@jx-grxf/patchpilot 0.2.1 → 0.3.0

package/dist/core/workspace.js

@@ -8,6 +8,7 @@ import { inflateRawSync } from "node:zlib";
 const execFileAsync = promisify(execFile);
 const ignoredDirectories = new Set([
     ".git",
+    ".patchpilot",
     "node_modules",
     "dist",
     "coverage",
@@ -67,6 +68,131 @@ const blockedPathNames = new Set([
     "id_ed25519",
     "known_hosts"
 ]);
+export const toolSpecs = {
+    list_files: {
+        name: "list_files",
+        description: "List workspace files under a directory.",
+        risk: "low",
+        sideEffects: "none",
+        permission: "none",
+        category: "read"
+    },
+    read_file: {
+        name: "read_file",
+        description: "Read a complete text/code file.",
+        risk: "low",
+        sideEffects: "none",
+        permission: "none",
+        category: "read"
+    },
+    read_range: {
+        name: "read_range",
+        description: "Read a bounded 1-based line range from a text/code file.",
+        risk: "low",
+        sideEffects: "none",
+        permission: "none",
+        category: "read"
+    },
+    file_info: {
+        name: "file_info",
+        description: "Inspect file metadata inside the workspace.",
+        risk: "low",
+        sideEffects: "none",
+        permission: "none",
+        category: "read"
+    },
+    search_text: {
+        name: "search_text",
+        description: "Search workspace text with ripgrep.",
+        risk: "low",
+        sideEffects: "none",
+        permission: "none",
+        category: "search"
+    },
+    inspect_document: {
+        name: "inspect_document",
+        description: "Extract text from supported documents.",
+        risk: "low",
+        sideEffects: "none",
+        permission: "none",
+        category: "document"
+    },
+    git_status: {
+        name: "git_status",
+        description: "Read the current Git branch and dirty state.",
+        risk: "low",
+        sideEffects: "none",
+        permission: "none",
+        category: "git"
+    },
+    git_diff: {
+        name: "git_diff",
+        description: "Read the current Git diff.",
+        risk: "low",
+        sideEffects: "none",
+        permission: "none",
+        category: "git"
+    },
+    list_changed_files: {
+        name: "list_changed_files",
+        description: "List changed files from Git porcelain status.",
+        risk: "low",
+        sideEffects: "none",
+        permission: "none",
+        category: "git"
+    },
+    list_scripts: {
+        name: "list_scripts",
+        description: "List package.json scripts.",
+        risk: "low",
+        sideEffects: "none",
+        permission: "none",
+        category: "read"
+    },
+    write_file: {
+        name: "write_file",
+        description: "Write a full file in the workspace.",
+        risk: "high",
+        sideEffects: "write",
+        permission: "write",
+        category: "write"
+    },
+    apply_patch: {
+        name: "apply_patch",
+        description: "Apply a unified Git patch inside the workspace.",
+        risk: "high",
+        sideEffects: "write",
+        permission: "write",
+        category: "write"
+    },
+    run_script: {
+        name: "run_script",
+        description: "Run a named package.json script.",
+        risk: "medium",
+        sideEffects: "shell",
+        permission: "shell",
+        category: "shell"
+    },
+    run_tests: {
+        name: "run_tests",
+        description: "Run the repository test script.",
+        risk: "medium",
+        sideEffects: "shell",
+        permission: "shell",
+        category: "test"
+    },
+    run_shell: {
+        name: "run_shell",
+        description: "Run a restricted one-line shell command.",
+        risk: "high",
+        sideEffects: "shell",
+        permission: "shell",
+        category: "shell"
+    }
+};
+export function getToolSpec(name) {
+    return toolSpecs[name];
+}
 export class WorkspaceTools {
     root;
     rootRealPath;
@@ -74,6 +200,8 @@ export class WorkspaceTools {
     allowShell;
     timeoutMs;
     signal;
+    approvalHandler;
+    sessionApprovals = new Set();
     constructor(options) {
         this.root = path.resolve(options.root);
         this.rootRealPath = realpath(this.root).catch(() => this.root);
@@ -81,6 +209,7 @@ export class WorkspaceTools {
         this.allowShell = options.allowShell;
         this.timeoutMs = options.timeoutMs ?? 60_000;
         this.signal = options.signal;
+        this.approvalHandler = options.approvalHandler;
     }
     async execute(call) {
         try {
@@ -89,12 +218,30 @@ export class WorkspaceTools {
                     return await this.listFiles(readString(call.arguments.path, "."));
                 case "read_file":
                     return await this.readFile(readString(call.arguments.path, ""));
+                case "read_range":
+                    return await this.readRange(readString(call.arguments.path, ""), readNumber(call.arguments.start, 1), readNumber(call.arguments.end, readNumber(call.arguments.start, 1) + 80));
+                case "file_info":
+                    return await this.fileInfo(readString(call.arguments.path, ""));
                 case "search_text":
                     return await this.searchText(readString(call.arguments.query, ""));
                 case "inspect_document":
                     return await this.inspectDocument(readString(call.arguments.path, ""));
+                case "git_status":
+                    return await this.gitStatus();
+                case "git_diff":
+                    return await this.gitDiff(readString(call.arguments.path, ""));
+                case "list_changed_files":
+                    return await this.listChangedFiles();
+                case "list_scripts":
+                    return await this.listScripts();
                 case "write_file":
                     return await this.writeFile(readString(call.arguments.path, ""), readString(call.arguments.content, ""));
+                case "apply_patch":
+                    return await this.applyPatch(readString(call.arguments.patch, ""));
+                case "run_script":
+                    return await this.runScript(readString(call.arguments.script, ""));
+                case "run_tests":
+                    return await this.runTests();
                 case "run_shell":
                     return await this.runShell(readString(call.arguments.command, ""));
                 default:
@@ -144,7 +291,9 @@ export class WorkspaceTools {
         return {
             ok: true,
             summary: `listed ${entries.length} files`,
-            content: entries.join("\n")
+            content: entries.join("\n"),
+            tool: "list_files",
+            category: toolSpecs.list_files.category
         };
     }
     async readFile(requestedPath) {
@@ -168,7 +317,70 @@ export class WorkspaceTools {
         return {
             ok: true,
             summary: `read ${path.relative(this.root, absolutePath)}`,
-            content: clippedContent
+            content: clippedContent,
+            tool: "read_file",
+            category: toolSpecs.read_file.category
+        };
+    }
+    async readRange(requestedPath, startLine, endLine) {
+        if (!requestedPath) {
+            return denied("read_range requires a path.", "read_range");
+        }
+        if (startLine < 1 || endLine < startLine) {
+            return denied("read_range requires 1-based start/end lines.", "read_range");
+        }
+        if (isPlaceholderPath(requestedPath)) {
+            return denied(`read_range denied placeholder path: ${requestedPath}`, "read_range");
+        }
+        if (isSensitivePath(requestedPath)) {
+            return denied(`read_range denied sensitive path: ${requestedPath}`, "read_range");
+        }
+        const absolutePath = await this.resolveReadPath(requestedPath);
+        if (!isLikelyTextFile(absolutePath)) {
+            return denied(`read_range supports text/code files. Use inspect_document for ${path.extname(absolutePath) || "this file"} files.`, "read_range");
+        }
+        const lines = (await readFile(absolutePath, "utf8")).split(/\r?\n/);
+        const selectedLines = lines.slice(startLine - 1, endLine);
+        const numberedLines = selectedLines.map((line, index) => `${startLine + index}: ${line}`).join("\n");
+        return {
+            ok: true,
+            summary: `read ${path.relative(this.root, absolutePath)}:${startLine}-${Math.min(endLine, lines.length)}`,
+            content: clip(numberedLines || "No lines in range.", 20_000),
+            tool: "read_range",
+            category: toolSpecs.read_range.category,
+            metadata: {
+                path: path.relative(this.root, absolutePath),
+                startLine,
