fuzzi-cli 0.1.1 → 0.1.3

package/README.md

@@ -2,6 +2,8 @@
 
 Run Fuzzi security scans from your terminal. Interactive shell for daily use, scriptable commands for CI.
 
+**Web app:** [fuzzi-ten.vercel.app](https://fuzzi-ten.vercel.app)
+
 ```bash
 npm install -g fuzzi-cli
 fuzzi
@@ -14,7 +16,7 @@ fuzzi
 1. **Install** the CLI (above)
 2. **Run** `fuzzi`
 3. You'll see **Sign in to continue** — press **Enter**
-4. Your **browser opens** to app.fuzzi.dev — log in or sign up
+4. Your **browser opens** to [fuzzi-ten.vercel.app](https://fuzzi-ten.vercel.app) — log in or sign up
 5. After authorizing, return to the terminal — you're in
 
 ```
@@ -24,7 +26,7 @@ fuzzi
 › /palette                 # search commands
 ```
 
-No browser? Use **`/auth-key`** to paste an API key from [Settings → API Keys](https://app.fuzzi.dev/settings/api-keys).
+No browser? Use **`/auth-key`** to paste an API key from [Settings → API Keys](https://fuzzi-ten.vercel.app/settings/api-keys).
 
 ---
 
@@ -74,10 +76,7 @@ fuzzi scan https://staging.example.com --fail-on high
 # JSON for pipelines
 fuzzi scan https://example.com --format json
 
-# Machine-readable exit codes
-#   0 = success, risk below threshold
-#   1 = scan done, risk at/above --fail-on
-#   2 = error (network, auth, bad URL)
+# Exit codes: 0 = pass, 1 = risk threshold met, 2 = error
 ```
 
 ### All commands
@@ -91,15 +90,12 @@ fuzzi auth logout
 fuzzi scan <url> [--wait] [--no-wait] [--format table|json|markdown]
                [--env production|staging|development]
                [--fail-on low|medium|high|critical]
-               [--fail-threshold 0.0-1.0]
 
-fuzzi scans list [--status] [--risk-level] [--limit 20]
-fuzzi scans get <scan-id> [--format table|json|markdown]
-fuzzi report <scan-id> --format pdf|csv|json [-o file]
+fuzzi scans list | get <scan-id>
+fuzzi report <scan-id> --format pdf|csv|json
 fuzzi whatif <scan-id> --set dimension=0.5
 fuzzi compare <scan-a> <scan-b>
-
-fuzzi config list | get [key] | set <key> <value>
+fuzzi config list | get | set
 fuzzi status
 fuzzi --help
 ```
@@ -111,84 +107,48 @@ fuzzi --help
 | File | Purpose |
 |------|---------|
 | `~/.fuzzi/credentials` | API key (mode 600) |
-| `~/.fuzzi/config` | CLI defaults (`default_env`, `default_format`) |
-| `~/.fuzzi/history` | Shell command history |
-| `.fuzzirc` or `fuzzi.toml` | Project defaults in repo root |
-
-**Example `.fuzzirc`:**
-
-```json
-{
-  "scan": {
-    "url": "https://staging.example.com",
-    "environment": "staging",
-    "fail_on": "high"
-  },
-  "output": { "format": "markdown" }
-}
-```
+| `~/.fuzzi/config` | CLI defaults |
+| `.fuzzirc` / `fuzzi.toml` | Project defaults |
 
-Flags on the command line override file values.
+**Default API:** `https://fuzzi-ten.vercel.app/api`
 
 ```bash
 fuzzi config set default_env staging
-fuzzi config set default_format markdown
-export FUZZI_API_URL=https://app.fuzzi.dev/api   # override API
-export FUZZI_DEBUG=1                              # debug logging
+export FUZZI_API_URL=https://fuzzi-ten.vercel.app/api   # override if needed
+export FUZZI_DEBUG=1
 ```
 
 ---
 
-## CI example (GitHub Actions)
+## CI example
 
