tuxedomm fbed6beac3 refactor: split Execute into Build + Execute with explicit IO and keychain injection (#371)
* refactor(cmd): split Execute into Build with IO/Keychain injection

Introduce a public cmd.Build entry point so external consumers (cli-server,
MCP server, other embedders) can assemble the full CLI command tree without
going through os.Args or the platform keychain. Build takes an
InvocationContext plus functional BuildOptions:

  * WithIO(in, out, errOut) — inject custom streams; terminal detection
    is derived from the input's underlying *os.File when present.
  * WithKeychain(kc)        — swap the credential store.
  * HideProfile(bool)       — registered later in cmd.HideProfile.

The existing Execute() keeps using the internal buildInternal (which
still returns the Factory so error handling can attribute exit codes),
and SetDefaultFS replaces the global VFS implementation at startup.

Hardening applied up front:

  * cmdutil.NewIOStreams(in, out, errOut) centralizes terminal detection
    so SystemIO() and WithIO share one path.
  * cmdutil.NewDefault normalizes partial IOStreams — callers may pass
    &IOStreams{Out: buf} without tripping nil-writer panics in the
    RoundTripper warnings, Cobra, or the credential provider.
  * Build guards against nil functional options.
  * An API contract test (cmd/build_api_test.go) exercises Build +
    WithIO + WithKeychain + HideProfile + SetDefaultFS so the public
    surface is reachable by deadcode analysis.

Change-Id: I7c895e6019817401accbde2db3ef800da40ad319

* feat(schema): filter methods by strict mode in schema output

When strict mode is active, schema output now excludes methods that
are incompatible with the forced identity. This applies to both
pretty and JSON output formats at the resource and method levels.

Change-Id: I39647d5578466c3e23dc545bfb917ae075203ad7

* refactor: centralize strict-mode as flag registration

Change-Id: Iec11151c5002c2f58a8aa067d08747db2e4d2d8c

* fix(cmd): align strict-mode completion and build context; drop dead register shims

Thread a context.Context through RegisterShortcuts, RegisterServiceCommands,
and service.registerService/Resource/Method by introducing explicit
*WithContext variants. Pass that context into NewCmdServiceMethodWithContext
so shortcut and service command construction can honor cancellation and
strict-mode pruning consistently.

Also drop the context-less registerMethod and registerResource shims —
they became unreachable once the WithContext variants took over, and
were the source of new deadcode warnings. registerService is retained
because service_test.go still calls it directly.

Change-Id: I3fe5673aed663c7383bbbc5b0ae94d1f3491f22d

* refactor(cmd): hide --profile in single-app mode via build option

- GlobalOptions gains HideProfile; RegisterGlobalFlags stays pure and reads
  the policy off the struct. No boolean-trap parameter, one call per site.
- buildConfig holds GlobalOptions inline so HideProfile(bool) BuildOption
  mutates it directly. buildInternal stays a pure assembly function and
  requires callers to supply WithIO — no implicit os.Std* fallback.
- Add WithIO BuildOption (wrapping raw io.Reader/Writer with automatic
  *os.File TTY detection); Execute injects streams explicitly and decides
  profile visibility via HideProfile(isSingleAppMode()).
- installTipsHelpFunc force-shows hidden root flags while rendering the
  root command's own help, so single-app users still discover --profile
  via lark-cli --help without it polluting subcommand helps.

Change-Id: I7755387e993992ca969e0a4a6f54441cc1993eef

* feat(transport): extension abort hook and shared base transport

Two transport-layer changes bundled because both reshape the base
round-tripper contract used by the HTTP client, the Lark SDK client,
and the in-process updater.

1. Extension abort hook (PreRoundTripE).

   Extensions implementing exttransport.AbortableInterceptor can now
   return an error from PreRoundTripE to skip the built-in chain. The
   post hook still fires with (nil, reason) so extensions can unwind
   resources. extensionMiddleware captures the provider name so the
   returned *AbortError carries attribution.

