footprinter-cli 1.0.4__tar.gz → 1.0.5__tar.gz

{footprinter_cli-1.0.4/footprinter_cli.egg-info → footprinter_cli-1.0.5}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.2
 Name: footprinter-cli
-Version: 1.0.4
+Version: 1.0.5
 Summary: A local context layer for your files, browser history, chats, and email — searchable, user-owned, MCP-served.
 Author: SwellCity Group
 License: MIT
@@ -75,7 +75,7 @@ Or install with **pipx** directly:
 pipx install footprinter-cli
 ```
 
-Either method gives you the `fp` command with the indexing pipeline, CLI, MCP server, and HTTP API. Optional extras add more:
+Either method installs three commands: `fp` (the CLI and indexing pipeline), `fp-mcp` (the MCP server for AI agents), and `fp-api` (the HTTP API). Optional extras add more:
 
 | Extra | What it adds |
 |-------|-------------|
@@ -160,14 +160,12 @@ All commands use the `fp` entry point.
 | `fp status` | System health and data counts |
 | `fp search` | Search across all indexed sources |
 | `fp connect` | Manage optional integrations |
-| `fp mcp` | MCP server and access policies |
-| `fp api` | Start the HTTP API server |
+| `fp permission` | Manage access policies (visibility, permissions) |
 | `fp view` | Browse indexed data (files, folders, projects, clients, chats, emails, visits) |
-| `fp upsert` | Create/update records, assign relationships, or soft-delete via `--status removed` |
-| `fp data` | Export data, generate templates, or import metadata corrections |
+| `fp add` | Create new entity records or import from CSV |
+| `fp update` | Update existing records by ID — status, assignments, metadata |
 | `fp delete` | Hard-delete a super entity (irreversible) |
-| `fp vectorize` | Manage per-record vectorization control |
-| `fp doctor` | Post-install health check (Python version, install location, FDA, MCP wiring) |
+| `fp doctor` | Post-install health check (Python version, platform, FDA, MCP wiring) |
 | `fp uninstall` | Remove Footprinter — MCP entry, user data, package |
 
 Run `fp <command> --help` for full usage.
@@ -176,7 +174,7 @@ Run `fp <command> --help` for full usage.
 
 Single-process CLI with optional MCP server. SQLite database. No containers, no cloud, no accounts.
 
-Sources are scanned into SQLite with bidirectional links connecting local files to remote backups via content hash matching. Embeddings are generated at ingest time for semantic search. The MCP server exposes indexed data with two-layer access control (visibility + permissions) — you decide what agents can see.
+Sources are scanned into SQLite with bidirectional links connecting local files to remote backups via content hash matching. Embeddings are generated at ingest time for semantic search. The MCP server exposes indexed data with two-layer access control (visibility + access) — you decide what agents can see.
 
 ## Documentation
 
@@ -194,7 +192,7 @@ Bug fixes, documentation, and tests welcome. For new features or architectural c
 
 ```bash
 git clone https://github.com/harringjohn/footprinter-cli.git
-cd footprinter
+cd footprinter-cli
 python3 -m venv venv
 ./venv/bin/pip install -e ".[dev]"
 ```

{footprinter_cli-1.0.4 → footprinter_cli-1.0.5}/README.md

@@ -21,7 +21,7 @@ Or install with **pipx** directly:
 pipx install footprinter-cli
 ```
 
-Either method gives you the `fp` command with the indexing pipeline, CLI, MCP server, and HTTP API. Optional extras add more:
+Either method installs three commands: `fp` (the CLI and indexing pipeline), `fp-mcp` (the MCP server for AI agents), and `fp-api` (the HTTP API). Optional extras add more:
 
