basecamp · jeremy · Mar 7, 2026 · Mar 6, 2026 · Mar 6, 2026 · Mar 6, 2026
diff --git a/internal/commands/auth.go b/internal/commands/auth.go
@@ -131,38 +131,35 @@ var authLogoutCmd = &cobra.Command{
 }
 
 func authLogoutAll() error {
-	if creds != nil {
-		// Collect all known profile/account names to clean up every key format
-		names := map[string]bool{}
+	// Collect all known profile/account names to clean up every key format
+	names := map[string]bool{}
 
-		if profiles != nil {
-			allProfiles, _, _ := profiles.List()
-			for name := range allProfiles {
-				names[name] = true
-			}
+	if profiles != nil {
+		allProfiles, _, _ := profiles.List()
+		for name := range allProfiles {
+			names[name] = true
 		}
+	}
 
-		// Also include the YAML config's Account in case it's not in the profile store
-		globalCfg := config.LoadGlobal()
-		if globalCfg.Account != "" {
-			names[globalCfg.Account] = true
-		}
+	// Also include the YAML config's Account in case it's not in the profile store
+	globalCfg := config.LoadGlobal()
+	if globalCfg.Account != "" {
+		names[globalCfg.Account] = true
+	}
 
-		for name := range names {
+	for name := range names {
+		if creds != nil {
 			_ = credsDeleteProfileToken(name) // "profile:<name>"
 			_ = creds.Delete("token:" + name) // legacy "token:<account>"
 		}
-		// Legacy bare key
-		_ = creds.Delete("token")
-	}
-
-	// Delete all profiles from the store
-	if profiles != nil {
-		allProfiles, _, _ := profiles.List()
-		for name := range allProfiles {
+		if profiles != nil {
 			_ = profiles.Delete(name)
 		}
 	}
+	if creds != nil {
+		// Legacy bare key
+		_ = creds.Delete("token")
+	}
 
 	// Clear config
 	if err := config.Delete(); err != nil {
@@ -326,17 +323,28 @@ var authSwitchCmd = &cobra.Command{
 			}
 		}
 
+		// Read the target profile's board from Extra
+		var profileBoard string
+		if profiles != nil {
+			if p, err := profiles.Get(profileName); err == nil {
+				if boardRaw, ok := p.Extra["board"]; ok {
+					_ = json.Unmarshal(boardRaw, &profileBoard)
+				}
+			}
+		}
+
 		// Update YAML config for backward compat
 		globalCfg := config.LoadGlobal()
 		globalCfg.Account = profileName
-		globalCfg.Board = "" // Clear board since it's profile-specific
+		globalCfg.Board = profileBoard
 		if err := globalCfg.Save(); err != nil {
 			return &output.Error{Code: output.CodeAPI, Message: err.Error()}
 		}
 
 		// Update in-memory config
 		if cfg != nil {
 			cfg.Account = profileName
+			cfg.Board = profileBoard
 			if creds != nil {
 				if t, err := credsLoadProfileToken(profileName); err == nil {
 					cfg.Token = t

