delimit-cli 4.5.6 → 4.5.8

package/gateway/ai/led193_daemon/gate.py

@@ -0,0 +1,300 @@
+"""LED-193 pre-push gate.
+
+The PRODUCT INVARIANT: daemon AUTHORS code, NEVER merges. A daemon-
+authored PR is opened only when ALL of the following local checks pass:
+
+    1. Repo's existing pre-push hook succeeds (if installed).
+       The branch's commit must already pass the hook before push.
+    2. ``delimit_security_audit`` reports no NEW critical/high vulns.
+    3. ``delimit_test_smoke`` passes when tests exist (no_framework
+       counts as a pass — we don't block on the absence of tests).
+    4. ``delimit_lint`` passes when the diff includes a spec change.
+
+Any failure → do NOT open PR. Mark item ``failed``, audit, exit.
+
+Self-eat dog food: each pass through this gate IS a Delimit attestation
+of the daemon's own authorship — the panel called this load-bearing.
+The gate output is JSON-serializable and lands in the audit log under
+``gate_results`` so the eventual PR description can link the local
+attestation hash.
+
+Implementation notes:
+    - We import the real backends directly (``tools_real.test_smoke``,
+      ``tools_infra.security_audit``). These are the same code paths
+      ``delimit_test_smoke`` and ``delimit_security_audit`` MCP tools
+      drive, so the local gate matches the merge gate.
+    - Lint runs only when the diff contains an OpenAPI spec file
+      (``.yaml``/``.yml``/``.json`` whose content matches openapi
+      heuristics). For the MVP profiles (format/lockfile/typo) lint
+      will almost never trigger — but the wiring is here for when
+      ``bounded_patch`` graduates.
+"""
+
+from __future__ import annotations
+
+import logging
+import subprocess
+from dataclasses import dataclass, field, asdict
+from pathlib import Path
+from typing import Any, Dict, List, Optional
+
+logger = logging.getLogger("delimit.ai.led193_daemon.gate")
+
+
+# ── Result containers ──────────────────────────────────────────────────
+
+
+@dataclass
+class GateResult:
+    ok: bool = True
+    reason: str = ""
+    security_audit: Dict[str, Any] = field(default_factory=dict)
+    test_smoke: Dict[str, Any] = field(default_factory=dict)
+    lint: Dict[str, Any] = field(default_factory=dict)
+    pre_push_hook: Dict[str, Any] = field(default_factory=dict)
+
+    def to_dict(self) -> Dict[str, Any]:
+        return asdict(self)
+
+
+# ── Individual gates ───────────────────────────────────────────────────
+
+
+def _run_security_audit(repo_path: Path) -> Dict[str, Any]:
+    """Run delimit_security_audit. Pass iff no critical/high vulns."""
+    try:
+        from ai.backends import tools_infra  # local import to avoid heavy import on cold path
+    except Exception as exc:  # pragma: no cover — gateway always has it
+        return {"ok": False, "error": f"backend_unavailable: {exc}"}
+    try:
+        result = tools_infra.security_audit(target=str(repo_path))
+    except Exception as exc:
+        return {"ok": False, "error": f"audit_raised: {exc}"}
+    severity_counts = result.get("severity_counts") or {}
+    critical = int(severity_counts.get("critical") or 0)
+    high = int(severity_counts.get("high") or 0)
+    ok = (critical == 0 and high == 0)
+    return {
+        "ok": ok,
+        "critical": critical,
+        "high": high,
+        "tools_used": result.get("tools_used") or [],
+        "severity_counts": severity_counts,
+    }
+
+
+def _run_test_smoke(repo_path: Path) -> Dict[str, Any]:
+    """Run delimit_test_smoke. Absent test framework = PASS (we don't
+    block on the absence of tests)."""
