sourcecode 1.36.0__py3-none-any.whl → 1.36.2__py3-none-any.whl

sourcecode/__init__.py

@@ -1,3 +1,3 @@
 """sourcecode — Deterministic codebase context maps for AI coding agents."""
 
-__version__ = "1.36.0"
+__version__ = "1.36.2"

sourcecode/cache.py

@@ -58,6 +58,8 @@ import json
 import os
 import re
 import subprocess
+import time
+import uuid
 from datetime import datetime, timezone
 from pathlib import Path
 from typing import Any, Optional
@@ -101,6 +103,12 @@ _DEFAULT_KEEP_COMMITS: int = 5
 _DEFAULT_MAX_CORES: int = 20
 _DEFAULT_MAX_SIZE_MB: int = 50
 
+#: Windows hardening for _atomic_write: os.replace can raise PermissionError
+#: (WinError 5/32) when an antivirus scanner, search indexer, or concurrent
+#: reader transiently holds the destination open. Retry briefly to ride it out.
+_REPLACE_RETRIES: int = 5
+_REPLACE_BACKOFF_S: float = 0.05
+
 # Matches "snapshot-<hex_commit>-<hex_flags>.json.gz"
 _SNAPSHOT_RE = re.compile(r"^snapshot-([0-9a-f]+)-[0-9a-f]+\.json\.gz$")
 
@@ -808,20 +816,38 @@ def _gc_cas(cache_d: Path, surviving_snapshots: list[Path]) -> None:
 # ---------------------------------------------------------------------------
 
 def _atomic_write(dest: Path, data: bytes) -> None:
-    """Write *data* to *dest* atomically via a sibling .tmp file + rename.
-
-    On POSIX, ``Path.replace()`` is a single ``rename(2)`` syscall — the
-    destination either has the old content or the new content, never a partial
-    write.  The .tmp suffix keeps the partial file out of glob patterns used
-    by the cache reader and GC.
+    """Write *data* to *dest* atomically via a unique temp file + rename.
+
+    ``os.replace`` is an atomic overwrite on both POSIX and Windows: the
+    destination ends up with either the old or the new content, never a partial
+    write.  The trailing ``.tmp`` suffix keeps partial files out of the
+    ``*.json.gz`` / ``*.gz`` glob patterns used by the cache reader and GC.
+
+    Windows hardening (no-ops on POSIX):
+      * The temp name is made *unique* (pid + random token) so concurrent
+        writers of the same destination never collide on a shared temp file —
+        on Windows that collision raises ``PermissionError`` (WinError 32,
+        sharing violation), whereas POSIX tolerates it.
+      * ``os.replace`` is retried with a short backoff: on Windows it raises
+        ``PermissionError`` (WinError 5/32) when an antivirus scanner, the
+        search indexer, or a concurrent reader holds a transient handle on the
+        destination. POSIX ``rename(2)`` has no such restriction.
     """
-    tmp = dest.with_suffix(".tmp")
+    tmp = dest.parent / f"{dest.name}.{os.getpid()}.{uuid.uuid4().hex[:8]}.tmp"
     try:
         tmp.write_bytes(data)
-        tmp.replace(dest)
-    except Exception:
-        _safe_unlink(tmp)
-        raise
+        last_exc: Optional[BaseException] = None
+        for attempt in range(_REPLACE_RETRIES):
+            try:
+                os.replace(tmp, dest)
+                return
+            except PermissionError as exc:  # transient lock on Windows — retry
+                last_exc = exc
+                time.sleep(_REPLACE_BACKOFF_S * (attempt + 1))
+        if last_exc is not None:
+            raise last_exc
+    finally:
+        _safe_unlink(tmp)  # remove temp on failure; no-op after a successful replace
 
 
 def _safe_unlink(path: Path) -> None:

sourcecode/cli.py

@@ -168,7 +168,6 @@ Cold scan: 2–10s depending on repo size. Warm cache: 0.3–0.6s.
   sourcecode --agent                    full structured JSON for AI agents
 
 [bold]Auth commands:[/bold]
-  auth login                   [dim]# authenticate via browser (device code)[/dim]
   auth status                  [dim]# show current plan and auth state[/dim]
   auth logout                  [dim]# remove local credentials[/dim]
 
@@ -570,7 +569,7 @@ app.add_typer(mcp_app, name="mcp")
 cache_app = typer.Typer(help="Cache inspection and management.", rich_markup_mode="rich")
 app.add_typer(cache_app, name="cache")
 
