npm - draft-board - Versions diffs - 0.1.0-beta.0 - Mend

draft-board 0.1.0-beta.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (250) hide show

package/app/backend/.env.example +9 -0
package/app/backend/.smartkanban/evidence/8b383839-cbec-45af-86ee-c7708d075cbe/bddf2ed5-2e21-4d46-a62b-10b87f1642a6_patch.txt +195 -0
package/app/backend/.smartkanban/evidence/8b383839-cbec-45af-86ee-c7708d075cbe/bddf2ed5-2e21-4d46-a62b-10b87f1642a6_stat.txt +6 -0
package/app/backend/CURL_EXAMPLES.md +335 -0
package/app/backend/ENV_SETUP.md +65 -0
package/app/backend/alembic/env.py +71 -0
package/app/backend/alembic/script.py.mako +28 -0
package/app/backend/alembic/versions/001_initial_schema.py +104 -0
package/app/backend/alembic/versions/002_add_jobs_table.py +52 -0
package/app/backend/alembic/versions/003_add_workspace_table.py +48 -0
package/app/backend/alembic/versions/004_add_evidence_table.py +56 -0
package/app/backend/alembic/versions/005_add_verification_commands.py +32 -0
package/app/backend/alembic/versions/006_add_planner_lock_table.py +39 -0
package/app/backend/alembic/versions/007_add_revision_review_tables.py +126 -0
package/app/backend/alembic/versions/008_add_revision_idempotency_and_traceability.py +52 -0
package/app/backend/alembic/versions/009_add_job_health_fields.py +46 -0
package/app/backend/alembic/versions/010_add_review_comment_line_content.py +36 -0
package/app/backend/alembic/versions/011_add_analysis_cache.py +47 -0
package/app/backend/alembic/versions/012_add_boards_table.py +102 -0
package/app/backend/alembic/versions/013_add_ticket_blocking.py +45 -0
package/app/backend/alembic/versions/014_add_agent_sessions.py +220 -0
package/app/backend/alembic/versions/015_add_ticket_sort_order.py +33 -0
package/app/backend/alembic/versions/03220f0b93ae_add_pr_fields_to_ticket.py +49 -0
package/app/backend/alembic/versions/0c2d89fff3b1_seed_board_configs_from_yaml.py +206 -0
package/app/backend/alembic/versions/3348e5cf54c1_add_merge_checklist_table.py +67 -0
package/app/backend/alembic/versions/357c780ee445_add_goal_status.py +34 -0
package/app/backend/alembic/versions/553340b7e26c_add_autonomy_fields_to_goal.py +65 -0
package/app/backend/alembic/versions/774dc335c679_merge_migration_heads.py +23 -0
package/app/backend/alembic/versions/7b307e847cbd_merge_heads.py +23 -0
package/app/backend/alembic/versions/82ecd978cc70_add_missing_indexes.py +48 -0
package/app/backend/alembic/versions/8ef5054dc280_add_normalized_log_entries.py +173 -0
package/app/backend/alembic/versions/8f3e2bd8ea3b_merge_migration_heads.py +23 -0
package/app/backend/alembic/versions/9d17f0698d3b_add_config_column_to_boards_table.py +30 -0
package/app/backend/alembic/versions/add_agent_conversation_history.py +72 -0
package/app/backend/alembic/versions/add_job_variant.py +34 -0
package/app/backend/alembic/versions/add_performance_indexes.py +95 -0
package/app/backend/alembic/versions/add_repos_and_board_repos.py +174 -0
package/app/backend/alembic/versions/add_session_id_to_jobs.py +27 -0
package/app/backend/alembic/versions/add_sqlite_backend_tables.py +104 -0
package/app/backend/alembic/versions/b10fb0b62240_add_diff_content_to_revisions.py +34 -0
package/app/backend/alembic.ini +89 -0
package/app/backend/app/__init__.py +3 -0
package/app/backend/app/data_dir.py +85 -0
package/app/backend/app/database.py +70 -0
package/app/backend/app/database_sync.py +64 -0
package/app/backend/app/dependencies/__init__.py +5 -0
package/app/backend/app/dependencies/auth.py +80 -0
package/app/backend/app/dependencies.py +43 -0
package/app/backend/app/exceptions.py +178 -0
package/app/backend/app/executors/__init__.py +1 -0
package/app/backend/app/executors/adapters/__init__.py +1 -0
package/app/backend/app/executors/adapters/aider.py +152 -0
package/app/backend/app/executors/adapters/amazon_q.py +103 -0
package/app/backend/app/executors/adapters/amp.py +123 -0
package/app/backend/app/executors/adapters/claude.py +177 -0
package/app/backend/app/executors/adapters/cline.py +127 -0
package/app/backend/app/executors/adapters/codex.py +167 -0
package/app/backend/app/executors/adapters/copilot.py +202 -0
package/app/backend/app/executors/adapters/cursor.py +87 -0
package/app/backend/app/executors/adapters/droid.py +123 -0
package/app/backend/app/executors/adapters/gemini.py +132 -0
package/app/backend/app/executors/adapters/goose.py +131 -0
package/app/backend/app/executors/adapters/opencode.py +123 -0
package/app/backend/app/executors/adapters/qwen.py +123 -0
package/app/backend/app/executors/plugins/__init__.py +1 -0
package/app/backend/app/executors/registry.py +202 -0
package/app/backend/app/executors/spec.py +226 -0
package/app/backend/app/main.py +486 -0
package/app/backend/app/middleware/__init__.py +13 -0
package/app/backend/app/middleware/idempotency.py +426 -0
package/app/backend/app/middleware/rate_limit.py +312 -0
package/app/backend/app/middleware/security_headers.py +43 -0
package/app/backend/app/middleware/timeout.py +37 -0
package/app/backend/app/models/__init__.py +56 -0
package/app/backend/app/models/agent_conversation_history.py +56 -0
package/app/backend/app/models/agent_session.py +127 -0
package/app/backend/app/models/analysis_cache.py +49 -0
package/app/backend/app/models/base.py +9 -0
package/app/backend/app/models/board.py +79 -0
package/app/backend/app/models/board_repo.py +68 -0
package/app/backend/app/models/cost_budget.py +42 -0
package/app/backend/app/models/enums.py +40 -0
package/app/backend/app/models/evidence.py +132 -0
package/app/backend/app/models/goal.py +102 -0
package/app/backend/app/models/idempotency_entry.py +30 -0
package/app/backend/app/models/job.py +163 -0
package/app/backend/app/models/job_queue.py +39 -0
package/app/backend/app/models/kv_store.py +28 -0
package/app/backend/app/models/merge_checklist.py +87 -0
package/app/backend/app/models/normalized_log.py +100 -0
package/app/backend/app/models/planner_lock.py +43 -0
package/app/backend/app/models/rate_limit_entry.py +25 -0
package/app/backend/app/models/repo.py +66 -0
package/app/backend/app/models/review_comment.py +91 -0
package/app/backend/app/models/review_summary.py +69 -0
package/app/backend/app/models/revision.py +130 -0
package/app/backend/app/models/ticket.py +223 -0
package/app/backend/app/models/ticket_event.py +83 -0
package/app/backend/app/models/user.py +47 -0
package/app/backend/app/models/workspace.py +71 -0
package/app/backend/app/redis_client.py +119 -0
package/app/backend/app/routers/__init__.py +29 -0
package/app/backend/app/routers/agents.py +296 -0
package/app/backend/app/routers/auth.py +94 -0
package/app/backend/app/routers/board.py +885 -0
package/app/backend/app/routers/dashboard.py +351 -0
package/app/backend/app/routers/debug.py +528 -0
package/app/backend/app/routers/evidence.py +96 -0
package/app/backend/app/routers/executors.py +324 -0
package/app/backend/app/routers/goals.py +574 -0
package/app/backend/app/routers/jobs.py +448 -0
package/app/backend/app/routers/maintenance.py +172 -0
package/app/backend/app/routers/merge.py +360 -0
package/app/backend/app/routers/planner.py +537 -0
package/app/backend/app/routers/pull_requests.py +382 -0
package/app/backend/app/routers/repos.py +263 -0
package/app/backend/app/routers/revisions.py +939 -0
package/app/backend/app/routers/settings.py +267 -0
package/app/backend/app/routers/tickets.py +2003 -0
package/app/backend/app/routers/webhooks.py +143 -0
package/app/backend/app/routers/websocket.py +249 -0
package/app/backend/app/schemas/__init__.py +109 -0
package/app/backend/app/schemas/board.py +87 -0
package/app/backend/app/schemas/common.py +33 -0
package/app/backend/app/schemas/evidence.py +87 -0
package/app/backend/app/schemas/goal.py +90 -0
package/app/backend/app/schemas/job.py +97 -0
package/app/backend/app/schemas/merge.py +139 -0
package/app/backend/app/schemas/planner.py +500 -0
package/app/backend/app/schemas/repo.py +187 -0
package/app/backend/app/schemas/review.py +137 -0
package/app/backend/app/schemas/revision.py +114 -0
package/app/backend/app/schemas/ticket.py +238 -0
package/app/backend/app/schemas/ticket_event.py +72 -0
package/app/backend/app/schemas/workspace.py +19 -0
package/app/backend/app/services/__init__.py +31 -0
package/app/backend/app/services/agent_memory_service.py +223 -0
package/app/backend/app/services/agent_registry.py +346 -0
package/app/backend/app/services/agent_session_manager.py +318 -0
package/app/backend/app/services/agent_session_service.py +219 -0
package/app/backend/app/services/agent_tools.py +379 -0
package/app/backend/app/services/auth_service.py +98 -0
package/app/backend/app/services/autonomy_service.py +380 -0
package/app/backend/app/services/board_repo_service.py +201 -0
package/app/backend/app/services/board_service.py +326 -0
package/app/backend/app/services/cleanup_service.py +1085 -0
package/app/backend/app/services/config_service.py +908 -0
package/app/backend/app/services/context_gatherer.py +557 -0
package/app/backend/app/services/cost_tracking_service.py +293 -0
package/app/backend/app/services/cursor_log_normalizer.py +536 -0
package/app/backend/app/services/delivery_pipeline.py +440 -0
package/app/backend/app/services/executor_service.py +634 -0
package/app/backend/app/services/git_host/__init__.py +11 -0
package/app/backend/app/services/git_host/factory.py +87 -0
package/app/backend/app/services/git_host/github.py +270 -0
package/app/backend/app/services/git_host/gitlab.py +194 -0
package/app/backend/app/services/git_host/protocol.py +75 -0
package/app/backend/app/services/git_merge_simple.py +346 -0
package/app/backend/app/services/git_ops.py +384 -0
package/app/backend/app/services/github_service.py +233 -0
package/app/backend/app/services/goal_service.py +113 -0
package/app/backend/app/services/job_service.py +423 -0
package/app/backend/app/services/job_watchdog_service.py +424 -0
package/app/backend/app/services/langchain_adapter.py +122 -0
package/app/backend/app/services/llm_provider_clients.py +351 -0
package/app/backend/app/services/llm_service.py +285 -0
package/app/backend/app/services/log_normalizer.py +342 -0
package/app/backend/app/services/log_stream_service.py +276 -0
package/app/backend/app/services/merge_checklist_service.py +264 -0
package/app/backend/app/services/merge_service.py +784 -0
package/app/backend/app/services/orchestrator_log.py +84 -0
package/app/backend/app/services/planner_service.py +1662 -0
package/app/backend/app/services/planner_tick_sync.py +1040 -0
package/app/backend/app/services/queued_message_service.py +156 -0
package/app/backend/app/services/reliability_wrapper.py +389 -0
package/app/backend/app/services/repo_discovery_service.py +318 -0
package/app/backend/app/services/review_service.py +334 -0
package/app/backend/app/services/revision_service.py +389 -0
package/app/backend/app/services/safe_autopilot.py +510 -0
package/app/backend/app/services/sqlite_worker.py +372 -0
package/app/backend/app/services/task_dispatch.py +135 -0
package/app/backend/app/services/ticket_generation_service.py +1781 -0
package/app/backend/app/services/ticket_service.py +486 -0
package/app/backend/app/services/udar_planner_service.py +1007 -0
package/app/backend/app/services/webhook_service.py +126 -0
package/app/backend/app/services/workspace_service.py +465 -0
package/app/backend/app/services/worktree_file_service.py +92 -0
package/app/backend/app/services/worktree_validator.py +213 -0
package/app/backend/app/sqlite_kv.py +278 -0
package/app/backend/app/state_machine.py +128 -0
package/app/backend/app/templates/__init__.py +5 -0
package/app/backend/app/templates/registry.py +243 -0
package/app/backend/app/utils/__init__.py +5 -0
package/app/backend/app/utils/artifact_reader.py +87 -0
package/app/backend/app/utils/circuit_breaker.py +229 -0
package/app/backend/app/utils/db_retry.py +136 -0
package/app/backend/app/utils/ignored_fields.py +123 -0
package/app/backend/app/utils/validators.py +54 -0
package/app/backend/app/websocket/__init__.py +5 -0
package/app/backend/app/websocket/manager.py +179 -0
package/app/backend/app/websocket/state_tracker.py +113 -0
package/app/backend/app/worker.py +3190 -0
package/app/backend/calculator_tickets.json +40 -0
package/app/backend/canary_tests.sh +591 -0
package/app/backend/celerybeat-schedule +0 -0
package/app/backend/celerybeat-schedule-shm +0 -0
package/app/backend/celerybeat-schedule-wal +0 -0
package/app/backend/logs/.gitkeep +3 -0
package/app/backend/multiplication_division_implementation_tickets.json +55 -0
package/app/backend/multiplication_division_tickets.json +42 -0
package/app/backend/pyproject.toml +45 -0
package/app/backend/requirements-dev.txt +8 -0
package/app/backend/requirements.txt +20 -0
package/app/backend/run.sh +30 -0
package/app/backend/run_with_logs.sh +10 -0
package/app/backend/scientific_calculator_tickets.json +40 -0
package/app/backend/scripts/extract_openapi.py +21 -0
package/app/backend/scripts/seed_demo.py +187 -0
package/app/backend/setup_demo_review.py +302 -0
package/app/backend/test_actual_parse.py +41 -0
package/app/backend/test_agent_streaming.py +61 -0
package/app/backend/test_parse.py +51 -0
package/app/backend/test_streaming.py +51 -0
package/app/backend/test_subprocess_streaming.py +50 -0
package/app/backend/tests/__init__.py +1 -0
package/app/backend/tests/conftest.py +46 -0
package/app/backend/tests/test_auth.py +341 -0
package/app/backend/tests/test_autonomy_service.py +391 -0
package/app/backend/tests/test_cleanup_service_safety.py +417 -0
package/app/backend/tests/test_middleware.py +279 -0
package/app/backend/tests/test_planner_providers.py +290 -0
package/app/backend/tests/test_planner_unblock.py +183 -0
package/app/backend/tests/test_revision_invariants.py +618 -0
package/app/backend/tests/test_sqlite_kv.py +290 -0
package/app/backend/tests/test_sqlite_worker.py +353 -0
package/app/backend/tests/test_task_dispatch.py +100 -0
package/app/backend/tests/test_ticket_validation.py +304 -0
package/app/backend/tests/test_udar_agent.py +693 -0
package/app/backend/tests/test_webhook_service.py +184 -0
package/app/backend/tickets_output.json +59 -0
package/app/backend/user_management_tickets.json +50 -0
package/app/backend/uvicorn.log +0 -0
package/app/draft.yaml +313 -0
package/app/frontend/dist/assets/index-LcjCczu5.js +155 -0
package/app/frontend/dist/assets/index-_FP_279e.css +1 -0
package/app/frontend/dist/index.html +14 -0
package/app/frontend/dist/vite.svg +1 -0
package/app/frontend/package.json +101 -0
package/bin/cli.js +527 -0
package/package.json +37 -0

package/app/backend/app/services/context_gatherer.py ADDED Viewed

@@ -0,0 +1,557 @@
+"""Secure, metadata-first repository context gathering.
+This module provides safe context gathering for LLM-based ticket generation.
+It follows these principles:
+1. METADATA-FIRST: Returns file paths, line counts, and small excerpts only.
+   Never returns full file contents except for small, capped excerpts.
+2. STRICT CAPS: Hard limits on files scanned, bytes read, and excerpt sizes
+   to prevent runaway prompts and cost explosions.
+3. SECURITY: Excludes sensitive paths (.env, keys, secrets) and skips symlinks
+   to prevent secret leakage to third-party LLM providers.
+"""
+import fnmatch
+import logging
+import re
+from dataclasses import dataclass, field
+from pathlib import Path
+logger = logging.getLogger(__name__)
+@dataclass
+class FileMetadata:
+    """Metadata about a single file."""
+    path: str  # Relative to repo root
+    line_count: int
+    language: str | None  # Detected from extension
+    size_bytes: int
+@dataclass
+class GatherStats:
+    """Statistics from the context gathering operation."""
+    files_scanned: int = 0
+    bytes_read: int = 0
+    skipped_excluded: int = 0
+    skipped_symlinks: int = 0
+    skipped_binary: int = 0
+    skipped_too_large: int = 0
+    todo_lines_found: int = 0
+    # Observability: track what was excluded and what was scanned
+    excluded_by_pattern: dict[str, int] = field(
+        default_factory=dict
+    )  # pattern -> count
+    extensions_scanned: dict[str, int] = field(
+        default_factory=dict
+    )  # extension -> count
+@dataclass
+class RepoContext:
+    """Gathered repository context for LLM consumption."""
+    file_tree: list[FileMetadata]
+    project_type: str  # "python", "node", "mixed", "unknown"
+    todo_count: int
+    todo_excerpts: list[str]  # Max 50, each max 200 chars
+    readme_excerpt: str | None  # Max 500 chars if enabled
+    stats: GatherStats = field(default_factory=GatherStats)
+    def to_prompt_string(self) -> str:
+        """Convert to a string suitable for LLM prompts."""
+        parts = []
+        # Project type
+        parts.append(f"Project type: {self.project_type}")
+        # File tree summary (top directories + file counts by type)
+        if self.file_tree:
+            # Group by directory
+            dir_counts: dict[str, int] = {}
+            ext_counts: dict[str, int] = {}
+            for f in self.file_tree:
+                # Get top-level directory
+                path_parts = f.path.split("/")
+                if len(path_parts) > 1:
+                    top_dir = path_parts[0]
+                    dir_counts[top_dir] = dir_counts.get(top_dir, 0) + 1
+                # Count extensions
+                if f.language:
+                    ext_counts[f.language] = ext_counts.get(f.language, 0) + 1
+            if dir_counts:
+                top_dirs = sorted(dir_counts.items(), key=lambda x: -x[1])[:10]
+                parts.append(
+                    f"Top directories: {', '.join(f'{d} ({c} files)' for d, c in top_dirs)}"
+                )
+            if ext_counts:
+                top_exts = sorted(ext_counts.items(), key=lambda x: -x[1])[:8]
+                parts.append(
+                    f"File types: {', '.join(f'{e} ({c})' for e, c in top_exts)}"
+                )
+            parts.append(f"Total files indexed: {len(self.file_tree)}")
+        # README excerpt
+        if self.readme_excerpt:
+            parts.append(f"README excerpt:\n{self.readme_excerpt}")
+        # TODOs
+        if self.todo_count > 0:
+            parts.append(f"TODO/FIXME comments found: {self.todo_count}")
+            if self.todo_excerpts:
+                parts.append("Sample TODOs:")
+                for excerpt in self.todo_excerpts[:10]:
+                    parts.append(f"  - {excerpt}")
+        # Stats
+        parts.append(
+            f"Scan stats: {self.stats.files_scanned} files scanned, "
+            f"{self.stats.skipped_excluded} excluded, "
+            f"{self.stats.skipped_symlinks} symlinks skipped"
+        )
+        return "\n".join(parts)
+class ContextGatherer:
+    """Metadata-first repo context with strict caps and exclusions.
+    This class gathers repository context safely for LLM consumption:
+    - Never reads full file contents (only line counts and small excerpts)
+    - Excludes sensitive files (secrets, env, keys)
+    - Enforces hard caps on all operations
+    - Skips symlinks entirely
+    """
+    # Hard caps - non-negotiable limits
+    MAX_FILES_SCANNED = 500
+    MAX_BYTES_TOTAL = 50_000  # ~50KB of excerpts
+    MAX_TODO_LINES = 50
+    MAX_EXCERPT_CHARS = 200
+    MAX_README_CHARS = 500
+    MAX_FILE_SIZE_FOR_SCAN = 100_000  # Skip files > 100KB for TODO scanning
+    # Sensitive path patterns to exclude (glob-style)
+    EXCLUDED_PATTERNS = [
+        # Environment and secrets
+        ".env",
+        ".env.*",
+        "*.env",
+        ".envrc",
+        "secrets.*",
+        "*secret*",
+        "*password*",
+        # Keys and certificates
+        "*.pem",
+        "*.key",
+        "*.crt",
+        "*.p12",
+        "*.pfx",
+        "id_rsa*",
+        "id_ed25519*",
+        "*.pub",
+        # Config files that might contain secrets
+        "credentials*",
+        "*_credentials*",
+        "auth.json",
+        "config.local.*",
+        # Package directories
+        "node_modules/",
+        "venv/",
+        ".venv/",
+        "__pycache__/",
+        ".git/",
+        ".svn/",
+        ".hg/",
+        # Build artifacts
+        "dist/",
+        "build/",
+        "*.pyc",
+        "*.pyo",
+        "*.so",
+        "*.dylib",
+        "*.dll",
+        # Logs and data
+        "*.log",
+        "*.sqlite",
+        "*.db",
+        # IDE and editor
+        ".idea/",
+        ".vscode/",
+        "*.swp",
+        "*.swo",
+        # Coverage and test artifacts
+        "coverage/",
+        ".coverage",
+        "htmlcov/",
+        ".pytest_cache/",
+        ".mypy_cache/",
+        # Binary files
+        "*.jpg",
+        "*.jpeg",
+        "*.png",
+        "*.gif",
+        "*.ico",
+        "*.pdf",
+        "*.zip",
+        "*.tar",
+        "*.gz",
+        "*.woff",
+        "*.woff2",
+        "*.ttf",
+        "*.eot",
+    ]
+    # Extension to language mapping
+    EXTENSION_LANGUAGES = {
+        ".py": "python",
+        ".js": "javascript",
+        ".ts": "typescript",
+        ".tsx": "typescript",
+        ".jsx": "javascript",
+        ".go": "go",
+        ".rs": "rust",
+        ".java": "java",
+        ".kt": "kotlin",
+        ".rb": "ruby",
+        ".php": "php",
+        ".c": "c",
+        ".cpp": "cpp",
+        ".h": "c",
+        ".hpp": "cpp",
+        ".cs": "csharp",
+        ".swift": "swift",
+        ".sh": "shell",
+        ".bash": "shell",
+        ".zsh": "shell",
+        ".sql": "sql",
+        ".md": "markdown",
+        ".yaml": "yaml",
+        ".yml": "yaml",
+        ".json": "json",
+        ".toml": "toml",
+        ".xml": "xml",
+        ".html": "html",
+        ".css": "css",
+        ".scss": "scss",
+        ".less": "less",
+    }
+    def __init__(
+        self,
+        max_files: int | None = None,
+        max_bytes: int | None = None,
+        max_todos: int | None = None,
+        additional_exclusions: list[str] | None = None,
+    ):
+        """Initialize the context gatherer.
+        Args:
+            max_files: Override MAX_FILES_SCANNED (can only decrease).
+            max_bytes: Override MAX_BYTES_TOTAL (can only decrease).
+            max_todos: Override MAX_TODO_LINES (can only decrease).
+            additional_exclusions: Additional glob patterns to exclude.
+        """
+        self.max_files = min(
+            max_files or self.MAX_FILES_SCANNED, self.MAX_FILES_SCANNED
+        )
+        self.max_bytes = min(max_bytes or self.MAX_BYTES_TOTAL, self.MAX_BYTES_TOTAL)
+        self.max_todos = min(max_todos or self.MAX_TODO_LINES, self.MAX_TODO_LINES)
+        self.exclusions = list(self.EXCLUDED_PATTERNS)
+        if additional_exclusions:
+            self.exclusions.extend(additional_exclusions)
+    def gather(
+        self,
+        repo_root: Path | str,
+        include_readme_excerpt: bool = False,
+    ) -> RepoContext:
+        """Gather repository context.
+        Args:
+            repo_root: Path to the repository root.
+            include_readme_excerpt: Whether to include README excerpt (default OFF).
+        Returns:
+            RepoContext with metadata about the repository.
+        """
+        repo_root = Path(repo_root).resolve()
+        if not repo_root.exists():
+            logger.warning(f"Repository root does not exist: {repo_root}")
+            return RepoContext(
+                file_tree=[],
+                project_type="unknown",
+                todo_count=0,
+                todo_excerpts=[],
+                readme_excerpt=None,
+            )
+        stats = GatherStats()
+        file_tree: list[FileMetadata] = []
+        todo_excerpts: list[str] = []
+        readme_excerpt: str | None = None
+        # Detect project type
+        project_type = self._detect_project_type(repo_root)
+        # Scan files
+        bytes_read = 0
+        for file_path in self._walk_files(repo_root, stats):
+            if stats.files_scanned >= self.max_files:
+                break
+            try:
+                # Get file metadata (no content read yet)
+                rel_path = str(file_path.relative_to(repo_root))
+                file_size = file_path.stat().st_size
+                extension = file_path.suffix.lower()
+                language = self.EXTENSION_LANGUAGES.get(extension)
+                # Count lines without reading entire file into memory
+                line_count = self._count_lines(file_path)
+                if line_count is None:
+                    stats.skipped_binary += 1
+                    continue
+                file_tree.append(
+                    FileMetadata(
+                        path=rel_path,
+                        line_count=line_count,
+                        language=language,
+                        size_bytes=file_size,
+                    )
+                )
+                stats.files_scanned += 1
+                # Scan for TODOs if file is small enough and we haven't hit the cap
+                if (
+                    len(todo_excerpts) < self.max_todos
+                    and file_size < self.MAX_FILE_SIZE_FOR_SCAN
+                    and bytes_read < self.max_bytes
+                    and language
+                    in ("python", "javascript", "typescript", "go", "rust", "java")
+                ):
+                    new_todos, bytes_used = self._extract_todos(
+                        file_path, rel_path, self.max_todos - len(todo_excerpts)
+                    )
+                    todo_excerpts.extend(new_todos)
+                    bytes_read += bytes_used
+                    stats.todo_lines_found += len(new_todos)
+            except (OSError, PermissionError) as e:
+                logger.debug(f"Failed to read {file_path}: {e}")
+                continue
+        # Get README excerpt if requested
+        if include_readme_excerpt:
+            readme_excerpt = self._get_readme_excerpt(repo_root)
+            if readme_excerpt:
+                bytes_read += len(readme_excerpt.encode("utf-8", errors="replace"))
+        stats.bytes_read = bytes_read
+        return RepoContext(
+            file_tree=file_tree,
+            project_type=project_type,
+            todo_count=stats.todo_lines_found,
+            todo_excerpts=todo_excerpts,
+            readme_excerpt=readme_excerpt,
+            stats=stats,
+        )
+    def _walk_files(self, repo_root: Path, stats: GatherStats):
+        """Walk repository files, respecting exclusions and caps.
+        Yields file paths, updating stats as it goes.
+        """
+        for item in repo_root.rglob("*"):
+            # Skip directories
+            if item.is_dir():
+                continue
+            # Skip symlinks entirely (security)
+            if item.is_symlink():
+                stats.skipped_symlinks += 1
+                continue
+            # Check exclusions (returns matching pattern if excluded)
+            rel_path = str(item.relative_to(repo_root))
+            matched_pattern = self._get_exclusion_match(rel_path, item.name)
+            if matched_pattern:
+                stats.skipped_excluded += 1
+                # Track which patterns are matching (for debugging bad suggestions)
+                stats.excluded_by_pattern[matched_pattern] = (
+                    stats.excluded_by_pattern.get(matched_pattern, 0) + 1
+                )
+                continue
+            # Track extension for filetype histogram
+            ext = item.suffix.lower() or "(no extension)"
+            stats.extensions_scanned[ext] = stats.extensions_scanned.get(ext, 0) + 1
+            yield item
+    def _get_exclusion_match(self, rel_path: str, filename: str) -> str | None:
+        """Check if a path matches any exclusion pattern.
+        Returns the matching pattern if excluded, None otherwise.
+        """
+        for pattern in self.exclusions:
+            # Check against full relative path
+            if fnmatch.fnmatch(rel_path, pattern):
+                return pattern
+            if fnmatch.fnmatch(rel_path, f"**/{pattern}"):
+                return pattern
+            # Check against filename only
+            if fnmatch.fnmatch(filename, pattern):
+                return pattern
+            # Check if path contains the pattern as a directory
+            if pattern.endswith("/") and pattern[:-1] in rel_path.split("/"):
+                return pattern
+        return None
+    def _is_excluded(self, rel_path: str, filename: str) -> bool:
+        """Check if a path matches any exclusion pattern."""
+        return self._get_exclusion_match(rel_path, filename) is not None
+    def _count_lines(self, file_path: Path) -> int | None:
+        """Count lines in a file without loading it all into memory.
+        Returns None if the file appears to be binary.
+        """
+        try:
+            line_count = 0
+            with open(file_path, "rb") as f:
+                # Read first 8KB to check if binary
+                sample = f.read(8192)
+                if b"\x00" in sample:
+                    return None  # Binary file
+                # Count newlines in sample
+                line_count = sample.count(b"\n")
+                # Continue counting for rest of file
+                for chunk in iter(lambda: f.read(65536), b""):
+                    line_count += chunk.count(b"\n")
+            return line_count
+        except Exception:
+            return None
+    def _extract_todos(
+        self, file_path: Path, rel_path: str, max_count: int
+    ) -> tuple[list[str], int]:
+        """Extract TODO/FIXME comments from a file.
+        Returns (list of excerpts, bytes read).
+        """
+        todos: list[str] = []
+        bytes_read = 0
+        todo_pattern = re.compile(
+            r"#\s*(TODO|FIXME|XXX|HACK)\b[:\s]*(.*)", re.IGNORECASE
+        )
+        try:
+            with open(file_path, encoding="utf-8", errors="replace") as f:
+                for line_num, line in enumerate(f, 1):
+                    bytes_read += len(line.encode("utf-8", errors="replace"))
+                    match = todo_pattern.search(line)
+                    if match:
+                        tag = match.group(1).upper()
+                        message = match.group(2).strip()[: self.MAX_EXCERPT_CHARS]
+                        # Sanitize - remove any potential secrets
+                        if not self._looks_like_secret(message):
+                            excerpt = f"{rel_path}:{line_num} [{tag}] {message}"
+                            todos.append(excerpt[: self.MAX_EXCERPT_CHARS])
+                            if len(todos) >= max_count:
+                                break
+                    # Cap bytes read per file
+                    if bytes_read > self.MAX_FILE_SIZE_FOR_SCAN:
+                        break
+        except Exception as e:
+            logger.debug(f"Failed to extract TODOs from {file_path}: {e}")
+        return todos, bytes_read
+    def _looks_like_secret(self, text: str) -> bool:
+        """Check if text looks like it might contain a secret."""
+        text_lower = text.lower()
+        secret_indicators = [
+            "password",
+            "secret",
+            "api_key",
+            "apikey",
+            "token",
+            "credential",
+            "auth",
+            "bearer",
+            "private_key",
+        ]
+        # Check for key=value patterns with these words
+        for indicator in secret_indicators:
+            if indicator in text_lower and "=" in text:
+                return True
+        # Check for long hex strings (possible keys/tokens)
+        if re.search(r"[a-fA-F0-9]{32,}", text):
+            return True
+        return False
+    def _detect_project_type(self, repo_root: Path) -> str:
+        """Detect the project type from configuration files."""
+        indicators = {
+            "python": ["requirements.txt", "pyproject.toml", "setup.py", "Pipfile"],
+            "node": ["package.json", "yarn.lock", "pnpm-lock.yaml"],
+            "go": ["go.mod", "go.sum"],
+            "rust": ["Cargo.toml"],
+            "java": ["pom.xml", "build.gradle", "build.gradle.kts"],
+            "ruby": ["Gemfile", "Rakefile"],
+        }
+        detected = []
+        for lang, files in indicators.items():
+            for f in files:
+                if (repo_root / f).exists():
+                    detected.append(lang)
+                    break
+        if not detected:
+            return "unknown"
+        if len(detected) == 1:
+            return detected[0]
+        return "mixed"
+    def _get_readme_excerpt(self, repo_root: Path) -> str | None:
+        """Get a capped excerpt from the README file."""
+        readme_names = ["README.md", "README.rst", "README.txt", "README"]
+        for name in readme_names:
+            readme_path = repo_root / name
+            if readme_path.exists() and readme_path.is_file():
+                try:
+                    with open(readme_path, encoding="utf-8", errors="replace") as f:
+                        content = f.read(self.MAX_README_CHARS + 100)
+                        if len(content) > self.MAX_README_CHARS:
+                            # Truncate at word boundary
+                            content = content[: self.MAX_README_CHARS]
+                            last_space = content.rfind(" ")
+                            if last_space > self.MAX_README_CHARS - 50:
+                                content = content[:last_space]
+                            content += "..."
+                        return content
+                except Exception as e:
+                    logger.debug(f"Failed to read README {readme_path}: {e}")
+        return None