feat: entrypoint for focli simulate

can run the `focli` with --simulate to get directly to simulate
various other formatting and lint fixes

.pre-commit-config.yaml

@@ -3,8 +3,11 @@ repos:
     rev: v0.11.4
     hooks:
       - id: ruff
-        args: [--fix, --unsafe-fixes]
+        args: [--fix]
+        files: ^(src|tests)/
       - id: ruff-format
+        files: ^(src|tests)/
+        types_or: [python, pyi]
 
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v4.5.0

.windsurfrules

@@ -0,0 +1,19 @@
+---
+description: Rules to get the AI to behave
+alwaysApply: true
+---
+# General rules for AI
+- Prior to generating any code, carefully read the project conventions
+  - Read [project-design.md](docs/project-design.md) to understand the codebase
+  - Read [project-conventions.md](docs/project-conventions.md) to understand _how_ to write code for the codebase
+- Run `make lint` and `make test` after every change. `lint` in particular can be run very frequently.
+- When user starts a prompt with `QQ:` or `Question:`, just answer the question or prompt without producing code.
+- Prefer small testable steps, after each step give a summary to the user and summarize the next step
+- Maintain strict separation of concerns: Business logic MUST reside in the core library (`src/folio/`), not in interface layers (`src/focli/`). Interface layers should only handle user interaction, command parsing, and result presentation.
+- Use `.docs/` for temporary documentation such as project plans or logs
+
+## Prohibited actions
+
+- Do not run `make folio`. This is for the user to run only.
+- Do not use `git` commands unless explicitly asked.
+- Do not use `docker` commands unless explicitly asked.

Makefile

@@ -112,7 +112,7 @@ lint:
 	@mkdir -p $(LOGS_DIR)
 	@(echo "=== Code Check Log $(TIMESTAMP) ===" && \
 	echo "Starting checks at: $$(date)" && \
-	$(POETRY) run ruff check --fix --unsafe-fixes . \
+	$(POETRY) run ruff check --fix src/ tests/ \
 	2>&1) | tee $(LOGS_DIR)/code_check_latest.log
 	@echo "Check log saved to: $(LOGS_DIR)/code_check_latest.log"
 

poetry.lock

@@ -1426,6 +1426,24 @@ tomli = {version = ">=1", markers = "python_version < \"3.11\""}
 [package.extras]
 dev = ["argcomplete", "attrs (>=19.2)", "hypothesis (>=3.56)", "mock", "pygments (>=2.7.2)", "requests", "setuptools", "xmlschema"]
 
+[[package]]
+name = "pytest-mock"
+version = "3.14.0"
+description = "Thin-wrapper around the mock package for easier use with pytest"
+optional = false
+python-versions = ">=3.8"
+groups = ["dev"]
+files = [
+    {file = "pytest-mock-3.14.0.tar.gz", hash = "sha256:2719255a1efeceadbc056d6bf3df3d1c5015530fb40cf347c0f9afac88410bd0"},
+    {file = "pytest_mock-3.14.0-py3-none-any.whl", hash = "sha256:0b72c38033392a5f4621342fe11e9219ac11ec9d375f8e2a0c164539e0d70f6f"},
+]
+
+[package.dependencies]
+pytest = ">=6.2.5"
+
+[package.extras]
+dev = ["pre-commit", "pytest-asyncio", "tox"]
+
 [[package]]
 name = "python-dateutil"
 version = "2.9.0.post0"
@@ -1921,4 +1939,4 @@ type = ["pytest-mypy"]
 [metadata]
 lock-version = "2.1"
 python-versions = "^3.9"
-content-hash = "98fdada28ba7fcb3cfdbafe0bddcfcd41eec8384218d942c8991abe7040a4f4d"
+content-hash = "85ddf4d6c12a985cab4eec4cca4a115f95cb23840d6a04793f54f5b53d2a110c"

pyproject.toml

@@ -25,6 +25,7 @@ google-generativeai = ">=0.3.0"
 [tool.poetry.group.dev.dependencies]
 ruff = "^0.11.7"
 pytest = "^8.3.5"
+pytest-mock = "^3.14.0"  # Added for mocking in tests
 rich = ">=13.9.0"
 prompt-toolkit = ">=3.0.43"
 pre-commit = "^4.2.0"

