hf-auth-helper 0.1.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- hf_auth_helper-0.1.0/.github/workflows/ci.yml +29 -0
- hf_auth_helper-0.1.0/.github/workflows/publish.yml +139 -0
- hf_auth_helper-0.1.0/.gitignore +14 -0
- hf_auth_helper-0.1.0/AGENTS.md +38 -0
- hf_auth_helper-0.1.0/LICENSE +22 -0
- hf_auth_helper-0.1.0/PKG-INFO +83 -0
- hf_auth_helper-0.1.0/README.md +59 -0
- hf_auth_helper-0.1.0/docs/SPECIFICATION.md +352 -0
- hf_auth_helper-0.1.0/pyproject.toml +103 -0
- hf_auth_helper-0.1.0/scripts/check-mutation.py +92 -0
- hf_auth_helper-0.1.0/scripts/vendor.py +67 -0
- hf_auth_helper-0.1.0/slophammer.yml +20 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/__init__.py +40 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/cli.py +428 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/prefill.py +169 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/py.typed +0 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/scopes.py +187 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/store.py +165 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/README.txt +4 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/VENDORED.txt +3 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/__init__.py +54 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/application/__init__.py +32 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/application/application.py +1630 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/application/current.py +195 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/application/dummy.py +55 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/application/run_in_terminal.py +117 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/auto_suggest.py +177 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/buffer.py +2029 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/cache.py +127 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/clipboard/__init__.py +17 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/clipboard/base.py +109 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/clipboard/in_memory.py +44 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/clipboard/pyperclip.py +42 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/completion/__init__.py +43 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/completion/base.py +438 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/completion/deduplicate.py +45 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/completion/filesystem.py +118 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/completion/fuzzy_completer.py +213 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/completion/nested.py +109 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/completion/word_completer.py +94 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/__init__.py +0 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/completers/__init__.py +5 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/completers/system.py +64 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/regular_languages/__init__.py +80 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/regular_languages/compiler.py +579 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/regular_languages/completion.py +100 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/regular_languages/lexer.py +94 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/regular_languages/regex_parser.py +279 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/regular_languages/validation.py +60 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/ssh/__init__.py +8 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/ssh/server.py +178 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/telnet/__init__.py +7 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/telnet/log.py +13 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/telnet/protocol.py +209 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/contrib/telnet/server.py +428 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/cursor_shapes.py +117 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/data_structures.py +18 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/document.py +1182 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/enums.py +19 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/eventloop/__init__.py +31 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/eventloop/async_generator.py +125 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/eventloop/inputhook.py +191 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/eventloop/utils.py +101 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/eventloop/win32.py +72 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/filters/__init__.py +71 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/filters/app.py +419 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/filters/base.py +260 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/filters/cli.py +65 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/filters/utils.py +41 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/formatted_text/__init__.py +59 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/formatted_text/ansi.py +302 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/formatted_text/base.py +179 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/formatted_text/html.py +145 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/formatted_text/pygments.py +32 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/formatted_text/utils.py +102 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/history.py +306 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/input/__init__.py +14 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/input/ansi_escape_sequences.py +344 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/input/base.py +154 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/input/defaults.py +79 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/input/posix_pipe.py +118 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/input/posix_utils.py +97 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/input/typeahead.py +78 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/input/vt100.py +309 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/input/vt100_parser.py +250 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/input/win32.py +904 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/input/win32_pipe.py +156 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/__init__.py +22 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/__init__.py +0 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/auto_suggest.py +66 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/basic.py +257 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/completion.py +206 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/cpr.py +30 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/emacs.py +563 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/focus.py +26 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/mouse.py +348 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/named_commands.py +691 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/open_in_editor.py +52 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/page_navigation.py +85 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/scroll.py +190 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/search.py +96 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/bindings/vi.py +2233 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/defaults.py +63 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/digraphs.py +1378 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/emacs_state.py +36 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/key_bindings.py +672 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/key_processor.py +526 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/key_binding/vi_state.py +107 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/keys.py +222 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/layout/__init__.py +147 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/layout/containers.py +2766 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/layout/controls.py +956 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/layout/dimension.py +216 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/layout/dummy.py +40 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/layout/layout.py +412 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/layout/margins.py +304 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/layout/menus.py +748 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/layout/mouse_handlers.py +56 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/layout/processors.py +1016 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/layout/screen.py +323 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/layout/scrollable_pane.py +494 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/layout/utils.py +80 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/lexers/__init__.py +21 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/lexers/base.py +85 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/lexers/pygments.py +328 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/log.py +13 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/mouse_events.py +85 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/output/__init__.py +15 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/output/base.py +332 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/output/color_depth.py +64 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/output/conemu.py +65 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/output/defaults.py +106 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/output/flush_stdout.py +87 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/output/plain_text.py +143 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/output/vt100.py +760 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/output/win32.py +684 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/output/windows10.py +133 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/patch_stdout.py +297 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/py.typed +0 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/renderer.py +820 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/search.py +226 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/selection.py +58 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/shortcuts/__init__.py +49 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/shortcuts/choice_input.py +311 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/shortcuts/dialogs.py +330 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/shortcuts/progress_bar/__init__.py +33 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/shortcuts/progress_bar/base.py +449 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/shortcuts/progress_bar/formatters.py +431 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/shortcuts/prompt.py +1538 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/shortcuts/utils.py +239 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/styles/__init__.py +67 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/styles/base.py +188 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/styles/defaults.py +236 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/styles/named_colors.py +162 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/styles/pygments.py +70 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/styles/style.py +407 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/styles/style_transformation.py +374 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/token.py +9 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/utils.py +327 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/validation.py +192 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/widgets/__init__.py +63 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/widgets/base.py +1080 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/widgets/dialogs.py +108 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/widgets/menus.py +374 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/widgets/toolbars.py +370 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit/win32_types.py +229 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit-3.0.52.dist-info/INSTALLER +1 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit-3.0.52.dist-info/METADATA +172 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit-3.0.52.dist-info/RECORD +299 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit-3.0.52.dist-info/REQUESTED +0 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit-3.0.52.dist-info/WHEEL +5 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit-3.0.52.dist-info/licenses/AUTHORS.rst +11 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit-3.0.52.dist-info/licenses/LICENSE +27 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/prompt_toolkit-3.0.52.dist-info/top_level.txt +1 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/__init__.py +56 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/constants.py +57 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/form.py +117 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/prompt.py +234 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/prompts/__init__.py +29 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/prompts/autocomplete.py +214 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/prompts/checkbox.py +327 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/prompts/common.py +670 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/prompts/confirm.py +133 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/prompts/password.py +61 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/prompts/path.py +243 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/prompts/press_any_key_to_continue.py +61 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/prompts/rawselect.py +79 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/prompts/select.py +283 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/prompts/text.py +101 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/py.typed +0 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/question.py +134 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/styles.py +15 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/utils.py +78 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary/version.py +1 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary-2.1.1.dist-info/INSTALLER +1 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary-2.1.1.dist-info/LICENSE +19 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary-2.1.1.dist-info/METADATA +143 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary-2.1.1.dist-info/NOTICE +51 