Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
feat(cli): add bm cloud share command group (create/list/update/revoke) #965
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Uh oh!
There was an error while loading. Please reload this page.
feat(cli): add bm cloud share command group (create/list/update/revoke) #965
Changes from 2 commits
205196b22901c3a8e452d440a2aaFile filter
Filter by extension
Conversations
Uh oh!
There was an error while loading. Please reload this page.
Jump to
Uh oh!
There was an error while loading. Please reload this page.
There are no files selected for viewing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As of July 7, 2026, this
--expires-at 2025-12-31example is already in the past, so users copying the new--helptext will either create a share that is immediately expired or hit server-side expiration validation instead of the documented happy path. Please update the visible examples/error text to a future date or a non-stale placeholder.Useful? React with 👍 / 👎.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For cloud projects that are configured in a non-default/team workspace, this request only authenticates and never sends the
X-Workspace-IDheader used elsewhere for workspace-scoped cloud calls, so/api/shareswill be evaluated against the default tenant and the passed project name can be missing or refer to the wrong workspace. Resolve the workspace from the project/default config or expose--workspace, then pass it through the request headers for create/list/update/revoke.Useful? React with 👍 / 👎.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good catch, and confirmed. The cloud
/api/sharesendpoints all depend onResolvedWorkspaceDep, whichresolve_workspacederives from theX-Workspace-IDheader (see basic-memory-clouddeps.py); with no header the request falls back to the caller’s API-key/personal tenant, so a team-workspace project would resolve against the wrong tenant. Sibling commands already handle this incloud_utils._workspace_headers.Fixed in a8e452d: added a
_workspace_headers()helper that resolves the workspace viaresolve_configured_workspace(explicit--workspace> project’s configuredworkspace_id> global default) and sendsX-Workspace-IDon create/list/update/revoke. Added a--workspaceoption to each command, mirroringbm cloud pull/push. New mocked tests assert the header is built and routed, and that an unresolved workspace sends no header (default tenant, unchanged behavior).There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When
--projectcontains query-reserved characters such as&,+, or#(project names are not restricted to URL-safe slugs), interpolating it directly into the URL changes what the server receives; for exampleR&Dis sent asproject_name=Rplus an extraDparameter. Build this request with encoded query params so filtering works for valid project names with special characters.Useful? React with 👍 / 👎.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Confirmed and fixed in a8e452d. The list filter now builds the query with
urllib.parse.urlencode({"project_name": project})instead of raw f-string interpolation, so a name likeR&D+notes #1is sent as a singleproject_name=R%26D%2Bnotes+%231value rather than splitting into stray query params. Extended the mocked tests with a special-characters case asserting both the encoded form is present and the raw ambiguous form never reaches the URL.Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.