@openfort/cli 0.1.7 → 0.1.8

package/README.md

@@ -98,14 +98,6 @@ openfort skills add
 | `embedded-wallet` | Configure embedded wallet (Shield) API keys                         |
 | `message`         | Message utilities (e.g. keccak256 hashing)                          |
 
-## Alias
-
-The CLI is also available as `of`:
-
-```bash
-of accounts list
-```
-
 ## Documentation
 
 For full documentation, visit [openfort.io/docs/overview/building-with-cli](https://www.openfort.io/docs/overview/building-with-cli).

package/dist/cli.js

@@ -6,7 +6,7 @@ import {
 
 // src/cli.ts
 import { readFileSync as readFileSync2 } from "fs";
-import { Cli as Cli13, z as z15, Errors as Errors4 } from "incur";
+import { Cli as Cli14, z as z15, Errors as Errors5 } from "incur";
 import Openfort from "@openfort/openfort-node";
 
 // src/vars.ts
@@ -21,14 +21,9 @@ var OPENFORT_SHIELD_URL = process.env.OPENFORT_SHIELD_URL || "https://shield.ope
 var AUTH_PAGE_URL = process.env.OPENFORT_AUTH_PAGE_URL || "https://dashboard.openfort.io";
 var CLI_CALLBACK_PORT = Number(process.env.OPENFORT_CLI_CALLBACK_PORT) || 8271;
 
-// src/commands/login.ts
-import { randomBytes } from "crypto";
-import { createServer } from "http";
-import open from "open";
-import { z as z2 } from "incur";
-
 // src/env.ts
 import { readFileSync, writeFileSync, existsSync } from "fs";
+import { Errors } from "incur";
 function loadEnvFile(envPath) {
   const entries = /* @__PURE__ */ new Map();
   if (!existsSync(envPath)) return entries;
@@ -54,8 +49,23 @@ function writeEnvKey(envPath, key, value) {
   writeFileSync(envPath, `${lines.join("\n")}
 `);
 }
+function requireApiKey() {
+  const apiKey = process.env.OPENFORT_API_KEY;
+  if (!apiKey) {
+    throw new Errors.IncurError({
+      code: "MISSING_API_KEY",
+      message: "OPENFORT_API_KEY is required.",
+      hint: "Run: openfort login"
+    });
+  }
+  return apiKey;
+}
 
 // src/commands/login.ts
+import { randomBytes } from "crypto";
+import { createServer } from "http";
+import open from "open";
+import { Cli, z as z2 } from "incur";
 function base64url(buffer) {
   return buffer.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
 }
@@ -151,7 +161,7 @@ function waitForCallback(port, state) {
       reject(new Error("Login timed out after 5 minutes. Please try again."));
     }, 5 * 60 * 1e3);
     const server = createServer((req, res) => {
-      const url = new URL(req.url, `http://localhost:${port}`);
+      const url = new URL(req.url ?? "/", `http://localhost:${port}`);
       if (url.pathname === "/callback") {
         const apiKey = url.searchParams.get("api_key");
         const publishableKey = url.searchParams.get("publishable_key");
@@ -186,7 +196,7 @@ function waitForCallback(port, state) {
     server.listen(port);
   });
 }
-var loginConfig = {
+var login = Cli.create("login", {
   description: "Log in to Openfort via browser and save your API key.",
   output: z2.object({
     apiKey: z2.string().describe("The API key saved to credentials"),
@@ -236,10 +246,10 @@ var loginConfig = {
       }
     );
   }
-};
+});
 
