@primitivedotdev/sdk 0.11.0 → 0.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/dist/api/generated/index.js +1 -1
  2. package/dist/api/generated/sdk.gen.js +48 -4
  3. package/dist/api/index.d.ts +2 -2
  4. package/dist/{api-CLLpjjWy.js → api-DvJpdOJ8.js} +53 -5
  5. package/dist/{index-K4KbjppU.d.ts → index-ChLFXxTa.d.ts} +255 -7
  6. package/dist/index.d.ts +1 -1
  7. package/dist/index.js +1 -1
  8. package/dist/oclif/api-command.js +127 -29
  9. package/dist/oclif/commands/send.js +16 -3
  10. package/dist/oclif/commands/whoami.js +67 -0
  11. package/dist/oclif/index.js +6 -0
  12. package/dist/openapi/openapi.generated.js +208 -7
  13. package/dist/openapi/operations.generated.js +19 -2
  14. package/oclif.manifest.json +119 -51
  15. package/package.json +1 -1
package/dist/openapi/openapi.generated.js CHANGED
@@ -532,8 +532,8 @@ export const openapiDocument = {
532
532
  "/emails": {
533
533
  "get": {
534
534
  "operationId": "listEmails",
535
- "summary": "List emails",
536
- "description": "Returns a paginated list of received emails. Supports filtering by\ndomain, status, date range, and free-text search across subject,\nsender, and recipient fields.\n",
535
+ "summary": "List inbound emails",
536
+ "description": "Returns a paginated list of INBOUND emails received at your\nverified domains. Outbound messages sent via /send-mail are not\nincluded; this endpoint is the inbox view, not a unified\nsend/receive history.\n\nSupports filtering by domain, status, date range, and free-text\nsearch across subject, sender, and recipient fields.\n",
537
537
  "tags": [
538
538
  "Emails"
539
539
  ],
@@ -1522,6 +1522,53 @@ export const openapiDocument = {
1522
1522
  }
1523
1523
  }
1524
1524
  },
1525
+ "/send-permissions": {
1526
+ "get": {
1527
+ "operationId": "getSendPermissions",
1528
+ "summary": "List send-permission rules",
1529
+ "description": "Returns a flat list of rules describing every recipient the\ncaller may send to. Each rule has a `type`, a kind-specific\npayload, and a human-readable `description`. If any rule\nmatches the recipient, /send-mail will accept the send under\nthe recipient-scope check.\n\nThe endpoint is the answer to \"where can I send\" without\nexposing internal entitlement names. Agents that don't\nrecognize a `type` can still read the `description` prose\nand act on it.\n\nRule kinds, ordered broadest-first so an agent can stop\nscanning at the first match:\n\n 1. `any_recipient` (one entry, only when the org can send\n anywhere): every other rule below it is redundant.\n 2. `managed_zone` (always emitted, one per Primitive-managed\n zone): sends to any address at *.primitive.email or\n *.email.works always succeed; no entitlement required.\n 3. `your_domain` (one per active verified outbound domain\n owned by the org): sends to that domain are approved.\n 4. `address` (one per address that has authenticated\n inbound mail to the org, capped at `meta.address_cap`):\n sends to that exact address are approved.\n\nThe list is informational, not an authorization check.\n/send-mail remains the source of truth on whether an\nindividual send will succeed (it also enforces the\nfrom-address and the `send_mail` entitlement, which are\nnot recipient-scope concerns and are not represented here).\n",
1530
+ "tags": [
1531
+ "Sending"
1532
+ ],
1533
+ "responses": {
1534
+ "200": {
1535
+ "description": "Send-permission rules for the caller's org",
1536
+ "content": {
1537
+ "application/json": {
1538
+ "schema": {
1539
+ "allOf": [
1540
+ {
1541
+ "$ref": "#/components/schemas/SuccessEnvelope"
1542
+ },
1543
+ {
1544
+ "type": "object",
1545
+ "properties": {
1546
+ "data": {
1547
+ "type": "array",
1548
+ "items": {
1549
+ "$ref": "#/components/schemas/SendPermissionRule"
1550
+ }
1551
+ },
1552
+ "meta": {
1553
+ "$ref": "#/components/schemas/SendPermissionsMeta"
1554
+ }
1555
+ },
1556
+ "required": [
1557
+ "data",
1558
+ "meta"
1559
+ ]
1560
+ }
1561
+ ]
1562
+ }
1563
+ }
1564
+ }
1565
+ },
1566
+ "401": {
1567
+ "$ref": "#/components/responses/Unauthorized"
1568
+ }
1569
+ }
1570
+ }
1571
+ },
1525
1572
  "/send-mail": {
1526
1573
  "post": {
1527
1574
  "operationId": "sendEmail",
@@ -2432,7 +2479,8 @@ export const openapiDocument = {
2432
2479
  ]
2433
2480
  },
2434
2481
  "sender": {
2435
- "type": "string"
2482
+ "type": "string",
2483
+ "description": "SMTP envelope sender (return-path) the inbound mail server\naccepted. For most legitimate mail this equals the bare\naddress in the From header; for mailing lists, bounce\nhandlers, and forwarders it is typically the bounce address\nrather than the human-visible sender.\n\nFor the parsed From-header value (with display name handling\nand a sender-fallback when the header is unparseable), GET\nthe email by id and use `from_email`.\n"
