@lanonasis/cli 3.9.2 → 3.9.4

package/CHANGELOG.md

@@ -1,5 +1,34 @@
 # Changelog - @lanonasis/cli
 
+## [3.9.3] - 2026-02-02
+
+### ✨ Features
+
+- **Non-Interactive Vendor Key Auth**: Added `-k, --vendor-key <key>` option to `auth login` command
+  - Enables non-interactive authentication in CI/CD pipelines and automation scripts
+  - Example: `onasis auth login --vendor-key <your-key>`
+
+### 🐛 Bug Fixes
+
+- **JWT Authentication Routing**: Fixed API routing for JWT/OAuth authenticated sessions
+  - JWT tokens from username/password or OAuth login now correctly route to MCP server
+  - Memory operations (list, create, search, update, delete) work with JWT authentication
+  - Path translation handles endpoint differences between API and MCP servers
+  - Vendor key authentication continues to route to main API server
+
+- **Frozen Terminal During Text Input**: Fixed SSE/WebSocket event handlers interfering with inline text editor
+  - Real-time update messages (📡) now only display in verbose mode
+  - Prevents terminal freeze during interactive prompts (memory create, update)
+  - Raw terminal mode no longer conflicts with background MCP events
+
+- **Missing CLI Option**: The `--vendor-key` option was defined in code but not exposed in CLI
+  - Now properly registered in command-line interface
+
+### ⚠️ Known Limitations
+
+- `memory stats` command not available with JWT authentication (MCP server limitation)
+- For full API access including stats, use vendor key authentication
+
 ## [3.9.2] - 2026-02-02
 
 ### 🐛 Bug Fixes

package/README.md

@@ -1,11 +1,11 @@
-# @lanonasis/cli v3.9.0 - Enterprise Security & Professional UX
+# @lanonasis/cli v3.9.3 - Enterprise Security & Professional UX
 
 [![NPM Version](https://img.shields.io/npm/v/@lanonasis/cli)](https://www.npmjs.com/package/@lanonasis/cli)
 [![Downloads](https://img.shields.io/npm/dt/@lanonasis/cli)](https://www.npmjs.com/package/@lanonasis/cli)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
 [![Golden Contract](https://img.shields.io/badge/Onasis--Core-v0.1%20Compliant-gold)](https://api.lanonasis.com/.well-known/onasis.json)
 
-🎉 **NEW IN v3.9**: Professional CLI UX with seamless inline text editing, intelligent MCP connection management, and first-run onboarding. Advanced Model Context Protocol (MCP) support with multi-server connections, enhanced error handling, and enterprise-grade transport protocols. Revolutionary interactive CLI experience with guided workflows and **Golden Contract compliance**.
+🎉 **NEW IN v3.9.3**: Fixed JWT authentication routing for username/password login, resolved frozen terminal during interactive input, and added non-interactive vendor key authentication (`-k` flag). Professional CLI UX with seamless inline text editing, intelligent MCP connection management, and first-run onboarding.
 
 ## 🚀 Quick Start
 
@@ -151,7 +151,11 @@ onasis login --vendor-key pk_xxxxx.sk_xxxxx  // ✅ Automatically hashed
 Best for API integrations and automation. Copy the vendor key value exactly as shown in your LanOnasis dashboard (keys may vary in format):
 
 ```bash
-onasis login --vendor-key <your-vendor-key>
+# Full option
+onasis auth login --vendor-key <your-vendor-key>
+
+# Short form (for scripts and CI/CD)
+onasis auth login -k <your-vendor-key>
 ```
 
 ### 2. OAuth Browser Authentication
@@ -179,6 +183,13 @@ onasis auth status    # Check current authentication
 onasis auth logout    # Logout from current session
 ```
 
+**Auth Login Options:**
+| Short | Long | Description |
+|-------|------|-------------|
+| `-k` | `--vendor-key <key>` | Authenticate with vendor key (non-interactive) |
+| `-e` | `--email <email>` | Email for credentials login |
+| `-p` | `--password <pass>` | Password for credentials login |
+
 ## 💻 Shell Completions
 
 ### Installation Guide
@@ -224,24 +235,38 @@ onasis quickstart      # Essential commands reference
 
