Skip to content

feat(cli): 1Password save and UX improvements for generated passwords #139

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ascorbic merged 3 commits into from
Mar 15, 2026
Merged

feat(cli): 1Password save and UX improvements for generated passwords #139

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
458b5cd
fix: only show generated password when clipboard is unavailable
ascorbic Mar 15, 2026
0b04bd6
feat: offer 1Password save for generated passwords
ascorbic Mar 15, 2026
b64acc0
fix: use assignment syntax for op username field
ascorbic Mar 15, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 50 additions & 0 deletions packages/pds/src/cli/utils/cli-helpers.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -203,6 +203,56 @@ export async function saveTo1Password(
});
}

/**
* Save a password to 1Password as a Login item for bsky.app
*/
export async function savePasswordTo1Password(
password: string,
handle: string,
): Promise<{ success: boolean; itemName?: string; error?: string }> {
const itemName = `Bluesky - @${handle}`;

return new Promise((resolve) => {
const child = spawn(
"op",
[
"item",
"create",
"--category",
"Login",
"--title",
itemName,
`username=${handle}`,
`password=${password}`,
"--url=https://bsky.app",
"--tags",
"cirrus,pds,bluesky",
],
{ stdio: ["ignore", "pipe", "pipe"] },
);

let stderr = "";
child.stderr?.on("data", (data) => {
stderr += data.toString();
});

child.on("error", (err) => {
resolve({ success: false, error: err.message });
});

child.on("close", (code) => {
if (code === 0) {
resolve({ success: true, itemName });
} else {
resolve({
success: false,
error: stderr || `1Password CLI exited with code ${code}`,
});
}
});
});
}

export interface RunCommandOptions {
/** If true, stream output to stdout/stderr in real-time */
stream?: boolean;
Expand Down
71 changes: 63 additions & 8 deletions packages/pds/src/cli/utils/secrets.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,12 @@ import bcrypt from "bcryptjs";
import * as p from "@clack/prompts";
import { setSecret, setVar, type SecretName } from "./wrangler.js";
import { setDevVar } from "./dotenv.js";
import { promptSelect, copyToClipboard } from "./cli-helpers.js";
import {
promptSelect,
copyToClipboard,
is1PasswordAvailable,
savePasswordTo1Password,
} from "./cli-helpers.js";

export interface SigningKeypair {
privateKey: string; // hex-encoded
Expand Down Expand Up @@ -78,15 +83,65 @@ export async function promptPassword(handle?: string): Promise<string> {

if (method === "generate") {
const password = generatePassword();
p.note(password, "Generated password");
const copied = await copyToClipboard(password);
if (copied) {
p.log.success("Copied to clipboard");
const has1Password = await is1PasswordAvailable();

type SaveOption = "1password" | "clipboard" | "show";
const saveOptions: Array<{
value: SaveOption;
label: string;
hint: string;
}> = [];

if (has1Password) {
saveOptions.push({
value: "1password",
label: "Save to 1Password",
hint: "as a bsky.app login",
});
}

saveOptions.push(
{ value: "clipboard", label: "Copy to clipboard", hint: "paste into password manager" },
{ value: "show", label: "Display it", hint: "shown in terminal" },
);

const saveChoice = await promptSelect<SaveOption>({
message: "Where should we save the password?",
options: saveOptions,
});

if (saveChoice === "1password") {
const spinner = p.spinner();
spinner.start("Saving to 1Password...");
const result = await savePasswordTo1Password(password, handle ?? "");
if (result.success) {
spinner.stop("Saved to 1Password");
p.log.success(`Created: "${result.itemName}"`);
} else {
spinner.stop("Failed to save to 1Password");
p.log.error(result.error || "Unknown error");
// Fall back to clipboard
const copied = await copyToClipboard(password);
if (copied) {
p.log.info("Copied to clipboard instead");
} else {
p.note(password, "Generated password");
p.log.warn("Save this password somewhere safe!");
}
}
} else if (saveChoice === "clipboard") {
const copied = await copyToClipboard(password);
if (copied) {
p.log.success("Password generated and copied to clipboard");
} else {
p.note(password, "Generated password");
p.log.warn("Could not copy to clipboard — save this password somewhere safe!");
}
} else {
p.log.warn(
"Could not copy to clipboard — save this password somewhere safe!",
);
p.note(password, "Generated password");
p.log.warn("Save this password somewhere safe!");
}

return password;
}

Expand Down
Loading