vestauth 0.21.1 → 0.22.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/CHANGELOG.md +8 -2
  2. package/README.md +84 -6
  3. package/package.json +1 -1
  4. package/src/cli/actions/agent/curl.js +52 -1
package/CHANGELOG.md CHANGED
@@ -2,7 +2,13 @@
2
2
 
3
3
  All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
4
4
 
5
- [Unreleased](https://github.com/vestauth/vestauth/compare/v0.21.1...main)
5
+ [Unreleased](https://github.com/vestauth/vestauth/compare/v0.22.0...main)
6
+
7
+ ## [0.22.0](https://github.com/vestauth/vestauth/compare/v0.21.1...v0.22.0) (2026-03-02)
8
+
9
+ ### Changed
10
+
11
+ * `agent curl` now by default prepends `-X POST` and `-H "Content-Type: application/json"` ([#45](https://github.com/vestauth/vestauth/pull/45))
6
12
 
7
13
  ## [0.21.1](https://github.com/vestauth/vestauth/compare/v0.21.0...v0.21.1) (2026-02-25)
8
14
 
@@ -94,7 +100,7 @@ All notable changes to this project will be documented in this file. See [standa
94
100
 
95
101
  ### Changed
96
102
 
97
- * Move from `*.agents.vestauth.com` FQDN to `*.api.vestaut.com` to prepare way for custom `--hostname` for internal enterprise use cases.
103
+ * Move from `*.agents.vestauth.com` FQDN to `*.api.vestauth.com` to prepare way for custom `--hostname` for internal enterprise use cases.
98
104
 
99
105
  ## [0.12.1](https://github.com/vestauth/vestauth/compare/v0.12.0...v0.12.1) (2026-02-17)
100
106
 
package/README.md CHANGED
@@ -145,16 +145,92 @@ $ vestauth primitives headers GET https://api.vestauth.com/whoami --pp
145
145
  > Call tools!
146
146
 
147
147
  ```sh
148
- $ vestauth agent curl -X POST https://as2.dotenvx.com/set -d '{"KEY":"value"}'
149
- $ vestauth agent curl https://as2.dotenvx.com/get
148
+ $ vestauth agent curl https://sfs.vestauth.com/write -d '{"filepath":"/hello.md", "content":"hello"}'
149
+ $ vestauth agent curl https://sfs.vestauth.com/list
150
150
  ```
151
151
 
152
- #### List of tools
152
+ #### First Party Tools
153
+
154
+ <details><summary>`SFS` Simple File System</summary><br/>
155
+
156
+ > SFS is a simple file system for vestauth agents.
157
+ > [sfs.vestauth.com](https://sfs.vestauth.com)
158
+
159
+ ```sh
160
+ # write a file
161
+ vestauth agent curl https://sfs.vestauth.com/write -d '{"filepath":"/hello.md", "content":"hello"}'
162
+
163
+ # delete a file
164
+ vestauth agent curl https://sfs.vestauth.com/delete -d '{"filepath":"/hello.md"}'
165
+
166
+ # list files
167
+ vestauth agent curl https://sfs.vestauth.com/list
168
+
169
+ # read a file
170
+ vestauth agent curl https://sfs.vestauth.com/read -d '{"filepath":"/hello.md"}'
171
+ ```
172
+
173
+ &nbsp;
174
+
175
+ </details>
176
+ <details><summary>`Ping` ping.vestauth.com</summary><br/>
177
+
178
+ > Ping is a demonstration of vestauth.
179
+ > [ping.vestauth.com](https://ping.vestauth.com)
180
+
181
+ ```sh
182
+ # make a ping
183
+ vestauth agent curl https://ping.vestauth.com/ping
184
+ ```
185
+
186
+ &nbsp;
187
+
188
+ </details>
189
+
190
+ #### Third Party Tools
191
+
192
+ <details><summary>`AS2` Agentic Secret Storage</summary><br/>
193
+
194
+ > AS2 is a simple, agent-friendly secret storage.
195
+ > [as2.dotenvx.com](https://as2.dotenvx.com)
196
+
197
+ ```sh
198
+ # set a secret
199
+ vestauth agent curl https://as2.dotenvx.com/set -d '{"KEY":"value"}'
200
+
201
+ # get all secrets
202
+ vestauth agent curl "https://as2.dotenvx.com/get"
203
+
204
+ # get single secret
205
+ vestauth agent curl "https://as2.dotenvx.com/get?key=KEY"
206
+
207
+ # get multiple secrets
208
+ vestauth agent curl "https://as2.dotenvx.com/get?key=KEY,TWILIO"
209
+ ```
210
+
211
+ &nbsp;
212
+
213
+ </details>
214
+ <details><summary>`Docle` Check if email address is real</summary><br>
215
+
216
+ > Check if an email address is real before you hit send. Verifies syntax, DNS, MX records, SMTP mailbox existence, and cross-references multiple providers. All in real time, no signup required.
217
+ >
218
+ > [learn more](https://github.com/treadiehq/docle)
219
+
220
+ ```sh
221
+ # verify an email
222
+ vestauth agent curl https://docle.co/api/verify -d '{"emails":["test@example.com"]}'
223
+
224
+ # check your usage
225
+ vestauth agent curl https://docle.co/api/agent/usage -X GET
226
+ ```
227
+
228
+ &nbsp;
229
+
230
+ </details>
231
+ <details><summary>more coming soon</summary><br/>
153
232
 
