PyPI - powerbase-cli - Versions diffs - 0.1.5__tar.gz → 0.2.0__tar.gz - Mend

powerbase-cli 0.1.5tar.gz → 0.2.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: powerbase-cli
-Version: 0.1.5
+Version: 0.2.0
 Summary: CLI for operating Powerbase console workflows
 Author: Powerbase
 Requires-Python: >=3.11
@@ -41,10 +41,12 @@ Database model:
 Install from PyPI:
 ```bash
-python -m pip install powerbase-cli
+python -m pip install --upgrade powerbase-cli==0.2.0
 powerbase --help
 ```
+Version `0.2.x` is the production-pinned release line and always targets `https://console.appbuild.chat`.
 From the repository root during development:
 ```bash
@@ -121,7 +123,7 @@ powerbase auth token-set \
   --expires-at 1760000000
 ```
-Use `--base-url` or `--anon-key` here only when you intentionally want to override the built-in deployment defaults.
+The CLI is pinned to the production Powerbase console deployment and no longer exposes endpoint override flags.
 ### Check Auth State

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/README.md RENAMED Viewed

@@ -33,10 +33,12 @@ Database model:
 Install from PyPI:
 ```bash
-python -m pip install powerbase-cli
+python -m pip install --upgrade powerbase-cli==0.2.0
 powerbase --help
 ```
+Version `0.2.x` is the production-pinned release line and always targets `https://console.appbuild.chat`.
 From the repository root during development:
 ```bash
@@ -113,7 +115,7 @@ powerbase auth token-set \
   --expires-at 1760000000
 ```
-Use `--base-url` or `--anon-key` here only when you intentionally want to override the built-in deployment defaults.
+The CLI is pinned to the production Powerbase console deployment and no longer exposes endpoint override flags.
 ### Check Auth State

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "powerbase-cli"
-version = "0.1.5"
+version = "0.2.0"
 description = "CLI for operating Powerbase console workflows"
 readme = "README.md"
 requires-python = ">=3.11"
@@ -17,8 +17,5 @@ powerbase = "powerbase_cli.cli:main"
 [tool.setuptools]
 package-dir = { "" = "src" }
-[tool.setuptools.package-data]
-powerbase_cli = ["certs/*.pem"]
 [tool.setuptools.packages.find]
 where = ["src"]

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/src/powerbase_cli/__init__.py RENAMED Viewed

@@ -2,4 +2,4 @@
 __all__ = ["__version__"]
-__version__ = "0.1.0"
+__version__ = "0.2.0"

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/src/powerbase_cli/commands/parser.py RENAMED Viewed

@@ -19,10 +19,6 @@ from .sql import register_sql_commands
 GLOBAL_OPTION_ARITY = {
     "--config-dir": 1,
-    "--base-url": 1,
-    "--anon-key": 1,
-    "--ca-cert": 1,
-    "--insecure": 0,
     "--json": 0,
 }
@@ -74,18 +70,6 @@ def build_parser() -> argparse.ArgumentParser:
         ),
     )
     parser.add_argument("--config-dir", help="Override the config directory. Defaults to ~/.config/powerbase.")
-    parser.add_argument("--base-url", help="Console base URL. Overrides the built-in default console endpoint.")
-    parser.add_argument("--anon-key", help="Supabase anon key used for functions and auth requests. Overrides the built-in default.")
-    parser.add_argument(
-        "--ca-cert",
-        dest="ca_cert_file",
-        help="Path to a CA certificate PEM file to trust for HTTPS requests.",
-    )
-    parser.add_argument(
-        "--insecure",
-        action="store_true",
-        help="Disable TLS certificate verification for HTTPS requests. Use only for testing with self-signed certs.",
-    )
     parser.add_argument("--json", action="store_true", help="Print JSON output.")
     subparsers = parser.add_subparsers(dest="command")

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/src/powerbase_cli/commands/shared.py RENAMED Viewed

@@ -8,7 +8,6 @@ from typing import Any
 from ..api import PowerbaseApi
 from ..config import (
-    BUNDLED_CA_CERT_SENTINEL,
     DEFAULT_ANON_KEY,
     DEFAULT_BASE_URL,
     AppConfig,
@@ -16,8 +15,6 @@ from ..config import (
     AuthState,
     ConfigStore,
     ContextState,
-    load_bundled_ca_cert,
-    merge_config_with_env,
     merge_context_with_env,
 )
 from ..session import SessionManager
@@ -33,18 +30,11 @@ def build_store(args: argparse.Namespace) -> ConfigStore:
 def resolve_config(args: argparse.Namespace, store: ConfigStore) -> AppConfig:
-    config = merge_config_with_env(store.load_config())
-    saved_auth = store.load_auth()
-    explicit_ca_cert_file = getattr(args, "ca_cert_file", None) or config.ca_cert_file
+    config = store.load_config()
     return AppConfig(
-        base_url=args.base_url or config.base_url or (saved_auth.base_url if saved_auth else None) or DEFAULT_BASE_URL,
-        anon_key=args.anon_key or config.anon_key or (saved_auth.anon_key if saved_auth else None) or DEFAULT_ANON_KEY,
+        base_url=DEFAULT_BASE_URL,
+        anon_key=DEFAULT_ANON_KEY,
         output="json" if args.json else config.output,
-        tls_insecure=bool(getattr(args, "insecure", False) or config.tls_insecure),
-        # Keep explicit CA settings first. The bundled test CA is only the final fallback for the
-        # current self-signed test environment and should be removed once the deployment uses a
-        # publicly trusted certificate.
-        ca_cert_file=explicit_ca_cert_file or (BUNDLED_CA_CERT_SENTINEL if load_bundled_ca_cert() else None),
     )
@@ -60,8 +50,6 @@ def build_api(args: argparse.Namespace) -> tuple[ConfigStore, AppConfig, Context
         store,
         config.base_url,
         config.anon_key,
-        tls_insecure=config.tls_insecure,
-        ca_cert_file=config.ca_cert_file,
     )
     api = PowerbaseApi(PowerbaseTransport(config, session_manager))
     return store, config, context, session_manager, api

