v0.10.0

Changed

• Packaging metadata: Refreshed the package description, keywords, and classifiers, bumped Development Status to 4 - Beta, and updated the project URLs (Homepage now points to https://reverseapi.dev, added Documentation and Changelog)
• Source distribution excludes website/: The marketing site under website/ (Astro/Cloudflare Pages source) is now excluded from the sdist build so it no longer ships inside the PyPI package; the wheel already only packaged src/reverse_api

Added

• agent_provider: "agent-browser": Shell-driven Vercel agent-browser CLI—RAE prefers an agent-browser binary on PATH, otherwise runs npm install -g <pin> (with a console notice), validates --help, and only then falls back to npx -y <pin> if npm cannot install. Prompts embed the resolved shell prefix plus skills get … / skills list, HAR flows, and optional agent_browser_notes. No bundled browser MCP shim; pin via agent_browser_npx_package / RAE_AGENT_BROWSER_PACKAGE.

Added

• Cursor SDK support: Added sdk=cursor / --sdk cursor engineering support through a bundled Node bridge around the Cursor TypeScript SDK. Cursor runs use the configured Cursor model (default composer-2), accept MCP server configuration, resume Cursor agents across follow-up turns, and normalize streamed tool output plus token usage into the existing TUI/message-store flow
• Cursor bridge packaging: Bundled the src/reverse_api/cursor_bridge/ Node package so @cursor/sdk dependencies can be installed on demand when Cursor mode is first used

Fixed

• Manual REPL model resolution: Follow-up engineering now resolves model settings from the selected SDK, including Cursor, OpenCode, and Copilot
• Cursor streaming: Buffered Cursor model text before rendering so streamed deltas are shown as coherent blocks and no longer produce stray .. lines or bridge hangs
• Sync test compatibility: Restored the temporary-file helper used by the existing sync test surface

Removed

• Chrome extension and native messaging host: The chrome-extension/ workspace and the Python native_host module are removed. The install-host, uninstall-host, and run-host CLI subcommands no longer exist. The extension was an experimental/WIP capture surface that never reached parity with manual and agent modes; deleting it also eliminates a JS dev-tooling supply chain (vite, postcss, picomatch, rollup, prismjs) and the corresponding dependabot churn

Security

• Drop [pricing] extra (litellm): LiteLLM 1.83.7 patched 3 advisories (1 critical SQLi + 2 high RCE/SSTI) but hard-pins click==8.1.8, which would force a click downgrade for all users. The vulnerable code paths are all in the LiteLLM proxy server, which we do not run — we only used litellm as a library for cost lookups. Removed the optional dependency entirely; pricing.py keeps a graceful import-detect path so users who install litellm independently still get the extended model coverage
• cryptography >=46.0.7 (was >=46.0.6) — patches a buffer overflow on non-contiguous buffer inputs (medium)
• pytest >=9.0.3 (was >=8.0.0) — patches vulnerable tmpdir handling (medium, dev only)
• python-multipart >=0.0.27 (was 0.0.22 transitively via mcp) — patches DoS via large multipart preamble/epilogue (medium)

v0.9.0

Added

• Cursor SDK support via sdk=cursor / --sdk cursor, backed by a bundled Node bridge around the Cursor TypeScript SDK.
• Cursor bridge package files are shipped without node_modules; dependencies install on first Cursor use.

Fixed

• Manual REPL model resolution for Cursor, OpenCode, and Copilot SDK selections.
• Cursor streaming buffers model deltas into coherent blocks and avoids stray .. output / bridge hangs.
• Restored the sync temporary-file helper used by the existing sync test surface.

Removed / Security

• Removed the experimental Chrome extension/native host workspace and related CLI subcommands.
• Dropped the [pricing] LiteLLM extra and included dependency security bumps listed in the changelog.

v0.8.0 - Agent-friendly CLI

Highlights

This release makes reverse-api-engineer invocable from other agents and scripts via a structured non-interactive surface, and retires two providers and the legacy tag system.

Added

• Agent-friendly CLI: --json, --no-interactive, --dry-run, --headless, --json-schema-version v2
• Stable JSON contract: normalized usage shapes and error_kind enum for machine-readable error handling
• engineer --prompt / --fresh: replace @id <run_id> [--fresh] <prompt> REPL syntax with first-class flags
• Expanded --help epilogs with examples on every subcommand

Changed

• Prompts extracted to markdown templates under src/reverse_api/prompts/ for easier review
• New painted-ruins JPG banner

Removed (Breaking)

• browser-use and stagehand agent providers: upstream churn made them unreliable. Use auto (Playwright MCP) or chrome-mcp (Chrome DevTools MCP). The [agent] extra is gone; configs auto-migrate to auto
• Tag system (@record-only, @codegen, @id, @docs, @help): replaced by CLI flags. @codegen and @docs removed entirely (the latter returns later as a docs subcommand)
• agent --reverse-engineer/--no-engineer: was parsed but never wired through. Use manual --no-engineer for HAR-only recordings

