magic-pocket-cli 0.2.0__tar.gz → 0.2.2__tar.gz

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/PKG-INFO

@@ -1,13 +1,13 @@
 Metadata-Version: 2.4
 Name: magic-pocket-cli
-Version: 0.2.0
+Version: 0.2.2
 Summary: CLI and deploy tools for magic-pocket.
 Requires-Python: >=3.10
 Requires-Dist: awscrt>=0.19.0
 Requires-Dist: click>=8.1.7
 Requires-Dist: deepdiff>=6.7.1
 Requires-Dist: jinja2>=3.1.3
-Requires-Dist: magic-pocket>=0.2.0
+Requires-Dist: magic-pocket>=0.2.2
 Requires-Dist: pathspec>=1.0.4
 Requires-Dist: python-on-whales>=0.68.0
 Requires-Dist: pyyaml>=6.0.1

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/cli/awscontainer_cli.py

@@ -191,7 +191,8 @@ def _resolve_lambda_target_handlers(
     context: Context, handler_name: str | None
 ) -> list[str]:
     """reload-env / status-env の対象 handler を解決する。"""
-    assert context.awscontainer is not None
+    if context.awscontainer is None:
+        raise RuntimeError("awscontainer is not configured")
     handlers = context.awscontainer.handlers
     if handler_name:
         if handler_name not in handlers:
@@ -204,7 +205,8 @@ def _resolve_lambda_target_handlers(
 
 
 def _function_name(context: Context, handler_key: str) -> str:
-    assert context.awscontainer is not None
+    if context.awscontainer is None:
+        raise RuntimeError("awscontainer is not configured")
     # deploy 側 (LambdaHandlerContext.function_name = resource_prefix + key) と同じ
     # 正準名を参照する。slug から再構成すると prefix_template / namespace
     # (既定 `pocket`) を取りこぼすため、handler context の値をそのまま使う。
@@ -306,7 +308,8 @@ def status_env(stage, handler):
             any_drift = True
     if any_drift:
         echo.warning(
-            "drift があります。`pocket resource awscontainer reload-env` で同期できます。"
+            "drift があります。"
+            "`pocket resource awscontainer reload-env` で同期できます。"
         )
     else:
         echo.success("drift なし。Lambda env と secrets は同期されています。")

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/cli/deploy_cli.py

@@ -70,7 +70,8 @@ def get_resources(context: Context, *, state_bucket: str = ""):
 
 
 def _create_state_store(context: Context) -> StateStore:
-    assert context.general
+    if not context.general:
+        raise RuntimeError("general context is not configured")
     resource_prefix = context.general.prefix_template.format(
         stage=context.stage,
         project=context.project_name,

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/cli/destroy_cli.py

@@ -19,7 +19,8 @@ from pocket_cli.resources.vpc import Vpc
 
 
 def _create_state_store(context: Context) -> StateStore:
-    assert context.general
+    if not context.general:
+        raise RuntimeError("general context is not configured")
     resource_prefix = context.general.prefix_template.format(
         stage=context.stage,
         project=context.project_name,

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/cli/neon_cli.py

@@ -53,7 +53,8 @@ def branch_out(stage, base_stage):
     base_neon = get_neon_resource(base_stage)
     if not base_neon.working:
         raise Exception("Base stage is not working")
-    assert base_neon.branch
+    if not base_neon.branch:
+        raise RuntimeError("base stage branch is not resolved")
     neon.create_branch(base_neon.branch)
     echo.success("New branch was created")
 

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/cli/rds_cli.py

@@ -56,7 +56,8 @@ def destroy(stage):
 
 
 def _print_endpoint(r: Rds):
-    assert r.cluster
+    if not r.cluster:
+        raise RuntimeError("RDS cluster is not available")
     echo.success("Endpoint: %s" % r.cluster.get("Endpoint", ""))
     echo.success("Port: %s" % r.cluster.get("Port", ""))
     echo.success("Database: %s" % r.context.database_name)

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/cli/waf_cli.py

@@ -91,7 +91,7 @@ def _detect_self_ipv4() -> str:
     """1 次: AWS checkip、fallback: ipify。/32 を付けた CIDR を返す。"""
     for url in ("https://checkip.amazonaws.com", "https://api.ipify.org"):
         try:
-            with urllib.request.urlopen(url, timeout=5) as r:
+            with urllib.request.urlopen(url, timeout=5) as r:  # noqa: S310 固定 URL (checkip/ipify) + timeout 済
                 ip = r.read().decode("utf-8").strip()
             if ip:
                 return f"{ip}/32"

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/django_cli.py

@@ -189,7 +189,7 @@ def build(stage: str, allow_dirty: bool):
     try:
         tag = get_commit_hash()
     except RuntimeError as e:
-        raise click.ClickException(str(e))
+        raise click.ClickException(str(e)) from e
     context = Context.from_toml(stage=stage)
     target = build_image(context, tag=tag)
     echo.success("built and pushed: %s" % target)
@@ -281,10 +281,10 @@ def upload_collected_staticfiles(stage: str):
     echo.info("Bucket: %s" % s3_bucket_name)
     echo.info("Location: %s" % s3_location)
     echo.info("Uploading static files...")
-    run(
+    run(  # noqa: S602 aws s3 sync を pocket.toml 設定値から構築 (信頼境界内)
         "aws s3 sync %s s3://%s/%s/ --delete"
         % (local_storage["OPTIONS"]["location"], s3_bucket_name, s3_location),
-        shell=True,
+        shell=True,  # nosemgrep
         check=True,
     )
 
@@ -319,7 +319,7 @@ def collectstatic_locally(stage: str):
     set_staticfiles_override_env(local_storage)
     cmd = _build_python_command(["manage.py", "collectstatic", "--noinput"])
     project_dir = _get_project_dir(stage)
-    run(cmd, check=True, cwd=project_dir)
+    run(cmd, check=True, cwd=project_dir)  # noqa: S603 shell=False + 制御された引数
     clear_staticfiles_override_env()
 
 
@@ -409,4 +409,4 @@ def upload(storage, stage, delete, dryrun):
     if dryrun:
         cmd += " --dryrun"
     print(cmd)
-    run(cmd, shell=True, check=True)
+    run(cmd, shell=True, check=True)  # noqa: S602 aws s3 sync を pocket.toml 設定値から構築 (信頼境界内)  # nosemgrep

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/resources/aws/builders/depot.py

@@ -77,7 +77,7 @@ class DepotBuilder:
                 env[key] = value
         if self.project_id:
             env["DEPOT_PROJECT_ID"] = self.project_id
-        subprocess.run(cmd, check=True, env=env)
+        subprocess.run(cmd, check=True, env=env)  # noqa: S603 shell=False + 制御された引数
         print("Depot ビルド完了")
 
     def delete(self) -> None:

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/resources/aws/cloudformation.py

@@ -645,10 +645,14 @@ class ContainerStack(Stack):
         return {}
 
     def _resolve_vpc_zone_count(self) -> int:
-        assert self.context.vpc, "VPC context is required"
+        if not self.context.vpc:
+            raise RuntimeError("VPC context is required")
         vpc_stack = VpcStack(self.context.vpc)
         output = vpc_stack.output
-        assert output, f"VPC stack '{vpc_stack.name}' の output が取得できません"
+        if not output:
+            raise RuntimeError(
+                f"VPC stack '{vpc_stack.name}' の output が取得できません"
+            )
         prefix = vpc_stack.export["private_subnet_"]
         count = 0
         for i in range(1, 20):

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/resources/aws/ecr.py

@@ -110,11 +110,11 @@ class Ecr:
                 repositoryName=self.name,
                 imageIds=[{"imageTag": source_tag}],
             )["images"]
-        except self.client.exceptions.RepositoryNotFoundException:
+        except self.client.exceptions.RepositoryNotFoundException as e:
             raise ValueError(
                 "ECR repository '%s' が存在しません。"
                 "先に `pocket django build` を実行してください。" % self.name
-            )
+            ) from e
         if not images:
             raise ValueError(
                 "image :%s が ECR repository '%s' に存在しません。"

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/resources/aws/efs.py

@@ -123,7 +123,8 @@ class Efs:
     def status(self) -> ResourceStatus:
         if not self.exists():
             return "NOEXIST"
-        assert self.description
+        if not self.description:
+            raise RuntimeError("EFS description is not available")
         if self.description["LifeCycleState"] != "available":
             return "PROGRESS"
         if self.lifecycle_policies != [

