feat: add named profile support

Add profile management to the CLI, allowing users to store and switch
between multiple LangSmith configurations (API key, endpoint, workspace)
via ~/.langsmith/config.toml.

New subcommands:
  langsmith profile create/list/show/delete/use

New flags:
  --profile, LANGSMITH_PROFILE env var

Resolution priority: flags > env vars > named profile > default profile.

Includes internal/config package for TOML config read/write and
comprehensive test coverage across config, profile commands, and
resolution logic.

Author: langchain-infra

go.mod

@@ -3,6 +3,7 @@ module github.com/langchain-ai/langsmith-cli
 go 1.25.0
 
 require (
+	github.com/BurntSushi/toml v1.6.0
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/websocket v1.5.3
 	github.com/hashicorp/yamux v0.1.2

go.sum

@@ -1,3 +1,5 @@
+github.com/BurntSushi/toml v1.6.0 h1:dRaEfpa2VI55EwlIW72hMRHdWouJeRF7TPYhI+AUQjk=
+github.com/BurntSushi/toml v1.6.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
 github.com/cenkalti/backoff/v5 v5.0.3 h1:ZN+IMa753KfX5hd8vVaMixjnqRZ3y8CuJKRKj1xcsSM=
 github.com/cenkalti/backoff/v5 v5.0.3/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw=
 github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=

internal/client/client.go

@@ -7,7 +7,6 @@ import (
 	"fmt"
 	"io"
 	"net/http"
-	"os"
 	"strings"
 	"time"
 
@@ -17,9 +16,10 @@ import (
 
 // Client wraps the LangSmith Go SDK and provides helpers for raw HTTP calls.
 type Client struct {
-	SDK    *langsmith.Client
-	apiKey string
-	apiURL string
+	SDK         *langsmith.Client
+	apiKey      string
+	apiURL      string
+	workspaceID string
 
 	// Cached session name → ID mappings (per invocation).
 	sessionCache map[string]string
@@ -34,7 +34,7 @@ func NormalizeURL(apiURL string) string {
 }
 
 // New creates a new Client.
-func New(apiKey, apiURL string) *Client {
+func New(apiKey, apiURL, workspaceID string) *Client {
 	normalized := NormalizeURL(apiURL)
 
 	opts := []option.RequestOption{
@@ -44,17 +44,18 @@ func New(apiKey, apiURL string) *Client {
 	if normalized != "" {
 		opts = append(opts, option.WithBaseURL(normalized))
 	}
-	// Forward LANGSMITH_WORKSPACE_ID to the SDK as the tenant ID.
+	// Forward workspaceID to the SDK as the tenant ID.
 	// The SDK already reads LANGSMITH_TENANT_ID, but LANGSMITH_WORKSPACE_ID
 	// is the documented env var for the CLI and MCP server.
-	if wsID := os.Getenv("LANGSMITH_WORKSPACE_ID"); wsID != "" {
-		opts = append(opts, option.WithTenantID(wsID))
+	if workspaceID != "" {
+		opts = append(opts, option.WithTenantID(workspaceID))
 	}
 
 	return &Client{
 		SDK:          langsmith.NewClient(opts...),
 		apiKey:       apiKey,
 		apiURL:       normalized,
+		workspaceID:  workspaceID,
 		sessionCache: make(map[string]string),
 	}
 }
@@ -110,8 +111,8 @@ func (c *Client) RawDo(ctx context.Context, method, path string, body io.Reader,
 
 	req.Header.Set("x-api-key", c.apiKey)
 	req.Header.Set("Content-Type", "application/json")
-	if wsID := os.Getenv("LANGSMITH_WORKSPACE_ID"); wsID != "" {
-		req.Header.Set("x-tenant-id", wsID)
+	if c.workspaceID != "" {
+		req.Header.Set("x-tenant-id", c.workspaceID)
 	}
 	for k, vals := range extraHeaders {
 		for _, v := range vals {
@@ -159,8 +160,8 @@ func (c *Client) rawRequest(ctx context.Context, method, path string, body any,
 
