@primitivedotdev/sdk 0.11.0 → 0.13.0

package/dist/oclif/api-command.js

@@ -67,8 +67,22 @@ function extractBodyFields(schema) {
                 kind = "complex";
             }
         }
+        // Pull the first paragraph of the schema description for use
+        // as the CLI flag's --help string. We split on a blank line
+        // (paragraph break) and then collapse any soft line wraps
+        // inside that paragraph to spaces. This avoids the previous
+        // bug where `split("\n")[0]` truncated wrapped prose like
+        //   "Optional override for ... Defaults to\nthe inbound's..."
+        // to "Optional override for ... Defaults to" - a sentence
+        // ending with "to" with nothing after it, which read as
+        // ellipsis truncation in --help. The remaining paragraphs
+        // are intentionally dropped so multi-paragraph schemas don't
+        // blow out the per-flag help block.
         const description = typeof propSchema.description === "string"
-            ? propSchema.description.split("\n")[0].trim()
+            ? propSchema.description
+                .split(/\n\s*\n/)[0]
+                .replace(/\s*\n\s*/g, " ")
+                .trim()
             : "";
         const enumRaw = propSchema.enum;
         const enumValues = kind === "string" && Array.isArray(enumRaw)
@@ -95,15 +109,15 @@ function extractBodyFields(schema) {
  * Most scalar fields are exposed as individual `--flag` flags,
  * which oclif auto-renders in the FLAGS section above. To avoid
  * duplicating that, the summary here only documents fields that
- * MUST go through `--body` (complex types: arrays, objects,
+ * MUST go through `--raw-body` (complex types: arrays, objects,
  * mixed-non-nullable). When an operation has only scalars, the
  * summary is omitted entirely and oclif's FLAGS section is the
  * full story.
  *
  * For operations with mixed scalar and complex fields, we also
  * include a short header pointing the agent at the flag form so
- * the natural reading is "use the flags above; --body for the
- * leftovers below."
+ * the natural reading is "use the flags above; --raw-body for
+ * the leftovers below."
  */
 function renderRequestSchemaSummary(schema) {
     const fields = extractBodyFields(schema);
@@ -115,7 +129,7 @@ function renderRequestSchemaSummary(schema) {
     const nameWidth = Math.min(24, Math.max(...complex.map((f) => f.name.length)));
     const descMax = 78;
     const lines = [
-        "Body fields requiring --body JSON (these are not exposed as flags):",
+        "Body fields requiring --raw-body JSON (these are not exposed as flags):",
     ];
     for (const f of complex) {
         const marker = f.required ? " *" : "  ";
@@ -180,9 +194,9 @@ function parseJson(source, flagLabel) {
 }
 export function readJsonBody(flags) {
     const bodyFile = flags["body-file"];
-    const body = flags.body;
-    if (bodyFile && body) {
-        throw cliError("Use either --body or --body-file, not both");
+    const rawBody = flags["raw-body"];
+    if (bodyFile && rawBody) {
+        throw cliError("Use either --raw-body or --body-file, not both");
     }
     if (typeof bodyFile === "string") {
         let contents;
@@ -195,8 +209,8 @@ export function readJsonBody(flags) {
         }
         return parseJson(contents, `--body-file ${bodyFile}`);
     }
-    if (typeof body === "string") {
-        return parseJson(body, "--body");
+    if (typeof rawBody === "string") {
+        return parseJson(rawBody, "--raw-body");
     }
     return undefined;
 }
@@ -242,34 +256,93 @@ export function formatErrorPayload(payload) {
     }
     return JSON.stringify(payload, null, 2);
 }
+// Pull the top-level error code out of either a server response
+// payload (`{ error: { code: '...' } }` or `{ code: '...' }`) or a
+// thrown Error whose `cause.code` carries the value. Used to drive
+// `--api-key` and similar hints in writeErrorWithHints below.
