fix(cli): summarize nested user/owner fields in -o table (FT-1942)

[joalves]

Summary

• Replaces the JSON-blob rendering of nested objects in -o table / -o vertical / -o markdown / -o plain with a smart summary: First Last, email, name, title, or the literal [object]. The root cause was formatValue doing JSON.stringify(value) on any nested object, which turned every created_by cell into a 600-char wall of JSON.
• Adds a summarizeRow to the list commands that previously dumped every API field:
  • apikeys, envs, goaltags, metriccategories, metrictags, roles, tags, units, webhooks
• Refactors the apps list summariser to reuse the shared formatUserSummary helper.
• formatOwner in entity-summary.ts now delegates to the same formatUserSummary, so curated row summaries and the default formatter agree.
• -o json and -o yaml are unchanged (they bypass formatValue entirely). --raw still returns the full untransformed API response for any list command.

JIRA

FT-1942 — CLI: clean up table output for commands that dump user/owner JSON blobs

Before / After

Before (the prompt that motivated this work — apikeys list -o table):

```
│ created_by │
│ {"id":4,"external_id":null,"email":"marcio@absmartly.com","first_name":"Márcio","last_name":"Martins",...} │
```

After:

```
│ created_by │
│ Márcio Martins │
```

Notes for reviewers

• A subtle behavior tightening in two places: formatOwner and the apps summarizeRow previously treated non-null/non-undefined values as user-shaped. They now require an actual object. In practice the API always returns either a User object or null/missing, so this is safer and not a regression.
• Date timestamps are passed through as raw ISO strings (consistent with the existing summarizeApiKeyRow / summarizeTagRow style added here, but inconsistent with summarizeGoal/summarizeUserRow which run them through formatDate). Aligning all summarizers on formatDate could be a small follow-up.

Test plan

• `bun run typecheck` clean
• `bun run lint` clean
• `bun run test:run` — 2412 passed, 4 skipped
• `abs api-keys list -o table --items 3` renders cleanly (10 columns, names not JSON)
• `abs envs list -o table --items 3` renders cleanly
• `abs goal-tags list -o table --items 3` renders cleanly
• `abs metric-categories list -o table --items 3` renders cleanly
• `abs metric-tags list -o table --items 3` renders cleanly
• `abs roles list -o table --items 3` renders cleanly
• `abs tags list -o table --items 3` renders cleanly
• `abs units list -o table --items 3` renders cleanly
• `abs webhooks list -o table --items 3` renders cleanly
• `abs apps list -o table --items 3` still renders cleanly (regression check)
• `abs api-keys list -o json --items 1 --raw` returns the full unsummarised API object

Summary by CodeRabbit

• New Features

  • Improved data display across list commands for environments, API keys, tags, roles, units, webhooks, and other resources with consistent formatting and complete field information.
  • Enhanced user information display with automatic name and email formatting in list outputs.

• Tests

  • Expanded test coverage for entity summarisation functions and display formatting.

[coderabbitai]

Walkthrough

This PR establishes object value summarisation utilities and extends entity-row formatting across the CLI's list commands. It introduces formatUserSummary and summarizeObjectValue in the formatter module to extract concise display strings from user and object values, then defines four new row-summariser functions in the entity-summary API (summarizeTagRow, summarizeMetricCategoryRow, summarizeNamedEntityRow, summarizeWebhookRow) that curate entity fields and flatten creator/updater information. These summarisers are then wired into ten list-command configurations (API keys, apps, environments, goal tags, metric categories, metric tags, roles, tags, units, and webhooks), with corresponding test updates to verify the richer output shapes.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• absmartly/cli-ts#2: Introduces the entity-summary foundation and related user-formatting utilities that form the base for this PR's extension of summarisation helpers across multiple commands.

Poem

🐰 A formatter's craft, now refined and true,
Object values summarised in graceful view—
Row after row, the list commands now sing,
With curated fields and audit fields that ring!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main change: summarizing nested user/owner fields in table output, directly addressing the root cause (JSON blobs being rendered instead of concise summaries).
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/FT-1942/table-user-summary

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

src/commands/apps/apps.test.ts (1)

56-59: ⚡ Quick win

Add coverage for created_by summarisation in the list assertion.

This matcher now only checks id/name, so the new created_by formatting path can regress unnoticed.

