linkedin-apply-assistant 0.1.3 → 0.1.4

package/CHANGELOG.md

@@ -6,6 +6,16 @@ This file follows the spirit of Keep a Changelog and uses semantic version label
 
 ## [Unreleased]
 
+## [0.1.4] - 2026-06-13
+
+### Fixed
+
+- Made `linkedin-apply-assistant --verbose` print root help and a first-run hint
+  instead of failing with a missing `command` parser error.
+- Made `linkedin-apply-assistant config` default to the read-only
+  `config check` diagnostics command instead of failing with a missing
+  `config_command` parser error.
+
 ## [0.1.3] - 2026-06-13
 
 ### Changed

package/README.md

@@ -7,7 +7,7 @@ LinkedIn-apply-assistant is an experimental local browser automation assistant f
 
 The package is local-first. It does not require credentials in config, copied browser profiles, private documents, or generated reports to import, inspect, or run its deterministic tests.
 
-Current package metadata version: `0.1.3`.
+Current package metadata version: `0.1.4`.
 
 ## Safety Boundary
 

package/RELEASE_CHECKLIST.md

@@ -443,6 +443,50 @@ Distribution safety boundary:
   download and run that public script
 - PyPI and TestPyPI uploads stay out of this release
 
+## v0.1.4 CLI Missing-Command UX Release
+
+This patch fixes first-run command-line behavior so missing subcommands produce
+actionable output instead of raw argparse parser errors.
+
+Scope:
+
+- Package version: `0.1.4`
+- npm package: `linkedin-apply-assistant`
+- npm dist-tag: `latest`
+- GitHub Release: `v0.1.4`
+- Repository: `MohammedGhazal09/linkedin-apply-assistant`
+- Runtime behavior, browser safety posture, and public apply/search boundaries are unchanged.
+- `linkedin-apply-assistant --verbose` prints root help and a first-run hint.
+- `linkedin-apply-assistant config` runs the same read-only diagnostics as
+  `linkedin-apply-assistant config check`.
+- PyPI and TestPyPI remain future channels.
+
+Required local evidence before public sync:
+
+```powershell
+python -m pytest tests\test_cli_help.py tests\test_config_diagnostics.py tests\test_distribution_metadata.py tests\test_docs_smoke.py tests\test_registry_publication_strategy.py tests\test_release_readiness.py tests\test_npm_launcher.py tests\test_distribution_smoke.py tests\test_release_manifest.py -q
+python scripts\release.py clean
+python scripts\release.py manifest --check
+python scripts\release.py verify
+npm pack --dry-run --json
+```
+
+Post-publish verification:
+
+```powershell
+npm view linkedin-apply-assistant version --json
+npm view linkedin-apply-assistant dist-tags --json
+linkedin-apply-assistant --verbose
+linkedin-apply-assistant --verbose config
+gh release view v0.1.4 --repo MohammedGhazal09/linkedin-apply-assistant --json tagName,name,url,isDraft,isPrerelease,targetCommitish
+```
+
+Distribution safety boundary:
+
+- no lifecycle install, publish, or token scripts are added to `package.json`
+- `config` shorthand remains read-only and creates no files or directories
+- PyPI and TestPyPI uploads stay out of this release
+
 ## Required Public Metadata
 
 `package.json` must include exactly these public project fields:
@@ -496,7 +540,7 @@ Do not publish while any hard blocker remains unresolved.
 - `LEGAL.md` and `SAFETY.md` remain linked from README.
 - `MIGRATION.md` explains extraction scope and excluded root surfaces.
 - `CONTRIBUTING.md` and `SECURITY.md` are standalone-scoped.
-- Changelog has `Unreleased`, `0.1.3`, `0.1.2`, `0.1.1`, and `0.1.0`.
+- Changelog has `Unreleased`, `0.1.4`, `0.1.3`, `0.1.2`, `0.1.1`, and `0.1.0`.
 - Source, Python, npm launcher, and PowerShell installer docs are current and tested.
 - Phase 21 terminal UX docs and help stay current: `docs\commands.md`, `tests\test_cli_help.py`, and `tests\test_config_diagnostics.py`.
 - Public package metadata points to the canonical GitHub repository and issue tracker.

package/SECURITY.md

@@ -34,4 +34,4 @@ Never attach browser profiles, cookies, credentials, screenshots, private docume
 
 ## Supported Versions
 
-The initial standalone GitHub source release is `0.1.0`. Current package metadata is `0.1.3`. Security guidance applies to the current unreleased, `0.1.3`, `0.1.2`, `0.1.1`, and `0.1.0` package-local surfaces.
+The initial standalone GitHub source release is `0.1.0`. Current package metadata is `0.1.4`. Security guidance applies to the current unreleased, `0.1.4`, `0.1.3`, `0.1.2`, `0.1.1`, and `0.1.0` package-local surfaces.

package/docs/commands.md

@@ -11,6 +11,9 @@ Use this page after installation to choose the right terminal command, inspect f
    linkedin-apply-assistant config check
    ```
 
+   `linkedin-apply-assistant config` is accepted as the same read-only
+   diagnostic shortcut.
+
 3. Copy example files into your own ignored workspace when you need them:
    - `configs/config.example.yml` for profile, documents, and path choices.
    - `configs/qa_bank.example.yml` for truthful reusable answers.
@@ -56,6 +59,12 @@ Run diagnostics before browser workflows or after changing path flags:
 linkedin-apply-assistant config check
 ```
 
+Shortcut:
+
+```powershell
+linkedin-apply-assistant config
+```
+
 Expected output:
 
 - `ok`, `missing`, or `warning` for each path category.

package/docs/install-and-configuration.md

@@ -4,7 +4,7 @@ This package runs locally. You install the Python package, choose a local worksp
 
 This file is the canonical install matrix. The README keeps only a short quick start.
 
-Current package metadata version: `0.1.3`.
+Current package metadata version: `0.1.4`.
 
 The npm launcher and PowerShell no-admin installer are the current quick-install paths.
 PyPI remains a future package channel. The package-channel decision, approval

package/docs/registry-publication-strategy.md

@@ -7,17 +7,17 @@ asset, or grant publish-capable workflow permissions.
 
 The first GitHub source release, `v0.1.0`, remains source-only and is not a
 registry backfill candidate. The npm launcher release starts at `0.1.1`; the
-current PowerShell short-command npm package page refresh is `0.1.3`. PyPI and
+current CLI no-command/config-shorthand fix is `0.1.4`. PyPI and
 TestPyPI remain future channels.
 
 ## Current Boundary
 
-- Current package metadata version: `0.1.3`.
+- Current package metadata version: `0.1.4`.
 - Current install path: npm global launcher, PowerShell installer, source
   checkout, local Python install, local editable install, and local npm launcher
   dry-run validation.
 - Current public channel: GitHub repository source checkout and GitHub source
-  release archives; npm launcher package for `0.1.3` after the approved npm
+  release archives; npm launcher package for `0.1.4` after the approved npm
   patch publish step verifies successfully.
 - Not current: PyPI package, TestPyPI package, GitHub Packages package, PyPI
   trusted-publisher setup, npm trusted-publisher setup, registry automation,
@@ -34,14 +34,14 @@ action, and exact mutation.
 | GitHub Releases | Current source-only channel for `v0.1.0`. No wheel, sdist, npm tarball, or other release asset is attached. | Keep as the source-of-truth release record. Future assets require explicit approval. | Users can inspect and install from source without introducing registry auth or package-name ownership. | Clean local verification, changelog, release checklist, source manifest, approved tag or release mutation. | Explicit GitHub Release approval naming repo, tag, target commit, release state, and assets, if any. | `gh release view`, `gh release list`, source archive inspection, release manifest verification. | Remove mistaken assets from the release, correct the release notes, or delete a draft. Source tags need separate explicit remediation because asset removal does not undo a tag. |
 | PyPI | Not published and not reserved. | Primary future Python registry for direct package publication. | The project is a Python CLI with Playwright-driven browser automation, so PyPI is the natural long-term install path. | Maintainer or maintainer-controlled organization ownership, account 2FA where supported, PyPI Trusted Publishing with GitHub Actions OIDC, protected `pypi` environment, clean build and metadata gates. | Explicit PyPI approval naming repository, version, PyPI project, workflow or manual action, and exact upload mutation. | Read-only JSON API check, `python -m build`, `twine check dist/*`, local wheel install smoke, release scan, manifest verification. | Prefer yanking a broken release where appropriate. Deletion is disruptive and permanent; never rely on deleting and reusing the same version. |
 | TestPyPI | Not published and not reserved. | Required preflight for the first registry release and for publish-workflow changes. Routine patch preflights can become optional only after a proven release cycle. | It exercises package metadata, artifacts, and installer behavior before the real PyPI release. | Same artifact gates as PyPI, protected `testpypi` environment, explicit preflight approval, no production token. | Explicit TestPyPI approval naming repository, version, TestPyPI project, workflow or manual action, and exact upload mutation. | TestPyPI JSON API check, metadata validation, test-index install smoke, package contents review. | Clean up mistaken TestPyPI releases where possible and move forward with a new version if needed. Do not treat TestPyPI cleanup as production rollback proof. |
-| npm | Public thin-launcher channel for `0.1.3`; `0.1.1` was the first npm and PowerShell distribution release. | Keep as the JavaScript ecosystem convenience launcher; use PyPI later for direct Python package installs. | npm provides a familiar global command on systems that already have Node.js, but the launcher delegates to the Python CLI and cannot install Python itself. | Maintainer or maintainer-controlled ownership, account 2FA where supported, first-publish token bootstrap if trusted publishing cannot create the package, exact package contents review. | Explicit npm approval naming repository, version, npm package, workflow or manual action, and exact registry mutation. | `npm pack --dry-run --json`, package contents inspection, no lifecycle install/publish scripts, npm read-only registry check after publication. | Prefer deprecation for bad packages when unpublish criteria are not met. A used npm `package@version` cannot be reused, even after unpublish. |
+| npm | Public thin-launcher channel for `0.1.4`; `0.1.1` was the first npm and PowerShell distribution release. | Keep as the JavaScript ecosystem convenience launcher; use PyPI later for direct Python package installs. | npm provides a familiar global command on systems that already have Node.js, but the launcher delegates to the Python CLI and cannot install Python itself. | Maintainer or maintainer-controlled ownership, account 2FA where supported, first-publish token bootstrap if trusted publishing cannot create the package, exact package contents review. | Explicit npm approval naming repository, version, npm package, workflow or manual action, and exact registry mutation. | `npm pack --dry-run --json`, package contents inspection, no lifecycle install/publish scripts, npm read-only registry check after publication. | Prefer deprecation for bad packages when unpublish criteria are not met. A used npm `package@version` cannot be reused, even after unpublish. |
 | PowerShell installer | Current GitHub-hosted installer script at `install.ps1`; the README uses `irm ... \| iex` and the detailed install doc keeps a temp-file equivalent. | Keep as the no-admin Windows convenience path for users who prefer a single script. | It can create a local virtual environment, install dependencies from the public source archive, create command shims, and optionally install Chromium. | Public GitHub source archive availability, Python 3.11+, script syntax validation, and local install smoke. | Push the verified installer/docs to the public repository; no registry mutation is required for installer-only changes. | PowerShell parser check, temp-directory install smoke, command shim help smoke, and docs link checks. | Fix forward in `main`; users can reinstall from the corrected script or pin `-Ref` to a known tag. |
