PyPI - second-opinion-mcp - Versions diffs - 0.3.5__tar.gz → 0.3.8__tar.gz - Mend

second-opinion-mcp 0.3.5tar.gz → 0.3.8tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

{second_opinion_mcp-0.3.5 → second_opinion_mcp-0.3.8}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: second-opinion-mcp
-Version: 0.3.5
+Version: 0.3.8
 Summary: Multi-model AI analysis for Claude - get second opinions from DeepSeek, Kimi, and OpenRouter
 Project-URL: Homepage, https://github.com/MarvinFS/second-opinion-mcp
 Project-URL: Repository, https://github.com/MarvinFS/second-opinion-mcp
@@ -31,8 +31,10 @@ Requires-Dist: questionary>=2.0.0
 Requires-Dist: tenacity>=8.2.0
 Provides-Extra: dev
 Requires-Dist: build; extra == 'dev'
+Requires-Dist: pre-commit>=3.6.0; extra == 'dev'
 Requires-Dist: pytest-asyncio>=0.23; extra == 'dev'
 Requires-Dist: pytest>=8.0; extra == 'dev'
+Requires-Dist: ruff>=0.3.0; extra == 'dev'
 Requires-Dist: twine; extra == 'dev'
 Description-Content-Type: text/markdown

{second_opinion_mcp-0.3.5 → second_opinion_mcp-0.3.8}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "second-opinion-mcp"
-version = "0.3.5"
+version = "0.3.8"
 description = "Multi-model AI analysis for Claude - get second opinions from DeepSeek, Kimi, and OpenRouter"
 requires-python = ">=3.10"
 readme = "README.md"
@@ -36,6 +36,8 @@ dev = [
     "pytest-asyncio>=0.23",
     "build",
     "twine",
+    "pre-commit>=3.6.0",
+    "ruff>=0.3.0",
 ]
 [project.urls]

{second_opinion_mcp-0.3.5 → second_opinion_mcp-0.3.8}/src/second_opinion_mcp/__init__.py RENAMED Viewed

@@ -1,6 +1,6 @@
 """Second Opinion MCP Server - Multi-model AI analysis for Claude."""
-__version__ = "0.3.5"
+__version__ = "0.3.8"
 __author__ = "MarvinFS"
 from second_opinion_mcp.server import mcp, second_opinion, challenge, code_review, consensus, review_synthesis

{second_opinion_mcp-0.3.5 → second_opinion_mcp-0.3.8}/src/second_opinion_mcp/cli.py RENAMED Viewed

@@ -3,6 +3,17 @@
 import sys
 import platform
 import os
+import getpass
+# Patch getpass to support KEYRING_CRYPTFILE_PASSWORD env var for non-interactive use.
+_original_getpass = getpass.getpass
+def _patched_getpass(prompt="", stream=None):
+    """Return password from env var if set, otherwise prompt interactively."""
+    pwd = os.environ.get('KEYRING_CRYPTFILE_PASSWORD', '')
+    if pwd:
+        return pwd
+    return _original_getpass(prompt, stream)
+getpass.getpass = _patched_getpass
 try:
     import questionary
@@ -11,8 +22,8 @@ except ImportError:
     print("Error: questionary not installed. Run: pip install questionary")
     sys.exit(1)
-import keyring
-from keyring.errors import NoKeyringError
+import keyring  # noqa: E402
+from keyring.errors import NoKeyringError  # noqa: E402
 # Provider configurations
 PROVIDERS = {
@@ -145,12 +156,12 @@ def print_keyring_setup_instructions():
         if install_method == "pipx":
             print("For Linux (pipx installation detected), run:")
             print()
-            print("  # Install the encrypted file backend into the pipx environment")
-            print("  pipx inject second-opinion-mcp keyrings.alt")
+            print("  # Install encrypted keyring backend with crypto support")
+            print("  pipx inject second-opinion-mcp keyrings.alt pycryptodome")
         else:
             print("For Linux, install the encrypted file backend:")
             print()
-            print("  pip install keyrings.alt")
+            print("  pip install keyrings.alt pycryptodome")
         print()
         print("  # Create the keyring config")
         print("  mkdir -p ~/.local/share/python_keyring")
@@ -159,6 +170,9 @@ def print_keyring_setup_instructions():
         print("  default-keyring=keyrings.alt.file.EncryptedKeyring")
         print("  EOF")
         print()
+        print("  # Set encryption password (add to .bashrc or .profile for persistence)")
+        print("  export KEYRING_CRYPTFILE_PASSWORD='your-secure-password-here'")
+        print()
         print("Alternative for desktop Linux (GNOME/KDE):")
         print("  sudo apt install gnome-keyring  # or kde-wallet")
         if install_method == "pipx":
@@ -206,19 +220,23 @@ def print_manual_setup_instructions(providers: list[str] | None = None, existing
     system = platform.system()
     if system == "Linux":
-        print("Step 1: Install keyrings.alt backend (if not done):")
+        print("Step 1: Install encrypted keyring backend (if not done):")
         print()
         if install_method == "pipx":
-            print("  pipx inject second-opinion-mcp keyrings.alt")
+            print("  pipx inject second-opinion-mcp keyrings.alt pycryptodome")
         else:
-            print("  pip install keyrings.alt")
+            print("  pip install keyrings.alt pycryptodome")
         print("  mkdir -p ~/.local/share/python_keyring")
         print("  cat > ~/.local/share/python_keyring/keyringrc.cfg << 'EOF'")
         print("  [backend]")
         print("  default-keyring=keyrings.alt.file.EncryptedKeyring")
         print("  EOF")
         print()
-        print("Step 2: Store API keys (at least 2 required):")
+        print("Step 2: Set encryption password:")
+        print()
+        print("  export KEYRING_CRYPTFILE_PASSWORD='your-secure-password-here'")
+        print()
+        print("Step 3: Store API keys (at least 2 required):")
         print()
     else:
         print("IMPORTANT: You must configure at least 2 providers for the")
@@ -268,7 +286,6 @@ def print_manual_setup_instructions(providers: list[str] | None = None, existing
     print("To verify your keys are stored:")
     print()
-    verify_providers = "', '".join([f"{p}:", "bool(keyring.get_password('second-opinion', '{p}'))".replace("{p}", p) for p in ["deepseek", "moonshot", "openrouter"]])
     print(f"  {python_cmd} -c \"import keyring; print('deepseek:', bool(keyring.get_password('second-opinion', 'deepseek'))); print('moonshot:', bool(keyring.get_password('second-opinion', 'moonshot'))); print('openrouter:', bool(keyring.get_password('second-opinion', 'openrouter')))\"")
     print()
     print("After configuring at least 2 keys, register with Claude Code:")
@@ -327,22 +344,30 @@ def validate_api_key(provider: str, key: str) -> tuple[bool, str]:
     return True, ""
-def get_registration_command(selected_providers: list[str]) -> str:
+def get_registration_command(selected_providers: list[str], include_keyring_password: bool = False) -> str:
     """Generate the registration command for Claude Code CLI."""
     providers_env = ",".join(selected_providers)
-    return f'claude mcp add -s user second-opinion -e SECOND_OPINION_PROVIDERS="{providers_env}" -- second-opinion-mcp'
+    cmd = f'claude mcp add -s user second-opinion -e SECOND_OPINION_PROVIDERS="{providers_env}"'
+    if include_keyring_password:
+        cmd += ' -e KEYRING_CRYPTFILE_PASSWORD="your-keyring-password"'
+    cmd += ' -- second-opinion-mcp'
+    return cmd
-def get_desktop_config(selected_providers: list[str]) -> str:
+def get_desktop_config(selected_providers: list[str], include_keyring_password: bool = False) -> str:
     """Generate Claude Desktop configuration JSON."""
     providers_env = ",".join(selected_providers)
+    env_section = f'"SECOND_OPINION_PROVIDERS": "{providers_env}"'
+    if include_keyring_password:
+        env_section += ',\n        "KEYRING_CRYPTFILE_PASSWORD": "your-keyring-password"'
     return f'''{{
   "mcpServers": {{
     "second-opinion": {{
       "command": "second-opinion-mcp",
       "env": {{
-        "SECOND_OPINION_PROVIDERS": "{providers_env}"
+        {env_section}
       }}
     }}
   }}
@@ -352,16 +377,22 @@ def get_desktop_config(selected_providers: list[str]) -> str:
 def print_client_instructions(configured_providers: list[str]):
     """Print setup instructions for all supported MCP clients."""
     providers_env = ",".join(configured_providers)
+    is_linux = platform.system() == "Linux"
     print()
     print("=" * 60)
     print("  Client Setup Instructions")
     print("=" * 60)
+    if is_linux:
+        print()
+        print("NOTE: On Linux, include KEYRING_CRYPTFILE_PASSWORD in environment")
+        print("      to enable encrypted keyring access.")
     # Claude Code CLI
     print()
     print("CLAUDE CODE CLI:")
-    print(f"  claude mcp add -s user second-opinion -e SECOND_OPINION_PROVIDERS=\"{providers_env}\" -- second-opinion-mcp")
+    print(f"  {get_registration_command(configured_providers, include_keyring_password=is_linux)}")
     # Claude Desktop
     print()
@@ -374,7 +405,7 @@ def print_client_instructions(configured_providers: list[str]):
     else:
         print("  Location: ~/.config/Claude/claude_desktop_config.json")
     print()
-    print(get_desktop_config(configured_providers))
+    print(get_desktop_config(configured_providers, include_keyring_password=is_linux))
     # OpenClaw / Other MCP clients
     print()

{second_opinion_mcp-0.3.5 → second_opinion_mcp-0.3.8}/src/second_opinion_mcp/server.py RENAMED Viewed

@@ -6,6 +6,7 @@ Secrets via keyring (no env var exposure).
 """
 import asyncio
 import atexit
+import getpass
 import os
 import re
 import time
@@ -14,12 +15,23 @@ from datetime import datetime
 from pathlib import Path
 from typing import Literal
-import httpx
-import keyring
-from openai import AsyncOpenAI, APIError, RateLimitError, APITimeoutError, APIConnectionError
-from mcp.server.fastmcp import FastMCP
-from tenacity import retry, stop_after_attempt, wait_exponential, retry_if_exception_type
-import logging
+# Patch getpass to support KEYRING_CRYPTFILE_PASSWORD env var for non-interactive use.
+# This enables EncryptedKeyring to work in server/headless environments.
+_original_getpass = getpass.getpass
+def _patched_getpass(prompt="", stream=None):
+    """Return password from env var if set, otherwise prompt interactively."""
+    pwd = os.environ.get('KEYRING_CRYPTFILE_PASSWORD', '')
+    if pwd:
+        return pwd
+    return _original_getpass(prompt, stream)
+getpass.getpass = _patched_getpass
+import httpx  # noqa: E402
+import keyring  # noqa: E402
+from openai import AsyncOpenAI, APIError, RateLimitError, APITimeoutError, APIConnectionError  # noqa: E402
+from mcp.server.fastmcp import FastMCP  # noqa: E402
+from tenacity import retry, stop_after_attempt, wait_exponential, retry_if_exception_type  # noqa: E402
+import logging  # noqa: E402
 # Library logging pattern: NullHandler by default, host app configures
 logger = logging.getLogger("second-opinion")
@@ -37,15 +49,27 @@ def _check_keyring_security() -> None:
     Detects PlaintextKeyring and NullKeyring which store credentials insecurely.
     Set SECOND_OPINION_STRICT_KEYRING=1 to fail on insecure backends in production.
+    For Linux servers without a desktop keyring, use EncryptedKeyring with
+    KEYRING_CRYPTFILE_PASSWORD environment variable for non-interactive decryption.
     """
     backend_name = str(type(keyring.get_keyring()))
     insecure_backends = ('PlaintextKeyring', 'NullKeyring', 'Null')
     if any(name in backend_name for name in insecure_backends):
+        # Check if user can switch to EncryptedKeyring
+        hint = ""
+        if 'PlaintextKeyring' in backend_name:
+            hint = (
+                " Hint: Set KEYRING_CRYPTFILE_PASSWORD env var to enable "
+                "EncryptedKeyring for non-interactive use."
+            )
         logger.warning(
             "SECURITY WARNING: Using insecure keyring backend (%s). "
             "API keys may be stored in plaintext. For production, use "
-            "a secure backend or set SECOND_OPINION_STRICT_KEYRING=1 to fail.",
-            backend_name
+            "a secure backend or set SECOND_OPINION_STRICT_KEYRING=1 to fail.%s",
+            backend_name, hint
         )
         if os.environ.get("SECOND_OPINION_STRICT_KEYRING"):
             raise RuntimeError(
@@ -1210,7 +1234,7 @@ async def consensus(
     _, err_a = _validate_provider(provider_a)
     _, err_b = _validate_provider(provider_b)
     if err_a and err_b:
-        return f"Error: No providers available for consensus debate. Enable deepseek or moonshot."
+        return "Error: No providers available for consensus debate. Enable deepseek or moonshot."
     output_parts = [f"## Debate: {topic}\n"]
@@ -1411,7 +1435,7 @@ async def review_synthesis(
     # Check for critical failures
     errors = [p for p, r in reviews.items() if r.startswith("Error:")]
     if len(errors) == len(providers_used):
-        return f"Error: All code reviews failed.\n\n" + "\n\n".join(
+        return "Error: All code reviews failed.\n\n" + "\n\n".join(
             f"**{p}:** {reviews[p]}" for p in providers_used
         )