chaos_to_the_rescue 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: e01d621ff7f3e1d88f48888ff81201637e0a76b9a616e79f068293e265281442
+  data.tar.gz: c2dbfe23e355ca5463f560c4b0830931fac80d30e463e2ce334d8f947f737952
+SHA512:
+  metadata.gz: 0c0311d177394bd8fdfb6e216210cd1c6d1fb1833dde4a3f7fc33e854337622ecf5ea1cd7a4b308714d6061d46a89f8b0ee6a0cc2937ceb036fc710a04e3a418
+  data.tar.gz: d90c83c44f7489c705c4f803cca22aa3c92576d42167bd4845604601fa90ab41fd8ba80d05543d3cbfc191d78f370b330a6d5f2eb12f706754296b4b79ca54e3

data/.claude/CLAUDE.md

@@ -0,0 +1,3 @@
+# Project Memory
+
+@.claude/rules/claude_memory.generated.md

data/.claude/rules/claude_memory.generated.md

@@ -0,0 +1,8 @@
+<!-- 
+  This file is auto-generated by claude-memory.
+  Do not edit manually - changes will be overwritten.
+  Generated: 2026-01-28T14:53:09Z
+-->
+
+# Project Memory
+

data/.claude/settings.local.json

@@ -0,0 +1,9 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(bundle exec rspec:*)",
+      "Bash(bundle install:*)",
+      "Bash(bundle exec standardrb:*)"
+    ]
+  }
+}

data/.devcontainer/.env.example

@@ -0,0 +1,12 @@
+# Copy this file to .env and add your API keys
+# DO NOT commit .env to git!
+
+# OpenAI API Key (optional - for testing LLM features)
+OPENAI_API_KEY=sk-proj-your-key-here
+
+# Anthropic API Key (optional - for testing LLM features)
+ANTHROPIC_API_KEY=sk-ant-your-key-here
+
+# Or leave empty to test without API calls
+# OPENAI_API_KEY=
+# ANTHROPIC_API_KEY=

data/.devcontainer/Dockerfile.standalone

@@ -0,0 +1,30 @@
+# Standalone Dockerfile for testing outside VS Code
+FROM ruby:4.0
+
+# Install any additional system dependencies
+RUN apt-get update && apt-get install -y \
+    build-essential \
+    git \
+    vim \
+    && rm -rf /var/lib/apt/lists/*
+
+# Set up working directory
+WORKDIR /workspaces/chaos_to_the_rescue
+
+# Copy Gemfile and install dependencies
+COPY Gemfile Gemfile.lock chaos_to_the_rescue.gemspec ./
+COPY lib/chaos_to_the_rescue/version.rb ./lib/chaos_to_the_rescue/
+
+RUN bundle install
+
+# Copy the rest of the application
+COPY . .
+
+# Set up non-root user for security
+RUN useradd -m -u 1000 -s /bin/bash vscode && \
+    chown -R vscode:vscode /workspaces/chaos_to_the_rescue
+
+USER vscode
+
+# Default command: run the console
+CMD ["bin/console"]

