regstack 0.2.4__tar.gz → 0.2.5__tar.gz

{regstack-0.2.4 → regstack-0.2.5}/CHANGELOG.md

@@ -5,6 +5,23 @@ authoritative copy lives at
 [`docs/changelog.md`](docs/changelog.md) and is rendered into the
 Sphinx docs.
 
+## 0.2.5 — 2026-04-28
+
+Bug fix + tooling.
+
+- **Fix:** `regstack doctor` against a SQL backend crashed with
+  `asyncio.run() cannot be called from a running event loop`. The
+  schema check called `regstack.backends.sql.migrations.current()`,
+  which used `asyncio.run()` internally — invalid inside doctor's own
+  `asyncio.run`. Added `current_async()` and switched the doctor
+  command to use it. Sync `current()` is preserved for the migrate
+  CLI.
+- **New:** `inv coverage [--no-html] [--fail-under=N]` runs the full
+  three-backend matrix under coverage and writes term + HTML reports.
+  Branch coverage is on by default.
+- Test coverage uplift on the CLI: `cli/init.py` 14% → 88%,
+  `cli/doctor.py` 61% → 87%. Total: **85% → 87.1%**.
+
 ## 0.2.4 — 2026-04-28
 
 **Breaking** — back-compat shims removed:

{regstack-0.2.4 → regstack-0.2.5}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: regstack
-Version: 0.2.4
+Version: 0.2.5
 Summary: Embeddable user registration, login, and account management for FastAPI apps. SQLite / Postgres / MongoDB.
 Project-URL: Homepage, https://github.com/jdrumgoole/regstack
 Project-URL: Repository, https://github.com/jdrumgoole/regstack

{regstack-0.2.4 → regstack-0.2.5}/docs/changelog.md

@@ -3,6 +3,37 @@
 All notable changes to this project are documented here. Versions follow
 [Semantic Versioning](https://semver.org/) once `1.0.0` ships.
 
+## 0.2.5 — 2026-04-28
+
+**Bug fix + tooling.**
+
+### Fixed
+
+- ``regstack doctor`` against a SQL backend crashed with
+  ``asyncio.run() cannot be called from a running event loop``. The
+  schema check called
+  ``regstack.backends.sql.migrations.current()``, which used
+  ``asyncio.run()`` internally — invalid inside doctor's own
+  ``asyncio.run``. Added ``current_async()`` and switched the doctor
+  command to use it. Sync ``current()`` is preserved for the migrate
+  CLI (which runs outside an event loop).
+
+### Added
+
+- ``inv coverage [--no-html] [--fail-under=N]`` — runs the full
+  three-backend matrix under coverage, combines per-pytest-xdist-worker
+  ``.coverage`` files, prints the term-with-missing report, and writes
+  ``htmlcov/``. Branch coverage is on by default.
+- ``[tool.coverage.*]`` config in ``pyproject.toml``.
+- ``tests/unit/test_cli_init.py`` — six tests driving the
+  ``regstack init`` wizard via ``CliRunner(input=...)``. Lifts
+  ``cli/init.py`` from 14% → 88%.
+- ``tests/unit/test_cli_doctor.py`` — four tests for the SQLite
+  ``regstack doctor`` paths. Lifts ``cli/doctor.py`` from 61% → 87%.
+
+Total line coverage on the full backend matrix: **85% → 87.1%**
+(branch coverage is also newly enabled).
+
 ## 0.2.4 — 2026-04-28
 
 **Breaking** — every back-compat shim left over from the

{regstack-0.2.4 → regstack-0.2.5}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "regstack"
-version = "0.2.4"
+version = "0.2.5"
 description = "Embeddable user registration, login, and account management for FastAPI apps. SQLite / Postgres / MongoDB."
 readme = "README.md"
 requires-python = ">=3.11"
@@ -119,3 +119,25 @@ python_version = "3.11"
 strict = true
 warn_unreachable = true
 plugins = ["pydantic.mypy"]
+
+[tool.coverage.run]
+source = ["src/regstack"]
+branch = true
+parallel = true
+# `concurrency = ["thread"]` is implicit; pytest-xdist workers each write
+# their own .coverage.<host>.<pid>.<token> file and `coverage combine`
+# folds them together — see the `coverage` invoke task.
+
+[tool.coverage.report]
+show_missing = true
+skip_covered = false
+precision = 1
+exclude_lines = [
+    "pragma: no cover",
+    "if TYPE_CHECKING:",
+    "raise NotImplementedError",
+    "\\.\\.\\.$",                   # body-less Protocol methods
+]
+
+[tool.coverage.html]
+directory = "htmlcov"

{regstack-0.2.4 → regstack-0.2.5}/src/regstack/backends/sql/migrations/__init__.py

@@ -71,23 +71,29 @@ async def upgrade_async(database_url: str, revision: str = "head") -> None:
 
 def current(database_url: str) -> str | None:
     """Return the current revision recorded in alembic_version, or None
-    if the table doesn't exist (i.e. fresh DB)."""
-    engine = create_async_engine(database_url)
-
-    async def _read() -> str | None:
-        async with engine.connect() as conn:
-            return await conn.run_sync(_current_sync)
+    if the table doesn't exist (i.e. fresh DB).
 