+                endLine: Math.min(endLine, lines.length)
+            }
+        };
+    }
+    async fileInfo(requestedPath) {
+        if (!requestedPath) {
+            return denied("file_info requires a path.", "file_info");
+        }
+        if (isSensitivePath(requestedPath)) {
+            return denied(`file_info denied sensitive path: ${requestedPath}`, "file_info");
+        }
+        const absolutePath = await this.resolveReadPath(requestedPath);
+        const fileStat = await stat(absolutePath);
+        const relativePath = path.relative(this.root, absolutePath);
+        return {
+            ok: true,
+            summary: `inspected ${relativePath}`,
+            content: [
+                `path: ${relativePath}`,
+                `type: ${fileStat.isDirectory() ? "directory" : fileStat.isFile() ? "file" : "other"}`,
+                `size: ${fileStat.size} bytes`,
+                `modified: ${fileStat.mtime.toISOString()}`
+            ].join("\n"),
+            tool: "file_info",
+            category: toolSpecs.file_info.category,
+            metadata: {
+                path: relativePath,
+                size: fileStat.size,
+                modifiedAt: fileStat.mtime.toISOString()
+            }
         };
     }
     async inspectDocument(requestedPath) {
@@ -198,7 +410,7 @@ export class WorkspaceTools {
         if (!query.trim()) {
             return denied("search_text requires a non-empty query.");
         }
-        const ripgrepResult = await searchTextWithRipgrep(this.root, query);
+        const ripgrepResult = await searchTextWithRipgrep(this.root, query, this.timeoutMs, this.signal);
         if (ripgrepResult) {
             return ripgrepResult;
         }
@@ -224,12 +436,20 @@ export class WorkspaceTools {
         return {
             ok: true,
             summary: `found ${matches.length} matches`,
-            content: matches.join("\n") || "No matches."
+            content: matches.join("\n") || "No matches.",
+            tool: "search_text",
+            category: toolSpecs.search_text.category
         };
     }
     async writeFile(requestedPath, content) {
         if (!this.allowWrite) {
-            return denied("write_file denied. Restart with --apply to allow workspace writes.");
+            const approval = await this.requestApproval("write_file", "write", {
+                path: requestedPath,
+                contentLength: content.length
+            }, `Write ${requestedPath} (${content.length} characters).`);
+            if (approval.decision === "deny") {
+                return denied("write_file denied by permission policy. Restart with --apply or approve the request in build mode.", "write_file", approval);
+            }
         }
         if (!requestedPath) {
             return denied("write_file requires a path.");
@@ -246,12 +466,153 @@ export class WorkspaceTools {
         return {
             ok: true,
             summary: `wrote ${path.relative(this.root, absolutePath)}`,
-            content: `Wrote ${content.length} characters.`
+            content: `Wrote ${content.length} characters.`,
+            tool: "write_file",
+            category: toolSpecs.write_file.category,
+            preview: `Write ${path.relative(this.root, absolutePath)}`
+        };
+    }
+    async gitStatus() {
+        const { stdout } = await execFileAsync("git", ["status", "--short", "--branch"], {
+            cwd: this.root,
+            timeout: Math.min(this.timeoutMs, 8000),
+            maxBuffer: 200_000,
+            signal: this.signal,
+            windowsHide: true
+        });
+        return {
+            ok: true,
+            summary: "read git status",
+            content: stdout.trim() || "No git status output.",
+            tool: "git_status",
+            category: toolSpecs.git_status.category
+        };
+    }
+    async gitDiff(requestedPath) {
+        const args = ["diff", "--"];
+        if (requestedPath.trim()) {
+            const absolutePath = this.resolveInsideWorkspace(requestedPath);
+            args.push(path.relative(this.root, absolutePath));
+        }
+        const { stdout } = await execFileAsync("git", args, {
+            cwd: this.root,
+            timeout: Math.min(this.timeoutMs, 8000),
+            maxBuffer: 1_000_000,
+            signal: this.signal,
+            windowsHide: true
+        });
+        return {
+            ok: true,
