ruby_llm-toolbox 0.1.0

data/lib/ruby_llm/toolbox/tools/replace_in_files.rb

@@ -0,0 +1,139 @@
+# frozen_string_literal: true
+
+require "ruby_llm/toolbox/base"
+require "ruby_llm/toolbox/safety/path_jail"
+
+module RubyLLM
+  module Toolbox
+    module Tools
+      # EXEC. Find-and-replace across the files in fs_root that match a glob.
+      # Literal by default; set regex: true for a pattern (with backreferences in
+      # the replacement). Binary files and ignored directories are skipped, the
+      # pattern runs under a ReDoS timeout, and every path is jailed to fs_root.
+      # Use dry_run: true to preview the impact without writing.
+      class ReplaceInFiles < Base
+        exec_tool!
+
+        description "Replace occurrences of a pattern with a replacement across files in fs_root " \
+                    "matching a glob (default '**/*'). Literal by default; set regex true to use a " \
+                    "regular expression (replacement may use \\1 backreferences). Set dry_run true to " \
+                    "preview without writing. Skips binary files and ignored directories."
+
+        MAX_BYTES = 5 * 1024 * 1024
+        MAX_LISTED = 100
+
+        param :pattern, type: "string",
+                        desc: "Text (or regex if regex=true) to find.",
+                        required: true
+        param :replacement, type: "string",
+                            desc: "Replacement text. With regex=true, \\1 etc. refer to capture groups.",
+                            required: false
+        param :glob, type: "string",
+                     desc: "Glob of files to search, relative to fs_root. Default '**/*'.",
+                     required: false
+        param :regex, type: "boolean",
+                      desc: "Treat pattern as a regular expression. Default false (literal).",
+                      required: false
+        param :ignore_case, type: "boolean",
+                           desc: "Case-insensitive matching. Default false.",
+                           required: false
+        param :dry_run, type: "boolean",
+                       desc: "Report what would change without writing. Default false.",
+                       required: false
+
+        def execute(pattern:, replacement: "", glob: "**/*", regex: false, ignore_case: false, dry_run: false)
+          return error("pattern must not be empty", code: :empty_pattern) if pattern.to_s.empty?
+
+          matcher = build_matcher(pattern, regex, ignore_case)
+          jail = Safety::PathJail.new(config.fs_root)
+          root = File.realpath(config.fs_root)
+
+          changed = []
+          total = 0
+          candidate_files(glob, jail, root).each do |abs, rel|
+            content = File.read(abs)
+            next unless text?(content)
+
+            count, updated = substitute(content, matcher, replacement.to_s, regex)
+            next if count.zero?
+
+            total += count
+            changed << [rel, count]
+            File.write(abs, updated) unless dry_run
+          end
+
+          format_summary(changed, total, dry_run)
+        rescue Safety::PathJail::Jailbreak => e
+          error(e.message, code: :path_denied)
+        rescue Regexp::TimeoutError
+          error("pattern timed out (possible ReDoS); narrow the pattern", code: :regex_timeout)
+        rescue RegexpError => e
+          error("invalid regular expression: #{e.message}", code: :bad_regex)
+        end
+
+        private
+
+        def build_matcher(pattern, regex, ignore_case)
+          flags = ignore_case ? Regexp::IGNORECASE : 0
+          timeout = config.regex_timeout
+          src = regex ? pattern.to_s : Regexp.escape(pattern.to_s)
+          Regexp.new(src, flags, timeout: timeout)
+        end
+
+        def candidate_files(glob, jail, root)
+          Dir.glob(File.join(config.fs_root, glob)).filter_map do |abs|
+            next unless File.file?(abs)
+
+            begin
+              real = File.realpath(abs)
+            rescue StandardError
+              next
+            end
+            next unless real == root || real.start_with?(root + File::SEPARATOR)
+
+            rel = real.delete_prefix(root + File::SEPARATOR)
+            next if ignored?(rel)
+            next if File.size(real) > MAX_BYTES
+
+            jail.resolve(rel) # raises Jailbreak if somehow outside
+            [real, rel]
+          end
+        end
+
+        def ignored?(rel)
+          parts = rel.split(File::SEPARATOR)
+          Array(config.ignored_dirs).any? { |dir| parts.include?(dir) }
+        end
+
+        def text?(content)
+          content.valid_encoding? && !content.include?("\u0000")
+        end
+
+        def substitute(content, matcher, replacement, regex)
+          if regex
+            count = content.scan(matcher).size
+            return [0, content] if count.zero?
