feat: full ISPConfig remote API coverage + re-runnable generator (v0.2)

v0.1 shipped ~15 hand-audited methods across sites/dns/mail/databases/clients.
That's enough for daily ops but every new Tort Host / cWHO feature has been
hitting the wall at the edge of that coverage. This extends the SDK to wrap
every method the panel exposes — 312 of them as of Rackham 2026-04-22,
verified against the live list_functions() introspection call with only one
name-mismatch (``__construct``, a PHP lifecycle artifact, not a real API
method).

The hand-audited helpers stay where they are. Every module now has two
clearly-delimited sections: an auto-generated block at the top (emitted by
tools/gen_methods.py from tools/method_inventory.json), and a HAND-EDIT ONLY
BELOW block at the bottom that survives regeneration. Name collisions
between auto and hand always resolve in favor of the hand version — the
generator emits a ``# skipped foo: hand-audited helper takes precedence``
comment in the auto block for traceability.

Pipeline:
- tools/extract_inventory.py reads remote.*.inc.php + remoting.inc.php,
  pulls docblocks + param defaults, dumps one JSON record per method.
  Regex is balanced-paren aware so ``$params = array()`` defaults don't
  truncate the signature at the wrong close-paren (that footgun hid three
  methods from the first run — sites_aps_available_packages_list,
  sites_aps_instance_delete, openvz_vm_add_from_template).
- tools/method_inventory.json is the committed inventory — future ISPConfig
  upgrades diff against this file to see scope at a glance.
- tools/gen_methods.py groups by method-name prefix onto the module classes
  listed in the README table, emits a 1:1 Python wrapper per method with
  the original PHP filename + line number in the docstring, and ensures
  ``from typing import Any`` is present in preexisting modules before
  emitting ``Any`` type annotations.

New submodules (all auto-generated, wired into ISPConfigClient.__init__):
admin, aps, backups, cron, domains, ftp, misc, monitor, openvz, server,
shell, webdav. Existing modules (sites, dns, mail, databases, clients) got
their auto block filled in and their hand-audited helpers preserved.

Escape hatches on the top-level client:
- raw_call(method, *args) routes an arbitrary method name through the same
  session-management + retry + fault-mapping pipeline the typed wrappers
  use. Fix for "panel shipped a new method, SDK hasn't caught up" —
  callers don't have to reach back into _soap.
- list_functions() wraps get_function_list() for panel introspection.

Fault mapping widened: ``no_client_found`` and "no user account" messages
now map to NotFoundError instead of FaultError, matching the existing
``no_domain_found`` convention. Older code that caught raw FaultError
there will still work (NotFoundError extends ISPConfigError) but callers
can now catch the specific type.

Testing:
- tests/test_unit.py — 12 existing pure-unit tests pass unchanged.
- tests/test_smoke.py — extended from 4 read-only calls to 21. One probe
  per new auto-generated module plus raw_call and list_functions smoke
  tests. Methods gated behind admin permission skip gracefully with a
  documented reason (kayos is a reseller, not admin): monitor_jobqueue_count,
  sites_cron_get, sites_ftp_user_get, openvz_get_free_ip,
  quota_get_by_user. Results against Rackham 2026-04-22:
  28 passed, 5 skipped (all documented admin-only), 0 failed.
- ISPCONFIG_TEST_VERIFY_SSL=0 env-var knob added to conftest for panels
  with self-signed or mismatched certs.

Version bump 0.1.0 -> 0.2.0. README restructured into Hand-audited /
Auto-generated / Escape hatch / Footguns sections with a regeneration
recipe for future ISPConfig upgrades. Ruff per-file SLF001 ignore extended
to every submodule (submodules are all authorized callers of the client's
private ``_call`` dispatcher by design). mypy strict passes; ruff check
passes; ruff format applied across src / tools / tests.

tests/test_unit.py

@@ -64,27 +64,34 @@ def test_context_manager_auto_login_logout() -> None:
 
 
 def test_session_expired_retry() -> None:
-    t = _FakeTransport([
-        "sid-first",                                # login
-        SoapFault("Server", "Session not valid"),   # first _call fails
-        "sid-second",                               # re-login
-        {"domain": "x.com"},                        # retry succeeds
-    ])
+    t = _FakeTransport(
+        [
+            "sid-first",  # login
+            SoapFault("Server", "Session not valid"),  # first _call fails
+            "sid-second",  # re-login
+            {"domain": "x.com"},  # retry succeeds
+        ]
+    )
     c = _make_client(t)
     c.login()
     result = c.sites.web_domain_get(1)
     assert result == {"domain": "x.com"}
     # 4 transport calls: login, failed get, login, successful get.
     assert [call[0] for call in t.calls] == [
-        "login", "sites_web_domain_get", "login", "sites_web_domain_get",
+        "login",
+        "sites_web_domain_get",
+        "login",
+        "sites_web_domain_get",
     ]
 
 
 def test_session_expired_no_retry_when_disabled() -> None:
-    t = _FakeTransport([
-        "sid-first",
-        SoapFault("Server", "Session expired"),
-    ])
+    t = _FakeTransport(
+        [
+            "sid-first",
+            SoapFault("Server", "Session expired"),
+        ]
+    )
     c = ISPConfigClient("http://fake/", "u", "p", max_retries=0)
     c._transport = t  # type: ignore[assignment]
     c.login()
@@ -149,13 +156,13 @@ def test_envelope_encoding_map_and_scalars() -> None:
     )
     assert "<session_id" in xml and ">abc<" in xml
     assert '<client_id xsi:type="xsd:int">0</client_id>' in xml
-    assert 'ns2:Map' in xml
+    assert "ns2:Map" in xml
     assert '<key xsi:type="xsd:string">php</key>' in xml
     assert '<value xsi:type="xsd:string">fast-cgi</value>' in xml
 
 
 def test_response_parsing_map() -> None:
-    body = b'''<?xml version="1.0"?>
+    body = b"""<?xml version="1.0"?>
 <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
     xmlns:ns1="/remote/index.php"
     xmlns:xsd="http://www.w3.org/2001/XMLSchema"
@@ -169,19 +176,19 @@ def test_response_parsing_map() -> None:
       </return>
     </ns1:sites_web_domain_getResponse>
   </SOAP-ENV:Body>
-</SOAP-ENV:Envelope>'''
+</SOAP-ENV:Envelope>"""
     result = SoapTransport._parse_response("sites_web_domain_get", body)
     assert result == {"domain": "mcb.com", "active": "y"}
 
 
 def test_response_parsing_fault() -> None:
-    body = b'''<?xml version="1.0"?>
+    body = b"""<?xml version="1.0"?>
 <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
   <SOAP-ENV:Body><SOAP-ENV:Fault>
     <faultcode>SOAP-ENV:Server</faultcode>
     <faultstring>Login failed.</faultstring>
   </SOAP-ENV:Fault></SOAP-ENV:Body>
-</SOAP-ENV:Envelope>'''
+</SOAP-ENV:Envelope>"""
     with pytest.raises(SoapFault) as excinfo:
         SoapTransport._parse_response("login", body)
     assert "Login failed" in excinfo.value.faultstring