rubyn-code 0.3.0 → 0.4.0

data/lib/rubyn_code/context/context_budget.rb

@@ -25,8 +25,9 @@ module RubynCode
 
       attr_reader :loaded_files, :signature_files, :tokens_used
 
-      def initialize(budget: DEFAULT_BUDGET)
+      def initialize(budget: DEFAULT_BUDGET, codebase_index: nil)
         @budget = budget
+        @codebase_index = codebase_index
         @loaded_files = []
         @signature_files = []
         @tokens_used = 0
@@ -34,6 +35,10 @@ module RubynCode
 
       # Load context for a primary file, filling budget with related files.
       # Returns array of { file:, content:, mode: :full|:signatures }
+      #
+      # When a codebase_index is available and no related_files are supplied,
+      # uses impact_analysis to auto-discover related files (specs,
+      # associated models, controllers, etc.).
       def load_for(file_path, related_files: [])
         results = []
 
@@ -46,6 +51,9 @@ module RubynCode
         @loaded_files << file_path
         results << { file: file_path, content: primary_content, mode: :full }
 
+        # Auto-discover related files from the index when none supplied
+        related_files = discover_related_files(file_path) if related_files.empty? && @codebase_index
+
         # Sort related files by priority and fill remaining budget
         sorted = prioritize(related_files)
         remaining = @budget - @tokens_used
@@ -81,6 +89,13 @@ module RubynCode
 
       private
 
+      def discover_related_files(file_path)
+        analysis = @codebase_index.impact_analysis(file_path)
+        analysis[:affected_files].reject { |f| f == file_path }
+      rescue StandardError
+        []
+      end
+
       def load_full_files(sorted, results, remaining)
         sorted.each do |rel_path|
           content = safe_read(rel_path)

data/lib/rubyn_code/context/context_collapse.rb

@@ -23,13 +23,16 @@ module RubynCode
       def self.call(messages, threshold:, keep_recent: 6)
         return nil if messages.size <= keep_recent + 2
 
-        # Keep first message + last N messages, snip the middle
-        first = messages.first
+        # Always preserve the very first message (may contain critical
+        # system-level context like auth shims) AND the first real user
+        # message so the agent retains the user's original request.
+        anchors = build_anchors(messages)
+
         recent = messages.last(keep_recent)
-        snipped_count = messages.size - keep_recent - 1
+        snipped_count = messages.size - keep_recent - anchors.size
 
         collapsed = [
-          first,
+          *anchors,
           { role: 'user', content: format(SNIP_MARKER, snipped_count) },
           *recent
         ]
@@ -40,6 +43,33 @@ module RubynCode
       rescue JSON::GeneratorError
         nil
       end
+
+      # Builds the list of anchor messages to preserve at the top.
+      # Always keeps messages[0] (may contain critical system context).
+      # If messages[0] is a system injection, also keeps the first real
+      # user message so the agent retains the original request.
+      def self.build_anchors(messages)
+        first = messages.first
+        anchors = [first]
+        return anchors unless system_injection?(first)
+
+        user_msg = first_real_user_message(messages)
+        anchors << user_msg if user_msg
+        anchors
+      end
+
+      def self.system_injection?(msg)
+        content = msg[:content]
+        content.is_a?(String) && content.start_with?('[system]')
+      end
+
+      def self.first_real_user_message(messages)
+        messages[1..].find do |msg|
+          msg[:role] == 'user' && !system_injection?(msg)
+        end
+      end
+
+      private_class_method :build_anchors
     end
   end
 end

data/lib/rubyn_code/context/manager.rb

@@ -10,7 +10,7 @@ module RubynCode
     class Manager
       CHARS_PER_TOKEN = 4
 
-      attr_reader :total_input_tokens, :total_output_tokens
+      attr_reader :total_input_tokens, :total_output_tokens, :current_turn
 