 ```yaml
 - name: Fuzzi security gate
   run: |
     npm install -g fuzzi-cli
     fuzzi auth login --api-key "${{ secrets.FUZZI_API_KEY }}"
-    fuzzi scan https://staging.example.com --fail-on critical --format markdown
+    fuzzi scan https://staging.example.com --fail-on critical
 ```
 
 ---
 
-## For web / frontend developers
+## For web developers
 
-The CLI browser login flow requires pages and API routes on **app.fuzzi.dev**.
+Browser login and API contracts for [fuzzi-ten.vercel.app](https://fuzzi-ten.vercel.app):
 
-See **[docs/frontend-integration.md](./docs/frontend-integration.md)** for:
-
-- `/cli-auth` page spec
-- `POST /api/cli/handoff` contract
-- API keys settings UI
-- Full feature parity checklist
+See **[docs/frontend-integration.md](./docs/frontend-integration.md)**
 
 ---
 
 ## Development
 
 ```bash
-git clone <repo>
-cd fuzzi-cli
-npm install
-npm test
-npm run build
-npm link          # optional: global `fuzzi` command
+npm install && npm test && npm run build
+npm link   # optional global `fuzzi` command
 ```
 
----
-
-## Publish to npm
+## Publish
 
 ```bash
-npm login
 npm publish --access public
 ```
-
-Or tag `v0.1.0` and let GitHub Actions publish (requires `NPM_TOKEN` secret).
-
----
-
-## Brand
-
-- Accent: `#4FC3A1` (teal)
-- Risk: LOW green · MEDIUM amber · HIGH red · CRITICAL purple

package/assets/changelog.json

@@ -1,4 +1,24 @@
 [
+  {
+    "version": "0.1.3",
+    "date": "2026-06-19",
+    "highlights": [
+      "Production app URL: fuzzi-ten.vercel.app",
+      "API default: fuzzi-ten.vercel.app/api",
+      "Claude Code-style two-column home screen",
+      "Browser sign-in on startup"
+    ]
+  },
+  {
+    "version": "0.1.2",
+    "date": "2026-06-19",
+    "highlights": [
+      "Claude Code-style two-column home screen",
+      "Thicker pixel shield mascot",
+      "Contextual tips and what's-new panels",
+      "Full terminal width layout"
+    ]
+  },
   {
     "version": "0.1.1",
     "date": "2026-06-19",

package/dist/index.js

@@ -9,7 +9,7 @@ var __export = (target, all) => {
 };
 
 // src/types/brand.ts
-var BRAND, RISK_COLORS, VERSION, APP_ORIGIN, DEFAULT_API_URL;
+var BRAND, RISK_COLORS, VERSION, APP_ORIGIN, DEFAULT_API_URL, SETTINGS_API_KEYS_URL, CLI_AUTH_URL, APP_HOST;
 var init_brand = __esm({
   "src/types/brand.ts"() {
     "use strict";
@@ -27,9 +27,12 @@ var init_brand = __esm({
       HIGH: "#EF4444",
       CRITICAL: "#A855F7"
     };
-    VERSION = "0.1.1";
-    APP_ORIGIN = "https://app.fuzzi.dev";
+    VERSION = "0.1.3";
+    APP_ORIGIN = "https://fuzzi-ten.vercel.app";
     DEFAULT_API_URL = `${APP_ORIGIN}/api`;
+    SETTINGS_API_KEYS_URL = `${APP_ORIGIN}/settings/api-keys`;
+    CLI_AUTH_URL = `${APP_ORIGIN}/cli-auth`;
+    APP_HOST = "fuzzi-ten.vercel.app";
   }
 });
 
@@ -220,9 +223,9 @@ function mapErrorMessage(status, body) {
       return "API key has been revoked. Please log in again.";
     }
     if (code === "key_expired" || msg.toLowerCase().includes("expired")) {
-      return "API key has expired. Generate a new one at https://app.fuzzi.dev/settings/api-keys";
+      return `API key has expired. Generate a new one at ${SETTINGS_API_KEYS_URL}`;
     }
-    return "Invalid API key. Generate a new one at https://app.fuzzi.dev/settings/api-keys";
+    return `Invalid API key. Generate a new one at ${SETTINGS_API_KEYS_URL}`;
   }
   if (status === 403 && (code === "ssrf" || msg.toLowerCase().includes("private ip"))) {
     return "This URL is not allowed (private IP address detected). Please scan a public-facing URL.";
@@ -253,6 +256,7 @@ var init_api_client = __esm({
     init_config();
     init_credentials();
     init_logger();
+    init_brand();
     ApiError = class extends Error {
       constructor(message, status, code, body, exitCode) {