 ```bash
 # List memories
-onasis memory list
-onasis memory list --memory-type context --limit 20 --sort-by created_at
+onasis memory list                        # or: onasis memory ls
+onasis memory list --type context --limit 20
+
+# Create memories (non-interactive)
+onasis memory create -t "Project Notes" -c "Important information"
+onasis memory create -t "Reference" --type reference --tags "docs,api"
 
-# Create memories
-onasis memory create --title "Project Notes" --content "Important information"
-onasis memory create --title "Reference" --memory-type reference --tags "docs,api"
+# Create memories (interactive)
+onasis memory create -i                   # Interactive mode with inline editor
+onasis memory create                      # Prompts for missing fields
 
 # Search memories
 onasis memory search "api integration"
-onasis memory search "meeting notes" --memory-types context,reference
+onasis memory search "meeting notes" --type context
 
 # Memory operations
 onasis memory get <id>                    # Get specific memory
-onasis memory update <id> --title "New Title"
+onasis memory update <id> -t "New Title"  # Update title
+onasis memory update <id> -i              # Interactive update
 onasis memory delete <id>                 # Delete memory
 onasis memory stats                       # Memory statistics
 ```
 
+**Create/Update Options:**
+| Short | Long | Description |
+|-------|------|-------------|
+| `-t` | `--title` | Memory title |
+| `-c` | `--content` | Memory content |
+| `-i` | `--interactive` | Interactive mode |
+| | `--type` | Memory type (context, project, knowledge, etc.) |
+| | `--tags` | Comma-separated tags |
+
 ### Topic Management
 
 ```bash

package/dist/index.js

@@ -221,6 +221,7 @@ authCmd
     .description('Login to your MaaS account')
     .option('-e, --email <email>', 'email address')
     .option('-p, --password <password>', 'password')
+    .option('-k, --vendor-key <key>', 'vendor key for API access')
     .action(loginCommand);
 authCmd
     .command('logout')

package/dist/utils/api.js

@@ -15,19 +15,43 @@ export class APIClient {
             await this.config.init();
             // Service Discovery
             await this.config.discoverServices();
-            // Use appropriate base URL based on endpoint
+            // Use appropriate base URL based on endpoint and auth method
             const isAuthEndpoint = config.url?.includes('/auth/') || config.url?.includes('/login') || config.url?.includes('/register') || config.url?.includes('/oauth/');
             const discoveredServices = this.config.get('discoveredServices');
-            config.baseURL = isAuthEndpoint ?
-                (discoveredServices?.auth_base || 'https://auth.lanonasis.com') :
-                this.config.getApiUrl();
+            const authMethod = this.config.get('authMethod');
+            const vendorKey = await this.config.getVendorKeyAsync();
+            // Determine the correct API base URL:
+            // - Auth endpoints -> auth.lanonasis.com
+            // - JWT auth (no vendor key) -> mcp.lanonasis.com (supports JWT tokens)
+            // - Vendor key auth -> api.lanonasis.com (requires vendor key)
+            let apiBaseUrl;
+            const useMcpServer = !vendorKey && (authMethod === 'jwt' || authMethod === 'oauth' || authMethod === 'oauth2');
+            if (isAuthEndpoint) {
+                apiBaseUrl = discoveredServices?.auth_base || 'https://auth.lanonasis.com';
+            }
+            else if (vendorKey) {
+                // Vendor key works with api.lanonasis.com
+                apiBaseUrl = this.config.getApiUrl();
+            }
+            else if (useMcpServer) {
+                // JWT/OAuth tokens work with mcp.lanonasis.com
+                apiBaseUrl = 'https://mcp.lanonasis.com/api/v1';
+            }
+            else {
+                apiBaseUrl = this.config.getApiUrl();
+            }
+            config.baseURL = apiBaseUrl;
+            // Path translation for MCP server:
+            // MCP uses /memory (singular) while main API uses /memories (plural)
+            if (useMcpServer && config.url) {
+                config.url = config.url.replace(/\/api\/v1\/memories/g, '/memory');
+            }
             // Add project scope header for auth endpoints
             if (isAuthEndpoint) {
                 config.headers['X-Project-Scope'] = 'lanonasis-maas';
             }
             // Enhanced Authentication Support
             const token = this.config.getToken();
-            const vendorKey = await this.config.getVendorKeyAsync();
             if (vendorKey) {
                 // Vendor key authentication (validated server-side)
                 // Send raw key - server handles hashing for comparison

