@modelstatus/cli 0.1.51 → 0.1.53

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@modelstatus/cli",
-  "version": "0.1.51",
+  "version": "0.1.53",
   "description": "Track which AI models you use, where, and never get surprised by a retirement. Free offline model-health for any repo (mm status), browser sign-in for cloud inventory + alerts.",
   "keywords": [
     "llm",

package/src/index.js

@@ -2,6 +2,7 @@
 import fs from "node:fs";
 import os from "node:os";
 import path from "node:path";
+import { spawnSync } from "node:child_process";
 import { resolveAuth, loadConfig, saveConfig, clearAuth, configFilePath } from "./config.js";
 import { createClient } from "./api.js";
 import { collectFrom, availability, ALL_SOURCE_IDS, getSource } from "./sources/index.js";
@@ -12,7 +13,7 @@ import {
 import { redactValue } from "./redact.js";
 import { assignProjects, buildUsages } from "./upload.js";
 import { loginViaBrowser } from "./auth.js";
-import { maybeCheckForUpdate } from "./updater.js";
+import { maybeCheckForUpdate, forceUpdate } from "./updater.js";
 import { track, maybeAnalyticsNotice } from "./telemetry.js";
 import { BUILD_VERSION } from "./version.js";
 
@@ -691,7 +692,8 @@ Usage:
   mm sources               List detection sources and whether each can run here
   mm integrations          Manage live integrations (list | enable <id> | disable <id> | env <id> <tag>)
   mm clear                 Delete all tracked usages from your inventory (--all also wipes projects/rules; --yes to skip the prompt)
-  mm upgrade               Open Stripe checkout and poll until Pro is active
+  mm update                Update to the latest version now and relaunch (or add --update to any command)
+  mm upgrade               Open Stripe checkout and poll until Pro is active (the paid plan, not the binary)
   mm play [dir]            Play Donkey Kong while a background scan walks the dir (just for fun)
   mm tui                   Force-launch the TUI (logs you in first if needed)
 
@@ -705,7 +707,7 @@ Scan sources (--sources; default = filesystem + enabled integrations; "all" for
   Secret sources shell out to your already-authenticated CLIs, run read-only,
   and only ever upload model ids — secret VALUES never leave your machine.
 
-Flags: --api <url> · --key <key> · --project <id|name> · --yes · --json · --ci · --dry-run
+Flags: --update · --api <url> · --key <key> · --project <id|name> · --yes · --json · --ci · --dry-run
        --sources <list> · --region <r> · --namespace <ns> · --kube-context <c> · --db <dsn> · --sql-table <t>
        --vercel-project <p> · --vercel-team <t> · --gh-repo <owner/name> · --supabase-ref <ref>
 
@@ -721,13 +723,38 @@ async function maybePrintUpdate(promise) {
       // be unsafe. Point the user at a one-line reinstall to a user-owned dir.
       process.stderr.write(`\n✦ mm ${r.to} is available (you're on ${r.from}). Auto-update can't write ${process.execPath} — reinstall:\n  curl -fsSL https://llmstatus.ai/install.sh | bash\n`);
     } else {
-      process.stderr.write(`\n✓ Updated mm ${r.from} → ${r.to} — your next run uses the new version.\n`);
+      process.stderr.write(`\n✓ Updated mm ${r.from} → ${r.to} — your next run uses it (or run \`mm update\` to relaunch on it now).\n`);
     }
   } catch {
     /* swallow */
   }
 }
 