scripts/run_mlflow.py

@@ -11,9 +11,19 @@ import sys
 
 def main():
     """Start the MLflow UI server"""
-    parser = argparse.ArgumentParser(description='Start the MLflow UI server')
-    parser.add_argument('--port', type=int, default=5000, help='Port to run the server on (default: 5000)')
-    parser.add_argument('--host', type=str, default='127.0.0.1', help='Host to run the server on (default: 127.0.0.1)')
+    parser = argparse.ArgumentParser(description="Start the MLflow UI server")
+    parser.add_argument(
+        "--port",
+        type=int,
+        default=5000,
+        help="Port to run the server on (default: 5000)",
+    )
+    parser.add_argument(
+        "--host",
+        type=str,
+        default="127.0.0.1",
+        help="Host to run the server on (default: 127.0.0.1)",
+    )
     args = parser.parse_args()
 
     # Get the project root directory
@@ -21,16 +31,19 @@ def main():
     project_root = os.path.dirname(script_dir)
 
     # Set the MLflow tracking URI
-    mlruns_dir = os.path.join(project_root, 'mlruns')
+    mlruns_dir = os.path.join(project_root, "mlruns")
     tracking_uri = f"file:{mlruns_dir}"
 
-
     # Start the MLflow UI
     cmd = [
-        "mlflow", "ui",
-        "--backend-store-uri", tracking_uri,
-        "--host", args.host,
-        "--port", str(args.port)
+        "mlflow",
+        "ui",
+        "--backend-store-uri",
+        tracking_uri,
+        "--host",
+        args.host,
+        "--port",
+        str(args.port),
     ]
 
     try:
@@ -40,5 +53,6 @@ def main():
     except Exception:
         sys.exit(1)
 
+
 if __name__ == "__main__":
     main()

src/focli/README.md

@@ -16,6 +16,23 @@ python src/focli/focli.py
 
 This will launch the interactive shell where you can enter commands.
 
+### Direct Simulation Mode
+
+You can also run simulations directly from the command line without entering the interactive shell:
+
+```bash
+# Run simulation with default parameters
+python src/focli/focli.py --simulate
+
+# Run a quick simulation (fewer steps, smaller range)
+python src/focli/focli.py --simulate --preset quick
+
+# Run a detailed simulation (more steps)
+python src/focli/focli.py --simulate --preset detailed
+```
+
+This is useful for quickly checking how your portfolio might perform under different market conditions.
+
 ## Why Use Folio CLI?
 
 - **Speed**: Get answers in seconds without waiting for GUI elements to load
@@ -57,7 +74,7 @@ See how your portfolio might perform across different market scenarios:
 - `--steps 13` - Set the number of data points in the simulation
 - `--detailed` - Show position-level details in the simulation
 - `--focus SPY,AAPL` - Focus on specific positions
-- `--preset <name>` - Use a saved parameter preset
+- `--preset <name>` - Use a saved parameter preset (default, quick, detailed)
 - `--save-preset <name>` - Save current parameters as a preset
 - `--filter options` - Run simulation only on positions with options
 
@@ -91,6 +108,7 @@ Exit the application.
 3. **Drill down with position commands** to understand specific holdings
 4. **Save presets** for analyses you run frequently
 5. **Use filtering** to focus on segments of your portfolio
+6. **Use direct simulation mode** for quick portfolio checks
 
 ## Example Workflow
 

src/focli/focli.py

@@ -6,9 +6,15 @@ This script provides an interactive shell for running portfolio simulations,
 analyzing positions, and exploring investment scenarios.
 
 Usage:
-    python src/focli/focli.py
+    python src/focli/focli.py                    # Start interactive shell
+    python src/focli/focli.py --simulate         # Run simulation directly
+    python src/focli/focli.py --simulate --preset quick  # Run quick simulation
 
-Commands:
+Command-line Options:
+    --simulate          Run portfolio simulation directly without entering interactive shell
+    --preset NAME       Use a specific simulation preset (default, quick, detailed)
+
+Interactive Commands:
     help                Show help information
     simulate spy        Simulate portfolio performance with SPY changes
     position <ticker>   Analyze a specific position group

src/focli/shell.py

@@ -4,7 +4,9 @@ Interactive shell for the Folio CLI.
 This module provides the main entry point for the Folio CLI interactive shell.
 """
 
