aidp 0.26.0 → 0.28.0

data/lib/aidp/execute/work_loop_runner.rb

@@ -8,6 +8,7 @@ require_relative "work_loop_unit_scheduler"
 require_relative "deterministic_unit"
 require_relative "agent_signal_parser"
 require_relative "../harness/test_runner"
+require_relative "../errors"
 
 module Aidp
   module Execute
@@ -46,10 +47,11 @@ module Aidp
         @project_dir = project_dir
         @provider_manager = provider_manager
         @config = config
+        @prompt = options[:prompt] || TTY::Prompt.new
         @prompt_manager = PromptManager.new(project_dir, config: config)
         @test_runner = Aidp::Harness::TestRunner.new(project_dir, config)
         @checkpoint = Checkpoint.new(project_dir)
-        @checkpoint_display = CheckpointDisplay.new
+        @checkpoint_display = CheckpointDisplay.new(prompt: @prompt)
         @guard_policy = GuardPolicy.new(project_dir, config.guards_config)
         @persistent_tasklist = PersistentTasklist.new(project_dir)
         @iteration_count = 0
@@ -62,7 +64,7 @@ module Aidp
 
         # Initialize thinking depth manager for intelligent model selection
         require_relative "../harness/thinking_depth_manager"
-        @thinking_depth_manager = Aidp::Harness::ThinkingDepthManager.new(config)
+        @thinking_depth_manager = options[:thinking_depth_manager] || Aidp::Harness::ThinkingDepthManager.new(config)
         @consecutive_failures = 0
         @last_tier = nil
       end
@@ -160,6 +162,10 @@ module Aidp
           # Wrap agent call in exception handling for true fix-forward
           begin
             agent_result = apply_patch
+          rescue Aidp::Errors::ConfigurationError
+            # Configuration errors should crash immediately (crash-early principle)
+            # Re-raise without catching
+            raise
           rescue => e
             # Convert exception to error result for fix-forward handling
             Aidp.logger.error("work_loop", "Exception during agent call",
@@ -178,6 +184,27 @@ module Aidp
             next
           end
 
+          # Check for fatal configuration errors (crash early per LLM_STYLE_GUIDE)
+          if agent_result[:status] == "error" && agent_result[:message]&.include?("No model available")
+            tier = @thinking_depth_manager.current_tier
+            provider = @provider_manager.current_provider
+
+            error_msg = "No model configured for thinking tier '#{tier}'.\n\n" \
+                       "Current provider: #{provider}\n" \
+                       "Required tier: #{tier}\n\n" \
+                       "To fix this, add a model to your aidp.yml:\n\n" \
+                       "thinking_depth:\n" \
+                       "  tiers:\n" \
+                       "    #{tier}:\n" \
+                       "      models:\n" \
+                       "        - provider: #{provider}\n" \
+                       "          model: <model-name>  # e.g., claude-3-5-sonnet-20241022\n\n" \
+                       "Or run: aidp models list\n" \
+                       "to see available models for your configured providers."
+
+            raise Aidp::Errors::ConfigurationError, error_msg
+          end
+
           # Process agent output for task filing signals
           process_task_filing(agent_result)
 
@@ -215,23 +242,39 @@ module Aidp
             build_results[:success] &&
             doc_results[:success]
 
+          # Check task completion status
+          task_completion_result = check_task_completion
+
           if all_checks_pass
             transition_to(:pass)
 
