dodopayments-cli 2.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Dodo Payments
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,185 @@
+# Dodo Payments CLI
+
+<p align="center">
+  <strong>A powerful Command Line Interface for Dodo Payments</strong>
+</p>
+
+<p align="center">
+  <a href="https://www.npmjs.com/package/dodopayments-cli">
+    <img src="https://img.shields.io/npm/v/dodopayments-cli?color=cb3837&label=npm&logo=npm" alt="npm version" />
+  </a>
+  <a href="https://discord.gg/bYqAp4ayYh">
+    <img src="https://img.shields.io/discord/1305511580854779984?label=Discord&logo=discord&color=5865F2" alt="Discord" />
+  </a>
+  <a href="LICENSE">
+    <img src="https://img.shields.io/badge/license-MIT-blue.svg" alt="License: MIT" />
+  </a>
+</p>
+
+<p align="center">
+  <a href="#installation">Installation</a> •
+  <a href="#authentication">Authentication</a> •
+  <a href="#usage">Usage</a> •
+  <a href="#webhook-testing">Webhooks</a> •
+  <a href="#contributing">Contributing</a>
+</p>
+
+---
+
+Manage your [Dodo Payments](https://dodopayments.com/) resources and test webhooks directly from the terminal. Built for developers who prefer the command line.
+
+## Installation
+
+We provide various ways to install the CLI:
+
+> **Note:** If you have Node or Bun installed, it's highly recommended to use that installation method.
+
+### Using npm (Recommended)
+
+```bash
+npm install -g dodopayments-cli
+```
+
+### Using Bun
+
+```bash
+bun install -g dodopayments-cli
+```
+
+### Manual Installation
+
+1. Download the latest release from [GitHub Releases](https://github.com/dodopayments/dodopayments-cli/releases) that matches your system.
+
+2. Extract the downloaded file to a directory of your choice.
+
+3. Rename the binary file to `dodo`:
+   - **Linux/macOS:** `mv ./dodopayments-cli-* ./dodo`
+   - **Windows:** `ren .\dodopayments-cli-* .\dodo`
+
+4. Move the binary to a directory in your system's PATH:
+   - **Linux/macOS:** `sudo mv ./dodo /usr/local/bin/`
+   - **Windows:** `move .\dodo C:\Windows\System32\dodo` (requires admin mode)
+
+## Authentication
+
+Before using the CLI, you must authenticate:
+
+```bash
+dodo login
+```
+
+This command will:
+1. Open your browser to the Dodo Payments API Keys page
+2. Prompt you to enter your API Key
+3. Ask you to select the environment (**Test Mode** or **Live Mode**)
+4. Store your credentials locally to `~/.dodopayments/api-key`
+
+## Usage
+
+The general syntax is:
+
+```bash
+dodo <category> <sub-command>
+```
+
+### Products
+
+Manage your products catalog.
+
+| Command | Description |
+|---------|-------------|
+| `dodo products list` | List all products |
+| `dodo products create` | Open dashboard to create a product |
+| `dodo products info` | View details for a specific product |
+
+### Payments
+
+View payment transactions.
+
+| Command | Description |
+|---------|-------------|
+| `dodo payments list` | List all payments |
+| `dodo payments info` | Get information about a specific payment |
+
+### Customers
+
+Manage your customer base.
+
+| Command | Description |
+|---------|-------------|
+| `dodo customers list` | List all customers |
+| `dodo customers create` | Create a new customer profile |
+| `dodo customers update` | Update an existing customer's details |
+
+### Discounts
+
+Manage coupons and discounts.
+
+| Command | Description |
+|---------|-------------|
+| `dodo discounts list` | List all discounts |
+| `dodo discounts create` | Create a new percentage-based discount |
+| `dodo discounts delete` | Remove a discount by ID |
+
+### Licenses
+
+Manage software licenses.
+
+| Command | Description |
+|---------|-------------|
+| `dodo licences list` | List all licenses |
+
+## Webhook Testing
+
+The CLI includes a robust tool for testing webhooks by simulating events.
+
+```bash
+dodo wh
+```
+
+> **Note:** The webhook testing tool doesn't support signing requests yet. Please disable webhook signature verification while testing. A simple way to do this is using `unsafe_unwrap()` instead of `unwrap()` in the webhook endpoint **during testing only**.
+
+This interactive tool guides you through:
+1. Setting a destination **endpoint URL**
+2. Configuring **Business ID**, **Product ID**, and **Metadata**
+3. Selecting a specific **Event** to trigger
+
+### Supported Webhook Events
+
+| Category | Events |
+|----------|--------|
+| **Subscription** | `active`, `updated`, `on_hold`, `renewed`, `plan_changed`, `cancelled`, `failed`, `expired` |
+| **Payment** | `success`, `failed`, `processing`, `cancelled` |
+| **Refund** | `success`, `failed` |
+| **Dispute** | `opened`, `expired`, `accepted`, `cancelled`, `challenged`, `won`, `lost` |
+| **License** | `created` |
+
+## Contributing
+
+We welcome contributions from the community! Whether you're fixing bugs, adding new features, or improving documentation, your help is appreciated.
+
+Please read our [Contributing Guide](./CONTRIBUTING.md) to get started. We also have a [Code of Conduct](./CODE_OF_CONDUCT.md) that we expect all contributors to follow.
+
+### Ways to Contribute
+
+- Report bugs and suggest features
+- Improve documentation
+- Add new CLI commands
+- Write tests
+- Review pull requests
+
+## Support
+
+- [Discord Community](https://discord.gg/bYqAp4ayYh) - Get help and discuss with the community
+- [GitHub Issues](https://github.com/dodopayments/dodopayments-cli/issues) - Report bugs or request features
+- [Documentation](https://docs.dodopayments.com) - Learn more about Dodo Payments
+
+## License
+
+This project is licensed under the MIT License - see the [LICENSE](./LICENSE) file for details.
+
+---
+
+<p align="center">
+  Made with ❤️ by <a href="https://dodopayments.com">Dodo Payments</a>
+</p>

package/SECURITY.md

@@ -0,0 +1,98 @@
+# Security Policy
+
+## Supported Versions
+
+We actively support the following versions with security updates:
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 0.1.x   | :white_check_mark: |
+
+## Reporting a Vulnerability
+
+We take the security of Dodo Payments CLI seriously. If you believe you have found a security vulnerability, please report it to us responsibly.
+
+### How to Report
+
+**Please do NOT report security vulnerabilities through public GitHub issues.**
+
+Instead, please report them via one of the following methods:
+
+1. **GitHub Security Advisories** (Preferred): [Create a security advisory](https://github.com/dodopayments/dodopayments-cli/security/advisories/new)
+
+2. **Email**: Send an email to [security@dodopayments.com](mailto:security@dodopayments.com)
+
+### What to Include
+
+Please include the following information in your report:
+
+- Type of vulnerability (e.g., credential exposure, code injection, etc.)
+- Full paths of source file(s) related to the vulnerability
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Any special configuration required to reproduce the issue
+- Step-by-step instructions to reproduce the issue
+- Proof-of-concept or exploit code (if possible)
+- Impact of the issue, including how an attacker might exploit it
+
+### What to Expect
+
+- **Acknowledgment**: We will acknowledge receipt of your vulnerability report within 48 hours.
+
+- **Communication**: We will keep you informed of our progress throughout the process.
+
+- **Resolution Timeline**: We aim to investigate and address security issues within 90 days, depending on complexity.
+
+- **Disclosure**: We will coordinate with you on the timing of public disclosure.
+
+- **Credit**: We will credit you for the discovery in our release notes and security advisory (unless you prefer to remain anonymous).
+
+## Security Best Practices for Users
+
+When using Dodo Payments CLI, please follow these security best practices:
+
+### API Keys
+
+- **Never share your API keys** with anyone
+- **Use test mode keys** for development and testing
+- **Rotate keys** if you suspect they may have been compromised
+- The CLI stores your API key locally at `~/.dodopayments/api-key` - ensure this file has appropriate permissions
+
+### Running the CLI
+
+- **Download only from official sources**: npm, GitHub releases, or bun
+- **Verify the package** before installation when possible
+- **Keep the CLI updated** to the latest version
+
+### Webhook Testing
+
+- **Only test webhooks** against endpoints you control
+- **Use test mode** for webhook testing when possible
+- **Re-enable signature verification** after testing
+
+## Local Storage
+
+The CLI stores the following data locally:
+
+| Data | Location | Purpose |
+|------|----------|---------|
+| API Key | `~/.dodopayments/api-key` | Authentication |
+
+Ensure your home directory has appropriate access controls to protect this sensitive data.
+
+## Vulnerability Disclosure Policy
+
+We follow a coordinated vulnerability disclosure process:
+
+1. Reporter submits vulnerability privately
+2. We acknowledge and begin investigation
+3. We develop and test a fix
+4. We release the fix and publish a security advisory
+5. We credit the reporter (if desired)
+
+We ask that you:
+
+- Give us reasonable time to address the issue before public disclosure
+- Make a good faith effort to avoid privacy violations, destruction of data, and interruption of services
+- Do not access or modify data that does not belong to you
+
+Thank you for helping keep Dodo Payments CLI and our users safe!

package/build-binaries.ts

@@ -0,0 +1,22 @@
+const targets: any = [
+    "bun-darwin-x64",
+    "bun-darwin-arm64",
+    "bun-linux-x64",
+    "bun-linux-arm64",
+    "bun-windows-x64"
+];
+
+// Loop through all targets and build them
+for (const target of targets) {
+    await Bun.build({
+        entrypoints: ["./index.ts"],
+        outdir: `./dist/dodopayments-cli-${target.replace('bun-', '')}`,
+        target: "bun",
+        compile: {
+            // `as any` cause Bun doesn't provide type of exact platforms
+            target: target as any,
+        }
+    });
+}
+
+console.log(`Build complete! Binaries are in ./dist`);