@hunyed15/codecgc 0.1.7 → 0.1.9

package/geminimcp/src/geminimcp/server.py

@@ -18,6 +18,10 @@ from mcp.server.fastmcp import FastMCP
 from pydantic import BeforeValidator, Field
 import shutil
 
+DEFAULT_GEMINI_APPROVAL_MODE = "auto_edit"
+DEFAULT_GEMINI_TIMEOUT_SECONDS = 600
+PROJECT_GEMINI_POLICY_RELATIVE_PATH = Path(".gemini") / "policies" / "codecgc-policy.toml"
+
 mcp = FastMCP("Gemini MCP Server-from guda.studio")
 
 # Mirror of model-routing.yaml backend_paths — keep these hints in sync with
@@ -49,6 +53,14 @@ def _normalize_path_text(path_value: Path | str) -> str:
     return str(path_value).replace("\\", "/").strip()
 
 
+def _resolve_project_gemini_policy(cd: Path) -> Path | None:
+    """Return the CodeCGC project-local Gemini policy if the workspace installed it."""
+    policy_path = cd / PROJECT_GEMINI_POLICY_RELATIVE_PATH
+    if policy_path.is_file():
+        return policy_path
+    return None
+
+
 def _is_probably_backend_path(path_value: Path | str) -> bool:
     """Best-effort check to keep frontend-only Gemini tasks away from backend files."""
     normalized = _normalize_path_text(path_value).lower().lstrip("./")
@@ -126,7 +138,29 @@ def _validate_frontend_target_paths(target_paths: List[Path]) -> tuple[bool, Lis
     return True, policy_checks, ""
 
 
-def run_shell_command(cmd: list[str], cwd: str | None = None) -> Generator[str, None, None]:
+def _terminate_process_tree(process: subprocess.Popen[str]) -> None:
+    """Terminate a process and its children best-effort."""
+    if process.poll() is not None:
+        return
+
+    if os.name == "nt":
+        subprocess.run(
+            ["taskkill", "/PID", str(process.pid), "/T", "/F"],
+            stdin=subprocess.DEVNULL,
+            stdout=subprocess.DEVNULL,
+            stderr=subprocess.DEVNULL,
+            check=False,
+        )
+        return
+
+    process.kill()
+
+
+def run_shell_command(
+    cmd: list[str],
+    cwd: str | None = None,
+    timeout_seconds: int = DEFAULT_GEMINI_TIMEOUT_SECONDS,
+) -> Generator[str, None, None]:
     """Execute a command and stream its output line-by-line.
 
     Args:
@@ -158,6 +192,8 @@ def run_shell_command(cmd: list[str], cwd: str | None = None) -> Generator[str,
 
     output_queue: queue.Queue[str | None] = queue.Queue()
     GRACEFUL_SHUTDOWN_DELAY = 0.3
+    started_at = time.monotonic()
+    timed_out = False
 
     def is_turn_completed(line: str) -> bool:
         """Check if the line indicates turn completion via JSON parsing."""
@@ -185,6 +221,11 @@ def run_shell_command(cmd: list[str], cwd: str | None = None) -> Generator[str,
 
     # Yield lines while process is running
     while True:
+        if timeout_seconds > 0 and time.monotonic() - started_at > timeout_seconds:
+            timed_out = True
+            _terminate_process_tree(process)
+            break
+
         try:
             line = output_queue.get(timeout=0.5)
             if line is None:
@@ -197,7 +238,7 @@ def run_shell_command(cmd: list[str], cwd: str | None = None) -> Generator[str,
     try:
         process.wait(timeout=5)
     except subprocess.TimeoutExpired:
-        process.kill()
+        _terminate_process_tree(process)
         process.wait()
     thread.join(timeout=5)
 
@@ -209,6 +250,13 @@ def run_shell_command(cmd: list[str], cwd: str | None = None) -> Generator[str,
         except queue.Empty:
             break
 