+// Also exported so individual commands (send, whoami) can branch
+// on auth failures and avoid surfacing misleading "fix this flag"
+// guidance when the real problem is the API key.
+export function extractErrorCode(payload) {
+    if (payload instanceof Error) {
+        const { code } = extractCauseDetails(payload.cause);
+        return code;
+    }
+    if (payload && typeof payload === "object") {
+        const inner = payload.error;
+        if (inner && typeof inner === "object" && typeof inner.code === "string") {
+            return inner.code;
+        }
+        const direct = payload.code;
+        if (typeof direct === "string")
+            return direct;
+    }
+    return undefined;
+}
+// Common-case actionable hints keyed by error code. The full
+// JSON envelope still goes to stderr unchanged for any caller
+// that wants to parse it; the hint is an extra trailing line so
+// a human reading the output sees "what to actually do next."
+// The AGX walkthrough flagged that an `unauthorized` envelope
+// alone left the agent without context for the env var or the
+// `--api-key` flag; this closes that gap without having to
+// special-case every command.
+const ERROR_CODE_HINTS = {
+    unauthorized: "Hint: pass --api-key explicitly, or set PRIMITIVE_API_KEY in your environment. `primitive whoami` is the fastest way to verify a key is live.",
+};
+// Write a server / SDK error to stderr in the canonical envelope
+// shape, plus an actionable hint when the code is one we know how
+// to advise on. Replaces the bare
+// `process.stderr.write(${formatErrorPayload(p)}\n)` dance every
+// command was doing.
+export function writeErrorWithHints(payload) {
+    process.stderr.write(`${formatErrorPayload(payload)}\n`);
+    const code = extractErrorCode(payload);
+    if (code && ERROR_CODE_HINTS[code]) {
+        process.stderr.write(`${ERROR_CODE_HINTS[code]}\n`);
+    }
+}
 // Reserved flag names the body-field expander must never overwrite.
-// `--body` and `--body-file` are the JSON escape hatches.
+// `--raw-body` and `--body-file` are the JSON escape hatches.
 // `--api-key`, `--base-url`, `--output` are infra. Path and query
 // params get added before body fields and take precedence.
+//
+// Note: `--body` is intentionally NOT reserved here. The naive
+// agent expectation (per AGX walkthrough) is that --body means
+// "the message body content," which collides with the JSON
+// escape-hatch meaning we used pre-0.12. The escape hatch is now
+// `--raw-body`; --body is free to be claimed by per-field flag
+// expansion as the kebab-cased version of a `body` schema field
+// (e.g. on a future `body: { ... }` schema). For send-mail today,
+// the body-text field is `body_text` -> `--body-text`, and there
+// is no top-level `body` field, so --body remains unclaimed at
+// the generated-command level. The agent shortcut `primitive
+// send` defines its own --body for the message text.
 const RESERVED_FLAG_NAMES = new Set([
     "api-key",
     "base-url",
-    "body",
+    "raw-body",
     "body-file",
     "output",
 ]);
 function bodyFieldFlag(field) {
-    // Flag descriptions cap at 80 chars so oclif's --help output
-    // stays readable; the schema's full description is also visible
-    // via `primitive list-operations | jq`.
-    const descMax = 80;
-    const trimmedDesc = field.description.length > descMax
-        ? `${field.description.slice(0, descMax - 3)}...`
-        : field.description;
+    // Pass the full first-line description through. oclif's --help
+    // renderer wraps long values across multiple lines on its own,
+    // so a fixed character cap here just produces ellipsis-truncated
+    // sentences ("body_html is required. Th...") that mislead the
+    // reader. extractBodyFields already normalizes by taking only
+    // the first paragraph of the schema description, so multi-
+    // paragraph fields don't blow out the help.
+    //
     // Field-flag UX choice: do NOT mark scalar body fields as
     // required at the oclif level even when the JSON Schema marks
     // them required. Reason: a caller can satisfy the requirement
-    // either via the individual flag OR via --body / --body-file.
