@nordsym/apiclaw 1.5.9 → 1.5.11

package/landing/src/app/providers/dashboard/layout.tsx

@@ -80,12 +80,12 @@ export default function DashboardLayout({
   };
 
   // Check if current route is API detail page
-  const apiIdMatch = pathname.match(/\/providers\/dashboard\/([^/]+)/);
+  const apiIdMatch = pathname?.match(/\/providers\/dashboard\/([^/]+)/);
   const currentApiId = apiIdMatch ? apiIdMatch[1] : null;
   const isApiDetailPage = currentApiId && currentApiId !== "login" && currentApiId !== "verify";
 
   // Don't show layout for login/verify pages
-  if (pathname.includes("/login") || pathname.includes("/verify")) {
+  if (pathname?.includes("/login") || pathname?.includes("/verify")) {
     return <>{children}</>;
   }
 
@@ -167,7 +167,7 @@ export default function DashboardLayout({
                 key={item.label}
                 href={item.href}
                 className={`flex items-center gap-3 px-3 py-2 rounded-lg transition ${
-                  (item.exact ? pathname === item.href : pathname.startsWith(item.href.split('?')[0])) && !isApiDetailPage
+                  (item.exact ? pathname === item.href : pathname?.startsWith(item.href.split('?')[0])) && !isApiDetailPage
                     ? "bg-accent text-white"
                     : "text-text-secondary hover:bg-surface hover:text-text-primary"
                 }`}
@@ -200,7 +200,7 @@ export default function DashboardLayout({
                 <Link
                   href={`/providers/dashboard/${currentApiId}/direct-call`}
                   className={`flex items-center gap-3 px-3 py-2 rounded-lg transition ${
-                    pathname.includes("/direct-call")
+                    pathname?.includes("/direct-call")
                       ? "bg-accent text-white"
                       : "text-text-secondary hover:bg-surface hover:text-text-primary"
                   }`}
@@ -212,7 +212,7 @@ export default function DashboardLayout({
                 <Link
                   href={`/providers/dashboard/${currentApiId}/actions`}
                   className={`flex items-center gap-3 px-3 py-2 rounded-lg transition ${
-                    pathname.includes("/actions")
+                    pathname?.includes("/actions")
                       ? "bg-accent text-white"
                       : "text-text-secondary hover:bg-surface hover:text-text-primary"
                   }`}
@@ -224,7 +224,7 @@ export default function DashboardLayout({
                 <Link
                   href={`/providers/dashboard/${currentApiId}/test`}
                   className={`flex items-center gap-3 px-3 py-2 rounded-lg transition ${
-                    pathname.includes("/test")
+                    pathname?.includes("/test")
                       ? "bg-accent text-white"
                       : "text-text-secondary hover:bg-surface hover:text-text-primary"
                   }`}

package/landing/src/app/providers/dashboard/login/page.tsx

@@ -109,7 +109,7 @@ export default function LoginPage() {
       <div className="pt-32 pb-24 px-6">
         <div className="max-w-md mx-auto">
           <div className="text-center mb-8">
-            <h1 className="text-3xl font-bold mb-2">Provider Dashboard</h1>
+            <h1 className="text-3xl font-bold mb-2">Workspace</h1>
             <p className="text-text-secondary">
               Sign in to manage your APIs and view analytics
             </p>

package/landing/src/app/providers/dashboard/page.tsx

@@ -4,7 +4,7 @@ import { useEffect } from "react";
 import { useRouter } from "next/navigation";
 import { Loader2 } from "lucide-react";
 
-export default function ProviderDashboardRedirect() {
+export default function WorkspaceRedirect() {
   const router = useRouter();
 
   useEffect(() => {

package/landing/src/app/providers/dashboard/verify/page.tsx

@@ -8,6 +8,12 @@ import Link from "next/link";
 function VerifyContent() {
   const router = useRouter();
   const searchParams = useSearchParams();
+  
+  // Handle null searchParams
+  if (!searchParams) {
+    return <div className="min-h-screen flex items-center justify-center">Loading...</div>;
+  }
+  
   const token = searchParams.get("token");
 
   const [status, setStatus] = useState<"verifying" | "success" | "error">("verifying");