package/dist/utils/mcp-client.js

@@ -469,7 +469,10 @@ export class MCPClient {
             this.sseConnection.onmessage = (event) => {
                 try {
                     const data = JSON.parse(event.data);
-                    console.log(chalk.blue('📡 Real-time update:'), data.type);
+                    // Only show SSE updates in verbose mode to avoid interfering with interactive prompts
+                    if (process.env.CLI_VERBOSE === 'true') {
+                        console.log(chalk.blue('📡 Real-time update:'), data.type);
+                    }
                 }
                 catch {
                     // Ignore parse errors
@@ -526,15 +529,20 @@ export class MCPClient {
                 this.wsConnection.on('message', (data) => {
                     try {
                         const message = JSON.parse(data.toString());
-                        const messageId = message.id ?? 'event';
-                        const messageType = message.method
-                            || (message.error ? 'error' : undefined)
-                            || (message.result ? 'result' : undefined)
-                            || 'response';
-                        console.log(chalk.blue('📡 MCP message:'), messageId, messageType);
+                        // Only show WebSocket messages in verbose mode to avoid interfering with interactive prompts
+                        if (process.env.CLI_VERBOSE === 'true') {
+                            const messageId = message.id ?? 'event';
+                            const messageType = message.method
+                                || (message.error ? 'error' : undefined)
+                                || (message.result ? 'result' : undefined)
+                                || 'response';
+                            console.log(chalk.blue('📡 MCP message:'), messageId, messageType);
+                        }
                     }
                     catch (error) {
-                        console.error('Failed to parse WebSocket message:', error);
+                        if (process.env.CLI_VERBOSE === 'true') {
+                            console.error('Failed to parse WebSocket message:', error);
+                        }
                     }
                 });
                 this.wsConnection.on('error', (error) => {

