@userland.fun/cli 0.1.3 → 0.2.0

package/README.md

@@ -23,14 +23,23 @@ userland auth status
 userland auth save-key --username <username> --api-key <api-key>
 userland accounts list
 userland accounts use <account-id>
+userland accounts status --account <account-id>
+userland accounts limits --account <account-id>
+userland accounts downgrade preview --to free --account <account-id>
 userland apps publish examples/<example-slug>
 userland apps publish examples/<example-slug> --account <account-id>
 userland apps list
 USERLAND_ACCOUNT_ID=<account-id> userland apps list
+userland apps status <app-id>
 userland apps releases <app-id>
+userland versions <app-id>
 userland apps rollback <app-id> <release-id>
 userland apps secrets set <app-id> <NAME> --value <value>
 userland apps events <app-id>
+userland apps routes list <app-id>
+userland apps slugs add <app-id> <slug>
+userland apps domains add <app-id> <hostname>
+userland apps domains verify <app-id> <hostname>
 ```
 
 From this repo, the same commands can be run from source:
@@ -42,20 +51,79 @@ npm run userland -- auth status
 npm run userland -- auth save-key --username <username> --api-key <api-key>
 npm run userland -- accounts list
 npm run userland -- accounts use <account-id>
+npm run userland -- accounts status --account <account-id>
+npm run userland -- accounts limits --account <account-id>
+npm run userland -- accounts downgrade preview --to free --account <account-id>
 npm run userland -- apps publish examples/<example-slug>
 npm run userland -- apps publish examples/<example-slug> --account <account-id>
 npm run userland -- apps list
 npm run userland -- apps list --account <account-id>
+npm run userland -- apps status <app-id>
 npm run userland -- apps releases <app-id>
+npm run userland -- versions <app-id>
 npm run userland -- apps rollback <app-id> <release-id>
 npm run userland -- apps secrets set <app-id> <NAME> --value <value>
 npm run userland -- apps events <app-id>
+npm run userland -- apps routes list <app-id>
+npm run userland -- apps slugs add <app-id> <slug>
+npm run userland -- apps domains add <app-id> <hostname>
+npm run userland -- apps domains verify <app-id> <hostname>
 ```
 
 `signup`, `login`, and `auth save-key` save the API key to `~/.userland/credentials.json` with `0600` permissions. Account username and password are stored in the OS keychain: macOS Keychain, Windows Credential Manager, or Linux Secret Service through `secret-tool`. App commands prefer `USERLAND_API_KEY` when it is set, then fall back to the saved API key.
 
 Most users do not need to select an account. If no account is selected, the API uses the actor's default account. Team, client, and agency workflows can select an account with `--account <account-id>`, `USERLAND_ACCOUNT_ID`, or `userland accounts use <account-id>`. Platform account members manage apps, releases, secrets, billing, and settings; they are separate from app users inside a published app.
 
+Status and limits:
+
+```sh
+userland accounts status --account <account-id>
+userland accounts limits --account <account-id>
+userland accounts downgrade preview --to starter --account <account-id>
+userland apps status <app-id> --account <account-id>
+```
+
+`accounts limits` includes plan features, manifest limits, deployment limits, runtime limits, release limits, usage limits, current usage, and route counts.
+
+Route management:
+
+```sh
+userland apps routes list <app-id> --account <account-id>
+userland apps slugs list <app-id> --account <account-id>
+userland apps slugs add <app-id> <slug> --account <account-id>
+userland apps slugs remove <app-id> <slug> --account <account-id>
+userland apps domains list <app-id> --account <account-id>
+userland apps domains add <app-id> <hostname> --account <account-id>
+userland apps domains verify <app-id> <hostname> --account <account-id>
+userland apps domains remove <app-id> <hostname> --account <account-id>
+```
+
+Internal/platform-admin only operations are routed by the CLI but authorized server-side:
+
+```sh
+userland ops accounts status <account-id>
+userland ops accounts flag <account-id> suspended_abuse --reason "spam"
+userland ops accounts clear <account-id> suspended_abuse --reason "reviewed"
+userland ops apps status <app-id>
+userland ops apps flag <app-id> suspended_security --reason "incident"
+userland ops apps clear <app-id> suspended_security --reason "resolved"
+userland ops apps takedown <app-id> --reason "legal review"
+userland ops routes disable <route-id> --status disabled_abuse --reason "abuse"
+userland ops routes enable <route-id> --reason "resolved"
+```
+
+Structured API errors keep details on separate lines:
+
+```text
+API 402: Monthly request quota exceeded for the current plan.