+
+            [count, content.gsub(matcher, replacement)]
+          else
+            count = 0
+            updated = content.gsub(matcher) { count += 1; replacement }
+            return [0, content] if count.zero?
+
+            [count, updated]
+          end
+        end
+
+        def format_summary(changed, total, dry_run)
+          verb = dry_run ? "Would replace" : "Replaced"
+          return "#{verb} 0 occurrences (no matching files changed)." if changed.empty?
+
+          header = "#{verb} #{total} occurrence#{total == 1 ? '' : 's'} across #{changed.size} file#{changed.size == 1 ? '' : 's'}#{dry_run ? ' (dry run)' : ''}:"
+          lines = changed.first(MAX_LISTED).map { |rel, n| "  #{rel} (#{n})" }
+          lines << "  ... and #{changed.size - MAX_LISTED} more" if changed.size > MAX_LISTED
+          truncate(([header] + lines).join("\n"))
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/toolbox/tools/run_python.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+require "ruby_llm/toolbox/base"
+require "ruby_llm/toolbox/tools/sandbox_run"
+
+module RubyLLM
+  module Toolbox
+    module Tools
+      # EXEC. Executes a Python snippet inside a hardened Docker container (no
+      # network, read-only filesystem, dropped capabilities, memory/CPU/pids
+      # limits, wall-clock timeout). Source is piped to the interpreter on
+      # stdin, so nothing from the host is mounted.
+      #
+      # Gated: requires config.enable_exec_tools AND Docker on the host. Uses
+      # config.python_image (default python:3.12-slim).
+      class RunPython < Base
+        include SandboxRun
+        exec_tool!
+
+        description "Execute a snippet of Python in an isolated Docker container and return its " \
+                    "stdout, stderr, and exit status. The container has no network, a read-only " \
+                    "filesystem, dropped capabilities, and memory/CPU/time limits. Print results " \
+                    "with print(). Requires Docker on the host."
+
+        param :code, type: "string",
+                     desc: "Python source to execute. Read on stdin by the interpreter; " \
+                           "print output with print().",
+                     required: true
+
+        def execute(code:)
+          return error("code must be provided", code: :empty_code) if code.to_s.strip.empty?
+
+          run_in_sandbox(["python3", "-"], code, image: config.python_image)
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/toolbox/tools/run_ruby.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+require "ruby_llm/toolbox/base"
+require "ruby_llm/toolbox/tools/sandbox_run"
+
+module RubyLLM
+  module Toolbox
+    module Tools
+      # EXEC. Executes a Ruby snippet inside a hardened Docker container (no
+      # network, read-only filesystem, dropped capabilities, memory/CPU/pids
+      # limits, wall-clock timeout). Source is piped to the interpreter on
+      # stdin, so nothing from the host is mounted.
+      #
+      # Gated: requires config.enable_exec_tools AND Docker on the host.
+      class RunRuby < Base
+        include SandboxRun
+        exec_tool!
+
+        description "Execute a snippet of Ruby in an isolated Docker container and return its " \
+                    "stdout, stderr, and exit status. The container has no network, a read-only " \
+                    "filesystem, dropped capabilities, and memory/CPU/time limits. Print results " \
+                    "with puts or p. Requires Docker on the host."
+
+        param :code, type: "string",
+                     desc: "Ruby source to execute. Read on stdin by the interpreter; " \
+                           "print output with puts/p.",
+                     required: true
+
+        def execute(code:)
+          return error("code must be provided", code: :empty_code) if code.to_s.strip.empty?
+
+          run_in_sandbox(["ruby"], code, image: config.docker_image)
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/toolbox/tools/run_rust.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+require "ruby_llm/toolbox/base"
+require "ruby_llm/toolbox/tools/sandbox_run"
+
+module RubyLLM
+  module Toolbox
+    module Tools
+      # EXEC. Compiles and runs a Rust snippet inside the hardened Docker
+      # sandbox (no network, read-only root with a tmpfs scratch, dropped
+      # capabilities, resource/time limits). The source is piped on stdin; a
+      # tiny shell step inside the (already isolated) container writes it to the
+      # tmpfs, compiles with rustc, and runs the binary.