       # @param threshold [Integer] estimated token count that triggers auto-compaction
       # @param llm_client [LLM::Client, nil] needed for LLM-driven compaction
@@ -19,10 +19,18 @@ module RubynCode
         @llm_client = llm_client
         @total_input_tokens = 0
         @total_output_tokens = 0
+        @last_compaction_turn = -1
+        @current_turn = 0
       end
 
       attr_writer :llm_client
 
+      # Advances the turn counter. Call once per iteration so that
+      # duplicate compaction calls within the same turn are skipped.
+      def advance_turn!
+        @current_turn += 1
+      end
+
       # Accumulates token counts from an LLM response usage object.
       #
       # @param usage [LLM::Usage, #input_tokens] usage data from an LLM response
@@ -60,16 +68,24 @@ module RubynCode
       # Fraction of the compaction threshold at which micro-compact kicks in.
       # Running it too early busts the prompt cache prefix (mutated messages
       # change the hash, invalidating server-side cached tokens).
-      MICRO_COMPACT_RATIO = 0.7
+      # Anthropic has prompt caching so we delay compaction (0.7).
+      # OpenAI has no cache prefix to protect so we compact earlier (0.5).
+      MICRO_COMPACT_RATIO_CACHED = 0.7
+      MICRO_COMPACT_RATIO_UNCACHED = 0.5
 
       def check_compaction!(conversation)
+        # Guard: skip if compaction already ran this turn
+        return if @last_compaction_turn == @current_turn
+
+        @last_compaction_turn = @current_turn
+
         messages = conversation.messages
 
         # Step 1: Zero-cost micro-compact — but only when we're approaching
         # the compaction threshold. Running it every turn mutates old messages,
         # which invalidates the prompt cache prefix and wastes tokens.
         est = estimated_tokens(messages)
-        MicroCompact.call(messages) if est > (@threshold * MICRO_COMPACT_RATIO)
+        MicroCompact.call(messages) if est > (@threshold * micro_compact_ratio)
 
         return unless needs_compaction?(messages)
 
@@ -94,10 +110,28 @@ module RubynCode
       def reset!
         @total_input_tokens = 0
         @total_output_tokens = 0
+        @last_compaction_turn = -1
+        @current_turn = 0
       end
 
       private
 
+      # Returns the micro-compact ratio based on the active provider.
+      # Providers with prompt caching (Anthropic) use a higher ratio to
+      # preserve cached prefixes; providers without caching compact earlier.
+      def micro_compact_ratio
+        return MICRO_COMPACT_RATIO_UNCACHED if uncached_provider?
+
+        MICRO_COMPACT_RATIO_CACHED
+      end
+
+      def uncached_provider?
+        return false unless @llm_client
+
+        provider = @llm_client.provider_name if @llm_client.respond_to?(:provider_name)
+        %w[openai openai_compatible].include?(provider)
+      end
+
       def apply_compacted_messages(conversation, new_messages)
         if conversation.respond_to?(:replace_messages)
           conversation.replace_messages(new_messages)

data/lib/rubyn_code/context/manual_compact.rb

@@ -68,7 +68,7 @@ module RubynCode
         ]
 
         options = {}
-        options[:model] = 'claude-sonnet-4-20250514' if llm_client.respond_to?(:chat)
+        options[:model] = 'claude-sonnet-4-6' if llm_client.respond_to?(:chat)
 
         response = llm_client.chat(messages: summary_messages, **options)
 

data/lib/rubyn_code/hooks/registry.rb

@@ -17,6 +17,10 @@ module RubynCode
         on_stall
         on_error
         on_session_end
+        session_start
+        user_prompt_submit
+        permission_request
+        stop
       ].freeze
 