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary-2.1.1.dist-info/RECORD +46 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary-2.1.1.dist-info/REQUESTED +0 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/questionary-2.1.1.dist-info/WHEEL +4 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/__init__.py +81 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/_clip.py +835 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/_constants.py +164 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/_wcswidth.py +439 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/_wcwidth.py +162 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/_width.py +515 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/align.py +165 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/bisearch.py +30 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/control_codes.py +46 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/escape_sequences.py +194 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/grapheme.py +493 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/hyperlink.py +142 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/py.typed +0 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/sgr_state.py +339 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_ambiguous.py +189 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme.py +2347 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/__init__.py +37 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_27e0693f.py +2677 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_3d4826b8.py +6462 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_45d92e98.py +1969 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_4cdf59ce.py +42 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_50bf0759.py +2571 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_529fbb4a.py +1799 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_5bfac390.py +2571 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_813fee16.py +2570 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_8589765c.py +1310 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_8f94b404.py +2581 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_970dbe10.py +2839 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_c0a2cdbf.py +3617 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_c2157f7e.py +1153 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_c3db41c0.py +3401 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_da9ceb0a.py +1910 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_e08bd75e.py +2641 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_e22030f3.py +6396 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_fcc05a0f.py +6648 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_known_fd9d4c44.py +3671 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_grapheme_overrides/_registry.py +32 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_mc.py +206 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_overrides.py +853 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_term_programs.py +49 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_vs15.py +104 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_vs16.py +126 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_wide.py +138 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/table_zero.py +350 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/text_sizing.py +202 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/textwrap.py +656 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/unicode_versions.py +21 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth/wcwidth.py +88 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth-0.8.2.dist-info/INSTALLER +1 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth-0.8.2.dist-info/METADATA +1036 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth-0.8.2.dist-info/RECORD +101 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth-0.8.2.dist-info/REQUESTED +0 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth-0.8.2.dist-info/WHEEL +4 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendor/wcwidth-0.8.2.dist-info/licenses/LICENSE +27 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/vendored.py +21 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/verify.py +46 -0
- hf_auth_helper-0.1.0/src/hf_auth_helper/wizard.py +163 -0
- hf_auth_helper-0.1.0/tests/__init__.py +0 -0
- hf_auth_helper-0.1.0/tests/conftest.py +27 -0
- hf_auth_helper-0.1.0/tests/test_cli.py +472 -0
- hf_auth_helper-0.1.0/tests/test_prefill.py +114 -0
- hf_auth_helper-0.1.0/tests/test_scopes.py +222 -0
- hf_auth_helper-0.1.0/tests/test_store.py +165 -0
- hf_auth_helper-0.1.0/tests/test_vendored.py +11 -0
- hf_auth_helper-0.1.0/tests/test_verify.py +101 -0
- hf_auth_helper-0.1.0/tests/test_wizard.py +162 -0
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
name: CI
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
pull_request:
|
|
5
|
+
push:
|
|
6
|
+
branches: [main]
|
|
7
|
+
|
|
8
|
+
jobs:
|
|
9
|
+
test:
|
|
10
|
+
runs-on: ubuntu-latest
|
|
11
|
+
steps:
|
|
12
|
+
- uses: actions/checkout@v6
|
|
13
|
+
- uses: actions/setup-python@v6
|
|
14
|
+
with:
|
|
15
|
+
python-version: "3.12"
|
|
16
|
+
- uses: astral-sh/setup-uv@v7
|
|
17
|
+
- run: python -m pip install -e ".[dev]"
|
|
18
|
+
- run: ruff format --check .
|
|
19
|
+
- run: ruff check .
|
|
20
|
+
- run: ty check src tests
|
|
21
|
+
- run: pytest --cov=src/hf_auth_helper --cov-fail-under=85
|
|
22
|
+
- name: Mutation testing behind the kill-rate floor
|
|
23
|
+
run: python scripts/check-mutation.py --min-kill-rate 80
|
|
24
|
+
- name: Audit dependencies
|
|
25
|
+
run: |
|
|
26
|
+
python -m pip freeze --exclude-editable > /tmp/requirements.txt
|
|
27
|
+
uvx pip-audit -r /tmp/requirements.txt --disable-pip --no-deps
|
|
28
|
+
- run: uvx slophammer-py@0.4.0 dry .
|
|
29
|
+
- run: uvx slophammer-py@0.4.0 check .
|
|
@@ -0,0 +1,139 @@
|
|
|
1
|
+
name: Publish
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
tags:
|
|
6
|
+
- "v*"
|
|
7
|
+
|
|
8
|
+
concurrency:
|
|
9
|
+
group: publish-${{ github.workflow }}-${{ github.ref }}
|
|
10
|
+
cancel-in-progress: false
|
|
11
|
+
|
|
12
|
+
permissions:
|
|
13
|
+
contents: read
|
|
14
|
+
|
|
15
|
+
jobs:
|
|
16
|
+
publish:
|
|
17
|
+
# PyPI trusted publishing requires a GitHub-hosted runner.
|
|
18
|
+
runs-on: ubuntu-latest
|
|
19
|
+
permissions:
|
|
20
|
+
contents: write
|
|
21
|
+
id-token: write
|
|
22
|
+
steps:
|
|
23
|
+
- uses: actions/checkout@v6
|
|
24
|
+
with:
|
|
25
|
+
fetch-depth: 0
|
|
26
|
+
|
|
27
|
+
- uses: astral-sh/setup-uv@v7
|
|
28
|
+
|
|
29
|
+
- uses: actions/setup-python@v6
|
|
30
|
+
with:
|
|
31
|
+
python-version: "3.12"
|
|
32
|
+
|
|
33
|
+
- name: Validate release tag
|
|
34
|
+
env:
|
|
35
|
+
RELEASE_SHA: ${{ github.sha }}
|
|
36
|
+
RELEASE_TAG: ${{ github.ref_name }}
|
|
37
|
+
run: |
|
|
38
|
+
set -euo pipefail
|
|
39
|
+
git fetch --no-tags origin main --depth=1
|
|
40
|
+
|
|
41
|
+
uv run --python 3.12 python - <<'PY'
|
|
42
|
+
import os
|
|
43
|
+
import re
|
|
44
|
+
import subprocess
|
|
45
|
+
import sys
|
|
46
|
+
import tomllib
|
|
47
|
+
|
|
48
|
+
release_tag = os.environ.get("RELEASE_TAG", "")
|
|
49
|
+
release_sha = os.environ.get("RELEASE_SHA", "")
|
|
50
|
+
|
|
51
|
+
if not re.fullmatch(r"v\d+\.\d+\.\d+", release_tag):
|
|
52
|
+
sys.exit(f"Release tags must match vX.Y.Z; received {release_tag or '<missing>'}.")
