gira-cli 1.0.0__tar.gz

gira_cli-1.0.0/PKG-INFO

@@ -0,0 +1,25 @@
+Metadata-Version: 2.4
+Name: gira-cli
+Version: 1.0.0
+Summary: Jira-style project flow on GitHub, distributed as the official Go-built gira binary.
+Author: StatPan
+License-Expression: MIT
+Classifier: Environment :: Console
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Topic :: Software Development :: Version Control :: Git
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+
+# gira-cli
+
+PyPI distribution wrapper for the official Go-built `gira` binary.
+
+This package does not reimplement Gira in Python. The `gira` console command downloads the matching GitHub Release archive on first run, verifies `checksums.txt`, caches the native binary, and then executes it.
+
+```bash
+pip install gira-cli
+gira version
+```
+
+The PyPI package name is `gira-cli` because the `gira` package name is already occupied on PyPI. The installed command is still `gira`.

gira_cli-1.0.0/README.md

@@ -0,0 +1,12 @@
+# gira-cli
+
+PyPI distribution wrapper for the official Go-built `gira` binary.
+
+This package does not reimplement Gira in Python. The `gira` console command downloads the matching GitHub Release archive on first run, verifies `checksums.txt`, caches the native binary, and then executes it.
+
+```bash
+pip install gira-cli
+gira version
+```
+
+The PyPI package name is `gira-cli` because the `gira` package name is already occupied on PyPI. The installed command is still `gira`.

gira_cli-1.0.0/pyproject.toml

@@ -0,0 +1,29 @@
+[build-system]
+requires = ["setuptools>=69", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "gira-cli"
+version = "1.0.0"
+description = "Jira-style project flow on GitHub, distributed as the official Go-built gira binary."
+readme = "README.md"
+requires-python = ">=3.9"
+license = "MIT"
+authors = [
+  { name = "StatPan" }
+]
+classifiers = [
+  "Environment :: Console",
+  "Programming Language :: Python :: 3",
+  "Programming Language :: Python :: 3 :: Only",
+  "Topic :: Software Development :: Version Control :: Git",
+]
+
+[project.scripts]
+gira = "gira_cli:main"
+
+[tool.setuptools]
+package-dir = { "" = "src" }
+
+[tool.setuptools.packages.find]
+where = ["src"]

gira_cli-1.0.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

gira_cli-1.0.0/src/gira_cli/__init__.py

@@ -0,0 +1,3 @@
+from .installer import main
+
+__all__ = ["main"]

