glaip-sdk 0.5.2__py3-none-any.whl → 0.5.5__py3-none-any.whl

glaip_sdk/cli/commands/accounts.py

@@ -6,7 +6,9 @@ Authors:
 
 import getpass
 import json
+import os
 import sys
+from pathlib import Path
 
 import click
 from rich.console import Console
@@ -110,6 +112,153 @@ def list_accounts(output_json: bool) -> None:
     console.print(f"\n[{INFO}]💡 Tip[/]: To update an account's URL or key, use: [bold]aip accounts edit <name>[/bold]")
 
 
+def _build_account_json_payload(
+    name: str,
+    api_url: str,
+    masked_key: str,
+    config_path: str,
+    is_active: bool,
+    env_lock: bool,
+    metadata: dict[str, str | None],
+) -> dict[str, str | bool | None]:
+    """Build JSON payload for account display.
+
+    Args:
+        name: Account name.
+        api_url: API URL.
+        masked_key: Masked API key.
+        config_path: Config file path.
+        is_active: Whether account is active.
+        env_lock: Whether env credentials are set.
+        metadata: Account metadata dict.
+
+    Returns:
+        JSON payload dict.
+    """
+    payload: dict[str, str | bool | None] = {
+        "name": name,
+        "api_url": api_url,
+        "api_key_masked": masked_key,
+        "config_path": config_path,
+        "active": is_active,
+        "env_lock": env_lock,
+    }
+    for key, value in metadata.items():
+        if value:
+            payload[key] = value
+    return payload
+
+
+def _format_config_path(config_path: str) -> str:
+    """Format config path for display, shortening under home."""
+    path_obj = Path(config_path).expanduser()
+    try:
+        home = Path.home().expanduser()
+        resolved = path_obj.resolve(strict=False)
+        relative = resolved.relative_to(home).as_posix()
+        return f"~/{relative}"
+    except ValueError:
+        # Not under home; return expanded path
+        return str(path_obj)
+    except OSError:
+        # Fall back to original string on resolution errors
+        return config_path
+
+
+def _build_account_display_lines(
+    name: str,
+    api_url: str,
+    masked_key: str,
+    config_path: str,
+    is_active: bool,
+    env_lock: bool,
+    metadata: dict[str, str | None],
+) -> list[str]:
+    """Build display lines for account information.
+
+    Args:
+        name: Account name.
+        api_url: API URL.
+        masked_key: Masked API key.
+        config_path: Config file path.
+        is_active: Whether account is active.
+        env_lock: Whether env credentials are set.
+        metadata: Account metadata dict.
+
+    Returns:
+        List of formatted display lines.
+    """
+    lines = [
+        f"[{SUCCESS_STYLE}]Name[/]: {name}{' (active)' if is_active else ''}",
+        f"[{SUCCESS_STYLE}]API URL[/]: {api_url or 'not set'}",
+        f"[{SUCCESS_STYLE}]Key[/]: {masked_key or 'not set'}",
+        f"[{SUCCESS_STYLE}]Config[/]: {config_path}",
+    ]
+
+    label_map = {
+        "notes": "Notes",
+        "last_used_at": "Last used",
+        "last_validated_at": "Last validated",
+        "created_with": "Created with",
+    }
+    for key, label in label_map.items():
+        value = metadata.get(key)
+        if value:
+            lines.append(f"[{SUCCESS_STYLE}]{label}[/]: {value}")
+
+    if env_lock:
+        lines.append(
+            f"[{WARNING_STYLE}]Env credentials detected (AIP_API_URL/AIP_API_KEY); stored profile may be ignored.[/]"
+        )
+
+    return lines
+
+
+@accounts_group.command("show")
+@click.argument("name")
+@click.option("--json", "output_json", is_flag=True, help="Output in JSON format")
+def show_account(name: str, output_json: bool) -> None:
+    """Show details for a single account profile."""
+    store = get_account_store()
+    account = store.get_account(name)
+
+    if not account:
+        console.print(f"[{ERROR_STYLE}]Error: Account '{name}' not found.[/]")
+        raise click.Abort()
+
+    api_url = account.get("api_url", "")
+    api_key = account.get("api_key")
+    masked_key = _mask_api_key(api_key or "")
+    active_account = store.get_active_account()
+    is_active = active_account == name
+    env_lock = bool(os.getenv("AIP_API_URL") or os.getenv("AIP_API_KEY"))
+    config_path_raw = str(store.config_file)
+    config_path_display = _format_config_path(config_path_raw)
+
+    metadata = {
+        "notes": account.get("notes"),
+        "last_used_at": account.get("last_used_at"),
+        "last_validated_at": account.get("last_validated_at"),
+        "created_with": account.get("created_with"),
+    }
+
+    if output_json:
+        payload = _build_account_json_payload(name, api_url, masked_key, config_path_raw, is_active, env_lock, metadata)
+        click.echo(json.dumps(payload, indent=2))
+        return
+
+    lines = _build_account_display_lines(name, api_url, masked_key, config_path_display, is_active, env_lock, metadata)
+
+    lock_badge = " 🔒 Env lock" if env_lock else ""
+    console.print(
+        AIPPanel(
+            "\n".join(lines),
+            title=f"AIP Account{lock_badge}",
+            border_style=ACCENT_STYLE,
+        ),
+    )
+
+
 def _check_account_overwrite(name: str, store: AccountStore, overwrite: bool) -> dict[str, str] | None:
     """Check if account exists and handle overwrite logic.
 
