tep 0.11.3 → 0.11.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9742b41f05be22ba1b1741a5df856f3d9f71a982850df591bf471812929f0d48
-  data.tar.gz: 292a6ad820d75cb6145fb7fd7dded26b8e0af91936d883510ac188931769f437
+  metadata.gz: a0f6e0ace2299c85ad62734b3af3b5b5a704994d2c0769f3151f1741b2c7ec26
+  data.tar.gz: 0d57c798029526125f7698d20c9f6419c557381b0d99ebb55be2ca35a8e819d4
 SHA512:
-  metadata.gz: 5dc17136b4d7f7ec09b7e72892eab1998442d8b4298b7d131b195a5be3a4131d1fec8cbb40542546070c43b92c178778729b89112468df14a358881270ab0e09
-  data.tar.gz: 251749df2b9ca247d10d954b80f15f6a49a3535f34a8e7567476cf6ce80f10d0c5885dca2cbd8ef8fe67aa03996432011e9c234706c1fd424c3854b22ce6b340
+  metadata.gz: c5bc56857336297807d32345e8957dfafb714c6f15445da6b69a833b2d41090a4c3a8918ca89f5ec02bdbb593db1ed79996fb3ef5a271aec768358fe26604e67
+  data.tar.gz: 8fadaa359cdee7cd715e61e89c83ce29e82d471cfb2f00489c365f98078f7d50368aba77542fbe5e3fa6873898803a499c77913fac2dd32e01914cf3bdb7d5d0

data/Makefile

@@ -34,7 +34,25 @@ TEP_PG_LIBS   ?= $(shell \
     (pg_config --libdir 2>/dev/null | sed -e 's|^|-L|' ; echo "-lpq") | tr '\n' ' ')
 export TEP_PG_CFLAGS TEP_PG_LIBS
 
-.PHONY: all clean helper hello sinatra_style bench bench-tep bench-sinatra demo test test-parallel spinel-fresh test-pg vendor-examples
+# OpenSSL cflags / libs for sphttp.c's outbound-TLS include (#148). On Linux
+# the headers/libs are on the default search path so this is usually empty;
+# on macOS Homebrew keeps openssl@3 keg-only (/opt/homebrew/opt/openssl@3),
+# off the default path, so pkg-config supplies the -I (compile) and -L/-lssl
+# /-lcrypto (link). If pkg-config can't find openssl, fall back to the bare
+# libs and let the include path come from the system default.
+TEP_SPHTTP_CFLAGS ?= $(shell pkg-config --cflags openssl 2>/dev/null)
+TEP_SPHTTP_LIBS   ?= $(shell pkg-config --libs openssl 2>/dev/null || echo "-lssl -lcrypto")
+export TEP_SPHTTP_CFLAGS TEP_SPHTTP_LIBS
+
+.PHONY: all clean helper hello sinatra_style bench bench-tep bench-sinatra demo test test-parallel spinel-fresh test-pg vendor-examples vendor-spinelkit doctor
+
+# Re-sync the vendored SpinelKit lib (lib/spinel_kit/, sig/spinel_kit/) from the
+# upstream checkout. spinel_kit is a published gem; tep depends on its JSON codec
+# + logger. INTERIM vendoring (committed under lib/ so it travels with tep) until
+# spinel-compat gains transitive gem->gem vendoring -- OriPekelman/spinelgems#19.
+# Override the source with SPINELKIT_DIR. See tools/vendor-spinelkit.sh.
+vendor-spinelkit:
+	@$(TEP_ROOT)/tools/vendor-spinelkit.sh
 
 # Vendor each gem example's Gemfile-declared dependencies via
 # bundler-spinel (spinel-compat vendor, from $(SPINELGEMS)) into
@@ -65,7 +83,7 @@ all: spinel-fresh helper hello sinatra_style bench
 helper: spinel-fresh $(LIB_DIR)/sphttp.o $(LIB_DIR)/tep_sqlite.o $(LIB_DIR)/tep_pg.o
 
 $(LIB_DIR)/sphttp.o: $(LIB_DIR)/sphttp.c
-	cc -O2 -c $< -o $@
+	cc -O2 -c $(TEP_SPHTTP_CFLAGS) $< -o $@
 
 $(LIB_DIR)/tep_sqlite.o: $(LIB_DIR)/tep_sqlite.c
 	cc -O2 -c $< -o $@
@@ -96,6 +114,28 @@ test: helper
 	@pkill -f tep-test 2>/dev/null; true
 	ruby test/run_all.rb
 