         super(message);
@@ -302,7 +306,7 @@ var init_api_client = __esm({
           });
         } catch {
           throw new ApiError(
-            "Could not connect to app.fuzzi.dev. Check your internet connection or try again later.",
+            `Could not connect to ${APP_HOST}. Check your internet connection or try again later.`,
             0,
             "network_error",
             void 0,
@@ -358,7 +362,7 @@ var init_api_client = __esm({
           res = await fetch(url, { headers: this.headers() });
         } catch {
           throw new ApiError(
-            "Could not connect to app.fuzzi.dev. Check your internet connection or try again later.",
+            `Could not connect to ${APP_HOST}. Check your internet connection or try again later.`,
             0,
             "network_error",
             void 0,
@@ -441,7 +445,7 @@ function warn(text) {
 function info(text) {
   return color(BRAND.accent, chalk.cyan)(text);
 }
-var accent, accentBold, muted, bold, dim;
+var accent, accentBold, muted, bold, dim, italic;
 var init_theme = __esm({
   "src/terminal/theme.ts"() {
     "use strict";
@@ -452,6 +456,7 @@ var init_theme = __esm({
     muted = color(BRAND.textSecondary, chalk.gray);
     bold = chalk.bold;
     dim = chalk.dim;
+    italic = chalk.italic;
   }
 });
 
@@ -533,12 +538,39 @@ function panel(content, opts = {}) {
     title: opts.title ? accentBold(opts.title) : void 0,
     padding: opts.padding ?? 1,
     margin: { top: 0, bottom: opts.marginBottom ?? 1, left: 0, right: 0 },
-    borderStyle: "round",
+    borderStyle: opts.borderStyle ?? "classic",
     borderColor: getCapabilities().trueColor ? BRAND.accent : void 0,
     titleAlignment: "left",
     width
   });
 }
+function centerInColumn(text, colWidth) {
+  return text.split("\n").map((line) => {
+    const plain = line.replace(/\x1b\[[0-9;]*m/g, "");
+    const pad = Math.max(0, Math.floor((colWidth - plain.length) / 2));
+    return " ".repeat(pad) + line;
+  }).join("\n");
+}
+function splitHomePanel(opts) {
+  const total = contentWidth();
+  const leftW = Math.max(28, Math.floor(total * (opts.leftRatio ?? 0.34)));
+  const rightW = total - leftW - 3;
+  const leftLines = opts.left.split("\n");
+  const rightTop = opts.rightTop.split("\n");
+  const rightDiv = dim("\u2500".repeat(Math.max(10, rightW)));
+  const rightBottom = opts.rightBottom.split("\n");
+  const rightLines = [...rightTop, "", rightDiv, "", ...rightBottom];
+  const rows = Math.max(leftLines.length, rightLines.length);
+  const sep = dim("\u2502");
+  const body = [""];
+  for (let i = 0; i < rows; i++) {
+    const l = padEndVisible(leftLines[i] ?? "", leftW);
+    const r = rightLines[i] ?? "";
+    body.push(`${l} ${sep} ${r}`);
+  }
+  body.push("");
+  return panel(body.join("\n"), { title: opts.title, marginBottom: 0, borderStyle: "classic" });
+}
 function columns(left, right, leftWidth) {
   const total = contentWidth();
   const split = leftWidth ?? Math.floor(total * 0.48);
@@ -565,13 +597,6 @@ function keyValue(rows, indent = 2) {
   const maxKey = Math.max(...rows.map(([k]) => k.length), 4);
   return rows.map(([k, v]) => `${pad}${muted(k.padEnd(maxKey))}  ${v}`).join("\n");
 }
-function centerBlock(text, width = contentWidth()) {
-  return text.split("\n").map((line) => {
-    const plain = line.replace(/\x1b\[[0-9;]*m/g, "");
-    const pad = Math.max(0, Math.floor((width - plain.length) / 2));
-    return " ".repeat(pad) + line;
-  }).join("\n");
-}
 var init_layout = __esm({
   "src/terminal/layout.ts"() {
     "use strict";
@@ -781,6 +806,7 @@ async function runBrowserLogin() {
 }
 
 // src/commands/auth.ts
+init_brand();
 async function runAuthLogin(opts = {}) {
   if (opts.browser || opts.interactive !== false && !opts.apiKey && !opts.apiKeyOnly) {
