gg/general-liquidity"><img src="https://img.shields.io/discord/XXXXXXXXX?style=flat-square&logo=discord&logoColor=white&label=discord" alt="Discord"></a>
+  The Frontier Trading Agent
 </p>
 
 <p align="center">
-  <a href="#installation">Installation</a> •
-  <a href="#quick-start">Quick Start</a> •
-  <a href="#how-it-works">How It Works</a> •
-  <a href="#safety">Safety</a> •
-  <a href="https://docs.gordon.trade">Docs</a>
+  <a href="https://www.npmjs.com/package/@general-liquidity/gordon-cli">npm</a> •
+  <a href="https://gordoncli.com">Website</a> •
+  <a href="https://docs.gordon.trade">Docs</a> •
+  <a href="https://github.com/general-liquidity/gordon-cli-dist/releases">Downloads</a>
 </p>
 
----
-
-## What is Gordon?
+## Install
 
-Gordon is **Claude Code for vibe trading**. Describe what you want to trade in plain English, and Gordon handles the technical analysis, risk management, and order execution—with your approval at every step.
+`npm`:
 
+```bash
+npm install -g @general-liquidity/gordon-cli
 ```
-You: I think ETH is gonna bounce here
 
-Gordon: ETH/USDT @ $3,421. RSI oversold at 28, price 1.2% above the
-        $3,380 support (tested 4x). Looks like a textbook bounce setup.
+If global npm install fails with `EACCES` / permission errors on Linux or macOS, use the user-local npm path instead:
 
-        Entry:  $3,400 (limit, near support)
-        Stop:   $3,290 (3.2% below entry)
-        TP1:    $3,580 (50% position, +5.3%)
-        TP2:    $3,720 (50% position, +9.4%)
-
-        Risk/Reward: 1:2.8 — Want me to create this plan?
+```bash
+npx @general-liquidity/gordon-cli@latest install
 ```
 
-No dashboards. No charts. No complexity. Just vibes. 📈
+That installs Gordon into a user-writable bin directory without `sudo`.
 
----
-
-## Installation
-
-**npm** (recommended)
-```bash
-npm install -g @general-liquidity/gordon-cli
-```
-Downloads the matching prebuilt binary for your platform during install.
+`bun`:
 
-**bun**
 ```bash
 bun add -g @general-liquidity/gordon-cli
 ```
 
-**curl** (standalone binary)
-```bash
-curl -fsSL https://raw.githubusercontent.com/general-liquidity/gordon-cli/main/scripts/install.sh | sh
-```
+`Homebrew`:
 
-**from source**
 ```bash
-git clone https://github.com/general-liquidity/gordon-cli.git
-cd gordon && bun install && bun run build
+brew tap general-liquidity/gordon-cli-dist https://github.com/general-liquidity/gordon-cli-dist
+brew install general-liquidity/gordon-cli-dist/gordon
 ```
 
-Then run:
-```bash
-gordon
-```
+`Scoop`:
 
----
-
-## Quick Start
-
-### 1. First Run
-
-Gordon walks you through setup on first launch—API keys, preferences, safety modes.
+```powershell
+scoop bucket add gordon https://github.com/general-liquidity/gordon-cli-dist
+scoop install gordon/gordon
+```
 
-### 2. Set Environment Variables
+Standalone install script:
 
 ```bash
-# LLM Provider (pick one)
-export OPENAI_API_KEY="sk-..."
-export DEDALUS_API_KEY="dd-..."
-
-# Exchange (Binance for now)
-export BINANCE_API_KEY="..."
-export BINANCE_API_SECRET="..."
+curl -fsSL https://raw.githubusercontent.com/general-liquidity/gordon-cli-dist/main/install.sh | sh
 ```
 
-### 3. Start Talking
+Windows PowerShell:
 
