codebot-ai 1.6.0 → 1.8.0

package/dist/replay.js

@@ -0,0 +1,196 @@
+"use strict";
+/**
+ * Session Replay Engine for CodeBot v1.8.0
+ *
+ * Replays saved sessions by feeding recorded assistant responses
+ * instead of calling the LLM. Tool calls are re-executed and outputs
+ * compared against recorded results to detect environment divergences.
+ *
+ * Usage:
+ *   codebot --replay <session-id>
+ *   codebot --replay              (replays latest session)
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ReplayProvider = void 0;
+exports.loadSessionForReplay = loadSessionForReplay;
+exports.compareOutputs = compareOutputs;
+exports.listReplayableSessions = listReplayableSessions;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const os = __importStar(require("os"));
+// ── Replay Provider ──
+/**
+ * Mock LLM provider that feeds recorded assistant messages.
+ * Used during replay to bypass actual LLM calls.
+ */
+class ReplayProvider {
+    name = 'replay';
+    assistantMessages;
+    callIndex = 0;
+    constructor(assistantMessages) {
+        this.assistantMessages = assistantMessages;
+    }
+    async *chat(_messages, _tools) {
+        const msg = this.assistantMessages[this.callIndex++];
+        if (!msg) {
+            yield { type: 'text', text: '[replay: no more recorded responses]' };
+            yield { type: 'done' };
+            return;
+        }
+        // Emit text content
+        if (msg.content) {
+            yield { type: 'text', text: msg.content };
+        }
+        // Emit tool calls
+        if (msg.tool_calls) {
+            for (const tc of msg.tool_calls) {
+                yield {
+                    type: 'tool_call_end',
+                    toolCall: tc,
+                };
+            }
+        }
+        yield { type: 'done' };
+    }
+}
+exports.ReplayProvider = ReplayProvider;
+/**
+ * Load a session from disk and prepare it for replay.
+ * Returns null if session doesn't exist or is empty.
+ */
+function loadSessionForReplay(sessionId) {
+    const sessionsDir = path.join(os.homedir(), '.codebot', 'sessions');
+    const filePath = path.join(sessionsDir, `${sessionId}.jsonl`);
+    if (!fs.existsSync(filePath))
+        return null;
+    let content;
+    try {
+        content = fs.readFileSync(filePath, 'utf-8').trim();
+    }
+    catch {
+        return null;
+    }
+    if (!content)
+        return null;
+    const messages = [];
+    for (const line of content.split('\n')) {
+        try {
+            const obj = JSON.parse(line);
+            delete obj._ts;
+            delete obj._model;
+            delete obj._sig;
+            messages.push(obj);
+        }
+        catch {
+            continue;
+        }
+    }
+    if (messages.length === 0)
+        return null;
+    const assistantMessages = messages.filter(m => m.role === 'assistant');
+    const userMessages = messages.filter(m => m.role === 'user');
+    const toolResults = new Map();
+    for (const msg of messages) {
+        if (msg.role === 'tool' && msg.tool_call_id) {
+            toolResults.set(msg.tool_call_id, msg.content);
+        }
+    }
+    return { messages, assistantMessages, userMessages, toolResults };
+}
+/**
+ * Compare recorded vs actual tool output.
+ * Returns null if identical, or a diff description.
+ */
+function compareOutputs(recorded, actual) {
+    if (recorded === actual)
+        return null;
+    // Normalize whitespace for soft comparison
+    const normRecorded = recorded.trim().replace(/\s+/g, ' ');
+    const normActual = actual.trim().replace(/\s+/g, ' ');
+    if (normRecorded === normActual)
+        return null;
+    const maxShow = 200;
+    const expectedSnippet = normRecorded.length > maxShow
+        ? normRecorded.substring(0, maxShow) + '...'
+        : normRecorded;
+    const actualSnippet = normActual.length > maxShow
+        ? normActual.substring(0, maxShow) + '...'
+        : normActual;
+    return `Expected: ${expectedSnippet}\nActual:   ${actualSnippet}`;
+}
+// ── Session Listing ──
+/**
+ * List sessions available for replay.
+ */
+function listReplayableSessions(limit = 10) {
+    const sessionsDir = path.join(os.homedir(), '.codebot', 'sessions');
+    if (!fs.existsSync(sessionsDir))
+        return [];
+    const files = fs.readdirSync(sessionsDir)
+        .filter(f => f.endsWith('.jsonl'))
+        .map(f => {
+        const stat = fs.statSync(path.join(sessionsDir, f));
+        return { name: f, mtime: stat.mtime };
+    })
+        .sort((a, b) => b.mtime.getTime() - a.mtime.getTime())
+        .slice(0, limit);
+    return files.map(f => {
+        const id = f.name.replace('.jsonl', '');
+        const fullPath = path.join(sessionsDir, f.name);
+        try {
+            const content = fs.readFileSync(fullPath, 'utf-8').trim();
+            const lines = content ? content.split('\n') : [];
+            let preview = '';
+            for (const line of lines) {
+                try {
+                    const msg = JSON.parse(line);
+                    if (msg.role === 'user') {
+                        preview = msg.content.substring(0, 80);
+                        break;
+                    }
+                }
+                catch {
+                    continue;
+                }
+            }
+            return { id, preview, messageCount: lines.length, date: f.mtime.toISOString() };
+        }
+        catch {
+            return { id, preview: '', messageCount: 0, date: f.mtime.toISOString() };
+        }
+    });
+}
+//# sourceMappingURL=replay.js.map

