posthorn 0.2.0 → 0.2.3

package/README.md

@@ -106,7 +106,12 @@ PRINCIPLE: domain purchase ALWAYS happens on the user's own Cloudflare account
 and card. Posthorn never owns or bills for domains.
 
 1. NEW domain → requires the user's own Cloudflare account (+ payment method).
-   - `posthorn domains check name1.com name2.io --cloudflare <account-id>`
+   - `posthorn domains check name1.com name2.io --cloudflare <id>` — fast availability + price
+   - `posthorn domains reputation <domain>` — VET it before buying (Spamhaus
+     blocklist/score + archive.org prior-use). Verdicts: clean / caution (used
+     before) / avoid (blocklisted or poor reputation). Run this on the candidate
+     before `buy` — you can't tell a tainted domain from its name. (Slower + uses
+     a quota, so it's a separate explicit call, not part of `check`.)
    - `posthorn domains buy <domain> --cloudflare <id> --contact '{...}'`
 
 2. EXISTING domain, recommended → user's own Cloudflare account.
@@ -149,8 +154,9 @@ Anonymous tier can do setup (accounts, domains). To send/warmup, verify:
 
 ## Tips for agents
 
-- Use `--json` on read commands (auth status, domains list/get, warmup stats) for
-  machine-readable output instead of parsing the pretty text.
+- Read commands auto-detect output: when stdout isn't a TTY (i.e. you're an agent
+  capturing output), they emit JSON automatically — no flag needed. Humans in a
+  terminal get formatted text. Force either way with `--json` / `--pretty`.
 - Async steps (domain provisioning, nameserver propagation) need polling, not blocking.
 - Every command stores state locally (~/.config), so the user doesn't re-enter keys.
 - Translate everything into plain English for the user. Never show them raw JSON