-```bash
-gordon
+```powershell
+irm https://raw.githubusercontent.com/general-liquidity/gordon-cli-dist/main/install.ps1 | iex
 ```
 
-That's it. No config files needed. Just talk.
+The npm package is a thin wrapper. It downloads the matching prebuilt binary for your platform during install.
 
----
+## npm Permission Fallback
 
-## How It Works
+Global `npm install -g` can fail on Unix machines when the npm global prefix is root-owned. Gordon now supports a universal npm fallback:
 
-```
-┌─────────────────────────────────────────────────────────────────┐
-│                           YOU                                   │
-│                    "buy BTC near support"                       │
-└─────────────────────────────────────────────────────────────────┘
-                              │
-                              ▼
-┌─────────────────────────────────────────────────────────────────┐
-│                    🛡️ MIDDLEWARE LAYER                          
-│         Input Guardrails │ Access Control │ Rate Limiting       │
-└─────────────────────────────────────────────────────────────────┘
-                              │
-                              ▼
-┌─────────────────────────────────────────────────────────────────┐
-│                 📈 GORDON (Mastra Agent Network)                
-│                                                                 │
-│  ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐            │
-│  │ Scanner  │ │ Analyst  │ │ Planner  │ │ Executor │            │
-│  │ ──────── │ │ ──────── │ │ ──────── │ │ ──────── │            │
-│  │ Find     │ │ Deep     │ │ Create   │ │ Execute  │            │
-│  │ setups   │ │ analysis │ │ plans    │ │ orders   │            │
-│  └──────────┘ └──────────┘ └──────────┘ └──────────┘            │
-│                                                                 │
-│  ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐            │
-│  │ Monitor  │ │ Teacher  │ │Backtester│ │  Gordon  │            │
-│  │ ──────── │ │ ──────── │ │ ──────── │ │ ──────── │            │
-│  │ Track    │ │ Explain  │ │ Test     │ │ Route &  │            │
-│  │ positions│ │ concepts │ │ strategy │ │ orchestrate│          │
-│  └──────────┘ └──────────┘ └──────────┘ └──────────┘            │
-│                                                                 │
-│        Handoff Validation │ Fallback Chains │ Error Recovery    │
-└─────────────────────────────────────────────────────────────────┘
-                              │
-                              ▼
-┌─────────────────────────────────────────────────────────────────┐
-│                       🔧 TOOLS LAYER (29 modules)               
-│                                                                 │
-│  Trading: create_plan, execute_plan, close_trade, grid_plan     │
-│  Analysis: indicators, orderbook, market_analysis, charts       │ 
-│  Discovery: scan_market, trending, new_listings, top_movers     │
-│  Risk: kelly_size, volatility_size, exit_conditions, drawdown   │
-│  Portfolio: positions, wallet, earn, history, account           │
-│  Backtest: run_backtest, optimize, monte_carlo, walk_forward    │
-│  System: arm/disarm, scheduler, explain, shared_context         │
-└─────────────────────────────────────────────────────────────────┘
-                              │
-                              ▼
-┌─────────────────────────────────────────────────────────────────┐
-│                    💾 INFRASTRUCTURE LAYER                     
-│                                                                 │
-│  ┌───────────┐  ┌───────────┐  ┌───────────┐  ┌───────────┐     │
-│  │  Binance  │  │    LLM    │  │  SQLite   │  │  LibSQL   │     │
-│  │  REST+WS  │  │ Providers │  │  Storage  │  │  Vector   │     │
-│  └───────────┘  └───────────┘  └───────────┘  └───────────┘     │
-│       │               │              │              │           │
-│   Orders &        OpenAI         Plans &       Semantic         │
-│   Market Data    Anthropic       Trades        Memory           │
-│   Real-time       Google         Events        RAG              │
-│   WebSocket       Dedalus        Audit         Recall           │
-└─────────────────────────────────────────────────────────────────┘
-                              │
-                              ▼
-┌─────────────────────────────────────────────────────────────────┐
-│                      TRADE PLAN                                 │
-│  ┌────────────────────────────────────────────────────────────┐ │
-│  │ + BUY  0.15 ETH @ $3,400  (limit)                          │ │
-│  │ + STOP 0.15 ETH @ $3,290  (stop-limit)                     │ │
-│  │ + SELL 0.075 ETH @ $3,580 (TP1)                            │ │
-│  │ + SELL 0.075 ETH @ $3,720 (TP2)                            │ │
-│  └────────────────────────────────────────────────────────────┘ │
-│                                                                 │
-│              [ APPROVE ]  [ MODIFY ]  [ REJECT ]                │
-└─────────────────────────────────────────────────────────────────┘
-                              │
-                              ▼ (only if you approve + ARM)
-┌─────────────────────────────────────────────────────────────────┐
-│                       EXECUTION                                 │
-│         Orders placed on Binance. Gordon monitors.              │
-│         Auto-disarms after 24h. You stay in control.            │
-└─────────────────────────────────────────────────────────────────┘
+```bash
+npx @general-liquidity/gordon-cli@latest install
 ```
 
----
+If the chosen install directory is not already on `PATH`, Gordon prints the exact command to add it.
 