diff --git a/internal/commands/banner.go b/internal/commands/banner.go
@@ -0,0 +1,35 @@
+package commands
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/mattn/go-isatty"
+)
+
+const banner = `
+⠀⡀⠄⠀⣤⣤⡄⠠⢠⣤⣤⠀⠄⣠⣤⣤⠀⠠⣠⣤⣄⠠⠀⣤⣤⡄⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀⠠⠀
+⠀⠀⠄⢸⣿⣿⡇⠠⢸⣿⣿⡇⠀⣿⣿⡿⡇⢈⣿⣿⣿⠀⢸⣿⣿⡇⢀⠈⡀⢈⠀⡈⢀⠈⡀⢈⠀⡈⢀⠈⡀⢈⠀⡈⢀⠈⡀⢈⠀⡈⢀⠈⡀⢈⠀⡈⢀⠈⡀⢈⠀⡈⢀⠈⠠⠈⢀⠈⡀⢈⠀⡈⢀⠈⡀⢈⠀⡈⠠⠀
+⠀⢁⠠⢸⣿⡿⡇⠀⢸⣿⡿⡇⠀⣿⣿⢿⡃⠠⣿⣿⣾⠀⢸⣿⣽⡇⠀⠠⠀⠄⠠⠀⣦⣦⣦⣦⣦⣦⣦⣦⣦⠀⢰⣾⣷⡦⠀⠄⠠⠀⠄⠠⠀⠄⠠⠀⠄⠠⠀⠄⠠⠀⠄⠐⢀⠈⡀⠠⠀⠄⠠⠀⠄⠠⠀⠄⠠⠀⠐⠀
+⠀⠠⠀⢸⣿⣿⡇⠈⢸⣿⣿⡇⠀⣿⣿⣿⠇⢈⣿⣷⣿⠀⢸⣿⣽⡇⠀⠂⠐⠀⠂⡀⣿⣿⡟⠛⠛⠛⠛⠛⠛⠀⠄⠉⠉⢁⠀⠂⠐⠀⠂⠐⠀⠂⠐⠀⠂⠐⠀⠂⠐⠀⠂⠁⠠⠀⠄⠐⠀⠂⠐⠀⠂⠐⠀⠂⠐⠈⡀⠁
+⠀⠂⠈⢸⣿⣯⡇⠠⢸⣿⣯⡇⠀⣿⣿⣾⡇⠐⣿⣯⣿⠀⢸⣿⣽⡇⠀⡁⢈⠀⡁⠀⣿⣿⡇⠀⠄⠂⠀⠂⠐⢀⢸⣿⣿⡇⠀⡁⣿⣿⣿⣿⣿⣿⣿⣿⡃⢈⠀⣿⣿⣿⣿⣿⣿⣿⣿⠅⠈⢿⣿⣿⡀⢁⠈⡀⣽⣿⣿⠃
+⠀⡈⠠⢸⣿⡿⡇⠀⢸⣿⡿⡇⠀⣿⣿⣽⡆⠨⣿⣟⣿⠀⢸⣯⣿⡇⠀⠄⠠⠀⠄⠂⣿⣿⢷⣶⣶⣶⣷⣾⡆⢀⢸⣿⣻⡇⠀⡀⠉⡈⠁⣁⣵⣿⣿⠋⠀⠠⠀⢉⠈⢁⢁⣵⣿⡿⠋⠀⠐⠘⣿⣿⣧⠀⠄⢠⣿⣿⠎⠀
+⠀⠠⠀⢸⣿⣿⡇⠈⢸⣿⣿⡇⠀⣿⣿⣻⡅⠐⠿⣿⠟⠀⢸⣿⣽⡇⠀⠂⠐⠀⠂⡀⣿⣿⡟⠛⠛⠋⠛⠛⠃⠀⢸⣟⣿⡇⠀⠄⠂⠠⣰⣾⣿⠟⠁⢀⠈⠠⠈⢀⢠⣰⣿⡿⠟⠀⡀⢁⠈⡀⠸⣿⣾⡇⢀⣿⣿⡟⠀⠄
+⠀⠂⠈⠸⣿⣯⡇⠠⢸⣿⣯⡇⠀⣿⣿⢿⡃⠠⠀⡢⠀⡁⠘⣿⣽⡇⠀⡁⢈⠀⢁⠀⣿⣿⡇⠀⠐⠀⠂⠐⠀⡁⢸⣿⣟⡇⢀⠐⣠⣶⣿⡟⠃⢀⠐⠀⡐⢀⠈⣠⣾⣿⡗⠋⠀⠄⠠⠀⠄⠀⠂⢹⣿⣷⣼⣿⡿⠀⠐⠀