+# `make doctor` -- OPTIONAL, DEV-ONLY inference health check via
+# spinel-dev's `doctor` (compile-probe + emit-rbs untyped scan +
+# value-bisect). Runs on the inlined .tep.rb of a couple of examples
+# (tep apps are FFI, so --no-cruby single-sided). NOT a prerequisite of
+# `all`/`test`/CI -- it self-skips when ../spinel-dev is absent, so tep
+# never gains a hard dependency on the tooling. Run `make all` first to
+# produce the .tep.rb. Override the tool path with DOCTOR=.
+DOCTOR ?= ../spinel-dev/tools/doctor/doctor.sh
+doctor:
+	@if [ ! -x "$(DOCTOR)" ]; then \
+	  echo "make doctor: spinel-dev not found at $(DOCTOR) (optional dev tooling); skipping."; \
+	else \
+	  for tep in examples/.hello.tep.rb examples/.sinatra_style.tep.rb; do \
+	    if [ -f "$$tep" ]; then \
+	      echo "== doctor $$tep =="; \
+	      SPINEL_DIR="$${SPINEL_DIR:-$$HOME/sites/spinel}" "$(DOCTOR)" --no-cruby "$$tep" || true; \
+	    else \
+	      echo "make doctor: $$tep not built (run \`make all\`); skipping it."; \
+	    fi; \
+	  done; \
+	fi
+
 # `make test-parallel` -- dev fast loop. Runs each test/test_*.rb in
 # its own process in parallel (sidestepping the harness's "one thread
 # per class" constraint), with per-process port-base allocation. Cuts

data/README.md

@@ -158,8 +158,8 @@ through Spinel.
 | Battery          | What it covers |
 |------------------|---|
 | `Tep::SQLite`    | libsqlite3 wrapper via a small C shim — exec / prepare / bind / step / col / first_str / first_int. |
-| `Tep::Json`      | encode primitives + flat-key decoder for JSON-over-HTTP. |
-| `Tep::Logger`    | levelled logger (debug/info/warn/error), stderr or file. |
+| `SpinelKit::Json`      | encode primitives + flat-key decoder for JSON-over-HTTP. |
+| `SpinelKit::Log`    | levelled logger (debug/info/warn/error), stderr or file. |
 | `Tep::Jwt`       | HS256 JWT encode / verify / decode. |
 | `Tep::Password`  | PBKDF2-SHA256, 200k iters, self-describing storage. |
 | `Tep::Security`  | `Cors` (before-filter) + `Headers` (HSTS, nosniff, ...). |
@@ -216,8 +216,8 @@ lives in [`docs/BATTERIES-DESIGN.md`](docs/BATTERIES-DESIGN.md).
   exercising the full pre-agentic battery surface
   (`Tep::Server::Scheduled` + `Tep::Llm` + `Tep::SQLite` +
   `Tep::Streamer` + `Tep::Session` + `Tep::Password` + `Tep::Jwt` +
-  `Tep::Security::{Cors,Headers}` + `Tep::Assets` + `Tep::Json` +
-  `Tep::Job` + `Tep::Logger`) in ~1500 lines of Ruby + HTML + CSS + JS.
+  `Tep::Security::{Cors,Headers}` + `Tep::Assets` + `SpinelKit::Json` +
+  `Tep::Job` + `SpinelKit::Log`) in ~1500 lines of Ruby + HTML + CSS + JS.
 - **[`examples/llm_gateway/`](examples/llm_gateway/app.rb)** — the
   `Tep::Proxy` streaming demo. Block-form DSL gateway in front of an
   OpenAI-compatible upstream; pumps SSE token deltas straight through