 | Extra | What it adds |
 |-------|-------------|
@@ -106,14 +106,12 @@ All commands use the `fp` entry point.
 | `fp status` | System health and data counts |
 | `fp search` | Search across all indexed sources |
 | `fp connect` | Manage optional integrations |
-| `fp mcp` | MCP server and access policies |
-| `fp api` | Start the HTTP API server |
+| `fp permission` | Manage access policies (visibility, permissions) |
 | `fp view` | Browse indexed data (files, folders, projects, clients, chats, emails, visits) |
-| `fp upsert` | Create/update records, assign relationships, or soft-delete via `--status removed` |
-| `fp data` | Export data, generate templates, or import metadata corrections |
+| `fp add` | Create new entity records or import from CSV |
+| `fp update` | Update existing records by ID — status, assignments, metadata |
 | `fp delete` | Hard-delete a super entity (irreversible) |
-| `fp vectorize` | Manage per-record vectorization control |
-| `fp doctor` | Post-install health check (Python version, install location, FDA, MCP wiring) |
+| `fp doctor` | Post-install health check (Python version, platform, FDA, MCP wiring) |
 | `fp uninstall` | Remove Footprinter — MCP entry, user data, package |
 
 Run `fp <command> --help` for full usage.
@@ -122,7 +120,7 @@ Run `fp <command> --help` for full usage.
 
 Single-process CLI with optional MCP server. SQLite database. No containers, no cloud, no accounts.
 
-Sources are scanned into SQLite with bidirectional links connecting local files to remote backups via content hash matching. Embeddings are generated at ingest time for semantic search. The MCP server exposes indexed data with two-layer access control (visibility + permissions) — you decide what agents can see.
+Sources are scanned into SQLite with bidirectional links connecting local files to remote backups via content hash matching. Embeddings are generated at ingest time for semantic search. The MCP server exposes indexed data with two-layer access control (visibility + access) — you decide what agents can see.
 
 ## Documentation
 
@@ -140,7 +138,7 @@ Bug fixes, documentation, and tests welcome. For new features or architectural c
 
 ```bash
 git clone https://github.com/harringjohn/footprinter-cli.git
-cd footprinter
+cd footprinter-cli
 python3 -m venv venv
 ./venv/bin/pip install -e ".[dev]"
 ```

{footprinter_cli-1.0.4 → footprinter_cli-1.0.5}/footprinter/access_stamper.py

@@ -2,7 +2,7 @@
 
 Maps a policy scope (e.g. "global", "project:3", "folder:~/Work/") to affected
 entity rows, calls the existing batch resolve functions, and writes resolved
-values back to mcp_view / mcp_read columns.
+values back to visibility / access columns.
 """
 
 from __future__ import annotations
@@ -45,8 +45,8 @@ def _is_inherit_source(source: str) -> bool:
 # ---------------------------------------------------------------------------
 # Each entry describes an entity type's table and capabilities.
 #   table:          SQL table name
-#   has_visibility: has mcp_view column
-#   has_permissions: has mcp_read column
+#   has_visibility: has visibility column
+#   has_permissions: has access column
 #   has_status:     has status column (filter WHERE status = 'listed')
 #   has_project_id: has project_id FK
 #   has_client_id:  has client_id FK
@@ -102,7 +102,7 @@ ENTITY_META: dict[str, dict[str, Any]] = {
         "has_project_id": False,
         "has_client_id": True,
         "has_account": False,
-        "path_column": "root_path",
+        "path_column": None,
     },
     "client": {
         "table": "clients",
@@ -305,31 +305,34 @@ def _get_ids_for_scope(conn: sqlite3.Connection, scope: str) -> dict[str, list[i
 
 
 def _write_back_visibility(conn: sqlite3.Connection, entity_type: str, results: dict[int, tuple]) -> None:
-    """Batch UPDATE mcp_view from resolve results.
+    """Batch UPDATE visibility and visibility_source from resolve results.
 