-## Safety
+## Upgrades
 
-Gordon is paranoid about your money. Here's how:
+Once installed, Gordon can upgrade itself with:
 
-| Protection | Description |
-|------------|-------------|
-| 🔒 **SAFE Mode Default** | Gordon starts in SAFE mode. Can analyze, cannot trade. |
-| ⏰ **24h Auto-Disarm** | ARMED mode expires automatically. No forgotten bots. |
-| ✋ **Human Approval** | Every order requires explicit "yes". No exceptions. |
-| 📊 **Risk Disclosure** | See exact $ at risk before every trade. |
-| 🛡️ **Position Limits** | Configurable max allocation per trade (default 10%). |
-| 💰 **Cash Reserve** | Always keeps 20% cash. Never goes all-in. |
-
-```
-SAFE MODE (default)           ARMED MODE (you enable)
-─────────────────────         ─────────────────────────
-✓ Scan markets                ✓ Everything in SAFE, plus:
-✓ Analyze coins               ✓ Execute approved plans
-✓ Create plans                ✓ Place real orders
-✓ Explain concepts            ✓ Monitor positions
-✗ Execute trades              ⏰ Auto-expires in 24h
+```bash
+gordon --upgrade
 ```
 
----
+That now resolves through the active install channel for npm, the user-local `npx` installer, Homebrew, Scoop, and the standalone install scripts.
 
-## Everything We Built
-
-~200 TypeScript files implementing a production-grade trading platform.
-
-### Core Platform
-
-- **8-Agent Network** — Mastra-based orchestration: Scanner, Analyst, Planner, Executor, Monitor, Teacher, Backtester, Gordon (coordinator)
-- **Agent Handoffs** — Validated transitions between agents with fallback chains and error recovery
-- **Cross-Agent Memory** — Shared context allowing agents to pass analysis, plans, and backtest results
-- **Semantic Memory** — LibSQL Vector for RAG-based recall of past trades and analyses
-- **LLM Client** — Multi-provider support (OpenAI, Anthropic Claude, Google Gemini, Dedalus Labs)
-
-### Security & Middleware
-
-- **Input Guardrails** — Prompt injection detection, dangerous command blocking
-- **Output Sanitization** — Sensitive data filtering in responses
-- **Access Control** — ARMED mode enforcement for trading tools
-- **Rate Limiting** — Per-agent, per-tool rate limits to prevent abuse
-- **Audit Logging** — Comprehensive trail of all sensitive operations
-
-### Observability
-
-- **OpenTelemetry Tracing** — Distributed tracing for agent calls and tool execution
-- **Metrics Collection** — Tool invocation counts, success/failure rates, latency tracking
-- **Request Monitoring** — Per-request performance metrics and error classification
-
-### Trading Engine
-
-- **Scanner** — Market-wide opportunity detection across top 50 cryptos
-- **Analyzer** — Deep technical analysis per coin with multiple timeframes
-- **Planner** — AI-powered trade plan generation with entry/SL/TP levels
-- **Validator** — Risk checks, position limits, allocation validation
-- **Executor** — Order placement with OCO orders and rollback on failure
-- **Monitor** — Real-time position tracking via WebSocket, fill detection, alerts
-- **Trailing Stops** — Automatic trailing stop-loss management
-- **Order Recovery** — Automatic recovery mechanism for failed/interrupted orders
-- **Grid Calculator** — DCA and grid entry calculations
-
-### Trading Strategies
-
-- **Tier 1 (Beginner):** Support Bounce, Bollinger Bounce, SMA Crossover, Volume Surge, VWAP Bounce
-- **Tier 2 (Intermediate):** Consolidation Pop, ADX Trend, EMA-RSI Crossover, Relative Strength, Engulfing Pattern
-- **Strategy Ensemble** — Combine multiple strategies with configurable weights
-
-### Backtesting Engine
-
-- **Historical Simulation** — Full backtesting against historical data
-- **Monte Carlo Analysis** — Statistical confidence intervals
-- **Walk-Forward Validation** — Out-of-sample testing
-- **Grid Search Optimization** — Hyperparameter tuning
-- **Alpha Decay Analysis** — Strategy degradation detection
-- **Performance Metrics** — Sharpe ratio, max drawdown, profit factor, win rate
-
-### Technical Analysis
-
-- **RSI** — Relative Strength Index (oversold/overbought)
-- **MACD** — Momentum and trend direction
-- **Bollinger Bands** — Volatility and mean reversion
-- **ATR** — Average True Range for stop placement
-- **VWAP** — Volume Weighted Average Price
-- **Stochastic RSI** — Momentum oscillator
-- **EMA/SMA** — Trend following indicators
-- **Volume Analysis** — Confirmation signals and whale detection
-- **Support/Resistance** — Automatic level detection
-
-### Infrastructure
-
-- **Binance Client** — Full REST API with HMAC signing, rate limiting, circuit breaker
-- **Binance WebSocket** — Real-time price feeds and order updates
-- **SQLite Storage** — Plans, trades, events, audit logs with WAL mode
-- **LibSQL Vector** — Semantic memory and RAG for conversation recall
-- **Service Container** — Dependency injection for clean architecture
-- **Repository Pattern** — Data access layer for trades and plans
-- **Event Bus** — Event-driven architecture for system coordination
-- **Caching Layer** — Price and result caching with TTL
-- **Resilience** — Retry logic, exponential backoff, circuit breakers, fallback chains
-
-### User Experience
-
-- **Ink CLI** — React-based terminal UI with theme support
-- **Real-time Chat** — Streaming responses with agent attribution
-- **Onboarding Flow** — First-run setup wizard
-- **Model Selector** — Choose your preferred LLM
-- **Keyboard Shortcuts** — Power user navigation
-- **Command Autocomplete** — Slash command suggestions
-- **Status Bar** — Mode, portfolio value, BTC price, connection status
-
----
-
-## Configuration
-
-Gordon stores config at `~/.gordon/config.json`:
-
-```json
-{
-  "version": "1.0.0",
-  "mode": "SAFE",
-  "preferences": {
-    "cashReservePercent": 0.2,
-    "maxAllocationPerTrade": 0.1,
-    "defaultTimeframes": ["1h", "4h"],
-    "topNCoins": 50
-  }
-}
-```
+## Supported binaries
 
-### Environment Variables
+- macOS arm64
+- macOS x64
+- Linux arm64
+- Linux x64
+- Windows x64
 
-| Variable | Required | Description |
-|----------|----------|-------------|
-| `OPENAI_API_KEY` | One LLM | OpenAI API key |
-| `ANTHROPIC_API_KEY` | provider | Anthropic Claude API key |
-| `GOOGLE_GENERATIVE_AI_API_KEY` | required | Google Gemini API key |
-| `DEDALUS_API_KEY` | | Dedalus Labs API key (20+ models) |
-| `BINANCE_API_KEY` | For trading | Binance API key |
-| `BINANCE_API_SECRET` | For trading | Binance secret |
+Release binaries and package manager manifests are published at:
 
----
+- `https://github.com/general-liquidity/gordon-cli-dist/releases`
 
-## Development
+## Setup
+
+Set one LLM provider key before first launch:
 