|
|
53
|
+
|
|
54
|
+
with open("pyproject.toml", "rb") as handle:
|
|
55
|
+
version = tomllib.load(handle)["project"]["version"]
|
|
56
|
+
expected = f"v{version}"
|
|
57
|
+
if release_tag != expected:
|
|
58
|
+
sys.exit(
|
|
59
|
+
f"Release tag {release_tag} does not match pyproject version {version}; "
|
|
60
|
+
f"expected {expected}."
|
|
61
|
+
)
|
|
62
|
+
|
|
63
|
+
ancestor = subprocess.run(
|
|
64
|
+
["git", "merge-base", "--is-ancestor", release_sha, "origin/main"],
|
|
65
|
+
check=False,
|
|
66
|
+
)
|
|
67
|
+
if ancestor.returncode != 0:
|
|
68
|
+
sys.exit(f"Tagged commit {release_sha} is not contained in origin/main.")
|
|
69
|
+
|
|
70
|
+
print(f"Release tag {release_tag} matches pyproject.toml and points to origin/main.")
|
|
71
|
+
PY
|
|
72
|
+
|
|
73
|
+
- name: Ensure version is not already published
|
|
74
|
+
run: |
|
|
75
|
+
set -euo pipefail
|
|
76
|
+
version="$(uv run --python 3.12 python -c 'import tomllib; print(tomllib.load(open("pyproject.toml","rb"))["project"]["version"])')"
|
|
77
|
+
status="$(curl -s -o /dev/null -w '%{http_code}' "https://pypi.org/pypi/hf-auth-helper/$version/json")"
|
|
78
|
+
if [ "$status" = "200" ]; then
|
|
79
|
+
echo "hf-auth-helper@$version is already published on PyPI."
|
|
80
|
+
exit 1
|
|
81
|
+
fi
|
|
82
|
+
echo "Publishing hf-auth-helper@$version"
|
|
83
|
+
|
|
84
|
+
- name: Validate package
|
|
85
|
+
run: |
|
|
86
|
+
uv run --python 3.12 --extra dev ruff format --check .
|
|
87
|
+
uv run --python 3.12 --extra dev ruff check .
|
|
88
|
+
uv run --python 3.12 --extra dev ty check src tests
|
|
89
|
+
uv run --python 3.12 --extra dev pytest --cov=src/hf_auth_helper --cov-fail-under=85
|
|
90
|
+
uv run --python 3.12 --extra dev python scripts/check-mutation.py --min-kill-rate 80
|
|
91
|
+
uv export --python 3.12 --extra dev --format requirements.txt --no-emit-project --no-hashes --output-file /tmp/requirements.txt
|
|
92
|
+
uvx pip-audit -r /tmp/requirements.txt --disable-pip --no-deps
|
|
93
|
+
uvx slophammer-py@0.4.0 dry .
|
|
94
|
+
uvx slophammer-py@0.4.0 check .
|
|
95
|
+
|
|
96
|
+
- name: Build distributions
|
|
97
|
+
run: uv build
|
|
98
|
+
|
|
99
|
+
- name: Check distributions
|
|
100
|
+
run: uvx twine check dist/*
|
|
101
|
+
|
|
102
|
+
- name: Publish to PyPI
|
|
103
|
+
run: uv publish --trusted-publishing always
|
|
104
|
+
|
|
105
|
+
- name: Create GitHub Release
|
|
106
|
+
env:
|
|
107
|
+
GH_TOKEN: ${{ github.token }}
|
|
108
|
+
run: |
|
|
109
|
+
set -euo pipefail
|
|
110
|
+
|
|
111
|
+
tag="${GITHUB_REF_NAME}"
|
|
112
|
+
version="${tag#v}"
|
|
113
|
+
notes_file="$(mktemp)"
|
|
114
|
+
|
|
115
|
+
cat > "$notes_file" <<EOF
|
|
116
|
+
Published hf-auth-helper to PyPI.