package/landing/src/app/providers/layout.tsx

@@ -1,7 +1,7 @@
 import type { Metadata } from "next";
 
 export const metadata: Metadata = {
-  title: "Provider Dashboard | APIClaw",
+  title: "Workspace | APIClaw",
   description: "Manage your APIs, view analytics, and track earnings on APIClaw.",
 };
 

package/landing/src/app/upgrade/page.tsx

@@ -40,6 +40,12 @@ async function actionConvex<T>(path: string, args: Record<string, unknown>): Pro
 function UpgradeContent() {
   const searchParams = useSearchParams();
   const router = useRouter();
+  
+  // Handle null searchParams
+  if (!searchParams) {
+    return <div className="min-h-screen flex items-center justify-center">Loading...</div>;
+  }
+  
   const workspaceId = searchParams.get("ws");
   const success = searchParams.get("success");
   

package/landing/src/app/workspace/page.tsx

@@ -184,6 +184,12 @@ function generatePreviewAnalytics(): ProviderAnalytics {
 export default function WorkspacePage() {
   const router = useRouter();
   const searchParams = useSearchParams();
+  
+  // Handle null searchParams
+  if (!searchParams) {
+    return <div className="min-h-screen flex items-center justify-center">Loading...</div>;
+  }
+  
   const tabFromUrl = searchParams.get("tab") as TabType | null;
   const subFromUrl = searchParams.get("sub") as AnalyticsSubtab | null;
   

package/landing/src/components/HeroTabs.tsx

@@ -179,10 +179,10 @@ export function HeroTabs() {
               </ul>
 
               <a
-                href="/providers/dashboard"
+                href="/workspace"
                 className="btn-primary w-full justify-center"
               >
-                Open Provider Dashboard
+                Open Workspace
                 <ArrowRight className="w-4 h-4" />
               </a>
             </div>

package/landing/src/components/VideoDemo.tsx

@@ -0,0 +1,94 @@
+"use client";
+
+import { useState } from "react";
+import { Play, X } from "lucide-react";
+
+interface VideoDemoProps {
+  videoUrl?: string; // Tella embed URL
+  thumbnailUrl?: string; // Optional custom thumbnail
+}
+
+export function VideoDemo({ 
+  videoUrl = "PASTE_TELLA_URL_HERE",
+  thumbnailUrl 
+}: VideoDemoProps) {
+  const [isOpen, setIsOpen] = useState(false);
+  const isVideoReady = videoUrl !== "PASTE_TELLA_URL_HERE" && videoUrl.startsWith("http");
+
+  return (
+    <>
+      {/* Floating Video Button - Bottom Right */}
+      <button
+        onClick={() => setIsOpen(true)}
+        className="fixed bottom-8 right-8 z-40 group"
+        aria-label="Watch demo video"
+      >
+        <div className="relative">
+          {/* Pulse animation */}
+          <div className="absolute inset-0 bg-[#ef4444] rounded-full opacity-75 animate-ping" />
+          
+          {/* Main button */}
+          <div className="relative bg-[#ef4444] hover:bg-[#dc2626] text-white rounded-full p-4 shadow-lg transition-all duration-200 flex items-center gap-3 pr-6">
+            <Play className="w-6 h-6 fill-white" />
+            <span className="font-medium text-sm whitespace-nowrap">
+              Watch Demo
+            </span>
+          </div>
+        </div>
+      </button>
+
+      {/* Video Modal */}
+      {isOpen && (
+        <div 
+          className="fixed inset-0 z-50 flex items-center justify-center bg-black/80 backdrop-blur-sm p-4"
+          onClick={() => setIsOpen(false)}
+        >
+          <div 
+            className="relative w-full max-w-4xl bg-[var(--background)] rounded-2xl shadow-2xl overflow-hidden"
+            onClick={(e) => e.stopPropagation()}
+          >
+            {/* Close button */}
+            <button
+              onClick={() => setIsOpen(false)}
+              className="absolute top-4 right-4 z-10 bg-black/50 hover:bg-black/70 text-white rounded-full p-2 transition-colors"
+              aria-label="Close video"
+            >
+              <X className="w-5 h-5" />
+            </button>
+
+            {/* Video container - 16:9 aspect ratio */}
+            <div className="relative w-full" style={{ paddingBottom: '56.25%' }}>
+              {isVideoReady ? (
+                <iframe
+                  src={videoUrl}
+                  className="absolute inset-0 w-full h-full"
+                  frameBorder="0"
+                  allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture"
+                  allowFullScreen
+                />
+              ) : (
+                <div className="absolute inset-0 flex items-center justify-center bg-gradient-to-br from-[#0f172a] to-[#1e293b]">
+                  <div className="text-center">
+                    <Play className="w-16 h-16 mx-auto mb-4 text-[#ef4444]" />
+                    <h3 className="text-2xl font-bold text-white mb-2">Coming Soon</h3>
+                    <p className="text-[#94a3b8]">Demo video will be available shortly</p>
+                  </div>
+                </div>
+              )}
+            </div>
+
+            {/* Video info */}
+            <div className="p-6 border-t border-[var(--border)]">
+              <h3 className="text-lg font-semibold text-[var(--text)] mb-2">
+                🦞 APIClaw Quick Start
+              </h3>
+              <p className="text-sm text-[var(--text-muted)]">
+                Install and use APIClaw in under 2 minutes
+              </p>
+            </div>
+          </div>
+        </div>
+      )}
+    </>
+  );
+}