+      #
+      # Gated: requires config.enable_exec_tools AND Docker on the host. Uses
+      # config.rust_image (default rust:1-slim).
+      class RunRust < Base
+        include SandboxRun
+        exec_tool!
+
+        # cat the piped source into the tmpfs, compile, then run.
+        COMPILE_AND_RUN = "cat > /tmp/m.rs && rustc -O /tmp/m.rs -o /tmp/m 2>&1 && /tmp/m"
+
+        description "Compile and run a self-contained Rust program in an isolated Docker container and " \
+                    "return compiler output plus the program's stdout/stderr and exit status. The " \
+                    "container has no network, a read-only filesystem (scratch in tmpfs), dropped " \
+                    "capabilities, and memory/CPU/time limits. Provide a complete program with fn main(). " \
+                    "Requires Docker on the host."
+
+        param :code, type: "string",
+                     desc: "A complete Rust program (must include fn main). Read on stdin, compiled, and run.",
+                     required: true
+
+        def execute(code:)
+          return error("code must be provided", code: :empty_code) if code.to_s.strip.empty?
+
+          run_in_sandbox(["sh", "-c", COMPILE_AND_RUN], code, image: config.rust_image)
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/toolbox/tools/run_tests.rb

@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+
+require "ruby_llm/toolbox/base"
+require "ruby_llm/toolbox/tools/toolchain_helpers"
+
+module RubyLLM
+  module Toolbox
+    module Tools
+      # EXEC. Runs the project's test suite (RSpec or Minitest) from fs_root and
+      # returns the output with a pass/fail headline. A failing suite is a
+      # normal result (the agent needs to see it), not a tool error.
+      class RunTests < Base
+        include ToolchainHelpers
+        exec_tool!
+
+        description "Run the project's test suite from fs_root and report results. Auto-detects " \
+                    "RSpec (spec/ or .rspec) or Minitest (test/ via rake), or set framework " \
+                    "explicitly. Optionally scope to a path. Uses `bundle exec` when a Gemfile exists."
+
+        FRAMEWORKS = %w[rspec minitest].freeze
+
+        param :path, type: "string",
+                     desc: "Limit the run to this spec/test file or directory, relative to fs_root. Optional.",
+                     required: false
+        param :framework, type: "string",
+                          desc: "Force the framework: rspec or minitest. Default: auto-detect.",
+                          required: false
+
+        def execute(path: nil, framework: nil)
+          fw = (framework || detect_framework).to_s
+          return error("could not detect a test framework (no spec/ or test/); set framework", code: :no_framework) if fw.empty?
+          return error("unknown framework: #{fw} (use #{FRAMEWORKS.join(', ')})", code: :bad_framework) unless FRAMEWORKS.include?(fw)
+
+          rel = jail_relative(path)
+          out, err, status = fw == "rspec" ? run_rspec(rel) : run_minitest(rel)
+          toolchain_output(out, err, status,
+                           pass_label: summarize(out, err, "TESTS PASSED"),
+                           fail_label: summarize(out, err, "TESTS FAILED"))
+        rescue Safety::PathJail::Jailbreak => e
+          error(e.message, code: :path_denied)
+        rescue CommandMissing => e
+          error("#{e.message} is not available (is it in the bundle / installed?)", code: :unavailable)
+        end
+
+        private
+
+        def detect_framework
+          root = config.fs_root
+          return "rspec" if File.directory?(File.join(root, "spec")) || File.exist?(File.join(root, ".rspec"))
+          return "minitest" if File.directory?(File.join(root, "test"))
+
+          ""
+        end
+
+        def run_rspec(rel)
+          args = ["rspec"]
+          args << rel if rel
+          run_in_project(args, use_bundle: true)
+        end
+
+        def run_minitest(rel)
+          args = ["rake", "test"]
+          args << "TEST=#{rel}" if rel
+          run_in_project(args, use_bundle: true)
+        end
+
+        # Pull the framework's summary line into the headline when present.