data/.devcontainer/README.md

@@ -0,0 +1,207 @@
+# DevContainer for Safe Testing
+
+This devcontainer provides an isolated, safe environment for testing `bin/console` and other potentially dangerous features of ChaosToTheRescue.
+
+## Why Use This?
+
+The `bin/console` script:
+- Auto-configures with API keys from environment variables
+- Enables `auto_define_methods` (executes generated code automatically)
+- Enables `allow_everything!` (any method name allowed)
+- Makes real API calls that cost money
+
+**Devcontainer Benefits:**
+- ✅ Isolated from your host system
+- ✅ Can't accidentally harm your local files
+- ✅ Easy to reset/rebuild
+- ✅ Reproducible environment
+- ✅ Can limit network access
+- ✅ Safe for experimentation
+- ✅ Uses Ruby 4.0 (matches latest Ruby)
+
+## Setup Options
+
+### Option 1: Using VS Code (Recommended)
+
+1. Install the [Dev Containers extension](https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-containers)
+2. Open this project in VS Code
+3. Click the popup "Reopen in Container" or:
+   - Press `F1`
+   - Select "Dev Containers: Reopen in Container"
+4. Wait for the container to build (first time only)
+5. Run `bin/console` in the terminal
+
+### Option 2: Using Docker Directly
+
+```bash
+# Build the container
+docker build -t chaos-test -f .devcontainer/Dockerfile.standalone .
+
+# Run with API keys (makes real API calls - costs money!)
+docker run -it --rm \
+  -v $(pwd):/workspaces/chaos_to_the_rescue \
+  -w /workspaces/chaos_to_the_rescue \
+  -e OPENAI_API_KEY="sk-..." \
+  -e ANTHROPIC_API_KEY="sk-ant-..." \
+  chaos-test
+
+# Or run WITHOUT network access (no API calls possible)
+docker run -it --rm --network=none \
+  -v $(pwd):/workspaces/chaos_to_the_rescue \
+  -w /workspaces/chaos_to_the_rescue \
+  chaos-test
+```
+
+### Option 3: Docker Compose
+
+```bash
+# Copy the example env file
+cp .devcontainer/.env.example .devcontainer/.env
+
+# Edit .env and add your API keys (optional)
+# vim .devcontainer/.env
+
+# Start the container
+docker compose -f .devcontainer/docker-compose.yml up -d
+
+# Attach to it
+docker compose -f .devcontainer/docker-compose.yml exec chaos bash
+
+# Inside the container
+bin/console
+```
+
+## API Key Management
+
+### Recommended: Use `.env.devcontainer` (gitignored)
+
+```bash
+# Create the file
+cat > .devcontainer/.env.devcontainer <<EOF
+OPENAI_API_KEY=sk-proj-...
+ANTHROPIC_API_KEY=sk-ant-...
+EOF
+
+# The devcontainer will auto-load this file
+```
+
+### Alternative: Set in devcontainer.json
+
+Edit `.devcontainer/devcontainer.json` and add to `containerEnv`:
+
+```json
+"containerEnv": {
+  "OPENAI_API_KEY": "sk-...",
+  "ANTHROPIC_API_KEY": "sk-ant-..."
+}
+```
+
+**⚠️ Warning:** Don't commit API keys to git!
+
+## Network Isolation (Ultra-Safe Mode)
+
+To prevent any network access (blocks API calls):
+
+1. Edit `.devcontainer/devcontainer.json`
+2. Uncomment the `runArgs` line:
+   ```json
+   "runArgs": ["--network=none"],
+   ```
+3. Rebuild the container
+
+**In this mode:**
+- ✅ No API calls possible (no costs)
+- ✅ Maximum isolation
+- ❌ Can't test actual LLM features
+- ✅ Can test configuration, patterns, allowlists, etc.
+
+## Testing Without Real API Calls
+
+You can test most functionality without making API calls:
+
+```ruby
+# In bin/console
+
+# Test configuration
+ChaosToTheRescue.configuration.enabled
+ChaosToTheRescue.configuration.model
+
+# Test allowlist patterns
+ChaosToTheRescue.configuration.allow_everything!
+ChaosToTheRescue.configuration.allowed_method_name_patterns
+
+# Test method name matching
+config = ChaosToTheRescue.configuration
+config.allowed_method_name_patterns = [/^calc_/]
+config.method_name_allowed?(:calc_sum)  # true
+config.method_name_allowed?(:delete_everything)  # false
+
+# Disable auto-execution to see generated code
+ChaosToTheRescue.configuration.auto_define_methods = false
+ChaosToTheRescue.configuration.log_level = :debug
+```
+
+## Cleanup
+
+### VS Code
+- `F1` → "Dev Containers: Rebuild Container" (clean rebuild)
+- `F1` → "Remote: Close Remote Connection" (exit)
+
+### Docker
+```bash
+# Stop and remove
+docker compose -f .devcontainer/docker-compose.yml down
+
+# Remove volumes
+docker compose -f .devcontainer/docker-compose.yml down -v
+
+# Clean everything
+docker system prune -a
+```
+
+## Troubleshooting
+
+### Container won't start
+```bash
+# Check Docker is running
+docker ps
+
+# Rebuild from scratch
+docker compose -f .devcontainer/docker-compose.yml build --no-cache
+```
+
+### Bundle install fails
+```bash
+# Inside container
+bundle config set --local path 'vendor/bundle'
+bundle install
+```
+
+### API calls not working
+- Check API keys are set: `echo $OPENAI_API_KEY`
+- Check network isn't disabled: `ping google.com`
+- Check `config.enabled = true` in console
+
+### Want to test with a mock LLM
+Consider adding a mock mode to the gem itself (see FEATURES.md)
+
+## Security Notes
+
+Even in a container:
+- ✅ Generated code runs in isolation
+- ✅ File system access limited to mounted workspace
+- ✅ Network can be disabled
+- ⚠️ Container shares host kernel (not a VM)
+- ⚠️ Mounted files can be modified
+- ⚠️ API keys are visible in container
+
+**Best Practices:**
+1. Use test API keys with limited budgets
+2. Enable network isolation when possible
+3. Review generated code before copying to host
+4. Don't mount sensitive directories
+5. Rebuild container regularly for fresh state
+
+## Ruby Version
+
+This devcontainer uses **Ruby 4.0** (official ruby:4.0 image) to match the latest Ruby version and ensure forward compatibility testing.