       Hook = Data.define(:callable, :priority)

data/lib/rubyn_code/ide/adapters/tool_output.rb

@@ -0,0 +1,330 @@
+# frozen_string_literal: true
+
+require 'securerandom'
+
+module RubynCode
+  module IDE
+    module Adapters
+      # Wraps every tool invocation in IDE mode. Emits JSON-RPC notifications
+      # that the VS Code extension consumes, precomputes file edits so the
+      # editor can render a diff before any write touches disk, and gates
+      # mutating operations behind acceptance/approval from the IDE client.
+      #
+      # Gating policy depends on the permission mode:
+      #   :default      → approve every mutating tool + every file edit
+      #   :accept_edits → auto-approve file edits, prompt for bash/other
+      #   :plan_only    → read-only, block all writes
+      #   :auto         → auto-approve everything except deny-listed
+      #   :dont_ask     → auto-deny all non-read-only tools
+      #   :bypass       → no checks (legacy yolo)
+      #
+      # In all modes the adapter emits notifications so the UI reflects
+      # what's happening.
+      class ToolOutput
+        # Wake up periodically to check for thread interrupts (cancel).
+        # No auto-deny — waits indefinitely until the user decides.
+        WAIT_POLL_INTERVAL = 5 # seconds
+
+        READ_ONLY_TOOLS = %w[
+          read_file glob grep
+          git_status git_diff git_log git_commit
+          memory_search web_fetch web_search
+          run_specs
+        ].freeze
+
+        FILE_WRITE_TOOLS = %w[write_file edit_file].freeze
+
+        VALID_PERMISSION_MODES = %i[default accept_edits plan_only auto dont_ask bypass].freeze
+
+        attr_accessor :permission_mode
+
+        def initialize(server, permission_mode: :default, yolo: false, hook_runner: nil)
+          @server          = server
+          @permission_mode = yolo ? :bypass : permission_mode.to_sym
+          @hook_runner     = hook_runner
+          @mutex           = Mutex.new
+
+          # { request_id => { cv: ConditionVariable, approved: nil|true|false } }
+          @pending_approvals = {}
+
+          # { edit_id => { cv: ConditionVariable, accepted: nil|true|false } }
+          @pending_edits = {}
+        end
+
+        # Main entry point. Wraps a tool call, emitting IDE notifications
+        # and gating execution behind acceptance when required.
+        #
+        #   adapter.wrap_execution("write_file", { path: "foo.rb", content: "..." }) do
+        #     executor.execute("write_file", params)
+        #   end
+        #
+        def wrap_execution(tool_name, args, &block)
+          request_id = generate_id
+          args = stringify_keys(args)
+
+          return execute_and_notify(request_id, tool_name, args, &block) if read_only?(tool_name)
+
+          # Non-read-only tools: gating depends on permission mode
+          case @permission_mode
+          when :bypass, :auto
+            # Auto-approve everything — run without waiting
+            execute_and_notify(request_id, tool_name, args, &block)
+          when :plan_only
+            emit_tool_use(request_id, tool_name, args, requires_approval: false)
+            msg = 'Plan mode: write operations blocked'
+            emit_tool_result(request_id, tool_name, msg, success: false, args: args)
+            raise RubynCode::UserDeniedError, msg
+          when :dont_ask
+            emit_tool_use(request_id, tool_name, args, requires_approval: false)
+            msg = 'Auto-denied: permission mode is dont_ask'
+            emit_tool_result(request_id, tool_name, msg, success: false, args: args)
+            raise RubynCode::UserDeniedError, msg
+          when :accept_edits
+            if file_write?(tool_name)
+              execute_with_edit_gate(request_id, tool_name, args, &block)
+            else
+              execute_with_approval(request_id, tool_name, args, &block)
+            end
+          else # :default
+            if file_write?(tool_name)
+              execute_with_edit_gate(request_id, tool_name, args, &block)
+            else
+              execute_with_approval(request_id, tool_name, args, &block)
+            end
+          end
+        end
+
+        # Called by ApproveToolUseHandler when the IDE client responds.
+        def resolve_approval(request_id, approved)
+          @mutex.synchronize do
+            pending = @pending_approvals[request_id]
+            return false unless pending
+
+            pending[:approved] = approved
+            pending[:cv].signal
+            true
+          end
+        end
+
+        # Called by AcceptEditHandler when the IDE client responds.
+        def resolve_edit(edit_id, accepted)
+          @mutex.synchronize do
+            pending = @pending_edits[edit_id]
+            return false unless pending
+
+            pending[:accepted] = accepted
+            pending[:cv].signal
+            true
+          end
+        end
+
+        private
+
+        # ── Read-only and streaming paths ────────────────────────────────
+
+        def execute_and_notify(request_id, tool_name, args)
+          emit_tool_use(request_id, tool_name, args, requires_approval: false)
+          result = yield
+          emit_tool_result(request_id, tool_name, result, success: true, args: args)
+          result
+        rescue StandardError => e
+          emit_tool_result(request_id, tool_name, e.message, success: false, args: args)
+          raise
+        end
+
+        # ── File write tools (write_file, edit_file) ─────────────────────
+
+        def execute_with_edit_gate(request_id, tool_name, args, &)
+          emit_tool_use(request_id, tool_name, args, requires_approval: false)
+
+          preview = compute_preview(tool_name, args)
+          return emit_error(request_id, tool_name, preview[:error]) if preview[:error]
+
+          # Always emit the file/edit or file/create notification so the
+          # extension can surface the change — opens a diff editor in normal
+          # mode or flashes "Rubyn auto-applied…" and applies via workspace
+          # edit in yolo mode. Either way the user sees what changed.
+          accepted = notify_and_await_edit(tool_name, preview, args)
+          return deny_edit(request_id, tool_name, preview[:type]) unless accepted
+
+          apply_edit(request_id, tool_name, args, &)
+        end
+
+        def compute_preview(tool_name, args)
+          tool = build_tool(tool_name)
+          sym_args = symbolize_keys(args)
+          result = tool.preview_content(**sym_args)
+          { content: result[:content], type: result[:type] }
+        rescue StandardError => e
+          { error: e.message }
+        end
+
+        def build_tool(tool_name)
+          klass = Tools::Registry.get(tool_name)
+          klass.new(project_root: @server.workspace_path || Dir.pwd)
+        end
+
+        def notify_and_await_edit(tool_name, preview, args)
+          edit_id = generate_id
+          path = args['path']
+          method = preview[:type] == 'create' ? 'file/create' : 'file/edit'
+
+          params = { 'editId' => edit_id, 'path' => path, 'content' => preview[:content] }
+          params['type'] = preview[:type] if method == 'file/edit'
+
+          @server.notify(method, params)
+
+          # In accept_edits mode, auto-approve file writes without waiting
+          return true if @permission_mode == :accept_edits
+
+          fire_permission_request(tool_name, edit_id)
+          wait_for_edit(edit_id)
+        end
+
+        def apply_edit(request_id, tool_name, args)
+          result = yield
+          emit_tool_result(request_id, tool_name, result, success: true, args: args)
+          result
+        rescue StandardError => e
+          emit_tool_result(request_id, tool_name, e.message, success: false, args: args)
+          raise
+        end
+
+        def deny_edit(request_id, tool_name, type)
+          summary = "User rejected this #{type}. Do not retry the same content."
+          emit_tool_result(request_id, tool_name, summary, success: false)
+          raise RubynCode::UserDeniedError, summary
+        end
+
+        def emit_error(request_id, tool_name, message)
+          summary = "Error: #{message}"
+          emit_tool_result(request_id, tool_name, summary, success: false)
+          summary
+        end
+
+        # ── Approval-gated tools (bash, etc.) ────────────────────────────
+
+        def execute_with_approval(request_id, tool_name, args)
+          emit_tool_use(request_id, tool_name, args, requires_approval: true)
+
+          fire_permission_request(tool_name, request_id)
+          approved = wait_for_approval(request_id)
+          unless approved
+            summary = 'User refused this tool invocation. Do not retry the same call.'
+            emit_tool_result(request_id, tool_name, summary, success: false, args: args)
+            raise RubynCode::UserDeniedError, summary
+          end
+
+          result = yield
+          emit_tool_result(request_id, tool_name, result, success: true, args: args)
+          result
+        rescue StandardError => e
+          emit_tool_result(request_id, tool_name, e.message, success: false, args: args)
+          raise
+        end
+
+        # ── Notifications ────────────────────────────────────────────────
+
+        def emit_tool_use(request_id, tool_name, args, requires_approval:)
+          @server.notify('tool/use', {
+                           'requestId' => request_id,
+                           'tool' => tool_name,
+                           'args' => args,
+                           'requiresApproval' => requires_approval
+                         })
+        end
+
+        def emit_tool_result(request_id, tool_name, result, success:, args: {})
+          @server.notify('tool/result', {
+                           'requestId' => request_id,
+                           'tool' => tool_name,
+                           'success' => success,
+                           'summary' => build_summary(tool_name, result, success, args)
+                         })
+        end
+
+        # Ask the tool class for its one-line summary ("Edited foo.rb (1
+        # replacement)", "grep pattern (12 lines)", etc.). Tools that don't
+        # override Base.summarize return "", and the UI renders a clean
+        # "Done". The full tool output always lives in the conversation —
+        # summary is display-only. On failure we include the error so the
+        # user can see what went wrong.
+        def build_summary(tool_name, result, success, args)
+          return result.to_s[0, 500] unless success
+
+          klass = tool_class(tool_name)
+          return '' unless klass
+
+          klass.summarize(result.to_s, args || {}).to_s[0, 500]
+        rescue StandardError
+          ''
+        end
+
+        def tool_class(tool_name)
+          Tools::Registry.get(tool_name)
+        rescue ToolNotFoundError
+          nil
+        end
+
+        # ── Blocking waits ───────────────────────────────────────────────
+
+        def wait_for_approval(request_id)
+          cv = ConditionVariable.new
+          @mutex.synchronize { @pending_approvals[request_id] = { cv: cv, approved: nil } }
+
+          @mutex.synchronize do
+            # Wait indefinitely — no timeout, no auto-deny. The user decides
+            # when they're ready. Poll periodically so thread interrupts
+            # (cancel) can break us out.
+            while @pending_approvals[request_id][:approved].nil?
+              cv.wait(@mutex, WAIT_POLL_INTERVAL)
+            end
+            @pending_approvals.delete(request_id)[:approved]
+          end
+        end
+
+        def wait_for_edit(edit_id)
+          cv = ConditionVariable.new
+          @mutex.synchronize { @pending_edits[edit_id] = { cv: cv, accepted: nil } }
+
+          @mutex.synchronize do
+            while @pending_edits[edit_id][:accepted].nil?
+              cv.wait(@mutex, WAIT_POLL_INTERVAL)
+            end
+            @pending_edits.delete(edit_id)[:accepted]
+          end
+        end
+
+        # ── Hook helpers ───────────────────────────────────────────────
+
+        def fire_permission_request(tool_name, request_id)
+          @hook_runner&.fire(:permission_request, tool_name: tool_name, request_id: request_id)
+        end
+
+        # ── Helpers ──────────────────────────────────────────────────────
+
+        def read_only?(tool_name)
+          READ_ONLY_TOOLS.include?(tool_name)
+        end
+
+        def file_write?(tool_name)
+          FILE_WRITE_TOOLS.include?(tool_name)
+        end
+
+        def stringify_keys(hash)
+          return {} unless hash.is_a?(Hash)
+
+          hash.each_with_object({}) { |(k, v), memo| memo[k.to_s] = v }
+        end
+
+        def symbolize_keys(hash)
+          hash.each_with_object({}) { |(k, v), memo| memo[k.to_sym] = v }
+        end
+
+        def generate_id
+          "#{Time.now.to_i}-#{SecureRandom.hex(4)}"
+        end
+      end
+    end
+  end
+end

data/lib/rubyn_code/ide/client.rb

@@ -0,0 +1,110 @@
+# frozen_string_literal: true
+
+require 'securerandom'
+
+module RubynCode
+  module IDE
+    # Sends JSON-RPC requests from the CLI server to the VS Code extension
+    # and awaits responses. Enables the CLI to ask the IDE to do things like
+    # open diffs, read diagnostics, or navigate to a file.
+    #
+    # Uses the server's write mutex for thread-safe output. Tracks pending
+    # responses via a { id => ConditionVariable } map.
+    class Client
+      DEFAULT_TIMEOUT = 30 # seconds
+
+      def initialize(server)
+        @server = server
+        @mutex = Mutex.new
+        @next_id = 1000 # Start high to avoid collisions with client IDs
+        @pending = {} # { id => { cv: ConditionVariable, result: nil, error: nil } }
+      end
+
+      # Send a JSON-RPC request to the extension and block until the response
+      # arrives or the timeout expires.
+      #
+      # @param method [String] the RPC method name (e.g. "ide/readSelection")
+      # @param params [Hash] the request params
+      # @param timeout [Numeric] seconds to wait for a response
+      # @return [Hash] the result from the extension
+      # @raise [TimeoutError] if no response within timeout
+      # @raise [StandardError] if the extension returns an RPC error
+      def request(method, params = {}, timeout: DEFAULT_TIMEOUT)
+        id = allocate_id
+        cv = ConditionVariable.new
+
+        @mutex.synchronize do
+          @pending[id] = { cv: cv, result: nil, error: nil }
+        end
+
+        # Write the request via the server's write path
+        write_raw({
+          'jsonrpc' => Protocol::JSONRPC_VERSION,
+          'id' => id,
+          'method' => method,
+          'params' => Protocol.send(:stringify_keys_deep, params)
+        })
+
+        # Block until the extension responds or we time out
+        @mutex.synchronize do
+          deadline = Time.now + timeout
+          while @pending[id][:result].nil? && @pending[id][:error].nil?
+            remaining = deadline - Time.now
+            if remaining <= 0
+              @pending.delete(id)
+              raise TimeoutError, "IDE RPC request '#{method}' timed out after #{timeout}s"
+            end
+            cv.wait(@mutex, remaining)
+          end
+
+          entry = @pending.delete(id)
+          raise StandardError, entry[:error] if entry[:error]
+
+          entry[:result]
+        end
+      end
+
+      # Called by the server when it receives a response message (has id + result/error,
+      # no method) that matches one of our pending outbound requests.
+      #
+      # @param id [Integer] the response id
+      # @param result [Hash, nil] the result payload
+      # @param error [Hash, nil] the error payload
+      def resolve(id, result: nil, error: nil)
+        @mutex.synchronize do
+          entry = @pending[id]
+          return unless entry
+
+          if error
+            entry[:error] = "RPC error #{error['code']}: #{error['message']}"
+          else
+            entry[:result] = result || {}
+          end
+          entry[:cv].signal
+        end
+      end
+
+      # Check if we have a pending request with this id.
+      def pending?(id)
+        @mutex.synchronize { @pending.key?(id) }
+      end
+
+      private
+
+      def allocate_id
+        @mutex.synchronize do
+          id = @next_id
+          @next_id += 1
+          id
+        end
+      end
+
+      # Write using the server's write method for thread-safe, testable output.
+      def write_raw(msg_hash)
+        @server.send(:write, msg_hash)
+      end
+
+      class TimeoutError < StandardError; end
+    end
+  end
+end

data/lib/rubyn_code/ide/handlers/accept_edit_handler.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module RubynCode
+  module IDE
+    module Handlers
+      # Handles the "acceptEdit" JSON-RPC request.
+      #
+      # The extension sends this after the user accepts or rejects a proposed
+      # file edit surfaced via a file/edit or file/create notification. All
+      # pending-edit state lives in the per-session ToolOutput adapter; this
+      # handler is a thin delegate so the server has something to register at
+      # the method name.
+      class AcceptEditHandler
+        def initialize(server)
+          @server = server
+        end
+
+        def call(params)
+          edit_id  = params['editId']
+          accepted = params['accepted']
+
+          return { 'applied' => false, 'error' => 'Missing editId' } unless edit_id
+
+          adapter = @server.tool_output_adapter
+          return { 'applied' => false, 'error' => 'No active session' } unless adapter
+
+          resolved = adapter.resolve_edit(edit_id, accepted ? true : false)
+          return { 'applied' => false, 'error' => "No pending edit: #{edit_id}" } unless resolved
+
+          { 'applied' => accepted ? true : false }
+        end
+      end
+    end
+  end
+end