package/landing/src/components/{ProviderDashboard.tsx → Workspace.tsx}

@@ -50,7 +50,7 @@ type TabType = "overview" | "apis" | "earnings";
 
 const COLORS = ["#ef4444", "#f97316", "#eab308", "#22c55e", "#3b82f6"];
 
-export function ProviderDashboard() {
+export function Workspace() {
   const [activeTab, setActiveTab] = useState<TabType>("overview");
   const [period, setPeriod] = useState<"week" | "month" | "all">("month");
   const [selectedApi, setSelectedApi] = useState<string | null>(null);
@@ -76,7 +76,7 @@ export function ProviderDashboard() {
               🦞
             </div>
             <div>
-              <h1 className="font-bold text-lg">Provider Dashboard</h1>
+              <h1 className="font-bold text-lg">Workspace</h1>
               <p className="text-sm text-text-muted">{provider.company || provider.email}</p>
             </div>
           </div>

package/landing/src/lib/mock-data.ts

@@ -1,4 +1,4 @@
-// Mock data for the provider dashboard demo
+// Mock data for the workspace demo
 // This simulates what would come from Convex in production
 
 export interface Provider {

package/landing/src/lib/stats.json

@@ -4,7 +4,7 @@
   "directCallCount": 18,
   "npmDownloads": 4232,
   "categoryCount": 13,
-  "generatedAt": "2026-03-18T12:30:05.958Z",
+  "generatedAt": "2026-03-24T15:40:24.031Z",
   "categoryBreakdown": {
     "Finance": 1179,
     "Auth & Security": 491,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nordsym/apiclaw",
-  "version": "1.5.9",
+  "version": "1.5.11",
   "description": "The API layer for AI agents. Dashboard + 22K APIs + 18 Direct Call providers. MCP native.",
   "type": "module",
   "main": "dist/index.js",
@@ -16,6 +16,7 @@
     "build": "tsc && cp -r src/registry dist/",
     "dev": "tsx watch src/index.ts",
     "start": "node dist/index.js",
+    "start:http": "tsx src/http-server-minimal.ts",
     "test": "tsx src/test.ts",
     "test:e2e": "tsx src/test.ts",
     "webhook": "tsx src/webhook.ts",
@@ -66,7 +67,7 @@
     "@types/inquirer": "^9.0.9",
     "chalk": "^5.6.2",
     "commander": "^14.0.3",
-    "convex": "^1.32.0",
+    "convex": "^1.33.1",
     "dotenv": "^17.3.1",
     "fs-extra": "^11.3.3",
     "hono": "^4.0.0",
@@ -77,6 +78,7 @@
   "devDependencies": {
     "@types/fs-extra": "^11.0.4",
     "@types/node": "^20.10.0",
+    "@vercel/node": "^5.6.16",
     "tsx": "^4.7.0",
     "typescript": "^5.3.0"
   },

