feat(categories): add categories create to complete the v1 surface

[dgilperez]

Last-mile patch for #11: wraps POST /api/v1/categories, the only remaining /api/v1 write endpoint that wasn't exposed in the CLI.

Command

sure-cli categories create --name Food --color '#3b82f6'                           # dry-run
sure-cli categories create --name Food --color '#3b82f6' --apply                   # execute
sure-cli categories create --name Subscriptions --color '#10b981' \
  --icon wallet --parent-id <parent_id> --apply

Validation (mirrors upstream Category model)

Flag	Required?	Client-side check	Server-side check
--name	yes	non-whitespace presence	validates :name, presence: true, uniqueness: { scope: :family_id }
--color	yes	matches ^#[0-9A-Fa-f]{6}$ (same regex as the model)	format: { with: /\A#[0-9A-Fa-f]{6}\z/ }
--icon	no	propagated as-is	upstream category_params maps :icon → :lucide_icon; Category.suggested_icon(name) runs if blank
--parent-id	no	propagated as-is	upstream verifies the parent belongs to the family, 422s otherwise

Body is wrapped as {"category": {...}} to match params.require(:category).

Tests (TDD)

8 unit tests:

• RequiresName, RequiresColor, WhitespaceOnlyNameRejected
• ColorMustBeHex — rejects 3b82f6, blue, #abc, #GGGGGG, #3b82f6 (trailing space)
• AcceptsValidHex — accepts #3b82f6, #000000, #FFFFFF, #abcdef
• WrapsInCategoryKey — top-level category key + optional-field omission
• OptionalFields — icon + parent_id propagate
• TestCategoriesCreateRegistered — full flag set + resolved-name check

go test ./... green across the suite.

Coverage note

After this lands, the CLI mirrors every /api/v1 endpoint that is meaningfully usable from a shell. The remaining auth endpoints (signup, sso_*) are intentionally not wrapped — they are mobile-device-bound flows (require device_id, device_name, device_type, os_version, app_version) that don't fit a CLI use case.

Refs #11.

[coderabbitai]

Warning

Review limit reached

@dgilperez, we couldn't start this review because you've used your available PR reviews for now.

Your plan currently allows 1 review/hour. Refill in 50 minutes and 7 seconds.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more review capacity refills, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than trial, open-source, and free plans. In all cases, review capacity refills continuously over time.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 198309d2-7c07-4c68-b129-aabb678b7670

📥 Commits

Reviewing files that changed from the base of the PR and between a9210fe and 424e29c.

📒 Files selected for processing (4)

• README.md
• cmd/sure-cli/root/categories_create_test.go
• cmd/sure-cli/root/reference_cmds.go
• docs/ROADMAP.md

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch feat/cli-categories-create

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}