api.fallow.cloud.
Subcommands
activate
Activate a local JWT or start a 30-day email-gated trial.
- positional JWT argument
--from-file <path>--stdin
Flags
status
Print the current license status, tier, seats, enabled features, and expiry state.
refresh_after claim (issued at iat + 15 days by api.fallow.cloud) and that timestamp has already passed, status appends a one-line refresh hint. This is a proactive nudge while the license is still valid, not an error.
refresh
Fetch a fresh JWT for the currently active license.
deactivate
Remove the local license file.
Storage and precedence
By default, the local token is stored at~/.fallow/license.jwt. On Unix, fallow writes the file with mode 0600 (owner read/write only) so other users on the same host cannot read the bearer token. Windows relies on the ACL of the containing directory.
Lookup precedence is:
FALLOW_LICENSEFALLOW_LICENSE_PATH~/.fallow/license.jwt
FALLOW_LICENSE on shared CI runners where writing to a user home directory is not desirable.
Exit behavior
Common outcomes:Actionable error messages
When the backend returns a structured error envelope, fallow maps knowncode values to targeted hints instead of printing the raw HTTP body:
For unknown codes, fallow surfaces the backend’s
message field if present, otherwise the raw body.
Clock skew
License verification rejects JWTs whoseiat (issued-at) claim is more than 24 hours in the future relative to the local system clock. The same check catches both directions of skew: a JWT signed against a forward-shifted clock and a local machine whose clock is behind reality. Rejection surfaces as a license appears to be issued <duration> in the future error and exits non-zero so paid features fail closed instead of silently honoring a license the local clock cannot validate against.
Common non-user causes:
- CI containers booted without NTP.
- Machines with a dead BIOS battery.
- A laptop’s clock drifting after a long sleep.
FALLOW_LICENSE_SKEW_TOLERANCE_SECONDS=<seconds> for environments with predictable drift. Parsing is lenient: unset, empty, unparsable, or negative values all fall back to the default so a typo in a runner env block cannot fail license verification on its own.
See also
Runtime coverage
Understand what the paid runtime-coverage layer adds on top of health analysis.
Coverage setup
Guided first-run workflow that bootstraps the sidecar and writes a collection recipe.