+error=quota_exceeded
+metric=requests.monthly.max
+plan_key=free
+limit=10000
+current=10000
+upgrade_required=true
+```
+
 ## Validation
 
 Build and inspect the publish tarball:

package/dist/index.js

@@ -24,6 +24,10 @@ async function main() {
         await accountsCommand(args);
         return;
     }
+    if (command === "ops") {
+        await opsCommand(args);
+        return;
+    }
     if (command === "signup") {
         await signupCommand(args);
         return;
@@ -68,6 +72,22 @@ async function appsCommand(args) {
         await eventsCommand(rest);
         return;
     }
+    if (subcommand === "status") {
+        await appStatusCommand(rest);
+        return;
+    }
+    if (subcommand === "routes" && rest[0] === "list") {
+        await routesListCommand(rest.slice(1));
+        return;
+    }
+    if (subcommand === "slugs") {
+        await appSlugsCommand(rest);
+        return;
+    }
+    if (subcommand === "domains") {
+        await appDomainsCommand(rest);
+        return;
+    }
     usage(1);
 }
 async function authCommand(args) {
@@ -100,6 +120,73 @@ async function accountsCommand(args) {
         await useAccountCommand(rest);
         return;
     }
+    if (subcommand === "status") {
+        await accountStatusCommand(rest);
+        return;
+    }
+    if (subcommand === "limits") {
+        await accountLimitsCommand(rest);
+        return;
+    }
+    if (subcommand === "downgrade" && rest[0] === "preview") {
+        await downgradePreviewCommand(rest.slice(1));
+        return;
+    }
+    usage(1);
+}
+async function opsCommand(args) {
+    const [scope, subcommand, id, actionOrFlag, ...rest] = args;
+    if (scope === "accounts" && subcommand === "status" && id) {
+        await printObject(await apiFetch(`/v0/ops/accounts/${encodeURIComponent(id)}/status`, { method: "GET" }));
+        return;
+    }
+    if (scope === "accounts" && subcommand === "flag" && id && actionOrFlag) {
+        await printObject(await opsFlagCommand("accounts", id, actionOrFlag, rest, false));
+        return;
+    }
+    if (scope === "accounts" && subcommand === "clear" && id && actionOrFlag) {
+        await printObject(await opsFlagCommand("accounts", id, actionOrFlag, rest, true));
+        return;
+    }
+    if (scope === "apps" && subcommand === "status" && id) {
+        await printObject(await apiFetch(`/v0/ops/apps/${encodeURIComponent(id)}/status`, { method: "GET" }));
+        return;
+    }
+    if (scope === "apps" && subcommand === "flag" && id && actionOrFlag) {
+        await printObject(await opsFlagCommand("apps", id, actionOrFlag, rest, false));
+        return;
+    }
+    if (scope === "apps" && subcommand === "clear" && id && actionOrFlag) {
+        await printObject(await opsFlagCommand("apps", id, actionOrFlag, rest, true));
+        return;
+    }
+    if (scope === "apps" && subcommand === "takedown" && id) {
+        const options = parseReasonOptions([actionOrFlag, ...rest].filter((value) => value !== undefined));
+        await printObject(await apiFetch(`/v0/ops/apps/${encodeURIComponent(id)}/takedown`, {
+            method: "POST",
+            body: JSON.stringify(bodyWithReason(options))
+        }));
+        return;
+    }
+    if (scope === "routes" && subcommand === "disable" && id) {
+        const options = parseRouteDisableOptions([actionOrFlag, ...rest].filter((value) => value !== undefined));
+        if (!options.status) {
+            usage(1);
+        }
+        await printObject(await apiFetch(`/v0/ops/routes/${encodeURIComponent(id)}/disable`, {
+            method: "POST",
+            body: JSON.stringify({ status: options.status, ...bodyWithReason(options) })
+        }));
+        return;
+    }
+    if (scope === "routes" && subcommand === "enable" && id) {
+        const options = parseReasonOptions([actionOrFlag, ...rest].filter((value) => value !== undefined));
+        await printObject(await apiFetch(`/v0/ops/routes/${encodeURIComponent(id)}/enable`, {
+            method: "POST",
+            body: JSON.stringify(bodyWithReason(options))
+        }));
+        return;
+    }
     usage(1);
 }
 async function signupCommand(args) {
@@ -203,6 +290,69 @@ async function useAccountCommand(args) {