154
- * Ping - https://ping.vestauth.com
155
- * Agentic Secret Storage - https://as2.dotenvx.com
156
233
  * Geo IP - coming soon
157
- * Filesystem - coming soon
158
234
  * Send/Receive Email - coming
159
235
  * Send/Receive SMS - coming
160
236
  * Send/Receive Telegram - coming
@@ -164,6 +240,8 @@ $ vestauth agent curl https://as2.dotenvx.com/get
164
240
  * Rotate GitHub Tokens - coming
165
241
  * Working on a tool? Tell us and wel'll list it.
166
242
 
243
+ </details>
244
+
167
245
  &nbsp;
168
246
 
169
247
  ## Self-hosting
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "vestauth",
3
- "version": "0.21.1",
3
+ "version": "0.22.0",
4
4
  "description": "web-bot-auth for agents–from the creator of dotenvx",
5
5
  "keywords": [
6
6
  "vestauth",
package/src/cli/actions/agent/curl.js CHANGED
@@ -5,6 +5,53 @@ const Errors = require('./../../../lib/helpers/errors')
5
5
  const findUrl = require('./../../../lib/helpers/findUrl')
6
6
  const catchAndLog = require('./../../../lib/helpers/catchAndLog')
7
7
 
8
+ function requestMethodFromArgs (args) {
9
+ for (let i = 0; i < args.length; i++) {
10
+ const arg = args[i]
11
+
12
+ if (arg === '-X' || arg === '--request') {
13
+ const method = args[i + 1]
14
+ if (method) return method.toUpperCase()
15
+ continue
16
+ }
17
+
18
+ if (arg.startsWith('--request=')) {
19
+ return arg.slice('--request='.length).toUpperCase()
20
+ }
21
+
22
+ if (arg.startsWith('-X') && arg.length > 2) {
23
+ return arg.slice(2).toUpperCase()
24
+ }
25
+ }
26
+
27
+ return null
28
+ }
29
+
30
+ function hasContentTypeHeader (args) {
31
+ for (let i = 0; i < args.length; i++) {
32
+ const arg = args[i]
33
+
34
+ if (arg === '-H' || arg === '--header') {
35
+ const header = args[i + 1] || ''
36
+ if (header.toLowerCase().startsWith('content-type:')) return true
37
+ continue
38
+ }
39
+
40
+ if (arg.startsWith('--header=')) {
41
+ const header = arg.slice('--header='.length)
42
+ if (header.toLowerCase().startsWith('content-type:')) return true
43
+ continue
44
+ }
45
+
46
+ if (arg.startsWith('-H') && arg.length > 2) {
47
+ const header = arg.slice(2)
48
+ if (header.toLowerCase().startsWith('content-type:')) return true
49
+ }
50
+ }
51
+
52
+ return false
53
+ }
54
+
8
55
  async function curl () {
9
56
  try {
10
57
  const commandArgs = this.args
@@ -13,14 +60,18 @@ async function curl () {
13
60
  const options = this.opts()
14
61
  logger.debug(`options: ${JSON.stringify(options)}`)
15
62
 
16
- const httpMethod = 'GET'
63
+ const httpMethod = requestMethodFromArgs(commandArgs) || 'POST'
17
64
  const url = findUrl(commandArgs)
18
65
  const headers = await agent.headers(httpMethod, url)
66
+ const includeRequestMethod = requestMethodFromArgs(commandArgs) === null
67
+ const includeContentType = !hasContentTypeHeader(commandArgs)
19
68
  const injected = [
20
69
  'curl',
21
70
  '-H', `Signature: ${headers.Signature}`,
22
71
  '-H', `Signature-Input: ${headers['Signature-Input']}`,
23
72
  '-H', `Signature-Agent: ${headers['Signature-Agent']}`,
73
+ ...(includeRequestMethod ? ['-X', 'POST'] : []),
74
+ ...(includeContentType ? ['-H', 'Content-Type: application/json'] : []),
24
75
  ...commandArgs
25
76
  ]
26
77