boxcars 0.1.5 → 0.1.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8eb0adb30464688c5a68391ffb19a5d08188f87283d7cf3de28b12a30b927971
-  data.tar.gz: 94605b14f7974159d21eb2cf219b8d4695533761084fe784419e47a04843c6c2
+  metadata.gz: 666f9b91451e8b6db61eb1162cb6508a566a46b676d646f1fb0000175714cede
+  data.tar.gz: bee7b55be2288bf9361012bd562f88d91f64ce7972b0cf5c495a5fce87eea77c
 SHA512:
-  metadata.gz: 4b92e4e8c98ada38bb4acf5ed5f0bd563bcfe2ab29d9781002a585799aba35cfa82992086484886563585ad0b7a9795691f9804ef4807b58aaa29c8bea88a761
-  data.tar.gz: e46f9a26fad0b0eb339868daef5bd4c05d750af08277f83b4edb15839a712553584223f056dc2aa403fccb8b5292a6ea57aadf12c04595f909d561f1fbbe2995
+  metadata.gz: '0681f5bd00bbfe2afd67011d76c561640a0575a9656b20913d3c60193208ea33361003ee652d01802b49702b106bd4f3d5bc91c1c7f2023bc2e8224edca14a8d'
+  data.tar.gz: 794fe20c2f9b8f14402db177bdee3d3e5318ab652e69c02929f9ae79d6daca096ae386a4e85730da4004927ab31aff53cc3a8d960ca661d6a5dd192432ffeabb

data/CHANGELOG.md

@@ -1,5 +1,30 @@
 # Changelog
 
+## [Unreleased](https://github.com/BoxcarsAI/boxcars/tree/HEAD)
+
+[Full Changelog](https://github.com/BoxcarsAI/boxcars/compare/v0.1.5...HEAD)
+
+**Implemented enhancements:**
+
+- Add a callback function for Boxcars::ActiveRecord to approve changes  [\#24](https://github.com/BoxcarsAI/boxcars/issues/24)
+
+**Merged pull requests:**
+
+- Add approval callback function for Boxcars::ActiveRecord for changes to the data [\#25](https://github.com/BoxcarsAI/boxcars/pull/25) ([francis](https://github.com/francis))
+- \[fix\] Fixed specs which required a key [\#23](https://github.com/BoxcarsAI/boxcars/pull/23) ([AKovtunov](https://github.com/AKovtunov))
+
+## [v0.1.5](https://github.com/BoxcarsAI/boxcars/tree/v0.1.5) (2023-02-22)
+
+[Full Changelog](https://github.com/BoxcarsAI/boxcars/compare/v0.1.4...v0.1.5)
+
+**Implemented enhancements:**
+
+- Make Boxcars::ActiveRecord read\_only by default [\#20](https://github.com/BoxcarsAI/boxcars/issues/20)
+
+**Merged pull requests:**
+
+- Active Record readonly [\#21](https://github.com/BoxcarsAI/boxcars/pull/21) ([francis](https://github.com/francis))
+
 ## [v0.1.4](https://github.com/BoxcarsAI/boxcars/tree/v0.1.4) (2023-02-22)
 
 [Full Changelog](https://github.com/BoxcarsAI/boxcars/compare/v0.1.3...v0.1.4)

data/Gemfile

@@ -24,3 +24,5 @@ gem "sqlite3", "~> 1.6"
 gem "activerecord", "~> 7.0"
 
 gem "github_changelog_generator", "~> 1.16"
+
+gem "faraday-retry", "~> 2.0"

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    boxcars (0.1.5)
+    boxcars (0.1.6)
       google_search_results (~> 2.2)
       ruby-openai (~> 3.0)
 
@@ -56,6 +56,8 @@ GEM
     faraday-http-cache (2.4.1)
       faraday (>= 0.8)
     faraday-net_http (3.0.2)
+    faraday-retry (2.0.0)
+      faraday (~> 2.0)
     fiber-local (1.0.0)
     github_changelog_generator (1.16.4)
       activesupport
@@ -171,6 +173,7 @@ DEPENDENCIES
   boxcars!
   debug (~> 1.1)
   dotenv (~> 2.8)
+  faraday-retry (~> 2.0)
   github_changelog_generator (~> 1.16)
   rake (~> 13.0)
   rspec (~> 3.2)

data/lib/boxcars/boxcar/active_record.rb

@@ -7,18 +7,20 @@ module Boxcars
     # the description of this engine boxcar
     ARDESC = "useful for when you need to query a database for an application named %<name>s."
     LOCKED_OUT_MODELS = %w[ActiveRecord::SchemaMigration ActiveRecord::InternalMetadata ApplicationRecord].freeze
-    attr_accessor :connection, :input_key, :requested_models, :read_only
+    attr_accessor :connection, :input_key, :requested_models, :read_only, :approval_callback
     attr_reader :except_models
 