     console.log(`selected_account_id=${accountId}`);
     console.log(`credentials_file=${filePath}`);
 }
+async function accountStatusCommand(args) {
+    const options = parseAccountOptions(args);
+    const accountId = await resolveAccountId(options.account);
+    const response = await apiFetch(`/v0/accounts/${encodeURIComponent(accountId)}/status`, {
+        method: "GET"
+    }, { accountId: options.account, accountScoped: true });
+    console.log(`account_id=${response.account_id}`);
+    if (response.plan_key)
+        console.log(`plan_key=${response.plan_key}`);
+    console.log(`billing_access_state=${response.billing_access_state}`);
+    console.log(`grace_ends_at=${response.grace_ends_at ?? ""}`);
+    if (response.suspended !== undefined)
+        console.log(`suspended=${response.suspended}`);
+    if (response.restricted !== undefined)
+        console.log(`restricted=${response.restricted}`);
+    printList("account_flags", response.account_flags ?? response.active_flags);
+    printList("reasons", response.reasons);
+    printWarnings(response.warnings);
+}
+async function accountLimitsCommand(args) {
+    const options = parseAccountOptions(args);
+    const accountId = await resolveAccountId(options.account);
+    const response = await apiFetch(`/v0/accounts/${encodeURIComponent(accountId)}/limits`, {
+        method: "GET"
+    }, { accountId: options.account, accountScoped: true });
+    console.log(`account_id=${response.account_id}`);
+    console.log(`plan_key=${response.plan_key}`);
+    if (response.usage_period?.period_start)
+        console.log(`usage_period_start=${response.usage_period.period_start}`);
+    if (response.usage_period?.period_end)
+        console.log(`usage_period_end=${response.usage_period.period_end}`);
+    printKeyValues("feature", response.features);
+    printKeyValues("manifest_limit", response.manifest_limits);
+    printKeyValues("deployment_limit", response.deployment_limits);
+    printKeyValues("runtime_limit", response.runtime_limits);
+    printKeyValues("release_limit", response.release_limits);
+    printKeyValues("usage_limit", response.usage_limits);
+    printKeyValues("usage", response.usage);
+    if (response.route_counts)
+        printKeyValues("route_count", response.route_counts);
+    printWarnings(response.compatibility_warnings);
+}
+async function downgradePreviewCommand(args) {
+    const options = parseDowngradePreviewOptions(args);
+    if (!options.to) {
+        usage(1);
+    }
+    const accountId = await resolveAccountId(options.account);
+    const params = new URLSearchParams({ plan: options.to });
+    const response = await apiFetch(`/v0/accounts/${encodeURIComponent(accountId)}/downgrade-preview?${params.toString()}`, {
+        method: "GET"
+    }, { accountId: options.account, accountScoped: true });
+    console.log(`account_id=${response.account_id}`);
+    console.log(`current_plan_key=${response.current_plan_key}`);
+    console.log(`target_plan_key=${response.target_plan_key}`);
+    console.log(`compatible=${response.compatible}`);
+    for (const violation of response.violations) {
+        console.log(`violation=${formatFields(violation)}`);
+    }
+    for (const action of response.actions) {
+        console.log(`action=${formatFields(action)}`);
+    }
+}
 async function publishCommand(args) {
     const dir = args[0];
     const options = parseOptions(args.slice(1));
@@ -306,6 +456,185 @@ async function eventsCommand(args) {
         console.log(`cursor=${response.cursor}`);
     }
 }
+async function appStatusCommand(args) {
+    const appId = args[0];
+    if (!appId) {
+        usage(1);
+    }
+    const options = parseAccountOptions(args.slice(1));
+    const response = await apiFetch(`/v0/apps/${encodeURIComponent(appId)}`, {
+        method: "GET"
+    }, { accountId: options.account, accountScoped: true });
+    const state = objectValue(response.operational_state) ?? {};
+    console.log(`app_id=${response.app_id}`);
+    if (response.account_id)
+        console.log(`account_id=${response.account_id}`);
+    if (stringValue(state.billing_access_state) ?? response.billing_access_state)
