fix: people get defaults to self, tolerates 403 on restricted sections

- `zeltapp people get` (no arg) and `zeltapp people get me` both fetch the
  current user
- default sections changed to basic/about/work-contact/role (universally
  readable by managers); previous default included `personal` which is
  self-only and 403'd for any other user
- per-section 403/404 is now skipped with a stderr note rather than aborting
  the whole command; --strict restores hard-fail behaviour
- changelog config: group commits by type with emoji headers instead of
  dropping docs/chore commits entirely (which left v0.0.2 with an empty
  release body)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: brtkwr

.goreleaser.yaml

@@ -43,9 +43,25 @@ brews:
 
 changelog:
   sort: asc
+  use: github
+  groups:
+    - title: "🚀 Features"
+      regexp: '^.*?feat(\(.+\))??!?:.+$'
+      order: 0
+    - title: "🐛 Bug fixes"
+      regexp: '^.*?fix(\(.+\))??!?:.+$'
+      order: 1
+    - title: "📚 Documentation"
+      regexp: '^.*?docs(\(.+\))??!?:.+$'
+      order: 2
+    - title: "🛠 Maintenance"
+      regexp: '^.*?(chore|build|refactor|style|perf)(\(.+\))??!?:.+$'
+      order: 3
+    - title: Other
+      order: 999
   filters:
     exclude:
-      - "^docs:"
       - "^test:"
-      - "^chore:"
       - "^ci:"
+      - "Merge pull request"
+      - "Merge branch"

cmd/zeltapp/people.go

@@ -4,12 +4,36 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"os"
 	"strconv"
 	"strings"
 
 	"github.com/spf13/cobra"
 )
 
+// fetchManyForUserTolerant is like fetchManyForUser but skips paths the user
+// can't read (403/404) instead of aborting. Returns the partial results,
+// the list of skipped sections, and a hard error only for other failures.
+func fetchManyForUserTolerant(c *client, userID int, strict bool, paths ...string) (map[string]json.RawMessage, []string, error) {
+	out := map[string]json.RawMessage{}
+	var skipped []string
+	for _, p := range paths {
+		var v json.RawMessage
+		full := fmt.Sprintf("/apiv2/users/%d/%s", userID, p)
+		err := c.do("GET", full, nil, &v)
+		if err != nil {
+			var ae *apiError
+			if !strict && errors.As(err, &ae) && (ae.Status == 403 || ae.Status == 404) {
+				skipped = append(skipped, p)
+				continue
+			}
+			return nil, nil, err
+		}
+		out[p] = v
+	}
+	return out, skipped, nil
+}
+
 // peopleCacheEntry is a tolerant view of /apiv2/users/cache rows. Zelt may
 // return more fields; we only project the ones useful for listing.
 type peopleCacheEntry struct {
@@ -122,29 +146,49 @@ func peopleSearchCmd() *cobra.Command {
 
 func peopleGetCmd() *cobra.Command {
 	var sections []string
+	var strict bool
 	cmd := &cobra.Command{
-		Use:   "get ID_OR_EMAIL",
-		Short: "Get one person's profile by userId or email",
-		Args:  cobra.ExactArgs(1),
+		Use:   "get [ID_OR_EMAIL|me]",
+		Short: "Get one person's profile by userId, email, or `me` (default: me)",
+		Args:  cobra.MaximumNArgs(1),
 		RunE: func(cmd *cobra.Command, args []string) error {
 			return withClient(func(c *client) error {
-				id, err := resolveUserID(c, args[0])
-				if err != nil {
-					return err
+				target := "me"
+				if len(args) == 1 {
+					target = args[0]
+				}
+				var id int
+				if target == "me" || target == "self" {
+					id = c.session.UserID
+				} else {
+					var err error
+					id, err = resolveUserID(c, target)
+					if err != nil {
+						return err
+					}
 				}
 				if len(sections) == 0 {
-					sections = []string{"basic", "personal", "role", "work-contact"}
+					// Default to sections you can typically read for any user:
+					// basic, about, work-contact, role. Self has access to more
+					// (personal, address, family, etc) — pass --sections explicitly
+					// to request those.
+					sections = []string{"basic", "about", "work-contact", "role"}
 				}
-				out, err := fetchManyForUser(c, id, sections...)
+				out, skipped, err := fetchManyForUserTolerant(c, id, strict, sections...)
 				if err != nil {
 					return err
 				}
+				if len(skipped) > 0 {
+					fmt.Fprintf(os.Stderr, "skipped (no access): %s\n", strings.Join(skipped, ", "))
+				}
 				return printResult(out)
 			})
 		},
 	}
 	cmd.Flags().StringSliceVar(&sections, "sections", nil,
-		"comma-separated subpaths under /apiv2/users/<id>/ (default: basic,personal,role,work-contact)")
+		"comma-separated subpaths under /apiv2/users/<id>/ (default: basic,about,work-contact,role)")
+	cmd.Flags().BoolVar(&strict, "strict", false,
+		"fail on the first 403/404 instead of skipping that section")
 	return cmd
 }
 