Suggested test tightening

-  const mockClient = {
-    listApplications: vi.fn().mockResolvedValue([{ id: 1, name: 'web' }]),
+  const mockClient = {
+    listApplications: vi.fn().mockResolvedValue([
+      {
+        id: 1,
+        name: 'web',
+        created_by: { first_name: 'Ada', last_name: 'Lovelace', email: 'ada@example.com' },
+      },
+    ]),
@@
-    expect(printFormatted).toHaveBeenCalledWith(
-      [expect.objectContaining({ id: 1, name: 'web' })],
-      expect.anything()
-    );
+    expect(printFormatted).toHaveBeenCalledWith(
+      [expect.objectContaining({ id: 1, name: 'web', created_by: 'Ada Lovelace' })],
+      expect.anything()
+    );

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/commands/apps/apps.test.ts` around lines 56 - 59, Update the test
assertion in apps.test.ts that checks printFormatted to also assert the
created_by summarisation is present and correctly formatted: locate the
expect(printFormatted).toHaveBeenCalledWith(...) assertion and extend the
expect.objectContaining payload for the app entry (id: 1, name: 'web') to
include a created_by property check (use a matcher like expect.stringMatching or
expect.any(String) with a regex that matches the expected summary format) so the
test will fail if the created_by formatting path regresses.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/commands/apikeys/apikeys.test.ts`:
- Line 115: The test contains a secret-like literal assigned to hashed_key which
can trigger leak scanners; replace the real-looking value in the test (the
hashed_key string in src/commands/apikeys/apikeys.test.ts) with an obviously
synthetic placeholder (e.g., "FAKE_HASHED_KEY_PLACEHOLDER" or similar) so it no
longer resembles a real credential; update any assertions or fixtures that
reference this exact value to use the new placeholder constant to keep tests
consistent.

---

Nitpick comments:
In `@src/commands/apps/apps.test.ts`:
- Around line 56-59: Update the test assertion in apps.test.ts that checks
printFormatted to also assert the created_by summarisation is present and
correctly formatted: locate the expect(printFormatted).toHaveBeenCalledWith(...)
assertion and extend the expect.objectContaining payload for the app entry (id:
1, name: 'web') to include a created_by property check (use a matcher like
expect.stringMatching or expect.any(String) with a regex that matches the
expected summary format) so the test will fail if the created_by formatting path
regresses.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 85e72daf-eeca-4159-b453-93891ba52240

📥 Commits

Reviewing files that changed from the base of the PR and between 690880f and 93bdf9d.

📒 Files selected for processing (19)

• src/api-client/entity-summary.test.ts
• src/api-client/entity-summary.ts
• src/commands/apikeys/apikeys.test.ts
• src/commands/apikeys/index.ts
• src/commands/apps/apps.test.ts
• src/commands/apps/index.ts
• src/commands/envs/envs.test.ts
• src/commands/envs/index.ts
• src/commands/goaltags/index.ts
• src/commands/metriccategories/index.ts
• src/commands/metrictags/index.ts
• src/commands/roles/index.ts
• src/commands/roles/roles.test.ts
• src/commands/tags/index.ts
• src/commands/units/index.ts
• src/commands/units/units.test.ts
• src/commands/webhooks/index.ts
• src/lib/output/formatter.test.ts
• src/lib/output/formatter.ts

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Replace the secret-like test literal with a clearly fake placeholder.

This value is patterned like a real credential and can trigger leak scanners in CI/history. Use an obviously synthetic constant instead.

Suggested change

-      hashed_key: 'X99upHMkKKM2XUpRuZ53YWCDx5G93SgB043EXx3LG5k=',
+      hashed_key: 'TEST_HASHED_KEY_PLACEHOLDER',

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	hashed_key: 'X99upHMkKKM2XUpRuZ53YWCDx5G93SgB043EXx3LG5k=',
	hashed_key: 'TEST_HASHED_KEY_PLACEHOLDER',

🧰 Tools

🪛 Betterleaks (1.2.0)

[high] 115-115: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/commands/apikeys/apikeys.test.ts` at line 115, The test contains a
secret-like literal assigned to hashed_key which can trigger leak scanners;
replace the real-looking value in the test (the hashed_key string in
src/commands/apikeys/apikeys.test.ts) with an obviously synthetic placeholder
(e.g., "FAKE_HASHED_KEY_PLACEHOLDER" or similar) so it no longer resembles a
real credential; update any assertions or fixtures that reference this exact
value to use the new placeholder constant to keep tests consistent.