@tenderprompt/cli 0.1.11 → 0.1.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +69 -8
  2. package/dist/index.js +703 -275
  3. package/package.json +1 -1
package/README.md CHANGED
@@ -34,6 +34,8 @@ session:
34
34
  - build and preview a commit through the Tender API
35
35
  - publish only after a dry run or explicit `--confirm publish`
36
36
  - inspect artifact-scoped analytics without SQL or platform credentials
37
+ - inspect artifact-scoped app database tables, schema, and bounded read-only
38
+ query output
37
39
  - run server-validated chart specs and export aggregate rows
38
40
  - generate starter analytics suggestions
39
41
  - create, list, update, and delete saved analytics dashboards and charts, with
@@ -87,6 +89,8 @@ TTL values are intentionally bounded:
87
89
 
88
90
  Use `--profile publish` only when the token should be allowed to publish.
89
91
  Publish still requires explicit confirmation with `--confirm publish`.
92
+ Use `--profile db-read --artifact <app-id>` for read-only app database
93
+ inspection.
90
94
 
91
95
  Credential precedence is explicit-first:
92
96
 
@@ -128,6 +132,10 @@ tender app validate artifact_123 --json
128
132
  tender app build artifact_123 --commit "$(git rev-parse HEAD)" --json
129
133
  tender app preview artifact_123 --commit "$(git rev-parse HEAD)" --stream --json
130
134
  tender app publish artifact_123 --dry-run --json
135
+ tender app db capabilities artifact_123 --json
136
+ tender app db tables artifact_123 --json
137
+ tender app db schema artifact_123 --table votes --json
138
+ tender app db query artifact_123 --sql "select * from votes limit 20" --json
131
139
  ```
132
140
 
133
141
  ## Analytics
@@ -169,7 +177,7 @@ tender app analytics suggestions artifact_123 --range 30d --json
169
177
 
170
178
  tender app analytics charts templates --json
171
179
 
172
- tender app analytics property-slots list artifact_123 --json
180
+ tender app analytics properties list artifact_123 --json
173
181
  ```
174
182
 
175
183
  Safe write previews:
@@ -177,7 +185,7 @@ Safe write previews:
177
185
  ```bash
178
186
  tender app analytics dashboards artifact_123 --create "Agent dashboard" --dry-run --json
179
187
 
180
- tender app analytics property-slots activate artifact_123 \
188
+ tender app analytics properties activate artifact_123 \
181
189
  --event signup_started \
182
190
  --property plan \
183
191
  --type dimension \
@@ -217,14 +225,65 @@ inspection. For example, inspect where the app calls
217
225
  `__TP_ANALYTICS.invoke(...)`, propose a chart spec, validate it with
218
226
  `analytics query`, and only then create a saved chart.
219
227
  Use `charts templates --json` for reusable chart shapes; adapt any placeholders
220
- to observed events, paths, or promoted property keys before querying or saving.
221
- Property group-bys and property metrics need promoted slots; `charts create`
222
- and `charts update` activate missing slots automatically when the spec includes
223
- an `event_name = ...` filter. `analytics query` is read-only, so use
224
- `property-slots activate` first when trying an ad hoc property query. When a
228
+ to observed events, paths, or queryable property keys before querying or saving.
229
+ Property group-bys and property metrics need the custom event property to be
230
+ available for dashboard queries; `charts create` and `charts update` activate
231
+ missing properties automatically when the spec includes an `event_name = ...`
232
+ filter. `analytics query` is read-only, so use
233
+ `properties activate` first when trying an ad hoc property query. When a
225
234
  query fails for a missing dashboard-query property, the CLI prints the exact
226
235
  activation commands to run and does not perform that write automatically.
227
236
 
237
+ Event payload properties can be tracked by the app, observed in bounded catalog
238
+ samples, and still not be queryable in fast dashboard charts. Register intended
239
+ dashboard dimensions and metrics before meaningful traffic starts. Use
240
+ dimensions for grouping values such as variant, plan, step, source, or outcome,
241
+ and metrics for numeric values such as score, amount, duration, or quantity.
242
+ Making a property queryable does not require an app redeploy, but older
243
+ dashboard-query rows may not fully populate grouped charts until new traffic
244
+ arrives. Do not make every property queryable; avoid PII, secrets, free text,
245
+ ids, URLs, or high-cardinality values unless the chart has a clear purpose.
246
+
247
+ ## App Database
248
+
249
+ App database commands are artifact-scoped and go through Tender's server-side
250
+ authorization and read-only query checks. The CLI only accepts an app id; it
251
+ does not accept tenant ids, runner names, provider account ids, or runtime
252
+ storage identifiers.
253
+
254
+ Start with capabilities:
255
+
256
+ ```bash
257
+ tender auth login --device --profile db-read --artifact artifact_123 --ttl 7d --save-profile db --json
258
+
259
+ tender app db capabilities artifact_123 --profile db --json
260
+ ```
261
+
262
+ Common read-only commands:
263
+
264
+ ```bash
265
+ tender app db tables artifact_123 --profile db --json
266
+
267
+ tender app db schema artifact_123 --table votes --profile db --json
268
+
269
+ tender app db query artifact_123 --sql "select * from votes limit 20" --profile db --json
270
+
271
+ tender app db query artifact_123 \
272
+ --sql "select * from votes where choice = ?" \
273
+ --param coffee \
274
+ --profile db \
275
+ --json
276
+
277
+ tender app db query artifact_123 --file ./debug.sql --limit 50 --profile db --json
278
+
279
+ tender app db query artifact_123 --file - --profile db --json < debug.sql
280
+ ```
281
+
282
+ The query command sends one read-only statement with positional bindings.
283
+ Client and server limits include a 100 KB statement cap and at most 100 bound
284
+ parameters. The server enforces the final policy, row limits, response limits,
285
+ artifact scope, and audit logging.
286
+
228
287
  ## Safety Model
229
288
 
230
289
  - Local agents run in the user's environment, not in Tender.
@@ -237,10 +296,12 @@ activation commands to run and does not perform that write automatically.
237
296
  remote URLs.
238
297
  - Analytics commands use tenant/artifact-scoped API routes. They do not expose
239
298
  raw query credentials or raw SQL.
240
- - Property slot activation is an explicit analytics write and remains
299
+ - Dashboard-query property activation is an explicit analytics write and remains
241
300
  tenant/artifact-scoped.
242
301
  - Raw analytics event export is intentionally not available; exports are bounded
243
302
  catalog metadata or validated aggregate query rows.
303
+ - App database commands require `db:read`, should use artifact-scoped tokens,
304
+ and never require provider account ids or runtime storage identifiers.
244
305
 
245
306
  ## Related Package
246
307