package/scripts/test-whitelist-v2.sh

@@ -0,0 +1,128 @@
+#!/bin/bash
+# Test script for APIClaw Whitelist v2.0
+# Tests whitelist, access control, and analytics
+
+set -e
+
+echo "🧪 APIClaw Whitelist v2.0 Test Suite"
+echo "===================================="
+echo ""
+
+API_URL="${APICLAW_API_URL:-http://localhost:3000}"
+
+# Colors
+GREEN='\033[0;32m'
+RED='\033[0;31m'
+YELLOW='\033[1;33m'
+NC='\033[0m' # No Color
+
+function test_case() {
+  local name=$1
+  local expected=$2
+  local cmd=$3
+  
+  echo -n "Testing: $name ... "
+  
+  response=$(eval "$cmd" 2>&1)
+  status=$?
+  
+  if echo "$response" | grep -q "$expected"; then
+    echo -e "${GREEN}✓ PASS${NC}"
+    return 0
+  else
+    echo -e "${RED}✗ FAIL${NC}"
+    echo "  Expected: $expected"
+    echo "  Got: $response"
+    return 1
+  fi
+}
+
+echo "1. Test Whitelist Authorization"
+echo "--------------------------------"
+
+# Test 1: Whitelisted agent (namespaced)
+test_case \
+  "Namespaced agent (hivr:bytebee) authorized" \
+  "200\|success" \
+  "curl -s '$API_URL/api/discover?query=web&agentId=hivr:bytebee'"
+
+# Test 2: Whitelisted agent (legacy format)
+test_case \
+  "Legacy agent (bytebee) authorized" \
+  "200\|success" \
+  "curl -s '$API_URL/api/discover?query=web&agentId=bytebee'"
+
+# Test 3: Unauthorized agent
+test_case \
+  "Unauthorized agent denied" \
+  "403\|Unauthorized\|Access Denied" \
+  "curl -s '$API_URL/api/discover?query=web&agentId=hacker:evil'"
+
+echo ""
+echo "2. Test Access Control"
+echo "----------------------"
+
+# Test 4: Hivr agent accessing allowed provider
+test_case \
+  "Hivr agent accessing brave_search (allowed)" \
+  "200\|success" \
+  "curl -s -X POST '$API_URL/api/call_api' -H 'Content-Type: application/json' -d '{\"agentId\":\"hivr:bytebee\",\"provider\":\"brave_search\",\"action\":\"search\",\"params\":{\"query\":\"test\"}}'"
+
+# Test 5: Restricted access (if NordSym configured)
+# This will fail if NordSym not configured yet, which is OK
+echo -n "Testing: NordSym agent restricted access ... "
+if curl -s -X POST "$API_URL/api/call_api" \
+  -H "Content-Type: application/json" \
+  -d '{"agentId":"nordsym:test","provider":"restricted_api","action":"call","params":{}}' \
+  | grep -q "403\|Access Denied\|not whitelisted"; then
+  echo -e "${GREEN}✓ PASS${NC} (correctly denied)"
+else
+  echo -e "${YELLOW}⊘ SKIP${NC} (NordSym not configured)"
+fi
+
+echo ""
+echo "3. Test Analytics"
+echo "-----------------"
+
+# Test 6: Product field in logs
+if [ -f ~/.apiclaw/logs/api-calls.jsonl ]; then
+  recent_logs=$(tail -5 ~/.apiclaw/logs/api-calls.jsonl)
+  
+  echo -n "Testing: Product field in logs ... "
+  if echo "$recent_logs" | grep -q '"product":"hivr"'; then
+    echo -e "${GREEN}✓ PASS${NC}"
+  else
+    echo -e "${YELLOW}⊘ WARN${NC} (no recent Hivr calls logged)"
+  fi
+else
+  echo -e "${YELLOW}⊘ SKIP${NC} (no log file yet)"
+fi
+
+echo ""
+echo "4. Test Cache Behavior"
+echo "----------------------"
+
+# Test 7: Multiple requests use cache
+echo -n "Testing: Cache performance ... "
+start=$(date +%s%N)
+for i in {1..5}; do
+  curl -s "$API_URL/api/discover?query=web&agentId=hivr:bytebee" > /dev/null
+done
+end=$(date +%s%N)
+elapsed=$(( (end - start) / 1000000 )) # Convert to ms
+
+if [ $elapsed -lt 1000 ]; then
+  echo -e "${GREEN}✓ PASS${NC} (${elapsed}ms for 5 requests)"
+else
+  echo -e "${YELLOW}⊘ WARN${NC} (${elapsed}ms - cache might not be working)"
+fi
+
+echo ""
+echo "===================================="
+echo "Test suite complete!"
+echo ""
+echo "Next steps:"
+echo "1. Check logs: tail -f ~/.apiclaw/logs/api-calls.jsonl"
+echo "2. Monitor analytics for product field"
+echo "3. Add NordSym product source when ready"
+echo ""