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/src/powerbase_cli/config.py RENAMED Viewed

@@ -1,6 +1,5 @@
 from __future__ import annotations
-import importlib.resources
 import json
 import os
 from dataclasses import asdict, dataclass
@@ -12,13 +11,8 @@ try:
 except ModuleNotFoundError:  # pragma: no cover
     tomllib = None  # type: ignore[assignment]
-DEFAULT_BASE_URL = "https://console.6.12.235.165.nip.io"
+DEFAULT_BASE_URL = "https://console.appbuild.chat"
 DEFAULT_ANON_KEY = "reallyreallyreallyreallyverysafe"
-# This bundled CA is only for the self-signed test deployment so `pip install powerbase-cli`
-# can work out of the box. Remove it after the deployed console switches to a publicly trusted
-# TLS certificate, then delete the bundled PEM file and its package-data entry as well.
-BUNDLED_CA_CERT_SENTINEL = "<bundled test CA>"
-BUNDLED_CA_CERT_RESOURCE = "certs/powerbase-test-ca.pem"
 def default_config_dir() -> Path:
@@ -33,8 +27,6 @@ class AppConfig:
     base_url: str | None = DEFAULT_BASE_URL
     anon_key: str | None = DEFAULT_ANON_KEY
     output: str = "text"
-    tls_insecure: bool = False
-    ca_cert_file: str | None = None
 @dataclass
@@ -69,26 +61,6 @@ def _as_path(path: str | Path | None) -> Path:
     return Path(path).expanduser()
-def env_flag(name: str) -> bool:
-    value = os.environ.get(name)
-    if value is None:
-        return False
-    return value.strip().lower() in {"1", "true", "yes", "on"}
-def load_bundled_ca_cert() -> str | None:
-    # The PEM contents are loaded at runtime so test builds can trust the packaged self-signed CA
-    # without asking end users to pass `--ca-cert`. Once the server uses a trusted certificate,
-    # this helper and its callers can be removed.
-    try:
-        resource = importlib.resources.files("powerbase_cli").joinpath(BUNDLED_CA_CERT_RESOURCE)
-        if not resource.is_file():
-            return None
-        return resource.read_text(encoding="utf-8")
-    except (FileNotFoundError, ModuleNotFoundError):
-        return None
 class ConfigStore:
     def __init__(self, base_dir: str | Path | None = None) -> None:
         self.base_dir = _as_path(base_dir)
@@ -101,31 +73,19 @@ class ConfigStore:
     def load_config(self) -> AppConfig:
         if not self.config_path.exists():
-            return AppConfig(base_url=None, anon_key=None)
+            return AppConfig()
         if tomllib is None:
             raise RuntimeError("tomllib is required to read config.toml")
         data = tomllib.loads(self.config_path.read_text(encoding="utf-8"))
         return AppConfig(
-            base_url=data.get("base_url"),
-            anon_key=data.get("anon_key"),
             output=data.get("output", "text"),
-            tls_insecure=bool(data.get("tls_insecure", False)),
-            ca_cert_file=data.get("ca_cert_file"),
         )
     def save_config(self, config: AppConfig) -> None:
         self.ensure_base_dir()
         lines = []
-        if config.base_url and config.base_url != DEFAULT_BASE_URL:
-            lines.append(f'base_url = "{config.base_url}"')
-        if config.anon_key and config.anon_key != DEFAULT_ANON_KEY:
-            lines.append(f'anon_key = "{config.anon_key}"')
         if config.output:
             lines.append(f'output = "{config.output}"')
-        if config.tls_insecure:
-            lines.append("tls_insecure = true")
-        if config.ca_cert_file:
-            lines.append(f'ca_cert_file = "{config.ca_cert_file}"')
         self.config_path.write_text("\n".join(lines) + ("\n" if lines else ""), encoding="utf-8")
     def load_auth(self) -> AuthState | None:
@@ -210,8 +170,8 @@ def env_auth_state() -> AuthState | None:
     expires_at = int(expires_at_raw) if expires_at_raw and expires_at_raw.isdigit() else None
     return AuthState(
         source="env",
-        base_url=os.environ.get("POWERBASE_BASE_URL"),
-        anon_key=os.environ.get("POWERBASE_ANON_KEY"),
+        base_url=DEFAULT_BASE_URL,
+        anon_key=DEFAULT_ANON_KEY,
         session=AuthSession(
             access_token=access_token,
             refresh_token=refresh_token,
@@ -220,16 +180,6 @@ def env_auth_state() -> AuthState | None:
     )
-def merge_config_with_env(config: AppConfig) -> AppConfig:
-    return AppConfig(
-        base_url=os.environ.get("POWERBASE_BASE_URL") or config.base_url,
-        anon_key=os.environ.get("POWERBASE_ANON_KEY") or config.anon_key,
-        output=os.environ.get("POWERBASE_OUTPUT") or config.output,
-        tls_insecure=env_flag("POWERBASE_TLS_INSECURE") or config.tls_insecure,
-        ca_cert_file=os.environ.get("POWERBASE_CA_CERT_FILE") or config.ca_cert_file,
-    )
 def merge_context_with_env(context: ContextState) -> ContextState:
     return ContextState(
         instance_id=os.environ.get("POWERBASE_INSTANCE_ID") or context.instance_id,

