Skip to content

Modernize CLI: uv, JSON output, ruff, org commands, and more#1

Open
thereisnotime wants to merge 12 commits intonu11pointer:mainfrom
thereisnotime:main
Open

Modernize CLI: uv, JSON output, ruff, org commands, and more#1
thereisnotime wants to merge 12 commits intonu11pointer:mainfrom
thereisnotime:main

Conversation

@thereisnotime
Copy link
Copy Markdown

@thereisnotime thereisnotime commented Mar 26, 2026

Summary

Major modernization of the CLI tool — better tooling, new features, and program management support.

  • Migrate to uv with pyproject.toml, replacing install.sh/install.ps1
  • JSON output (--json / -j) on all commands for scripting and automation
  • Fix TTY crashos.get_terminal_size() no longer blows up without a terminal
  • Make mdv optional — lazy-loaded, no more import-time hangs or warnings
  • Add ruff for linting and formatting, configured in pyproject.toml
  • GitHub Actions CI — lint checks on push/PR
  • Justfile with install, lint, test, run recipes
  • CLI credential flags--username/-u, --api-key/-k, --env-file
  • Verbose mode (--verbose / -v) — shows progress during API calls
  • Program management commandsorg, org-reports, org-report for the manager side of HackerOne
  • Credential validation — fails fast with a clear message instead of hanging on bad/missing creds
  • README rewrite — TOC, command reference table, install/update/uninstall docs, collapsible examples
  • .gitignore added (was missing)
  • All 9 existing API endpoints verified as current

Test plan

  • just install sets up the project
  • just test passes all smoke tests
  • just check passes ruff lint and format checks
  • hackerone help shows hacker and program management commands
  • hackerone programs 5 --json returns valid JSON
  • hackerone balance -v shows auth and progress info
  • hackerone help works without credentials
  • Running without credentials fails fast with a clear error
  • org-reports / org-report work with an organization API token

@thereisnotime
Modernize project: uv, ruff, JSON output, justfile, CI
bfc3191 
- Migrate from pip install scripts to uv with pyproject.toml
- Add --json / -j flag for machine-readable output on all commands
- Fix os.get_terminal_size() crash when running without a TTY
- Suppress mdv terminal width warning by setting COLUMNS before import
- Add ruff for linting and formatting, configure in pyproject.toml
- Add GitHub Actions workflow for lint checks on push/PR
- Add justfile with install, lint, test, run recipes
- Rewrite README with proper install/usage docs
- Remove install.sh and install.ps1
@thereisnotime
Clean up README with proper structure and navigation
64a760c 
Table of contents, command reference table, grouped modules
by category, quick start section, just recipes in dev section.
@thereisnotime
Add CLI flags for credentials and custom env file
a6ff4fd 
Support --username/-u, --api-key/-k, and --env-file as alternatives
to environment variables and .env. CLI flags take priority over env.
@thereisnotime
Restructure README for better navigation
fd0f086 
Collapsible install methods and example outputs, clickable TOC
with direct links to each command, command reference table with
anchor links, credentials as a clean priority table.
@thereisnotime
Default to global install with uv tool install
d578c6f 
Most people want to just type 'hackerone' directly, not prefix
everything with 'uv run'. Moved uv sync to alternative methods.
@thereisnotime
Make mdv optional, add verbose mode, fix credential handling
193cdde 
- mdv is now an optional dependency (install with .[markdown])
- Lazy-import mdv only when rendering markdown, no more import-time hangs
- Add --verbose / -v flag for progress logs (stderr)
- Defer .env loading to main() so env var overrides work properly
- Treat empty credential strings as missing
- help and scope no longer require credentials
- Add update/uninstall instructions to README
- Bump version to 1.0.2
@thereisnotime
Add program management commands (org, org-reports, org-report)
2f84d5f 
Support the "other side" of HackerOne - program managers can now
list reports submitted to their programs, view report details, and
check org info. These use the /v1/reports and /v1/me/organizations
endpoints and require an organization-level API token.

Help output now separates hacker and program management commands.
@thereisnotime
Replace lint workflow with full CI pipeline
2e69188 
- Lint job: ruff check + format
- Test job: matrix across Linux/macOS/Windows and Python 3.10/3.12/3.13
- Tests: help, JSON validation, error handling, no-creds behavior
- Add CI badge to README
@thereisnotime
Fix CI: use bash shell on all test steps for Windows compat
0171c15
@thereisnotime
Add all missing program management API endpoints
aca9fdc 
New commands: org-members, org-groups, org-invitations, org-update-report,
org-activities, org-metrics, org-scopes, org-invite-hacker, org-bounty,
org-swag. Full coverage of the HackerOne program management API.
@thereisnotime
Expand CI tests to cover all commands and error paths
ae1bfbf 
Tests for: help output, JSON validity, all error messages,
argument validation for every org command, scope without creds,
verbose flag. 30+ test steps across 9 OS/Python combinations.
@thereisnotime
Fix CI: match command names as substrings in JSON keys
50d265e
@thereisnotime
Copy link
Copy Markdown
Author

thereisnotime commented Mar 27, 2026

@nu11pointer PTAL

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@thereisnotime