package/src/access-control.ts

@@ -0,0 +1,174 @@
+/**
+ * Access Control System
+ * Controls which products/agents can access which providers
+ * 
+ * Rules format:
+ * - Wildcard: "hivr:*" = all Hivr agents
+ * - Specific: "hivr:bytebee" = only ByteBee
+ * - Product-level: "nordsym:*" = all NordSym agents
+ * 
+ * Provider wildcards:
+ * - "*" = all providers
+ * - "brave_*" = all Brave providers
+ * - Specific: ["brave_search", "groq"]
+ */
+
+interface AccessRule {
+  agentPattern: string;
+  allowedProviders: string[];
+  description?: string;
+}
+
+// Default access rules
+// These can be moved to Convex table for dynamic updates
+const DEFAULT_RULES: AccessRule[] = [
+  {
+    agentPattern: 'hivr:*',
+    allowedProviders: ['*'], // Hivr gets everything
+    description: 'All Hivr bees get full access',
+  },
+  {
+    agentPattern: 'nordsym:*',
+    allowedProviders: ['brave_search', 'groq', 'replicate'],
+    description: 'NordSym team gets selected providers',
+  },
+  // Add more rules as needed
+];
+
+// Cache for compiled rules
+let compiledRules: {
+  pattern: RegExp;
+  providers: string[];
+}[] | null = null;
+
+/**
+ * Compile agentPattern to RegExp
+ */
+function compilePattern(pattern: string): RegExp {
+  // Convert wildcard pattern to regex
+  // "hivr:*" → /^hivr:.+$/
+  // "hivr:byte*" → /^hivr:byte.+$/
+  const escaped = pattern
+    .replace(/[.+^${}()|[\]\\]/g, '\\$&') // Escape regex chars
+    .replace(/\*/g, '.+'); // Replace * with .+
+  
+  return new RegExp(`^${escaped}$`, 'i');
+}
+
+/**
+ * Compile all rules (cache for performance)
+ */
+function compileRules(): void {
+  compiledRules = DEFAULT_RULES.map(rule => ({
+    pattern: compilePattern(rule.agentPattern),
+    providers: rule.allowedProviders,
+  }));
+}
+
+/**
+ * Check if provider matches pattern
+ */
+function matchesProvider(provider: string, pattern: string): boolean {
+  if (pattern === '*') return true;
+  if (pattern.endsWith('*')) {
+    const prefix = pattern.slice(0, -1);
+    return provider.startsWith(prefix);
+  }
+  return provider === pattern;
+}
+
+/**
+ * Check if agentId is allowed to access provider
+ */
+export function canAccessProvider(agentId: string, provider: string): boolean {
+  if (!compiledRules) {
+    compileRules();
+  }
+  
+  const normalized = agentId.toLowerCase().trim();
+  const normalizedProvider = provider.toLowerCase().trim();
+  
+  // Find matching rule
+  for (const rule of compiledRules!) {
+    if (rule.pattern.test(normalized)) {
+      // Check if provider is allowed
+      for (const providerPattern of rule.providers) {
+        if (matchesProvider(normalizedProvider, providerPattern)) {
+          return true;
+        }
+      }
+      // Rule matched but provider not in allowlist
+      return false;
+    }
+  }
+  
+  // No rule matched = deny by default
+  console.warn(`[Access Control] No rule for ${normalized}`);
+  return false;
+}
+
+/**
+ * Get allowed providers for agentId
+ */
+export function getAllowedProviders(agentId: string): string[] {
+  if (!compiledRules) {
+    compileRules();
+  }
+  
+  const normalized = agentId.toLowerCase().trim();
+  
+  // Find matching rule
+  for (const rule of compiledRules!) {
+    if (rule.pattern.test(normalized)) {
+      return rule.providers;
+    }
+  }
+  
+  return [];
+}
+
+/**
+ * Add new access rule (runtime)
+ */
+export function addAccessRule(rule: AccessRule): void {
+  DEFAULT_RULES.push(rule);
+  compiledRules = null; // Force recompile
+  console.log(`[Access Control] Added rule for ${rule.agentPattern}`);
+}
+
+/**
+ * Get all access rules (for debugging/admin)
+ */
+export function getAccessRules(): AccessRule[] {
+  return [...DEFAULT_RULES];
+}
+
+/**
+ * Check if agentId + provider combination is allowed
+ * Combines whitelist check + access control
+ */
+export async function isAllowed(
+  agentId: string | undefined,
+  provider: string
+): Promise<{ allowed: boolean; reason?: string }> {
+  if (!agentId) {
+    return { allowed: false, reason: 'No agentId provided' };
+  }
+  
+  // First check: Is agent whitelisted?
+  const { isAuthorized } = await import('./product-whitelist.js');
+  const whitelisted = await isAuthorized(agentId);
+  
+  if (!whitelisted) {
+    return { allowed: false, reason: 'Agent not whitelisted' };
+  }
+  
+  // Second check: Does agent have access to this provider?
+  const hasAccess = canAccessProvider(agentId, provider);
+  
+  if (!hasAccess) {
+    return { allowed: false, reason: 'Provider not in access list' };
+  }
+  
+  return { allowed: true };
+}