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/resources/aws/lambdahandler.py

@@ -79,6 +79,29 @@ class LambdaHandler:
         if wait:
             self.wait_update()
 
+    def get_environment(self) -> dict[str, str]:
+        """Lambda の現状 Environment.Variables を取得する (ImportValue / secret は
+        解決済みの実値が返る)。function 未作成なら空 dict。"""
+        try:
+            config = self.client.get_function_configuration(FunctionName=self.name)
+        except ClientError:
+            return {}
+        return dict(config.get("Environment", {}).get("Variables", {}))
+
+    def update_environment(self, env: dict[str, str], wait=True):
+        """Environment.Variables を side-channel で直接更新する。
+
+        `update()` は update_function_code (code のみ) で Environment を更新しない。
+        deploy 時に CFn を介さず env を同期したい用途 (DEPLOY_HASH 同期 / reload-env)
+        で使う。
+        """
+        self.client.update_function_configuration(
+            FunctionName=self.name, Environment={"Variables": env}
+        )
+        print(f"lambda function {self.name} environment was updated.")
+        if wait:
+            self.wait_update()
+
     def wait_update(self, interval=3, limit=60):
         print(f"waiting lambda fanction {self.name} update.", end="", flush=True)
         for _i in range(limit // interval):

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/resources/awscontainer.py

@@ -232,6 +232,37 @@ class AwsContainer:
         if not self.stack.yaml_synced:
             self.stack.update()
             self.stack.wait_status("COMPLETED", timeout=600, interval=10)
+        self.ensure_post_deploy_state()
+
+    def ensure_post_deploy_state(self, mediator: Mediator | None = None):
+        """deploy 完了後に Lambda env の DEPLOY_HASH を冪等に同期する。
+
+        LambdaHandler.update() は update_function_code (code) のみで Environment を
+        更新しない。Lambda env は CFn stack.update() 経由でしか書き換わらないため、
+        stack が status==COMPLETED / yaml_synced と判定されて update() がスキップ
+        されると DEPLOY_HASH が旧値に固着する。すると Django は古い hash の static
+        URL (/static/<旧hash>/...) を生成する一方、CloudFront の deploy_hash 関数は
+        毎 deploy 追従するため、静的アセットが全滅する (403)。
+
+        cloudfront の KVS 書き込みと同じ philosophy で、deploy フロー末尾で stack
+        状態によらず side-channel で冪等に同期する (reload-env / waf ip と同様)。
+        deploy_resources の post-deploy hook からも呼ばれるため、wait_status が
+        timeout して次 deploy で update() がスキップされた場合でも自己治癒する。
+        """
+        deploy_hash = self.context.envs.get("DEPLOY_HASH")
+        if not deploy_hash:
+            return
+        for key, handler in self.handlers.items():
+            if handler.status == "NOEXIST":
+                continue
+            current = handler.get_environment()
+            if current.get("DEPLOY_HASH") == deploy_hash:
+                continue
+            echo.log(
+                "[%s] Lambda env DEPLOY_HASH を同期します (%s → %s)"
+                % (key, current.get("DEPLOY_HASH"), deploy_hash)
+            )
+            handler.update_environment({**current, "DEPLOY_HASH": deploy_hash})
 
     def get_host(self, key: str):
         handler = self.handlers[key]

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/resources/cloudfront.py

@@ -204,7 +204,9 @@ class CloudFront:
             if route.build and not skip_build:
                 echo.info("ビルド実行: %s" % route.build)
                 try:
-                    subprocess.run(route.build, shell=True, check=True)
+                    # route.build は pocket.toml の build コマンド (設定者 =
+                    # デプロイ実行者)。意図的な shell 実行のため S602 / semgrep を抑制。
+                    subprocess.run(route.build, shell=True, check=True)  # noqa: S602  # nosemgrep
                 except subprocess.CalledProcessError as e:
                     echo.danger(
                         "build コマンドが失敗しました (exit %d): %s"
@@ -224,7 +226,8 @@ class CloudFront:
 
     def _upload_route(self, route: RouteContext):
         s3_prefix = (route.origin_path + route.path_pattern.rstrip("/*")).lstrip("/")
-        assert route.build_dir
+        if not route.build_dir:
+            raise RuntimeError("route.build_dir is not set")
         local_dir = Path(route.build_dir)
         uploaded_keys: set[str] = set()
         for file in local_dir.rglob("*"):
@@ -338,7 +341,8 @@ class CloudFront:
     def _ensure_redirect_from_website(self):
         if not self.context.redirect_from:
             return
-        assert self.context.domain, "domain is required when redirect_from is set"
+        if not self.context.domain:
+            raise RuntimeError("domain is required when redirect_from is set")
         for redirect_from in self.context.redirect_from:
             self.s3_client.put_bucket_website(
                 Bucket=redirect_from.domain,

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/resources/cloudfront_waf.py

@@ -45,7 +45,8 @@ class CloudFrontWaf:
         echo.log("WAF (IPSet + WebACL) を作成中 (us-east-1)...")
         self.stack.create()
         self.stack.wait_status("COMPLETED", timeout=300, interval=10)
-        assert self.context.waf is not None
+        if self.context.waf is None:
+            raise RuntimeError("waf context is not configured")
         if self.context.waf.enable_ip_set:
             echo.info(
                 "WAF を作成しました。`pocket waf ip add self --name %s --stage %s` "

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/resources/neon.py

@@ -80,7 +80,7 @@ class NeonApi:
 
     def get(self, path):
         logger.info("GET %s" % self.endpoint + path)
-        res = requests.get(self.endpoint + path, headers=self.header)
+        res = requests.get(self.endpoint + path, headers=self.header, timeout=30)
         logger.debug(res.status_code)
         logger.debug(json.dumps(res.json(), indent=2))
         if 200 <= res.status_code < 300:
@@ -95,7 +95,9 @@ class NeonApi:
     def post(self, path, data=None):
         logger.warning("POST %s" % self.endpoint + path)
         logger.debug(json.dumps(data, indent=2))
-        res = requests.post(self.endpoint + path, headers=self.header, json=data)
+        res = requests.post(
+            self.endpoint + path, headers=self.header, json=data, timeout=30
+        )
         logger.debug(res.status_code)
         logger.debug(json.dumps(res.json(), indent=2))
         if 200 <= res.status_code < 300:
@@ -109,7 +111,9 @@ class NeonApi:
     def delete(self, path, data=None):
         logger.warning("DELETE %s" % self.endpoint + path)
         logger.debug(json.dumps(data, indent=2))
-        res = requests.delete(self.endpoint + path, headers=self.header, json=data)
+        res = requests.delete(
+            self.endpoint + path, headers=self.header, json=data, timeout=30
+        )
         logger.debug(res.status_code)
         logger.debug(json.dumps(res.json(), indent=2))
         if 200 <= res.status_code < 300:
@@ -192,7 +196,9 @@ class Neon:
         組織キー: GET /projects で一覧取得し name で検索。
         プロジェクトスコープキー: エラーから project_id を取得し直接アクセス。
         """
-        res = requests.get(self.api.endpoint + "projects", headers=self.api.header)
+        res = requests.get(
+            self.api.endpoint + "projects", headers=self.api.header, timeout=30
+        )
         if 200 <= res.status_code < 300:
             for p in res.json().get("projects", []):
                 if p["name"] == self.context.project_name:

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/resources/rds.py

@@ -106,9 +106,9 @@ class Rds:
 
     @property
     def master_user_secret_arn(self) -> str | None:
-        if self.context.password_strategy == "static":
+        if self.context.password_strategy == "static":  # noqa: S105 戦略名/保存先種別であって secret 値ではない
             # secret_store=ssm の場合は Secrets Manager に secret を作らない。
-            if self.context.secret_store != "sm":
+            if self.context.secret_store != "sm":  # noqa: S105 戦略名/保存先種別であって secret 値ではない
                 return None
             return self._static_secret["ARN"] if self._static_secret else None
         if self.cluster and "MasterUserSecret" in self.cluster:
@@ -118,8 +118,8 @@ class Rds:
     @property
     def static_ssm_param_name(self) -> str | None:
         """static + secret_store=ssm のとき、認証情報を保存する SSM パラメータ名。"""
-        if self.context.password_strategy == "static" and (
-            self.context.secret_store == "ssm"
+        if self.context.password_strategy == "static" and (  # noqa: S105 戦略名/保存先種別であって secret 値ではない
+            self.context.secret_store == "ssm"  # noqa: S105 戦略名/保存先種別であって secret 値ではない
         ):
             return self.context.credentials_secret_name
         return None
@@ -128,7 +128,7 @@ class Rds:
     def master_user_secret_kms_key_id(self) -> str | None:
         # static は既定の aws/secretsmanager キーで暗号化するため、
         # secretsmanager:GetSecretValue のみで復号でき KMS の明示付与は不要。
-        if self.context.password_strategy == "static":
+        if self.context.password_strategy == "static":  # noqa: S105 戦略名/保存先種別であって secret 値ではない
             return None
         if self.cluster and "MasterUserSecret" in self.cluster:
             return self.cluster["MasterUserSecret"].get("KmsKeyId")
@@ -206,7 +206,7 @@ class Rds:
 
         不一致なら status が REQUIRE_UPDATE を返し、update() が移行する。
         """
-        if self.context.password_strategy == "aws-managed":
+        if self.context.password_strategy == "aws-managed":  # noqa: S105 戦略名/保存先種別であって secret 値ではない
             return self._actual_is_managed()
         # 望む = static
         if self._actual_is_managed():
@@ -215,13 +215,16 @@ class Rds:
         return self._store_has_credential(self.context.secret_store)
 
     def _get_vpc_stack(self) -> VpcStack:
+        if not self.context.vpc:
+            raise RuntimeError("vpc context is not configured")
         return VpcStack(self.context.vpc)
 
     def _get_vpc_subnet_ids(self) -> list[str]:
         vpc_stack = self._get_vpc_stack()
         output = vpc_stack.output
         export = vpc_stack.export
-        assert output, "VPC stack output is not available"
+        if not output:
+            raise RuntimeError("VPC stack output is not available")
         prefix = export["private_subnet_"]
         subnet_ids = []
         for i in range(1, 20):
@@ -230,14 +233,16 @@ class Rds:
                 subnet_ids.append(output[key])
             else:
                 break
-        assert subnet_ids, "No private subnets found in VPC stack"
+        if not subnet_ids:
+            raise RuntimeError("No private subnets found in VPC stack")
         return subnet_ids
 
     def _get_vpc_id(self) -> str:
         vpc_stack = self._get_vpc_stack()
         output = vpc_stack.output
         export = vpc_stack.export
-        assert output, "VPC stack output is not available"
+        if not output:
+            raise RuntimeError("VPC stack output is not available")
         return output[export["vpc_id"]]
 
     def state_info(self):
@@ -260,7 +265,8 @@ class Rds:
     def deploy_init(self):
         if not self.context.managed:
             return
-        assert self.context.vpc
+        if not self.context.vpc:
+            raise RuntimeError("vpc context is not configured")
         vpc_stack = Vpc(self.context.vpc).stack
         if not self.context.vpc.manage:
             if vpc_stack.status == "NOEXIST":
@@ -272,6 +278,8 @@ class Rds:
 
     def create(self):
         # VPC スタックの完了を待つ
+        if not self.context.vpc:
+            raise RuntimeError("vpc context is not configured")
         if self.context.vpc.manage:
             Vpc(self.context.vpc).stack.wait_status("COMPLETED")
         subnet_ids = self._get_vpc_subnet_ids()
@@ -305,7 +313,7 @@ class Rds:
         )
         sg_id = sg_res["GroupId"]
 
-        static = self.context.password_strategy == "static"
+        static = self.context.password_strategy == "static"  # noqa: S105 戦略名/保存先種別であって secret 値ではない
         # static の場合、ここで設定した平文パスワードを後段で secret に保存する。
         password: str | None = None
 
@@ -398,7 +406,8 @@ class Rds:
         # この secret を MasterUserSecret 相当として Lambda へ渡すため、ローテーション
         # 用 Lambda は付けない (= 自動ローテーションしない)。
         if static:
-            assert password is not None
+            if password is None:
+                raise RuntimeError("password must be set for static credentials")
             self._store_static_credentials(password)
 
         echo.success("Aurora cluster is now available.")
@@ -497,7 +506,7 @@ class Rds:
 
     def _migrate_password(self) -> None:
         """クラスタを望む password_strategy / secret_store に合わせて移行する。"""
-        if self.context.password_strategy == "aws-managed":
+        if self.context.password_strategy == "aws-managed":  # noqa: S105 戦略名/保存先種別であって secret 値ではない
             self._migrate_to_managed()
         else:
             self._migrate_to_static()
@@ -533,7 +542,7 @@ class Rds:
             echo.success("Master password is now pocket-managed (static).")
             return
         # クラスタは既に static。store 変更 (sm⇄ssm) を試みる (パスワード変更なし)。
-        other = "sm" if self.context.secret_store == "ssm" else "ssm"
+        other = "sm" if self.context.secret_store == "ssm" else "ssm"  # noqa: S105 戦略名/保存先種別であって secret 値ではない
         existing = self._read_credential_from_store(other)
         if existing is not None:
             echo.log(
@@ -601,7 +610,7 @@ class Rds:
                 raise
 
         # 5. static: pocket 所有の認証情報を store から削除
-        if self.context.password_strategy == "static":
+        if self.context.password_strategy == "static":  # noqa: S105 戦略名/保存先種別であって secret 値ではない
             self._delete_static_credentials()
 
     def _delete_static_credentials(self) -> None:

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/resources/tidb.py

@@ -53,7 +53,7 @@ class TiDbApi:
         logger.info("%s %s" % (method, url))
         if data:
             logger.debug(json.dumps(data, indent=2))
-        res = requests.request(method, url, auth=self.auth, json=data)
+        res = requests.request(method, url, auth=self.auth, json=data, timeout=30)
         logger.debug(res.status_code)
         logger.debug(json.dumps(res.json(), indent=2))
         if 200 <= res.status_code < 300:
@@ -226,7 +226,7 @@ class TiDb:
                 "public": {
                     "authorizedNetworks": [
                         {
-                            "startIpAddress": "0.0.0.0",
+                            "startIpAddress": "0.0.0.0",  # noqa: S104 TiDB 許可ネットワークの設定値 (socket bind ではない)
                             "endIpAddress": "255.255.255.255",
                             "displayName": "Allow all",
                         }

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pocket_cli/resources/upstash.py

@@ -34,19 +34,21 @@ class UpstashApi:
         self.auth = (email, api_key)
 
     def get(self, path: str) -> requests.Response:
-        res = requests.get(f"{self.base_url}/{path}", auth=self.auth)
+        res = requests.get(f"{self.base_url}/{path}", auth=self.auth, timeout=30)
         if 200 <= res.status_code < 300:
             return res
         raise RuntimeError("Upstash API error: %s %s" % (res.status_code, res.text))
 
     def post(self, path: str, data: dict) -> requests.Response:
-        res = requests.post(f"{self.base_url}/{path}", auth=self.auth, json=data)
+        res = requests.post(
+            f"{self.base_url}/{path}", auth=self.auth, json=data, timeout=30
+        )
         if 200 <= res.status_code < 300:
             return res
         raise RuntimeError("Upstash API error: %s %s" % (res.status_code, res.text))
 
     def delete(self, path: str) -> requests.Response:
-        res = requests.delete(f"{self.base_url}/{path}", auth=self.auth)
+        res = requests.delete(f"{self.base_url}/{path}", auth=self.auth, timeout=30)
         if 200 <= res.status_code < 300:
             return res
         raise RuntimeError("Upstash API error: %s %s" % (res.status_code, res.text))

{magic_pocket_cli-0.2.0 → magic_pocket_cli-0.2.2}/pyproject.toml

@@ -1,10 +1,10 @@
 [project]
 name = "magic-pocket-cli"
-version = "0.2.0"
+version = "0.2.2"
 description = "CLI and deploy tools for magic-pocket."
 requires-python = ">=3.10"
 dependencies = [
-    "magic-pocket>=0.2.0",
+    "magic-pocket>=0.2.2",
     "click>=8.1.7",
     "jinja2>=3.1.3",
     "python-on-whales>=0.68.0",