@prave/cli 1.0.6 → 1.0.8

package/dist/commands/find.js

@@ -76,6 +76,22 @@ export async function findCommand(query, opts = {}) {
     }
     catch (err) {
         spinner.stop();
+        if (err instanceof ApiError && err.status === 402) {
+            // Server returned the semantic-search upsell. Render it as a
+            // structured upgrade hint instead of a raw error so the message
+            // reads like guidance, not a crash.
+            log.error(err.message);
+            console.log();
+            console.log(chalk.dim('   Pro · $12/mo includes:'));
+            console.log(chalk.dim('     · `prave search "<natural language>"` ranked by intent'));
+            console.log(chalk.dim('     · Skill Intelligence audit + 30-day trigger telemetry'));
+            console.log(chalk.dim('     · Cross-machine sync · Tester · Authoring'));
+            console.log();
+            console.log(`   ${chalk.bold('→ Upgrade:')} ${chalk.cyan('https://prave.app/#pricing')}`);
+            console.log(chalk.dim('   Or browse the registry without semantic search:'), chalk.cyan('https://prave.app/discover'));
+            process.exitCode = 1;
+            return;
+        }
         log.error(err instanceof ApiError ? err.message : err.message);
         process.exitCode = 1;
     }

package/dist/commands/login.js

@@ -31,6 +31,10 @@ export async function loginCommand() {
                 access_token: data.access_token,
                 refresh_token: data.refresh_token,
                 user_id: data.user_id,
+                // Server hands us the JWT's `exp` claim so the CLI can refresh
+                // proactively. Stored as unix-seconds; null when the server
+                // couldn't decode it (very old creds, mock mode).
+                expires_at: data.expires_at ?? undefined,
             });
             spinner.succeed('Logged in.');
             // Onboarding: prefill from the SaaS profile, let the user toggle

package/dist/commands/usage.js

@@ -149,10 +149,43 @@ export async function usageReportCommand() {
             await debugLog('no auth — skipping');
         return;
     }
+    // Build the telemetry blob from whatever Claude Code shipped in the
+    // payload. Everything is best-effort — missing fields just don't
+    // appear in `meta`. The server schema (usageMetaSchema) validates
+    // primitives only, so we coerce here.
+    const meta = {
+        payload_bytes: stdinPayload.length,
+    };
+    const tr = parsed.tool_response;
+    if (tr && typeof tr === 'object' && tr !== null) {
+        const obj = tr;
+        if (typeof obj.duration_ms === 'number')
+            meta.duration_ms = obj.duration_ms;
+        if (typeof obj.duration === 'number')
+            meta.duration_ms = obj.duration;
+        if (typeof obj.output === 'string')
+            meta.output_chars = obj.output.length;
+    }
+    if (typeof parsed.tool_name === 'string')
+        meta.tool_name = parsed.tool_name;
+    if (typeof parsed.session_id === 'string')
+        meta.agent_session = parsed.session_id;
+    const ti = parsed.tool_input;
+    if (ti && typeof ti === 'object' && ti !== null) {
+        const obj = ti;
+        if (typeof obj.prompt === 'string')
+            meta.prompt_chars = obj.prompt.length;
+    }
     try {
-        const { data } = await api.post('/api/v1/intelligence/usage/by-slug', { slug, agent_type: 'claude', triggered_at: new Date().toISOString() }, true);
-        if (debug)
-            await debugLog(`ok recorded=${data.recorded} stub=${data.created_stub}`);
+        const { data } = await api.post('/api/v1/intelligence/usage/by-slug', {
+            slug,
+            agent_type: 'claude',
+            triggered_at: new Date().toISOString(),
+            meta,
+        }, true);
+        if (debug) {
+            await debugLog(`ok recorded=${data.recorded} stub=${data.created_stub} meta=${JSON.stringify(meta)}`);
+        }
     }
     catch (err) {
         if (debug)

package/dist/lib/api.js

@@ -39,6 +39,8 @@ async function refreshTokens() {
                 access_token: payload.data.access_token,
                 refresh_token: payload.data.refresh_token ?? creds.refresh_token,
                 user_id: payload.data.user_id,
+                // Persist the new expiry so the next call's proactive check works.
+                expires_at: payload.data.expires_at ?? undefined,
             };
             await saveCredentials(next);
             return next;
@@ -54,12 +56,31 @@ async function refreshTokens() {
         refreshing = null;
     }
 }
+/**
+ * Pre-flight check: if the access token is expired or within 60s of
+ * expiring, refresh BEFORE the call. The post-call 401 retry below
+ * still catches the race where the token slips between this check and
+ * the server-side verify, but doing it proactively avoids the wasted
+ * round-trip on every long-idle session.
+ */
+async function ensureFreshAccessToken(creds) {
+    const exp = creds.expires_at;
+    if (!exp)
+        return creds; // legacy creds without expiry → 401 path takes over
+    const now = Math.floor(Date.now() / 1000);
+    const SKEW = 60;
+    if (exp > now + SKEW)
+        return creds;
+    const refreshed = await refreshTokens();
+    return refreshed ?? creds;
+}
 async function call(method, path, body, withAuth = false, attempt = 0) {
     const headers = { 'Content-Type': 'application/json' };
     if (withAuth) {
-        const creds = await loadCredentials();
+        let creds = await loadCredentials();
         if (!creds)
             throw new ApiError('Not logged in. Run `prave login`.', 401);
+        creds = await ensureFreshAccessToken(creds);
         headers.Authorization = `Bearer ${creds.access_token}`;
     }
     const { statusCode, body: resBody } = await request(`${CONFIG.apiUrl}${path}`, {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@prave/cli",
-  "version": "1.0.6",
+  "version": "1.0.8",
   "description": "Prave CLI — import, export, install, sync Claude Skills.",
   "type": "module",
   "bin": {
@@ -16,7 +16,7 @@
     "open": "^10.1.0",
     "ora": "^8.0.1",
     "undici": "^6.18.0",
-    "@prave/shared": "1.0.6"
+    "@prave/shared": "1.0.8"
   },
   "devDependencies": {
     "@types/node": "^20.12.7",