 // src/commands/accounts.ts
-import { Cli, z as z3, middleware } from "incur";
+import { Cli as Cli2, z as z3, middleware } from "incur";
 var requireWallet = middleware((c, next) => {
   const missing = [];
   if (!process.env.OPENFORT_WALLET_SECRET) missing.push("OPENFORT_WALLET_SECRET");
@@ -256,7 +266,7 @@ var requireWallet = middleware((c, next) => {
   }
   return next();
 });
-var evm = Cli.create("evm", {
+var evm = Cli2.create("evm", {
   description: "EVM wallet management.",
   vars: varsSchema
 });
@@ -588,7 +598,7 @@ evm.command("send-transaction", {
     });
   }
 });
-var solana = Cli.create("solana", {
+var solana = Cli2.create("solana", {
   description: "Solana wallet management.",
   vars: varsSchema
 });
@@ -802,7 +812,7 @@ solana.command("transfer", {
     return c.ok({ signature: res.signature });
   }
 });
-var accounts = Cli.create("accounts", {
+var accounts = Cli2.create("accounts", {
   description: "Manage wallets and accounts.",
   vars: varsSchema
 });
@@ -863,7 +873,7 @@ accounts.command(evm);
 accounts.command(solana);
 
 // src/commands/contracts.ts
-import { Cli as Cli2, z as z4 } from "incur";
+import { Cli as Cli3, z as z4 } from "incur";
 var contractItem = z4.object({
   id: z4.string(),
   createdAt: z4.number(),
@@ -871,10 +881,10 @@ var contractItem = z4.object({
   chainId: z4.number(),
   address: z4.string(),
   deleted: z4.boolean(),
-  abi: z4.array(z4.any()),
+  abi: z4.array(z4.record(z4.string(), z4.unknown())),
   publicVerification: z4.boolean()
 });
-var contracts = Cli2.create("contracts", {
+var contracts = Cli3.create("contracts", {
   description: "Manage smart contracts.",
   vars: varsSchema
 });
@@ -1038,7 +1048,7 @@ contracts.command("delete", {
 });
 
 // src/commands/paymasters.ts
-import { Cli as Cli3, z as z5 } from "incur";
+import { Cli as Cli4, z as z5 } from "incur";
 var paymasterItem = z5.object({
   id: z5.string(),
   createdAt: z5.number(),
@@ -1046,7 +1056,7 @@ var paymasterItem = z5.object({
   url: z5.string().optional(),
   context: z5.record(z5.string(), z5.unknown()).optional()
 });
-var paymasters = Cli3.create("paymasters", {
+var paymasters = Cli4.create("paymasters", {
   description: "Manage ERC-4337 paymasters.",
   vars: varsSchema
 });
@@ -1113,7 +1123,7 @@ paymasters.command("update", {
     id: z5.string().describe("Paymaster ID (pay_...)")
   }),
   options: z5.object({
-    address: z5.string().optional().describe("Paymaster address"),
+    address: z5.string().describe("Paymaster address"),
     name: z5.string().optional().describe("New name"),
     url: z5.string().optional().describe("New URL")
   }),
@@ -1155,9 +1165,9 @@ paymasters.command("delete", {
 });
 
 // src/commands/policies.ts
-import { Cli as Cli4, z as z6 } from "incur";
+import { Cli as Cli5, z as z6 } from "incur";
 var policyScopes = ["project", "account", "transaction"];
-var policies = Cli4.create("policies", {
+var policies = Cli5.create("policies", {
   description: "Manage rules and conditions for backend wallets and fee sponsorship.",
   vars: varsSchema
 });
@@ -1287,7 +1297,7 @@ policies.command("get", {
     accountId: z6.string().nullable(),
     enabled: z6.boolean(),
     priority: z6.number(),
-    rules: z6.array(z6.any())
+    rules: z6.array(z6.record(z6.string(), z6.unknown()))
   }),
   async run(c) {
     const p = await c.var.openfort.policies.get(c.args.id);
@@ -1395,7 +1405,7 @@ policies.command("evaluate", {
 });
 
