datasecops-cli 0.4.4__tar.gz → 0.4.6__tar.gz

{datasecops_cli-0.4.4 → datasecops_cli-0.4.6}/CHANGELOG.md

@@ -2,6 +2,25 @@
 
 All notable changes to the DataSecOps CLI are documented in this file.
 
+## [0.4.6] - 2026-05-18
+
+### Changed
+
+- **SQLFluff config now fetched as rendered INI from native app** — `download_sqlfluff_config()` calls the new `api.get_sqlfluff_config_file()` stored procedure which returns a ready-to-use `.sqlfluff` file, matching exactly what the native app UI displays. Removes client-side INI rendering logic.
+
+### Added
+
+- **Re-download .sqlfluff option in lint menu** — new option `[6] refresh config` in the SQLFluff linting menu to re-download the `.sqlfluff` configuration from the framework at any time, even if the file already exists locally.
+- **`get_sqlfluff_config_file()` method** added to `SnowflakeService` for calling the new native app procedure.
+
+## [0.4.5] - 2026-05-18
+
+### Fixed
+
+- **Package downloads now respect profile selection** — `datasecops download packages` and the interactive downloads menu now only include dbt packages enabled on the active profile, instead of downloading all packages from the global catalog. This matches the native app's Streamlit UI behavior.
+- **Upstream package exclusion** — packages already provided by upstream projects are automatically excluded from `packages.yml`, preventing duplicate dependencies when using multi-project setups.
+- **`generate_packages_yml()` filtering** — the dbt project generator now also filters packages by profile, fixing the same issue in the bootstrap/init path.
+
 ## [0.4.4] - 2026-05-18
 
 ### Added

{datasecops_cli-0.4.4 → datasecops_cli-0.4.6}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: datasecops-cli
-Version: 0.4.4
+Version: 0.4.6
 Summary: DataSecOps Framework CLI for Snowflake Native App
 License-Expression: MIT
 License-File: LICENSE

{datasecops_cli-0.4.4 → datasecops_cli-0.4.6}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "datasecops-cli"
-version = "0.4.4"
+version = "0.4.6"
 description = "DataSecOps Framework CLI for Snowflake Native App"
 readme = "README.md"
 requires-python = ">=3.10"

datasecops_cli-0.4.6/src/datasecops_cli/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.4.6"

{datasecops_cli-0.4.4 → datasecops_cli-0.4.6}/src/datasecops_cli/main.py

@@ -565,7 +565,10 @@ def _run_download(config: Config, items: list[str],
                 if not download_service.download_pipelines(platform=platform, profile_name=config.profile_name):
                     failed = True
             elif item == "packages":
-                if not download_service.download_dbt_packages(config.dbt_project_dir):
+                if not download_service.download_dbt_packages(
+                    config.dbt_project_dir, profile=config.profile,
+                    all_profiles=config.all_profiles
+                ):
                     failed = True
             elif item == "macros":
                 if not download_service.download_macros(config.profile_name, config.dbt_project_dir):
@@ -704,6 +707,7 @@ def _main_menu(config: Config, dbt_runner: DbtRunner, git_service: GitService,
                 project_settings=config.project_settings,
                 profile=config.profile,
                 source_control=config.source_control,
+                all_profiles=config.all_profiles,
             )
             dl_menu.show()
 
@@ -722,6 +726,7 @@ def _main_menu(config: Config, dbt_runner: DbtRunner, git_service: GitService,
                 project_dir=config.project_dir,
                 project_settings=config.project_settings,
                 profile=config.profile,
+                all_profiles=config.all_profiles,
             )
             bootstrap.run(platform=platform, install_skills=install_skills,
                          skill_targets=skill_targets, run_deps=run_deps)
@@ -784,6 +789,7 @@ def _run_bootstrap(config: Config):
             project_dir=config.project_dir,
             project_settings=config.project_settings,
             profile=config.profile,
+            all_profiles=config.all_profiles,
         )
         success = bootstrap.run(platform=platform, install_skills=install_skills,
                                skill_targets=skill_targets, run_deps=run_deps)