+            summary: stdout.trim() ? "read git diff" : "no git diff",
+            content: clip(stdout.trim() || "No changes.", 20_000),
+            tool: "git_diff",
+            category: toolSpecs.git_diff.category
+        };
+    }
+    async listChangedFiles() {
+        const { stdout } = await execFileAsync("git", ["status", "--porcelain"], {
+            cwd: this.root,
+            timeout: Math.min(this.timeoutMs, 8000),
+            maxBuffer: 200_000,
+            signal: this.signal,
+            windowsHide: true
+        });
+        const files = stdout
+            .split(/\r?\n/)
+            .map((line) => line.trimEnd())
+            .filter(Boolean);
+        return {
+            ok: true,
+            summary: `listed ${files.length} changed file${files.length === 1 ? "" : "s"}`,
+            content: files.join("\n") || "No changed files.",
+            tool: "list_changed_files",
+            category: toolSpecs.list_changed_files.category
+        };
+    }
+    async listScripts() {
+        const packageJsonPath = await this.resolveReadPath("package.json");
+        const packageJson = JSON.parse(await readFile(packageJsonPath, "utf8"));
+        const scripts = Object.entries(packageJson.scripts ?? {})
+            .filter((entry) => typeof entry[1] === "string")
+            .sort(([left], [right]) => left.localeCompare(right));
+        return {
+            ok: true,
+            summary: `listed ${scripts.length} package scripts`,
+            content: scripts.map(([name, command]) => `${name}: ${command}`).join("\n") || "No package scripts found.",
+            tool: "list_scripts",
+            category: toolSpecs.list_scripts.category
+        };
+    }
+    async applyPatch(patchContent) {
+        if (!patchContent.trim()) {
+            return denied("apply_patch requires a unified patch.", "apply_patch");
+        }
+        if (!this.allowWrite) {
+            const approval = await this.requestApproval("apply_patch", "write", {
+                patch: clip(patchContent, 1200)
+            }, previewPatch(patchContent));
+            if (approval.decision === "deny") {
+                return denied("apply_patch denied by permission policy.", "apply_patch", approval);
+            }
+        }
+        const output = await runGitApply(patchContent, this.root, this.timeoutMs, this.signal);
+        return {
+            ok: output.exitCode === 0,
+            summary: output.exitCode === 0 ? "applied patch" : `git apply exited ${output.exitCode}`,
+            content: clip(output.output || (output.exitCode === 0 ? "Patch applied." : "Patch failed."), 20_000),
+            tool: "apply_patch",
+            category: toolSpecs.apply_patch.category,
+            preview: previewPatch(patchContent)
+        };
+    }
+    async runScript(scriptName) {
+        const normalizedScript = scriptName.trim();
+        if (!/^[\w:.-]+$/.test(normalizedScript)) {
+            return denied("run_script requires a package script name such as test or build.", "run_script");
+        }
+        const scripts = await this.readPackageScripts();
+        if (!scripts[normalizedScript]) {
+            return denied(`package script not found: ${normalizedScript}`, "run_script");
+        }
+        if (!this.allowShell) {
+            const approval = await this.requestApproval("run_script", "shell", {
+                script: normalizedScript
+            }, `Run package script: npm run ${normalizedScript}`);
+            if (approval.decision === "deny") {
+                return denied("run_script denied by permission policy.", "run_script", approval);
+            }
+        }
+        const output = await runCommand(`npm run ${normalizedScript}`, this.root, this.timeoutMs, this.signal);
+        return {
+            ok: output.exitCode === 0,
+            summary: `npm run ${normalizedScript} exited ${output.exitCode}`,
+            content: clip(output.output, 20_000),
+            tool: "run_script",
+            category: toolSpecs.run_script.category,
+            preview: `npm run ${normalizedScript}`
+        };
+    }
+    async runTests() {
+        const scripts = await this.readPackageScripts();
+        if (!scripts.test) {
+            return denied("No package test script found.", "run_tests");
+        }
+        const result = await this.runScript("test");
+        return {
+            ...result,
+            tool: "run_tests",
