feat(trial): auto-prompt for Seer trial + sentry trial list/start commands (#399)

## Summary

When Seer commands (`issue explain`, `issue plan`) fail with a budget or
enablement error in an interactive terminal, the CLI now checks for an
available Seer product trial, prompts the user, and retries the command
on success. Additionally, new `sentry trial list` and `sentry trial
start` commands give users proactive control over product trials.

## Auto-prompt flow

Mirrors the existing `executeWithAutoAuth` middleware pattern:

```
main() → executeWithAutoAuth() → executeWithSeerTrialPrompt() → runCommand()
```

1. Seer command fails with `SeerError` (`no_budget` or `not_enabled`)
2. `isTrialEligible()` checks: eligible reason + org slug available +
interactive TTY
3. Fetches trial availability via `GET /api/0/customers/{org}/` (control
silo)
4. Finds an unstarted Seer trial (prefers `seerUsers`, falls back to
`seerAutofix`)
5. Prompts user with consola confirm
6. Starts trial via `PUT /api/0/customers/{org}/product-trial/`
7. Retries the original command through the full middleware chain

Non-eligible errors (`ai_disabled`, missing org slug, non-TTY, API
failures) pass through unchanged.

## Trial commands

### `sentry trial list [org]`
Lists all product trials for an org with status indicators:
- ○ Available (cyan) — not yet started
- ● Active (green) — started, with days remaining
- − Expired (muted) — ended

Supports `--json` and `--fields` for machine consumption.

### `sentry trial start <name> [org]`
Starts a named product trial. Supported names: `seer`, `replays`,
`performance`, `spans`, `profiling`, `logs`.

Features smart argument swap detection — `sentry trial start my-org
seer` works the same as `sentry trial start seer my-org`.

## Key design decisions

- **`isTrialEligible()` accepts `unknown`** — does the `instanceof
SeerError` check internally so callers don't need to narrow first
- **Control silo routing** — `/customers/` is a billing endpoint, uses
`getControlSiloUrl()` not region URLs
- **Consola logger** — all user-facing output uses
`log.info()`/`log.warn()`/`log.success()` per project conventions (no
raw `stderr.write`)
- **Graceful degradation** — API failures during trial check silently
fall through to the normal error display
- **`ai_disabled` excluded** — admin's explicit choice to disable AI;
trial wouldn't override it
- **UTC timezone** — `getTrialStatus()` uses `setUTCHours()` for
consistent date comparison
- **Soft trial hints in error messages** — `SeerError.format()` says
"You may be eligible" + `sentry trial list` (not a direct "start" since
trial may not exist)

## New files

| File | Description |
|------|-------------|
| `src/lib/seer-trial.ts` | `isTrialEligible()` +
`promptAndStartTrial()` |
| `src/lib/trials.ts` | Trial name mapping, status helpers,
`findAvailableTrial()` |
| `src/commands/trial/index.ts` | Route map for trial subcommands |
| `src/commands/trial/list.ts` | `sentry trial list` command |
| `src/commands/trial/start.ts` | `sentry trial start` command |
| `src/lib/arg-parsing.ts` | `detectSwappedTrialArgs()` |

## Modified files

| File | Changes |
|------|---------|
| `src/lib/api-client.ts` | `getProductTrials()` + `startProductTrial()`
using control silo |
| `src/lib/errors.ts` | Soft trial hint in `SeerError.format()` |
| `src/bin.ts` | `executeWithSeerTrialPrompt()` middleware |
| `src/app.ts` | Register trial routes + `trials` alias |
| `src/types/sentry.ts` | `ProductTrialSchema`,
`CustomerTrialInfoSchema` |

## Tests

- **20 unit tests** for trial prompt flow (`seer-trial.test.ts`)
- **10 unit tests** for trial API client
(`api-client.seer-trial.test.ts`)
- **30 unit tests** for trial helpers (`trials.test.ts`)
- **4 property-based tests** for eligibility invariants
(`seer-trial.property.test.ts`)
- **9 unit tests** for `trial list` command (`trial/list.test.ts`)
- **10 unit tests** for `trial start` command (`trial/start.test.ts`)
- **4 unit tests** for `detectSwappedTrialArgs` (`arg-parsing.test.ts`)
- 87 trial-related tests total, all passing

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

Author: BYK

AGENTS.md

@@ -643,10 +643,10 @@ mock.module("./some-module", () => ({
 <!-- lore:019c972c-9f0f-75cd-9e24-9bdbb1ac03d6 -->
 * **Numeric issue ID resolution returns org:undefined despite API success**: Numeric issue ID resolution in \`resolveNumericIssue()\`: (1) try DSN/env/config for org, (2) if found use \`getIssueInOrg(org, id)\` with region routing, (3) else fall back to unscoped \`getIssue(id)\`, (4) extract org from \`issue.permalink\` via \`parseSentryUrl\` as final fallback. \`parseSentryUrl\` handles path-based (\`/organizations/{org}/...\`) and subdomain-style URLs. \`matchSubdomainOrg()\` filters region subdomains by requiring slug length > 2. Self-hosted uses path-based only.
 