{datasecops_cli-0.4.4 → datasecops_cli-0.4.6}/src/datasecops_cli/menus/development.py

@@ -176,6 +176,7 @@ class DevelopmentMenu:
         menu_option(3, "find all      - Lint all SQL files")
         menu_option(4, "fix all       - Fix all SQL files")
         menu_option(5, "specific      - Lint specific file")
+        menu_option(6, "refresh config- Re-download .sqlfluff from framework")
         menu_option(0, "back          - Return to development menu")
         option = get_input_number("Choose an option: ")
         if option in (1, 2, 3, 4, 5) and not self._ensure_sqlfluff_config():
@@ -195,6 +196,11 @@ class DevelopmentMenu:
             path = get_input_string("Enter SQL file path (e.g. models/staging/stg_orders.sql): ")
             if path != "0":
                 self.linting.lint_file(file_path=path, fix=False)
+        elif option == 6:
+            if not self.downloads:
+                error_line("Download service not available")
+            else:
+                self.downloads.download_sqlfluff_config(profiles_dir=self.profiles_dir, dbt_project_dir=self.linting.project_dir)
         complete_action()
 
     def _autofix_menu(self) -> None:

{datasecops_cli-0.4.4 → datasecops_cli-0.4.6}/src/datasecops_cli/menus/downloads.py

@@ -19,7 +19,7 @@ class DownloadsMenu:
     def __init__(self, download_service: DownloadService, skill_service: SkillService,
                  dbt_runner: DbtRunner, profile_name: str, dbt_project_dir: Path,
                  project_settings: ProjectSettings = None, profile: ProjectProfile = None,
-                 source_control: SourceControl = None):
+                 source_control: SourceControl = None, all_profiles: list[ProjectProfile] = None):
         self.downloads = download_service
         self.skills = skill_service
         self.dbt = dbt_runner
@@ -28,6 +28,7 @@ class DownloadsMenu:
         self.project_settings = project_settings
         self.profile = profile
         self.source_control = source_control
+        self.all_profiles = all_profiles
     
     def show(self) -> None:
         self._menu()
@@ -46,7 +47,8 @@ class DownloadsMenu:
                 complete_action()
             elif option == 3:
                 display_action_header("Download dbt Packages")
-                self.downloads.download_dbt_packages(self.dbt_project_dir)
+                self.downloads.download_dbt_packages(self.dbt_project_dir, profile=self.profile,
+                                                     all_profiles=self.all_profiles)
                 if get_input_true_false("Run dbt deps now?"):
                     self.dbt.deps()
                 complete_action()

{datasecops_cli-0.4.4 → datasecops_cli-0.4.6}/src/datasecops_cli/services/bootstrap_service.py

@@ -14,11 +14,13 @@ class BootstrapService:
     """Bootstraps a new dbt project with all framework configuration."""
 
     def __init__(self, snowflake_service: SnowflakeService, project_dir: Path,
-                 project_settings: ProjectSettings, profile: ProjectProfile):
+                 project_settings: ProjectSettings, profile: ProjectProfile,
+                 all_profiles: list[ProjectProfile] = None):
         self.sf = snowflake_service
         self.project_dir = project_dir
         self.project_settings = project_settings
         self.profile = profile
+        self.all_profiles = all_profiles or []
         self.download_service = DownloadService(snowflake_service, project_dir)
         self.skill_service = SkillService(snowflake_service)
 
@@ -92,7 +94,8 @@ class BootstrapService:
         # Step 5: Generate packages.yml
         info_line("")
         info_line("[5] Generating packages.yml...")
-        if self.download_service.download_dbt_packages(dbt_project_dir, profile=self.profile):
+        if self.download_service.download_dbt_packages(dbt_project_dir, profile=self.profile,
+                                                       all_profiles=self.all_profiles):
             steps_passed += 1
         else:
             info_line("  (skipped - no dbt packages config in native app)")

{datasecops_cli-0.4.4 → datasecops_cli-0.4.6}/src/datasecops_cli/services/dbt_project_generator.py

@@ -165,17 +165,36 @@ def generate_profiles_yml(
 def generate_packages_yml(
     profile: ProjectProfile,
     packages_config: dict,
+    all_profiles: list[ProjectProfile] = None,
 ) -> str:
     """Generate packages.yml from profile's packages and upstream projects.
 
