feat(woot): add woot#1420
Conversation
Greptile SummaryThis PR adds a new read-only CLI (
Confidence Score: 5/5Safe to merge; the change is entirely additive, read-only, and well-tested with live dogfood evidence. All query-building paths sanitize inputs before GraphQL interpolation, the host-validation fix from the earlier review round is in place, and the write-operation guard uses correct depth tracking. No data is written to Woot, no existing code is modified, and the 90-file tree passes govulncheck, go vet, and a full phase-5 acceptance run. No files require special attention; the novel logic in Important Files Changed
|
woot
Discovered API spec for Woot's browser-facing GraphQL endpoint and adds a read-only CLI for searching current Woot deals.
API: woot | Category: commerce | Press version: 4.27.1
Spec: spec.yaml
Publication Path
New print
CLI Shape
Novel Commands
dealsWhat This CLI Does
dealsuses the same frontendsearchOffersGraphQL call as Woot's All Deals page, then filters titles, slugs, and item attributes locally. It can also reuse category, price, and page filters from a copied/alldealsURL.The generated
graphqlcommand now sends a small read-only default query and rejects mutation/subscription documents for custom--queryinput.Manuscripts
Validation Results
Publish Live Gate
Full live dogfood passed with a fresh
phase5-acceptance.json: 38 passed, 27 skipped, 0 failed.Additional live proof runs
woot-pp-cli deals rayon --limit 10000 --agent; it returned 9 live results and included the target Woot URL/title for8Pk Asst Mens S/S Rayon Tees.Public Safety Review
An adversarial review initially found path-leaking detailed dogfood output, missing proof for the Woot-specific
dealscommand, and read-only GraphQL enforcement risk. Those were fixed before push:publish-live-gate.jsonfrom shipped proofs.deals-live-proof.json.spec_pathto packagedspec.yaml.Re-check found no public blockers. Exact captured key scan over the committed publish tree returned zero matches.