-### Decision
+<!-- lore:019ce0bb-f35d-7380-b661-8dc56f9938cf -->
+* **Seer trial prompt uses middleware layering in bin.ts error handling chain**: The CLI's error recovery middlewares in \`bin.ts\` are layered: \`main() → executeWithAutoAuth() → executeWithSeerTrialPrompt() → runCommand()\`. Seer trial prompts (for \`no\_budget\`/\`not\_enabled\` errors) are caught by the inner wrapper; auth errors bubble up to the outer wrapper. After successful auth login retry, the retry also goes through \`executeWithSeerTrialPrompt\` (not \`runCommand\` directly) so the full middleware chain applies. Trial check API: \`GET /api/0/customers/{org}/\` → \`productTrials\[]\` (prefer \`seerUsers\`, fallback \`seerAutofix\`). Start trial: \`PUT /api/0/customers/{org}/product-trial/\`. The \`/customers/\` endpoint is getsentry SaaS-only; self-hosted 404s gracefully. \`ai\_disabled\` errors are excluded (admin's explicit choice). \`startSeerTrial\` accepts \`category\` from the trial object — don't hardcode it.
 
-<!-- lore:019cc2ef-9be5-722d-bc9f-b07a8197eeed -->
-* **All view subcommands should use \<target> \<id> positional pattern**: All \`\* view\` subcommands should follow a consistent \`\<target> \<id>\` positional argument pattern where target is the optional \`org/project\` specifier. During migration, use opportunistic argument swapping with a stderr warning when args are in wrong order. This is an instance of the broader CLI UX auto-correction pattern: safe when input is already invalid, correction is unambiguous, warning goes to stderr. Normalize at command level, keep parsers pure. Model after \`gh\` CLI conventions.
+### Decision
 
 <!-- lore:019c99d5-69f2-74eb-8c86-411f8512801d -->
 * **Raw markdown output for non-interactive terminals, rendered for TTY**: Markdown-first output pipeline: custom renderer in \`src/lib/formatters/markdown.ts\` walks \`marked\` tokens to produce ANSI-styled output. Commands build CommonMark using helpers (\`mdKvTable()\`, \`mdRow()\`, \`colorTag()\`, \`escapeMarkdownCell()\`, \`safeCodeSpan()\`) and pass through \`renderMarkdown()\`. \`isPlainOutput()\` precedence: \`SENTRY\_PLAIN\_OUTPUT\` > \`NO\_COLOR\` > \`FORCE\_COLOR\` > \`!isTTY\`. \`--json\` always outputs JSON. Colors defined in \`COLORS\` object in \`colors.ts\`. Tests run non-TTY so assertions match raw CommonMark; use \`stripAnsi()\` helper for rendered-mode assertions.
@@ -689,7 +689,7 @@ mock.module("./some-module", () => ({
 * **Org-scoped SDK calls follow getOrgSdkConfig + unwrapResult pattern**: All org-scoped API calls in src/lib/api-client.ts: (1) call \`getOrgSdkConfig(orgSlug)\` for regional URL + SDK config, (2) spread into SDK function: \`{ ...config, path: { organization\_id\_or\_slug: orgSlug, ... } }\`, (3) pass to \`unwrapResult(result, errorContext)\`. Shared helpers \`resolveAllTargets\`/\`resolveOrgAndProject\` must NOT call \`fetchProjectId\` — commands that need it enrich targets themselves.
 
 <!-- lore:5ac4e219-ea1f-41cb-8e97-7e946f5848c0 -->
-* **PR workflow: wait for Seer and Cursor BugBot before resolving**: After pushing a PR in the getsentry/cli repo, the CI pipeline includes Seer Code Review and Cursor Bugbot as advisory checks. Both typically take 2-3 minutes but may not trigger on draft PRs — only ready-for-review PRs reliably get bot reviews. The workflow is: push → wait for all CI (including npm build jobs which test the actual bundle) → check for inline review comments from Seer/BugBot → fix if needed → repeat. Use \`gh pr checks \<PR> --watch\` to monitor. Review comments are fetched via \`gh api repos/OWNER/REPO/pulls/NUM/comments\` and \`gh api repos/OWNER/REPO/pulls/NUM/reviews\`.
+* **PR workflow: wait for Seer and Cursor BugBot before resolving**: After pushing a PR in getsentry/cli, CI includes Seer Code Review and Cursor Bugbot as advisory checks (~2-3 min). They may not trigger on draft PRs — use \`gh pr ready\` first. Workflow: push → \`gh pr checks \<PR> --watch\` → check for bot review comments → fix → repeat. Use GraphQL \`reviewThreads\` query with \`isResolved\` filter to find unresolved comments. Reply to bot comments after fixing.
 
