npm - codebot-ai - Versions diffs - 1.6.0 → 1.7.0 - Mend

codebot-ai 1.6.0 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/dist/agent.d.ts CHANGED Viewed

@@ -1,4 +1,7 @@
 import { Message, AgentEvent, LLMProvider } from './types';
+import { AuditLogger } from './audit';
+import { PolicyEnforcer } from './policy';
+import { TokenTracker } from './telemetry';
 export declare class Agent {
     private provider;
     private tools;
@@ -10,11 +13,14 @@ export declare class Agent {
     private cache;
     private rateLimiter;
     private auditLogger;
+    private policyEnforcer;
+    private tokenTracker;
     private askPermission;
     private onMessage?;
     constructor(opts: {
         provider: LLMProvider;
         model: string;
+        providerName?: string;
         maxIterations?: number;
         autoApprove?: boolean;
         askPermission?: (tool: string, args: Record<string, unknown>) => Promise<boolean>;
@@ -31,6 +37,12 @@ export declare class Agent {
         after: number;
     };
     getMessages(): Message[];
+    /** Get the token tracker for session summary / CLI display */
+    getTokenTracker(): TokenTracker;
+    /** Get the policy enforcer for inspection */
+    getPolicyEnforcer(): PolicyEnforcer;
+    /** Get the audit logger for verification */
+    getAuditLogger(): AuditLogger;
     /**
      * Validate and repair message history to prevent OpenAI 400 errors.
      * Handles three types of corruption:

package/dist/agent.js CHANGED Viewed

@@ -46,6 +46,8 @@ const plugins_1 = require("./plugins");
 const cache_1 = require("./cache");
 const rate_limiter_1 = require("./rate-limiter");
 const audit_1 = require("./audit");
+const policy_1 = require("./policy");
+const telemetry_1 = require("./telemetry");
 /** Lightweight schema validation — returns error string or null if valid */
 function validateToolArgs(args, schema) {
     const props = schema.properties;
@@ -100,6 +102,8 @@ class Agent {
     cache;
     rateLimiter;
     auditLogger;
+    policyEnforcer;
+    tokenTracker;
     askPermission;
     onMessage;
     constructor(opts) {
@@ -107,13 +111,21 @@ class Agent {
         this.model = opts.model;
         this.tools = new tools_1.ToolRegistry(process.cwd());
         this.context = new manager_1.ContextManager(opts.model, opts.provider);
-        this.maxIterations = opts.maxIterations || 25;
+        // Load policy
+        this.policyEnforcer = new policy_1.PolicyEnforcer((0, policy_1.loadPolicy)(process.cwd()), process.cwd());
+        // Use policy-defined max iterations as default, CLI overrides
+        this.maxIterations = opts.maxIterations || this.policyEnforcer.getMaxIterations();
         this.autoApprove = opts.autoApprove || false;
         this.askPermission = opts.askPermission || defaultAskPermission;
         this.onMessage = opts.onMessage;
         this.cache = new cache_1.ToolCache();
         this.rateLimiter = new rate_limiter_1.RateLimiter();
         this.auditLogger = new audit_1.AuditLogger();
+        // Token & cost tracking
+        this.tokenTracker = new telemetry_1.TokenTracker(opts.model, opts.providerName || 'unknown');
+        const costLimit = this.policyEnforcer.getCostLimitUsd();
+        if (costLimit > 0)
+            this.tokenTracker.setCostLimit(costLimit);
         // Load plugins
         try {
             const plugins = (0, plugins_1.loadPlugins)(process.cwd());
@@ -180,6 +192,10 @@ class Agent {
                             }
                             break;
                         case 'usage':
+                            // Track tokens and cost
+                            if (event.usage) {
+                                this.tokenTracker.recordUsage(event.usage.inputTokens || 0, event.usage.outputTokens || 0);
+                            }
                             yield { type: 'usage', usage: event.usage };
                             break;
                         case 'error':
@@ -231,6 +247,11 @@ class Agent {
                 yield { type: 'done' };
                 return;
             }
+            // Cost budget check: stop if over limit
+            if (this.tokenTracker.isOverBudget()) {
+                yield { type: 'error', error: `Cost limit exceeded ($${this.tokenTracker.getTotalCost().toFixed(4)} / $${this.policyEnforcer.getCostLimitUsd().toFixed(2)}). Stopping.` };
+                return;
+            }
             const prepared = [];
             for (const tc of toolCalls) {
                 const toolName = tc.function.name;
@@ -239,6 +260,13 @@ class Agent {
                     prepared.push({ tc, tool: null, args: {}, denied: false, error: `Error: Unknown tool "${toolName}"` });
                     continue;
                 }
+                // Policy check: is this tool allowed?
+                const policyCheck = this.policyEnforcer.isToolAllowed(toolName);
+                if (!policyCheck.allowed) {
+                    this.auditLogger.log({ tool: toolName, action: 'policy_block', args: {}, reason: policyCheck.reason });
+                    prepared.push({ tc, tool, args: {}, denied: false, error: `Error: ${policyCheck.reason}` });
+                    continue;
+                }
                 let args;
                 try {
                     args = JSON.parse(tc.function.arguments);
@@ -254,9 +282,11 @@ class Agent {
                     continue;
                 }
                 yield { type: 'tool_call', toolCall: { name: toolName, args } };
-                // Permission check (sequential — needs user interaction)
-                const needsPermission = tool.permission === 'always-ask' ||
-                    (tool.permission === 'prompt' && !this.autoApprove);
+                // Permission check: policy override > tool default
+                const policyPermission = this.policyEnforcer.getToolPermission(toolName);
+                const effectivePermission = policyPermission || tool.permission;
+                const needsPermission = effectivePermission === 'always-ask' ||
+                    (effectivePermission === 'prompt' && !this.autoApprove);
                 let denied = false;
                 if (needsPermission) {
                     const approved = await this.askPermission(toolName, args);
@@ -310,6 +340,11 @@ class Agent {
                     const output = await prep.tool.execute(prep.args);
                     // Audit log: successful execution
                     this.auditLogger.log({ tool: toolName, action: 'execute', args: prep.args, result: 'success' });
+                    // Telemetry: track tool calls and file modifications
+                    this.tokenTracker.recordToolCall();
+                    if ((toolName === 'write_file' || toolName === 'edit_file' || toolName === 'batch_edit') && prep.args.path) {
+                        this.tokenTracker.recordFileModified(prep.args.path);
+                    }
                     // Store in cache for cacheable tools
                     if (prep.tool.cacheable) {
                         const ttl = cache_1.ToolCache.TTL[toolName] || 30_000;
@@ -387,6 +422,18 @@ class Agent {
     getMessages() {
         return [...this.messages];
     }
+    /** Get the token tracker for session summary / CLI display */
+    getTokenTracker() {
+        return this.tokenTracker;
+    }
+    /** Get the policy enforcer for inspection */
+    getPolicyEnforcer() {
+        return this.policyEnforcer;
+    }
+    /** Get the audit logger for verification */
+    getAuditLogger() {
+        return this.auditLogger;
+    }
     /**
      * Validate and repair message history to prevent OpenAI 400 errors.
      * Handles three types of corruption:

