rhiza 0.8.2__py3-none-any.whl → 0.8.4__py3-none-any.whl

rhiza/commands/validate.py

@@ -10,37 +10,28 @@ import yaml
 from loguru import logger
 
 
-def validate(target: Path) -> bool:
-    """Validate template.yml configuration in the target repository.
-
-    Performs authoritative validation of the template configuration:
-    - Checks if target is a git repository
-    - Checks for standard project structure (src and tests folders)
-    - Checks for pyproject.toml (required)
-    - Checks if template.yml exists
-    - Validates YAML syntax
-    - Validates required fields
-    - Validates field values are appropriate
+def _check_git_repository(target: Path) -> bool:
+    """Check if target is a git repository.
 
     Args:
-        target: Path to the target Git repository directory.
+        target: Path to check.
 
     Returns:
-        True if validation passes, False otherwise.
+        True if valid git repository, False otherwise.
     """
-    # Convert to absolute path to avoid path resolution issues
-    target = target.resolve()
-
-    # Check if target is a git repository by looking for .git directory
-    # Rhiza only works with git repositories
     if not (target / ".git").is_dir():
         logger.error(f"Target directory is not a git repository: {target}")
         logger.error("Initialize a git repository with 'git init' first")
         return False
+    return True
 
-    logger.info(f"Validating template configuration in: {target}")
 
-    # Check for standard project structure (src and tests folders)
+def _check_project_structure(target: Path) -> None:
+    """Check for standard project structure.
+
+    Args:
+        target: Path to project.
+    """
     logger.debug("Validating project structure")
     src_dir = target / "src"
     tests_dir = target / "tests"
@@ -57,7 +48,16 @@ def validate(target: Path) -> bool:
     else:
         logger.success(f"'tests' folder exists: {tests_dir}")
 
-    # Check for pyproject.toml - this is always required
+
+def _check_pyproject_toml(target: Path) -> bool:
+    """Check for pyproject.toml file.
+
+    Args:
+        target: Path to project.
+
+    Returns:
+        True if pyproject.toml exists, False otherwise.
+    """
     logger.debug("Validating pyproject.toml")
     pyproject_file = target / "pyproject.toml"
 
@@ -68,8 +68,18 @@ def validate(target: Path) -> bool:
         return False
     else:
         logger.success(f"pyproject.toml exists: {pyproject_file}")
+        return True
+
+
+def _check_template_file_exists(target: Path) -> tuple[bool, Path]:
+    """Check if template file exists.
 
-    # Check for template.yml in new location only
+    Args:
+        target: Path to project.
+
+    Returns:
+        Tuple of (exists, template_file_path).
+    """
     template_file = target / ".rhiza" / "template.yml"
 
     if not template_file.exists():
@@ -82,11 +92,21 @@ def validate(target: Path) -> bool:
         logger.info("")
         logger.info("The 'rhiza migrate' command will move your configuration from")
         logger.info("  .github/rhiza/template.yml → .rhiza/template.yml")
-        return False
+        return False, template_file
 
     logger.success(f"Template file exists: {template_file.relative_to(target)}")
+    return True, template_file
+
+
+def _parse_yaml_file(template_file: Path) -> tuple[bool, dict | None]:
+    """Parse YAML file and return configuration.
 
-    # Validate YAML syntax by attempting to parse the file
+    Args:
+        template_file: Path to template file.
+
+    Returns:
+        Tuple of (success, config_dict).
+    """
     logger.debug(f"Parsing YAML file: {template_file}")
     try:
         with open(template_file) as f:
@@ -94,19 +114,26 @@ def validate(target: Path) -> bool:
     except yaml.YAMLError as e:
         logger.error(f"Invalid YAML syntax in template.yml: {e}")
         logger.error("Fix the YAML syntax errors and try again")
-        return False
+        return False, None
 
-    # Check if the file is completely empty
     if config is None:
         logger.error("template.yml is empty")
         logger.error("Add configuration to template.yml or run 'rhiza init' to generate defaults")
-        return False
+        return False, None
 
     logger.success("YAML syntax is valid")
+    return True, config
+
+
+def _validate_required_fields(config: dict) -> bool:
+    """Validate required fields exist and have correct types.
 
-    # Validate required fields exist and have correct types
-    # template-repository: Must be a string in 'owner/repo' format
-    # include: Must be a non-empty list of paths
+    Args:
+        config: Configuration dictionary.
+
+    Returns:
+        True if all validations pass, False otherwise.
+    """
     logger.debug("Validating required fields")
     required_fields = {
         "template-repository": str,
@@ -115,7 +142,6 @@ def validate(target: Path) -> bool:
 
     validation_passed = True
 
-    # Check each required field
     for field, expected_type in required_fields.items():
         if field not in config:
             logger.error(f"Missing required field: {field}")
@@ -130,47 +156,77 @@ def validate(target: Path) -> bool:
         else:
             logger.success(f"Field '{field}' is present and valid")
 
-    # Validate template-repository format
-    # Must be in 'owner/repo' format (e.g., 'jebel-quant/rhiza')
+    return validation_passed
+
+
+def _validate_repository_format(config: dict) -> bool:
+    """Validate template-repository format.
+
+    Args:
+        config: Configuration dictionary.
+
+    Returns:
+        True if valid, False otherwise.
+    """
     logger.debug("Validating template-repository format")
-    if "template-repository" in config:
-        repo = config["template-repository"]
-        if not isinstance(repo, str):
-            logger.error(f"template-repository must be a string, got {type(repo).__name__}")
-            logger.error("Example: 'owner/repository'")
-            validation_passed = False
-        elif "/" not in repo:
-            logger.error(f"template-repository must be in format 'owner/repo', got: {repo}")
-            logger.error("Example: 'jebel-quant/rhiza'")
-            validation_passed = False
-        else:
-            logger.success(f"template-repository format is valid: {repo}")
+    if "template-repository" not in config:
+        return True
 
-    # Validate include paths
-    # Must be a non-empty list of strings
+    repo = config["template-repository"]
+    if not isinstance(repo, str):
+        logger.error(f"template-repository must be a string, got {type(repo).__name__}")
+        logger.error("Example: 'owner/repository'")
+        return False
+    elif "/" not in repo:
+        logger.error(f"template-repository must be in format 'owner/repo', got: {repo}")
+        logger.error("Example: 'jebel-quant/rhiza'")
+        return False
+    else:
+        logger.success(f"template-repository format is valid: {repo}")
+        return True
+
+
+def _validate_include_paths(config: dict) -> bool:
+    """Validate include paths.
+
+    Args:
+        config: Configuration dictionary.
+
+    Returns:
+        True if valid, False otherwise.
+    """
     logger.debug("Validating include paths")
-    if "include" in config:
-        include = config["include"]
-        if not isinstance(include, list):
-            logger.error(f"include must be a list, got {type(include).__name__}")
-            logger.error("Example: include: ['.github', '.gitignore']")
-            validation_passed = False
-        elif len(include) == 0:
-            logger.error("include list cannot be empty")
-            logger.error("Add at least one path to materialize")
-            validation_passed = False
-        else:
-            logger.success(f"include list has {len(include)} path(s)")
-            # Log each included path for transparency
-            for path in include:
-                if not isinstance(path, str):
-                    logger.warning(f"include path should be a string, got {type(path).__name__}: {path}")
-                else:
-                    logger.info(f"  - {path}")
+    if "include" not in config:
+        return True
 
-    # Validate optional fields if present
-    # template-branch: Branch name in the template repository
+    include = config["include"]
+    if not isinstance(include, list):
+        logger.error(f"include must be a list, got {type(include).__name__}")
+        logger.error("Example: include: ['.github', '.gitignore']")
+        return False
+    elif len(include) == 0:
+        logger.error("include list cannot be empty")
+        logger.error("Add at least one path to materialize")
+        return False
+    else:
+        logger.success(f"include list has {len(include)} path(s)")
+        for path in include:
+            if not isinstance(path, str):
+                logger.warning(f"include path should be a string, got {type(path).__name__}: {path}")
+            else:
+                logger.info(f"  - {path}")
+        return True
+
+
+def _validate_optional_fields(config: dict) -> None:
+    """Validate optional fields if present.
+
+    Args:
+        config: Configuration dictionary.
+    """
     logger.debug("Validating optional fields")
+
+    # template-branch
     if "template-branch" in config:
         branch = config["template-branch"]
         if not isinstance(branch, str):
@@ -179,7 +235,7 @@ def validate(target: Path) -> bool:
         else:
             logger.success(f"template-branch is valid: {branch}")
 
-    # template-host: Git hosting platform (github or gitlab)
+    # template-host
     if "template-host" in config:
         host = config["template-host"]
         if not isinstance(host, str):
@@ -191,7 +247,7 @@ def validate(target: Path) -> bool:
         else:
             logger.success(f"template-host is valid: {host}")
 
-    # exclude: Optional list of paths to exclude from materialization
+    # exclude
     if "exclude" in config:
         exclude = config["exclude"]
         if not isinstance(exclude, list):
@@ -199,14 +255,69 @@ def validate(target: Path) -> bool:
             logger.warning("Example: exclude: ['.github/workflows/ci.yml']")
         else:
             logger.success(f"exclude list has {len(exclude)} path(s)")
-            # Log each excluded path for transparency
             for path in exclude:
                 if not isinstance(path, str):
                     logger.warning(f"exclude path should be a string, got {type(path).__name__}: {path}")
                 else:
                     logger.info(f"  - {path}")
 
-    # Final verdict on validation
+
+def validate(target: Path) -> bool:
+    """Validate template.yml configuration in the target repository.
+
+    Performs authoritative validation of the template configuration:
+    - Checks if target is a git repository
+    - Checks for standard project structure (src and tests folders)
+    - Checks for pyproject.toml (required)
+    - Checks if template.yml exists
+    - Validates YAML syntax
+    - Validates required fields
+    - Validates field values are appropriate
+
+    Args:
+        target: Path to the target Git repository directory.
+
+    Returns:
+        True if validation passes, False otherwise.
+    """
+    target = target.resolve()
+    logger.info(f"Validating template configuration in: {target}")
+
+    # Check if target is a git repository
+    if not _check_git_repository(target):
+        return False
+
+    # Check for standard project structure
+    _check_project_structure(target)
+
+    # Check for pyproject.toml
+    if not _check_pyproject_toml(target):
+        return False
+
+    # Check for template file
+    exists, template_file = _check_template_file_exists(target)
+    if not exists:
+        return False
+
+    # Parse YAML file
+    success, config = _parse_yaml_file(template_file)
+    if not success or config is None:
+        return False
+
+    # Validate required fields
+    validation_passed = _validate_required_fields(config)
+
+    # Validate specific field formats
+    if not _validate_repository_format(config):
+        validation_passed = False
+
+    if not _validate_include_paths(config):
+        validation_passed = False
+
+    # Validate optional fields
+    _validate_optional_fields(config)
+
+    # Final verdict
     logger.debug("Validation complete, determining final result")
     if validation_passed:
         logger.success("✓ Validation passed: template.yml is valid")

rhiza/subprocess_utils.py

@@ -0,0 +1,26 @@
+"""Utilities for secure subprocess execution.
+
+This module provides helper functions to resolve executable paths
+to prevent PATH manipulation security vulnerabilities.
+"""
+
+import shutil
+
+
+def get_git_executable() -> str:
+    """Get the absolute path to the git executable.
+
+    This function ensures we use the full path to git to prevent
+    security issues related to PATH manipulation.
+
+    Returns:
+        str: Absolute path to the git executable.
+
+    Raises:
+        RuntimeError: If git executable is not found in PATH.
+    """
+    git_path = shutil.which("git")
+    if git_path is None:
+        msg = "git executable not found in PATH. Please ensure git is installed and available."
+        raise RuntimeError(msg)
+    return git_path

{rhiza-0.8.2.dist-info → rhiza-0.8.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: rhiza
-Version: 0.8.2
+Version: 0.8.4
 Summary: Reusable configuration templates for modern Python projects
 Project-URL: Homepage, https://github.com/jebel-quant/rhiza-cli
 Project-URL: Repository, https://github.com/jebel-quant/rhiza-cli
@@ -30,19 +30,27 @@ Requires-Dist: pre-commit==4.5.1; extra == 'dev'
 Requires-Dist: pytest-cov>=7.0.0; extra == 'dev'
 Requires-Dist: pytest-html>=4.1.1; extra == 'dev'
 Requires-Dist: pytest==9.0.2; extra == 'dev'
+Requires-Dist: python-dotenv==1.2.1; extra == 'dev'
+Provides-Extra: tools
+Requires-Dist: rhiza-tools; extra == 'tools'
 Description-Content-Type: text/markdown
 
-# rhiza-cli
+<div align="center">
+
+# <img src="https://raw.githubusercontent.com/Jebel-Quant/rhiza/main/assets/rhiza-logo.svg" alt="Rhiza Logo" width="30" style="vertical-align: middle;"> rhiza-cli
+![Synced with Rhiza](https://img.shields.io/badge/synced%20with-rhiza-2FA4A9?color=2FA4A9)
 
 [![Python 3.11+](https://img.shields.io/badge/python-3.11+-blue.svg)](https://www.python.org/downloads/)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
 [![PyPI version](https://img.shields.io/pypi/v/rhiza.svg)](https://pypi.org/project/rhiza/)
-[![Coverage](https://img.shields.io/badge/coverage-report-brightgreen.svg)](https://jebel-quant.github.io/rhiza-cli/tests/html-coverage/index.html)
+[![Coverage](https://img.shields.io/endpoint?url=https://jebel-quant.github.io/rhiza-cli/tests/coverage-badge.json)](https://jebel-quant.github.io/rhiza-cli/tests/html-coverage/index.html)
 [![Downloads](https://static.pepy.tech/personalized-badge/rhiza?period=month&units=international_system&left_color=black&right_color=orange&left_text=PyPI%20downloads%20per%20month)](https://pepy.tech/project/rhiza)
+[![CodeFactor](https://www.codefactor.io/repository/github/jebel-quant/rhiza-cli/badge)](https://www.codefactor.io/repository/github/jebel-quant/rhiza-cli)
 
 Command-line interface for managing reusable configuration templates for modern Python projects.
 
 **📖 New to Rhiza? Check out the [Getting Started Guide](GETTING_STARTED.md) for a beginner-friendly introduction!**
+</div>
 
 ## Overview
 

rhiza-0.8.4.dist-info/RECORD

@@ -0,0 +1,20 @@
+rhiza/__init__.py,sha256=iW3niLBjwRKxcMhIV_1eb78putjUTo2tbZsadofluJk,1939
+rhiza/__main__.py,sha256=Q02upTGaJceknkDABdCwq5_vdMdGY8Cg3ej6WZIHs_s,829
+rhiza/cli.py,sha256=xIsyfKjSFjVLjCS7o2om5o_YLZx9lIhsI0MTMI5Zs2k,8594
+rhiza/models.py,sha256=fW9lofkkid-bghk2bXEgBdGbZ4scSqG726fMrVfKX_M,3454
+rhiza/subprocess_utils.py,sha256=Pr5TysIKP76hc64fmqhTd6msMGn5DU43hOSR_v_GFb8,745
+rhiza/_templates/basic/__init__.py.jinja2,sha256=gs8qN4LAKcdFd6iO9gZVLuVetODmZP_TGuEjWrbinC0,27
+rhiza/_templates/basic/main.py.jinja2,sha256=uTCahxf9Bftao1IghHue4cSZ9YzBYmBEXeIhEmK9UXQ,362
+rhiza/_templates/basic/pyproject.toml.jinja2,sha256=Mizpnnd_kFQd-pCWOxG-KWhvg4_ZhZaQppTt2pz0WOc,695
+rhiza/commands/__init__.py,sha256=Z5CeMh7ylX27H6dvwqRbEKzYo5pwQq-5TyTxABUSaQg,1848
+rhiza/commands/init.py,sha256=73MLPLp-M8U4fP8J5RXghS6FsZjx2PpeeBbKRZvLQ7U,8882
+rhiza/commands/materialize.py,sha256=CgT6x1huRCWKrRQ_-YUoRFGHSB_mpt6M6shObKna_rY,17716
+rhiza/commands/migrate.py,sha256=pT8izKuX2eXCAkmNfcy4AU5HTB1DoOZoBXcZo2AOpXs,7520
+rhiza/commands/uninstall.py,sha256=MJbQtmdTgbzMvQz0gGLW3aw6S1dSV8nLv0SqWSDpyPk,7469
+rhiza/commands/validate.py,sha256=pg7SpgavvrjDyuZIphJ_GOMnXkwdVs9WtL2caa1XjcM,10811
+rhiza/commands/welcome.py,sha256=w3BziR042o6oYincd3EqDsFzF6qqInU7iYhWjF3yJqY,2382
+rhiza-0.8.4.dist-info/METADATA,sha256=9SF-BJOICgG-HW7oab4nX9UvzpxhMZPygLtoKIWXtPk,25743
+rhiza-0.8.4.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+rhiza-0.8.4.dist-info/entry_points.txt,sha256=NAwZUpbXvfKv50a_Qq-PxMHl3lcjAyZO63IBeuUNgfY,45
+rhiza-0.8.4.dist-info/licenses/LICENSE,sha256=4m5X7LhqX-6D0Ks79Ys8CLpmza8cxDG34g4S9XSNAGY,1077
+rhiza-0.8.4.dist-info/RECORD,,

rhiza-0.8.2.dist-info/RECORD

@@ -1,19 +0,0 @@
-rhiza/__init__.py,sha256=iW3niLBjwRKxcMhIV_1eb78putjUTo2tbZsadofluJk,1939
-rhiza/__main__.py,sha256=Lx0GqVZo6ymm0f18_uYB6E7_SOWwJNYjb73Vr31oLoM,236
-rhiza/cli.py,sha256=I5A5d1-3xrL2gdh5H9Itm9uiQjoPiGEbHYyxXddHEOk,8196
-rhiza/models.py,sha256=fW9lofkkid-bghk2bXEgBdGbZ4scSqG726fMrVfKX_M,3454
-rhiza/_templates/basic/__init__.py.jinja2,sha256=gs8qN4LAKcdFd6iO9gZVLuVetODmZP_TGuEjWrbinC0,27
-rhiza/_templates/basic/main.py.jinja2,sha256=uTCahxf9Bftao1IghHue4cSZ9YzBYmBEXeIhEmK9UXQ,362
-rhiza/_templates/basic/pyproject.toml.jinja2,sha256=Mizpnnd_kFQd-pCWOxG-KWhvg4_ZhZaQppTt2pz0WOc,695
-rhiza/commands/__init__.py,sha256=Z5CeMh7ylX27H6dvwqRbEKzYo5pwQq-5TyTxABUSaQg,1848
-rhiza/commands/init.py,sha256=hQTd1y4fcT6JVNVVAxnr463jnt0dNG_Ku-fny4DSIfI,6830
-rhiza/commands/materialize.py,sha256=AbVXJrR8faa3t7m_Xl5TR8VE3ODmkh2oiAwCYFA36wA,17343
-rhiza/commands/migrate.py,sha256=hhSkj2iafCCxKrrVOfnPWDjK7fTJ5ReAJsWNDGz71s0,6307
-rhiza/commands/uninstall.py,sha256=z95xqamV7wGPr8PBveWzaRmtD5bPhOrTLI0GcOvpnAo,5371
-rhiza/commands/validate.py,sha256=1HMQWF9Syv7JKC31AkaPYMTnqy8HOvAMxMLrYty36FQ,9112
-rhiza/commands/welcome.py,sha256=w3BziR042o6oYincd3EqDsFzF6qqInU7iYhWjF3yJqY,2382
-rhiza-0.8.2.dist-info/METADATA,sha256=YXsp3ECxAvgQUjWkksYpaRNTUbENYnhQPKcdDJKJJ_A,25156
-rhiza-0.8.2.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
-rhiza-0.8.2.dist-info/entry_points.txt,sha256=NAwZUpbXvfKv50a_Qq-PxMHl3lcjAyZO63IBeuUNgfY,45
-rhiza-0.8.2.dist-info/licenses/LICENSE,sha256=4m5X7LhqX-6D0Ks79Ys8CLpmza8cxDG34g4S9XSNAGY,1077
-rhiza-0.8.2.dist-info/RECORD,,