opal-security 3.1.1-beta.01fe2fd → 3.1.1-beta.03364ed

package/README.md

@@ -22,7 +22,7 @@ $ npm install -g opal-security
 $ opal COMMAND
 running command...
 $ opal (--version)
-opal-security/3.1.1-beta.01fe2fd linux-x64 node-v20.19.2
+opal-security/3.1.1-beta.03364ed linux-x64 node-v20.19.2
 $ opal --help [COMMAND]
 USAGE
   $ opal COMMAND
@@ -44,10 +44,6 @@ USAGE
 * [`opal login`](#opal-login)
 * [`opal logout`](#opal-logout)
 * [`opal postgres-instances start`](#opal-postgres-instances-start)
-* [`opal request create`](#opal-request-create)
-* [`opal request get`](#opal-request-get)
-* [`opal request list`](#opal-request-list)
-* [`opal request ls`](#opal-request-ls)
 * [`opal resources get`](#opal-resources-get)
 * [`opal set-auth-provider`](#opal-set-auth-provider)
 * [`opal set-custom-header`](#opal-set-custom-header)
@@ -57,7 +53,6 @@ USAGE
 * [`opal ssh copyTo`](#opal-ssh-copyto)
 * [`opal ssh start`](#opal-ssh-start)
 * [`opal version`](#opal-version)
-* [`opal whoami`](#opal-whoami)
 
 ## `opal autocomplete [SHELL]`
 
@@ -106,7 +101,7 @@ EXAMPLES
   $ opal aws:identity
 ```
 
-_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/aws/identity.ts)_
+_See code: [src/commands/aws/identity.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/aws/identity.ts)_
 
 ## `opal clear-auth-provider`
 
@@ -126,7 +121,7 @@ EXAMPLES
   $ opal clear-auth-provider
 ```
 
-_See code: [src/commands/clear-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/clear-auth-provider.ts)_
+_See code: [src/commands/clear-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/clear-auth-provider.ts)_
 
 ## `opal curl-example`
 
@@ -143,7 +138,7 @@ DESCRIPTION
   Prints out an example cURL command containing the parameters the CLI uses to query the Opal server.
 ```
 
-_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/curl-example.ts)_
+_See code: [src/commands/curl-example.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/curl-example.ts)_
 
 ## `opal groups get`
 
@@ -164,7 +159,7 @@ EXAMPLES
   $ opal groups:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4
 ```
 
-_See code: [src/commands/groups/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/groups/get.ts)_
+_See code: [src/commands/groups/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/groups/get.ts)_
 
 ## `opal help [COMMANDS]`
 
@@ -214,7 +209,7 @@ EXAMPLES
   $ opal iam-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --profileName "custom-profile"
 ```
 
-_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/iam-roles/start.ts)_
+_See code: [src/commands/iam-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/iam-roles/start.ts)_
 
 ## `opal kube-roles start`
 
@@ -245,7 +240,7 @@ EXAMPLES
   $ opal kube-roles:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId "arn:aws:iam::712234975475:role/acme-eks-cluster-admin-role"
 ```
 
-_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/kube-roles/start.ts)_
+_See code: [src/commands/kube-roles/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/kube-roles/start.ts)_
 
 ## `opal login`
 
@@ -266,7 +261,7 @@ EXAMPLES
   $ opal login
 ```
 
-_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/login.ts)_
+_See code: [src/commands/login.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/login.ts)_
 
 ## `opal logout`
 
@@ -286,7 +281,7 @@ EXAMPLES
   $ opal logout
 ```
 
-_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/logout.ts)_
+_See code: [src/commands/logout.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/logout.ts)_
 
 ## `opal postgres-instances start`
 
@@ -323,115 +318,7 @@ EXAMPLES
   $ opal postgres-instances:start --id 51f7176b-0464-4a6f-8369-e951e187b398 --accessLevelRemoteId fullaccess --action view
 ```
 
-_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/postgres-instances/start.ts)_
-
-## `opal request create`
-
-Creates an Opal access request via an interactive form
-
-```
-USAGE
-  $ opal request create [-h] [-a <value>...] [-r <value>] [-d <value>]
-
-FLAGS
-  -a, --assets=<value>...  The ids of the assets (resource, group) to request access to. Append a role ID using a colon
-                           if needed, e.g. `--assets 123:456`.
-                           If not provided, an interactive selection flow will be available to select assets to request.
-  -d, --duration=<value>   The duration of access for the request in minutes. If not provided, you will be prompted.
-  -h, --help               Show CLI help.
-  -r, --reason=<value>     The reason for the request, contained in quotes. If not provided, you will be prompted.
-
-DESCRIPTION
-  Creates an Opal access request via an interactive form
-```
-
-_See code: [src/commands/request/create.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/request/create.ts)_
-
-## `opal request get`
-
-Lists access requests
-
-```
-USAGE
-  $ opal request get [-h] [-i <value>] [-v]
-
-FLAGS
-  -h, --help        Show CLI help.
-  -i, --id=<value>  The Opal ID of the asset. You can find this from the URL, e.g. https://opal.dev/resources/[ID]
-  -v, --verbose     Enable verbose output, prints full response in JSON format. Defaults to false.
-
-DESCRIPTION
-  Lists access requests
-
-EXAMPLES
-  $ opal request get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4
-
-  $ opal request get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4 --verbose
-```
-
-_See code: [src/commands/request/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/request/get.ts)_
-
-## `opal request list`
-
-Lists your n recent outgoing access requests
-
-```
-USAGE
-  $ opal request list [-h] [-n <value>] [-p] [-v]
-
-FLAGS
-  -h, --help       Show CLI help.
-  -n, --n=<value>  [default: 10] Defines number of requests to be returned. 1 <= n <= 100.
-  -p, --pending    Show only pending requests. Defaults to false.
-  -v, --verbose    Enable verbose output, prints full response in JSON format. Defaults to false.
-
-DESCRIPTION
-  Lists your n recent outgoing access requests
-
-ALIASES
-  $ opal request ls
-
-EXAMPLES
-  $ opal request list --n 5
-
-  $ opal request list --n 5 --pending
-
-  $ opal request list --n 5 --verbose
-
-  $ opal request list --n 5 --pending --verbose
-```
-
-_See code: [src/commands/request/list.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/request/list.ts)_
-
-## `opal request ls`
-
-Lists your n recent outgoing access requests
-
-```
-USAGE
-  $ opal request ls [-h] [-n <value>] [-p] [-v]
-
-FLAGS
-  -h, --help       Show CLI help.
-  -n, --n=<value>  [default: 10] Defines number of requests to be returned. 1 <= n <= 100.
-  -p, --pending    Show only pending requests. Defaults to false.
-  -v, --verbose    Enable verbose output, prints full response in JSON format. Defaults to false.
-
-DESCRIPTION
-  Lists your n recent outgoing access requests
-
-ALIASES
-  $ opal request ls
-
-EXAMPLES
-  $ opal request list --n 5
-
-  $ opal request list --n 5 --pending
-
-  $ opal request list --n 5 --verbose
-
-  $ opal request list --n 5 --pending --verbose
-```
+_See code: [src/commands/postgres-instances/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/postgres-instances/start.ts)_
 
 ## `opal resources get`
 
@@ -452,7 +339,7 @@ EXAMPLES
   $ opal resources:get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4
 ```
 