+import argparse
 import os
+import traceback
 
 from prompt_toolkit import PromptSession
 from prompt_toolkit.completion import NestedCompleter
@@ -13,6 +15,7 @@ from prompt_toolkit.shortcuts import confirm
 from rich.console import Console
 
 from src.focli.commands import execute_command, get_command_registry
+from src.focli.commands.simulate import simulate_command
 from src.focli.utils import load_portfolio
 
 
@@ -38,52 +41,106 @@ def create_completer():
     return NestedCompleter.from_nested_dict(completion_dict)
 
 
-def main():
-    """Main entry point for the Folio CLI."""
-    console = Console()
-    console.print("[bold cyan]Folio Interactive Shell[/bold cyan]")
-    console.print("Type 'help' for available commands.")
-
-    # Create history file in user's home directory
-    history_file = os.path.expanduser("~/.folio_history")
-
-    # Create session with auto-completion and history
-    session = PromptSession(
-        completer=create_completer(), history=FileHistory(history_file)
-    )
+def initialize_state():
+    """Initialize the application state.
 
-    # Initialize application state
-    state = {
-        # Portfolio data
+    Returns:
+        Dictionary containing the initial application state
+    """
+    return {
         "portfolio_groups": None,
         "portfolio_summary": None,
         "loaded_portfolio": None,
-        # Simulation results
         "last_simulation": None,
         "simulation_history": [],
-        # Position analysis
         "last_position": None,
         "position_simulations": {},
         "filtered_groups": None,
-        # Parameter presets
         "simulation_presets": {
             "default": {"range": 20.0, "steps": 13},
             "detailed": {"range": 20.0, "steps": 21, "detailed": True},
             "quick": {"range": 10.0, "steps": 5},
         },
-        # Session history
         "command_history": [],
     }
 
-    # Try to load default portfolio
+
+def load_default_portfolio(state, console):
+    """Try to load the default portfolio.
+
+    Args:
+        state: Application state
+        console: Rich console for output
+
+    Returns:
+        True if portfolio was loaded successfully, False otherwise
+    """
     default_portfolio = "private-data/portfolio-private.csv"
     try:
         load_portfolio(default_portfolio, state, console)
+        return True
     except Exception as e:
         console.print(f"[yellow]Could not load default portfolio: {e}[/yellow]")
         console.print(
             "[yellow]Use 'portfolio load <path>' to load a portfolio.[/yellow]"
         )
+        return False
+
+
+def main():
+    """Main entry point for the Folio CLI."""
+    # Parse command-line arguments
+    parser = argparse.ArgumentParser(description="Folio CLI")
+    parser.add_argument(
+        "--simulate", action="store_true", help="Run simulation directly"
+    )
+    parser.add_argument(
+        "--preset", type=str, help="Simulation preset to use (default, quick, detailed)"
+    )
+    args = parser.parse_args()
+
+    console = Console()
+
+    # Initialize application state
+    state = initialize_state()
+
+    # If direct simulation is requested
+    if args.simulate:
+        console.print("[bold cyan]Folio CLI - Direct Simulation[/bold cyan]")
+
+        # Try to load default portfolio
+        if load_default_portfolio(state, console):
+            # Run simulation with optional preset
+            sim_args = []
+            if args.preset:
+                sim_args = ["-p", args.preset]
+
+            # Execute simulation command
+            simulate_command(sim_args, state, console)
+            return
+        else:
+            console.print(
+                "[bold red]Error:[/bold red] Cannot run simulation without a portfolio."
+            )
+            console.print(
+                "Please run the CLI without --simulate to load a portfolio first."
+            )
+            return
+
+    # Regular interactive mode
+    console.print("[bold cyan]Folio Interactive Shell[/bold cyan]")
+    console.print("Type 'help' for available commands.")
+
+    # Create history file in user's home directory
+    history_file = os.path.expanduser("~/.folio_history")
+
+    # Create session with auto-completion and history
+    session = PromptSession(
+        completer=create_completer(), history=FileHistory(history_file)
+    )
+
+    # Try to load default portfolio
+    load_default_portfolio(state, console)
 
     # Main REPL loop
     while True:
@@ -100,25 +157,22 @@ def main():
                     break
                 continue
 
+            # Execute the command
+            execute_command(text, state, console)
+
             # Add to command history
             state["command_history"].append(text)
 
