real-browser-cli 0.14.2__py3-none-any.whl

browser_cli/serve/logging.py

@@ -0,0 +1,16 @@
+"""Shared logging helpers for ``browser-cli serve``."""
+from __future__ import annotations
+
+from datetime import datetime
+from rich.console import Console
+
+console = Console()
+
+def log_request(addr: tuple, command: str, profile: str | None, status: str, error: str | None = None) -> None:
+  ts = datetime.now().strftime("%H:%M:%S")
+  addr_str = f"{addr[0]}:{addr[1]}"
+  profile_str = f"[dim]{profile}[/dim] " if profile else ""
+  if error:
+    console.print(f"[dim]{ts}[/dim] {addr_str} {profile_str}[cyan]{command}[/cyan] [red]{status}[/red] {error}")
+  else:
+    console.print(f"[dim]{ts}[/dim] {addr_str} {profile_str}[cyan]{command}[/cyan] [green]{status}[/green]")

browser_cli/serve/proxy.py

@@ -0,0 +1,79 @@
+"""Proxying from TCP clients to the local browser native-host socket."""
+from __future__ import annotations
+
+import asyncio
+import json
+
+from browser_cli import transport
+from browser_cli.compat import adapt_request, adapt_response
+from browser_cli.framing import async_recv_frame, async_send_frame
+from browser_cli.serve.logging import log_request
+
+_STRIP_PROTOCOL_FIELDS = {"token", "_route", "pubkey", "sig", "user_agent", "pq_kex", "encrypted", "accept_encoding"}
+
+class ServeProxyMixin:
+  addr: tuple
+  profile: str | None
+  client_ver: str
+  command: str
+  compress: bool
+  accept_encoding: dict | None
+
+  async def send_error(self, msg: str, msg_id=None) -> None: ...
+  async def send_payload(self, data: bytes) -> None: ...
+
+  async def forward_to_browser(self, msg: dict) -> None:
+    from browser_cli.client import BrowserNotConnected
+    from browser_cli.client.targets import resolve_socket
+    from browser_cli.platform import is_windows
+
+    resolved_profile = msg.get("_route") or self.profile
+    clean_msg = {k: v for k, v in msg.items() if k not in _STRIP_PROTOCOL_FIELDS}
+    clean_payload = json.dumps(adapt_request(clean_msg, self.client_ver)).encode()
+
+    try:
+      sock_path = resolve_socket(resolved_profile)
+    except BrowserNotConnected as e:
+      await self.send_error(str(e))
+      log_request(self.addr, self.command, resolved_profile, "ERROR", "browser not connected")
+      return
+
+    try:
+      if is_windows():
+        resp_payload = await self._windows_roundtrip(sock_path, clean_payload)
+      else:
+        resp_payload = await self._unix_roundtrip(sock_path, clean_payload)
+      await self.send_browser_response(adapt_response(resp_payload, self.command, self.client_ver), resolved_profile)
+    except (OSError, json.JSONDecodeError, ConnectionError) as e:
+      await self.send_error(str(e))
+      log_request(self.addr, self.command, resolved_profile, "ERROR", str(e))
+
+  async def _windows_roundtrip(self, sock_path: str, payload: bytes) -> bytes:
+    from multiprocessing.connection import Client as PipeClient
+
+    def _pipe_roundtrip():
+      with PipeClient(sock_path, family="AF_PIPE") as pipe:
+        pipe.send_bytes(payload)
+        return pipe.recv_bytes()
+
+    return await asyncio.to_thread(_pipe_roundtrip)
+
+  async def _unix_roundtrip(self, sock_path: str, payload: bytes) -> bytes:
+    local_reader, local_writer = await asyncio.open_unix_connection(sock_path)
+    try:
+      await async_send_frame(local_writer, payload)
+      return await async_recv_frame(local_reader) or b""
+    finally:
+      local_writer.close()
+      await local_writer.wait_closed()
+
+  async def send_browser_response(self, resp_payload: bytes, resolved_profile: str | None) -> None:
+    resp_data = json.loads(resp_payload)
+    if self.compress:
+      await self.send_payload(transport.encode_response(resp_data, self.accept_encoding, self.command))
+    else:
+      await self.send_payload(resp_payload)
+    if resp_data.get("success", True):
+      log_request(self.addr, self.command, resolved_profile, "OK")
+    else:
+      log_request(self.addr, self.command, resolved_profile, "ERROR", resp_data.get("error", ""))

browser_cli/serve/runtime.py

@@ -0,0 +1,196 @@
+"""Runtime implementation for ``browser-cli serve``.
+
+The Click command lives in ``browser_cli.commands.serve``. This module owns the
+connection lifecycle; auth, control commands and browser proxying live in small
+mixins so each piece can be tested/refactored independently.
+"""
+from __future__ import annotations
+
+import asyncio
+import json
+import secrets
+import socket
+from dataclasses import dataclass
+from pathlib import Path
+
+from browser_cli import transport
+from browser_cli.compat import adapt_auth
+from browser_cli.framing import async_recv_frame, async_send_frame
+from browser_cli.serve.auth import ServeAuthMixin
+from browser_cli.serve.control import ServeControlMixin
+from browser_cli.serve.logging import console, log_request
+from browser_cli.serve.proxy import ServeProxyMixin
+from browser_cli.version_manager import PROTOCOL_MIN_CLIENT, get_installed_version
+
+async def _async_framed_send(writer: asyncio.StreamWriter, data: bytes) -> None:
+  await async_send_frame(writer, data)
+
+async def _async_recv_all(reader: asyncio.StreamReader) -> bytes:
+  return await async_recv_frame(reader) or b""
+
+@dataclass
+class ServeRequest(ServeAuthMixin, ServeControlMixin, ServeProxyMixin):
+  reader: asyncio.StreamReader
+  writer: asyncio.StreamWriter
+  addr: tuple
+  profile: str | None
+  auth_keys: list[str] | None
+  auth_keys_path: Path | None
+  nonce: str
+  pq_private_key: object | None = None
+  compress: bool = True
+
+  response_secret: bytes | None = None
+  accept_encoding: dict | None = None
+  client_ver: str = "0"
+  msg_id: object = None
+  command: str = "?"
+
+  async def send_payload(self, data: bytes) -> None:
+    if self.response_secret is not None:
+      from browser_cli.auth import pq_encrypt
+      data = json.dumps({"encrypted": pq_encrypt(self.response_secret, "response", data)}).encode()
+    await _async_framed_send(self.writer, data)
+
+  async def send_error(self, msg: str, msg_id=None) -> None:
+    err = json.dumps({"id": self.msg_id if msg_id is None else msg_id, "success": False, "error": msg}).encode()
+    try:
+      await self.send_payload(err)
+    except OSError:
+      pass
+
+  async def send_ok(self, payload, command: str | None = None) -> None:
+    obj = {"id": self.msg_id, "success": True, "data": payload}
+    try:
+      await self.send_payload(transport.encode_response(obj, self.accept_encoding if self.compress else None, command))
+    except OSError:
+      pass
+
+  async def read_message(self) -> dict | None:
+    try:
+      payload = await _async_recv_all(self.reader)
+    except (ConnectionError, OSError) as exc:
+      if "too large" in str(exc):
+        await self.send_error(str(exc), msg_id=None)
+      return None
+    try:
+      msg = json.loads(payload)
+    except (json.JSONDecodeError, ValueError):
+      await self.send_error("invalid JSON", msg_id=None)
+      log_request(self.addr, "?", None, "ERROR", "invalid JSON")
+      return None
+    return msg if isinstance(msg, dict) else None
+
+  async def run(self) -> None:
+    msg = await self.read_message()
+    if msg is None or not await self.validate_client(msg):
+      return
+    msg = adapt_auth(msg, self.client_ver)
+    self.command = msg.get("command", "?")
+    msg = await self.authenticate(msg)
+    if msg is None:
+      return
+    self.accept_encoding = msg.get("accept_encoding")
+    if await self.handle_control_command(msg):
+      return
+    await self.forward_to_browser(msg)
+
+async def _async_proxy_request(
+  reader: asyncio.StreamReader,
+  writer: asyncio.StreamWriter,
+  addr: tuple,
+  profile: str | None,
+  auth_keys: list[str] | None,
+  auth_keys_path: Path | None,
+  nonce: str,
+  pq_private_key=None,
+  compress: bool = True,
+) -> None:
+  await ServeRequest(reader, writer, addr, profile, auth_keys, auth_keys_path, nonce, pq_private_key, compress).run()
+
+async def _async_handle_client(
+  reader: asyncio.StreamReader,
+  writer: asyncio.StreamWriter,
+  addr: tuple,
+  profile: str | None,
+  auth_keys_path: Path | None,
+  compress: bool = True,
+  conn_limit: asyncio.Semaphore | None = None,
+) -> None:
+  if conn_limit is None:
+    conn_limit = asyncio.Semaphore(64)
+  if conn_limit.locked():
+    writer.close()
+    await writer.wait_closed()
+    return
+  await conn_limit.acquire()
+  try:
+    auth_keys = await _load_auth_keys(auth_keys_path)
+    nonce, pq_private_key, challenge_msg = await _build_challenge(auth_keys_path)
+    try:
+      await _async_framed_send(writer, json.dumps(challenge_msg).encode())
+    except OSError:
+      return
+    await _async_proxy_request(reader, writer, addr, profile, auth_keys, auth_keys_path, nonce, pq_private_key, compress)
+  finally:
+    conn_limit.release()
+    writer.close()
+    try:
+      await writer.wait_closed()
+    except Exception:
+      pass
+
+async def _load_auth_keys(auth_keys_path: Path | None) -> list[str] | None:
+  if auth_keys_path is None:
+    return None
+  from browser_cli.auth import load_authorized_keys
+  return await asyncio.to_thread(load_authorized_keys, auth_keys_path)
+
+async def _build_challenge(auth_keys_path: Path | None) -> tuple[str, object | None, dict]:
+  nonce = secrets.token_hex(32)
+  pq_private_key = None
+  challenge_msg = {
+    "type": "challenge",
+    "nonce": nonce,
+    "server_version": get_installed_version(),
+    "min_client_version": PROTOCOL_MIN_CLIENT,
+  }
+  if auth_keys_path is not None:
+    from browser_cli.auth import PQ_KEX_ALG, pq_kex_server_keypair
+    pq_keypair = await asyncio.to_thread(pq_kex_server_keypair)
+    if pq_keypair is not None:
+      pq_private_key, pq_public_key = pq_keypair
+      challenge_msg["pq_kex"] = {"alg": PQ_KEX_ALG, "public_key": pq_public_key.hex()}
+  return nonce, pq_private_key, challenge_msg
+
+def _handle_client(
+  client_sock: socket.socket,
+  addr: tuple,
+  profile: str | None,
+  auth_keys_path: Path | None,
+  compress: bool = True,
+) -> None:
+  """Run one accepted socket through the async serve pipeline."""
+
+  async def _run() -> None:
+    reader, writer = await asyncio.open_connection(sock=client_sock)
+    await _async_handle_client(reader, writer, addr, profile, auth_keys_path, compress)
+
+  try:
+    asyncio.run(_run())
+  except OSError:
+    try:
+      client_sock.close()
+    except OSError:
+      pass
+
+async def _serve_async(host: str, port: int, profile: str | None, auth_keys_path: Path | None, compress: bool) -> None:
+  conn_limit = asyncio.Semaphore(64)
+
+  async def _client_connected(reader: asyncio.StreamReader, writer: asyncio.StreamWriter) -> None:
+    peer = writer.get_extra_info("peername") or ("?", 0)
+    await _async_handle_client(reader, writer, peer, profile, auth_keys_path, compress, conn_limit)
+
+  server = await asyncio.start_server(_client_connected, host, port, backlog=16)
+  async with server:
+    await server.serve_forever()

browser_cli/transport.py

@@ -0,0 +1,214 @@
+"""Response payload encoding for the TCP serve <-> client leg.
+
+The wire frame stays ``4-byte LE length + payload``. The payload is made
+self-describing so old peers keep working unchanged:
+
+  * A payload that starts with ``{`` or ``[`` is plain JSON (the historical
+  format). Old clients and old servers only ever produce/consume this.
+  * Any other leading byte is a 1-byte codec tag followed by the encoded body.
+  The tag's high nibble selects serialization, the low nibble compression::
+
+    tag = (serialization << 4) | compression
+
+This is only ever emitted toward a peer that advertised support for it, so it
+is fully backward compatible: clients announce what they can decode via the
+``accept_encoding`` field in their request, and the server encodes the
+response accordingly. Requests themselves stay plain JSON (they are tiny).
+
+Compression is the big win — response payloads (``extract.html``,
+``dom.query``, ``tabs.list`` over hundreds of tabs, base64 screenshots) are
+heavy and text-like. msgpack additionally lets ``tabs.screenshot`` ship the
+image as raw bytes instead of a base64 data URL (~33% smaller before
+compression); the client transparently rebuilds the data URL so the SDK/CLI
+API is unchanged.
+"""
+from __future__ import annotations
+
+import base64
+import gzip
+import json
+import re
+import zlib
+
+from browser_cli.constants import (
+  COMP_GZIP,
+  COMP_NONE,
+  COMP_ZLIB,
+  COMP_ZSTD,
+  DEFAULT_TRANSPORT_THRESHOLD,
+  SER_JSON,
+  SER_MSGPACK,
+)
+
+try:  # optional: better ratio + speed than zlib/gzip
+  import zstandard as _zstd
+except Exception:  # pragma: no cover - depends on optional extra
+  _zstd = None
+
+try:  # optional: alternate serialization + raw binary for screenshots
+  import msgpack as _msgpack
+except Exception:  # pragma: no cover - depends on optional extra
+  _msgpack = None
+
+# ── codec ids ────────────────────────────────────────────────────────────────
+_SER_NAME = {SER_JSON: "json", SER_MSGPACK: "msgpack"}
+_SER_ID = {v: k for k, v in _SER_NAME.items()}
+_COMP_NAME = {COMP_NONE: "none", COMP_ZLIB: "zlib", COMP_GZIP: "gzip", COMP_ZSTD: "zstd"}
+_COMP_ID = {v: k for k, v in _COMP_NAME.items()}
+
+# Don't compress payloads smaller than this — the header/CPU cost is not worth it.
+
+# JSON top-level values always start with one of these bytes; a tag byte never does.
+_JSON_FIRST_BYTES = frozenset(b"{[")
+
+def msgpack_available() -> bool:
+  return _msgpack is not None
+
+def zstd_available() -> bool:
+  return _zstd is not None
+
+def supported_serialization() -> list[str]:
+  """Serializations this build can produce/consume, best first."""
+  return (["msgpack"] if _msgpack is not None else []) + ["json"]
+
+def supported_compression() -> list[str]:
+  """Compression codecs this build can produce/consume, best first."""
+  return (["zstd"] if _zstd is not None else []) + ["gzip", "zlib"]
+
+def client_accept_encoding() -> dict:
+  """What the local client advertises it can decode (sent with each request)."""
+  return {"ser": supported_serialization(), "comp": supported_compression()}
+
+# ── compression primitives ────────────────────────────────────────────────────
+
+def _compress(comp_id: int, data: bytes) -> bytes:
+  if comp_id == COMP_NONE:
+    return data
+  if comp_id == COMP_ZLIB:
+    return zlib.compress(data, 6)
+  if comp_id == COMP_GZIP:
+    return gzip.compress(data, compresslevel=6)
+  if comp_id == COMP_ZSTD:
+    if _zstd is None:
+      raise ValueError("zstd compression requested but zstandard is not installed")
+    return _zstd.ZstdCompressor(level=10).compress(data)
+  raise ValueError(f"unknown compression id {comp_id}")
+
+def _decompress(comp_id: int, data: bytes) -> bytes:
+  if comp_id == COMP_NONE:
+    return data
+  if comp_id == COMP_ZLIB:
+    return zlib.decompress(data)
+  if comp_id == COMP_GZIP:
+    return gzip.decompress(data)
+  if comp_id == COMP_ZSTD:
+    if _zstd is None:
+      raise ValueError("zstd payload received but zstandard is not installed")
+    return _zstd.ZstdDecompressor().decompress(data)
+  raise ValueError(f"unknown compression id {comp_id}")
+
+# ── codec negotiation ──────────────────────────────────────────────────────────
+
+def _choose(accept: dict | None) -> tuple[int, int]:
+  """Pick (serialization_id, compression_id) the peer accepts, server preference first."""
+  accept = accept if isinstance(accept, dict) else {}
+  accept_ser = accept.get("ser") or ["json"]
+  accept_comp = accept.get("comp") or []
+
+  ser = SER_JSON
+  if _msgpack is not None and "msgpack" in accept_ser:
+    ser = SER_MSGPACK
+
+  comp = COMP_NONE
+  for name in supported_compression():  # server preference: zstd > gzip > zlib
+    if name in accept_comp:
+      comp = _COMP_ID[name]
+      break
+  return ser, comp
+
+# ── raw-binary hoisting (screenshots) ──────────────────────────────────────────
+
+_DATA_URL_RE = re.compile(r"^data:([^;,]+);base64,(.+)$", re.S)
+_B64_MARKER = "__b64__"
+
+def _hoist_screenshot(obj, command: str | None):
+  """Replace a screenshot data URL with raw bytes so msgpack ships it unencoded.
+
+  Gated to ``tabs.screenshot`` so we never touch arbitrary page-derived data.
+  """
+  if command != "tabs.screenshot" or not isinstance(obj, dict):
+    return obj
+  data = obj.get("data")
+  if not isinstance(data, dict):
+    return obj
+  url = data.get("dataUrl")
+  if not isinstance(url, str):
+    return obj
+  m = _DATA_URL_RE.match(url)
+  if not m:
+    return obj
+  try:
+    raw = base64.b64decode(m.group(2))
+  except Exception:
+    return obj
+  new_data = dict(data)
+  new_data["dataUrl"] = {_B64_MARKER: True, "mime": m.group(1), "raw": raw}
+  return {**obj, "data": new_data}
+
+def _unhoist_binary(obj):
+  """Rebuild any hoisted data URL so callers see the original string again."""
+  if isinstance(obj, dict):
+    raw = obj.get("raw")
+    if obj.get(_B64_MARKER) and isinstance(raw, (bytes, bytearray)):
+      mime = obj.get("mime") or "application/octet-stream"
+      return f"data:{mime};base64," + base64.b64encode(bytes(raw)).decode("ascii")
+    return {k: _unhoist_binary(v) for k, v in obj.items()}
+  if isinstance(obj, list):
+    return [_unhoist_binary(v) for v in obj]
+  return obj
+
+# ── encode / decode ─────────────────────────────────────────────────────────────
+
+def encode_response(obj, accept: dict | None = None, command: str | None = None,
+          threshold: int = DEFAULT_TRANSPORT_THRESHOLD) -> bytes:
+  """Encode a response object for the chosen/accepted codec.
+
+  Returns bare JSON bytes when no encoding is negotiated, which is byte-for-byte
+  what an old server would have sent.
+  """
+  ser, comp = _choose(accept)
+
+  if ser == SER_MSGPACK:
+    body = _msgpack.packb(_hoist_screenshot(obj, command), use_bin_type=True)
+  else:
+    body = json.dumps(obj).encode("utf-8")
+
+  if comp != COMP_NONE and len(body) >= threshold:
+    body = _compress(comp, body)
+  else:
+    comp = COMP_NONE
+
+  if ser == SER_JSON and comp == COMP_NONE:
+    return body  # plain JSON — historical wire format, no tag byte
+
+  return bytes([(ser << 4) | comp]) + body
+
+def decode_response(raw: bytes | None):
+  """Decode a payload produced by :func:`encode_response` (or plain JSON)."""
+  if raw is None:
+    return None
+  if not raw:
+    raise ValueError("empty response payload")
+  if raw[0] in _JSON_FIRST_BYTES:
+    return json.loads(raw)
+
+  tag = raw[0]
+  ser, comp = tag >> 4, tag & 0x0F
+  body = _decompress(comp, raw[1:])
+  if ser == SER_MSGPACK:
+    if _msgpack is None:
+      raise ValueError("msgpack payload received but msgpack is not installed")
+    return _unhoist_binary(_msgpack.unpackb(body, raw=False))
+  if ser == SER_JSON:
+    return json.loads(body)
+  raise ValueError(f"unknown serialization id {ser}")

browser_cli/version_manager.py

@@ -0,0 +1,17 @@
+from importlib.metadata import version as _pkg_version
+
+from browser_cli.constants import MAX_MSG_BYTES, PROTOCOL_MIN_CLIENT
+
+def parse_version(v: str) -> tuple[int, ...]:
+    try:
+        return tuple(int(x) for x in v.lstrip("v").split("."))
+    except ValueError:
+        return (0,)
+
+def get_installed_version() -> str:
+    try:
+        return _pkg_version("browser-cli")
+    except Exception:
+        return "0.0.0"
+
+USER_AGENT = f"browser-cli/{get_installed_version()}"

real_browser_cli-0.14.2.dist-info/METADATA

@@ -0,0 +1,87 @@
+Metadata-Version: 2.4
+Name: real-browser-cli
+Version: 0.14.2
+Summary: Control your real running browser from the terminal or Python SDK
+License: # PolyForm Noncommercial License 1.0.0
+        
+        Required Notice: Copyright (c) 2026 Daniel Dolezal
+        
+        ## Acceptance
+        
+        In order to get any license under these terms, you must agree to them as both strict obligations and conditions to all your licenses.
+        
+        ## Copyright License
+        
+        The licensor grants you a copyright license for the software to do everything you might do with the software that would otherwise infringe the licensor's copyright in it for any permitted purpose. However, you may only distribute the software according to [Distribution License](#distribution-license) and make changes or new works based on the software according to [Changes and New Works License](#changes-and-new-works-license).
+        
+        ## Distribution License
+        
+        The licensor grants you an additional copyright license to distribute copies of the software. Your license to distribute covers distributing the software with changes and new works permitted by [Changes and New Works License](#changes-and-new-works-license).
+        
+        ## Notices
+        
+        You must ensure that anyone who gets a copy of any part of the software from you also gets a copy of these terms or the URL for them above, as well as copies of any plain-text lines beginning with `Required Notice:` that the licensor provided with the software. For example:
+        
+        > Required Notice: Copyright Yoyodyne, Inc. (http://example.com)
+        
+        ## Changes and New Works License
+        
+        The licensor grants you an additional copyright license to make changes and new works based on the software for any permitted purpose.
+        
+        ## Patent License
+        
+        The licensor grants you a patent license for the software that covers patent claims the licensor can license, or becomes able to license, that you would infringe by using the software.
+        
+        ## Noncommercial Purposes
+        
+        Any noncommercial purpose is a permitted purpose.
+        
+        ## Personal Uses
+        
+        Personal use for research, experiment, and testing for the benefit of public knowledge, personal study, private entertainment, hobby projects, amateur pursuits, or religious observance, without any anticipated commercial application, is use for a permitted purpose.
+        
+        ## Noncommercial Organizations
+        
+        Use by any charitable organization, educational institution, public research organization, public safety or health organization, environmental protection organization, or government institution is use for a permitted purpose regardless of the source of funding or obligations resulting from the funding.
+        
+        ## Fair Use
+        
+        You may have "fair use" rights for the software under the law. These terms do not limit them.
+        
+        ## No Other Rights
+        
+        These terms do not allow you to sublicense or transfer any of your licenses to anyone else, or prevent the licensor from granting licenses to anyone else. These terms do not imply any other licenses.
+        
+        ## Patent Defense
+        
+        If you make any written claim that the software infringes or contributes to infringement of any patent, your patent license for the software granted under these terms ends immediately. If your company makes such a claim, your patent license ends immediately for work on behalf of your company.
+        
+        ## Violations
+        
+        The first time you are notified in writing that you have violated any of these terms, or done anything with the software not covered by your licenses, your licenses can nonetheless continue if you come into full compliance with these terms, and take practical steps to correct past violations, within 32 days of receiving notice. Otherwise, all your licenses end immediately.
+        
+        ## No Liability
+        
+        ***As far as the law allows, the software comes as is, without any warranty or condition, and the licensor will not be liable to you for any damages arising out of these terms or the use or nature of the software, under any kind of legal claim.***
+        
+        ## Definitions
+        
+        The **licensor** is the individual or entity offering these terms, and the **software** is the software the licensor makes available under these terms.
+        
+        **You** refers to the individual or entity agreeing to these terms.
+        
+        **Your company** is any legal entity, sole proprietorship, or other kind of organization that you work for, plus all organizations that have control over, are under the control of, or are under common control with that organization.
+        
+        **Control** means ownership of substantially all the assets of an entity, or the power to direct its management and policies by vote, contract, or otherwise. Control can be direct or indirect.
+        
+        **Your licenses** are all the licenses granted to you for the software under these terms.
+        
+        **Use** means anything you do with the software requiring one of your licenses.
+License-File: LICENSE
+Requires-Python: >=3.10
+Requires-Dist: click>=8
+Requires-Dist: cryptography>=48
+Requires-Dist: msgpack>=1
+Requires-Dist: rich>=13
+Provides-Extra: fast
+Requires-Dist: zstandard>=0.22; extra == 'fast'