RubyGems - rubyn-code - Versions diffs - 0.1.0 - Mend

rubyn-code 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (235) hide show

checksums.yaml +7 -0
data/LICENSE +21 -0
data/README.md +620 -0
data/db/migrations/000_create_schema_migrations.sql +4 -0
data/db/migrations/001_create_sessions.sql +16 -0
data/db/migrations/002_create_messages.sql +16 -0
data/db/migrations/003_create_tasks.sql +17 -0
data/db/migrations/004_create_task_dependencies.sql +8 -0
data/db/migrations/005_create_memories.sql +44 -0
data/db/migrations/006_create_cost_records.sql +16 -0
data/db/migrations/007_create_hooks.sql +12 -0
data/db/migrations/008_create_skills_cache.sql +8 -0
data/db/migrations/009_create_teams.sql +27 -0
data/db/migrations/010_create_instincts.sql +15 -0
data/exe/rubyn-code +6 -0
data/lib/rubyn_code/agent/conversation.rb +193 -0
data/lib/rubyn_code/agent/loop.rb +517 -0
data/lib/rubyn_code/agent/loop_detector.rb +78 -0
data/lib/rubyn_code/auth/oauth.rb +174 -0
data/lib/rubyn_code/auth/server.rb +126 -0
data/lib/rubyn_code/auth/token_store.rb +153 -0
data/lib/rubyn_code/autonomous/daemon.rb +233 -0
data/lib/rubyn_code/autonomous/idle_poller.rb +111 -0
data/lib/rubyn_code/autonomous/task_claimer.rb +100 -0
data/lib/rubyn_code/background/job.rb +19 -0
data/lib/rubyn_code/background/notifier.rb +44 -0
data/lib/rubyn_code/background/worker.rb +146 -0
data/lib/rubyn_code/cli/app.rb +118 -0
data/lib/rubyn_code/cli/input_handler.rb +79 -0
data/lib/rubyn_code/cli/renderer.rb +205 -0
data/lib/rubyn_code/cli/repl.rb +519 -0
data/lib/rubyn_code/cli/spinner.rb +100 -0
data/lib/rubyn_code/cli/stream_formatter.rb +149 -0
data/lib/rubyn_code/config/defaults.rb +43 -0
data/lib/rubyn_code/config/project_config.rb +120 -0
data/lib/rubyn_code/config/settings.rb +127 -0
data/lib/rubyn_code/context/auto_compact.rb +81 -0
data/lib/rubyn_code/context/compactor.rb +89 -0
data/lib/rubyn_code/context/manager.rb +91 -0
data/lib/rubyn_code/context/manual_compact.rb +87 -0
data/lib/rubyn_code/context/micro_compact.rb +135 -0
data/lib/rubyn_code/db/connection.rb +176 -0
data/lib/rubyn_code/db/migrator.rb +146 -0
data/lib/rubyn_code/db/schema.rb +106 -0
data/lib/rubyn_code/hooks/built_in.rb +124 -0
data/lib/rubyn_code/hooks/registry.rb +99 -0
data/lib/rubyn_code/hooks/runner.rb +88 -0
data/lib/rubyn_code/hooks/user_hooks.rb +90 -0
data/lib/rubyn_code/learning/extractor.rb +191 -0
data/lib/rubyn_code/learning/injector.rb +138 -0
data/lib/rubyn_code/learning/instinct.rb +172 -0
data/lib/rubyn_code/llm/client.rb +218 -0
data/lib/rubyn_code/llm/message_builder.rb +116 -0
data/lib/rubyn_code/llm/streaming.rb +203 -0
data/lib/rubyn_code/mcp/client.rb +139 -0
data/lib/rubyn_code/mcp/config.rb +83 -0
data/lib/rubyn_code/mcp/sse_transport.rb +225 -0
data/lib/rubyn_code/mcp/stdio_transport.rb +196 -0
data/lib/rubyn_code/mcp/tool_bridge.rb +164 -0
data/lib/rubyn_code/memory/models.rb +62 -0
data/lib/rubyn_code/memory/search.rb +181 -0
data/lib/rubyn_code/memory/session_persistence.rb +194 -0
data/lib/rubyn_code/memory/store.rb +199 -0
data/lib/rubyn_code/observability/budget_enforcer.rb +159 -0
data/lib/rubyn_code/observability/cost_calculator.rb +61 -0
data/lib/rubyn_code/observability/models.rb +29 -0
data/lib/rubyn_code/observability/token_counter.rb +42 -0
data/lib/rubyn_code/observability/usage_reporter.rb +140 -0
data/lib/rubyn_code/output/diff_renderer.rb +212 -0
data/lib/rubyn_code/output/formatter.rb +120 -0
data/lib/rubyn_code/permissions/deny_list.rb +49 -0
data/lib/rubyn_code/permissions/policy.rb +59 -0
data/lib/rubyn_code/permissions/prompter.rb +80 -0
data/lib/rubyn_code/permissions/tier.rb +22 -0
data/lib/rubyn_code/protocols/interrupt_handler.rb +95 -0