package/dist/sandbox.d.ts

@@ -0,0 +1,65 @@
+/**
+ * Docker Sandbox Execution for CodeBot v1.7.0
+ *
+ * Runs shell commands inside disposable Docker containers for isolation.
+ * Features:
+ * - Read-only root filesystem
+ * - Project directory mounted read-write
+ * - No network by default (configurable)
+ * - CPU, memory, PID limits
+ * - Automatic container cleanup
+ * - Graceful fallback to host execution when Docker unavailable
+ */
+export interface SandboxConfig {
+    /** Max CPU cores (default: 2) */
+    cpus?: number;
+    /** Max memory in MB (default: 512) */
+    memoryMb?: number;
+    /** Max PIDs in container (default: 100) */
+    pidsLimit?: number;
+    /** Allow network access (default: false) */
+    network?: boolean;
+    /** Timeout in ms (default: 120000) */
+    timeoutMs?: number;
+    /** Working directory inside container (default: /workspace) */
+    workDir?: string;
+    /** Docker image to use (default: node:20-slim) */
+    image?: string;
+}
+export interface SandboxResult {
+    stdout: string;
+    stderr: string;
+    exitCode: number;
+    sandboxed: boolean;
+}
+/** Check if Docker is installed and the daemon is running */
+export declare function isDockerAvailable(): boolean;
+/** Reset the cached Docker availability check (for testing) */
+export declare function resetDockerCheck(): void;
+/**
+ * Execute a command inside a Docker sandbox.
+ *
+ * The project directory is mounted at /workspace (read-write).
+ * Root filesystem is read-only. /tmp is tmpfs (100MB).
+ * Network is disabled by default.
+ *
+ * Falls back to host execution if Docker is unavailable.
+ */
+export declare function sandboxExec(command: string, projectDir: string, config?: SandboxConfig): SandboxResult;
+/**
+ * Build or pull the sandbox Docker image.
+ * Call this during `codebot --setup` or first sandbox use.
+ */
+export declare function ensureSandboxImage(image?: string): {
+    ready: boolean;
+    error?: string;
+};
+/**
+ * Get a summary of sandbox configuration for display.
+ */
+export declare function getSandboxInfo(): {
+    available: boolean;
+    image: string;
+    defaults: SandboxConfig;
+};
+//# sourceMappingURL=sandbox.d.ts.map

