The Vendo CLI. Log in to your Vendo account, develop apps locally with real Vendo identity, validate deploy manifests, and SSH into your running deployments.
npm i -g @vendodev/cli
vendo --help| Command | What it does |
|---|---|
vendo login |
Open the browser to authorize the CLI; stores a long-lived API key in ~/.vendo/config.json. |
vendo logout |
Remove the local credential. |
vendo whoami |
Show the email + tenant the CLI is logged in as. |
vendo validate [file] |
Lint a vendo.yaml manifest against the public schema. Defaults to ./vendo.yaml. |
vendo dev |
Localhost reverse proxy that fronts your local app with real Vendo identity headers. Useful when developing apps that expect to run on a Vendo deployment. |
vendo ssh <deployment> |
Open an interactive shell on a running deployment (Hermes, etc.). |
The CLI authenticates via PKCE against vendo.run. The browser flow returns a long-lived API key (a vendo_sk_* token) scoped to your tenant. The key is stored in ~/.vendo/config.json with mode 0600. Revoke it from the dashboard or via vendo logout (revokes server-side too).
vendo ssh <deployment> brokers a real SSH session into your Railway-hosted deployment. The CLI hits https://vendo.run/api/cli/ssh/:deployment to mint a short-lived session token, then opens a WebSocket to wss://ssh.vendo.run/, which proxies stdio to an OpenSSH child connected to ssh.railway.com. Vendo holds the SSH key; you never see it.
Sessions are audited (start, end, duration, user, deployment). Provider keys do not sit in the deployment env — only a scoped vendo_sk_* proxy token, which is rate-limited and spend-capped server-side.
git clone git@github.com:runvendo/vendo-cli.git
cd vendo-cli
npm install
npm test
npm run smokeMIT