 ```bash
-bun install          # Install dependencies
-bun run dev          # Development mode (hot reload)
-bun test             # Run tests
-bun run typecheck    # Type check
-bun run build        # Build for npm
-bun run build:binary # Build standalone executable
+export OPENAI_API_KEY="sk-..."
 ```
 
-### Project Structure
+or
 
+```bash
+export DEDALUS_API_KEY="dd-..."
 ```
-gordon/
-├── src/
-│   ├── app/           # Terminal UI (React + Ink)
-│   │   ├── App.tsx
-│   │   ├── ChatView.tsx
-│   │   ├── ChatInput.tsx
-│   │   ├── components/    # Reusable UI components
-│   │   └── ...
-│   ├── core/          # Trading logic
-│   │   ├── scanner.ts
-│   │   ├── analyzer.ts
-│   │   ├── planner.ts
-│   │   ├── executor.ts
-│   │   ├── monitor.ts
-│   │   ├── trailing-stop.ts
-│   │   ├── indicators/    # Technical indicators
-│   │   └── risk-management/
-│   ├── backtest/      # Backtesting engine
-│   │   ├── engine.ts
-│   │   ├── monte-carlo.ts
-│   │   ├── walk-forward.ts
-│   │   └── optimization/
-│   ├── strategies/    # Trading strategies
-│   │   ├── tier-1/        # Beginner strategies
-│   │   ├── tier-2/        # Intermediate strategies
-│   │   └── ensemble.ts
-│   ├── services/      # Business services
-│   │   ├── trading.service.ts
-│   │   ├── portfolio.service.ts
-│   │   └── container.ts   # Dependency injection
-│   ├── repositories/  # Data access layer
-│   ├── infra/         # Infrastructure
-│   │   ├── agents/        # Mastra multi-agent system
-│   │   │   ├── tools/         # 29 tool modules
-│   │   │   └── middleware/    # Guardrails, access control
-│   │   ├── binance/       # Exchange client + WebSocket
-│   │   ├── llm/           # LLM providers
-│   │   ├── storage/       # SQLite + config
-│   │   ├── observability/ # OpenTelemetry tracing + metrics
-│   │   ├── audit/         # Audit logging
-│   │   └── cache/         # Caching layer
-│   ├── events/        # Event-driven architecture
-│   └── types/         # TypeScript definitions
-├── prompts/           # LLM prompt templates
-├── scripts/           # Install scripts
-└── .github/           # CI/CD workflows
-```
-
----
-
-## Roadmap
 
