dhub-cli 0.1.0__py3-none-any.whl

dhub/__init__.py

@@ -0,0 +1 @@
+

dhub/cli/__init__.py

@@ -0,0 +1 @@
+

dhub/cli/app.py

@@ -0,0 +1,35 @@
+"""Main Typer app with subcommand registration."""
+
+import typer
+
+app = typer.Typer(
+    name="dhub",
+    help="Decision Hub - The package manager for AI agent skills",
+    no_args_is_help=True,
+)
+
+# Register top-level commands
+from dhub.cli.auth import login_command  # noqa: E402
+from dhub.cli.registry import delete_command, install_command, list_command, publish_command  # noqa: E402
+from dhub.cli.runtime import run_command  # noqa: E402
+from dhub.cli.search import ask_command  # noqa: E402
+
+app.command("login")(login_command)
+app.command("publish")(publish_command)
+app.command("install")(install_command)
+app.command("list")(list_command)
+app.command("delete")(delete_command)
+app.command("run")(run_command)
+app.command("ask")(ask_command)
+
+# Register subcommand groups
+from dhub.cli.keys import keys_app  # noqa: E402
+from dhub.cli.org import org_app  # noqa: E402
+
+app.add_typer(org_app, name="org")
+app.add_typer(keys_app, name="keys")
+
+
+def run() -> None:
+    """Entry point for the dhub CLI."""
+    app()

dhub/cli/auth.py

@@ -0,0 +1,93 @@
+"""Login via GitHub Device Flow."""
+
+import time
+
+import httpx
+import typer
+from rich.console import Console
+from rich.panel import Panel
+
+console = Console()
+
+
+def login_command(
+    api_url: str = typer.Option(None, "--api-url", help="API URL override"),
+) -> None:
+    """Authenticate with Decision Hub via GitHub."""
+    from dhub.cli.config import CliConfig, get_api_url, save_config
+
+    base_url = api_url or get_api_url()
+
+    # Step 1: Request a device code from the API
+    with httpx.Client() as client:
+        resp = client.post(f"{base_url}/auth/github/code")
+        resp.raise_for_status()
+        data = resp.json()
+
+    device_code: str = data["device_code"]
+    user_code: str = data["user_code"]
+    verification_uri: str = data["verification_uri"]
+    poll_interval: int = data.get("interval", 5)
+
+    # Step 2: Show the user code and URL
+    console.print(
+        Panel(
+            f"Open [bold blue]{verification_uri}[/] and enter code: "
+            f"[bold green]{user_code}[/]",
+            title="GitHub Login",
+        )
+    )
+    console.print("Waiting for authorization...")
+
+    # Step 3: Poll for the token until the user completes the flow
+    token_data = _poll_for_token(base_url, device_code, poll_interval)
+
+    # Step 4: Persist the token
+    new_config = CliConfig(api_url=base_url, token=token_data["access_token"])
+    save_config(new_config)
+
+    console.print(f"[green]Authenticated as @{token_data['username']}[/]")
+
+
+def _poll_for_token(
+    base_url: str,
+    device_code: str,
+    interval: int,
+    timeout_seconds: int = 300,
+) -> dict:
+    """Poll the token endpoint until authorization succeeds or times out.
+
+    Args:
+        base_url: API base URL.
+        device_code: The device code returned from the code request.
+        interval: Seconds to wait between poll attempts.
+        timeout_seconds: Maximum total seconds to wait before giving up.
+
+    Returns:
+        Parsed JSON response containing 'access_token' and 'username'.
+
+    Raises:
+        typer.Exit: If the flow times out or the server rejects the request.
+    """
+    deadline = time.monotonic() + timeout_seconds
+
+    with httpx.Client(timeout=30) as client:
+        while time.monotonic() < deadline:
+            resp = client.post(
+                f"{base_url}/auth/github/token",
+                json={"device_code": device_code},
+            )
+
+            if resp.status_code == 200:
+                return resp.json()
+
+            # 428 means "authorization_pending" -- keep polling
+            if resp.status_code == 428:
+                time.sleep(interval)
+                continue
+
+            # Any other error is fatal
+            resp.raise_for_status()
+
+    console.print("[red]Error: Login timed out. Please try again.[/]")
+    raise typer.Exit(1)

