PyPI - humanbound - Versions diffs - 2.0.2__tar.gz → 2.0.4__tar.gz - Mend

humanbound 2.0.2tar.gz → 2.0.4tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (113) hide show

{humanbound-2.0.2 → humanbound-2.0.4}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: humanbound
-Version: 2.0.2
+Version: 2.0.4
 Summary: Humanbound — open-source AI agent red-team engine, SDK, and CLI.
 Author-email: Humanbound <hello@humanbound.ai>
 Maintainer-email: Demetris Gerogiannis <hello@humanbound.ai>, Kostas Siabanis <hello@humanbound.ai>
@@ -34,8 +34,8 @@ Requires-Dist: rich>=13.0.0
 Requires-Dist: requests>=2.32.0
 Requires-Dist: pyyaml>=6.0.0
 Requires-Dist: pydantic>=2.0
-Requires-Dist: msal>=1.31.0
 Requires-Dist: pyperclip>=1.8.0
+Requires-Dist: posthog>=3.0
 Provides-Extra: engine
 Requires-Dist: openai>=1.0.0; extra == "engine"
 Requires-Dist: anthropic>=0.20.0; extra == "engine"
@@ -58,6 +58,7 @@ Requires-Dist: mypy>=1.11; extra == "dev"
 Requires-Dist: build>=1.2; extra == "dev"
 Requires-Dist: twine>=5.0; extra == "dev"
 Requires-Dist: pre-commit>=3.8; extra == "dev"
+Requires-Dist: mkdocs>=1.6; extra == "dev"
 Dynamic: license-file
 <p align="center">
@@ -166,8 +167,9 @@ integration, and API reference all live on
 ## What's shipping in 2.0
 - **Clean name**: `humanbound` is the new PyPI install. The old
-  `humanbound-cli` is a transitional stub that will be yanked after
-  2026-06-20.
+  `humanbound-cli` package is a discontinued transitional stub (final
+  release 1.2.2 depends on `humanbound>=2.0.2`); please install
+  `humanbound` directly.
 - **Public SDK namespace** alongside the CLI — use the CLI or drive the
   engine from Python. Both share the same implementation, so they can't
   drift.
@@ -187,6 +189,12 @@ loop, release process, and CLA requirement (see [CLA.md](./CLA.md)).
 - 🔒 [Report a security issue](./SECURITY.md) — **not via public Issues**
 - 💬 [Join Discord](https://discord.gg/gQyXjVBF)
+## Telemetry
+The `hb` CLI sends anonymous usage data to help us improve it.
+Disable with `hb telemetry disable`, `HB_TELEMETRY_DISABLED=1`, or
+`DO_NOT_TRACK=1`. Full disclosure: [PRIVACY.md](./PRIVACY.md).
 ## License
 [Apache-2.0](./LICENSE). Free to use in any context — commercial or
@@ -194,5 +202,4 @@ open-source — with attribution. See [TRADEMARK.md](./TRADEMARK.md) for the
 trademark policy. The code is open; the name is not.
 The sibling project [`humanbound-firewall`](https://github.com/humanbound/humanbound-firewall)
-is dual-licensed (AGPL-3.0 + commercial) — different product, different
-license strategy.
+is also Apache-2.0 — same license, different product.