             if agent_marked_complete?(agent_result)
-              transition_to(:done)
-              record_final_checkpoint(all_results)
-              display_message("✅ Step #{@step_name} completed after #{@iteration_count} iterations", type: :success)
-              display_state_summary
-              archive_and_cleanup
-
-              return build_agentic_payload(
-                agent_result: agent_result,
-                response: build_success_result(agent_result),
-                summary: agent_result[:output],
-                completed: true,
-                terminate: true
-              )
+              # Check if tasks are complete
+              if task_completion_result[:complete]
+                transition_to(:done)
+                record_final_checkpoint(all_results)
+                display_task_summary
+                display_message("✅ Step #{@step_name} completed after #{@iteration_count} iterations", type: :success)
+                display_state_summary
+                archive_and_cleanup
+
+                return build_agentic_payload(
+                  agent_result: agent_result,
+                  response: build_success_result(agent_result),
+                  summary: agent_result[:output],
+                  completed: true,
+                  terminate: true
+                )
+              else
+                # All checks passed but tasks not complete
+                display_message("  All checks passed but tasks not complete", type: :warning)
+                display_message("  #{task_completion_result[:message]}", type: :warning)
+                display_task_summary
+                transition_to(:next_patch)
+
+                # Append task completion requirement to PROMPT.md
+                append_task_requirement_to_prompt(task_completion_result[:message])
+              end
             else
               display_message("  All checks passed but work not marked complete", type: :info)
               transition_to(:next_patch)
@@ -742,10 +785,43 @@ module Aidp
         parts << "- After you finish, tests and linters will run automatically"
         parts << "- If tests/linters fail, you'll see the errors in the next iteration and can fix them"
         parts << ""
+
+        if @config.task_completion_required?
+          parts << "## Task Tracking (REQUIRED)"
+          parts << "**CRITICAL**: This work loop requires task tracking for completion."
+          parts << ""
+          parts << "You must:"
+          parts << "1. Create at least one task for this session using: `File task: \"description\"`"
+          parts << "2. Track all work items as tasks"
+          parts << "3. Update task status as you progress"
+          parts << "4. All tasks must be DONE or ABANDONED (with reason) before completion"
+          parts << "5. **IMPORTANT**: When you write STATUS: COMPLETE, also mark all your tasks as done!"
+          parts << ""
+          parts << "**Important**: Tasks in the list exist due to careful planning and requirements analysis."
+          parts << "Do NOT abandon tasks due to perceived complexity or scope concerns - these factors were"
+          parts << "considered during planning. Only abandon tasks when truly obsolete (requirements changed,"
+          parts << "duplicate work, external blockers). When in doubt, mark in_progress and implement."
+          parts << ""
+          parts << "Task filing examples:"
+          parts << "- `File task: \"Implement user authentication\" priority: high tags: security,auth`"
+          parts << "- `File task: \"Add tests for login flow\" priority: medium tags: testing`"
+          parts << "- `File task: \"Update documentation\" priority: low tags: docs`"
+          parts << ""
+          parts << "Task status update examples:"
+          parts << "- `Update task: task_123_abc status: in_progress`"
+          parts << "- `Update task: task_456_def status: done`"
+          parts << "- `Update task: task_789_ghi status: abandoned reason: \"Requirements changed\"`"
+          parts << ""
+        end
+
         parts << "## Completion Criteria"
-        parts << "Mark this step COMPLETE by adding this line to PROMPT.md:"
+        parts << "Mark this step COMPLETE by adding these lines to PROMPT.md:"
         parts << "```"
         parts << "STATUS: COMPLETE"
+        if @config.task_completion_required?
+          parts << ""
+          parts << "Update task: task_xxx_yyy status: done  # Mark ALL your tasks as done"
+        end
         parts << "```"
         parts << ""
         parts.join("\n")
@@ -1092,13 +1168,12 @@ module Aidp
         display_message("")
       end
 
-      # Process agent output for task filing signals
+      # Process agent output for task filing signals and task status updates
       def process_task_filing(agent_result)
         return unless agent_result && agent_result[:output]
 