data/lib/rubyn_code/protocols/plan_approval.rb +67 -0
data/lib/rubyn_code/protocols/shutdown_handshake.rb +109 -0
data/lib/rubyn_code/skills/catalog.rb +70 -0
data/lib/rubyn_code/skills/document.rb +80 -0
data/lib/rubyn_code/skills/loader.rb +57 -0
data/lib/rubyn_code/sub_agents/runner.rb +168 -0
data/lib/rubyn_code/sub_agents/summarizer.rb +57 -0
data/lib/rubyn_code/tasks/dag.rb +208 -0
data/lib/rubyn_code/tasks/manager.rb +212 -0
data/lib/rubyn_code/tasks/models.rb +31 -0
data/lib/rubyn_code/teams/mailbox.rb +128 -0
data/lib/rubyn_code/teams/manager.rb +175 -0
data/lib/rubyn_code/teams/teammate.rb +38 -0
data/lib/rubyn_code/tools/background_run.rb +41 -0
data/lib/rubyn_code/tools/base.rb +84 -0
data/lib/rubyn_code/tools/bash.rb +81 -0
data/lib/rubyn_code/tools/bundle_add.rb +53 -0
data/lib/rubyn_code/tools/bundle_install.rb +41 -0
data/lib/rubyn_code/tools/compact.rb +57 -0
data/lib/rubyn_code/tools/db_migrate.rb +52 -0
data/lib/rubyn_code/tools/edit_file.rb +49 -0
data/lib/rubyn_code/tools/executor.rb +62 -0
data/lib/rubyn_code/tools/git_commit.rb +97 -0
data/lib/rubyn_code/tools/git_diff.rb +61 -0
data/lib/rubyn_code/tools/git_log.rb +59 -0
data/lib/rubyn_code/tools/git_status.rb +59 -0
data/lib/rubyn_code/tools/glob.rb +44 -0
data/lib/rubyn_code/tools/grep.rb +81 -0
data/lib/rubyn_code/tools/load_skill.rb +41 -0
data/lib/rubyn_code/tools/memory_search.rb +77 -0
data/lib/rubyn_code/tools/memory_write.rb +52 -0
data/lib/rubyn_code/tools/rails_generate.rb +54 -0
data/lib/rubyn_code/tools/read_file.rb +38 -0
data/lib/rubyn_code/tools/read_inbox.rb +64 -0
data/lib/rubyn_code/tools/registry.rb +48 -0
data/lib/rubyn_code/tools/review_pr.rb +145 -0
data/lib/rubyn_code/tools/run_specs.rb +75 -0
data/lib/rubyn_code/tools/schema.rb +59 -0
data/lib/rubyn_code/tools/send_message.rb +53 -0
data/lib/rubyn_code/tools/spawn_agent.rb +154 -0
data/lib/rubyn_code/tools/spawn_teammate.rb +168 -0
data/lib/rubyn_code/tools/task.rb +148 -0
data/lib/rubyn_code/tools/web_fetch.rb +108 -0
data/lib/rubyn_code/tools/web_search.rb +196 -0
data/lib/rubyn_code/tools/write_file.rb +30 -0
data/lib/rubyn_code/version.rb +5 -0
data/lib/rubyn_code.rb +203 -0
data/skills/code_quality/fits_in_your_head.md +189 -0
data/skills/code_quality/naming_conventions.md +213 -0
data/skills/code_quality/null_object.md +205 -0
data/skills/code_quality/technical_debt.md +135 -0
data/skills/code_quality/value_objects.md +216 -0
data/skills/code_quality/yagni.md +176 -0
data/skills/design_patterns/adapter.md +191 -0
data/skills/design_patterns/bridge_memento_visitor.md +254 -0
data/skills/design_patterns/builder.md +158 -0
data/skills/design_patterns/command.md +126 -0
data/skills/design_patterns/composite.md +147 -0
data/skills/design_patterns/decorator.md +204 -0
data/skills/design_patterns/facade.md +133 -0
data/skills/design_patterns/factory_method.md +169 -0
data/skills/design_patterns/iterator.md +116 -0
data/skills/design_patterns/mediator.md +133 -0
data/skills/design_patterns/observer.md +177 -0
data/skills/design_patterns/proxy.md +140 -0
data/skills/design_patterns/singleton.md +124 -0
data/skills/design_patterns/state.md +207 -0
data/skills/design_patterns/strategy.md +127 -0
data/skills/design_patterns/template_method.md +173 -0
data/skills/gems/devise.md +365 -0
data/skills/gems/dry_rb.md +186 -0
data/skills/gems/factory_bot.md +268 -0
data/skills/gems/faraday.md +263 -0
data/skills/gems/graphql_ruby.md +514 -0
data/skills/gems/pundit.md +446 -0
data/skills/gems/redis.md +219 -0
data/skills/gems/rubocop.md +257 -0
data/skills/gems/sidekiq.md +360 -0
data/skills/gems/stripe.md +224 -0
data/skills/minitest/assertions.md +185 -0
data/skills/minitest/fixtures.md +238 -0
data/skills/minitest/integration_tests.md +210 -0
data/skills/minitest/mailers_and_jobs.md +218 -0
data/skills/minitest/mocking_stubbing.md +202 -0
data/skills/minitest/service_tests_and_performance.md +246 -0
data/skills/minitest/structure_and_conventions.md +169 -0
data/skills/minitest/system_tests.md +237 -0
data/skills/rails/action_cable.md +160 -0
data/skills/rails/active_record_basics.md +174 -0
data/skills/rails/active_storage.md +242 -0
data/skills/rails/api_design.md +212 -0
data/skills/rails/associations.md +182 -0
data/skills/rails/background_jobs.md +212 -0
data/skills/rails/caching.md +158 -0
data/skills/rails/callbacks.md +135 -0
data/skills/rails/concerns_controllers.md +218 -0
data/skills/rails/concerns_models.md +280 -0
data/skills/rails/controllers.md +190 -0
data/skills/rails/engines.md +201 -0
data/skills/rails/form_objects.md +168 -0
data/skills/rails/hotwire.md +229 -0
data/skills/rails/internationalization.md +192 -0
data/skills/rails/logging.md +198 -0
data/skills/rails/mailers.md +180 -0
data/skills/rails/migrations.md +200 -0
data/skills/rails/multitenancy.md +207 -0
data/skills/rails/n_plus_one.md +151 -0
data/skills/rails/presenters.md +244 -0
data/skills/rails/query_objects.md +177 -0
data/skills/rails/routing.md +194 -0
data/skills/rails/scopes.md +187 -0
data/skills/rails/security.md +233 -0
data/skills/rails/serializers.md +243 -0
data/skills/rails/service_objects.md +184 -0
data/skills/rails/testing_strategy.md +258 -0
data/skills/rails/validations.md +206 -0
data/skills/refactoring/code_smells.md +251 -0
data/skills/refactoring/command_query_separation.md +166 -0
data/skills/refactoring/encapsulate_collection.md +125 -0
data/skills/refactoring/extract_class.md +138 -0
data/skills/refactoring/extract_method.md +185 -0
data/skills/refactoring/replace_conditional.md +211 -0
data/skills/refactoring/value_objects.md +246 -0
data/skills/rspec/build_stubbed.md +199 -0
data/skills/rspec/factory_design.md +206 -0
data/skills/rspec/let_vs_let_bang.md +161 -0
data/skills/rspec/mocking_stubbing.md +209 -0
data/skills/rspec/request_specs.md +212 -0
data/skills/rspec/service_specs.md +262 -0
data/skills/rspec/shared_examples.md +244 -0
data/skills/rspec/system_specs.md +286 -0
data/skills/rspec/test_performance.md +215 -0
data/skills/ruby/blocks_procs_lambdas.md +204 -0
data/skills/ruby/classes.md +155 -0
data/skills/ruby/concurrency.md +194 -0
data/skills/ruby/data_struct_openstruct.md +158 -0
data/skills/ruby/debugging_profiling.md +204 -0
data/skills/ruby/enumerable_patterns.md +168 -0
data/skills/ruby/exception_handling.md +199 -0
data/skills/ruby/file_io.md +217 -0
data/skills/ruby/hashes.md +195 -0
data/skills/ruby/metaprogramming.md +170 -0
data/skills/ruby/modules.md +210 -0
data/skills/ruby/pattern_matching.md +177 -0
data/skills/ruby/regular_expressions.md +166 -0
data/skills/ruby/result_objects.md +200 -0
data/skills/ruby/strings.md +177 -0
data/skills/ruby_project/bundler_dependencies.md +181 -0
data/skills/ruby_project/cli_tools.md +224 -0
data/skills/ruby_project/rake_tasks.md +146 -0
data/skills/ruby_project/structure.md +261 -0
data/skills/sinatra/application_structure.md +241 -0
data/skills/sinatra/middleware_and_deployment.md +221 -0
data/skills/sinatra/testing.md +233 -0
data/skills/solid/dependency_inversion.md +195 -0
data/skills/solid/interface_segregation.md +237 -0
data/skills/solid/liskov_substitution.md +263 -0
data/skills/solid/open_closed.md +212 -0
data/skills/solid/single_responsibility.md +183 -0
metadata +397 -0

data/lib/rubyn_code/auth/oauth.rb ADDED Viewed

@@ -0,0 +1,174 @@
+# frozen_string_literal: true