Fixed

• engineer --json emits JSON even when RUN_ID is missing
• Follow-up prompt suppressed in --json / --no-interactive mode

---

📦 PyPI: https://pypi.org/project/reverse-api-engineer/0.8.0/
📜 Full changelog: https://github.com/kalil0321/reverse-api-engineer/blob/v0.8.0/CHANGELOG.md

v0.7.1

Trim sdist from 29MB to 503KB by excluding worktrees, plans, and demo GIFs.

v0.7.0

What's New

run command

Execute generated scripts directly from the CLI:

reverse-api-engineer run ashby                    # fuzzy match by name
reverse-api-engineer run a450e520ca30             # by run ID
reverse-api-engineer run ashby --ls               # list scripts
reverse-api-engineer run ashby --file api_client.py
reverse-api-engineer run ashby -- --org acme      # pass args to script

• Shared venv at ~/.reverse-api/runs/.venv with requests pre-installed
• Auto-install missing imports — offers to pip install and retry on ModuleNotFoundError
• Real-time output — stdout streams live, stderr captured for error detection

Security

• litellm >=1.83.0 (critical + high)
• requests >=2.33.0 (medium)
• aiohttp >=3.13.4 (4 medium + 6 low)
• pygments >=2.20.0 (low)
• cryptography >=46.0.6 (low)

Install / Upgrade

pip install -U reverse-api-engineer
# or
uv tool upgrade reverse-api-engineer

v0.6.0

See CHANGELOG.md.

PyPI: reverse-api-engineer 0.6.0

Highlights

• Chrome DevTools MCP (chrome-mcp) as an agent provider next to Playwright MCP (auto)
• Smaller sdist on PyPI (excludes local demo video, packed extension zip, store screenshots)
• Streaming fix: tool results fall back to result / output when content is empty

Install: uv tool install reverse-api-engineer==0.6.0 or pip install reverse-api-engineer==0.6.0

v0.5.0 - Follow-up chat, abort, AskUserQuestion free mode

What's New

Follow-up Chat

After a run completes, type follow-up messages to iterate in the same session — no new run IDs or folders. The agent retains full conversation context. Press Enter to finish and return to the REPL.

Abort Run (Ctrl+C)

Gracefully cancel a running agent/engineer session with Ctrl+C. Returns to the REPL instead of exiting the app.

AskUserQuestion Free Mode

All select/checkbox prompts now include "Other (type your answer)" so you can always provide free-text input. The agent prompt now documents free-form, multi-select, and multi-question capabilities.

Random Task Suggestions (Ctrl+R)

Press Ctrl+R in agent mode to fill the prompt with a random curated task idea. Press again to cycle through 20 examples.

Fixes

• Usage tracking: Token counts now accumulate across all follow-up turns instead of being overwritten
• Agent mode follow-up: Auto engineer now reuses the shared conversation loop

Install / Upgrade

uv tool install reverse-api-engineer --upgrade
# or
pip install reverse-api-engineer==0.5.0

Full Changelog: v0.4.5...v0.5.0

v0.4.5 - Fix stream closed errors

Fixed

• Stream closed errors (#51): Reverted from query() to ClaudeSDKClient which maintains a persistent bidirectional connection, eliminating "Error in hook callback hook_0: Stream closed" errors
• CLAUDECODE env var leak: Clear inherited CLAUDECODE env var from CLI subprocess to prevent nested session interference
• CLI stderr noise: Filter minified JS stack traces into a single clean error line (DEBUG=1 for full output)

Changed

• claude-agent-sdk: Bumped minimum version to 0.1.48
• Agent mode: No longer prompts for URL (agent navigates autonomously)
• Header UI: Version and task labels now use mode-specific colors

Upgrade

pip install --upgrade reverse-api-engineer
# or
uv tool install --upgrade reverse-api-engineer

Closes #51

v0.4.3

Fixed

• AskUserQuestion interactive prompt: Fixed interactive questionary UI not rendering in engineer and agent modes. Switched from ClaudeSDKClient to query() function, as ClaudeSDKClient silently auto-approves AskUserQuestion without triggering the can_use_tool callback

Install / Upgrade

pip install --upgrade reverse-api-engineer

v0.4.0 - List CLI subcommand

What's New

list CLI subcommand

Non-interactive command for discovering and querying generated scripts and runs.

# Rich table (compact)
reverse-api-engineer list

# Full table with all columns
reverse-api-engineer list --full

# JSON output for piping/scripting
reverse-api-engineer list --json

# Filter by mode, model, or prompt search
reverse-api-engineer list --mode auto --search "hn" --limit 5

Features:

• Rich table output (compact and full modes) and flat JSON array output
• Filter by mode (--mode), model (--model), prompt substring (--search), and result limit (--limit)
• Enriches each run with script directory path, file list, file count, and local copy detection

Full Changelog: v0.3.3...v0.4.0