-_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/resources/get.ts)_
+_See code: [src/commands/resources/get.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/resources/get.ts)_
 
 ## `opal set-auth-provider`
 
@@ -478,7 +365,7 @@ EXAMPLES
   $ opal set-auth-provider --clientID 1234asdf --issuerUrl https://auth.example.com
 ```
 
-_See code: [src/commands/set-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/set-auth-provider.ts)_
+_See code: [src/commands/set-auth-provider.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/set-auth-provider.ts)_
 
 ## `opal set-custom-header`
 
@@ -499,7 +386,7 @@ EXAMPLES
   $ opal set-custom-header --header 'cf-access-token: $TOKEN'
 ```
 
-_See code: [src/commands/set-custom-header.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/set-custom-header.ts)_
+_See code: [src/commands/set-custom-header.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/set-custom-header.ts)_
 
 ## `opal set-token`
 
@@ -519,7 +406,7 @@ EXAMPLES
   $ opal set-token
 ```
 
-_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/set-token.ts)_
+_See code: [src/commands/set-token.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/set-token.ts)_
 
 ## `opal set-url [URL]`
 
@@ -543,7 +430,7 @@ EXAMPLES
   $ opal set-url
 ```
 
-_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/set-url.ts)_
+_See code: [src/commands/set-url.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/set-url.ts)_
 
 ## `opal ssh copyFrom`
 
@@ -574,7 +461,7 @@ EXAMPLES
   $ opal ssh:copyFrom --src instance/dir --dest my/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/ssh/copyFrom.ts)_
+_See code: [src/commands/ssh/copyFrom.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/ssh/copyFrom.ts)_
 
 ## `opal ssh copyTo`
 
@@ -605,7 +492,7 @@ EXAMPLES
   $ opal ssh:copyTo --src my/dir --dest instance/dir --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/ssh/copyTo.ts)_
+_See code: [src/commands/ssh/copyTo.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/ssh/copyTo.ts)_
 
 ## `opal ssh start`
 
@@ -632,7 +519,7 @@ EXAMPLES
   $ opal ssh:start --id 51f7176b-0464-4a6f-8369-e951e187b398
 ```
 
-_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/ssh/start.ts)_
+_See code: [src/commands/ssh/start.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.03364ed/src/commands/ssh/start.ts)_
 
 ## `opal version`
 
@@ -653,21 +540,4 @@ FLAG DESCRIPTIONS
 ```
 
 _See code: [@oclif/plugin-version](https://github.com/oclif/plugin-version/blob/v2.2.27/src/commands/version.ts)_
-
-## `opal whoami`
-
-Describes current url set, organization name, and logged in user if applicable.
-
-```
-USAGE
-  $ opal whoami [-h]
-
-FLAGS
-  -h, --help  Show CLI help.
-
-DESCRIPTION
-  Describes current url set, organization name, and logged in user if applicable.
-```
-
-_See code: [src/commands/whoami.ts](https://github.com/opalsecurity/opal-cli/blob/v3.1.1-beta.01fe2fd/src/commands/whoami.ts)_
 <!-- commandsstop -->

