@trac3r/oh-my-god 2.2.11

package/runtime/policy_pack_loader.py

@@ -0,0 +1,147 @@
+from __future__ import annotations
+
+from pathlib import Path
+from typing import Literal, TypedDict, cast
+
+import yaml
+
+from runtime.canonical_taxonomy import CANONICAL_PRESETS, POLICY_PACK_IDS, RELEASE_CHANNELS, SUBSCRIPTION_TIERS
+
+
+class PolicyPack(TypedDict):
+    id: str
+    description: str
+    tool_restrictions: list[str]
+    network_posture: Literal["open", "restricted", "airgapped"]
+    approval_threshold: int
+    protected_paths: list[str]
+    evidence_requirements: list[str]
+    data_sharing: Literal["allowed", "restricted", "prohibited"]
+
+
+_PACKS_DIR = Path(__file__).resolve().parent.parent / "registry" / "policy-packs"
+_REQUIRED_FIELDS = (
+    "id",
+    "description",
+    "tool_restrictions",
+    "network_posture",
+    "approval_threshold",
+    "protected_paths",
+    "evidence_requirements",
+    "data_sharing",
+)
+_VALID_NETWORK_POSTURES = {"open", "restricted", "airgapped"}
+_VALID_DATA_SHARING = {"allowed", "restricted", "prohibited"}
+
+
+def list_policy_packs() -> list[str]:
+    if not _PACKS_DIR.exists():
+        return []
+    return sorted(path.stem for path in _PACKS_DIR.glob("*.yaml"))
+
+
+def load_policy_pack(pack_id: str) -> PolicyPack:
+    normalized_pack_id = str(pack_id).strip()
+    # Validate pack_id against canonical list BEFORE constructing a file path
+    # to prevent path traversal via crafted pack_id values.
+    if normalized_pack_id not in POLICY_PACK_IDS:
+        raise ValueError(f"unknown policy pack id: {normalized_pack_id}")
+    path = _PACKS_DIR / f"{normalized_pack_id}.yaml"
+    if not path.exists():
+        raise FileNotFoundError(f"policy pack not found: {normalized_pack_id}")
+
+    parsed_pack = cast(object, yaml.safe_load(path.read_text(encoding="utf-8")))
+    raw_pack = _coerce_string_key_dict(parsed_pack)
+    if raw_pack is None:
+        raise ValueError(f"policy pack must be a mapping: {path}")
+
+    errors = validate_policy_pack(raw_pack)
+    if errors:
+        raise ValueError(f"invalid policy pack {normalized_pack_id}: {'; '.join(errors)}")
+
+    return {
+        "id": cast(str, raw_pack["id"]),
+        "description": cast(str, raw_pack["description"]),
+        "tool_restrictions": cast(list[str], raw_pack["tool_restrictions"]),
+        "network_posture": cast(Literal["open", "restricted", "airgapped"], raw_pack["network_posture"]),
+        "approval_threshold": cast(int, raw_pack["approval_threshold"]),
+        "protected_paths": cast(list[str], raw_pack["protected_paths"]),
+        "evidence_requirements": cast(list[str], raw_pack["evidence_requirements"]),
+        "data_sharing": cast(Literal["allowed", "restricted", "prohibited"], raw_pack["data_sharing"]),
+    }
+
+
+def validate_policy_pack(pack: dict[str, object]) -> list[str]:
+    errors: list[str] = []
+
+    for field in _REQUIRED_FIELDS:
+        if field not in pack:
+            errors.append(f"missing required field: {field}")
+
+    pack_id = str(pack.get("id", "")).strip()
+    if not pack_id:
+        errors.append("id must be a non-empty string")
+    else:
+        if pack_id in CANONICAL_PRESETS:
+            errors.append(f"id collides with canonical preset: {pack_id}")
+        if pack_id in RELEASE_CHANNELS:
+            errors.append(f"id collides with release channel: {pack_id}")
+        if pack_id in SUBSCRIPTION_TIERS:
+            errors.append(f"id collides with subscription tier: {pack_id}")
+        if pack_id not in POLICY_PACK_IDS:
+            errors.append(f"id is not a canonical policy pack id: {pack_id}")
+
+    description = pack.get("description")
+    if not isinstance(description, str) or not description.strip():
+        errors.append("description must be a non-empty string")
+
+    tool_restrictions = pack.get("tool_restrictions")
+    if not _is_string_list(tool_restrictions):
+        errors.append("tool_restrictions must be a list[str]")
+
+    network_posture = pack.get("network_posture")
+    if network_posture not in _VALID_NETWORK_POSTURES:
+        errors.append("network_posture must be one of: open, restricted, airgapped")
+
+    approval_threshold = pack.get("approval_threshold")
+    if not isinstance(approval_threshold, int):
+        errors.append("approval_threshold must be an int")
+    elif approval_threshold < 1:
+        errors.append("approval_threshold must be >= 1")
+
+    protected_paths = pack.get("protected_paths")
+    if not _is_string_list(protected_paths):
+        errors.append("protected_paths must be a list[str]")
+
+    evidence_requirements = pack.get("evidence_requirements")
+    if not _is_string_list(evidence_requirements):
+        errors.append("evidence_requirements must be a list[str]")
+
+    data_sharing = pack.get("data_sharing")
+    if data_sharing not in _VALID_DATA_SHARING:
+        errors.append("data_sharing must be one of: allowed, restricted, prohibited")
+
+    return errors
+
+
+def _is_string_list(value: object) -> bool:
+    if not isinstance(value, list):
+        return False
+    items = cast(list[object], value)
+    for item in items:
+        if not isinstance(item, str):
+            return False
+    return True
+
+
+def _coerce_string_key_dict(value: object) -> dict[str, object] | None:
+    if not isinstance(value, dict):
+        return None
+
+    source = cast(dict[object, object], value)
+    result: dict[str, object] = {}
+    for key, item in source.items():
+        if not isinstance(key, str):
+            return None
+        result[key] = item
+    return result

package/runtime/preflight.py

@@ -0,0 +1,135 @@
+"""Structured preflight routing for OMG."""
+from __future__ import annotations
+
+import importlib
+from runtime.canonical_surface import DOMAIN_DEFAULTS, RELEASE_SURFACE_LABELS
+from runtime.delta_classifier import classify_project_changes
+from runtime.tracebank import record_trace
+from typing import Any
+
+
+_HIGH_RISK_DELTA_TOKENS = (
+    "auth",
+    "payment",
+    "billing",
+    "checkout",
+    "db",
+    "database",
+    "schema",
+    "migration",
+    "infra",
+    "terraform",
+    ".tf",
+    "helm",
+    "k8s",
+    "docker",
+    "manifest",
+    "manifests",
+    "package.json",
+    "requirements.txt",
+    "pyproject.toml",
+    "cargo.toml",
+    "go.mod",
+    "gemfile",
+    "policy",
+    "policies",
+    "config",
+    "configs",
+)
+
+_ROUTES = RELEASE_SURFACE_LABELS["routes"]
+_PREFLIGHT_DOMAIN_PACKS = set(DOMAIN_DEFAULTS["preflight_domain_packs"])
+
+
+def run_preflight(project_dir: str, *, goal: str) -> dict[str, Any]:
+    lowered = goal.lower()
+    task_class = "implementation"
+    risk_class = "medium"
+    route = _ROUTES["teams"]
+    delta = classify_project_changes(project_dir, goal=goal)
+    categories = set(delta["categories"])
+    requires_security_check = _requires_security_check(delta)
+    domain_packs = [category for category in delta["categories"] if category in _PREFLIGHT_DOMAIN_PACKS]
+    evidence_requirements = _requirements_for_profile(delta.get("evidence_profile"))
+
+    if requires_security_check:
+        task_class = "security"
+        risk_class = "high"
+        route = _ROUTES["security_check"]
+    elif categories & {"api"} or any(token in lowered for token in ("openapi", "swagger", "postman", "contract", "fixture", "replay")):
+        task_class = "contract"
+        route = _ROUTES["api_twin"]
+    elif any(token in lowered for token in ("auth", "secret", "security", "token", "injection")):
+        task_class = "security"
+        risk_class = "high"
+        route = _ROUTES["security_check"]
+    elif any(token in lowered for token in ("full stack", "frontend and backend", "dashboard", "orchestrate")):
+        task_class = "orchestration"
+        risk_class = "high"
+        route = _ROUTES["crazy"]
+
+    trace = record_trace(
+        project_dir,
+        trace_type="preflight",
+        route=route,
+        status="ok",
+        plan={"goal": goal, "delta_categories": delta["categories"]},
+        verify={"risk_class": risk_class},
+    )
+
+    return {
+        "schema": "PreflightResult",
+        "project_dir": project_dir,
+        "goal": goal,
+        "task_class": task_class,
+        "risk_class": risk_class,
+        "route": route,
+        "requires_security_check": requires_security_check,
+        "required_tools": _required_tools(route),
+        "required_mcps": ["omg-control"] if route in {_ROUTES["security_check"], _ROUTES["api_twin"], _ROUTES["crazy"]} else [],
+        "missing_constraints": [],
