Security News
RubyGems Adds Cooldown Feature to Bundler for Newly Published Gems
RubyGems and Bundler 4.0.13 introduced an opt-in cooldown feature that delays newly published gems during dependency resolution.
By Sarah Gooding - Jun 05, 2026
Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement →
@codespar/cli
Advanced tools
@codespar/cli
CodeSpar CLI — authenticate, browse servers, execute tools, manage sessions, stream logs, and scaffold projects from your terminal.
@codespar/cli
Command-line interface for CodeSpar — authenticate, inspect servers, execute tools, and manage sessions from your terminal.
Install
npm install -g @codespar/cli
Verify:
codespar --version
Quick start
# One-time: authenticate with your API key
codespar login
# Inspect the catalog
codespar servers list
codespar servers show stripe
codespar tools list --server asaas
codespar tools show codespar_pay
# Run a one-shot tool call
codespar execute codespar_pay \
--server asaas \
--input '{"method":"pix","amount":15000,"currency":"BRL"}'
# Manage sessions
codespar sessions list
codespar sessions show ses_abc123 --logs
codespar sessions close ses_abc123
Commands
| Command | What it does |
|---|---|
login | Save your API key to ~/.codespar/config.json |
logout | Clear the stored API key |
whoami | Show authenticated user, org, project, and key scopes |
servers list | List the server catalog (filter by --category, --region) |
servers show <id> | Show a server's details and tools |
tools list | List tools (filter by --server) |
tools show <name> | Show a tool's full input/output schema |
execute <tool> | Run a single tool call in a throwaway session |
sessions list | List recent sessions (filter by --status, --limit) |
sessions show <id> | Show session details (add --logs for tool calls) |
sessions close <id> | Close an active session |
connect list | List active Connect Links per user |
connect start <server> | Start an OAuth Connect Link flow (add --open to launch it) |
connect revoke <server> | Revoke a connection |
logs tail | Stream tool-call logs in real time (filter by --server, --status, --tool) |
init <name> | Scaffold a new commerce agent from a template |
Templates available via init
| Slug | Stack | What you get |
|---|---|---|
pix-agent | Node + OpenAI | Minimal Pix charge + WhatsApp notify loop |
ecommerce-checkout | Node + Claude | Full Complete Loop: checkout → invoice → ship → notify |
streaming-chat | Next.js + Vercel AI | Token-by-token streaming commerce chat |
multi-tenant | Next.js + OpenAI | One API key, N tenants, per-tenant billing |
Every command supports:
--json— machine-readable JSON output (pipe intojq)--api-key <key>— override the stored key--base-url <url>— point at a custom API (staging, self-hosted)
Configuration
Resolution order (first match wins):
- Command-line flags (
--api-key,--base-url) - Environment variables (
CODESPAR_API_KEY,CODESPAR_BASE_URL) - Config file at
~/.codespar/config.json(chmod 600)
Scripting
Output is valid JSON on stdout and human messages on stderr, so you can pipe cleanly:
# IDs of all servers that handle Pix
codespar servers list --json \
| jq -r '.[] | select(.capabilities | contains(["pix"])) | .id'
# p95 latency of the last 100 stripe calls in a session
codespar sessions show ses_abc123 --logs --json \
| jq '[.logs[] | select(.server == "stripe") | .duration_ms] | sort | .[95]'
Use --json explicitly when piping — the CLI defaults to tables in a TTY.
Development
This package lives in the codespar-core monorepo.
# From repo root
npm install
npm run build --workspace @codespar/cli
npm run typecheck --workspace @codespar/cli
# Run the local build directly
node packages/cli/dist/index.js --help
License
MIT © CodeSpar
FAQs
CodeSpar CLI — authenticate, browse servers, execute tools, manage sessions, stream logs, and scaffold projects from your terminal.
The npm package @codespar/cli receives a total of 34 weekly downloads. As such, @codespar/cli popularity was classified as not popular.
We found that @codespar/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 19 Apr 2026
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
pnpm 11.5 Adds Support for Recognizing npm Staged Publishes
pnpm 11.5 now recognizes npm staged publish approvals in release metadata, preventing those releases from being mistaken for lower-trust package publishes.
By Sarah Gooding - Jun 04, 2026
Security News
Federal Audit Finds NIST Wasted Funds With No Plan to Clear NVD Backlog
Federal audit finds NIST lacked a plan to clear the NVD backlog, wasted funds on duplicate work, and delayed use of CISA data.
By Sarah Gooding - Jun 03, 2026