apcore-cli 0.1.0__tar.gz → 0.2.0__tar.gz

apcore_cli-0.2.0/CHANGELOG.md

@@ -0,0 +1,73 @@
+# Changelog
+
+All notable changes to apcore-cli (Python SDK) will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [0.2.0] - 2026-03-16
+
+### Added
+- `APCORE_CLI_LOGGING_LEVEL` env var — CLI-specific log level that takes priority over `APCORE_LOGGING_LEVEL`; 3-tier precedence: `--log-level` flag > `APCORE_CLI_LOGGING_LEVEL` > `APCORE_LOGGING_LEVEL` > `WARNING` (`__main__.py`)
+- `test_cli_logging_level_takes_priority_over_global` — verifies `APCORE_CLI_LOGGING_LEVEL=DEBUG` wins over `APCORE_LOGGING_LEVEL=ERROR`
+- `test_cli_logging_level_fallback_to_global` — verifies fallback when CLI-specific var is unset
+- `test_builtin_name_collision_exits_2` — schema property named `format` (or other reserved names) causes `build_module_command` to exit 2
+- `test_exec_result_table_format` — `--format table` renders Rich Key/Value table to stdout
+- `test_bash_completion_quotes_prog_name_in_directive` — verifies `shlex.quote()` applied to `complete -F` directive, not just embedded subshell
+- `test_zsh_completion_quotes_prog_name_in_directives` — verifies `compdef` line uses quoted prog_name
+- `test_fish_completion_quotes_prog_name_in_directives` — verifies `complete -c` lines use quoted prog_name
+- 17 new tests (244 → 261 total)
+
+### Changed
+- `--log-level` accepted choices: `WARN` → `WARNING` (`__main__.py`)
+- `schema_to_click_options`: schema-derived options now always have `required=False`; required fields marked `[required]` in help text instead of Click enforcement — allows `--input -` STDIN to supply required values without Click rejecting first (`schema_parser.py`)
+- `format_exec_result`: now routes through `resolve_format()` and renders Rich table when `--format table` is specified; previously ignored its `format` parameter (`output.py`)
+- `_generate_bash_completion`, `_generate_zsh_completion`, `_generate_fish_completion`: `shlex.quote()` applied to ALL prog_name positions in generated scripts (complete directives, compdef, complete -c), not only embedded subshell commands (`shell.py`)
+- `check_approval`: removed unused `ctx: click.Context` parameter (`approval.py`)
+- `set_audit_logger`: broadened type annotation from `AuditLogger` to `AuditLogger | None` (`cli.py`)
+- `collect_input`: simplified redundant condition `if not raw or raw_size == 0:` → `if not raw:` (`cli.py`)
+- Example `Input` models: all 7 modules updated with `Field(description=...)` on every field so CLI `--help` shows descriptive text for each flag
+
+### Fixed
+- **`--input -` STDIN blocked by Click required enforcement**: `schema_to_click_options` was generating `required=True` Click options; Click validated before the callback ran, rejecting STDIN-only invocations. Resolved by always using `required=False` and delegating required validation to `jsonschema.validate()` after input collection. Fixes all 6 `TestRealStdinPiping` failures.
+- **`--log-level` had no effect**: `logging.basicConfig()` is a no-op after the first call; subsequent `create_cli()` calls in tests retained the prior handler's level. Fixed by calling `logging.getLogger().setLevel()` explicitly after `basicConfig()`.
+- **`test_log_level_flag_takes_effect` false pass**: `--help` is an eager flag that exits before the group callback, so `--log-level DEBUG --help` never applied the log level. Test updated to use `completion bash` subcommand instead.
