@ictechgy/context-guard 0.4.10 → 0.4.11

package/plugins/context-guard/bin/context-guard-cache-score

@@ -23,6 +23,10 @@ TOOL_NAME = "context-guard-cache-score"
 SCHEMA_VERSION = "contextguard.cache-score.v1"
 DEFAULT_MAX_INPUT_BYTES = 1_000_000
 TOKEN_PROXY_CHARS_PER_TOKEN = 4
+DEFAULT_EXPECTED_REUSES = 1
+MAX_EXPECTED_REUSES = 1_000_000
+MAX_CACHE_MULTIPLIER = 1_000_000.0
+SAVINGS_EPSILON = 1e-12
 PROVIDER_MINIMUM_CACHEABLE_TOKENS = {
     # Provider and model minimums move over time.  These defaults are advisory
     # and can be overridden with --minimum-cacheable-tokens.
@@ -56,6 +60,9 @@ ALLOWED_FIRST_ABSOLUTE_SYMLINKS = {
     "var": Path("/private/var"),
 }
 MAX_JSON_PATH_SEGMENT_CHARS = 64
+MAX_JSON_WALK_NODES = 10_000
+MAX_JSON_WALK_DEPTH = 64
+MAX_JSON_SHAPE_WARNINGS = 200
 SAFE_JSON_PATH_SEGMENT_RE = re.compile(r"^[A-Za-z_][A-Za-z0-9_-]{0,63}$")
 DYNAMIC_JSON_KEY_RE = re.compile(r"(?i)(request|trace|nonce|random|timestamp|created[_-]?at|updated[_-]?at|date)")
 SENSITIVE_JSON_KEY_RE = re.compile(
@@ -110,6 +117,30 @@ def bounded_int(value: object, *, default: int, minimum: int, maximum: int, name
     return number
 
 
+def bounded_float(
+    value: object,
+    *,
+    minimum: float,
+    maximum: float,
+    name: str,
+) -> float | None:
+    if value is None:
+        return None
+    if isinstance(value, bool):
+        fail(f"{name} must be a finite number")
+    try:
+        number = float(value)
+    except (TypeError, ValueError, OverflowError):
+        fail(f"{name} must be a finite number")
+    if not math.isfinite(number):
+        fail(f"{name} must be finite")
+    if number < minimum:
+        fail(f"{name} must be >= {minimum:g}")
+    if number > maximum:
+        fail(f"{name} must be <= {maximum:g}")
+    return number
+
+
 def normalized_link_target(parent: Path, raw_target: str) -> Path:
     target = Path(raw_target)
     if not target.is_absolute():
@@ -197,39 +228,102 @@ def first_dynamic_marker(text: str) -> tuple[int | None, str | None]:
     return best_offset, best_name
 