2436
2484
  },
2437
2485
  "recipient": {
2438
2486
  "type": "string"
@@ -2523,7 +2571,8 @@ export const openapiDocument = {
2523
2571
  "format": "uuid"
2524
2572
  },
2525
2573
  "sender": {
2526
- "type": "string"
2574
+ "type": "string",
2575
+ "description": "SMTP envelope sender (return-path) the inbound mail server\naccepted. Same value as `smtp_mail_from`; both fields exist\nso protocol-aware tooling can use whichever name it expects.\n\nFor most legitimate mail this equals `from_email`; for\nmailing lists, bounce handlers, and forwarders it is\ntypically the bounce-handling address rather than the\nhuman-visible sender.\n\n**For the canonical \"who sent this email\" value, use\n`from_email`.**\n"
2527
2576
  },
2528
2577
  "recipient": {
2529
2578
  "type": "string"
@@ -2645,7 +2694,8 @@ export const openapiDocument = {
2645
2694
  "type": [
2646
2695
  "string",
2647
2696
  "null"
2648
- ]
2697
+ ],
2698
+ "description": "SMTP envelope MAIL FROM (return-path), as accepted by the\ninbound mail server. Same value as `sender`; both fields\nexist so protocol-aware tooling can use whichever name it\nexpects.\n\nFor the canonical \"who sent this email\" value (display name\nstripped, From-header preferred), use `from_email`.\n"
2649
2699
  },
2650
2700
  "smtp_rcpt_to": {
2651
2701
  "type": [
@@ -2660,7 +2710,8 @@ export const openapiDocument = {
2660
2710
  "type": [
2661
2711
  "string",
2662
2712
  "null"
2663
- ]
2713
+ ],
2714
+ "description": "Raw `From:` header from the message body, including any\ndisplay name (e.g. `\"Alice Example\" <alice@example.com>`).\nUse this when you need the display name for rendering.\n\nFor the bare email address (display name stripped), use\n`from_email`.\n"
2664
2715
  },
2665
2716
  "content_discarded_at": {
2666
2717
  "type": [
@@ -2677,7 +2728,7 @@ export const openapiDocument = {
2677
2728
  },
2678
2729
  "from_email": {
2679
2730
  "type": "string",
2680
- "description": "Parsed from address (from_header or sender fallback)"
2731
+ "description": "Bare email address parsed from the `From:` header, with\ndisplay name stripped (e.g. `alice@example.com`). Falls\nback to `sender` (the SMTP envelope MAIL FROM) when the\n`From:` header cannot be parsed.\n\n**This is the canonical \"who sent this email\" field for\nmost use cases**, including comparing against allowlists,\nrouting replies, or displaying the sender to a user. Use\n`from_header` when you specifically need the display name,\nor `sender`/`smtp_mail_from` when you need the SMTP\nenvelope value (e.g. to follow a bounce).\n"
2681
2732
  },
2682
2733
  "to_email": {
2683
2734
  "type": "string",
@@ -2935,6 +2986,156 @@ export const openapiDocument = {
2935
2986
  "idempotent_replay"
2936
2987
  ]
2937
2988
  },
2989
+ "SendPermissionRule": {
2990
+ "description": "One recipient-scope rule describing a destination the caller\nmay send to. Discriminated on `type`. Each rule carries a\nhuman-prose `description` field intended for display.\n\nRule kinds are stable within an SDK release. A response\ncontaining a `type` value not enumerated in this schema\nmeans the server is running a newer version than the SDK;\nupgrade the SDK to the release that matches the server's\nschema. Strict-parsing SDKs (Go, Python) will raise a\ndecode error in that case rather than silently dropping\nthe unknown rule, since silent drops would let an outbound\nagent reason from an incomplete view of its own permissions.\n",
2991
+ "discriminator": {
2992
+ "propertyName": "type",
2993
+ "mapping": {
2994
+ "any_recipient": "#/components/schemas/SendPermissionAnyRecipient",
2995
+ "managed_zone": "#/components/schemas/SendPermissionManagedZone",
2996
+ "your_domain": "#/components/schemas/SendPermissionYourDomain",
2997
+ "address": "#/components/schemas/SendPermissionAddress"
2998
+ }
2999
+ },
3000
+ "oneOf": [
3001
+ {
3002
+ "$ref": "#/components/schemas/SendPermissionAnyRecipient"
3003
+ },
3004
+ {
3005
+ "$ref": "#/components/schemas/SendPermissionManagedZone"
3006
+ },
3007
+ {
3008
+ "$ref": "#/components/schemas/SendPermissionYourDomain"
3009
+ },
3010
+ {
3011
+ "$ref": "#/components/schemas/SendPermissionAddress"
3012
+ }
3013
+ ]
3014
+ },
3015
+ "SendPermissionAnyRecipient": {
3016
+ "type": "object",
3017
+ "description": "The caller can send to any recipient. When this rule is\npresent, every other rule in the response is redundant.\n",
3018
+ "properties": {
3019
+ "type": {
3020
+ "type": "string",
3021
+ "enum": [
3022
+ "any_recipient"
3023
+ ]
3024
+ },
3025
+ "description": {
3026
+ "type": "string",
3027
+ "description": "Human-prose summary of the rule."