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/src/powerbase_cli/session.py RENAMED Viewed

@@ -11,7 +11,7 @@ from typing import Iterator
 from urllib import request
 from urllib.error import HTTPError, URLError
-from .config import BUNDLED_CA_CERT_SENTINEL, AuthState, ConfigStore, env_auth_state, load_bundled_ca_cert
+from .config import AuthState, ConfigStore, env_auth_state
 try:
     import fcntl
@@ -29,15 +29,10 @@ class SessionManager:
         store: ConfigStore,
         base_url: str | None,
         anon_key: str | None,
-        *,
-        tls_insecure: bool = False,
-        ca_cert_file: str | None = None,
     ) -> None:
         self.store = store
         self.base_url = base_url
         self.anon_key = anon_key
-        self.tls_insecure = tls_insecure
-        self.ca_cert_file = ca_cert_file
     def _login_guidance(self) -> str:
         return (
@@ -47,20 +42,6 @@ class SessionManager:
         )
     def _urlopen(self, req: request.Request):
-        if self.tls_insecure:
-            context = ssl.create_default_context()
-            context.check_hostname = False
-            context.verify_mode = ssl.CERT_NONE
-            return request.urlopen(req, context=context)
-        if self.ca_cert_file:
-            if self.ca_cert_file == BUNDLED_CA_CERT_SENTINEL:
-                bundled_ca_cert = load_bundled_ca_cert()
-                if not bundled_ca_cert:
-                    raise SessionError("Bundled test CA certificate is unavailable.")
-                context = ssl.create_default_context(cadata=bundled_ca_cert)
-            else:
-                context = ssl.create_default_context(cafile=self.ca_cert_file)
-            return request.urlopen(req, context=context)
         return request.urlopen(req)
     def get_auth_state(self) -> AuthState | None:

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/src/powerbase_cli/transport.py RENAMED Viewed

@@ -7,7 +7,7 @@ from typing import Any
 from urllib import request
 from urllib.error import HTTPError, URLError
-from .config import BUNDLED_CA_CERT_SENTINEL, AppConfig, load_bundled_ca_cert
+from .config import AppConfig
 from .session import SessionError, SessionManager
@@ -35,20 +35,6 @@ class PowerbaseTransport:
         )
     def _urlopen(self, req: request.Request):
-        if self.config.tls_insecure:
-            context = ssl.create_default_context()
-            context.check_hostname = False
-            context.verify_mode = ssl.CERT_NONE
-            return request.urlopen(req, context=context)
-        if self.config.ca_cert_file:
-            if self.config.ca_cert_file == BUNDLED_CA_CERT_SENTINEL:
-                bundled_ca_cert = load_bundled_ca_cert()
-                if not bundled_ca_cert:
-                    raise ApiError("Bundled test CA certificate is unavailable.")
-                context = ssl.create_default_context(cadata=bundled_ca_cert)
-            else:
-                context = ssl.create_default_context(cafile=self.config.ca_cert_file)
-            return request.urlopen(req, context=context)
         return request.urlopen(req)
     def _build_headers(

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/src/powerbase_cli.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: powerbase-cli
-Version: 0.1.5
+Version: 0.2.0
 Summary: CLI for operating Powerbase console workflows
 Author: Powerbase
 Requires-Python: >=3.11
@@ -41,10 +41,12 @@ Database model:
 Install from PyPI:
 ```bash
-python -m pip install powerbase-cli
+python -m pip install --upgrade powerbase-cli==0.2.0
 powerbase --help
 ```
+Version `0.2.x` is the production-pinned release line and always targets `https://console.appbuild.chat`.
 From the repository root during development:
 ```bash
@@ -121,7 +123,7 @@ powerbase auth token-set \
   --expires-at 1760000000
 ```
-Use `--base-url` or `--anon-key` here only when you intentionally want to override the built-in deployment defaults.
+The CLI is pinned to the production Powerbase console deployment and no longer exposes endpoint override flags.
 ### Check Auth State

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/src/powerbase_cli.egg-info/SOURCES.txt RENAMED Viewed

@@ -12,7 +12,6 @@ src/powerbase_cli.egg-info/SOURCES.txt
 src/powerbase_cli.egg-info/dependency_links.txt
 src/powerbase_cli.egg-info/entry_points.txt
 src/powerbase_cli.egg-info/top_level.txt
-src/powerbase_cli/certs/powerbase-test-ca.pem
 src/powerbase_cli/commands/__init__.py
 src/powerbase_cli/commands/agent.py
 src/powerbase_cli/commands/auth.py