+        console.log(`billing_access_state=${stringValue(state.billing_access_state) ?? response.billing_access_state}`);
+    printOptionalBoolean("suspended", state.suspended ?? response.suspended);
+    printOptionalBoolean("takedown", state.takedown ?? response.takedown);
+    printOptionalBoolean("restricted", state.restricted);
+    printOptionalBoolean("can_serve_canonical", state.can_serve_canonical ?? response.can_serve_canonical);
+    printOptionalBoolean("can_mutate", state.can_mutate ?? response.can_mutate);
+    printList("account_flags", stringArrayValue(state.account_flags) ?? response.account_flags);
+    printList("app_flags", stringArrayValue(state.app_flags) ?? response.app_flags);
+    printList("reasons", stringArrayValue(state.reasons) ?? response.reasons);
+    if (response.routes) {
+        for (const route of response.routes) {
+            printRoute(route);
+        }
+    }
+}
+async function routesListCommand(args) {
+    const appId = args[0];
+    if (!appId) {
+        usage(1);
+    }
+    const options = parseAccountOptions(args.slice(1));
+    const response = await apiFetch(`/v0/apps/${encodeURIComponent(appId)}/routes`, {
+        method: "GET"
+    }, { accountId: options.account, accountScoped: true });
+    printRoutes(response.routes);
+}
+async function appSlugsCommand(args) {
+    const [action, appId, slug, ...optionArgs] = args;
+    if (action === "list" && appId) {
+        const options = parseAccountOptions([slug, ...optionArgs].filter((value) => value !== undefined));
+        const response = await apiFetch(`/v0/apps/${encodeURIComponent(appId)}/slugs`, {
+            method: "GET"
+        }, { accountId: options.account, accountScoped: true });
+        printRoutes(response.routes);
+        return;
+    }
+    if (action === "add" && appId && slug) {
+        const options = parseAccountOptions(optionArgs);
+        const response = await apiFetch(`/v0/apps/${encodeURIComponent(appId)}/slugs`, {
+            method: "POST",
+            body: JSON.stringify({ slug })
+        }, { accountId: options.account, accountScoped: true });
+        printRoute(response.route);
+        return;
+    }
+    if (action === "remove" && appId && slug) {
+        const options = parseAccountOptions(optionArgs);
+        const response = await apiFetch(`/v0/apps/${encodeURIComponent(appId)}/slugs/${encodeURIComponent(slug)}`, {
+            method: "DELETE"
+        }, { accountId: options.account, accountScoped: true });
+        printRoute(response.route);
+        return;
+    }
+    usage(1);
+}
+async function appDomainsCommand(args) {
+    const [action, appId, hostname, ...optionArgs] = args;
+    if (action === "list" && appId) {
+        const options = parseAccountOptions([hostname, ...optionArgs].filter((value) => value !== undefined));
+        const response = await apiFetch(`/v0/apps/${encodeURIComponent(appId)}/domains`, {
+            method: "GET"
+        }, { accountId: options.account, accountScoped: true });
+        printRoutes(response.routes);
+        return;
+    }
+    if (action === "add" && appId && hostname) {
+        const options = parseAccountOptions(optionArgs);
+        const response = await apiFetch(`/v0/apps/${encodeURIComponent(appId)}/domains`, {
+            method: "POST",
+            body: JSON.stringify({ hostname })
+        }, { accountId: options.account, accountScoped: true });
+        printRoute(response.route);
+        return;
+    }
+    if (action === "verify" && appId && hostname) {
+        const options = parseAccountOptions(optionArgs);
+        const response = await apiFetch(`/v0/apps/${encodeURIComponent(appId)}/domains/${encodeURIComponent(hostname)}/verify`, {
+            method: "POST",
+            body: JSON.stringify({})
+        }, { accountId: options.account, accountScoped: true });
+        printRoute(response.route);
+        return;
+    }
+    if (action === "remove" && appId && hostname) {
+        const options = parseAccountOptions(optionArgs);
+        const response = await apiFetch(`/v0/apps/${encodeURIComponent(appId)}/domains/${encodeURIComponent(hostname)}`, {
+            method: "DELETE"
+        }, { accountId: options.account, accountScoped: true });
+        printRoute(response.route);