-            # Process the command
-            execute_command(text, state, console)
-
         except KeyboardInterrupt:
             # Handle Ctrl+C
-            console.print("\n[yellow]Use 'exit' to exit the application.[/yellow]")
-            continue
+            console.print("[yellow]Use 'exit' to exit the application.[/yellow]")
         except EOFError:
             # Handle Ctrl+D
-            console.print("\nGoodbye!")
             break
         except Exception as e:
-            # Handle unexpected errors
-            console.print(f"[bold red]Error:[/bold red] {e!s}")
-
-    console.print("Goodbye!")
+            # Handle other exceptions
+            console.print(f"[bold red]Error:[/bold red] {e}")
+            console.print(traceback.format_exc())
 
 
 def confirm_exit():

src/folio/exceptions.py

@@ -8,26 +8,31 @@ and handling for different error conditions.
 
 class FolioError(Exception):
     """Base class for all Folio application exceptions."""
+
     pass
 
 
 class DataError(FolioError):
     """Raised when there are issues with data processing or validation."""
+
     pass
 
 
 class PortfolioError(FolioError):
     """Raised when there are issues with portfolio operations."""
+
     pass
 
 
 class UIError(FolioError):
     """Raised when there are issues with the UI components."""
+
     pass
 
 
 class ConfigurationError(FolioError):
     """Raised when there are issues with application configuration."""
+
     pass
 
 

src/folio/security.py

@@ -99,7 +99,7 @@ def validate_csv_upload(
     # Check file size
     if len(decoded) > MAX_FILE_SIZE:
         logger.warning(f"File too large: {len(decoded)} bytes (max {MAX_FILE_SIZE})")
-        raise ValueError(f"File too large (max {MAX_FILE_SIZE/1024/1024:.1f}MB)")
+        raise ValueError(f"File too large (max {MAX_FILE_SIZE / 1024 / 1024:.1f}MB)")
 
     # Parse CSV
     try:

tests/e2e/conftest.py

@@ -67,28 +67,31 @@ def processed_portfolio(portfolio_data):
             # Possible alternative: (groups, cash_like_positions)
             groups, cash_like_positions = result
             from src.folio.portfolio import calculate_portfolio_summary
+
             summary = calculate_portfolio_summary(groups, cash_like_positions, 0.0)
     else:
         # If result is not a tuple, it's likely just the groups
         groups = result
         from src.folio.portfolio import calculate_portfolio_summary
+
         summary = calculate_portfolio_summary(groups, [], 0.0)
         cash_like_positions = []
 
     # Ensure we have a valid summary object
-    if not hasattr(summary, 'to_dict'):
+    if not hasattr(summary, "to_dict"):
         logger.error("Error: summary object does not have to_dict method")
         logger.error(f"Type of summary: {type(summary)}")
         # Create a minimal summary for testing
         # Import here to avoid circular imports
         from src.folio.data_model import ExposureBreakdown, PortfolioSummary
+
         empty_exposure = ExposureBreakdown()
         summary = PortfolioSummary(
             net_market_exposure=0.0,
             portfolio_beta=0.0,
             long_exposure=empty_exposure,
             short_exposure=empty_exposure,
-            options_exposure=empty_exposure
+            options_exposure=empty_exposure,
         )
 
     # Convert summary to dictionary for use in tests

tests/e2e/test_exposures.py

@@ -91,7 +91,6 @@ class TestExposures:
 
         summary_dict.get("pending_activity_value", 0.0)
 
-
         # Test that summary card values match position details
         assert abs(summary_net_exposure - total_ui_market_value) < 0.01, (
             f"Net Exposure in summary cards ({format_currency(summary_net_exposure)}) does not match the total market value shown in the UI ({format_currency(total_ui_market_value)})"

tests/test_data_model_serialization.py

@@ -66,7 +66,9 @@ class TestDataModelSerialization(unittest.TestCase):
         stock = StockPosition.from_dict(stock_dict)
 
         # Check that market_value was calculated correctly
-        self.assertEqual(stock.market_value, stock_dict["price"] * stock_dict["quantity"])
+        self.assertEqual(
+            stock.market_value, stock_dict["price"] * stock_dict["quantity"]
+        )
 
     def test_option_position_serialization(self):
         """Test that OptionPosition objects can be serialized and deserialized."""
@@ -138,7 +140,9 @@ class TestDataModelSerialization(unittest.TestCase):
         option = OptionPosition.from_dict(option_dict)
 