     # @param engine [Boxcars::Engine] The engine to user for this boxcar. Can be inherited from a train if nil.
     # @param models [Array<ActiveRecord::Model>] The models to use for this boxcar. Will use all if nil.
-    # @param read_only [Boolean] Whether to use read only models. Defaults to true.
+    # @param read_only [Boolean] Whether to use read only models. Defaults to true unless you pass an approval function.
+    # @param approval_callback [Proc] A function to call to approve changes. Defaults to nil.
     # @param kwargs [Hash] Any other keyword arguments. These can include:
     #   :name, :description, :prompt, :input_key, :output_key and :except_models
-    def initialize(engine: nil, models: nil, read_only: true, **kwargs)
+    def initialize(engine: nil, models: nil, read_only: nil, approval_callback: nil, **kwargs)
       check_models(models)
       @except_models = LOCKED_OUT_MODELS + kwargs[:except_models].to_a
-      @read_only = read_only
+      @approval_callback = approval_callback
+      @read_only = read_only.nil? ? !approval_callback : read_only
       @input_key = kwargs[:input_key] || :question
       @output_key = kwargs[:output_key] || :answer
       the_prompt = kwargs[prompt] || my_prompt
@@ -85,28 +87,28 @@ module Boxcars
     end
 
     # to be safe, we wrap the code in a transaction and rollback
-    # rubocop:disable Lint/SuppressedException
-    def wrap_in_transaction
+    def rollback_after_running
+      rv = nil
       ::ActiveRecord::Base.transaction do
-        yield
+        rv = yield
       ensure
         raise ::ActiveRecord::Rollback
       end
-    rescue ::ActiveRecord::Rollback
+      rv
     end
-    # rubocop:enable Lint/SuppressedException
 
+    # check for dangerous code that is outside of ActiveRecord
     def safe_to_run?(code)
-      return true unless read_only?
-
-      bad_words = %w[delete delete_all destroy destroy_all update update_all upsert upsert_all create save insert drop alter
-                     truncate revoke commit rollback reset execute].freeze
+      bad_words = %w[commit drop_constraint drop_constraint! drop_extension drop_extension! drop_foreign_key drop_foreign_key! \
+                     drop_index drop_index! drop_join_table drop_join_table! drop_materialized_view drop_materialized_view! \
+                     drop_partition drop_partition! drop_schema drop_schema! drop_table drop_table! drop_trigger drop_trigger! \
+                     drop_view drop_view! eval execute reset revoke rollback truncate].freeze
       without_strings = code.gsub(/('([^'\\]*(\\.[^'\\]*)*)'|"([^"\\]*(\\.[^"\\]*)*"))/, 'XX')
       word_list = without_strings.split(/[.,()]/)
 
       bad_words.each do |w|
         if word_list.include?(w)
-          puts "code included destructive instruction: #{w} #{code}"
+          puts "code included destructive instruction: #{w} #{code}".colorize(:red)
           return false
         end
       end
@@ -114,22 +116,64 @@ module Boxcars
       true
     end
 
-    def get_active_record_answer(text)
-      code = text[/^ARCode: (.*)/, 1]
-      puts code.colorize(:yellow)
-      raise SecurityError, "Can not run code that makes changes in read-only mode" unless safe_to_run?(code)
+    def evaluate_input(code)
+      raise SecurityError, "Found unsafe code while evaluating: #{code}" unless safe_to_run?(code)
 
       # rubocop:disable Security/Eval
-      output = eval code
+      eval code
       # rubocop:enable Security/Eval
+    end
+
+    def change_count(changes_code)
+      return 0 unless changes_code
+
+      rollback_after_running do
+        puts "computing change count with: #{changes_code}".colorize(:yellow)
+        evaluate_input changes_code
+      end
+    end
+
+    def approved?(changes_code, code)
+      # find out how many changes there are
+      changes = change_count(changes_code)
+      return true unless changes&.positive?
+
+      puts "Pending Changes: #{changes}".colorize(:yellow, style: :bold)
+      change_str = "#{changes} change#{'s' if changes.to_i > 1}"
+      raise SecurityError, "Can not run code that makes #{change_str} in read-only mode" if read_only?
+
+      return approval_callback.call(changes, code) if approval_callback.is_a?(Proc)
+
+      true
+    end
+
+    def run_active_record_code(code)
+      puts code.colorize(:yellow)
+      if read_only?
+        rollback_after_running do
+          evaluate_input code
+        end
+      else
+        evaluate_input code
+      end
+    end
+
+    def get_active_record_answer(text)
+      code = text[/^ARCode: (.*)/, 1]
+      changes_code = text[/^ARChanges: (.*)/, 1]
+      raise SecurityError, "Permission to run code that makes changes denied" unless approved?(changes_code, code)
+
+      output = run_active_record_code(code)
       output = 0 if output.is_a?(Array) && output.empty?
       output = output.first if output.is_a?(Array) && output.length == 1
+      output = output[output.keys.first] if output.is_a?(Hash) && output.length == 1
       "Answer: #{output.inspect}"
     rescue StandardError => e
       "Error: #{e.message}"
     end
 
     def get_answer(text)
+      # debugger
       case text
       when /^ARCode:/
         get_active_record_answer(text)
@@ -154,6 +198,7 @@ module Boxcars
       Use the following format:
       Question: "Question here"
       ARCode: "Active Record code to run"
+      ARChanges: "Active Record code to compute the number of records going to change" - Only add this line if the ARCode on the line before will make data changes
       Answer: "Final answer here"
 
       Only use the following Active Record models:

data/lib/boxcars/boxcar/google_search.rb

@@ -13,7 +13,7 @@ module Boxcars
     # @param name [String] The name of the boxcar. Defaults to classname.
     # @param description [String] A description of the boxcar. Defaults to SERPDESC.
     # @param serpapi_api_key [String] The API key to use for the SerpAPI. Defaults to Boxcars.configuration.serpapi_api_key.
-    def initialize(name: "Search", description: SERPDESC, serpapi_api_key: "not set")
+    def initialize(name: "Search", description: SERPDESC, serpapi_api_key: nil)
       super(name: name, description: description)
       api_key = Boxcars.configuration.serpapi_api_key(serpapi_api_key: serpapi_api_key)
       ::GoogleSearch.api_key = api_key

data/lib/boxcars/engine/openai.rb

@@ -38,7 +38,7 @@ module Boxcars
     # @param openai_access_token [String] The access token to use when asking the engine.
     #   Defaults to Boxcars.configuration.openai_access_token.
     # @param kwargs [Hash] Additional parameters to pass to the engine if wanted.
-    def client(prompt:, openai_access_token: 'not set', **kwargs)
+    def client(prompt:, openai_access_token: nil, **kwargs)
       access_token = Boxcars.configuration.openai_access_token(openai_access_token: openai_access_token)
       organization_id = Boxcars.configuration.organization_id
       clnt = ::OpenAI::Client.new(access_token: access_token, organization_id: organization_id)

data/lib/boxcars/ruby_repl.rb

@@ -6,14 +6,14 @@ module Boxcars
     # Execute ruby code
     # @param code [String] The code to run
     def call(code:)
-      puts "RubyREPL: #{code}".colorize(:red)
+      puts "RubyREPL: #{code}".colorize(:yellow)
       output = ""
       IO.popen("ruby", "r+") do |io|
         io.puts code
         io.close_write
         output = io.read
       end
-      puts "Answer: #{output}".colorize(:red, style: :bold)
+      puts "Answer: #{output}".colorize(:yellow, style: :bold)
       output
     end
 

data/lib/boxcars/train.rb

@@ -112,7 +112,7 @@ module Boxcars
     # @param intermediate_steps [Array<Hash>] The intermediate steps.
     # @return [Hash] The final output.
     def pre_return(output, intermediate_steps)
-      puts output.log.colorize(:yellow)
+      puts output.log.colorize(:yellow, style: :bold)
       final_output = output.return_values
       final_output["intermediate_steps"] = intermediate_steps if return_intermediate_steps
       final_output

data/lib/boxcars/version.rb

@@ -2,5 +2,5 @@
 
 module Boxcars
   # The current version of the gem.
-  VERSION = "0.1.5"
+  VERSION = "0.1.6"
 end

data/lib/boxcars.rb

@@ -68,7 +68,7 @@ module Boxcars
     end
 
     def key_lookup(key, kwargs)
-      rv = if kwargs.key?(key) && kwargs[key] != "not set"
+      rv = if kwargs.key?(key) && !kwargs[key].nil?
              # override with kwargs if present
              kwargs[key]
            elsif (set_val = instance_variable_get("@#{key}"))
@@ -77,7 +77,6 @@ module Boxcars
            else
              # otherwise, dig out of the environment
              new_key = ENV.fetch(key.to_s.upcase, nil)
-             send("#{key}=", new_key) if new_key
              new_key
            end
       check_key(key, rv)
@@ -107,6 +106,15 @@ module Boxcars
   def self.engine
     configuration.default_engine || Boxcars::Openai
   end
+
+  # return a proc that will ask the user for input
+  def self.ask_user
+    proc do |changes, _code|
+      puts "This request will make #{changes} changes. Are you sure you want to run it? (y/[n])"
+      answer = gets.chomp
+      answer.downcase == 'y'
+    end
+  end
 end
 
 require "boxcars/version"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: boxcars
 version: !ruby/object:Gem::Version
-  version: 0.1.5
+  version: 0.1.6
 platform: ruby
 authors:
 - Francis Sullivan
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-02-22 00:00:00.000000000 Z
+date: 2023-02-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: debug