3028
+ }
3029
+ },
3030
+ "required": [
3031
+ "type",
3032
+ "description"
3033
+ ]
3034
+ },
3035
+ "SendPermissionManagedZone": {
3036
+ "type": "object",
3037
+ "description": "The caller can send to any address at the named\nPrimitive-managed zone. Always emitted (no entitlement\nrequired) because Primitive owns the zone and every mailbox\nbelongs to a Primitive customer by construction.\n",
3038
+ "properties": {
3039
+ "type": {
3040
+ "type": "string",
3041
+ "enum": [
3042
+ "managed_zone"
3043
+ ]
3044
+ },
3045
+ "zone": {
3046
+ "type": "string",
3047
+ "description": "The managed apex domain. Sends are accepted to any\naddress at the apex itself or any subdomain (e.g.\n`alice@primitive.email` and `alice@acme.primitive.email`\nboth match the `primitive.email` zone rule).\n"
3048
+ },
3049
+ "description": {
3050
+ "type": "string",
3051
+ "description": "Human-prose summary of the rule."
3052
+ }
3053
+ },
3054
+ "required": [
3055
+ "type",
3056
+ "zone",
3057
+ "description"
3058
+ ]
3059
+ },
3060
+ "SendPermissionYourDomain": {
3061
+ "type": "object",
3062
+ "description": "The caller can send to any address at one of their own\nverified outbound domains. Emitted once per active row in\nthe org's `domains` table.\n",
3063
+ "properties": {
3064
+ "type": {
3065
+ "type": "string",
3066
+ "enum": [
3067
+ "your_domain"
3068
+ ]
3069
+ },
3070
+ "domain": {
3071
+ "type": "string",
3072
+ "description": "A verified outbound domain owned by the caller's org."
3073
+ },
3074
+ "description": {
3075
+ "type": "string",
3076
+ "description": "Human-prose summary of the rule."
3077
+ }
3078
+ },
3079
+ "required": [
3080
+ "type",
3081
+ "domain",
3082
+ "description"
3083
+ ]
3084
+ },
3085
+ "SendPermissionAddress": {
3086
+ "type": "object",
3087
+ "description": "The caller can send to a specific address that has\nauthenticated inbound mail to the org. Emitted once per row\nin the org's `known_send_addresses` table, capped at\n`meta.address_cap`.\n",
3088
+ "properties": {
3089
+ "type": {
3090
+ "type": "string",
3091
+ "enum": [
3092
+ "address"
3093
+ ]
3094
+ },
3095
+ "address": {
3096
+ "type": "string",
3097
+ "description": "The bare email address this rule grants sends to."
3098
+ },
3099
+ "last_received_at": {
3100
+ "type": "string",
3101
+ "format": "date-time",
3102
+ "description": "Most recent inbound email from this address that\nauthenticated successfully (DMARC pass + DKIM/SPF\nalignment). Updated on each new authenticated receipt.\n"
3103
+ },
3104
+ "received_count": {
3105
+ "type": "integer",
3106
+ "description": "Total number of authenticated inbound emails from this\naddress. Increments only when `last_received_at` advances.\n"
3107
+ },
3108
+ "description": {
3109
+ "type": "string",
3110
+ "description": "Human-prose summary of the rule."