package/dist/audit.d.ts CHANGED Viewed

@@ -1,39 +1,61 @@
 /**
- * Audit logger for CodeBot.
+ * Audit logger for CodeBot v1.7.0
  *
  * Provides append-only JSONL logging of all security-relevant actions.
  * Logs are stored at ~/.codebot/audit/audit-YYYY-MM-DD.jsonl
- * Masks secrets in args before writing.
+ *
+ * v1.7.0: Hash-chained entries for tamper detection.
+ * Each entry includes a SHA-256 hash of (prevHash + entry content).
+ * Verification walks the chain and detects any modifications.
+ *
  * NEVER throws — audit failures must not crash the agent.
  */
 export interface AuditEntry {
     timestamp: string;
     sessionId: string;
+    sequence: number;
     tool: string;
-    action: 'execute' | 'deny' | 'error' | 'security_block';
+    action: 'execute' | 'deny' | 'error' | 'security_block' | 'policy_block';
     args: Record<string, unknown>;
     result?: string;
     reason?: string;
+    prevHash: string;
+    hash: string;
+}
+/** Result of verifying an audit chain */
+export interface VerifyResult {
+    valid: boolean;
+    entriesChecked: number;
+    firstInvalidAt?: number;
+    reason?: string;
 }
 export declare class AuditLogger {
     private logDir;
     private sessionId;
+    private sequence;
+    private prevHash;
     constructor(logDir?: string);
-    /** Get the current session ID */
     getSessionId(): string;
-    /** Append an audit entry to the log file */
-    log(entry: Omit<AuditEntry, 'timestamp' | 'sessionId'>): void;
+    /** Append a hash-chained audit entry to the log file */
+    log(entry: Omit<AuditEntry, 'timestamp' | 'sessionId' | 'sequence' | 'prevHash' | 'hash'>): void;
     /** Read log entries, optionally filtered */
     query(filter?: {
         tool?: string;
         action?: string;
         since?: string;
+        sessionId?: string;
     }): AuditEntry[];
-    /** Get the path to today's log file */
+    /**
+     * Verify the hash chain integrity of audit entries.
+     * Walks through entries for a given session and checks each hash.
+     */
+    static verify(entries: AuditEntry[]): VerifyResult;
+    /**
+     * Verify all entries for a given session.
+     */
+    verifySession(sessionId?: string): VerifyResult;
     private getLogFilePath;
-    /** Rotate log file if it exceeds MAX_LOG_SIZE */
     private rotateIfNeeded;
-    /** Sanitize args for logging: mask secrets and truncate long values */
     private sanitizeArgs;
 }
 //# sourceMappingURL=audit.d.ts.map

