ghostbit-cli 1.0.0__tar.gz → 1.1.1__tar.gz

{ghostbit_cli-1.0.0 → ghostbit_cli-1.1.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ghostbit-cli
-Version: 1.0.0
+Version: 1.1.1
 Summary: Ghostbit CLI — create end-to-end encrypted pastes from the terminal
 License-Expression: MIT
 Project-URL: Homepage, https://github.com/stackopshq/ghostbit
@@ -23,6 +23,7 @@ Classifier: Topic :: Utilities
 Requires-Python: >=3.10
 Description-Content-Type: text/markdown
 Requires-Dist: cryptography>=42.0.0
+Requires-Dist: certifi
 Provides-Extra: color
 Requires-Dist: pygments>=2.17.0; extra == "color"
 Provides-Extra: markdown
@@ -43,26 +44,43 @@ All content is encrypted **in the client** before being sent to the server. The
 pip install ghostbit-cli
 ```
 
+With syntax highlighting and Markdown rendering:
+
+```bash
+pip install "ghostbit-cli[all]"       # pygments + rich
+pip install "ghostbit-cli[color]"     # pygments only (syntax highlighting)
+pip install "ghostbit-cli[markdown]"  # rich only (Markdown rendering)
+```
+
 ## Usage
 
 ```bash
 # Paste from stdin
-cat file.py | gb
+cat file.py | gbit
 
 # Paste a file (language auto-detected from extension)
-gb file.py
+gbit file.py
 
 # With options
-gb file.py --lang python --burn --expires 3600
+gbit file.py --lang python --burn --expires 3600
+
+# Password-protected paste (prompted securely)
+echo "secret" | gbit -p
 
-# Password-protected paste
-echo "secret" | gb --password mysecret
+# Or pass inline (visible in process list)
+gbit file.py --password mysecret
+
+# View and decrypt a paste in the terminal
+gbit view https://paste.example.com/abc123#KEY~TOKEN
+
+# View a password-protected paste (prompts for password)
+gbit view https://paste.example.com/abc123#~TOKEN
 
 # Output JSON (includes full URL with decryption key)
-cat data.json | gb --json
+cat data.json | gbit --json
 
 # Point to your self-hosted instance
-gb config set server https://paste.example.com
+gbit config set server https://paste.example.com
 ```
 
 ## Options
@@ -73,21 +91,27 @@ gb config set server https://paste.example.com
 | `--expires` | `-e` | TTL in seconds (3600 = 1h, 86400 = 1d) |
 | `--burn` | `-b` | Delete after the first view |
 | `--max-views` | `-m` | Delete after N views |
-| `--password` | `-p` | Encrypt with a password |
+| `--password` | `-p` | Encrypt with a password (prompted if no value given) |
 | `--server` | `-s` | Override server URL for this call |
 | `--quiet` | `-q` | Print URL only |
 | `--json` | | Print full JSON response |
+| `--no-history` | | Don't save to local history |
+| `--version` | `-V` | Print version and exit |
 
 ## Configuration
 
 ```bash
-gb config set server https://paste.example.com
-gb config show
-gb config unset server
+gbit config set server https://paste.example.com
+gbit config show
+gbit config unset server
 ```
 
 Config is stored at `~/.config/ghostbit.toml`.
 
+## Security Note
+
+The local history (`~/.local/share/ghostbit/history.jsonl`) stores full URLs **including decryption keys**. Use `--no-history` for sensitive pastes, or clear history with `gbit list --clear`.
+
 ## Self-hosting
 
 See the [Ghostbit server repository](https://github.com/stackopshq/ghostbit) for Docker and manual setup instructions.

ghostbit_cli-1.1.1/README.md

@@ -0,0 +1,87 @@
+# Ghostbit CLI
+
+Command-line tool for [Ghostbit](https://github.com/stackopshq/ghostbit) — a self-hosted, end-to-end encrypted paste service.
+
+All content is encrypted **in the client** before being sent to the server. The server never sees your plaintext.
+
+## Install
+
+```bash
+pip install ghostbit-cli
+```
+
+With syntax highlighting and Markdown rendering:
+
+```bash
+pip install "ghostbit-cli[all]"       # pygments + rich
+pip install "ghostbit-cli[color]"     # pygments only (syntax highlighting)
+pip install "ghostbit-cli[markdown]"  # rich only (Markdown rendering)
+```
+
+## Usage
+
+```bash
+# Paste from stdin
+cat file.py | gbit
+
+# Paste a file (language auto-detected from extension)
+gbit file.py
+
+# With options
+gbit file.py --lang python --burn --expires 3600
+
+# Password-protected paste (prompted securely)
+echo "secret" | gbit -p
+
+# Or pass inline (visible in process list)
+gbit file.py --password mysecret
+
+# View and decrypt a paste in the terminal
+gbit view https://paste.example.com/abc123#KEY~TOKEN
+
+# View a password-protected paste (prompts for password)
+gbit view https://paste.example.com/abc123#~TOKEN
+
+# Output JSON (includes full URL with decryption key)
+cat data.json | gbit --json
+
+# Point to your self-hosted instance
+gbit config set server https://paste.example.com
+```
+
+## Options
+
+| Flag | Short | Description |
+|------|-------|-------------|
+| `--lang` | `-l` | Language hint (python, go, rust, …) |
+| `--expires` | `-e` | TTL in seconds (3600 = 1h, 86400 = 1d) |
+| `--burn` | `-b` | Delete after the first view |
+| `--max-views` | `-m` | Delete after N views |
+| `--password` | `-p` | Encrypt with a password (prompted if no value given) |
+| `--server` | `-s` | Override server URL for this call |
+| `--quiet` | `-q` | Print URL only |
+| `--json` | | Print full JSON response |
+| `--no-history` | | Don't save to local history |
+| `--version` | `-V` | Print version and exit |
+
+## Configuration
+
+```bash
+gbit config set server https://paste.example.com
+gbit config show
+gbit config unset server
+```
+
+Config is stored at `~/.config/ghostbit.toml`.
+
+## Security Note
+
+The local history (`~/.local/share/ghostbit/history.jsonl`) stores full URLs **including decryption keys**. Use `--no-history` for sensitive pastes, or clear history with `gbit list --clear`.
+
+## Self-hosting
+
+See the [Ghostbit server repository](https://github.com/stackopshq/ghostbit) for Docker and manual setup instructions.
+
+## License
+
+MIT

{ghostbit_cli-1.0.0 → ghostbit_cli-1.1.1}/cli.py

@@ -3,27 +3,43 @@
 Ghostbit CLI — create and view pastes from the terminal.
 
 Usage:
-  cat file.py | gb
-  gb file.py
-  gb file.py --lang python --burn
-  gb view https://paste.example.com/abc123#KEY~TOKEN
-  gb config set server https://paste.example.com
-  gb config show
+  cat file.py | gbit
+  gbit file.py
+  gbit file.py --lang python --burn
+  gbit view https://paste.example.com/abc123#KEY~TOKEN
+  gbit config set server https://paste.example.com
+  gbit config show
 """
 
 import argparse
 import base64
+import getpass
 import json
 import os
+import ssl
 import sys
 import time
 import urllib.error
 import urllib.request
 from pathlib import Path
 
-__version__ = "1.0.0"
+__version__ = "1.1.1"
 _USER_AGENT  = f"Ghostbit-CLI/{__version__}"
 
+# Build an SSL context that works on macOS (certifi) and everywhere else.
+try:
+    import certifi
+    _SSL_CTX = ssl.create_default_context(cafile=certifi.where())
+except ImportError:
+    _SSL_CTX = ssl.create_default_context()
+
+LANGUAGES = [
+    "python", "javascript", "typescript", "go", "rust", "ruby", "php",
+    "java", "c", "cpp", "csharp", "bash", "powershell", "html", "css",
+    "sql", "json", "yaml", "toml", "xml", "markdown", "dockerfile",
+    "kotlin", "swift", "lua", "r", "diff",
+]
+
 try:
     from cryptography.hazmat.primitives.ciphers.aead import AESGCM
     from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
@@ -67,7 +83,8 @@ def _key_to_fragment(key: bytes) -> str:
 
 # ── Config ────────────────────────────────────────────────────────────────────
 
-CONFIG_PATH = Path.home() / ".config" / "ghostbit.toml"
+CONFIG_PATH  = Path.home() / ".config" / "ghostbit.toml"
+HISTORY_PATH = Path.home() / ".local" / "share" / "ghostbit" / "history.jsonl"
 DEFAULT_SERVER = "http://localhost:8000"
 
 VALID_KEYS = {"server"}
@@ -96,7 +113,7 @@ def _write_config(cfg: dict) -> None:
 # ── Subcommands ───────────────────────────────────────────────────────────────
 
 def _run_config(argv):
-    parser = argparse.ArgumentParser(prog="gb config", description="Manage Ghostbit CLI configuration.")
+    parser = argparse.ArgumentParser(prog="gbit config", description="Manage Ghostbit CLI configuration.")
     sub = parser.add_subparsers(dest="action")
 
     sub.add_parser("show", help="Show current configuration.")
@@ -174,7 +191,11 @@ def cmd_paste(args):
                 ".dockerfile": "dockerfile", ".kt": "kotlin", ".swift": "swift",
                 ".lua": "lua", ".r": "r", ".diff": "diff", ".patch": "diff",
             }
-            args.lang = ext_map.get(path.suffix.lower())
+            # Handle extensionless files by name (e.g. Dockerfile, Makefile)
+            name_map = {
+                "dockerfile": "dockerfile", "makefile": "makefile",
+            }
+            args.lang = ext_map.get(path.suffix.lower()) or name_map.get(path.name.lower())
     else:
         if sys.stdin.isatty():
             print("Reading from stdin… (Ctrl+D to finish)", file=sys.stderr)
@@ -187,9 +208,17 @@ def cmd_paste(args):
     _require_crypto()
 
     # ── Encrypt client-side (mirrors browser e2e.js) ──
-    if args.password:
+    # If --password was given without a value, prompt interactively
+    password = args.password
+    if password is True or password == '':
+        password = getpass.getpass('Password: ')
+        if not password:
+            print('Error: password cannot be empty.', file=sys.stderr)
+            sys.exit(1)
+
+    if password:
         kdf_salt = _gen_salt()
-        key      = _derive_key(args.password, kdf_salt)
+        key      = _derive_key(password, kdf_salt)
     else:
         key      = _gen_key()
         kdf_salt = None
@@ -209,13 +238,24 @@ def cmd_paste(args):
     result = _api_create(server, payload)
 
     # Build full URL with fragment (key + delete token)
-    if args.password:
+    if password:
         fragment = f"~{result['delete_token']}"
     else:
         fragment = f"{_key_to_fragment(key)}~{result['delete_token']}"
 
     full_url = f"{result['url']}#{fragment}"
 
+    # Append to local history (best-effort, privacy-first — stays on disk only)
+    if not args.no_history:
+        _history_append({
+            "id":         result["id"],
+            "url":        result["url"],
+            "full_url":   full_url,
+            "created_at": int(time.time()),
+            "language":   args.lang,
+            "expires_at": result.get("expires_at"),
+        })
+
     if args.json:
         result["full_url"] = full_url
         print(json.dumps(result, indent=2))
@@ -237,11 +277,11 @@ def cmd_paste(args):
                 parts.append("burn after read")
             if result.get("max_views"):
                 parts.append(f"max {result['max_views']} views")
-            if args.password:
+            if password:
                 parts.append("password protected")
             if parts:
                 print("  " + "  ·  ".join(parts), file=sys.stderr)
-            if not args.password:
+            if not password:
                 print("  Share the full URL — the decryption key is in the #fragment.", file=sys.stderr)
 
 
@@ -281,7 +321,6 @@ def _print_highlighted(content: str, language: str | None) -> None:
 
 
 def cmd_view(args):
-    import getpass
     from urllib.parse import urldefrag, urlparse
 
     url_no_frag, fragment = urldefrag(args.url)
@@ -302,7 +341,7 @@ def cmd_view(args):
     api_url = f"{server}/api/v1/pastes/{paste_id}"
     req = urllib.request.Request(api_url, headers={"User-Agent": _USER_AGENT})
     try:
-        with urllib.request.urlopen(req, timeout=15) as resp:
+        with urllib.request.urlopen(req, timeout=15, context=_SSL_CTX) as resp:
             data = json.loads(resp.read())
     except urllib.error.HTTPError as e:
         body = e.read().decode(errors="replace")
@@ -363,7 +402,7 @@ def _api_create(server: str, payload: dict) -> dict:
         method="POST",
     )
     try:
-        with urllib.request.urlopen(req, timeout=15) as resp:
+        with urllib.request.urlopen(req, timeout=15, context=_SSL_CTX) as resp:
             return json.loads(resp.read())
     except urllib.error.HTTPError as e:
         body = e.read().decode(errors="replace")
@@ -375,9 +414,274 @@ def _api_create(server: str, payload: dict) -> dict:
         sys.exit(1)
     except urllib.error.URLError as e:
         print(f"Could not connect to {server}: {e.reason}", file=sys.stderr)
-        print(f"  Tip: run `gb config set server <URL>` to set your server.", file=sys.stderr)
+        print(f"  Tip: run `gbit config set server <URL>` to set your server.", file=sys.stderr)
+        sys.exit(1)
+
+
+# ── Local history ────────────────────────────────────────────────────────────
+
+def _history_append(entry: dict) -> None:
+    """Append one entry to the local history file (JSONL, one JSON object per line)."""
+    try:
+        HISTORY_PATH.parent.mkdir(parents=True, exist_ok=True)
+        with HISTORY_PATH.open("a", encoding="utf-8") as f:
+            f.write(json.dumps(entry) + "\n")
+    except Exception:
+        pass  # history is best-effort, never block a paste creation
+
+
+def _history_load() -> list[dict]:
+    if not HISTORY_PATH.exists():
+        return []
+    entries = []
+    for line in HISTORY_PATH.read_text(encoding="utf-8").splitlines():
+        line = line.strip()
+        if line:
+            try:
+                entries.append(json.loads(line))
+            except json.JSONDecodeError:
+                pass
+    return entries
+
+
+def cmd_delete(url: str) -> None:
+    from urllib.parse import urldefrag, urlparse
+
+    url_no_frag, fragment = urldefrag(url)
+    parsed   = urlparse(url_no_frag)
+    server   = f"{parsed.scheme}://{parsed.netloc}"
+    paste_id = parsed.path.strip("/")
+
+    if not paste_id or not parsed.scheme:
+        print("Error: invalid URL.", file=sys.stderr)
         sys.exit(1)
 
+    # Fragment: KEY~DELETE_TOKEN  or  ~DELETE_TOKEN
+    delete_token = fragment.partition("~")[2]
+    if not delete_token:
+        print("Error: delete token missing from URL fragment (expected KEY~TOKEN or ~TOKEN).", file=sys.stderr)
+        sys.exit(1)
+
+    api_url = f"{server}/api/v1/pastes/{paste_id}"
+    req = urllib.request.Request(
+        api_url,
+        headers={"User-Agent": _USER_AGENT, "X-Delete-Token": delete_token},
+        method="DELETE",
+    )
+    try:
+        with urllib.request.urlopen(req, timeout=15, context=_SSL_CTX):
+            pass
+        print(f"Deleted {paste_id}.")
+    except urllib.error.HTTPError as e:
+        if e.code == 403:
+            print("Error: invalid delete token.", file=sys.stderr)
+        elif e.code == 404:
+            print("Error: paste not found (already deleted or expired).", file=sys.stderr)
+        else:
+            print(f"Error {e.code}.", file=sys.stderr)
+        sys.exit(1)
+    except urllib.error.URLError as e:
+        print(f"Could not connect to {server}: {e.reason}", file=sys.stderr)
+        sys.exit(1)
+
+
+def cmd_list(clear: bool = False) -> None:
+    if clear:
+        if HISTORY_PATH.exists():
+            HISTORY_PATH.unlink()
+            print("History cleared.")
+        else:
+            print("No history file found.")
+        return
+
+    entries = _history_load()
+    if not entries:
+        print("No pastes in local history.", file=sys.stderr)
+        print(f"  History file: {HISTORY_PATH}", file=sys.stderr)
+        return
+
+    now = int(time.time())
+
+    def _age(ts: int) -> str:
+        delta = now - ts
+        if delta < 120:      return "just now"
+        if delta < 3600:     return f"{delta // 60}m ago"
+        if delta < 86400:    return f"{delta // 3600}h ago"
+        return f"{delta // 86400}d ago"
+
+    def _expiry(expires_at) -> str:
+        if not expires_at:
+            return "never"
+        delta = expires_at - now
+        if delta <= 0:       return "expired"
+        if delta < 3600:     return f"in {delta // 60}m"
+        if delta < 86400:    return f"in {delta // 3600}h"
+        return f"in {delta // 86400}d"
+
+    print(f"{'ID':<12} {'Lang':<14} {'Created':<12} {'Expires':<10}  URL")
+    print("-" * 80)
+    for e in reversed(entries):
+        row_id      = e.get("id", "?")[:10]
+        lang        = (e.get("language") or "plain")[:12]
+        created     = _age(e.get("created_at", 0))
+        expires     = _expiry(e.get("expires_at"))
+        full_url    = e.get("full_url", e.get("url", ""))
+        print(f"{row_id:<12} {lang:<14} {created:<12} {expires:<10}  {full_url}")
+
+
+# ── Shell completion ──────────────────────────────────────────────────────────
+
+_COMPLETION_BASH = r"""
+# Ghostbit bash completion
+# Usage: eval "$(gbit completion bash)"  or add to ~/.bashrc
+
+_gb_completion() {
+    local cur prev words cword
+    _init_completion 2>/dev/null || {
+        COMPREPLY=()
+        cur="${COMP_WORDS[COMP_CWORD]}"
+        prev="${COMP_WORDS[COMP_CWORD-1]}"
+        words=("${COMP_WORDS[@]}")
+        cword=$COMP_CWORD
+    }
+
+    local langs="LANGS_PLACEHOLDER"
+    local main_opts="--lang --expires --burn --max-views --password --server --quiet --json -l -e -b -m -p -s -q"
+
+    # Option argument completions
+    case "$prev" in
+        --lang|-l)    COMPREPLY=($(compgen -W "$langs" -- "$cur")); return ;;
+        --server|-s)  COMPREPLY=($(compgen -W "http:// https://" -- "$cur")); return ;;
+        --expires|-e|--max-views|-m|--password|-p) return ;;
+    esac
+
+    local subcmd="${words[1]}"
+
+    case "$subcmd" in
+        config)
+            case "$cword" in
+                2) COMPREPLY=($(compgen -W "show set unset" -- "$cur")) ;;
+                3) [[ "${words[2]}" == "set" || "${words[2]}" == "unset" ]] \
+                    && COMPREPLY=($(compgen -W "server" -- "$cur")) ;;
+            esac
+            return ;;
+        completion)
+            COMPREPLY=($(compgen -W "bash zsh fish" -- "$cur"))
+            return ;;
+        view) return ;;
+    esac
+
+    if [[ $cword -eq 1 ]]; then
+        COMPREPLY=($(compgen -W "config view delete list completion $main_opts" -- "$cur"))
+        COMPREPLY+=($(compgen -f -- "$cur"))
+    else
+        COMPREPLY=($(compgen -W "$main_opts" -- "$cur"))
+        COMPREPLY+=($(compgen -f -- "$cur"))
+    fi
+}
+
+complete -o filenames -F _gb_completion gbit
+complete -o filenames -F _gb_completion ghostbit
+"""
+
+_COMPLETION_ZSH = r"""
+#compdef gbit ghostbit
+# Ghostbit zsh completion
+# Usage: eval "$(gbit completion zsh)"  or add to ~/.zshrc
+
+_gb() {
+    local langs=(LANGS_PLACEHOLDER)
+    local main_opts=(
+        '(-l --lang)'{-l,--lang}'[language hint]:language:('"${langs[*]}"')'
+        '(-e --expires)'{-e,--expires}'[TTL in seconds]:seconds:'
+        '(-b --burn)'{-b,--burn}'[delete after first view]'
+        '(-m --max-views)'{-m,--max-views}'[delete after N views]:count:'
+        '(-p --password)'{-p,--password}'[encrypt with password]:password:'
+        '(-s --server)'{-s,--server}'[server URL]:url:'
+        '(-q --quiet)'{-q,--quiet}'[print URL only]'
+        '--json[print full JSON response]'
+    )
+
+    local state
+    _arguments -C \
+        '1: :->first' \
+        '*: :->rest' && return 0
+
+    case $state in
+        first)
+            _alternative \
+                'subcommands:subcommand:((config\:"manage config" view\:"view a paste" delete\:"delete a paste" list\:"list local history" completion\:"shell completion"))' \
+                "options: :_arguments ${main_opts[*]}" \
+                'files:file:_files'
+            ;;
+        rest)
+            case $words[2] in
+                config)
+                    case $CURRENT in
+                        3) _values 'action' show set unset ;;
+                        4) [[ $words[3] == (set|unset) ]] && _values 'key' server ;;
+                    esac ;;
+                view)      _nothing ;;
+                completion) _values 'shell' bash zsh fish ;;
+                *)         _arguments "${main_opts[@]}" && _files ;;
+            esac
+            ;;
+    esac
+}
+
+_gb
+"""
+
+_COMPLETION_FISH = """
+# Ghostbit fish completion
+# Usage: gbit completion fish | source  or save to ~/.config/fish/completions/gbit.fish
+
+set -l langs LANGS_PLACEHOLDER
+
+# Disable file completion when a subcommand is active and not needed
+function __gb_no_subcommand
+    not __fish_seen_subcommand_from config view delete list completion
+end
+
+# Subcommands
+complete -c gbit -f -n '__gb_no_subcommand' -a config     -d 'Manage configuration'
+complete -c gbit -f -n '__gb_no_subcommand' -a view       -d 'View and decrypt a paste'
+complete -c gbit -f -n '__gb_no_subcommand' -a delete     -d 'Delete a paste'
+complete -c gbit -f -n '__gb_no_subcommand' -a list       -d 'List local paste history'
+complete -c gbit -f -n '__gb_no_subcommand' -a completion -d 'Output shell completion script'
+
+# config actions
+complete -c gbit -f -n '__fish_seen_subcommand_from config' -a show  -d 'Show current config'
+complete -c gbit -f -n '__fish_seen_subcommand_from config' -a set   -d 'Set a value'
+complete -c gbit -f -n '__fish_seen_subcommand_from config' -a unset -d 'Remove a value'
+
+# completion shells
+complete -c gbit -f -n '__fish_seen_subcommand_from completion' -a bash -d 'Bash completion'
+complete -c gbit -f -n '__fish_seen_subcommand_from completion' -a zsh  -d 'Zsh completion'
+complete -c gbit -f -n '__fish_seen_subcommand_from completion' -a fish -d 'Fish completion'
+
+# Main options
+complete -c gbit -n '__gb_no_subcommand' -s l -l lang       -d 'Language hint'         -a "$langs"
+complete -c gbit -n '__gb_no_subcommand' -s e -l expires    -d 'TTL in seconds'
+complete -c gbit -n '__gb_no_subcommand' -s b -l burn       -d 'Delete after first view'
+complete -c gbit -n '__gb_no_subcommand' -s m -l max-views  -d 'Delete after N views'
+complete -c gbit -n '__gb_no_subcommand' -s p -l password   -d 'Encrypt with password'
+complete -c gbit -n '__gb_no_subcommand' -s s -l server     -d 'Server URL'
+complete -c gbit -n '__gb_no_subcommand' -s q -l quiet      -d 'Print URL only'
+complete -c gbit -n '__gb_no_subcommand'      -l json       -d 'Print full JSON response'
+"""
+
+
+def cmd_completion(shell: str) -> None:
+    langs_str = " ".join(LANGUAGES)
+    templates = {
+        "bash": _COMPLETION_BASH,
+        "zsh":  _COMPLETION_ZSH,
+        "fish": _COMPLETION_FISH,
+    }
+    script = templates[shell].replace("LANGS_PLACEHOLDER", langs_str)
+    print(script.strip())
+
 
 # ── Entry point ───────────────────────────────────────────────────────────────
 
@@ -387,12 +691,35 @@ def main():
         _run_config(sys.argv[2:])
         return
 
+    # Route to delete subcommand
+    if len(sys.argv) > 1 and sys.argv[1] == "delete":
+        if len(sys.argv) < 3:
+            print("Usage: gbit delete <url>", file=sys.stderr)
+            sys.exit(1)
+        cmd_delete(sys.argv[2])
+        return
+
+    # Route to list subcommand
+    if len(sys.argv) > 1 and sys.argv[1] == "list":
+        clear = "--clear" in sys.argv
+        cmd_list(clear=clear)
+        return
+
+    # Route to completion subcommand
+    if len(sys.argv) > 1 and sys.argv[1] == "completion":
+        shells = ["bash", "zsh", "fish"]
+        if len(sys.argv) < 3 or sys.argv[2] not in shells:
+            print(f"Usage: gbit completion [{'|'.join(shells)}]", file=sys.stderr)
+            sys.exit(1)
+        cmd_completion(sys.argv[2])
+        return
+
     # Route to view subcommand
     if len(sys.argv) > 1 and sys.argv[1] == "view":
         if len(sys.argv) < 3:
-            print("Usage: gb view <url>", file=sys.stderr)
+            print("Usage: gbit view <url>", file=sys.stderr)
             sys.exit(1)
-        view_parser = argparse.ArgumentParser(prog="gb view")
+        view_parser = argparse.ArgumentParser(prog="gbit view")
         view_parser.add_argument("url", help="Full paste URL (including #fragment).")
         cmd_view(view_parser.parse_args(sys.argv[2:]))
         return
@@ -401,24 +728,24 @@ def main():
     current_server = cfg.get("server", DEFAULT_SERVER)
 
     parser = argparse.ArgumentParser(
-        prog="gb",
+        prog="gbit",
         description="Ghostbit CLI — create encrypted pastes from the terminal.",
         formatter_class=argparse.RawDescriptionHelpFormatter,
         epilog=f"""
 examples:
-  cat main.py | gb
-  gb main.py
-  gb main.py --lang python --burn
-  gb main.py --expires 3600 --password secret
-  gb view https://paste.example.com/abc123#KEY~TOKEN
-  gb config set server https://paste.example.com
-  gb config show
+  cat main.py | gbit
+  gbit main.py
+  gbit main.py --lang python --burn
+  gbit main.py --expires 3600 --password secret
+  gbit view https://paste.example.com/abc123#KEY~TOKEN
+  gbit config set server https://paste.example.com
+  gbit config show
 
 current server: {current_server}
         """,
     )
 
-    # ── gb [file] ──
+    # ── gbit [file] ──
     parser.add_argument(
         "file",
         nargs="?",
@@ -456,9 +783,11 @@ current server: {current_server}
     )
     parser.add_argument(
         "--password", "-p",
+        nargs="?",
+        const=True,
         default=None,
         metavar="PASS",
-        help="Encrypt with a password.",
+        help="Encrypt with a password. Omit value to be prompted securely.",
     )
     parser.add_argument(
         "--quiet", "-q",
@@ -470,6 +799,16 @@ current server: {current_server}
         action="store_true",
         help="Print the full JSON response.",
     )
+    parser.add_argument(
+        "--no-history",
+        action="store_true",
+        help="Don't save this paste to local history.",
+    )
+    parser.add_argument(
+        "--version", "-V",
+        action="version",
+        version=f"%(prog)s {__version__}",
+    )
 
     args = parser.parse_args()
     cmd_paste(args)

{ghostbit_cli-1.0.0 → ghostbit_cli-1.1.1}/ghostbit_cli.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: ghostbit-cli
-Version: 1.0.0
+Version: 1.1.1
 Summary: Ghostbit CLI — create end-to-end encrypted pastes from the terminal
 License-Expression: MIT
 Project-URL: Homepage, https://github.com/stackopshq/ghostbit
@@ -23,6 +23,7 @@ Classifier: Topic :: Utilities
 Requires-Python: >=3.10
 Description-Content-Type: text/markdown
 Requires-Dist: cryptography>=42.0.0
+Requires-Dist: certifi
 Provides-Extra: color
 Requires-Dist: pygments>=2.17.0; extra == "color"
 Provides-Extra: markdown
@@ -43,26 +44,43 @@ All content is encrypted **in the client** before being sent to the server. The
 pip install ghostbit-cli
 ```
 
+With syntax highlighting and Markdown rendering:
+
+```bash
+pip install "ghostbit-cli[all]"       # pygments + rich
+pip install "ghostbit-cli[color]"     # pygments only (syntax highlighting)
+pip install "ghostbit-cli[markdown]"  # rich only (Markdown rendering)
+```
+
 ## Usage
 
 ```bash
 # Paste from stdin
-cat file.py | gb
+cat file.py | gbit
 
 # Paste a file (language auto-detected from extension)
-gb file.py
+gbit file.py
 
 # With options
-gb file.py --lang python --burn --expires 3600
+gbit file.py --lang python --burn --expires 3600
+
+# Password-protected paste (prompted securely)
+echo "secret" | gbit -p
 
-# Password-protected paste
-echo "secret" | gb --password mysecret
+# Or pass inline (visible in process list)
+gbit file.py --password mysecret
+
+# View and decrypt a paste in the terminal
+gbit view https://paste.example.com/abc123#KEY~TOKEN
+
+# View a password-protected paste (prompts for password)
+gbit view https://paste.example.com/abc123#~TOKEN
 
 # Output JSON (includes full URL with decryption key)
-cat data.json | gb --json
+cat data.json | gbit --json
 
 # Point to your self-hosted instance
-gb config set server https://paste.example.com
+gbit config set server https://paste.example.com
 ```
 
 ## Options
@@ -73,21 +91,27 @@ gb config set server https://paste.example.com
 | `--expires` | `-e` | TTL in seconds (3600 = 1h, 86400 = 1d) |
 | `--burn` | `-b` | Delete after the first view |
 | `--max-views` | `-m` | Delete after N views |
-| `--password` | `-p` | Encrypt with a password |
+| `--password` | `-p` | Encrypt with a password (prompted if no value given) |
 | `--server` | `-s` | Override server URL for this call |
 | `--quiet` | `-q` | Print URL only |
 | `--json` | | Print full JSON response |
+| `--no-history` | | Don't save to local history |
+| `--version` | `-V` | Print version and exit |
 
 ## Configuration
 
 ```bash
-gb config set server https://paste.example.com
-gb config show
-gb config unset server
+gbit config set server https://paste.example.com
+gbit config show
+gbit config unset server
 ```
 
 Config is stored at `~/.config/ghostbit.toml`.
 
+## Security Note
+
+The local history (`~/.local/share/ghostbit/history.jsonl`) stores full URLs **including decryption keys**. Use `--no-history` for sensitive pastes, or clear history with `gbit list --clear`.
+
 ## Self-hosting
 
 See the [Ghostbit server repository](https://github.com/stackopshq/ghostbit) for Docker and manual setup instructions.

{ghostbit_cli-1.0.0 → ghostbit_cli-1.1.1}/ghostbit_cli.egg-info/entry_points.txt

@@ -1,3 +1,3 @@
 [console_scripts]
-gb = cli:main
+gbit = cli:main
 ghostbit = cli:main

{ghostbit_cli-1.0.0 → ghostbit_cli-1.1.1}/ghostbit_cli.egg-info/requires.txt

@@ -1,4 +1,5 @@
 cryptography>=42.0.0
+certifi
 
 [all]
 pygments>=2.17.0

{ghostbit_cli-1.0.0 → ghostbit_cli-1.1.1}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "ghostbit-cli"
-version = "1.0.0"
+version = "1.1.1"
 description = "Ghostbit CLI — create end-to-end encrypted pastes from the terminal"
 readme = "README.md"
 license = "MIT"
@@ -27,6 +27,7 @@ classifiers = [
 ]
 dependencies = [
     "cryptography>=42.0.0",
+    "certifi",
 ]
 
 [project.optional-dependencies]
@@ -40,7 +41,7 @@ Repository = "https://github.com/stackopshq/ghostbit"
 "Bug Tracker" = "https://github.com/stackopshq/ghostbit/issues"
 
 [project.scripts]
-gb = "cli:main"
+gbit = "cli:main"
 ghostbit = "cli:main"
 
 [tool.setuptools]

ghostbit_cli-1.0.0/README.md

@@ -1,64 +0,0 @@
-# Ghostbit CLI
-
-Command-line tool for [Ghostbit](https://github.com/stackopshq/ghostbit) — a self-hosted, end-to-end encrypted paste service.
-
-All content is encrypted **in the client** before being sent to the server. The server never sees your plaintext.
-
-## Install
-
-```bash
-pip install ghostbit-cli
-```
-
-## Usage
-
-```bash
-# Paste from stdin
-cat file.py | gb
-
-# Paste a file (language auto-detected from extension)
-gb file.py
-
-# With options
-gb file.py --lang python --burn --expires 3600
-
-# Password-protected paste
-echo "secret" | gb --password mysecret
-
-# Output JSON (includes full URL with decryption key)
-cat data.json | gb --json
-
-# Point to your self-hosted instance
-gb config set server https://paste.example.com
-```
-
-## Options
-
-| Flag | Short | Description |
-|------|-------|-------------|
-| `--lang` | `-l` | Language hint (python, go, rust, …) |
-| `--expires` | `-e` | TTL in seconds (3600 = 1h, 86400 = 1d) |
-| `--burn` | `-b` | Delete after the first view |
-| `--max-views` | `-m` | Delete after N views |
-| `--password` | `-p` | Encrypt with a password |
-| `--server` | `-s` | Override server URL for this call |
-| `--quiet` | `-q` | Print URL only |
-| `--json` | | Print full JSON response |
-
-## Configuration
-
-```bash
-gb config set server https://paste.example.com
-gb config show
-gb config unset server
-```
-
-Config is stored at `~/.config/ghostbit.toml`.
-
-## Self-hosting
-
-See the [Ghostbit server repository](https://github.com/stackopshq/ghostbit) for Docker and manual setup instructions.
-
-## License
-
-MIT