+    // either via the individual flag OR via --raw-body / --body-file.
     // Marking the flag required would force the individual-flag
     // form. The runtime body merger validates the final assembled
     // body against the same server-side schema either way.
     const common = {
-        description: trimmedDesc || field.name,
+        description: field.description || field.name,
     };
     if (field.kind === "boolean")
         return Flags.boolean(common);
@@ -296,11 +369,11 @@ function buildFlags(operation) {
     }
     const bodyFieldFlagToProperty = new Map();
     if (operation.hasJsonBody) {
-        flags.body = Flags.string({
-            description: "Full request body as JSON. Prefer per-field flags (e.g. --to, --from, --body-text) when available; --body is the escape hatch for nested or complex fields.",
+        flags["raw-body"] = Flags.string({
+            description: "Full request body as raw JSON. Escape hatch for nested or complex fields (e.g. arrays); prefer per-field flags (e.g. --to, --from, --body-text) when available.",
         });
         flags["body-file"] = Flags.string({
-            description: "Path to a JSON file used as the request body. Same role as --body for callers passing a saved payload.",
+            description: "Path to a JSON file used as the request body. Same role as --raw-body for callers passing a saved payload.",
         });
         // Expand top-level scalar body fields into individual flags so
         // `primitive sending:send-email --to alice@x --from support@x
@@ -414,7 +487,7 @@ export function createOperationCommand(operation) {
                         body = { ...explicit, ...overrides };
                     }
                     else {
-                        // Caller passed --body as null, an array, or a
+                        // Caller passed --raw-body as null, an array, or a
                         // primitive AND also passed per-field flags. We can't
                         // merge per-field overrides into a non-object body
                         // shape, and silently dropping either source would
@@ -428,7 +501,7 @@ export function createOperationCommand(operation) {
                         const overrideFlags = Object.keys(overrides)
                             .map((p) => `--${flagName(p)}`)
                             .join(", ");
-                        throw new Errors.CLIError(`--body must be a JSON object when also passing per-field flags (got ${explicitKind}); supplied per-field flags: ${overrideFlags}. Either drop --body and rely on the per-field flags, or move every field into the JSON --body and drop the flags.`);
+                        throw new Errors.CLIError(`--raw-body must be a JSON object when also passing per-field flags (got ${explicitKind}); supplied per-field flags: ${overrideFlags}. Either drop --raw-body and rely on the per-field flags, or move every field into the JSON --raw-body and drop the flags.`);
                     }
                 }
                 else {
@@ -436,7 +509,7 @@ export function createOperationCommand(operation) {
                 }
             }
             if (operation.bodyRequired && body === undefined) {
-                throw new Errors.CLIError(`Operation ${operation.operationId} requires a body. Pass each field as a --flag (see --help) or supply JSON via --body / --body-file.`);
+                throw new Errors.CLIError(`Operation ${operation.operationId} requires a body. Pass each field as a --flag (see --help) or supply JSON via --raw-body / --body-file.`);
             }
             const operationFn = operations[operation.sdkName];
             const result = await operationFn({
@@ -448,8 +521,7 @@ export function createOperationCommand(operation) {
                 responseStyle: "fields",
             });
             if (result.error) {
-                const errorPayload = extractErrorPayload(result.error);
-                process.stderr.write(`${formatErrorPayload(errorPayload)}\n`);
+                writeErrorWithHints(extractErrorPayload(result.error));
                 process.exitCode = 1;
                 return;
             }
@@ -469,8 +541,34 @@ export function createOperationCommand(operation) {
             if (cursor) {
                 process.stderr.write(`next cursor: ${cursor}\n`);
             }
+            // Empty-result hint. When a list-style operation returns
+            // an empty array, emit an operation-specific note to
+            // stderr so a naive caller can distinguish "nothing here"
+            // from "something isn't set up." Stdout still gets the
+            // raw `[]` so machine-readable output is unchanged. The
+            // AGX walkthrough flagged this: `list-deliveries` returning
+            // `[]` left the agent unsure whether they had an empty
+            // delivery log or no endpoints configured at all.