data/SINATRA_COMPAT.md

@@ -10,8 +10,8 @@ streaming, regex routes, modular `Sinatra::Base`, ERB. v0.3 added
 `send_file 'path'`, `configure { ... }` (incl. `:env`), `__END__`
 inline templates, `pass`, multiple chained `before`/`after`,
 optional path segments, full Rack::Request method surface, ERB
-ivar locals, a Mustache subset, Tep::SQLite, Tep::Json,
-Tep::Logger, Tep::Jwt, Tep::Password, Tep::Security
+ivar locals, a Mustache subset, Tep::SQLite, SpinelKit::Json,
+SpinelKit::Log, Tep::Jwt, Tep::Password, Tep::Security
 (CORS + secure headers), Tep::Assets (compile-time asset
 bundling), Tep::Scheduler (cooperative fiber scheduler with
 poll(2)-backed `io_wait`), Tep::Shell (popen + small-file
@@ -62,8 +62,8 @@ shape, lowered by the `websocket '/p' do |ws| ... end` DSL hook).
 | **ERB ivar locals (`@name`)**        | ✅ 3    | Sinatra-style: `@x = v` in handler / `before` filter, `<%= @x %>` in template. Translator stores on a per-request `req.ivars` String=>String bag; templates take `(locals, ivars)`. Values are `(...).to_s`-coerced on write. |
 | **Mustache (subset)**                | ✅ 3    | Build-time compiled; `mustache :name` DSL parallel to `erb :name`. See "Mustache subset" below. |
 | **SQLite (libsqlite3 wrapper)**      | ✅ 5    | `Tep::SQLite` class wrapping libsqlite3 via a thin C shim (tep_sqlite.c). Same FFI pattern as sphttp.c -- spinel can't load gem-style native extensions, so we link a static .o instead. See "SQLite" below. |
-| **JSON (subset)**                    | ✅ 13   | Pure-Ruby `Tep::Json`: encode primitives + flat-key decoder. See "JSON subset" below. |
-| **Logger**                           | ✅ 3    | `Tep::Logger` with debug/info/warn/error levels. stderr by default; `to_file(path)` appends. Format: `[<unix_seconds>] [<level>] <msg>`. |
+| **JSON (subset)**                    | ✅ 13   | Pure-Ruby `SpinelKit::Json`: encode primitives + flat-key decoder. See "JSON subset" below. |
+| **Logger**                           | ✅ 3    | `SpinelKit::Log` with debug/info/warn/error levels. stderr by default; `to_file(path)` appends. Format: `[<unix_seconds>] [<level>] <msg>`. |
 | **JWT (HS256)**                      | ✅ 10   | `Tep::Jwt` -- encode/verify/decode. HS256 only (asymmetric algs would need OpenSSL); `none` deliberately not supported (RFC 8725 §3.1). Tokens verify cleanly against the canonical `jwt` Ruby gem (interop test included). New base64url helpers (`sphttp_b64url_encode/decode`, `sphttp_hmac_sha256_b64url`) ride on top of the existing HMAC-SHA256 used by the session store. |
 | **Password hashing (PBKDF2)**        | ✅ 9    | `Tep::Password.hash` / `verify`. PBKDF2-SHA256, 200k iters by default, 16-byte CSPRNG salt. Self-describing storage format (`pbkdf2-sha256$<iters>$<salt>$<derived>`) so iter rotation can land later without breaking old hashes. New `sphttp_pbkdf2_sha256_b64url` + `sphttp_random_b64url` C helpers. (`Klass.hash(plain)` factory shape resolved via spinel #407.) |
 | **CORS + secure headers**            | ✅ 4    | `Tep::Security::Cors` (before-filter; configurable origin / verbs / headers / max-age; OPTIONS preflight short-circuits with 204) and `Tep::Security::Headers` (after-filter; `nosniff`, `SAMEORIGIN`, `Referrer-Policy: strict-origin-when-cross-origin`, `X-XSS-Protection: 0`, optional HSTS via `set_hsts(seconds)`). |
@@ -119,9 +119,9 @@ Two flagship examples that put the framework through its paces.
 ### `examples/blog/`
 
 Posts + users persisted in SQLite, web login via sessions +
-`Tep::Password`, JSON API with `Tep::Json`, JWT-authed writes via
+`Tep::Password`, JSON API with `SpinelKit::Json`, JWT-authed writes via
 `Tep::Jwt`, ERB views with Sinatra-style `@ivar` locals, request
-logging via `Tep::Logger`, CORS + secure headers via
+logging via `SpinelKit::Log`, CORS + secure headers via
 `Tep::Security`. First boot seeds `alice / hunter2` and an intro
 post explaining what tep is.
 
@@ -308,7 +308,7 @@ Constraints:
 
 ## JSON subset
 
-`Tep::Json` is a pure-Ruby JSON shim covering the encode + decode
+`SpinelKit::Json` is a pure-Ruby JSON shim covering the encode + decode
 shapes that JSON-over-HTTP APIs use in practice. It deliberately
 trades full library breadth for spinel-friendly code paths.
 
@@ -316,24 +316,24 @@ trades full library breadth for spinel-friendly code paths.
 
 ```ruby
 # Primitives.
-Tep::Json.escape(s)              # body of a JSON string literal (no quotes)
-Tep::Json.quote(s)               # "<escaped s>"
+SpinelKit::Json.escape(s)              # body of a JSON string literal (no quotes)
+SpinelKit::Json.quote(s)               # "<escaped s>"
 
 # Object building blocks (fixed-arity; compose by concatenation).
-Tep::Json.encode_pair_str("k", v_string)   # "k":"v"
-Tep::Json.encode_pair_int("k", v_int)      # "k":N
+SpinelKit::Json.encode_pair_str("k", v_string)   # "k":"v"
+SpinelKit::Json.encode_pair_int("k", v_int)      # "k":N
 
 # Build a full object literal:
-"{" + Tep::Json.encode_pair_str("name", name) + "," +
-      Tep::Json.encode_pair_int("age", age) + "}"
+"{" + SpinelKit::Json.encode_pair_str("name", name) + "," +
+      SpinelKit::Json.encode_pair_int("age", age) + "}"
 
 # Arrays.
-Tep::Json.from_str_array(["a", "b"])       # ["a","b"]
-Tep::Json.from_int_array([1, 2, 3])        # [1,2,3]
+SpinelKit::Json.from_str_array(["a", "b"])       # ["a","b"]
+SpinelKit::Json.from_int_array([1, 2, 3])        # [1,2,3]
 
 # Hashes (String=>String, String=>Int).
-Tep::Json.from_str_hash({"name" => "alice"})   # {"name":"alice"}
-Tep::Json.from_int_hash({"age" => 30})         # {"age":30}
+SpinelKit::Json.from_str_hash({"name" => "alice"})   # {"name":"alice"}
+SpinelKit::Json.from_int_hash({"age" => 30})         # {"age":30}
 ```
 
 The hash forms `each`-iterate and inline `Json.quote` on the
@@ -345,9 +345,9 @@ a Hash first.
 ### Decode (flat-key, top-level only)
 
 ```ruby
-Tep::Json.get_str(body, "name")  # value of top-level "name", or "" if absent / non-string
-Tep::Json.get_int(body, "age")   # 0 if absent / non-numeric
-Tep::Json.has_key?(body, "x")    # boolean
+SpinelKit::Json.get_str(body, "name")  # value of top-level "name", or "" if absent / non-string
+SpinelKit::Json.get_int(body, "age")   # 0 if absent / non-numeric
+SpinelKit::Json.has_key?(body, "x")    # boolean
 ```
 
 The hand-rolled state-machine parser walks one `{ "k": <value>, ... }`

data/bin/tep

@@ -563,7 +563,7 @@ def translate(input_path)
   # Tep::MCP emission. For each `mcp_tool 'name', "desc" do ... end`:
   #
   #   * TepMCP_Tools.call_<i>(req, args_json) -- static cmeth that
-  #     parses args out of args_json (via Tep::Json.get_str/get_int),
+  #     parses args out of args_json (via SpinelKit::Json.get_str/get_int),
   #     binds them as locals, and runs the user's on_call body. The
   #     body is rewritten the same way route bodies are (req / res /
   #     params rewrites). Returns Tep::MCP::Result.
@@ -620,11 +620,11 @@ def translate(input_path)
       end
       t[:params].each do |p|
         if p[:type] == "Integer"
-          out << "    #{p[:name]} = Tep::Json.get_int(args_json, #{p[:name].inspect})"
+          out << "    #{p[:name]} = SpinelKit::Json.get_int(args_json, #{p[:name].inspect})"
         elsif p[:type] == "Float"
-          out << "    #{p[:name]} = Tep::Json.get_str(args_json, #{p[:name].inspect}).to_f"
+          out << "    #{p[:name]} = SpinelKit::Json.get_str(args_json, #{p[:name].inspect}).to_f"
         else
-          out << "    #{p[:name]} = Tep::Json.get_str(args_json, #{p[:name].inspect})"
+          out << "    #{p[:name]} = SpinelKit::Json.get_str(args_json, #{p[:name].inspect})"
         end
       end
       out << indent(body, 4)
@@ -707,8 +707,8 @@ def translate(input_path)
     out << "  def handle(req, res)"
     out << "    res.headers[\"Content-Type\"] = \"application/json\""
     out << "    body = req.raw_body"
-    out << "    method = Tep::Json.get_str(body, \"method\")"
-    out << "    req_id = Tep::Json.get_int(body, \"id\")"
+    out << "    method = SpinelKit::Json.get_str(body, \"method\")"
+    out << "    req_id = SpinelKit::Json.get_int(body, \"id\")"
     out << "    if method == \"initialize\""
     out << "      return Tep::MCP.initialize_envelope(req_id, #{server_name.inspect}, #{server_version.inspect})"
     out << "    end"
@@ -724,7 +724,7 @@ def translate(input_path)
     out << "    end"
     out << "    if method == \"tools/call\""
     out << "      params = Tep::MCP.nested_extract(body, \"params\")"
-    out << "      tool_name = Tep::Json.get_str(params, \"name\")"
+    out << "      tool_name = SpinelKit::Json.get_str(params, \"name\")"
     out << "      args = Tep::MCP.nested_extract(params, \"arguments\")"
     mcp_tools.each_with_index do |t, i|
       out << "      if tool_name == #{t[:name].inspect}"
@@ -740,7 +740,7 @@ def translate(input_path)
       out << "    end"
       out << "    if method == \"resources/read\""
       out << "      res_params = Tep::MCP.nested_extract(body, \"params\")"
-      out << "      res_uri = Tep::Json.get_str(res_params, \"uri\")"
+      out << "      res_uri = SpinelKit::Json.get_str(res_params, \"uri\")"
       mcp_resources.each_with_index do |rdef, i|
         out << "      if res_uri == #{rdef[:name].inspect}"
         out << "        c = TepMCP_Resources.read_#{i}(req)"
@@ -1366,6 +1366,30 @@ def handle_top_call(node, routes, websockets, mcp_tools, mcp_resources, filters,
 
