tripwire-cli 0.2.0__tar.gz

tripwire_cli-0.2.0/.gitignore

@@ -0,0 +1,48 @@
+# Per-run logs and analysis — never commit.
+runs/
+*.log
+
+# Local secrets.
+.run_tag
+.canaries.env
+.env
+tests/config/local.env
+tests/config/production.env
+
+# Python.
+__pycache__/
+*.pyc
+*.egg-info/
+.venv/
+.pytest_cache/
+
+# Fly.
+.fly/
+
+# Editor.
+.vscode/
+.idea/
+*.swp
+.DS_Store
+
+# Local Claude Code state.
+.claude/
+
+# Generated assistant rule outputs. Source rules live in committed `.rules/`
+# directories; regenerate these with `uv run --project scripts python -m
+# scripts.generate_rules`.
+.cursor/
+.kilocode/
+.agents/
+website/AGENTS.md
+website/CLAUDE.md
+
+# Cortex caches (committed docs live alongside, but caches are regenerable).
+.cortex/.cache/
+
+# Roam / cortex semantic-check local cache.
+.roam/
+
+# Local/generated research exports.
+*_anchor*_cioh_h*.csv
+/research

tripwire_cli-0.2.0/PKG-INFO

@@ -0,0 +1,68 @@
+Metadata-Version: 2.4
+Name: tripwire-cli
+Version: 0.2.0
+Summary: Command-line client for Tripwire canaries
+Requires-Python: >=3.12
+Requires-Dist: click>=8.1
+Requires-Dist: httpx>=0.27
+Description-Content-Type: text/markdown
+
+# tripwire-cli
+
+Command-line client for [Tripwire](https://tripwire.so) canaries. Installs a
+single `tripwire` command.
+
+## Install
+
+```bash
+uv tool install --from . tripwire-cli
+```
+
+Or run without installing:
+
+```bash
+uvx --from . tripwire --help
+```
+
+## Usage
+
+```bash
+# Log in and cache a token. Defaults to passwordless email-code login: it
+# prompts for your email (defaulting to `git config user.email`) and the
+# 6-digit code emailed to you. Operators can pass --user-id / --password to use
+# the user-id + password login instead.
+tripwire login
+
+# Create a canary. The credential is returned once, in this response, so
+# capture it now. Provider-minted types (aws/anthropic/github) can take ~2 min;
+# the CLI waits and prints a progress note while it provisions.
+tripwire canaries create --type dns_label --memo "env metrics host"
+tripwire canaries create --type aws_access_key --memo "warehouse reporting key"
+
+# Inspect what you own (summaries only; the credential is never shown again).
+tripwire canaries list
+tripwire canaries get can_1234abcd
+
+# Wind one down.
+tripwire canaries deactivate can_1234abcd
+tripwire canaries delete can_1234abcd
+```
+
+`canaries` subcommands print JSON to stdout (pipe to `jq`); progress and other
+plain-text messages go to stderr, so stdout stays clean JSON. Run
+`tripwire --help` for the full reference.
+
+Supported create types are `dns_label`, `aws_access_key`, `anthropic_api_key`,
+and `github_pat`.
+
+`canaries create` accepts `--timeout <seconds>` (env `TRIPWIRE_CREATE_TIMEOUT`,
+default 240) for the per-request read timeout; it must stay above the server's
+~180s provisioning wait so the one-time credential reveal is never lost to a
+premature client timeout.
+
+## Server
+
+`login` talks to `https://tripwire.so/api/v1` by default. Set `TRIPWIRE_SERVER`
+to point at a self-hosted or test server before logging in; the server is bound
+to your token at login time. The token is cached at
+`~/.config/tripwire/credentials.json` (honoring `XDG_CONFIG_HOME`).

tripwire_cli-0.2.0/README.md

@@ -0,0 +1,59 @@
+# tripwire-cli
+
+Command-line client for [Tripwire](https://tripwire.so) canaries. Installs a
+single `tripwire` command.
+
+## Install
+
+```bash
+uv tool install --from . tripwire-cli
+```
+
+Or run without installing:
+
+```bash
+uvx --from . tripwire --help
+```
+
+## Usage
+
+```bash
+# Log in and cache a token. Defaults to passwordless email-code login: it
+# prompts for your email (defaulting to `git config user.email`) and the
+# 6-digit code emailed to you. Operators can pass --user-id / --password to use
+# the user-id + password login instead.
+tripwire login
+
+# Create a canary. The credential is returned once, in this response, so
+# capture it now. Provider-minted types (aws/anthropic/github) can take ~2 min;
+# the CLI waits and prints a progress note while it provisions.
+tripwire canaries create --type dns_label --memo "env metrics host"
+tripwire canaries create --type aws_access_key --memo "warehouse reporting key"
+
+# Inspect what you own (summaries only; the credential is never shown again).
+tripwire canaries list
+tripwire canaries get can_1234abcd
+
+# Wind one down.
+tripwire canaries deactivate can_1234abcd
+tripwire canaries delete can_1234abcd
+```
+
+`canaries` subcommands print JSON to stdout (pipe to `jq`); progress and other
+plain-text messages go to stderr, so stdout stays clean JSON. Run
+`tripwire --help` for the full reference.
+
+Supported create types are `dns_label`, `aws_access_key`, `anthropic_api_key`,
+and `github_pat`.
+
+`canaries create` accepts `--timeout <seconds>` (env `TRIPWIRE_CREATE_TIMEOUT`,
+default 240) for the per-request read timeout; it must stay above the server's
+~180s provisioning wait so the one-time credential reveal is never lost to a
+premature client timeout.
+
+## Server
+
+`login` talks to `https://tripwire.so/api/v1` by default. Set `TRIPWIRE_SERVER`
+to point at a self-hosted or test server before logging in; the server is bound
+to your token at login time. The token is cached at
+`~/.config/tripwire/credentials.json` (honoring `XDG_CONFIG_HOME`).

tripwire_cli-0.2.0/pyproject.toml

@@ -0,0 +1,29 @@
+[project]
+name = "tripwire-cli"
+version = "0.2.0"
+description = "Command-line client for Tripwire canaries"
+readme = "README.md"
+requires-python = ">=3.12"
+dependencies = [
+    "click>=8.1",
+    "httpx>=0.27",
+]
+
+[project.scripts]
+tripwire = "tripwire_cli.cli:main"
+tripwire-cli = "tripwire_cli.cli:main"
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[tool.hatch.build.targets.wheel]
+packages = ["tripwire_cli"]
+
+[dependency-groups]
+dev = [
+    "pytest>=8.3",
+]
+
+[tool.pytest.ini_options]
+testpaths = ["tests"]