exosphere-cli 2.2.0__tar.gz → 2.4.0__tar.gz

{exosphere_cli-2.2.0 → exosphere_cli-2.4.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: exosphere-cli
-Version: 2.2.0
+Version: 2.4.0
 Summary: CLI/TUI driven patch reporting for remote Unix-like systems.
 Author: Alexandre Gauthier
 Author-email: Alexandre Gauthier <alex@underwares.org>
@@ -30,8 +30,8 @@ Requires-Dist: rich>=14.1.0
 Requires-Dist: textual-serve>=1.1.3 ; extra == 'web'
 Requires-Python: >=3.13
 Project-URL: homepage, https://exosphere.readthedocs.io
-Project-URL: issues, https://github.com/mrdaemon/exosphere/issues
 Project-URL: repository, https://github.com/mrdaemon/exosphere
+Project-URL: issues, https://github.com/mrdaemon/exosphere/issues
 Provides-Extra: web
 Description-Content-Type: text/markdown
 
@@ -70,6 +70,7 @@ or see [the documentation](https://exosphere.readthedocs.io/en/stable/) to get s
 - See everything in one spot, at a glance, without complex automation or enterprise
   solutions
 - Does not require Python (or anything else) to be installed on remote systems
+- Parallel operations across hosts with optional SSH pipelining
 - Document based reporting in HTML, text or markdown format
 - JSON output for integration with other tools
 

{exosphere_cli-2.2.0 → exosphere_cli-2.4.0}/README.md

@@ -33,6 +33,7 @@ or see [the documentation](https://exosphere.readthedocs.io/en/stable/) to get s
 - See everything in one spot, at a glance, without complex automation or enterprise
   solutions
 - Does not require Python (or anything else) to be installed on remote systems
+- Parallel operations across hosts with optional SSH pipelining
 - Document based reporting in HTML, text or markdown format
 - JSON output for integration with other tools
 

{exosphere_cli-2.2.0 → exosphere_cli-2.4.0}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "exosphere-cli"
-version = "2.2.0"
+version = "2.4.0"
 description = "CLI/TUI driven patch reporting for remote Unix-like systems."
 readme = "README.md"
 authors = [
@@ -50,7 +50,7 @@ dev = [
     "pytest-json-ctrf>=0.3.5",
     "pytest-mock>=3.14.1",
     "renku-sphinx-theme>=0.5.0",
-    "ruff>=0.11.5",
+    "ruff>=0.15.0",
     "sphinx>=8.2.3,<9.0",
     "sphinx-autobuild>=2024.10.3",
     "sphinx-lint>=1.0.0",
@@ -74,7 +74,7 @@ issues = "https://github.com/mrdaemon/exosphere/issues"
 exosphere = "exosphere.main:main"
 
 [build-system]
-requires = ["uv_build>=0.7.19,<0.10.0"]
+requires = ["uv_build>=0.7.19,<0.11.0"]
 build-backend = "uv_build"
 
 [tool.uv.build-backend]

{exosphere_cli-2.2.0 → exosphere_cli-2.4.0}/src/exosphere/objects.py

@@ -205,6 +205,7 @@ class Host:
             "flavor": self.flavor,
             "version": self.version,
             "supported": self.supported,
+            "stale": self.is_stale,
             "online": self.online,
             "package_manager": self.package_manager,
             "updates": [update.__dict__.copy() for update in self.updates],

{exosphere_cli-2.2.0 → exosphere_cli-2.4.0}/src/exosphere/providers/api.py

@@ -6,13 +6,23 @@ well as helper functions and decorators to be used by package manager
 provider implementations.
 """
 
+import functools
 import logging
 from abc import ABC, abstractmethod
 from collections.abc import Callable
 
 from fabric import Connection
+from invoke.exceptions import AuthFailure
 
 from exosphere.data import Update
+from exosphere.errors import DataRefreshError
+
+_SUDO_AUTH_FAILURE_MESSAGE = (
+    "Sudo failed: "
+    "Ensure the user is configured with passwordless sudo. "
+    "You can use 'exosphere sudo generate' to produce a sudoers snippet for this host. "
+    "See: https://exosphere.readthedocs.io/en/stable/connections.html#id1"
+)
 
 
 def requires_sudo(func: Callable) -> Callable:
@@ -23,9 +33,21 @@ def requires_sudo(func: Callable) -> Callable:
     it requires sudo privileges to execute. You should add it to any
     method that requires elevated privileges, i.e. whenever you are
     using 'cx.sudo()' instead of 'cx.run()'.
+
+    Additionally, the decorator provides enhanced error handling for
+    sudo related failures, presenting a clear message about sudo policies
+    and sudoers configuration when an AuthFailure or related exception occurs.
     """
-    setattr(func, "__requires_sudo", True)
-    return func
+
+    @functools.wraps(func)
+    def wrapper(*args: object, **kwargs: object) -> object:
+        try:
+            return func(*args, **kwargs)
+        except AuthFailure as e:
+            raise DataRefreshError(_SUDO_AUTH_FAILURE_MESSAGE) from e
+
+    setattr(wrapper, "__requires_sudo", True)
+    return wrapper
 
 
 class PkgManager(ABC):

{exosphere_cli-2.2.0 → exosphere_cli-2.4.0}/src/exosphere/providers/freebsd.py

@@ -26,6 +26,7 @@ class Pkg(PkgManager):
 
     SUDOERS_COMMANDS: list[str] | None = [
         "/usr/sbin/pkg update -q",
+        "/usr/sbin/pkg audit -qF",
     ]
 
     def __init__(self) -> None:
@@ -41,7 +42,11 @@ class Pkg(PkgManager):
         """
         Synchronize the package repository.
 
-        This method is equivalent to running 'pkg update -q'.
+        It will also download the latest version of the vuln.xml
+        database to check for security updates.
+
+        This method is equivalent to running 'pkg update -q', followed
+        by 'pkg audit -qF'.
 
         :param cx: Fabric Connection object
         :return: True if synchronization is successful, False otherwise.
@@ -56,6 +61,19 @@ class Pkg(PkgManager):
             )
             return False
 
+        # Sync vulnerability data via pkg audit -qF, which forces a download
+        # of the vuln.xml database. We do not store or parse the output, as
+        # the cost of running it a second time in get_updates() is negligible,
+        # and will be a local operation anyways.
+        self.logger.debug("Synchronizing vuln.xml via pkg audit")
+        audit_result = cx.sudo("/usr/sbin/pkg audit -qF", hide=True, warn=True)
+
+        if audit_result.failed and audit_result.stderr:
+            self.logger.error(
+                f"Failed to synchronize vuln.xml via pkg audit: {audit_result.stderr}"
+            )
+            return False
+
         self.logger.debug("FreeBSD pkg repositories synchronized successfully")
 
         return True

{exosphere_cli-2.2.0 → exosphere_cli-2.4.0}/src/exosphere/schema/host-report.schema.json

@@ -19,6 +19,7 @@
         "flavor",
         "version",
         "supported",
+        "stale",
         "online",
         "package_manager",
         "updates",
@@ -59,6 +60,10 @@
           "type": "boolean",
           "description": "Whether this host type is supported by Exosphere"
         },
+        "stale": {
+          "type": "boolean",
+          "description": "Whether the host data is stale and needs refreshed"
+        },
         "online": {
           "type": "boolean",
           "description": "Whether the host was last reachable"