+    try:
+        from ai.backends import tools_real
+    except Exception as exc:  # pragma: no cover
+        return {"ok": False, "error": f"backend_unavailable: {exc}"}
+    try:
+        result = tools_real.test_smoke(project_path=str(repo_path))
+    except Exception as exc:
+        return {"ok": False, "error": f"smoke_raised: {exc}"}
+    status = result.get("status", "")
+    if status == "no_framework":
+        return {"ok": True, "status": "no_framework"}
+    if status == "error":
+        return {"ok": False, "status": "error", "error": result.get("error", "")}
+    failed = int(result.get("failed") or 0)
+    errors = int(result.get("errors") or 0)
+    passed = int(result.get("passed") or 0)
+    ok = (failed == 0 and errors == 0)
+    return {
+        "ok": ok,
+        "passed": passed,
+        "failed": failed,
+        "errors": errors,
+        "framework": result.get("framework", ""),
+    }
+
+
+def _changed_files(repo_path: Path, runner=None) -> List[str]:
+    """Return the file paths changed in the staged commit (HEAD vs
+    HEAD~1) or in the working tree as a fallback. Never raises — returns
+    [] on any error so the caller can decide."""
+    cmds = [
+        ["git", "diff", "--name-only", "HEAD~1", "HEAD"],
+        ["git", "diff", "--name-only", "HEAD"],
+    ]
+    for cmd in cmds:
+        try:
+            if runner is not None:
+                proc = runner(cmd, cwd=str(repo_path))
+                stdout = getattr(proc, "stdout", "") or ""
+                rc = getattr(proc, "returncode", 0)
+            else:
+                p = subprocess.run(
+                    cmd, cwd=str(repo_path), capture_output=True,
+                    text=True, timeout=10, check=False,
+                )
+                stdout, rc = p.stdout, p.returncode
+            if rc == 0 and stdout.strip():
+                return [ln.strip() for ln in stdout.splitlines() if ln.strip()]
+        except (subprocess.TimeoutExpired, OSError):
+            continue
+    return []
+
+
+def _looks_like_spec(path: Path) -> bool:
+    """Heuristic: file is OpenAPI-ish — yaml/yml/json AND content
+    contains ``openapi:``/``swagger:`` near the top."""
+    if path.suffix.lower() not in (".yaml", ".yml", ".json"):
+        return False
+    try:
+        head = path.read_text(encoding="utf-8", errors="replace")[:4096]
+    except OSError:
+        return False
+    sample = head.lower()
+    return ("openapi:" in sample) or ('"openapi"' in sample) or ("swagger:" in sample)
+
+
+def _run_lint_if_applicable(
+    repo_path: Path,
+    *,
+    runner=None,
+) -> Dict[str, Any]:
+    """Run delimit_lint when the diff contains a spec change.
+
+    For MVP profiles this is almost always a no-op (format/lockfile/typo
+    don't touch specs). The wiring is here so when ``bounded_patch``
+    graduates, the gate is already complete.
+    """
+    changed = _changed_files(repo_path, runner=runner)
+    spec_files = []
+    for rel in changed:
+        p = repo_path / rel
+        if p.exists() and _looks_like_spec(p):
+            spec_files.append(rel)
+    if not spec_files:
+        return {"ok": True, "applicable": False, "reason": "no_spec_change"}
+    # We need a baseline to lint against. The daemon has no way to
+    # reliably reconstruct one in MVP without a checkout dance. For
+    # safety we DEFER: if a spec change shows up, we fail-closed and
+    # surface a "lint_required_baseline_unknown" reason. Founder reviews
+    # and either runs lint manually or graduates the daemon.
+    return {
+        "ok": False,
+        "applicable": True,
+        "reason": "lint_required_baseline_unknown",
+        "spec_files": spec_files,
+    }
+
+
+def _run_pre_push_hook(repo_path: Path, runner=None) -> Dict[str, Any]:
+    """Run the repo's pre-push hook directly if installed.
+
+    Pre-push hooks are NOT exec'd by ``git`` until ``git push`` runs.
+    We invoke the hook script ourselves with empty stdin so the result
+    matches what ``git push`` would observe — surface failures BEFORE
+    we hit the network.
+
+    Spec-required check (LED-129 enforced via ``delimit setup hooks``).
+    Absent hook = pass (we don't enforce hook presence on third-party
+    repos in MVP).