package/dist/index.js

@@ -46,6 +46,13 @@ function getConfigPath() {
   return conf.path;
 }
 
+// src/output.ts
+function useJson(options = {}) {
+  if (options.json) return true;
+  if (options.pretty) return false;
+  return !process.stdout.isTTY;
+}
+
 // src/commands/auth.ts
 async function register(options) {
   const apiUrl = options.url ?? "https://api-production-08f2.up.railway.app";
@@ -80,7 +87,7 @@ async function register(options) {
 }
 async function status(options = {}) {
   const config = getConfig();
-  if (options.json) {
+  if (useJson(options)) {
     console.log(JSON.stringify({
       loggedIn: !!config.apiKey,
       apiUrl: config.apiUrl,
@@ -128,7 +135,7 @@ var ApiError = class extends Error {
 async function api(path, options = {}) {
   const config = getConfig();
   if (!config.apiKey) {
-    throw new Error("Not logged in. Run: posthorn setup");
+    throw new Error("Not logged in. Run: posthorn auth register");
   }
   const url = `${config.apiUrl}${path}`;
   const res = await fetch(url, {
@@ -206,7 +213,7 @@ import chalk3 from "chalk";
 import ora3 from "ora";
 async function listDomains(options = {}) {
   const data = await api("/api/domains");
-  if (options.json) {
+  if (useJson(options)) {
     console.log(JSON.stringify(data.domains, null, 2));
     return;
   }
@@ -291,7 +298,7 @@ async function activateDomain(domainId) {
 async function getDomain(domainId, options = {}) {
   const data = await api(`/api/domains/${domainId}`);
   const d = data.domain;
-  if (options.json) {
+  if (useJson(options)) {
     console.log(JSON.stringify(d, null, 2));
     return;
   }
@@ -302,6 +309,18 @@ async function getDomain(domainId, options = {}) {
   console.log(`  DNS:    ${d.dns_mode === "managed" ? "managed by Posthorn" : "your Cloudflare"}`);
   if (d.cloudflare_zone_id) console.log(`  Zone:   ${chalk3.dim(d.cloudflare_zone_id)}`);
 }
+function verdictText(rep) {
+  switch (rep.verdict) {
+    case "avoid":
+      return chalk3.red(`\u26A0 ${rep.verdictLabel} \u2014 avoid`);
+    case "caution":
+      return chalk3.yellow(rep.verdictLabel);
+    case "clean":
+      return chalk3.green(rep.verdictLabel);
+    default:
+      return chalk3.dim(rep.verdictLabel);
+  }
+}
 async function checkDomains(domains2, options) {
   const spinner = ora3("Checking availability...").start();
   const data = await api("/api/domains/check", {
@@ -309,11 +328,35 @@ async function checkDomains(domains2, options) {
     body: { domains: domains2, cloudflareAccountId: options.cloudflare }
   });
   spinner.stop();
+  if (useJson(options)) {
+    console.log(JSON.stringify(data.results, null, 2));
+    return;
+  }
   console.log(chalk3.bold("Domain Availability\n"));
   for (const r of data.results) {
     const icon = r.available ? chalk3.green("  \u2713") : chalk3.red("  \u2717");
     const price = r.price ? chalk3.dim(`$${r.price}/yr`) : "";
-    console.log(`${icon} ${r.domain}  ${price}`);
+    console.log(`${icon} ${String(r.domain).padEnd(30)}${price}`);
+  }
+  console.log(chalk3.dim("\n  Vet a domain before buying: posthorn domains reputation <domain>"));
+}
+async function domainReputation(domains2, options = {}) {
+  const spinner = ora3("Checking reputation (blocklist + history)...").start();
+  const data = await api("/api/domains/reputation", {
+    method: "POST",
+    body: { domains: domains2 }
+  });
+  spinner.stop();
+  if (useJson(options)) {
+    console.log(JSON.stringify(data.results, null, 2));
+    return;
+  }
+  console.log(chalk3.bold("Domain Reputation\n"));
+  for (const rep of data.results) {
+    console.log(`  ${chalk3.cyan(rep.domain.padEnd(28))}${verdictText(rep)}`);
+    for (const w of rep.warnings) {
+      console.log(chalk3.dim(`      \u2022 ${w}`));
+    }
   }
 }
 
@@ -377,8 +420,8 @@ async function provisionCredentials(mailboxId, options) {
     method: "POST",
     body: { authType: options.type ?? "xoauth2" }
   });
-  if (data.connectivity.smtp && data.connectivity.imap) {
-    spinner.succeed("Credentials provisioned \u2014 SMTP and IMAP connected!");
+  if (data.connectivity.send && data.connectivity.imap) {
+    spinner.succeed(`Credentials provisioned \u2014 sending (${data.connectivity.sendMethod}) and IMAP connected!`);
   } else {
     spinner.warn("Credentials provisioned but connectivity issues:");
     for (const err of data.connectivity.errors) {
@@ -410,7 +453,7 @@ async function pauseWarmup(campaignId) {
 }
 async function warmupStats(campaignId, options = {}) {
   const data = await api(`/api/warmup/campaigns/${campaignId}`);
-  if (options.json) {
+  if (useJson(options)) {
     console.log(JSON.stringify(data, null, 2));
     return;
   }
@@ -483,21 +526,23 @@ Typical flow:
   posthorn auth verify                            unlock sending + warmup
   posthorn warmup start <mailbox-id>
 
-Most read commands support --json for machine-readable output.
+Output: read commands auto-detect \u2014 agents (non-TTY) get JSON, humans get
+formatted text. Force either with --json or --pretty.
 `);
 program.command("guide").description("Print the full agent playbook \u2014 workflow, external steps, and how to drive the CLI. Run this first.").action(guide);
 var auth = program.command("auth").description("Account management");
 auth.command("register").description("Create a new account and get an API key").option("--url <url>", "API server URL", "https://api-production-08f2.up.railway.app").action(register);
-auth.command("status").description("Show current account info and setup progress").option("--json", "Output as JSON").action(status);
+auth.command("status").description("Show current account info and setup progress").option("--json", "Force JSON output").option("--pretty", "Force human-readable output").action(status);
 auth.command("logout").description("Clear stored credentials").action(logout);
 var accounts = program.command("accounts").description("Connected accounts (Cloudflare, Workspace)");
 accounts.command("list").description("List connected accounts").action(listAccounts);
 accounts.command("cloudflare <token>").description("Connect a Cloudflare account").option("--label <label>", "Account label", "main").action(connectCloudflare);
 accounts.command("workspace <admin-email>").description("Connect Google Workspace via domain-wide delegation").action(connectWorkspace);
 var domains = program.command("domains").description("Domain management");
-domains.command("list").description("List all domains").option("--json", "Output as JSON").action(listDomains);
-domains.command("get <domain-id>").description("Get domain details (poll this until status is 'ready')").option("--json", "Output as JSON").action(getDomain);
-domains.command("check <domains...>").description("Check domain availability").requiredOption("--cloudflare <account-id>", "Cloudflare account ID").action(checkDomains);
+domains.command("list").description("List all domains").option("--json", "Force JSON output").option("--pretty", "Force human-readable output").action(listDomains);
+domains.command("get <domain-id>").description("Get domain details (poll this until status is 'ready')").option("--json", "Force JSON output").option("--pretty", "Force human-readable output").action(getDomain);
+domains.command("check <domains...>").description("Check domain availability + pricing (fast)").requiredOption("--cloudflare <account-id>", "Cloudflare account ID").option("--json", "Force JSON output").option("--pretty", "Force human-readable output").action(checkDomains);
+domains.command("reputation <domains...>").description("Vet a domain before buying \u2014 blocklist + reputation + prior-use history").option("--json", "Force JSON output").option("--pretty", "Force human-readable output").action(domainReputation);
 domains.command("buy <domain>").description("Purchase a domain").requiredOption("--cloudflare <account-id>", "Cloudflare account ID").option("--contact <json>", "Registrant contact info as JSON").action(buyDomain);
 domains.command("connect <domain>").description("Connect an existing domain on your own Cloudflare account").requiredOption("--cloudflare <account-id>", "Cloudflare account ID").option("--workspace <account-id>", "Workspace account ID").action(connectDomain);
 domains.command("managed <domain>").description("Add an existing domain to Posthorn-managed DNS (returns nameservers to set at your registrar)").option("--workspace <account-id>", "Workspace account ID").action(managedDomain);
@@ -511,14 +556,14 @@ var warmup = program.command("warmup").description("Email warmup management");
 warmup.command("list").description("List warmup campaigns").action(listCampaigns);
 warmup.command("start <mailbox-id>").description("Start warming a mailbox").action(startWarmup);
 warmup.command("pause <campaign-id>").description("Pause a warmup campaign").action(pauseWarmup);
-warmup.command("stats <campaign-id>").description("Show warmup stats and daily breakdown").option("--json", "Output as JSON").action(warmupStats);
+warmup.command("stats <campaign-id>").description("Show warmup stats and daily breakdown").option("--json", "Force JSON output").option("--pretty", "Force human-readable output").action(warmupStats);
 program.hook("preAction", () => {
 });
 program.parseAsync(process.argv).catch((err) => {
   if (err.statusCode === 401) {
     console.log(chalk6.red("\n  Authentication failed. Run: posthorn auth register\n"));
   } else if (err.statusCode === 403) {
-    console.log(chalk6.red("\n  Account not verified. Complete onboarding: posthorn setup\n"));
+    console.log(chalk6.red("\n  Account not verified. Run: posthorn auth verify\n"));
   } else if (err.statusCode === 429) {
     console.log(chalk6.yellow("\n  Rate limit exceeded. Try again in a minute.\n"));
   } else {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "posthorn",
-  "version": "0.2.0",
+  "version": "0.2.3",
   "description": "Posthorn — domain setup, mailbox creation, and email warmup from the command line",
   "type": "module",
   "bin": {