package/dist/ux/implementations/TextInputHandlerImpl.js

@@ -46,46 +46,113 @@ export class TextInputHandlerImpl {
             options: mergedOptions,
             status: 'active',
         };
-        return new Promise((resolve, reject) => {
+        return new Promise(async (resolve, reject) => {
             let handleKeypress = null;
+            let sigintHandler = null;
             const cleanup = () => {
                 if (handleKeypress) {
                     process.stdin.removeListener('data', handleKeypress);
+                    handleKeypress = null;
+                }
+                if (sigintHandler) {
+                    process.removeListener('SIGINT', sigintHandler);
+                    sigintHandler = null;
                 }
                 this.disableRawMode();
+                // Restore terminal state
+                process.stdout.write('\x1b[?25h'); // Show cursor
             };
+            // Set up completion handlers first
+            const complete = (result) => {
+                cleanup();
+                if (this.currentSession) {
+                    this.currentSession.status = 'completed';
+                }
+                resolve(result);
+            };
+            const cancel = () => {
+                cleanup();
+                if (this.currentSession) {
+                    this.currentSession.status = 'cancelled';
+                }
+                reject(new Error('Input cancelled by user'));
+            };
+            // Store handlers for special key processing
+            this._completeHandler = complete;
+            this._cancelHandler = cancel;
             try {
+                // Check if we can use raw mode
+                if (!process.stdin.isTTY) {
+                    // Fall back to simple readline for non-TTY environments
+                    console.log('\nNote: Interactive text input not available. Using simple input mode.');
+                    console.log('Enter your text (empty line to finish):');
+                    const readline = require('readline');
+                    const rl = readline.createInterface({
+                        input: process.stdin,
+                        output: process.stdout
+                    });
+                    const lines = [];
+                    rl.on('line', (line) => {
+                        if (line === '') {
+                            rl.close();
+                            complete(lines.join('\n'));
+                        }
+                        else {
+                            lines.push(line);
+                        }
+                    });
+                    rl.on('close', () => {
+                        complete(lines.join('\n'));
+                    });
+                    return;
+                }
+                // Add SIGINT handler as fallback for Ctrl+C
+                sigintHandler = () => {
+                    cancel();
+                };
+                process.on('SIGINT', sigintHandler);
+                // Safety: Add a way to escape via triple-ESC (sends 3 escape chars quickly)
+                let escapeCount = 0;
+                let escapeTimer = null;
+                // Try to claim stdin from any previous handlers
+                process.stdin.removeAllListeners('data');
+                process.stdin.removeAllListeners('readable');
+                process.stdin.removeAllListeners('end');
                 this.enableRawMode();
+                // Verify raw mode is working
+                if (!this.isRawModeEnabled) {
+                    console.log('\nWarning: Could not enable raw mode. Falling back to editor mode.');
+                    cleanup();
+                    const { content } = await (await import('inquirer')).default.prompt([
+                        { type: 'editor', name: 'content', message: prompt, default: mergedOptions.defaultContent }
+                    ]);
+                    resolve(content);
+                    return;
+                }
                 this.displayInputPrompt(this.getCurrentContent());
                 handleKeypress = (chunk) => {
-                    const key = this.parseKeyEvent(chunk);
-                    if (this.handleSpecialKeys(key)) {
-                        return;
-                    }
-                    // Handle regular character input
-                    if (key.sequence && this.currentSession) {
-                        this.addCharacterToInput(key.sequence);
-                        this.displayInputPrompt(this.getCurrentContent());
+                    try {
+                        const key = this.parseKeyEvent(chunk);
+                        if (this.handleSpecialKeys(key)) {
+                            return;
+                        }
+                        // Handle regular character input
+                        if (key.sequence && this.currentSession) {
+                            // Filter out control characters that shouldn't be added as text
+                            if (key.sequence.charCodeAt(0) >= 32 || key.sequence === '\t') {
+                                this.addCharacterToInput(key.sequence);
+                                this.displayInputPrompt(this.getCurrentContent());
+                            }
+                        }
                     }
-                };
-                // Set up completion handlers
-                const complete = (result) => {
-                    cleanup();
-                    if (this.currentSession) {
-                        this.currentSession.status = 'completed';
+                    catch (err) {
+                        // Don't let errors in key handling crash the input
+                        console.error('Key handling error:', err);
                     }
-                    resolve(result);
                 };
-                const cancel = () => {
-                    cleanup();
-                    if (this.currentSession) {
-                        this.currentSession.status = 'cancelled';
-                    }
-                    reject(new Error('Input cancelled by user'));
-                };
-                // Store handlers for special key processing
-                this._completeHandler = complete;
-                this._cancelHandler = cancel;
+                // Ensure stdin is flowing before adding listener
+                // This is critical after inquirer prompts which may pause stdin
+                process.stdin.resume();
                 process.stdin.on('data', handleKeypress);
             }
             catch (error) {
@@ -101,8 +168,14 @@ export class TextInputHandlerImpl {
         if (!this.isRawModeEnabled && process.stdin.isTTY) {
             this.originalStdinMode = process.stdin.isRaw;
             process.stdin.setRawMode(true);
+            process.stdin.resume(); // Ensure stdin is flowing to receive data events
             this.isRawModeEnabled = true;
         }
+        else if (!process.stdin.isTTY) {
+            // Non-TTY mode - can't use raw mode, fall back to line mode
+            console.error('Warning: Not a TTY, inline text input may not work correctly');
+            process.stdin.resume();
+        }
     }
     /**
      * Disable raw mode and return to normal terminal behavior
@@ -112,6 +185,7 @@ export class TextInputHandlerImpl {
             process.stdin.setRawMode(this.originalStdinMode || false);
             this.isRawModeEnabled = false;
         }
+        // Don't pause stdin here as other handlers may need it
     }
     /**
      * Handle special keyboard events

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lanonasis/cli",
-  "version": "3.9.2",
+  "version": "3.9.4",
   "description": "Professional CLI for LanOnasis Memory as a Service (MaaS) with MCP support, seamless inline editing, and enterprise-grade security",
   "keywords": [
     "lanonasis",