package/lib/commands/login.js

@@ -88,14 +88,12 @@ class Login extends core_1.Command {
             const configData = (0, config_1.getOrCreateConfigData)(configDir);
             let email = flags.email;
             let organizationId;
-            let organizationName;
             let clientIDCandidate;
             const existingCreds = await (0, credentials_1.getOpalCredentials)(this, false);
             // Only use the previous email + organizationID if email isn't explicitly specified.
             if (!email) {
                 email = existingCreds.email;
                 organizationId = existingCreds.organizationID;
-                organizationName = existingCreds.organizationName;
                 clientIDCandidate = existingCreds.clientIDCandidate;
             }
             await (0, credentials_1.removeOpalCredentials)(this);
@@ -151,7 +149,6 @@ class Login extends core_1.Command {
                 if (signInOrganizations && signInOrganizations.length > 0) {
                     if (signInOrganizations.length === 1) {
                         organizationId = signInOrganizations[0].organizationId;
-                        organizationName = signInOrganizations[0].organizationName;
                         clientIDCandidate = signInOrganizations[0].cliClientId;
                     }
                     else {
@@ -167,7 +164,6 @@ class Login extends core_1.Command {
                             },
                         ]);
                         organizationId = responses.signInOrganization.organizationId;
-                        organizationName = responses.signInOrganization.organizationName;
                         clientIDCandidate = responses.signInOrganization.cliClientId;
                     }
                 }
@@ -242,10 +238,10 @@ class Login extends core_1.Command {
             if (tokenExchangeError) {
                 this.log("WARN: Failed to exchange access token for session in Opal. Falling back to using access token for authenticating requests\n");
                 // TODO: consider adding a warn line recommending upgrading Opal to version XYZ, once accompanying PR is pushed to prod
-                await (0, credentials_1.setOpalCredentials)(this, email, organizationId !== null && organizationId !== void 0 ? organizationId : "", clientIDCandidate, (tokenSet === null || tokenSet === void 0 ? void 0 : tokenSet.access_token) || "", credentials_1.SecretType.ApiToken, organizationName);
+                await (0, credentials_1.setOpalCredentials)(this, email, organizationId !== null && organizationId !== void 0 ? organizationId : "", clientIDCandidate, (tokenSet === null || tokenSet === void 0 ? void 0 : tokenSet.access_token) || "", credentials_1.SecretType.ApiToken);
             }
             else {
-                await (0, credentials_1.setOpalCredentials)(this, email, organizationId !== null && organizationId !== void 0 ? organizationId : "", clientIDCandidate, apollo_1.cookieStr, credentials_1.SecretType.Cookie, organizationName);
+                await (0, credentials_1.setOpalCredentials)(this, email, organizationId !== null && organizationId !== void 0 ? organizationId : "", clientIDCandidate, apollo_1.cookieStr, credentials_1.SecretType.Cookie);
             }
             // "Representative" authenticated call to check the log-in worked as expected.
             const { resp: authCheckResp, error: authCheckErr } = await (0, handler_1.runQueryDeprecated)({

package/lib/commands/request/create.d.ts

@@ -1,9 +1,10 @@
 import { Command } from "@oclif/core";
 export default class RequestCreate extends Command {
+    static hidden: boolean;
     static description: string;
     static flags: {
         help: import("@oclif/core/lib/interfaces").BooleanFlag<void>;
-        assets: import("@oclif/core/lib/interfaces").OptionFlag<string[] | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
+        id: import("@oclif/core/lib/interfaces").OptionFlag<string[] | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
         reason: import("@oclif/core/lib/interfaces").OptionFlag<string | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
         duration: import("@oclif/core/lib/interfaces").OptionFlag<number | undefined, import("@oclif/core/lib/interfaces").CustomOptions>;
     };

package/lib/commands/request/create.js

@@ -2,20 +2,20 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 const core_1 = require("@oclif/core");
 const apollo_1 = require("../../lib/apollo");
-const cmd_1 = require("../../lib/cmd");
 const flags_1 = require("../../lib/flags");
 const requests_1 = require("../../lib/requests");
 const displays_1 = require("../../utils/displays");
+const utils_1 = require("../../utils/utils");
 class RequestCreate extends core_1.Command {
     async run() {
-        (0, cmd_1.setMostRecentCommand)(this);
         await (0, apollo_1.initClient)(this, true);
         const client = await (0, apollo_1.getClient)(this, true);
+        (0, utils_1.restrictToDev)(); //TODO: Remove after development is complete
         const { flags } = await this.parse(RequestCreate);
         const metadata = (0, requests_1.initEmptyRequestMetadata)();
-        if (flags.assets) {
+        if (flags.id) {
             // if IDs are provided, bypass the interactive selection process
-            await (0, requests_1.bypassRequestSelection)(this, client, flags.assets, metadata);
+            await (0, requests_1.bypassRequestSelection)(this, client, flags.id, metadata);
         }
         else {
             (0, displays_1.headerMessage)(this);
@@ -36,9 +36,7 @@ class RequestCreate extends core_1.Command {
         if (flags.reason) {
             metadata.reason = flags.reason;
         }
-        else if (!(metadata.requestDefaults.reasonOptional &&
-            flags.assets &&
-            flags.duration)) {
+        else {
             await (0, requests_1.promptForReason)(metadata);
         }
         // Step 5: Prompt for expiration
@@ -49,24 +47,21 @@ class RequestCreate extends core_1.Command {
             await (0, requests_1.promptForExpiration)(metadata);
         }
         // Step 6: Display final summary of request
-        let canSubmit = true;
-        if (!(flags.assets &&
-            flags.duration &&
-            (metadata.requestDefaults.reasonOptional || flags.reason))) {
-            canSubmit = await (0, requests_1.promptRequestSubmission)(this, metadata);
+        if (!(flags.id && flags.reason && flags.duration)) {
+            await (0, requests_1.promptRequestSubmission)(this, metadata);
         }
         // Step 7: Prompt for final submission
-        if (canSubmit)
-            await (0, requests_1.submitFinalRequest)(this, client, metadata);
+        await (0, requests_1.submitFinalRequest)(this, client, metadata);
     }
 }
+RequestCreate.hidden = true;
 RequestCreate.description = "Creates an Opal access request via an interactive form";
 RequestCreate.flags = {
     help: flags_1.SHARED_FLAGS.help,
-    assets: core_1.Flags.string({
-        char: "a",
+    id: core_1.Flags.string({
+        char: "i",
         multiple: true,
-        description: "The ids of the assets (resource, group) to request access to. Append a role ID using a colon if needed, e.g. `--assets 123:456`.\
+        description: "The id of the asset (resource, group) to request access to. Append a role ID using a colon if needed, e.g. `--id 123:456`.\
         \n If not provided, an interactive selection flow will be available to select assets to request.",
     }),
     reason: core_1.Flags.string({

package/lib/commands/request/get.d.ts

@@ -1,5 +1,6 @@
 import { Command } from "@oclif/core";
 export default class GetRequest extends Command {
+    static hidden: boolean;
     static description: string;
     static flags: {
         help: import("@oclif/core/lib/interfaces").BooleanFlag<void>;