 
-def _walk_json(value: Any, path: str = "$") -> list[dict[str, Any]]:
+def _walk_json(
+    value: Any,
+    path: str = "$",
+    *,
+    max_nodes: int = MAX_JSON_WALK_NODES,
+    max_depth: int = MAX_JSON_WALK_DEPTH,
+    max_warnings: int = MAX_JSON_SHAPE_WARNINGS,
+) -> list[dict[str, Any]]:
     warnings: list[dict[str, Any]] = []
-    if isinstance(value, dict):
-        keys = [str(key) for key in value]
-        if keys != sorted(keys):
-            warnings.append({
-                "code": "json_object_key_order_not_sorted",
-                "path": path,
-                "severity": "info",
-                "message": "Object keys are not in deterministic sorted order; keep generated JSON stable across runs.",
-            })
-        for key, item in value.items():
-            child_path = json_path_child(path, key)
-            if DYNAMIC_JSON_KEY_RE.search(str(key)):
-                warnings.append({
-                    "code": "dynamic_json_key",
-                    "path": child_path,
-                    "severity": "warn",
-                    "message": "Dynamic-looking JSON key appears in the prompt/request; place dynamic values after the reusable prefix.",
-                })
-            warnings.extend(_walk_json(item, child_path))
-    elif isinstance(value, list):
-        if path.endswith(".tools") and all(isinstance(item, dict) and "name" in item for item in value):
-            names = [str(item.get("name")) for item in value]
-            if names != sorted(names):
-                warnings.append({
-                    "code": "tool_order_not_sorted",
-                    "path": path,
+    capped_nodes = False
+    capped_depth = False
+    capped_warnings = False
+
+    def add_warning(item: dict[str, Any]) -> None:
+        nonlocal capped_warnings
+        if len(warnings) < max_warnings:
+            warnings.append(item)
+        else:
+            capped_warnings = True
+
+    stack: list[tuple[Any, str, int]] = [(value, path, 0)]
+    visited = 0
+    while stack:
+        if visited >= max_nodes:
+            capped_nodes = True
+            break
+        current, current_path, depth = stack.pop()
+        visited += 1
+        if depth >= max_depth and isinstance(current, (dict, list)) and current:
+            capped_depth = True
+            continue
+        if isinstance(current, dict):
+            previous_key: str | None = None
+            keys_sorted = True
+            remaining_child_slots = max(0, max_nodes - visited - len(stack))
+            child_items: list[tuple[Any, str, int]] = []
+            for key, item in current.items():
+                text_key = str(key)
+                if previous_key is not None and text_key < previous_key:
+                    keys_sorted = False
+                previous_key = text_key
+                child_path = json_path_child(current_path, key)
+                if DYNAMIC_JSON_KEY_RE.search(text_key):
+                    add_warning({
+                        "code": "dynamic_json_key",
+                        "path": child_path,
+                        "severity": "warn",
+                        "message": "Dynamic-looking JSON key appears in the prompt/request; place dynamic values after the reusable prefix.",
+                    })
+                if len(child_items) >= remaining_child_slots:
+                    capped_nodes = True
+                    break
+                child_items.append((item, child_path, depth + 1))
+            if not keys_sorted:
+                add_warning({
+                    "code": "json_object_key_order_not_sorted",
+                    "path": current_path,
                     "severity": "info",
-                    "message": "Tool definitions are not sorted by name; deterministic ordering improves prefix reuse.",
+                    "message": "Object keys are not in deterministic sorted order; keep generated JSON stable across runs.",
                 })
-        for index, item in enumerate(value):
-            warnings.extend(_walk_json(item, f"{path}[{index}]"))
+            stack.extend(reversed(child_items))
+        elif isinstance(current, list):
+            if current_path.endswith(".tools") and all(isinstance(item, dict) and "name" in item for item in current):
+                names = [str(item.get("name")) for item in current]
+                if names != sorted(names):
+                    add_warning({
+                        "code": "tool_order_not_sorted",
+                        "path": current_path,
+                        "severity": "info",
+                        "message": "Tool definitions are not sorted by name; deterministic ordering improves prefix reuse.",
+                    })
+            remaining_child_slots = max(0, max_nodes - visited - len(stack))
+            child_items = []
+            for index, item in enumerate(current):
+                if len(child_items) >= remaining_child_slots:
+                    capped_nodes = True
+                    break
+                child_items.append((item, f"{current_path}[{index}]", depth + 1))
+            stack.extend(reversed(child_items))
+    if capped_nodes or capped_depth or capped_warnings:
+        cap_warning = {
+            "code": "json_walk_truncated",
+            "path": "$",
+            "severity": "warn",
+            "message": "JSON shape analysis was capped by node, depth, or warning limits; rerun on a narrower prompt fixture for complete linting.",
+            "nodes_visited": visited,
+            "max_nodes": max_nodes,
+            "max_depth": max_depth,
+            "max_warnings": max_warnings,
+        }
+        if max_warnings <= 0:
+            return warnings
+        if len(warnings) < max_warnings:
+            warnings.append(cap_warning)
+        elif warnings:
+            warnings[-1] = cap_warning
     return warnings
 
 
@@ -252,7 +346,141 @@ def json_shape_warnings(text: str) -> tuple[str, list[dict[str, Any]]]:
     return "json", warnings
 