+- **Shell completion directives not shell-safe**: prog names with spaces or special characters were unquoted in `complete -F`, `compdef`, and `complete -c` lines. Fixed by assigning `quoted = shlex.quote(prog_name)` and using it in all directive positions.
+- **Audit `set_audit_logger(None)` type error**: type annotation rejected `None`; broadened to `AuditLogger | None`.
+- **Test logger level leakage**: tests modifying root logger level affected subsequent tests; fixed with `try/finally` that restores the original level.
+
+### Security
+- `AuditLogger._hash_input`: now uses `secrets.token_bytes(16)` per-invocation salt before hashing, preventing cross-invocation input correlation via SHA-256 rainbow tables
+- `build_module_command`: added reserved-name collision guard — exits 2 if a schema property (`input`, `yes`, `large_input`, `format`, `sandbox`) conflicts with a built-in CLI option name
+- `_prompt_with_timeout` (SIGALRM path): wrapped in `try/finally` to guarantee signal handler restoration regardless of exit path
+
+## [0.1.0] - 2026-03-15
+
+### Added
+- `--sandbox` flag for subprocess-isolated module execution (FE-05)
+- `ModuleExecutionError` exception class for sandbox failures
+- Windows approval timeout support via `threading.Timer` + `ctypes` (FE-03)
+- Approval timeout clamping to 1..3600 seconds range (FE-03)
+- Tag format validation (`^[a-z][a-z0-9_-]*$`) in `list --tag` (FE-04)
+- `cli.auto_approve` config key with `False` default (FE-07)
+- Extensions directory readability check with exit code 47 (FE-01)
+- Missing required property warning in schema parser (FE-02)
+- DEBUG log `"Loading extensions from {path}"` before registry discovery (FE-01)
+- `TYPE_CHECKING` imports for proper type annotations (`Registry`, `Executor`, `ModuleDescriptor`, `ConfigResolver`, `AuditLogger`)
+- `_get_module_id()` helper for `canonical_id`/`module_id` resolution
+- `APCORE_AUTH_API_KEY` and `APCORE_CLI_SANDBOX` to README environment variables table
+- `--sandbox` to README module execution options table
+- CHANGELOG.md
+- Core Dispatcher (FE-01): `LazyModuleGroup`, `build_module_command`, `collect_input`, `validate_module_id`
+- Schema Parser (FE-02): `schema_to_click_options`, `_map_type`, `_extract_help`, `reconvert_enum_values`
+- Ref Resolver (FE-02): `resolve_refs`, `_resolve_node` with `$ref`, `allOf`, `anyOf`, `oneOf` support
+- Config Resolver (FE-07): `ConfigResolver` with 4-tier precedence (CLI > Env > File > Default)
+- Approval Gate (FE-03): `check_approval`, `_prompt_with_timeout` with TTY detection and Unix SIGALRM
+- Discovery (FE-04): `list` and `describe` commands with tag filtering and TTY-adaptive output
+- Output Formatter (FE-08): `format_module_list`, `format_module_detail`, `format_exec_result` with Rich rendering
+- Security Manager (FE-05): `AuthProvider`, `ConfigEncryptor` (keyring + AES-256-GCM), `AuditLogger` (JSON Lines), `Sandbox` (subprocess isolation)
+- Shell Integration (FE-06): bash/zsh/fish completion generators, roff man page generator
+- 8 example modules: `math.add`, `math.multiply`, `text.upper`, `text.reverse`, `text.wordcount`, `sysutil.info`, `sysutil.env`, `sysutil.disk`
+- 244 tests (unit, integration, end-to-end)
+- CI workflow with pytest and coverage
+- Pre-commit hooks configuration