+        "evidence_plan": _evidence_plan(route),
+        "evidence_requirements": evidence_requirements,
+        "delta_classification": delta,
+        "domain_packs": domain_packs,
+        "trace": {"trace_id": trace["trace_id"], "path": trace["path"]},
+    }
+
+
+def _requires_security_check(delta: dict[str, Any]) -> bool:
+    categories = {str(item).lower() for item in delta.get("categories", [])}
+    if categories & {"auth", "payment", "db", "infra", "compliance", "health", "security"}:
+        return True
+
+    touched_files = [str(path).lower() for path in delta.get("touched_files", [])]
+    for file_path in touched_files:
+        if any(token in file_path for token in _HIGH_RISK_DELTA_TOKENS):
+            return True
+    return False
+
+
+def _requirements_for_profile(evidence_profile: str | None) -> list[str]:
+    module = importlib.import_module("runtime.evidence_requirements")
+    resolver = getattr(module, "requirements_for_profile", None)
+    if callable(resolver):
+        resolved = resolver(evidence_profile)
+        if isinstance(resolved, (list, tuple, set)):
+            return [str(item) for item in resolved]
+    full = getattr(module, "FULL_REQUIREMENTS", [])
+    return [str(item) for item in full]
+
+
+def _required_tools(route: str) -> list[str]:
+    return {
+        _ROUTES["security_check"]: ["security"],
+        _ROUTES["api_twin"]: ["api-twin"],
+        _ROUTES["crazy"]: ["teams", "ccg"],
+    }.get(route, [_ROUTES["teams"]])
+
+
+def _evidence_plan(route: str) -> list[str]:
+    return {
+        _ROUTES["security_check"]: ["security findings", "provenance"],
+        _ROUTES["api_twin"]: ["fixture fidelity", "live verification"],
+        _ROUTES["crazy"]: ["verification output", "evidence pack"],
+    }.get(route, ["verification output"])

package/runtime/profile_io.py

@@ -0,0 +1,328 @@
+"""Canonical profile I/O — single owner of profile.yaml read/write/version.
+
+All profile consumers should use this module to load and persist profile data.
+``profile_version`` is derived from a canonical key-sorted JSON hash of the
+parsed dict, never from raw file text.
+"""
+
+from __future__ import annotations
+
+import hashlib
+import json
+import os
+from typing import Any
+
+import yaml
+
+
+def load_profile(path: str) -> dict[str, Any]:
+    """Load a profile from *path*, returning a dict.
+
+    Handles both YAML and JSON-shaped content transparently (backward compat).
+    Returns ``{}`` when the file is missing or unreadable.
+    """
+    if not os.path.exists(path):
+        return {}
+    try:
+        with open(path, "r", encoding="utf-8", errors="replace") as fh:
+            payload = yaml.safe_load(fh)
+    except Exception:
+        return {}
+    if isinstance(payload, dict):
+        return payload
+    return {}
+
+
+def save_profile(path: str, data: dict[str, Any]) -> None:
+    """Persist *data* as canonical YAML to *path*.
+
+    Creates parent directories when needed.  Output is always YAML (never JSON)
+    so that ``profile_version_from_map`` produces a deterministic hash
+    regardless of how the file was previously written.
+
+    Uses an internal serializer that correctly round-trips empty collections
+    as ``[]`` / ``{}`` instead of bare ``key:`` (which the project yaml shim
+    parses back as ``None``).
+    """
+    parent = os.path.dirname(path)
+    if parent:
+        os.makedirs(parent, exist_ok=True)
+    dumped = "\n".join(_dump_lines(data, 0)) + "\n"
+    with open(path, "w", encoding="utf-8") as fh:
+        fh.write(dumped)
+
+
+def profile_version_from_map(data: dict[str, Any]) -> str:
+    """Derive a deterministic version string from a parsed profile dict.
+
+    The version is the full SHA-256 hex digest of the canonical key-sorted
+    JSON representation.  This is independent of on-disk formatting (JSON
+    vs YAML, whitespace, key ordering).
+    """
+    canonical = json.dumps(data, sort_keys=True, ensure_ascii=True)
+    return hashlib.sha256(canonical.encode("utf-8")).hexdigest()
+
+
+# ---------------------------------------------------------------------------
+# Internal YAML serializer — mirrors the project yaml shim's ``_dump_lines``
+# but renders empty collections as ``[]`` / ``{}`` so that ``yaml.safe_load``
+# round-trips them correctly.
+# ---------------------------------------------------------------------------
+
+_YAML_SPECIAL_WORDS = frozenset(
+    ("true", "false", "null", "yes", "no", "on", "off")
+)
+_YAML_SPECIAL_CHARS = set(":#{}[],&*?|>!%@`\"'")
+
+
+def _dump_scalar(value: object) -> str:
+    """Serialize a scalar to a YAML-safe string."""
+    if value is None:
+        return "null"
+    if isinstance(value, bool):
+        return "true" if value else "false"
+    if isinstance(value, (int, float)):
+        return str(value)
+    text = str(value)
+    if (
+        text.lower() in _YAML_SPECIAL_WORDS
+        or text != text.strip()
+        or any(ch in _YAML_SPECIAL_CHARS for ch in text)
+        or not text
+        or _looks_numeric(text)
+    ):
+        return json.dumps(text, ensure_ascii=False)
+    return text
+
+
+def _looks_numeric(text: str) -> bool:
+    """Return True if *text* would be parsed as a number by yaml.safe_load."""
+    try:
+        float(text)
+        return True
+    except (TypeError, ValueError):
+        return False
+
+
+def _dump_lines(value: object, indent: int) -> list[str]:
+    """Recursively serialize *value* to a list of YAML lines."""
+    prefix = " " * indent
+    if isinstance(value, dict):
+        if not value:
+            return [f"{prefix}{{}}"]
+        lines: list[str] = []
+        for key, item in value.items():
+            if isinstance(item, dict):
+                if not item:
+                    lines.append(f"{prefix}{key}: {{}}")
+                else:
+                    lines.append(f"{prefix}{key}:")
+                    lines.extend(_dump_lines(item, indent + 2))
+            elif isinstance(item, list):
+                if not item:
+                    lines.append(f"{prefix}{key}: []")
+                else:
+                    lines.append(f"{prefix}{key}:")
+                    lines.extend(_dump_lines(item, indent + 2))
+            else:
+                lines.append(f"{prefix}{key}: {_dump_scalar(item)}")
+        return lines
+    if isinstance(value, list):
+        if not value:
+            return [f"{prefix}[]"]
+        lines = []
+        for item in value:
+            if isinstance(item, dict):
+                nested = _dump_lines(item, indent + 2)
+                if nested:
+                    first = nested[0].strip()
+                    lines.append(f"{prefix}- {first}")
+                    lines.extend(nested[1:])
+                else:
+                    lines.append(f"{prefix}- {{}}")
+            elif isinstance(item, list):
+                lines.append(f"{prefix}-")
+                lines.extend(_dump_lines(item, indent + 2))
+            else:
+                lines.append(f"{prefix}- {_dump_scalar(item)}")
+        return lines
+    return [f"{prefix}{_dump_scalar(value)}"]
+
+
+_GOVERNED_SECTIONS = ("style", "safety")
+_GOVERNED_CONFIRMATION_STATES = ("confirmed", "pending_confirmation", "inferred")
+
+
+def classify_preference_section(field: str, value: str) -> str:
+    token = f"{field} {value}".lower()
+    if "safety" in token or "guardrail" in token or "override" in token:
+        return "safety"
+    return "style"
+
+
+def is_destructive_preference(field: str, value: str) -> bool:
+    token = f"{field} {value}".lower()
+    destructive_tokens = (
+        "disable",
+        "off",
+        "bypass",
+        "ignore",
+        "override",
+        "unsafe",
+        "no_guard",
+        "no guard",
+    )
+    return any(piece in token for piece in destructive_tokens)
+
+
+def ensure_governed_preferences(profile: dict[str, Any]) -> None:
+    governed_obj = profile.get("governed_preferences")
+    governed = governed_obj if isinstance(governed_obj, dict) else {}
+    for section in _GOVERNED_SECTIONS:
+        raw_entries = governed.get(section)
+        if not isinstance(raw_entries, list):
+            governed[section] = []
+            continue
+        normalized: list[dict[str, Any]] = []
+        for raw in raw_entries:
+            if not isinstance(raw, dict):
+                continue
+            entry = _normalize_governed_entry(raw, section)
+            if entry is not None:
+                normalized.append(entry)
+        governed[section] = normalized
+    profile["governed_preferences"] = governed
+
+
+def upsert_governed_preference(
+    profile: dict[str, Any],
+    *,
+    field: str,
+    value: str,
+    source: str,
+    learned_at: str,