 
-def score_prompt(text: str, *, provider: str, minimum_cacheable_tokens: int) -> dict[str, Any]:
+def read_premium_relative_savings(reuses: int, *, write_multiplier: float, read_multiplier: float) -> float:
+    return (1.0 - write_multiplier) + (reuses * (1.0 - read_multiplier))
+
+
+def max_profitable_read_premium_reuses(*, write_multiplier: float, read_multiplier: float) -> int:
+    """Return the largest reuse count with strictly positive relative savings."""
+    candidate = max(0, int(math.floor((1.0 - write_multiplier) / (read_multiplier - 1.0))))
+    while candidate > 0 and read_premium_relative_savings(
+        candidate,
+        write_multiplier=write_multiplier,
+        read_multiplier=read_multiplier,
+    ) <= SAVINGS_EPSILON:
+        candidate -= 1
+    while read_premium_relative_savings(
+        candidate + 1,
+        write_multiplier=write_multiplier,
+        read_multiplier=read_multiplier,
+    ) > SAVINGS_EPSILON:
+        candidate += 1
+    return candidate
+
+
+def build_amortization_report(
+    *,
+    eligible: bool,
+    prefix_tokens: int,
+    expected_reuses: int,
+    cache_write_multiplier: float | None,
+    cache_read_multiplier: float | None,
+) -> dict[str, Any]:
+    """Return advisory cache amortization math using user-supplied multipliers.
+
+    ``expected_reuses`` means future cache reads after the initial cache write.
+    Multipliers are relative to uncached prefix input cost = 1.0.  Provider
+    pricing/cache policies change, so ContextGuard intentionally does not ship
+    provider-specific multiplier defaults.
+    """
+    supplied = cache_write_multiplier is not None and cache_read_multiplier is not None
+    break_even_reuses: int | None = None
+    max_profitable_reuses: int | None = None
+    expected_uncached_relative_cost: float | None = None
+    expected_cached_relative_cost: float | None = None
+    expected_relative_savings: float | None = None
+    status = "multipliers_not_supplied"
+    risk = "unknown"
+
+    if not eligible:
+        status = "not_cacheable"
+        risk = "high"
+    elif not supplied:
+        status = "multipliers_not_supplied"
+        risk = "unknown"
+    else:
+        expected_uncached_relative_cost = 1.0 + expected_reuses
+        expected_cached_relative_cost = cache_write_multiplier + (expected_reuses * cache_read_multiplier)
+        expected_relative_savings = expected_uncached_relative_cost - expected_cached_relative_cost
+        if cache_read_multiplier < 1.0:
+            if cache_write_multiplier <= 1.0:
+                break_even_reuses = 0
+            else:
+                break_even_reuses = int(math.ceil((cache_write_multiplier - 1.0) / (1.0 - cache_read_multiplier)))
+            if expected_reuses >= break_even_reuses:
+                status = "already_break_even_on_write" if break_even_reuses == 0 else "amortizes_with_expected_reuses"
+                risk = "low"
+            elif expected_reuses > 0:
+                status = "not_enough_expected_reuses"
+                risk = "medium"
+            else:
+                status = "not_enough_expected_reuses"
+                risk = "high"
+        elif cache_read_multiplier == 1.0 and cache_write_multiplier <= 1.0:
+            break_even_reuses = 0
+            status = "already_break_even_on_write"
+            risk = "low"
+        elif cache_read_multiplier > 1.0:
+            if cache_write_multiplier < 1.0:
+                max_profitable_reuses = max_profitable_read_premium_reuses(
+                    write_multiplier=cache_write_multiplier,
+                    read_multiplier=cache_read_multiplier,
+                )
+            if expected_relative_savings < -SAVINGS_EPSILON:
+                status = "no_read_discount"
+                risk = "high"
+            elif expected_reuses == 0:
+                if expected_relative_savings > SAVINGS_EPSILON:
+                    status = "write_discount_only_no_expected_reads"
+                    risk = "low"
+                else:
+                    status = "break_even_only_no_expected_reads"
+                    risk = "medium"
+            elif abs(expected_relative_savings) <= SAVINGS_EPSILON:
+                status = "break_even_only_with_limited_reuses"
+                risk = "medium"
+            else:
+                status = "positive_only_with_limited_reuses"
+                risk = "medium"
+        else:
+            status = "no_read_discount"
+            risk = "high"
+
+    return {
+        "expected_reuses": expected_reuses,
+        "expected_reuses_semantics": "future_cache_reads_after_initial_write",
+        "cacheable_prefix_tokens": prefix_tokens,
+        "break_even_reuses": break_even_reuses,
+        "max_profitable_reuses": max_profitable_reuses,
+        "status": status,
+        "risk": risk,
+        "cache_write_multiplier": cache_write_multiplier,
+        "cache_read_multiplier": cache_read_multiplier,
+        "expected_uncached_relative_cost": expected_uncached_relative_cost,
+        "expected_cached_relative_cost": expected_cached_relative_cost,
+        "expected_relative_savings": expected_relative_savings,
+        "multiplier_baseline": "uncached_prefix_input_cost_equals_1.0",
+        "user_supplied_multipliers": supplied,
+        "formula": "expected_cached=write_multiplier + expected_reuses*read_multiplier; expected_uncached=1 + expected_reuses; break_even=ceil((write_multiplier - 1.0)/(1.0-read_multiplier)) only when read_multiplier<1; max_profitable_reuses is the largest integer reuse count with expected_uncached-expected_cached > 0, only when read_multiplier>1 and write_multiplier<1",
+        "claim_boundary": {
+            "advisory_only": True,
+            "provider_pricing_defaults_included": False,
+            "provider_measured_cache_hit": False,
+            "hosted_api_token_or_cost_savings_claim_allowed": False,
+            "requires_user_supplied_or_provider_documented_multipliers": True,
+        },
+    }
+
+
+def score_prompt(
+    text: str,
+    *,
+    provider: str,
+    minimum_cacheable_tokens: int,
+    expected_reuses: int = DEFAULT_EXPECTED_REUSES,
+    cache_write_multiplier: float | None = None,
+    cache_read_multiplier: float | None = None,
+) -> dict[str, Any]:
     prompt_kind, shape_warnings = json_shape_warnings(text)
     dynamic_offset, dynamic_marker = first_dynamic_marker(text)
     prefix_text = text if dynamic_offset is None else text[:dynamic_offset]
@@ -282,13 +510,14 @@ def score_prompt(text: str, *, provider: str, minimum_cacheable_tokens: int) ->
             "message": "Anthropic caching usually requires cache_control around the reusable prefix.",
         })
 
+    eligible = prefix_estimated >= minimum_cacheable_tokens
     return {
         "tool": TOOL_NAME,
         "schema_version": SCHEMA_VERSION,
         "provider": provider,
         "prompt_kind": prompt_kind,
         "minimum_cacheable_tokens": minimum_cacheable_tokens,
-        "eligible": prefix_estimated >= minimum_cacheable_tokens,
+        "eligible": eligible,
         "estimated_tokens": estimated,
         "cacheable_prefix_tokens": prefix_estimated,
         "token_estimate": {
@@ -305,6 +534,13 @@ def score_prompt(text: str, *, provider: str, minimum_cacheable_tokens: int) ->
         "static_prefix_ratio": round(static_ratio, 6),
         "warnings": warnings,
         "provider_caveat": PROVIDER_CAVEATS[provider],
+        "amortization": build_amortization_report(
+            eligible=eligible,
+            prefix_tokens=prefix_estimated,
+            expected_reuses=expected_reuses,
+            cache_write_multiplier=cache_write_multiplier,
+            cache_read_multiplier=cache_read_multiplier,
+        ),
         "raw_prompt_stored": False,
         "claim_boundary": {
             "advisory_only": True,
@@ -320,11 +556,16 @@ def render_text(report: dict[str, Any]) -> str:
     status = "eligible" if report.get("eligible") else "not eligible"
     warnings = report.get("warnings") if isinstance(report.get("warnings"), list) else []
     warning_codes = ", ".join(str(item.get("code")) for item in warnings if isinstance(item, dict)) or "none"
+    amortization = report.get("amortization") if isinstance(report.get("amortization"), dict) else {}
     return (
         f"{TOOL_NAME}: {status} for {report['provider']} "
         f"(static_prefix≈{report['cacheable_prefix_tokens']} char/4 tokens, "
         f"minimum={report['minimum_cacheable_tokens']})\n"
         f"warnings: {warning_codes}\n"
+        f"amortization: {amortization.get('status', 'unknown')} "
+        f"(risk={amortization.get('risk', 'unknown')}, "
+        f"break_even_reuses={amortization.get('break_even_reuses')}, "
+        f"max_profitable_reuses={amortization.get('max_profitable_reuses')})\n"
         "claim boundary: advisory static lint only; not a measured provider cache hit or cost saving.\n"
     )
 
