feat(cli): complete Phase 04 subcommand surface#3
Open
KeyCode17 wants to merge 1 commit into
Open
Conversation
Split px-cli into module-per-command so each file stays well under
the 200-LOC axum-best-practice rule, then fill in the gaps the
Phase 04 plan tracks:
- `allowlist add --handler cloudflare` — ADR-0023 follow-up. Operator
can mark a target as CF-fronted directly in the YAML without the
deprecated PX_CAMOUFOX_DOMAINS env CSV.
- `allowlist remove --domain ...` — was missing entirely; the phase
plan lists `{add,remove,list}`.
- `allowlist list` now also prints the handler column.
- `keys generate --write` — append the generated id/argon2_hash to
config/keys.yaml in addition to printing (with duplicate-id guard).
- `detect --url ...` — fetch the URL with a stealth-ish UA before
running the regex detector. Non-server errors keep the body so PX
block pages still surface `Detected::Yes`.
- `solve <url>` — call POST /v1/solve on a running px-server with a
Bearer id:secret token (env PX_SERVER_URL / PX_API_KEY supported).
Adds reqwest + serde_json to the workspace and the `env` feature to
clap so api_key / server URL can come from the environment.
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fills the gaps in
px-clithat the Phase 04 plan (docs/phase/04-cli-canary-docs.md) tracks, and refactorspx-cliinto module-per-command so each file stays well below the 200-LOC axum-best-practice rule.New / restored subcommands:
allowlist add --handler cloudflare— ADR-0023 explicit follow-up. Operator can mark a target as CF-fronted via YAML without the deprecatedPX_CAMOUFOX_DOMAINSenv CSV.allowlist remove --domain ...— was missing entirely; the phase plan lists{add,remove,list}.allowlist listnow also prints the resolved handler column.keys generate --write— append the generatedid/argon2_hashtoconfig/keys.yaml(with duplicate-id guard).detect --url ...— fetch the URL with a stealth-ish UA before running the regex detector. Non-server errors keep the response body so PX block pages still surfaceDetected::Yes.solve <url>— callPOST /v1/solveon a running px-server with a Bearerid:secrettoken (envPX_SERVER_URL/PX_API_KEYsupported).Workspace touch:
reqwest(rustls, gzip, json) +serde_jsonto[workspace.dependencies].envfeature to the sharedclapdeclaration so CLI args can fall back to env vars.Why
The Phase 04 deliverable list explicitly expects all five subcommands;
solveandservewere stubs that printed "this is a stub" messages, andallowlist removeplus--handlerwere never wired even though ADR-0023 marked them as follow-ups. With this PR,px-cliis operator-usable end-to-end against a runningpx-server.Test plan
cargo build -p px-clicargo fmt --all -- --checkcargo clippy --workspace --all-targets --all-featuresagainst the lefthook rule setpx-cli allowlist add(with + without--handler),remove,listagainst a temp YAML — round-trip OK, duplicate-domain + missing-domain errors are precisepx-cli keys generate --writeagainst a temp YAML — first call writes, second call rejects the duplicate idpx-cli detect --url https://www.pedidosya.com.ar— returns a clean diagnostic when the upstream is PX-blockedpx-cli --help— subcommands and-htext render correctlyNotes for the reviewer
px-clicrate boundary and the module split is the load-bearing change; splitting would force three independent rewrites ofmain.rs.rustls-tlsto keep openssl out of the build graph; happy to swap if there's a preferred TLS stack.🤖 Generated with Claude Code