+            category: toolSpecs.run_tests.category,
+            preview: "npm test"
         };
     }
     async runShell(command) {
         if (!this.allowShell) {
-            return denied("run_shell denied. Restart with --allow-shell to allow commands.");
+            const approval = await this.requestApproval("run_shell", "shell", {
+                command
+            }, `Run shell command: ${command}`);
+            if (approval.decision === "deny") {
+                return denied("run_shell denied by permission policy.", "run_shell", approval);
+            }
         }
         if (!command.trim()) {
             return denied("run_shell requires a command.");
@@ -264,7 +625,46 @@ export class WorkspaceTools {
         return {
             ok: output.exitCode === 0,
             summary: `command exited ${output.exitCode}`,
-            content: clip(output.output, 20_000)
+            content: clip(output.output, 20_000),
+            tool: "run_shell",
+            category: toolSpecs.run_shell.category,
+            preview: command
+        };
+    }
+    async readPackageScripts() {
+        const packageJsonPath = await this.resolveReadPath("package.json");
+        const packageJson = JSON.parse(await readFile(packageJsonPath, "utf8"));
+        return Object.fromEntries(Object.entries(packageJson.scripts ?? {}).filter((entry) => typeof entry[1] === "string"));
+    }
+    async requestApproval(tool, permission, args, preview) {
+        const spec = getToolSpec(tool);
+        const request = {
+            id: `${Date.now()}-${Math.random().toString(36).slice(2)}`,
+            tool,
+            permission,
+            risk: spec.risk,
+            preview,
+            arguments: args
+        };
+        if (this.sessionApprovals.has(permission)) {
+            return {
+                request,
+                decision: "allow_session"
+            };
+        }
+        if (!this.approvalHandler) {
+            return {
+                request,
+                decision: "deny"
+            };
+        }
+        const decision = await this.approvalHandler(request);
+        if (decision === "allow_session") {
+            this.sessionApprovals.add(permission);
+        }
+        return {
+            request,
+            decision
         };
     }
     async resolveReadPath(requestedPath) {
@@ -327,9 +727,10 @@ async function walkFiles(startPath, workspaceRoot, workspaceRealRoot, maxDepth,
     await visit(startPath, 0);
     return results;
 }
-async function searchTextWithRipgrep(workspaceRoot, query) {
+async function searchTextWithRipgrep(workspaceRoot, query, timeoutMs, signal) {
     const ignoreGlobs = [
         "!.git/**",
+        "!.patchpilot/**",
         "!node_modules/**",
         "!dist/**",
         "!coverage/**",
@@ -368,20 +769,31 @@ async function searchTextWithRipgrep(workspaceRoot, query) {
         ], {
             cwd: workspaceRoot,
             stdio: ["ignore", "pipe", "pipe"],
+            signal,
             windowsHide: true
         });
         let stdout = "";
         let stderr = "";
+        const timeout = setTimeout(() => {
+            child.kill();
+            resolve({
+                ok: false,
+                summary: "ripgrep search timed out",
+                content: `Search timed out after ${timeoutMs}ms. Narrow the query or path.`
+            });
+        }, timeoutMs);
         child.stdout.on("data", (chunk) => {
             stdout += chunk.toString("utf8");
         });
         child.stderr.on("data", (chunk) => {
             stderr += chunk.toString("utf8");
         });
-        child.on("error", () => {
-            resolve(null);
+        child.on("error", (error) => {
+            clearTimeout(timeout);
+            resolve(error.name === "AbortError" ? denied("ripgrep search aborted.") : null);
         });
         child.on("close", (exitCode) => {
+            clearTimeout(timeout);
             if (exitCode === 0 || exitCode === 1) {
                 const content = stdout.trim();
                 const lines = content ? content.split(/\r?\n/).slice(0, 80) : [];
@@ -458,9 +870,54 @@ function runCommand(command, cwd, timeoutMs, signal) {
         });
     });
 }
+function runGitApply(patchContent, cwd, timeoutMs, signal) {
+    return new Promise((resolve) => {
+        const child = spawn("git", ["apply", "--whitespace=nowarn", "-"], {