+require "securerandom"
+require "digest"
+require "base64"
+require "faraday"
+require "json"
+module RubynCode
+  module Auth
+    class OAuth
+      StateMismatchError = Class.new(RubynCode::AuthenticationError)
+      TokenExchangeError = Class.new(RubynCode::AuthenticationError)
+      RefreshError = Class.new(RubynCode::AuthenticationError)
+      VERIFIER_LENGTH = 43
+      def authenticate!
+        code_verifier = generate_code_verifier
+        code_challenge = derive_code_challenge(code_verifier)
+        state = SecureRandom.hex(24)
+        auth_url = build_authorization_url(code_challenge:, state:)
+        callback_server = Server.new
+        open_browser(auth_url)
+        result = callback_server.wait_for_callback(timeout: 120)
+        unless secure_compare(result[:state], state)
+          raise StateMismatchError, "OAuth state parameter mismatch — possible CSRF attack"
+        end
+        tokens = exchange_code(code: result[:code], code_verifier:)
+        TokenStore.save(
+          access_token: tokens[:access_token],
+          refresh_token: tokens[:refresh_token],
+          expires_at: Time.now + tokens[:expires_in].to_i
+        )
+        tokens
+      end
+      def refresh!
+        stored = TokenStore.load
+        raise RefreshError, "No stored refresh token available" unless stored&.dig(:refresh_token)
+        response = http_client.post(token_url) do |req|
+          req.headers["Content-Type"] = "application/x-www-form-urlencoded"
+          req.body = URI.encode_www_form(
+            grant_type: "refresh_token",
+            client_id: client_id,
+            refresh_token: stored[:refresh_token]
+          )
+        end
+        unless response.success?
+          body = parse_json(response.body)
+          error_msg = body&.dig("error_description") || body&.dig("error") || response.body
+          raise RefreshError, "Token refresh failed (#{response.status}): #{error_msg}"
+        end
+        body = parse_json(response.body)
+        raise RefreshError, "Invalid response from token endpoint" unless body
+        TokenStore.save(
+          access_token: body["access_token"],
+          refresh_token: body["refresh_token"] || stored[:refresh_token],
+          expires_at: Time.now + body["expires_in"].to_i
+        )
+        {
+          access_token: body["access_token"],
+          refresh_token: body["refresh_token"] || stored[:refresh_token],
+          expires_in: body["expires_in"]
+        }
+      end
+      private
+      def generate_code_verifier
+        SecureRandom.urlsafe_base64(32).slice(0, VERIFIER_LENGTH)
+      end
+      def derive_code_challenge(verifier)
+        digest = Digest::SHA256.digest(verifier)
+        Base64.urlsafe_encode64(digest, padding: false)
+      end
+      def build_authorization_url(code_challenge:, state:)
+        params = URI.encode_www_form(
+          response_type: "code",
+          client_id: client_id,
+          redirect_uri: redirect_uri,
+          scope: scopes,
+          state: state,
+          code_challenge: code_challenge,
+          code_challenge_method: "S256"
+        )
+        "#{authorize_url}?#{params}"
+      end
+      def exchange_code(code:, code_verifier:)
+        response = http_client.post(token_url) do |req|
+          req.headers["Content-Type"] = "application/x-www-form-urlencoded"
+          req.body = URI.encode_www_form(
+            grant_type: "authorization_code",
+            client_id: client_id,
+            code: code,
+            redirect_uri: redirect_uri,
+            code_verifier: code_verifier
+          )
+        end
+        unless response.success?
+          body = parse_json(response.body)
+          error_msg = body&.dig("error_description") || body&.dig("error") || response.body
+          raise TokenExchangeError, "Code exchange failed (#{response.status}): #{error_msg}"
+        end
+        body = parse_json(response.body)
+        raise TokenExchangeError, "Invalid response from token endpoint" unless body
+        {
+          access_token: body["access_token"],
+          refresh_token: body["refresh_token"],
+          expires_in: body["expires_in"]
+        }
+      end
+      def open_browser(url)
+        launcher = case RUBY_PLATFORM
+                   when /darwin/  then "open"
+                   when /linux/   then "xdg-open"
+                   when /mingw|mswin/ then "start"
+                   else "xdg-open"
+                   end
+        system(launcher, url, exception: false)
+      end
+      def http_client
+        @http_client ||= Faraday.new do |f|
+          f.options.timeout = 30
+          f.options.open_timeout = 10
+          f.adapter Faraday.default_adapter
+        end
+      end
+      def parse_json(body)
+        JSON.parse(body)
+      rescue JSON::ParserError
+        nil
+      end
+      def secure_compare(a, b)
+        return false if a.nil? || b.nil?
+        return false unless a.bytesize == b.bytesize
+        l = a.unpack("C*")
+        r = b.unpack("C*")
+        l.zip(r).reduce(0) { |acc, (x, y)| acc | (x ^ y) }.zero?
+      end
+      def client_id     = Config::Defaults::OAUTH_CLIENT_ID
+      def redirect_uri  = Config::Defaults::OAUTH_REDIRECT_URI
+      def authorize_url = Config::Defaults::OAUTH_AUTHORIZE_URL
+      def token_url     = Config::Defaults::OAUTH_TOKEN_URL
+      def scopes        = Config::Defaults::OAUTH_SCOPES
+    end
+  end
+end

data/lib/rubyn_code/auth/server.rb ADDED Viewed

@@ -0,0 +1,126 @@
+# frozen_string_literal: true
+require "webrick"
+require "uri"
+module RubynCode
+  module Auth
+    class Server
+      LISTEN_HOST = "127.0.0.1"
+      LISTEN_PORT = 19_275
+      CallbackTimeout = Class.new(RubynCode::AuthenticationError)
+      def initialize
+        @result = nil
+        @mutex = Mutex.new
+        @condvar = ConditionVariable.new
+      end
+      def wait_for_callback(timeout: 120)
+        server = build_server
+        thread = Thread.new { server.start }
+        @mutex.synchronize do
+          @condvar.wait(@mutex, timeout) until @result || timed_out?(timeout)
+        end
+        server.shutdown
+        thread.join(5)
+        raise CallbackTimeout, "OAuth callback was not received within #{timeout} seconds" unless @result
+        @result
+      end
+      private
+      def build_server
+        logger = WEBrick::Log.new($stderr, WEBrick::Log::WARN)
+        access_log = []
+        server = WEBrick::HTTPServer.new(
+          BindAddress: LISTEN_HOST,
+          Port: LISTEN_PORT,
+          Logger: logger,
+          AccessLog: access_log
+        )
+        server.mount_proc("/callback") do |req, res|
+          handle_callback(req, res, server)
+        end
+        server
+      end
+      def handle_callback(req, res, server)
+        params = parse_query(req.query_string)
+        code = params["code"]
+        state = params["state"]
+        if code
+          @mutex.synchronize do
+            @result = { code: code, state: state }
+            @condvar.signal
+          end
+          res.status = 200
+          res.content_type = "text/html; charset=utf-8"
+          res.body = success_html
+        else
+          error = params["error"] || "unknown"
+          description = params["error_description"] || "No authorization code received"
+          res.status = 400
