@movermarketingai/searchlight-cli 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE.md +7 -0
- package/README.md +79 -0
- package/bin/searchlight.js +1471 -0
- package/package.json +26 -0
package/LICENSE.md
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
# Searchlight CLI License
|
|
2
|
+
|
|
3
|
+
Copyright (c) Mover Marketing Ai. All rights reserved.
|
|
4
|
+
|
|
5
|
+
This package may be downloaded and installed to access Searchlight from the command line. Use of the Searchlight service requires a provisioned Searchlight account or CLI token. Downloading the CLI does not grant access to Searchlight data, customer data, API tokens, or administrative capabilities.
|
|
6
|
+
|
|
7
|
+
You may not redistribute modified versions, reverse engineer server-side access controls, bypass token scoping, or use this CLI to access Searchlight without authorization.
|
package/README.md
ADDED
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
# Searchlight CLI
|
|
2
|
+
|
|
3
|
+
Command-line access for approved Searchlight users, workers, and operators.
|
|
4
|
+
|
|
5
|
+
Anyone can download this CLI. Searchlight data access still requires a server-issued, scoped, unrevoked token. The CLI does not bundle secrets, API keys, database credentials, or customer data.
|
|
6
|
+
|
|
7
|
+
## Install
|
|
8
|
+
|
|
9
|
+
```bash
|
|
10
|
+
npm install -g @movermarketingai/searchlight-cli
|
|
11
|
+
```
|
|
12
|
+
|
|
13
|
+
Then verify the binary is available:
|
|
14
|
+
|
|
15
|
+
```bash
|
|
16
|
+
mmai-searchlight help
|
|
17
|
+
```
|
|
18
|
+
|
|
19
|
+
The `searchlight` binary is also provided, but `mmai-searchlight` is preferred to avoid name collisions.
|
|
20
|
+
|
|
21
|
+
## Setup
|
|
22
|
+
|
|
23
|
+
Ask your Searchlight admin for a provisioned CLI token, or create one from **Workspace Settings → CLI Access** if your account is allowed to self-serve CLI tokens.
|
|
24
|
+
|
|
25
|
+
Store the token without placing it in shell history:
|
|
26
|
+
|
|
27
|
+
```bash
|
|
28
|
+
read -rsp "Searchlight CLI token: " SEARCHLIGHT_TOKEN && echo && \
|
|
29
|
+
printf '%s' "$SEARCHLIGHT_TOKEN" | mmai-searchlight auth store --token-stdin && \
|
|
30
|
+
unset SEARCHLIGHT_TOKEN
|
|
31
|
+
```
|
|
32
|
+
|
|
33
|
+
Validate access:
|
|
34
|
+
|
|
35
|
+
```bash
|
|
36
|
+
mmai-searchlight auth check
|
|
37
|
+
mmai-searchlight annotations sites --json
|
|
38
|
+
```
|
|
39
|
+
|
|
40
|
+
By default, tokens are stored at `~/.config/searchlight/token` with mode `0600`. To use another path, set `SEARCHLIGHT_TOKEN_FILE`.
|
|
41
|
+
|
|
42
|
+
## Authentication precedence
|
|
43
|
+
|
|
44
|
+
The CLI uses the first available token source:
|
|
45
|
+
|
|
46
|
+
1. `SEARCHLIGHT_TOKEN`
|
|
47
|
+
2. `SEARCHLIGHT_WORKER_TOKEN`
|
|
48
|
+
3. `SEARCHLIGHT_TOKEN_FILE`, defaulting to `~/.config/searchlight/token`
|
|
49
|
+
|
|
50
|
+
Keep raw tokens in Keychain, a password manager, a locked-down machine-local file, or another approved secret store. Do not paste tokens into chat, tickets, docs, source files, screenshots, or shell history.
|
|
51
|
+
|
|
52
|
+
## API target
|
|
53
|
+
|
|
54
|
+
Production is used by default:
|
|
55
|
+
|
|
56
|
+
```text
|
|
57
|
+
https://searchlight.movermarketing.ai
|
|
58
|
+
```
|
|
59
|
+
|
|
60
|
+
Set `SEARCHLIGHT_BASE_URL` only when intentionally targeting a non-production Searchlight deployment.
|
|
61
|
+
|
|
62
|
+
## Common commands
|
|
63
|
+
|
|
64
|
+
```bash
|
|
65
|
+
mmai-searchlight annotations sites --json
|
|
66
|
+
mmai-searchlight annotations list --site SITE --json
|
|
67
|
+
mmai-searchlight annotations add --site SITE --title TITLE --summary TEXT --dry-run
|
|
68
|
+
mmai-searchlight content-runs list --site SITE --json
|
|
69
|
+
mmai-searchlight tests list --site SITE --json
|
|
70
|
+
```
|
|
71
|
+
|
|
72
|
+
Some operator commands, such as client onboarding, require higher-trust tokens and may be unavailable to routine users.
|
|
73
|
+
|
|
74
|
+
## Security model
|
|
75
|
+
|
|
76
|
+
- Downloading the CLI grants no access by itself.
|
|
77
|
+
- The Searchlight API enforces token hashes, scopes, allowed sites, expiry, and revocation server-side.
|
|
78
|
+
- CLI-side command visibility is not an authorization boundary.
|
|
79
|
+
- Provision external or contractor tokens with the narrowest possible sites/scopes and short expiries.
|