@@ -155,8 +304,8 @@ def _get_credentials_non_interactive(
         if not sys.stdin.isatty():
             return url, sys.stdin.read().strip()
         console.print(
-            f"[{ERROR_STYLE}]Error: --key requires stdin input. "
-            f"Use: cat key.txt | {command_name} {name} --url {url} --key[/]",
+            f"[{ERROR_STYLE}]Error: --key expects stdin or an explicit value. "
+            f"Use '--key <value>' or pipe: cat key.txt | {command_name} {name} --url {url} --key[/]",
         )
         raise click.Abort()
     # URL provided, prompt for key
@@ -179,7 +328,8 @@ def _get_credentials_interactive(read_key_from_stdin: bool, existing: dict[str,
     """
     if read_key_from_stdin:
         console.print(
-            f"[{ERROR_STYLE}]Error: --key requires --url. For non-interactive mode, provide both: --url <url> --key[/]",
+            f"[{ERROR_STYLE}]Error: --key requires --url. "
+            f"Provide --url with --key <value|-> for non-interactive use or omit --key to be prompted.[/]",
         )
         raise click.Abort()
     # Fully interactive
@@ -237,7 +387,7 @@ def _preserve_existing_values(
 
 def _collect_credentials_from_inputs(
     url: str | None,
-    read_key_from_stdin: bool,
+    api_key_input: str | None,
     name: str,
     existing: dict[str, str] | None,
     command_name: str,
@@ -247,7 +397,7 @@ def _collect_credentials_from_inputs(
 
     Args:
         url: Optional URL from flag.
-        read_key_from_stdin: Whether to read key from stdin.
+        api_key_input: API key value from flag (or "-" when stdin requested).
         name: Account name (for error messages).
         existing: Existing account data.
         command_name: Command name for error messages.
@@ -256,6 +406,29 @@ def _collect_credentials_from_inputs(
     Returns:
         Tuple of (api_url, api_key).
     """
+    provided_key = api_key_input if api_key_input not in (None, "-") else None
+    read_key_from_stdin = api_key_input == "-"
+
+    if provided_key and url:
+        # Fully non-interactive: URL and key provided via flags
+        return url, provided_key
+
+    if provided_key:
+        # Reuse stored URL if present; otherwise require --url
+        if existing_url:
+            return existing_url, provided_key
+        if existing:
+            console.print(
+                f"[{ERROR_STYLE}]Error: Account '{name}' is missing an API URL. "
+                f"Provide --url to set it when rotating the key.[/]"
+            )
+        else:
+            console.print(
+                f"[{ERROR_STYLE}]Error: --key requires --url for new accounts. "
+                f"Run without --key for prompts or pass both flags for non-interactive setup.[/]",
+            )
+        raise click.Abort()
+
     if url and read_key_from_stdin:
         # Non-interactive: URL from flag, key from stdin
         return _get_credentials_non_interactive(url, True, name, command_name)
@@ -271,15 +444,25 @@ def _collect_credentials_from_inputs(
 
 def _collect_account_credentials(
     url: str | None,
-    read_key_from_stdin: bool,
+    api_key_input: str | None,
     name: str,
     existing: dict[str, str] | None,
 ) -> tuple[str, str]:
     """Collect account credentials from various input methods.
 
+    Examples:
+        # Inline key
+        aip accounts add prod --url https://api.example.com --key sk-abc123
+
+        # Stdin (useful for scripts)
+        echo "sk-abc123" | aip accounts add prod --url https://api.example.com --key
+
+        # Fully interactive
+        aip accounts add prod
+
     Args:
         url: Optional URL from flag.
-        read_key_from_stdin: Whether to read key from stdin.
+        api_key_input: API key value from flag (or "-" when stdin requested).
         name: Account name (for error messages).
         existing: Existing account data.
 
@@ -293,9 +476,7 @@ def _collect_account_credentials(
     existing_url = existing.get("api_url", "") if existing else ""
     existing_key = existing.get("api_key", "") if existing else ""
 
-    api_url, api_key = _collect_credentials_from_inputs(
-        url, read_key_from_stdin, name, existing, command_name, existing_url
-    )
+    api_url, api_key = _collect_credentials_from_inputs(url, api_key_input, name, existing, command_name, existing_url)
 
     # Preserve stored values when blank input is provided during edit
     api_url, api_key = _preserve_existing_values(api_url, api_key, existing_url, existing_key)
@@ -311,9 +492,12 @@ def _collect_account_credentials(
 @click.option("--url", help="API URL (required for non-interactive mode)")
 @click.option(
     "--key",
-    "read_key_from_stdin",
-    is_flag=True,
-    help="Read API key from stdin (secure, for scripts). Requires --url.",
+    "api_key_input",
+    type=str,
+    is_flag=False,
+    flag_value="-",
+    default=None,
+    help="API key value. Pass without a value or '-' to read from stdin. Requires --url for non-interactive use.",
 )
 @click.option(
     "--yes",
@@ -324,7 +508,7 @@ def _collect_account_credentials(
 def add_account(
     name: str,
     url: str | None,
-    read_key_from_stdin: bool,
+    api_key_input: str | None,
     overwrite: bool,
 ) -> None:
     """Add a new account profile.
@@ -332,7 +516,7 @@ def add_account(
     NAME is the account name (1-32 chars, alphanumeric, dash, underscore).
 
     By default, this command runs interactively, prompting for API URL and key.
-    For non-interactive use, both --url and --key (stdin) are required.
+    For non-interactive use, provide --url with --key <value> or --key - (stdin).
 
     If the account already exists, use --yes to overwrite without prompting.
     To update an existing account, use [bold]aip accounts edit <name>[/bold] instead.
@@ -343,7 +527,7 @@ def add_account(
     existing = _check_account_overwrite(name, store, overwrite)
 
     # Collect credentials
-    api_url, api_key = _collect_account_credentials(url, read_key_from_stdin, name, existing)
+    api_url, api_key = _collect_account_credentials(url, api_key_input, name, existing)
 
     # Save account
     try:
@@ -363,14 +547,17 @@ def add_account(
 @click.option("--url", help="API URL (optional, leave blank to keep current)")
 @click.option(
     "--key",
-    "read_key_from_stdin",
-    is_flag=True,
-    help="Read API key from stdin (secure, for scripts). Uses stored URL unless --url is provided.",
+    "api_key_input",
+    type=str,
+    is_flag=False,
+    flag_value="-",
+    default=None,
+    help="API key value. Pass without a value or '-' to read from stdin. Uses stored URL unless --url is provided.",
 )
 def edit_account(
     name: str,
     url: str | None,
-    read_key_from_stdin: bool,
+    api_key_input: str | None,
 ) -> None:
     """Edit an existing account profile's URL or key.
 
