mirror of
https://github.com/larksuite/cli.git
synced 2026-07-07 17:45:15 +08:00
Add a config set-app-secret command so users and agents can rotate a profile's app secret after resetting it on the open platform, instead of hacking the OS keychain (which fails because the stored value lives in a closed secure store). The command reads the new value from stdin, previews the target and exits 10 without --yes, verifies the value via FetchTAT before writing, stores it through core.ForStorage (the same primitive as config init and config bind), and leaves other profiles untouched. It also redirects the invalid_client hint to the new command and adds an optional target field to the error envelope so the affected bot is named without exposing the secret.