+⠀⡈⢀⠁⠉⡏⠀⠠⢸⣿⡿⡇⠀⣿⣿⣿⠇⠀⠂⢜⠀⡀⠂⠉⡏⠀⠄⠠⠀⠐⢀⠀⣿⣿⡇⠀⡁⢈⠀⡁⠄⠠⢸⣿⣽⡇⠀⡀⣿⣿⣻⣿⣿⣿⣿⣿⡇⠀⢐⣿⣿⣷⣿⣿⣿⣿⣿⡇⢀⠁⡈⠀⢹⣿⣻⣽⠁⢀⠁⠄
+⠀⠠⠀⠐⠀⡇⠈⡀⢸⣿⣿⡇⠀⠙⢻⠊⠠⠈⡀⢕⠀⠠⠐⠀⡇⠐⠀⠂⢈⠠⠀⠄⢀⠀⡀⠄⠠⠀⠄⠠⠀⠂⢀⠀⡀⠠⠀⠄⢀⠀⡀⠀⡀⠀⡀⠀⡀⠐⢀⠀⡀⠀⡀⠀⡀⠀⡀⠀⠄⠠⣀⣈⣸⣿⣿⠃⠀⠄⠐⠀
+⠀⠐⠈⢀⠁⡇⠠⠀⠸⢿⡯⠃⢀⠁⢸⠀⠂⠠⠀⠪⠀⠐⠀⠁⡇⢀⠁⡈⢀⠠⠐⠀⠄⠠⠀⠄⠂⠐⠀⠂⡀⢁⠠⠀⠄⠐⠀⠂⠠⠀⠄⠂⠀⠂⠀⠂⡀⢈⠀⠠⠀⠂⠀⠂⠀⠂⠀⠂⠐⠰⣿⣿⠿⠟⠁⡀⠂⡀⠁⠄
+⠀⢁⠈⢀⠠⠐⠀⡈⠠⠀⡀⠄⠠⠐⠀⠂⠁⠐⠀⠂⡈⢀⠁⠐⡀⠄⠠⠀⠄⢀⠐⠀⠂⠐⠀⠂⡀⢁⠈⡀⠄⠠⠀⠐⢀⠈⡀⢁⠐⢀⠐⠀⡁⢈⠀⡁⠀⠄⠐⠀⠂⠁⡈⢀⠁⡈⢀⠁⡈⢀⠀⡀⠄⠂⠁⠀⠄⠠⠈⠀
+`
+
+// printBanner prints the Fizzy braille art banner to stderr.
+// Only prints in interactive TTY mode, never in machine/piped output.
+func printBanner() {
+	if IsMachineOutput() {
+		return
+	}
+	if !isatty.IsTerminal(os.Stdout.Fd()) && !isatty.IsCygwinTerminal(os.Stdout.Fd()) {
+		return
+	}
+	fmt.Fprint(os.Stderr, banner)
+}
diff --git a/internal/commands/root.go b/internal/commands/root.go
@@ -65,6 +65,10 @@ var rootCmd = &cobra.Command{
 