     Args:
         profile: The project profile.
         packages_config: The DBT_PACKAGES framework config.
+        all_profiles: All project profiles (used for upstream package exclusion).
 
     Returns:
         The YAML content as a string.
     """
     packages = packages_config.get("packages", [])
+
+    # Filter to only packages enabled on the profile
+    if profile.dbt_packages:
+        from datasecops_cli.services.download_service import _collect_upstream_packages
+
+        enabled = set(profile.dbt_packages)
+
+        # Exclude packages already provided by upstream projects
+        if profile.upstream_projects and all_profiles:
+            profile_map = {p.profile_name: p for p in all_profiles}
+            upstream_pkgs = _collect_upstream_packages(
+                profile.upstream_projects, profile_map
+            )
+            enabled -= upstream_pkgs
+
+        packages = [p for p in packages if p.get("name") in enabled]
+
     pkg_list: list[dict[str, Any]] = []
 
     for pkg in packages:

{datasecops_cli-0.4.4 → datasecops_cli-0.4.6}/src/datasecops_cli/services/download_service.py

@@ -10,164 +10,62 @@ from datasecops_cli.utilities.display import info_line, success_line, error_line
 from datasecops_cli.utilities.file_utils import write_file, ensure_dir
 
 
+def _collect_upstream_packages(
+    upstream_names: list[str],
+    profile_map: dict[str, ProjectProfile],
+    visited: set[str] | None = None,
+) -> set[str]:
+    """Recursively collect dbt package names from all upstream projects."""
+    if visited is None:
+        visited = set()
+    result: set[str] = set()
+    for name in upstream_names:
+        if name in visited:
+            continue
+        visited.add(name)
+        upstream = profile_map.get(name)
+        if upstream:
+            result.update(upstream.dbt_packages)
+            result.update(
+                _collect_upstream_packages(
+                    upstream.upstream_projects or [], profile_map, visited
+                )
+            )
+    return result
+
+
 class DownloadService:
     """Downloads configurations from the native app."""
 
