npm - draft-board - Versions diffs - 0.1.0-beta.0 - Mend

draft-board 0.1.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (250) hide show

package/app/backend/.env.example +9 -0
package/app/backend/.smartkanban/evidence/8b383839-cbec-45af-86ee-c7708d075cbe/bddf2ed5-2e21-4d46-a62b-10b87f1642a6_patch.txt +195 -0
package/app/backend/.smartkanban/evidence/8b383839-cbec-45af-86ee-c7708d075cbe/bddf2ed5-2e21-4d46-a62b-10b87f1642a6_stat.txt +6 -0
package/app/backend/CURL_EXAMPLES.md +335 -0
package/app/backend/ENV_SETUP.md +65 -0
package/app/backend/alembic/env.py +71 -0
package/app/backend/alembic/script.py.mako +28 -0
package/app/backend/alembic/versions/001_initial_schema.py +104 -0
package/app/backend/alembic/versions/002_add_jobs_table.py +52 -0
package/app/backend/alembic/versions/003_add_workspace_table.py +48 -0
package/app/backend/alembic/versions/004_add_evidence_table.py +56 -0
package/app/backend/alembic/versions/005_add_verification_commands.py +32 -0
package/app/backend/alembic/versions/006_add_planner_lock_table.py +39 -0
package/app/backend/alembic/versions/007_add_revision_review_tables.py +126 -0
package/app/backend/alembic/versions/008_add_revision_idempotency_and_traceability.py +52 -0
package/app/backend/alembic/versions/009_add_job_health_fields.py +46 -0
package/app/backend/alembic/versions/010_add_review_comment_line_content.py +36 -0
package/app/backend/alembic/versions/011_add_analysis_cache.py +47 -0
package/app/backend/alembic/versions/012_add_boards_table.py +102 -0
package/app/backend/alembic/versions/013_add_ticket_blocking.py +45 -0
package/app/backend/alembic/versions/014_add_agent_sessions.py +220 -0
package/app/backend/alembic/versions/015_add_ticket_sort_order.py +33 -0
package/app/backend/alembic/versions/03220f0b93ae_add_pr_fields_to_ticket.py +49 -0
package/app/backend/alembic/versions/0c2d89fff3b1_seed_board_configs_from_yaml.py +206 -0
package/app/backend/alembic/versions/3348e5cf54c1_add_merge_checklist_table.py +67 -0
package/app/backend/alembic/versions/357c780ee445_add_goal_status.py +34 -0
package/app/backend/alembic/versions/553340b7e26c_add_autonomy_fields_to_goal.py +65 -0
package/app/backend/alembic/versions/774dc335c679_merge_migration_heads.py +23 -0
package/app/backend/alembic/versions/7b307e847cbd_merge_heads.py +23 -0
package/app/backend/alembic/versions/82ecd978cc70_add_missing_indexes.py +48 -0
package/app/backend/alembic/versions/8ef5054dc280_add_normalized_log_entries.py +173 -0
package/app/backend/alembic/versions/8f3e2bd8ea3b_merge_migration_heads.py +23 -0
package/app/backend/alembic/versions/9d17f0698d3b_add_config_column_to_boards_table.py +30 -0
package/app/backend/alembic/versions/add_agent_conversation_history.py +72 -0
package/app/backend/alembic/versions/add_job_variant.py +34 -0
package/app/backend/alembic/versions/add_performance_indexes.py +95 -0
package/app/backend/alembic/versions/add_repos_and_board_repos.py +174 -0
package/app/backend/alembic/versions/add_session_id_to_jobs.py +27 -0
package/app/backend/alembic/versions/add_sqlite_backend_tables.py +104 -0
package/app/backend/alembic/versions/b10fb0b62240_add_diff_content_to_revisions.py +34 -0
package/app/backend/alembic.ini +89 -0
package/app/backend/app/__init__.py +3 -0
package/app/backend/app/data_dir.py +85 -0
package/app/backend/app/database.py +70 -0
package/app/backend/app/database_sync.py +64 -0
package/app/backend/app/dependencies/__init__.py +5 -0
package/app/backend/app/dependencies/auth.py +80 -0
package/app/backend/app/dependencies.py +43 -0
package/app/backend/app/exceptions.py +178 -0
package/app/backend/app/executors/__init__.py +1 -0
package/app/backend/app/executors/adapters/__init__.py +1 -0
package/app/backend/app/executors/adapters/aider.py +152 -0
package/app/backend/app/executors/adapters/amazon_q.py +103 -0