package/lib/commands/request/get.js

@@ -8,6 +8,7 @@ const cmd_1 = require("../../lib/cmd");
 const config_1 = require("../../lib/config");
 const flags_1 = require("../../lib/flags");
 const displays_1 = require("../../utils/displays");
+const utils_1 = require("../../utils/utils");
 const GET_REQUEST = (0, graphql_1.graphql)(`
   query GetRequest(
   $id: RequestId!
@@ -57,13 +58,14 @@ const GET_REQUEST = (0, graphql_1.graphql)(`
 `);
 class GetRequest extends core_1.Command {
     async run() {
+        (0, utils_1.restrictToDev)(); //TODO: Remove after development is complete
         (0, cmd_1.setMostRecentCommand)(this);
         const configData = (0, config_1.getOrCreateConfigData)(this.config.configDir);
         const client = await (0, apollo_1.getClient)(this, true);
         // Verify id tag was provided
         const { flags } = await this.parse(GetRequest);
         if (!flags.id) {
-            this.log("Error: Please provide a request ID using the --id flag.");
+            this.log("Error: Please provide a group ID using the --id flag.");
             this.log("ex. opal request get --id 54052a3e-5375-4392-aeaf-0c6c44c131d4");
             return;
         }
@@ -94,6 +96,7 @@ class GetRequest extends core_1.Command {
         }
     }
 }
+GetRequest.hidden = true;
 GetRequest.description = "Lists access requests";
 GetRequest.flags = {
     help: flags_1.SHARED_FLAGS.help,

package/lib/commands/request/list.d.ts

@@ -1,8 +1,8 @@
 import { Command } from "@oclif/core";
 export default class ListRequests extends Command {
+    static hidden: boolean;
     static description: string;
     static examples: string[];
-    static aliases: string[];
     static flags: {
         help: import("@oclif/core/lib/interfaces").BooleanFlag<void>;
         n: import("@oclif/core/lib/interfaces").OptionFlag<number, import("@oclif/core/lib/interfaces").CustomOptions>;

package/lib/commands/request/list.js

@@ -6,6 +6,7 @@ const apollo_1 = require("../../lib/apollo");
 const cmd_1 = require("../../lib/cmd");
 const flags_1 = require("../../lib/flags");
 const displays_1 = require("../../utils/displays");
+const utils_1 = require("../../utils/utils");
 // Add date filters, search query,
 const GET_REQUESTS = (0, graphql_1.graphql)(`
   query GetRequests($pageSize: Int, $showPendingOnly: Boolean!) {
@@ -58,6 +59,7 @@ const GET_REQUESTS = (0, graphql_1.graphql)(`
 }`);
 class ListRequests extends core_1.Command {
     async run() {
+        (0, utils_1.restrictToDev)(); //TODO: Remove after development is complete
         (0, cmd_1.setMostRecentCommand)(this);
         const client = await (0, apollo_1.getClient)(this, true);
         let pageSize = 10;
@@ -86,6 +88,7 @@ class ListRequests extends core_1.Command {
         }
     }
 }
+ListRequests.hidden = true;
 ListRequests.description = "Lists your n recent outgoing access requests";
 ListRequests.examples = [
     "opal request list --n 5",
@@ -93,7 +96,7 @@ ListRequests.examples = [
     "opal request list --n 5 --verbose",
     "opal request list --n 5 --pending --verbose",
 ];
-ListRequests.aliases = ["request:ls"];
+// static aliases = ["request:ls"]; // uncomment when ready for release
 ListRequests.flags = {
     help: flags_1.SHARED_FLAGS.help,
     n: core_1.Flags.integer({

package/lib/lib/apollo.js

@@ -155,7 +155,7 @@ const initClient = async (command, fetchAccessToken = true) => {
             return response;
         });
     });
-    const errorLink = (0, error_1.onError)(({ networkError, operation, forward }) => {
+    const errorLink = (0, error_1.onError)(({ networkError, operation }) => {
         var _a;
         // There's a few GQL operations where we don't want to use this error handler:
         const customErrorOperations = [
@@ -186,7 +186,7 @@ const initClient = async (command, fetchAccessToken = true) => {
                 case 401: {
                     command.log("Your session is invalid or expired. Authenticating now...\n");
                     const loginCommand = new login_1.default([], command.config);
-                    return (0, core_1.fromPromise)(loginCommand.run().then(() => {
+                    loginCommand.run().then(() => {
                         if (cmd_1.mostRecentCommandTime && cmd_1.mostRecentCommand) {
                             const lastCommandReexecutionDuration = moment.duration(2, "minutes");
                             const lastCommandReexecutionDurationHasElapsed = cmd_1.mostRecentCommandTime.add(lastCommandReexecutionDuration) >
@@ -195,7 +195,8 @@ const initClient = async (command, fetchAccessToken = true) => {
                                 cmd_1.mostRecentCommand.run();
                             }
                         }
-                    })).flatMap(() => forward(operation));
+                    });
+                    break;
                 }
                 default:
                     return (0, exports.handleError)(command, `Received status code ${networkError.statusCode} from server${errorMessage ? ` with message "${errorMessage}"` : ""}`);

package/lib/lib/credentials/index.d.ts

@@ -5,13 +5,12 @@ interface OpalCredentials {
     clientIDCandidate?: string;
     secret?: string;
     secretType?: SecretType;
-    organizationName?: string;
 }
 export declare enum SecretType {
     Cookie = "COOKIE",
     ApiToken = "API_TOKEN"
 }
-export declare const setOpalCredentials: (command: Command, email: string | undefined, organizationID: string, clientIDCandidate: string | undefined | null, secret: string, secretType: SecretType, organizationName?: string) => Promise<void>;
+export declare const setOpalCredentials: (command: Command, email: string | undefined, organizationID: string, clientIDCandidate: string | undefined | null, secret: string, secretType: SecretType) => Promise<void>;
 export declare const getOpalCredentials: (command: Command, includeAuthSecret?: boolean) => Promise<OpalCredentials>;
 export declare const removeOpalCredentials: (command: Command) => Promise<void>;
 export {};

