sideload 1.2.0__py3-none-any.whl → 1.4.0__py3-none-any.whl

sideload/cli.py

@@ -33,9 +33,19 @@ console = Console()
 
 
 class SideloadClient:
-    def __init__(self, jsonbin_token: str, collection_id: str):
+    def __init__(
+        self,
+        jsonbin_token: str,
+        collection_id: str,
+        verify_ssl: bool = True,
+        key_type: str = "master"
+    ):
         self.collection_id = collection_id
-        self.connector = JSONBinConnector(jsonbin_token)
+        self.connector = JSONBinConnector(
+            jsonbin_token,
+            verify_ssl=verify_ssl,
+            key_type=key_type
+        )
         self.manager = SideloadBinManager(self.connector)
 
     def __enter__(self):
@@ -380,6 +390,17 @@ Examples:
         type=Path,
         help="Working directory for extraction (for debugging, defaults to temp directory)",
     )
+    download_parser.add_argument(
+        "--no-verify-ssl",
+        action="store_true",
+        help="Disable SSL certificate verification for JSONBin API",
+    )
+    download_parser.add_argument(
+        "--jsonbin-key-type",
+        choices=["master", "access"],
+        default=None,
+        help="JSONBin key type to use (default: from JSONBIN_KEY_TYPE env or 'master')",
+    )
 
     args = parser.parse_args()
 
@@ -394,6 +415,19 @@ Examples:
         jsonbin_token = args.token or os.environ.get("JSONBIN_TOKEN")
         collection_id = args.collection or os.environ.get("SIDELOAD_COLLECTION_ID")
 
+        # Get SSL verification setting (CLI flag overrides env var)
+        verify_ssl = not args.no_verify_ssl
+        if args.no_verify_ssl:
+            # If CLI flag is set, disable SSL verification
+            verify_ssl = False
+        else:
+            # Otherwise check environment variable (default to True)
+            env_verify = os.environ.get("JSONBIN_VERIFY_SSL", "true").lower()
+            verify_ssl = env_verify in ("true", "1", "yes")
+
+        # Get key type (CLI arg > env var > default)
+        key_type = args.jsonbin_key_type or os.environ.get("JSONBIN_KEY_TYPE", "master").lower()
+
         if not jsonbin_token:
             console.print(
                 "❌ JSONBin token required. Set JSONBIN_TOKEN environment variable or use --token",
@@ -418,10 +452,12 @@ Examples:
             console.print(f"  [dim]Output:[/dim] {args.output}")
             console.print(f"  [dim]Work Directory:[/dim] {args.work_dir or 'temp (auto-cleanup)'}")
             console.print(f"  [dim]Collection ID:[/dim] {collection_id}")
+            console.print(f"  [dim]SSL Verification:[/dim] {verify_ssl}")
+            console.print(f"  [dim]JSONBin Key Type:[/dim] {key_type}")
             console.print()
 
         try:
-            with SideloadClient(jsonbin_token, collection_id) as client:
+            with SideloadClient(jsonbin_token, collection_id, verify_ssl, key_type) as client:
                 # Create the request
                 console.print(
                     f"🌐 Requesting download for: [bold blue]{args.url}[/bold blue]"
@@ -449,9 +485,14 @@ Examples:
 
                 console.print(Rule("📦 Downloading Packages"))
 
-                with tempfile.TemporaryDirectory() as temp_dir:
-                    temp_path = Path(temp_dir)
-                    wheel_files = client.download_packages(package_names, temp_path, args.debug)
+                # Use work_dir for downloads if provided, otherwise use temp directory
+                use_work_dir = args.work_dir is not None
+                if use_work_dir:
+                    download_dir = args.work_dir / "wheels"
+                    download_dir.mkdir(parents=True, exist_ok=True)
+                    console.print(f"[yellow]📥 Downloading packages to: {download_dir}[/yellow]")
+
+                    wheel_files = client.download_packages(package_names, download_dir, args.debug)
 
