fix: rename proxy references to onecli throughout SDK

Author: johnnyfish

README.md

@@ -28,7 +28,7 @@
 
 ## What is OneCLI?
 
-**OneCLI** (`oc`) is a thin, agent-first CLI that connects AI agents to external services via plugins. The SDK provides a programmatic interface for Node.js applications to interact with OneCLI's proxy, allowing containerized agents to access external APIs without exposing credentials.
+**OneCLI** (`oc`) is a thin, agent-first CLI that connects AI agents to external services via plugins. The SDK provides a programmatic interface for Node.js applications to interact with OneCLI, allowing containerized agents to access external APIs without exposing credentials.
 
 ## Installation
 
@@ -54,18 +54,18 @@ yarn add @onecli/sdk
 
 ### Standalone function
 
-The simplest way to use the SDK. A single function that configures Docker containers to use the OneCLI proxy:
+The simplest way to use the SDK. A single function that configures Docker containers to use OneCLI:
 
 ```typescript
-import { applyProxyConfig } from "@onecli/sdk";
+import { applyOneCLIConfig } from "@onecli/sdk";
 
 const args = ["run", "-i", "--rm", "--name", "my-agent"];
 
-// Fetches proxy config and pushes -e / -v flags onto args
-const proxyActive = await applyProxyConfig(args, "http://localhost:18080");
+// Fetches container config and pushes -e / -v flags onto args
+const active = await applyOneCLIConfig(args, "http://localhost:18080");
 
-// args now contains proxy env vars and volume mounts
-console.log(proxyActive); // true if proxy was reachable
+// args now contains OneCLI env vars and volume mounts
+console.log(active); // true if OneCLI was reachable
 ```
 
 ### Class-based client
@@ -76,33 +76,33 @@ For more control, use the `OneCLI` client class:
 import { OneCLI } from "@onecli/sdk";
 
 const oc = new OneCLI({
-  proxyUrl: "http://localhost:18080",
+  onecliUrl: "http://localhost:18080",
 });
 
 // Get raw container configuration
-const config = await oc.proxy().getContainerConfig();
+const config = await oc.client().getContainerConfig();
 console.log(config.env);    // { HTTPS_PROXY: "...", NODE_EXTRA_CA_CERTS: "...", ... }
 console.log(config.mounts); // [{ hostPath: "...", containerPath: "...", readonly: true }]
 
 // Or apply directly to Docker run args
 const args = ["run", "-i", "--rm", "my-image"];
-const active = await oc.proxy().applyContainerConfig(args);
+const active = await oc.client().applyContainerConfig(args);
 ```
 
 ### Environment variable
 
-Instead of passing `proxyUrl` explicitly, set the `ONECLI_PROXY_URL` environment variable:
+Instead of passing `onecliUrl` explicitly, set the `ONECLI_URL` environment variable:
 
 ```bash
-export ONECLI_PROXY_URL=http://localhost:18080
+export ONECLI_URL=http://localhost:18080
 ```
 
 ```typescript
 import { OneCLI } from "@onecli/sdk";
 
-// Automatically reads from ONECLI_PROXY_URL
+// Automatically reads from ONECLI_URL
 const oc = new OneCLI();
-const active = await oc.proxy().applyContainerConfig(args);
+const active = await oc.client().applyContainerConfig(args);
 ```
 
 ## API Reference
@@ -115,65 +115,65 @@ Main SDK client.
 new OneCLI(options?: OneCLIOptions)
 ```
 
-| Option     | Type     | Default                          | Description                     |
-| ---------- | -------- | -------------------------------- | ------------------------------- |
-| `proxyUrl` | `string` | `process.env.ONECLI_PROXY_URL`   | Base URL of the OneCLI proxy    |
-| `timeout`  | `number` | `5000`                           | Request timeout in milliseconds |
+| Option      | Type     | Default                    | Description                     |
+| ----------- | -------- | -------------------------- | ------------------------------- |
+| `onecliUrl` | `string` | `process.env.ONECLI_URL`   | Base URL of the OneCLI instance |
+| `timeout`   | `number` | `5000`                     | Request timeout in milliseconds |
 
-#### `oc.proxy()`
+#### `oc.client()`
 
-Returns the `ProxyClient` for container configuration. Throws `OneCLIError` if no proxy URL is configured.
+Returns the `Client` for container configuration. Throws `OneCLIError` if no OneCLI URL is configured.
 
 ---
 
-### `ProxyClient`
+### `Client`
 
-Manages communication with the OneCLI proxy's `/container-config` endpoint.
+Manages communication with the OneCLI `/container-config` endpoint.
 
-#### `proxyClient.getContainerConfig()`
+#### `client.getContainerConfig()`
 
-Fetch the raw container configuration from the proxy.
+Fetch the raw container configuration from OneCLI.
 
 ```typescript
-const config = await oc.proxy().getContainerConfig();
+const config = await oc.client().getContainerConfig();
 // Returns: { env: Record<string, string>, mounts: ContainerMount[] }
 ```
 
-**Throws** `OneCLIRequestError` if the proxy returns a non-200 response.
+**Throws** `OneCLIRequestError` if OneCLI returns a non-200 response.
 
-#### `proxyClient.applyContainerConfig(args, options?)`
+#### `client.applyContainerConfig(args, options?)`
 
-Fetch the proxy config and push Docker flags onto the `args` array. Returns `true` if config was applied, `false` if the proxy was unreachable.
+Fetch the container config and push Docker flags onto the `args` array. Returns `true` if config was applied, `false` if OneCLI was unreachable.
 
 ```typescript
-const active = await oc.proxy().applyContainerConfig(args, {
-  combineCaBundle: true,  // Merge system + proxy CAs (default: true)
+const active = await oc.client().applyContainerConfig(args, {
+  combineCaBundle: true,  // Merge system + OneCLI CAs (default: true)
   addHostMapping: true,   // Add --add-host on Linux (default: true)
 });
 ```
 
 | Option           | Type      | Default | Description                                           |
 | ---------------- | --------- | ------- | ----------------------------------------------------- |
-| `combineCaBundle`| `boolean` | `true`  | Build combined CA bundle for system-wide proxy trust   |
+| `combineCaBundle`| `boolean` | `true`  | Build combined CA bundle for system-wide trust         |
 | `addHostMapping` | `boolean` | `true`  | Add `host.docker.internal` mapping on Linux            |
 
 **What it does:**
-1. Fetches `/container-config` from the proxy
+1. Fetches `/container-config` from OneCLI
 2. Pushes `-e KEY=VALUE` for each environment variable
 3. Pushes `-v host:container[:ro]` for each mount
-4. Builds a combined CA bundle (system CAs + proxy CA) so all tools trust the proxy
+4. Builds a combined CA bundle (system CAs + OneCLI CA) so all tools trust OneCLI
 5. Adds `--add-host host.docker.internal:host-gateway` on Linux
 
 ---
 
-### `applyProxyConfig(args, proxyUrl?)`
+### `applyOneCLIConfig(args, onecliUrl?)`
 
-Standalone convenience function. Equivalent to creating a `ProxyClient` and calling `applyContainerConfig`.
+Standalone convenience function. Equivalent to creating a `Client` and calling `applyContainerConfig`.
 
 ```typescript
-import { applyProxyConfig } from "@onecli/sdk";
+import { applyOneCLIConfig } from "@onecli/sdk";
 
-const active = await applyProxyConfig(args, "http://localhost:18080");
+const active = await applyOneCLIConfig(args, "http://localhost:18080");
 // Pass undefined/null to skip (returns false immediately)
 ```
 
@@ -189,7 +189,7 @@ General SDK error.
 import { OneCLIError } from "@onecli/sdk";
 
 try {
-  oc.proxy(); // throws if no proxy URL configured
+  oc.client(); // throws if no OneCLI URL configured
 } catch (error) {
   if (error instanceof OneCLIError) {
     console.error(error.message);
@@ -205,7 +205,7 @@ HTTP request error with context.
 import { OneCLIRequestError } from "@onecli/sdk";
 
 try {
-  await oc.proxy().getContainerConfig();
+  await oc.client().getContainerConfig();
 } catch (error) {
   if (error instanceof OneCLIRequestError) {
     console.error(error.url);        // Request URL
@@ -232,16 +232,16 @@ import type {
 
 ## How It Works
 
-The OneCLI proxy runs on the host machine and acts as a MITM proxy for containerized agents. When a container makes HTTPS requests to intercepted domains (e.g. `api.anthropic.com`), the proxy:
+OneCLI runs on the host machine and acts as a MITM proxy for containerized agents. When a container makes HTTPS requests to intercepted domains (e.g. `api.anthropic.com`), OneCLI:
 
 1. Terminates TLS using a local CA certificate
 2. Inspects the request and injects real credentials (replacing placeholder tokens)
 3. Forwards the request to the upstream service
 4. Returns the response to the container
 
-This means **containers never see real API keys**. They only have placeholder tokens that the proxy swaps out transparently.
+This means **containers never see real API keys**. They only have placeholder tokens that OneCLI swaps out transparently.
 
-The SDK configures containers with the right environment variables (`HTTPS_PROXY`, `NODE_EXTRA_CA_CERTS`) and volume mounts (proxy CA certificate) so this works automatically.
+The SDK configures containers with the right environment variables (`HTTPS_PROXY`, `NODE_EXTRA_CA_CERTS`) and volume mounts (OneCLI CA certificate) so this works automatically.
 
 ## Development
 

src/client.ts

@@ -1,34 +1,34 @@
 import { OneCLIError } from "./errors.js";
-import { ProxyClient } from "./proxy/index.js";
+import { Client } from "./container/index.js";
 import type { OneCLIOptions } from "./types.js";
 
 const DEFAULT_TIMEOUT = 5000;
 
 export class OneCLI {
-  private proxyUrl: string | undefined;
+  private onecliUrl: string | undefined;
   private timeout: number;
 
-  private proxyClient: ProxyClient | undefined;
+  private _client: Client | undefined;
 
   constructor(options?: OneCLIOptions) {
-    this.proxyUrl = options?.proxyUrl ?? process.env.ONECLI_PROXY_URL;
+    this.onecliUrl = options?.onecliUrl ?? process.env.ONECLI_URL;
     this.timeout = options?.timeout ?? DEFAULT_TIMEOUT;
 
-    if (this.proxyUrl) {
-      this.proxyClient = new ProxyClient(this.proxyUrl, this.timeout);
+    if (this.onecliUrl) {
+      this._client = new Client(this.onecliUrl, this.timeout);
     }
   }
 
   /**
-   * Access the proxy client for container configuration.
-   * Throws if no proxy URL was configured.
+   * Access the OneCLI client for container configuration.
+   * Throws if no OneCLI URL was configured.
    */
-  proxy = (): ProxyClient => {
-    if (!this.proxyClient) {
+  client = (): Client => {
+    if (!this._client) {
       throw new OneCLIError(
-        'No proxy URL configured. Pass { proxyUrl: "..." } to OneCLI() or set the ONECLI_PROXY_URL environment variable.',
+        'No OneCLI URL configured. Pass { onecliUrl: "..." } to OneCLI() or set the ONECLI_URL environment variable.',
       );
     }
-    return this.proxyClient;
+    return this._client;
   };
 }

src/proxy/container.ts src/container/container.tssrc/proxy/container.ts renamed to src/container/container.ts

@@ -9,22 +9,22 @@ const SYSTEM_CA_PATHS = [
 ];
 
 /**
- * Build a combined CA bundle (system CAs + proxy CA) on the host.
+ * Build a combined CA bundle (system CAs + OneCLI CA) on the host.
  * Returns the path to the combined file, or `null` on failure.
  */
-export function buildCombinedCaBundle(proxyCaHostPath: string): string | null {
-  let proxyCa: string;
+export function buildCombinedCaBundle(onecliCaHostPath: string): string | null {
+  let onecliCa: string;
   try {
-    proxyCa = readFileSync(proxyCaHostPath, "utf8");
+    onecliCa = readFileSync(onecliCaHostPath, "utf8");
   } catch {
     return null;
   }
 
   for (const sysPath of SYSTEM_CA_PATHS) {
     try {
       const sysCa = readFileSync(sysPath, "utf8");
-      const combined = sysCa.trimEnd() + "\n" + proxyCa.trimEnd() + "\n";
-      const outPath = join(dirname(proxyCaHostPath), "combined-ca.crt");
+      const combined = sysCa.trimEnd() + "\n" + onecliCa.trimEnd() + "\n";
+      const outPath = join(dirname(onecliCaHostPath), "combined-ca.crt");
       writeFileSync(outPath, combined);
       return outPath;
     } catch {

src/proxy/index.ts src/container/index.tssrc/proxy/index.ts renamed to src/container/index.ts

@@ -6,21 +6,21 @@ import type {
   ContainerMount,
 } from "./types.js";
 