+    if timed_out:
+        raise TimeoutError(
+            f"Gemini CLI timed out after {timeout_seconds} seconds. "
+            "This usually means the CLI was waiting for interactive approval, "
+            "network/authentication, or a long-running tool call."
+        )
+
 
 def _execute_gemini_session(
     *,
@@ -218,6 +266,7 @@ def _execute_gemini_session(
     session_id: str,
     return_all_messages: bool,
     model: str,
+    timeout_seconds: int = DEFAULT_GEMINI_TIMEOUT_SECONDS,
 ) -> Dict[str, Any]:
     """Execute Gemini CLI and return the parsed MCP response payload."""
     if not cd.exists():
@@ -229,7 +278,21 @@ def _execute_gemini_session(
     if os.name == "nt":
         prompt = windows_escape(prompt)
 
-    cmd = ["gemini", "--skip-trust", "--prompt", prompt, "-o", "stream-json"]
+    effective_timeout_seconds = int(timeout_seconds or 0) or DEFAULT_GEMINI_TIMEOUT_SECONDS
+    cmd = [
+        "gemini",
+        "--skip-trust",
+        "--approval-mode",
+        DEFAULT_GEMINI_APPROVAL_MODE,
+        "--prompt",
+        prompt,
+        "-o",
+        "stream-json",
+    ]
+
+    project_policy = _resolve_project_gemini_policy(cd)
+    if project_policy is not None:
+        cmd.extend(["--policy", project_policy.absolute().as_posix()])
 
     if sandbox:
         cmd.extend(["--sandbox"])
@@ -246,27 +309,36 @@ def _execute_gemini_session(
     err_message = ""
     thread_id: Optional[str] = None
 
-    for line in run_shell_command(cmd, cwd=cd.absolute().as_posix()):
-        try:
-            line_dict = json.loads(line.strip())
-            all_messages.append(line_dict)
-            item_type = line_dict.get("type", "")
-            item_role = line_dict.get("role", "")
-            if item_type == "message" and item_role == "assistant":
-                if (
-                    "The --prompt (-p) flag has been deprecated and will be removed in a future version. Please use a positional argument for your prompt. See gemini --help for more information.\n"
-                    in line_dict.get("content", "")
-                ):
-                    continue
-                agent_messages = agent_messages + line_dict.get("content", "")
-            if line_dict.get("session_id") is not None:
-                thread_id = line_dict.get("session_id")
-        except json.JSONDecodeError:
-            err_message += "\n\n[json decode error] " + line
-            continue
-        except Exception as error:
-            err_message += "\n\n[unexpected error] " + f"Unexpected error: {error}. Line: {line!r}"
-            break
+    try:
+        for line in run_shell_command(
+            cmd,
+            cwd=cd.absolute().as_posix(),
+            timeout_seconds=effective_timeout_seconds,
+        ):
+            try:
+                line_dict = json.loads(line.strip())
+                all_messages.append(line_dict)
+                item_type = line_dict.get("type", "")
+                item_role = line_dict.get("role", "")
+                if item_type == "message" and item_role == "assistant":
+                    if (
+                        "The --prompt (-p) flag has been deprecated and will be removed in a future version. Please use a positional argument for your prompt. See gemini --help for more information.\n"
+                        in line_dict.get("content", "")
+                    ):
+                        continue
+                    agent_messages = agent_messages + line_dict.get("content", "")
+                if line_dict.get("session_id") is not None:
+                    thread_id = line_dict.get("session_id")
+            except json.JSONDecodeError:
+                err_message += "\n\n[json decode error] " + line
+                continue
+            except Exception as error:
+                err_message += "\n\n[unexpected error] " + f"Unexpected error: {error}. Line: {line!r}"
+                success = False
+                break
+    except TimeoutError as error:
+        success = False
+        err_message += "\n\n[timeout] " + str(error)
 