-    # Maps rule codes to their sqlfluff INI section names.
-    RULE_SECTION_MAP: dict[str, str] = {
-        # Aliasing
-        "AL01": "aliasing.table", "AL02": "aliasing.column", "AL03": "aliasing.expression",
-        "AL04": "aliasing.unique.table", "AL05": "aliasing.unused", "AL06": "aliasing.length",
-        "AL07": "aliasing.forbid", "AL08": "aliasing.unique.column", "AL09": "aliasing.self_alias",
-        # Ambiguous
-        "AM01": "ambiguous.distinct", "AM02": "ambiguous.union", "AM03": "ambiguous.order_by",
-        "AM04": "ambiguous.column_count", "AM05": "ambiguous.join",
-        "AM06": "ambiguous.column_references", "AM07": "ambiguous.set_columns",
-        "AM08": "ambiguous.union_type",
-        # Capitalisation
-        "CP01": "capitalisation.keywords", "CP02": "capitalisation.identifiers",
-        "CP03": "capitalisation.functions", "CP04": "capitalisation.literals",
-        "CP05": "capitalisation.types",
-        # Convention
-        "CV01": "convention.not_equal", "CV02": "convention.coalesce",
-        "CV03": "convention.select_trailing_comma", "CV04": "convention.count_rows",
-        "CV05": "convention.is_null", "CV06": "convention.terminator",
-        "CV07": "convention.statement_brackets", "CV08": "convention.left_join",
-        "CV09": "convention.blocked_words", "CV10": "convention.quoted_literals",
-        "CV11": "convention.casting_style", "CV12": "convention.semicolon",
-        # Jinja
-        "JJ01": "jinja.padding",
-        # Layout
-        "LT01": "layout.spacing", "LT02": "layout.indent", "LT03": "layout.operators",
-        "LT04": "layout.commas", "LT05": "layout.long_lines", "LT06": "layout.functions",
-        "LT07": "layout.cte_bracket", "LT08": "layout.cte_newline",
-        "LT09": "layout.select_targets", "LT10": "layout.select_modifiers",
-        "LT11": "layout.set_operators", "LT12": "layout.end-of-file",
-        "LT13": "layout.start_of_file", "LT14": "layout.one_line", "LT15": "layout.newlines",
-        # References
-        "RF01": "references.from", "RF02": "references.qualification",
-        "RF03": "references.consistent", "RF04": "references.keywords",
-        "RF05": "references.special_chars", "RF06": "references.quoting",
-        # Structure
-        "ST01": "structure.else_null", "ST02": "structure.simple_case",
-        "ST03": "structure.unused_cte", "ST04": "structure.nested_case",
-        "ST05": "structure.subquery", "ST06": "structure.column_order",
-        "ST07": "structure.using", "ST08": "structure.distinct",
-        "ST09": "structure.join_condition_order", "ST10": "structure.cte_definition_order",
-        "ST11": "structure.test_query",
-    }
-
-    # Core sub-keys that map to specific INI sections.
-    CORE_SECTION_MAP: dict[str, str] = {
-        "sqlfluff": "sqlfluff",
-        "dbt": "sqlfluff:templater:dbt",
-        "jinja": "sqlfluff:templater:jinja",
-        "templater": "sqlfluff:templater",
-    }
-    
     def __init__(self, snowflake_service: SnowflakeService, project_dir: Path):
         self.sf = snowflake_service
         self.project_dir = project_dir
-
-    # Options to strip from specific core sections (not valid sqlfluff config keys).
-    CORE_STRIP_OPTIONS: dict[str, set[str]] = {
-        "dbt": {"dbt_skip_compilation_error"},
-    }
-
-    @staticmethod
-    def _format_value(val) -> str:
-        """Format a JSON value for sqlfluff INI output."""
-        if isinstance(val, bool):
-            return str(val)
-        if isinstance(val, list):
-            if not val:
-                return "None"
-            return ", ".join(str(v) for v in val)
-        if val is None or val == "":
-            return "None"
-        return str(val)
-
-    @staticmethod
-    def _emit_section(lines: list[str], header: str, options: dict) -> None:
-        """Append an INI section with its options to lines."""
-        lines.append(f"[{header}]")
-        for key, val in options.items():
-            lines.append(f"{key} = {DownloadService._format_value(val)}")
-        lines.append("")
     
     def download_sqlfluff_config(self, profiles_dir: str = None, dbt_project_dir: Path = None) -> bool:
         info_line("Downloading SQLFluff configuration...")
-        raw = self.sf.get_framework_config("SQLFLUFF_RULES")
-        if not raw:
+        content = self.sf.get_sqlfluff_config_file()
+        if not content:
             error_line("No SQLFluff configuration found in native app")
             return False
-        
-        lines: list[str] = []
 