{humanbound-2.0.2 → humanbound-2.0.4}/README.md RENAMED Viewed

@@ -104,8 +104,9 @@ integration, and API reference all live on
 ## What's shipping in 2.0
 - **Clean name**: `humanbound` is the new PyPI install. The old
-  `humanbound-cli` is a transitional stub that will be yanked after
-  2026-06-20.
+  `humanbound-cli` package is a discontinued transitional stub (final
+  release 1.2.2 depends on `humanbound>=2.0.2`); please install
+  `humanbound` directly.
 - **Public SDK namespace** alongside the CLI — use the CLI or drive the
   engine from Python. Both share the same implementation, so they can't
   drift.
@@ -125,6 +126,12 @@ loop, release process, and CLA requirement (see [CLA.md](./CLA.md)).
 - 🔒 [Report a security issue](./SECURITY.md) — **not via public Issues**
 - 💬 [Join Discord](https://discord.gg/gQyXjVBF)
+## Telemetry
+The `hb` CLI sends anonymous usage data to help us improve it.
+Disable with `hb telemetry disable`, `HB_TELEMETRY_DISABLED=1`, or
+`DO_NOT_TRACK=1`. Full disclosure: [PRIVACY.md](./PRIVACY.md).
 ## License
 [Apache-2.0](./LICENSE). Free to use in any context — commercial or
@@ -132,5 +139,4 @@ open-source — with attribution. See [TRADEMARK.md](./TRADEMARK.md) for the
 trademark policy. The code is open; the name is not.
 The sibling project [`humanbound-firewall`](https://github.com/humanbound/humanbound-firewall)
-is dual-licensed (AGPL-3.0 + commercial) — different product, different
-license strategy.
+is also Apache-2.0 — same license, different product.

{humanbound-2.0.2 → humanbound-2.0.4}/humanbound.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: humanbound
-Version: 2.0.2
+Version: 2.0.4
 Summary: Humanbound — open-source AI agent red-team engine, SDK, and CLI.
 Author-email: Humanbound <hello@humanbound.ai>
 Maintainer-email: Demetris Gerogiannis <hello@humanbound.ai>, Kostas Siabanis <hello@humanbound.ai>
@@ -34,8 +34,8 @@ Requires-Dist: rich>=13.0.0
 Requires-Dist: requests>=2.32.0
 Requires-Dist: pyyaml>=6.0.0
 Requires-Dist: pydantic>=2.0
-Requires-Dist: msal>=1.31.0
 Requires-Dist: pyperclip>=1.8.0
+Requires-Dist: posthog>=3.0
 Provides-Extra: engine
 Requires-Dist: openai>=1.0.0; extra == "engine"
 Requires-Dist: anthropic>=0.20.0; extra == "engine"
@@ -58,6 +58,7 @@ Requires-Dist: mypy>=1.11; extra == "dev"
 Requires-Dist: build>=1.2; extra == "dev"
 Requires-Dist: twine>=5.0; extra == "dev"
 Requires-Dist: pre-commit>=3.8; extra == "dev"
+Requires-Dist: mkdocs>=1.6; extra == "dev"
 Dynamic: license-file
 <p align="center">
@@ -166,8 +167,9 @@ integration, and API reference all live on
 ## What's shipping in 2.0
 - **Clean name**: `humanbound` is the new PyPI install. The old
-  `humanbound-cli` is a transitional stub that will be yanked after
-  2026-06-20.
+  `humanbound-cli` package is a discontinued transitional stub (final
+  release 1.2.2 depends on `humanbound>=2.0.2`); please install
+  `humanbound` directly.
 - **Public SDK namespace** alongside the CLI — use the CLI or drive the
   engine from Python. Both share the same implementation, so they can't
   drift.
@@ -187,6 +189,12 @@ loop, release process, and CLA requirement (see [CLA.md](./CLA.md)).
 - 🔒 [Report a security issue](./SECURITY.md) — **not via public Issues**
 - 💬 [Join Discord](https://discord.gg/gQyXjVBF)
+## Telemetry
+The `hb` CLI sends anonymous usage data to help us improve it.
+Disable with `hb telemetry disable`, `HB_TELEMETRY_DISABLED=1`, or
+`DO_NOT_TRACK=1`. Full disclosure: [PRIVACY.md](./PRIVACY.md).
 ## License
 [Apache-2.0](./LICENSE). Free to use in any context — commercial or
@@ -194,5 +202,4 @@ open-source — with attribution. See [TRADEMARK.md](./TRADEMARK.md) for the
 trademark policy. The code is open; the name is not.
 The sibling project [`humanbound-firewall`](https://github.com/humanbound/humanbound-firewall)
-is dual-licensed (AGPL-3.0 + commercial) — different product, different
-license strategy.
+is also Apache-2.0 — same license, different product.