+        return;
+    }
+    usage(1);
+}
+async function opsFlagCommand(scope, id, flag, args, clear) {
+    const options = parseReasonOptions(args);
+    return await apiFetch(`/v0/ops/${scope}/${encodeURIComponent(id)}/flags/${encodeURIComponent(flag)}${clear ? "/clear" : ""}`, {
+        method: clear ? "POST" : "PUT",
+        body: JSON.stringify(bodyWithReason(options))
+    });
+}
+async function resolveAccountId(explicitAccountId) {
+    const credentials = await readCredentials();
+    const accountId = selectedAccountId(explicitAccountId, credentials);
+    if (accountId) {
+        return accountId;
+    }
+    const response = await apiFetch("/v0/accounts", { method: "GET" });
+    return response.default_account_id;
+}
+function printRoutes(routes) {
+    for (const route of routes) {
+        printRoute(route);
+    }
+}
+function printRoute(route) {
+    console.log([
+        route.route_id,
+        route.route_type,
+        route.status,
+        route.hostname,
+        route.slug ?? "",
+        route.reason ?? ""
+    ].join("\t"));
+    if (route.verification && Object.keys(route.verification).length > 0) {
+        console.log(`verification=${JSON.stringify(route.verification)}`);
+    }
+}
+async function printObject(value) {
+    for (const [key, entry] of Object.entries(value)) {
+        if (Array.isArray(entry)) {
+            for (const item of entry) {
+                console.log(`${key}=${isPlainObject(item) ? formatFields(item) : String(item)}`);
+            }
+        }
+        else if (isPlainObject(entry)) {
+            console.log(`${key}=${JSON.stringify(entry)}`);
+        }
+        else {
+            console.log(`${key}=${entry ?? ""}`);
+        }
+    }
+}
+function printKeyValues(prefix, values) {
+    for (const [key, value] of Object.entries(values).sort(([left], [right]) => left.localeCompare(right))) {
+        console.log(`${prefix}=${key} value=${value === null ? "unlimited" : formatFieldValue(value)}`);
+    }
+}
+function printList(label, values) {
+    if (values && values.length > 0) {
+        console.log(`${label}=${values.join(",")}`);
+    }
+}
+function printWarnings(warnings) {
+    for (const warning of warnings ?? []) {
+        console.log(`warning=${formatFields(warning)}`);
+    }
+}
+function printOptionalBoolean(label, value) {
+    if (typeof value === "boolean") {
+        console.log(`${label}=${value}`);
+    }
+}
+function bodyWithReason(options) {
+    return options.reason ? { reason: options.reason } : {};
+}
 async function readPublishDirectory(rootDir, options) {
     const absoluteRoot = path.resolve(rootDir);
     const stat = await fs.stat(absoluteRoot).catch(() => null);
@@ -853,6 +1182,54 @@ function parseEventsOptions(args) {
     }
     return options;
 }
+function parseDowngradePreviewOptions(args) {
+    const options = {};
+    for (let index = 0; index < args.length; index += 1) {
+        const arg = args[index];
+        if (arg === "--to") {
+            options.to = args[++index];
+        }
+        else if (arg === "--account") {
+            options.account = args[++index];
+        }
+        else {
+            throw new Error(`Unknown option: ${arg}`);
+        }
+    }
+    return options;
+}
+function parseReasonOptions(args) {
+    const options = {};
+    for (let index = 0; index < args.length; index += 1) {
+        const arg = args[index];
+        if (arg === "--reason") {
+            options.reason = args[++index];
+        }
+        else if (arg === "--account") {
+            options.account = args[++index];
+        }
+        else {
+            throw new Error(`Unknown option: ${arg}`);
+        }
+    }
+    return options;
+}
+function parseRouteDisableOptions(args) {
+    const options = {};
+    for (let index = 0; index < args.length; index += 1) {
+        const arg = args[index];
+        if (arg === "--status") {
+            options.status = args[++index];
+        }
+        else if (arg === "--reason") {
+            options.reason = args[++index];
+        }
+        else {
+            throw new Error(`Unknown option: ${arg}`);
+        }
+    }
+    return options;
+}
 function parseAccountOptions(args) {