package/src/analytics.ts

@@ -18,6 +18,10 @@ export interface APICallLog {
   success: boolean;
   latencyMs?: number;
   error?: string;
+  metadata?: {
+    product?: string;
+    [key: string]: any;
+  };
 }
 
 // Log directory
@@ -86,6 +90,7 @@ async function sendToConvex(log: APICallLog): Promise<void> {
         latencyMs: log.latencyMs,
         error: log.error,
         timestamp: log.timestamp,
+        ...log.metadata, // Include product and any other metadata
       },
     });
   } catch (e) {

package/src/cli/commands/mcp-install.ts

@@ -275,13 +275,23 @@ export async function mcpInstallCommand(options: MCPInstallOptions): Promise<voi
       console.log(chalk.cyan('\n✅ Dry run complete! Run without --dry-run to apply changes.\n'));
     } else if (successCount > 0) {
       console.log(chalk.green('\n✅ APIClaw installed successfully!\n'));
-      console.log('Next steps:');
-      console.log('  1. Restart your MCP client (Claude Desktop/Code)');
-      console.log('  2. Ask: "List available APIs"');
+      console.log(chalk.bold('What you get:\n'));
+      console.log(chalk.cyan('  🔍 Search') + '     22,000+ APIs indexed');
+      console.log(chalk.cyan('  🌐 Open APIs') + '  1,600 APIs - no keys needed');
+      console.log(chalk.cyan('  🔑 Direct Call') + ' 18 premium APIs - we own the keys');
       console.log('');
-      console.log('Need help? https://apiclaw.com/docs\n');
+      console.log('Next:');
+      console.log('  1. Restart your MCP client');
+      console.log('  2. Try: "Find weather APIs"');
+      console.log('');
+      console.log('Docs: https://apiclaw.com/docs\n');
     } else {
       console.log(chalk.yellow('\n✅ APIClaw already installed in all clients.\n'));
+      console.log(chalk.bold('What you have:\n'));
+      console.log(chalk.cyan('  🔍 Search') + '     22,000+ APIs indexed');
+      console.log(chalk.cyan('  🌐 Open APIs') + '  1,600 APIs - no keys needed');
+      console.log(chalk.cyan('  🔑 Direct Call') + ' 18 premium APIs - we own the keys');
+      console.log('');
       console.log('Run with --force to reinstall (coming soon).\n');
     }
   } else {