@@ -344,6 +585,24 @@ def build_parser() -> argparse.ArgumentParser:
         help="override provider threshold for model/platform-specific cache minimums",
     )
     parser.add_argument("--max-input-bytes", default=DEFAULT_MAX_INPUT_BYTES, help=f"maximum input bytes (default: {DEFAULT_MAX_INPUT_BYTES})")
+    parser.add_argument(
+        "--expected-reuses",
+        default=DEFAULT_EXPECTED_REUSES,
+        help=(
+            "future cache reads expected after the initial write; advisory only "
+            f"(default: {DEFAULT_EXPECTED_REUSES})"
+        ),
+    )
+    parser.add_argument(
+        "--cache-write-multiplier",
+        default=None,
+        help="optional user-supplied cache write multiplier relative to uncached prefix input cost=1.0",
+    )
+    parser.add_argument(
+        "--cache-read-multiplier",
+        default=None,
+        help="optional user-supplied cache read multiplier relative to uncached prefix input cost=1.0",
+    )
     parser.add_argument("--json", action="store_true", help="emit stable JSON")
     return parser
 
@@ -362,8 +621,34 @@ def main(argv: list[str] | None = None) -> int:
             maximum=10_000_000,
             name="--minimum-cacheable-tokens",
         )
+        expected_reuses = bounded_int(
+            args.expected_reuses,
+            default=DEFAULT_EXPECTED_REUSES,
+            minimum=0,
+            maximum=MAX_EXPECTED_REUSES,
+            name="--expected-reuses",
+        )
+        cache_write_multiplier = bounded_float(
+            args.cache_write_multiplier,
+            minimum=0.0,
+            maximum=MAX_CACHE_MULTIPLIER,
+            name="--cache-write-multiplier",
+        )
+        cache_read_multiplier = bounded_float(
+            args.cache_read_multiplier,
+            minimum=0.0,
+            maximum=MAX_CACHE_MULTIPLIER,
+            name="--cache-read-multiplier",
+        )
         text = read_limited_path(Path(args.input), max_input_bytes) if args.input else read_limited_stdin(max_input_bytes)
-        report = score_prompt(text, provider=provider, minimum_cacheable_tokens=minimum)
+        report = score_prompt(
+            text,
+            provider=provider,
+            minimum_cacheable_tokens=minimum,
+            expected_reuses=expected_reuses,
+            cache_write_multiplier=cache_write_multiplier,
+            cache_read_multiplier=cache_read_multiplier,
+        )
         if args.json:
             sys.stdout.write(json_bytes(report, indent=2) + "\n")
         else:

package/plugins/context-guard/bin/context-guard-cost

@@ -2855,12 +2855,17 @@ def compile_command(args: argparse.Namespace) -> int:
 
     recommended = sorted(sections, key=lambda sec: (bool(sec["volatile"]), 0 if sec["ttl"] == "1h" else 1, -int(sec["bytes"] or 0), str(sec["id"])))
     findings: list[dict[str, Any]] = []
+    suffix_has_one_hour_ttl = [False] * (len(sections) + 1)
+    suffix_has_stable_section = [False] * (len(sections) + 1)
+    for index in range(len(sections) - 1, -1, -1):
+        suffix_has_one_hour_ttl[index] = suffix_has_one_hour_ttl[index + 1] or sections[index]["ttl"] == "1h"
+        suffix_has_stable_section[index] = suffix_has_stable_section[index + 1] or not bool(sections[index]["volatile"])
     for i, sec in enumerate(sections):
-        if sec["ttl"] == "5m" and any(later["ttl"] == "1h" for later in sections[i + 1 :]):
+        if sec["ttl"] == "5m" and suffix_has_one_hour_ttl[i + 1]:
             findings.append({"severity": "warn", "code": "ttl_order_violation", "section_id": sec["id"], "message": "place 1h cacheable stable sections before 5m sections"})
             break
     for i, sec in enumerate(sections):
-        if sec["volatile"] and any(not later["volatile"] for later in sections[i + 1 :]):
+        if sec["volatile"] and suffix_has_stable_section[i + 1]:
             findings.append({"severity": "warn", "code": "volatile_prefix_before_stable_context", "section_id": sec["id"], "message": "move volatile context toward the tail so stable prefixes can be reused"})
             break
     if len(sections) > 4: