Merge branch 'main' into feat/project-create

Author: betegon

CHANGELOG.md

@@ -1,6 +1,47 @@
 # Changelog
 
 <!-- Craft will auto-populate this file -->
+## 0.11.0
+
+### New Features ✨
+
+#### Build
+
+- Add hole-punch tool to reduce compressed binary size by @BYK in [#245](https://github.com/getsentry/cli/pull/245)
+- Add gzip-compressed binary downloads by @BYK in [#244](https://github.com/getsentry/cli/pull/244)
+
+#### Other
+
+- (args) Parse Sentry web URLs as CLI arguments by @BYK in [#252](https://github.com/getsentry/cli/pull/252)
+- (auth) Switch to /auth/ endpoint and add whoami command by @BYK in [#266](https://github.com/getsentry/cli/pull/266)
+- (list) Add pagination and consistent target parsing to all list commands by @BYK in [#262](https://github.com/getsentry/cli/pull/262)
+
+### Bug Fixes 🐛
+
+#### Telemetry
+
+- Reduce noise from version-check JSON parse errors by @BYK in [#253](https://github.com/getsentry/cli/pull/253)
+- Skip Sentry reporting for 4xx API errors by @BYK in [#251](https://github.com/getsentry/cli/pull/251)
+- Handle EPIPE errors from piped stdout gracefully by @BYK in [#250](https://github.com/getsentry/cli/pull/250)
+- Upgrade Sentry SDK to 10.39.0 and remove custom patches by @BYK in [#249](https://github.com/getsentry/cli/pull/249)
+
+#### Other
+
+- (commands) Support org/project/id as single positional arg by @BYK in [#261](https://github.com/getsentry/cli/pull/261)
+- (db) Handle readonly database gracefully instead of crashing by @betegon in [#235](https://github.com/getsentry/cli/pull/235)
+- (errors) Show meaningful detail instead of [object Object] in API errors by @BYK in [#259](https://github.com/getsentry/cli/pull/259)
+- (issue-list) Propagate original errors instead of wrapping in plain Error by @BYK in [#254](https://github.com/getsentry/cli/pull/254)
+- (polyfill) Add exited promise and stdin to Bun.spawn Node.js polyfill by @BYK in [#248](https://github.com/getsentry/cli/pull/248)
+- (project-list) Add pagination and flexible target parsing by @BYK in [#221](https://github.com/getsentry/cli/pull/221)
+- (test) Prevent mock.module() leak from breaking test:isolated by @BYK in [#260](https://github.com/getsentry/cli/pull/260)
+- (upgrade) Remove v prefix from release URLs and work around Bun.write streaming bug by @BYK in [#243](https://github.com/getsentry/cli/pull/243)
+- Repair pagination_cursors composite PK and isolate test suites by @BYK in [#265](https://github.com/getsentry/cli/pull/265)
+
+### Internal Changes 🔧
+
+- (build) Replace local hole-punch script with binpunch package by @BYK in [#246](https://github.com/getsentry/cli/pull/246)
+- Use @sentry/api client for requests by @MathurAditya724 in [#226](https://github.com/getsentry/cli/pull/226)
+
 ## 0.10.0
 
 ### New Features ✨

package.json

@@ -1,6 +1,6 @@
 {
   "name": "sentry",
-  "version": "0.11.0-dev.0",
+  "version": "0.12.0-dev.0",
   "description": "Sentry CLI - A command-line interface for using Sentry built by robots and humans for robots and humans",
   "type": "module",
   "bin": {

plugins/sentry-cli/.claude-plugin/plugin.json

@@ -1,5 +1,5 @@
 {
   "name": "sentry-cli",
-  "version": "0.11.0",
+  "version": "0.12.0",
   "description": "Skills for using the Sentry CLI to interact with Sentry from the command line"
 }

plugins/sentry-cli/skills/sentry-cli/SKILL.md

@@ -94,6 +94,13 @@ sentry auth status
 
 Print the stored authentication token
 
+#### `sentry auth whoami`
+
+Show the currently authenticated user
+
+**Flags:**
+- `--json - Output as JSON`
+
 ### Org
 
 Work with Sentry organizations
@@ -677,6 +684,17 @@ List recent traces in a project
 - `-s, --sort <value> - Sort by: date, duration - (default: "date")`
 - `--json - Output as JSON`
 
+### Whoami
+
+Show the currently authenticated user
+
+#### `sentry whoami`
+
+Show the currently authenticated user
+
+**Flags:**
+- `--json - Output as JSON`
+
 ## Output Formats
 
 ### JSON Output

src/app.ts

@@ -8,6 +8,7 @@ import {
 } from "@stricli/core";
 import { apiCommand } from "./commands/api.js";
 import { authRoute } from "./commands/auth/index.js";
+import { whoamiCommand } from "./commands/auth/whoami.js";
 import { cliRoute } from "./commands/cli/index.js";
 import { eventRoute } from "./commands/event/index.js";
 import { helpCommand } from "./commands/help.js";
@@ -56,6 +57,7 @@ export const routes = buildRouteMap({
     teams: teamListCommand,
     logs: logListCommand,
     traces: traceListCommand,
+    whoami: whoamiCommand,
   },
   defaultCommand: "help",
   docs: {

src/commands/auth/index.ts

@@ -4,6 +4,7 @@ import { logoutCommand } from "./logout.js";
 import { refreshCommand } from "./refresh.js";
 import { statusCommand } from "./status.js";
 import { tokenCommand } from "./token.js";
+import { whoamiCommand } from "./whoami.js";
 