@@ -379,8 +566,8 @@ def edit_account(
     By default, this command runs interactively, showing current values and
     prompting for new ones. Leave fields blank to keep current values.
 
-    For non-interactive use, provide --url to change the URL, --key (stdin) to rotate the key,
-    or both. Stored values are reused for any fields not provided.
+    For non-interactive use, provide --url to change the URL, --key <value> to rotate the key,
+    or --key - (stdin) for scripts. Stored values are reused for any fields not provided.
     """
     store = get_account_store()
 
@@ -392,7 +579,7 @@ def edit_account(
         raise click.Abort()
 
     # Collect credentials (will pre-fill existing values in interactive mode)
-    api_url, api_key = _collect_account_credentials(url, read_key_from_stdin, name, existing)
+    api_url, api_key = _collect_account_credentials(url, api_key_input, name, existing)
 
     # Save account
     try:

glaip_sdk/cli/commands/agents.py

@@ -1390,6 +1390,12 @@ def update(
 
         if merged_data:
             _handle_update_import_config(import_file, merged_data, update_data)
+            # Ensure instruction from import file is included if not already set via CLI
+            # This handles the case where instruction is None in CLI args but exists in import file
+            if import_file and (instruction is None or "instruction" not in update_data):
+                import_instruction = merged_data.get("instruction")
+                if import_instruction is not None:
+                    update_data["instruction"] = import_instruction
 
         if not update_data:
             raise click.ClickException("No update fields specified")

glaip_sdk/cli/commands/configure.py

@@ -5,12 +5,25 @@ Authors:
 """
 
 import getpass
+import json
+import os
+import re
+import sys
+import threading
+from pathlib import Path
+from typing import Any
 
 import click
 from rich.console import Console
 from rich.text import Text
 
-from glaip_sdk.branding import ACCENT_STYLE, ERROR_STYLE, INFO, SUCCESS, SUCCESS_STYLE, WARNING_STYLE
+from glaip_sdk.branding import ACCENT_STYLE, ERROR_STYLE, INFO, NEUTRAL, SUCCESS_STYLE, WARNING_STYLE
+
+# Optional import for gitignore support; warn when missing to avoid silent expansion
+try:
+    import pathspec  # type: ignore[import-untyped]  # noqa: PLC0415
+except ImportError:
+    pathspec = None  # type: ignore[assignment]
 from glaip_sdk.cli.account_store import get_account_store
 from glaip_sdk.cli.commands.common_config import check_connection, render_branding_header
 from glaip_sdk.cli.config import CONFIG_FILE, load_config, save_config
@@ -18,27 +31,114 @@ from glaip_sdk.cli.hints import format_command_hint
 from glaip_sdk.cli.masking import mask_api_key_display
 from glaip_sdk.cli.rich_helpers import markup_text
 from glaip_sdk.cli.utils import command_hint
-from glaip_sdk.icons import ICON_TOOL
 from glaip_sdk.rich_components import AIPTable
 
 console = Console()
+stderr_console = Console(file=sys.stderr)
+_PATHSPEC_WARNED = False
+_PATHSPEC_WARNED_LOCK = threading.Lock()
+
+# Hard deprecation banner for legacy config commands (v0.6.x)
+CONFIG_HARD_DEPRECATION_MSG = (
+    f"[{WARNING_STYLE}]⚠️  DEPRECATED: 'aip config ...' commands will be removed in v0.7.0. "
+    "Use 'aip accounts ...' (list/add/use/remove/edit) or 'aip configure' for the wizard. "
+    "Set AIP_ENABLE_LEGACY_CONFIG=1 to temporarily re-enable these commands.[/]"
+)
 
-# Shared deprecation banner for legacy config commands
-CONFIG_DEPRECATION_MSG = (
-    f"[{WARNING_STYLE}]Deprecated: 'aip config ...' will be removed in a future release. "
-    "Use 'aip accounts ...' (list/add/use/remove) or 'aip configure' for the wizard.[/]"
+# Soft deprecation banner (for when env flag is set)
+CONFIG_SOFT_DEPRECATION_MSG = (
+    f"[{WARNING_STYLE}]Deprecated: 'aip config ...' will be removed in v0.7.0. "
+    "Use 'aip accounts ...' (list/add/use/remove/edit) or 'aip configure' for the wizard.[/]"
 )
 
+# Target removal version
+TARGET_REMOVAL_VERSION = "v0.7.0"
+
+# Command hint constant
+CONFIG_CONFIGURE_HINT = "config configure"
+_DEFAULT_EXCLUDE_DIRS = {
+    ".git",
+    "node_modules",
+    ".venv",
+    "venv",
+    ".tox",
+    "build",
+    "dist",
+    "__pycache__",
+    ".mypy_cache",
+    ".pytest_cache",
+}
+_MAX_SCAN_FILE_SIZE = 2 * 1024 * 1024  # 2MB cap for default scans
+
+
+def _is_legacy_config_enabled() -> bool:
+    """Check if legacy config commands are enabled via environment variable."""
+    env_value = os.environ.get("AIP_ENABLE_LEGACY_CONFIG", "").strip().lower()
+    return env_value in ("1", "true", "yes", "on")
+
 