package/lib/lib/credentials/index.js

@@ -9,14 +9,13 @@ var SecretType;
     SecretType["Cookie"] = "COOKIE";
     SecretType["ApiToken"] = "API_TOKEN";
 })(SecretType || (exports.SecretType = SecretType = {}));
-const setOpalCredentials = async (command, email, organizationID, clientIDCandidate, secret, secretType, organizationName) => {
+const setOpalCredentials = async (command, email, organizationID, clientIDCandidate, secret, secretType) => {
     const givenEmail = email || "email-unset";
     const configData = (0, config_1.getOrCreateConfigData)(command.config.configDir);
     configData.creds = {
         clientIDCandidate,
         email,
         organizationID,
-        organizationName,
         secretType,
     };
     (0, config_1.writeConfigData)(command.config.configDir, configData);

package/lib/lib/requests.d.ts

@@ -19,7 +19,6 @@ type RoleNode = {
     roleName: string;
 };
 export type RequestMap = Record<string, AppNode>;
-export declare const DISPLAY_LABELS: Partial<Record<EntityType, string>>;
 type DurationOption = {
     durationInMinutes: number;
     label: string;
@@ -46,9 +45,8 @@ export declare function doneSelectingAssets(): Promise<boolean>;
 export declare function setRequestDefaults(cmd: Command, client: ApolloClient<NormalizedCacheObject>, metadata: RequestMetadata): Promise<void>;
 export declare function promptForReason(metadata: RequestMetadata): Promise<void>;
 export declare function promptForExpiration(metadata: RequestMetadata): Promise<void>;
-export declare function promptRequestSubmission(cmd: Command, metadata: RequestMetadata): Promise<boolean>;
+export declare function promptRequestSubmission(cmd: Command, metadata: RequestMetadata): Promise<void>;
 export declare function submitFinalRequest(cmd: Command, client: ApolloClient<NormalizedCacheObject>, metadata: RequestMetadata): Promise<void>;
-export declare function getRequestLink(cmd: Command, id: string): string;
 export declare function bypassRequestSelection(cmd: Command, client: ApolloClient<NormalizedCacheObject>, flagValue: string[], metadata: RequestMetadata): Promise<void>;
 export declare function bypassDuration(cmd: Command, duration: number, metadata: RequestMetadata): void;
 export {};