package/dist/sandbox.js

@@ -0,0 +1,214 @@
+"use strict";
+/**
+ * Docker Sandbox Execution for CodeBot v1.7.0
+ *
+ * Runs shell commands inside disposable Docker containers for isolation.
+ * Features:
+ * - Read-only root filesystem
+ * - Project directory mounted read-write
+ * - No network by default (configurable)
+ * - CPU, memory, PID limits
+ * - Automatic container cleanup
+ * - Graceful fallback to host execution when Docker unavailable
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isDockerAvailable = isDockerAvailable;
+exports.resetDockerCheck = resetDockerCheck;
+exports.sandboxExec = sandboxExec;
+exports.ensureSandboxImage = ensureSandboxImage;
+exports.getSandboxInfo = getSandboxInfo;
+const child_process_1 = require("child_process");
+const path = __importStar(require("path"));
+// ── Docker Detection ──
+let _dockerAvailable = null;
+/** Check if Docker is installed and the daemon is running */
+function isDockerAvailable() {
+    if (_dockerAvailable !== null)
+        return _dockerAvailable;
+    try {
+        (0, child_process_1.execSync)('docker info', {
+            timeout: 5000,
+            stdio: ['pipe', 'pipe', 'pipe'],
+            encoding: 'utf-8',
+        });
+        _dockerAvailable = true;
+    }
+    catch {
+        _dockerAvailable = false;
+    }
+    return _dockerAvailable;
+}
+/** Reset the cached Docker availability check (for testing) */
+function resetDockerCheck() {
+    _dockerAvailable = null;
+}
+// ── Sandbox Execution ──
+const DEFAULT_CONFIG = {
+    cpus: 2,
+    memoryMb: 512,
+    pidsLimit: 100,
+    network: false,
+    timeoutMs: 120_000,
+    workDir: '/workspace',
+    image: 'node:20-slim',
+};
+/**
+ * Execute a command inside a Docker sandbox.
+ *
+ * The project directory is mounted at /workspace (read-write).
+ * Root filesystem is read-only. /tmp is tmpfs (100MB).
+ * Network is disabled by default.
+ *
+ * Falls back to host execution if Docker is unavailable.
+ */
+function sandboxExec(command, projectDir, config) {
+    const cfg = { ...DEFAULT_CONFIG, ...config };
+    const resolvedProjectDir = path.resolve(projectDir);
+    if (!isDockerAvailable()) {
+        return hostFallback(command, resolvedProjectDir, cfg.timeoutMs);
+    }
+    // Build docker run command
+    const dockerArgs = [
+        'docker', 'run',
+        '--rm', // Cleanup on exit
+        '--read-only', // Read-only root filesystem
+        '--tmpfs', '/tmp:size=100m', // Writable /tmp
+        `--cpus="${cfg.cpus}"`, // CPU limit
+        `--memory="${cfg.memoryMb}m"`, // Memory limit
+        `--pids-limit`, String(cfg.pidsLimit), // PID limit
+        '--security-opt', 'no-new-privileges', // No privilege escalation
+        '--cap-drop=ALL', // Drop all capabilities
+    ];
+    // Network
+    if (!cfg.network) {
+        dockerArgs.push('--network', 'none');
+    }
+    // Mount project directory
+    dockerArgs.push('-v', `${resolvedProjectDir}:${cfg.workDir}:rw`);
+    // Working directory
+    dockerArgs.push('-w', cfg.workDir);
+    // Image
+    dockerArgs.push(cfg.image);
+    // Command (via sh -c for shell features)
+    dockerArgs.push('sh', '-c', command);
+    const dockerCmd = dockerArgs.join(' ');
+    try {
+        const stdout = (0, child_process_1.execSync)(dockerCmd, {
+            timeout: cfg.timeoutMs,
+            maxBuffer: 1024 * 1024, // 1MB
+            encoding: 'utf-8',
+            stdio: ['pipe', 'pipe', 'pipe'],
+        });
+        return { stdout: stdout || '', stderr: '', exitCode: 0, sandboxed: true };
+    }
+    catch (err) {
+        const e = err;
+        return {
+            stdout: e.stdout || '',
+            stderr: e.stderr || '',
+            exitCode: e.status || 1,
+            sandboxed: true,
+        };
+    }
+}
+/**
+ * Fallback: execute on host with existing security measures.
+ * Used when Docker is not available.
+ */
+function hostFallback(command, cwd, timeoutMs) {
+    try {
+        const stdout = (0, child_process_1.execSync)(command, {
+            cwd,
+            timeout: timeoutMs,
+            maxBuffer: 1024 * 1024,
+            encoding: 'utf-8',
+            stdio: ['pipe', 'pipe', 'pipe'],
+        });
+        return { stdout: stdout || '', stderr: '', exitCode: 0, sandboxed: false };
+    }
+    catch (err) {
+        const e = err;
+        return {
+            stdout: e.stdout || '',
+            stderr: e.stderr || '',
+            exitCode: e.status || 1,
+            sandboxed: false,
+        };
+    }
+}
+/**
+ * Build or pull the sandbox Docker image.
+ * Call this during `codebot --setup` or first sandbox use.
+ */
+function ensureSandboxImage(image) {
+    const img = image || DEFAULT_CONFIG.image;
+    if (!isDockerAvailable()) {
+        return { ready: false, error: 'Docker is not available' };
+    }
+    try {
+        // Check if image exists locally
+        (0, child_process_1.execSync)(`docker image inspect ${img}`, {
+            timeout: 10_000,
+            stdio: ['pipe', 'pipe', 'pipe'],
+        });
+        return { ready: true };
+    }
+    catch {
+        // Image not found, try to pull
+        try {
+            (0, child_process_1.execSync)(`docker pull ${img}`, {
+                timeout: 120_000,
+                stdio: ['pipe', 'pipe', 'pipe'],
+            });
+            return { ready: true };
+        }
+        catch (pullErr) {
+            const msg = pullErr instanceof Error ? pullErr.message : String(pullErr);
+            return { ready: false, error: `Failed to pull ${img}: ${msg}` };
+        }
+    }
+}
+/**
+ * Get a summary of sandbox configuration for display.
+ */
+function getSandboxInfo() {
+    return {
+        available: isDockerAvailable(),
+        image: DEFAULT_CONFIG.image,
+        defaults: { ...DEFAULT_CONFIG },
+    };
+}
+//# sourceMappingURL=sandbox.js.map