+        def summarize(out, err, label)
+          text = "#{out}\n#{err}"
+          if (m = text.match(/(\d+) examples?, (\d+) failures?(?:, (\d+) errors?)?/))
+            "#{label} (#{m[0]})"
+          elsif (m = text.match(/(\d+) runs?, \d+ assertions?, (\d+) failures?, (\d+) errors?/))
+            "#{label} (#{m[0]})"
+          else
+            label
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/toolbox/tools/sandbox_run.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+require "ruby_llm/toolbox/sandbox/base"
+require "ruby_llm/toolbox/sandbox/docker"
+require "ruby_llm/toolbox/sandbox/bubblewrap"
+require "ruby_llm/toolbox/sandbox/sandbox_exec"
+
+module RubyLLM
+  module Toolbox
+    module Tools
+      # Shared behavior for the sandboxed code-execution tools (run_ruby,
+      # run_python, run_rust): pick the active sandbox backend for this host
+      # (Sandbox.build), run the command with the code piped on stdin, and
+      # format stdout/stderr/exit uniformly. The Docker backend uses `image`;
+      # the host-process backends ignore it and run the host's interpreters.
+      module SandboxRun
+        def run_in_sandbox(argv, code, image:)
+          backend = Sandbox.build(config)
+          out, err, status = backend.run(argv, stdin: code.to_s, image: image)
+          truncate(format_sandbox(out, err, status))
+        rescue Sandbox::Unavailable => e
+          error(e.message, code: :sandbox_unavailable)
+        end
+
+        def format_sandbox(out, err, status)
+          body = +""
+          body << if status == :timeout
+                    "result: timed out after #{config.command_timeout}s (sandbox killed)\n"
+                  else
+                    "exit: #{status.exitstatus}\n"
+                  end
+          body << "\n--- stdout ---\n#{out}" unless out.empty?
+          body << "\n--- stderr ---\n#{err}" unless err.empty?
+          body << "(no output)" if out.empty? && err.empty?
+          body
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/toolbox/tools/todo_write.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+require "ruby_llm/toolbox/base"
+
+module RubyLLM
+  module Toolbox
+    module Tools
+      # SAFE. Tracks a task list for multi-step work. Each call replaces the
+      # whole list (the standard agent pattern) and renders it back. State lives
+      # on the tool instance, so it persists across calls within a single chat
+      # session (when one instance is registered with the chat).
+      class TodoWrite < Base
+        STATUSES = %w[pending in_progress completed].freeze
+        MARKS = { "pending" => "[ ]", "in_progress" => "[~]", "completed" => "[x]" }.freeze
+
+        description "Maintain a task list for multi-step work. Pass the full list of todos; each call " \
+                    "replaces the previous list. Each todo has a content string and a status of " \
+                    "pending, in_progress, or completed."
+
+        param :todos, type: "array",
+                     desc: "The full task list: array of objects with 'content' and 'status' " \
+                           "(pending|in_progress|completed).",
+                     required: true
+
+        def execute(todos:)
+          return error("todos must be an array", code: :bad_todos) unless todos.is_a?(Array)
+
+          normalized = todos.map { |todo| normalize(todo) }
+          invalid = normalized.find { |todo| !STATUSES.include?(todo[:status]) }
+          return error("invalid status: #{invalid[:status].inspect} (use #{STATUSES.join(', ')})", code: :bad_status) if invalid
+
+          @todos = normalized
+          render
+        end
+
+        private
+
+        def normalize(todo)
+          hash = todo.is_a?(Hash) ? todo : {}
+          {
+            content: (hash["content"] || hash[:content]).to_s,
+            status: (hash["status"] || hash[:status] || "pending").to_s.strip.downcase
+          }
+        end
+
+        def render
+          return "Task list is empty." if @todos.empty?
+
+          done = @todos.count { |todo| todo[:status] == "completed" }
+          lines = ["Tasks (#{done}/#{@todos.size} complete):"]
+          @todos.each { |todo| lines << "#{MARKS[todo[:status]]} #{todo[:content]}" }
+          lines.join("\n")
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/toolbox/tools/toml_query.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+require "json"
+require "ruby_llm/toolbox/base"
+require "ruby_llm/toolbox/toml"
+require "ruby_llm/toolbox/data_path"
+require "ruby_llm/toolbox/safety/path_jail"
+
+module RubyLLM
+  module Toolbox
+    module Tools
+      # SAFE. Parses TOML (from a file in fs_root or an inline string) and either
+      # pretty-prints it (as JSON, for readability) or extracts a value with a
+      # dot/bracket path. In-process, read-only — handy for Cargo.toml,
+      # pyproject.toml, and similar config.