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: apcore-cli
-Version: 0.1.0
+Version: 0.2.0
 Summary: Terminal adapter for apcore — execute AI-Perceivable modules from the command line
 Project-URL: Homepage, https://aipartnerup.com
 Project-URL: Repository, https://github.com/aipartnerup/apcore-cli-python
@@ -45,7 +45,7 @@ Terminal adapter for apcore. Execute AI-Perceivable modules from the command lin
 
 [![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](LICENSE)
 [![Python](https://img.shields.io/badge/python-3.11%2B-blue.svg)](https://python.org)
-[![Tests](https://img.shields.io/badge/tests-244%20passed-brightgreen.svg)]()
+[![Tests](https://img.shields.io/badge/tests-261%20passed-brightgreen.svg)]()
 
 | | |
 |---|---|
@@ -207,7 +207,7 @@ apcore-cli [OPTIONS] COMMAND [ARGS]
 | Option | Default | Description |
 |--------|---------|-------------|
 | `--extensions-dir` | `./extensions` | Path to apcore extensions directory |
-| `--log-level` | `INFO` | Logging: `DEBUG`, `INFO`, `WARN`, `ERROR` |
+| `--log-level` | `WARNING` | Logging: `DEBUG`, `INFO`, `WARNING`, `ERROR` |
 | `--version` | | Show version and exit |
 | `--help` | | Show help and exit |
 
@@ -264,7 +264,8 @@ apcore-cli uses a 4-tier configuration precedence:
 |----------|-------------|---------|
 | `APCORE_EXTENSIONS_ROOT` | Path to extensions directory | `./extensions` |
 | `APCORE_CLI_AUTO_APPROVE` | Set to `1` to bypass all approval prompts | *(unset)* |
-| `APCORE_LOGGING_LEVEL` | Log level | `INFO` |
+| `APCORE_CLI_LOGGING_LEVEL` | CLI-specific log level (takes priority over `APCORE_LOGGING_LEVEL`) | `WARNING` |
+| `APCORE_LOGGING_LEVEL` | Global apcore log level (fallback when `APCORE_CLI_LOGGING_LEVEL` is unset) | `WARNING` |
 | `APCORE_AUTH_API_KEY` | API key for remote registry authentication | *(unset)* |
 | `APCORE_CLI_SANDBOX` | Set to `1` to enable subprocess sandboxing | *(unset)* |
 
@@ -303,7 +304,7 @@ sandbox:
 | `module_id` (`math.add`) | Command name (`apcore-cli math.add`) |
 | `description` | `--help` text |
 | `input_schema.properties` | CLI flags (`--a`, `--b`) |
-| `input_schema.required` | Required flag enforcement |
+| `input_schema.required` | Validated post-collection via `jsonschema.validate()` (required fields shown as `[required]` in `--help`) |
 | `annotations.requires_approval` | HITL approval prompt |
 