|
|
117
|
+
|
|
118
|
+
Install with:
|
|
119
|
+
|
|
120
|
+
\`\`\`sh
|
|
121
|
+
uvx hf-auth-helper==$version agent login
|
|
122
|
+
\`\`\`
|
|
123
|
+
|
|
124
|
+
Package: https://pypi.org/project/hf-auth-helper/$version/
|
|
125
|
+
EOF
|
|
126
|
+
|
|
127
|
+
if gh release view "$tag" >/dev/null 2>&1; then
|
|
128
|
+
gh release edit "$tag" \
|
|
129
|
+
--title "hf-auth-helper v$version" \
|
|
130
|
+
--notes-file "$notes_file" \
|
|
131
|
+
--draft=false \
|
|
132
|
+
--prerelease=false \
|
|
133
|
+
--verify-tag
|
|
134
|
+
else
|
|
135
|
+
gh release create "$tag" \
|
|
136
|
+
--title "hf-auth-helper v$version" \
|
|
137
|
+
--notes-file "$notes_file" \
|
|
138
|
+
--verify-tag
|
|
139
|
+
fi
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
# AGENTS.md
|
|
2
|
+
|
|
3
|
+
These instructions apply to this repository.
|
|
4
|
+
|
|
5
|
+
## Commands To Run Before Finishing
|
|
6
|
+
|
|
7
|
+
```sh
|
|
8
|
+
ruff format --check .
|
|
9
|
+
ruff check .
|
|
10
|
+
ty check src tests
|
|
11
|
+
pytest --cov=src/hf_auth_helper --cov-fail-under=85
|
|
12
|
+
python scripts/check-mutation.py --min-kill-rate 80
|
|
13
|
+
uvx slophammer-py@0.4.0 check .
|
|
14
|
+
```
|
|
15
|
+
|
|
16
|
+
CI runs the same gates; do not finish with any of them red.
|
|
17
|
+
|
|
18
|
+
## Rules
|
|
19
|
+
|
|
20
|
+
- Python 3.12+, standard library only in `src/` — this tool must stay
|
|
21
|
+
runnable as a dependency-free single install. Dev tooling may use
|
|
22
|
+
dependencies; shipped code may not.
|
|
23
|
+
- Type annotations on all public functions and meaningful helpers. No
|
|
24
|
+
explicit `Any`; dynamic JSON is narrowed at the boundary
|
|
25
|
+
(see `scopes.py` for the pattern).
|
|
26
|
+
- Security invariant: scope classification fails closed. Unknown permissions
|
|
27
|
+
are violations. Never widen `SAFE_PERMISSIONS` without a test proving the
|
|
28
|
+
permission cannot mutate or delete Hub content.
|
|
29
|
+
- Never print, log, or persist token values except where the user explicitly
|
|
30
|
+
chose to store them.
|
|
31
|
+
- Keep domain logic (scope evaluation, URL building) free of IO. Network and
|
|
32
|
+
filesystem access belong in the CLI layer only.
|
|
33
|
+
- Add or update tests for every behavior change.
|
|
34
|
+
|
|
35
|
+
## Slophammer
|
|
36
|
+
|
|
37
|
+
Quality gates are enforced with Slophammer standards:
|
|
38
|
+
https://raw.githubusercontent.com/dutifuldev/slophammer/refs/heads/main/docs/AGENT_ENTRYPOINT.md
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2026 Onur Solmaz
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
|
22
|
+
|
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
Metadata-Version: 2.4
|
|
2
|
+
Name: hf-auth-helper
|
|
3
|
+
Version: 0.1.0
|
|
4
|
+
Summary: Set up safe, scoped Hugging Face authentication for agents: propose-only tokens, verification, and profiles.