         # Check that market_value was calculated correctly with 100x multiplier
-        self.assertEqual(option.market_value, option_dict["price"] * option_dict["quantity"] * 100)
+        self.assertEqual(
+            option.market_value, option_dict["price"] * option_dict["quantity"] * 100
+        )
 
     def test_portfolio_group_serialization(self):
         """Test that PortfolioGroup objects can be serialized and deserialized."""
@@ -202,50 +206,77 @@ class TestDataModelSerialization(unittest.TestCase):
         self.assertEqual(group.stock_position.ticker, group2.stock_position.ticker)
         self.assertEqual(group.stock_position.quantity, group2.stock_position.quantity)
         self.assertEqual(group.stock_position.beta, group2.stock_position.beta)
-        self.assertEqual(group.stock_position.market_exposure, group2.stock_position.market_exposure)
+        self.assertEqual(
+            group.stock_position.market_exposure, group2.stock_position.market_exposure
+        )
         self.assertEqual(
             group.stock_position.beta_adjusted_exposure,
             group2.stock_position.beta_adjusted_exposure,
         )
         self.assertEqual(group.stock_position.price, group2.stock_position.price)
-        self.assertEqual(group.stock_position.cost_basis, group2.stock_position.cost_basis)
-        self.assertEqual(group.stock_position.market_value, group2.stock_position.market_value)
+        self.assertEqual(
+            group.stock_position.cost_basis, group2.stock_position.cost_basis
+        )
+        self.assertEqual(
+            group.stock_position.market_value, group2.stock_position.market_value
+        )
 
         # Check that the option position was deserialized correctly
-        self.assertEqual(group.option_positions[0].ticker, group2.option_positions[0].ticker)
         self.assertEqual(
-            group.option_positions[0].position_type, group2.option_positions[0].position_type
+            group.option_positions[0].ticker, group2.option_positions[0].ticker
+        )
+        self.assertEqual(
+            group.option_positions[0].position_type,
+            group2.option_positions[0].position_type,
+        )
+        self.assertEqual(
+            group.option_positions[0].quantity, group2.option_positions[0].quantity
+        )
+        self.assertEqual(
+            group.option_positions[0].beta, group2.option_positions[0].beta
         )
-        self.assertEqual(group.option_positions[0].quantity, group2.option_positions[0].quantity)
-        self.assertEqual(group.option_positions[0].beta, group2.option_positions[0].beta)
         self.assertEqual(
             group.option_positions[0].beta_adjusted_exposure,
             group2.option_positions[0].beta_adjusted_exposure,
         )
-        self.assertEqual(group.option_positions[0].strike, group2.option_positions[0].strike)
-        self.assertEqual(group.option_positions[0].expiry, group2.option_positions[0].expiry)
         self.assertEqual(
-            group.option_positions[0].option_type, group2.option_positions[0].option_type
+            group.option_positions[0].strike, group2.option_positions[0].strike
+        )
+        self.assertEqual(
+            group.option_positions[0].expiry, group2.option_positions[0].expiry
+        )
+        self.assertEqual(
+            group.option_positions[0].option_type,
+            group2.option_positions[0].option_type,
+        )
+        self.assertEqual(
+            group.option_positions[0].delta, group2.option_positions[0].delta
+        )
+        self.assertEqual(
+            group.option_positions[0].delta_exposure,
+            group2.option_positions[0].delta_exposure,
         )
-        self.assertEqual(group.option_positions[0].delta, group2.option_positions[0].delta)
         self.assertEqual(
-            group.option_positions[0].delta_exposure, group2.option_positions[0].delta_exposure
+            group.option_positions[0].notional_value,
+            group2.option_positions[0].notional_value,
         )
         self.assertEqual(
-            group.option_positions[0].notional_value, group2.option_positions[0].notional_value
+            group.option_positions[0].underlying_beta,
+            group2.option_positions[0].underlying_beta,
         )
         self.assertEqual(
-            group.option_positions[0].underlying_beta, group2.option_positions[0].underlying_beta
+            group.option_positions[0].market_exposure,
+            group2.option_positions[0].market_exposure,
         )
         self.assertEqual(
-            group.option_positions[0].market_exposure, group2.option_positions[0].market_exposure
+            group.option_positions[0].price, group2.option_positions[0].price
         )
-        self.assertEqual(group.option_positions[0].price, group2.option_positions[0].price)
         self.assertEqual(
             group.option_positions[0].cost_basis, group2.option_positions[0].cost_basis
         )
         self.assertEqual(
-            group.option_positions[0].market_value, group2.option_positions[0].market_value
+            group.option_positions[0].market_value,
+            group2.option_positions[0].market_value,
         )
 