                     if not wheel_files:
                         console.print(
@@ -476,6 +517,35 @@ Examples:
                     console.print(
                         f"📊 File size: [cyan]{output_file.stat().st_size:,} bytes[/cyan]"
                     )
+                else:
+                    # Use temporary directory for downloads
+                    with tempfile.TemporaryDirectory() as temp_dir:
+                        temp_path = Path(temp_dir)
+                        wheel_files = client.download_packages(package_names, temp_path, args.debug)
+
+                        if not wheel_files:
+                            console.print(
+                                "❌ No packages were downloaded successfully", style="red"
+                            )
+                            return
+
+                        # Extract and reassemble
+                        console.print(Rule("🔧 Reassembling File"))
+                        original_filename = data.get("filename", "downloaded_file")
+                        output_file = args.output / original_filename
+
+                        client.extract_and_reassemble(
+                            wheel_files, package_names, original_filename, output_file, args.debug, args.work_dir
+                        )
+
+                        # Success!
+                        console.print(Rule("✨ Complete"))
+                        console.print(
+                            f"🎉 File successfully downloaded to: [bold green]{output_file}[/bold green]"
+                        )
+                        console.print(
+                            f"📊 File size: [cyan]{output_file.stat().st_size:,} bytes[/cyan]"
+                        )
 
         except KeyboardInterrupt:
             console.print("\n⚠️  Download interrupted by user", style="yellow")

sideload/jsonbin_connector.py

@@ -2,13 +2,26 @@ import os
 import httpx
 
 JSONBIN_TOKEN = os.environ["JSONBIN_TOKEN"]
+JSONBIN_VERIFY_SSL = os.environ.get("JSONBIN_VERIFY_SSL", "true").lower() in ("true", "1", "yes")
+JSONBIN_KEY_TYPE = os.environ.get("JSONBIN_KEY_TYPE", "master").lower()  # "master" or "access"
 
 
 class JSONBinConnector:
-    def __init__(self):
+    def __init__(self, verify_ssl: bool = None, key_type: str = None):
+        # Use provided values or fall back to environment variables
+        verify = JSONBIN_VERIFY_SSL if verify_ssl is None else verify_ssl
+        key_type = key_type or JSONBIN_KEY_TYPE
+
+        # Determine the key header to use
+        if key_type == "access":
+            key_header = "X-Access-Key"
+        else:
+            key_header = "X-Master-Key"
+
         self.client = httpx.Client(
             base_url="https://api.jsonbin.io/v3",
-            headers={"X-Master-Key": JSONBIN_TOKEN, "Content-Type": "application/json"},
+            headers={key_header: JSONBIN_TOKEN, "Content-Type": "application/json"},
+            verify=verify,
         )
 
     def get_collections(self) -> list:

sideload/jsonbin_old.py

@@ -11,19 +11,35 @@ from typing import Dict, List, Optional, Any
 class JSONBinConnector:
     """A connector for JSONBin.io API with httpx"""
 
-    def __init__(self, api_token: str, base_url: str = "https://api.jsonbin.io/v3"):
+    def __init__(
+        self,
+        api_token: str,
+        base_url: str = "https://api.jsonbin.io/v3",
+        verify_ssl: bool = True,
+        key_type: str = "master"
+    ):
         """
         Initialize the JSONBin connector
 
         Args:
             api_token: JSONBin API token
             base_url: JSONBin API base URL
+            verify_ssl: Whether to verify SSL certificates (default: True)
+            key_type: Type of key to use - "master" or "access" (default: "master")
         """
         self.api_token = api_token
         self.base_url = base_url
+
+        # Determine the key header to use
+        if key_type == "access":
+            key_header = "X-Access-Key"
+        else:
+            key_header = "X-Master-Key"
+
         self.client = httpx.Client(
             base_url=base_url,
-            headers={"X-Master-Key": api_token, "Content-Type": "application/json"},
+            headers={key_header: api_token, "Content-Type": "application/json"},
+            verify=verify_ssl,
         )
 
     def __enter__(self):

sideload/main.py

@@ -11,7 +11,7 @@ from sideload.jsonbin_connector import JSONBinConnector
 
 JSONBIN_TOKEN = os.environ["JSONBIN_TOKEN"]
 PYPI_TOKEN = os.environ["PYPI_TOKEN"]
-MAX_PACKAGE_SIZE = 95 * 1024 * 1024  # 95 MB
+MAX_PACKAGE_SIZE = 92 * 1024 * 1024  # 95 MB
 
