finradar-cli 0.1.0__tar.gz

finradar_cli-0.1.0/.gitignore

@@ -0,0 +1,16 @@
+# PyInstaller build artifacts
+dist/
+build/
+dist_wheel/
+*.whl
+
+# Python cache
+__pycache__/
+*.pyc
+*.pyo
+*.pyd
+.Python
+
+# Packaging / egg-info
+*.egg-info/
+*.egg

finradar_cli-0.1.0/CHANGELOG.md

@@ -0,0 +1,34 @@
+# Changelog
+
+All notable changes to the FinRadar CLI are documented here.
+This project adheres to [Semantic Versioning](https://semver.org/).
+
+## [0.1.0] — first public release
+
+First public release of `finradar`, a command-line client for the FinRadar REST API.
+
+### Added
+- **119 generated noun-verb commands** over the API (`finradar sec filings search`,
+  `finradar 13f fund show`, `finradar insider transactions by-ticker`, …) plus a raw
+  `finradar api METHOD PATH key=value` escape hatch for any endpoint.
+- **Authentication:** `finradar configure` (API key → OS keychain) and `finradar login`
+  (OAuth 2.1 loopback PKCE; requires the backend `cli_access` feature, which ships OFF).
+- **Output formats:** `-o json | table | yaml`; scriptable exit codes (0–7); a
+  no-telemetry, channel-aware version nudge.
+- **Distribution:** PyPI wheel (pip/pipx), standalone PyInstaller binaries, a Homebrew
+  tap, and a Scoop bucket. `finradar update` self-updates a standalone binary
+  (sha256-verified, atomic, frozen-only).
+
+### Security
+- Shipped after an independent pre-release security review (**GO-WITH-FIXES**). The
+  one release-gating item (a Windows self-update brick path) and all confirmed
+  should-fix findings were remediated before release:
+  - Atomic Windows self-update with rollback (no bricked binary on a failed swap).
+  - Strict `cli-vN.N.N` tag-format gate (closes a release-pipeline command-injection).
+  - SHA-pinned third-party GitHub Actions; least-privilege workflow tokens.
+  - Owner-only ACLs on the credential file fallback (Windows + POSIX), created atomically.
+  - Transient-safe OAuth token retry (no longer logs the user out on a network blip).
+  - OAuth metadata origin + https pinning; idempotent-only HTTP retries; constant-time
+    `state` comparison.
+- See `SECURITY.md` for the full posture, the accepted-risk items, and the GA roadmap
+  (code-signing/Sigstore, PyPI Trusted Publishing, dependency lock, scope enforcement).

finradar_cli-0.1.0/Makefile

@@ -0,0 +1,15 @@
+SPEC_SRC = ../sandbox_frontend/public/openapi.json
+SPEC_DST = finradar_cli/data/openapi.json
+
+.PHONY: sync-spec generate check-drift
+
+sync-spec:
+	cp $(SPEC_SRC) $(SPEC_DST)
+	@python -c "import json;print('synced', json.load(open('$(SPEC_DST)'))['info']['version'])"
+
+generate:
+	python generate.py
+
+check-drift: generate
+	git diff --exit-code finradar_cli/_generated finradar_cli/data || \
+	  (echo 'Generated artifacts out of date — run `make sync-spec` (if the spec moved) then `make generate`, and commit the result' && exit 1)

finradar_cli-0.1.0/PKG-INFO

@@ -0,0 +1,19 @@
+Metadata-Version: 2.4
+Name: finradar-cli
+Version: 0.1.0
+Summary: Command-line client for the FinRadar API
+Requires-Python: >=3.10
+Requires-Dist: click<9,>=8.2
+Requires-Dist: httpx>=0.27
+Requires-Dist: keyring>=25
+Requires-Dist: platformdirs>=4
+Requires-Dist: pyyaml>=6.0
+Requires-Dist: rich>=13
+Requires-Dist: tomli-w>=1.0
+Requires-Dist: tomli>=2.0; python_version < '3.11'
+Requires-Dist: typer>=0.15
+Provides-Extra: dev
+Requires-Dist: mypy>=1.10; extra == 'dev'
+Requires-Dist: pytest>=8; extra == 'dev'
+Requires-Dist: respx>=0.21; extra == 'dev'
+Requires-Dist: ruff>=0.5; extra == 'dev'