gira_cli-1.0.0/src/gira_cli/installer.py

@@ -0,0 +1,229 @@
+from __future__ import annotations
+
+import hashlib
+import importlib.metadata
+import os
+import platform
+import shutil
+import stat
+import subprocess
+import sys
+import tarfile
+import tempfile
+import urllib.request
+import zipfile
+from pathlib import Path
+from typing import BinaryIO, Dict, Optional
+
+REPO = "StatPan/gira"
+
+
+def package_version() -> str:
+    return importlib.metadata.version("gira-cli")
+
+
+def release_version() -> str:
+    env_version = os.environ.get("GIRA_VERSION", "").strip()
+    if env_version:
+        return env_version
+    version = package_version()
+    if "dev" in version:
+        return ""
+    return version if version.startswith("v") else f"v{version}"
+
+
+def resolve_platform(system: Optional[str] = None, machine: Optional[str] = None) -> Dict[str, str]:
+    system = (system or platform.system()).lower()
+    machine = (machine or platform.machine()).lower()
+    os_map = {
+        "linux": "linux",
+        "darwin": "darwin",
+        "windows": "windows",
+    }
+    arch_map = {
+        "x86_64": "amd64",
+        "amd64": "amd64",
+        "arm64": "arm64",
+        "aarch64": "arm64",
+    }
+    goos = os_map.get(system)
+    goarch = arch_map.get(machine)
+    if not goos:
+        raise RuntimeError(f"unsupported OS: {system}")
+    if not goarch:
+        raise RuntimeError(f"unsupported architecture: {machine}")
+    if goos == "windows" and goarch != "amd64":
+        raise RuntimeError(f"unsupported Windows architecture: {machine}")
+    return {
+        "goos": goos,
+        "goarch": goarch,
+        "extension": "zip" if goos == "windows" else "tar.gz",
+        "binary": "gira.exe" if goos == "windows" else "gira",
+    }
+
+
+def archive_name(version: str, info: Dict[str, str]) -> str:
+    return f"gira_{version}_{info['goos']}_{info['goarch']}.{info['extension']}"
+
+
+def base_url(version: str) -> str:
+    return os.environ.get("GIRA_BASE_URL", "").strip() or f"https://github.com/{REPO}/releases/download/{version}"
+
+
+def cache_dir(version: str, info: Dict[str, str]) -> Path:
+    override = os.environ.get("GIRA_PYPI_CACHE_DIR", "").strip()
+    root = Path(override).expanduser() if override else Path.home() / ".cache" / "gira-cli"
+    return root / version / f"{info['goos']}_{info['goarch']}"
+
+
+def binary_checksum_path(target: Path) -> Path:
+    return target.with_name(f"{target.name}.sha256")
+
+
+def file_checksum(path: Path) -> str:
+    digest = hashlib.sha256()
+    with path.open("rb") as source:
+        for chunk in iter(lambda: source.read(1024 * 1024), b""):
+            digest.update(chunk)
+    return digest.hexdigest()
+
+
+def cached_binary_valid(target: Path) -> bool:
+    marker = binary_checksum_path(target)
+    if not target.is_file() or not marker.is_file():
+        return False
+    if os.name != "nt" and not os.access(target, os.X_OK):
+        return False
+    return marker.read_text().strip() == file_checksum(target)
+
+
+def read_url(url: str) -> bytes:
+    if url.startswith("file://"):
+        return Path(urllib.request.url2pathname(url[7:])).read_bytes()
+    with urllib.request.urlopen(url) as response:
+        return response.read()
+
+
+def download_file(url: str, target: Path) -> None:
+    target.write_bytes(read_url(url))
+
+
+def checksum_for(checksums: str, archive: str) -> str:
+    for line in checksums.splitlines():
+        parts = line.strip().split()
+        if len(parts) >= 2 and parts[1] in {archive, f"*{archive}"}:
+            return parts[0]
+    raise RuntimeError(f"checksum asset does not include {archive}")
+
+
+def verify_checksum(path: Path, expected: str) -> None:
+    actual = file_checksum(path)
+    if actual != expected:
+        raise RuntimeError(f"checksum mismatch for {path.name}")
+
+
+def validate_archive_member(name: str) -> Path:
+    if not name or "\x00" in name or "\\" in name or ":" in name:
+        raise RuntimeError(f"unsafe archive member path: {name}")
+    path = Path(name)
+    if path.is_absolute() or ".." in path.parts:
+        raise RuntimeError(f"unsafe archive member path: {name}")
+    return path
+
+
+def copy_member(source: BinaryIO, target: Path) -> None:
+    target.parent.mkdir(parents=True, exist_ok=True)
+    with target.open("wb") as output:
+        shutil.copyfileobj(source, output)
+
+
+def extract_archive(path: Path, extension: str, output_dir: Path) -> None:
+    if extension == "zip":
+        with zipfile.ZipFile(path) as archive:
+            for member in archive.infolist():
+                target = output_dir / validate_archive_member(member.filename)
+                if member.is_dir():
+                    target.mkdir(parents=True, exist_ok=True)
+                    continue
+                with archive.open(member) as source:
+                    copy_member(source, target)
+        return
+    with tarfile.open(path, "r:gz") as archive:
+        for member in archive.getmembers():
+            target = output_dir / validate_archive_member(member.name)
+            if member.isdir():
+                target.mkdir(parents=True, exist_ok=True)
+                continue
+            if not member.isfile():
+                raise RuntimeError(f"unsupported archive member type: {member.name}")
+            source = archive.extractfile(member)
+            if source is None:
+                raise RuntimeError(f"unable to extract archive member: {member.name}")
+            with source:
+                copy_member(source, target)
+
+
+def install_cached_binary(source: Path, target: Path) -> None:
+    target.parent.mkdir(parents=True, exist_ok=True)
+    checksum = file_checksum(source)
+    with tempfile.NamedTemporaryFile(prefix=f".{target.name}.", dir=target.parent, delete=False) as tmp:
+        tmp_path = Path(tmp.name)
+    marker_tmp_path: Optional[Path] = None
+    try:
+        shutil.copy2(source, tmp_path)
+        tmp_path.chmod(tmp_path.stat().st_mode | stat.S_IXUSR | stat.S_IXGRP | stat.S_IXOTH)
+        os.replace(tmp_path, target)
+
+        marker = binary_checksum_path(target)
+        with tempfile.NamedTemporaryFile(
+            mode="w", prefix=f".{marker.name}.", dir=target.parent, delete=False
+        ) as marker_tmp:
+            marker_tmp.write(f"{checksum}\n")
+            marker_tmp_path = Path(marker_tmp.name)
+        os.replace(marker_tmp_path, marker)
+    finally:
+        tmp_path.unlink(missing_ok=True)
+        if marker_tmp_path is not None:
+            marker_tmp_path.unlink(missing_ok=True)
+
+
+def ensure_binary() -> Path:
+    version = release_version()
+    if not version:
+        raise RuntimeError("gira-cli development package cannot resolve a release version; set GIRA_VERSION")
+    info = resolve_platform()
+    target_dir = cache_dir(version, info)
+    target = target_dir / info["binary"]
+    if cached_binary_valid(target):
+        return target
+
+    archive = archive_name(version, info)
+    root = base_url(version)
+    with tempfile.TemporaryDirectory(prefix="gira-pypi-") as tmp:
+        tmpdir = Path(tmp)
+        archive_path = tmpdir / archive
+        checksums_path = tmpdir / "checksums.txt"
+        download_file(f"{root}/{archive}", archive_path)
+        download_file(f"{root}/checksums.txt", checksums_path)
+        expected = checksum_for(checksums_path.read_text(), archive)
+        verify_checksum(archive_path, expected)
+        extract_archive(archive_path, info["extension"], tmpdir)
+        extracted = tmpdir / f"gira_{version}_{info['goos']}_{info['goarch']}" / info["binary"]
+        if not extracted.exists():
+            raise RuntimeError(f"release archive did not contain {info['binary']}")
+        install_cached_binary(extracted, target)
+    return target
+
+
+def main() -> int:
+    try:
+        binary = ensure_binary()
+    except Exception as exc:
+        print(f"gira pip wrapper: {exc}", file=sys.stderr)
+        return 1
+    completed = subprocess.run([str(binary), *sys.argv[1:]], check=False)
+    return int(completed.returncode)
+
+
+if __name__ == "__main__":
+    raise SystemExit(main())