 export const authRoute = buildRouteMap({
   routes: {
@@ -12,13 +13,15 @@ export const authRoute = buildRouteMap({
     refresh: refreshCommand,
     status: statusCommand,
     token: tokenCommand,
+    whoami: whoamiCommand,
   },
   docs: {
     brief: "Authenticate with Sentry",
     fullDescription:
       "Manage authentication with Sentry. Use 'sentry auth login' to authenticate, " +
       "'sentry auth logout' to remove credentials, 'sentry auth refresh' to manually refresh your token, " +
       "'sentry auth status' to check your authentication status, " +
+      "'sentry auth whoami' to show your current user identity, " +
       "and 'sentry auth token' to print your token for use in scripts.",
   },
 });

src/commands/auth/login.ts

@@ -67,7 +67,8 @@ export const loginCommand = buildCommand({
         );
       }
 
-      // Try to get user info (works with API tokens, may not work with OAuth App tokens)
+      // Fetch and cache user info via /auth/ (works with all token types).
+      // A transient failure here must not block login — the token is already valid.
       let user: Awaited<ReturnType<typeof getCurrentUser>> | undefined;
       try {
         user = await getCurrentUser();
@@ -78,7 +79,7 @@ export const loginCommand = buildCommand({
           name: user.name,
         });
       } catch {
-        // Ignore - user info is optional, token may not have permission
+        // Non-fatal: user info is supplementary. Token remains stored and valid.
       }
 
       stdout.write(`${success("✓")} Authenticated with API token\n`);

src/commands/auth/whoami.ts

@@ -0,0 +1,72 @@
+/**
+ * sentry auth whoami
+ *
+ * Display the currently authenticated user's identity by fetching live from
+ * the /auth/ endpoint. Unlike `sentry auth status`, this command only shows
+ * who you are — no token details, no defaults, no org verification.
+ */
+
+import type { SentryContext } from "../../context.js";
+import { getCurrentUser } from "../../lib/api-client.js";
+import { buildCommand } from "../../lib/command.js";
+import { isAuthenticated } from "../../lib/db/auth.js";
+import { setUserInfo } from "../../lib/db/user.js";
+import { AuthError } from "../../lib/errors.js";
+import { formatUserIdentity, writeJson } from "../../lib/formatters/index.js";
+
+type WhoamiFlags = {
+  readonly json: boolean;
+};
+
+export const whoamiCommand = buildCommand({
+  docs: {
+    brief: "Show the currently authenticated user",
+    fullDescription:
+      "Fetch and display the identity of the currently authenticated user.\n\n" +
+      "This calls the Sentry API live (not cached) so the result always reflects " +
+      "the current token. Works with all token types: OAuth, API tokens, and OAuth App tokens.",
+  },
+  parameters: {
+    flags: {
+      json: {
+        kind: "boolean",
+        brief: "Output as JSON",
+        default: false,
+      },
+    },
+  },
+  async func(this: SentryContext, flags: WhoamiFlags): Promise<void> {
+    const { stdout } = this;
+
+    if (!(await isAuthenticated())) {
+      throw new AuthError("not_authenticated");
+    }
+
+    const user = await getCurrentUser();
+
+    // Keep cached user info up to date. Non-fatal: display must succeed even
+    // if the DB write fails (read-only filesystem, corrupted database, etc.).
+    try {
+      setUserInfo({
+        userId: user.id,
+        email: user.email,
+        username: user.username,
+        name: user.name,
+      });
+    } catch {
+      // Cache update failure is non-essential — user identity was already fetched.
+    }
+
+    if (flags.json) {
+      writeJson(stdout, {
+        id: user.id,
+        name: user.name ?? null,
+        username: user.username ?? null,
+        email: user.email ?? null,
+      });
+      return;
+    }
+
+    stdout.write(`${formatUserIdentity(user)}\n`);
+  },
+});

src/lib/api-client.ts

@@ -305,9 +305,23 @@ export async function apiRequestToRegion<T>(
   }
 
   const data = await response.json();
-  const validated = schema ? schema.parse(data) : (data as T);
 
-  return { data: validated, headers: response.headers };
+  if (schema) {
+    const result = schema.safeParse(data);
+    if (!result.success) {
+      // Treat schema validation failures as API errors so they surface cleanly
+      // through the central error handler rather than showing a raw ZodError
+      // stack trace. This guards against unexpected API response format changes.
+      throw new ApiError(
+        `Unexpected response format from ${endpoint}`,
+        response.status,
+        result.error.message
+      );
+    }
+    return { data: result.data, headers: response.headers };
+  }
+
+  return { data: data as T, headers: response.headers };
 }
 
 /**
@@ -1422,12 +1436,15 @@ export async function triggerSolutionPlanning(
 
 /**
  * Get the currently authenticated user's information.
- * Uses the /users/me/ endpoint on the control silo.
+ *
+ * Uses the `/auth/` endpoint on the control silo, which works with all token
+ * types (OAuth, API tokens, OAuth App tokens). Unlike `/users/me/`, this
+ * endpoint does not return 403 for OAuth tokens.
  */
 export async function getCurrentUser(): Promise<SentryUser> {
   const { data } = await apiRequestToRegion<SentryUser>(
     getControlSiloUrl(),
-    "/users/me/",
+    "/auth/",
     { schema: SentryUserSchema }
   );
   return data;