-- [x] Support Bounce strategy
-- [x] Binance spot trading
-- [x] Multi-provider LLM (OpenAI, Anthropic, Google, Dedalus)
-- [x] Plan-as-diff approval UI
-- [x] SAFE/ARMED modes with 24h auto-expiry
-- [x] Trailing stops
-- [x] 10+ trading strategies (tier 1 & tier 2)
-- [x] Backtesting engine with Monte Carlo & walk-forward
-- [x] Real-time WebSocket monitoring
-- [x] Order recovery mechanism
-- [x] Audit logging & security guardrails
-- [ ] More exchanges (Coinbase, Kraken)
-- [ ] Portfolio rebalancing
-- [ ] Mobile notifications
-- [ ] Paper trading mode
-
----
-
-## Contributing
-
-We welcome contributions! See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
+or
 
 ```bash
-# Fork, clone, then:
-bun install
-bun test
-# Make changes, add tests, submit PR
+export INCEPTION_API_KEY="..."
 ```
 
----
-
-## License
-
-MIT © [General Liquidity, Inc.](https://generalliquidity.com)
+Then run:
 
----
+```bash
+gordon
+```
 
-<p align="center">
-  <sub>
-    <em>"The most valuable commodity I know of is information."</em>
-    <br>
-    — Gordon Gekko (the other one)
-  </sub>
-</p>
+## Docs
 
-<p align="center">
-  <a href="https://github.com/general-liquidity/gordon-cli">GitHub</a> •
-  <a href="https://www.npmjs.com/package/@general-liquidity/gordon-cli">npm</a> •
-  <a href="https://discord.gg/general-liquidity">Discord</a> •
-  <a href="https://docs.gordon.trade">Docs</a>
-</p>
+- Website: `https://gordoncli.com`
+- Docs: `https://docs.gordon.trade`
+- Public distribution repo: `https://github.com/general-liquidity/gordon-cli-dist`

package/bin/gordon.cjs

@@ -4,8 +4,21 @@ const fs = require("fs");
 const path = require("path");
 const { spawn } = require("child_process");
 const { getInstalledBinaryPath } = require("../lib/platform.cjs");
+const { runSelfInstall } = require("../lib/self-install.cjs");
 
 const packageRoot = path.resolve(__dirname, "..");
+const args = process.argv.slice(2);
+
+if (args[0] === "install") {
+  runSelfInstall(args.slice(1), { packageRoot }).then(
+    (code) => process.exit(code || 0),
+    (error) => {
+      console.error(`[gordon] ${error.message}`);
+      process.exit(1);
+    }
+  );
+  return;
+}
 
 let binaryPath;
 try {
@@ -17,12 +30,12 @@ try {
 
 if (!fs.existsSync(binaryPath)) {
   console.error(
-    "[gordon] The Gordon binary is missing. Reinstall with `npm install -g @general-liquidity/gordon-cli`."
+    "[gordon] The Gordon binary is missing. Reinstall with `npm install -g @general-liquidity/gordon-cli` or run `npx @general-liquidity/gordon-cli@latest install` for a user-local install."
   );
   process.exit(1);
 }
 