 ### Architecture
@@ -414,7 +415,7 @@ apcore-cli --extensions-dir ./extensions greet.hello --name Alice --greeting Hi
 git clone https://github.com/aipartnerup/apcore-cli-python.git
 cd apcore-cli-python
 pip install -e ".[dev]"
-pytest                           # 244 tests
+pytest                           # 261 tests
 pytest --cov                     # with coverage report
 bash examples/run_examples.sh   # run all examples
 ```

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/README.md

@@ -8,7 +8,7 @@ Terminal adapter for apcore. Execute AI-Perceivable modules from the command lin
 
 [![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](LICENSE)
 [![Python](https://img.shields.io/badge/python-3.11%2B-blue.svg)](https://python.org)
-[![Tests](https://img.shields.io/badge/tests-244%20passed-brightgreen.svg)]()
+[![Tests](https://img.shields.io/badge/tests-261%20passed-brightgreen.svg)]()
 
 | | |
 |---|---|
@@ -170,7 +170,7 @@ apcore-cli [OPTIONS] COMMAND [ARGS]
 | Option | Default | Description |
 |--------|---------|-------------|
 | `--extensions-dir` | `./extensions` | Path to apcore extensions directory |
-| `--log-level` | `INFO` | Logging: `DEBUG`, `INFO`, `WARN`, `ERROR` |
+| `--log-level` | `WARNING` | Logging: `DEBUG`, `INFO`, `WARNING`, `ERROR` |
 | `--version` | | Show version and exit |
 | `--help` | | Show help and exit |
 
@@ -227,7 +227,8 @@ apcore-cli uses a 4-tier configuration precedence:
 |----------|-------------|---------|
 | `APCORE_EXTENSIONS_ROOT` | Path to extensions directory | `./extensions` |
 | `APCORE_CLI_AUTO_APPROVE` | Set to `1` to bypass all approval prompts | *(unset)* |
-| `APCORE_LOGGING_LEVEL` | Log level | `INFO` |
+| `APCORE_CLI_LOGGING_LEVEL` | CLI-specific log level (takes priority over `APCORE_LOGGING_LEVEL`) | `WARNING` |
+| `APCORE_LOGGING_LEVEL` | Global apcore log level (fallback when `APCORE_CLI_LOGGING_LEVEL` is unset) | `WARNING` |
 | `APCORE_AUTH_API_KEY` | API key for remote registry authentication | *(unset)* |
 | `APCORE_CLI_SANDBOX` | Set to `1` to enable subprocess sandboxing | *(unset)* |
 
@@ -266,7 +267,7 @@ sandbox:
 | `module_id` (`math.add`) | Command name (`apcore-cli math.add`) |
 | `description` | `--help` text |
 | `input_schema.properties` | CLI flags (`--a`, `--b`) |
-| `input_schema.required` | Required flag enforcement |
+| `input_schema.required` | Validated post-collection via `jsonschema.validate()` (required fields shown as `[required]` in `--help`) |
 | `annotations.requires_approval` | HITL approval prompt |
 
 ### Architecture
@@ -377,7 +378,7 @@ apcore-cli --extensions-dir ./extensions greet.hello --name Alice --greeting Hi
 git clone https://github.com/aipartnerup/apcore-cli-python.git
 cd apcore-cli-python
 pip install -e ".[dev]"
-pytest                           # 244 tests
+pytest                           # 261 tests
 pytest --cov                     # with coverage report
 bash examples/run_examples.sh   # run all examples
 ```

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/examples/extensions/math/add.py

@@ -1,11 +1,11 @@
 """math.add — Add two numbers."""
 
-from pydantic import BaseModel
+from pydantic import BaseModel, Field
 
 
 class Input(BaseModel):
-    a: int
-    b: int
+    a: int = Field(..., description="First operand")
+    b: int = Field(..., description="Second operand")
 
 
 class Output(BaseModel):

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/examples/extensions/math/multiply.py

@@ -1,11 +1,11 @@
 """math.multiply — Multiply two numbers."""
 
-from pydantic import BaseModel
+from pydantic import BaseModel, Field
 
 
 class Input(BaseModel):
-    a: int
-    b: int
+    a: int = Field(..., description="First operand")
+    b: int = Field(..., description="Second operand")
 
 
 class Output(BaseModel):

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/examples/extensions/sysutil/disk.py

@@ -2,11 +2,11 @@
 
 import os
 
-from pydantic import BaseModel
+from pydantic import BaseModel, Field
 
 
 class Input(BaseModel):
-    path: str = "/"
+    path: str = Field("/", description="Filesystem path to check (default: /)")
 
 
 class Output(BaseModel):

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/examples/extensions/sysutil/env.py

@@ -2,12 +2,12 @@
 
 import os
 
-from pydantic import BaseModel
+from pydantic import BaseModel, Field
 
 
 class Input(BaseModel):
-    name: str
-    default: str = ""
+    name: str = Field(..., description="Environment variable name to read")
+    default: str = Field("", description="Value to return if the variable is not set")
 
 
 class Output(BaseModel):

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/examples/extensions/text/reverse.py

@@ -1,10 +1,10 @@
 """text.reverse — Reverse a string."""
 