data/.devcontainer/devcontainer.json

@@ -0,0 +1,54 @@
+{
+  "name": "ChaosToTheRescue Safe Testing",
+  "image": "ruby:4.0",
+
+  "features": {
+    "ghcr.io/devcontainers/features/git:1": {},
+    "ghcr.io/devcontainers/features/common-utils:2": {
+      "installZsh": false,
+      "installOhMyZsh": false,
+      "username": "vscode",
+      "uid": "1000",
+      "gid": "1000"
+    }
+  },
+
+  "customizations": {
+    "vscode": {
+      "extensions": [
+        "rebornix.ruby",
+        "castwide.solargraph",
+        "kaiwood.endwise"
+      ],
+      "settings": {
+        "terminal.integrated.defaultProfile.linux": "bash"
+      }
+    }
+  },
+
+  // Mount the repo but keep isolation
+  "mounts": [
+    "source=${localWorkspaceFolder},target=/workspaces/chaos_to_the_rescue,type=bind,consistency=cached"
+  ],
+
+  // Run as non-root user for safety
+  "remoteUser": "vscode",
+
+  "workspaceFolder": "/workspaces/chaos_to_the_rescue",
+
+  // Automatically run bundle install on container creation
+  "postCreateCommand": "bundle install",
+
+  // Set up environment variables for testing
+  // NOTE: Add API keys via .devcontainer/.env.devcontainer (gitignored)
+  "containerEnv": {
+    "CHAOS_TESTING": "true"
+  },
+
+  // Optional: Limit network access for paranoid isolation
+  // Uncomment to enable (this will block API calls)
+  // "runArgs": ["--network=none"],
+
+  // Keep container running for interactive console sessions
+  "postAttachCommand": "echo '✓ Ready for safe testing! Run: bin/console'"
+}

data/.devcontainer/docker-compose.yml

@@ -0,0 +1,32 @@
+version: '3.8'
+
+services:
+  chaos:
+    image: ruby:4.0
+    container_name: chaos-to-the-rescue-testing
+
+    volumes:
+      - ..:/workspaces/chaos_to_the_rescue:cached
+      - bundle_cache:/usr/local/bundle
+
+    working_dir: /workspaces/chaos_to_the_rescue
+
+    # Load API keys from .env file (create from .env.example)
+    env_file:
+      - .env
+
+    environment:
+      - CHAOS_TESTING=true
+      - BUNDLE_PATH=/usr/local/bundle
+
+    # Keep container running
+    command: sleep infinity
+
+    # Uncomment to disable network (ultra-safe mode)
+    # network_mode: none
+
+    # Run as non-root user for added security
+    user: "1000:1000"
+
+volumes:
+  bundle_cache:

data/CHANGELOG.md

@@ -0,0 +1,18 @@
+## [Unreleased]
+
+## [0.1.0] - 2026-01-28
+
+### Added
+- Safe-by-default LLM-powered method generation via `ChaosRescue` mixin
+- Support for both instance and class method generation
+- Rails exception rescue suggestions with `chaos_suggest_fix`
+- Method guidance and verification system with `chaos_guidance` and `verify_chaos`
+- Comprehensive security features (secret redaction, opt-in behavior, allowlist controls)
+- Configurable allowlist patterns and explicit method allowlists
+- Auto-fix capability for incorrect method implementations
+- Devcontainer setup for safe testing in isolated environment
+- Support for multiple LLM providers via RubyLLM integration
+- Disabled by default with multiple safety layers
+
+### Changed
+- Renamed `chaos_verify` to `verify_chaos` for better API consistency

data/CODE_OF_CONDUCT.md

@@ -0,0 +1,10 @@
+# Code of Conduct
+
+"chaos_to_the_rescue" follows [The Ruby Community Conduct Guideline](https://www.ruby-lang.org/en/conduct) in all "collaborative space", which is defined as community communications channels (such as mailing lists, submitted patches, commit comments, etc.):
+
+* Participants will be tolerant of opposing views.
+* Participants must ensure that their language and actions are free of personal attacks and disparaging personal remarks.
+* When interpreting the words and actions of others, participants should always assume good intentions.
+* Behaviour which can be reasonably considered harassment will not be tolerated.
+
+If you have any concerns about behaviour within this project, please contact us at ["v@codenamev.com"](mailto:"v@codenamev.com").