npm - avocavo - Versions diffs - 1.0.0 - Mend

avocavo 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,61 @@
+# Changelog
+All notable changes to the Avocavo CLI will be documented in this file.
+## [1.0.0] - 2025-01-30
+### 🎉 Initial Release
+- Complete rewrite for security and reliability
+- Clean package name: `avocavo` (replacing deprecated `avocavo-nutrition-cli`)
+### ✨ Features
+- Secure OAuth authentication with browser flow
+- USDA nutrition database integration
+- Batch ingredient analysis
+- Multiple output formats (table, JSON)
+- System keychain credential storage
+### 🔒 Security Improvements
+- **SSL Verification**: All HTTPS connections now verify certificates
+- **Secure Credentials**: No plaintext credential storage
+- **Updated Dependencies**: All dependencies updated to latest secure versions
+- **Input Sanitization**: All user inputs properly sanitized
+### 🚀 Performance
+- Faster API responses with connection pooling
+- Improved error handling and retry logic
+- Better progress indicators for long operations
+### 📦 Dependencies
+- Node.js >= 16.0.0 (updated from 14.0.0)
+- Updated all major dependencies to latest versions
+- Removed vulnerable dependencies
+---
+## Migration from avocavo-nutrition-cli
+This package replaces the deprecated `avocavo-nutrition-cli` which contained security vulnerabilities:
+### Security Issues Fixed:
+- ❌ SSL verification disabled (`verify: false`)
+- ❌ Plaintext credential storage fallback
+- ❌ Vulnerable form-data dependency
+- ❌ Missing input sanitization
+### Migration Steps:
+```bash
+# 1. Remove old package
+npm uninstall -g avocavo-nutrition-cli
+# 2. Install new secure package
+npm install -g avocavo
+# 3. Login again (secure OAuth flow)
+avocavo login
+# 4. Same commands work!
+avocavo analyze "1 cup rice"
+```
+All command syntax remains identical - only the package name and security have been updated.

package/README.md ADDED Viewed

@@ -0,0 +1,131 @@
+# 🥑 Avocavo CLI
+> Nutrition analysis made simple. Get accurate USDA nutrition data with secure authentication.
+## 🚀 Quick Start
+```bash
+# Install globally
+npm install -g avocavo
+# Login to your account
+avocavo login
+# Analyze a single ingredient
+avocavo analyze "1 cup rice"
+# Analyze a recipe
+avocavo recipe "2 eggs, 1 cup flour, 1 cup milk"
+# Get help
+avocavo --help
+```
+## ✨ Features
+- 🔐 **Secure Authentication** - Uses system keychain for credential storage
+- 🥗 **USDA Database** - Access to comprehensive nutrition data
+- 🧮 **Batch Analysis** - Analyze multiple ingredients at once
+- 📊 **Rich Output** - Beautiful tables and JSON formats
+- 🔒 **SSL Security** - All connections use verified HTTPS
+## 📦 Installation
+```bash
+npm install -g avocavo
+```
+**Requirements:**
+- Node.js >= 16.0.0
+- npm >= 7.0.0
+## 🔐 Authentication
+1. **Sign up** at [nutrition.avocavo.app](https://nutrition.avocavo.app)
+2. **Login** via CLI:
+   ```bash
+   avocavo login
+   ```
+3. Your credentials are stored securely in your system keychain
+## 📖 Commands
+### `avocavo login`
+Authenticate with your Avocavo account via secure OAuth.
+### `avocavo analyze <ingredient>`
+Analyze a single ingredient:
+```bash
+avocavo analyze "1 cup brown rice"
+avocavo analyze "200g chicken breast"
+```
+### `avocavo recipe <ingredients>`
+Analyze multiple ingredients as a recipe:
+```bash
+avocavo recipe "2 eggs, 1 cup flour, 1/2 cup milk"
+```
+### `avocavo batch <file>`
+Analyze ingredients from a file:
+```bash
+avocavo batch ingredients.txt
+```
+### `avocavo whoami`
+Show current authenticated user.
+### `avocavo logout`
+Remove stored credentials.
+## 🔒 Security
+- **SSL Verification**: All API calls use verified HTTPS connections
+- **Secure Storage**: Credentials stored in system keychain (not plaintext)
+- **OAuth Flow**: Secure browser-based authentication
+- **No Hardcoded Secrets**: All sensitive data handled securely
+## 📊 Output Formats
+### Table Format (default)
+```
+┌─────────────────┬──────────┬─────────┬──────────┬─────────┐
+│ Nutrient        │ Amount   │ Unit    │ Per 100g │ % DV    │
+├─────────────────┼──────────┼─────────┼──────────┼─────────┤
+│ Calories        │ 365      │ kcal    │ 365      │ 18.3%   │
+│ Protein         │ 7.1      │ g       │ 7.1      │ 14.2%   │
+└─────────────────┴──────────┴─────────┴──────────┴─────────┘
+```
+### JSON Format
+```bash
+avocavo analyze "1 cup rice" --json
+```
+## 🆘 Support
+- **Documentation**: [nutrition.avocavo.app/docs](https://nutrition.avocavo.app/docs)
+- **Issues**: [GitHub Issues](https://github.com/avocavo/avocavo-cli/issues)
+- **Email**: api-support@avocavo.com
+## 📄 License
+MIT License - see [LICENSE](LICENSE) file for details.
+---
+**🔄 Migrating from avocavo-nutrition-cli?**
+The old package has been deprecated due to security vulnerabilities. Migration is simple:
+```bash
+# Remove old package
+npm uninstall -g avocavo-nutrition-cli
+# Install new secure package
+npm install -g avocavo
+# Same commands work!
+avocavo login
+avocavo analyze "1 cup rice"
+```