finradar_cli-0.1.0/README.md

@@ -0,0 +1,239 @@
+# finradar CLI
+
+A typed command-line client for the [FinRadar](https://uat.finradarapi.com) REST API.
+Every public endpoint is available as a `finradar <group> <verb>` command; the raw
+`finradar api` escape hatch reaches anything else.
+
+---
+
+## Install
+
+**pipx (recommended for Python users)**
+```bash
+pipx install finradar-cli
+```
+
+**Homebrew (macOS / Linux)**
+```bash
+brew install MarounAntoun/tap/finradar
+```
+
+**Scoop (Windows)**
+```powershell
+scoop bucket add finradar https://github.com/MarounAntoun/scoop-finradar
+scoop install finradar
+```
+
+**Standalone binary — no Python required**
+
+Download the pre-built binary for your OS from the
+[GitHub Releases page](https://github.com/MarounAntoun/finradar-cli/releases/latest):
+
+```bash
+# macOS / Linux
+curl -sSL https://github.com/MarounAntoun/finradar-cli/releases/latest/download/finradar-linux \
+  -o finradar
+chmod +x finradar && sudo mv finradar /usr/local/bin/
+```
+
+Windows: download `finradar-windows.exe` from the Releases page and place it on your `PATH`.
+
+**Verify**
+```bash
+finradar --version
+# finradar 0.1.0 (API spec 3.61.0; base https://uat.finradarapi.com)
+```
+
+---
+
+## Updates
+
+The update method depends on how you installed:
+
+| Install method | Update command |
+|---|---|
+| Standalone binary | `finradar update` |
+| pipx | `pipx upgrade finradar-cli` |
+| pip | `pip install -U finradar-cli` |
+| Homebrew | `brew upgrade finradar` |
+| Scoop | `scoop update finradar` |
+
+**`finradar update`** — standalone-binary users only. Downloads the latest binary from
+[MarounAntoun/finradar-cli](https://github.com/MarounAntoun/finradar-cli/releases/latest),
+verifies the sha256 sidecar, and atomically replaces the running binary. Exits with code 2
+on any hash mismatch or network error (the existing binary is left untouched).
+
+If you run a pip/pipx install and call `finradar update`, the command will tell you to
+use `pipx upgrade finradar-cli` instead — it never touches your Python environment.
+
+**Version-skew nudge** — after any successful command, if the live API spec is newer
+than the bundled one the CLI prints a one-line hint to stderr (once per hour; suppress
+with `FINRADAR_NO_UPDATE_CHECK=1`). Standalone-binary users see `finradar update`;
+pip/pipx users see `pipx upgrade finradar-cli`.
+
+---
+
+## Quickstart
+
+### 1. Configure your API key
+
+Get your key from the [Credentials page](https://uat.finradarapi.com/account/credentials),
+then run:
+
+```bash
+finradar configure
+# API key: ••••••••••••••••
+# Saved profile 'default' → https://uat.finradarapi.com (key in keychain).
+```
+
+The API key is stored in your **OS keychain** (never in the config file).
+Only the profile's `base_url` and `auth_type` are written to the config file.
+You can also set `FINRADAR_API_KEY` in your environment to override the stored key.
+
+### 2. Search SEC filings
+
+```bash
+finradar sec filings search --ticker AAPL --form-type 10-K --limit 5
+```
+
+### 3. Call a raw endpoint
+
+```bash
+finradar api GET /api/v1/sec/filings ticker=AAPL formType=10-K limit=5
+```
+
+### 4. (Optional) Log in with OAuth
+
+Browser-based login via OAuth 2.1 PKCE — no API key required:
+
+```bash
+finradar login
+```
+
+---
+
+## Command model
+
+Commands follow a `finradar <group> <verb> [options]` noun-verb pattern. Groups map
+to API tag families; verbs map to HTTP operations.
+
+| Group | Example command |
+|---|---|
+| `sec` | `finradar sec filings search --ticker TSLA` |
+| `insiders` | `finradar insiders transactions list --ticker NVDA --transaction-type P` |
+| `holdings` | `finradar holdings list --cik 1067983 --quarter 2024Q4` |
+| `cusip` | `finradar cusip lookup --cusip 037833100` |
+
+Run `finradar --help` for the full list of groups, or `finradar <group> --help` for
+operations within a group.
+
+### Check your identity
+
+```bash
+finradar whoami
+# profile: default
+# auth_type: api_key
+# base_url: https://uat.finradarapi.com
+# balance: 198432 (paid)
+```
+
+### Quick help
+
+```bash
+finradar --help                  # full group list
+finradar <group> --help          # verbs within a group
+finradar <group> <verb> --help   # flags for a specific command
+```
+
+### Raw escape hatch
+
+```bash
+# Any method, any endpoint — key=value pairs become query params (GET/DELETE)
+# or JSON body fields (POST/PUT/PATCH)
+finradar api GET /api/v1/sec/filings ticker=AAPL limit=5
+finradar api POST /api/v1/search query="insider buys"
+```
+
+---
+
+## Output formats
+
+Pass `-o` / `--output` to any command:
+
+| Flag | Description |
+|---|---|
+| `-o json` | JSON — compact when piped, pretty on a TTY **(default)** |
+| `-o table` | Pretty table |
+| `-o yaml` | YAML |
+
+```bash
+finradar sec filings search --ticker MSFT -o json | jq '.[0].accessionNo'
+```
+
+---
+
+## Profiles
+
+Store multiple base URL / API key combinations as named profiles:
+
+```bash
+# Create a profile
+finradar configure --profile staging
+
+# Use it for one command
+finradar --profile staging sec filings search --ticker AAPL
+
+# Or set it for the whole session
+export FINRADAR_PROFILE=staging
+```
+
+Config is stored in your OS config directory:
+`~/.config/finradar/config.toml` (Linux), `~/Library/Application Support/finradar/config.toml` (macOS),
+`%APPDATA%\finradar\config.toml` (Windows).
+
+---
+
+## Shell completion
+
+```bash
+# Bash
+finradar completion install bash
+
+# Zsh
+finradar completion install zsh
+
+# Fish
+finradar completion install fish
+```
+
+---
+
+## Exit codes
+
+| Code | Meaning |
+|---|---|
+| `0` | OK — request succeeded |
+| `1` | Usage error — bad flags or missing argument |
+| `2` | Network error — DNS failure, timeout, unreachable host |
+| `3` | Auth error — invalid or missing API key / token |
+| `4` | Payment error — insufficient token balance (HTTP 402) |
+| `5` | Rate limit — too many requests (HTTP 429) |
+| `6` | Not found — resource does not exist (HTTP 404) |
+| `7` | Server error — upstream 5xx |
+
+---
+
+## Version skew
+
+`finradar --version` prints the CLI version, the bundled API version, and the active
+base URL. If the live API has been updated since the CLI was installed, a version-skew
+notice is printed to stderr after any successful command (once per hour, suppressible
+with `FINRADAR_NO_UPDATE_CHECK=1`).
+
+---
+
+## Source
+
+This CLI is generated from the FinRadar OpenAPI spec. Commands are built from the
+same `openapi.json` that powers the `/integrations/openapi` docs — if a new endpoint
+appears in the spec, the next CLI release will expose it as a typed command.