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/tests/test_cli_commands.py RENAMED Viewed

@@ -16,7 +16,6 @@ from powerbase_cli.commands.auth import handle_auth_wait as auth_handle_auth_wai
 from powerbase_cli.commands.agent import handle_agent_chat as agent_handle_agent_chat
 from powerbase_cli.commands.shared import resolve_config as shared_resolve_config
 from powerbase_cli.config import (
-    BUNDLED_CA_CERT_SENTINEL,
     AppConfig,
     AuthSession,
     AuthState,
@@ -82,20 +81,12 @@ class CliCommandTests(unittest.TestCase):
     def test_resolve_config_falls_back_to_builtin_service_defaults(self) -> None:
         with tempfile.TemporaryDirectory() as temp_dir:
             store = ConfigStore(Path(temp_dir))
-            args = Namespace(
-                config_dir=temp_dir,
-                base_url=None,
-                anon_key=None,
-                json=False,
-                insecure=False,
-                ca_cert_file=None,
-            )
+            args = Namespace(config_dir=temp_dir, json=False)
             resolved = shared_resolve_config(args, store)
             self.assertEqual(resolved.base_url, DEFAULT_BASE_URL)
             self.assertEqual(resolved.anon_key, DEFAULT_ANON_KEY)
-            self.assertEqual(resolved.ca_cert_file, BUNDLED_CA_CERT_SENTINEL)
-    def test_resolve_config_falls_back_to_saved_auth_values(self) -> None:
+    def test_resolve_config_ignores_saved_auth_endpoint_overrides(self) -> None:
         with tempfile.TemporaryDirectory() as temp_dir:
             store = ConfigStore(Path(temp_dir))
             store.save_auth(
@@ -106,10 +97,10 @@ class CliCommandTests(unittest.TestCase):
                     session=AuthSession(access_token="token"),
                 )
             )
-            args = Namespace(config_dir=temp_dir, base_url=None, anon_key=None, json=False, insecure=False, ca_cert_file=None)
+            args = Namespace(config_dir=temp_dir, json=False)
             resolved = shared_resolve_config(args, store)
-            self.assertEqual(resolved.base_url, "https://console.example.com")
-            self.assertEqual(resolved.anon_key, "anon")
+            self.assertEqual(resolved.base_url, DEFAULT_BASE_URL)
+            self.assertEqual(resolved.anon_key, DEFAULT_ANON_KEY)
     def test_auth_login_saves_polled_session(self) -> None:
         with tempfile.TemporaryDirectory() as temp_dir:
@@ -117,12 +108,9 @@ class CliCommandTests(unittest.TestCase):
             config = AppConfig(base_url="https://console.example.com", anon_key="anon")
             args = Namespace(
                 config_dir=temp_dir,
-                base_url=None,
-                anon_key=None,
                 json=True,
                 login_timeout=300,
                 login_id="login-1",
-                insecure=False,
             )
             with mock.patch("powerbase_cli.commands.auth.build_api", return_value=(store, config, None, None, FakeApi())):
@@ -142,10 +130,7 @@ class CliCommandTests(unittest.TestCase):
             config = AppConfig(base_url="https://console.example.com", anon_key="anon")
             args = Namespace(
                 config_dir=temp_dir,
-                base_url=None,
-                anon_key=None,
                 json=True,
-                insecure=False,
             )
             with mock.patch("powerbase_cli.commands.auth.build_api", return_value=(store, config, None, None, FakeApiStartOnly())):
@@ -175,12 +160,9 @@ class CliCommandTests(unittest.TestCase):
             config = AppConfig(base_url="https://console.example.com", anon_key="anon")
             args = Namespace(
                 config_dir=temp_dir,
-                base_url=None,
-                anon_key=None,
                 json=False,
                 login_timeout=5,
                 login_id="login-pending",
-                insecure=False,
             )
             with mock.patch("powerbase_cli.commands.auth.build_api", return_value=(store, config, None, None, FakeApiPending())):
@@ -197,10 +179,7 @@ class CliCommandTests(unittest.TestCase):
     def test_agent_chat_streams_jsonl(self) -> None:
         args = Namespace(
             config_dir=None,
-            base_url=None,
-            anon_key=None,
             json=False,
-            insecure=False,
             instance_id="inst-1",
             provider="cursor",
             session_id="sess-1",

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/tests/test_cli_help.py RENAMED Viewed

@@ -21,8 +21,8 @@ class CliHelpTests(unittest.TestCase):
         self.assertIn("Operate Powerbase console workflows", help_text)
         self.assertIn("agent-driven development", help_text)
         self.assertIn("default implementation interface", help_text)
-        self.assertIn("--insecure", help_text)
-        self.assertIn("--ca-cert", help_text)
+        self.assertIn("--config-dir", help_text)
+        self.assertIn("--json", help_text)
     def test_auth_login_help_mentions_wait_follow_up(self) -> None:
         parser = build_parser()
@@ -142,8 +142,8 @@ class CliHelpTests(unittest.TestCase):
         self.assertIn("release", help_text)
     def test_normalize_global_argv_moves_root_flags_forward(self) -> None:
-        normalized = normalize_global_argv(["auth", "status", "--json", "--config-dir", "/tmp/pb", "--insecure"])
-        self.assertEqual(normalized, ["--json", "--config-dir", "/tmp/pb", "--insecure", "auth", "status"])
+        normalized = normalize_global_argv(["auth", "status", "--json", "--config-dir", "/tmp/pb"])
+        self.assertEqual(normalized, ["--json", "--config-dir", "/tmp/pb", "auth", "status"])
     def test_main_normalizes_sys_argv_when_called_without_explicit_args(self) -> None:
         with mock.patch.object(sys, "argv", ["powerbase", "auth", "status", "--json"]):