-        # --- Core sections ([sqlfluff], [sqlfluff:templater:dbt], etc.) ---
-        core = raw.get("core", {})
-        for key, section_header in self.CORE_SECTION_MAP.items():
-            entry = core.get(key)
-            if not isinstance(entry, dict) or not entry.get("enabled", True):
-                continue
-            opts = dict(entry.get("options", {}))
-            # Strip options that are not valid sqlfluff config keys
-            for strip_key in self.CORE_STRIP_OPTIONS.get(key, set()):
-                opts.pop(strip_key, None)
-            if key == "dbt":
-                # Override profiles_dir / project_dir with local values
-                opts["project_dir"] = "."
-                if profiles_dir:
-                    opts["profiles_dir"] = profiles_dir
-                else:
-                    opts.pop("profiles_dir", None)
-            if opts:
-                self._emit_section(lines, section_header, opts)
+        # If profiles_dir is specified, ensure it's set in the [sqlfluff:templater:dbt] section
+        if profiles_dir and "[sqlfluff:templater:dbt]" in content:
+            import re
+            # Replace existing profiles_dir line if present, otherwise insert after header
+            if re.search(r"^profiles_dir\s*=.*$", content, re.MULTILINE):
+                content = re.sub(
+                    r"^profiles_dir\s*=.*$",
+                    f"profiles_dir = {profiles_dir}",
+                    content,
+                    count=1,
+                    flags=re.MULTILINE,
+                )
+            else:
+                content = content.replace(
+                    "[sqlfluff:templater:dbt]",
+                    f"[sqlfluff:templater:dbt]\nprofiles_dir = {profiles_dir}",
+                )
 
-        # --- Indentation ---
-        indentation = raw.get("indentation", {})
-        for _code, entry in indentation.items():
-            if isinstance(entry, dict) and entry.get("enabled", True):
-                opts = entry.get("options", {})
-                if opts:
-                    self._emit_section(lines, "sqlfluff:indentation", opts)
-
-        # --- Layout sections ([sqlfluff:layout:type:<code>]) ---
-        layout = raw.get("layout", {})
-        for code, entry in layout.items():
-            if not isinstance(entry, dict) or not entry.get("enabled", True):
-                continue
-            opts = entry.get("options", {})
-            if opts:
-                self._emit_section(lines, f"sqlfluff:layout:type:{code}", opts)
-
-        # --- Global rules ([sqlfluff:rules]) ---
-        rules = raw.get("rules", {})
-        for _code, entry in rules.items():
-            if isinstance(entry, dict) and entry.get("enabled", True):
-                opts = entry.get("options", {})
-                if opts:
-                    self._emit_section(lines, "sqlfluff:rules", opts)
-
-        # --- Rule bundle sections (rules_aliasing, rules_capitalisation, etc.) ---
-        for section_key, entries in raw.items():
-            if not section_key.startswith("rules_") or not isinstance(entries, dict):
-                continue
-            for code, entry in entries.items():
-                if not isinstance(entry, dict) or not entry.get("enabled", True):
-                    continue
-                section_name = self.RULE_SECTION_MAP.get(code)
-                if not section_name:
-                    continue
-                opts = dict(entry.get("options", {}))
-                # For aliasing.length, 0 means "no limit" which sqlfluff expects as None
-                if section_name == "aliasing.length":
-                    for len_key in ("min_alias_length", "max_alias_length"):
-                        if len_key in opts and opts[len_key] == 0:
-                            opts[len_key] = None
-                self._emit_section(lines, f"sqlfluff:rules:{section_name}", opts)
-
-        content = "\n".join(lines)
         dest = (dbt_project_dir or self.project_dir) / ".sqlfluff"
         write_file(dest, content)
         success_line(f"SQLFluff config written to {dest}")
@@ -279,7 +177,8 @@ class DownloadService:
         success_line(f"Downloaded {count} script(s) to {scripts_dir}")
         return True
 
-    def download_dbt_packages(self, dbt_project_dir: Path, profile: ProjectProfile = None) -> bool:
+    def download_dbt_packages(self, dbt_project_dir: Path, profile: ProjectProfile = None,
+                              all_profiles: list[ProjectProfile] = None) -> bool:
         info_line("Downloading dbt package versions...")
         raw = self.sf.get_framework_config("DBT_PACKAGES")
         if not raw:
@@ -287,6 +186,22 @@ class DownloadService:
             return False
         
         packages = raw.get("packages", [])
+
+        # Filter to only packages enabled on the active profile
+        if profile and profile.dbt_packages:
+            enabled = set(profile.dbt_packages)
+
+            # Exclude packages already provided by upstream projects
+            if profile.upstream_projects and all_profiles:
+                profile_map = {p.profile_name: p for p in all_profiles}
+                upstream_pkgs = _collect_upstream_packages(
+                    profile.upstream_projects, profile_map
+                )
+                enabled -= upstream_pkgs
+
+            packages = [p for p in packages if p.get("name") in enabled]
+            info_line(f"  Filtered to {len(packages)} package(s) for profile '{profile.profile_name}'")
+
         pkg_list = []
         for pkg in packages:
             source = pkg.get("source", "git")

{datasecops_cli-0.4.4 → datasecops_cli-0.4.6}/src/datasecops_cli/services/snowflake_service.py

@@ -81,3 +81,8 @@ class SnowflakeService:
 
     def get_support_contacts(self) -> list:
         return self.call_procedure("get_support_contacts") or []
+
+    def get_sqlfluff_config_file(self) -> str:
+        """Get the rendered .sqlfluff config INI text from the native app."""
+        result = self.call_procedure("get_sqlfluff_config_file")
+        return result if isinstance(result, str) else ""

{datasecops_cli-0.4.4 → datasecops_cli-0.4.6}/tests/test_main.py

@@ -5,6 +5,7 @@ from pathlib import Path
 
 from datasecops_cli.main import _build_parser, _run_download, DOWNLOAD_ITEMS
 from datasecops_cli.config import Config
+from datasecops_cli.models.project_config import ProjectProfile
 
 
 class TestBuildParser:
@@ -64,6 +65,11 @@ class TestRunDownload:
         config.project_dir = tmp_path
         config.dbt_project_dir = tmp_path
         config.profile_name = "test_profile"
+        config.profile = ProjectProfile(
+            profile_name="test_profile",
+            dbt_packages=["dbt_utils", "dbt_expectations"],
+        )
+        config.all_profiles = [config.profile]
         # source_control defaults to GitHub
         return config
 
@@ -119,7 +125,9 @@ class TestRunDownload:
                 _run_download(config, ["packages"])
 
             assert exc.value.code == 0
-            mock_ds.download_dbt_packages.assert_called_once_with(tmp_path)
+            mock_ds.download_dbt_packages.assert_called_once_with(
+                tmp_path, profile=config.profile, all_profiles=config.all_profiles
+            )
 
     @patch("datasecops_cli.main._connect_and_load")
     def test_download_macros(self, mock_connect, tmp_path):
@@ -300,3 +308,112 @@ class TestRunDownload:
                 _run_download(config, ["install-dbt"])
 
             assert exc.value.code == 1
+
+
+class TestDownloadPackageFiltering:
+    """Tests for dbt package filtering by profile."""
+
+    def test_download_dbt_packages_filters_by_profile(self, tmp_path):
+        """Only packages in profile.dbt_packages should appear in packages.yml."""
+        from datasecops_cli.services.download_service import DownloadService
+
+        mock_sf = MagicMock()
+        mock_sf.get_framework_config.return_value = {
+            "packages": [
+                {"name": "dbt_utils", "source": "git", "url": "https://github.com/dbt-labs/dbt-utils.git", "latest_version": "1.0.0"},
+                {"name": "dbt_expectations", "source": "git", "url": "https://github.com/calogica/dbt-expectations.git", "latest_version": "0.10.0"},
+                {"name": "dbt_constraints", "source": "git", "url": "https://github.com/Snowflake-Labs/dbt_constraints.git", "latest_version": "0.6.0"},
+            ]
+        }
+
+        profile = ProjectProfile(
+            profile_name="test",
+            dbt_packages=["dbt_utils", "dbt_expectations"],
+        )
+
+        service = DownloadService(mock_sf, tmp_path)
+        service.download_dbt_packages(tmp_path, profile=profile)
+
+        import yaml
+        result = yaml.safe_load((tmp_path / "packages.yml").read_text())
+        assert len(result["packages"]) == 2
+        urls = [p.get("git") for p in result["packages"]]
+        assert "https://github.com/dbt-labs/dbt-utils.git" in urls
+        assert "https://github.com/calogica/dbt-expectations.git" in urls
+        assert "https://github.com/Snowflake-Labs/dbt_constraints.git" not in urls
+
+    def test_download_dbt_packages_excludes_upstream(self, tmp_path):
+        """Packages provided by upstream projects should be excluded."""
+        from datasecops_cli.services.download_service import DownloadService
+
+        mock_sf = MagicMock()
+        mock_sf.get_framework_config.return_value = {
+            "packages": [
+                {"name": "dbt_utils", "source": "git", "url": "https://github.com/dbt-labs/dbt-utils.git", "latest_version": "1.0.0"},
+                {"name": "dbt_expectations", "source": "git", "url": "https://github.com/calogica/dbt-expectations.git", "latest_version": "0.10.0"},
+            ]
+        }
+
+        upstream_profile = ProjectProfile(
+            profile_name="upstream_project",
+            dbt_packages=["dbt_utils"],
+        )
+        profile = ProjectProfile(
+            profile_name="test",
+            dbt_packages=["dbt_utils", "dbt_expectations"],
+            upstream_projects=["upstream_project"],
+        )
+
+        service = DownloadService(mock_sf, tmp_path)
+        service.download_dbt_packages(tmp_path, profile=profile, all_profiles=[profile, upstream_profile])
+
+        import yaml
+        result = yaml.safe_load((tmp_path / "packages.yml").read_text())
+        # dbt_utils excluded (provided by upstream), only dbt_expectations + local upstream dep
+        git_packages = [p for p in result["packages"] if "git" in p]
+        local_packages = [p for p in result["packages"] if "local" in p]
+        assert len(git_packages) == 1
+        assert git_packages[0]["git"] == "https://github.com/calogica/dbt-expectations.git"
+        assert len(local_packages) == 1
+        assert local_packages[0]["local"] == "local_packages/upstream_project"
+
+    def test_download_dbt_packages_no_profile_downloads_all(self, tmp_path):
+        """When no profile is passed, all packages should be included."""
+        from datasecops_cli.services.download_service import DownloadService
+
+        mock_sf = MagicMock()
+        mock_sf.get_framework_config.return_value = {
+            "packages": [
+                {"name": "dbt_utils", "source": "git", "url": "https://github.com/dbt-labs/dbt-utils.git", "latest_version": "1.0.0"},
+                {"name": "dbt_expectations", "source": "git", "url": "https://github.com/calogica/dbt-expectations.git", "latest_version": "0.10.0"},
+                {"name": "dbt_constraints", "source": "git", "url": "https://github.com/Snowflake-Labs/dbt_constraints.git", "latest_version": "0.6.0"},
+            ]
+        }
+
+        service = DownloadService(mock_sf, tmp_path)
+        service.download_dbt_packages(tmp_path, profile=None)
+
+        import yaml
+        result = yaml.safe_load((tmp_path / "packages.yml").read_text())
+        assert len(result["packages"]) == 3
+
+    def test_download_dbt_packages_empty_dbt_packages_downloads_all(self, tmp_path):
+        """When profile.dbt_packages is empty, all packages should be included."""
+        from datasecops_cli.services.download_service import DownloadService
+
+        mock_sf = MagicMock()
+        mock_sf.get_framework_config.return_value = {
+            "packages": [
+                {"name": "dbt_utils", "source": "git", "url": "https://github.com/dbt-labs/dbt-utils.git", "latest_version": "1.0.0"},
+                {"name": "dbt_expectations", "source": "git", "url": "https://github.com/calogica/dbt-expectations.git", "latest_version": "0.10.0"},
+            ]
+        }
+
+        profile = ProjectProfile(profile_name="test", dbt_packages=[])
+
+        service = DownloadService(mock_sf, tmp_path)
+        service.download_dbt_packages(tmp_path, profile=profile)
+
+        import yaml
+        result = yaml.safe_load((tmp_path / "packages.yml").read_text())
+        assert len(result["packages"]) == 2

datasecops_cli-0.4.4/src/datasecops_cli/__init__.py

@@ -1 +0,0 @@
-__version__ = "0.4.4"