finradar_cli-0.1.0/RELEASE.md

@@ -0,0 +1,65 @@
+# FinRadar CLI — Release Runbook
+
+The release is fully automated by `.github/workflows/cli-release.yml`, triggered by
+pushing a `cli-vX.Y.Z` tag. This runbook is the human checklist around it.
+
+## One-time setup (maintainer only — required before the FIRST release)
+
+These are account credentials the automation cannot create for itself. Add them as
+**repository → Settings → Secrets and variables → Actions**:
+
+1. **`DIST_PUSH_TOKEN`** — a fine-grained GitHub PAT with **Contents: write** on the
+   three public distribution repos: `MarounAntoun/finradar-cli`,
+   `MarounAntoun/homebrew-tap`, `MarounAntoun/scoop-finradar`. (The built-in
+   `GITHUB_TOKEN` cannot write cross-repo, which is why a PAT is required.)
+2. **`PYPI_TOKEN`** — a PyPI **project-scoped** API token for `finradar-cli`.
+   (GA hardening: replace with OIDC Trusted Publishing — see SECURITY.md.)
+
+Recommended repo hardening (supply-chain — see SECURITY.md): branch protection on
+`main` with required reviews; enable Dependabot for `github-actions`.
+
+## Pre-flight (before tagging)
+
+- [ ] `main` is green: `cli-ci.yml` passing on the latest commit (all OS × Python legs + drift).
+- [ ] Security review fixes merged (this is in `main` as of the v0.1.0 hardening PR).
+- [ ] Version is intentional. The version lives in **one** place: `cli/finradar_cli/__init__.py`
+      (`__version__`). The tag MUST be `cli-v` + that exact value. For the first public
+      release that is `cli-v0.1.0`.
+- [ ] `CHANGELOG.md` updated for the version.
+- [ ] The 2 secrets above exist (first release only).
+- [ ] Local sanity: `cd cli && python -m build --wheel && pyinstaller finradar.spec --clean --noconfirm`
+      both succeed; `dist/finradar.exe --version` prints the expected version.
+
+## Cut the release
+
+```bash
+git checkout main && git pull
+git tag cli-v0.1.0          # must match __version__ exactly; the workflow gate rejects any other shape
+git push origin cli-v0.1.0
+```
+
+The workflow then, in order:
+1. **Validates the tag** against `^cli-vN.N.N$` (fails closed on anything else).
+2. **wheel** → builds + `twine upload --skip-existing` to PyPI; pre-creates the GitHub
+   Release on the public `finradar-cli` repo.
+3. **binaries** (ubuntu/macos/windows) → builds each from the wheel, computes a
+   `*.sha256` sidecar, uploads binary + sidecar to the public Release.
+4. **publish-managers** → patches the canonical Homebrew formula + Scoop manifest with
+   the version + per-OS sha256 and pushes them (a guard fails the run if any
+   `REPLACE_*` placeholder survives).
+
+## Post-release verification
+
+- [ ] `pip install finradar-cli==0.1.0` (fresh venv) → `finradar --version` correct.
+- [ ] GitHub Release on `MarounAntoun/finradar-cli` has 3 binaries + 3 `.sha256` sidecars;
+      spot-check one: `sha256sum finradar-linux` matches `finradar-linux.sha256`.
+- [ ] `brew install MarounAntoun/tap/finradar` → `finradar --version` correct.
+- [ ] `scoop bucket add finradar https://github.com/MarounAntoun/scoop-finradar; scoop install finradar`.
+- [ ] From a frozen binary: `finradar update --check` reports "up to date" (it now sees the release).
+
+## Rollback
+
+- A bad PyPI release cannot be overwritten — yank it on PyPI and ship `0.1.1`.
+- A bad binary: delete the GitHub Release assets (or the Release) on `finradar-cli`;
+  the formula/manifest can be reverted via a follow-up tag. The self-updater is
+  fail-closed (it never installs an artifact whose sha256 does not match its sidecar).

finradar_cli-0.1.0/SECURITY.md

@@ -0,0 +1,72 @@
+# FinRadar CLI — Security Policy & v0.1.0 Posture
+
+## Reporting a vulnerability
+
+Email security reports to **marounantoun97@gmail.com** with `[finradar-cli security]`
+in the subject. Please do not open public issues for vulnerabilities. We aim to
+acknowledge within 72 hours.
+
+## Pre-release security review (v0.1.0)
+
+Before the first public release the CLI, its release pipeline, and the additive
+backend `cli_access` token underwent an independent, multi-dimension security review
+(self-updater supply-chain, credential storage, OAuth/PKCE, release CI, backend
+token, dependencies, input handling, transport). Verdict: **GO-WITH-FIXES**.
+
+- **0 Critical.** The 3 High findings were downgraded to Medium/Low after adversarial
+  verification (none anonymous/external).
+- The one release-gating item — a Windows self-updater path that could leave no
+  binary on a failed swap — was fixed (atomic rollback) and mutation-tested.
+- The confirmed should-fix findings were all remediated before release: release-tag
+  command-injection gate, SHA-pinned GitHub Actions, owner-only credential-file ACLs
+  (Windows + POSIX), transient-safe OAuth token retry, OAuth metadata origin/https
+  pinning, idempotent-only HTTP retries, constant-time state comparison.
+
+### Confirmed-correct controls (verified by the review)
+
+- **Self-updater:** verify-before-replace (the binary is never swapped in unless its
+  sha256 matches the sidecar), fail-closed cleanup of unverified artifacts, TLS
+  verification on every fetch, strict 64-hex checksum parsing, frozen-only gating, and
+  fail-safe version comparison.
+- **Backend `cli_access` token:** full RS256 verification (signature + exp + aud + iss),
+  HS256↔RS256 algorithm-confusion blocked, no JWKS/SSRF (in-process key), structural
+  audience separation from MCP, token-class confusion blocked both directions,
+  fail-closed when disabled — and it **ships OFF** (`CLI_ACCESS_ENABLED=false`).
+- **Credential storage:** OS keychain preferred; secrets never written to `config.toml`
+  or logs; PKCE S256 with a CSPRNG verifier/state; loopback callback binds 127.0.0.1 only.
+
+## Accepted risk for v0.1.0 (tracked for GA)
+
+These are real and documented; they are acceptable for an initial `0.1.0` release and
+are scheduled for hardening before a `1.0` GA:
+
+1. **Update integrity == GitHub release integrity.** Binaries are protected by HTTPS +
+   a sha256 sidecar fetched from the same release. This defends against transport
+   corruption, **not** a compromised release account. Anyone who can publish a release
+   (a stolen publishing token, compromised CI, or account takeover) controls both the
+   binary and its checksum. **Mitigations in place now:** branch protection, the release
+   workflow runs only on a strictly-validated `cli-vN.N.N` tag, secrets are env-only,
+   third-party Actions are SHA-pinned. **GA hardening:** sign releases with
+   Sigstore/cosign (keyless OIDC) or minisign and verify the *signature* (not just the
+   hash) in the updater; add OS code-signing (Authenticode / notarization); require a
+   hardware-key-protected, reviewed publish.
+2. **PyPI publishing uses a long-lived API token**, not OIDC Trusted Publishing.
+   *GA:* migrate to `pypa/gh-action-pypi-publish` with `id-token: write`.
+3. **No hash-pinned dependency lock.** Runtime deps use bounded ranges; the binary /
+   brew / scoop channels ship a CI-frozen set. *GA:* add a `--generate-hashes` lock and
+   pin build tooling for reproducible builds.
+4. **`cli_access` is full-access; the `cli` scope is not enforced at the resource
+   server.** Intentional for v1, and the feature **ships OFF**. **Hard gate:** before
+   `CLI_ACCESS_ENABLED` is ever turned on with anything narrower than a single
+   full-access `cli` scope, resource-server scope enforcement MUST land — otherwise a
+   future narrower-scope token would still reach write endpoints.
+
+## Supply-chain notes for operators
+
+- The official binaries and `*.sha256` sidecars are published only at
+  `https://github.com/MarounAntoun/finradar-cli/releases`. The Homebrew formula and
+  Scoop manifest reference those release assets.
+- `finradar update` only self-updates a **frozen standalone binary**. pip/pipx
+  installs are never modified in place (the updater tells you to `pipx upgrade`).
+- Two repository secrets gate publishing: `DIST_PUSH_TOKEN` (cross-repo `contents:write`)
+  and `PYPI_TOKEN`. Both are env-only in CI and never logged.

finradar_cli-0.1.0/_finradar_main.py

@@ -0,0 +1,7 @@
+# PyInstaller bootstrap: absolute-import entry point for the one-file binary.
+# The package __main__.py uses relative imports which PyInstaller cannot handle
+# as a top-level script; this thin wrapper uses absolute imports instead.
+from finradar_cli.app import app
+
+if __name__ == "__main__":
+    app()

finradar_cli-0.1.0/finradar.spec

@@ -0,0 +1,13 @@
+# PyInstaller one-file `finradar` binary: bundle package data + dynamic keyring backends.
+from PyInstaller.utils.hooks import collect_data_files, collect_submodules
+
+datas = collect_data_files("finradar_cli",
+                           includes=["data/*", "_generated/**/*", "marquee.toml", "type_overrides.toml"])
+hidden = (collect_submodules("keyring.backends")
+          + ["finradar_cli._generated"])
+
+a = Analysis(["_finradar_main.py"], pathex=["."], datas=datas, hiddenimports=hidden,
+             hookspath=[], runtime_hooks=[], excludes=[], noarchive=False)
+pyz = PYZ(a.pure, a.zipped_data)
+exe = EXE(pyz, a.scripts, a.binaries, a.zipfiles, a.datas, [],
+          name="finradar", debug=False, strip=False, upx=True, console=True)

finradar_cli-0.1.0/finradar_cli/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.1.0"

finradar_cli-0.1.0/finradar_cli/__main__.py

@@ -0,0 +1,4 @@
+from .app import app
+
+if __name__ == "__main__":
+    app()

finradar_cli-0.1.0/finradar_cli/_generated/__init__.py

@@ -0,0 +1,96 @@
+"""GENERATED by generate.py — do not edit. Run `make generate`."""
+from __future__ import annotations
+
+import typer
+
+from . import cmd_13dg
+from . import cmd_13f
+from . import cmd_billing
+from . import cmd_core
+from . import cmd_cusip
+from . import cmd_download
+from . import cmd_facts
+from . import cmd_financials
+from . import cmd_holders
+from . import cmd_index
+from . import cmd_insider
+from . import cmd_market
+from . import cmd_ownership
+from . import cmd_ownership_analytics
+from . import cmd_positions
+from . import cmd_pricing
+from . import cmd_progress
+from . import cmd_search
+from . import cmd_sec
+from . import cmd_status
+from . import cmd_ticker
+from . import cmd_user
+
+
+def register(app: typer.Typer) -> None:
+    _g_13dg = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_13dg, name='13dg')
+    cmd_13dg.build(_g_13dg)
+    _g_13f = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_13f, name='13f')
+    cmd_13f.build(_g_13f)
+    _g_billing = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_billing, name='billing')
+    cmd_billing.build(_g_billing)
+    _g_core = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_core, name='core')
+    cmd_core.build(_g_core)
+    _g_cusip = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_cusip, name='cusip')
+    cmd_cusip.build(_g_cusip)
+    _g_download = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_download, name='download')
+    cmd_download.build(_g_download)
+    _g_facts = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_facts, name='facts')
+    cmd_facts.build(_g_facts)
+    _g_financials = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_financials, name='financials')
+    cmd_financials.build(_g_financials)
+    _g_holders = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_holders, name='holders')
+    cmd_holders.build(_g_holders)
+    _g_index = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_index, name='index')
+    cmd_index.build(_g_index)
+    _g_insider = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_insider, name='insider')
+    cmd_insider.build(_g_insider)
+    _g_market = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_market, name='market')
+    cmd_market.build(_g_market)
+    _g_ownership = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_ownership, name='ownership')
+    cmd_ownership.build(_g_ownership)
+    _g_ownership_analytics = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_ownership_analytics, name='ownership-analytics')
+    cmd_ownership_analytics.build(_g_ownership_analytics)
+    _g_positions = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_positions, name='positions')
+    cmd_positions.build(_g_positions)
+    _g_pricing = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_pricing, name='pricing')
+    cmd_pricing.build(_g_pricing)
+    _g_progress = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_progress, name='progress')
+    cmd_progress.build(_g_progress)
+    _g_search = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_search, name='search')
+    cmd_search.build(_g_search)
+    _g_sec = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_sec, name='sec')
+    cmd_sec.build(_g_sec)
+    _g_status = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_status, name='status')
+    cmd_status.build(_g_status)
+    _g_ticker = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_ticker, name='ticker')
+    cmd_ticker.build(_g_ticker)
+    _g_user = typer.Typer(no_args_is_help=True)
+    app.add_typer(_g_user, name='user')
+    cmd_user.build(_g_user)

finradar_cli-0.1.0/finradar_cli/_generated/cmd_13dg.py

@@ -0,0 +1,23 @@
+"""GENERATED by generate.py — do not edit. Run `make generate`."""
+from __future__ import annotations
+
+import typer
+from finradar_cli.commands.api import run_request
+
+
+def build(parent: typer.Typer) -> None:
+    _sub_form_13d = typer.Typer(no_args_is_help=True)
+    parent.add_typer(_sub_form_13d, name='form-13d')
+
+    @_sub_form_13d.command('create', help='Form 13D [cost 0]')
+    def cmd_post_api_v1_form_13d(ctx: typer.Context, query_ticker: str = typer.Option(None, '--query.ticker', help="Issuer trading symbol (e.g. 'TWTR'). Case-insensitive."), query_issuerCik: str = typer.Option(None, '--query.issuerCik', help='Issuer CIK number. Leading zeros are stripped automatically.'), query_filerCik: str = typer.Option(None, '--query.filerCik', help='Filer (reporting person) CIK. Leading zeros are stripped automatically.'), query_filerName: str = typer.Option(None, '--query.filerName', help="Partial match on filer name (case-insensitive). E.g. 'Elon Musk'."), query_minOwnership: str = typer.Option(None, '--query.minOwnership', help='Minimum percent of class owned. E.g. 5.0 for >= 5%.'), query_formType: str = typer.Option(None, '--query.formType', help="Filter by form type: 'SC 13D', 'SC 13D/A', 'SC 13G', 'SC 13G/A'. Both SC and SCHEDULE variants accepted."), query_dateRange_from: str = typer.Option(None, '--query.dateRange.from', help="Start date filter (ISO format, e.g. '2025-01-01')."), query_dateRange_to: str = typer.Option(None, '--query.dateRange.to', help="End date filter (ISO format, e.g. '2026-03-14')."), from_: str = typer.Option(None, '--from', help='Pagination offset.'), size: str = typer.Option(None, '--size', help='Page size (max 50).'), sort: str = typer.Option(None, '--sort', help='Sort specification. Supported fields: filedAt, percentOfClass, sharesOwned.'), data: str = typer.Option(None, "--data", help="JSON body or @file.json")):
+        url = '/api/v1/form-13d'
+        _pp: dict[str, str] = {}
+        for _k, _v in _pp.items():
+            url = url.replace("{" + _k + "}", str(_v))
+        _kv: list[str] = []
+        _body: dict[str, str | None] = {'query.ticker': query_ticker, 'query.issuerCik': query_issuerCik, 'query.filerCik': query_filerCik, 'query.filerName': query_filerName, 'query.minOwnership': query_minOwnership, 'query.formType': query_formType, 'query.dateRange.from': query_dateRange_from, 'query.dateRange.to': query_dateRange_to, 'from': from_, 'size': size, 'sort': sort}
+        for _name, _val in _body.items():
+            if _val is not None:
+                _kv.append(f"{_name}={_val}")
+        run_request(ctx.obj, 'POST', url, _kv, data=data)