dhub/cli/config.py

@@ -0,0 +1,74 @@
+"""CLI configuration file management for ~/.dhub/config.json."""
+
+import json
+import os
+from dataclasses import asdict, dataclass
+from pathlib import Path
+
+import typer
+
+CONFIG_DIR = Path.home() / ".dhub"
+CONFIG_FILE = CONFIG_DIR / "config.json"
+DEFAULT_API_URL = "https://decision-hub--api.modal.run"
+
+
+@dataclass(frozen=True)
+class CliConfig:
+    """Immutable CLI configuration."""
+
+    api_url: str = DEFAULT_API_URL
+    token: str | None = None
+
+
+def load_config() -> CliConfig:
+    """Load CLI config from ~/.dhub/config.json.
+
+    Returns defaults if the file does not exist or contains
+    incomplete data.
+    """
+    if not CONFIG_FILE.exists():
+        return CliConfig()
+
+    raw = json.loads(CONFIG_FILE.read_text(encoding="utf-8"))
+    return CliConfig(
+        api_url=raw.get("api_url", DEFAULT_API_URL),
+        token=raw.get("token"),
+    )
+
+
+def save_config(config: CliConfig) -> None:
+    """Save CLI config to ~/.dhub/config.json.
+
+    Creates the ~/.dhub directory if it does not already exist.
+    """
+    CONFIG_DIR.mkdir(parents=True, exist_ok=True)
+    CONFIG_FILE.write_text(
+        json.dumps(asdict(config), indent=2) + "\n",
+        encoding="utf-8",
+    )
+
+
+def get_api_url() -> str:
+    """Get API URL from the DHUB_API_URL env var, falling back to saved config."""
+    env_url = os.environ.get("DHUB_API_URL")
+    if env_url:
+        return env_url
+    return load_config().api_url
+
+
+def get_token() -> str:
+    """Get the stored auth token.
+
+    Raises:
+        typer.Exit: If no token is stored (user not logged in).
+    """
+    from rich.console import Console
+
+    token = load_config().token
+    if not token:
+        console = Console(stderr=True)
+        console.print(
+            "[red]Error: Not logged in. Run [bold]dhub login[/bold] first.[/]"
+        )
+        raise typer.Exit(1)
+    return token

dhub/cli/keys.py

@@ -0,0 +1,96 @@
+"""API key management commands."""
+
+import httpx
+import typer
+from rich.console import Console
+from rich.table import Table
+
+console = Console()
+keys_app = typer.Typer(help="Manage API keys for agent evals", no_args_is_help=True)
+
+
+def _headers() -> dict[str, str]:
+    """Build authorization headers using the stored token."""
+    from dhub.cli.config import get_token
+
+    return {"Authorization": f"Bearer {get_token()}"}
+
+
+def _api_url() -> str:
+    """Retrieve the configured API URL."""
+    from dhub.cli.config import get_api_url
+
+    return get_api_url()
+
+
+@keys_app.command("add")
+def add_key(
+    key_name: str = typer.Argument(help="Name for the API key"),
+) -> None:
+    """Add an API key (prompts for the value securely)."""
+    key_value = typer.prompt("Enter API key value", hide_input=True)
+
+    if not key_value.strip():
+        console.print("[red]Error: Key value cannot be empty.[/]")
+        raise typer.Exit(1)
+
+    with httpx.Client() as client:
+        resp = client.post(
+            f"{_api_url()}/v1/keys",
+            headers=_headers(),
+            json={"key_name": key_name, "value": key_value},
+        )
+        if resp.status_code == 409:
+            console.print(
+                f"[red]Error: Key '{key_name}' already exists. "
+                "Remove it first with [bold]dhub keys remove[/bold].[/]"
+            )
+            raise typer.Exit(1)
+        resp.raise_for_status()
+
+    console.print(f"[green]Added key: {key_name}[/]")
+
+
+@keys_app.command("list")
+def list_keys() -> None:
+    """List stored API key names."""
+    with httpx.Client() as client:
+        resp = client.get(
+            f"{_api_url()}/v1/keys",
+            headers=_headers(),
+        )
+        resp.raise_for_status()
+        keys = resp.json()
+
+    if not keys:
+        console.print("No API keys stored.")
+        return
+
+    table = Table(title="API Keys")
+    table.add_column("Name", style="cyan")
+    table.add_column("Created", style="dim")
+
+    for key in keys:
+        table.add_row(key.get("key_name", ""), key.get("created_at", ""))
+
+    console.print(table)
+
+
+@keys_app.command("remove")
+def remove_key(
+    key_name: str = typer.Argument(help="Name of the API key to remove"),
+) -> None:
+    """Remove a stored API key."""
+    with httpx.Client() as client:
+        resp = client.delete(
+            f"{_api_url()}/v1/keys/{key_name}",
+            headers=_headers(),
+        )
+        if resp.status_code == 404:
+            console.print(
+                f"[red]Error: Key '{key_name}' not found.[/]"
+            )
+            raise typer.Exit(1)
+        resp.raise_for_status()
+
+    console.print(f"[green]Removed key: {key_name}[/]")