-from pydantic import BaseModel
+from pydantic import BaseModel, Field
 
 
 class Input(BaseModel):
-    text: str
+    text: str = Field(..., description="Input string to reverse")
 
 
 class Output(BaseModel):

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/examples/extensions/text/upper.py

@@ -1,10 +1,10 @@
 """text.upper — Convert text to uppercase."""
 
-from pydantic import BaseModel
+from pydantic import BaseModel, Field
 
 
 class Input(BaseModel):
-    text: str
+    text: str = Field(..., description="Input string to convert")
 
 
 class Output(BaseModel):

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/examples/extensions/text/wordcount.py

@@ -1,10 +1,10 @@
 """text.wordcount — Count words, characters, and lines."""
 
-from pydantic import BaseModel
+from pydantic import BaseModel, Field
 
 
 class Input(BaseModel):
-    text: str
+    text: str = Field(..., description="Input text to analyse")
 
 
 class Output(BaseModel):

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "apcore-cli"
-version = "0.1.0"
+version = "0.2.0"
 description = "Terminal adapter for apcore — execute AI-Perceivable modules from the command line"
 readme = "README.md"
 license = "Apache-2.0"

apcore_cli-0.2.0/src/apcore_cli/__init__.py

@@ -0,0 +1,9 @@
+"""apcore-cli: CLI adapter for the apcore module ecosystem."""
+
+from importlib.metadata import PackageNotFoundError
+from importlib.metadata import version as _get_version
+
+try:
+    __version__ = _get_version("apcore-cli")
+except PackageNotFoundError:
+    __version__ = "unknown"

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/src/apcore_cli/__main__.py

@@ -36,13 +36,35 @@ def _extract_extensions_dir(argv: list[str] | None = None) -> str | None:
     return None
 
 
-def create_cli(extensions_dir: str | None = None) -> click.Group:
+def create_cli(extensions_dir: str | None = None, prog_name: str | None = None) -> click.Group:
     """Create the CLI application.
 
     Args:
         extensions_dir: Override for extensions directory.
                         When None, resolves via ConfigResolver (env/file/default).
+        prog_name: Name shown in help text and version output.
+                   Defaults to the basename of sys.argv[0], so downstream projects
+                   that install their own entry-point script get the correct name
+                   automatically (e.g. ``mycli`` instead of ``apcore-cli``).
     """
+    if prog_name is None:
+        prog_name = os.path.basename(sys.argv[0]) or "apcore-cli"
+
+    # Resolve CLI log level (3-tier precedence, evaluated before Click runs):
+    #   APCORE_CLI_LOGGING_LEVEL (CLI-specific) > APCORE_LOGGING_LEVEL (global) > WARNING
+    # The --log-level flag (parsed later) can further override at runtime.
+    _cli_level_str = os.environ.get("APCORE_CLI_LOGGING_LEVEL", "").upper()
+    _global_level_str = os.environ.get("APCORE_LOGGING_LEVEL", "").upper()
+    _active_level_str = _cli_level_str or _global_level_str
+    _default_level = getattr(logging, _active_level_str, logging.WARNING) if _active_level_str else logging.WARNING
+    logging.basicConfig(level=_default_level, format="%(levelname)s: %(message)s")
+    # basicConfig is a no-op if handlers already exist; always set the root level explicitly.
+    logging.getLogger().setLevel(_default_level)
+    # Silence noisy upstream apcore loggers unless the user requests verbose output.
+    # Always set explicitly so the level is deterministic regardless of prior state.
+    apcore_level = _default_level if _default_level <= logging.INFO else logging.ERROR
+    logging.getLogger("apcore").setLevel(apcore_level)
+
     if extensions_dir is not None:
         ext_dir = extensions_dir
     else:
@@ -97,12 +119,12 @@ def create_cli(extensions_dir: str | None = None) -> click.Group:
         cls=LazyModuleGroup,
         registry=registry,
         executor=executor,
-        name="apcore-cli",
+        name=prog_name,
         help="CLI adapter for the apcore module ecosystem.",
     )
     @click.version_option(
         version=__version__,
-        prog_name="apcore-cli",
+        prog_name=prog_name,
     )
     @click.option(
         "--extensions-dir",
@@ -113,11 +135,18 @@ def create_cli(extensions_dir: str | None = None) -> click.Group:
     @click.option(
         "--log-level",
         default=None,
-        type=click.Choice(["DEBUG", "INFO", "WARN", "ERROR"], case_sensitive=False),
-        help="Log level.",
+        type=click.Choice(["DEBUG", "INFO", "WARNING", "ERROR"], case_sensitive=False),
+        help="Log verbosity. Overrides APCORE_CLI_LOGGING_LEVEL and APCORE_LOGGING_LEVEL env vars.",
     )
     @click.pass_context
     def cli(ctx: click.Context, extensions_dir_opt: str | None = None, log_level: str | None = None) -> None:
+        if log_level is not None:
+            # basicConfig() is a no-op once handlers exist; set level on the root logger directly.
+            level = getattr(logging, log_level.upper(), logging.WARNING)
+            logging.getLogger().setLevel(level)
+            # Keep apcore logger in sync: verbose when user asks for it, quiet otherwise.
+            apcore_level = level if level <= logging.INFO else logging.ERROR
+            logging.getLogger("apcore").setLevel(apcore_level)
         ctx.ensure_object(dict)
         ctx.obj["extensions_dir"] = ext_dir
 