 	req.Header.Set("x-api-key", c.apiKey)
 	req.Header.Set("Content-Type", "application/json")
-	if wsID := os.Getenv("LANGSMITH_WORKSPACE_ID"); wsID != "" {
-		req.Header.Set("x-tenant-id", wsID)
+	if c.workspaceID != "" {
+		req.Header.Set("x-tenant-id", c.workspaceID)
 	}
 
 	httpClient := &http.Client{Timeout: 30 * time.Second}

internal/client/client_test.go

@@ -35,7 +35,7 @@ func TestNormalizeURL(t *testing.T) {
 // ---------- New ----------
 
 func TestNew_CreatesClient(t *testing.T) {
-	c := New("test-key", "http://localhost:1234")
+	c := New("test-key", "http://localhost:1234", "")
 	if c == nil {
 		t.Fatal("expected non-nil client")
 	}
@@ -54,14 +54,14 @@ func TestNew_CreatesClient(t *testing.T) {
 }
 
 func TestNew_TrimsTrailingSlash(t *testing.T) {
-	c := New("key", "http://example.com/")
+	c := New("key", "http://example.com/", "")
 	if c.apiURL != "http://example.com" {
 		t.Errorf("expected trailing slash trimmed, got %q", c.apiURL)
 	}
 }
 
 func TestNew_EmptyURL(t *testing.T) {
-	c := New("key", "")
+	c := New("key", "", "")
 	if c.apiURL != "" {
 		t.Errorf("expected empty apiURL, got %q", c.apiURL)
 	}
@@ -87,7 +87,7 @@ func TestRawGet_Success(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("my-key", ts.URL)
+	c := New("my-key", ts.URL, "")
 	var result map[string]string
 	err := c.RawGet(context.Background(), "/test/path", &result)
 	if err != nil {
@@ -104,7 +104,7 @@ func TestRawGet_HTTPError(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "")
 	var result map[string]any
 	err := c.RawGet(context.Background(), "/fail", &result)
 	if err == nil {
@@ -122,7 +122,7 @@ func TestRawGet_NilResult(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "")
 	err := c.RawGet(context.Background(), "/path", nil)
 	if err != nil {
 		t.Fatalf("unexpected error: %v", err)
@@ -147,7 +147,7 @@ func TestRawPost_Success(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "")
 	var result map[string]string
 	err := c.RawPost(context.Background(), "/create", map[string]any{"name": "test"}, &result)
 	if err != nil {
@@ -165,7 +165,7 @@ func TestRawPost_NilBody(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "")
 	err := c.RawPost(context.Background(), "/path", nil, nil)
 	if err != nil {
 		t.Fatalf("unexpected error: %v", err)
@@ -187,7 +187,7 @@ func TestRawDelete_Success(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "")
 	err := c.RawDelete(context.Background(), "/items/abc", nil)
 	if err != nil {
 		t.Fatalf("unexpected error: %v", err)
@@ -200,7 +200,7 @@ func TestRawDelete_HTTPError(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "")
 	err := c.RawDelete(context.Background(), "/missing", nil)
 	if err == nil {
 		t.Fatal("expected error for 404")
@@ -219,13 +219,11 @@ func TestRawRequest_SetsAPIKeyHeader(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("secret-key", ts.URL)
+	c := New("secret-key", ts.URL, "")
 	_ = c.RawGet(context.Background(), "/test", nil)
 }
 
 func TestRawRequest_SetsWorkspaceHeader(t *testing.T) {
-	t.Setenv("LANGSMITH_WORKSPACE_ID", "ws-123")
-
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if got := r.Header.Get("x-tenant-id"); got != "ws-123" {
 			t.Errorf("expected x-tenant-id=ws-123, got %q", got)
@@ -235,13 +233,11 @@ func TestRawRequest_SetsWorkspaceHeader(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "ws-123")
 	_ = c.RawGet(context.Background(), "/test", nil)
 }
 
 func TestRawRequest_NoWorkspaceHeaderWhenUnset(t *testing.T) {
-	t.Setenv("LANGSMITH_WORKSPACE_ID", "")
-
 	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if got := r.Header.Get("x-tenant-id"); got != "" {
 			t.Errorf("expected empty x-tenant-id, got %q", got)
@@ -251,14 +247,14 @@ func TestRawRequest_NoWorkspaceHeaderWhenUnset(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "")
 	_ = c.RawGet(context.Background(), "/test", nil)
 }
 
 // ---------- Error cases ----------
 
 func TestRawGet_InvalidURL(t *testing.T) {
-	c := New("key", "http://127.0.0.1:1") // unlikely to be listening
+	c := New("key", "http://127.0.0.1:1", "") // unlikely to be listening
 	err := c.RawGet(context.Background(), "/test", nil)
 	if err == nil {
 		t.Fatal("expected error for unreachable server")
@@ -272,7 +268,7 @@ func TestRawGet_InvalidJSON(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "")
 	var result map[string]any
 	err := c.RawGet(context.Background(), "/test", &result)
 	if err == nil {
@@ -291,7 +287,7 @@ func TestRawRequest_400Error(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "")
 	err := c.RawGet(context.Background(), "/test", nil)
 	if err == nil {
 		t.Fatal("expected error for 400")
@@ -307,7 +303,7 @@ func TestRawRequest_500Error(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "")
 	err := c.RawPost(context.Background(), "/test", map[string]string{"a": "b"}, nil)
 	if err == nil {
 		t.Fatal("expected error for 500")
@@ -336,7 +332,7 @@ func TestRawDo_ReturnsStatusAndBody(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("my-key", ts.URL)
+	c := New("my-key", ts.URL, "")
 	status, hdr, body, err := c.RawDo(context.Background(), "PATCH", "/api/v1/sessions", nil, nil)
 	if err != nil {
 		t.Fatalf("unexpected error: %v", err)
@@ -360,7 +356,7 @@ func TestRawDo_WithBodyReader(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "")
 	status, _, body, err := c.RawDo(context.Background(), "POST", "/create", strings.NewReader(`{"name":"test"}`), nil)
 	if err != nil {
 		t.Fatalf("unexpected error: %v", err)
@@ -386,7 +382,7 @@ func TestRawDo_ExtraHeaders(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "")
 	extra := http.Header{"X-Custom": []string{"hello"}}
 	_, _, _, err := c.RawDo(context.Background(), "GET", "/test", nil, extra)
 	if err != nil {
@@ -401,7 +397,7 @@ func TestRawDo_Returns4xxWithoutError(t *testing.T) {
 	}))
 	defer ts.Close()
 
-	c := New("key", ts.URL)
+	c := New("key", ts.URL, "")
 	status, _, body, err := c.RawDo(context.Background(), "GET", "/test", nil, nil)
 	if err != nil {
 		t.Fatalf("unexpected error: %v", err)
@@ -417,14 +413,14 @@ func TestRawDo_Returns4xxWithoutError(t *testing.T) {
 // ---------- Accessors ----------
 
 func TestAPIKey(t *testing.T) {
-	c := New("secret", "http://localhost")
+	c := New("secret", "http://localhost", "")
 	if c.APIKey() != "secret" {
 		t.Errorf("expected secret, got %q", c.APIKey())
 	}
 }
 
 func TestAPIURL(t *testing.T) {
-	c := New("key", "http://localhost:1234")
+	c := New("key", "http://localhost:1234", "")
 	if c.APIURL() != "http://localhost:1234" {
 		t.Errorf("expected http://localhost:1234, got %q", c.APIURL())
 	}

internal/cmd/api/request.go

@@ -16,7 +16,7 @@ import (
 // runRequest executes an HTTP request and writes the response to w.
 // Returns the HTTP status code and any transport-level error.
 func runRequest(apiURL, apiKey, method, path, body string, headers []string, include bool, w io.Writer) (int, error) {
-	c := client.New(apiKey, apiURL)
+	c := client.New(apiKey, apiURL, "")
 
 	fullURL := resolveEndpoint(apiURL, path)
 	// RawDo prepends apiURL, so compute the relative path.
@@ -28,7 +28,7 @@ func runRequest(apiURL, apiKey, method, path, body string, headers []string, inc
 	} else if strings.HasPrefix(fullURL, "http://") || strings.HasPrefix(fullURL, "https://") {
 		// Full URL to a different host — use empty-base client so RawDo
 		// doesn't prepend apiURL.
-		c = client.New(apiKey, "")
+		c = client.New(apiKey, "", "")
 	}
 
 	// Resolve body