terminalhire 0.1.1 → 0.2.2

package/README.md

@@ -22,17 +22,23 @@ The installer prints a full v3.1 disclosure, asks for explicit "yes", then offer
 ## Uninstall
 
 ```sh
-node install.js --uninstall
+node $(npm root -g)/terminalhire/install.js --uninstall
 terminalhire logout             # clear GitHub token (if connected)
 terminalhire profile --delete   # also wipe local profile
-rm -rf ~/.jpi               # wipe everything
+rm -rf ~/.terminalhire          # wipe everything
+```
+
+To disable only the spinner job surface without uninstalling:
+
+```sh
+terminalhire spinner --off
 ```
 
 ## Commands
 
 ```sh
 terminalhire login              # sign in with GitHub — enriches profile instantly (recommended)
-terminalhire logout             # clear stored GitHub token from ~/.jpi/github-token.enc
+terminalhire logout             # clear stored GitHub token from ~/.terminalhire/github-token.enc
 
 terminalhire jobs               # fetch index, match locally, browse ranked roles
 terminalhire jobs --limit 20    # show top 20 results (default: 10)
@@ -56,7 +62,7 @@ This runs the **GitHub OAuth Device Flow**:
 
 1. A code like `XXXX-XXXX` and a URL (`https://github.com/login/device`) are displayed.
 2. You open the URL, enter the code, and click "Authorize".
-3. Terminalhire polls until you authorize, then stores the token encrypted at `~/.jpi/github-token.enc`.
+3. Terminalhire polls until you authorize, then stores the token encrypted at `~/.terminalhire/github-token.enc`.
 4. Your public GitHub profile is fetched, processed, and merged into your local profile.
 
 ### What GitHub enriches
@@ -79,7 +85,7 @@ Scope requested: **`read:user`** — public profile + public repos only.
 
 ### Data residency
 
-- Token: encrypted at `~/.jpi/github-token.enc` (AES-256-GCM, same scheme as local profile).
+- Token: encrypted at `~/.terminalhire/github-token.enc` (AES-256-GCM, same scheme as local profile).
 - GitHub data stays **on your machine** — it enriches your local profile.
 - GitHub fields cross the wire **only** in a consented `LeadPayload` when you type "yes".
 - GitHub data is **never sent silently**.
@@ -127,15 +133,36 @@ After `terminalhire jobs` runs and finds matches, the Claude Code status bar sho
 ✦ N roles match your current work — run: terminalhire jobs
 ```
 
-The nudge is printed at most once per Claude Code session. It reads only `~/.jpi/index-cache.json` (a matchCount written by the last `terminalhire jobs` run). It makes zero network calls.
+The nudge is printed at most once per Claude Code session. It reads only `~/.terminalhire/index-cache.json` (a matchCount written by the last `terminalhire jobs` run). It makes zero network calls.
+
+## Spinner job surface
+
+While you work inside Claude Code, terminalhire surfaces your top local job matches directly in the spinner — the ambient status indicator that appears while Claude is thinking.
+
+- **Enabled at install.** No additional setup required.
+- **Computed locally.** Match scoring runs on your machine against your encrypted local profile. No network call is made for the spinner display.
+- **Zero egress.** The spinner reads only `~/.terminalhire/index-cache.json` (written by the last `terminalhire jobs` run). Nothing leaves your device.
+- **Reversible.** Disable at any time without uninstalling:
+
+```sh
+terminalhire spinner --off
+```
+
+Re-enable with:
+
+```sh
+terminalhire spinner --on
+```
+
+The spinner surface shows a short ranked summary (e.g. `✦ 3 matches — run: terminalhire jobs`). It does not send your profile, fingerprint, or any data to any server.
 
 ## Architecture (v3.1 hybrid)
 
 ```
 Server                              Client (your machine)
 ──────────────────────────────      ─────────────────────────────────────────
-Broad public pool:                  ~/.jpi/profile.enc  (AES-256-GCM encrypted)
-  Greenhouse + Ashby (ATS)          ~/.jpi/github-token.enc  (AES-256-GCM)
+Broad public pool:                  ~/.terminalhire/profile.enc  (AES-256-GCM encrypted)
+  Greenhouse + Ashby (ATS)          ~/.terminalhire/github-token.enc  (AES-256-GCM)
   Himalayas + WWR + HN         GET  Fingerprint built from profile
   Coastal buyer-lead roles    ←─── /api/index (anonymous, no dev data)
                                     Local match() from @jpi/core
@@ -168,9 +195,9 @@ GitHub (optional enrichment):
 ## Local profile encryption
 
 - Algorithm: **AES-256-GCM** via Node built-in `crypto` (no external deps).
-- Key: stored at `~/.jpi/key` with `0600` permissions. If `keytar` is installed, the OS keychain is preferred and the key file is not written.
-- Profile file: `~/.jpi/profile.enc` — JSON blob `{ iv, tag, ciphertext }` (all hex-encoded).
-- GitHub token file: `~/.jpi/github-token.enc` — same format, same key.
+- Key: stored at `~/.terminalhire/key` with `0600` permissions. If `keytar` is installed, the OS keychain is preferred and the key file is not written.
+- Profile file: `~/.terminalhire/profile.enc` — JSON blob `{ iv, tag, ciphertext }` (all hex-encoded).
+- GitHub token file: `~/.terminalhire/github-token.enc` — same format, same key.
 
 ## Lead payload shape
 
@@ -290,5 +317,5 @@ apps/cli/
 | Contact email | Stored encrypted locally (pre-filled from GitHub public email) | Included if set and "yes" |
 | GitHub login / profileUrl | Stored in `profile.github` on `terminalhire login` | Included in `approvedFields.github` ONLY on "yes" |
 | GitHub topLanguages | Used locally for tag inference (closed vocab) | Included in `approvedFields.github` ONLY on "yes" |
-| GitHub token | Encrypted at `~/.jpi/github-token.enc` | Never sent |
+| GitHub token | Encrypted at `~/.terminalhire/github-token.enc` | Never sent |
 | Private repos | Never accessed (scope: read:user) | N/A |