 Use fizzy to manage boards, cards, comments, and more from your terminal.`,
 	Version: "dev",
+	Run: func(cmd *cobra.Command, args []string) {
+		printBanner()
+		_ = cmd.Help()
+	},
 	PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
 		// Resolve output format from parsed flags (must happen post-parse).
 		format, err := resolveFormat()
@@ -719,7 +723,11 @@ func profileEnvVar() string {
 	if v := os.Getenv("FIZZY_PROFILE"); v != "" {
 		return v
 	}
-	return os.Getenv("FIZZY_ACCOUNT")
+	if v := os.Getenv("FIZZY_ACCOUNT"); v != "" {
+		fmt.Fprintln(os.Stderr, "Warning: FIZZY_ACCOUNT is deprecated, use FIZZY_PROFILE instead")
+		return v
+	}
+	return ""
 }
 
 // resolveToken applies token precedence: YAML → credstore (with migration) → env → flag.
@@ -783,29 +791,44 @@ func migrateLegacyToken(profileName string) {
 }
 
 // ensureProfile creates or updates a profile in the store.
-// If the profile already exists, it is replaced with the new settings.
+// If the profile already exists, fields are merged: BaseURL is only
+// overwritten when a non-default value is provided, and Extra entries
+// are preserved unless explicitly replaced.
 func ensureProfile(name, baseURL, board string) {
 	if profiles == nil {
 		return
 	}
-	if baseURL == "" {
-		baseURL = config.DefaultAPIURL
+
+	existing, _ := profiles.Get(name)
+
+	newBaseURL := baseURL
+	if newBaseURL == "" || newBaseURL == config.DefaultAPIURL {
+		if existing != nil && existing.BaseURL != "" {
+			newBaseURL = existing.BaseURL
+		} else {
+			newBaseURL = config.DefaultAPIURL
+		}
+	}
+
+	extra := map[string]json.RawMessage{}
+	if existing != nil {
+		for k, v := range existing.Extra {
+			extra[k] = v
+		}
+	}
+	if board != "" {
+		extra["board"] = func() json.RawMessage { b, _ := json.Marshal(board); return b }()
 	}
 
 	p := &profile.Profile{
 		Name:    name,
-		BaseURL: baseURL,
+		BaseURL: newBaseURL,
 	}
-	if board != "" {
-		p.Extra = map[string]json.RawMessage{
-			"board": func() json.RawMessage { b, _ := json.Marshal(board); return b }(),
-		}
+	if len(extra) > 0 {
+		p.Extra = extra
 	}
 
 	if err := profiles.Create(p); err != nil {
-		// Profile already exists — delete and recreate to update it.
-		// Preserve default status: if this profile was the default, SetDefault
-		// is called by the caller (login/setup/signup/switch) anyway.
 		_ = profiles.Delete(name)
 		_ = profiles.Create(p)
 	}

diff --git a/internal/commands/setup.go b/internal/commands/setup.go
@@ -41,6 +41,7 @@ func runSetup(cmd *cobra.Command, args []string) error {
 		return output.ErrUsageHint("setup requires an interactive terminal", "Run without --agent/--json/--quiet or in a TTY")
 	}
 
+	printBanner()
 	fmt.Println()
 	fmt.Println("Welcome to Fizzy CLI setup!")
 	fmt.Println()

diff --git a/internal/commands/signup.go b/internal/commands/signup.go
@@ -8,7 +8,6 @@ import (
 	stderrors "errors"
 	"fmt"
 	"io"
-	"net"
 	"net/http"
 	"net/http/cookiejar"
 	"net/url"
@@ -67,12 +66,48 @@ func init() {
 	signupCompleteCmd.Flags().String("account", "", "Account slug (required for existing users)")
 }
 
+const welcomeSignature = `
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⠏⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⠏⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⡤⠖⠚⠉⠉
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⡼⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⡤⠖⠋⠁
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⡴⠋⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⠞⠉
+⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣠⠖⠋⠀⢀⠀⠀⠀⠉⠉⠉⠉⠉⢉⡽⠋⢉⣉⠉⠉⠉⠉⠉⡉⠉⠉⠉⠉
+⠀⠀⠀⠀⠀⠀⠀⠀⢀⣠⠴⠋⢁⡴⠯⠞⠙⣦⠞⠙⠦⠤⠤⠤⢠⠞⣀⡴⠋⠈⠋⠙⠒⠒⠚⠁
+⠀⠀⠀⠀⢀⣠⠤⠖⠉⠀⠀⠀⠈⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⠏⠞⠁
+⠤⠤⠖⠚⠉⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⡞
+`
+
+const welcomeMessage = `Welcome, and thanks for signing up for Fizzy.
+
+To get you started, we set you up with a Fizzy board called Playground.
+It's got a few cards designed to help you learn Fizzy itself. Open each
+card, go through the simple steps, and you'll be an expert in Fizzy in
+no time. You'll see the Playground when you close this message.
+
+If you ever need a hand, please contact me directly at
+jason@37signals.com. I'm here for you, we're all here for you.
+
+Thanks again and all the best,`
+
+const welcomeSignoff = `Jason Fried, jason@37signals.com
+CEO & co-founder of 37signals, makers of Fizzy, Basecamp, and HEY`
+
+// printWelcomeMessage prints the CEO welcome message for new users.
+func printWelcomeMessage() {
+	fmt.Println()
+	fmt.Println(welcomeMessage)
+	fmt.Print(welcomeSignature)
+	fmt.Println(welcomeSignoff)
+	fmt.Println()
+}
+
 // runSignup is the interactive wizard that walks through the entire signup flow.
 func runSignup(cmd *cobra.Command, args []string) error {
 	if IsMachineOutput() {
 		return output.ErrUsageHint("signup requires an interactive terminal — use subcommands (start, verify, complete) for programmatic access", "Run without --agent/--json/--quiet or in a TTY")
 	}
 
