@secapi/cli 1.0.1 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +52 -6
- package/dist/index.js +26502 -159
- package/package.json +12 -10
package/README.md
CHANGED
|
@@ -20,16 +20,53 @@ SECAPI_API_KEY="$SECAPI_API_KEY" bun packages/cli/src/index.ts me --json=false
|
|
|
20
20
|
printf "%s" "$SECAPI_API_KEY" | bun packages/cli/src/index.ts health --api-key-stdin
|
|
21
21
|
```
|
|
22
22
|
|
|
23
|
-
|
|
23
|
+
### Verify recipe (canonical gate)
|
|
24
|
+
|
|
25
|
+
Every CLI change must pass this six-command gate before review and before a Draft
|
|
26
|
+
PR is marked ready. Run it from the repo root:
|
|
24
27
|
|
|
25
28
|
```bash
|
|
26
|
-
bun --
|
|
29
|
+
bun install --frozen-lockfile
|
|
30
|
+
bun --filter @secapi/cli test # 128 black-box tests; the pipe-safe JSON contract
|
|
27
31
|
bun --filter @secapi/cli typecheck
|
|
28
|
-
bun run bench:cli-response-shape
|
|
29
|
-
bun run smoke:cli-release
|
|
32
|
+
bun run bench:cli-response-shape # cold-start latency + stdout byte caps (runs the source file)
|
|
33
|
+
bun run smoke:cli-release # packs + installs the tarball; asserts zero runtime deps + both bins
|
|
30
34
|
bun run scripts/validate/check_cli_doc_snippets.ts
|
|
31
35
|
```
|
|
32
36
|
|
|
37
|
+
### Interactive TUI (Ink)
|
|
38
|
+
|
|
39
|
+
Running `secapi` with no arguments in a real terminal (or `secapi chat` /
|
|
40
|
+
`secapi tui`) opens an interactive session built with
|
|
41
|
+
[Ink](https://github.com/vadimdemedes/ink) (React for CLIs) — *the trading desk
|
|
42
|
+
in your terminal*. Piped, redirected, `--json`, CI, and dumb-terminal
|
|
43
|
+
invocations keep the exact one-shot behavior, so agents and the gate above (all
|
|
44
|
+
non-TTY) are unaffected.
|
|
45
|
+
|
|
46
|
+
Inside the REPL:
|
|
47
|
+
|
|
48
|
+
- **Type any command** without the `secapi` prefix (e.g. `filings latest --ticker AAPL`); results render as themed cards with an inline cost footer.
|
|
49
|
+
- **`Tab`** opens a fuzzy command palette over all commands; **`shift+Tab`** cycles the run / plan / ask mode; **`↑/↓`** history; **`ctrl+l`** clear; **`ctrl+c`** aborts a running command then exits.
|
|
50
|
+
- **Slash commands:** `/help` `/login` `/logout` `/whoami` `/status` `/cost` `/theme` `/config` `/skills` `/personas` `/prompts` `/export` `/resume` `/sessions` `/clear` `/quit`.
|
|
51
|
+
- **Workflow shortcuts** (`/skills`): `/due-diligence AAPL`, `/analyze AAPL`, `/track-insiders AAPL`, `/factor-dashboard`, `/decompose AAPL`, `/footnotes AAPL`, `/factor-neutral`, `/regime-screen`, `/country-report US` — each expands the matching `@secapi/skills` workflow into a guided recipe of `secapi` commands (AI-metered steps flagged 💲).
|
|
52
|
+
- **Live cost meter** in the status line (`◷ $0.04 · 18 calls · 61% cache`); `/cost` for the session total.
|
|
53
|
+
- **Sessions** auto-save to `~/.config/secapi/sessions`; `/export [json|ndjson|md]`, `/resume`.
|
|
54
|
+
|
|
55
|
+
Other surfaces:
|
|
56
|
+
|
|
57
|
+
- **`secapi login`** verifies your key via `/v1/me` and saves a no-secret profile (it records *which env var* holds the key, never the value). `--print` previews without writing.