package/dist/audit.js CHANGED Viewed

@@ -37,12 +37,16 @@ exports.AuditLogger = void 0;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const os = __importStar(require("os"));
+const crypto = __importStar(require("crypto"));
 const secrets_1 = require("./secrets");
 const MAX_LOG_SIZE = 10 * 1024 * 1024; // 10MB before rotation
-const MAX_ARG_LENGTH = 500; // Truncate long arg values for logging
+const MAX_ARG_LENGTH = 500;
+const GENESIS_HASH = 'genesis';
 class AuditLogger {
     logDir;
     sessionId;
+    sequence = 0;
+    prevHash = GENESIS_HASH;
     constructor(logDir) {
         this.logDir = logDir || path.join(os.homedir(), '.codebot', 'audit');
         this.sessionId = `${Date.now()}-${Math.random().toString(36).substring(2, 8)}`;
@@ -53,22 +57,32 @@ class AuditLogger {
             // Can't create dir — logging will be disabled
         }
     }
-    /** Get the current session ID */
     getSessionId() {
         return this.sessionId;
     }
-    /** Append an audit entry to the log file */
+    /** Append a hash-chained audit entry to the log file */
     log(entry) {
         try {
-            const fullEntry = {
+            this.sequence++;
+            // Build entry without hash first (hash is computed over the other fields)
+            const partial = {
                 timestamp: new Date().toISOString(),
                 sessionId: this.sessionId,
-                ...entry,
+                sequence: this.sequence,
+                tool: entry.tool,
+                action: entry.action,
                 args: this.sanitizeArgs(entry.args),
+                result: entry.result,
+                reason: entry.reason,
+                prevHash: this.prevHash,
             };
+            // Compute hash: SHA-256 of (prevHash + JSON of partial entry)
+            const hashInput = this.prevHash + JSON.stringify(partial);
+            const hash = crypto.createHash('sha256').update(hashInput).digest('hex');
+            const fullEntry = { ...partial, hash };
+            this.prevHash = hash;
             const logFile = this.getLogFilePath();
             const line = JSON.stringify(fullEntry) + '\n';
-            // Check if rotation is needed
             this.rotateIfNeeded(logFile);
             fs.appendFileSync(logFile, line, 'utf-8');
         }
@@ -96,6 +110,8 @@ class AuditLogger {
                             continue;
                         if (filter?.since && entry.timestamp < filter.since)
                             continue;
+                        if (filter?.sessionId && entry.sessionId !== filter.sessionId)
+                            continue;
                         entries.push(entry);
                     }
                     catch { /* skip malformed */ }
@@ -107,12 +123,72 @@ class AuditLogger {
         }
         return entries;
     }
-    /** Get the path to today's log file */
+    /**
+     * Verify the hash chain integrity of audit entries.
+     * Walks through entries for a given session and checks each hash.
+     */
+    static verify(entries) {
+        if (entries.length === 0) {
+            return { valid: true, entriesChecked: 0 };
+        }
+        // Sort by sequence
+        const sorted = [...entries].sort((a, b) => a.sequence - b.sequence);
+        for (let i = 0; i < sorted.length; i++) {
+            const entry = sorted[i];
+            // Check sequence continuity
+            if (i === 0 && entry.prevHash !== GENESIS_HASH) {
+                // First entry should reference genesis (unless it's a continuation)
+                // Allow non-genesis for continuation of previous sessions
+            }
+            // Recompute hash
+            const partial = {
+                timestamp: entry.timestamp,
+                sessionId: entry.sessionId,
+                sequence: entry.sequence,
+                tool: entry.tool,
+                action: entry.action,
+                args: entry.args,
+                result: entry.result,
+                reason: entry.reason,
+                prevHash: entry.prevHash,
+            };
+            const hashInput = entry.prevHash + JSON.stringify(partial);
+            const expectedHash = crypto.createHash('sha256').update(hashInput).digest('hex');
+            if (entry.hash !== expectedHash) {
+                return {
+                    valid: false,
+                    entriesChecked: i + 1,
+                    firstInvalidAt: entry.sequence,
+                    reason: `Hash mismatch at sequence ${entry.sequence}: expected ${expectedHash.substring(0, 16)}..., got ${entry.hash.substring(0, 16)}...`,
+                };
+            }
+            // Check chain continuity (sequence i+1 should reference sequence i's hash)
+            if (i < sorted.length - 1) {
+                const next = sorted[i + 1];
+                if (next.prevHash !== entry.hash) {
+                    return {
+                        valid: false,
+                        entriesChecked: i + 2,
+                        firstInvalidAt: next.sequence,
+                        reason: `Chain break at sequence ${next.sequence}: prevHash doesn't match previous entry's hash`,
+                    };
+                }
+            }
+        }
+        return { valid: true, entriesChecked: sorted.length };
+    }
+    /**
+     * Verify all entries for a given session.
+     */
+    verifySession(sessionId) {
+        const sid = sessionId || this.sessionId;
+        const entries = this.query({ sessionId: sid });
+        return AuditLogger.verify(entries);
+    }
     getLogFilePath() {
-        const date = new Date().toISOString().split('T')[0]; // YYYY-MM-DD
+        const date = new Date().toISOString().split('T')[0];
         return path.join(this.logDir, `audit-${date}.jsonl`);
     }
-    /** Rotate log file if it exceeds MAX_LOG_SIZE */
     rotateIfNeeded(logFile) {
         try {
             if (!fs.existsSync(logFile))
@@ -127,7 +203,6 @@ class AuditLogger {
             // Rotation failure is non-fatal
         }
     }
-    /** Sanitize args for logging: mask secrets and truncate long values */
     sanitizeArgs(args) {
         const sanitized = {};
         for (const [key, value] of Object.entries(args)) {
@@ -139,7 +214,6 @@ class AuditLogger {
                 sanitized[key] = masked;
             }
             else if (typeof value === 'object' && value !== null) {
-                // For objects/arrays, stringify and mask
                 const str = JSON.stringify(value);
                 const masked = (0, secrets_1.maskSecretsInString)(str);
                 sanitized[key] = masked.length > MAX_ARG_LENGTH