+          res.content_type = "text/html; charset=utf-8"
+          res.body = error_html(error, description)
+          @mutex.synchronize do
+            @condvar.signal
+          end
+        end
+        Thread.new { sleep(0.5); server.shutdown }
+      end
+      def parse_query(query_string)
+        return {} unless query_string
+        URI.decode_www_form(query_string).to_h
+      end
+      def timed_out?(timeout)
+        @start_time ||= Process.clock_gettime(Process::CLOCK_MONOTONIC)
+        elapsed = Process.clock_gettime(Process::CLOCK_MONOTONIC) - @start_time
+        elapsed >= timeout
+      end
+      def success_html
+        <<~HTML
+          <!DOCTYPE html>
+          <html>
+          <head><title>rubyn-code</title></head>
+          <body style="font-family: system-ui, sans-serif; text-align: center; padding: 60px;">
+            <h1>Authenticated!</h1>
+            <p>You can close this tab and return to your terminal.</p>
+          </body>
+          </html>
+        HTML
+      end
+      def error_html(error, description)
+        <<~HTML
+          <!DOCTYPE html>
+          <html>
+          <head><title>rubyn-code - Error</title></head>
+          <body style="font-family: system-ui, sans-serif; text-align: center; padding: 60px;">
+            <h1>Authentication Failed</h1>
+            <p><strong>#{WEBrick::HTMLUtils.escape(error)}</strong></p>
+            <p>#{WEBrick::HTMLUtils.escape(description)}</p>
+          </body>
+          </html>
+        HTML
+      end
+    end
+  end
+end

data/lib/rubyn_code/auth/token_store.rb ADDED Viewed

@@ -0,0 +1,153 @@
+# frozen_string_literal: true
+require "yaml"
+require "fileutils"
+require "json"
+require "time"
+module RubynCode
+  module Auth
+    module TokenStore
+      EXPIRY_BUFFER_SECONDS = 300 # 5 minutes
+      KEYCHAIN_SERVICE = "Claude Code-credentials"
+      class << self
+        # Load tokens with fallback chain:
+        # 1. macOS Keychain (Claude Code's OAuth token)
+        # 2. Local YAML file (~/.rubyn-code/tokens.yml)
+        # 3. ANTHROPIC_API_KEY environment variable
+        def load
+          load_from_keychain || load_from_file || load_from_env
+        end
+        def save(access_token:, refresh_token:, expires_at:)
+          ensure_directory!
+          data = {
+            "access_token" => access_token,
+            "refresh_token" => refresh_token,
+            "expires_at" => expires_at.is_a?(Time) ? expires_at.iso8601 : expires_at.to_s
+          }
+          File.write(tokens_path, YAML.dump(data))
+          File.chmod(0o600, tokens_path)
+          data
+        end
+        def clear!
+          File.delete(tokens_path) if File.exist?(tokens_path)
+          true
+        end
+        def valid?
+          tokens = self.load
+          return false unless tokens
+          return false unless tokens[:access_token]
+          # API keys don't expire
+          return true if tokens[:type] == :api_key
+          # OAuth tokens need expiry check
+          return true unless tokens[:expires_at]
+          tokens[:expires_at] > Time.now + EXPIRY_BUFFER_SECONDS
+        end
+        def exists?
+          valid?
+        end
+        def access_token
+          tokens = self.load
+          tokens&.fetch(:access_token, nil)
+        end
+        def token_type
+          tokens = self.load
+          tokens&.fetch(:type, :oauth)
+        end
+        private
+        # Read Claude Code's OAuth token from macOS Keychain
+        def load_from_keychain
+          return nil unless RUBY_PLATFORM.include?("darwin")
+          output = `security find-generic-password -s "#{KEYCHAIN_SERVICE}" -w 2>/dev/null`.strip
+          return nil if output.empty?
+          data = JSON.parse(output)
+          oauth = data["claudeAiOauth"]
+          return nil unless oauth && oauth["accessToken"]
+          expires_at = if oauth["expiresAt"]
+                         Time.at(oauth["expiresAt"] / 1000.0) # milliseconds to seconds
+                       end
+          {
+            access_token: oauth["accessToken"],
+            refresh_token: oauth["refreshToken"],
+            expires_at: expires_at,
+            type: :oauth,
+            source: :keychain
+          }
+        rescue JSON::ParserError, StandardError
+          nil
+        end
+        # Read from local YAML token file
+        def load_from_file
+          return nil unless File.exist?(tokens_path)
+          data = YAML.safe_load_file(tokens_path, permitted_classes: [Time])
+          return nil unless data.is_a?(Hash)
+          return nil unless data["access_token"]
+          {
+            access_token: data["access_token"],
+            refresh_token: data["refresh_token"],
+            expires_at: parse_time(data["expires_at"]),
+            type: :oauth,
+            source: :file
+          }
+        rescue Psych::SyntaxError, Errno::EACCES
+          nil
+        end
+        # Fall back to ANTHROPIC_API_KEY environment variable
+        def load_from_env
+          api_key = ENV["ANTHROPIC_API_KEY"]
+          return nil unless api_key && !api_key.empty?
+          {
+            access_token: api_key,
+            refresh_token: nil,
+            expires_at: nil,
+            type: :api_key,
+            source: :env
+          }
+        end
+        def tokens_path
+          Config::Defaults::TOKENS_FILE
+        end
+        def ensure_directory!
+          dir = File.dirname(tokens_path)
+          FileUtils.mkdir_p(dir) unless Dir.exist?(dir)
+          File.chmod(0o700, dir)
+        end
+        def parse_time(value)
+          case value
+          when Time then value
+          when String then Time.parse(value)
+          when Integer, Float then Time.at(value)
+          end
+        rescue ArgumentError
+          nil
+        end
+      end
+    end
+  end
+end

data/lib/rubyn_code/autonomous/daemon.rb ADDED Viewed

@@ -0,0 +1,233 @@
+# frozen_string_literal: true
+require "securerandom"
+module RubynCode
+  module Autonomous
+    # The KAIROS daemon -- an always-on autonomous agent that cycles between
+    # working on tasks and polling for new work. The lifecycle is:
+    #
+    #   spawn -> work -> idle -> work -> ... -> shutdown
+    #
+    # Safety limits (max_runs, max_cost) prevent runaway execution.
+    class Daemon
+      LIFECYCLE_STATES = %i[spawned working idle shutting_down stopped].freeze
+      attr_reader :agent_name, :role, :state, :runs_completed, :total_cost
+      # @param agent_name [String] unique name for this daemon instance
+      # @param role [String] the agent's role / persona description
+      # @param llm_client [LLM::Client] LLM API client
+      # @param project_root [String] path to the project being worked on
+      # @param task_manager [#db] task persistence layer
+      # @param mailbox [#pending_for] message mailbox
+      # @param max_runs [Integer] maximum work cycles before auto-shutdown (default 100)
+      # @param max_cost [Float] maximum cumulative LLM cost in USD before auto-shutdown (default 10.0)
+      # @param poll_interval [Numeric] idle polling interval in seconds (default 5)
+      # @param idle_timeout [Numeric] seconds of idle before shutdown (default 60)
+      # @param on_state_change [Proc, nil] callback invoked with (old_state, new_state)
+      def initialize(agent_name:, role:, llm_client:, project_root:, task_manager:, mailbox:, # rubocop:disable Metrics/ParameterLists
+                     max_runs: 100, max_cost: 10.0, poll_interval: 5, idle_timeout: 60,
+                     on_state_change: nil)
+        @agent_name = agent_name
+        @role = role
+        @llm_client = llm_client
+        @project_root = File.expand_path(project_root)
+        @task_manager = task_manager
+        @mailbox = mailbox
+        @max_runs = max_runs
+        @max_cost = max_cost
+        @poll_interval = poll_interval
+        @idle_timeout = idle_timeout
+        @on_state_change = on_state_change
+        @state = :spawned
+        @runs_completed = 0
+        @total_cost = 0.0
+        @stop_requested = false
+      end
+      # Enters the work-idle-work cycle. Blocks the calling thread until
+      # the daemon shuts down (via safety limits, idle timeout, or #stop!).
+      #
+      # @return [Symbol] the final state (:stopped)
+      def start!
+        transition_to(:working)
+        loop do
+          break if @stop_requested
+          break if safety_limit_reached?
+          task = TaskClaimer.call(task_manager: @task_manager, agent_name: @agent_name)
+          if task
+            run_work_phase(task)
+            @runs_completed += 1
+          else
+            result = run_idle_phase
+            case result
+            when :shutdown, :interrupted
+              break
+            when :resume
+              transition_to(:working)
+              next
+            end
+          end
+        end
+        shutdown!