     try {
@@ -820,7 +846,7 @@ async function runApiKeyLogin(opts = {}) {
   apiKey = apiKey.trim();
   if (!isValidApiKeyFormat(apiKey)) {
     throw new ApiError(
-      "Invalid API key format. Generate a new one at https://app.fuzzi.dev/settings/api-keys",
+      `Invalid API key format. Generate a new one at ${SETTINGS_API_KEYS_URL}`,
       401,
       "invalid_key_format",
       void 0,
@@ -831,7 +857,7 @@ async function runApiKeyLogin(opts = {}) {
   const valid = await client.validateToken();
   if (!valid) {
     throw new ApiError(
-      "Invalid API key. Generate a new one at https://app.fuzzi.dev/settings/api-keys",
+      `Invalid API key. Generate a new one at ${SETTINGS_API_KEYS_URL}`,
       401,
       "invalid_token",
       void 0,
@@ -972,13 +998,14 @@ init_theme();
 
 // src/lib/errors.ts
 init_api_client();
+init_brand();
 function formatApiError(err) {
   if (err instanceof ApiError) {
     return err.message;
   }
   if (err instanceof Error) {
     if (err.message.includes("fetch failed") || err.message.includes("ECONNREFUSED")) {
-      return "Could not connect to app.fuzzi.dev. Check your internet connection or try again later.";
+      return `Could not connect to ${APP_HOST}. Check your internet connection or try again later.`;
     }
     return `An error occurred: ${err.message}. Please report this at https://github.com/fuzzi-cli/fuzzi-cli/issues`;
   }
@@ -1455,16 +1482,23 @@ function buildProgram() {
 import * as readline from "readline/promises";
 import { stdin as input3, stdout as output } from "process";
 
+// src/shell/home-screen.ts
+import { homedir as homedir3 } from "os";
+
 // src/shell/ascii-mark.ts
 function renderFuzziMark() {
   return [
-    "       \u256D\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u256E",
-    "      \u2571   \u250C\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510   \u2572",
-    "     \u2502    \u2502 FUZZI \u2502    \u2502",
-    "     \u2502    \u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518    \u2502",
-    "     \u2502       \u2593\u2593\u2593       \u2502",
-    "      \u2572               \u2571",
-    "       \u2570\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u256F"
+    "      \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588",
+    "    \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588",
+    "    \u2588\u2588          \u2588\u2588",
+    "    \u2588\u2588  \u2588\u2588\u2588\u2588\u2588\u2588  \u2588\u2588",
+    "    \u2588\u2588  \u2588\u2588\u2588\u2588\u2588\u2588  \u2588\u2588",
+    "    \u2588\u2588   \u2588\u2588\u2588\u2588   \u2588\u2588",
+    "    \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588",
+    "      \u2588\u2588      \u2588\u2588",
+    "      \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588",
+    "        \u2588\u2588  \u2588\u2588",
+    "        \u2588\u2588  \u2588\u2588"
   ].join("\n");
 }
 
@@ -1508,52 +1542,110 @@ async function fetchHomeData(profile, cwd4) {
   }
   return { profile, cwd: cwd4, changelog };
 }
-function renderHomeScreen(data) {
-  const w = contentWidth();
+function isHomeDir(dir) {
+  return dir === homedir3() || dir === homedir3().replace(/\/$/, "");
+}
+function renderLeftColumn(data) {
+  const colW = Math.max(28, Math.floor(contentWidth() * 0.34));
   const name = data.profile?.full_name || data.profile?.email?.split("@")[0] || "there";
   const org = data.profile?.organization?.trim();
-  const welcome = data.profile ? accentBold(`Welcome back, ${name}!`) : accentBold("Welcome to Fuzzi");
-  const mark = centerBlock(accent(renderFuzziMark()), w);
-  const statusLine = data.profile ? [accent("\u25CF Connected"), org, muted(data.profile.email)].filter(Boolean).join(muted("  \xB7  ")) : muted("Not connected") + muted("  \xB7  ") + info("Press Enter to sign in via browser");