     Entities whose visibility comes from the global policy or the hardcoded
-    baseline are written as ``'inherit'`` — the MCP layer resolves them at
-    query time.  Entities with a specific policy get the resolved value.
+    baseline are written as ``'inherit'`` with ``visibility_source = NULL``.
+    Entities with a specific policy get the resolved value and source scope.
     """
     table = ENTITY_META[entity_type]["table"]
     conn.executemany(
-        f"UPDATE {table} SET mcp_view = ? WHERE id = ?",
-        [("inherit" if _is_inherit_source(source) else state, eid) for eid, (state, source) in results.items()],
+        f"UPDATE {table} SET visibility = ?, visibility_source = ? WHERE id = ?",
+        [
+            ("inherit", None, eid) if _is_inherit_source(source) else (state, source, eid)
+            for eid, (state, source) in results.items()
+        ],
     )
 
 
 def _write_back_permissions(conn: sqlite3.Connection, entity_type: str, results: dict[int, tuple]) -> None:
-    """Batch UPDATE mcp_read from resolve results.
+    """Batch UPDATE access and access_source from resolve results.
 
     Entities whose permission comes from the global policy or the hardcoded
-    baseline are written as ``'inherit'`` — the MCP layer resolves them at
-    query time.  Entities with a specific policy get the resolved value.
+    baseline are written as ``'inherit'`` with ``access_source = NULL``.
+    Entities with a specific policy get the resolved value and source scope.
     """
     table = ENTITY_META[entity_type]["table"]
     conn.executemany(
-        f"UPDATE {table} SET mcp_read = ? WHERE id = ?",
+        f"UPDATE {table} SET access = ?, access_source = ? WHERE id = ?",
         [
-            ("inherit" if _is_inherit_source(source) else ("allow" if allowed else "deny"), eid)
+            ("inherit", None, eid) if _is_inherit_source(source) else ("allow" if allowed else "deny", source, eid)
             for eid, (allowed, source) in results.items()
         ],
     )

footprinter_cli-1.0.5/footprinter/api/__main__.py

@@ -0,0 +1,5 @@
+"""Allow running as: python -m footprinter.api"""
+
+from footprinter.api.server import cli
+
+cli()

{footprinter_cli-1.0.4 → footprinter_cli-1.0.5}/footprinter/api/entities.py

@@ -137,7 +137,6 @@ def list_projects(
     include: Optional[str] = Query(None, description="Comma-separated includes"),
     status: Optional[str] = Query(None, description="Comma-separated status filter"),
     client: Optional[str] = None,
-    project_type: Optional[str] = None,
     limit: int = Query(50, ge=1, le=MAX_LIMIT),
     page: int = 1,
 ):
@@ -149,7 +148,6 @@ def list_projects(
         include=include_list,
         status=status_list,
         client=client,
-        project_type=project_type,
         limit=limit,
         page=page,
     )

{footprinter_cli-1.0.4 → footprinter_cli-1.0.5}/footprinter/api/server.py

@@ -1,10 +1,17 @@
 """Footprinter HTTP API — FastAPI app factory and server entry point."""
 
+from __future__ import annotations
+
+import argparse
+import sys
+
 from fastapi import FastAPI, Request
 from fastapi.responses import JSONResponse
 
 from footprinter.utils.exceptions import DatabaseNotInitializedError
 
+_LOOPBACK_HOSTS = {"127.0.0.1", "localhost", "::1"}
+
 
 def create_app() -> "FastAPI":
     """Create and configure the FastAPI application.
@@ -62,5 +69,40 @@ def main(host: str = "127.0.0.1", port: int = 8000) -> None:
     uvicorn.run(app, host=host, port=port)
 