2. Shared base transport to stop RPC leak.

   util.NewBaseTransport cloned http.DefaultTransport on every call, so
   each cmdutil.Factory produced a fresh *http.Transport whose
   persistConn readLoop/writeLoop goroutines lingered until
   IdleConnTimeout (~90s). Invisible in a single-process CLI, but the
   fork is consumed by cli-server where each RPC request constructs a
   new Factory, causing linear memory + goroutine growth under load.

   Replace NewBaseTransport with SharedTransport — returns
   http.DefaultTransport (the stdlib-wide singleton) by default, and
   a cached proxy-disabled clone only when LARK_CLI_NO_PROXY is set.
   Return type is http.RoundTripper to discourage in-place mutation of
   the shared instance. FallbackTransport is kept as a thin
   *http.Transport wrapper so existing callers in internal/auth and
   internal/cmdutil transport decorators (which were already on the
   singleton path) do not have to migrate.

   Leak-site migrations: factory_default.go (HTTP + SDK base) and
   update.go now call SharedTransport directly.

Change-Id: Ia82462134c5c5ee838be878b887860f41446a235

* fix: unblock Build() zero-opts path and sidecar demo build

Two regressions surfaced on refactor/build-execute-split:

1. cmd.Build(ctx, inv) without WithIO panicked at rootCmd.SetIn/Out/Err
   because cfg.streams stayed nil — NewDefault normalized internally
   but cmd/build.go never saw the normalized value. Default cfg.streams
   to cmdutil.SystemIO() before the root command wires them, and add a
   TestBuild_NoOptions regression guard.

2. sidecar/server-demo/main.go still called cmdutil.NewDefault(inv),
   so `go build -tags authsidecar_demo ./sidecar/server-demo` failed
   with "not enough arguments". Pass nil for the new streams parameter
   to preserve the prior behavior (NewDefault substitutes SystemIO).

Change-Id: I20227b2355cde7d19e22eba3eb841c6d8611e8a7
2026-04-21 14:48:40 +08:00
2026-04-20 20:24:51 +08:00
2026-04-20 22:03:08 +08:00
2026-04-20 22:03:08 +08:00
2026-04-17 18:04:15 +08:00

lark-cli

License: MIT Go Version npm version

中文版 | English

The official Lark/Feishu CLI tool, maintained by the larksuite team — built for humans and AI Agents. Covers core business domains including Messenger, Docs, Base, Sheets, Slides, Calendar, Mail, Tasks, Meetings, and more, with 200+ commands and 22 AI Agent Skills.

Install · AI Agent Skills · Auth · Commands · Advanced · Security · Contributing

Why lark-cli?

  • Agent-Native Design — 22 structured Skills out of the box, compatible with popular AI tools — Agents can operate Lark with zero extra setup
  • Wide Coverage — 14 business domains, 200+ curated commands, 22 AI Agent Skills
  • AI-Friendly & Optimized — Every command is tested with real Agents, featuring concise parameters, smart defaults, and structured output to maximize Agent call success rates
  • Open Source, Zero Barriers — MIT license, ready to use, just npm install
  • Up and Running in 3 Minutes — One-click app creation, interactive login, from install to first API call in just 3 steps
  • Secure & Controllable — Input injection protection, terminal output sanitization, OS-native keychain credential storage
  • Three-Layer Architecture — Shortcuts (human & AI friendly) → API Commands (platform-synced) → Raw API (full coverage), choose the right granularity

Features

Category Capabilities
📅 Calendar View agenda, create events, invite attendees, check free/busy status, time suggestions
💬 Messenger Send/reply messages, create and manage group chats, view chat history & threads, search messages, download media
📄 Docs Create, read, update, and search documents, read/write media & whiteboards
📁 Drive Upload and download files, search docs & wiki, manage comments
📊 Base Create and manage tables, fields, records, views, dashboards, workflows, forms, roles & permissions, data aggregation & analytics
📈 Sheets Create, read, write, append, find, and export spreadsheet data
🖼️ Slides Create and manage presentations, read presentation content, and add or remove slides
Tasks Create, query, update, and complete tasks; manage task lists, subtasks, comments & reminders
📚 Wiki Create and manage knowledge spaces, nodes, and documents
👤 Contact Search users by name/email/phone, get user profiles
📧 Mail Browse, search, read emails, send, reply, forward, manage drafts, watch new mail
🎥 Meetings Search meeting records, query meeting minutes & recordings
🕐 Attendance Query personal attendance check-in records
✍️ Approval Query approval tasks, approve/reject/transfer tasks, cancel and CC instances
🎯 OKR Query, create, update OKRs; manage objective & key results, alignments and indicators.

