flowent 0.1.4 → 0.1.5

package/backend/tests/test_approval.py

@@ -0,0 +1,283 @@
+import json
+
+import pytest
+
+from flowent.approval import (
+    ApprovalReviewRequest,
+    ApprovalTranscriptEntry,
+    review_approval_request,
+)
+from flowent.llm import ProviderConnection, ProviderFormat
+
+
+def provider_connection() -> ProviderConnection:
+    return ProviderConnection(
+        model="model",
+        name="Provider",
+        provider=ProviderFormat.OPENAI,
+        secret_reference="secret",
+    )
+
+
+@pytest.mark.anyio
+async def test_review_payload_includes_current_user_request_and_transcript(
+    tmp_path,
+) -> None:
+    captured_messages: list[dict[str, object]] = []
+
+    async def fake_completion(**request: object) -> object:
+        captured_messages.extend(request["messages"])
+        return {
+            "choices": [
+                {
+                    "message": {
+                        "content": json.dumps(
+                            {
+                                "risk_level": "low",
+                                "risk_score": 25,
+                                "rationale": "User approved after concrete risk context.",
+                                "evidence": [
+                                    {
+                                        "message": "Assistant explained Docker socket impact.",
+                                        "why": "Establishes informed consent.",
+                                    }
+                                ],
+                            }
+                        ),
+                        "role": "assistant",
+                    }
+                },
+            ],
+        }
+
+    decision = await review_approval_request(
+        provider_connection(),
+        ApprovalReviewRequest(
+            action="additional_permissions",
+            arguments={"command": "docker compose up -d --build"},
+            cwd=tmp_path,
+            tool_name="shell_command",
+            user_request="确认",
+            transcript=[
+                ApprovalTranscriptEntry(
+                    role="assistant",
+                    content=(
+                        "This will recreate the dev container, write to the Docker "
+                        "socket, and briefly interrupt the local service."
+                    ),
+                ),
+                ApprovalTranscriptEntry(role="user", content="确认"),
+            ],
+            write_paths=[tmp_path / "docker.sock"],
+        ),
+        completion=fake_completion,
+    )
+
+    assert decision.decision == "approved"
+    assert decision.risk_level == "low"
+    assert decision.risk_score == 25
+    assert "informed of the concrete risk" in str(captured_messages[0]["content"])
+    payload = json.loads(str(captured_messages[-1]["content"]))
+    assert payload["user_request"] == "确认"
+    assert payload["transcript"][-1] == {"role": "user", "content": "确认"}
+
+
+@pytest.mark.anyio
+async def test_concrete_docker_socket_confirmation_can_be_approved(tmp_path) -> None:
+    async def fake_completion(**request: object) -> object:
+        return {
+            "choices": [
+                {
+                    "message": {
+                        "content": json.dumps(
+                            {
+                                "risk_level": "medium",
+                                "risk_score": 55,
+                                "rationale": (
+                                    "The user approved after being told the command "
+                                    "will recreate the dev container through Docker."
+                                ),
+                                "evidence": [],
+                            }
+                        ),
+                        "role": "assistant",
+                    }
+                }
+            ]
+        }
+
+    decision = await review_approval_request(
+        provider_connection(),
+        ApprovalReviewRequest(
+            action="additional_permissions",
+            arguments={
+                "command": "docker compose up -d --force-recreate flowent",
+            },
+            cwd=tmp_path,
+            tool_name="shell_command",
+            user_request="确认",
+            transcript=[
+                ApprovalTranscriptEntry(
+                    role="assistant",
+                    content=(
+                        "This will recreate the Flowent dev container through "
+                        "Docker and may briefly interrupt the running service."
+                    ),
+                ),
+                ApprovalTranscriptEntry(role="user", content="确认"),
+            ],
+            write_paths=[tmp_path / "docker.sock"],
+        ),
+        completion=fake_completion,
+    )
+
+    assert decision.decision == "approved"
+    assert decision.risk_level == "medium"
+    assert decision.risk_score == 55
+
+
+@pytest.mark.anyio
+async def test_vague_confirmation_without_concrete_risk_context_is_denied(
+    tmp_path,
+) -> None:
+    captured_payload: dict[str, object] = {}
+
+    async def fake_completion(**request: object) -> object:
+        captured_payload.update(json.loads(str(request["messages"][-1]["content"])))
+        return {
+            "choices": [
+                {
+                    "message": {
+                        "content": json.dumps(
+                            {
+                                "risk_level": "high",
+                                "risk_score": 82,
+                                "rationale": (
+                                    "The transcript only contains a vague confirmation "
+                                    "and no concrete Docker risk explanation."
+                                ),
+                                "evidence": [],
+                            }
+                        ),
+                        "role": "assistant",
+                    }
+                }
+            ]
+        }
+
+    decision = await review_approval_request(
+        provider_connection(),
+        ApprovalReviewRequest(
+            action="additional_permissions",
+            arguments={
+                "command": "docker compose up -d --force-recreate flowent",
+            },
+            cwd=tmp_path,
+            tool_name="shell_command",
+            user_request="确认",
+            transcript=[ApprovalTranscriptEntry(role="user", content="确认")],
+            write_paths=[tmp_path / "docker.sock"],
+        ),
+        completion=fake_completion,
+    )
+
+    assert decision.decision == "denied"
+    assert decision.risk_level == "high"
+    assert decision.risk_score == 82
+    assert captured_payload["transcript"] == [{"role": "user", "content": "确认"}]
+
+
+@pytest.mark.anyio
+async def test_broad_destructive_action_with_vague_confirmation_is_denied(
+    tmp_path,
+) -> None:
+    async def fake_completion(**request: object) -> object:
+        return {
+            "choices": [
+                {
+                    "message": {
+                        "content": json.dumps(
+                            {
+                                "risk_level": "high",
+                                "risk_score": 96,
+                                "rationale": (
+                                    "The action can delete broad data and the user "
+                                    "did not approve that concrete destructive risk."
+                                ),
+                                "evidence": [
+                                    {
+                                        "message": "rm -rf /var/lib/postgresql",
+                                        "why": "Broad destructive write outside the task.",
+                                    }
+                                ],
+                            }
+                        ),
+                        "role": "assistant",
+                    }
+                }
+            ]
+        }
+
+    decision = await review_approval_request(
+        provider_connection(),
+        ApprovalReviewRequest(
+            action="sandbox_failure",
+            arguments={"command": "rm -rf /var/lib/postgresql"},
+            cwd=tmp_path,
+            tool_name="shell_command",
+            tool_result="Read-only file system",
+            user_request="确认",
+            transcript=[ApprovalTranscriptEntry(role="user", content="确认")],
+        ),
+        completion=fake_completion,
+    )
+
+    assert decision.decision == "denied"
+    assert decision.risk_level == "high"
+    assert decision.risk_score == 96
+
+
+@pytest.mark.anyio
+async def test_invalid_reviewer_json_is_denied(tmp_path) -> None:
+    async def fake_completion(**request: object) -> object:
+        return {
+            "choices": [
+                {"message": {"content": "approved", "role": "assistant"}},
+            ],
+        }
+
+    decision = await review_approval_request(
+        provider_connection(),
+        ApprovalReviewRequest(
+            action="sandbox_failure",
+            arguments={"command": "touch file.txt"},
+            cwd=tmp_path,
+            tool_name="shell_command",
+            tool_result="Read-only file system",
+        ),
+        completion=fake_completion,
+    )
+
+    assert decision.decision == "denied"
+    assert "valid JSON" in decision.reason
+
+
+@pytest.mark.anyio
+async def test_reviewer_call_failure_is_denied(tmp_path) -> None:
+    async def fake_completion(**request: object) -> object:
+        raise RuntimeError("model unavailable")
+
+    decision = await review_approval_request(
+        provider_connection(),
+        ApprovalReviewRequest(
+            action="edit",
+            arguments={"patch": "*** Begin Patch\n*** End Patch"},
+            cwd=tmp_path,
+            tool_name="apply_patch",
+            write_paths=[tmp_path / "outside"],
+        ),
+        completion=fake_completion,
+    )
+
+    assert decision.decision == "denied"
+    assert "model unavailable" in decision.reason

package/backend/tests/test_llm_providers.py

@@ -1,3 +1,5 @@
+import json
+
 import pytest
 
 from flowent.llm import (
@@ -8,10 +10,17 @@ from flowent.llm import (
     build_litellm_request,
     chunk_delta_reasoning,
     complete_chat,
+    normalize_system_messages,
     stream_chat,
 )
 