package/app/backend/app/executors/adapters/amp.py +123 -0
package/app/backend/app/executors/adapters/claude.py +177 -0
package/app/backend/app/executors/adapters/cline.py +127 -0
package/app/backend/app/executors/adapters/codex.py +167 -0
package/app/backend/app/executors/adapters/copilot.py +202 -0
package/app/backend/app/executors/adapters/cursor.py +87 -0
package/app/backend/app/executors/adapters/droid.py +123 -0
package/app/backend/app/executors/adapters/gemini.py +132 -0
package/app/backend/app/executors/adapters/goose.py +131 -0
package/app/backend/app/executors/adapters/opencode.py +123 -0
package/app/backend/app/executors/adapters/qwen.py +123 -0
package/app/backend/app/executors/plugins/__init__.py +1 -0
package/app/backend/app/executors/registry.py +202 -0
package/app/backend/app/executors/spec.py +226 -0
package/app/backend/app/main.py +486 -0
package/app/backend/app/middleware/__init__.py +13 -0
package/app/backend/app/middleware/idempotency.py +426 -0
package/app/backend/app/middleware/rate_limit.py +312 -0
package/app/backend/app/middleware/security_headers.py +43 -0
package/app/backend/app/middleware/timeout.py +37 -0
package/app/backend/app/models/__init__.py +56 -0
package/app/backend/app/models/agent_conversation_history.py +56 -0
package/app/backend/app/models/agent_session.py +127 -0
package/app/backend/app/models/analysis_cache.py +49 -0
package/app/backend/app/models/base.py +9 -0
package/app/backend/app/models/board.py +79 -0
package/app/backend/app/models/board_repo.py +68 -0
package/app/backend/app/models/cost_budget.py +42 -0
package/app/backend/app/models/enums.py +40 -0
package/app/backend/app/models/evidence.py +132 -0
package/app/backend/app/models/goal.py +102 -0
package/app/backend/app/models/idempotency_entry.py +30 -0
package/app/backend/app/models/job.py +163 -0
package/app/backend/app/models/job_queue.py +39 -0
package/app/backend/app/models/kv_store.py +28 -0
package/app/backend/app/models/merge_checklist.py +87 -0
package/app/backend/app/models/normalized_log.py +100 -0
package/app/backend/app/models/planner_lock.py +43 -0
package/app/backend/app/models/rate_limit_entry.py +25 -0
package/app/backend/app/models/repo.py +66 -0
package/app/backend/app/models/review_comment.py +91 -0
package/app/backend/app/models/review_summary.py +69 -0
package/app/backend/app/models/revision.py +130 -0
package/app/backend/app/models/ticket.py +223 -0
package/app/backend/app/models/ticket_event.py +83 -0
package/app/backend/app/models/user.py +47 -0
package/app/backend/app/models/workspace.py +71 -0
package/app/backend/app/redis_client.py +119 -0
package/app/backend/app/routers/__init__.py +29 -0
package/app/backend/app/routers/agents.py +296 -0
package/app/backend/app/routers/auth.py +94 -0
package/app/backend/app/routers/board.py +885 -0
package/app/backend/app/routers/dashboard.py +351 -0
package/app/backend/app/routers/debug.py +528 -0
package/app/backend/app/routers/evidence.py +96 -0
package/app/backend/app/routers/executors.py +324 -0
package/app/backend/app/routers/goals.py +574 -0
package/app/backend/app/routers/jobs.py +448 -0
package/app/backend/app/routers/maintenance.py +172 -0
package/app/backend/app/routers/merge.py +360 -0
package/app/backend/app/routers/planner.py +537 -0
package/app/backend/app/routers/pull_requests.py +382 -0
package/app/backend/app/routers/repos.py +263 -0
package/app/backend/app/routers/revisions.py +939 -0
package/app/backend/app/routers/settings.py +267 -0
package/app/backend/app/routers/tickets.py +2003 -0
package/app/backend/app/routers/webhooks.py +143 -0
package/app/backend/app/routers/websocket.py +249 -0
package/app/backend/app/schemas/__init__.py +109 -0
package/app/backend/app/schemas/board.py +87 -0
package/app/backend/app/schemas/common.py +33 -0