-auth_app = typer.Typer(help="Authentication: login, status, logout.", rich_markup_mode="rich")
+auth_app = typer.Typer(help="Authentication: status, logout.", rich_markup_mode="rich")
 app.add_typer(auth_app, name="auth")
 
 
@@ -653,6 +652,46 @@ def version_callback(value: bool) -> None:
         raise typer.Exit()
 
 
+# ANSI Shadow block wordmark, stacked "source" / "code" so it fits an 80-col
+# terminal (the single-line "sourcecode" is 83 wide and would wrap).
+_WELCOME_SOURCE = (
+    "███████╗ ██████╗ ██╗   ██╗██████╗  ██████╗███████╗",
+    "██╔════╝██╔═══██╗██║   ██║██╔══██╗██╔════╝██╔════╝",
+    "███████╗██║   ██║██║   ██║██████╔╝██║     █████╗  ",
+    "╚════██║██║   ██║██║   ██║██╔══██╗██║     ██╔══╝  ",
+    "███████║╚██████╔╝╚██████╔╝██║  ██║╚██████╗███████╗",
+    "╚══════╝ ╚═════╝  ╚═════╝ ╚═╝  ╚═╝ ╚═════╝╚══════╝",
+)
+_WELCOME_CODE = (
+    " ██████╗ ██████╗ ██████╗ ███████╗",
+    "██╔════╝██╔═══██╗██╔══██╗██╔════╝",
+    "██║     ██║   ██║██║  ██║█████╗  ",
+    "██║     ██║   ██║██║  ██║██╔══╝  ",
+    "╚██████╗╚██████╔╝██████╔╝███████╗",
+    " ╚═════╝ ╚═════╝ ╚═════╝ ╚══════╝",
+)
+
+_WELCOME_CMDS = (
+    ("sourcecode --compact", "repo summary"),
+    ("sourcecode prepare-context onboard", "onboarding"),
+    ("sourcecode mcp init", "connect IDE"),
+)
+
+
+def _print_welcome_plain(tier: str) -> None:
+    """Plain-text welcome — fallback when rich is unavailable."""
+    lines = ["", f"  sourcecode {__version__}   ·   {tier}", "",
+             "  AI coding-agent context, instant.", "", "  Get started:"]
+    for cmd, desc in _WELCOME_CMDS:
+        lines.append(f"    {cmd.ljust(34)}{desc}")
+    lines.append("")
+    lines.append("  sourcecode --help   all commands")
+    if tier != "Pro":
+        lines.append("  sourcecode activate <key>   unlock Pro")
+    lines.append("")
+    typer.echo("\n".join(lines))
+
+
 def _print_welcome() -> None:
     """Branded quickstart shown only on a bare invocation at a human terminal.
 
@@ -665,24 +704,55 @@ def _print_welcome() -> None:
     except Exception:
         tier = "Free"
 
-    lines = [
-        "",
-        f"  sourcecode {__version__}   ·   {tier}",
-        "",
-        "  Structural context for AI coding agents — analyze a repo, get",
-        "  LLM-ready JSON in milliseconds.",
-        "",
-        "  Get started:",
-        "    sourcecode --compact                high-signal summary of this repo",
-        "    sourcecode prepare-context onboard  full onboarding context",
-        "    sourcecode mcp init                 connect Claude / Cursor",
-        "",
-        "  sourcecode --help           all commands",
-    ]
+    try:
+        from rich import box
+        from rich.console import Console
+        from rich.panel import Panel
+        from rich.text import Text
+    except Exception:
+        _print_welcome_plain(tier)
+        return
+
+    pad = max(len(c) for c, _ in _WELCOME_CMDS) + 2
+    tier_style = "green" if tier != "Pro" else "magenta"
+    code_w = max(len(s) for s in _WELCOME_CODE)
+
+    t = Text()
+    for ln in _WELCOME_SOURCE:
+        t.append(ln + "\n", style="bold cyan")
+    # Append version + tier to the right of the "code" block's middle rows.
+    for i, ln in enumerate(_WELCOME_CODE):
+        t.append(ln.ljust(code_w), style="bold cyan")
+        if i == 2:
+            t.append(f"   {__version__}", style="dim")
+        elif i == 3:
+            t.append("   ")
+            t.append(tier, style=tier_style)
+        t.append("\n")
+
+    t.append("\nAI coding-agent context, instant.\n\n", style="white")
+
+    for cmd, desc in _WELCOME_CMDS:
+        t.append("▸ ", style="cyan")
+        t.append(cmd.ljust(pad), style="bold")
+        t.append(desc + "\n", style="dim")
+
+    t.append("\n--help", style="bold")
+    t.append("  ·  ", style="dim")
     if tier != "Pro":
-        lines.append("  sourcecode activate <key>   unlock Pro (large repos)")
-    lines.append("")
-    typer.echo("\n".join(lines))
+        t.append("activate <key>", style="bold")
+        t.append(" for Pro", style="dim")
+    else:
+        t.append("you're on Pro ✓", style="green")
+
+    panel = Panel(
+        t,
+        box=box.ROUNDED,
+        border_style="cyan",
+        padding=(1, 3),
+        expand=False,
+    )
+    Console().print(panel)
 
 
 @app.callback(invoke_without_command=True)
@@ -5344,26 +5414,9 @@ def activate_cmd(
 
 
 # ---------------------------------------------------------------------------
-# Auth commands (device-flow login / status / logout)
+# Auth commands (status / logout)
 # ---------------------------------------------------------------------------
 
-@auth_app.command("login")
-def auth_login_cmd() -> None:
-    """Authenticate via browser (device code flow).
-
-    \b
-    The CLI shows a URL. Open it in your browser, log in with your account,
-    and the CLI completes authentication automatically.
-    Credentials are stored in ~/.sourcecode/license.json (30-min cache; Supabase is source of truth).
-
-    \b
-    Examples:
-      sourcecode auth login
-    """
-    from sourcecode.license import auth_login as _auth_login
-    _auth_login()
-
-
 @auth_app.command("status")
 def auth_status_cmd() -> None:
     """Show current authentication and plan status."""
@@ -6159,4 +6212,13 @@ def main_entry() -> None:
         except Exception:
             pass
     _preprocess_argv()
-    app()
+    try:
+        app()
+    finally:
+        # Best-effort "new version available" nudge. Only speaks on an
+        # interactive terminal; never blocks, raises, or affects exit status.
+        try:
+            from sourcecode.version_check import maybe_notify_update
+            maybe_notify_update(__version__)
+        except Exception:
+            pass

sourcecode/license.py

@@ -71,9 +71,6 @@ _DELTA_FREE_LIMIT: int = 30
 # Hybrid model size limit: repos at/under this many Java source files are fully
 # free (every command, no caps). Above it = enterprise-scale monolith = Pro.
 _FREE_REPO_JAVA_FILE_LIMIT: int = 500
-_DEVICE_POLL_INTERVAL_S: float = 2.5
-_DEVICE_POLL_TIMEOUT_S: float = 300.0  # 5-minute window for user to complete browser auth
-_AUTH_BASE_URL: str = "https://sourcecode.dev"
 _LICENSE_KEY_RE = re.compile(r"^[A-Za-z0-9_\-]{1,200}$")
 
 # ---------------------------------------------------------------------------
@@ -243,78 +240,6 @@ def _call_get_license(license_key: str) -> Optional[dict]:
         return None  # Network error — caller decides what to do
 
 
-def _generate_device_code() -> str:
-    """Generate a human-readable device code: XXXX-XXXX-XXXX."""
-    import uuid
-    raw = uuid.uuid4().hex.upper()
-    return f"{raw[:4]}-{raw[4:8]}-{raw[8:12]}"
-
-
-def _call_device_check(device_code: str) -> Optional[dict]:
-    """Poll /device-check edge function. Returns dict or None on network error.
-
-    Expected responses:
-      {"status": "pending"}
-      {"status": "complete", "device_token": "...", "email": "...", "plan": "pro", ...}
-      {"status": "error", "message": "..."}
-    """
-    import urllib.error
-    import urllib.request
-
-    if not _SUPABASE_ANON_KEY:
-        return None
-
-    url = f"{_SUPABASE_URL}/functions/v1/device-check"
-    body = json.dumps({"device_code": device_code}).encode("utf-8")
-    req = urllib.request.Request(url, data=body, method="POST")
-    req.add_header("apikey", _SUPABASE_ANON_KEY)
-    req.add_header("Authorization", f"Bearer {_SUPABASE_ANON_KEY}")
-    req.add_header("Content-Type", "application/json")
-    req.add_header("Accept", "application/json")
-    try:
-        with urllib.request.urlopen(req, timeout=8) as resp:
-            return json.loads(resp.read().decode("utf-8"))
-    except urllib.error.HTTPError as exc:
-        try:
-            return json.loads(exc.read().decode("utf-8", errors="replace"))
-        except Exception:
-            return {"status": "error", "message": f"HTTP {exc.code}"}
-    except Exception:
-        return None
-
-
-def _call_get_user_plan(device_token: str) -> Optional[dict]:
-    """Fetch current plan/status for an authenticated device token.
-
-    Expected response:
-      {"valid": true, "plan": "pro", "status": "active", "features": [...], "email": "..."}
-      {"valid": false, "error": "token_revoked"}
-    """
-    import urllib.error
-    import urllib.request
-
-    if not _SUPABASE_ANON_KEY:
-        return None
-
-    url = f"{_SUPABASE_URL}/functions/v1/get-user-plan"
-    body = json.dumps({"device_token": device_token}).encode("utf-8")
-    req = urllib.request.Request(url, data=body, method="POST")
-    req.add_header("apikey", _SUPABASE_ANON_KEY)
-    req.add_header("Authorization", f"Bearer {_SUPABASE_ANON_KEY}")
-    req.add_header("Content-Type", "application/json")
-    req.add_header("Accept", "application/json")
-    try:
-        with urllib.request.urlopen(req, timeout=8) as resp:
-            return json.loads(resp.read().decode("utf-8"))
-    except urllib.error.HTTPError as exc:
-        try:
-            return json.loads(exc.read().decode("utf-8", errors="replace"))
-        except Exception:
-            return {"valid": False, "error": f"HTTP {exc.code}"}
-    except Exception:
-        return None
-
-
 def _maybe_revalidate() -> None:
     """Re-validate cached license if stale. Mutates globals; never raises."""
     global _license_data, is_pro
@@ -338,39 +263,7 @@ def _maybe_revalidate() -> None:
         except Exception:
             pass
 
-    auth_method = _license_data.get("auth_method")
-
-    if auth_method == "device_flow":
-        device_token = _license_data.get("device_token")
-        if not device_token:
-            return
-        result = _call_get_user_plan(device_token)
-        if result is None:
-            return  # Network error — keep cached (offline-first)
-        if not result.get("valid", True):
-            _license_data = None
-            is_pro = False
-            try:
-                if _LICENSE_FILE.exists():
-                    _LICENSE_FILE.unlink()
-            except Exception:
-                pass
-            return
-        _license_data["plan"] = result.get("plan", "free")
-        _license_data["status"] = result.get("status", "active")
-        _license_data["features"] = result.get("features", [])
-        _license_data["validated_at"] = datetime.now(timezone.utc).isoformat()
-        is_pro = (
-            _license_data.get("plan") == "pro"
-            and _license_data.get("status", "active") != "inactive"
-        )
-        try:
-            _write_license_file(_license_data)
-        except Exception:
-            pass
-        return
-
-    # Key-based auth (existing flow / legacy)
+    # Key-based auth
     key = _license_data.get("license_key")
     if not key:
         return
@@ -585,106 +478,7 @@ def require_pro(feature_name: str) -> None:
 
 
 # ---------------------------------------------------------------------------
-# Device-flow authentication
-# ---------------------------------------------------------------------------
-
-def _finish_device_auth(result: dict) -> None:
-    """Persist device-flow credentials and emit success JSON. Exits on error."""
-    global _license_data, is_pro
-
-    device_token = result.get("device_token") or result.get("access_token") or ""
-    email = result.get("email", "")
-    plan = result.get("plan", "free")
-    plan_status = (
-        result.get("status_detail")
-        or result.get("user_status")
-        or result.get("status", "active")
-    )
-    features = result.get("features") or []
-
-    if not device_token:
-        sys.stderr.write("\n")
-        _fail("auth_error", "Authentication completed but no session token received. Contact support.")
-
-    _LICENSE_DIR.mkdir(parents=True, exist_ok=True)
-    now = datetime.now(timezone.utc).isoformat()
-    data: dict = {
-        "auth_method": "device_flow",
-        "device_token": device_token,
-        "email": email,
-        "plan": plan,
-        "status": plan_status,
-        "features": features,
-        "authenticated_at": now,
-        "validated_at": now,
-    }
-    _write_license_file(data)
-    _license_data = data
-    is_pro = plan == "pro" and plan_status != "inactive"
-    _emit_telemetry("activation", feature="device_flow", success=is_pro)
-
-    sys.stderr.write(f"\n  Authenticated as {email}.  Plan: {plan}\n\n")
-    sys.stderr.flush()
-
-    output: dict = {"status": "authenticated", "email": email, "plan": plan, "pro": is_pro}
-    if not is_pro:
-        output["upgrade_hint"] = "https://sourcecode.dev/pricing"
-    else:
-        output["features"] = features
-    sys.stdout.write(json.dumps(output, ensure_ascii=False) + "\n")
-    sys.stdout.flush()
-
-
-def auth_login() -> None:
-    """Device code authentication flow.
-
-    Shows a browser URL; polls the backend every 2.5 s until the user
-    completes authentication or the 5-minute window expires.
-    Writes credentials to ~/.sourcecode/license.json on success.
-    Exits 0 on success, 1 on any failure.
-    """
-    import time
-
-    device_code = _generate_device_code()
-    activate_url = f"{_AUTH_BASE_URL}/activate?code={device_code}"
-
-    sys.stderr.write(f"\n  Open this URL to authenticate:\n  {activate_url}\n\n  Waiting")
-    sys.stderr.flush()
-
-    deadline = time.monotonic() + _DEVICE_POLL_TIMEOUT_S
-    _tick = 0
-
-    while time.monotonic() < deadline:
-        time.sleep(_DEVICE_POLL_INTERVAL_S)
-        _tick += 1
-        if _tick % 4 == 0:
-            sys.stderr.write(".")
-            sys.stderr.flush()
-
-        result = _call_device_check(device_code)
-        if result is None:
-            continue  # network blip — keep polling
-
-        status = result.get("status")
-        if status == "pending":
-            continue
-
-        if status == "complete":
-            _finish_device_auth(result)
-            return
-
-        if status == "error" or result.get("error"):
-            sys.stderr.write("\n")
-            _fail("auth_error", result.get("message") or result.get("error") or "Authentication failed.")
-
-        # Unknown status — keep polling
-
-    sys.stderr.write("\n")
-    _fail("auth_timeout", "Authentication timed out after 5 minutes. Please try again.")
-
-
-# ---------------------------------------------------------------------------
-# Activation (key-based — legacy / direct key entry)
+# Activation (key-based — direct key entry)
 # ---------------------------------------------------------------------------
 
 def activate_license(license_key: str) -> None:

sourcecode/telemetry/filters.py

@@ -75,7 +75,7 @@ _SAFE_FEATURES: frozenset[str] = frozenset({
     # prepare-context task names not already above
     "explain", "onboard", "refactor",
     # activation outcomes
-    "key", "device_flow",
+    "key",
 })
 _SAFE_SIZES: frozenset[str] = frozenset({"tiny", "small", "medium", "large", "huge", "unknown"})
 _SAFE_DURATIONS: frozenset[str] = frozenset({"<1s", "<5s", "<15s", "<60s", "60s+", "unknown"})