 def _print_config_deprecation() -> None:
     """Print a standardized deprecation warning for legacy config commands."""
-    console.print(CONFIG_DEPRECATION_MSG)
+    if _is_legacy_config_enabled():
+        # Soft deprecation when env flag is set
+        stderr_console.print(CONFIG_SOFT_DEPRECATION_MSG)
+    else:
+        # Hard deprecation when env flag is not set
+        stderr_console.print(CONFIG_HARD_DEPRECATION_MSG)
+
+
+def _check_legacy_config_gate() -> bool:
+    """Return True if legacy config commands are allowed; print banner otherwise."""
+    if not _is_legacy_config_enabled():
+        stderr_console.print(CONFIG_HARD_DEPRECATION_MSG)
+        return False
+    return True
+
+
+def _enforce_legacy_config_gate() -> None:
+    """CLI-only gate: exit with code 0 when legacy commands are disabled."""
+    if not _check_legacy_config_gate():
+        # Spec requires non-breaking exit after banner
+        sys.exit(0)
+
+
+def _emit_telemetry_event(_event_name: str, properties: dict[str, Any] | None = None) -> None:
+    """Emit telemetry event for legacy command usage tracking.
+
+    This is a stub implementation that can be connected to a real telemetry system.
+    For now, it's a no-op but structured to allow easy integration.
+
+    Args:
+        _event_name: Name of the telemetry event (prefixed with _ to indicate unused for now).
+        properties: Optional event properties dictionary.
+
+    Note:
+        TODO: Connect to actual telemetry system when available.
+    """
+    if properties is None:
+        properties = {}
+    # Mark as intentionally unused until telemetry system is integrated
+    del _event_name, properties
 
 
 @click.group()
 def config_group() -> None:
-    """Configuration management operations."""
+    """Configuration management operations (deprecated).
+
+    These commands are deprecated and will be removed in v0.7.0.
+    Use 'aip accounts ...' commands instead.
+    Set AIP_ENABLE_LEGACY_CONFIG=1 to temporarily re-enable.
+    """
+    _enforce_legacy_config_gate()
     _print_config_deprecation()
+    # Emit telemetry for legacy command invocation
+    _emit_telemetry_event(
+        "config.command",
+        {
+            "phase": "hard_deprecation",
+            "gated_by_env": _is_legacy_config_enabled(),
+        },
+    )
 
 
 @config_group.command("list")
@@ -49,6 +149,7 @@ def list_config(ctx: click.Context, output_json: bool) -> None:
 
     Deprecated: run 'aip accounts list' for profile-aware output.
     """
+    _enforce_legacy_config_gate()
     console.print(f"[{WARNING_STYLE}]Deprecated: run 'aip accounts list' for profile-aware output.[/]")
 
     # Delegate to accounts list by invoking the command
@@ -124,7 +225,10 @@ def set_config(key: str, value: str, account_name: str | None) -> None:
 
     For api_url and api_key, this operates on the specified account (or active account).
     Other keys (timeout, history_default_limit) are global settings.
+
+    Deprecated: use 'aip accounts edit <name>' instead.
     """
+    _enforce_legacy_config_gate()
     # For other keys, use legacy config
     valid_keys = tuple(CONFIG_VALUE_TYPES.keys())
     if key not in valid_keys:
@@ -169,7 +273,11 @@ def set_config(key: str, value: str, account_name: str | None) -> None:
 @config_group.command("get")
 @click.argument("key")
 def get_config(key: str) -> None:
-    """Get a configuration value."""
+    """Get a configuration value.
+
+    Deprecated: use 'aip accounts show <name>' or read ~/.aip/config.yaml directly.
+    """
+    _enforce_legacy_config_gate()
     config = load_config()
 
     value = config.get(key)
@@ -194,7 +302,11 @@ def get_config(key: str) -> None:
 @config_group.command("unset")
 @click.argument("key")
 def unset_config(key: str) -> None:
-    """Remove a configuration value."""
+    """Remove a configuration value.
+
+    Deprecated: use 'aip accounts edit <name>' to clear specific fields.
+    """
+    _enforce_legacy_config_gate()
     config = load_config()
 
     if key not in config:
@@ -210,7 +322,11 @@ def unset_config(key: str) -> None:
 @config_group.command("reset")
 @click.option("--force", is_flag=True, help="Skip confirmation prompt")
 def reset_config(force: bool) -> None:
-    """Reset all configuration to defaults."""
+    """Reset all configuration to defaults.
+
+    Deprecated: use 'aip accounts remove <name>' for each account or manually edit ~/.aip/config.yaml.
+    """
+    _enforce_legacy_config_gate()
     if not force:
         console.print(f"[{WARNING_STYLE}]This will remove all AIP configuration.[/]")
         confirm = input("Are you sure? (y/N): ").strip().lower()
@@ -235,7 +351,7 @@ def reset_config(force: bool) -> None:
         # In-memory configuration (e.g., tests) needs explicit clearing
         save_config({})
 
-    hint = command_hint("config configure", slash_command="login")
+    hint = command_hint(CONFIG_CONFIGURE_HINT, slash_command="login")
     message = Text("✅ Configuration reset.", style=SUCCESS_STYLE)
     if hint:
         message.append(f" Run '{hint}' to set up again.")
@@ -271,6 +387,396 @@ def _configure_interactive(account_name: str | None = None) -> None:
     _print_active_account_footer(store)
 