+        # Process new task filings
         filed_tasks = AgentSignalParser.parse_task_filing(agent_result[:output])
-        return if filed_tasks.empty?
-
         filed_tasks.each do |task_data|
           task = @persistent_tasklist.create(
             task_data[:description],
@@ -1111,6 +1186,150 @@ module Aidp
           Aidp.log_info("tasklist", "Filed new task from agent", task_id: task.id, description: task.description)
           display_message("📋 Filed task: #{task.description} (#{task.id})", type: :info)
         end
+
+        # Process task status updates
+        status_updates = AgentSignalParser.parse_task_status_updates(agent_result[:output])
+        status_updates.each do |update_data|
+          task = @persistent_tasklist.update_status(
+            update_data[:task_id],
+            update_data[:status],
+            reason: update_data[:reason]
+          )
+
+          status_icon = case update_data[:status]
+          when :done then "✅"
+          when :abandoned then "❌"
+          when :in_progress then "🚧"
+          when :pending then "⏳"
+          else "📋"
+          end
+
+          Aidp.log_info("tasklist", "Updated task status from agent",
+            task_id: task.id,
+            old_status: task.status,
+            new_status: update_data[:status])
+          display_message("#{status_icon} Updated task #{task.id}: #{update_data[:status]}", type: :info)
+        rescue PersistentTasklist::TaskNotFoundError
+          Aidp.log_warn("tasklist", "Task not found for status update", task_id: update_data[:task_id])
+          display_message("⚠️  Task not found: #{update_data[:task_id]}", type: :warning)
+        end
+      end
+
+      # Check if tasks are required and all are completed or abandoned
+      # Returns {complete: boolean, message: string}
+      # Note: Tasks are project-scoped, not session-scoped. This allows tasks created
+      # in planning phases to be completed in build phases.
+      def check_task_completion
+        return {complete: true, message: nil} unless @config.task_completion_required?
+
+        all_tasks = @persistent_tasklist.all
+
+        # If no tasks exist yet, allow completion - agent can work without tasks initially
+        # This supports workflows where no planning phase created tasks
+        if all_tasks.empty?
+          return {complete: true, message: nil}
+        end
+
+        # Count tasks by status
+        pending_tasks = all_tasks.select { |t| t.status == :pending }
+        in_progress_tasks = all_tasks.select { |t| t.status == :in_progress }
+        abandoned_tasks = all_tasks.select { |t| t.status == :abandoned }
+        all_tasks.select { |t| t.status == :done }
+
+        # If tasks exist, all must be done or abandoned before completion
+        incomplete_tasks = pending_tasks + in_progress_tasks
+
+        if incomplete_tasks.any?
+          task_list = incomplete_tasks.map { |t| "- #{t.description} (#{t.status}, session: #{t.session})" }.join("\n")
+          return {
+            complete: false,
+            message: "Tasks remain incomplete:\n#{task_list}\n\nComplete all tasks or abandon them with reason before marking work complete."
+          }
+        end
+
+        # If there are abandoned tasks, confirm with user
+        if abandoned_tasks.any? && !all_abandoned_tasks_confirmed?(abandoned_tasks)
+          return {
+            complete: false,
+            message: "Abandoned tasks require user confirmation. Please confirm abandoned tasks."
+          }
+        end
+
+        {complete: true, message: nil}
+      end
+
+      # Check if all abandoned tasks have been confirmed
+      def all_abandoned_tasks_confirmed?(abandoned_tasks)
+        # For now, we'll consider all abandoned tasks as confirmed if they have a reason
+        # In a future enhancement, this could prompt the user for confirmation
+        abandoned_tasks.all? { |t| t.abandoned_reason && !t.abandoned_reason.strip.empty? }
+      end
+
+      # Display task completion summary
+      def display_task_summary
+        return unless @config.task_completion_required?
+
+        all_tasks = @persistent_tasklist.all
+        return if all_tasks.empty?
+
+        counts = all_tasks.group_by(&:status).transform_values(&:count)
+
+        display_message("\n📋 Task Summary (Project-wide):", type: :info)
+        display_message("  Total: #{all_tasks.size}", type: :info)
+        display_message("  ✅ Done: #{counts[:done] || 0}", type: :success) if counts[:done]
+        display_message("  🚧 In Progress: #{counts[:in_progress] || 0}", type: :warning) if counts[:in_progress]
+        display_message("  ⏳ Pending: #{counts[:pending] || 0}", type: :warning) if counts[:pending]
+        display_message("  ❌ Abandoned: #{counts[:abandoned] || 0}", type: :error) if counts[:abandoned]
+        display_message("")
+      end
+
+      # Append task completion requirement to PROMPT.md
+      def append_task_requirement_to_prompt(message)
+        task_requirement = []
+
+        task_requirement << "## Task Completion Requirement"
+        task_requirement << ""
+        task_requirement << "**CRITICAL**: #{message}"
+        task_requirement << ""
+        task_requirement << "### How to Complete Tasks"
+        task_requirement << ""
+        task_requirement << "Update task status using these signals in your output:"
+        task_requirement << ""
+        task_requirement << "**Creating tasks:**"
+        task_requirement << "```"
+        task_requirement << 'File task: "Implement feature X" priority: high tags: feature,backend'
+        task_requirement << 'File task: "Add tests for feature X" priority: medium tags: testing'
+        task_requirement << "```"
+        task_requirement << ""
+        task_requirement << "**Updating task status:**"
+        task_requirement << "```"
+        task_requirement << "Update task: task_123_abc status: in_progress"
+        task_requirement << "Update task: task_123_abc status: done"
+        task_requirement << 'Update task: task_456_def status: abandoned reason: "Requirements changed"'
+        task_requirement << "```"
+        task_requirement << ""
+        task_requirement << "**Task states:**"
+        task_requirement << "- ⏳ **pending** - Not started yet"
+        task_requirement << "- 🚧 **in_progress** - Currently working on it"
+        task_requirement << "- ✅ **done** - Completed successfully"
+        task_requirement << "- ❌ **abandoned** - Not doing this (requires reason)"
+        task_requirement << ""
+        task_requirement << "**Completion requirement:**"
+        task_requirement << "All tasks for this session must be marked as DONE or ABANDONED (with reason) before the work loop can complete."
+        task_requirement << ""
+        task_requirement << "**Action Required**: Review the current task list and update status for all tasks."
+        task_requirement << ""
+
+        # Append to PROMPT.md - ensure directory exists
+        begin
+          current_prompt = @prompt_manager.read || ""
+          updated_prompt = current_prompt + "\n\n---\n\n" + task_requirement.join("\n")
+          @prompt_manager.write(updated_prompt, step_name: @step_name)
+          display_message("  [TASK_REQ] Added task completion requirement to PROMPT.md", type: :warning)
+        rescue => e
+          Aidp.log_warn("work_loop", "Failed to append task requirement to PROMPT.md", error: e.message)
+          display_message("  [TASK_REQ] Warning: Could not update PROMPT.md: #{e.message}", type: :warning)
+        end
       end
 