dhub/cli/org.py

@@ -0,0 +1,125 @@
+"""Organization management commands."""
+
+import httpx
+import typer
+from rich.console import Console
+from rich.table import Table
+
+console = Console()
+org_app = typer.Typer(help="Manage organizations", no_args_is_help=True)
+
+
+def _headers() -> dict[str, str]:
+    """Build authorization headers using the stored token."""
+    from dhub.cli.config import get_token
+
+    return {"Authorization": f"Bearer {get_token()}"}
+
+
+def _api_url() -> str:
+    """Retrieve the configured API URL."""
+    from dhub.cli.config import get_api_url
+
+    return get_api_url()
+
+
+@org_app.command("create")
+def create_org(slug: str = typer.Argument(help="Organization slug")) -> None:
+    """Create a new organization."""
+    with httpx.Client() as client:
+        resp = client.post(
+            f"{_api_url()}/v1/orgs",
+            headers=_headers(),
+            json={"slug": slug},
+        )
+        if resp.status_code == 409:
+            console.print(
+                f"[red]Error: Organization '{slug}' already exists.[/]"
+            )
+            raise typer.Exit(1)
+        resp.raise_for_status()
+        data = resp.json()
+
+    console.print(f"[green]Created organization: {data['slug']}[/]")
+
+
+@org_app.command("list")
+def list_orgs() -> None:
+    """List organizations you belong to."""
+    with httpx.Client() as client:
+        resp = client.get(
+            f"{_api_url()}/v1/orgs",
+            headers=_headers(),
+        )
+        resp.raise_for_status()
+        orgs = resp.json()
+
+    if not orgs:
+        console.print("You are not a member of any organizations.")
+        return
+
+    table = Table(title="Organizations")
+    table.add_column("Slug", style="cyan")
+    table.add_column("Role", style="green")
+
+    for org in orgs:
+        table.add_row(org.get("slug", ""), org.get("role", ""))
+
+    console.print(table)
+
+
+@org_app.command("invite")
+def invite_member(
+    org: str = typer.Argument(help="Organization slug"),
+    user: str = typer.Option(..., "--user", help="GitHub username to invite"),
+    role: str = typer.Option(
+        "member", "--role", help="Role: owner, admin, or member"
+    ),
+) -> None:
+    """Invite a user to an organization."""
+    with httpx.Client() as client:
+        resp = client.post(
+            f"{_api_url()}/v1/orgs/{org}/invites",
+            headers=_headers(),
+            json={"invitee_github_username": user, "role": role},
+        )
+        if resp.status_code == 404:
+            console.print(
+                f"[red]Error: Organization '{org}' not found.[/]"
+            )
+            raise typer.Exit(1)
+        if resp.status_code == 403:
+            console.print(
+                "[red]Error: You do not have permission to invite members.[/]"
+            )
+            raise typer.Exit(1)
+        resp.raise_for_status()
+        data = resp.json()
+
+    console.print(
+        f"[green]Invited @{user} to '{org}' as {role}. "
+        f"Invite ID: {data['id']}[/]"
+    )
+
+
+@org_app.command("accept")
+def accept_invite(
+    invite_id: str = typer.Argument(help="Invite ID to accept"),
+) -> None:
+    """Accept an organization invite."""
+    with httpx.Client() as client:
+        resp = client.post(
+            f"{_api_url()}/v1/invites/{invite_id}/accept",
+            headers=_headers(),
+        )
+        if resp.status_code == 404:
+            console.print(
+                f"[red]Error: Invite '{invite_id}' not found.[/]"
+            )
+            raise typer.Exit(1)
+        resp.raise_for_status()
+        data = resp.json()
+
+    console.print(
+        f"[green]Accepted invite. You are now a member of '{data['org_slug']}'.[/]"
+    )