 
+@config_group.command("audit")
+@click.option(
+    "--path",
+    "paths",
+    multiple=True,
+    help="Glob pattern(s) to search (repeatable). Defaults to current directory.",
+)
+@click.option(
+    "--stdin",
+    "read_from_stdin",
+    is_flag=True,
+    help="Read file list from stdin (one path per line).",
+)
+@click.option(
+    "--no-gitignore",
+    is_flag=True,
+    help="Disable .gitignore filtering (default: respects .gitignore).",
+)
+@click.option(
+    "--json",
+    "output_json",
+    is_flag=True,
+    help="Output results in JSON format.",
+)
+@click.option(
+    "--fail-on-hit/--no-fail-on-hit",
+    default=True,
+    help="Exit with code 1 if hits are found (default: fail on hit).",
+)
+@click.option(
+    "--silent",
+    is_flag=True,
+    help="Suppress Rich table output when --json is used.",
+)
+def audit_config(
+    paths: tuple[str, ...],
+    read_from_stdin: bool,
+    no_gitignore: bool,
+    output_json: bool,
+    fail_on_hit: bool,
+    silent: bool,
+) -> None:
+    """Scan scripts/configs for deprecated 'aip config' command usage.
+
+    Finds strings matching 'aip config' (including variations like 'aip-config',
+    'python -m glaip_sdk.cli config') in scripts, CI manifests, and docs.
+
+    Examples:
+        aip config audit
+        aip config audit --path "**/*.sh" --path "**/*.yml"
+        aip config audit --stdin < file_list.txt
+        aip config audit --json --no-fail-on-hit
+    """
+    _enforce_legacy_config_gate()
+    # Collect files to scan
+    files_to_scan = _collect_files_to_scan(paths, read_from_stdin)
+
+    # Filter by gitignore if enabled
+    files_to_scan = _filter_by_gitignore(files_to_scan, no_gitignore)
+
+    # Scan files for matches
+    hits = _scan_files_for_matches(files_to_scan)
+
+    # Emit telemetry
+    _emit_telemetry_event(
+        "config.audit",
+        {
+            "audit_invoked": True,
+            "hits_found": len(hits),
+            "files_scanned": len(files_to_scan),
+        },
+    )
+
+    # Output results
+    _output_audit_results(hits, len(files_to_scan), output_json, silent)
+
+    # Exit with appropriate code
+    if hits and fail_on_hit:
+        sys.exit(1)
+    sys.exit(0)
+
+
+# Patterns to match deprecated config command usage
+_AUDIT_PATTERNS = [
+    r"aip\s+config",
+    r"aip-config",
+    r"python\s+-m\s+glaip_sdk\.cli\s+config",
+    r"python\s+-m\s+glaip_sdk\.cli\.main\s+config",
+]
+_COMPILED_AUDIT_PATTERNS = [re.compile(pattern, re.IGNORECASE) for pattern in _AUDIT_PATTERNS]
+
+
+def _collect_files_from_stdin() -> list[Path]:
+    """Collect files to scan from stdin input.
+
+    Returns:
+        List of file paths read from stdin.
+    """
+    files_to_scan: list[Path] = []
+    for line in sys.stdin:
+        line = line.strip()
+        if line:
+            try:
+                file_path = Path(line).expanduser().resolve()
+            except Exception:
+                continue
+            if file_path.exists() and file_path.is_file():
+                if _should_skip_file(file_path):
+                    continue
+                files_to_scan.append(file_path)
+    return files_to_scan
+
+
+def _collect_files_from_patterns(paths: tuple[str, ...]) -> list[Path]:
+    """Collect files to scan from glob patterns.
+
+    Args:
+        paths: Glob patterns to search.
+
+    Returns:
+        List of file paths matching the patterns.
+    """
+    files_to_scan: list[Path] = []
+    for pattern in paths:
+        for file_path in Path.cwd().rglob(pattern):
+            if file_path.is_file() and not _should_skip_file(file_path):
+                files_to_scan.append(file_path)
+    return files_to_scan
+
+
+def _collect_files_default() -> list[Path]:
+    """Collect all files from current directory recursively.
+
+    Returns:
+        List of all file paths in current directory.
+    """
+    files_to_scan: list[Path] = []
+    base = Path.cwd()
+    max_files = _resolve_audit_max_files()
+
+    for root, dirs, files in os.walk(base):
+        dirs[:] = [d for d in dirs if d not in _DEFAULT_EXCLUDE_DIRS]
+        for file in files:
+            file_path = Path(root) / file
+            if _should_skip_file(file_path):
+                continue
+            files_to_scan.append(file_path)
+            if max_files and len(files_to_scan) >= max_files:
+                _warn_scan_truncated(max_files)
+                return files_to_scan
+
+    return files_to_scan
+
+
+def _resolve_audit_max_files() -> int | None:
+    """Resolve optional scan limit from env."""
+    max_files_env = os.getenv("AIP_CONFIG_AUDIT_MAX_FILES")
+    if not max_files_env:
+        return None
+    try:
+        parsed = int(max_files_env, 10)
+    except ValueError:
+        return None
+    return parsed if parsed > 0 else None
+
+
+def _warn_scan_truncated(max_files: int) -> None:
+    """Warn when scanning is truncated to avoid surprises on huge repos."""
+    console.print(
+        f"[{WARNING_STYLE}]Scanning limited to the first {max_files} files. "
+        "Use --path to narrow the search or increase AIP_CONFIG_AUDIT_MAX_FILES to scan more.[/]"
+    )
+
+
+def _collect_files_to_scan(paths: tuple[str, ...], read_from_stdin: bool) -> list[Path]:
+    """Collect files to scan based on input method.
+
+    Args:
+        paths: Glob patterns to search (if not reading from stdin).
+        read_from_stdin: Whether to read file list from stdin.
+
+    Returns:
+        List of file paths to scan.
+    """
+    if read_from_stdin:
+        return _collect_files_from_stdin()
+    if paths:
+        return _collect_files_from_patterns(paths)
+    return _collect_files_default()
+
+
+def _filter_by_gitignore(files_to_scan: list[Path], no_gitignore: bool) -> list[Path]:
+    """Filter files by .gitignore patterns if enabled.
+
+    Args:
+        files_to_scan: List of file paths to filter.
+        no_gitignore: If True, skip gitignore filtering.
+
+    Returns:
+        Filtered list of file paths.
+    """
+    global _PATHSPEC_WARNED
+    if no_gitignore or pathspec is None:
+        if not no_gitignore and pathspec is None and not _PATHSPEC_WARNED:
+            msg = (
+                f"[{WARNING_STYLE}]Warning:[/] pathspec is not installed; "
+                "gitignore filtering for 'aip config audit' will be skipped."
+            )
+            with _PATHSPEC_WARNED_LOCK:
+                if not _PATHSPEC_WARNED:
+                    stderr_console.print(msg)
+                    _PATHSPEC_WARNED = True
+        return files_to_scan
+
+    # Load .gitignore patterns
+    gitignore_path = Path.cwd() / ".gitignore"