 // src/commands/sponsorship.ts
-import { Cli as Cli5, z as z7 } from "incur";
+import { Cli as Cli6, z as z7 } from "incur";
 var sponsorSchemas = ["pay_for_user", "charge_custom_tokens", "fixed_rate"];
 var sponsorshipItem = z7.object({
   id: z7.string(),
@@ -1412,7 +1422,7 @@ var sponsorshipItem = z7.object({
   paymasterId: z7.string().nullable(),
   policyId: z7.string().nullable()
 });
-var sponsorship = Cli5.create("sponsorship", {
+var sponsorship = Cli6.create("sponsorship", {
   description: "Manage fee sponsorship strategies linked to policies.",
   vars: varsSchema
 });
@@ -1624,7 +1634,7 @@ sponsorship.command("delete", {
 });
 
 // src/commands/subscriptions.ts
-import { Cli as Cli6, z as z8 } from "incur";
+import { Cli as Cli7, z as z8 } from "incur";
 var apiTopics = [
   "transaction_intent.broadcast",
   "transaction_intent.successful",
@@ -1640,7 +1650,7 @@ var apiTopics = [
   "account.created"
 ];
 var apiTriggerTypes = ["webhook", "email"];
-var triggers = Cli6.create("triggers", {
+var triggers = Cli7.create("triggers", {
   description: "Manage subscription triggers.",
   vars: varsSchema
 });
@@ -1750,7 +1760,7 @@ triggers.command("delete", {
     return c.ok({ id: res.id, deleted: res.deleted });
   }
 });
-var subscriptions = Cli6.create("subscriptions", {
+var subscriptions = Cli7.create("subscriptions", {
   description: "Manage webhook subscriptions.",
   vars: varsSchema
 });
@@ -1883,7 +1893,7 @@ subscriptions.command("delete", {
 subscriptions.command(triggers);
 
 // src/commands/sessions.ts
-import { Cli as Cli7, z as z9 } from "incur";
+import { Cli as Cli8, z as z9 } from "incur";
 var sessionItem = z9.object({
   id: z9.string(),
   createdAt: z9.number(),
@@ -1895,10 +1905,10 @@ var sessionItem = z9.object({
   isActive: z9.boolean(),
   nextAction: z9.object({
     type: z9.string(),
-    payload: z9.any().optional()
+    payload: z9.record(z9.string(), z9.unknown()).optional()
   }).optional()
 });
-var sessions = Cli7.create("sessions", {
+var sessions = Cli8.create("sessions", {
   description: "Manage session keys.",
   vars: varsSchema
 });
@@ -2089,7 +2099,7 @@ sessions.command("sign", {
 });
 
 // src/commands/transactions.ts
-import { Cli as Cli8, z as z10 } from "incur";
+import { Cli as Cli9, z as z10 } from "incur";
 var transactionIntentItem = z10.object({
   id: z10.string(),
   createdAt: z10.number(),
@@ -2105,7 +2115,7 @@ var transactionIntentItem = z10.object({
     gasFee: z10.string().optional(),
     status: z10.number().optional(),
     to: z10.string().optional(),
-    error: z10.any().optional()
+    error: z10.record(z10.string(), z10.unknown()).optional()
   }).optional(),
   interactions: z10.array(z10.object({
     to: z10.string().optional(),
@@ -2114,10 +2124,10 @@ var transactionIntentItem = z10.object({
   })).optional(),
   nextAction: z10.object({
     type: z10.string(),
-    payload: z10.any().optional()
+    payload: z10.record(z10.string(), z10.unknown()).optional()
   }).optional()
 });
-var transactions = Cli8.create("transactions", {
+var transactions = Cli9.create("transactions", {
   description: "Manage transaction intents.",
   vars: varsSchema
 });
@@ -2326,9 +2336,9 @@ transactions.command("estimate", {
 });
 