+      #
+      # Path syntax matches json_query / yaml_query: dependencies.serde.version,
+      # products[0].name, products[].name
+      class TomlQuery < Base
+        description "Query TOML with a path expression, or pretty-print it. Provide either a file path " \
+                    "(within fs_root) or an inline toml string. Path syntax: keys separated by dots, " \
+                    "[n] for array index, [] to map over an array (e.g. products[].name)."
+
+        MAX_BYTES = 5 * 1024 * 1024
+
+        param :path, type: "string",
+                     desc: "TOML file to read, relative to fs_root. Provide this or toml.",
+                     required: false
+        param :toml, type: "string",
+                     desc: "Inline TOML string. Provide this or path.",
+                     required: false
+        param :query, type: "string",
+                      desc: "Path expression to extract, e.g. 'dependencies.serde.version'. Omit to pretty-print. Optional.",
+                      required: false
+
+        def execute(path: nil, toml: nil, query: nil)
+          source = load_source(path, toml)
+          return source if source.is_a?(Hash) # error
+
+          data = Toml.parse(source)
+          result = query.to_s.strip.empty? ? data : DataPath.query(data, query)
+          truncate(JSON.pretty_generate(result))
+        rescue Safety::PathJail::Jailbreak => e
+          error(e.message, code: :path_denied)
+        rescue Toml::ParseError => e
+          error("invalid TOML: #{e.message}", code: :bad_toml)
+        rescue DataPath::Error => e
+          error(e.message, code: :bad_query)
+        end
+
+        private
+
+        def load_source(path, toml)
+          if path && !path.to_s.empty?
+            jail = Safety::PathJail.new(config.fs_root)
+            real = jail.resolve(path)
+            return error("not a file: #{path}", code: :not_a_file) unless File.file?(real)
+            return error("file too large (> #{MAX_BYTES} bytes)", code: :too_large) if File.size(real) > MAX_BYTES
+
+            File.read(real).scrub
+          elsif toml && !toml.to_s.empty?
+            toml.to_s
+          else
+            error("provide either path or toml", code: :no_input)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/toolbox/tools/toolchain_helpers.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+require "pathname"
+require "ruby_llm/toolbox/process_runner"
+require "ruby_llm/toolbox/safety/path_jail"
+
+module RubyLLM
+  module Toolbox
+    module Tools
+      # Shared behavior for the Ruby toolchain tools (run_tests, lint, bundle).
+      #
+      # Unlike BashTool, these run in fs_root and inherit the full host
+      # environment. That's deliberate: tools like bundler, rbenv/rvm, and the
+      # test/lint binaries rely on the Ruby environment (PATH shims, GEM_HOME,
+      # BUNDLE_*) to resolve correctly, and these are trusted dev commands the
+      # user opted into via enable_exec_tools — not arbitrary user input.
+      module ToolchainHelpers
+        class CommandMissing < StandardError; end
+
+        def gemfile?
+          File.file?(File.join(config.fs_root, "Gemfile"))
+        end
+
+        # Runs argv in fs_root. With use_bundle, prefixes `bundle exec` when a
+        # Gemfile is present. Returns [out, err, status]; raises CommandMissing
+        # if the executable can't be found.
+        def run_in_project(argv, use_bundle: false)
+          command = use_bundle && gemfile? ? ["bundle", "exec", *argv] : argv
+          ProcessRunner.capture(
+            command,
+            env: {},                 # inherit the full host environment
+            chdir: config.fs_root,
+            timeout: config.command_timeout,
+            unsetenv_others: false
+          )
+        rescue Errno::ENOENT
+          raise CommandMissing, command.first
+        end
+
+        # Maps a finished toolchain run onto a return value. Non-zero exit is
+        # NOT treated as a tool error here — failing tests / lint offenses are
+        # results the agent needs to see, with a headline prepended.