 <!-- lore:019cb162-d3ad-7b05-ab4f-f87892d517a6 -->
 * **Shared pagination infrastructure: buildPaginationContextKey and parseCursorFlag**: List commands with cursor pagination use \`buildPaginationContextKey(type, identifier, flags)\` for composite context keys and \`parseCursorFlag(value)\` accepting \`"last"\` magic value. Critical: \`resolveCursor()\` must be called inside the \`org-all\` override closure, not before \`dispatchOrgScopedList\` — otherwise cursor validation errors fire before the correct mode-specific error.

plugins/sentry-cli/skills/sentry-cli/SKILL.md

@@ -667,6 +667,26 @@ View logs associated with a trace
 - `--json - Output as JSON`
 - `--fields <value> - Comma-separated fields to include in JSON output (dot.notation supported)`
 
+### Trial
+
+Manage product trials
+
+#### `sentry trial list <org>`
+
+List product trials
+
+**Flags:**
+- `--json - Output as JSON`
+- `--fields <value> - Comma-separated fields to include in JSON output (dot.notation supported)`
+
+#### `sentry trial start <name> <org>`
+
+Start a product trial
+
+**Flags:**
+- `--json - Output as JSON`
+- `--fields <value> - Comma-separated fields to include in JSON output (dot.notation supported)`
+
 ### Init
 
 Initialize Sentry in your project
@@ -794,6 +814,18 @@ List recent traces in a project
 - `--json - Output as JSON`
 - `--fields <value> - Comma-separated fields to include in JSON output (dot.notation supported)`
 
+### Trials
+
+List product trials
+
+#### `sentry trials <org>`
+
+List product trials
+
+**Flags:**
+- `--json - Output as JSON`
+- `--fields <value> - Comma-separated fields to include in JSON output (dot.notation supported)`
+
 ### Whoami
 
 Show the currently authenticated user

src/app.ts

@@ -28,6 +28,8 @@ import { teamRoute } from "./commands/team/index.js";
 import { listCommand as teamListCommand } from "./commands/team/list.js";
 import { traceRoute } from "./commands/trace/index.js";
 import { listCommand as traceListCommand } from "./commands/trace/list.js";
+import { trialRoute } from "./commands/trial/index.js";
+import { listCommand as trialListCommand } from "./commands/trial/list.js";
 import { CLI_VERSION } from "./lib/constants.js";
 import {
   AuthError,
@@ -49,6 +51,7 @@ const PLURAL_TO_SINGULAR: Record<string, string> = {
   teams: "team",
   logs: "log",
   traces: "trace",
+  trials: "trial",
 };
 
 /** Top-level route map containing all CLI commands */
@@ -65,6 +68,7 @@ export const routes = buildRouteMap({
     event: eventRoute,
     log: logRoute,
     trace: traceRoute,
+    trial: trialRoute,
     init: initCommand,
     api: apiCommand,
     issues: issueListCommand,
@@ -74,6 +78,7 @@ export const routes = buildRouteMap({
     teams: teamListCommand,
     logs: logListCommand,
     traces: traceListCommand,
+    trials: trialListCommand,
     whoami: whoamiCommand,
   },
   defaultCommand: "help",

src/bin.ts

@@ -6,6 +6,7 @@ import { AuthError, formatError, getExitCode } from "./lib/errors.js";
 import { error } from "./lib/formatters/colors.js";
 import { runInteractiveLogin } from "./lib/interactive-login.js";
 import { getEnvLogLevel, setLogLevel } from "./lib/logger.js";
+import { isTrialEligible, promptAndStartTrial } from "./lib/seer-trial.js";
 import { withTelemetry } from "./lib/telemetry.js";
 import { startCleanupOldBinary } from "./lib/upgrade.js";
 import {
@@ -29,26 +30,65 @@ function handleStreamError(err: NodeJS.ErrnoException): void {
 process.stdout.on("error", handleStreamError);
 process.stderr.on("error", handleStreamError);
 
-/** Run CLI command with telemetry wrapper */
-async function runCommand(args: string[]): Promise<void> {
-  await withTelemetry(async (span) =>
-    run(app, args, buildContext(process, span))
-  );
-}
+/**
+ * Error-recovery middleware for the CLI.
+ *
+ * Each middleware wraps command execution and may intercept specific errors
+ * to perform recovery actions (e.g., login, start trial) then retry.
+ *
+ * Middlewares are applied innermost-first: the last middleware in the array
+ * wraps the outermost layer, so it gets first crack at errors. This means
+ * auth recovery (outermost) can catch errors from both the command AND
+ * the trial prompt retry.
+ *
+ * @param next - The next function in the chain (command or inner middleware)
+ * @param args - CLI arguments for retry
+ * @returns A function with the same signature, with error recovery added
+ */
+type ErrorMiddleware = (
+  next: (argv: string[]) => Promise<void>,
+  args: string[]
+) => Promise<void>;
 