-const child = spawn(binaryPath, process.argv.slice(2), { stdio: "inherit" });
+const child = spawn(binaryPath, args, { stdio: "inherit" });
 
 child.on("error", (error) => {
   console.error(`[gordon] Failed to launch ${path.basename(binaryPath)}: ${error.message}`);

package/lib/platform.cjs

@@ -38,9 +38,9 @@ function getInstalledBinaryPath(packageRoot = path.resolve(__dirname, ".."), pla
 function getDownloadUrl(version, platform = process.platform, arch = process.arch) {
   const { assetName } = getTarget(platform, arch);
   const cleanVersion = String(version).replace(/^v/, "");
+  const distRepo = process.env.GORDON_BINARY_DIST_REPO || "general-liquidity/gordon-cli-dist";
   const baseUrl =
-    process.env.GORDON_BINARY_BASE_URL ||
-    `https://github.com/general-liquidity/gordon-cli/releases/download/v${cleanVersion}`;
+    process.env.GORDON_BINARY_BASE_URL || `https://github.com/${distRepo}/releases/download/v${cleanVersion}`;
   return `${baseUrl.replace(/\/$/, "")}/${assetName}`;
 }
 

package/lib/self-install.cjs

@@ -0,0 +1,343 @@
+const fs = require("fs");
+const os = require("os");
+const path = require("path");
+const https = require("https");
+const { pipeline } = require("stream/promises");
+const { getDownloadUrl, getInstalledBinaryPath, getTarget } = require("./platform.cjs");
+const pkg = require("../package.json");
+const INSTALL_METADATA_FILENAME = "gordon-install.json";
+
+function log(message) {
+  console.log(`[gordon] ${message}`);
+}
+
+function parseArgs(args) {
+  const options = {
+    help: false,
+    targetDir: null
+  };
+
+  for (let index = 0; index < args.length; index += 1) {
+    const arg = args[index];
+    if (arg === "--help" || arg === "-h") {
+      options.help = true;
+      continue;
+    }
+
+    if ((arg === "--target-dir" || arg === "--dir") && args[index + 1]) {
+      options.targetDir = path.resolve(args[index + 1]);
+      index += 1;
+      continue;
+    }
+
+    throw new Error(`Unknown install option: ${arg}`);
+  }
+
+  return options;
+}
+
+function printHelp() {
+  console.log(`gordon install
+
+Install Gordon into a user-writable bin directory without requiring \`npm install -g\`.
+
+Usage:
+  npx @general-liquidity/gordon-cli@latest install
+  gordon install --target-dir <directory>
+
+Options:
+  --target-dir <dir>   Override the install directory
+  -h, --help           Show this help
+`);
+}
+
+function normalizeForCompare(value) {
+  const resolved = path.resolve(value);
+  return process.platform === "win32" ? resolved.toLowerCase() : resolved;
+}
+
+function splitPathEntries(envPath = process.env.PATH || "") {
+  return envPath.split(path.delimiter).filter(Boolean);
+}
+
+function pathContainsDirectory(directory, env = process.env) {
+  const target = normalizeForCompare(directory);
+  return splitPathEntries(env.PATH).some((entry) => {
+    try {
+      return normalizeForCompare(entry) === target;
+    } catch {
+      return false;
+    }
+  });
+}
+
+function uniqueDirectories(values) {
+  const seen = new Set();
+  const result = [];
+  for (const value of values) {
+    if (!value) {
+      continue;
+    }
+
+    const normalized = normalizeForCompare(value);
+    if (seen.has(normalized)) {
+      continue;
+    }
+
+    seen.add(normalized);
+    result.push(path.resolve(value));
+  }
+  return result;
+}
+
+async function isWritableDirectory(directory, { create } = { create: false }) {
+  try {
+    if (create) {
+      await fs.promises.mkdir(directory, { recursive: true });
+    } else {
+      const stats = await fs.promises.stat(directory);
+      if (!stats.isDirectory()) {
+        return false;
+      }
+    }
+
+    const probePath = path.join(directory, `.gordon-write-test-${process.pid}-${Date.now()}`);
+    await fs.promises.writeFile(probePath, "");
+    await fs.promises.rm(probePath, { force: true });
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+async function resolveInstallDirectory(explicitTargetDir = null, env = process.env) {
+  if (explicitTargetDir) {
+    return {
