envrcctl 0.2.6__tar.gz → 0.2.8__tar.gz

{envrcctl-0.2.6 → envrcctl-0.2.8}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: envrcctl
-Version: 0.2.6
+Version: 0.2.8
 Summary: Manage .envrc with managed blocks and OS-backed secrets.
 Project-URL: Homepage, https://github.com/rioriost/envrcctl
 Project-URL: Issues, https://github.com/rioriost/envrcctl/issues

{envrcctl-0.2.6 → envrcctl-0.2.8}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "envrcctl"
-version = "0.2.6"
+version = "0.2.8"
 description = "Manage .envrc with managed blocks and OS-backed secrets."
 readme = { file = "README.md", content-type = "text/markdown" }
 license = "MIT"

{envrcctl-0.2.6 → envrcctl-0.2.8}/scripts/release_artifacts.py

@@ -70,6 +70,24 @@ def dependency_name(requirement: str) -> str:
     return normalize_package_name(base)
 
 
+def package_dependencies(block: str) -> list[str]:
+    deps_match = re.search(r"dependencies = \[(.*?)\]\n", block, re.DOTALL)
+    if not deps_match:
+        return []
+
+    dependencies: list[str] = []
+    for match in re.finditer(r'\{ name = "([^"]+)"(?:, marker = "([^"]+)")?', deps_match.group(1)):
+        name = normalize_package_name(match.group(1))
+        marker = match.group(2)
+        if marker and "win32" in marker.lower():
+            continue
+        if marker and "windows" in marker.lower():
+            continue
+        dependencies.append(name)
+
+    return dependencies
+
+
 def uv_lock_package_block(lock_text: str, package_name: str) -> str:
     normalized = normalize_package_name(package_name)
     current: list[str] = []
@@ -111,10 +129,24 @@ def extract_sdist_url_and_sha(block: str, package_name: str) -> tuple[str, str]:
 
 def dependency_resource_specs(repo_root: Path) -> list[tuple[str, str, str]]:
     lock_text = (repo_root / "uv.lock").read_text(encoding="utf-8")
-    specs: list[tuple[str, str, str]] = []
+    ordered_names: list[str] = []
+    seen: set[str] = set()
+    queue = [dependency_name(req) for req in project_dependencies(repo_root / "pyproject.toml")]
+
+    while queue:
+        package_name = normalize_package_name(queue.pop(0))
+        if package_name in seen:
+            continue
+        seen.add(package_name)
+        ordered_names.append(package_name)
 
-    for requirement in project_dependencies(repo_root / "pyproject.toml"):
-        package_name = dependency_name(requirement)
+        block = uv_lock_package_block(lock_text, package_name)
+        for dependency in package_dependencies(block):
+            if dependency not in seen and dependency not in queue:
+                queue.append(dependency)
+
+    specs: list[tuple[str, str, str]] = []
+    for package_name in ordered_names:
         block = uv_lock_package_block(lock_text, package_name)
         url, sha256 = extract_sdist_url_and_sha(block, package_name)
         specs.append((package_name, url, sha256))

{envrcctl-0.2.6 → envrcctl-0.2.8}/src/envrcctl/auth.py

@@ -1,6 +1,7 @@
 from __future__ import annotations
 
 import os
+import shutil
 import subprocess
 import sys
 from pathlib import Path
@@ -19,6 +20,11 @@ def _helper_path() -> Path:
     configured = os.getenv(_HELPER_ENV_VAR)
     if configured:
         return Path(configured).expanduser()
+
+    helper_on_path = shutil.which(_DEFAULT_HELPER_BASENAME)
+    if helper_on_path:
+        return Path(helper_on_path)
+
     return _default_helper_path()
 
 

{envrcctl-0.2.6 → envrcctl-0.2.8}/src/envrcctl/keychain.py

@@ -2,6 +2,7 @@ from __future__ import annotations
 
 import json
 import os
+import shutil
 from pathlib import Path
 from typing import List
 
