feat(X402-42): --endpoint <paid-url> per-route 402 probe mode (D.4)#77
Merged
Merged
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
For services that publish per-route instead of at root /.well-known/x402 — the #2207 pattern documented by @AsaiShota (test-echo-cdp), @evanatpizzarobot (TensorFeed), and @0xdespot (hyperD.ai). v0.3.0/0.3.1 verdicted these as `implementation_issue` despite being correctly implemented; default mode requires root well-known. When `--endpoint <paid-url>` is supplied: - Skip the root /.well-known/x402 probe entirely (emits a pass-status result with a "skipped per --endpoint" message; preserves the 4-result envelope shape per ADR-004 Pillar 2) - Fetch the 402 challenge directly from the given paid URL - Run manifest-shape validations against the 402 body - Self-payment + indexing run unchanged (consume challenge body's payTo) UX: - One-line info note prints when --endpoint is used - Routes to stdout in human format, stderr in json format (preserves stdout JSON-parseability) - Non-URL values rejected with exit 1 and a clear error New `endpoint?: string` on BazaarCheckOptions (programmatic) and BazaarCheckCommandOptions (CLI). Tests: 6 new integration tests in bazaar-check-pipeline.test.ts — happy path, malformed challenge, non-402 response, invalid URL, human-format UX note, json-format UX note routing. 435 total tests pass (was 429). Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>
fardinvahdat
force-pushed
the
feat/X402-42-d4-endpoint-per-route-probe
branch
from
a6e4a43 to
afb1782
Compare
7 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
X402-42 (D.4) — new
bazaar-check --endpoint <paid-url>flag for per-route 402 probe mode. Unblocks the #2207 services that publish per-route instead of at root/.well-known/x402: @AsaiShota'stest-echo-cdp, @evanatpizzarobot's TensorFeed, @0xdespot's hyperD.ai.Why
v0.3.0/0.3.1 always probes root
/.well-known/x402first. Per-route services return 404 there → false-positiveimplementation_issueverdict on services whose actual implementation is correct. Three named operators on #2207 confirmed this pattern.What changes
bazaar-check --endpoint <paid-url>(CLI flag)When supplied:
"skipped per --endpoint (probing <url> directly instead of /.well-known/x402)"message. Preserves the 4-result envelope shape per ADR-004 Pillar 2 (JSON API stability).<paid-url>instead of<service-url>extensions.bazaaretc.) — same logic, different data sourcepayToregardless of how the challenge was obtainedUX info note
A one-line note prints when
--endpointis used:Routes to stdout in
--log human, stderr in--log jsonso stdout stays JSON-parseable.Validation
--endpointvalue is URL-validated at command entry. Non-URL values exit 1 (EXIT_USAGE) with a clear error.Acceptance criteria (X402-42)
--endpoint <paid-url>flag implemented onbazaar-checknpx x402trace bazaar-check --endpoint https://api.tensorfeed.ai/api/premium/<route>parses cleanly and produces verdict + sub-checks against the actual paid endpoint, without requiring root well-known--endpointmode (no false-fail on well-known)--endpoint--endpointis used (per UX note above)[Unreleased]### Addedentry +### JSON APIsubsection documenting the additive well-known result shapeStrict audit gate — abbreviated (user-in-loop mode)
bd7494a(PR feat(X402-41): ADR-004 — v0.3.2 scope + JSON API stability + facilitator-aware verdict semantics #75 ADR-004 just-merged); .gitignore WIP on branch but NOT staged (hard rule docs(X402-8): SPEC.md v0.1 — implements the wedge from ADR-001 #7 preserved)### JSON APIsubsection added; cross-references to ADR-004 + X402-47 (fixture consumption uses --endpoint) presentWhat unblocks on merge
--endpointfor the d4-targets row of the 6-fixture pipeline (test-echo-cdp, tensorfeed, hyperd, anchor-x402)🤖 Generated with Claude Code