+      directory: explicitTargetDir,
+      inPath: pathContainsDirectory(explicitTargetDir, env)
+    };
+  }
+
+  const homeDirectory = os.homedir();
+  const pathEntries = splitPathEntries(env.PATH);
+  const standardCandidates = [];
+  const pathCandidates = [];
+
+  if (process.platform === "win32") {
+    if (env.APPDATA) {
+      standardCandidates.push(path.join(env.APPDATA, "npm"));
+    }
+    if (env.LOCALAPPDATA) {
+      standardCandidates.push(path.join(env.LOCALAPPDATA, "Microsoft", "WinGet", "Links"));
+      standardCandidates.push(path.join(env.LOCALAPPDATA, "gordon"));
+    }
+
+    for (const entry of pathEntries) {
+      const resolvedEntry = path.resolve(entry);
+      const normalizedEntry = normalizeForCompare(resolvedEntry);
+      const userRoots = uniqueDirectories([
+        env.USERPROFILE,
+        env.LOCALAPPDATA,
+        env.APPDATA,
+        homeDirectory
+      ]);
+      const withinUserRoot = userRoots.some((root) => {
+        const normalizedRoot = normalizeForCompare(root);
+        return normalizedEntry === normalizedRoot || normalizedEntry.startsWith(`${normalizedRoot}${path.sep}`);
+      });
+      if (
+        withinUserRoot
+        && !normalizedEntry.includes(`${path.sep}node_modules${path.sep}`)
+      ) {
+        pathCandidates.push(resolvedEntry);
+      }
+    }
+  } else {
+    standardCandidates.push(path.join(homeDirectory, ".local", "bin"));
+    standardCandidates.push(path.join(homeDirectory, "bin"));
+
+    for (const entry of pathEntries) {
+      const resolvedEntry = path.resolve(entry);
+      const normalizedEntry = normalizeForCompare(resolvedEntry);
+      const normalizedHome = `${normalizeForCompare(homeDirectory)}${path.sep}`;
+      if (
+        normalizedEntry.startsWith(normalizedHome)
+        && !normalizedEntry.includes(`${path.sep}node_modules${path.sep}`)
+      ) {
+        pathCandidates.push(resolvedEntry);
+      }
+    }
+  }
+
+  const orderedCandidates = uniqueDirectories([
+    ...standardCandidates.filter((candidate) => pathContainsDirectory(candidate, env)),
+    ...pathCandidates,
+    ...standardCandidates
+  ]);
+
+  for (const candidate of orderedCandidates) {
+    const create = standardCandidates.some((standardCandidate) => normalizeForCompare(standardCandidate) === normalizeForCompare(candidate));
+    if (await isWritableDirectory(candidate, { create })) {
+      return {
+        directory: candidate,
+        inPath: pathContainsDirectory(candidate, env)
+      };
+    }
+  }
+
+  throw new Error("Could not find a writable user install directory.");
+}
+
+async function downloadBinary(url, destinationPath, redirectCount = 0) {
+  if (redirectCount > 5) {
+    throw new Error(`Too many redirects while downloading ${url}`);
+  }
+
+  await new Promise((resolve, reject) => {
+    const request = https.get(
+      url,
+      { headers: { "User-Agent": "gordon-npm-installer" } },
+      async (response) => {
+        if (
+          response.statusCode &&
+          response.statusCode >= 300 &&
+          response.statusCode < 400 &&
+          response.headers.location
+        ) {
+          response.resume();
+          try {
+            await downloadBinary(response.headers.location, destinationPath, redirectCount + 1);
+            resolve();
+          } catch (error) {
+            reject(error);
+          }
+          return;
+        }
+
+        if (response.statusCode !== 200) {
+          response.resume();
+          reject(new Error(`Download failed with status ${response.statusCode} for ${url}`));
+          return;
+        }
+
+        const fileStream = fs.createWriteStream(destinationPath);
+        pipeline(response, fileStream).then(resolve, reject);
+      }
+    );
+
+    request.on("error", reject);
+  });
+}
+
+async function finalizeBinary(tempPath, targetPath) {
+  if (process.platform !== "win32") {
+    await fs.promises.chmod(tempPath, 0o755);
+  }
+
+  await fs.promises.rm(targetPath, { force: true });
+  await fs.promises.rename(tempPath, targetPath);
+}
+