package/lib/lib/requests.js

@@ -1,6 +1,5 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.DISPLAY_LABELS = void 0;
 exports.initEmptyRequestMetadata = initEmptyRequestMetadata;
 exports.selectRequestableItems = selectRequestableItems;
 exports.doneSelectingAssets = doneSelectingAssets;
@@ -9,30 +8,25 @@ exports.promptForReason = promptForReason;
 exports.promptForExpiration = promptForExpiration;
 exports.promptRequestSubmission = promptRequestSubmission;
 exports.submitFinalRequest = submitFinalRequest;
-exports.getRequestLink = getRequestLink;
 exports.bypassRequestSelection = bypassRequestSelection;
 exports.bypassDuration = bypassDuration;
 const chalk_1 = require("chalk");
+const inquirer = require("inquirer");
 const graphql_1 = require("../graphql");
 const graphql_2 = require("../graphql/graphql");
 const displays_1 = require("../utils/displays");
 const config_1 = require("./config");
 const { AutoComplete, Select, prompt, Form } = require("enquirer");
 function entityTypeFromString(str) {
-    const capStr = str === null || str === void 0 ? void 0 : str.toLocaleUpperCase();
-    if (capStr === "RESOURCE") {
+    if (str === "Resource") {
         return graphql_2.EntityType.Resource;
     }
-    if (capStr === "GROUP") {
+    if (str === "Group") {
         return graphql_2.EntityType.Group;
     }
     // if type unknown, default to resource
     return graphql_2.EntityType.Resource;
 }
-exports.DISPLAY_LABELS = {
-    [graphql_2.EntityType.Resource]: "Resource",
-    [graphql_2.EntityType.Group]: "Group",
-};
 function initEmptyRequestMetadata() {
     // Initialize with empty defaults
     const requestDefaults = {
@@ -185,7 +179,7 @@ async function queryRequestableAssets(cmd, client, appId, input) {
                         value: {
                             name: name || "",
                             id: id || "",
-                            type: entityTypeFromString(((_g = item.resource) === null || _g === void 0 ? void 0 : _g.__typename) || ((_h = item.group) === null || _h === void 0 ? void 0 : _h.__typename)),
+                            type: ((_g = item.resource) === null || _g === void 0 ? void 0 : _g.__typename) || ((_h = item.group) === null || _h === void 0 ? void 0 : _h.__typename) || "",
                         },
                     };
                 });
@@ -244,7 +238,7 @@ async function queryAssetRoles(cmd, client, assetType, assetId) {
     var _a, _b, _c, _d, _e, _f, _g, _h;
     try {
         switch (assetType) {
-            case graphql_2.EntityType.Resource: {
+            case "Resource": {
                 const resp = await client.query({
                     query: RESOURCE_ROLES_QUERY,
                     variables: {
@@ -273,7 +267,7 @@ async function queryAssetRoles(cmd, client, assetType, assetId) {
                 }
                 return;
             }
-            case graphql_2.EntityType.Group: {
+            case "Group": {
                 const resp = await client.query({
                     query: GROUP_ROLES_QUERY,
                     variables: {
@@ -629,8 +623,8 @@ async function queryAssociatedItems(cmd, client, id, input) {
     }
 }
 // Helper functions
-const selectInstructions = chalk_1.default.dim("[↑↓] Navigate · [Enter] Select · Type to filter");
-const multiSelectInstructions = chalk_1.default.dim("[↑↓] Navigate · [Space] Select · [Enter] Confirm · Type to filter");
+const selectInstructions = chalk_1.default.dim("↑↓ Navigate · Enter Select · Type to filter");
+const multiSelectInstructions = chalk_1.default.dim("↑↓ Navigate · Space Select · Enter Confirm · Type to filter");
 async function selectRequestableItems(cmd, client, requestMap) {
     const initial = (await queryRequestableApps(cmd, client, "")) || [];
     const appPrompt = new AutoComplete({
@@ -675,7 +669,7 @@ async function chooseOktaAzureRoles(cmd, client, app, requestMap) {
         },
         validate: (answer) => {
             if (answer.length !== 1) {
-                return "Only one role is allowed to be requested for on Okta or Azure apps.";
+                return "You must select only one item.";
             }
             return true;
         },
@@ -703,7 +697,7 @@ function appRolesFromEdge(edge) {
                     value: {
                         id: edge.node.id + accessLevel.accessLevelRemoteId,
                         name: accessLevel.accessLevelName,
-                        type: exports.DISPLAY_LABELS[graphql_2.EntityType.Resource],
+                        type: graphql_2.EntityType.Resource,
                         toString: () => accessLevel.accessLevelName,
                     },
                 }));
@@ -714,7 +708,7 @@ function appRolesFromEdge(edge) {
                     value: {
                         id: edge.node.id,
                         name: (_b = edge.alias) !== null && _b !== void 0 ? _b : edge.node.name,
-                        type: exports.DISPLAY_LABELS[graphql_2.EntityType.Resource],
+                        type: graphql_2.EntityType.Resource,
                         toString: () => { var _a; return (_a = edge.alias) !== null && _a !== void 0 ? _a : edge.node.name; },
                     },
                 },
@@ -723,11 +717,11 @@ function appRolesFromEdge(edge) {
         case "Group":
             return [
                 {
-                    message: `${(_c = edge.alias) !== null && _c !== void 0 ? _c : edge.node.name} ${graphql_2.EntityType.Group}`,
+                    message: (_c = edge.alias) !== null && _c !== void 0 ? _c : edge.node.name,
                     value: {
                         id: edge.node.id,
                         name: (_d = edge.alias) !== null && _d !== void 0 ? _d : edge.node.name,
-                        type: exports.DISPLAY_LABELS[graphql_2.EntityType.Group],
+                        type: graphql_2.EntityType.Group,
                         toString: () => { var _a; return (_a = edge.alias) !== null && _a !== void 0 ? _a : edge.node.name; },
                     },
                 },
@@ -919,7 +913,6 @@ async function promptForExpiration(metadata) {
     const expirationSelect = new AutoComplete({
         name: "expiration",
         message: "When should access expire?",
-        hint: "Type to filter",
         type: "list",
         choices: durations,
         pageSize: 15,
@@ -1007,13 +1000,26 @@ async function promptRequestSubmission(cmd, metadata) {
     (0, displays_1.displayFinalRequestSummary)(cmd, metadata);
     const submitMessage = "✅ Yes, submit request";
     const cancelMessage = "❌ No, cancel request";
-    const prompt = new Select({
-        name: "submitOrCancel",
-        message: "Is this all you want to request?",
-        choices: [submitMessage, cancelMessage],
-    });
-    const submitOrCancel = await prompt.run();
-    return submitOrCancel === submitMessage;
+    const { submit } = await inquirer.prompt([
+        {
+            name: "submit",
+            message: "Submit request?",
+            type: "list",
+            choices: [submitMessage, cancelMessage],
+        },
+    ]);
+    switch (submit) {
+        case submitMessage: {
+            return;
+        }
+        case cancelMessage: {
+            cmd.log("🚫 Access Request has been cancelled.");
+            return;
+        }
+        default: {
+            cmd.error("Unknown error occurred.");
+        }
+    }
 }
 async function submitFinalRequest(cmd, client, metadata) {
     var _a, _b, _c, _d;
@@ -1059,29 +1065,24 @@ async function submitFinalRequest(cmd, client, metadata) {
     }
     const resp = await createRequest(cmd, client, requestedResources, requestedGroups, metadata.reason, metadata.durationInMinutes);
     // Build link to request
+    const configData = (0, config_1.getOrCreateConfigData)(cmd.config.configDir);
     if (resp === null || resp === void 0 ? void 0 : resp.id) {
         cmd.log("\n🎉 Your Access Request has been submitted!\n");
         cmd.log(`${chalk_1.default.bold("ID: ")} ${chalk_1.default.cyan(resp === null || resp === void 0 ? void 0 : resp.id)}`);
         if (resp === null || resp === void 0 ? void 0 : resp.status) {
             cmd.log((0, displays_1.getStyledStatus)(resp === null || resp === void 0 ? void 0 : resp.status));
         }
-        const requestLink = getRequestLink(cmd, resp.id);
+        const requestLink = `${configData[config_1.urlKey]}/requests/sent/${resp === null || resp === void 0 ? void 0 : resp.id}`;
         cmd.log(`${chalk_1.default.bold("Link:")} ${chalk_1.default.underline(requestLink)}\n`);
     }
     return;
 }
-function getRequestLink(cmd, id) {
-    const configData = (0, config_1.getOrCreateConfigData)(cmd.config.configDir);
-    return `${configData[config_1.urlKey]}/requests/sent/${id}`;
-}
 async function bypassRequestSelection(cmd, client, flagValue, metadata) {
-    var _a, _b;
+    var _a, _b, _c, _d;
     try {
         // Query Catalog Item endpoint to identify what the id belongs to (resource or group)
-        for (const val of flagValue) {
-            const delimiterIndex = val.indexOf(":");
-            const assetId = val.substring(0, delimiterIndex);
-            const roleName = val.substring(delimiterIndex + 1);
+        for (const id of flagValue) {
+            const [assetId, roleName] = id.split(":");
             const resp = await client.query({
                 query: CATALOG_ITEM,
                 variables: {
@@ -1090,30 +1091,28 @@ async function bypassRequestSelection(cmd, client, flagValue, metadata) {
                 fetchPolicy: "network-only", // to avoid caching
             });
             switch (resp.data.catalogItem.__typename) {
-                case "Group":
                 case "Resource": {
-                    const item = resp.data.catalogItem;
-                    const assetName = item.__typename === "Resource" ? item.displayName : item.name;
-                    const requestableRoles = (item.accessLevels || [])
+                    const resourceName = resp.data.catalogItem.displayName;
+                    const requestableRoles = (resp.data.catalogItem.accessLevels || [])
                         // TODO: Support okta azure apps ?.filter((role) => role.accessLevelName !== "") // This assumes length == 1
                         .map((role) => ({
                         id: role.accessLevelRemoteId,
                         name: role.accessLevelName,
                     }));
-                    const appId = ((_a = item.connection) === null || _a === void 0 ? void 0 : _a.id) || "";
+                    const appId = ((_a = resp.data.catalogItem.connection) === null || _a === void 0 ? void 0 : _a.id) || "";
                     if (!(appId in metadata.requestMap)) {
                         metadata.requestMap[appId] = {
-                            appName: ((_b = item.connection) === null || _b === void 0 ? void 0 : _b.displayName) || "",
+                            appName: ((_b = resp.data.catalogItem.connection) === null || _b === void 0 ? void 0 : _b.displayName) || "",
                             appId: appId,
                             assets: {},
                         };
                     }
-                    const assetEntry = metadata.requestMap[appId].assets[assetId];
+                    const assetEntry = metadata.requestMap[appId].assets[id];
                     if (!assetEntry) {
                         metadata.requestMap[appId].assets[assetId] = {
                             assetId: assetId,
-                            assetName: assetName,
-                            type: entityTypeFromString(item.__typename),
+                            assetName: resourceName,
+                            type: graphql_2.EntityType.Resource,
                             roles: {},
                         };
                     }
@@ -1130,13 +1129,54 @@ async function bypassRequestSelection(cmd, client, flagValue, metadata) {
                             };
                         }
                         else {
-                            cmd.error(`Access level specified does not match one of ${assetName}'s defined access levels: ${requestableRoles.map((role) => `"${role.name}"`)}`);
+                            cmd.error(`Access level specified does not match one of ${resourceName}'s defined access levels:${requestableRoles.map((role) => role.name)}`);
+                        }
+                    }
+                    break;
+                }
+                case "Group": {
+                    const groupName = resp.data.catalogItem.name;
+                    const roles = (resp.data.catalogItem.accessLevels || []).map((role) => ({
+                        id: role.accessLevelRemoteId,
+                        name: role.accessLevelName,
+                    }));
+                    if (roles.length > 0 &&
+                        !(roles.length === 1 && roles[0].name === "")) {
+                        cmd.log(`Roles not implemented yet for group ${groupName}. Skipping roles selection.`); //TODO: Implement group roles support
+                        continue;
+                    }
+                    const appId = ((_c = resp.data.catalogItem.connection) === null || _c === void 0 ? void 0 : _c.id) || "";
+                    if (!(appId in metadata.requestMap)) {
+                        metadata.requestMap[appId] = {
+                            appName: ((_d = resp.data.catalogItem.connection) === null || _d === void 0 ? void 0 : _d.displayName) || "",
+                            appId: appId,
+                            assets: {},
+                        };
+                    }
+                    const assetEntry = metadata.requestMap[appId].assets[id];
+                    if (!assetEntry) {
+                        metadata.requestMap[appId].assets[id] = {
+                            assetId: id,
+                            assetName: groupName,
+                            type: graphql_2.EntityType.Group,
+                            roles: {},
+                        };
+                    }
+                    if (roles) {
+                        if (!metadata.requestMap[appId].assets[id].roles) {
+                            metadata.requestMap[appId].assets[id].roles = {};
+                        }
+                        for (const role of roles) {
+                            metadata.requestMap[appId].assets[id].roles[role.id] = {
+                                roleId: role.id,
+                                roleName: role.name,
+                            };
                         }
                     }
                     break;
                 }
                 default:
-                    cmd.error("Invalid asset id was passed in using the --id flag.");
+                    cmd.error("Invad asset id was passed in using the --id flag.");
             }
         }
     }