@@ -20,6 +21,11 @@ class KeychainBackend(SecretBackend):
         configured = os.getenv(self.HELPER_ENV_VAR)
         if configured:
             return Path(configured).expanduser()
+
+        on_path = shutil.which(self.DEFAULT_HELPER_BASENAME)
+        if on_path:
+            return Path(on_path)
+
         return Path(__file__).resolve().parent / self.DEFAULT_HELPER_BASENAME
 
     def _ensure_helper_ready(self, helper_path: Path) -> None:
@@ -30,19 +36,16 @@ class KeychainBackend(SecretBackend):
             )
         if not helper_path.is_file():
             raise EnvrcctlError(
-                "macOS authentication helper path is invalid. "
-                "Expected an executable file."
+                "macOS authentication helper path is invalid. Expected an executable file."
             )
         if not os.access(helper_path, os.X_OK):
             raise EnvrcctlError(
-                "macOS authentication helper is not executable. "
-                "Fix permissions and retry."
+                "macOS authentication helper is not executable. Fix permissions and retry."
             )
 
     def _build_auth_reason(self, action: str, ref: SecretRef) -> str:
         return (
-            f"envrcctl needs device owner authentication to {action} "
-            f"the secret for {ref.account}."
+            f"envrcctl needs device owner authentication to {action} the secret for {ref.account}."
         )
 
     def _run_auth_helper(self, args: list[str], input_text: str | None = None) -> str:
@@ -85,9 +88,7 @@ class KeychainBackend(SecretBackend):
             seen_refs.add(key)
             unique_refs.append(ref)
 
-        items = [
-            {"service": ref.service, "account": ref.account} for ref in unique_refs
-        ]
+        items = [{"service": ref.service, "account": ref.account} for ref in unique_refs]
         payload = json.dumps({"items": items})
 
         output = self._run_auth_helper(
@@ -108,22 +109,16 @@ class KeychainBackend(SecretBackend):
         try:
             decoded = json.loads(output)
         except json.JSONDecodeError as exc:
-            raise EnvrcctlError(
-                "Authenticated Keychain helper returned invalid JSON."
-            ) from exc
+            raise EnvrcctlError("Authenticated Keychain helper returned invalid JSON.") from exc
 
         raw_items = decoded.get("items")
         if not isinstance(raw_items, list):
-            raise EnvrcctlError(
-                "Authenticated Keychain helper returned an invalid response."
-            )
+            raise EnvrcctlError("Authenticated Keychain helper returned an invalid response.")
 
         values: dict[tuple[str, str], str] = {}
         for item in raw_items:
             if not isinstance(item, dict):
-                raise EnvrcctlError(
-                    "Authenticated Keychain helper returned an invalid item."
-                )
+                raise EnvrcctlError("Authenticated Keychain helper returned an invalid item.")
             service = item.get("service")
             account = item.get("account")
             value = item.get("value")
@@ -132,9 +127,7 @@ class KeychainBackend(SecretBackend):
                     "Authenticated Keychain helper returned an invalid item payload."
                 )
             if not isinstance(value, str):
-                raise EnvrcctlError(
-                    "Authenticated Keychain helper response is missing a value."
-                )
+                raise EnvrcctlError("Authenticated Keychain helper response is missing a value.")
             key = (service, account)
             if key in values:
                 raise EnvrcctlError(
@@ -145,12 +138,9 @@ class KeychainBackend(SecretBackend):
         expected = {(ref.service, ref.account) for ref in unique_refs}
         missing = expected - set(values.keys())
         if missing:
-            missing_list = ", ".join(
-                f"{service}/{account}" for service, account in sorted(missing)
-            )
+            missing_list = ", ".join(f"{service}/{account}" for service, account in sorted(missing))
             raise EnvrcctlError(
-                "Authenticated Keychain helper response is missing secrets: "
-                f"{missing_list}"
+                f"Authenticated Keychain helper response is missing secrets: {missing_list}"
             )
 
         return values