Installation & Quick Start

Requirements

Before you start, make sure you have:

  • Node.js (npm/npx)
  • Go v1.23+ and Python 3 (only required for building from source)

Quick Start (Human Users)

Note for AI assistants: If you are an AI Agent helping the user with installation, jump directly to Quick Start (AI Agent), which contains all the steps you need to complete.

Install

Choose one of the following methods:

Option 1 — From npm (recommended):

# Install CLI
npm install -g @larksuite/cli

# Install CLI SKILL (required)
npx skills add larksuite/cli -y -g

Option 2 — From source:

Requires Go v1.23+ and Python 3.

git clone https://github.com/larksuite/cli.git
cd cli
make install

# Install CLI SKILL (required)
npx skills add larksuite/cli -y -g

Configure & Use

# 1. Configure app credentials (one-time, interactive guided setup)
lark-cli config init

# 2. Log in (--recommend auto-selects commonly used scopes)
lark-cli auth login --recommend

# 3. Start using
lark-cli calendar +agenda

Quick Start (AI Agent)

The following steps are for AI Agents. Some steps require the user to complete actions in a browser.

Step 1 — Install

# Install CLI
npm install -g @larksuite/cli

# Install CLI SKILL (required)
npx skills add larksuite/cli -y -g

Step 2 — Configure app credentials

Run this command in the background. It will output an authorization URL — extract it and send it to the user. The command exits automatically after the user completes the setup in the browser.

lark-cli config init --new

Step 3 — Login

Same as above: run in the background, extract the authorization URL and send it to the user.

lark-cli auth login --recommend

Step 4 — Verify

lark-cli auth status

Agent Skills

Skill Description
lark-shared App config, auth login, identity switching, scope management, security rules (auto-loaded by all other skills)
lark-calendar Calendar events, agenda view, free/busy queries, time suggestions
lark-im Send/reply messages, group chat management, message search, upload/download images & files, reactions
lark-doc Create, read, update, search documents (Markdown-based)
lark-drive Upload, download files, manage permissions & comments
lark-sheets Create, read, write, append, find, export spreadsheets
lark-slides Create and manage presentations, read presentation content, and add or remove slides
lark-base Tables, fields, records, views, dashboards, data aggregation & analytics
lark-task Tasks, task lists, subtasks, reminders, member assignment
lark-mail Browse, search, read emails, send, reply, forward, draft management, watch new mail
lark-contact Search users by name/email/phone, get user profiles
lark-wiki Knowledge spaces, nodes, documents
lark-event Real-time event subscriptions (WebSocket), regex routing & agent-friendly format
lark-vc Search meeting records, query meeting minutes (summary, todos, transcript)
lark-whiteboard Whiteboard/chart DSL rendering
lark-minutes Minutes metadata & AI artifacts (summary, todos, chapters)
lark-openapi-explorer Explore underlying APIs from official docs
lark-skill-maker Custom skill creation framework
lark-attendance Query personal attendance check-in records
lark-approval Query approval tasks, approve/reject/transfer tasks, cancel and CC instances
lark-workflow-meeting-summary Workflow: meeting minutes aggregation & structured report
lark-workflow-standup-report Workflow: agenda & todo summary

Authentication

Command Description
auth login OAuth login with interactive selection or CLI flags for scopes
auth logout Sign out and remove stored credentials
auth status Show current login status and granted scopes
auth check Verify a specific scope (exit 0 = ok, 1 = missing)
auth scopes List all available scopes for the app
auth list List all authenticated users
# Interactive login (TUI guides domain and permission level selection)
lark-cli auth login