dhub/cli/registry.py

@@ -0,0 +1,254 @@
+"""Publish, install, list, and delete commands for the skill registry."""
+
+import io
+import json
+import zipfile
+from pathlib import Path
+
+import httpx
+import typer
+from rich.console import Console
+from rich.table import Table
+
+console = Console()
+
+
+def publish_command(
+    path: Path = typer.Argument(
+        Path("."), help="Path to the skill directory"
+    ),
+    org: str = typer.Option(..., "--org", help="Organization slug"),
+    name: str = typer.Option(..., "--name", help="Skill name"),
+    version: str = typer.Option(..., "--version", help="Semver version"),
+) -> None:
+    """Publish a skill to the registry."""
+    from dhub.cli.config import get_api_url, get_token
+    from dhub.core.validation import validate_semver, validate_skill_name
+
+    # Validate inputs before doing any I/O
+    validate_skill_name(name)
+    validate_semver(version)
+
+    # Verify the directory contains a SKILL.md manifest
+    skill_md = path / "SKILL.md"
+    if not skill_md.exists():
+        console.print(
+            "[red]Error: SKILL.md not found in the specified directory.[/]"
+        )
+        raise typer.Exit(1)
+
+    # Package the directory into a zip archive
+    console.print(f"Packaging skill from [cyan]{path.resolve()}[/]...")
+    zip_data = _create_zip(path)
+
+    # Upload to the registry
+    console.print("Uploading...")
+    metadata = json.dumps(
+        {"org_slug": org, "skill_name": name, "version": version}
+    )
+
+    with httpx.Client(timeout=60) as client:
+        resp = client.post(
+            f"{get_api_url()}/v1/publish",
+            headers={"Authorization": f"Bearer {get_token()}"},
+            files={"zip_file": ("skill.zip", zip_data, "application/zip")},
+            data={"metadata": metadata},
+        )
+        if resp.status_code == 409:
+            console.print(
+                f"[red]Error: Version {version} already exists for "
+                f"{org}/{name}.[/]"
+            )
+            raise typer.Exit(1)
+        resp.raise_for_status()
+
+    console.print(f"[green]Published: {org}/{name}@{version}[/]")
+
+
+def _create_zip(path: Path) -> bytes:
+    """Create an in-memory zip archive of a directory.
+
+    Skips hidden files (names starting with '.') and __pycache__
+    directories.
+
+    Args:
+        path: Root directory to archive.
+
+    Returns:
+        Raw bytes of the zip file.
+    """
+    buf = io.BytesIO()
+    with zipfile.ZipFile(buf, "w", zipfile.ZIP_DEFLATED) as zf:
+        for file in sorted(path.rglob("*")):
+            if not file.is_file():
+                continue
+            # Skip hidden files and __pycache__
+            relative = file.relative_to(path)
+            parts = relative.parts
+            if any(part.startswith(".") or part == "__pycache__" for part in parts):
+                continue
+            zf.write(file, relative)
+    return buf.getvalue()
+
+
+def list_command() -> None:
+    """List all published skills on the registry."""
+    from dhub.cli.config import get_api_url
+
+    api_url = get_api_url()
+
+    with httpx.Client(timeout=30) as client:
+        resp = client.get(f"{api_url}/v1/skills")
+        resp.raise_for_status()
+        skills = resp.json()
+
+    console.print(f"Registry: [dim]{api_url}[/]")
+
+    if not skills:
+        console.print("No skills published yet.")
+        return
+
+    table = Table(title="Published Skills")
+    table.add_column("Org", style="cyan")
+    table.add_column("Skill", style="green")
+    table.add_column("Version")
+    table.add_column("Updated")
+    table.add_column("Safety")
+    table.add_column("Author")
+    table.add_column("Description")
+
+    for s in skills:
+        table.add_row(
+            s["org_slug"],
+            s["skill_name"],
+            s["latest_version"],
+            s.get("updated_at", ""),
+            s.get("safety_rating", ""),
+            s.get("author", ""),
+            s.get("description", ""),
+        )
+
+    console.print(table)
+
+
+def delete_command(
+    skill_ref: str = typer.Argument(help="Skill reference: org/skill"),