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/tests/test_config.py RENAMED Viewed

@@ -17,18 +17,11 @@ from powerbase_cli.config import (
     AuthState,
     ConfigStore,
     ContextState,
-    load_bundled_ca_cert,
-    merge_config_with_env,
     merge_context_with_env,
 )
 class ConfigStoreTests(unittest.TestCase):
-    def test_load_bundled_ca_cert_returns_pem(self) -> None:
-        cert_pem = load_bundled_ca_cert()
-        assert cert_pem is not None
-        self.assertIn("BEGIN CERTIFICATE", cert_pem)
     def test_app_config_uses_builtin_service_defaults(self) -> None:
         config = AppConfig()
         self.assertEqual(config.base_url, DEFAULT_BASE_URL)
@@ -76,18 +69,11 @@ class ConfigStoreTests(unittest.TestCase):
             self.assertEqual(loaded.org_id, "o1")
             self.assertEqual(loaded.branch, "main")
-    def test_merge_env_overrides(self) -> None:
+    def test_merge_context_env_overrides(self) -> None:
         old = dict(os.environ)
         try:
-            os.environ["POWERBASE_BASE_URL"] = "https://env.example.com"
             os.environ["POWERBASE_INSTANCE_ID"] = "env-instance"
-            os.environ["POWERBASE_TLS_INSECURE"] = "true"
-            os.environ["POWERBASE_CA_CERT_FILE"] = "/tmp/test-ca.pem"
-            merged_config = merge_config_with_env(AppConfig(base_url="https://file.example.com", anon_key="a"))
             merged_context = merge_context_with_env(ContextState(instance_id="file-instance", branch="main"))
-            self.assertEqual(merged_config.base_url, "https://env.example.com")
-            self.assertTrue(merged_config.tls_insecure)
-            self.assertEqual(merged_config.ca_cert_file, "/tmp/test-ca.pem")
             self.assertEqual(merged_context.instance_id, "env-instance")
         finally:
             os.environ.clear()

powerbase_cli-0.2.0/tests/test_session.py ADDED Viewed

@@ -0,0 +1,97 @@
+from __future__ import annotations
+import json
+import os
+import sys
+import tempfile
+import unittest
+from pathlib import Path
+from unittest import mock
+sys.path.insert(0, str(Path(__file__).resolve().parents[1] / "src"))
+from powerbase_cli.config import AuthSession, AuthState, ConfigStore
+from powerbase_cli.session import SessionError, SessionManager
+class FakeResponse:
+    def __init__(self, payload: dict[str, object]) -> None:
+        self.payload = payload
+    def __enter__(self) -> "FakeResponse":
+        return self
+    def __exit__(self, exc_type, exc, tb) -> None:
+        return None
+    def read(self) -> bytes:
+        return json.dumps(self.payload).encode("utf-8")
+class SessionManagerTests(unittest.TestCase):
+    def test_refresh_without_auth_instructs_user_to_log_in_again(self) -> None:
+        with tempfile.TemporaryDirectory() as temp_dir:
+            store = ConfigStore(Path(temp_dir))
+            manager = SessionManager(store, "https://console.example.com", "anon")
+            with self.assertRaises(SessionError) as ctx:
+                manager.refresh()
+        self.assertIn("No authentication session available", str(ctx.exception))
+        self.assertIn("powerbase auth login --json", str(ctx.exception))
+        self.assertIn("powerbase auth wait --login-id ... --json", str(ctx.exception))
+    def test_refresh_updates_saved_auth_file(self) -> None:
+        with tempfile.TemporaryDirectory() as temp_dir:
+            store = ConfigStore(Path(temp_dir))
+            store.save_auth(
+                AuthState(
+                    source="login",
+                    base_url="https://console.example.com",
+                    anon_key="anon",
+                    session=AuthSession(
+                        access_token="old-access",
+                        refresh_token="old-refresh",
+                        expires_at=1,
+                    ),
+                )
+            )
+            manager = SessionManager(store, "https://console.example.com", "anon")
+            with mock.patch("powerbase_cli.session.request.urlopen", return_value=FakeResponse({
+                "access_token": "new-access",
+                "refresh_token": "new-refresh",
+                "expires_at": 9999999999,
+                "token_type": "bearer",
+                "user": {"id": "user-1"},
+            })):
+                refreshed = manager.refresh()
+            self.assertEqual(refreshed.session.access_token, "new-access")
+            saved = store.load_auth()
+            assert saved is not None
+            self.assertEqual(saved.session.refresh_token, "new-refresh")
+    def test_env_session_can_refresh_without_writing_auth_file(self) -> None:
+        with tempfile.TemporaryDirectory() as temp_dir:
+            store = ConfigStore(Path(temp_dir))
+            manager = SessionManager(store, "https://console.example.com", "anon")
+            old_env = dict(os.environ)
+            try:
+                os.environ["POWERBASE_ACCESS_TOKEN"] = "env-access"
+                os.environ["POWERBASE_REFRESH_TOKEN"] = "env-refresh"
+                os.environ["POWERBASE_EXPIRES_AT"] = "1"
+                with mock.patch("powerbase_cli.session.request.urlopen", return_value=FakeResponse({
+                    "access_token": "env-new-access",
+                    "refresh_token": "env-new-refresh",
+                    "expires_at": 9999999999,
+                    "token_type": "bearer",
+                })):
+                    refreshed = manager.ensure_valid()
+                assert refreshed is not None
+                self.assertEqual(refreshed.session.access_token, "env-new-access")
+                self.assertFalse(store.auth_path.exists())
+            finally:
+                os.environ.clear()
+                os.environ.update(old_env)

{powerbase_cli-0.1.5 → powerbase_cli-0.2.0}/tests/test_transport.py RENAMED Viewed

@@ -11,7 +11,7 @@ from urllib.error import HTTPError, URLError
 sys.path.insert(0, str(Path(__file__).resolve().parents[1] / "src"))
-from powerbase_cli.config import BUNDLED_CA_CERT_SENTINEL, AppConfig, AuthSession, AuthState, ConfigStore
+from powerbase_cli.config import AppConfig, AuthSession, AuthState, ConfigStore
 from powerbase_cli.session import SessionManager
 from powerbase_cli.transport import ApiError, PowerbaseTransport
@@ -51,71 +51,6 @@ class PowerbaseTransportTests(unittest.TestCase):
         self.assertIn("powerbase auth wait --login-id ... --json", str(ctx.exception))
         self.assertEqual(urlopen_mock.call_count, 0)
-    def test_invoke_uses_unverified_tls_context_when_insecure(self) -> None:
-        with tempfile.TemporaryDirectory() as temp_dir:
-            store = ConfigStore(Path(temp_dir))
-            manager = SessionManager(store, "https://console.example.com", "anon", tls_insecure=True)
-            transport = PowerbaseTransport(
-                AppConfig(base_url="https://console.example.com", anon_key="anon", tls_insecure=True),
-                manager,
-            )
-            with mock.patch(
-                "powerbase_cli.transport.request.urlopen",
-                return_value=FakeResponse({"success": True, "data": {"ok": True}}),
-            ) as urlopen_mock:
-                result = transport.invoke("instances", method="GET", requires_auth=False)
-            self.assertEqual(result["data"]["ok"], True)
-            context = urlopen_mock.call_args.kwargs["context"]
-            self.assertFalse(context.check_hostname)
-    def test_invoke_uses_ca_cert_context_when_configured(self) -> None:
-        with tempfile.TemporaryDirectory() as temp_dir:
-            store = ConfigStore(Path(temp_dir))
-            manager = SessionManager(store, "https://console.example.com", "anon", ca_cert_file="/tmp/test-ca.pem")
-            transport = PowerbaseTransport(
-                AppConfig(base_url="https://console.example.com", anon_key="anon", ca_cert_file="/tmp/test-ca.pem"),
-                manager,
-            )
-            with mock.patch("powerbase_cli.transport.ssl.create_default_context") as context_factory:
-                fake_context = object()
-                context_factory.return_value = fake_context
-                with mock.patch(
-                    "powerbase_cli.transport.request.urlopen",
-                    return_value=FakeResponse({"success": True, "data": {"ok": True}}),
-                ) as urlopen_mock:
-                    result = transport.invoke("instances", method="GET", requires_auth=False)
-            self.assertEqual(result["data"]["ok"], True)
-            context_factory.assert_called_once_with(cafile="/tmp/test-ca.pem")
-            self.assertIs(urlopen_mock.call_args.kwargs["context"], fake_context)
-    def test_invoke_uses_bundled_ca_cert_when_configured(self) -> None:
-        with tempfile.TemporaryDirectory() as temp_dir:
-            store = ConfigStore(Path(temp_dir))
-            manager = SessionManager(store, "https://console.example.com", "anon", ca_cert_file=BUNDLED_CA_CERT_SENTINEL)
-            transport = PowerbaseTransport(
-                AppConfig(base_url="https://console.example.com", anon_key="anon", ca_cert_file=BUNDLED_CA_CERT_SENTINEL),
-                manager,
-            )
-            with mock.patch("powerbase_cli.transport.load_bundled_ca_cert", return_value="PEM DATA") as bundled_cert:
-                with mock.patch("powerbase_cli.transport.ssl.create_default_context") as context_factory:
-                    fake_context = object()
-                    context_factory.return_value = fake_context
-                    with mock.patch(
-                        "powerbase_cli.transport.request.urlopen",
-                        return_value=FakeResponse({"success": True, "data": {"ok": True}}),
-                    ) as urlopen_mock:
-                        result = transport.invoke("instances", method="GET", requires_auth=False)
-            self.assertEqual(result["data"]["ok"], True)
-            bundled_cert.assert_called_once_with()
-            context_factory.assert_called_once_with(cadata="PEM DATA")
-            self.assertIs(urlopen_mock.call_args.kwargs["context"], fake_context)
     def test_invoke_refreshes_and_retries_once_on_401(self) -> None:
         with tempfile.TemporaryDirectory() as temp_dir:
             store = ConfigStore(Path(temp_dir))

powerbase_cli-0.1.5/src/powerbase_cli/certs/powerbase-test-ca.pem DELETED Viewed

@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDhDCCAmygAwIBAgIUWu1JfeyC2qw56+7PUB5QY9w1MG8wDQYJKoZIhvcNAQEL
-BQAwHjEcMBoGA1UEAwwTNi4xMi4yMzUuMTY1Lm5pcC5pbzAeFw0yNjA0MDcwNTUx
-MjZaFw0yNzA0MDcwNTUxMjZaMB4xHDAaBgNVBAMMEzYuMTIuMjM1LjE2NS5uaXAu
-aW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVaa9eQzG9t/WNcoP8
-vJDX41oELoz/LOVzmr9zuFK3jQnIrVjFW8MdBHq1pOBLyHjKtnhKPo1n0br4/iPP
-/TiJNwAuybN6iiSxWSsGpzFv7gIyJivdr65khzeLNda6HyBFxsRsVZAKKe8tueB4
-FQM0YWxHkfAMw5bigDumZq3wzLUuvB7EtscVtl0dV0tcqovLq1Lg9/eBDSqfWuxv
-hW9iROv23ryJETE/8Wh/2Gd5UV0E8CEX8As30+5nJ2jGF6O8abDRipvqc67+5v7h
-dEXT2xIg4Fh8DAhlbgzM6Sj6I70pWiro+Q+N8GWvpJeJYGZu7J97eEOw+u1C2pCV
-sbiBAgMBAAGjgbkwgbYwHQYDVR0OBBYEFODuAm1rmrl2GyZBcClH9HVE9kGMMB8G
-A1UdIwQYMBaAFODuAm1rmrl2GyZBcClH9HVE9kGMMA8GA1UdEwEB/wQFMAMBAf8w
-YwYDVR0RBFwwWoITNi4xMi4yMzUuMTY1Lm5pcC5pb4IbY29uc29sZS42LjEyLjIz
-NS4xNjUubmlwLmlvghUqLjYuMTIuMjM1LjE2NS5uaXAuaW+CCWxvY2FsaG9zdIcE
-fwAAATANBgkqhkiG9w0BAQsFAAOCAQEAmvCeJ4Xnx8rXmU+oxiDiDZRfUK204Ta7
-hztXu9LvxheW99p2R1AP2F7VUJOTq31HY9/r2p3qCEyz8F4nc/GPunHfF3y8mMiB
-beFDdwrw8NWTRLGlOJynjsOXtkRkFa03DTKa4x9roZo10S+imDk1/DywWlv7UoAK
-9OsUB1zb8c6m7uZXrOTAZOzvO2fBrdymXnQ4tMvl54iyVT8X1rft5NUywfBzCtzB
-g/OxLM2zJg3kz9kFztRuf1e07Tz6cqSy2CzClvhxaYJSfnlT2b73SceKy3kHn7Sh
-VXA8yjqcTjk6wkMlHueIWnjnjYkRSpFjw3/ODNXbGJjxh+86l/ekPQ==
------END CERTIFICATE-----