 
+def read_single_llm_request_diagnostic(tmp_path):
+    files = sorted((tmp_path / "logs" / "llm-requests").glob("llm-request-*.json"))
+    assert len(files) == 1
+    return json.loads(files[0].read_text())
+
+
 def test_supported_provider_formats_match_product_choices() -> None:
     assert [provider.value for provider in ProviderFormat] == [
         "openai",
@@ -137,6 +146,63 @@ async def test_complete_chat_uses_injected_litellm_completion() -> None:
     assert answer == ChatMessage(role="assistant", content="Here is the checklist.")
 
 
+@pytest.mark.anyio
+async def test_development_mode_writes_completion_request_diagnostic_file(
+    tmp_path, monkeypatch
+) -> None:
+    monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path))
+    monkeypatch.setenv("DEBUG", "true")
+
+    async def fake_completion(**request: object) -> dict[str, object]:
+        return {
+            "choices": [
+                {
+                    "message": {
+                        "content": "Here is the checklist.",
+                        "role": "assistant",
+                    },
+                }
+            ]
+        }
+
+    connection = ProviderConnection(
+        name="Responses",
+        provider=ProviderFormat.OPENAI_RESPONSES,
+        model="gpt-5.1",
+        secret_reference="sk-request-secret",
+    )
+    messages = [ChatMessage(role="user", content="Create a checklist.")]
+    tools = [
+        {
+            "type": "function",
+            "function": {
+                "name": "create_checklist",
+                "description": "Create a checklist.",
+            },
+        }
+    ]
+
+    await complete_chat(
+        connection,
+        messages,
+        completion=fake_completion,
+        tools=tools,
+    )
+
+    diagnostic = read_single_llm_request_diagnostic(tmp_path)
+
+    assert diagnostic == {
+        "base_url": None,
+        "litellm_model": "openai/gpt-5.1",
+        "messages": [{"content": "Create a checklist.", "role": "user"}],
+        "model": "gpt-5.1",
+        "provider": "openai_responses",
+        "reasoning_effort": "default",
+        "stream": False,
+        "tools": tools,
+    }
+
+
 @pytest.mark.anyio
 async def test_stream_chat_uses_litellm_streaming() -> None:
     captured_request: dict[str, object] = {}
@@ -169,3 +235,153 @@ async def test_stream_chat_uses_litellm_streaming() -> None:
     assert captured_request["stream"] is True
     assert captured_request["model"] == "openai/gpt-5.1"
     assert chunks == ["Here is ", "the checklist."]
+
+
+@pytest.mark.anyio
+async def test_development_mode_writes_one_streaming_request_diagnostic_file(
+    tmp_path, monkeypatch
+) -> None:
+    monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path))
+    monkeypatch.setenv("DEBUG", "true")
+
+    async def fake_completion(**request: object) -> object:
+        async def chunks() -> object:
+            yield {"choices": [{"delta": {"content": "Here is "}}]}
+            yield {"choices": [{"delta": {"content": "the checklist."}}]}
+
+        return chunks()
+
+    connection = ProviderConnection(
+        name="Responses",
+        provider=ProviderFormat.OPENAI_RESPONSES,
+        model="gpt-5.1",
+        secret_reference="sk-request-secret",
+    )
+
+    chunks = [
+        chunk
+        async for chunk in stream_chat(
+            connection,
+            [ChatMessage(role="user", content="Create a checklist.")],
+            completion=fake_completion,
+        )
+    ]
+    diagnostic = read_single_llm_request_diagnostic(tmp_path)
+
+    assert chunks == ["Here is ", "the checklist."]
+    assert diagnostic["stream"] is True
+
+
+@pytest.mark.anyio
+async def test_development_request_diagnostic_omits_api_key_and_secret_values(
+    tmp_path, monkeypatch