 /**
- * Execute command with automatic authentication.
+ * Seer trial prompt middleware.
  *
- * If the command fails due to missing authentication and we're in a TTY,
- * automatically run the interactive login flow and retry the command.
+ * Catches trial-eligible SeerErrors and offers to start a free trial.
+ * On success, retries the original command. On failure/decline, re-throws
+ * so the outer error handler displays the full error with upgrade URL.
+ */
+const seerTrialMiddleware: ErrorMiddleware = async (next, args) => {
+  try {
+    await next(args);
+  } catch (err) {
+    if (isTrialEligible(err)) {
+      const started = await promptAndStartTrial(
+        // biome-ignore lint/style/noNonNullAssertion: isTrialEligible guarantees orgSlug is defined
+        err.orgSlug!,
+        err.reason
+      );
+
+      if (started) {
+        process.stderr.write("\nRetrying command...\n\n");
+        await next(args);
+        return;
+      }
+    }
+    throw err;
+  }
+};
+
+/**
+ * Auto-authentication middleware.
  *
- * @throws Re-throws any non-authentication errors from the command
+ * Catches auth errors (not_authenticated, expired) in interactive TTYs
+ * and runs the login flow. On success, retries through the full middleware
+ * chain so inner middlewares (e.g., trial prompt) also apply to the retry.
  */
-async function executeWithAutoAuth(args: string[]): Promise<void> {
+const autoAuthMiddleware: ErrorMiddleware = async (next, args) => {
   try {
-    await runCommand(args);
+    await next(args);
   } catch (err) {
-    // Auto-login for auth errors in interactive TTY environments
     // Use isatty(0) for reliable stdin TTY detection (process.stdin.isTTY can be undefined in Bun)
     // Errors can opt-out via skipAutoAuth (e.g., auth status command)
     if (
@@ -71,21 +111,58 @@ async function executeWithAutoAuth(args: string[]): Promise<void> {
 
       if (loginSuccess) {
         process.stderr.write("\nRetrying command...\n\n");
-        await runCommand(args);
+        await next(args);
         return;
       }
 
-      // Login failed or was cancelled - set exit code and return
-      // (don't call process.exit() directly to allow finally blocks to run)
+      // Login failed or was cancelled
       process.exitCode = 1;
       return;
     }
 
-    // Re-throw non-auth errors to be handled by main
     throw err;
   }
+};
+
+/**
+ * Error-recovery middlewares applied around command execution.
+ *
+ * Order matters: applied innermost-first, so the last entry wraps the
+ * outermost layer. Auth middleware is outermost so it catches errors
+ * from both the command and any inner middleware retries.
+ *
+ * To add a new middleware, append it to this array.
+ */
+const errorMiddlewares: ErrorMiddleware[] = [
+  seerTrialMiddleware,
+  autoAuthMiddleware,
+];
+
+/** Run CLI command with telemetry wrapper */
+async function runCommand(args: string[]): Promise<void> {
+  await withTelemetry(async (span) =>
+    run(app, args, buildContext(process, span))
+  );
+}
+
+/**
+ * Build the command executor by composing error-recovery middlewares.
+ *
+ * Wraps `runCommand` with each middleware in order (innermost-first),
+ * producing a single function that handles all error recovery.
+ */
+function buildExecutor(): (args: string[]) => Promise<void> {
+  let executor = runCommand;
+  for (const mw of errorMiddlewares) {
+    const next = executor;
+    executor = (args) => mw(next, args);
+  }
+  return executor;
 }
 
+/** Command executor with all error-recovery middlewares applied */
+const executeCommand = buildExecutor();
+
 async function main(): Promise<void> {
   // Clean up old binary from previous Windows upgrade (no-op if file doesn't exist)
   startCleanupOldBinary();
@@ -108,7 +185,7 @@ async function main(): Promise<void> {
   }
 
   try {
-    await executeWithAutoAuth(args);
+    await executeCommand(args);
   } catch (err) {
     process.stderr.write(`${error("Error:")} ${formatError(err)}\n`);
     process.exitCode = getExitCode(err);

src/commands/trial/index.ts

@@ -0,0 +1,15 @@
+import { buildRouteMap } from "@stricli/core";
+import { listCommand } from "./list.js";
+import { startCommand } from "./start.js";
+
+export const trialRoute = buildRouteMap({
+  routes: {
+    list: listCommand,
+    start: startCommand,
+  },
+  docs: {
+    brief: "Manage product trials",
+    fullDescription: "List and start product trials for your organization.",
+    hideRoute: {},
+  },
+});