+            if (Array.isArray(envelope?.data) && envelope.data.length === 0) {
+                const hint = EMPTY_RESULT_HINTS[operation.sdkName];
+                if (hint)
+                    process.stderr.write(`${hint}\n`);
+            }
             this.log(JSON.stringify(envelope?.data ?? null, null, 2));
         }
     }
     return OperationCommand;
 }
+// Empty-state hints for list-style operations whose empty result
+// would otherwise leave the caller wondering "is this empty
+// because there's nothing to list, or because something earlier
+// in the setup chain isn't done?" Keys are the manifest's
+// `sdkName` for the operation. Operations without an entry fall
+// back to no hint (silent empty array, same as before).
+const EMPTY_RESULT_HINTS = {
+    listDeliveries: "(no results) Often means no webhook endpoints are configured to receive deliveries. Run `primitive endpoints:list-endpoints` to check.",
+    listEndpoints: "(no results) No webhook endpoints configured. Add one with `primitive endpoints:create-endpoint --url <your-url>`.",
+    listEmails: "(no results) No inbound emails received yet on this account.",
+    listDomains: "(no results) No domains on this account. Add one with `primitive domains:add-domain --domain <yourdomain.example>`.",
+    listFilters: "(no results) No filter rules configured.",
+};

package/dist/oclif/commands/send.js

@@ -1,7 +1,7 @@
 import { Command, Errors, Flags } from "@oclif/core";
 import { listDomains, sendEmail } from "../../api/generated/sdk.gen.js";
 import { PrimitiveApiClient } from "../../api/index.js";
-import { extractErrorPayload, formatErrorPayload } from "../api-command.js";
+import { extractErrorCode, extractErrorPayload, formatErrorPayload, writeErrorWithHints, } from "../api-command.js";
 // `primitive send` is the agent-grade shortcut for the most common
 // case: send a fresh outbound email. It wraps `sending:send-email`
 // with two ergonomic defaults that the underlying operation can't
@@ -52,6 +52,20 @@ async function pickDefaultFromAddress(apiClient) {
     });
     if (result.error) {
         const errorPayload = extractErrorPayload(result.error);
+        // If the underlying failure is an auth problem, don't pretend
+        // --from will fix it: the actual sendEmail call would 401 too.
+        // Surface the auth hint via writeErrorWithHints and bail with
+        // a focused message instead of the verbose "underlying error"
+        // wrapping.
+        if (extractErrorCode(errorPayload) === "unauthorized") {
+            writeErrorWithHints(errorPayload);
+            // exit: 1 to match the run() unauthorized path (which uses
+            // `process.exitCode = 1`). oclif's CLIError defaults to 2,
+            // so without this override the same "unauthorized" condition
+            // exits 2 when surfaced from listDomains and 1 when surfaced
+            // from sendEmail, breaking callers that branch on exit code.
+            throw new Errors.CLIError("Cannot send: API key is missing or invalid (see hint above).", { exit: 1 });
+        }
         throw new Errors.CLIError(`Could not look up your verified domains to default --from. Pass --from explicitly. Underlying error: ${formatErrorPayload(errorPayload)}`);
     }
     const envelope = result.data;
@@ -147,8 +161,7 @@ class SendCommand extends Command {
             responseStyle: "fields",
         });
         if (result.error) {
-            const errorPayload = extractErrorPayload(result.error);
-            process.stderr.write(`${formatErrorPayload(errorPayload)}\n`);
+            writeErrorWithHints(extractErrorPayload(result.error));
             process.exitCode = 1;
             return;
         }

package/dist/oclif/commands/whoami.js

@@ -0,0 +1,67 @@
+import { Command, Errors, Flags } from "@oclif/core";
+import { getAccount } from "../../api/generated/sdk.gen.js";
+import { PrimitiveApiClient } from "../../api/index.js";
+import { extractErrorPayload, writeErrorWithHints } from "../api-command.js";
+// `primitive whoami` is the credentials smoke-test the AGX
+// walkthrough kept asking for. Before this command, a user with a
+// suspect API key had no fast way to verify "is my key live and
+// pointed at the org I expect" short of trying any other call and
+// reading a 401. That ambiguity bit two consecutive walkthroughs.