+    updated_at: str,
+    section: str,
+    confirmation_state: str,
+    decay_metadata: dict[str, Any] | None,
+) -> None:
+    ensure_governed_preferences(profile)
+    governed = profile["governed_preferences"]
+    if not isinstance(governed, dict):
+        return
+    target = governed.get(section)
+    if not isinstance(target, list):
+        target = []
+
+    match_index = -1
+    for idx, raw_entry in enumerate(target):
+        if not isinstance(raw_entry, dict):
+            continue
+        if str(raw_entry.get("field", "")).strip() == field and str(raw_entry.get("value", "")).strip() == value:
+            match_index = idx
+            break
+
+    baseline: dict[str, Any] = {
+        "field": field,
+        "value": value,
+        "source": source,
+        "learned_at": learned_at,
+        "updated_at": updated_at,
+        "section": section,
+        "confirmation_state": confirmation_state,
+    }
+    if section == "style" and decay_metadata is not None:
+        baseline["decay_metadata"] = decay_metadata
+
+    if match_index == -1:
+        target.append(baseline)
+    else:
+        existing = target[match_index]
+        if isinstance(existing, dict):
+            baseline["learned_at"] = str(existing.get("learned_at", learned_at)).strip() or learned_at
+        target[match_index] = baseline
+
+    governed[section] = target
+
+
+def _normalize_governed_entry(raw: dict[str, Any], section: str) -> dict[str, Any] | None:
+    field = str(raw.get("field", "")).strip()
+    value = " ".join(str(raw.get("value", "")).strip().split())
+    source = str(raw.get("source", "")).strip()
+    learned_at = str(raw.get("learned_at", "")).strip()
+    updated_at = str(raw.get("updated_at", "")).strip()
+    section_raw = str(raw.get("section", section)).strip().lower()
+    confirmation_state = str(raw.get("confirmation_state", "")).strip().lower()
+
+    if not (field and value and source and learned_at and updated_at):
+        return None
+    if section_raw not in _GOVERNED_SECTIONS:
+        return None
+    if confirmation_state not in _GOVERNED_CONFIRMATION_STATES:
+        return None
+
+    out: dict[str, Any] = {
+        "field": field,
+        "value": value,
+        "source": source,
+        "learned_at": learned_at,
+        "updated_at": updated_at,
+        "section": section_raw,
+        "confirmation_state": confirmation_state,
+    }
+
+    if section_raw == "style" and confirmation_state == "inferred":
+        decay_raw = raw.get("decay_metadata")
+        decay = decay_raw if isinstance(decay_raw, dict) else {}
+        out["decay_metadata"] = {
+            "decay_score": _coerce_decay_score(decay.get("decay_score", 0.0)),
+            "last_seen_at": str(decay.get("last_seen_at", updated_at)).strip() or updated_at,
+            "decay_reason": str(decay.get("decay_reason", "inferred_signal")).strip() or "inferred_signal",
+        }
+    return out
+
+
+def _coerce_decay_score(raw: Any) -> float:
+    try:
+        score = float(raw)
+    except (TypeError, ValueError):
+        score = 0.0
+    if score < 0.0:
+        return 0.0
+    if score > 1.0:
+        return 1.0
+    return round(score, 3)
+
+
+def assess_profile_risk(profile: dict[str, Any]) -> dict[str, Any]:
+    governed_obj = profile.get("governed_preferences")
+    governed = governed_obj if isinstance(governed_obj, dict) else {}
+
+    style_entries = governed.get("style", [])
+    style_entries = style_entries if isinstance(style_entries, list) else []
+    safety_entries = governed.get("safety", [])
+    safety_entries = safety_entries if isinstance(safety_entries, list) else []
+
+    destructive: list[dict[str, Any]] = []
+    pending = 0
+
+    for entry in style_entries + safety_entries:
+        if not isinstance(entry, dict):
+            continue
+        field = str(entry.get("field", ""))
+        value = str(entry.get("value", ""))
+        if is_destructive_preference(field, value):
+            destructive.append(entry)
+        if str(entry.get("confirmation_state", "")).strip() == "pending_confirmation":
+            pending += 1
+
+    risk_level = "low"
+    if destructive or pending > 0:
+        risk_level = "high" if destructive else "medium"
+
+    return {
+        "risk_level": risk_level,
+        "destructive_entries": destructive,
+        "pending_confirmations": pending,
+        "requires_review": risk_level in ("medium", "high"),
+    }