       # Validate changes against guard policy

data/lib/aidp/execute/workflow_selector.rb

@@ -10,23 +10,20 @@ module Aidp
     class WorkflowSelector
       include Aidp::MessageDisplay
 
-      def initialize(prompt: TTY::Prompt.new)
+      def initialize(prompt: TTY::Prompt.new, workflow_selector: nil)
         @user_input = {}
         @prompt = prompt
-        @workflow_selector = Aidp::Workflows::Selector.new(prompt: @prompt)
+        @workflow_selector = workflow_selector || Aidp::Workflows::Selector.new(prompt: @prompt)
       end
 
       # Main entry point for interactive workflow selection
-      def select_workflow(harness_mode: false, use_new_selector: true, mode: nil)
+      def select_workflow(harness_mode: false, mode: nil)
         if harness_mode
           # In harness mode, use default values to avoid blocking
           select_workflow_with_defaults
-        elsif use_new_selector
+        else
           # Use new unified workflow selector (default as of Issue #79)
           select_workflow_with_new_selector(mode)
-        else
-          # Legacy interactive mode for backward compatibility
-          select_workflow_interactive
         end
       end
 
@@ -48,26 +45,6 @@ module Aidp
         }
       end
 
-      def select_workflow_interactive
-        display_message("\n🚀 Welcome to AI Dev Pipeline!", type: :highlight)
-        display_message("Let's set up your development workflow.\n\n")
-
-        # Step 1: Collect project information
-        collect_project_info
-
-        # Step 2: Choose workflow type
-        workflow_type = choose_workflow_type
-
-        # Step 3: Generate workflow steps
-        steps = generate_workflow_steps(workflow_type)
-
-        {
-          workflow_type: workflow_type,
-          steps: steps,
-          user_input: @user_input
-        }
-      end
-
       def select_workflow_with_defaults
         display_message("\n🚀 Starting harness with default workflow configuration...", type: :highlight)
 