+) -> None:
+    monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path))
+    monkeypatch.setenv("DEBUG", "true")
+
+    async def fake_completion(**request: object) -> dict[str, object]:
+        return {
+            "choices": [
+                {
+                    "message": {
+                        "content": "Here is the checklist.",
+                        "role": "assistant",
+                    },
+                }
+            ]
+        }
+
+    connection = ProviderConnection(
+        name="Responses",
+        provider=ProviderFormat.OPENAI_RESPONSES,
+        model="gpt-5.1",
+        secret_reference="sk-provider-secret",
+    )
+    tools = [
+        {
+            "type": "function",
+            "function": {
+                "name": "create_checklist",
+                "description": "Uses api_key=sk-tool-secret when configured.",
+            },
+        }
+    ]
+
+    await complete_chat(
+        connection,
+        [ChatMessage(role="user", content="authorization=Bearer sk-message-secret")],
+        completion=fake_completion,
+        tools=tools,
+    )
+
+    rendered = next(
+        (tmp_path / "logs" / "llm-requests").glob("llm-request-*.json")
+    ).read_text()
+
+    assert "api_key" not in rendered
+    assert "sk-provider-secret" not in rendered
+    assert "sk-tool-secret" not in rendered
+    assert "sk-message-secret" not in rendered
+
+
+@pytest.mark.anyio
+async def test_non_development_mode_skips_request_diagnostic_file(
+    tmp_path, monkeypatch
+) -> None:
+    monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path))
+    monkeypatch.delenv("DEBUG", raising=False)
+
+    async def fake_completion(**request: object) -> dict[str, object]:
+        return {
+            "choices": [
+                {
+                    "message": {
+                        "content": "Here is the checklist.",
+                        "role": "assistant",
+                    },
+                }
+            ]
+        }
+
+    connection = ProviderConnection(
+        name="Responses",
+        provider=ProviderFormat.OPENAI_RESPONSES,
+        model="gpt-5.1",
+        secret_reference="sk-request-secret",
+    )
+
+    await complete_chat(
+        connection,
+        [ChatMessage(role="user", content="Create a checklist.")],
+        completion=fake_completion,
+    )
+
+    assert not (tmp_path / "logs" / "llm-requests").exists()
+
+
+def test_normalize_system_messages_keeps_multiple_system_messages_for_openai() -> None:
+    messages = [
+        {"role": "system", "content": "Base prompt."},
+        {"role": "system", "content": "Configured prompt."},
+        {"role": "user", "content": "Hello."},
+    ]
+
+    assert normalize_system_messages(messages, ProviderFormat.OPENAI) == messages
+
+
+def test_normalize_system_messages_converts_additional_system_messages_for_anthropic() -> (
+    None
+):
+    messages = [
+        {"role": "system", "content": "Base prompt."},
+        {"role": "system", "content": "Configured prompt."},
+        {"role": "system", "content": "Project prompt."},
+        {"role": "user", "content": "Hello."},
+    ]
+
+    assert normalize_system_messages(messages, ProviderFormat.ANTHROPIC) == [
+        {"role": "system", "content": "Base prompt."},
+        {"role": "user", "content": "Configured prompt."},
+        {"role": "user", "content": "Project prompt."},
+        {"role": "user", "content": "Hello."},
+    ]

package/backend/tests/test_logging.py

@@ -8,6 +8,7 @@ from flowent.logging import (
     configure_logging,
     ensure_logging_configured,
     redact_log_value,
+    sanitize_diagnostic_value,
 )
 
 
@@ -103,6 +104,35 @@ def test_logging_redacts_full_api_key_but_keeps_context(tmp_path, monkeypatch) -
     )
 
 
+def test_diagnostic_sanitizer_removes_secret_fields_and_values() -> None:
+    sanitized = sanitize_diagnostic_value(
+        {
+            "api_key": "sk-root-secret",
+            "messages": [
+                {
+                    "role": "user",
+                    "content": "authorization=Bearer sk-message-secret",
+                }
+            ],
+            "tools": [
+                {
+                    "function": {
+                        "name": "send_message",
+                        "description": "Needs api_key=sk-tool-secret.",
+                    }
+                }
+            ],
+        }
+    )
+
+    rendered = str(sanitized)
+
+    assert "api_key" not in rendered
+    assert "sk-root-secret" not in rendered
+    assert "sk-message-secret" not in rendered
+    assert "sk-tool-secret" not in rendered
+
+
 def test_direct_main_app_import_creates_data_log_file(tmp_path, monkeypatch) -> None:
     monkeypatch.setenv("FLOWENT_DATA_DIR", str(tmp_path))
     sys.modules.pop("flowent.main", None)

package/backend/tests/test_patch.py

@@ -0,0 +1,112 @@
+import pytest
+
+from flowent.patch import PatchError, affected_paths, apply_patch
+
+
+def test_apply_patch_applies_context_hunk_with_interleaved_changes(tmp_path) -> None:
+    target = tmp_path / "notes.txt"
+    target.write_text("start\nalpha\nmiddle\nbeta\nend\n")
+    patch = """*** Begin Patch
+*** Update File: notes.txt
+@@
+ start
+-alpha
++one
+ middle
+-beta
++two
+ end
+*** End Patch
+"""
+
+    result = apply_patch(patch, tmp_path)
+
+    assert result == {"files": [{"path": str(target), "status": "modified"}]}
+    assert target.read_text() == "start\none\nmiddle\ntwo\nend\n"
+
+
+def test_apply_patch_reports_context_mismatch(tmp_path) -> None:
+    target = tmp_path / "notes.txt"
+    target.write_text("start\nalpha\nend\n")
+    patch = """*** Begin Patch
+*** Update File: notes.txt
+@@
+ missing
+-alpha
++beta
+ end
+*** End Patch
+"""
+
+    with pytest.raises(PatchError, match=r"Patch context was not found\."):
+        apply_patch(patch, tmp_path)
+
+    assert target.read_text() == "start\nalpha\nend\n"
+
+
+def test_apply_patch_applies_multiple_hunks_in_order(tmp_path) -> None:
+    target = tmp_path / "notes.txt"
+    target.write_text("first\nsame\nend first\nsecond\nsame\nend second\n")
+    patch = """*** Begin Patch
+*** Update File: notes.txt
+@@
+ first
+-same
++one
+ end first
+@@
+ second
+-same
++two
+ end second
+*** End Patch
+"""
+
+    apply_patch(patch, tmp_path)
+
+    assert target.read_text() == "first\none\nend first\nsecond\ntwo\nend second\n"
+
+
+def test_apply_patch_keeps_simple_contiguous_replacement(tmp_path) -> None:
+    target = tmp_path / "notes.txt"
+    target.write_text("alpha\nbeta\n")
+    patch = """*** Begin Patch
+*** Update File: notes.txt
+@@
+-alpha
+-beta
++ready
+*** End Patch
+"""
+
+    apply_patch(patch, tmp_path)
+
+    assert target.read_text() == "ready\n"
+
+
+def test_affected_paths_reads_structured_patch_write_targets(tmp_path) -> None:
+    patch = """*** Begin Patch
+*** Update File: notes.txt
+@@
+-alpha
++beta
+*** Add File: created.txt
++hello
+*** Delete File: old.txt
+*** Update File: before.txt
+*** Move to: after.txt
+@@
+-before
++after
+*** End Patch
+"""
+
+    paths = affected_paths(patch, tmp_path)
+
+    assert paths == [
+        (tmp_path / "notes.txt").resolve(strict=False),
+        (tmp_path / "created.txt").resolve(strict=False),
+        (tmp_path / "old.txt").resolve(strict=False),
+        (tmp_path / "before.txt").resolve(strict=False),
+        (tmp_path / "after.txt").resolve(strict=False),
+    ]