   case name
   when "require", "require_relative"
+    # tep/pg is OPT-IN (#216): it is NOT part of the wholesale-inlined
+    # core (lib/tep.rb no longer require_relative's it). An app, test, or
+    # example that needs PostgreSQL says `require "tep/pg"` (or, by path,
+    # `require_relative ".../lib/tep/pg"`); we splice lib/tep/pg.rb in
+    # once here. A non-PG app never names it, so the whole pg closure
+    # (the 74 tep_pg_* FFI symbols + libpq) DCEs away. This must run
+    # BEFORE the is_tep_lib no-op below, which would otherwise swallow
+    # any "tep/..." spelling as already-inlined.
+    pg_arg = node.arguments&.arguments&.first
+    if pg_arg.is_a?(Prism::StringNode) &&
+       (pg_arg.unescaped == "tep/pg" || pg_arg.unescaped.end_with?("/tep/pg"))
+      pgpath = File.join(LIB_DIR, "tep", "pg.rb")
+      if inlined_seen && File.file?(pgpath) && !inlined_seen[pgpath]
+        pgtext = inline_require_relative_tree(pgpath, inlined_seen, warnings)
+        # Resolve pg.rb's @TEP_PG_O@ / @TEP_PG_CFLAGS@ placeholders the
+        # same way inlined_tep_library does for the wholesale core -- the
+        # opt-in splice bypasses that pass, so without this the literal
+        # placeholders reach the linker ("ld: cannot find @TEP_PG_O@").
+        tep_ext_subs.each { |placeholder, value| pgtext = pgtext.gsub(placeholder, value) }
+        passthrough << "# --- inlined opt-in require #{pg_arg.unescaped.inspect} (pg.rb) ---"
+        passthrough << pgtext
+      end
+      return
+    end
     # tep's own library is inlined wholesale (see inlined_tep_library), so
     # `require_relative "tep"` / "tep/..." is a no-op. A plain `require
     # "gem"` (by name) is dropped -- spinel has no gem load path. But an
@@ -1947,7 +1971,11 @@ def tep_ext_subs
     else
       cflags       = ENV.fetch(env_var, "")
       libs_var     = env_var.sub(/_CFLAGS\z/, "_LIBS")
-      default_libs = entry["pkg_config"] ? "-l" + entry["pkg_config"].sub(/\Alib/, "") : ""
+      # Prefer an explicit pkg_config_fallback (e.g. openssl -> "-lssl
+      # -lcrypto"); the bare "-l<pkg_config>" derivation is only right when
+      # the lib name matches the .pc name (libpq -> -lpq), not for openssl.
+      default_libs = entry["pkg_config_fallback"] ||
+                     (entry["pkg_config"] ? "-l" + entry["pkg_config"].sub(/\Alib/, "") : "")
       libs         = ENV.fetch(libs_var, default_libs)
       subs[placeholder] = "#{cflags} #{libs}".strip
     end
@@ -1979,7 +2007,16 @@ def resolve_ext_o(entry, entries, env_var)
   entries.each do |sib|
     next unless sib["name"] == entry["name"] && sib["pkg_config"]
     pc = `pkg-config --cflags #{sib["pkg_config"]} 2>/dev/null`
-    $?.success? ? cflags.concat(pc.split) : (missing = sib["pkg_config"])
+    if $?.success?
+      cflags.concat(pc.split)
+    elsif sib["pkg_config_fallback"]
+      # pkg-config can't find a .pc (e.g. openssl on a host without it):
+      # assume the headers are on the default include path -- the
+      # historical behavior before this sibling existed -- and let the
+      # link use the fallback libs. Don't fail an otherwise-fine compile.
+    else
+      missing = sib["pkg_config"]
+    end
   end
   if missing
     return "" if entry["optional"]

data/examples/api_gateway/app.rb

@@ -22,7 +22,7 @@ require 'sinatra'
 UPSTREAM     = ENV["UPSTREAM"]     || "http://127.0.0.1:8080"
 UPSTREAM_KEY = ENV["UPSTREAM_KEY"] || ""
 GATEWAY_KEY  = ENV["GATEWAY_KEY"]  || "let-me-in"
-LOGGER       = Tep::Logger.new   # stderr; .to_file(path) to redirect
+LOGGER       = SpinelKit::Log.new   # stderr; .to_file(path) to redirect
 
 # Stand-in for the Auth battery: grant :call_upstream to callers
 # presenting the gateway key. A real app installs Tep::Auth (bearer

data/examples/blog/app.rb

@@ -5,8 +5,8 @@
 #   - Tep::Password      PBKDF2 password hashing
 #   - Tep::Jwt           JSON API token issue / verify
 #   - Sessions           web-side login (signed cookie)
-#   - Tep::Json          JSON encode + flat-key decode
-#   - Tep::Logger        request log + auth events
+#   - SpinelKit::Json          JSON encode + flat-key decode
+#   - SpinelKit::Log        request log + auth events
 #   - Tep::Security      CORS + secure-headers
 #   - ERB + @ivar locals public-facing views
 #
@@ -36,7 +36,7 @@ SEED_PASSWORD = "hunter2"
 # at build time for convenience.
 Tep.session_secret = SESSION_SEED
 
-LOGGER = Tep::Logger.new
+LOGGER = SpinelKit::Log.new
 LOGGER.set_level("info")
 
 CORS = Tep::Security::Cors.new
@@ -270,9 +270,9 @@ get '/api/posts' do
     end
     first = false
     out = out + "{" +
-      Tep::Json.encode_pair_int("id", db.col_int(0)) + "," +
-      Tep::Json.encode_pair_str("title",  db.col_str(1)) + "," +
-      Tep::Json.encode_pair_str("author", db.col_str(2)) + "}"
+      SpinelKit::Json.encode_pair_int("id", db.col_int(0)) + "," +
+      SpinelKit::Json.encode_pair_str("title",  db.col_str(1)) + "," +
+      SpinelKit::Json.encode_pair_str("author", db.col_str(2)) + "}"
   end
   db.finalize
   db.close
@@ -293,16 +293,16 @@ get '/api/posts/:id' do
     return "{}"
   end
   "{" +
-    Tep::Json.encode_pair_str("title",  title) + "," +
-    Tep::Json.encode_pair_str("body",   body)  + "," +
-    Tep::Json.encode_pair_str("author", author) + "}"
+    SpinelKit::Json.encode_pair_str("title",  title) + "," +
+    SpinelKit::Json.encode_pair_str("body",   body)  + "," +
+    SpinelKit::Json.encode_pair_str("author", author) + "}"
 end
 
 # Issue a JWT for API access. Same credentials as web login.
 post '/api/token' do
   res.headers["Content-Type"] = "application/json"
-  user = Tep::Json.get_str(req.raw_body, "user")
-  pwd  = Tep::Json.get_str(req.raw_body, "password")
+  user = SpinelKit::Json.get_str(req.raw_body, "user")
+  pwd  = SpinelKit::Json.get_str(req.raw_body, "password")
 
   db = Tep::SQLite.new
   db.open(DB_PATH)
@@ -322,8 +322,8 @@ post '/api/token' do
   end
 
   payload = "{" +
-    Tep::Json.encode_pair_str("sub", user) + "," +
-    Tep::Json.encode_pair_int("exp", Time.now.to_i + 3600) + "}"
+    SpinelKit::Json.encode_pair_str("sub", user) + "," +
+    SpinelKit::Json.encode_pair_int("exp", Time.now.to_i + 3600) + "}"
   token = Tep::Jwt.encode_hs256(payload, JWT_SECRET)
   LOGGER.info("api token issued: " + user)
   "{\"token\":\"" + token + "\"}"
@@ -344,10 +344,10 @@ post '/api/posts' do
     res.set_status(401)
     return "{\"error\":\"unauthorized\"}"
   end
-  user = Tep::Json.get_str(payload, "sub")
+  user = SpinelKit::Json.get_str(payload, "sub")
 
-  title = Tep::Json.get_str(req.raw_body, "title")
-  body  = Tep::Json.get_str(req.raw_body, "body")
+  title = SpinelKit::Json.get_str(req.raw_body, "title")
+  body  = SpinelKit::Json.get_str(req.raw_body, "body")
 
   db = Tep::SQLite.new
   db.open(DB_PATH)
@@ -363,5 +363,5 @@ post '/api/posts' do
 
   LOGGER.info("api post created id=" + id.to_s + " by " + user)
   res.set_status(201)
-  "{" + Tep::Json.encode_pair_int("id", id) + "}"
+  "{" + SpinelKit::Json.encode_pair_int("id", id) + "}"
 end

data/examples/chat/app.rb

@@ -13,9 +13,9 @@
 #   - Presence             heartbeat table refreshed via POST every
 #                          few seconds; `who` query lists rows touched
 #                          in the last 30 s
-#   - Tep::Json            wire format for the SSE event payloads
+#   - SpinelKit::Json            wire format for the SSE event payloads
 #                          and the /who endpoint
-#   - Tep::Logger          per-connection trace
+#   - SpinelKit::Log          per-connection trace
 #   - Tep::Security        CORS + secure-headers
 #   - ERB + @ivar locals   the chat UI page
 #
@@ -54,7 +54,7 @@ STREAM_MAX   = 30   # seconds; streamers self-close after this and
                     # the client reconnects (so we don't pile up
                     # connection-state forever in any one worker)
 
-LOGGER = Tep::Logger.new
+LOGGER = SpinelKit::Log.new
 LOGGER.set_level("info")
 
 CORS = Tep::Security::Cors.new
@@ -138,7 +138,7 @@ post '/chat/send' do
   db.close
 
   LOGGER.info("send id=" + id.to_s + " by " + author + ": " + body)
-  "{" + Tep::Json.encode_pair_int("id", id) + "}"
+  "{" + SpinelKit::Json.encode_pair_int("id", id) + "}"
 end
 
 post '/chat/heartbeat' do
@@ -175,8 +175,8 @@ get '/chat/who' do
     end
     first = false
     out = out + "{" +
-      Tep::Json.encode_pair_str("user", db.col_str(0)) + "," +
-      Tep::Json.encode_pair_int("last_seen", db.col_int(1)) + "}"
+      SpinelKit::Json.encode_pair_str("user", db.col_str(0)) + "," +
+      SpinelKit::Json.encode_pair_int("last_seen", db.col_int(1)) + "}"
   end
   db.finalize
   db.close
@@ -200,9 +200,9 @@ get '/chat/recent' do
     end
     first = false
     out = out + "{" +
-      Tep::Json.encode_pair_int("id", db.col_int(0)) + "," +
-      Tep::Json.encode_pair_str("author", db.col_str(1)) + "," +
-      Tep::Json.encode_pair_str("body",   db.col_str(2)) + "}"
+      SpinelKit::Json.encode_pair_int("id", db.col_int(0)) + "," +
+      SpinelKit::Json.encode_pair_str("author", db.col_str(1)) + "," +
+      SpinelKit::Json.encode_pair_str("body",   db.col_str(2)) + "}"
   end
   db.finalize
   db.close
@@ -245,9 +245,9 @@ class ChatStreamer < Tep::Streamer
         author = db.col_str(1)
         body   = db.col_str(2)
         line = "data: {" +
-          Tep::Json.encode_pair_int("id", id) + "," +
-          Tep::Json.encode_pair_str("author", author) + "," +
-          Tep::Json.encode_pair_str("body",   body) + "}\n\n"
+          SpinelKit::Json.encode_pair_int("id", id) + "," +
+          SpinelKit::Json.encode_pair_str("author", author) + "," +
+          SpinelKit::Json.encode_pair_str("body",   body) + "}\n\n"
         out.write(line)
         if id > last_id
           last_id = id

data/examples/chatbot/README.md

@@ -66,7 +66,7 @@ closed):
 | `Tep::Llm` | `Tep::Llm.new(BACKEND_URL).chat(history)` + `.chat_stream(history)` |
 | `Tep::Http` | (under `Tep::Llm`) the actual HTTP transport |
 | `Tep::SQLite` | conversations + messages + app_config tables |
-| `Tep::Json` | response payloads, manual encoding for nested arrays |
+| `SpinelKit::Json` | response payloads, manual encoding for nested arrays |
 | `Tep::Password` | first-boot setup + login verify |
 | `Tep::Session` | signed cookie + `authed` flag |
 | `Tep::Assets` | bundled CSS / JS / markdown renderer (served at `/style.css`, `/chat.js`, `/markdown.js` — Tep::Assets paths-relative-to-assets/) |
@@ -77,7 +77,7 @@ closed):
 | `Tep::WebSocket` | live chat over WS (the default `/api/c/ws` route); `Driver#write` is a Streamer-shape alias so `Tep::Llm.chat_stream` drives the socket directly |
 | `Tep::Job` | background conversation-title summarisation |
 | `Tep::Parallel` | multi-backend compare endpoint (sequential dispatch today; the genuine fork fan-out is blocked on [matz/spinel#575](https://github.com/matz/spinel/issues/575)) |
-| `Tep::Logger` | per-request trace to stderr |
+| `SpinelKit::Log` | per-request trace to stderr |
 
 Phase F is done (closes [tep#11](https://github.com/OriPekelman/tep/issues/11)):
 the JS client opens one WebSocket to `/api/c/ws` and sends

data/examples/chatbot/app.rb

@@ -59,7 +59,7 @@ HEADERS = Tep::Security::Headers.new
 HEADERS.set_hsts(HSTS_SECONDS)
 Tep.after HEADERS
 
-LOGGER = Tep::Logger.new
+LOGGER = SpinelKit::Log.new
 LOGGER.set_level("info")
 LOGGER.to_stderr
 
@@ -233,7 +233,7 @@ def conversations_as_json
       out = out + ","
     end
     out = out + "{\"id\":" + id.to_s +
-                ",\"title\":" + Tep::Json.quote(title) +
+                ",\"title\":" + SpinelKit::Json.quote(title) +
                 ",\"created_at\":" + created.to_s + "}"
     first = false
   end
@@ -297,7 +297,7 @@ def append_message(conv_id, role, content)
 end
 
 # Build a JSON envelope for the messages list. Hand-rolled because
-# Tep::Json's flat encoders don't cover nested arrays-of-hashes
+# SpinelKit::Json's flat encoders don't cover nested arrays-of-hashes
 # (same shape Tep::Llm uses internally).
 def messages_as_json(conv_id)
   db = db_open
@@ -311,8 +311,8 @@ def messages_as_json(conv_id)
     if !first
       out = out + ","
     end
-    out = out + "{\"role\":" + Tep::Json.quote(role) +
-                ",\"content\":" + Tep::Json.quote(content) + "}"
+    out = out + "{\"role\":" + SpinelKit::Json.quote(role) +
+                ",\"content\":" + SpinelKit::Json.quote(content) + "}"
     first = false
   end
   db.finalize
@@ -415,7 +415,7 @@ class ChatbotFilter < Tep::Filter
   def self.deny(res, why)
     res.set_status(401)
     res.headers["Content-Type"] = "application/json"
-    res.body = '{"error":"unauthorized","reason":' + Tep::Json.quote(why) + '}'
+    res.body = '{"error":"unauthorized","reason":' + SpinelKit::Json.quote(why) + '}'
     res.halted = true
     0
   end
@@ -505,9 +505,9 @@ class JobWorker
     if json.length == 0
       return 0
     end
-    job_id = Tep::Json.get_int(json, "id")
-    name   = Tep::Json.get_str(json, "job_name")
-    arg    = Tep::Json.get_str(json, "arg")
+    job_id = SpinelKit::Json.get_int(json, "id")
+    name   = SpinelKit::Json.get_str(json, "job_name")
+    arg    = SpinelKit::Json.get_str(json, "arg")
     if name == "TitleJob"
       TitleJob.new.perform(arg)
       Tep::Job.mark_done(DB_PATH, job_id, "")
@@ -585,7 +585,7 @@ post '/api/token' do
   payload_json = '{"sub":"user","iat":' + Time.now.to_i.to_s + '}'
   token = Tep::Jwt.encode_hs256(payload_json, JWT_SECRET)
   res.headers["Content-Type"] = "application/json"
-  '{"token":' + Tep::Json.quote(token) + '}'
+  '{"token":' + SpinelKit::Json.quote(token) + '}'
 end
 
 # -------------------------------------------------------------------
@@ -613,7 +613,7 @@ end
 # -------------------------------------------------------------------
 
 # Parse the OpenAI request body into a Tep::Llm::Message array.
-# Hand-rolled because Tep::Json's flat decoder doesn't dive into
+# Hand-rolled because SpinelKit::Json's flat decoder doesn't dive into
 # the messages-array shape. Walks `"messages":[{"role":"...","content":"..."},...]`
 # and pulls each role/content pair.
 def parse_openai_messages(body)
@@ -660,10 +660,10 @@ end
 def openai_envelope(model, content, stop_reason)
   '{"id":"chatcmpl-tep","object":"chat.completion","created":' +
     Time.now.to_i.to_s +
-    ',"model":' + Tep::Json.quote(model) +
+    ',"model":' + SpinelKit::Json.quote(model) +
     ',"choices":[{"index":0,"message":{"role":"assistant","content":' +
-    Tep::Json.quote(content) +
-    '},"finish_reason":' + Tep::Json.quote(stop_reason) +
+    SpinelKit::Json.quote(content) +
+    '},"finish_reason":' + SpinelKit::Json.quote(stop_reason) +
     '}]}'
 end
 
@@ -700,7 +700,7 @@ post '/api/v1/chat/completions' do
 
   # Extract model + stream flag from the JSON body. Model
   # falls back to the chatbot's configured default.
-  model = Tep::Json.get_str(body, "model")
+  model = SpinelKit::Json.get_str(body, "model")
   if model.length == 0
     model = MODEL
   end
@@ -807,10 +807,10 @@ post '/api/compare' do
     if i > 0
       out = out + ","
     end
-    out = out + "{\"backend\":" + Tep::Json.quote(backend) +
-                ",\"model\":" + Tep::Json.quote(model) +
+    out = out + "{\"backend\":" + SpinelKit::Json.quote(backend) +
+                ",\"model\":" + SpinelKit::Json.quote(model) +
                 ",\"took_s\":" + took.to_s +
-                ",\"content\":" + Tep::Json.quote(content) + "}"
+                ",\"content\":" + SpinelKit::Json.quote(content) + "}"
     i += 1
   end
   out + "]}"
@@ -830,8 +830,8 @@ def compare_backends_as_json
     if i > 0
       out = out + ","
     end
-    out = out + "{\"backend\":" + Tep::Json.quote(backend) +
-                ",\"model\":" + Tep::Json.quote(model) + "}"
+    out = out + "{\"backend\":" + SpinelKit::Json.quote(backend) +
+                ",\"model\":" + SpinelKit::Json.quote(model) + "}"
     i += 1
   end
   out + "]"
@@ -961,8 +961,8 @@ end
 # keeps sending message frames.
 websocket "/api/c/ws" do |ws|
   on_message do |evt|
-    conv_id = Tep::Json.get_int(evt.data, "conv_id")
-    content = Tep::Json.get_str(evt.data, "content")
+    conv_id = SpinelKit::Json.get_int(evt.data, "conv_id")
+    content = SpinelKit::Json.get_str(evt.data, "content")
     if conv_id > 0 && content.length > 0
       append_message(conv_id, "user", content)
       msgs = conversation_history(conv_id)
@@ -1019,6 +1019,6 @@ post '/api/send' do
   end
 
   res.headers["Content-Type"] = "application/json"
-  '{"role":"assistant","content":' + Tep::Json.quote(reply.content) +
-    ',"stop_reason":' + Tep::Json.quote(reply.stop_reason) + '}'
+  '{"role":"assistant","content":' + SpinelKit::Json.quote(reply.content) +
+    ',"stop_reason":' + SpinelKit::Json.quote(reply.stop_reason) + '}'
 end