happyskills 0.12.0 → 0.13.0

package/CHANGELOG.md

@@ -7,6 +7,19 @@ and this project adheres to [Semantic Versioning](https://semver.org/).
 
 ## [Unreleased]
 
+## [0.13.0] - 2026-03-12
+
+### Added
+- Add `visibility` command to check or set a skill's visibility in the registry — supports `public`, `private`, and `workspace` values; alias `vis`
+- Add `patch` method to API client for PATCH requests
+- Add `patch_repo` function to repos API module
+
+## [0.12.1] - 2026-03-12
+
+### Fixed
+- Fix `whoami` silently swallowing workspace listing errors — now surfaces a `workspace_error` field in JSON mode and prints a warning with auth hint in human mode
+- Fix `check` and `refresh` reporting `status: "unknown"` for private skills the user owns but can't access due to auth issues — now reports `status: "no-access"` with a login hint
+
 ## [0.12.0] - 2026-03-12
 
 ### Added

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "happyskills",
-	"version": "0.12.0",
+	"version": "0.13.0",
 	"description": "Package manager for AI agent skills",
 	"license": "SEE LICENSE IN LICENSE",
 	"author": "Nicolas Dao <nic@cloudlesslabs.com> (https://cloudlesslabs.com)",

package/src/api/client.js

@@ -60,6 +60,7 @@ const request = (method, path, options = {}) => catch_errors(`API ${method} ${pa
 const get = (path, options) => request('GET', path, options)
 const post = (path, body, options) => request('POST', path, { ...options, body })
 const put = (path, body, options) => request('PUT', path, { ...options, body })
+const patch = (path, body, options) => request('PATCH', path, { ...options, body })
 const del = (path, options) => request('DELETE', path, options)
 
-module.exports = { request, get, post, put, del, get_base_url }
+module.exports = { request, get, post, put, patch, del, get_base_url }

package/src/api/repos.js

@@ -58,4 +58,10 @@ const del_repo = (owner, name) => catch_errors(`Failed to delete ${owner}/${name
 	return data
 })
 
-module.exports = { search, resolve_dependencies, clone, push, get_refs, get_repo, check_updates, del_repo }
+const patch_repo = (owner, name, fields) => catch_errors(`Failed to update ${owner}/${name}`, async () => {
+	const [errors, data] = await client.patch(`/repos/${encodeURIComponent(owner)}/${encodeURIComponent(name)}`, fields)
+	if (errors) throw errors[errors.length - 1]
+	return data
+})
+
+module.exports = { search, resolve_dependencies, clone, push, get_refs, get_repo, check_updates, del_repo, patch_repo }

package/src/commands/check.js

@@ -2,7 +2,7 @@ const { error: { catch_errors, wrap_errors: e } } = require('puffy-core')
 const { read_lock, get_all_locked_skills } = require('../lock/reader')
 const repos_api = require('../api/repos')
 const { gt } = require('../utils/semver')
-const { print_help, print_table, print_json, print_info, print_success, print_hint, code } = require('../ui/output')
+const { print_help, print_table, print_json, print_info, print_success, print_warn, print_hint, code } = require('../ui/output')
 const { green, yellow, red } = require('../ui/colors')
 const { exit_with_error } = require('../utils/errors')
 const { find_project_root } = require('../config/paths')
@@ -68,7 +68,9 @@ const run = (args) => catch_errors('Check failed', async () => {
 	} else {
 		for (const [name, data] of to_check) {
 			const info = batch_data?.results?.[name]
-			if (!info || !info.latest_version) {
+			if (info?.access_denied) {
+				results.push({ skill: name, installed: data.version, latest: '-', status: 'no-access' })
+			} else if (!info || !info.latest_version) {
 				results.push({ skill: name, installed: data.version, latest: '-', status: 'unknown' })
 			} else if (info.latest_version === data.version) {
 				results.push({ skill: name, installed: data.version, latest: info.latest_version, status: 'up-to-date' })
@@ -90,6 +92,7 @@ const run = (args) => catch_errors('Check failed', async () => {
 	const status_colors = {
 		'up-to-date': green,
 		'outdated': yellow,
+		'no-access': yellow,
 		'error': red,
 		'unknown': (s) => s
 	}
@@ -104,6 +107,7 @@ const run = (args) => catch_errors('Check failed', async () => {
 	print_table(['Skill', 'Installed', 'Latest', 'Status'], rows)
 
 	const outdated = results.filter(r => r.status === 'outdated')
+	const no_access = results.filter(r => r.status === 'no-access')
 	if (outdated.length > 0) {
 		console.log()
 		print_info(`Run ${code('happyskills update')} to upgrade ${outdated.length} skill(s).`)
@@ -111,6 +115,11 @@ const run = (args) => catch_errors('Check failed', async () => {
 		console.log()
 		print_success('All skills are up to date.')
 	}
+	if (no_access.length > 0) {
+		console.log()
+		print_warn('Some skills require authentication.')
+		print_hint(`Run ${code('happyskills login')} to refresh your session.`)
+	}
 }).then(([errors]) => { if (errors) { exit_with_error(errors); return } })
 
 module.exports = { run }

package/src/commands/refresh.js

@@ -3,7 +3,7 @@ const { install } = require('../engine/installer')
 const { read_lock, get_all_locked_skills } = require('../lock/reader')
 const repos_api = require('../api/repos')
 const { gt } = require('../utils/semver')
-const { print_help, print_table, print_json, print_info, print_success, code } = require('../ui/output')
+const { print_help, print_table, print_json, print_info, print_success, print_warn, print_hint, code } = require('../ui/output')
 const { green, yellow, red } = require('../ui/colors')
 const { create_spinner } = require('../ui/spinner')
 const { exit_with_error } = require('../utils/errors')
@@ -74,7 +74,9 @@ const run = (args) => catch_errors('Refresh failed', async () => {
 		spinner?.succeed('Checked for updates')
 		for (const [name, data] of to_check) {
 			const info = batch_data?.results?.[name]
-			if (!info || !info.latest_version) {
+			if (info?.access_denied) {
+				results.push({ skill: name, installed: data.version, latest: '-', status: 'no-access' })
+			} else if (!info || !info.latest_version) {
 				results.push({ skill: name, installed: data.version, latest: '-', status: 'unknown' })
 			} else if (info.latest_version === data.version) {
 				results.push({ skill: name, installed: data.version, latest: info.latest_version, status: 'up-to-date' })
@@ -105,7 +107,7 @@ const run = (args) => catch_errors('Refresh failed', async () => {
 
 	// 3. Show results table (non-json)
 	if (!args.flags.json) {
-		const status_colors = { 'up-to-date': green, 'outdated': yellow, 'error': red, 'unknown': (s) => s }
+		const status_colors = { 'up-to-date': green, 'outdated': yellow, 'no-access': yellow, 'error': red, 'unknown': (s) => s }
 		print_table(['Skill', 'Installed', 'Latest', 'Status'], results.map(r => [
 			r.skill, r.installed, r.latest, (status_colors[r.status] || ((s) => s))(r.status)
 		]))

package/src/commands/visibility.js

@@ -0,0 +1,79 @@
+const { error: { catch_errors } } = require('puffy-core')
+const { get_repo, patch_repo } = require('../api/repos')
+const { require_token } = require('../auth/token_store')
+const { print_help, print_json, print_success } = require('../ui/output')
+const { exit_with_error, UsageError } = require('../utils/errors')
+const { EXIT_CODES } = require('../constants')
+
+const VALID_VISIBILITIES = ['public', 'private', 'workspace']
+
+const HELP_TEXT = `Usage: happyskills visibility <owner/name> [visibility] [options]
+
+Check or set a skill's visibility in the registry.
+
+Arguments:
+  owner/name        Skill to check or update (e.g., acme/deploy-aws)
+  visibility        New visibility: public, private, or workspace (omit to check current)
+
+Options:
+  --json            Output as JSON
+
+Aliases: vis
+
+Examples:
+  happyskills visibility acme/deploy-aws
+  happyskills visibility acme/deploy-aws public
+  happyskills vis acme/deploy-aws --json`
+
+const run = (args) => catch_errors('Visibility failed', async () => {
+	if (args.flags._show_help) {
+		print_help(HELP_TEXT)
+		return process.exit(EXIT_CODES.SUCCESS)
+	}
+
+	const skill = args._[0]
+	if (!skill) {
+		throw new UsageError('Please specify a skill (e.g., happyskills visibility acme/deploy-aws).')
+	}
+
+	if (!skill.includes('/')) {
+		throw new UsageError('Skill must be in owner/name format (e.g., acme/deploy-aws).')
+	}
+
+	await require_token()
+
+	const [owner, name] = skill.split('/')
+	const new_visibility = args._[1]
+
+	if (new_visibility) {
+		if (!VALID_VISIBILITIES.includes(new_visibility)) {
+			throw new UsageError(`Invalid visibility "${new_visibility}". Must be one of: ${VALID_VISIBILITIES.join(', ')}.`)
+		}
+
+		const [errors, result] = await patch_repo(owner, name, { visibility: new_visibility })
+		if (errors) throw errors[errors.length - 1]
+
+		const visibility = result?.visibility || new_visibility
+
+		if (args.flags.json) {
+			print_json({ data: { skill, visibility } })
+			return
+		}
+
+		print_success(`Visibility for "${skill}" set to ${visibility}.`)
+	} else {
+		const [errors, result] = await get_repo(owner, name, { auth: true })
+		if (errors) throw errors[errors.length - 1]
+
+		const visibility = result?.visibility || 'unknown'
+
+		if (args.flags.json) {
+			print_json({ data: { skill, visibility } })
+			return
+		}
+
+		print_success(`Visibility for "${skill}" is ${visibility}.`)
+	}
+}).then(([errors]) => { if (errors) { exit_with_error(errors); return } })
+
+module.exports = { run }

package/src/commands/whoami.js

@@ -1,7 +1,7 @@
 const { error: { catch_errors, wrap_errors: e } } = require('puffy-core')
 const { require_token } = require('../auth/token_store')
 const workspaces_api = require('../api/workspaces')
-const { print_help, print_label, print_json } = require('../ui/output')
+const { print_help, print_label, print_json, print_warn, print_hint } = require('../ui/output')
 const { exit_with_error } = require('../utils/errors')
 const { EXIT_CODES } = require('../constants')
 
@@ -42,14 +42,20 @@ const run = (args) => catch_errors('Whoami failed', async () => {
 	const [ws_err, workspaces] = await workspaces_api.list_workspaces()
 
 	if (args.flags.json) {
-		print_json({ data: { username, email, workspaces: ws_err ? [] : workspaces } })
+		const json_data = { username, email, workspaces: ws_err ? [] : workspaces }
+		if (ws_err) json_data.workspace_error = ws_err.map(er => er.message).join(': ')
+		print_json({ data: json_data })
 		return
 	}
 
 	print_label('Username', username)
 	print_label('Email', email)
 
-	if (!ws_err && workspaces && workspaces.length > 0) {
+	if (ws_err) {
+		console.log()
+		print_warn(`Failed to list workspaces: ${ws_err.map(er => er.message).join(': ')}`)
+		print_hint('Check your authentication with happyskills login')
+	} else if (workspaces && workspaces.length > 0) {
 		console.log()
 		print_label('Workspaces', '')
 		for (const ws of workspaces) {

package/src/constants.js

@@ -34,7 +34,8 @@ const COMMAND_ALIASES = {
 	up: 'update',
 	pub: 'publish',
 	v: 'validate',
-	del: 'delete'
+	del: 'delete',
+	vis: 'visibility'
 }
 
 const COMMANDS = [
@@ -42,6 +43,7 @@ const COMMANDS = [
 	'install',
 	'uninstall',
 	'delete',
+	'visibility',
 	'list',
 	'search',
 	'check',

package/src/index.js

@@ -88,6 +88,7 @@ Commands:
   install [owner/skill]    Install skill + dependencies (alias: i, add)
   uninstall <owner/skill>  Remove skill + prune orphans (alias: rm, remove)
   delete <owner/skill>     Delete skill from registry (alias: del)
+  visibility <owner/skill> Check or set visibility (alias: vis)
   list                     List installed skills (alias: ls)
   search <query>           Search the registry (alias: s)
   check [owner/skill]      Check for available updates