-  const cwdLine = centerBlock(muted(data.cwd), w);
-  const latest = data.changelog[0];
-  const whatsNewTitle = accentBold("What's new");
-  const whatsNew = latest ? [
-    whatsNewTitle,
-    ...latest.highlights.slice(0, 3).map((h) => muted(`  \xB7 ${h}`)),
-    muted("  /changelog for more")
-  ].join("\n") : [whatsNewTitle, muted("  Stay tuned for updates")].join("\n");
-  const quickTitle = accentBold("Quick actions");
-  const quickActions = [
-    quickTitle,
-    accent("/scan") + muted(" <url>     ") + muted("security scan"),
-    accent("/scans") + muted("          ") + muted("browse history"),
-    accent("/status") + muted("         ") + muted("account info"),
-    accent("/auth") + muted("           ") + muted("sign in (browser)"),
-    accent("/auth-key") + muted("       ") + muted("paste API key"),
-    accent("/palette") + muted("        ") + muted("search commands"),
-    accent("/help") + muted("           ") + muted("all commands")
-  ].join("\n");
-  const footer = data.profile ? muted("Type a command below  \xB7  /palette to search  \xB7  Ctrl+C to exit") : muted("Press Enter at startup to sign in via browser  \xB7  or /auth-key");
-  const body = [
-    "",
-    centerBlock(welcome, w),
-    "",
-    mark,
-    "",
-    centerBlock(statusLine, w),
-    cwdLine,
-    "",
-    divider(),
-    "",
-    columns(quickActions, whatsNew),
-    "",
-    divider(),
+  const mark = centerInColumn(accent(renderFuzziMark()), colW);
+  const lines = [];
+  if (data.profile) {
+    lines.push(
+      accentBold(`Welcome back ${name}!`),
+      "",
+      mark,
+      "",
+      [accent("\u25CF Connected"), muted("\xB7"), info("API Key auth"), org ? muted("\xB7 " + org) : ""].filter(Boolean).join(" "),
+      muted(data.profile.email),
+      data.profile.role ? muted(`Role: ${data.profile.role}`) : "",
+      "",
+      muted(data.cwd),
+      "",
+      accent("/scan") + muted(" <url>   scan a target"),
+      accent("/scans") + muted("        browse history"),
+      accent("/status") + muted("       account info"),
+      accent("/keys") + muted("         manage keys"),
+      accent("/palette") + muted("      find commands")
+    );
+  } else {
+    lines.push(
+      accentBold("Welcome to Fuzzi!"),
+      "",
+      mark,
+      "",
+      muted("Not connected"),
+      info("Press Enter to sign in"),
+      "",
+      muted(data.cwd),
+      "",
+      accent("/auth") + muted("      browser sign-in"),
+      accent("/auth-key") + muted("  paste API key"),
+      accent("/scan") + muted(" <url>  after login"),
+      accent("/help") + muted("       all commands")
+    );
+  }
+  return lines.filter((l) => l !== "").join("\n");
+}
+function renderTipsColumn(data) {
+  const lines = [
+    accentBold("Tips for getting started"),
     "",
-    centerBlock(footer, w),
+    `Run ${accent("/scan")}${muted(" <url>")} to scan a site for security risks`,
+    `Run ${accent("/palette")} to search every available command`,
+    `Run ${accent("/help")} for the full command reference`,
     ""
-  ].join("\n");
-  return panel(body, { title: `Fuzzi CLI v${VERSION}`, marginBottom: 0 });
+  ];
+  if (!data.profile) {
+    lines.push(
+      muted("Note: You launched without credentials."),
+      muted("Press Enter at the prompt to open your browser,"),
+      muted("or use /auth-key to paste an API key."),
+      ""
+    );
+  } else if (isHomeDir(data.cwd)) {
+    lines.push(
+      muted("Note: You launched fuzzi in your home directory."),
+      muted("cd into a project folder first for better context,"),
+      muted("or pass URLs directly: /scan https://example.com"),
+      ""
+    );
+  } else {
+    lines.push(
+      muted("Note: Add a .fuzzirc in this directory to set default"),