|
|
5
|
+
Project-URL: Repository, https://github.com/osolmaz/hf-auth-helper
|
|
6
|
+
Author-email: Onur Solmaz <onur@solmaz.io>
|
|
7
|
+
License-Expression: MIT
|
|
8
|
+
License-File: LICENSE
|
|
9
|
+
Keywords: agent,huggingface,propose-only,security,token
|
|
10
|
+
Classifier: Development Status :: 3 - Alpha
|
|
11
|
+
Classifier: Environment :: Console
|
|
12
|
+
Classifier: Intended Audience :: Developers
|
|
13
|
+
Classifier: Programming Language :: Python :: 3.12
|
|
14
|
+
Classifier: Topic :: Security
|
|
15
|
+
Requires-Python: >=3.12
|
|
16
|
+
Provides-Extra: dev
|
|
17
|
+
Requires-Dist: mutmut>=3.2; extra == 'dev'
|
|
18
|
+
Requires-Dist: pytest-cov>=5.0; extra == 'dev'
|
|
19
|
+
Requires-Dist: pytest>=8.0; extra == 'dev'
|
|
20
|
+
Requires-Dist: ruff>=0.5; extra == 'dev'
|
|
21
|
+
Requires-Dist: ty>=0.0.9; extra == 'dev'
|
|
22
|
+
Requires-Dist: typeguard>=4.3; extra == 'dev'
|
|
23
|
+
Description-Content-Type: text/markdown
|
|
24
|
+
|
|
25
|
+
# hf-auth-helper
|
|
26
|
+
|
|
27
|
+
Set up safe, scoped Hugging Face authentication for agents.
|
|
28
|
+
|
|
29
|
+
Coding agents that read untrusted content (web pages, issues, datasets) can be
|
|
30
|
+
prompt-injected. If such an agent holds a normal `write` token, one injection
|
|
31
|
+
can delete your datasets, Spaces, and buckets. `hf-auth-helper` sets up
|
|
32
|
+
**propose-only** access instead: the agent can read and open pull requests,
|
|
33
|
+
but a human has to merge — nothing the agent does is irreversible.
|
|
34
|
+
|
|
35
|
+
## Usage
|
|
36
|
+
|
|
37
|
+
```sh
|
|
38
|
+
uvx hf-auth-helper agent login
|
|
39
|
+
```
|
|
40
|
+
|
|
41
|
+
One interactive command:
|
|
42
|
+
|
|
43
|
+
1. **Recommended or customize** — accept the field-tested access settings,
|
|
44
|
+
or answer plain-language yes/no questions ("Read gated models?", "Read
|
|
45
|
+
your billing usage?", …) to narrow them. Reading repo contents and
|
|
46
|
+
opening pull requests are always included; write access never is.
|
|
47
|
+
2. **Organizations** — if you're already logged into the `hf` CLI, your orgs
|
|
48
|
+
are detected and offered as a checklist; otherwise enter names manually.
|
|
49
|
+
3. **Token form** — a summary of what the token will be able to do, then the
|
|
50
|
+
Hugging Face token page URL with your scopes preselected. Open it on any
|
|
51
|
+
device (the tool assumes you may be SSH'd into a remote box and only
|
|
52
|
+
opens a local browser if you say yes); name the token and click create.
|
|
53
|
+
4. **Verification** — paste the token (input stays hidden) and it is checked
|
|
54
|
+
against the Hub: if its scopes allow anything beyond reading and opening
|
|
55
|
+
pull requests, it is **refused** with the violating permissions named,
|
|
56
|
+
and nothing is stored. Differences from what you configured are reported.
|
|
57
|
+
5. **Storage** — keep it as a named `hf` CLI profile (activate with
|
|
58
|
+
`hf auth switch`), make it the primary token (your current login is
|
|
59
|
+
preserved as a named profile, never destroyed), or write an `HF_TOKEN=`
|
|
60
|
+
line into an env file for a single agent process.
|
|
61
|
+
|
|
62
|
+
Scripting (no prompts when not a TTY; flags select resources and
|
|
63
|
+
destinations, never scopes):
|
|
64
|
+
|
|
65
|
+
```sh
|
|
66
|
+
uvx hf-auth-helper agent login --org my-org --profile my-agent
|
|
67
|
+
uvx hf-auth-helper agent login --env /path/to/agent/.env
|
|
68
|
+
uvx hf-auth-helper agent login --url-only # just print the prefill URL
|
|
69
|
+
```
|
|
70
|
+
|
|
71
|
+
Whatever you select, write capability is limited to opening PRs and
|
|
72
|
+
discussions. A token created this way cannot push to main, merge PRs, modify
|
|
73
|
+
buckets, change settings, or delete anything. What it can still do is *read*
|
|
74
|
+
everything you granted it — see the threat model in
|
|
75
|
+
[docs/SPECIFICATION.md](docs/SPECIFICATION.md) for why "nothing irreversible"
|
|
76
|
+
is the guarantee, not "nothing leaks".