cmd/zeltapp/people_test.go

@@ -115,20 +115,49 @@ func TestCmd_PeopleSearch_NoMatches(t *testing.T) {
 func TestCmd_PeopleGetByID(t *testing.T) {
 	srv, st, _, buf := withTestEnv(t)
 	_ = srv
-	for _, p := range []string{"basic", "personal", "role", "work-contact"} {
+	for _, p := range []string{"basic", "about", "work-contact", "role"} {
 		st.jsonRoute("GET", fmt.Sprintf("/apiv2/users/%d/%s", 1001, p), 200,
 			mustJSON(map[string]any{"_section": p}))
 	}
 	if err := runCmd(t, "people", "get", "1001"); err != nil {
 		t.Fatal(err)
 	}
-	for _, want := range []string{"basic", "personal", "role", "work-contact"} {
+	for _, want := range []string{"basic", "about", "work-contact", "role"} {
 		if !strings.Contains(buf.String(), want) {
 			t.Errorf("expected %q in get output: %s", want, buf.String())
 		}
 	}
 }
 
+func TestCmd_PeopleGet_SkipsForbiddenSections(t *testing.T) {
+	srv, st, _, buf := withTestEnv(t)
+	_ = srv
+	st.jsonRoute("GET", "/apiv2/users/1001/basic", 200, mustJSON(map[string]any{"firstName": "X"}))
+	st.jsonRoute("GET", "/apiv2/users/1001/about", 403, []byte(`{"message":"Forbidden"}`))
+	st.jsonRoute("GET", "/apiv2/users/1001/work-contact", 200, mustJSON(map[string]any{"email": "x@y"}))
+	st.jsonRoute("GET", "/apiv2/users/1001/role", 200, mustJSON(map[string]any{"title": "eng"}))
+	if err := runCmd(t, "people", "get", "1001"); err != nil {
+		t.Fatalf("expected success despite 403 on `about`: %v", err)
+	}
+	if !strings.Contains(buf.String(), "basic") {
+		t.Errorf("expected basic in output: %s", buf.String())
+	}
+	if strings.Contains(buf.String(), `"about":`) {
+		t.Errorf("about should be skipped (forbidden): %s", buf.String())
+	}
+}
+
+func TestCmd_PeopleGet_StrictModeFailsOnForbidden(t *testing.T) {
+	srv, st, _, _ := withTestEnv(t)
+	_ = srv
+	st.jsonRoute("GET", "/apiv2/users/1001/basic", 200, []byte(`{}`))
+	st.jsonRoute("GET", "/apiv2/users/1001/about", 403, []byte(`{"message":"Forbidden"}`))
+	err := runCmd(t, "people", "get", "1001", "--strict")
+	if err == nil {
+		t.Fatal("expected error in strict mode on 403")
+	}
+}
+
 func TestCmd_PeopleGetByEmail(t *testing.T) {
 	srv, st, _, _ := withTestEnv(t)
 	_ = srv