 LAST_BINS: dict[str, str | None] = {}
 

sideload/scripts/cleanup_pypi.py

@@ -6,16 +6,32 @@ Admin script to delete all sideload-* packages from PyPI using browser automatio
 import os
 import sys
 import asyncio
+import random
 from playwright.async_api import async_playwright
+import pyotp
 
 PYPI_USER = os.environ.get("PYPI_USER")
 PYPI_PASSWORD = os.environ.get("PYPI_PASSWORD")
+PYPI_TOTP = os.environ.get("PYPI_TOTP")  # Optional: TOTP secret key
 
 if not PYPI_USER or not PYPI_PASSWORD:
     print("❌ PYPI_USER and PYPI_PASSWORD environment variables must be set")
     sys.exit(1)
 
 
+async def human_like_mouse_movement(page):
+    """Simulate human-like mouse movements across the page"""
+    viewport_size = page.viewport_size
+    width = viewport_size.get('width', 1280) if viewport_size else 1280
+    height = viewport_size.get('height', 720) if viewport_size else 720
+
+    for _ in range(random.randint(3, 6)):
+        x = random.randint(50, width - 50)
+        y = random.randint(50, height - 50)
+        await page.mouse.move(x, y)
+        await asyncio.sleep(random.uniform(0.15, 0.4))
+
+
 async def delete_project(page, package_name: str) -> bool:
     """Delete a project from PyPI using browser automation"""
     try:
@@ -35,8 +51,34 @@ async def delete_project(page, package_name: str) -> bool:
         await page.evaluate('window.scrollTo(0, document.body.scrollHeight)')
         await asyncio.sleep(0.5)
 
+        # Extract the exact project name from the page to ensure correct case
+        # Look for the project name in the delete section
+        exact_project_name = await page.evaluate('''() => {
+            // Find the label that mentions the project name
+            const labels = Array.from(document.querySelectorAll('label'));
+            for (const label of labels) {
+                const text = label.textContent;
+                if (text && text.includes('confirm by typing the project name')) {
+                    // Extract the project name from something like "confirm by typing the project name (project-name) below"
+                    const match = text.match(/\\(([^)]+)\\)/);
+                    if (match) return match[1];
+                }
+            }
+            // Fallback: get from URL
+            const path = window.location.pathname;
+            const urlMatch = path.match(/\\/manage\\/project\\/([^\\/]+)/);
+            return urlMatch ? decodeURIComponent(urlMatch[1]) : null;
+        }''')
+
+        if not exact_project_name:
+            print(f"  ⚠️  Could not extract exact project name from page, using: {package_name}")
+            exact_project_name = package_name
+        else:
+            print(f"  📝 Extracted exact project name: {exact_project_name}")
+
         # Find and check all "I understand..." checkboxes
         checkboxes = await page.query_selector_all('input[type="checkbox"]')
+        print(f"  ✓ Found {len(checkboxes)} checkboxes")
         for checkbox in checkboxes:
             await checkbox.check()
 
@@ -46,29 +88,55 @@ async def delete_project(page, package_name: str) -> bool:
             print(f"  ⚠️  Could not find confirmation input for {package_name}")
             return False
 
-        await confirm_input.fill(package_name)
+        # Clear and type the exact project name with human-like behavior
+        await confirm_input.clear()
+        await asyncio.sleep(random.uniform(0.2, 0.5))
+
+        # Move mouse before typing
+        await human_like_mouse_movement(page)
+
+        # Type each character with varying delays
+        for char in exact_project_name:
+            await confirm_input.type(char, delay=random.randint(80, 200))
+            await asyncio.sleep(random.uniform(0.05, 0.15))
+
+        print(f"  ✓ Typed project name: {exact_project_name}")
 
-        # Find and click the delete link that opens the modal
-        # This is the button with href="#project_name-modal"
-        delete_link = await page.query_selector('a.button--danger[data-delete-confirm-target="button"]')
+        # Wait a moment for the button to become enabled (human-like pause)
+        await asyncio.sleep(random.uniform(1.0, 2.0))
+
+        # Move mouse naturally
+        await human_like_mouse_movement(page)
+
+        # Find and click the delete link
+        delete_link = await page.query_selector('[data-delete-confirm-target="button"]')
         if not delete_link:
-            print(f"  ⚠️  Could not find delete link for {package_name}")
+            print(f"  ⚠️  Could not find delete button")
             return False
 