+	printBanner()
 	fmt.Println()
 	fmt.Println("Welcome to Fizzy CLI signup!")
 	fmt.Println()
@@ -311,8 +346,13 @@ func runSignup(cmd *cobra.Command, args []string) error {
 
 	fmt.Println()
 	fmt.Println("✓ Configuration saved.")
-	fmt.Println()
-	fmt.Println("You're all set! Try: fizzy board list")
+
+	if requiresCompletion {
+		printWelcomeMessage()
+	} else {
+		fmt.Println()
+		fmt.Println("You're all set! Try: fizzy board list")
+	}
 	return nil
 }
 
@@ -478,15 +518,24 @@ func runSignupComplete(cmd *cobra.Command, args []string) error {
 		return err
 	}
 
+	result := map[string]any{
+		"token":   token,
+		"account": accountSlug,
+	}
+
+	summary := "Configuration saved."
+
+	if name != "" {
+		result["welcome_message"] = welcomeMessage + welcomeSignature + welcomeSignoff
+		result["is_new_user"] = true
+	}
+
 	breadcrumbs := []Breadcrumb{
 		breadcrumb("boards", "fizzy board list", "List boards"),
 		breadcrumb("setup", "fizzy setup", "Full interactive setup"),
 	}
 
-	printSuccessWithBreadcrumbs(map[string]any{
-		"token":   token,
-		"account": accountSlug,
-	}, "Configuration saved.", breadcrumbs)
+	printSuccessWithBreadcrumbs(result, summary, breadcrumbs)
 	return nil
 }
 
@@ -543,7 +592,7 @@ func signupPost(client *http.Client, reqURL string, body any) (map[string]any, h
 	}
 	req.Header.Set("Content-Type", "application/json")
 	req.Header.Set("Accept", "application/json")
-	req.Header.Set("User-Agent", "fizzy-cli/1.0")
+	req.Header.Set("User-Agent", fmt.Sprintf("fizzy-cli/%s", rootCmd.Version))
 
 	resp, err := client.Do(req)
 	if err != nil {
@@ -599,7 +648,7 @@ func signupGet(client *http.Client, reqURL string) (map[string]any, error) {
 		return nil, fmt.Errorf("failed to create request: %w", err)
 	}
 	req.Header.Set("Accept", "application/json")
-	req.Header.Set("User-Agent", "fizzy-cli/1.0")
+	req.Header.Set("User-Agent", fmt.Sprintf("fizzy-cli/%s", rootCmd.Version))
 
 	resp, err := client.Do(req)
 	if err != nil {
@@ -648,8 +697,9 @@ func setSignedCookie(client *http.Client, apiURL, name, value string) {
 
 // validateSignupURL checks that a URL is safe to use for signup HTTP requests.
 // Only http:// and https:// schemes are allowed. Plain http:// is restricted to
-// loopback addresses (localhost, 127.0.0.1, [::1]) to prevent SSRF against
-// internal network services.
+// literal loopback addresses (localhost, 127.0.0.1, [::1]) to prevent SSRF
+// against internal network services. No DNS resolution is performed to avoid
+// TOCTOU races between validation and connection time.
 func validateSignupURL(rawURL string) error {
 	u, err := url.Parse(rawURL)
 	if err != nil {
@@ -664,16 +714,6 @@ func validateSignupURL(rawURL string) error {
 		if host == "localhost" || host == "127.0.0.1" || host == "::1" {
 			return nil
 		}
-		// Resolve the hostname to check for loopback IPs
-		resolver := &net.Resolver{}
-		ips, err := resolver.LookupHost(context.Background(), host)
-		if err == nil {
-			for _, ip := range ips {
-				if net.ParseIP(ip).IsLoopback() {
-					return nil
-				}
-			}
-		}
 		return fmt.Errorf("http:// is only allowed for localhost; use https:// for remote hosts")
 	default:
 		return fmt.Errorf("unsupported URL scheme %q; use https://", u.Scheme)