 // src/commands/embedded-wallet.ts
-import { Cli as Cli9, z as z11, Errors as Errors2 } from "incur";
+import { Cli as Cli10, z as z11, Errors as Errors3 } from "incur";
 var SHIELD_API_URL = OPENFORT_SHIELD_URL;
-var embeddedWallet = Cli9.create("embedded-wallet", {
+var embeddedWallet = Cli10.create("embedded-wallet", {
   description: "Configure embedded wallet (Shield) API keys.",
   vars: varsSchema
 });
@@ -2352,17 +2362,17 @@ embeddedWallet.command("setup", {
   async run(c) {
     const publishableKey = process.env.OPENFORT_PUBLISHABLE_KEY;
     if (!publishableKey) {
-      throw new Errors2.IncurError({
+      throw new Errors3.IncurError({
         code: "MISSING_PUBLISHABLE_KEY",
         message: "OPENFORT_PUBLISHABLE_KEY environment variable is required to create Shield keys.",
         hint: "Run: openfort login"
       });
     }
-    const apiKey = process.env.OPENFORT_API_KEY;
+    const apiKey = requireApiKey();
     const environment = apiKey.startsWith("sk_live_") ? "live" : "test";
     const projectId = c.options.project || process.env.OPENFORT_PROJECT_ID;
     if (!projectId) {
-      throw new Errors2.IncurError({
+      throw new Errors3.IncurError({
         code: "MISSING_PROJECT_ID",
         message: "Project ID is required. Pass --project or set OPENFORT_PROJECT_ID.",
         hint: "Run: openfort login"
@@ -2382,7 +2392,7 @@ embeddedWallet.command("setup", {
     });
     if (!registerRes.ok) {
       const text = await registerRes.text();
-      throw new Errors2.IncurError({
+      throw new Errors3.IncurError({
         code: "SHIELD_REGISTER_FAILED",
         message: `Shield registration failed: ${text}`,
         retryable: true
@@ -2390,7 +2400,7 @@ embeddedWallet.command("setup", {
     }
     const shieldData = await registerRes.json();
     if (shieldData.error) {
-      throw new Errors2.IncurError({
+      throw new Errors3.IncurError({
         code: "SHIELD_REGISTER_ERROR",
         message: `Shield registration error: ${shieldData.error}`
       });
@@ -2406,7 +2416,7 @@ embeddedWallet.command("setup", {
       });
       if (!res.ok) {
         const text = await res.text();
-        throw new Errors2.IncurError({
+        throw new Errors3.IncurError({
           code: "PERSIST_KEY_FAILED",
           message: `Failed to persist ${type} key: ${text}`,
           retryable: true
@@ -2434,7 +2444,7 @@ embeddedWallet.command("setup", {
     });
     if (!linkRes.ok) {
       const text = await linkRes.text();
-      throw new Errors2.IncurError({
+      throw new Errors3.IncurError({
         code: "SHIELD_LINK_FAILED",
         message: `Failed to link Openfort provider to Shield: ${text}`,
         retryable: true
@@ -2461,7 +2471,7 @@ embeddedWallet.command("setup", {
 });
 
 // src/commands/users.ts
-import { Cli as Cli10, z as z12 } from "incur";
+import { Cli as Cli11, z as z12 } from "incur";
 var userItem = z12.object({
   id: z12.string(),
   createdAt: z12.number(),
@@ -2481,7 +2491,7 @@ var userItem = z12.object({
     walletClientType: z12.string().optional()
   }))
 });
-var users = Cli10.create("users", {
+var users = Cli11.create("users", {
   description: "Manage authenticated users.",
   vars: varsSchema
 });
@@ -2569,7 +2579,7 @@ users.command("delete", {
 
 // src/commands/backend-wallet.ts
 import { randomBytes as randomBytes2, subtle } from "crypto";
-import { Cli as Cli11, z as z13, Errors as Errors3 } from "incur";
+import { Cli as Cli12, z as z13, Errors as Errors4 } from "incur";
 function arrayBufferToBase64(buffer) {
   return Buffer.from(buffer).toString("base64");
 }
@@ -2577,7 +2587,7 @@ function arrayBufferToBase64Url(buffer) {
   return Buffer.from(buffer).toString("base64url");
 }
 function stringToArrayBuffer(str) {
-  return new TextEncoder().encode(str).buffer;
+  return new TextEncoder().encode(str);
 }
 function formatPEMBody(base64) {
   return base64.match(/.{1,64}/g)?.join("\n") || base64;
@@ -2585,9 +2595,10 @@ function formatPEMBody(base64) {
 function sortObjectKeys(obj) {
   if (obj === null || typeof obj !== "object") return obj;
   if (Array.isArray(obj)) return obj.map(sortObjectKeys);
+  const record = obj;
   const sorted = {};
-  for (const key of Object.keys(obj).sort()) {
-    sorted[key] = sortObjectKeys(obj[key]);
+  for (const key of Object.keys(record).sort()) {
+    sorted[key] = sortObjectKeys(record[key]);
   }
   return sorted;
 }
@@ -2639,7 +2650,7 @@ async function signWalletAuthJwt(privateKey, method, path, body) {
   );
   return `${signingInput}.${arrayBufferToBase64Url(signature)}`;
 }
-var backendWallet = Cli11.create("backend-wallet", {
+var backendWallet = Cli12.create("backend-wallet", {
   description: "Configure backend wallet signing keys.",
   vars: varsSchema
 });
@@ -2656,7 +2667,7 @@ backendWallet.command("setup", {
   ],
   hint: 'Requires OPENFORT_API_KEY. Run "openfort login" first.',
   async run(c) {
-    const apiKey = process.env.OPENFORT_API_KEY;
+    const apiKey = requireApiKey();
     const { publicKey, privateKey, privateKeyCrypto } = await generateKeyPair();
     const publicKeyPEM = `-----BEGIN PUBLIC KEY-----
 ${publicKey}
@@ -2678,7 +2689,7 @@ ${publicKey}
     });
     if (!registerRes.ok) {
       const text = await registerRes.text();
-      throw new Errors3.IncurError({
+      throw new Errors4.IncurError({
         code: "REGISTER_SECRET_FAILED",
         message: `Failed to register wallet secret: ${text}`,
         retryable: true
@@ -2694,7 +2705,7 @@ ${publicKey}
     });
     if (!storeRes.ok) {
       const text = await storeRes.text();
-      throw new Errors3.IncurError({
+      throw new Errors4.IncurError({
         code: "STORE_KEY_FAILED",
         message: `Failed to store wallet key reference: ${text}`,
         retryable: true
@@ -2731,11 +2742,11 @@ backendWallet.command("revoke", {
   ],
   hint: 'Requires OPENFORT_WALLET_KEY_ID and OPENFORT_WALLET_SECRET. Run "openfort backend-wallet setup" first.',
   async run(c) {
-    const apiKey = process.env.OPENFORT_API_KEY;
+    const apiKey = requireApiKey();
     const keyId = process.env.OPENFORT_WALLET_KEY_ID;
     const privateKeyBase64 = process.env.OPENFORT_WALLET_SECRET;
     if (!keyId || !privateKeyBase64) {
-      throw new Errors3.IncurError({
+      throw new Errors4.IncurError({
         code: "MISSING_WALLET_KEY",
         message: "OPENFORT_WALLET_KEY_ID and OPENFORT_WALLET_SECRET must be set. Run `backend-wallet setup` first.",
         hint: "Run: openfort backend-wallet setup"
@@ -2756,7 +2767,7 @@ backendWallet.command("revoke", {
     });
     if (!res.ok) {
       const text = await res.text();
-      throw new Errors3.IncurError({
+      throw new Errors4.IncurError({
         code: "REVOKE_SECRET_FAILED",
         message: `Failed to revoke wallet secret: ${text}`,
         retryable: true
@@ -2779,7 +2790,7 @@ backendWallet.command("rotate", {
   ],
   hint: 'Requires OPENFORT_API_KEY. Run "openfort login" first.',
   async run(c) {
-    const apiKey = process.env.OPENFORT_API_KEY;
+    const apiKey = requireApiKey();
     const { publicKey, privateKey, privateKeyCrypto } = await generateKeyPair();
     const newPublicKeyPEM = `-----BEGIN PUBLIC KEY-----
 ${publicKey}
@@ -2801,7 +2812,7 @@ ${publicKey}
     });
     if (!rotateRes.ok) {
       const text = await rotateRes.text();
-      throw new Errors3.IncurError({
+      throw new Errors4.IncurError({
         code: "ROTATE_SECRET_FAILED",
         message: `Failed to rotate wallet secret: ${text}`,
         retryable: true
@@ -2817,7 +2828,7 @@ ${publicKey}
     });
     if (!storeRes.ok) {
       const text = await storeRes.text();
-      throw new Errors3.IncurError({
+      throw new Errors4.IncurError({
         code: "STORE_KEY_FAILED",
         message: `Failed to store rotated wallet key reference: ${text}`,
         retryable: true
@@ -2832,9 +2843,9 @@ ${publicKey}
 });
 