|
|
77
|
+
|
|
78
|
+
The full behavior contract, threat model, and design rationale live in
|
|
79
|
+
[docs/SPECIFICATION.md](docs/SPECIFICATION.md).
|
|
80
|
+
|
|
81
|
+
## License
|
|
82
|
+
|
|
83
|
+
[MIT](LICENSE)
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
# hf-auth-helper
|
|
2
|
+
|
|
3
|
+
Set up safe, scoped Hugging Face authentication for agents.
|
|
4
|
+
|
|
5
|
+
Coding agents that read untrusted content (web pages, issues, datasets) can be
|
|
6
|
+
prompt-injected. If such an agent holds a normal `write` token, one injection
|
|
7
|
+
can delete your datasets, Spaces, and buckets. `hf-auth-helper` sets up
|
|
8
|
+
**propose-only** access instead: the agent can read and open pull requests,
|
|
9
|
+
but a human has to merge — nothing the agent does is irreversible.
|
|
10
|
+
|
|
11
|
+
## Usage
|
|
12
|
+
|
|
13
|
+
```sh
|
|
14
|
+
uvx hf-auth-helper agent login
|
|
15
|
+
```
|
|
16
|
+
|
|
17
|
+
One interactive command:
|
|
18
|
+
|
|
19
|
+
1. **Recommended or customize** — accept the field-tested access settings,
|
|
20
|
+
or answer plain-language yes/no questions ("Read gated models?", "Read
|
|
21
|
+
your billing usage?", …) to narrow them. Reading repo contents and
|
|
22
|
+
opening pull requests are always included; write access never is.
|
|
23
|
+
2. **Organizations** — if you're already logged into the `hf` CLI, your orgs
|
|
24
|
+
are detected and offered as a checklist; otherwise enter names manually.
|
|
25
|
+
3. **Token form** — a summary of what the token will be able to do, then the
|
|
26
|
+
Hugging Face token page URL with your scopes preselected. Open it on any
|
|
27
|
+
device (the tool assumes you may be SSH'd into a remote box and only
|
|
28
|
+
opens a local browser if you say yes); name the token and click create.
|
|
29
|
+
4. **Verification** — paste the token (input stays hidden) and it is checked
|
|
30
|
+
against the Hub: if its scopes allow anything beyond reading and opening
|
|
31
|
+
pull requests, it is **refused** with the violating permissions named,
|
|
32
|
+
and nothing is stored. Differences from what you configured are reported.
|
|
33
|
+
5. **Storage** — keep it as a named `hf` CLI profile (activate with
|
|
34
|
+
`hf auth switch`), make it the primary token (your current login is
|
|
35
|
+
preserved as a named profile, never destroyed), or write an `HF_TOKEN=`
|
|
36
|
+
line into an env file for a single agent process.
|
|
37
|
+
|
|
38
|
+
Scripting (no prompts when not a TTY; flags select resources and
|
|
39
|
+
destinations, never scopes):
|
|
40
|
+
|
|
41
|
+
```sh
|
|
42
|
+
uvx hf-auth-helper agent login --org my-org --profile my-agent
|
|
43
|
+
uvx hf-auth-helper agent login --env /path/to/agent/.env
|
|
44
|
+
uvx hf-auth-helper agent login --url-only # just print the prefill URL
|
|
45
|
+
```
|
|
46
|
+
|
|
47
|
+
Whatever you select, write capability is limited to opening PRs and
|
|
48
|
+
discussions. A token created this way cannot push to main, merge PRs, modify
|
|
49
|
+
buckets, change settings, or delete anything. What it can still do is *read*
|
|
50
|
+
everything you granted it — see the threat model in
|
|
51
|
+
[docs/SPECIFICATION.md](docs/SPECIFICATION.md) for why "nothing irreversible"
|
|
52
|
+
is the guarantee, not "nothing leaks".
|
|
53
|
+
|
|
54
|
+
The full behavior contract, threat model, and design rationale live in
|
|
55
|
+
[docs/SPECIFICATION.md](docs/SPECIFICATION.md).
|
|
56
|
+
|
|
57
|
+
## License
|
|
58
|
+
|
|
59
|
+
[MIT](LICENSE)
|