|
|
58
|
+
- **`config theme [<name>]`** / `--theme <name>` / `--accent <#rrggbb>` — 6 themes (`terminal`, `lights-out`, `light`, `xai`, `daltonized`, `ansi`), honoring `NO_COLOR`/`FORCE_COLOR`/`COLORTERM`.
|
|
59
|
+
- **`<command> --watch`** opens a live full-screen dashboard for watchable commands (`factors dashboard`, `factors extreme-moves`, `macro regimes`, `dilution score`, …); `--interval <seconds>`, `--once`. Non-TTY/`--json` run a single shot.
|
|
60
|
+
- **`secapi schedule add --when "every weekday 7am" --run "filings latest --ticker AAPL"`** persists NL schedules (`schedule list`/`remove`/`run-due`) to wire into cron/launchd.
|
|
61
|
+
|
|
62
|
+
Ink and React are **devDependencies only** — the build bundles them into the
|
|
63
|
+
single `dist/index.js`, so the published package keeps `dependencies: {}` and
|
|
64
|
+
installs instantly (the `smoke:cli-release` gate enforces this). The interactive
|
|
65
|
+
code is reached via a dynamic `import()` so one-shot startup never pays
|
|
66
|
+
React/Ink's cost. Test interactive components with Ink's injected-stream
|
|
67
|
+
rendering (`render(tree, { stdout, stdin })`) — deterministic and PTY-free (no
|
|
68
|
+
native `node-pty` dependency, which also keeps the API Docker image build clean).
|
|
69
|
+
|
|
33
70
|
`bun run bench:cli-response-shape` exercises representative local-only help,
|
|
34
71
|
example, config, and agent discovery commands with no credentials and fails if
|
|
35
72
|
their latency or output size drifts past conservative agent-friendly budgets.
|
|
@@ -102,7 +139,7 @@ secapi config profiles
|
|
|
102
139
|
Two binaries are installed: the preferred `secapi` and the compatibility alias `omni-sec`.
|
|
103
140
|
|
|
104
141
|
```bash
|
|
105
|
-
secapi --version # prints the bare package version, e.g. 1.0
|
|
142
|
+
secapi --version # prints the bare package version, e.g. 1.1.0
|
|
106
143
|
secapi --help # short task-oriented help for common workflows
|
|
107
144
|
secapi help all # full command inventory
|
|
108
145
|
secapi examples # local starter workflows for humans and agents
|
|
@@ -133,7 +170,7 @@ secapi streams create --event-types artifact.created --transport poll --dry-run
|
|
|
133
170
|
|
|
134
171
|
Supported dry-run previews: `api-keys create`, `billing budget`, `billing
|
|
135
172
|
checkout`, `billing portal`, `webhooks create`, `webhooks rotate-secret`,
|
|
136
|
-
`webhooks replay-delivery`, and `streams create`.
|
|
173
|
+
`webhooks test`, `webhooks replay-delivery`, and `streams create`.
|
|
137
174
|
|
|
138
175
|
Boolean flags accept bare flags plus explicit `true`, `false`, `yes`, `no`,
|
|
139
176
|
`on`, `off`, `1`, and `0` values. Use `--include-v2=false` or `--print=false`
|
|
@@ -161,6 +198,15 @@ Run `secapi doctor` when local setup is suspect. It reports the active base URL,
|
|
|
161
198
|
credential source names, API health, authenticated account context when
|
|
162
199
|
available, and the hosted MCP URL without printing credential values.
|
|
163
200
|
|
|
201
|
+
Run `secapi support bundle` when you need a copy-paste packet for support or an
|
|
202
|
+
agent handoff. It combines local config, `doctor` checks, request summaries, and
|
|
203
|
+
optional request drilldown into one JSON object while recursively redacting
|
|
204
|
+
credential values:
|
|
205
|
+
|
|
206
|
+
```bash
|
|
207
|
+
secapi support bundle --request-id req_...
|
|
208
|
+
```
|
|
209
|
+
|
|
164
210
|
Run `secapi config show` when you only need the local CLI configuration. It
|
|
165
211
|
prints the active base URL, source names for configured credentials, and hosted
|
|
166
212
|
MCP URL without reading stdin, calling the API, or printing credential values.
|