@modelstatus/cli 0.1.84 → 0.1.85

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@modelstatus/cli",
-  "version": "0.1.84",
+  "version": "0.1.85",
   "description": "Track which AI models you use, where, and never get surprised by a retirement. Free offline model-health for any repo (mm status), browser sign-in for cloud inventory + alerts.",
   "keywords": [
     "llm",

package/src/api.js

@@ -90,7 +90,7 @@ export function createClient({ apiBase, apiKey }) {
     listNotifications: (params) => req("GET", `/notifications${qs(params)}`),
     readNotification: (id) => req("POST", `/notifications/${id}/read`),
 
-    // billing
-    checkout: () => req("POST", "/billing/checkout"),
+    // billing — plan: undefined → Pro ($5/yr subscription); "lifetime" → $29 one-time
+    checkout: (plan) => req("POST", `/billing/checkout${plan ? `?plan=${encodeURIComponent(plan)}` : ""}`),
   };
 }

package/src/changelog-data.js

@@ -1,6 +1,17 @@
 /* GENERATED by scripts/gen-changelog.mjs from apps/web/lib/changelog.json — do not edit.
  * Release notes baked into the binary (in-TUI + the on-load what's-new card). */
 export const CHANGELOG = [
+  {
+    "version": "0.1.85",
+    "date": "2026-06-14",
+    "title": "Command polish + safer billing",
+    "items": [
+      "`mm upgrade --lifetime` starts the one-time Lifetime checkout from the CLI (plain `mm upgrade` is still the $5/yr Pro plan).",
+      "`mm <command> --help` now prints per-command usage and flags; an unknown command exits non-zero instead of silently printing the help.",
+      "`mm clear` requires an explicit `--yes`/`--force` — it will no longer wipe your cloud inventory on `--ci` alone. `mm logout` no longer claims it removed a key when you weren't signed in, and warns if an env-var key still authenticates you.",
+      "Billing safety: checkout won't start a duplicate charge for an account that's already on Pro or Lifetime."
+    ]
+  },
   {
     "version": "0.1.84",
     "date": "2026-06-14",

package/src/index.js

@@ -72,7 +72,7 @@ if (process.argv[2] === "__bench_frames") {
   const p = runGame({
     width: 80, height: 24, scanStore: scan,
     _inject: {
-      out, inp: input, proc: process, now,
+      out, inp: input, proc: process, now, noPersist: true, // bench: never write dkHighScore
       schedule: (fn, ms) => setTimeout(() => { const t = now(); if (prev != null) emit({ t: "frame", dtMs: t - prev }); prev = t; fn(); }, ms),
       cancel: (h) => clearTimeout(h),
     },
@@ -181,8 +181,14 @@ async function cmdSignup(_positional, flags) {
 }
 
 function cmdLogout() {
+  const had = !!loadConfig().apiKey;
   clearAuth();
-  console.log("✓ Signed out (API key removed). Run `mm login` to sign back in.");
+  if (had) console.log("✓ Signed out (saved API key removed). Run `mm login` to sign back in.");
+  else console.log("Not signed in — no saved API key to remove.");
+  // clearAuth only touches the config file; an env key still authenticates.
+  if (process.env.LLMSTATUS_API_KEY || process.env.MM_API_KEY) {
+    console.log("Note: an API key is still set via LLMSTATUS_API_KEY/MM_API_KEY — unset it to fully sign out.");
+  }
 }
 
 async function cmdUpgrade(_positional, flags) {
@@ -193,7 +199,9 @@ async function cmdUpgrade(_positional, flags) {
   }
   const client = createClient({ apiBase, apiKey });
   const { upgradeViaBrowser } = await import("./upgrade.js");
-  const plan = await upgradeViaBrowser({ client });
+  // --lifetime opens the one-time $29 checkout; default is the $5/yr Pro subscription.
+  const checkoutPlan = flags.lifetime ? "lifetime" : undefined;
+  const plan = await upgradeViaBrowser({ client, plan: checkoutPlan });
   if (!plan) {
     console.error("Upgrade not detected (timed out). Run `mm upgrade` again if you completed checkout.");
     process.exit(1);
@@ -554,9 +562,13 @@ async function cmdClear(_positional, flags) {
   }
   const all = !!flags.all;
   const scope = all ? "ALL usages, projects, alert rules + the in-app feed" : "ALL usages";
-  if (!flags.yes && !flags.force) {
+  // A destructive delete requires an EXPLICIT --yes/--force. `--ci` implies --yes
+  // for scan/fix non-interactivity, but it must NOT silently skip the safety
+  // prompt here — so check the raw argv, not the --ci-derived flags.yes.
+  const explicitConfirm = process.argv.includes("--yes") || process.argv.includes("--force");
+  if (!explicitConfirm) {
     if (!process.stdin.isTTY) {
-      console.error(`Refusing to delete ${scope} without confirmation. Re-run with --yes.`);
+      console.error(`Refusing to delete ${scope} without confirmation. Re-run with --yes (or --force).`);
       process.exit(1);
     }
     const ok = await confirm(`Delete ${scope} from your account? This cannot be undone. [y/N] `);
@@ -856,7 +868,7 @@ Usage:
   mm integrations          Manage live integrations (list | enable <id> | disable <id> | env <id> <tag>)
   mm clear                 Delete all tracked usages from your inventory (--all also wipes projects/rules; --yes to skip the prompt)
   mm update                Update to the latest version now and relaunch (or add --update to any command)
-  mm upgrade               Open Stripe checkout and poll until Pro is active (the paid plan, not the binary)
+  mm upgrade               Open Stripe checkout and poll until active (--lifetime for the one-time plan; this is the paid plan, not the binary)
   mm play [dir]            Play Donkey Kong while a background scan walks the dir (just for fun)
   mm tui                   Force-launch the TUI (needs an interactive terminal)
 
@@ -875,7 +887,82 @@ Flags: --update · --api <url> · --key <key> · --project <id|name> · --dir <p
        --sources <list> · --region <r> · --namespace <ns> · --kube-context <c> · --db <dsn> · --sql-table <t>
        --vercel-project <p> · --vercel-team <t> · --gh-repo <owner/name> · --supabase-ref <ref>
 
-Get started: \`mm login\` (opens your browser).`;
+Get started: \`mm login\` (opens your browser).
+
+Per-command help: \`mm <command> --help\` (e.g. \`mm ci --help\`).`;
+
+/** Per-command usage. `mm <cmd> --help` / `mm help <cmd>` prints these; anything
+ * not listed falls back to the global HELP. Keep flags here in sync with parseArgs. */
+const COMMAND_HELP = {
+  status: `mm status [dir]   Offline, account-less model-health check (free).
+
+  Pulls the signed registry, scans the dir locally, prints each model in use with
+  its health + replacement, then the custom/unrecognized ids. Always exits 0 (it
+  informs; use \`mm ci\` to gate a build).
+
+  --json            machine-readable {registry, scanned, references, files, models[], custom[], needs_attention}
+  --offline         use the cached registry only (no network)
+  --sources <list>  detection sources (default: filesystem + enabled integrations; "all" for everything)
+  --dir <path>      directory to scan (alternative to the positional arg)`,
+  fix: `mm fix [dir]   Rewrite dying model ids to their registry replacement, in place.
+
+  Boundary-safe, style-preserving, chain-resolved. Only filesystem refs with a known
+  replacement are touched. Asks before writing (a non-TTY needs --yes).
+
+  --dry-run         preview the rewrites, write nothing
+  --json            machine output ({planned, dryRun} for --dry-run; {applied, stale, failed} on apply)
+  --yes             skip the confirmation prompt
+  --model <slug>    only fix this one model (full provider/slug)
+  --offline         use the cached registry only`,
+  ci: `mm ci [dir]   CI gate: fail the build on deprecated/retiring models.
+
+  Exits non-zero when a finding is at/above --fail-on. Emits GitHub annotations +
+  a step summary under GITHUB_ACTIONS. Offline-capable, no account.
+
+  --fail-on <none|deprecating|retiring|retired>   threshold (default: retired)
+  --json            print the full report to stdout
+  --json-out <file> write clean findings JSON to a file (stdout stays annotations-only)
+  --diff <base>     limit findings to files changed vs base (auto on PRs via GITHUB_BASE_REF)
+  --report          (Pro) sync this run's usages + a CI-run row to your account
+  --offline         use the cached registry only`,
+  scan: `mm scan [dir]   Scan for model usage and upload to your account's inventory (needs login).
+
+  On a TTY with no flags it opens the interactive Scan tab. --ci/--json/--yes run
+  non-interactively.
+
+  --dry-run         show exactly what WOULD upload, upload nothing
+  --json / --ci     machine output (--ci implies --yes + --json)
+  --yes             upload without the interactive TUI
+  --project <id|name>  route everything to one project (created if the name is new)
+  --sources <list>  detection sources ("all" for everything)
+  --dir <path>      directory to scan`,
+  clear: `mm clear   Delete tracked usages from your cloud inventory (DESTRUCTIVE, needs login).
+
+  Requires an explicit --yes or --force (it will NOT proceed on --ci alone).
+
+  --all             also wipe projects, alert rules + the in-app feed (a full reset)
+  --yes / --force   confirm the delete (required on a non-TTY)
+  --json            print the result counts`,
+  upgrade: `mm upgrade   Open Stripe checkout and poll until your plan is active (needs login).
+
+  --lifetime        buy the one-time Lifetime plan ($29) instead of Pro ($5/yr)`,
+  integrations: `mm integrations [list | enable <id> | disable <id> | env <id> <tag>]
+
+  Manage the local on/off state of the live integrations (the gate for what
+  \`mm scan\`/\`mm status\` run by default). Ids: aws-lambda, vercel, supabase-edge,
+  github-actions. \`env <id> <prod|staging|dev|unknown>\` sets a declared env.
+
+  --json            (list only) machine-readable integration state`,
+  config: `mm config [analytics on|off]   View or change local settings.
+
+  Bare \`mm config\` lists settings (analytics, update channel, config path).
+  \`mm config analytics on|off\` toggles anonymous usage analytics (also honored:
+  MM_NO_ANALYTICS=1, DO_NOT_TRACK=1, CI=1).`,
+  login: `mm login [api_key]   Sign in. With no key, opens the browser and polls; or paste a key.
+
+  --key <key>       paste an API key directly
+  --api <url>       override the API base`,
+};
 
 /** Awaits the updater promise; prints a one-liner if an update completed. Never throws. */
 async function maybePrintUpdate(promise) {
@@ -932,8 +1019,10 @@ async function main() {
 
   // --help / -h / help: print usage + exit. MUST come before the no-arg → TUI
   // fallthrough below (a bare `mm` launches the TUI, but `mm --help` must not).
+  // `mm <cmd> --help` and `mm help <cmd>` print per-command usage when we have it.
   if (cmd === "help" || flags.help || flags.h) {
-    console.log(HELP);
+    const topic = cmd === "help" ? positional[1] : cmd;
+    console.log((topic && COMMAND_HELP[topic]) || HELP);
     return;
   }
 
@@ -1007,8 +1096,13 @@ async function main() {
       flags.dir = cmd;
       await launchTui(positional[1], flags);
     }
-    else if (cmd === "help" || flags.help) console.log(HELP);
-    else console.log(HELP);
+    else {
+      // Unknown command / non-existent path: name it on stderr + exit non-zero so
+      // a typo in a script fails loudly instead of silently printing help.
+      console.error(`Unknown command or path: ${cmd}\n`);
+      console.log(HELP);
+      process.exit(1);
+    }
   } catch (e) {
     console.error(`Error: ${e?.message ?? e}`);
     await maybePrintUpdate(updatePromise);

package/src/tui/game/loop.js

@@ -139,7 +139,9 @@ export function runGame({ width, height, level = 1, scanStore = null, onExit, in
       if (highSaved) return;
       highSaved = true;
       const score = (game && Math.max(game.best || 0, game.score || 0)) || 0;
-      if (score > best) {
+      // _inject.noPersist (the __bench_frames seam) keeps a measurement run from
+      // writing dkHighScore to the user's config.
+      if (score > best && !_inject.noPersist) {
         try { setConfigValue("dkHighScore", score); best = score; } catch { /* best effort */ }
       }
     }

package/src/upgrade.js

@@ -4,8 +4,8 @@ const sleep = (ms) => new Promise((r) => setTimeout(r, ms));
 
 /** Open Stripe checkout and poll /me until the plan flips off "free". Mirrors
  * the browser-login poll UX. Returns the new plan, or null on timeout. */
-export async function upgradeViaBrowser({ client, log = console.error, onTick }) {
-  const { url } = await client.checkout();
+export async function upgradeViaBrowser({ client, plan, log = console.error, onTick }) {
+  const { url } = await client.checkout(plan);
   if (!url) throw new Error("Could not start checkout.");
   log(`\n  Opening checkout in your browser…`);
   log(`  If it doesn't open, visit:\n    ${url}\n`);