# Filter by domain
lark-cli auth login --domain calendar,task

# Recommended auto-approval scopes
lark-cli auth login --recommend

# Exact scope
lark-cli auth login --scope "calendar:calendar:read"

# Agent mode: return verification URL immediately, non-blocking
lark-cli auth login --domain calendar --no-wait
# Resume polling later
lark-cli auth login --device-code <DEVICE_CODE>

# Identity switching: execute commands as user or bot
lark-cli calendar +agenda --as user
lark-cli im +messages-send --as bot --chat-id "oc_xxx" --text "Hello"

Three-Layer Command System

The CLI provides three levels of granularity, covering everything from quick operations to fully custom API calls:

1. Shortcuts

Prefixed with +, designed to be friendly for both humans and AI, with smart defaults, table output, and dry-run previews.

lark-cli calendar +agenda
lark-cli im +messages-send --chat-id "oc_xxx" --text "Hello"
lark-cli docs +create --title "Weekly Report" --markdown "# Progress\n- Completed feature X"

Run lark-cli <service> --help to see all shortcut commands.

2. API Commands

Auto-generated from Lark OAPI metadata, curated through evaluation and quality gates — 100+ commands mapped 1:1 to platform endpoints.

lark-cli calendar calendars list
lark-cli calendar events instance_view --params '{"calendar_id":"primary","start_time":"1700000000","end_time":"1700086400"}'

3. Raw API Calls

Call any Lark Open Platform endpoint directly, covering 2500+ APIs.

lark-cli api GET /open-apis/calendar/v4/calendars
lark-cli api POST /open-apis/im/v1/messages --params '{"receive_id_type":"chat_id"}' --data '{"receive_id":"oc_xxx","msg_type":"text","content":"{\"text\":\"Hello\"}"}'

Advanced Usage

Output Formats

--format json      # Full JSON response (default)
--format pretty    # Human-friendly formatted output
--format table     # Readable table
--format ndjson    # Newline-delimited JSON (for piping)
--format csv       # Comma-separated values

Pagination

--page-all                  # Auto-paginate through all pages
--page-limit 5              # Max 5 pages
--page-delay 500            # 500ms between page requests

Dry Run

For commands that may have side effects, preview the request with --dry-run first:

lark-cli im +messages-send --chat-id oc_xxx --text "hello" --dry-run

Schema Introspection

Use schema to inspect any API method's parameters, request body, response structure, supported identities, and scopes:

lark-cli schema
lark-cli schema calendar.events.instance_view
lark-cli schema im.messages.delete

Security & Risk Warnings (Read Before Use)

This tool can be invoked by AI Agents to automate operations on the Lark/Feishu Open Platform, and carries inherent risks such as model hallucinations, unpredictable execution, and prompt injection. After you authorize Lark/Feishu permissions, the AI Agent will act under your user identity within the authorized scope, which may lead to high-risk consequences such as leakage of sensitive data or unauthorized operations. Please use with caution.

To reduce these risks, the tool enables default security protections at multiple layers. However, these risks still exist. We strongly recommend that you do not proactively modify any default security settings; once relevant restrictions are relaxed, the risks will increase significantly, and you will bear the consequences.

We recommend using the Lark/Feishu bot integrated with this tool as a private conversational assistant. Do not add it to group chats or allow other users to interact with it, to avoid abuse of permissions or data leakage.

Please fully understand all usage risks. By using this tool, you are deemed to voluntarily assume all related responsibilities.

Star History

Star History Chart

Contributing

Community contributions are welcome! If you find a bug or have feature suggestions, please submit an Issue or Pull Request.

For major changes, we recommend discussing with us first via an Issue.

License

This project is licensed under the MIT License. When running, it calls Lark/Feishu Open Platform APIs. To use these APIs, you must comply with the following agreements and privacy policies:

Description
No description provided
Readme MIT 251 MiB
Languages
Go 96.6%
JavaScript 1.9%
Python 0.6%
HTML 0.6%
Shell 0.3%