New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

lmsq

Package Overview
Dependencies
Maintainers
1
Versions
6
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

lmsq

CLI for the Lemon Squeezy API — manage your store, subscriptions, orders, and more from the command line. AI-agent optimized output.

latest
Source
npmnpm
Version
0.1.6
Version published
Maintainers
1
Created
Source

lmsq — Lemon Squeezy CLI

Unofficial — this project is not affiliated with or endorsed by Lemon Squeezy. It is a community-built tool powered by the official TypeScript SDK.

Comprehensive command-line interface for the Lemon Squeezy API. Full API coverage with AI-agent optimized output.

Features

  • Complete API coverage — 62 operations across 22 resource types (stores, orders, subscriptions, license keys, checkouts, webhooks, and more)
  • AI-agent optimized — flat key: value output by default, --fields to select specific attributes, --only-ids / --count / --pluck for minimal output
  • Works everywhere — ships as a single JS file, installs via npm/npx/yarn/pnpm/bun (Node.js 18+)
  • Developer-friendly — comprehensive --help on every command, consistent patterns, descriptive error messages
  • Multiple output modes — auto-detects TTY for colored tables vs. token-efficient text. --json for clean flattened JSON.

Give it to your AI agent

Install the Agent Skill so your AI assistant knows how to use lmsq — all commands, flags, output modes, and best practices:

npx skills add miketromba/lemonsqueezy-cli

That's it. Your assistant can now manage your Lemon Squeezy store from any conversation.

Installation

npm (recommended)

npm install -g lmsq

Works with any package manager — Node.js 18+ required:

npm install -g lmsq   # npm
yarn global add lmsq  # yarn
pnpm add -g lmsq     # pnpm
bun add -g lmsq      # bun

Or run without installing:

npx lmsq --help

Verify:

lmsq --version

From Source

git clone https://github.com/miketromba/lemonsqueezy-cli.git
cd lemonsqueezy-cli
bun install
bun run dev -- --help    # run from source (requires Bun)

Quick Start

# 1. Authenticate with your Lemon Squeezy API key
lmsq auth login --key lsq_live_xxxxxxxxxxxx

# 2. Verify
lmsq auth status
lmsq user

# 3. Start using it
lmsq stores list
lmsq orders list --page-size 3
lmsq subscriptions list --filter-status active --count

Usage Examples

# Get a specific order
lmsq orders get 12345

# List active subscriptions (just IDs)
lmsq subscriptions list --filter-status active --only-ids

# Get a subscription status (bare value — 1 token)
lmsq subscriptions get 456 --pluck status

# List orders with specific fields only
lmsq orders list --fields status,total,user_email

# Create a checkout
lmsq checkouts create --store-id 1 --variant-id 1

# Create a discount
lmsq discounts create --store-id 1 --name "Launch Sale" --amount 20 --amount-type percent

# Issue a full refund
lmsq orders refund 12345

# Activate a license (public API, no auth needed)
lmsq licenses activate --key XXXXX-XXXXX-XXXXX --instance-name "my-server"

# Get clean JSON output
lmsq orders get 12345 --json

# Get raw JSON:API response
lmsq orders get 12345 --json-raw

Output Modes

The CLI auto-detects whether stdout is an interactive terminal:

  • TTY (terminal) — colored tables with pagination hints
  • Non-TTY (piped/AI agent) — flat key: value lines, no colors, no decoration

Override with flags:

FlagEffect
--jsonClean flattened JSON (no JSON:API wrappers)
--json-rawFull unmodified API response
-f, --fields id,status,emailOnly return specific attributes
--only-idsOne ID per line (list commands)
--countJust the total count (list commands)
--pluck statusJust the bare value (get commands)
--firstReturn only the first result (list commands)
-p, --page NPage number (default: 1)
-s, --page-size NResults per page (default: 5, max: 100)

Commands

lmsq auth              login / logout / status
lmsq user              Show authenticated user
lmsq stores            list / get
lmsq customers         list / get / create / update / archive
lmsq products          list / get
lmsq variants          list / get
lmsq prices            list / get
lmsq files             list / get
lmsq orders            list / get / invoice / refund
lmsq order-items       list / get
lmsq subscriptions     list / get / update / cancel
lmsq subscription-invoices  list / get / generate / refund
lmsq subscription-items     list / get / update / usage
lmsq usage-records     list / get / create
lmsq discounts         list / get / create / delete
lmsq discount-redemptions   list / get
lmsq license-keys      list / get / update
lmsq license-key-instances  list / get
lmsq checkouts         list / get / create
lmsq webhooks          list / get / create / update / delete
lmsq affiliates        list / get
lmsq licenses          activate / validate / deactivate

Every command has full --help. Drill down for details:

lmsq --help                       # All command groups
lmsq subscriptions --help         # All subscription actions
lmsq subscriptions update --help  # All update options

Authentication

# Interactive (prompts for key)
lmsq auth login

# Direct
lmsq auth login --key lsq_live_xxxxxxxxxxxx

# Environment variable (CI/CD, scripts, AI agents)
export LEMONSQUEEZY_API_KEY=lsq_live_xxxxxxxxxxxx

# Per-command override
lmsq stores list --api-key lsq_test_xxxxxxxxxxxx

Resolution order: --api-key flag > LEMONSQUEEZY_API_KEY env var > ~/.config/lemonsqueezy-cli/config.json

AI Agent Usage

The CLI is designed as a first-class tool for LLMs, coding assistants, and autonomous agents. When called via shell tools (non-TTY), output is automatically token-efficient:

# ~3 tokens
lmsq subscriptions list --filter-status active --count
# 47

# ~20 tokens per resource
lmsq orders list --fields id,status,total
# id: 12345
# status: paid
# total: 4900
#
# id: 12346
# status: refunded
# total: 2900
#
# [page 1/10, 47 total]

# 1 token
lmsq subscriptions get 456 --pluck status
# active

Token savings by output mode:

ModeTokens per resource
--json-raw (full JSON:API)~2,000
--json (flattened)~200
Default text (all fields)~150
--fields id,status~20
--only-ids~5
--count~3 total

Development

Requires Bun for development (the published package only needs Node.js).

git clone https://github.com/miketromba/lemonsqueezy-cli.git
cd lemonsqueezy-cli
bun install

bun test                # 59 tests, ~14ms
bun test --watch        # TDD workflow
bun run lint            # Biome linter
bun run typecheck       # TypeScript check
bun run dev -- --help   # Run from source (Bun)

bun run build           # Bundle for Node → dist/lmsq.js
node dist/lmsq.js --help  # Verify the Node bundle works

How the build works

bun run build compiles all TypeScript source + all dependencies into a single dist/lmsq.js file (~111 KB) with a #!/usr/bin/env node shebang. Zero runtime dependencies — everything is inlined. This is what gets published to npm.

prepublishOnly runs the build automatically before npm publish, so you can never accidentally publish without building.

License

MIT

Keywords

lemonsqueezy
lemon-squeezy
cli
billing
subscriptions
payments

FAQs

Package last updated on 16 Feb 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Security News

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

By Sarah Gooding  -  Apr 03, 2026