gira_cli-1.0.0/src/gira_cli.egg-info/PKG-INFO

@@ -0,0 +1,25 @@
+Metadata-Version: 2.4
+Name: gira-cli
+Version: 1.0.0
+Summary: Jira-style project flow on GitHub, distributed as the official Go-built gira binary.
+Author: StatPan
+License-Expression: MIT
+Classifier: Environment :: Console
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Topic :: Software Development :: Version Control :: Git
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+
+# gira-cli
+
+PyPI distribution wrapper for the official Go-built `gira` binary.
+
+This package does not reimplement Gira in Python. The `gira` console command downloads the matching GitHub Release archive on first run, verifies `checksums.txt`, caches the native binary, and then executes it.
+
+```bash
+pip install gira-cli
+gira version
+```
+
+The PyPI package name is `gira-cli` because the `gira` package name is already occupied on PyPI. The installed command is still `gira`.

gira_cli-1.0.0/src/gira_cli.egg-info/SOURCES.txt

@@ -0,0 +1,10 @@
+README.md
+pyproject.toml
+src/gira_cli/__init__.py
+src/gira_cli/installer.py
+src/gira_cli.egg-info/PKG-INFO
+src/gira_cli.egg-info/SOURCES.txt
+src/gira_cli.egg-info/dependency_links.txt
+src/gira_cli.egg-info/entry_points.txt
+src/gira_cli.egg-info/top_level.txt
+tests/test_installer.py

gira_cli-1.0.0/src/gira_cli.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

gira_cli-1.0.0/src/gira_cli.egg-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+gira = gira_cli:main

gira_cli-1.0.0/src/gira_cli.egg-info/top_level.txt

@@ -0,0 +1 @@
+gira_cli

gira_cli-1.0.0/tests/test_installer.py

@@ -0,0 +1,123 @@
+import hashlib
+import os
+import tarfile
+import tempfile
+import unittest
+import zipfile
+from pathlib import Path
+from unittest import mock
+
+from gira_cli import installer
+
+
+class InstallerTest(unittest.TestCase):
+    def test_archive_names_match_release_assets(self):
+        cases = [
+            ("Linux", "x86_64", "gira_v1.2.3_linux_amd64.tar.gz"),
+            ("Linux", "aarch64", "gira_v1.2.3_linux_arm64.tar.gz"),
+            ("Darwin", "x86_64", "gira_v1.2.3_darwin_amd64.tar.gz"),
+            ("Darwin", "arm64", "gira_v1.2.3_darwin_arm64.tar.gz"),
+            ("Windows", "AMD64", "gira_v1.2.3_windows_amd64.zip"),
+        ]
+        for system, machine, expected in cases:
+            with self.subTest(system=system, machine=machine):
+                info = installer.resolve_platform(system, machine)
+                self.assertEqual(installer.archive_name("v1.2.3", info), expected)
+
+    def test_rejects_unsupported_platforms(self):
+        with self.assertRaisesRegex(RuntimeError, "unsupported OS"):
+            installer.resolve_platform("FreeBSD", "x86_64")
+        with self.assertRaisesRegex(RuntimeError, "unsupported architecture"):
+            installer.resolve_platform("Linux", "i386")
+        with self.assertRaisesRegex(RuntimeError, "unsupported Windows architecture"):
+            installer.resolve_platform("Windows", "arm64")
+
+    def test_reads_checksum_entry_for_archive(self):
+        checksums = "\n".join(
+            [
+                "abc123  gira_v1.2.3_linux_amd64.tar.gz",
+                "def456 *gira_v1.2.3_darwin_arm64.tar.gz",
+            ]
+        )
+        self.assertEqual(installer.checksum_for(checksums, "gira_v1.2.3_linux_amd64.tar.gz"), "abc123")
+        self.assertEqual(installer.checksum_for(checksums, "gira_v1.2.3_darwin_arm64.tar.gz"), "def456")
+        with self.assertRaisesRegex(RuntimeError, "does not include"):
+            installer.checksum_for(checksums, "missing.tar.gz")
+
+    def test_checksum_mismatch_fails_closed(self):
+        with tempfile.TemporaryDirectory(prefix="gira-pypi-test-") as tmp:
+            archive = Path(tmp) / "archive.tar.gz"
+            archive.write_text("hello")
+            with self.assertRaisesRegex(RuntimeError, "checksum mismatch"):
+                installer.verify_checksum(archive, "0000")
+
+    def test_checksum_match_passes(self):
+        with tempfile.TemporaryDirectory(prefix="gira-pypi-test-") as tmp:
+            archive = Path(tmp) / "archive.tar.gz"
+            archive.write_text("hello")
+            expected = hashlib.sha256(b"hello").hexdigest()
+            installer.verify_checksum(archive, expected)
+
+    def test_release_version_can_be_forced_by_environment(self):
+        previous = os.environ.get("GIRA_VERSION")
+        os.environ["GIRA_VERSION"] = "v9.8.7"
+        try:
+            self.assertEqual(installer.release_version(), "v9.8.7")
+        finally:
+            if previous is None:
+                os.environ.pop("GIRA_VERSION", None)
+            else:
+                os.environ["GIRA_VERSION"] = previous
+
+    def test_release_version_maps_package_version_to_tag(self):
+        previous = os.environ.pop("GIRA_VERSION", None)
+        try:
+            with mock.patch.object(installer, "package_version", return_value="1.2.3"):
+                self.assertEqual(installer.release_version(), "v1.2.3")
+            with mock.patch.object(installer, "package_version", return_value="v1.2.3"):
+                self.assertEqual(installer.release_version(), "v1.2.3")
+            with mock.patch.object(installer, "package_version", return_value="0.0.0.dev0"):
+                self.assertEqual(installer.release_version(), "")
+        finally:
+            if previous is not None:
+                os.environ["GIRA_VERSION"] = previous
+
+    def test_rejects_zip_path_traversal(self):
+        with tempfile.TemporaryDirectory(prefix="gira-pypi-test-") as tmp:
+            root = Path(tmp)
+            archive = root / "bad.zip"
+            with zipfile.ZipFile(archive, "w") as zip_file:
+                zip_file.writestr("../outside", "bad")
+            with self.assertRaisesRegex(RuntimeError, "unsafe archive member path"):
+                installer.extract_archive(archive, "zip", root / "out")
+            self.assertFalse((root / "outside").exists())
+
+    def test_rejects_tar_path_traversal(self):
+        with tempfile.TemporaryDirectory(prefix="gira-pypi-test-") as tmp:
+            root = Path(tmp)
+            archive = root / "bad.tar.gz"
+            payload = root / "payload"
+            payload.write_text("bad")
+            with tarfile.open(archive, "w:gz") as tar_file:
+                tar_file.add(payload, arcname="../outside")
+            with self.assertRaisesRegex(RuntimeError, "unsafe archive member path"):
+                installer.extract_archive(archive, "tar.gz", root / "out")
+            self.assertFalse((root / "outside").exists())
+
+    def test_cached_binary_requires_checksum_marker(self):
+        with tempfile.TemporaryDirectory(prefix="gira-pypi-test-") as tmp:
+            target = Path(tmp) / "gira"
+            target.write_text("hello")
+            target.chmod(0o755)
+            self.assertFalse(installer.cached_binary_valid(target))
+
+            installer.binary_checksum_path(target).write_text(f"{installer.file_checksum(target)}\n")
+            self.assertTrue(installer.cached_binary_valid(target))
+
+            target.write_text("corrupt")
+            target.chmod(0o755)
+            self.assertFalse(installer.cached_binary_valid(target))
+
+
+if __name__ == "__main__":
+    unittest.main()