sourcecode/version_check.py

@@ -0,0 +1,149 @@
+"""Best-effort "new version available" nudge.
+
+Prints a single stderr line when a newer release exists on PyPI. Designed to be
+invisible unless it has something useful to say:
+
+  * Only runs in an interactive terminal (stderr.isatty()) — never pollutes
+    piped output, MCP stdio, CI logs, or test runners.
+  * Hits the network at most once per 24h (cached in
+    ~/.sourcecode/version_check.json); warm runs read the cache and are instant.
+  * Re-shows the same nudge at most ~once per 20h so it informs without nagging.
+  * Swallows every error and never blocks meaningfully (1.5s network timeout).
+
+Disable entirely with SOURCECODE_NO_UPDATE_CHECK=1 (also off under SOURCECODE_CI).
+The check reads PyPI only; it never touches the license in ~/.sourcecode/license.json.
+"""
+from __future__ import annotations
+
+import json
+import os
+import sys
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Optional
+
+_CACHE_DIR = Path.home() / ".sourcecode"
+_CACHE_FILE = _CACHE_DIR / "version_check.json"
+_PYPI_URL = "https://pypi.org/pypi/sourcecode/json"
+_CHECK_TTL_SECONDS = 86_400   # refresh the PyPI lookup at most once per 24h
+_NOTIFY_TTL_SECONDS = 72_000  # re-show the nudge at most every ~20h
+_FETCH_TIMEOUT = 1.5
+
+
+def _disabled() -> bool:
+    """True when the nudge must stay silent (opt-out, CI, or non-interactive)."""
+    if os.environ.get("SOURCECODE_NO_UPDATE_CHECK"):
+        return True
+    if os.environ.get("SOURCECODE_CI"):
+        return True
+    try:
+        return not sys.stderr.isatty()
+    except Exception:
+        return True  # no usable stderr -> stay silent
+
+
+def _read_cache() -> dict:
+    try:
+        if _CACHE_FILE.exists():
+            return json.loads(_CACHE_FILE.read_text(encoding="utf-8"))
+    except Exception:
+        pass
+    return {}
+
+
+def _write_cache(data: dict) -> None:
+    try:
+        _CACHE_DIR.mkdir(parents=True, exist_ok=True)
+        tmp = _CACHE_FILE.with_suffix(".tmp")
+        tmp.write_text(json.dumps(data, ensure_ascii=False), encoding="utf-8")
+        tmp.replace(_CACHE_FILE)
+    except Exception:
+        pass
+
+
+def _age_seconds(iso: Optional[str]) -> float:
+    if not iso:
+        return float("inf")
+    try:
+        ts = datetime.fromisoformat(iso)
+        if ts.tzinfo is None:
+            ts = ts.replace(tzinfo=timezone.utc)
+        return (datetime.now(timezone.utc) - ts).total_seconds()
+    except Exception:
+        return float("inf")
+
+
+def _fetch_latest() -> Optional[str]:
+    import urllib.request
+    try:
+        req = urllib.request.Request(_PYPI_URL, headers={"Accept": "application/json"})
+        with urllib.request.urlopen(req, timeout=_FETCH_TIMEOUT) as resp:
+            data = json.loads(resp.read().decode("utf-8"))
+        return ((data.get("info") or {}).get("version")) or None
+    except Exception:
+        return None
+
+
+def _parse(v: str) -> tuple:
+    """Lenient dotted-numeric parse for the fallback path (no packaging dep)."""
+    parts = []
+    for chunk in str(v).split("."):
+        num = ""
+        for ch in chunk:
+            if ch.isdigit():
+                num += ch
+            else:
+                break
+        parts.append(int(num) if num else 0)
+    return tuple(parts)
+
+
+def _is_newer(latest: str, current: str) -> bool:
+    try:
+        from packaging.version import parse as _vparse  # type: ignore
+        return _vparse(latest) > _vparse(current)
+    except Exception:
+        return _parse(latest) > _parse(current)
+
+
+def maybe_notify_update(current_version: str) -> None:
+    """Print an upgrade nudge to stderr if PyPI has a newer release.
+
+    Best-effort and fully guarded: any failure is silently ignored. Safe to call
+    unconditionally from the CLI entry point.
+    """
+    if _disabled():
+        return
+    try:
+        cache = _read_cache()
+
+        # Refresh the cached "latest" at most once per TTL (the only network hit).
+        if _age_seconds(cache.get("checked_at")) >= _CHECK_TTL_SECONDS:
+            latest = _fetch_latest()
+            if latest:
+                cache["latest"] = latest
+                cache["checked_at"] = datetime.now(timezone.utc).isoformat()
+                _write_cache(cache)
+
+        latest = cache.get("latest")
+        if not latest or not _is_newer(latest, current_version):
+            return
+
+        # Throttle: don't nag for the same version more than once per ~20h.
+        if (
+            cache.get("notified_for") == latest
+            and _age_seconds(cache.get("notified_at")) < _NOTIFY_TTL_SECONDS
+        ):
+            return
+
+        sys.stderr.write(
+            f"\n[sourcecode] v{latest} is available (you have {current_version}). "
+            "Upgrade: pipx upgrade sourcecode  (pip: pip install -U sourcecode)\n"
+        )
+        sys.stderr.flush()
+
+        cache["notified_for"] = latest
+        cache["notified_at"] = datetime.now(timezone.utc).isoformat()
+        _write_cache(cache)
+    except Exception:
+        pass

{sourcecode-1.36.0.dist-info → sourcecode-1.36.2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: sourcecode
-Version: 1.36.0
+Version: 1.36.2
 Summary: Persistent structural context and ultra-fast repeated analysis for AI coding agents
 License-File: LICENSE
 Keywords: agents,ai,codebase,context,developer-tools,llm
@@ -40,7 +40,7 @@ Description-Content-Type: text/markdown
 
 **Persistent structural context and ultra-fast repeated analysis for AI coding agents.**
 
-![Version](https://img.shields.io/badge/version-1.36.0-blue)
+![Version](https://img.shields.io/badge/version-1.36.1-blue)
 ![Python](https://img.shields.io/badge/python-3.10%2B-green)
 
 ---
@@ -114,7 +114,7 @@ pipx install sourcecode
 
 ```bash
 sourcecode version
-# sourcecode 1.36.0
+# sourcecode 1.36.1
 ```
 
 ---
@@ -311,8 +311,7 @@ when the work gets bigger or automated.
 files only, by design. sourcecode monetises enterprise Java monoliths.
 
 ```bash
-sourcecode auth login          # browser device-code auth
-sourcecode activate <key>      # or activate a license key directly
+sourcecode activate <key>      # activate a license key
 ```
 
 Full breakdown: [docs/PRODUCT_TIERS.md](docs/PRODUCT_TIERS.md).

{sourcecode-1.36.0.dist-info → sourcecode-1.36.2.dist-info}/RECORD

@@ -1,13 +1,13 @@
-sourcecode/__init__.py,sha256=j2Rx292C93M1gnbvMuKrqWMZXlDm3K85SxUiFzO4zac,103
+sourcecode/__init__.py,sha256=OwsI0itjMvrYqTYz2jWyNvxs5j-e5JKVwJ4h7_kCDEQ,103
 sourcecode/adaptive_scanner.py,sha256=XffluXKzJUXrMtjEiAOnSNPZnztdIcts17T9ouHeID0,10521
 sourcecode/architecture_analyzer.py,sha256=liCwQmLgb5vplohy8arjYxs_HOIv5C9MjLh_gY6bc5Q,44115
 sourcecode/architecture_summary.py,sha256=z34_6v7cSwy98cof2UVciGho7SCrZ93tiqMmq5WNzRQ,20405
 sourcecode/ast_extractor.py,sha256=sa6CmLpn-k5G3_Hzxn8hAlZ5-TS-EVzXDD0Gvxd2jzs,50613
-sourcecode/cache.py,sha256=wAyPrXN5DqiGivnMpeEuun2xHDKfBer2_oBsh6kj_vc,30447
+sourcecode/cache.py,sha256=1V3vsaODAa2UBJAC0xpvxpmRdriCezQx5Q8JCcfgziE,31892
 sourcecode/canonical_ir.py,sha256=c_lYTVoegg-1W2dZ34_2s3tN8L0GVx7eiDRh9ghdSD8,24178
 sourcecode/cir_graphs.py,sha256=rZi8JV4ZrAa2WSCeyNa4JIEKQ_yZzDZTsrvVz2KfuKA,8919
 sourcecode/classifier.py,sha256=hKzg-nQ47htqqIUzSGvYxv15cXrA3KgICTwJmdqal0o,8095
-sourcecode/cli.py,sha256=c8t9Jh68JjwcNyTZx9_hmoBLz1D0HOWu4snDFKtvang,249785
+sourcecode/cli.py,sha256=oNcQu-l2maZ9Pb2fZiY4JTCojFi0C156TLGTrJBKT34,252665
 sourcecode/code_notes_analyzer.py,sha256=EJemNCNc9Dn-1RZYu-aNbK0ELzmsyC4s6FdHi3XyNEI,9392
 sourcecode/confidence_analyzer.py,sha256=_jckZSxksV-OU38vbkxfVNBnWCtlCq8Vwfg23x1uspA,19054
 sourcecode/context_scorer.py,sha256=QpChSpsmaAYz91rXA4Ue5xzQmNz_ZboZN09YOHScq1U,14679
@@ -27,7 +27,7 @@ sourcecode/flow_analyzer.py,sha256=dSiuY4w49k29jW_EPXUOND9B5uVbuCA7kjnuHi-pIWA,2
 sourcecode/fqn_utils.py,sha256=XLU7zDkNBXz_RZkIUNfpPmp1nekWtqP-fxV92tDV1vg,2158
 sourcecode/git_analyzer.py,sha256=JStxTQXNjBWi_wLdwhsZs9mT-v50cSJIz4Agzn6Kh9I,13362
 sourcecode/graph_analyzer.py,sha256=DHR8fY69oU_Pi4SYaWboX6EoEFrctQKB9dsjpqwGMzw,62403
-sourcecode/license.py,sha256=gHNXu4_yLiHCJLhIryBCCmtzF6wBoWplHMS8rmu7m24,28074
+sourcecode/license.py,sha256=i_X1bYdobL_z9OVuLiycnWEFSaaNhcKKuTd6G55U3_k,20747
 sourcecode/mcp_nudge.py,sha256=5ELU_ixzh6uA83NXLOZT8h00OhL53okfQdji3jyKOjg,2917
 sourcecode/metrics_analyzer.py,sha256=m0ENgtqKeBL17kUIK3fmGkgo7UfXBNHxCMj0H_Y5K7c,22750
 sourcecode/migrate_check.py,sha256=vowVIAxVaHU8vhZUEt-HrWrWM38m6a5INHJQGjEg5E0,55390
@@ -58,6 +58,7 @@ sourcecode/spring_semantic.py,sha256=O1nKSGVzlukuxLHQVuCPxc-XrcrMFxwlHA20_dmEGgM
 sourcecode/spring_tx_analyzer.py,sha256=FdFcyqPp3aT9oJ-PKrnXcTA6s69wdvzG-NBm0GMGPTU,30717
 sourcecode/summarizer.py,sha256=zgdps7yS2IktAbWe7IWz0oUcr3QIuNPRGrsScbZ4R1g,21797
 sourcecode/tree_utils.py,sha256=8GAkIfQAsvtEudIeW1l4ooH_oRtrWR8cpJQJsEa_Pfw,2093
+sourcecode/version_check.py,sha256=CHp6ZxTIfo8kyHPCBgJA1uFC0xQCoXMuuOfrW8QTL8o,4942
 sourcecode/workspace.py,sha256=X_6NmNnitvT3_38V-JDChydo_sR68s249hLFlrQskU0,8271
 sourcecode/detectors/__init__.py,sha256=A0AACJFF6HWf_RgatNtWu3PUzstcKtIGM9f1PoFcJug,1987
 sourcecode/detectors/base.py,sha256=C2EqfZudQ1ITK4DID4M70nPxqoh9bl1zn_ta6XRaGWs,1168
@@ -94,10 +95,10 @@ sourcecode/telemetry/__init__.py,sha256=rth1GuU9Tqt6BvbOe6q6sro1yCygiDW4dN3r1Ovm
 sourcecode/telemetry/config.py,sha256=_MfMevIic1NTc8IRmCzQs96D8KPBLOWZ5cdhWrnHuwI,2639
 sourcecode/telemetry/consent.py,sha256=wLMvGNJeSSyZoNkQXpoUioY6mMv4Qdvuw7S9jAEWnII,2237
 sourcecode/telemetry/events.py,sha256=LtzYfaX9Ilckj5PTvAcTpDa9mLqDsYPDUiDkRa58piY,2580
-sourcecode/telemetry/filters.py,sha256=zFJfvmE7TT5ZYsXr3mh6kTe0adzzYqFZSx61wUJ8Rew,5849
+sourcecode/telemetry/filters.py,sha256=NHa5T-6DaZduQPFuC34jOqHWQgSizM-Ygq8aZ4j19ng,5834
 sourcecode/telemetry/transport.py,sha256=4gGHsq0WeY9VywEZXA3vUxykfiYnw9uuqfjAAec7F8o,1681
-sourcecode-1.36.0.dist-info/METADATA,sha256=_SkuM5cooAYdgrd0BAhzvvKwy3f8i92t8XOMT2iwRtE,30383
-sourcecode-1.36.0.dist-info/WHEEL,sha256=QccIxa26bgl1E6uMy58deGWi-0aeIkkangHcxk2kWfw,87
-sourcecode-1.36.0.dist-info/entry_points.txt,sha256=ex3F9rmbXeyDIoFQHtkEqTsKSaJow8F0LrVu8XfIktQ,57
-sourcecode-1.36.0.dist-info/licenses/LICENSE,sha256=7DdHrU9Z_3e7dSvq4ISijZNjnuHo5NIHNiHDouMQ9JU,10491
-sourcecode-1.36.0.dist-info/RECORD,,
+sourcecode-1.36.2.dist-info/METADATA,sha256=JWwQcBBUaBi8XxPm9ztTXwbj-lqk1CebR-LnQPQ731A,30313
+sourcecode-1.36.2.dist-info/WHEEL,sha256=QccIxa26bgl1E6uMy58deGWi-0aeIkkangHcxk2kWfw,87
+sourcecode-1.36.2.dist-info/entry_points.txt,sha256=ex3F9rmbXeyDIoFQHtkEqTsKSaJow8F0LrVu8XfIktQ,57
+sourcecode-1.36.2.dist-info/licenses/LICENSE,sha256=7DdHrU9Z_3e7dSvq4ISijZNjnuHo5NIHNiHDouMQ9JU,10491
+sourcecode-1.36.2.dist-info/RECORD,,