{humanbound-2.0.2 → humanbound-2.0.4}/humanbound.egg-info/SOURCES.txt RENAMED Viewed

@@ -50,13 +50,9 @@ humanbound_cli/commands/projects.py
 humanbound_cli/commands/providers.py
 humanbound_cli/commands/redteam.py
 humanbound_cli/commands/report.py
-humanbound_cli/commands/scan.py
-humanbound_cli/commands/sentinel.py
+humanbound_cli/commands/telemetry.py
 humanbound_cli/commands/test.py
-humanbound_cli/commands/upload_logs.py
 humanbound_cli/commands/webhooks.py
-humanbound_cli/connectors/__init__.py
-humanbound_cli/connectors/microsoft.py
 humanbound_cli/engine/__init__.py
 humanbound_cli/engine/bot.py
 humanbound_cli/engine/callbacks.py
@@ -97,6 +93,9 @@ humanbound_cli/extractors/repo.py
 humanbound_cli/pytest_plugin/__init__.py
 humanbound_cli/pytest_plugin/fixtures.py
 humanbound_cli/pytest_plugin/report.py
+humanbound_cli/telemetry/__init__.py
+humanbound_cli/telemetry/client.py
+humanbound_cli/telemetry/consent.py
 humanbound_cli/templates/logo.svg
 humanbound_cli/templates/report_base.html
 humanbound_cli/templates/compliance/banking.yaml

{humanbound-2.0.2 → humanbound-2.0.4}/humanbound.egg-info/requires.txt RENAMED Viewed

@@ -3,8 +3,8 @@ rich>=13.0.0
 requests>=2.32.0
 pyyaml>=6.0.0
 pydantic>=2.0
-msal>=1.31.0
 pyperclip>=1.8.0
+posthog>=3.0
 [dev]
 pytest>=7.0.0
@@ -15,6 +15,7 @@ mypy>=1.11
 build>=1.2
 twine>=5.0
 pre-commit>=3.8
+mkdocs>=1.6
 [engine]
 openai>=1.0.0

{humanbound-2.0.2 → humanbound-2.0.4}/humanbound_cli/client.py RENAMED Viewed

@@ -436,11 +436,21 @@ class HumanboundClient:
         return True
     def logout(self, silent: bool = False) -> None:
-        """Clear stored credentials and logout.
+        """Revoke the server session (if any) and clear stored credentials.
         Args:
             silent: If True, don't print success message (used for cleanup).
         """
+        if self._api_token:
+            try:
+                requests.get(
+                    f"{self.base_url}/logout",
+                    headers={"Authorization": f"Bearer {self._api_token}"},
+                    timeout=DEFAULT_TIMEOUT,
+                )
+            except (requests.ConnectionError, requests.Timeout):
+                pass
         self._auth0_token = None
         self._api_token = None
         self._token_expires_at = None

{humanbound-2.0.2 → humanbound-2.0.4}/humanbound_cli/commands/__init__.py RENAMED Viewed

@@ -23,9 +23,7 @@ from . import (
     projects,
     providers,
     report,
-    sentinel,
     test,
-    upload_logs,
     webhooks,
 )
@@ -50,8 +48,6 @@ __all__ = [
     "api_keys",
     "members",
     "campaigns",
-    "upload_logs",
-    "sentinel",
     "completion",
     "connect",
     "report",

{humanbound-2.0.2 → humanbound-2.0.4}/humanbound_cli/commands/api_keys.py RENAMED Viewed

@@ -10,6 +10,7 @@ from rich.panel import Panel
 from rich.prompt import Confirm
 from rich.table import Table
+from .. import telemetry
 from ..client import HumanboundClient
 from ..exceptions import APIError, NotAuthenticatedError
@@ -38,6 +39,7 @@ def _list_keys(as_json: bool):
     client = HumanboundClient()
     if not client.is_authenticated():
+        telemetry.fire_gated_command_hit()
         console.print("[red]Not authenticated.[/red] Run 'hb login' first.")
         raise SystemExit(1)
@@ -106,6 +108,7 @@ def create_key(name: str, scopes: str):
     client = HumanboundClient()
     if not client.is_authenticated():
+        telemetry.fire_gated_command_hit()
         console.print("[red]Not authenticated.[/red] Run 'hb login' first.")
         raise SystemExit(1)
@@ -152,6 +155,7 @@ def update_key(key_id: str, name: str, scopes: str, active):
     client = HumanboundClient()
     if not client.is_authenticated():
+        telemetry.fire_gated_command_hit()
         console.print("[red]Not authenticated.[/red] Run 'hb login' first.")
         raise SystemExit(1)
@@ -198,6 +202,7 @@ def revoke_key(key_id: str, force: bool):
     client = HumanboundClient()
     if not client.is_authenticated():
+        telemetry.fire_gated_command_hit()
         console.print("[red]Not authenticated.[/red] Run 'hb login' first.")
         raise SystemExit(1)

{humanbound-2.0.2 → humanbound-2.0.4}/humanbound_cli/commands/assessments.py RENAMED Viewed

@@ -9,6 +9,7 @@ from rich.console import Console
 from rich.panel import Panel
 from rich.table import Table
+from .. import telemetry
 from ..client import HumanboundClient
 from ..exceptions import APIError, NotAuthenticatedError
@@ -53,6 +54,7 @@ def assessments_group(ctx, page, size, as_json):
     client = HumanboundClient()
     if not client.is_authenticated():
+        telemetry.fire_gated_command_hit()
         console.print("[red]Not authenticated.[/red] Run 'hb login' first.")
         raise SystemExit(1)
@@ -132,6 +134,7 @@ def show_assessment(assessment_id: str, as_json: bool):
     client = HumanboundClient()
     if not client.is_authenticated():
+        telemetry.fire_gated_command_hit()
         console.print("[red]Not authenticated.[/red] Run 'hb login' first.")
         raise SystemExit(1)

{humanbound-2.0.2 → humanbound-2.0.4}/humanbound_cli/commands/auth.py RENAMED Viewed

@@ -6,6 +6,7 @@ import click
 from rich.console import Console
 from rich.panel import Panel
+from .. import telemetry
 from ..client import HumanboundClient
 from ..config import DEFAULT_BASE_URL
 from ..exceptions import AuthenticationError
@@ -44,6 +45,8 @@ def login(base_url: str, port: int, force: bool):
         console.print("Starting authentication...")
         client.login(callback_port=port)
+        telemetry.identify_from_credentials()
         # Auto-select default organisation and resolve name
         org_display = "not set"
         if client.default_organisation_id:

{humanbound-2.0.2 → humanbound-2.0.4}/humanbound_cli/commands/campaigns.py RENAMED Viewed

@@ -10,6 +10,7 @@ from rich.panel import Panel
 from rich.prompt import Confirm
 from rich.table import Table
+from .. import telemetry
 from ..client import HumanboundClient
 from ..exceptions import APIError, NotAuthenticatedError
@@ -40,6 +41,7 @@ def campaigns_group(ctx, as_json):
     client = HumanboundClient()
     if not client.is_authenticated():
+        telemetry.fire_gated_command_hit()
         console.print("[red]Not authenticated.[/red] Run 'hb login' first.")
         raise SystemExit(1)
@@ -136,6 +138,7 @@ def terminate_campaign(force: bool):
     client = HumanboundClient()
     if not client.is_authenticated():
+        telemetry.fire_gated_command_hit()
         console.print("[red]Not authenticated.[/red] Run 'hb login' first.")
         raise SystemExit(1)

humanbound 2.0.2__tar.gz → 2.0.4__tar.gz

humanbound 2.0.2tar.gz → 2.0.4tar.gz