data/lib/aidp/firewall/provider_requirements_collector.rb

@@ -0,0 +1,262 @@
+# frozen_string_literal: true
+
+require "yaml"
+require "fileutils"
+require_relative "../providers/base"
+require_relative "../providers/anthropic"
+require_relative "../providers/cursor"
+require_relative "../providers/github_copilot"
+require_relative "../providers/gemini"
+require_relative "../providers/kilocode"
+require_relative "../providers/opencode"
+require_relative "../providers/codex"
+require_relative "../providers/aider"
+
+module Aidp
+  module Firewall
+    # Collects firewall requirements from all provider classes
+    # and generates the firewall configuration YAML file
+    class ProviderRequirementsCollector
+      attr_reader :config_path
+
+      # Core infrastructure domains not tied to specific providers
+      CORE_DOMAINS = {
+        ruby: [
+          "rubygems.org",
+          "api.rubygems.org",
+          "index.rubygems.org"
+        ],
+        javascript: [
+          "registry.npmjs.org",
+          "registry.yarnpkg.com"
+        ],
+        github: [
+          "github.com",
+          "api.github.com",
+          "raw.githubusercontent.com",
+          "objects.githubusercontent.com",
+          "gist.githubusercontent.com",
+          "cloud.githubusercontent.com"
+        ],
+        cdn: [
+          "cdn.jsdelivr.net"
+        ],
+        vscode: [
+          "update.code.visualstudio.com",
+          "marketplace.visualstudio.com",
+          "vscode.blob.core.windows.net",
+          "vscode.download.prss.microsoft.com",
+          "az764295.vo.msecnd.net",
+          "gallerycdn.vsassets.io",
+          "vscode.gallerycdn.vsassets.io",
+          "gallery.vsassets.io",
+          "vscode-sync.trafficmanager.net",
+          "vscode.dev",
+          "go.microsoft.com",
+          "download.visualstudio.microsoft.com"
+        ],
+        telemetry: [
+          "dc.services.visualstudio.com",
+          "vortex.data.microsoft.com"
+        ]
+      }.freeze
+
+      # Static IP ranges (CIDR notation)
+      STATIC_IP_RANGES = [
+        {"cidr" => "140.82.112.0/20", "comment" => "GitHub main infrastructure (covers 140.82.112.0 - 140.82.127.255)"},
+        {"cidr" => "127.0.0.0/8", "comment" => "Localhost loopback"}
+      ].freeze
+
+      # Azure IP ranges for GitHub Copilot and VS Code services
+      # These use broader /16 ranges to handle dynamic IP allocation across Azure regions
+      AZURE_IP_RANGES = [
+        {"cidr" => "20.189.0.0/16", "comment" => "Azure WestUS2 (GitHub Copilot - broad range due to dynamic IP allocation)"},
+        {"cidr" => "104.208.0.0/16", "comment" => "Azure EastUS (GitHub Copilot - broad range due to dynamic IP allocation)"},
+        {"cidr" => "52.168.0.0/16", "comment" => "Azure EastUS2 (GitHub Copilot - covers .112 and .117, broad range)"},
+        {"cidr" => "40.79.0.0/16", "comment" => "Azure WestUS (GitHub Copilot - broad range due to dynamic IP allocation)"},
+        {"cidr" => "13.89.0.0/16", "comment" => "Azure EastUS (GitHub Copilot - broad range due to dynamic IP allocation)"},
+        {"cidr" => "13.69.0.0/16", "comment" => "Azure (covers .239, broad range due to dynamic IP allocation)"},
+        {"cidr" => "13.66.0.0/16", "comment" => "Azure WestUS2 (VS Code sync service - broad range)"},
+        {"cidr" => "20.42.0.0/16", "comment" => "Azure WestEurope (covers .65 and .73, broad range)"},
+        {"cidr" => "20.50.0.0/16", "comment" => "Azure (covers .80, broad range due to dynamic IP allocation)"}
+      ].freeze
+
+      # Dynamic IP sources configuration
+      DYNAMIC_SOURCES = {
+        github_meta_api: {
+          url: "https://api.github.com/meta",
+          fields: ["git"],
+          comment: "GitHub Git protocol IP ranges (dynamically fetched)"
+        }
+      }.freeze
+
+      def initialize(config_path: nil)
+        @config_path = config_path || default_config_path
+      end
+
+      # Collect firewall requirements from all providers
+      #
+      # @return [Hash] Hash with provider names as keys and requirements as values
+      def collect_requirements
+        Aidp.log_debug("firewall_collector", "collecting requirements", provider_count: provider_classes.size)
+
+        requirements = {}
+        provider_classes.each do |provider_class|
+          provider_name = extract_provider_name(provider_class)
+          reqs = provider_class.firewall_requirements
+
+          requirements[provider_name] = {
+            domains: reqs[:domains] || [],
+            ip_ranges: reqs[:ip_ranges] || []
+          }
+
+          Aidp.log_debug(
+            "firewall_collector",
+            "collected requirements",
+            provider: provider_name,
+            domains: reqs[:domains]&.size || 0,
+            ip_ranges: reqs[:ip_ranges]&.size || 0
+          )
+        end
+
+        requirements
+      end
+
+      # Deduplicate and merge provider requirements
+      #
+      # @param requirements [Hash] Provider requirements hash
+      # @return [Hash] Deduplicated requirements with all_domains and all_ip_ranges
+      def deduplicate(requirements)
+        all_domains = []
+        all_ip_ranges = []
+
+        requirements.each_value do |reqs|
+          all_domains.concat(reqs[:domains])
+          all_ip_ranges.concat(reqs[:ip_ranges])
+        end
+
+        {
+          all_domains: all_domains.uniq.sort,
+          all_ip_ranges: all_ip_ranges.uniq.sort,
+          by_provider: requirements
+        }
+      end
+
+      # Generate the complete YAML configuration file
+      #
+      # Creates a new YAML file with core infrastructure and provider requirements
+      #
+      # @param dry_run [Boolean] If true, only log what would be generated
+      # @return [Boolean] True if generation was successful
+      def generate_yaml_config(dry_run: false)
+        Aidp.log_info("firewall_collector", "generating config", path: @config_path, dry_run: dry_run)
+
+        # Collect provider requirements
+        provider_requirements = collect_requirements
+        deduplicated = deduplicate(provider_requirements)
+
+        # Build complete configuration
+        config = {
+          "version" => 1,
+          "static_ip_ranges" => STATIC_IP_RANGES,
+          "azure_ip_ranges" => AZURE_IP_RANGES,
+          "core_domains" => CORE_DOMAINS.transform_keys(&:to_s),
+          "provider_domains" => provider_requirements.transform_values { |reqs| reqs[:domains] },
+          "dynamic_sources" => DYNAMIC_SOURCES.transform_keys(&:to_s).transform_values do |v|
+            v.transform_keys(&:to_s)
+          end
+        }
+
+        if dry_run
+          Aidp.log_info("firewall_collector", "dry run - would generate", domains: deduplicated[:all_domains].size)
+          puts "Would generate YAML with:"
+          puts "  - #{STATIC_IP_RANGES.size} static IP ranges"
+          puts "  - #{AZURE_IP_RANGES.size} Azure IP ranges"
+          puts "  - #{CORE_DOMAINS.values.flatten.size} core domains"
+          puts "  - #{deduplicated[:all_domains].size} provider domains from #{provider_requirements.size} providers"
+          return true
+        end
+
+        # Ensure directory exists
+        FileUtils.mkdir_p(File.dirname(@config_path))
+
+        # Write configuration
+        File.write(@config_path, YAML.dump(config))
+        Aidp.log_info(
+          "firewall_collector",
+          "config generated",
+          path: @config_path,
+          providers: provider_requirements.size,
+          total_domains: CORE_DOMAINS.values.flatten.size + deduplicated[:all_domains].size
+        )
+
+        true
+      rescue => e
+        Aidp.log_error("firewall_collector", "generation failed", error: e.message)
+        false
+      end
+
+      # Alias for backward compatibility
+      alias_method :update_yaml_config, :generate_yaml_config
+
+      # Generate a summary report of provider requirements
+      #
+      # @return [String] Formatted summary report
+      def generate_report
+        requirements = collect_requirements
+        deduplicated = deduplicate(requirements)
+
+        report = []
+        report << "Firewall Provider Requirements Summary"
+        report << "=" * 50
+        report << ""
+        report << "Total Providers: #{requirements.size}"
+        report << "Total Unique Domains: #{deduplicated[:all_domains].size}"
+        report << "Total Unique IP Ranges: #{deduplicated[:all_ip_ranges].size}"
+        report << ""
+        report << "By Provider:"
+        report << "-" * 50
+
+        requirements.each do |provider, reqs|
+          report << ""
+          report << "#{provider.capitalize}:"
+          report << "  Domains (#{reqs[:domains].size}):"
+          reqs[:domains].each { |d| report << "    - #{d}" }
+          if reqs[:ip_ranges].any?
+            report << "  IP Ranges (#{reqs[:ip_ranges].size}):"
+            reqs[:ip_ranges].each { |ip| report << "    - #{ip}" }
+          end
+        end
+
+        report.join("\n")
+      end
+
+      private
+
+      # Get list of all provider classes
+      def provider_classes
+        [
+          Aidp::Providers::Anthropic,
+          Aidp::Providers::Cursor,
+          Aidp::Providers::GithubCopilot,
+          Aidp::Providers::Gemini,
+          Aidp::Providers::Kilocode,
+          Aidp::Providers::Opencode,
+          Aidp::Providers::Codex,
+          Aidp::Providers::Aider
+        ]
+      end
+
+      # Extract provider name from class name
+      def extract_provider_name(provider_class)
+        # Convert Aidp::Providers::GithubCopilot to "github_copilot"
+        provider_class.name.split("::").last.gsub(/([a-z\d])([A-Z])/, '\1_\2').downcase
+      end
+
+      # Default path to firewall config file
+      def default_config_path
+        File.join(Dir.pwd, ".aidp", "firewall-allowlist.yml")
+      end
+    end
+  end
+end