feat!: harden raw browser control and packaging

- Add safe-by-default policy gates for raw command surfaces: command, script, and serve-http /command. - Require explicit opt-ins for page reads, browser control, and high-risk commands such as dom.eval, storage.*, and screenshots. - Remove all cookies support from CLI, SDK, extension commands, permissions, constants, docs, and tests. - Add diagnostic, events, watch, workspace, remote, raw command, script, HTTP gateway, tree-view, session import/export, and extension info/capability commands. - Add Chrome Web Store packaging that strips manifest.key while keeping local packages with a stable native-messaging extension ID. - Bump browser-cli and extension version to 0.14.1 and cover the new behavior with pytest and extension packaging tests. BREAKING CHANGE: cookies commands and the b.cookies SDK namespace have been removed; generic raw command execution now blocks non-safe commands unless explicitly allowed.
2026-06-14 14:33:15 +02:00
parent 3e3b8d529c
commit 5cec57e06d
43 changed files with 1184 additions and 375 deletions
@@ -8,6 +8,27 @@ console = Console()
 def extension_group():
    """Manage the browser-cli browser extension."""

+@extension_group.command("info")
+@handle_errors
+def extension_info():
+    """Show extension version and advertised capabilities."""
+    info = client_from_ctx().extension.info()
+    for key in ("name", "version", "id", "platform"):
+        if key in info:
+            console.print(f"[bold]{key}:[/bold] {info[key]}")
+    caps = info.get("capabilities") or []
+    if caps:
+        console.print("[bold]capabilities:[/bold]")
+        for cap in caps:
+            console.print(f"  - {cap}")
+
+@extension_group.command("capabilities")
+@handle_errors
+def extension_capabilities():
+    """Print extension feature capability strings."""
+    for cap in client_from_ctx().extension.capabilities():
+        console.print(cap)
+
@extension_group.command("reload")
@handle_errors
 def extension_reload():