+async function writeInstallMetadata(targetDirectory, version, channel) {
+  const metadataPath = path.join(targetDirectory, INSTALL_METADATA_FILENAME);
+  const payload = {
+    channel,
+    installDir: targetDirectory,
+    version,
+    installedAt: new Date().toISOString()
+  };
+  await fs.promises.writeFile(metadataPath, `${JSON.stringify(payload, null, 2)}\n`, "utf8");
+}
+
+function getUnixPathHint(directory, env = process.env) {
+  const shell = env.SHELL || "";
+  if (shell.includes("fish")) {
+    return {
+      profile: "~/.config/fish/config.fish",
+      command: `fish_add_path ${directory.replace(os.homedir(), "$HOME")}`
+    };
+  }
+
+  if (shell.includes("zsh")) {
+    return {
+      profile: "~/.zshrc",
+      command: `echo 'export PATH=\"${directory.replace(os.homedir(), "$HOME")}:$PATH\"' >> ~/.zshrc`
+    };
+  }
+
+  return {
+    profile: "~/.bashrc",
+    command: `echo 'export PATH=\"${directory.replace(os.homedir(), "$HOME")}:$PATH\"' >> ~/.bashrc`
+  };
+}
+
+function printPathGuidance(directory) {
+  if (process.platform === "win32") {
+    log(`Add ${directory} to your user PATH, then open a new terminal.`);
+    return;
+  }
+
+  const hint = getUnixPathHint(directory);
+  log(`Add ${directory} to PATH if your shell cannot find \`gordon\` yet.`);
+  console.log(`      ${hint.command}`);
+  console.log(`      # then restart your shell or source ${hint.profile}`);
+}
+
+async function installBinary({ targetDirectory, sourceBinaryPath, version }) {
+  const { binaryName, assetName } = getTarget();
+  await fs.promises.mkdir(targetDirectory, { recursive: true });
+
+  const installPath = path.join(targetDirectory, binaryName);
+  const tempPath = `${installPath}.tmp`;
+  await fs.promises.rm(tempPath, { force: true });
+
+  if (sourceBinaryPath && fs.existsSync(sourceBinaryPath)) {
+    log(`Copying ${path.basename(sourceBinaryPath)} to ${installPath}`);
+    await fs.promises.copyFile(sourceBinaryPath, tempPath);
+  } else {
+    const downloadUrl = getDownloadUrl(version);
+    log(`Downloading ${assetName} from ${downloadUrl}`);
+    await downloadBinary(downloadUrl, tempPath);
+  }
+
+  await finalizeBinary(tempPath, installPath);
+  return installPath;
+}
+
+async function runSelfInstall(args, options = {}) {
+  const parsed = parseArgs(args);
+  if (parsed.help) {
+    printHelp();
+    return 0;
+  }
+
+  const packageRoot = options.packageRoot || path.resolve(__dirname, "..");
+  const version = String(options.version || pkg.version).replace(/^v/, "");
+  const bundledBinaryPath = options.sourceBinaryPath || getInstalledBinaryPath(packageRoot);
+  const sourceBinaryPath = fs.existsSync(bundledBinaryPath) ? bundledBinaryPath : null;
+  const { directory, inPath } = await resolveInstallDirectory(parsed.targetDir);
+  const installPath = await installBinary({
+    targetDirectory: directory,
+    sourceBinaryPath,
+    version
+  });
+  await writeInstallMetadata(directory, version, options.channel || "npx");
+
+  console.log("");
+  log(`Installed Gordon v${version} to ${installPath}`);
+  if (!inPath) {
+    printPathGuidance(directory);
+  }
+  console.log("");
+  console.log("Next steps:");
+  console.log("  gordon --help");
+  console.log("  gordon");
+
+  return 0;
+}
+
+module.exports = {
+  parseArgs,
+  resolveInstallDirectory,
+  runSelfInstall
+};

package/package.json

@@ -1,15 +1,15 @@
 {
   "name": "@general-liquidity/gordon-cli",
-  "version": "0.8.19",
+  "version": "0.8.22",
   "description": "The Frontier Trading Agent",
   "author": "General Liquidity, Inc.",
   "license": "MIT",
   "repository": {
     "type": "git",
-    "url": "https://github.com/general-liquidity/gordon-cli.git"
+    "url": "https://github.com/general-liquidity/gordon-cli-dist.git"
   },
-  "homepage": "https://github.com/general-liquidity/gordon-cli#readme",
-  "bugs": "https://github.com/general-liquidity/gordon-cli/issues",
+  "homepage": "https://gordoncli.com",
+  "bugs": "https://github.com/general-liquidity/gordon-cli-dist/issues",
   "keywords": [
     "trading",
     "crypto",