3111
+ }
3112
+ },
3113
+ "required": [
3114
+ "type",
3115
+ "address",
3116
+ "last_received_at",
3117
+ "received_count",
3118
+ "description"
3119
+ ]
3120
+ },
3121
+ "SendPermissionsMeta": {
3122
+ "type": "object",
3123
+ "description": "Response metadata for /send-permissions. The `address_cap`\nbounds the size of the `address` rule subset; orgs with more\nthan `address_cap` known addresses almost always also hold a\nbroader rule type (`any_recipient` or `your_domain`), so the\ncap is a response-size bound rather than a meaningful\nproduct limit.\n",
3124
+ "properties": {
3125
+ "address_cap": {
3126
+ "type": "integer",
3127
+ "description": "Maximum number of `address` rules included in `data`."
3128
+ },
3129
+ "truncated": {
3130
+ "type": "boolean",
3131
+ "description": "True when the org has more than `address_cap` known\naddresses and the list was truncated. False when every\nknown address is represented or when the org holds no\naddress rules at all.\n"
3132
+ }
3133
+ },
3134
+ "required": [
3135
+ "address_cap",
3136
+ "truncated"
3137
+ ]
3138
+ },
2938
3139
  "Endpoint": {
2939
3140
  "type": "object",
2940
3141
  "properties": {
package/dist/openapi/operations.generated.js CHANGED
@@ -371,7 +371,7 @@ export const operationManifest = [
371
371
  "binaryResponse": false,
372
372
  "bodyRequired": false,
373
373
  "command": "list-emails",
374
- "description": "Returns a paginated list of received emails. Supports filtering by\ndomain, status, date range, and free-text search across subject,\nsender, and recipient fields.\n",
374
+ "description": "Returns a paginated list of INBOUND emails received at your\nverified domains. Outbound messages sent via /send-mail are not\nincluded; this endpoint is the inbox view, not a unified\nsend/receive history.\n\nSupports filtering by domain, status, date range, and free-text\nsearch across subject, sender, and recipient fields.\n",
375
375
  "hasJsonBody": false,
376
376
  "method": "GET",
377
377
  "operationId": "listEmails",
@@ -435,7 +435,7 @@ export const operationManifest = [
435
435
  ],
436
436
  "requestSchema": null,
437
437
  "sdkName": "listEmails",
438
- "summary": "List emails",
438
+ "summary": "List inbound emails",
439
439
  "tag": "Emails",
440
440
  "tagCommand": "emails"
441
441
  },
@@ -752,6 +752,23 @@ export const operationManifest = [
752
752
  "tag": "Filters",
753
753
  "tagCommand": "filters"
754
754
  },
755
+ {
756
+ "binaryResponse": false,
757
+ "bodyRequired": false,
758
+ "command": "get-send-permissions",
759
+ "description": "Returns a flat list of rules describing every recipient the\ncaller may send to. Each rule has a `type`, a kind-specific\npayload, and a human-readable `description`. If any rule\nmatches the recipient, /send-mail will accept the send under\nthe recipient-scope check.\n\nThe endpoint is the answer to \"where can I send\" without\nexposing internal entitlement names. Agents that don't\nrecognize a `type` can still read the `description` prose\nand act on it.\n\nRule kinds, ordered broadest-first so an agent can stop\nscanning at the first match:\n\n 1. `any_recipient` (one entry, only when the org can send\n anywhere): every other rule below it is redundant.\n 2. `managed_zone` (always emitted, one per Primitive-managed\n zone): sends to any address at *.primitive.email or\n *.email.works always succeed; no entitlement required.\n 3. `your_domain` (one per active verified outbound domain\n owned by the org): sends to that domain are approved.\n 4. `address` (one per address that has authenticated\n inbound mail to the org, capped at `meta.address_cap`):\n sends to that exact address are approved.\n\nThe list is informational, not an authorization check.\n/send-mail remains the source of truth on whether an\nindividual send will succeed (it also enforces the\nfrom-address and the `send_mail` entitlement, which are\nnot recipient-scope concerns and are not represented here).\n",
760
+ "hasJsonBody": false,
761
+ "method": "GET",
762
+ "operationId": "getSendPermissions",
763
+ "path": "/send-permissions",
764
+ "pathParams": [],
765
+ "queryParams": [],
766
+ "requestSchema": null,
767
+ "sdkName": "getSendPermissions",
768
+ "summary": "List send-permission rules",
769
+ "tag": "Sending",
770
+ "tagCommand": "sending"
771
+ },
755
772
  {
756
773
  "binaryResponse": false,
757
774
  "bodyRequired": true,