+        def toolchain_output(out, err, status, pass_label:, fail_label:)
+          return error("timed out after #{config.command_timeout}s", code: :timeout) if status == :timeout
+
+          combined = [out, err].map(&:to_s).reject(&:empty?).join("\n")
+          headline = status.exitstatus.zero? ? pass_label : fail_label
+          truncate("#{headline}\n\n#{combined}".strip)
+        end
+
+        # Resolve a path param to a project-relative path, rejecting escapes.
+        def jail_relative(path)
+          return nil if path.nil? || path.to_s.empty?
+
+          jail = Safety::PathJail.new(config.fs_root)
+          real = jail.resolve(path)
+          Pathname.new(real).relative_path_from(Pathname.new(jail.root)).to_s
+        end
+      end
+    end
+  end
+end

data/lib/ruby_llm/toolbox/tools/tree.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+require "ruby_llm/toolbox/base"
+require "ruby_llm/toolbox/safety/path_jail"
+
+module RubyLLM
+  module Toolbox
+    module Tools
+      # SAFE. Renders a depth-limited directory tree under fs_root — a quick way
+      # to see project structure without walking it one level at a time with
+      # list_directory. Read-only; ignored directories are skipped, symlinks are
+      # not followed, and the listing is capped.
+      class Tree < Base
+        description "Show a directory tree under fs_root, to a limited depth. Directories are marked " \
+                    "with a trailing slash. Skips ignored directories (node_modules, .git, ...) and " \
+                    "hidden entries unless show_hidden is set."
+
+        DEFAULT_DEPTH = 3
+        MAX_ENTRIES = 500
+
+        param :path, type: "string",
+                     desc: "Directory to start from, relative to fs_root. Defaults to fs_root.",
+                     required: false
+        param :max_depth, type: "integer",
+                          desc: "How many levels deep to descend (default 3).",
+                          required: false
+        param :show_hidden, type: "boolean",
+                           desc: "Include dot-files and dot-directories. Default false.",
+                           required: false
+
+        def execute(path: nil, max_depth: DEFAULT_DEPTH, show_hidden: false)
+          jail = Safety::PathJail.new(config.fs_root)
+          root = jail.resolve(path.to_s.empty? ? "." : path)
+          return error("not a directory: #{path || '.'}", code: :not_a_directory) unless File.directory?(root)
+
+          depth = max_depth.to_i
+          depth = DEFAULT_DEPTH if depth <= 0
+
+          @count = 0
+          @truncated = false
+          lines = ["#{File.basename(root)}/"]
+          walk(root, depth, show_hidden, "", lines)
+          lines << "... (truncated at #{MAX_ENTRIES} entries)" if @truncated
+
+          truncate(lines.join("\n"))
+        rescue Safety::PathJail::Jailbreak => e
+          error(e.message, code: :path_denied)
+        end
+
+        private
+
+        def walk(dir, depth_left, show_hidden, indent, lines)
+          return if depth_left <= 0 || @truncated
+
+          entries = children(dir, show_hidden)
+          entries.each_with_index do |entry, idx|
+            if @count >= MAX_ENTRIES
+              @truncated = true
+              return
+            end
+
+            full = File.join(dir, entry)
+            is_dir = File.directory?(full) && !File.symlink?(full)
+            connector = idx == entries.length - 1 ? "└── " : "├── "
+            lines << "#{indent}#{connector}#{entry}#{is_dir ? '/' : ''}"
+            @count += 1
+
+            next unless is_dir
+
+            child_indent = indent + (idx == entries.length - 1 ? "    " : "│   ")
+            walk(full, depth_left - 1, show_hidden, child_indent, lines)
+          end
+        end
+
+        def children(dir, show_hidden)
+          entries = Dir.children(dir)
+          entries.reject! { |e| e.start_with?(".") } unless show_hidden
+          entries.reject! { |e| File.directory?(File.join(dir, e)) && Array(config.ignored_dirs).include?(e) }
+          # directories first, then files, each alphabetical
+          entries.sort_by { |e| [File.directory?(File.join(dir, e)) ? 0 : 1, e.downcase] }
+        rescue SystemCallError
+          []
+        end
+      end
+    end
+  end
+end