 // src/commands/message.ts
-import { Cli as Cli12, z as z14 } from "incur";
+import { Cli as Cli13, z as z14 } from "incur";
 import { keccak256, toBytes } from "viem";
-var message = Cli12.create("message", {
+var message = Cli13.create("message", {
   description: "Message utilities.",
   vars: varsSchema
 });
@@ -2857,9 +2868,8 @@ message.command("hash", {
 
 // src/cli.ts
 var pkg = JSON.parse(readFileSync2(new URL("../package.json", import.meta.url), "utf-8"));
-var cli = Cli13.create("openfort", {
+var cli = Cli14.create("openfort", {
   version: pkg.version,
-  aliases: ["of"],
   description: "Openfort CLI \u2014 manage wallets, policies, and transactions from the terminal.",
   vars: varsSchema,
   env: z15.object({
@@ -2883,16 +2893,27 @@ var cli = Cli13.create("openfort", {
     agents: ["claude-code", "cursor", "amp"]
   }
 });
-cli.command("login", loginConfig);
+cli.command(login);
 cli.use(async (c, next) => {
   const isLoginCommand = process.argv.slice(2).some((arg) => arg === "login");
   if (isLoginCommand) {
     await next();
     return;
   }
-  const apiKey = process.env.OPENFORT_API_KEY;
+  let apiKey = process.env.OPENFORT_API_KEY;
+  if (!apiKey) {
+    const creds = loadEnvFile(CREDENTIALS_PATH);
+    apiKey = creds.get("OPENFORT_API_KEY");
+    if (apiKey) {
+      process.env.OPENFORT_API_KEY = apiKey;
+      const pk = creds.get("OPENFORT_PUBLISHABLE_KEY");
+      if (pk && !process.env.OPENFORT_PUBLISHABLE_KEY) process.env.OPENFORT_PUBLISHABLE_KEY = pk;
+      const ws = creds.get("OPENFORT_WALLET_SECRET");
+      if (ws && !process.env.OPENFORT_WALLET_SECRET) process.env.OPENFORT_WALLET_SECRET = ws;
+    }
+  }
   if (!apiKey) {
-    throw new Errors4.IncurError({
+    throw new Errors5.IncurError({
       code: "MISSING_API_KEY",
       message: "OPENFORT_API_KEY environment variable is required.",
       hint: "Run: openfort login"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@openfort/cli",
-  "version": "0.1.7",
+  "version": "0.1.8",
   "description": "Openfort CLI — manage wallets, policies, and transactions from the terminal.",
   "author": "Openfort (https://www.openfort.io)",
   "bugs": "https://github.com/openfort-xyz/cli/issues",