     const options = {};
     for (let index = 0; index < args.length; index += 1) {
@@ -940,6 +1317,27 @@ function objectValue(value) {
 function stringValue(value) {
     return typeof value === "string" ? value : undefined;
 }
+function stringArrayValue(value) {
+    return Array.isArray(value) && value.every((entry) => typeof entry === "string") ? value : undefined;
+}
+function formatFields(value) {
+    return Object.entries(value)
+        .filter(([, entry]) => entry !== undefined && entry !== null)
+        .map(([key, entry]) => `${key}=${formatFieldValue(entry)}`)
+        .join(" ");
+}
+function formatFieldValue(value) {
+    if (typeof value === "string") {
+        return /\s/u.test(value) ? JSON.stringify(value) : value;
+    }
+    if (Array.isArray(value)) {
+        return value.map(formatFieldValue).join(",");
+    }
+    if (isPlainObject(value)) {
+        return JSON.stringify(value);
+    }
+    return String(value);
+}
 function contentTypeForPath(filePath) {
     const ext = path.extname(filePath).toLowerCase();
     const types = {
@@ -958,46 +1356,57 @@ function contentTypeForPath(filePath) {
     return types[ext] ?? "application/octet-stream";
 }
 function errorMessage(body) {
-    if (typeof body !== "object" || body === null || !("error" in body)) {
+    if (!isPlainObject(body) || !("error" in body)) {
         return undefined;
     }
-    const error = body.error;
-    if (typeof error !== "object" || error === null || !("message" in error)) {
+    const parsed = parseApiError(body);
+    if (!parsed.message && !parsed.code) {
         return undefined;
     }
-    const typedError = error;
-    const message = typeof typedError.message === "string" ? typedError.message : undefined;
-    const code = typeof typedError.code === "string" ? typedError.code : undefined;
-    const detail = entitlementDetailMessage(typedError.details);
-    const base = code && message ? `${code}: ${message}` : message ?? code;
-    return [base, detail].filter(Boolean).join("\n");
+    const lines = [parsed.message ?? parsed.code];
+    if (parsed.code) {
+        lines.push(`error=${parsed.code}`);
+    }
+    lines.push(...structuredDetailLines(parsed.details));
+    return lines.filter(Boolean).join("\n");
 }
-function entitlementDetailMessage(details) {
+function parseApiError(body) {
+    const error = body.error;
+    if (typeof error === "string") {
+        return {
+            code: error,
+            message: stringValue(body.message),
+            details: body.details
+        };
+    }
+    if (!isPlainObject(error)) {
+        return {};
+    }
+    return {
+        code: stringValue(error.code),
+        message: stringValue(error.message),
+        details: error.details
+    };
+}
+function structuredDetailLines(details) {
     if (!isPlainObject(details)) {
-        return undefined;
+        return [];
     }
-    const requiredPlan = stringValue(details.required_plan_key);
-    const violations = Array.isArray(details.violations) ? details.violations.map(formatEntitlementViolation).filter(Boolean) : [];
-    const limit = stringValue(details.limit_key);
-    const allowed = details.allowed;
-    const value = details.value;
     const lines = [];
-    if (requiredPlan) {
-        lines.push(`Required plan: ${requiredPlan}`);
-    }
-    if (violations.length > 0) {
-        lines.push("Violations:");
-        lines.push(...violations.map((violation) => `- ${violation}`));
+    for (const key of ["metric", "plan_key", "required_plan_key", "limit", "limit_key", "current", "increment", "value", "upgrade_required"]) {
+        if (details[key] !== undefined) {
+            lines.push(`${key}=${formatFieldValue(details[key])}`);
+        }
     }
-    else if (limit) {
-        lines.push(`Limit: ${limit}${value !== undefined ? ` value=${String(value)}` : ""}${allowed !== undefined ? ` allowed=${formatAllowed(allowed)}` : ""}`);
+    const violations = Array.isArray(details.violations) ? details.violations : [];
+    for (const violation of violations) {
+        if (isPlainObject(violation)) {
+            lines.push(`violation=${formatViolation(violation)}`);
+        }
     }
-    return lines.length > 0 ? lines.join("\n") : undefined;