+/**
+ * `mm update` (command) or `--update` (flag on any command): apply the in-place
+ * self-update NOW and RE-EXEC the fresh binary, so a single run lands on the new
+ * version — no opening the app twice. `rerunArgs` is what the new binary should
+ * run (the same invocation minus the update trigger). Re-execs + exits on a real
+ * update; otherwise prints status and returns (caller continues normally).
+ */
+async function applyUpdate(rerunArgs) {
+  const r = await forceUpdate();
+  if (r.status === "updated") {
+    process.stderr.write(`✓ Updated mm ${r.from} → ${r.to}. Relaunching…\n`);
+    const child = spawnSync(process.execPath, rerunArgs, {
+      stdio: "inherit",
+      env: { ...process.env, MM_JUST_UPDATED: r.to },
+    });
+    process.exit(child.status ?? 0);
+  }
+  if (r.status === "latest") process.stderr.write(`✓ Already on the latest mm (${r.version}).\n`);
+  else if (r.status === "manual")
+    process.stderr.write(`✦ mm ${r.to} is available (you're on ${r.from}), but auto-update can't write ${process.execPath}. Reinstall:\n  curl -fsSL https://llmstatus.ai/install.sh | bash\n`);
+  else if (r.status === "npm") process.stderr.write(`This is an npm-managed install. Update with:\n  npm update -g @modelstatus/cli\n`);
+  else if (r.status === "unsupported") process.stderr.write(`Self-update isn't supported for this build. Reinstall:\n  curl -fsSL https://llmstatus.ai/install.sh | bash\n`);
+  else if (r.status === "error") process.stderr.write(`! Update check failed: ${r.message}\n`);
+}
+
 async function main() {
   const { positional, flags } = parseArgs(process.argv.slice(2));
   const cmd = positional[0];
@@ -750,6 +777,20 @@ async function main() {
   maybeAnalyticsNotice();
   track("cli_command", { command: cmd || "tui" });
 
+  // Explicit self-update: `mm update` (command) or `--update` (flag on any
+  // command). Apply the update in place and RE-EXEC the fresh binary so this one
+  // run lands on the latest — no opening the app twice. `mm update` with nothing
+  // else then opens the TUI on the new version.
+  if (cmd === "update" || flags.update) {
+    const rerun = process.argv.slice(2).filter((a) => a !== "update" && a !== "--update");
+    await applyUpdate(rerun); // re-execs + exits when it actually updates
+    if (cmd === "update") {
+      await launchTui(positional[1], flags);
+      return;
+    }
+    // A bare `--update` on another command falls through to run that command.
+  }
+
   // Kick off the background self-update check — runs in parallel with the
   // user's command, capped at 1/24h, only for shell-installed binaries.
   const updatePromise = maybeCheckForUpdate(flags);

package/src/tui/app.js

@@ -40,37 +40,39 @@ const GATE_KEYS = [{ k: "1-8", label: "switch" }, { k: "7", label: "sign in" }];
 // toast, status, keybar, bottomRule) — the body fills whatever rows remain.
 const CHROME_ROWS = 10;
 
+// Rows to reserve below the frame (termRows = rows - reserve). POSITIVE shrinks
+// the frame, NEGATIVE grows it past the reported height.
+//  - 1 everywhere: a full-height ink frame write+newlines its bottom line and
+//    scrolls the buffer up 1/render; the 1-row reserve keeps the last line blank.
+//  - -7 in Warp: empirically (the user dialing it live in their Warp), the frame
+//    must be GROWN ~7 rows past stdout.rows or the top clips — Warp's block model
+//    reports/handles the alt-screen height such that a flush-height frame rides too
+//    high. So in Warp we render TALLER, which pushes the window down into view.
+//    Gated on Warp (a negative reserve elsewhere would over-grow + clip the top of
+//    a normal full-screen terminal).
+const WARP_RESERVE = -7;
+
+/** True when running under Warp (TERM_PROGRAM=WarpTerminal, or any WARP_* env, or
+ * TERM_PROGRAM merely containing "warp" — broad so detection doesn't silently
+ * miss a build/config that doesn't set the canonical value). */
+function isWarp(env) {
+  if (String(env.TERM_PROGRAM || "").toLowerCase().includes("warp")) return true;
+  for (const k in env) if (k.startsWith("WARP_")) return true;
+  return false;
+}
+
 /**
- * How many rows to leave UN-rendered below the frame so the window never clips.
- *
- *  - 1 row everywhere: a frame that fills the full height makes ink write+newline
- *    the bottom line, which scrolls the buffer up by 1 each render; reserving the
- *    last row keeps it blank so nothing ever scrolls.
- *  - 6 rows in Warp: Warp keeps ~5 rows of block chrome (sticky command header +
- *    pinned input) drawn OVER the alternate screen and over-reports stdout.rows by
- *    that much, so the TOP clips unless we also subtract them (1 guard + 5 chrome;
- *    measured against the user's Warp build — see Warp issues #6428/#2373, the
- *    chrome area can't be reclaimed via alt_screen_padding). Gated on TERM_PROGRAM
- *    so non-Warp terminals keep the plain 1-row reserve (an extra reserve elsewhere
- *    would leave a blank band).
- *
- * MM_TUI_RESERVE_ROWS (integer ≥ 0) overrides the whole reserve so a user on a
- * different Warp version / input position / timing-line setting can self-tune
- * (e.g. =5 or =7) without waiting for a release; 0 opts out entirely.
+ * MM_TUI_RESERVE_ROWS (any integer, may be negative) overrides the reserve so a
+ * user on a different terminal/version can self-tune in either direction without
+ * a release; blank/non-integer falls back to the gated default.
  */
 export function rowsReserve(env = process.env) {
-  // Any non-blank INTEGER string overrides (so `MM_TUI_RESERVE_ROWS=` or stray
-  // whitespace falls back to the default rather than being read as 0 —
-  // `Number("")` is 0). The override may be NEGATIVE: a negative reserve GROWS the
-  // frame past the terminal height (termRows = rows - reserve), so the knob goes
-  // both ways — positive shrinks the frame, negative grows it — letting a user
-  // find the exact offset their terminal (e.g. Warp) needs in either direction.
   const raw = env.MM_TUI_RESERVE_ROWS;
   if (typeof raw === "string" && raw.trim() !== "") {
     const n = Number(raw);
     if (Number.isInteger(n)) return n;
   }
-  return env.TERM_PROGRAM === "WarpTerminal" ? 6 : 1;
+  return isWarp(env) ? WARP_RESERVE : 1;
 }
 
 /** Frame height for a terminal of `rows` rows: reserve rows, then clamp to a

package/src/updater.js

@@ -133,6 +133,41 @@ async function downloadAndReplace(version, key, expectedSha) {
  * "0.1.8 → v0.1.9" which looks like a typo. */
 function dispVer(v) { return String(v).replace(/^v/, ""); }
 
+/**
+ * Force an update RIGHT NOW for an explicit `mm update` / `--update` — ignores
+ * the 30s throttle AND MM_NO_AUTO_UPDATE (the user asked for it). Swaps the
+ * binary in place but never re-execs (the caller does, so this one run can land
+ * on the new version without opening the app twice). Never throws; returns:
+ *   { status: "updated", from, to }   binary swapped — caller should re-exec
+ *   { status: "latest", version }     already the newest
+ *   { status: "manual", from, to }    newer exists but the dir isn't writable
+ *   { status: "npm" }                 npm-managed install (use npm update -g)
+ *   { status: "unsupported" }         not a shell binary / unknown platform
+ *   { status: "error", message }      the check or download failed
+ */
+export async function forceUpdate() {
+  try {
+    if (!IS_SHELL_INSTALL) return { status: "npm" };
+    const key = platformKey();
+    if (!key) return { status: "unsupported" };
+
+    const manifest = await fetchJson(`${CDN}/cli/${CHANNEL_PATH}/version.json`);
+    writeCache({ ...(readCache() || {}), last_check: Date.now(), latest_known: manifest.version });
+    if (!manifest.version) return { status: "error", message: "manifest has no version" };
+    if (compareVer(manifest.version, BUILD_VERSION) <= 0) return { status: "latest", version: dispVer(BUILD_VERSION) };
+
+    const expectedSha = manifest.sha256?.[key];
+    if (!expectedSha) return { status: "error", message: `no sha256 for ${key}` };
+    if (!dirWritable(path.dirname(process.execPath))) {
+      return { status: "manual", from: dispVer(BUILD_VERSION), to: dispVer(manifest.version) };
+    }
+    await downloadAndReplace(manifest.version, key, expectedSha);
+    return { status: "updated", from: dispVer(BUILD_VERSION), to: dispVer(manifest.version) };
+  } catch (e) {
+    return { status: "error", message: e?.message ?? String(e) };
+  }
+}
+
 /** Returns { from, to } if an update was completed, else null. Never throws. */
 export async function maybeCheckForUpdate(flags = {}) {
   try {