+      muted("scan URL, environment, and output format for the team."),
+      ""
+    );
+  }
+  lines.push(
+    muted("CI usage: "),
+    muted("fuzzi scan <url> --fail-on critical --format json")
+  );
+  return lines.join("\n");
+}
+function renderWhatsNewColumn(data) {
+  const latest = data.changelog[0];
+  const lines = [accentBold("What's new"), ""];
+  if (latest) {
+    for (const h of latest.highlights.slice(0, 4)) {
+      lines.push(muted(h));
+    }
+    lines.push("");
+    lines.push(italic(muted("/changelog for more")));
+  } else {
+    lines.push(muted("Stay tuned for updates."));
+  }
+  return lines.join("\n");
+}
+function renderHomeScreen(data) {
+  return splitHomePanel({
+    title: `Fuzzi CLI v${VERSION}`,
+    left: renderLeftColumn(data),
+    rightTop: renderTipsColumn(data),
+    rightBottom: renderWhatsNewColumn(data),
+    leftRatio: 0.36
+  });
 }
 function renderChangelog(entries) {
   if (!entries.length) return muted("No changelog entries.");
@@ -1582,6 +1674,9 @@ function emptyState(title, hint, action) {
   return lines.join("\n");
 }
 
+// src/commands/keys.ts
+init_brand();
+
 // src/terminal/interactive.ts
 init_theme();
 import { select, search } from "@inquirer/prompts";
@@ -1616,7 +1711,7 @@ async function runKeysListCommand(client) {
   const data = await client.get("/keys");
   const keys = data.results || [];
   if (!keys.length) {
-    return emptyState("No API keys", "Create one at app.fuzzi.dev/settings/api-keys", "[n] new key in this view");
+    return emptyState("No API keys", `Create one at ${SETTINGS_API_KEYS_URL}`, "[n] new key in this view");
   }
   const rows = keys.map((k) => [
     k.name,
@@ -2079,23 +2174,45 @@ async function tryGetProfile() {
 }
 
 // src/shell/auth-gate.ts
+init_brand();
 function renderAuthGate() {
-  const w = contentWidth();
-  const body = [
+  const colW = Math.max(28, Math.floor(contentWidth() * 0.36));
+  const mark = centerInColumn(accent(renderFuzziMark()), colW);
+  const left = [
+    accentBold("Welcome to Fuzzi!"),
     "",
-    centerBlock(accent(renderFuzziMark()), w),
+    mark,
     "",
-    centerBlock(accentBold("Sign in to continue"), w),
+    muted("Not connected"),
+    info("Sign in to run scans"),
     "",
-    centerBlock(muted("The CLI needs your Fuzzi account to run scans."), w),
+    accent("/auth-key") + muted("  paste API key"),
+    accent("/help") + muted("       commands")
+  ].join("\n");
+  const rightTop = [
+    accentBold("Sign in to continue"),
     "",
-    divider(),
+    info("Press Enter to open your browser"),
+    muted("and authorize the CLI."),
     "",
-    centerBlock(info("Press Enter to open your browser and sign in"), w),
-    centerBlock(muted("Or type /auth-key later to paste an API key instead"), w),
-    ""
+    muted("A local server receives the callback"),
+    muted(`from ${APP_HOST} automatically.`)
   ].join("\n");
-  return panel(body, { title: "Fuzzi CLI", marginBottom: 1 });
+  const rightBottom = [
+    accentBold("Other options"),
+    "",
+    muted("Paste an API key with /auth-key"),
+    muted("from Settings \u2192 API Keys on the web."),
+    "",
+    italic(muted(SETTINGS_API_KEYS_URL))
+  ].join("\n");
+  return splitHomePanel({
+    title: `Fuzzi CLI v${VERSION}`,
+    left,
+    rightTop,
+    rightBottom,
+    leftRatio: 0.36
+  });
 }
 function waitForEnter() {
   return new Promise((resolve) => {
@@ -2122,7 +2239,7 @@ async function runAuthGate() {
   } catch (e) {
     progress.fail("Sign-in failed");
     console.log(muted(formatApiError(e)));
-    console.log(muted("You can still use /auth-key to paste an API key, or /auth to retry browser login."));
+    console.log(muted("Use /auth-key to paste an API key, or /auth to retry."));
     return null;
   }
 }