+      end
+      # Requests a graceful shutdown. The daemon will finish its current
+      # work unit and then stop.
+      #
+      # @return [void]
+      def stop!
+        @stop_requested = true
+        @idle_poller&.interrupt!
+      end
+      # @return [Boolean]
+      def running?
+        %i[working idle].include?(@state)
+      end
+      # @return [Hash] snapshot of daemon status
+      def status
+        {
+          agent_name: @agent_name,
+          role: @role,
+          state: @state,
+          runs_completed: @runs_completed,
+          total_cost: @total_cost,
+          max_runs: @max_runs,
+          max_cost: @max_cost,
+          stop_requested: @stop_requested
+        }
+      end
+      private
+      # Executes the agent loop for a single claimed task.
+      #
+      # @param task [Tasks::Task]
+      # @return [void]
+      def run_work_phase(task)
+        transition_to(:working)
+        conversation = Agent::Conversation.new
+        conversation.add_user_message(build_work_prompt(task))
+        response = @llm_client.chat(
+          messages: conversation.to_api_format,
+          system: build_system_prompt
+        )
+        track_cost(response)
+        # Mark the task as completed with the agent's result.
+        result_text = extract_result(response)
+        @task_manager.db.execute(
+          "UPDATE tasks SET status = 'completed', result = ?, updated_at = datetime('now') WHERE id = ?",
+          [result_text, task.id]
+        )
+      rescue StandardError => e
+        # On failure, release the task so another agent (or retry) can pick it up.
+        @task_manager.db.execute(
+          "UPDATE tasks SET status = 'pending', owner = NULL, result = ?, updated_at = datetime('now') WHERE id = ?",
+          ["Error: #{e.message}", task.id]
+        )
+      end
+      # Delegates to IdlePoller to wait for new work.
+      #
+      # @return [:resume, :shutdown, :interrupted]
+      def run_idle_phase
+        transition_to(:idle)
+        @idle_poller = IdlePoller.new(
+          mailbox: @mailbox,
+          task_manager: @task_manager,
+          agent_name: @agent_name,
+          poll_interval: @poll_interval,
+          idle_timeout: @idle_timeout
+        )
+        @idle_poller.poll!
+      end
+      # Performs final shutdown bookkeeping.
+      #
+      # @return [Symbol] :stopped
+      def shutdown!
+        transition_to(:shutting_down)
+        transition_to(:stopped)
+        @state
+      end
+      # @return [Boolean]
+      def safety_limit_reached?
+        return true if @runs_completed >= @max_runs
+        return true if @total_cost >= @max_cost
+        false
+      end
+      # Transitions the daemon to a new lifecycle state, invoking the
+      # optional callback.
+      #
+      # @param new_state [Symbol]
+      # @return [void]
+      def transition_to(new_state)
+        old_state = @state
+        @state = new_state
+        @on_state_change&.call(old_state, new_state)
+      end
+      # Accumulates cost from an LLM response.
+      #
+      # @param response [#usage] LLM response with usage data
+      # @return [void]
+      def track_cost(response)
+        return unless response.respond_to?(:usage) && response.usage.respond_to?(:cost)
+        @total_cost += response.usage.cost.to_f
+      end
+      # Extracts the textual result from an LLM response.
+      #
+      # @param response [#content] LLM response
+      # @return [String]
+      def extract_result(response)
+        return "" unless response.respond_to?(:content)
+        case response.content
+        when String
+          response.content
+        when Array
+          text_blocks = response.content.select { |b| b.is_a?(Hash) && b[:type] == "text" }
+          text_blocks.map { |b| b[:text] }.join("\n")
+        else
+          response.content.to_s
+        end
+      end
+      # @param task [Tasks::Task]
+      # @return [String]
+      def build_work_prompt(task)
+        "Execute the following task:\n\n" \
+          "Title: #{task.title}\n" \
+          "Description: #{task.description}\n" \
+          "Priority: #{task.priority}\n" \
+          "Task ID: #{task.id}"
+      end
+      # @return [String]
+      def build_system_prompt
+        "You are #{@agent_name}, an autonomous agent with the role: #{@role}. " \
+          "You are working on the project at #{@project_root}. " \
+          "Complete tasks thoroughly and report results clearly."
+      end
+    end
+  end
+end