+    Synchronous; do NOT call from inside a running event loop —
+    use :func:`current_async` instead.
+    """
     import asyncio
 
+    return asyncio.run(_current_async_impl(database_url))
+
+
+async def current_async(database_url: str) -> str | None:
+    """Async variant of :func:`current` — safe to call from inside an
+    already-running event loop (e.g. ``regstack doctor``)."""
+    return await _current_async_impl(database_url)
+
+
+async def _current_async_impl(database_url: str) -> str | None:
+    engine = create_async_engine(database_url)
     try:
-        return asyncio.run(_read())
+        async with engine.connect() as conn:
+            return await conn.run_sync(_current_sync)
     finally:
-        # ``engine.dispose`` is async too; close on a fresh loop.
-        async def _close() -> None:
-            await engine.dispose()
-
-        asyncio.run(_close())
+        await engine.dispose()
 
 
 def _current_sync(connection) -> str | None:

{regstack-0.2.4 → regstack-0.2.5}/src/regstack/cli/doctor.py

@@ -127,10 +127,10 @@ async def _check_schema(config) -> CheckResult:
                 )
             return CheckResult("schema", True, "core indexes present")
         # SQL backends: compare alembic_version to the bundled head.
-        from regstack.backends.sql.migrations import current, head_revision
+        from regstack.backends.sql.migrations import current_async, head_revision
 
         url = config.database_url.get_secret_value()
-        live = current(url)
+        live = await current_async(url)
         head = head_revision()
         if live is None:
             return CheckResult(

regstack-0.2.5/src/regstack/version.py

@@ -0,0 +1 @@
+__version__ = "0.2.5"

{regstack-0.2.4 → regstack-0.2.5}/tasks.py

@@ -95,6 +95,48 @@ def test_serial(c: Context, k: str = "") -> None:
     c.run(cmd, pty=True)
 
 
+@task
+def coverage(
+    c: Context,
+    pg_url: str = _DEFAULT_PG_URL,
+    html: bool = True,
+    fail_under: int = 0,
+) -> None:
+    """Run the full backend matrix under coverage.
+
+    Combines per-worker .coverage.* files (pytest-xdist runs one
+    coverage instance per worker; settings.parallel = true plus
+    `coverage combine` glues them back together) and prints the
+    line-coverage report. With --html (default), also writes an
+    HTML report under ``htmlcov/``.
+
+    Set ``--fail-under=N`` to make the task exit non-zero when total
+    line coverage drops below N percent — useful in CI.
+    """
+    # Wipe stale coverage state so partial reruns don't leave double-counted
+    # data files behind.
+    c.run("uv run coverage erase", pty=True, warn=True)
+    env = {
+        "REGSTACK_TEST_BACKENDS": "sqlite,mongo,postgres",
+        "REGSTACK_TEST_POSTGRES_URL": pg_url,
+        # pytest-cov picks settings up from [tool.coverage.*] in pyproject.toml.
+        "COVERAGE_PROCESS_START": "pyproject.toml",
+    }
+    c.run(
+        "uv run python -m pytest -n auto --cov=src/regstack --cov-report=",
+        pty=True,
+        env=env,
+    )
+    c.run("uv run coverage combine", pty=True, warn=True)
+    report_cmd = "uv run coverage report"
+    if fail_under > 0:
+        report_cmd += f" --fail-under={fail_under}"
+    c.run(report_cmd, pty=True)
+    if html:
+        c.run("uv run coverage html", pty=True)
+        print("\nHTML report: htmlcov/index.html")
+
+
 @task
 def e2e(c: Context) -> None:
     """Run Playwright end-to-end suite."""

regstack-0.2.5/tests/unit/test_cli_doctor.py

@@ -0,0 +1,164 @@
+"""Tests for the ``regstack doctor`` CLI command.
+
+Targets the SQLite branch (no infrastructure required) and exercises:
+
+- the JWT-secret quality check (missing / too short / present)
+- the backend ``ping`` path
+- the schema check before and after ``install_schema``
+- the email-factory check
+- the ``--send-test-email`` path against the console backend
+- the ``--check-dns`` path with a domain we expect to fail
+"""
+
+from __future__ import annotations
+
+import asyncio
+import os
+import secrets
+from pathlib import Path
+
+import pytest
+from click.testing import CliRunner
+
+from regstack.cli.__main__ import cli
+from regstack.cli._runtime import open_regstack
+
+
+def _write_sqlite_config(
+    tmp_path: Path,
+    *,
+    from_address: str = "noreply@example.com",
+) -> tuple[Path, Path]:
+    sqlite_path = tmp_path / "doctor.db"
+    cfg = tmp_path / "regstack.toml"
+    cfg.write_text(
+        f"""\
+app_name = "doctor-test"
+base_url = "http://localhost:8000"
+database_url = "sqlite+aiosqlite:///{sqlite_path}"
+
+jwt_ttl_seconds = 7200
+require_verification = false
+allow_registration = true
+
+[email]
+backend = "console"
+from_address = "{from_address}"
+from_name = "doctor-test"
+
+[sms]
+backend = "null"
+"""
+    )
+    return cfg, sqlite_path
+
+
+@pytest.fixture
+def doctor_env(monkeypatch: pytest.MonkeyPatch, tmp_path: Path) -> tuple[Path, str]:
+    """Strip ambient REGSTACK_* vars, then set a known JWT secret + DB URL.
+
+    Returns ``(config_path, jwt_secret)``.
+    """
+    for var in list(os.environ):
+        if var.startswith("REGSTACK_"):
+            monkeypatch.delenv(var, raising=False)
+    secret = secrets.token_urlsafe(64)
+    cfg_path, sqlite_path = _write_sqlite_config(tmp_path)
+    monkeypatch.setenv("REGSTACK_JWT_SECRET", secret)
+    monkeypatch.setenv("REGSTACK_DATABASE_URL", f"sqlite+aiosqlite:///{sqlite_path}")
+    return cfg_path, secret
+
+
+def test_doctor_reports_schema_missing_then_present(
+    doctor_env: tuple[Path, str],
+) -> None:
+    """Pre-install: doctor reports schema missing. Post-install: green."""
+    cfg_path, _ = doctor_env
+    runner = CliRunner()
+
+    # Pre-install: schema check fails (alembic_version table missing).
+    result = runner.invoke(cli, ["doctor", "--config", str(cfg_path)])
+    assert result.exit_code >= 1
+    assert "schema" in result.output
+    assert "alembic_version table missing" in result.output
+    assert "jwt secret" in result.output
+    assert "email backend" in result.output
+
+    # Install schema, then re-run.
+    async def _install() -> None:
+        async with open_regstack(cfg_path) as rs:
+            await rs.install_schema()
+
+    asyncio.run(_install())
+
+    result = runner.invoke(cli, ["doctor", "--config", str(cfg_path)])
+    assert result.exit_code == 0, result.output
+    assert "at head" in result.output
+
+
+def test_doctor_flags_short_jwt_secret(monkeypatch: pytest.MonkeyPatch, tmp_path: Path) -> None:
+    for var in list(os.environ):
+        if var.startswith("REGSTACK_"):
+            monkeypatch.delenv(var, raising=False)
+    cfg_path, sqlite_path = _write_sqlite_config(tmp_path)
+    monkeypatch.setenv("REGSTACK_JWT_SECRET", "too-short")
+    monkeypatch.setenv("REGSTACK_DATABASE_URL", f"sqlite+aiosqlite:///{sqlite_path}")
+
+    runner = CliRunner()
+    result = runner.invoke(cli, ["doctor", "--config", str(cfg_path)])
+    assert result.exit_code >= 1
+    assert "jwt secret" in result.output
+    assert "too short" in result.output
+
+
+def test_doctor_send_test_email_via_console(doctor_env: tuple[Path, str]) -> None:
+    """--send-test-email succeeds against the console backend (it just prints)."""
+    cfg_path, _ = doctor_env
+
+    # Bring schema up so the schema check passes — otherwise the failed
+    # schema check makes doctor exit non-zero and we can't observe the
+    # send-test-email check independently.
+    async def _install() -> None:
+        async with open_regstack(cfg_path) as rs:
+            await rs.install_schema()
+
+    asyncio.run(_install())
+
+    runner = CliRunner()
+    result = runner.invoke(
+        cli,
+        [
+            "doctor",
+            "--config",
+            str(cfg_path),
+            "--send-test-email",
+            "probe@example.com",
+        ],
+    )
+    assert result.exit_code == 0, result.output
+    assert "email send" in result.output
+    assert "probe@example.com" in result.output
+
+
+def test_doctor_check_dns_runs_lookups(monkeypatch: pytest.MonkeyPatch, tmp_path: Path) -> None:
+    """--check-dns runs SPF/DKIM/MX lookups for the sender domain.
+
+    We use ``example.com`` as the sender — it's RFC 2606 reserved so it
+    accepts no traffic, which is fine here: we only care that doctor
+    actually invokes the dig probes (the labels appear in output) and
+    handles whatever response comes back without crashing.
+    """
+    for var in list(os.environ):
+        if var.startswith("REGSTACK_"):
+            monkeypatch.delenv(var, raising=False)
+    cfg_path, sqlite_path = _write_sqlite_config(tmp_path, from_address="probe@example.com")
+    monkeypatch.setenv("REGSTACK_JWT_SECRET", secrets.token_urlsafe(64))
+    monkeypatch.setenv("REGSTACK_DATABASE_URL", f"sqlite+aiosqlite:///{sqlite_path}")
+
+    runner = CliRunner()
+    result = runner.invoke(cli, ["doctor", "--config", str(cfg_path), "--check-dns"])
+    # The schema check fails (we didn't install it), so exit code ≥ 1 —
+    # we just care that the DNS check labels are present in output.
+    assert "dns mx" in result.output
+    assert "dns spf" in result.output
+    assert "dns dmarc" in result.output

regstack-0.2.5/tests/unit/test_cli_init.py

@@ -0,0 +1,150 @@
+"""Tests for the ``regstack init`` wizard.
+
+The wizard is interactive (Click prompts) so we drive it via
+``CliRunner(input=...)`` and assert on the files it writes. SQLite is
+used throughout so these tests need no external services.
+"""
+
+from __future__ import annotations
+
+import stat
+from pathlib import Path
+
+from click.testing import CliRunner
+
+from regstack.cli.__main__ import cli
+
+
+def _accept_all(num_prompts: int) -> str:
+    """Hit Enter ``num_prompts`` times — every prompt has a default."""
+    return "\n" * num_prompts
+
+
+# Number of prompts on each happy path. If the wizard grows another
+# question these counts need updating; the test failure points to it.
+_SQLITE_HAPPY_PATH_PROMPTS = 17
+_SMTP_PATH_PROMPTS = 17 + 4  # smtp host/port/starttls/user/pass replace 0
+_SES_PATH_PROMPTS = 17 + 1
+_MONGO_PATH_PROMPTS = 17 + 1
+_POSTGRES_PATH_PROMPTS = 17
+
+
+def test_init_writes_sqlite_config_with_defaults(tmp_path: Path) -> None:
+    runner = CliRunner()
+    result = runner.invoke(
+        cli,
+        ["init", "--target", str(tmp_path)],
+        input=_accept_all(_SQLITE_HAPPY_PATH_PROMPTS),
+    )
+    assert result.exit_code == 0, result.output
+
+    cfg = tmp_path / "regstack.toml"
+    secrets = tmp_path / "regstack.secrets.env"
+    assert cfg.exists()
+    assert secrets.exists()
+
+    cfg_text = cfg.read_text()
+    assert 'app_name = "MyApp"' in cfg_text
+    assert 'base_url = "http://localhost:8000"' in cfg_text
+    assert "[email]" in cfg_text
+    assert 'backend = "console"' in cfg_text
+    # SQLite default writes no mongodb_database (it's omitted on non-mongo paths)
+    assert "mongodb_database" not in cfg_text
+
+    secrets_text = secrets.read_text()
+    assert "REGSTACK_JWT_SECRET=" in secrets_text
+    assert "REGSTACK_DATABASE_URL=sqlite+aiosqlite:///./myapp.sqlite" in secrets_text
+
+    # Mode 0600 — secrets file should not be world-readable.
+    mode = stat.S_IMODE(secrets.stat().st_mode)
+    assert mode == 0o600, oct(mode)
+
+    assert "Wrote " in result.output
+
+
+def test_init_postgres_backend(tmp_path: Path) -> None:
+    runner = CliRunner()
+    # 17 prompts, but the database-backend prompt picks postgres → triggers
+    # the Postgres URL prompt (which adds 1) but skips the SQLite-path
+    # prompt the SQLite branch added. Net = 17.
+    # Prompt sequence to reach postgres branch: defaults until the
+    # backend prompt (5 defaults), then "postgres", then defaults.
+    # We feed: 4x default, "postgres", 12x default.
+    inputs = "\n\n\n\n" + "postgres\n" + "\n" * 12
+    result = runner.invoke(cli, ["init", "--target", str(tmp_path)], input=inputs)
+    assert result.exit_code == 0, result.output
+
+    secrets_text = (tmp_path / "regstack.secrets.env").read_text()
+    assert "REGSTACK_DATABASE_URL=postgresql+asyncpg://postgres@localhost/myapp" in secrets_text
+
+
+def test_init_mongo_backend(tmp_path: Path) -> None:
+    runner = CliRunner()
+    # 4x default, "mongo", then default host, default db, then 11x default.
+    inputs = "\n\n\n\n" + "mongo\n" + "\n\n" + "\n" * 11
+    result = runner.invoke(cli, ["init", "--target", str(tmp_path)], input=inputs)
+    assert result.exit_code == 0, result.output
+
+    cfg_text = (tmp_path / "regstack.toml").read_text()
+    assert 'mongodb_database = "myapp"' in cfg_text
+
+    secrets_text = (tmp_path / "regstack.secrets.env").read_text()
+    assert "REGSTACK_DATABASE_URL=mongodb://localhost:27017/myapp" in secrets_text
+
+
+def test_init_refuses_to_overwrite_without_force(tmp_path: Path) -> None:
+    (tmp_path / "regstack.toml").write_text("# existing\n")
+    runner = CliRunner()
+    # The overwrite confirm prompt defaults to "no" (abort=True).
+    # Sending "n\n" rejects the prompt -> Click aborts with exit 1.
+    result = runner.invoke(cli, ["init", "--target", str(tmp_path)], input="n\n")
+    assert result.exit_code == 1
+    assert "Overwrite?" in result.output
+
+
+def test_init_force_overwrites(tmp_path: Path) -> None:
+    (tmp_path / "regstack.toml").write_text("# existing\n")
+    runner = CliRunner()
+    result = runner.invoke(
+        cli,
+        ["init", "--target", str(tmp_path), "--force"],
+        input=_accept_all(_SQLITE_HAPPY_PATH_PROMPTS),
+    )
+    assert result.exit_code == 0, result.output
+    cfg_text = (tmp_path / "regstack.toml").read_text()
+    assert "# existing" not in cfg_text
+    assert 'app_name = "MyApp"' in cfg_text
+
+
+def test_init_smtp_backend_records_smtp_settings(tmp_path: Path) -> None:
+    """Pick SMTP at the email prompt → wizard asks for host/port/starttls/user/pass."""
+    # Sequence: app/base/cookie/proxy (4 defaults), backend default (sqlite),
+    # sqlite path default, jwt/jwt-ttl/transport (3 defaults),
+    # email backend = "smtp", from-address default, from-name default,
+    # smtp host = "mail.example.com", smtp port default (587),
+    # smtp starttls default (yes), smtp user = "u", smtp pass = "p",
+    # then SMS no, admin no, ui no, register yes, verify no.
+    inputs = (
+        "\n" * 4  # app, base, cookie, proxy
+        + "\n"  # backend = sqlite
+        + "\n"  # sqlite path
+        + "\n\n\n"  # jwt secret auto, jwt ttl, transport
+        + "smtp\n"  # email backend
+        + "\n\n"  # from-address, from-name
+        + "mail.example.com\n"  # smtp host
+        + "\n\n"  # smtp port, starttls
+        + "u\np\n"  # smtp user, pass
+        + "\n\n\n\n\n"  # sms, admin, ui, register, verify
+    )
+    runner = CliRunner()
+    result = runner.invoke(cli, ["init", "--target", str(tmp_path)], input=inputs)
+    assert result.exit_code == 0, result.output
+
+    cfg_text = (tmp_path / "regstack.toml").read_text()
+    assert 'smtp_host = "mail.example.com"' in cfg_text
+    assert "smtp_port = 587" in cfg_text
+    assert "smtp_starttls = true" in cfg_text
+    assert 'smtp_username = "u"' in cfg_text
+
+    secrets_text = (tmp_path / "regstack.secrets.env").read_text()
+    assert "REGSTACK_EMAIL__SMTP_PASSWORD=p" in secrets_text

{regstack-0.2.4 → regstack-0.2.5}/uv.lock

@@ -1978,7 +1978,7 @@ wheels = [
 
 [[package]]
 name = "regstack"
-version = "0.2.4"
+version = "0.2.5"
 source = { editable = "." }
 dependencies = [
     { name = "aiosmtplib" },

regstack-0.2.4/src/regstack/version.py

@@ -1 +0,0 @@
-__version__ = "0.2.4"