- M7: ResolveToken accepts the token via the HF_TOKEN env var (so it need
not appear in argv, where it's visible in ps/shell history); the HTTP
client refuses to send a token / API key over plaintext http:// to a
non-loopback host (use https://). Loopback http is still allowed for
local dev.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- config: resolve binary dir, load/save .hf-config.json
- mode: detect padded-cell vs manual mode via pass_mgr
- client: HTTP client wrapper with auth header support
- passmgr: pass_mgr integration (get-secret, set, generate)
- output: human-readable + JSON output formatting with tables
- help: help and help-brief renderer for groups/commands
- commands: version, health, config (--url, --acc-mgr-token, show)
- auth: token resolution helper (padded-cell auto / manual explicit)
- main: command dispatcher with --json global flag support
- README: updated with current package layout and status