@@ -125,16 +154,20 @@ def create_cli(extensions_dir: str | None = None) -> click.Group:
     register_discovery_commands(cli, registry)
 
     # Register shell integration commands
-    register_shell_commands(cli)
+    register_shell_commands(cli, prog_name=prog_name)
 
     return cli
 
 
-def main() -> None:
-    """Main entry point for apcore-cli."""
-    # Extract --extensions-dir from argv before Click parses
+def main(prog_name: str | None = None) -> None:
+    """Main entry point for apcore-cli.
+
+    Args:
+        prog_name: Override the program name shown in help/version output.
+                   When None, inferred from sys.argv[0] automatically.
+    """
     ext_dir = _extract_extensions_dir()
-    cli = create_cli(extensions_dir=ext_dir)
+    cli = create_cli(extensions_dir=ext_dir, prog_name=prog_name)
     cli(standalone_mode=True)
 
 

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/src/apcore_cli/approval.py

@@ -26,7 +26,7 @@ def _get_annotation(annotations: Any, key: str, default: Any = None) -> Any:
     return getattr(annotations, key, default)
 
 
-def check_approval(module_def: Any, auto_approve: bool, ctx: click.Context) -> None:
+def check_approval(module_def: Any, auto_approve: bool) -> None:
     """Check if module requires approval and handle accordingly.
 
     Returns None if approved (or approval not required).
@@ -113,24 +113,26 @@ def _prompt_unix(module_id: str, timeout: int) -> None:
 
     try:
         approved = click.confirm("Proceed?", default=False)
-        signal.alarm(0)
-        signal.signal(signal.SIGALRM, old_handler)
-
-        if approved:
-            logger.info("User approved execution of module '%s'.", module_id)
-            return
-        else:
-            logger.warning("Approval rejected by user for module '%s'.", module_id)
-            click.echo("Error: Approval denied.", err=True)
-            sys.exit(46)
     except ApprovalTimeoutError:
-        signal.signal(signal.SIGALRM, old_handler)
         logger.warning("Approval timed out after %ds for module '%s'.", timeout, module_id)
         click.echo(
             f"Error: Approval prompt timed out after {timeout} seconds.",
             err=True,
         )
         sys.exit(46)
+    finally:
+        # Always cancel the alarm and restore the previous handler, regardless of
+        # how the block exits (normal return, sys.exit, KeyboardInterrupt, etc.).
+        signal.alarm(0)
+        signal.signal(signal.SIGALRM, old_handler)
+
+    if approved:
+        logger.info("User approved execution of module '%s'.", module_id)
+        return
+    else:
+        logger.warning("Approval rejected by user for module '%s'.", module_id)
+        click.echo("Error: Approval denied.", err=True)
+        sys.exit(46)
 
 
 def _prompt_windows(module_id: str, timeout: int) -> None:

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/src/apcore_cli/cli.py

@@ -32,8 +32,8 @@ BUILTIN_COMMANDS = ["exec", "list", "describe", "completion", "man"]
 _audit_logger: AuditLogger | None = None
 
 
-def set_audit_logger(audit_logger: AuditLogger) -> None:
-    """Set the global audit logger instance."""
+def set_audit_logger(audit_logger: AuditLogger | None) -> None:
+    """Set the global audit logger instance. Pass None to clear."""
     global _audit_logger
     _audit_logger = audit_logger
 
@@ -131,7 +131,8 @@ def build_module_command(module_def: ModuleDescriptor, executor: Executor) -> cl
             resolved_schema = resolve_refs(input_schema, max_depth=32, module_id=module_id)
         except SystemExit:
             raise
-        except Exception:
+        except Exception as e:
+            logger.warning("Failed to resolve $refs in schema for '%s', using raw schema: %s", module_id, e)
             resolved_schema = input_schema
     else:
         resolved_schema = input_schema
@@ -166,7 +167,7 @@ def build_module_command(module_def: ModuleDescriptor, executor: Executor) -> cl
                     sys.exit(45)
 
             # 4. Check approval gate
-            check_approval(module_def, auto_approve, click.get_current_context())
+            check_approval(module_def, auto_approve)
 
             # 5. Execute with timing (optionally sandboxed)
             audit_start = time.monotonic()
@@ -245,6 +246,17 @@ def build_module_command(module_def: ModuleDescriptor, executor: Executor) -> cl
         )
     )
 
+    # Guard: schema property names must not collide with built-in option names.
+    _reserved = {"input", "yes", "large_input", "format", "sandbox"}
+    for opt in schema_options:
+        if opt.name in _reserved:
+            click.echo(
+                f"Error: Module '{module_id}' schema property '{opt.name}' conflicts "
+                f"with a reserved CLI option name. Rename the property.",
+                err=True,
+            )
+            sys.exit(2)
+
     # Add schema-generated options
     cmd.params.extend(schema_options)
 
@@ -290,7 +302,7 @@ def collect_input(
             )
             sys.exit(2)
 
-        if not raw or raw_size == 0:
+        if not raw:
             stdin_data: dict[str, Any] = {}
         else:
             try:

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/src/apcore_cli/discovery.py

@@ -37,6 +37,7 @@ def register_discovery_commands(cli: click.Group, registry: Any) -> None:
         help="Output format. Default: table (TTY) or json (non-TTY).",
     )
     def list_cmd(tag: tuple[str, ...], output_format: str | None) -> None:
+        """List available modules in the registry."""
         # Validate tag format
         for t in tag:
             _validate_tag(t)
@@ -64,6 +65,7 @@ def register_discovery_commands(cli: click.Group, registry: Any) -> None:
         help="Output format. Default: table (TTY) or json (non-TTY).",
     )
     def describe_cmd(module_id: str, output_format: str | None) -> None:
+        """Show metadata, schema, and annotations for a module."""
         validate_module_id(module_id)
 
         module_def = registry.get_definition(module_id)

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/src/apcore_cli/output.py

@@ -179,10 +179,24 @@ def format_module_detail(module_def: ModuleDescriptor, format: str) -> None:
 
 
 def format_exec_result(result: Any, format: str | None = None) -> None:
-    """Format and print module execution result."""
+    """Format and print module execution result.
+
+    Uses ``resolve_format(format)`` for TTY-adaptive defaulting:
+    - json (or non-TTY default): JSON-pretty-printed output.
+    - table: Rich table for dict results; falls back to JSON for lists,
+      plain string for scalars.
+    """
     if result is None:
         return
-    if isinstance(result, dict | list):
+    effective = resolve_format(format)
+    if effective == "table" and isinstance(result, dict):
+        table = Table()
+        table.add_column("Key")
+        table.add_column("Value")
+        for k, v in result.items():
+            table.add_row(str(k), str(v))
+        Console().print(table)
+    elif isinstance(result, dict | list):
         click.echo(json.dumps(result, indent=2, default=str))
     elif isinstance(result, str):
         click.echo(result)

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/src/apcore_cli/schema_parser.py

@@ -93,7 +93,11 @@ def schema_to_click_options(schema: dict) -> list[click.Option]:
 
         click_type = _map_type(prop_name, prop_schema)
         is_required = prop_name in required_list
-        help_text = _extract_help(prop_schema)
+        _help_base = _extract_help(prop_schema)
+        # Append [required] to help text for user clarity; do NOT set required=True
+        # at the Click level because that would block --input - (STDIN) from working.
+        # Schema-level required validation happens in the callback via jsonschema.validate().
+        help_text = ((_help_base + " ") if _help_base else "") + "[required]" if is_required else _help_base
         default = prop_schema.get("default", None)
 
         if click_type is _BOOLEAN_FLAG:
@@ -116,7 +120,7 @@ def schema_to_click_options(schema: dict) -> list[click.Option]:
                 option = click.Option(
                     [flag_name],
                     type=click.STRING,
-                    required=is_required,
+                    required=False,
                     default=default,
                     help=help_text,
                 )
@@ -125,7 +129,7 @@ def schema_to_click_options(schema: dict) -> list[click.Option]:
                 option = click.Option(
                     [flag_name],
                     type=click.Choice(string_values),
-                    required=is_required,
+                    required=False,
                     default=str(default) if default is not None else None,
                     help=help_text,
                 )
@@ -135,7 +139,7 @@ def schema_to_click_options(schema: dict) -> list[click.Option]:
             option = click.Option(
                 [flag_name],
                 type=click_type,
-                required=is_required,
+                required=False,
                 default=default,
                 help=help_text,
             )

{apcore_cli-0.1.0 → apcore_cli-0.2.0}/src/apcore_cli/security/audit.py

@@ -6,6 +6,7 @@ import hashlib
 import json
 import logging
 import os
+import secrets
 from datetime import UTC, datetime
 from pathlib import Path
 from typing import Literal
@@ -35,7 +36,7 @@ class AuditLogger:
             "timestamp": datetime.now(UTC).isoformat(timespec="milliseconds").replace("+00:00", "Z"),
             "user": self._get_user(),
             "module_id": module_id,
-            "input_hash": hashlib.sha256(json.dumps(input_data, sort_keys=True).encode()).hexdigest(),
+            "input_hash": self._hash_input(input_data),
             "status": status,
             "exit_code": exit_code,
             "duration_ms": duration_ms,
@@ -46,8 +47,21 @@ class AuditLogger:
         except OSError as e:
             logger.warning("Could not write audit log: %s", e)
 
+    def _hash_input(self, input_data: dict) -> str:
+        """Hash input with a random salt to prevent correlation across invocations."""
+        salt = secrets.token_bytes(16)
+        payload = json.dumps(input_data, sort_keys=True).encode()
+        return hashlib.sha256(salt + payload).hexdigest()
+
     def _get_user(self) -> str:
         try:
             return os.getlogin()
         except OSError:
-            return os.getenv("USER", os.getenv("USERNAME", "unknown"))
+            pass
+        try:
+            import pwd
+
+            return pwd.getpwuid(os.getuid()).pw_name
+        except (ImportError, KeyError, AttributeError):
+            pass
+        return os.getenv("USER", os.getenv("USERNAME", "unknown"))