-        # Wait a moment to ensure button is enabled
-        await asyncio.sleep(0.5)
+        # Check if the button is enabled
+        is_disabled = await delete_link.evaluate('(el) => el.classList.contains("button--disabled") || el.hasAttribute("disabled")')
+        if is_disabled:
+            print(f"  ⚠️  Delete button is still disabled")
+            # Take a screenshot for debugging
+            await page.screenshot(path=f"debug_{package_name}.png")
+            print(f"  📸 Screenshot saved as debug_{package_name}.png")
+            return False
 
-        # Click the link to open the modal
-        await delete_link.click()
-        await asyncio.sleep(0.5)
+        print(f"  🖱️  Clicking delete button...")
 
-        # Now find and click the actual delete button in the modal
-        modal_delete_button = await page.query_selector('button[type="submit"]')
-        if not modal_delete_button:
-            print(f"  ⚠️  Could not find modal delete button for {package_name}")
-            return False
+        # Move mouse to the button area naturally
+        box = await delete_link.bounding_box()
+        if box:
+            # Move to a random point within the button
+            target_x = box['x'] + random.uniform(10, box['width'] - 10)
+            target_y = box['y'] + random.uniform(10, box['height'] - 10)
+            await page.mouse.move(target_x, target_y)
+            await asyncio.sleep(random.uniform(0.2, 0.5))
 
-        await modal_delete_button.click()
+        # Click and wait for navigation
+        await delete_link.click()
+        await asyncio.sleep(random.uniform(0.5, 1.0))
         await page.wait_for_load_state("networkidle")
 
         print(f"  ✅ Deleted {package_name}")
@@ -76,6 +144,14 @@ async def delete_project(page, package_name: str) -> bool:
 
     except Exception as e:
         print(f"  ❌ Error deleting {package_name}: {e}")
+        import traceback
+        traceback.print_exc()
+        # Take screenshot on error
+        try:
+            await page.screenshot(path=f"error_{package_name}.png")
+            print(f"  📸 Error screenshot saved as error_{package_name}.png")
+        except:
+            pass
         return False
 
 
@@ -107,6 +183,10 @@ async def get_user_projects(page) -> list[str]:
 async def main():
     print("🧹 PyPI Sideload Package Cleanup Tool")
     print("=" * 50)
+    if PYPI_TOTP:
+        print("🔐 TOTP auto-generation enabled")
+    else:
+        print("⚠️  TOTP auto-generation disabled (set PYPI_TOTP to enable)")
     print()
 
     async with async_playwright() as p:
@@ -121,27 +201,128 @@ async def main():
             print("   Opening login page...")
             await page.goto('https://pypi.org/account/login/')
 
-            # Fill in login credentials
+            # Fill in login credentials (fast, no need to be slow here)
             print("   Filling credentials...")
             await page.fill('#username', PYPI_USER)
+            await asyncio.sleep(random.uniform(0.2, 0.4))
             await page.fill('#password', PYPI_PASSWORD)
+            await asyncio.sleep(random.uniform(0.3, 0.6))
 
             # Submit login form
             await page.click('input[type="submit"]')
-            await asyncio.sleep(1)
+            await asyncio.sleep(2)
 
             # Wait for user to complete TOTP if required
             current_url = page.url
             if '/account/two-factor/' in current_url:
-                print("   ⚠️  TOTP required - please enter your 2FA code in the browser...")
-                while True:
-                    current_url = page.url
-                    # Wait until we're not on TOTP page anymore
-                    if '/account/two-factor/' not in current_url:
-                        break
-                    await asyncio.sleep(1)
-
-            print("✅ Login completed!")
+                if PYPI_TOTP:
+                    print("   🔐 Generating TOTP code...")
+
+                    # Simulate human-like delay before interacting
+                    await asyncio.sleep(random.uniform(1.5, 2.5))
+
+                    # Move mouse around naturally across the page
+                    print("   🖱️  Moving mouse naturally...")
+                    await human_like_mouse_movement(page)
+
+                    totp = pyotp.TOTP(PYPI_TOTP)
+                    code = totp.now()
+                    print(f"   ✓ Generated TOTP code: {code}")
+
+                    # Find TOTP input field and enter the code
+                    totp_input = await page.query_selector('input[name="totp_value"]')
+                    if not totp_input:
+                        totp_input = await page.query_selector('input[type="text"]')
+
+                    if totp_input:
+                        # Click on the input field naturally
+                        await totp_input.click()
+                        await asyncio.sleep(random.uniform(0.4, 0.8))
+
+                        # Type each character slowly with human-like delays
+                        print("   ⌨️  Typing TOTP code slowly...")
+                        for i, char in enumerate(code):
+                            await totp_input.type(char, delay=random.randint(100, 250))
+                            await asyncio.sleep(random.uniform(0.1, 0.25))
+                            # Occasionally move mouse during typing
+                            if i % 2 == 0:
+                                x = random.randint(200, 600)
+                                y = random.randint(200, 500)
+                                await page.mouse.move(x, y)
+
+                        print("   ✓ Entered TOTP code")
+
+                        # Wait a bit before submitting (like a human would)
+                        await asyncio.sleep(random.uniform(0.8, 1.5))
+
+                        # More mouse movements
+                        print("   🖱️  Moving mouse before submit...")
+                        await human_like_mouse_movement(page)
+
+                        # Submit the form
+                        submit_button = await page.query_selector('button[type="submit"]')
+                        if not submit_button:
+                            submit_button = await page.query_selector('input[type="submit"]')
+
+                        if submit_button:
+                            await submit_button.click()
+                            print("   ✓ Submitted TOTP, waiting for response...")
+
+                            # Wait for navigation
+                            await asyncio.sleep(4)
+
+                            # Check if we've successfully logged in
+                            current_url = page.url
+                            if '/account/' in current_url or '/manage/' in current_url:
+                                print("   ✓ Successfully logged in!")
+                            elif '/account/two-factor/' in current_url:
+                                # Still on 2FA page - likely a captcha
+                                print("\n" + "=" * 60)
+                                print("   🤖 CAPTCHA DETECTED!")
+                                print("   👤 Please solve the captcha in the browser window")
+                                print("   ⏳ Waiting for you to complete it...")
+                                print("=" * 60 + "\n")
+
+                                # Wait for user to solve captcha - keep checking
+                                # We need to wait until we're actually logged in (on account page or similar)
+                                while True:
+                                    await asyncio.sleep(2)
+                                    current_url = page.url
+                                    # Check if we've successfully logged in (not just left the 2FA page)
+                                    if ('/account/' in current_url or '/manage/' in current_url) and '/account/two-factor/' not in current_url:
+                                        break
+                                    # Print status every 2 seconds to show we're still waiting
+                                    print("   ⏳ Still waiting for captcha completion...", end='\r')
+
+                                print("\n   ✓ Captcha solved and logged in! Continuing...")
+                            else:
+                                print(f"   ⚠️  Unexpected page: {current_url}")
+                                print("   ⏳ Waiting for login to complete...")
+                                # Wait until we're on a known good page
+                                while True:
+                                    await asyncio.sleep(2)
+                                    current_url = page.url
+                                    if '/account/' in current_url or '/manage/' in current_url:
+                                        break
+                                    print("   ⏳ Still waiting...", end='\r')
+                                print("\n   ✓ Login completed!")
+                        else:
+                            print("   ⚠️  Could not find submit button")
+                    else:
+                        print("   ⚠️  Could not find TOTP input field")
+                else:
+                    print("   ⚠️  TOTP required - please enter your 2FA code in the browser...")
+                    print("   👤 Waiting for you to complete 2FA (and captcha if present)...")
+                    while True:
+                        await asyncio.sleep(2)
+                        current_url = page.url
+                        # Wait until we're actually logged in
+                        if '/account/two-factor/' not in current_url and ('/account/' in current_url or '/manage/' in current_url):
+                            break
+                        print("   ⏳ Still waiting for 2FA completion...", end='\r')
+                    print("\n   ✓ 2FA completed!")
+
+            print("\n✅ Login completed!")
 
             # Get all sideload projects
             projects = await get_user_projects(page)

{sideload-1.2.0.dist-info → sideload-1.4.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: sideload
-Version: 1.2.0
+Version: 1.4.0
 Summary: Download large files via PyPI packages
 Author: Sygmei
 Author-email: Sygmei <3835355+Sygmei@users.noreply.github.com>
@@ -11,6 +11,7 @@ Requires-Dist: rich>=13.0.0
 Requires-Dist: httpx>=0.28.1
 Requires-Dist: pip>=25.2
 Requires-Dist: playwright>=1.55.0
+Requires-Dist: pyotp>=2.9.0
 Requires-Python: >=3.12
 Description-Content-Type: text/markdown
 

sideload-1.4.0.dist-info/RECORD

@@ -0,0 +1,11 @@
+sideload/__init__.py,sha256=Y3rHLtR7n0sjLXrn-BEcrbIHx-9uE1tPZkooavo7xcA,222
+sideload/cli.py,sha256=4nG0QLwcYypN2A7ENffEE4IEh0VNzwrAdL7cX4ZxjPM,21932
+sideload/jsonbin.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+sideload/jsonbin_connector.py,sha256=IS7YdSBZeZMoTwOyA1I0T7aw36-KERYNnD324dRRI5A,2305
+sideload/jsonbin_old.py,sha256=Rs657F3dTtdoxVYolByuyINABCIQx_VLxwxgdne1mws,8865
+sideload/main.py,sha256=_YE0b93jhDFN8PcBfHLKbZp1EPQGfWq3wIYyX7nT7Qo,7600
+sideload/scripts/cleanup_pypi.py,sha256=YPzYVsutFVsRoCi4qG6vZo8x5YiLzpAfJ7xKxZiZWgI,15264
+sideload-1.4.0.dist-info/WHEEL,sha256=-neZj6nU9KAMg2CnCY6T3w8J53nx1kFGw_9HfoSzM60,79
+sideload-1.4.0.dist-info/entry_points.txt,sha256=7ULrIjaVhrxMhuddTeoPjeIrqmIvVc9cSU3lZU2_YqE,44
+sideload-1.4.0.dist-info/METADATA,sha256=VbhpNuxWsOFNVCvw9gBBUtT-mxqKvM626A5rGvzB4xE,4309
+sideload-1.4.0.dist-info/RECORD,,

sideload-1.2.0.dist-info/RECORD

@@ -1,11 +0,0 @@
-sideload/__init__.py,sha256=Y3rHLtR7n0sjLXrn-BEcrbIHx-9uE1tPZkooavo7xcA,222
-sideload/cli.py,sha256=JCedG4Xqz3AQ-24eerMW8ZdBpTx_sOZI1nfXDzOU9dE,18843
-sideload/jsonbin.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-sideload/jsonbin_connector.py,sha256=HtR1Pwnpm5jfYcmnvcug9HaKxFpsyJBXYYlLuzWPiTE,1680
-sideload/jsonbin_old.py,sha256=ve21WsV7Ay60moFfrR4lSM_JRZNqo4z5v69cNw0Iqo0,8411
-sideload/main.py,sha256=EiZguc4-ug8RM6vXkZuXW_ps8jFWoAfeKBBNy7FX-F0,7600
-sideload/scripts/cleanup_pypi.py,sha256=CouuOhnbpSbrFc1KhlOeZAuajVVpGF9d4qwFpIKkEvY,5906
-sideload-1.2.0.dist-info/WHEEL,sha256=-neZj6nU9KAMg2CnCY6T3w8J53nx1kFGw_9HfoSzM60,79
-sideload-1.2.0.dist-info/entry_points.txt,sha256=7ULrIjaVhrxMhuddTeoPjeIrqmIvVc9cSU3lZU2_YqE,44
-sideload-1.2.0.dist-info/METADATA,sha256=OVl1VRCVXj0m3JeHtdEQ0bjX6LyEVf8R4_tKTATPBIw,4281
-sideload-1.2.0.dist-info/RECORD,,