package/lib/utils/displays.d.ts

@@ -1,7 +1,7 @@
 import type { ApolloQueryResult } from "@apollo/client";
 import type { Command } from "@oclif/core/lib/command";
 import type { GetRequestQuery, GetRequestsQuery } from "../graphql/graphql";
-import { type RequestMap, type RequestMetadata } from "../lib/requests";
+import type { RequestMap, RequestMetadata } from "../lib/requests";
 export declare function headerMessage(cmd: Command): void;
 export declare function treeifyRequestMap(cmd: Command, requestMap: RequestMap): void;
 export declare function displayFinalRequestSummary(cmd: Command, metadata: RequestMetadata): void;

package/lib/utils/displays.js

@@ -7,8 +7,6 @@ exports.getStyledStatus = getStyledStatus;
 exports.displayRequestDetails = displayRequestDetails;
 exports.displayRequestListTable = displayRequestListTable;
 const chalk_1 = require("chalk");
-const terminal_link_1 = require("terminal-link");
-const requests_1 = require("../lib/requests");
 const Table = require("cli-table3");
 const treeify = require("object-treeify").default;
 function headerMessage(cmd) {
@@ -32,7 +30,7 @@ function treeifyRequestMap(cmd, requestMap) {
         for (const [_assetId, assetNode] of Object.entries(appNode.assets)) {
             // If okta/azure asset with no role, change asset name
             const assetName = assetNode.assetName || "No Role (Direct access)";
-            const assetKey = `${assetName} ${chalk_1.default.dim(`[${requests_1.DISPLAY_LABELS[assetNode.type]}]`)}`;
+            const assetKey = `${assetName} ${chalk_1.default.dim(`[${assetNode.type}]`)}`;
             if (assetNode.roles !== undefined) {
                 assetsTree[assetKey] = {};
                 for (const [_roleId, roleNode] of Object.entries(assetNode.roles)) {
@@ -173,12 +171,8 @@ function displayRequestListTable(cmd, requestResp) {
                         ...requestedResources,
                         ...requestedGroups,
                     ].join(", ");
-                    const requestLink = (0, requests_1.getRequestLink)(cmd, request.id);
-                    const clickableId = (0, terminal_link_1.default)(request.id, requestLink, {
-                        fallback: false,
-                    });
                     table.push([
-                        clickableId,
+                        request.id,
                         status,
                         targetUser,
                         formattedDuration,

