@vainplex/shieldapi-cli 1.3.0 → 1.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/package.json +1 -1
  2. package/src/commands/password.js +53 -17
  3. package/src/index.js +1 -1
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@vainplex/shieldapi-cli",
3
- "version": "1.3.0",
3
+ "version": "1.3.1",
4
4
  "description": "Security intelligence from your terminal. Pay-per-request with USDC.",
5
5
  "type": "module",
6
6
  "bin": {
package/src/commands/password.js CHANGED
@@ -1,5 +1,4 @@
1
1
  import { createHash } from 'node:crypto';
2
- import { createInterface } from 'node:readline';
3
2
  import ora from 'ora';
4
3
  import chalk from 'chalk';
5
4
  import { apiRequest } from '../lib/api.js';
@@ -8,20 +7,60 @@ import { formatPassword } from '../lib/formatter.js';
8
7
  import { exitCodeFromResult, exitCodeFromError, EXIT } from '../lib/exit.js';
9
8
 
10
9
  /**
11
- * Read a line from stdin (for --stdin mode).
10
+ * Read password from stdin.
11
+ * If stdin is a TTY (interactive), prompts with hidden input (like Linux `read -s`).
12
+ * If piped, reads data directly.
12
13
  */
13
14
  function readStdin() {
14
15
  return new Promise((resolve, reject) => {
15
- let data = '';
16
- process.stdin.setEncoding('utf8');
17
- process.stdin.on('data', (chunk) => { data += chunk; });
18
- process.stdin.on('end', () => resolve(data.trim()));
19
- process.stdin.on('error', reject);
20
- setTimeout(() => {
21
- process.stdin.destroy();
22
- if (data) resolve(data.trim());
23
- else reject(new Error('Stdin timeout — no input received'));
24
- }, 10000);
16
+ if (process.stdin.isTTY) {
17
+ // Interactive mode: hide typed characters
18
+ process.stderr.write('Password: ');
19
+ process.stdin.setRawMode(true);
20
+ process.stdin.resume();
21
+ process.stdin.setEncoding('utf8');
22
+
23
+ let password = '';
24
+
25
+ const onData = (char) => {
26
+ const c = char.toString();
27
+ if (c === '\n' || c === '\r') {
28
+ cleanup();
29
+ process.stderr.write('\n');
30
+ resolve(password);
31
+ } else if (c === '\u0003') {
32
+ // Ctrl+C
33
+ cleanup();
34
+ process.stderr.write('\n');
35
+ process.exit(130);
36
+ } else if (c === '\u007f' || c === '\b') {
37
+ // Backspace
38
+ password = password.slice(0, -1);
39
+ } else {
40
+ password += c;
41
+ }
42
+ };
43
+
44
+ const cleanup = () => {
45
+ process.stdin.setRawMode(false);
46
+ process.stdin.pause();
47
+ process.stdin.removeListener('data', onData);
48
+ };
49
+
50
+ process.stdin.on('data', onData);
51
+ } else {
52
+ // Piped mode: read all data from stdin
53
+ let data = '';
54
+ process.stdin.setEncoding('utf8');
55
+ process.stdin.on('data', (chunk) => { data += chunk; });
56
+ process.stdin.on('end', () => resolve(data.trim()));
57
+ process.stdin.on('error', reject);
58
+ setTimeout(() => {
59
+ process.stdin.destroy();
60
+ if (data) resolve(data.trim());
61
+ else reject(new Error('Stdin timeout — no input received'));
62
+ }, 10000);
63
+ }
25
64
  });
26
65
  }
27
66
 
@@ -37,12 +76,9 @@ export async function passwordCommand(password, opts) {
37
76
 
38
77
  if (opts.stdin) {
39
78
  // --stdin: read password from stdin, ignore positional argument
40
- if (!opts.quiet) {
41
- process.stderr.write(chalk.gray('Reading password from stdin...\n'));
42
- }
43
79
  const stdinPassword = await readStdin();
44
80
  if (!stdinPassword) {
45
- process.stderr.write(chalk.red('Error: No password received from stdin.\n'));
81
+ process.stderr.write(chalk.red('Error: No password received.\n'));
46
82
  process.exitCode = EXIT.USAGE;
47
83
  return;
48
84
  }
@@ -51,7 +87,7 @@ export async function passwordCommand(password, opts) {
51
87
  // No password argument and no --stdin
52
88
  process.stderr.write(chalk.red('Error: Provide a password argument or use --stdin.\n'));
53
89
  process.stderr.write(chalk.gray(' shieldapi password "mypassword" --demo\n'));
54
- process.stderr.write(chalk.gray(' echo -n "mypassword" | shieldapi password --stdin --demo\n'));
90
+ process.stderr.write(chalk.gray(' shieldapi password --stdin --demo\n'));
55
91
  process.exitCode = EXIT.USAGE;
56
92
  return;
57
93
  } else if (opts.hash) {
package/src/index.js CHANGED
@@ -14,7 +14,7 @@ export function run(argv) {
14
14
  program
15
15
  .name('shieldapi')
16
16
  .description('🛡️ ShieldAPI CLI — Security intelligence from your terminal. Pay-per-request with USDC.')
17
- .version('1.3.0')
17
+ .version('1.3.1')
18
18
  .option('--wallet <key>', 'Private key for x402 payments (or set SHIELDAPI_WALLET_KEY)')
19
19
  .option('--json', 'Output raw JSON instead of formatted output')
20
20
  .option('--no-color', 'Disable colors')