     def test_portfolio_summary_serialization(self):
@@ -345,8 +376,12 @@ class TestDataModelSerialization(unittest.TestCase):
         self.assertEqual(summary.cash_percentage, summary2.cash_percentage)
         self.assertEqual(summary.stock_value, summary2.stock_value)
         self.assertEqual(summary.option_value, summary2.option_value)
-        self.assertEqual(summary.pending_activity_value, summary2.pending_activity_value)
-        self.assertEqual(summary.portfolio_estimate_value, summary2.portfolio_estimate_value)
+        self.assertEqual(
+            summary.pending_activity_value, summary2.pending_activity_value
+        )
+        self.assertEqual(
+            summary.portfolio_estimate_value, summary2.portfolio_estimate_value
+        )
         self.assertEqual(summary.price_updated_at, summary2.price_updated_at)
 
         # Check that the exposure breakdowns were deserialized correctly
@@ -354,7 +389,8 @@ class TestDataModelSerialization(unittest.TestCase):
             summary.long_exposure.stock_exposure, summary2.long_exposure.stock_exposure
         )
         self.assertEqual(
-            summary.long_exposure.stock_beta_adjusted, summary2.long_exposure.stock_beta_adjusted
+            summary.long_exposure.stock_beta_adjusted,
+            summary2.long_exposure.stock_beta_adjusted,
         )
         self.assertEqual(
             summary.long_exposure.option_delta_exposure,
@@ -368,7 +404,8 @@ class TestDataModelSerialization(unittest.TestCase):
             summary.long_exposure.total_exposure, summary2.long_exposure.total_exposure
         )
         self.assertEqual(
-            summary.long_exposure.total_beta_adjusted, summary2.long_exposure.total_beta_adjusted
+            summary.long_exposure.total_beta_adjusted,
+            summary2.long_exposure.total_beta_adjusted,
         )
 
     def test_portfolio_summary_serialization_without_pending_activity(self):

tests/test_security.py

@@ -10,7 +10,7 @@ import unittest
 
 import pandas as pd
 
-sys.path.insert(0, os.path.abspath('..'))
+sys.path.insert(0, os.path.abspath(".."))
 
 from src.folio.security import (
     sanitize_cell,
@@ -33,12 +33,19 @@ class TestSecurity(unittest.TestCase):
 
         # Test HTML/script sanitization
         self.assertEqual(sanitize_cell("<script>alert('XSS')</script>"), "[REMOVED]")
-        self.assertEqual(sanitize_cell("javascript:alert('XSS')"), "[REMOVED]alert('XSS')")
-        self.assertEqual(sanitize_cell("<img src=x onerror=alert('XSS')>"), "<img src=x [REMOVED]=alert('XSS')>")
+        self.assertEqual(
+            sanitize_cell("javascript:alert('XSS')"), "[REMOVED]alert('XSS')"
+        )
+        self.assertEqual(
+            sanitize_cell("<img src=x onerror=alert('XSS')>"),
+            "<img src=x [REMOVED]=alert('XSS')>",
+        )
 
         # Test command injection sanitization
         self.assertEqual(sanitize_cell("value; rm -rf /"), "value rm -rf /")
-        self.assertEqual(sanitize_cell("value | cat /etc/passwd"), "value  cat /etc/passwd")
+        self.assertEqual(
+            sanitize_cell("value | cat /etc/passwd"), "value  cat /etc/passwd"
+        )
 
         # Test non-string values
         self.assertEqual(sanitize_cell(123), "123")
@@ -60,7 +67,9 @@ class TestSecurity(unittest.TestCase):
 
         # Test stock names with ampersands (should not be modified)
         self.assertEqual(sanitize_cell("S&P 500"), "S&P 500")
-        self.assertEqual(sanitize_cell("PROSHARES ULTRAPRO S&P500"), "PROSHARES ULTRAPRO S&P500")
+        self.assertEqual(
+            sanitize_cell("PROSHARES ULTRAPRO S&P500"), "PROSHARES ULTRAPRO S&P500"
+        )
 
     def test_sanitize_formula(self):
         """Test sanitizing formula-like content."""
@@ -98,7 +107,10 @@ class TestSecurity(unittest.TestCase):
 