+    """
+    hook = repo_path / ".git" / "hooks" / "pre-push"
+    if not hook.exists():
+        return {"ok": True, "ran": False, "reason": "hook_absent"}
+    if not hook.is_file():
+        return {"ok": True, "ran": False, "reason": "hook_not_file"}
+    cmd = [str(hook), "origin", "git@example.com:owner/repo.git"]
+    try:
+        if runner is not None:
+            proc = runner(cmd, cwd=str(repo_path))
+            stdout = getattr(proc, "stdout", "") or ""
+            stderr = getattr(proc, "stderr", "") or ""
+            rc = getattr(proc, "returncode", 1)
+        else:
+            p = subprocess.run(
+                cmd,
+                cwd=str(repo_path),
+                input="",  # no refs being pushed in this dry run
+                capture_output=True,
+                text=True,
+                timeout=300,
+                check=False,
+            )
+            stdout, stderr, rc = p.stdout, p.stderr, p.returncode
+    except (subprocess.TimeoutExpired, OSError) as exc:
+        return {"ok": False, "ran": True, "reason": f"hook_failed: {exc}"}
+    return {
+        "ok": rc == 0,
+        "ran": True,
+        "returncode": rc,
+        "stdout_tail": (stdout or "")[-500:],
+        "stderr_tail": (stderr or "")[-500:],
+    }
+
+
+# ── Public API ─────────────────────────────────────────────────────────
+
+
+def run_pre_push_gate(
+    repo_path: Path,
+    *,
+    runner=None,
+    skip_pre_push_hook: bool = False,
+    skip_lint: bool = False,
+) -> GateResult:
+    """Run all gates against ``repo_path``. Return ``GateResult``.
+
+    Order is intentional: cheapest first, fail-fast.
+
+        1. pre-push hook    (subprocess, repo-local; skipped if absent)
+        2. test_smoke       (fast on small repos)
+        3. security_audit   (slower; pip-audit / npm audit network calls)
+        4. lint             (only if a spec changed)
+
+    Any failure short-circuits — we don't run downstream checks because
+    a single failure is enough to refuse the push.
+
+    Test hooks:
+        runner: subprocess shim used by the pre-push hook + git diff
+            invocations. The Python-import-driven test_smoke / audit /
+            lint backends are mocked separately by patching the modules.
+        skip_pre_push_hook: bypass when the test fixture didn't install
+            a hook.
+        skip_lint: bypass for tests that don't care about spec-change
+            detection (most of them).
+    """
+    result = GateResult()
+
+    # 1. Pre-push hook
+    if skip_pre_push_hook:
+        result.pre_push_hook = {"ok": True, "ran": False, "reason": "skipped"}
+    else:
+        result.pre_push_hook = _run_pre_push_hook(repo_path, runner=runner)
+    if not result.pre_push_hook.get("ok"):
+        result.ok = False
+        result.reason = "pre_push_hook_failed"
+        return result
+
+    # 2. test_smoke
+    result.test_smoke = _run_test_smoke(repo_path)
+    if not result.test_smoke.get("ok"):
+        result.ok = False
+        result.reason = "test_smoke_failed"
+        return result
+
+    # 3. security_audit
+    result.security_audit = _run_security_audit(repo_path)
+    if not result.security_audit.get("ok"):
+        result.ok = False
+        result.reason = "security_audit_failed"
+        return result
+
+    # 4. lint (only if spec changes detected)
+    if skip_lint:
+        result.lint = {"ok": True, "applicable": False, "reason": "skipped"}
+    else:
+        result.lint = _run_lint_if_applicable(repo_path, runner=runner)
+    if not result.lint.get("ok"):
+        result.ok = False
+        result.reason = "lint_failed"
+        return result
+
+    return result

package/gateway/ai/led193_daemon/pause.py

@@ -0,0 +1,83 @@
+"""LED-193 pause-state management.
+
+The daemon is paused when ``~/.delimit/led193_paused.json`` exists.
+Founder must manually clear (e.g. ``rm ~/.delimit/led193_paused.json``)
+to resume — the daemon will NEVER auto-clear its own pause state.
+
+Triggered by:
+    - 3 consecutive failures (audit-log driven)
+    - explicit founder pause
+
+The kill switch (env var ``DELIMIT_LED193_DAEMON_DISABLED=1``) is
+checked separately at script start in ``scripts/led193_cron.py`` —
+even a non-paused daemon is blocked when the kill switch is set.
+"""
+
+from __future__ import annotations
+
+import json
+import logging
+import os
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Any, Dict, Optional
+
+logger = logging.getLogger("delimit.ai.led193_daemon.pause")
+
+PAUSE_FILE = Path.home() / ".delimit" / "led193_paused.json"
+
+
+def is_paused(*, pause_file: Optional[Path] = None) -> bool:
+    """True iff the pause file exists."""
+    target = pause_file or PAUSE_FILE
+    return target.exists()
+
+
+def pause(
+    *,
+    reason: str,
+    pause_file: Optional[Path] = None,
+    extra: Optional[Dict[str, Any]] = None,
+) -> Dict[str, Any]:
+    """Create the pause file. Idempotent — overwrites if already present.
+
+    Returns the payload written.
+    """
+    target = pause_file or PAUSE_FILE
+    payload: Dict[str, Any] = {
+        "ts": datetime.now(timezone.utc).isoformat(),
+        "reason": reason,
+    }
+    if extra:
+        # Don't let extra clobber required keys.
+        for k, v in extra.items():
+            if k not in payload:
+                payload[k] = v
+    try:
+        target.parent.mkdir(parents=True, exist_ok=True)
+        target.write_text(json.dumps(payload, ensure_ascii=False, indent=2))
+    except OSError as exc:  # pragma: no cover
+        logger.warning("led193_daemon: failed to write pause file: %s", exc)
+    return payload
+
+
+def clear(*, pause_file: Optional[Path] = None) -> bool:
+    """Remove the pause file. Returns True if a file was removed.
+
+    Founder-only intent — the daemon should never call this on itself.
+    Tests may call it for cleanup.
+    """
+    target = pause_file or PAUSE_FILE
+    if target.exists():
+        try:
+            target.unlink()
+            return True
+        except OSError as exc:  # pragma: no cover
+            logger.warning("led193_daemon: failed to clear pause file: %s", exc)
+    return False
+
+
+def kill_switch_active() -> bool:
+    """Check the env-var kill switch. True blocks all execution."""
+    val = (os.environ.get("DELIMIT_LED193_DAEMON_DISABLED") or "").strip().lower()
+    return val in ("1", "true", "yes", "on")

package/gateway/ai/led193_daemon/picker.py

@@ -0,0 +1,236 @@
+"""LED-193 ledger-item picker.
+
+Selects the next eligible item to execute. One at a time (concurrency=1
+is enforced upstream by the lockfile in scripts/led193_cron.py).
+
+Eligibility (ALL must hold):
+    1. Tagged ``auto_execute=class_a:<profile>`` where profile is in
+       the whitelist {format_fix, lockfile_refresh, docs_typo}.
+    2. Status is ``open`` (not done, in_progress, blocked, cancelled).
+    3. Item is NOT marked ``worked_by=founder`` (founder claimed back).
+    4. Item is younger than 7 days (created_at within window).
+    5. No remote branch matching ``auto/{profile}-{item_id}-*``
+       already exists (in-flight check).
+
+Preference order (top of list first):
+    P0 → P1 → P2 → P3, ties broken by oldest-first.
+
+Returns ``None`` when no eligible item exists.
+"""
+
+from __future__ import annotations
+
+import logging
+import os
+import subprocess
+from datetime import datetime, timedelta, timezone
+from pathlib import Path
+from typing import Any, Dict, Iterable, List, Optional, Tuple
+
+logger = logging.getLogger("delimit.ai.led193_daemon.picker")
+
+PROFILE_WHITELIST = {"format_fix", "lockfile_refresh", "docs_typo"}
+TAG_PREFIX = "auto_execute=class_a:"
+STALE_DAYS = 7
+PRIORITY_RANK = {"P0": 0, "P1": 1, "P2": 2, "P3": 3}
+
+
+# ── Tag parsing ────────────────────────────────────────────────────────
+
+
+def parse_auto_execute_tag(tags: Iterable[str]) -> Optional[str]:
+    """Return the profile name from an ``auto_execute=class_a:<profile>``
+    tag, or ``None`` if no valid Class A tag is present.
+
+    Rejects unknown profiles even if the prefix matches — so a typo or
+    a future profile that hasn't been enrolled doesn't accidentally
+    pick up.
+    """
+    if not tags:
+        return None
+    for tag in tags:
+        if not isinstance(tag, str):
+            continue
+        if not tag.startswith(TAG_PREFIX):
+            continue
+        profile = tag[len(TAG_PREFIX):].strip()
+        if profile in PROFILE_WHITELIST:
+            return profile
+    return None
+
+
+# ── Age check ──────────────────────────────────────────────────────────
+
+
+def _parse_iso(value: str) -> Optional[datetime]:
+    if not value:
+        return None
+    try:
+        # Accept both "...Z" and "...+00:00"
+        v = value.replace("Z", "+00:00")
+        dt = datetime.fromisoformat(v)
+        if dt.tzinfo is None:
+            dt = dt.replace(tzinfo=timezone.utc)
+        return dt
+    except (ValueError, TypeError):
+        return None
+
+
+def is_stale(item: Dict[str, Any], *, now: Optional[datetime] = None) -> bool:
+    """True iff item is older than ``STALE_DAYS`` from ``created_at``.
+
+    Falls back to ``updated_at`` when ``created_at`` is missing. If
+    NEITHER is parseable, treat as stale (fail-closed: don't run on
+    items with unknown age).
+    """
+    now = now or datetime.now(timezone.utc)
+    cutoff = now - timedelta(days=STALE_DAYS)
+    created = _parse_iso(item.get("created_at") or "") or _parse_iso(item.get("updated_at") or "")
+    if created is None:
+        return True
+    return created < cutoff
+
+
+# ── In-flight check (remote branch presence) ───────────────────────────
+
+
+def in_flight_branch_pattern(profile: str, item_id: str) -> str:
+    return f"auto/{profile}-{item_id}-"
+
+
+def has_in_flight_branch(
+    *,
+    profile: str,
+    item_id: str,
+    repo_path: Path,
+    runner=None,
+) -> bool:
+    """Run ``git ls-remote --heads`` and return True iff any branch
+    matches the in-flight prefix.
+
+    ``runner`` is a test hook: callable taking (cmd_list, cwd) and
+    returning a ``subprocess.CompletedProcess``-shaped object with
+    ``stdout`` (str) and ``returncode`` (int). Defaults to real subprocess.
+    """
+    pattern = in_flight_branch_pattern(profile, item_id)
+    cmd = ["git", "ls-remote", "--heads", "origin"]
+    try:
+        if runner is not None:
+            res = runner(cmd, cwd=str(repo_path))
+            stdout = getattr(res, "stdout", "") or ""
+            rc = getattr(res, "returncode", 0)
+        else:
+            proc = subprocess.run(
+                cmd,
+                cwd=str(repo_path),
+                capture_output=True,
+                text=True,
+                timeout=15,
+                check=False,
+            )
+            stdout = proc.stdout or ""
+            rc = proc.returncode
+    except (subprocess.TimeoutExpired, OSError) as exc:
+        # Fail-closed: if we can't tell whether a branch is in flight, skip
+        # the item. A spurious skip is recoverable; a duplicate PR is not.
+        logger.warning("led193_daemon: ls-remote failed (%s) — treating as in-flight", exc)
+        return True
+    if rc != 0:
+        return True  # fail-closed
+    for line in stdout.splitlines():
+        # ls-remote line format: "<sha>\trefs/heads/<branch>"
+        parts = line.split("\t", 1)
+        if len(parts) != 2:
+            continue
+        ref = parts[1].strip()
+        if not ref.startswith("refs/heads/"):
+            continue
+        branch = ref[len("refs/heads/"):]
+        if branch.startswith(pattern):
+            return True
+    return False
+
+
+# ── Sort + filter ──────────────────────────────────────────────────────
+
+
+def _priority_rank(item: Dict[str, Any]) -> int:
+    return PRIORITY_RANK.get(item.get("priority", "P3"), 99)
+
+
+def _created_ts(item: Dict[str, Any]) -> str:
+    # Lexical ISO compare — older is smaller.
+    return str(item.get("created_at") or item.get("updated_at") or "")
+
+
+def filter_eligible(
+    items: Iterable[Dict[str, Any]],
+    *,
+    now: Optional[datetime] = None,
+) -> List[Tuple[str, Dict[str, Any]]]:
+    """Return [(profile, item)] for items that pass the static gates.
+
+    Static gates here = everything EXCEPT the in-flight remote-branch
+    check, which requires git network access and is applied per
+    candidate by the caller (cheaper to do it lazily on the top
+    candidates only).
+    """
+    out: List[Tuple[str, Dict[str, Any]]] = []
+    for item in items:
+        if not isinstance(item, dict):
+            continue
+        # Status gate — only "open" items execute.
+        if (item.get("status") or "").strip().lower() != "open":
+            continue
+        # Founder claimed-back gate.
+        worked_by = (item.get("worked_by") or "").strip().lower()
+        if worked_by == "founder":
+            continue
+        # Tag gate.
+        profile = parse_auto_execute_tag(item.get("tags") or [])
+        if profile is None:
+            continue
+        # Age gate.
+        if is_stale(item, now=now):
+            continue
+        out.append((profile, item))
+    # Sort: priority asc (P0 first), then created_at asc (oldest first).
+    out.sort(key=lambda pair: (_priority_rank(pair[1]), _created_ts(pair[1])))
+    return out
+
+
+def pick_next_item(
+    items: Iterable[Dict[str, Any]],
+    *,
+    repo_path: Optional[Path] = None,
+    now: Optional[datetime] = None,
+    runner=None,
+    skip_in_flight_check: bool = False,
+) -> Optional[Tuple[str, Dict[str, Any]]]:
+    """Return the next eligible (profile, item) or ``None``.
+
+    The in-flight remote-branch check runs against ``repo_path`` (the
+    target repo). When ``repo_path`` is None or
+    ``skip_in_flight_check=True``, the check is bypassed (test hook).
+    """
+    eligible = filter_eligible(items, now=now)
+    for profile, item in eligible:
+        if skip_in_flight_check or repo_path is None:
+            return profile, item
+        item_id = item.get("id") or ""
+        if not item_id:
+            continue
+        if has_in_flight_branch(
+            profile=profile,
+            item_id=item_id,
+            repo_path=repo_path,
+            runner=runner,
+        ):
+            logger.info(
+                "led193_daemon: skipping %s — in-flight branch %s* exists",
+                item_id,
+                in_flight_branch_pattern(profile, item_id),
+            )
+            continue
+        return profile, item
+    return None

package/gateway/ai/scan_bridge/__init__.py

@@ -0,0 +1,39 @@
+"""LED-1264: scan → strategy-ledger auto-promote bridge.
+
+Pure consumer of ``~/.delimit/social_targets.jsonl`` (the existing
+``delimit_social_target`` output). Promotes a tightly-gated subset of
+strategic signals into the strategy ledger so the founder reviews them
+via a daily digest instead of inbox-spam pings.
+
+Panel decision (UNANIMOUS R3, 2026-05-07): tight guards
+(strategic + confidence ≥ 0.85 + dedup against open / 60-day-closed),
+P2 priority (review, not auto-action), one daily digest email.
+
+Public entry points:
+
+- :func:`bridge.promote_recent_signals` — main work function
+- :func:`digest.build_daily_digest` — assemble last-24h digest text
+- :func:`bridge.backfill_from` — one-time idempotent backfill walker
+
+The bridge is invoked by ``scripts/scan_bridge_cron.py`` on a 6-hour
+crontab cadence (founder applies manually). Direct in-process calls to
+``ai.ledger_manager.add_item`` — no MCP subprocess.
+"""
+
+from ai.scan_bridge.bridge import (
+    backfill_from,
+    promote_recent_signals,
+)
+from ai.scan_bridge.dedup import (
+    extract_topic_fingerprint,
+    is_duplicate,
+)
+from ai.scan_bridge.digest import build_daily_digest
+
+__all__ = [
+    "backfill_from",
+    "build_daily_digest",
+    "extract_topic_fingerprint",
+    "is_duplicate",
+    "promote_recent_signals",
+]