+//
+// Implementation: thin wrapper over /api/v1/account that prints
+// the account email, plan, id, and onboarding status. Any auth
+// problem surfaces as the standard error envelope, same as the
+// generated commands.
+class WhoamiCommand extends Command {
+    static description = `Print the account currently authenticated by the API key. Useful as a credentials smoke test: confirms the key is live and shows which account it belongs to.`;
+    static summary = "Print the authenticated account (credentials smoke test)";
+    static examples = [
+        "<%= config.bin %> whoami",
+        "<%= config.bin %> whoami --api-key prim_...",
+    ];
+    static flags = {
+        "api-key": Flags.string({
+            description: "Primitive API key (defaults to PRIMITIVE_API_KEY)",
+            env: "PRIMITIVE_API_KEY",
+        }),
+        "base-url": Flags.string({
+            description: "API base URL (defaults to PRIMITIVE_API_URL or production)",
+            env: "PRIMITIVE_API_URL",
+        }),
+    };
+    async run() {
+        const { flags } = await this.parse(WhoamiCommand);
+        const apiClient = new PrimitiveApiClient({
+            apiKey: flags["api-key"],
+            baseUrl: flags["base-url"],
+        });
+        const result = await getAccount({
+            client: apiClient.client,
+            responseStyle: "fields",
+        });
+        if (result.error) {
+            writeErrorWithHints(extractErrorPayload(result.error));
+            process.exitCode = 1;
+            return;
+        }
+        const envelope = result.data;
+        const account = envelope?.data;
+        if (!account) {
+            process.stderr.write("Server returned an empty account body; this should not happen for a valid key.\n");
+            throw new Errors.CLIError("unexpected empty response");
+        }
+        // Concise human-readable summary on stderr; the full account
+        // JSON goes to stdout so a script can pipe it.
+        const onboarding = account.onboarding_completed === true
+            ? "complete"
+            : account.onboarding_step
+                ? `in progress (step: ${account.onboarding_step})`
+                : "incomplete";
+        process.stderr.write(`Authenticated as ${account.email}\n`);
+        process.stderr.write(`  Account id: ${account.id}\n`);
+        process.stderr.write(`  Plan:       ${account.plan}\n`);
+        process.stderr.write(`  Onboarding: ${onboarding}\n`);
+        this.log(JSON.stringify(account, null, 2));
+    }
+}
+export default WhoamiCommand;

package/dist/oclif/index.js

@@ -2,6 +2,7 @@ import { Args, Command } from "@oclif/core";
 import { operationManifest, } from "../openapi/index.js";
 import { createOperationCommand } from "./api-command.js";
 import SendCommand from "./commands/send.js";
+import WhoamiCommand from "./commands/whoami.js";
 import { renderFishCompletion } from "./fish-completion.js";
 class ListOperationsCommand extends Command {
     static description = "List all generated API operations";
@@ -44,5 +45,10 @@ export const COMMANDS = {
     // operation stays available under sending:send-email for callers
     // who want every flag.
     send: SendCommand,
+    // `whoami` is the credentials smoke test. Prints the account the
+    // current API key authenticates as. AGX walkthroughs kept
+    // wanting this before risking a real call against a possibly-
+    // bad key.
+    whoami: WhoamiCommand,
     ...generatedCommands,
 };