         # Test stock names with ampersands (should not be modified)
         self.assertEqual(sanitize_dangerous_content("S&P 500"), "S&P 500")
-        self.assertEqual(sanitize_dangerous_content("PROSHARES ULTRAPRO S&P500"), "PROSHARES ULTRAPRO S&P500")
+        self.assertEqual(
+            sanitize_dangerous_content("PROSHARES ULTRAPRO S&P500"),
+            "PROSHARES ULTRAPRO S&P500",
+        )
 
         # Test formula sanitization
         self.assertEqual(sanitize_dangerous_content("=SUM(A1:B1)"), "'=SUM(A1:B1)")
@@ -106,50 +118,70 @@ class TestSecurity(unittest.TestCase):
         self.assertEqual(sanitize_dangerous_content("+SUM(A1:B1)"), "'+SUM(A1:B1)")
 
         # Test HTML/script sanitization
-        self.assertEqual(sanitize_dangerous_content("<script>alert('XSS')</script>"), "[REMOVED]")
-        self.assertEqual(sanitize_dangerous_content("javascript:alert('XSS')"), "[REMOVED]alert('XSS')")
+        self.assertEqual(
+            sanitize_dangerous_content("<script>alert('XSS')</script>"), "[REMOVED]"
+        )
+        self.assertEqual(
+            sanitize_dangerous_content("javascript:alert('XSS')"),
+            "[REMOVED]alert('XSS')",
+        )
 
         # Test command injection sanitization
-        self.assertEqual(sanitize_dangerous_content("value; rm -rf /"), "value rm -rf /")
-        self.assertEqual(sanitize_dangerous_content("value | cat /etc/passwd"), "value  cat /etc/passwd")
+        self.assertEqual(
+            sanitize_dangerous_content("value; rm -rf /"), "value rm -rf /"
+        )
+        self.assertEqual(
+            sanitize_dangerous_content("value | cat /etc/passwd"),
+            "value  cat /etc/passwd",
+        )
 
     def test_sanitize_dataframe(self):
         """Test sanitizing a DataFrame."""
         # Create a test DataFrame with potentially dangerous content
-        df = pd.DataFrame({
-            'Symbol': ['AAPL', '=SUM(A1:B1)', 'MSFT'],
-            'Description': ['Apple Inc', '<script>alert("XSS")</script>', 'Microsoft Corp'],
-            'Quantity': [100, 200, 300],
-            'Last Price': ['$150.00', '=HYPERLINK("malicious.com")', '$250.00'],
-        })
+        df = pd.DataFrame(
+            {
+                "Symbol": ["AAPL", "=SUM(A1:B1)", "MSFT"],
+                "Description": [
+                    "Apple Inc",
+                    '<script>alert("XSS")</script>',
+                    "Microsoft Corp",
+                ],
+                "Quantity": [100, 200, 300],
+                "Last Price": ["$150.00", '=HYPERLINK("malicious.com")', "$250.00"],
+            }
+        )
 
         # Sanitize the DataFrame
         sanitized_df = sanitize_dataframe(df)
 
         # Check that the dangerous content was sanitized
-        self.assertEqual(sanitized_df.loc[1, 'Symbol'], "'=SUM(A1:B1)")
-        self.assertEqual(sanitized_df.loc[1, 'Description'], "[REMOVED]")
-        self.assertEqual(sanitized_df.loc[1, 'Last Price'], "'=HYPERLINK(\"malicious.com\")")
+        self.assertEqual(sanitized_df.loc[1, "Symbol"], "'=SUM(A1:B1)")
+        self.assertEqual(sanitized_df.loc[1, "Description"], "[REMOVED]")
+        self.assertEqual(
+            sanitized_df.loc[1, "Last Price"], '\'=HYPERLINK("malicious.com")'
+        )
 