+    return lines;
 }
-function formatEntitlementViolation(value) {
-    if (!isPlainObject(value)) {
-        return undefined;
-    }
+function formatViolation(value) {
     const path = stringValue(value.manifest_path);
     const feature = stringValue(value.feature_key);
     const limit = stringValue(value.limit_key);
@@ -1012,7 +1421,7 @@ function formatEntitlementViolation(value) {
         allowed !== undefined ? `allowed=${formatAllowed(allowed)}` : undefined,
         requiredPlan ? `requires=${requiredPlan}` : undefined
     ].filter(Boolean);
-    return parts.length > 0 ? parts.join(" ") : undefined;
+    return parts.length > 0 ? parts.join(" ") : formatFields(value);
 }
 function formatAllowed(value) {
     return Array.isArray(value) ? value.join(",") : String(value);
@@ -1021,7 +1430,7 @@ function isPlainObject(value) {
     return typeof value === "object" && value !== null && !Array.isArray(value);
 }
 function docsUrlForError(message) {
-    if (message.includes("entitlement_required") || message.includes("plan_limit_exceeded")) {
+    if (message.includes("entitlement_required") || message.includes("plan_limit_exceeded") || message.includes("quota_exceeded") || message.includes("downgrade_incompatible")) {
         return "https://docs.userland.fun/reference/errors";
     }
     if (message.includes("USERLAND_API_KEY") || message.includes("credentials")) {
@@ -1047,18 +1456,40 @@ function usage(exitCode) {
   userland auth save-key --username <username> --api-key <api-key> [--password <password>]
   userland accounts list
   userland accounts use <account-id>
+  userland accounts status [--account <account-id>]
+  userland accounts limits [--account <account-id>]
+  userland accounts downgrade preview --to <plan> [--account <account-id>]
   userland apps publish <dir> [--app <app-id>] [--message <message>] [--account <account-id>]
   userland apps list [--account <account-id>]
+  userland apps status <app-id> [--account <account-id>]
   userland apps releases <app-id> [--account <account-id>]
   userland apps rollback <app-id> <release-id> [--account <account-id>]
   userland apps secrets set <app-id> <NAME> [--value <value>] [--account <account-id>]
   userland apps events <app-id> [--type <event-type>] [--severity <level>] [--release <release-id>] [--limit <n>] [--account <account-id>]
+  userland apps routes list <app-id> [--account <account-id>]
+  userland apps slugs list <app-id> [--account <account-id>]
+  userland apps slugs add <app-id> <slug> [--account <account-id>]
+  userland apps slugs remove <app-id> <slug> [--account <account-id>]
+  userland apps domains list <app-id> [--account <account-id>]
+  userland apps domains add <app-id> <hostname> [--account <account-id>]
+  userland apps domains verify <app-id> <hostname> [--account <account-id>]
+  userland apps domains remove <app-id> <hostname> [--account <account-id>]
+  userland ops accounts status <account-id>
+  userland ops accounts flag <account-id> <flag> [--reason <text>]
+  userland ops accounts clear <account-id> <flag> [--reason <text>]
+  userland ops apps status <app-id>
+  userland ops apps flag <app-id> <flag> [--reason <text>]
+  userland ops apps clear <app-id> <flag> [--reason <text>]
+  userland ops apps takedown <app-id> [--reason <text>]
+  userland ops routes disable <route-id> --status <disabled_abuse|disabled_billing|disabled_downgrade> [--reason <text>]
+  userland ops routes enable <route-id> [--reason <text>]
 
 Aliases:
   userland auth signup [--username <username>] [--password <password>] [--email <email>] [--no-save]
   userland auth login [--username <username>] [--password <password>] [--no-save]
   userland publish <dir> [--app <app-id>] [--message <message>] [--account <account-id>]
   userland releases <app-id> [--account <account-id>]
+  userland versions <app-id> [--account <account-id>]
 
 Credentials:
   Commands use USERLAND_API_KEY first, then ~/.userland/credentials.json for API keys.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@userland.fun/cli",
-  "version": "0.1.3",
+  "version": "0.2.0",
   "description": "Userland command-line tools for publishing and operating apps.",
   "license": "MIT",
   "type": "module",