 | GitHub Packages | Not used. | Deferred. | It adds `packages: write` and authenticated consumption friction without improving the primary Python install path. | A future reason to publish a package to GitHub Packages, explicit package type, permission model, and install documentation. | Separate approval naming package type, repository, version, and exact mutation. | GitHub Packages read-only checks and package permission review. | Delete or deprecate only according to the package type's GitHub Packages support. This is not a substitute for PyPI/npm remediation. |
 
 ## Package Names
 
 The target package name for PyPI, TestPyPI, and npm publication is
-`linkedin-apply-assistant`. The current npm launcher version is `0.1.3`.
+`linkedin-apply-assistant`. The current npm launcher version is `0.1.4`.
 
 If the unscoped npm name becomes unavailable or ownership changes later, the
 fallback is a future scoped npm package under a maintainer-controlled scope.
@@ -58,6 +58,8 @@ fallback is a future scoped npm package under a maintainer-controlled scope.
   README content is immutable for an existing package version.
 - The PowerShell short-command README refresh uses `0.1.3` because the npm
   package page must be republished to replace the prior command.
+- The CLI no-command and `config` shorthand fix uses `0.1.4` because it changes
+  user-facing terminal behavior without changing browser workflow behavior.
 - If user-visible behavior changes before registry publication, the default
   future version example is `0.2.0`.
 - Future behavior changes remain SemVer decisions at the publish phase.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "linkedin-apply-assistant",
-  "version": "0.1.3",
+  "version": "0.1.4",
   "description": "Thin npm launcher for the Python LinkedIn apply assistant package",
   "license": "MIT",
   "repository": {
@@ -18,7 +18,7 @@
   "files": [
     "bin/linkedin-apply-assistant.mjs",
     "pyproject.toml",
-    "src/",
+    "src/linkedin_apply_assistant/*.py",
     "install.ps1",
     "README.md",
     "SAFETY.md",

package/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "linkedin-apply-assistant"
-version = "0.1.3"
+version = "0.1.4"
 description = "Local LinkedIn application assistant with user-visible browser workflows"
 readme = "README.md"
 requires-python = ">=3.11"

package/src/linkedin_apply_assistant/__init__.py

@@ -1,6 +1,6 @@
 """Package identity for the standalone LinkedIn application assistant."""
 
-__version__ = "0.1.3"
+__version__ = "0.1.4"
 
 APP_DISPLAY_NAME = "LinkedIn-apply-assistant"
 APP_PACKAGE_NAME = "linkedin-apply-assistant"

package/src/linkedin_apply_assistant/cli.py

@@ -108,7 +108,7 @@ Outputs use the resolved output directory and reports are written under its repo
 {NO_SUBMIT_HELP}
 """,
     )
-    subparsers = parser.add_subparsers(dest="command", required=True)
+    subparsers = parser.add_subparsers(dest="command")
 
     config = subparsers.add_parser(
         "config",
@@ -124,7 +124,7 @@ The diagnostic resolves config, Q&A bank, browser profile, output, reports, data
 It creates no files and no directories.
 """,
     )
-    config_subparsers = config.add_subparsers(dest="config_command", required=True)
+    config_subparsers = config.add_subparsers(dest="config_command")
     config_check = config_subparsers.add_parser(
         "check",
         parents=[subcommand_common],
@@ -558,6 +558,14 @@ def _handle_report(args: argparse.Namespace) -> int:
 def main(argv: list[str] | None = None) -> int:
     parser = build_parser()
     args = parser.parse_args(argv)
+    if args.command is None:
+        parser.print_help()
+        print()
+        print(f"Try: {CONFIG_CHECK_COMMAND}")
+        return 0
+    if args.command == "config" and args.config_command is None:
+        args.config_command = "check"
+        args.handler = _handle_config_check
     handler = getattr(args, "handler")
     try:
         return int(handler(args))