         # Check that safe content was not modified
-        self.assertEqual(sanitized_df.loc[0, 'Symbol'], 'AAPL')
-        self.assertEqual(sanitized_df.loc[0, 'Description'], 'Apple Inc')
-        self.assertEqual(sanitized_df.loc[0, 'Quantity'], 100)
+        self.assertEqual(sanitized_df.loc[0, "Symbol"], "AAPL")
+        self.assertEqual(sanitized_df.loc[0, "Description"], "Apple Inc")
+        self.assertEqual(sanitized_df.loc[0, "Quantity"], 100)
 
     def test_validate_csv_upload(self):
         """Test validating a CSV upload."""
         # Create a valid CSV file
-        df = pd.DataFrame({
-            'Symbol': ['AAPL', 'MSFT', 'GOOGL'],
-            'Quantity': [100, 200, 300],
-            'Last Price': ['$150.00', '$250.00', '$2,500.00'],
-        })
+        df = pd.DataFrame(
+            {
+                "Symbol": ["AAPL", "MSFT", "GOOGL"],
+                "Quantity": [100, 200, 300],
+                "Last Price": ["$150.00", "$250.00", "$2,500.00"],
+            }
+        )
 
         # Convert to CSV and encode as base64
         csv_buffer = io.StringIO()
         df.to_csv(csv_buffer, index=False)
         csv_str = csv_buffer.getvalue()
-        b64_content = base64.b64encode(csv_str.encode('utf-8')).decode('utf-8')
+        b64_content = base64.b64encode(csv_str.encode("utf-8")).decode("utf-8")
         contents = f"data:text/csv;base64,{b64_content}"
 
         # Validate the CSV upload
@@ -160,17 +192,19 @@ class TestSecurity(unittest.TestCase):
         self.assertEqual(len(result_df), 3)
 
         # Create a CSV with malicious content
-        df = pd.DataFrame({
-            'Symbol': ['AAPL', '=SUM(A1:B1)', 'MSFT'],
-            'Quantity': [100, 200, 300],
-            'Last Price': ['$150.00', '=HYPERLINK("malicious.com")', '$250.00'],
-        })
+        df = pd.DataFrame(
+            {
+                "Symbol": ["AAPL", "=SUM(A1:B1)", "MSFT"],
+                "Quantity": [100, 200, 300],
+                "Last Price": ["$150.00", '=HYPERLINK("malicious.com")', "$250.00"],
+            }
+        )
 
         # Convert to CSV and encode as base64
         csv_buffer = io.StringIO()
         df.to_csv(csv_buffer, index=False)
         csv_str = csv_buffer.getvalue()
-        b64_content = base64.b64encode(csv_str.encode('utf-8')).decode('utf-8')
+        b64_content = base64.b64encode(csv_str.encode("utf-8")).decode("utf-8")
         contents = f"data:text/csv;base64,{b64_content}"
 
         # Validate the CSV upload
@@ -178,8 +212,10 @@ class TestSecurity(unittest.TestCase):
 
         # Check that validation passed but content was sanitized
         self.assertIsNone(error)
-        self.assertEqual(result_df.loc[1, 'Symbol'], "'=SUM(A1:B1)")
-        self.assertEqual(result_df.loc[1, 'Last Price'], "'=HYPERLINK(\"malicious.com\")")
+        self.assertEqual(result_df.loc[1, "Symbol"], "'=SUM(A1:B1)")
+        self.assertEqual(
+            result_df.loc[1, "Last Price"], '\'=HYPERLINK("malicious.com")'
+        )
 
         # Test with invalid file extension
         with self.assertRaises(ValueError) as context:
@@ -187,16 +223,18 @@ class TestSecurity(unittest.TestCase):
         self.assertIn("Only CSV files are supported", str(context.exception))
 
         # Test with missing required columns
-        df = pd.DataFrame({
-            'Symbol': ['AAPL', 'MSFT', 'GOOGL'],
-            # Missing 'Quantity' and 'Last Price'
-        })
+        df = pd.DataFrame(
+            {
+                "Symbol": ["AAPL", "MSFT", "GOOGL"],
+                # Missing 'Quantity' and 'Last Price'
+            }
+        )
 
         # Convert to CSV and encode as base64
         csv_buffer = io.StringIO()
         df.to_csv(csv_buffer, index=False)
         csv_str = csv_buffer.getvalue()
-        b64_content = base64.b64encode(csv_str.encode('utf-8')).decode('utf-8')
+        b64_content = base64.b64encode(csv_str.encode("utf-8")).decode("utf-8")
         contents = f"data:text/csv;base64,{b64_content}"
 
         # Validate the CSV upload
@@ -205,5 +243,5 @@ class TestSecurity(unittest.TestCase):
         self.assertIn("Missing required columns", str(context.exception))
 
 
-if __name__ == '__main__':
+if __name__ == "__main__":
     unittest.main()