+            cwd,
+            signal,
+            windowsHide: true,
+            stdio: ["pipe", "pipe", "pipe"]
+        });
+        let output = "";
+        const timeout = setTimeout(() => {
+            output += `\nPatch timed out after ${timeoutMs}ms.`;
+            child.kill();
+        }, timeoutMs);
+        child.stdout.on("data", (chunk) => {
+            output += chunk.toString("utf8");
+        });
+        child.stderr.on("data", (chunk) => {
+            output += chunk.toString("utf8");
+        });
+        child.on("error", (error) => {
+            clearTimeout(timeout);
+            resolve({
+                exitCode: error.name === "AbortError" ? null : 1,
+                output: error.name === "AbortError" ? "Patch aborted." : error.message
+            });
+        });
+        child.on("close", (exitCode) => {
+            clearTimeout(timeout);
+            resolve({ exitCode, output });
+        });
+        child.stdin.end(patchContent);
+    });
+}
 function readString(value, fallback) {
     return typeof value === "string" ? value : fallback;
 }
+function readNumber(value, fallback) {
+    if (typeof value === "number" && Number.isFinite(value)) {
+        return Math.trunc(value);
+    }
+    if (typeof value === "string") {
+        const parsed = Number.parseInt(value, 10);
+        if (Number.isFinite(parsed)) {
+            return parsed;
+        }
+    }
+    return fallback;
+}
 function isPlaceholderPath(value) {
     const normalizedValue = value.trim().toLowerCase().replaceAll("\\", "/");
     return ["relative/path", "path/to/file", "file/path", "<path>", "<file>", "filename"].includes(normalizedValue);
@@ -472,11 +929,14 @@ function isSensitivePath(value) {
         .filter(Boolean)
         .some((part) => blockedPathNames.has(part.toLowerCase()));
 }
-function denied(message) {
+function denied(message, tool, approval) {
     return {
         ok: false,
         summary: message,
-        content: message
+        content: message,
+        tool,
+        category: tool ? toolSpecs[tool].category : undefined,
+        approval
     };
 }
 function isLikelyTextFile(filePath) {
@@ -586,6 +1046,18 @@ function clip(content, maxLength) {
     }
     return `${content.slice(0, maxLength)}\n...[clipped ${content.length - maxLength} chars]`;
 }
+function previewPatch(patchContent) {
+    const changedFiles = patchContent
+        .split(/\r?\n/)
+        .filter((line) => line.startsWith("+++ ") || line.startsWith("--- "))
+        .map((line) => line.slice(4).replace(/^a\//, "").replace(/^b\//, ""))
+        .filter((file) => file !== "/dev/null");
+    const uniqueFiles = [...new Set(changedFiles)].slice(0, 6);
+    const fileSummary = uniqueFiles.length > 0 ? uniqueFiles.join(", ") : "unknown files";
+    const added = patchContent.split(/\r?\n/).filter((line) => line.startsWith("+") && !line.startsWith("+++")).length;
+    const removed = patchContent.split(/\r?\n/).filter((line) => line.startsWith("-") && !line.startsWith("---")).length;
+    return `Apply patch to ${fileSummary} (+${added}/-${removed}).`;
+}
 function validateShellCommand(command) {
     const trimmedCommand = command.trim();
     if (/[;&|><`$\n\r]/.test(trimmedCommand)) {
@@ -596,9 +1068,19 @@ function validateShellCommand(command) {
         return "command is empty.";
     }
     const executable = stripQuotes(tokens[0] ?? "").toLowerCase();
+    const subcommand = stripQuotes(tokens[1] ?? "").toLowerCase();
     if (["bash", "sh", "zsh", "fish", "pwsh", "powershell", "powershell.exe", "python", "python3", "node", "ruby", "perl"].includes(executable)) {
         return `executable "${executable}" is blocked.`;
     }
+    if (["rm", "rmdir", "mv", "cp"].includes(executable) && tokens.some((token) => /^-.*[fRr]/.test(stripQuotes(token)))) {
+        return `destructive ${executable} flags are blocked.`;
+    }
+    if (executable === "git" && ["clean", "reset", "push", "checkout", "switch", "branch", "tag"].includes(subcommand)) {
+        return `git ${subcommand} is blocked in the shell tool.`;
+    }
+    if (executable === "npm" && ["publish", "unpublish", "dist-tag"].includes(subcommand)) {
+        return `npm ${subcommand} is blocked in the shell tool.`;
+    }
     for (const token of tokens.slice(1)) {
         const normalizedToken = stripQuotes(token);
         if (normalizedToken.startsWith("/") || normalizedToken.startsWith("~")) {