+    if not gitignore_path.exists():
+        return files_to_scan
+
+    try:
+        with gitignore_path.open(encoding="utf-8", errors="ignore") as f:
+            spec = pathspec.PathSpec.from_lines("gitwildmatch", f)
+
+            # Guard against files outside CWD; fallback to absolute path in that case
+            def _to_git_path(path: Path) -> str:
+                try:
+                    return str(path.relative_to(Path.cwd()))
+                except ValueError:
+                    return str(path)
+
+            return [path for path in files_to_scan if not spec.match_file(_to_git_path(path))]
+    except Exception:
+        # If gitignore parsing fails, return all files
+        return files_to_scan
+
+
+def _should_skip_file(file_path: Path) -> bool:
+    """Check whether a file should be skipped based on size."""
+    try:
+        return file_path.stat().st_size > _MAX_SCAN_FILE_SIZE
+    except OSError:
+        return False
+
+
+def _extract_match_snippet(line: str, match_obj: re.Match[str]) -> str:
+    """Extract a snippet around a match for display.
+
+    Args:
+        line: The full line containing the match.
+        match_obj: The regex match object.
+
+    Returns:
+        A snippet of text around the match.
+    """
+    start = max(0, match_obj.start() - 20)
+    end = min(len(line), match_obj.end() + 20)
+    return line[start:end].strip()
+
+
+def _process_file_for_matches(file_path: Path, compiled_patterns: list[re.Pattern[str]]) -> list[dict[str, Any]]:
+    """Process a single file for deprecated config command matches.
+
+    Args:
+        file_path: Path to the file to scan.
+        compiled_patterns: List of compiled regex patterns to match.
+
+    Returns:
+        List of hit dictionaries found in this file.
+    """
+    hits: list[dict[str, Any]] = []
+    if _should_skip_file(file_path):
+        return hits
+    try:
+        with file_path.open(encoding="utf-8", errors="ignore") as f:
+            for line_num, line in enumerate(f, start=1):
+                for pattern in compiled_patterns:
+                    match_obj = pattern.search(line)
+                    if match_obj:
+                        snippet = _extract_match_snippet(line, match_obj)
+                        replacement = _suggest_replacement(line.strip())
+
+                        try:
+                            file_str = str(file_path.relative_to(Path.cwd()))
+                        except ValueError:
+                            file_str = str(file_path)
+
+                        hits.append(
+                            {
+                                "file": file_str,
+                                "line": line_num,
+                                "match": snippet,
+                                "replacement": replacement,
+                            }
+                        )
+                        break  # Only count once per line
+    except (UnicodeDecodeError, PermissionError):
+        # Skip binary files or files we can't read
+        pass
+    except OSError:
+        # Skip files with permission errors
+        pass
+
+    return hits
+
+
+def _scan_files_for_matches(files_to_scan: list[Path]) -> list[dict[str, Any]]:
+    """Scan files for deprecated config command usage.
+
+    Args:
+        files_to_scan: List of file paths to scan.
+
+    Returns:
+        List of hit dictionaries with file, line, match, and replacement info.
+    """
+    hits: list[dict[str, Any]] = []
+
+    for file_path in files_to_scan:
+        file_hits = _process_file_for_matches(file_path, _COMPILED_AUDIT_PATTERNS)
+        hits.extend(file_hits)
+
+    return hits
+
+
+def _output_audit_results(hits: list[dict[str, Any]], files_scanned: int, output_json: bool, silent: bool) -> None:
+    """Output audit results in the requested format.
+
+    Args:
+        hits: List of hit dictionaries.
+        files_scanned: Number of files scanned.
+        output_json: If True, output JSON format.
+        silent: If True, suppress Rich output when using JSON.
+    """
+    if output_json:
+        result = {
+            "hits": hits,
+            "total_hits": len(hits),
+            "files_scanned": files_scanned,
+        }
+        click.echo(json.dumps(result, indent=2))
+        return
+
+    if silent:
+        return
+
+    if hits:
+        table = AIPTable(title="⚠️  Deprecated 'aip config' Usage Found")
+        table.add_column("File", style=INFO, width=30)
+        table.add_column("Line", style=NEUTRAL, width=8)
+        table.add_column("Match", style=WARNING_STYLE, width=40)
+        table.add_column("Suggested Replacement", style=SUCCESS_STYLE, width=40)
+
+        for hit in hits:
+            table.add_row(
+                hit["file"],
+                str(hit["line"]),
+                hit["match"],
+                hit["replacement"],
+            )
+
+        console.print(table)
+        console.print(f"\n[{WARNING_STYLE}]Found {len(hits)} deprecated usage(s).[/]")
+    else:
+        console.print(f"[{SUCCESS_STYLE}]✅ No deprecated 'aip config' usage found.[/]")
+
+
+def _suggest_replacement(line: str) -> str:
+    """Suggest a replacement command for deprecated config usage."""
+    line_lower = line.lower()
+
+    # Map common patterns to replacements
+    if "config list" in line_lower:
+        return "aip accounts list"
+    elif "config set" in line_lower:
+        if "api_url" in line_lower or "api_key" in line_lower:
+            return "aip accounts edit <name> [--url URL] [--key]"
+        return "aip accounts edit <name>"
+    elif "config get" in line_lower:
+        return "aip accounts show <name> (or read ~/.aip/config.yaml)"
+    elif "config unset" in line_lower:
+        return "aip accounts edit <name> (to clear specific fields)"
+    elif "config reset" in line_lower:
+        return "aip accounts remove <name> (for each account)"
+    # Generic "config" usage (command-like), but avoid matching any arbitrary
+    # mention of the word "config" in unrelated text.
+    elif "aip config" in line_lower or " config " in f" {line_lower} " or CONFIG_CONFIGURE_HINT in line_lower:
+        return "aip configure or aip accounts add <name>"
+    else:
+        return "Use 'aip accounts ...' or 'aip configure'"
+
+
 @config_group.command()
 @click.option(
     "--account",
@@ -283,6 +789,7 @@ def configure(account_name: str | None) -> None:
     This command is an alias for 'aip accounts add <name>' and will
     configure the specified account (or active account if not specified).
     """
+    _enforce_legacy_config_gate()
     _configure_interactive(account_name)
 
 
@@ -299,10 +806,15 @@ def configure_command(account_name: str | None) -> None:
     This is an alias for 'aip config configure' for backward compatibility.
     For multi-account support, use 'aip accounts add <name>' instead.
     """
-    console.print(
-        f"[{WARNING_STYLE}]Setup tip:[/] Prefer 'aip accounts add <name>' or 'aip configure' from your terminal for "
-        "multi-account setup. Launching the interactive wizard now..."
-    )
+    _enforce_legacy_config_gate()
+    suppress_tip = os.environ.get("AIP_SUPPRESS_CONFIGURE_TIP", "").strip().lower() in {"1", "true", "yes", "on"}
+    if not suppress_tip:
+        tip_prefix = f"[{WARNING_STYLE}]Setup tip:[/] "
+        tip_body = (
+            "Prefer 'aip accounts add <name>' or 'aip configure' from your terminal for multi-account setup. "
+            "Launching the interactive wizard now..."
+        )
+        console.print(f"{tip_prefix}{tip_body}")
     # Delegate to the shared function
     _configure_interactive(account_name)
 
@@ -311,28 +823,6 @@ def configure_command(account_name: str | None) -> None:
 _mask_api_key = mask_api_key_display
 
 
-def _print_missing_config_hint() -> None:
-    """Show guidance when no configuration file exists."""
-    hint = command_hint("config configure", slash_command="login")
-    if hint:
-        console.print(f"[{WARNING_STYLE}]No configuration found.[/] Run {format_command_hint(hint) or hint} to set up.")
-    else:
-        console.print(f"[{WARNING_STYLE}]No configuration found.[/]")
-
-
-def _render_config_table(config: dict[str, str]) -> None:
-    """Render the current configuration in a friendly table."""
-    table = AIPTable(title=f"{ICON_TOOL} AIP Configuration")
-    table.add_column("Setting", style=INFO, width=20)
-    table.add_column("Value", style=SUCCESS)
-
-    for key, value in config.items():
-        table.add_row(key, _mask_api_key(value) if key == "api_key" else str(value))
-
-    console.print(table)
-    console.print(Text(f"\n📁 Config file: {CONFIG_FILE}"))
-
-
 def _render_configuration_header() -> None:
     """Display the interactive configuration heading/banner."""
     render_branding_header(console, "[bold]AIP Configuration[/bold]")

glaip_sdk/cli/slash/session.py

@@ -279,11 +279,8 @@ class SlashSession:
     def _ensure_configuration(self) -> bool:
         """Ensure the CLI has both API URL and credentials before continuing."""
         while not self._configuration_ready():
-            self.console.print(
-                f"[{WARNING_STYLE}]Configuration required.[/] "
-                "Slash mode cannot run 'aip accounts ...'. Run setup from your terminal (e.g., "
-                "'aip accounts add default' or 'aip configure'), or continue with the `/login` wizard here..."
-            )
+            previous_tip_env = os.environ.get("AIP_SUPPRESS_CONFIGURE_TIP")
+            os.environ["AIP_SUPPRESS_CONFIGURE_TIP"] = "1"
             self._suppress_login_layout = True
             try:
                 self._cmd_login([], False)
@@ -292,6 +289,10 @@ class SlashSession:
                 return False
             finally:
                 self._suppress_login_layout = False
+                if previous_tip_env is None:
+                    os.environ.pop("AIP_SUPPRESS_CONFIGURE_TIP", None)
+                else:
+                    os.environ["AIP_SUPPRESS_CONFIGURE_TIP"] = previous_tip_env
 
         return True
 

glaip_sdk/cli/update_notifier.py

@@ -8,6 +8,7 @@ from __future__ import annotations
 
 import importlib
 import logging
+import sys
 from collections.abc import Callable, Iterable, Iterator
 from contextlib import contextmanager
 from typing import Any, Literal
@@ -73,6 +74,10 @@ def _fetch_latest_version(package_name: str) -> str | None:
 
 def _should_check_for_updates() -> bool:
     """Return False when update checks are explicitly disabled."""
+    # Check module attribute first (for test overrides), then fall back to imported constant
+    module = sys.modules.get(__name__)
+    if module and hasattr(module, "UPDATE_CHECK_ENABLED"):
+        return getattr(module, "UPDATE_CHECK_ENABLED")
     return UPDATE_CHECK_ENABLED
 
 

{glaip_sdk-0.5.2.dist-info → glaip_sdk-0.5.5.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: glaip-sdk
-Version: 0.5.2
+Version: 0.5.5
 Summary: Python SDK for GL AIP (GDP Labs AI Agent Package) - Simplified CLI Design
 License: MIT
 Author: Raymond Christopher

{glaip_sdk-0.5.2.dist-info → glaip_sdk-0.5.5.dist-info}/RECORD

@@ -6,10 +6,10 @@ glaip_sdk/cli/account_store.py,sha256=NXuAVPaJS_32Aw1VTaZCNwIID-gADw4F_UMieoWmg3
 glaip_sdk/cli/agent_config.py,sha256=YAbFKrTNTRqNA6b0i0Q3pH-01rhHDRi5v8dxSFwGSwM,2401
 glaip_sdk/cli/auth.py,sha256=9hfjZyd4cx2_mImqykJ1sWQsuVTR2gy6D4hFqAQNKL4,24129
 glaip_sdk/cli/commands/__init__.py,sha256=6Z3ASXDut0lAbUX_umBFtxPzzFyqoiZfVeTahThFu1A,219
-glaip_sdk/cli/commands/accounts.py,sha256=B5itsUzqoH_hBRYOVd2m4nPoIuBbPDIoK974zKMm9NE,18635
-glaip_sdk/cli/commands/agents.py,sha256=35Ra1PLZYiSainYTtMBB40Iio5gDY_tyaDpeujoVdHw,47963
+glaip_sdk/cli/commands/accounts.py,sha256=NTexdyiv9Qp3xZMxmtwOWeCkRDHegyk06O9J3UWyXHQ,24644
+glaip_sdk/cli/commands/agents.py,sha256=WCOzllyh_Znwlju5camT4vE6OeRJbsAmjWwcyiAqWs4,48429
 glaip_sdk/cli/commands/common_config.py,sha256=IY13gPkeifXxSdpzRFUvfRin8J7s38p6Y7TYjdGw7w4,2474
-glaip_sdk/cli/commands/configure.py,sha256=8vfgtNEMK2lnEk3i6H1ZevsjxnYA6jAj4evhWmsHi6w,14494
+glaip_sdk/cli/commands/configure.py,sha256=95PQiJnpvsdH02v_tLVANd64qAJJnZKlhNe4tpfWIS4,30262
 glaip_sdk/cli/commands/mcps.py,sha256=tttqQnfM89iI9Pm94u8YRhiHMQNYNouecFX0brsT4cQ,42551
 glaip_sdk/cli/commands/models.py,sha256=vfcGprK5CHprQ0CNpNzQlNNTELvdgKC7JxTG_ijOwmE,2009
 glaip_sdk/cli/commands/tools.py,sha256=7_RMTuTI1Guu7psClovbyt2umfk4rkp7jSW19GXKA44,18440
@@ -33,7 +33,7 @@ glaip_sdk/cli/slash/__init__.py,sha256=J9TPL2UcNTkW8eifG6nRmAEGHhyEgdYMYk4cHaaOb
 glaip_sdk/cli/slash/agent_session.py,sha256=9r1xNRk5mk6rfJXV6KIf2Yo4B4hjknimd9fkxH1LO3c,11304
 glaip_sdk/cli/slash/prompt.py,sha256=2urqR3QqN3O09lHmKKSEbhsIdlS4B7hm9O8AP_VwCSU,8034
 glaip_sdk/cli/slash/remote_runs_controller.py,sha256=Ok6CezIeF1CPGQ8-QN3TRx5kGGEACOrgyPwH_BRRCyI,21354
-glaip_sdk/cli/slash/session.py,sha256=GvdpLri_TzuaWDEWHdfAIbdOjMf7MUGewxpEtW_5hPk,57642
+glaip_sdk/cli/slash/session.py,sha256=Pl6au6zwiKYeJ1JyxQ3pVfwVrE0Lzi6ejlLtEJfYG_4,57677
 glaip_sdk/cli/slash/tui/__init__.py,sha256=ljBAeAFY2qNDkbJrZh5NgXxjwUlsv9-UxgKNIv0AF1Q,274
 glaip_sdk/cli/slash/tui/remote_runs_app.py,sha256=YAtBtgjtzIy5y2NVOQexZX783DJpqFUkwAVYkVn1tSo,24762
 glaip_sdk/cli/transcript/__init__.py,sha256=yiYHyNtebMCu3BXu56Xm5RBC2tDc865q8UGPnoe6QRs,920
@@ -43,7 +43,7 @@ glaip_sdk/cli/transcript/export.py,sha256=reCvrZVzli8_LzYe5ZNdaa-MwZ1ov2RjnDzKZW
 glaip_sdk/cli/transcript/history.py,sha256=2FBjawxP8CX9gRPMUMP8bDjG50BGM2j2zk6IfHvAMH4,26211
 glaip_sdk/cli/transcript/launcher.py,sha256=z5ivkPXDQJpATIqtRLUK8jH3p3WIZ72PvOPqYRDMJvw,2327
 glaip_sdk/cli/transcript/viewer.py,sha256=ar1SzRkhKIf3_DgFz1EG1RZGDmd2w2wogAe038DLL_M,13037
-glaip_sdk/cli/update_notifier.py,sha256=qv-GfwTYZdrhlSbC_71I1AvKY9cV4QVBmtees16S2Xg,9807
+glaip_sdk/cli/update_notifier.py,sha256=FnTjzS8YT94RmP6c5aU_XNIyRi7FRHvAskMy-VJikl8,10064
 glaip_sdk/cli/utils.py,sha256=fV6PZlQ7K5zckpFWvwh3yLmETGrVylK9AXtN7zKBp-A,57374
 glaip_sdk/cli/validators.py,sha256=d-kq4y7HWMo6Gc7wLXWUsCt8JwFvJX_roZqRm1Nko1I,5622
 glaip_sdk/client/__init__.py,sha256=F-eE_dRSzA0cc1it06oi0tZetZBHmSUjWSHGhJMLCls,263
@@ -107,7 +107,7 @@ glaip_sdk/utils/resource_refs.py,sha256=vF34kyAtFBLnaKnQVrsr2st1JiSxVbIZ4yq0DelJ
 glaip_sdk/utils/run_renderer.py,sha256=d_VMI6LbvHPUUeRmGqh5wK_lHqDEIAcym2iqpbtDad0,1365
 glaip_sdk/utils/serialization.py,sha256=z-qpvWLSBrGK3wbUclcA1UIKLXJedTnMSwPdq-FF4lo,13308
 glaip_sdk/utils/validation.py,sha256=Vt8oSnn7OM6ns5vjOl5FwGIMWBPb0yI6RD5XL_L5_4M,6826
-glaip_sdk-0.5.2.dist-info/METADATA,sha256=yYVEtAsyIJBd3p6bgZxlvSIzUeOwSK-tI3DQVPAP0tI,7053
-glaip_sdk-0.5.2.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-glaip_sdk-0.5.2.dist-info/entry_points.txt,sha256=EGs8NO8J1fdFMWA3CsF7sKBEvtHb_fujdCoNPhfMouE,47
-glaip_sdk-0.5.2.dist-info/RECORD,,
+glaip_sdk-0.5.5.dist-info/METADATA,sha256=JN-k8loq68PUth6CcKkzfbnOYkqN5Fv6jlJhxnS4AoU,7053
+glaip_sdk-0.5.5.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+glaip_sdk-0.5.5.dist-info/entry_points.txt,sha256=EGs8NO8J1fdFMWA3CsF7sKBEvtHb_fujdCoNPhfMouE,47
+glaip_sdk-0.5.5.dist-info/RECORD,,