package/oclif.manifest.json

@@ -316,34 +316,6 @@
         "set-url.js"
       ]
     },
-    "whoami": {
-      "aliases": [],
-      "args": {},
-      "description": "Describes current url set, organization name, and logged in user if applicable.",
-      "flags": {
-        "help": {
-          "char": "h",
-          "description": "Show CLI help.",
-          "name": "help",
-          "allowNo": false,
-          "type": "boolean"
-        }
-      },
-      "hasDynamicHelp": false,
-      "hiddenAliases": [],
-      "id": "whoami",
-      "pluginAlias": "opal-security",
-      "pluginName": "opal-security",
-      "pluginType": "core",
-      "strict": true,
-      "enableJsonFlag": false,
-      "isESM": false,
-      "relativePath": [
-        "lib",
-        "commands",
-        "whoami.js"
-      ]
-    },
     "aws:identity": {
       "aliases": [],
       "args": {},
@@ -634,10 +606,10 @@
           "allowNo": false,
           "type": "boolean"
         },
-        "assets": {
-          "char": "a",
-          "description": "The ids of the assets (resource, group) to request access to. Append a role ID using a colon if needed, e.g. `--assets 123:456`.        \n If not provided, an interactive selection flow will be available to select assets to request.",
-          "name": "assets",
+        "id": {
+          "char": "i",
+          "description": "The id of the asset (resource, group) to request access to. Append a role ID using a colon if needed, e.g. `--id 123:456`.        \n If not provided, an interactive selection flow will be available to select assets to request.",
+          "name": "id",
           "hasDynamicHelp": false,
           "multiple": true,
           "type": "option"
@@ -660,6 +632,7 @@
         }
       },
       "hasDynamicHelp": false,
+      "hidden": true,
       "hiddenAliases": [],
       "id": "request:create",
       "pluginAlias": "opal-security",
@@ -708,6 +681,7 @@
         }
       },
       "hasDynamicHelp": false,
+      "hidden": true,
       "hiddenAliases": [],
       "id": "request:get",
       "pluginAlias": "opal-security",
@@ -724,9 +698,7 @@
       ]
     },
     "request:list": {
-      "aliases": [
-        "request:ls"
-      ],
+      "aliases": [],
       "args": {},
       "description": "Lists your n recent outgoing access requests",
       "examples": [
@@ -768,6 +740,7 @@
         }
       },
       "hasDynamicHelp": false,
+      "hidden": true,
       "hiddenAliases": [],
       "id": "request:list",
       "pluginAlias": "opal-security",
@@ -1030,5 +1003,5 @@
       ]
     }
   },
-  "version": "3.1.1-beta.01fe2fd"
+  "version": "3.1.1-beta.03364ed"
 }

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "opal-security",
   "description": "Opal allows you to centrally manage access to all of your sensitive systems.",
-  "version": "3.1.1-beta.01fe2fd",
+  "version": "3.1.1-beta.03364ed",
   "author": "Stephen Cobbe",
   "bin": {
     "opal": "./bin/run"
@@ -29,7 +29,6 @@
     "openid-client": "^5.6.5",
     "prettyjson": "^1.2.1",
     "semver": "^7.5.4",
-    "terminal-link": "^4.0.0",
     "tslib": "^2.8.1"
   },
   "devDependencies": {
@@ -64,7 +63,9 @@
     "/scripts"
   ],
   "homepage": "https://github.com/opalsecurity/opal-cli/",
-  "keywords": ["oclif"],
+  "keywords": [
+    "oclif"
+  ],
   "license": "MIT",
   "main": "lib/index.js",
   "oclif": {
@@ -90,7 +91,7 @@
     "prepack": "npm run build && oclif manifest && oclif readme",
     "test": "vitest",
     "coverage": "vitest run --coverage",
-    "version": "oclif readme && git add README.md && biome check --write",
+    "version": "oclif readme && git add README.md",
     "posttest": "biome check",
     "biome-ci": "biome ci --reporter=github",
     "gql-codegen": "graphql-codegen",

package/lib/commands/whoami.d.ts

@@ -1,8 +0,0 @@
-import { Command } from "@oclif/core";
-export default class WhoAmI extends Command {
-    static description: string;
-    static flags: {
-        help: import("@oclif/core/lib/interfaces").BooleanFlag<void>;
-    };
-    run(): Promise<void>;
-}

package/lib/commands/whoami.js

@@ -1,34 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const core_1 = require("@oclif/core");
-const config_1 = require("../lib/config");
-const credentials_1 = require("../lib/credentials");
-const flags_1 = require("../lib/flags");
-class WhoAmI extends core_1.Command {
-    async run() {
-        const opalCreds = await (0, credentials_1.getOpalCredentials)(this, false);
-        const organizationName = opalCreds === null || opalCreds === void 0 ? void 0 : opalCreds.organizationName;
-        const email = opalCreds === null || opalCreds === void 0 ? void 0 : opalCreds.email;
-        const configData = (0, config_1.getOrCreateConfigData)(this.config.configDir);
-        const url = configData[config_1.urlKey];
-        if (email) {
-            this.log(`User:         ${email}`);
-        }
-        if (organizationName) {
-            if (organizationName === "unset-org-id") {
-                this.log("Authenticated with Opal API Token.");
-            }
-            else {
-                this.log(`Organization: ${organizationName}`);
-            }
-        }
-        if (url) {
-            this.log(`Server:       ${url}`);
-        }
-    }
-}
-WhoAmI.description = "Describes current url set, organization name, and logged in user if applicable.";
-WhoAmI.flags = {
-    help: flags_1.SHARED_FLAGS.help,
-};
-exports.default = WhoAmI;