package/app/backend/app/schemas/evidence.py +87 -0
package/app/backend/app/schemas/goal.py +90 -0
package/app/backend/app/schemas/job.py +97 -0
package/app/backend/app/schemas/merge.py +139 -0
package/app/backend/app/schemas/planner.py +500 -0
package/app/backend/app/schemas/repo.py +187 -0
package/app/backend/app/schemas/review.py +137 -0
package/app/backend/app/schemas/revision.py +114 -0
package/app/backend/app/schemas/ticket.py +238 -0
package/app/backend/app/schemas/ticket_event.py +72 -0
package/app/backend/app/schemas/workspace.py +19 -0
package/app/backend/app/services/__init__.py +31 -0
package/app/backend/app/services/agent_memory_service.py +223 -0
package/app/backend/app/services/agent_registry.py +346 -0
package/app/backend/app/services/agent_session_manager.py +318 -0
package/app/backend/app/services/agent_session_service.py +219 -0
package/app/backend/app/services/agent_tools.py +379 -0
package/app/backend/app/services/auth_service.py +98 -0
package/app/backend/app/services/autonomy_service.py +380 -0
package/app/backend/app/services/board_repo_service.py +201 -0
package/app/backend/app/services/board_service.py +326 -0
package/app/backend/app/services/cleanup_service.py +1085 -0
package/app/backend/app/services/config_service.py +908 -0
package/app/backend/app/services/context_gatherer.py +557 -0
package/app/backend/app/services/cost_tracking_service.py +293 -0
package/app/backend/app/services/cursor_log_normalizer.py +536 -0
package/app/backend/app/services/delivery_pipeline.py +440 -0
package/app/backend/app/services/executor_service.py +634 -0
package/app/backend/app/services/git_host/__init__.py +11 -0
package/app/backend/app/services/git_host/factory.py +87 -0
package/app/backend/app/services/git_host/github.py +270 -0
package/app/backend/app/services/git_host/gitlab.py +194 -0
package/app/backend/app/services/git_host/protocol.py +75 -0
package/app/backend/app/services/git_merge_simple.py +346 -0
package/app/backend/app/services/git_ops.py +384 -0
package/app/backend/app/services/github_service.py +233 -0
package/app/backend/app/services/goal_service.py +113 -0
package/app/backend/app/services/job_service.py +423 -0
package/app/backend/app/services/job_watchdog_service.py +424 -0
package/app/backend/app/services/langchain_adapter.py +122 -0
package/app/backend/app/services/llm_provider_clients.py +351 -0
package/app/backend/app/services/llm_service.py +285 -0
package/app/backend/app/services/log_normalizer.py +342 -0
package/app/backend/app/services/log_stream_service.py +276 -0
package/app/backend/app/services/merge_checklist_service.py +264 -0
package/app/backend/app/services/merge_service.py +784 -0
package/app/backend/app/services/orchestrator_log.py +84 -0
package/app/backend/app/services/planner_service.py +1662 -0
package/app/backend/app/services/planner_tick_sync.py +1040 -0
package/app/backend/app/services/queued_message_service.py +156 -0
package/app/backend/app/services/reliability_wrapper.py +389 -0
package/app/backend/app/services/repo_discovery_service.py +318 -0
package/app/backend/app/services/review_service.py +334 -0
package/app/backend/app/services/revision_service.py +389 -0
package/app/backend/app/services/safe_autopilot.py +510 -0
package/app/backend/app/services/sqlite_worker.py +372 -0
package/app/backend/app/services/task_dispatch.py +135 -0
package/app/backend/app/services/ticket_generation_service.py +1781 -0
package/app/backend/app/services/ticket_service.py +486 -0
package/app/backend/app/services/udar_planner_service.py +1007 -0
package/app/backend/app/services/webhook_service.py +126 -0
package/app/backend/app/services/workspace_service.py +465 -0
package/app/backend/app/services/worktree_file_service.py +92 -0
package/app/backend/app/services/worktree_validator.py +213 -0
package/app/backend/app/sqlite_kv.py +278 -0
package/app/backend/app/state_machine.py +128 -0
package/app/backend/app/templates/__init__.py +5 -0
package/app/backend/app/templates/registry.py +243 -0
package/app/backend/app/utils/__init__.py +5 -0
package/app/backend/app/utils/artifact_reader.py +87 -0
package/app/backend/app/utils/circuit_breaker.py +229 -0
package/app/backend/app/utils/db_retry.py +136 -0
package/app/backend/app/utils/ignored_fields.py +123 -0
package/app/backend/app/utils/validators.py +54 -0
package/app/backend/app/websocket/__init__.py +5 -0
package/app/backend/app/websocket/manager.py +179 -0
package/app/backend/app/websocket/state_tracker.py +113 -0
package/app/backend/app/worker.py +3190 -0
package/app/backend/calculator_tickets.json +40 -0
package/app/backend/canary_tests.sh +591 -0
package/app/backend/celerybeat-schedule +0 -0
package/app/backend/celerybeat-schedule-shm +0 -0
package/app/backend/celerybeat-schedule-wal +0 -0
package/app/backend/logs/.gitkeep +3 -0
package/app/backend/multiplication_division_implementation_tickets.json +55 -0
package/app/backend/multiplication_division_tickets.json +42 -0
package/app/backend/pyproject.toml +45 -0
package/app/backend/requirements-dev.txt +8 -0
package/app/backend/requirements.txt +20 -0
package/app/backend/run.sh +30 -0
package/app/backend/run_with_logs.sh +10 -0
package/app/backend/scientific_calculator_tickets.json +40 -0
package/app/backend/scripts/extract_openapi.py +21 -0
package/app/backend/scripts/seed_demo.py +187 -0
package/app/backend/setup_demo_review.py +302 -0
package/app/backend/test_actual_parse.py +41 -0
package/app/backend/test_agent_streaming.py +61 -0
package/app/backend/test_parse.py +51 -0
package/app/backend/test_streaming.py +51 -0
package/app/backend/test_subprocess_streaming.py +50 -0
package/app/backend/tests/__init__.py +1 -0
package/app/backend/tests/conftest.py +46 -0
package/app/backend/tests/test_auth.py +341 -0
package/app/backend/tests/test_autonomy_service.py +391 -0
package/app/backend/tests/test_cleanup_service_safety.py +417 -0
package/app/backend/tests/test_middleware.py +279 -0
package/app/backend/tests/test_planner_providers.py +290 -0
package/app/backend/tests/test_planner_unblock.py +183 -0
package/app/backend/tests/test_revision_invariants.py +618 -0
package/app/backend/tests/test_sqlite_kv.py +290 -0
package/app/backend/tests/test_sqlite_worker.py +353 -0
package/app/backend/tests/test_task_dispatch.py +100 -0
package/app/backend/tests/test_ticket_validation.py +304 -0
package/app/backend/tests/test_udar_agent.py +693 -0
package/app/backend/tests/test_webhook_service.py +184 -0
package/app/backend/tickets_output.json +59 -0
package/app/backend/user_management_tickets.json +50 -0
package/app/backend/uvicorn.log +0 -0
package/app/draft.yaml +313 -0
package/app/frontend/dist/assets/index-LcjCczu5.js +155 -0
package/app/frontend/dist/assets/index-_FP_279e.css +1 -0
package/app/frontend/dist/index.html +14 -0
package/app/frontend/dist/vite.svg +1 -0
package/app/frontend/package.json +101 -0
package/bin/cli.js +527 -0
package/package.json +37 -0

package/app/backend/app/services/agent_tools.py ADDED Viewed

@@ -0,0 +1,379 @@
+"""LangChain tools for UDAR agent.
+These tools wrap existing Draft services to make them accessible
+to the LangGraph agent. All tools are designed to be deterministic and
+minimize LLM calls where possible.
+"""
+import json
+from pathlib import Path
+from langchain_core.tools import tool
+from sqlalchemy import select
+from sqlalchemy.ext.asyncio import AsyncSession
+from app.models.goal import Goal
+from app.models.ticket import Ticket
+from app.services.context_gatherer import ContextGatherer
+@tool
+async def analyze_codebase(repo_root: str) -> str:
+    """Analyze repository structure and gather codebase context.
+    This is a DETERMINISTIC tool (0 LLM calls). It uses the existing
+    ContextGatherer to scan the repository and return metadata about:
+    - Project type (python, node, mixed, etc.)
+    - File tree with line counts
+    - TODO comments
+    - README excerpt
+    Args:
+        repo_root: Absolute path to repository root
+    Returns:
+        JSON string with codebase context:
+        {
+            "project_type": "python",
+            "file_count": 150,
+            "total_lines": 12500,
+            "todo_count": 23,
+            "has_readme": true,
+            "readme_excerpt": "...",
+            "file_tree_sample": ["backend/app/main.py", ...]
+        }
+    """
+    try:
+        gatherer = ContextGatherer(max_files=1000)
+        context = gatherer.gather(
+            repo_root=Path(repo_root),
+            include_readme_excerpt=True,
+        )
+        # Convert to JSON-serializable format
+        result = {
+            "project_type": context.project_type,
+            "file_count": len(context.file_tree),
+            "total_lines": sum(f.line_count for f in context.file_tree),
+            "todo_count": context.todo_count,
+            "has_readme": bool(context.readme_excerpt),
+            "readme_excerpt": context.readme_excerpt[:500]
+            if context.readme_excerpt
+            else None,
+            "file_tree_sample": [
+                f.path for f in context.file_tree[:50]
+            ],  # Cap at 50 files
+            "stats": {
+                "files_scanned": context.stats.files_scanned,
+                "bytes_read": context.stats.bytes_read,
+                "excluded_count": context.stats.skipped_excluded,
+            },
+        }
+        return json.dumps(result, indent=2)
+    except Exception as e:
+        return json.dumps(
+            {
+                "error": str(e),
+                "project_type": "unknown",
+                "file_count": 0,
+            }
+        )
+@tool
+async def search_tickets(
+    db: AsyncSession,
+    goal_id: str,
+    query: str | None = None,
+    state: str | None = None,
+) -> str:
+    """Search existing tickets for a goal.
+    This is a DETERMINISTIC tool (0 LLM calls). It queries the database
+    to find tickets matching the criteria. Useful for avoiding duplicate
+    ticket generation.
+    Args:
+        db: Database session
+        goal_id: Goal ID to search within
+        query: Optional text to search in title/description
+        state: Optional state filter (e.g., "done", "planned")
+    Returns:
+        JSON string with ticket list:
+        {
+            "total": 5,
+            "tickets": [
+                {
+                    "id": "abc-123",
+                    "title": "Add authentication",
+                    "state": "done",
+                    "priority": 90,
+                    "blocked_by_ticket_id": null
+                },
+                ...
+            ]
+        }
+    """
+    try:
+        # Build query
+        stmt = select(Ticket).where(Ticket.goal_id == goal_id)
+        if state:
+            stmt = stmt.where(Ticket.state == state)
+        if query:
+            # Simple text search in title and description
+            search_term = f"%{query.lower()}%"
+            stmt = stmt.where(
+                (Ticket.title.ilike(search_term))
+                | (Ticket.description.ilike(search_term))
+            )
+        # Execute query
+        result = await db.execute(stmt)
+        tickets = result.scalars().all()
+        # Convert to JSON-serializable format
+        tickets_data = [
+            {
+                "id": t.id,
+                "title": t.title,
+                "description": t.description[:200]
+                if t.description
+                else None,  # Cap at 200 chars
+                "state": t.state,
+                "priority": t.priority,
+                "blocked_by_ticket_id": t.blocked_by_ticket_id,
+            }
+            for t in tickets
+        ]
+        return json.dumps(
+            {
+                "total": len(tickets_data),
+                "tickets": tickets_data,
+            },
+            indent=2,
+        )
+    except Exception as e:
+        return json.dumps(
+            {
+                "error": str(e),
+                "total": 0,
+                "tickets": [],
+            }
+        )
+@tool
+async def get_goal_context(db: AsyncSession, goal_id: str) -> str:
+    """Get goal details and statistics.
+    This is a DETERMINISTIC tool (0 LLM calls). It retrieves the goal
+    and counts existing tickets by state.
+    Args:
+        db: Database session
+        goal_id: Goal ID to retrieve
+    Returns:
+        JSON string with goal context:
+        {
+            "id": "goal-123",
+            "title": "Add authentication system",
+            "description": "Implement OAuth2...",
+            "status": "active",
+            "ticket_counts": {
+                "proposed": 2,
+                "planned": 3,
+                "executing": 1,
+                "done": 5,
+                "total": 11
+            }
+        }
+    """
+    try:
+        # Get goal
+        goal = await db.get(Goal, goal_id)
+        if not goal:
+            return json.dumps(
+                {
+                    "error": f"Goal {goal_id} not found",
+                    "id": goal_id,
+                }
+            )
+        # Count tickets by state
+        stmt = select(Ticket).where(Ticket.goal_id == goal_id)
+        result = await db.execute(stmt)
+        tickets = result.scalars().all()
+        ticket_counts = {}
+        for ticket in tickets:
+            state = ticket.state
+            ticket_counts[state] = ticket_counts.get(state, 0) + 1
+        # Build result
+        result_data = {
+            "id": goal.id,
+            "title": goal.title,
+            "description": goal.description[:500]
+            if goal.description
+            else None,  # Cap at 500 chars
+            "created_at": goal.created_at.isoformat() if goal.created_at else None,
+            "ticket_counts": {
+                **ticket_counts,
+                "total": len(tickets),
+            },
+        }
+        return json.dumps(result_data, indent=2)
+    except Exception as e:
+        return json.dumps(
+            {
+                "error": str(e),
+                "id": goal_id,
+            }
+        )
+@tool
+async def analyze_ticket_changes(
+    db: AsyncSession,
+    ticket_id: str,
+) -> str:
+    """Analyze what changed in a completed ticket (deterministic, 0 LLM calls).
+    This tool parses git diffs and evidence to understand changes WITHOUT
+    calling an LLM. It extracts file counts, line changes, and verification
+    status using deterministic text parsing.
+    Args:
+        db: Database session
+        ticket_id: Ticket ID to analyze
+    Returns:
+        JSON string with change analysis:
+        {
+            "ticket_id": "abc-123",
+            "ticket_title": "Add authentication",
+            "state": "done",
+            "files_changed": ["backend/app/auth.py", "backend/app/models.py"],
+            "file_count": 2,
+            "lines_added": 150,
+            "lines_deleted": 20,
+            "verification_passed": true,
+            "has_revision": true
+        }
+    """
+    try:
+        from sqlalchemy import select
+        from sqlalchemy.orm import selectinload
+        from app.models.ticket import Ticket
+        # Get ticket with revision
+        stmt = (
+            select(Ticket)
+            .where(Ticket.id == ticket_id)
+            .options(selectinload(Ticket.revisions))
+        )
+        result = await db.execute(stmt)
+        ticket = result.scalar_one_or_none()
+        if not ticket:
+            return json.dumps(
+                {
+                    "error": f"Ticket {ticket_id} not found",
+                    "ticket_id": ticket_id,
+                }
+            )
+        # Get latest revision
+        revisions = sorted(ticket.revisions, key=lambda r: r.number, reverse=True)
+        latest_revision = revisions[0] if revisions else None
+        if not latest_revision:
+            return json.dumps(
+                {
+                    "ticket_id": ticket_id,
+                    "ticket_title": ticket.title,
+                    "state": ticket.state,
+                    "files_changed": [],
+                    "file_count": 0,
+                    "lines_added": 0,
+                    "lines_deleted": 0,
+                    "verification_passed": False,
+                    "has_revision": False,
+                }
+            )
+        # Load diff stat from evidence (deterministic)
+        files_changed = []
+        lines_added = 0
+        lines_deleted = 0
+        if latest_revision.diff_stat_evidence_id:
+            from app.models.evidence import Evidence
+            evidence = await db.get(Evidence, latest_revision.diff_stat_evidence_id)
+            diff_stat_content = None
+            if evidence and evidence.stdout_path:
+                try:
+                    from pathlib import Path
+                    diff_stat_content = Path(evidence.stdout_path).read_text()
+                except Exception:
+                    pass
+            if diff_stat_content:
+                # Parse diff stat format: "file.py | 10 +++++-----"
+                for line in diff_stat_content.split("\n"):
+                    if "|" in line:
+                        file_part = line.split("|")[0].strip()
+                        if file_part:
+                            files_changed.append(file_part)
+                        plus_count = line.count("+")
+                        minus_count = line.count("-")
+                        lines_added += plus_count
+                        lines_deleted += minus_count
+        # Check verification status
+        verification_passed = latest_revision.status == "approved"
+        result_data = {
+            "ticket_id": ticket_id,
+            "ticket_title": ticket.title,
+            "state": ticket.state,
+            "files_changed": files_changed[:20],  # Cap at 20 for prompt size
+            "file_count": len(files_changed),
+            "lines_added": lines_added,
+            "lines_deleted": lines_deleted,
+            "verification_passed": verification_passed,
+            "has_revision": True,
+        }
+        return json.dumps(result_data, indent=2)
+    except Exception as e:
+        return json.dumps(
+            {
+                "error": str(e),
+                "ticket_id": ticket_id,
+            }
+        )
+# Export tools for easy import
+__all__ = [
+    "analyze_codebase",
+    "search_tickets",
+    "get_goal_context",
+    "analyze_ticket_changes",
+]

package/app/backend/app/services/auth_service.py ADDED Viewed

@@ -0,0 +1,98 @@
+"""Authentication service: password hashing, JWT tokens, user CRUD."""
+import logging
+import os
+import uuid
+from datetime import UTC, datetime, timedelta
+import bcrypt
+from jose import JWTError, jwt
+from sqlalchemy import select
+from sqlalchemy.ext.asyncio import AsyncSession
+from app.models.user import User
+_logger = logging.getLogger(__name__)
+# Configuration
+_DEFAULT_SECRET = "draft-dev-secret-change-in-production"
+SECRET_KEY = os.getenv("AUTH_SECRET_KEY", _DEFAULT_SECRET)
+if SECRET_KEY == _DEFAULT_SECRET:
+    _logger.warning(
+        "AUTH_SECRET_KEY is not set — using insecure default. "
+        "Set AUTH_SECRET_KEY in your environment for production use."
+    )
+ALGORITHM = "HS256"
+ACCESS_TOKEN_EXPIRE_MINUTES = int(os.getenv("AUTH_TOKEN_EXPIRE_MINUTES", "1440"))  # 24h
+def hash_password(password: str) -> str:
+    """Hash a plaintext password using bcrypt."""
+    return bcrypt.hashpw(password.encode(), bcrypt.gensalt()).decode()
+def verify_password(plain: str, hashed: str) -> bool:
+    """Verify a plaintext password against a bcrypt hash."""
+    return bcrypt.checkpw(plain.encode(), hashed.encode())
+def create_access_token(user_id: str, email: str) -> str:
+    """Create a JWT access token for a user."""
+    expire = datetime.now(UTC) + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
+    payload = {
+        "sub": user_id,
+        "email": email,
+        "exp": expire,
+        "iat": datetime.now(UTC),
+    }
+    return jwt.encode(payload, SECRET_KEY, algorithm=ALGORITHM)
+def decode_access_token(token: str) -> dict | None:
+    """Decode and validate a JWT token. Returns payload or None."""
+    try:
+        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
+        if payload.get("sub") is None:
+            return None
+        return payload
+    except JWTError:
+        return None
+async def get_user_by_email(db: AsyncSession, email: str) -> User | None:
+    """Look up a user by email."""
+    result = await db.execute(select(User).where(User.email == email))
+    return result.scalar_one_or_none()
+async def get_user_by_id(db: AsyncSession, user_id: str) -> User | None:
+    """Look up a user by ID."""
+    result = await db.execute(select(User).where(User.id == user_id))
+    return result.scalar_one_or_none()
+async def create_user(
+    db: AsyncSession, email: str, password: str, display_name: str
+) -> User:
+    """Create a new user account. Caller must handle duplicate email checks."""
+    user = User(
+        id=str(uuid.uuid4()),
+        email=email.lower().strip(),
+        display_name=display_name.strip(),
+        hashed_password=hash_password(password),
+    )
+    db.add(user)
+    await db.flush()
+    return user
+async def authenticate_user(db: AsyncSession, email: str, password: str) -> User | None:
+    """Authenticate a user by email and password. Returns User or None."""
+    user = await get_user_by_email(db, email.lower().strip())
+    if user is None:
+        return None
+    if not user.is_active:
+        return None
+    if not verify_password(password, user.hashed_password):
+        return None
+    return user