powerbase_cli-0.1.5/tests/test_session.py DELETED Viewed

@@ -1,194 +0,0 @@
-from __future__ import annotations
-import json
-import os
-import sys
-import tempfile
-import unittest
-from pathlib import Path
-from unittest import mock
-sys.path.insert(0, str(Path(__file__).resolve().parents[1] / "src"))
-from powerbase_cli.config import BUNDLED_CA_CERT_SENTINEL, AuthSession, AuthState, ConfigStore
-from powerbase_cli.session import SessionError, SessionManager
-class FakeResponse:
-    def __init__(self, payload: dict[str, object]) -> None:
-        self.payload = payload
-    def __enter__(self) -> "FakeResponse":
-        return self
-    def __exit__(self, exc_type, exc, tb) -> None:
-        return None
-    def read(self) -> bytes:
-        return json.dumps(self.payload).encode("utf-8")
-class SessionManagerTests(unittest.TestCase):
-    def test_refresh_without_auth_instructs_user_to_log_in_again(self) -> None:
-        with tempfile.TemporaryDirectory() as temp_dir:
-            store = ConfigStore(Path(temp_dir))
-            manager = SessionManager(store, "https://console.example.com", "anon")
-            with self.assertRaises(SessionError) as ctx:
-                manager.refresh()
-        self.assertIn("No authentication session available", str(ctx.exception))
-        self.assertIn("powerbase auth login --json", str(ctx.exception))
-        self.assertIn("powerbase auth wait --login-id ... --json", str(ctx.exception))
-    def test_refresh_updates_saved_auth_file(self) -> None:
-        with tempfile.TemporaryDirectory() as temp_dir:
-            store = ConfigStore(Path(temp_dir))
-            store.save_auth(
-                AuthState(
-                    source="login",
-                    base_url="https://console.example.com",
-                    anon_key="anon",
-                    session=AuthSession(
-                        access_token="old-access",
-                        refresh_token="old-refresh",
-                        expires_at=1,
-                    ),
-                )
-            )
-            manager = SessionManager(store, "https://console.example.com", "anon")
-            with mock.patch("powerbase_cli.session.request.urlopen", return_value=FakeResponse({
-                "access_token": "new-access",
-                "refresh_token": "new-refresh",
-                "expires_at": 9999999999,
-                "token_type": "bearer",
-                "user": {"id": "user-1"},
-            })):
-                refreshed = manager.refresh()
-            self.assertEqual(refreshed.session.access_token, "new-access")
-            saved = store.load_auth()
-            assert saved is not None
-            self.assertEqual(saved.session.refresh_token, "new-refresh")
-    def test_env_session_can_refresh_without_writing_auth_file(self) -> None:
-        with tempfile.TemporaryDirectory() as temp_dir:
-            store = ConfigStore(Path(temp_dir))
-            manager = SessionManager(store, "https://console.example.com", "anon")
-            old_env = dict(os.environ)
-            try:
-                os.environ["POWERBASE_ACCESS_TOKEN"] = "env-access"
-                os.environ["POWERBASE_REFRESH_TOKEN"] = "env-refresh"
-                os.environ["POWERBASE_EXPIRES_AT"] = "1"
-                os.environ["POWERBASE_BASE_URL"] = "https://console.example.com"
-                os.environ["POWERBASE_ANON_KEY"] = "anon"
-                with mock.patch("powerbase_cli.session.request.urlopen", return_value=FakeResponse({
-                    "access_token": "env-new-access",
-                    "refresh_token": "env-new-refresh",
-                    "expires_at": 9999999999,
-                    "token_type": "bearer",
-                })):
-                    refreshed = manager.ensure_valid()
-                assert refreshed is not None
-                self.assertEqual(refreshed.session.access_token, "env-new-access")
-                self.assertFalse(store.auth_path.exists())
-            finally:
-                os.environ.clear()
-                os.environ.update(old_env)
-    def test_refresh_uses_unverified_tls_context_when_insecure(self) -> None:
-        with tempfile.TemporaryDirectory() as temp_dir:
-            store = ConfigStore(Path(temp_dir))
-            store.save_auth(
-                AuthState(
-                    source="login",
-                    base_url="https://console.example.com",
-                    anon_key="anon",
-                    session=AuthSession(access_token="old-access", refresh_token="old-refresh", expires_at=1),
-                )
-            )
-            manager = SessionManager(store, "https://console.example.com", "anon", tls_insecure=True)
-            with mock.patch(
-                "powerbase_cli.session.request.urlopen",
-                return_value=FakeResponse(
-                    {
-                        "access_token": "new-access",
-                        "refresh_token": "new-refresh",
-                        "expires_at": 9999999999,
-                        "token_type": "bearer",
-                    }
-                ),
-            ) as urlopen_mock:
-                manager.refresh()
-            context = urlopen_mock.call_args.kwargs["context"]
-            self.assertFalse(context.check_hostname)
-    def test_refresh_uses_ca_cert_context_when_configured(self) -> None:
-        with tempfile.TemporaryDirectory() as temp_dir:
-            store = ConfigStore(Path(temp_dir))
-            store.save_auth(
-                AuthState(
-                    source="login",
-                    base_url="https://console.example.com",
-                    anon_key="anon",
-                    session=AuthSession(access_token="old-access", refresh_token="old-refresh", expires_at=1),
-                )
-            )
-            manager = SessionManager(store, "https://console.example.com", "anon", ca_cert_file="/tmp/test-ca.pem")
-            with mock.patch("powerbase_cli.session.ssl.create_default_context") as context_factory:
-                fake_context = object()
-                context_factory.return_value = fake_context
-                with mock.patch(
-                    "powerbase_cli.session.request.urlopen",
-                    return_value=FakeResponse(
-                        {
-                            "access_token": "new-access",
-                            "refresh_token": "new-refresh",
-                            "expires_at": 9999999999,
-                            "token_type": "bearer",
-                        }
-                    ),
-                ) as urlopen_mock:
-                    manager.refresh()
-            context_factory.assert_called_once_with(cafile="/tmp/test-ca.pem")
-            self.assertIs(urlopen_mock.call_args.kwargs["context"], fake_context)
-    def test_refresh_uses_bundled_ca_cert_when_configured(self) -> None:
-        with tempfile.TemporaryDirectory() as temp_dir:
-            store = ConfigStore(Path(temp_dir))
-            store.save_auth(
-                AuthState(
-                    source="login",
-                    base_url="https://console.example.com",
-                    anon_key="anon",
-                    session=AuthSession(access_token="old-access", refresh_token="old-refresh", expires_at=1),
-                )
-            )
-            manager = SessionManager(store, "https://console.example.com", "anon", ca_cert_file=BUNDLED_CA_CERT_SENTINEL)
-            with mock.patch("powerbase_cli.session.load_bundled_ca_cert", return_value="PEM DATA") as bundled_cert:
-                with mock.patch("powerbase_cli.session.ssl.create_default_context") as context_factory:
-                    fake_context = object()
-                    context_factory.return_value = fake_context
-                    with mock.patch(
-                        "powerbase_cli.session.request.urlopen",
-                        return_value=FakeResponse(
-                            {
-                                "access_token": "new-access",
-                                "refresh_token": "new-refresh",
-                                "expires_at": 9999999999,
-                                "token_type": "bearer",
-                            }
-                        ),
-                    ) as urlopen_mock:
-                        manager.refresh()
-            bundled_cert.assert_called_once_with()
-            context_factory.assert_called_once_with(cadata="PEM DATA")
-            self.assertIs(urlopen_mock.call_args.kwargs["context"], fake_context)