     if thread_id is None:
         success = False
@@ -359,6 +431,10 @@ async def gemini(
         str,
         "The model to use for the gemini session. This parameter is strictly prohibited unless explicitly specified by the user.",
     ] = "",
+    timeout_seconds: Annotated[
+        int,
+        Field(description="Maximum Gemini CLI process runtime in seconds. Defaults to 600."),
+    ] = DEFAULT_GEMINI_TIMEOUT_SECONDS,
 ) -> Dict[str, Any]:
     """Execute a gemini CLI session and return the results."""
     return await asyncio.to_thread(
@@ -370,6 +446,7 @@ async def gemini(
             session_id=SESSION_ID,
             return_all_messages=return_all_messages,
             model=model,
+            timeout_seconds=timeout_seconds,
         )
     )
 
@@ -421,6 +498,10 @@ async def implement_frontend_task(
         str,
         "Optional model override. Only use when explicitly requested by the user.",
     ] = "",
+    timeout_seconds: Annotated[
+        int,
+        Field(description="Maximum Gemini CLI process runtime in seconds. Defaults to 600."),
+    ] = DEFAULT_GEMINI_TIMEOUT_SECONDS,
 ) -> Dict[str, Any]:
     """Execute a frontend-only Gemini task with CodeCGC policy checks."""
     valid, policy_checks, validation_error = _validate_frontend_target_paths(target_paths)
@@ -447,6 +528,7 @@ async def implement_frontend_task(
             session_id=SESSION_ID,
             return_all_messages=return_all_messages,
             model=model,
+            timeout_seconds=timeout_seconds,
         )
     )
 

package/model-routing.yaml

@@ -1,4 +1,17 @@
-version: 1
+version: 2
+
+orchestration_paths:
+  - "codecgc/**"
+  - ".claude/commands/**"
+  - ".claude/settings.json"
+  - ".mcp.json"
+  - "model-routing.yaml"
+
+docs_paths:
+  - "README.md"
+  - "INSTALLATION.md"
+  - "docs/**"
+  - "CHANGELOG.md"
 
 frontend_paths:
   - "apps/web/**"
@@ -9,8 +22,6 @@ frontend_paths:
   - "web/**"
   - "frontend/**"
 
-custom_frontend_paths:
-
 backend_paths:
   - "apps/api/**"
   - "server/**"
@@ -19,7 +30,19 @@ backend_paths:
   - "src/repositories/**"
   - "backend/**"
 
-custom_backend_paths:
+test_paths:
+  frontend:
+    - "apps/web/*.test.*"
+    - "apps/web/*.spec.*"
+    - "apps/web/**/*.test.*"
+    - "apps/web/**/*.spec.*"
+    - "tests/frontend/**"
+  backend:
+    - "apps/api/*.test.*"
+    - "apps/api/*.spec.*"
+    - "apps/api/**/*.test.*"
+    - "apps/api/**/*.spec.*"
+    - "tests/backend/**"
 
 shared_paths:
   - "packages/shared/**"
@@ -28,7 +51,9 @@ shared_paths:
   - "src/types/**"
 
 rules:
-  frontend_executor: "geminimcp"
+  claude_allowed_owners:
+    - "orchestration"
+    - "docs"
   backend_executor: "codexmcp"
+  frontend_executor: "geminimcp"
   shared_policy: "split-first"
-  claude_role: "plan-review-accept-only"