package/dist/telemetry.d.ts

@@ -0,0 +1,73 @@
+/**
+ * Token & Cost Tracking for CodeBot v1.7.0
+ *
+ * Tracks per-request and per-session token usage and estimated costs.
+ * Supports cost limits and historical usage queries.
+ */
+export interface UsageRecord {
+    timestamp: string;
+    model: string;
+    provider: string;
+    inputTokens: number;
+    outputTokens: number;
+    costUsd: number;
+}
+export interface SessionSummary {
+    sessionId: string;
+    model: string;
+    provider: string;
+    startTime: string;
+    endTime: string;
+    totalInputTokens: number;
+    totalOutputTokens: number;
+    totalCostUsd: number;
+    requestCount: number;
+    toolCalls: number;
+    filesModified: number;
+}
+export declare class TokenTracker {
+    private model;
+    private provider;
+    private sessionId;
+    private records;
+    private toolCallCount;
+    private filesModifiedSet;
+    private startTime;
+    private costLimitUsd;
+    constructor(model: string, provider: string, sessionId?: string);
+    /** Set cost limit in USD. 0 = no limit. */
+    setCostLimit(usd: number): void;
+    /** Record token usage from an LLM request */
+    recordUsage(inputTokens: number, outputTokens: number): UsageRecord;
+    /** Record a tool call (for summary) */
+    recordToolCall(): void;
+    /** Record a file modification (for summary) */
+    recordFileModified(filePath: string): void;
+    /** Check if cost limit has been exceeded */
+    isOverBudget(): boolean;
+    /** Get remaining budget in USD (Infinity if no limit) */
+    getRemainingBudget(): number;
+    getTotalInputTokens(): number;
+    getTotalOutputTokens(): number;
+    getTotalCost(): number;
+    getRequestCount(): number;
+    /** Generate a session summary */
+    getSummary(): SessionSummary;
+    /** Format cost for display */
+    formatCost(): string;
+    /** Format a compact status line for CLI */
+    formatStatusLine(): string;
+    /** Save session usage to ~/.codebot/usage/ for historical tracking */
+    saveUsage(): void;
+    /**
+     * Load historical usage from ~/.codebot/usage/
+     */
+    static loadHistory(days?: number): SessionSummary[];
+    /**
+     * Format a historical usage report.
+     */
+    static formatUsageReport(days?: number): string;
+    private getPricing;
+    private isLocalModel;
+}
+//# sourceMappingURL=telemetry.d.ts.map