+    version: str = typer.Option(..., "--version", "-v", help="Version to delete"),
+) -> None:
+    """Delete a published skill version from the registry."""
+    from dhub.cli.config import get_api_url, get_token
+
+    parts = skill_ref.split("/", 1)
+    if len(parts) != 2:
+        console.print(
+            "[red]Error: Skill reference must be in org/skill format.[/]"
+        )
+        raise typer.Exit(1)
+    org_slug, skill_name = parts
+
+    with httpx.Client(timeout=60) as client:
+        resp = client.delete(
+            f"{get_api_url()}/v1/skills/{org_slug}/{skill_name}/{version}",
+            headers={"Authorization": f"Bearer {get_token()}"},
+        )
+        if resp.status_code == 404:
+            console.print(
+                f"[red]Error: Version {version} not found for "
+                f"{org_slug}/{skill_name}.[/]"
+            )
+            raise typer.Exit(1)
+        if resp.status_code == 403:
+            console.print(
+                "[red]Error: You don't have permission to delete this version.[/]"
+            )
+            raise typer.Exit(1)
+        resp.raise_for_status()
+
+    console.print(f"[green]Deleted: {org_slug}/{skill_name}@{version}[/]")
+
+
+def install_command(
+    skill_ref: str = typer.Argument(help="Skill reference: org/skill"),
+    version: str = typer.Option(
+        "latest", "--version", "-v", help="Version spec"
+    ),
+    agent: str = typer.Option(
+        None, "--agent", help="Target agent (claude, cursor, etc.) or 'all'"
+    ),
+) -> None:
+    """Install a skill from the registry."""
+    from dhub.cli.config import get_api_url, get_token
+    from dhub.core.install import (
+        get_dhub_skill_path,
+        link_skill_to_agent,
+        link_skill_to_all_agents,
+        verify_checksum,
+    )
+
+    # Parse skill reference
+    parts = skill_ref.split("/", 1)
+    if len(parts) != 2:
+        console.print(
+            "[red]Error: Skill reference must be in org/skill format.[/]"
+        )
+        raise typer.Exit(1)
+    org_slug, skill_name = parts
+
+    headers = {"Authorization": f"Bearer {get_token()}"}
+    base_url = get_api_url()
+
+    # Resolve the version to a concrete download URL and checksum
+    console.print(f"Resolving {org_slug}/{skill_name}@{version}...")
+    with httpx.Client() as client:
+        resp = client.get(
+            f"{base_url}/v1/resolve/{org_slug}/{skill_name}",
+            params={"spec": version},
+            headers=headers,
+        )
+        if resp.status_code == 404:
+            console.print(
+                f"[red]Error: Skill '{skill_ref}' not found.[/]"
+            )
+            raise typer.Exit(1)
+        resp.raise_for_status()
+        data = resp.json()
+
+    resolved_version: str = data["version"]
+    download_url: str = data["download_url"]
+    expected_checksum: str = data["checksum"]
+
+    # Download the zip
+    console.print(f"Downloading {org_slug}/{skill_name}@{resolved_version}...")
+    with httpx.Client() as client:
+        resp = client.get(download_url)
+        resp.raise_for_status()
+        zip_data = resp.content
+
+    # Verify integrity
+    console.print("Verifying checksum...")
+    verify_checksum(zip_data, expected_checksum)
+
+    # Extract to the canonical skill path
+    skill_path = get_dhub_skill_path(org_slug, skill_name)
+    skill_path.mkdir(parents=True, exist_ok=True)
+
+    with zipfile.ZipFile(io.BytesIO(zip_data)) as zf:
+        zf.extractall(skill_path)
+
+    console.print(
+        f"[green]Installed {org_slug}/{skill_name}@{resolved_version} "
+        f"to {skill_path}[/]"
+    )
+
+    # Create agent symlinks
+    if agent:
+        if agent == "all":
+            linked = link_skill_to_all_agents(org_slug, skill_name)
+            console.print(
+                f"[green]Linked to agents: {', '.join(linked)}[/]"
+            )
+        else:
+            link_path = link_skill_to_agent(org_slug, skill_name, agent)
+            console.print(
+                f"[green]Linked to {agent} at {link_path}[/]"
+            )