package/package.json

@@ -1,16 +1,18 @@
 {
   "name": "@hunyed15/codecgc",
-  "version": "0.1.7",
+  "version": "0.1.9",
   "description": "Claude-hosted multi-model workflow product shell for CodeCGC.",
   "license": "MIT",
   "type": "commonjs",
   "bin": {
     "cgc": "bin/cgc.js",
+    "cgc-start": "bin/cgc-start.js",
     "cgc-install": "bin/cgc-install.js",
     "cgc-status": "bin/cgc-status.js",
     "cgc-doctor": "bin/cgc-doctor.js",
     "cgc-package-audit": "bin/cgc-package-audit.js",
     "cgc-external-audit": "bin/cgc-external-audit.js",
+    "cgc-external-status": "bin/cgc-external-status.js",
     "cgc-release-readiness": "bin/cgc-release-readiness.js",
     "cgc-lifecycle": "bin/cgc-lifecycle.js",
     "cgc-history": "bin/cgc-history.js",
@@ -25,10 +27,12 @@
   "scripts": {
     "postinstall": "node scripts/postinstall_codecgc.js",
     "cgc:help": "node bin/cgc.js --help",
+    "cgc:start": "node bin/cgc-start.js --format summary",
     "cgc:status": "node bin/cgc-status.js --format summary",
     "cgc:doctor": "node bin/cgc-doctor.js --format summary",
     "cgc:package-audit": "node bin/cgc-package-audit.js --format summary",
     "cgc:external-audit": "node bin/cgc-external-audit.js --format summary",
+    "cgc:external-status": "node bin/cgc-external-status.js --format summary",
     "cgc:release-readiness": "node bin/cgc-release-readiness.js --format summary",
     "cgc:lifecycle": "node bin/cgc-lifecycle.js --format summary",
     "cgc:history": "node bin/cgc-history.js --status open --last 10 --format summary",
@@ -40,6 +44,7 @@
   "files": [
     "bin/",
     "scripts/*.py",
+    "scripts/codecgc_runtime/*.py",
     "scripts/postinstall_codecgc.js",
     "scripts/README-codecgc-cli.md",
     ".claude/hooks/route-edit.ps1",
@@ -56,17 +61,20 @@
     "codecgc/cgc-review/",
     "codecgc/cgc-roadmap/",
     "codecgc/cgc-test/",
+    "codecgc/compound/",
     "codecgc/reference/",
+    "codecgc/roadmap/",
+    "codecgc/templates/",
     "codecgcmcp/pyproject.toml",
     "codecgcmcp/README.md",
-    "codecgcmcp/src/codecgcmcp/",
+    "codecgcmcp/src/codecgcmcp/*.py",
     "codexmcp/pyproject.toml",
     "codexmcp/README.md",
     "codexmcp/LICENSE",
-    "codexmcp/src/codexmcp/",
+    "codexmcp/src/codexmcp/*.py",
     "geminimcp/pyproject.toml",
     "geminimcp/README.md",
-    "geminimcp/src/geminimcp/",
+    "geminimcp/src/geminimcp/*.py",
     "requirements.txt",
     "INSTALLATION.md",
     "model-routing.yaml",

package/scripts/audit_codecgc_external_capabilities.py

@@ -9,6 +9,16 @@ from codecgc_runtime_paths import resolve_workspace_root
 
 WORKSPACE = Path(__file__).resolve().parents[1]
 REGISTRY_PATH = WORKSPACE / "codecgc" / "reference" / "external-capability-registry.json"
+STATUS_PANEL_CAPABILITY_ORDER = [
+    "memos",
+    "github-mcp",
+    "linear-mcp",
+    "sentry-mcp",
+]
+STATUS_PANEL_SUPPORT_CAPABILITY_ORDER = [
+    "augment-search",
+    "jira-mcp",
+]
 
 
 def load_registry() -> dict[str, Any]:
@@ -107,7 +117,7 @@ def normalize_capability_entry(entry: dict[str, Any], workspace_servers: dict[st
     }
 
 
-def audit_external_capabilities(workspace_override: str = "") -> dict[str, Any]:
+def audit_external_capabilities(workspace_override: str = "", view: str = "audit") -> dict[str, Any]:
     registry = load_registry()
     workspace_servers, workspace_root = load_workspace_mcp_servers(workspace_override)
     entries = registry.get("capabilities", [])
@@ -142,6 +152,8 @@ def audit_external_capabilities(workspace_override: str = "") -> dict[str, Any]:
         human_summary = "外部能力登记表存在缺失字段或非法项。"
     elif drift_items:
         human_summary = "外部能力登记表已就绪，但发现本地额外接入漂移。"
+    elif view == "status":
+        human_summary = "外部能力状态面板已就绪。"
 
     recommended_next_action = ""
     if blocking_items:
@@ -158,12 +170,14 @@ def audit_external_capabilities(workspace_override: str = "") -> dict[str, Any]:
     return {
         "success": ready,
         "mode": "external-capability-audit",
+        "presentation_view": view,
         "workspace": str(workspace_root),
         "registry_path": str(REGISTRY_PATH),
         "summary": {
             "ready": ready,
             "scope": "外部能力白名单、接入状态声明与本地 MCP 观测状态",
             "human_summary": human_summary,
+            "view": view,
             "capability_count": len(normalized),
             "integrated_count": counts["integrated"],
             "planned_count": counts["planned"],
@@ -178,7 +192,31 @@ def audit_external_capabilities(workspace_override: str = "") -> dict[str, Any]:
     }
 
 
-def build_summary(result: dict[str, Any]) -> str:
+def _capability_by_id(result: dict[str, Any], capability_id: str) -> dict[str, Any] | None:
+    for item in result.get("capabilities", []):
+        if not isinstance(item, dict):
+            continue
+        if str(item.get("id", "")).strip() == capability_id:
+            return item
+    return None
+
+
+def _format_capability_panel_line(item: dict[str, Any]) -> str:
+    status = str(item.get("status", "")).strip()
+    status_label = {
+        "integrated": "已纳管",
+        "planned": "规划中",
+        "optional": "可选",
+    }.get(status, status or "未知")
+    local_label = "已观测" if item.get("local_ready") else "未观测"
+    observed = ", ".join(str(value).strip() for value in item.get("observed_servers", []) if str(value).strip()) or "无"
+    return (
+        f"- {item.get('name', '')} [{item.get('id', '')}]: "
+        f"{status_label} | 本地={local_label} | 服务器={observed}"
+    )
+
+
+def build_audit_summary(result: dict[str, Any]) -> str:
     summary = result.get("summary", {}) if isinstance(result.get("summary"), dict) else {}
     lines = [
         f"- 工作区: {result.get('workspace', '')}",
@@ -249,8 +287,46 @@ def build_summary(result: dict[str, Any]) -> str:
     return render_summary_block("CodeCGC 外部能力审计", lines, next_actions)
 
 
+def build_status_panel(result: dict[str, Any]) -> str:
+    summary = result.get("summary", {}) if isinstance(result.get("summary"), dict) else {}
+    lines = [
+        f"- 工作区: {result.get('workspace', '')}",
+        f"- 登记表: {result.get('registry_path', '')}",
+        f"- 范围: {summary.get('scope', '')}",
+        f"- 摘要: {summary.get('human_summary', '')}",
+        f"- 就绪: {'是' if summary.get('ready') else '否'}",
+        f"- 正式接入: {summary.get('integrated_count', 0)}",
+        f"- 规划中: {summary.get('planned_count', 0)}",
+        f"- 可选项: {summary.get('optional_count', 0)}",
+        f"- 阻塞项: {summary.get('blocking_count', 0)}",
+        f"- 漂移项: {summary.get('drift_count', 0)}",
+        "- 正式能力面板:",
+    ]
+    for capability_id in STATUS_PANEL_CAPABILITY_ORDER:
+        item = _capability_by_id(result, capability_id)
+        if isinstance(item, dict):
+            lines.append(_format_capability_panel_line(item))
+    lines.append("- 其他受管能力:")
+    for capability_id in STATUS_PANEL_SUPPORT_CAPABILITY_ORDER:
+        item = _capability_by_id(result, capability_id)
+        if isinstance(item, dict):
+            lines.append(_format_capability_panel_line(item))
+    next_actions = []
+    next_action = str(summary.get("recommended_next_action", "")).strip()
+    if next_action:
+        next_actions.append(next_action)
+    next_actions.append("需要更细的登记一致性检查时，再跑 cgc-external-audit")
+    return render_summary_block("CodeCGC 外部能力状态面板", lines, next_actions)
+
+
 def main() -> int:
     parser = argparse.ArgumentParser(description="Audit CodeCGC external capability registry and local MCP observations.")
+    parser.add_argument(
+        "--view",
+        choices=["audit", "status"],
+        default="audit",
+        help="Rendered summary view. Audit is detailed; status is the concise panel view.",
+    )
     parser.add_argument(
         "--format",
         choices=["json", "summary"],
@@ -264,9 +340,12 @@ def main() -> int:
     )
     args = parser.parse_args()
 
-    result = audit_external_capabilities(args.workspace)
+    result = audit_external_capabilities(args.workspace, view=args.view)
     if args.format == "summary":
-        print(build_summary(result))
+        if args.view == "status":
+            print(build_status_panel(result))
+        else:
+            print(build_audit_summary(result))
     else:
         print(json.dumps(result, ensure_ascii=False, indent=2))
     return 0 if result.get("success") else 1

package/scripts/audit_codecgc_historical_audits.py

@@ -6,6 +6,8 @@ from typing import Any
 from codecgc_artifact_roots import discover_flow_directory
 from codecgc_artifact_roots import execution_root
 from codecgc_artifact_roots import normalize_artifact_class
+from codecgc_path_contract import is_project_relative_path
+from codecgc_path_contract import resolve_project_path
 
 
 WORKSPACE = Path(__file__).resolve().parents[1]
@@ -33,6 +35,19 @@ def contains_old_repo_name(value: Any) -> bool:
     return isinstance(value, str) and OLD_REPO_NAME in value
 
 
+def contains_persisted_absolute_project_path(value: Any) -> bool:
+    if not isinstance(value, str) or not value.strip():
+        return False
+    if is_project_relative_path(value):
+        return False
+    resolved = resolve_project_path(value)
+    try:
+        resolved.relative_to(WORKSPACE.resolve())
+        return True
+    except ValueError:
+        return False
+
+
 def expected_artifact_filename(artifact_type: str, artifact_slug: str) -> str:
     base_slug = artifact_slug[11:] if len(artifact_slug) > 11 and artifact_slug[4] == "-" else artifact_slug
     if artifact_type == "feature":
@@ -97,7 +112,7 @@ def validate_source_contract(source: dict[str, Any]) -> list[dict[str, str]]:
         )
 
     if artifact_file:
-        artifact_file_path = Path(artifact_file)
+        artifact_file_path = resolve_project_path(artifact_file)
         if not artifact_file_path.exists():
             issues.append(
                 {
@@ -105,7 +120,7 @@ def validate_source_contract(source: dict[str, Any]) -> list[dict[str, str]]:
                     "detail": artifact_file,
                 }
             )
-        elif directory not in artifact_file_path.parents:
+        elif directory.resolve() not in artifact_file_path.resolve().parents:
             issues.append(
                 {
                     "problem": "source-artifact-file-directory-mismatch",
@@ -174,6 +189,31 @@ def inspect_audit(path: Path) -> list[dict[str, str]]:
             }
         )
 
+    if contains_persisted_absolute_project_path(data.get("routing_file")):
+        issues.append(
+            {
+                "path": str(path),
+                "problem": "absolute-project-routing-file",
+                "detail": str(data.get("routing_file", "")),
+            }
+        )
+    if contains_persisted_absolute_project_path(data.get("cd")):
+        issues.append(
+            {
+                "path": str(path),
+                "problem": "absolute-project-cd",
+                "detail": str(data.get("cd", "")),
+            }
+        )
+    if contains_persisted_absolute_project_path(source.get("artifact_file")):
+        issues.append(
+            {
+                "path": str(path),
+                "problem": "absolute-project-artifact-file",
+                "detail": str(source.get("artifact_file", "")),
+            }
+        )
+
     for item in validate_source_contract(source):
         issues.append(
             {