 
+def cli(argv: list[str] | None = None) -> None:
+    """Console_script entry point — parse CLI args, validate host, start server."""
+    parser = argparse.ArgumentParser(
+        prog="fp-api",
+        description="Start the Footprinter HTTP API server.",
+    )
+    parser.add_argument("--host", default="127.0.0.1", help="Host to bind (default: 127.0.0.1)")
+    parser.add_argument("--port", type=int, default=8000, help="Port to bind (default: 8000)")
+    parser.add_argument(
+        "--allow-insecure-bind",
+        action="store_true",
+        help="Allow binding to non-loopback interfaces (no authentication!).",
+    )
+    args = parser.parse_args(argv)
+
+    if args.host not in _LOOPBACK_HOSTS:
+        if not args.allow_insecure_bind:
+            print(
+                f"error: refusing to bind to non-loopback host {args.host!r}.\n"
+                "The Footprinter HTTP API has no authentication; binding outside "
+                "loopback exposes indexed data to anyone on the network.\n"
+                "Pass --allow-insecure-bind to override.",
+                file=sys.stderr,
+            )
+            raise SystemExit(2)
+        print(
+            f"WARNING: binding to {args.host} — the HTTP API has no authentication. "
+            "Anyone reachable on this network can read indexed files, emails, "
+            "chats, and browser history.",
+            file=sys.stderr,
+        )
+
+    main(host=args.host, port=args.port)
+
+
 if __name__ == "__main__":
-    main()
+    cli()

{footprinter_cli-1.0.4 → footprinter_cli-1.0.5}/footprinter/bundled/config.example.yaml

@@ -81,9 +81,6 @@ indexing:
   max_file_size_mb: 50      # MB; 0 = no size limit. 50 is generous for prose/docs.
   lookback_days: 14         # Browser history window (days back to index)
   content_snippets: false   # Extract file/email content previews for keyword search
-  # `fp ingest --preview` (FPR-1723) — pre-scan summary tuning
-  preview_top_n: 10                # rows shown for top files / top directories
-  preview_size_threshold_mb: 50    # files at or above this size are flagged as outliers
 
 # Semantic search — stores content as embeddings in a local ChromaDB database
 # Enables finding files and chats by meaning, not just keywords
@@ -163,12 +160,3 @@ source_seeds:
     account: null
     label: "Chat"
     icon: message
-
-# Display labels for the group/project hierarchy
-# Customize these to match your organization's terminology
-domain:
-  labels:
-    group_singular: "Client"
-    group_plural: "Clients"
-    project_singular: "Project"
-    project_plural: "Projects"

{footprinter_cli-1.0.4 → footprinter_cli-1.0.5}/footprinter/cli/__init__.py

@@ -39,7 +39,6 @@ def main(argv=None) -> None:
         epilog=(
             "getting started:\n"
             "  fp setup                   Run the configuration wizard\n"
-            "  fp setup --check           Validate existing configuration\n"
             "  fp connect list            Show available data source connectors\n"
             "\n"
             "data commands:\n"
@@ -57,13 +56,23 @@ def main(argv=None) -> None:
             "  fp view emails              List indexed emails\n"
             "  fp view visits              List browser history\n"
             "\n"
-            "servers:\n"
-            "  fp mcp                     Start the MCP server\n"
-            "  fp api                     Start the HTTP API server\n"
-            "  fp mcp check ~/Work/file   Check access resolution for a path\n"
+            "manage records:\n"
+            "  fp add client --name Acme   Create a new entity record\n"
+            "  fp update client 5 --name X Update an existing record by ID\n"
+            "  fp update file 42 --project-id 3  Assign a file to a project\n"
+            "  fp update files data.csv    Bulk update from CSV\n"
+            "\n"
+            "access control:\n"
+            "  fp permission list         Show all configured access policies\n"
+            "  fp permission set          Set visibility and/or access for a scope\n"
+            "  fp permission check        Check access resolution for a target\n"
+            "  fp permission reset        Remove policy (fall back to inheritance)\n"
+            "  fp permission recalculate  Re-resolve access stamps from the policy chain\n"
             "\n"
             "diagnostics:\n"
             "  fp doctor                  Check installation health\n"
+            "  fp doctor search           Rebuild FTS search indexes\n"
+            "  fp doctor semantic         Rebuild vector store\n"
             "\n"
             "cleanup:\n"
             "  fp uninstall               Remove Footprinter (MCP entry, data, package)\n"
@@ -81,35 +90,31 @@ def main(argv=None) -> None:
     subparsers.required = False
 
     from footprinter.cli import (
-        api_cmd,
+        add,
         connect,
-        data,
         delete,
         doctor,
         ingest,
-        mcp_cmd,
+        permission_cmd,
         search,
         setup,
         status,
         uninstall,
-        upsert,
-        vectorize,
+        update,
         view,
     )
 
     for mod in [
+        add,
         ingest,
-        mcp_cmd,
-        api_cmd,
+        permission_cmd,
         status,
         search,
         setup,
         connect,
         view,
-        upsert,
-        data,
+        update,
         delete,
-        vectorize,
         uninstall,
         doctor,
     ]:

{footprinter_cli-1.0.4 → footprinter_cli-1.0.5}/footprinter/cli/_common.py

@@ -14,6 +14,8 @@ from typing import Optional, Union
 
 from rich.console import Console
 
+from footprinter.db.clients import VALID_STATUSES as VALID_CLIENT_STATUSES
+from footprinter.db.projects import VALID_STATUSES as VALID_PROJECT_STATUSES
 from footprinter.services import access_service as _access
 from footprinter.services.access_service import (
     resolve_inherit_permission,
@@ -51,8 +53,13 @@ C_DIM = "dim"
 
 VALID_STATUSES = frozenset({"listed", "unlisted", "removed"})
 
+VALID_STATUSES_BY_ENTITY: dict[str, frozenset[str]] = {
+    "client": VALID_CLIENT_STATUSES,
+    "project": VALID_PROJECT_STATUSES,
+}
+
 ALLOWED_TABLES = frozenset({"clients", "projects"})
-ALLOWED_COLUMNS = frozenset({"name", "project_name"})
+ALLOWED_COLUMNS = frozenset({"name"})
 
 
 # ---------------------------------------------------------------------------
@@ -157,6 +164,16 @@ def add_csv_flag(parser) -> None:
     )
 
 
+def add_template_flag(parser) -> None:
+    """Add a ``--template`` flag to an argparse parser."""
+    parser.add_argument(
+        "--template",
+        action="store_true",
+        default=False,
+        help="Output an import-compatible CSV template with example data",
+    )
+
+
 # ---------------------------------------------------------------------------
 # Output helpers
 # ---------------------------------------------------------------------------
@@ -263,46 +280,80 @@ def enrich_verbose_access(
     *,
     id_key: str = "id",
 ) -> None:
-    """Annotate rows in-place with access, access_source, visibility.
+    """Annotate rows in-place with resolved access fields.
 
-    Uses ``resolve_inherit_visibility`` / ``resolve_inherit_permission``
-    so that ``inherit`` values resolve to the global policy.  Since
-    ``open_db()`` calls ``load_globals`` before yielding, ``inherit``
-    values resolve to the actual global policy in normal CLI usage.
-    The baseline fallback remains as a defence-in-depth measure.
-
-    Three cases based on the ``mcp_read`` key in each row dict:
-
-    * **Key absent** (folders, visits): access = "—", source = "—"
-    * **Key is None** (truly missing): fails closed, source = "default"
-    * **Key is "inherit"**: resolved via global policy (source = "global")
-      or baseline (source = "baseline") depending on whether ``load_globals``
-      has been called
-    * **Key has a real value**: access from value, source = "cached"
+    Pops raw ``visibility`` and ``access`` stamped columns, resolves
+    ``inherit`` values, and writes a six-field access block:
+    ``visibility_raw``, ``access_raw``, ``visibility``, ``access``,
+    ``access_source``, ``visibility_source``.  Internal provenance columns
+    (``visibility_source``, ``access_source``) are consumed then removed.
 