-export class ProxyClient {
-  private proxyUrl: string;
+export class Client {
+  private onecliUrl: string;
   private timeout: number;
 
-  constructor(proxyUrl: string, timeout: number) {
-    this.proxyUrl = proxyUrl.replace(/\/+$/, "");
+  constructor(onecliUrl: string, timeout: number) {
+    this.onecliUrl = onecliUrl.replace(/\/+$/, "");
     this.timeout = timeout;
   }
 
   /**
-   * Fetch the raw container configuration from the proxy.
-   * Returns the env vars and mounts the proxy wants injected into the container.
+   * Fetch the raw container configuration from OneCLI.
+   * Returns the env vars and mounts to inject into the container.
    */
   getContainerConfig = async (): Promise<ContainerConfig> => {
-    const url = `${this.proxyUrl}/container-config`;
+    const url = `${this.onecliUrl}/container-config`;
 
     try {
       const res = await fetch(url, {
@@ -29,7 +29,7 @@ export class ProxyClient {
 
       if (!res.ok) {
         throw new OneCLIRequestError(
-          `Proxy returned ${res.status} ${res.statusText}`,
+          `OneCLI returned ${res.status} ${res.statusText}`,
           { url, statusCode: res.status },
         );
       }
@@ -47,10 +47,10 @@ export class ProxyClient {
   };
 
   /**
-   * Fetch the proxy's container config and push the corresponding
+   * Fetch the container config from OneCLI and push the corresponding
    * `-e` and `-v` flags onto the Docker `run` argument array.
    *
-   * Returns `true` if the proxy was reachable and config was applied.
+   * Returns `true` if OneCLI was reachable and config was applied.
    *
    * @param args  The Docker `run` argument array to mutate.
    * @param options  Optional configuration for the apply behavior.

src/proxy/types.ts src/container/types.tssrc/proxy/types.ts renamed to src/container/types.ts

@@ -11,8 +11,8 @@ export interface ContainerConfig {
 
 export interface ApplyContainerConfigOptions {
   /**
-   * Build a combined CA bundle (system CAs + proxy CA) for full system trust.
-   * When enabled, tools like curl, Python, and Go will also trust the proxy.
+   * Build a combined CA bundle (system CAs + OneCLI CA) for full system trust.
+   * When enabled, tools like curl, Python, and Go will also trust OneCLI.
    * @default true
    */
   combineCaBundle?: boolean;

src/index.ts

@@ -1,36 +1,36 @@
 export { OneCLI } from "./client.js";
-export { ProxyClient } from "./proxy/index.js";
+export { Client } from "./container/index.js";
 export { OneCLIError, OneCLIRequestError } from "./errors.js";
 
 export type { OneCLIOptions } from "./types.js";
 export type {
   ContainerConfig,
   ContainerMount,
   ApplyContainerConfigOptions,
-} from "./proxy/types.js";
+} from "./container/types.js";
 
 // ---------------------------------------------------------------------------
 // Standalone convenience function
 // ---------------------------------------------------------------------------
 
-import { ProxyClient } from "./proxy/index.js";
+import { Client } from "./container/index.js";
 
 /**
- * Standalone helper: fetch the proxy's container config and push the
+ * Standalone helper: fetch the container config from OneCLI and push the
  * corresponding `-e` and `-v` flags onto a Docker `run` argument array.
  *
- * Returns `true` if the proxy was reachable and config was applied,
+ * Returns `true` if OneCLI was reachable and config was applied,
  * `false` otherwise.
  *
- * @param args      Docker `run` argument array to mutate.
- * @param proxyUrl  Base URL of the proxy (e.g. "http://localhost:18080").
- *                  Pass `undefined` / `null` to skip (returns `false`).
+ * @param args       Docker `run` argument array to mutate.
+ * @param onecliUrl  Base URL of OneCLI (e.g. "http://localhost:18080").
+ *                   Pass `undefined` / `null` to skip (returns `false`).
  */
-export async function applyProxyConfig(
+export async function applyOneCLIConfig(
   args: string[],
-  proxyUrl?: string | null,
+  onecliUrl?: string | null,
 ): Promise<boolean> {
-  if (!proxyUrl) return false;
-  const client = new ProxyClient(proxyUrl, 3000);
+  if (!onecliUrl) return false;
+  const client = new Client(onecliUrl, 3000);
   return client.applyContainerConfig(args);
 }