     No-op if *rows* is empty.
     """
     if not rows:
         return
     for r in rows:
-        if "mcp_read" not in r:
-            r["access"] = "—"
-            r["access_source"] = "—"
-        elif r["mcp_read"] not in (None, "inherit"):
-            r["access"] = "allow" if r["mcp_read"] == "allow" else "deny"
-            r["access_source"] = "cached"
+        raw_vis = r.pop("visibility", None)
+        access_present = "access" in r
+        raw_access = r.pop("access", None)
+        read_source = r.pop("access_source", None)
+        view_source = r.pop("visibility_source", None)
+
+        if not access_present:
+            resolved_access = "—"
+            access_source = "—"
+        elif raw_access not in (None, "inherit"):
+            resolved_access = "allow" if raw_access == "allow" else "deny"
+            access_source = read_source if read_source else "cached"
         else:
-            resolved = resolve_inherit_permission(r["mcp_read"])
-            r["access"] = resolved
-            if r["mcp_read"] == "inherit":
-                r["access_source"] = "global" if _access.is_global_policy_loaded() else "baseline"
+            resolved_access = resolve_inherit_permission(raw_access)
+            if raw_access == "inherit":
+                access_source = "global" if _access.is_global_policy_loaded() else "baseline"
             else:
-                r["access_source"] = "default"
-        r["visibility"] = resolve_inherit_visibility(r.get("mcp_view"))
+                access_source = "default"
+
+        if raw_vis not in (None, "inherit"):
+            visibility_source = view_source if view_source else "cached"
+        elif raw_vis == "inherit":
+            visibility_source = "global" if _access.is_global_policy_loaded() else "baseline"
+        else:
+            visibility_source = "default"
+
+        r["visibility_raw"] = raw_vis
+        r["access_raw"] = raw_access
+        r["visibility"] = resolve_inherit_visibility(raw_vis)
+        r["access"] = resolved_access
+        r["access_source"] = access_source
+        r["visibility_source"] = visibility_source
 
 
 def verbose_access_cells(row: dict) -> list[str]:
-    """Return [access_cell, visibility_cell] with Rich color markup."""
+    """Return [vis_raw, access_raw, visibility, access, source, vis_source] with Rich color markup."""
+    vis_colors = {"full": "green", "opaque": "yellow", "hidden": "red"}
+
+    raw_vis = row.get("visibility_raw")
+    if raw_vis is None:
+        vis_raw_cell = "[dim]—[/dim]"
+    elif raw_vis == "inherit":
+        vis_raw_cell = "[dim]inherit[/dim]"
+    else:
+        vc = vis_colors.get(raw_vis, "white")
+        vis_raw_cell = f"[{vc}]{raw_vis}[/{vc}]"
+
+    raw_access = row.get("access_raw")
+    if raw_access is None:
+        access_raw_cell = "[dim]—[/dim]"
+    elif raw_access == "inherit":
+        access_raw_cell = "[dim]inherit[/dim]"
+    elif raw_access == "allow":
+        access_raw_cell = "[green]allow[/green]"
+    else:
+        access_raw_cell = "[red]deny[/red]"
+
+    visibility = row.get("visibility", "opaque")
+    vis_color = vis_colors.get(visibility, "white")
+    vis_cell = f"[{vis_color}]{visibility}[/{vis_color}]"
+
     access = row.get("access", "deny")
     if access == "—":
         access_cell = "[dim]—[/dim]"
@@ -311,12 +362,21 @@ def verbose_access_cells(row: dict) -> list[str]:
     else:
         access_cell = "[red]deny[/red]"
 
-    visibility = row.get("visibility", "opaque")
-    vis_colors = {"visible": "green", "opaque": "yellow", "hidden": "red"}
-    vis_color = vis_colors.get(visibility, "white")
-    vis_cell = f"[{vis_color}]{visibility}[/{vis_color}]"
+    source = row.get("access_source")
+    if source is None or source == "—":
+        source_cell = "[dim]—[/dim]"
+    else:
+        source_cell = source
+
+    vis_source = row.get("visibility_source")
+    if vis_source is None or vis_source == "—":
+        vis_source_cell = "[dim]—[/dim]"
+    elif vis_source == source:
+        vis_source_cell = "[dim]≡[/dim]"
+    else:
+        vis_source_cell = vis_source
 
-    return [access_cell, vis_cell]
+    return [vis_raw_cell, access_raw_cell, vis_cell, access_cell, source_cell, vis_source_cell]
 
 
 def format_size(size_bytes: int) -> str: