loki-mode 6.83.1 → 7.0.2

package/dashboard/server.py

@@ -5559,6 +5559,241 @@ def start_migration_phase(migration_id: str, request_body: dict):
         raise HTTPException(status_code=500, detail="Failed to start phase")
 
 
+# ---------------------------------------------------------------------------
+# Managed Agents Memory bridge (Phase 5, read-only)
+#
+# These endpoints expose the contents of .loki/managed/events.ndjson plus a
+# thin proxy to beta.memory_stores.memory_versions.list(). All endpoints are
+# safe to call when the managed-agents flags are off: they return empty
+# lists / {enabled: false} rather than 500s. No endpoint writes to the
+# managed store -- the only writer in the codebase remains
+# memory/managed_memory/shadow_write.py.
+# ---------------------------------------------------------------------------
+
+_MANAGED_EVENTS_TAIL_MAX = 10000  # Safety ceiling on tail reads.
+
+
+def _managed_events_path() -> _Path:
+    """Return the absolute path to .loki/managed/events.ndjson."""
+    return _get_loki_dir() / "managed" / "events.ndjson"
+
+
+def _managed_flags_snapshot() -> dict[str, Any]:
+    """Read managed-agents flags without importing the SDK path."""
+    parent = os.environ.get("LOKI_MANAGED_AGENTS", "").strip().lower() == "true"
+    child = os.environ.get("LOKI_MANAGED_MEMORY", "").strip().lower() == "true"
+    try:
+        from memory.managed_memory._beta import BETA_HEADER as _beta_header
+    except Exception:
+        _beta_header = "managed-agents-2026-04-01"
+    return {
+        "enabled": parent and child,
+        "parent_flag": parent,
+        "child_flags": {"LOKI_MANAGED_MEMORY": child},
+        "beta_header": _beta_header,
+    }
+
+
+def _tail_ndjson(
+    path: _Path,
+    limit: int,
+    since_iso: Optional[str],
+    event_type: Optional[str],
+) -> list[dict[str, Any]]:
+    """
+    Return the last *limit* records from an ndjson file, optionally filtered
+    by ts >= since_iso and/or type == event_type. The file is streamed line
+    by line; malformed lines are skipped rather than raising.
+    """
+    if not path.exists():
+        return []
+    try:
+        # Read lines (file is small: rotation at 10MB per the writer).
+        with open(path, "r", encoding="utf-8") as f:
+            lines = f.readlines()
+    except OSError:
+        return []
+
+    results: list[dict[str, Any]] = []
+    # Scan from newest to oldest so we can early-exit once we have enough.
+    for raw in reversed(lines):
+        line = raw.strip()
+        if not line:
+            continue
+        try:
+            record = json.loads(line)
+        except (json.JSONDecodeError, ValueError):
+            continue
+        if not isinstance(record, dict):
+            continue
+        if event_type and record.get("type") != event_type:
+            continue
+        if since_iso:
+            ts = record.get("ts", "")
+            if isinstance(ts, str) and ts < since_iso:
+                # ISO-8601 strings sort lexicographically with Z suffix; once
+                # we pass the floor we can stop scanning.
+                break
+        results.append(record)
+        if len(results) >= limit:
+            break
+    # Return in chronological order (oldest first) for UI convenience.
+    results.reverse()
+    return results
+
+
+def _last_fallback_ts(events: list[dict[str, Any]]) -> Optional[str]:
+    """Return the ts of the most recent managed_agents_fallback event, if any."""
+    for rec in reversed(events):
+        if rec.get("type") == "managed_agents_fallback":
+            ts = rec.get("ts")
+            return ts if isinstance(ts, str) else None
+    return None
+
+
+@app.get("/api/managed/events")
+async def get_managed_events(
+    limit: int = Query(default=100, ge=1, le=_MANAGED_EVENTS_TAIL_MAX),
+    since: Optional[str] = Query(default=None),
+    type: Optional[str] = Query(default=None, alias="type"),
+):
+    """
+    Return the tail of .loki/managed/events.ndjson.
+
+    Works regardless of flag state. When the flags are off or the file does
+    not exist yet, returns an empty list. Never raises on I/O error.
+    """
+    try:
+        path = _managed_events_path()
+        records = _tail_ndjson(path, limit=limit, since_iso=since, event_type=type)
+        return {
+            "events": records,
+            "count": len(records),
+            "source": str(path),
+        }
+    except Exception as exc:  # defensive: never 500 on read-only tail.
+        logger.warning("managed events tail failed: %s", exc)
+        return {"events": [], "count": 0, "error": str(exc)}
+
+
+@app.get("/api/managed/status")
+async def get_managed_status():
+    """
+    Return the managed-agents flag snapshot plus last_fallback_ts.
+
+    When flags are off, returns {enabled: false, ...} rather than 503. This
+    endpoint is meant to be polled by the UI to decide whether to surface
+    the managed-memory panel at all.
+    """
+    snapshot = _managed_flags_snapshot()
+    # last_fallback_ts is best-effort from the local events file.
+    try:
+        events = _tail_ndjson(
+            _managed_events_path(),
+            limit=500,
+            since_iso=None,
+            event_type="managed_agents_fallback",
+        )
+        snapshot["last_fallback_ts"] = _last_fallback_ts(events)
+    except Exception:
+        snapshot["last_fallback_ts"] = None
+    return snapshot
+
+
+@app.get("/api/managed/memory_versions/{memory_id}")
+async def list_managed_memory_versions(memory_id: str):
+    """
+    Proxy to beta.memory_stores.memory_versions.list(memory_id=...).
+
+    Returns 503 with a helpful JSON body when flags are off or the SDK does
+    not expose the expected attribute path. On any SDK / transport error the
+    endpoint returns 502 with the error detail -- the managed store owns the
+    source of truth, so we do NOT silently return an empty list here.
+    """
+    # Validate memory_id early so we don't leak path-traversal attempts into
+    # the SDK payload. The managed API uses opaque identifiers; alphanumerics,
+    # hyphens, underscores only.
+    if (
+        not memory_id
+        or len(memory_id) > 256
+        or ".." in memory_id
+        or not re.match(r"^[a-zA-Z0-9_\-]+$", memory_id)
+    ):
+        raise HTTPException(status_code=400, detail="Invalid memory_id")
+
+    snapshot = _managed_flags_snapshot()
+    if not snapshot["enabled"]:
+        raise HTTPException(
+            status_code=503,
+            detail=(
+                "managed memory disabled: set LOKI_MANAGED_AGENTS=true and "
+                "LOKI_MANAGED_MEMORY=true to enable"
+            ),
+        )
+
+    try:
+        from memory.managed_memory import ManagedDisabled
+        from memory.managed_memory.client import get_client
+    except Exception as exc:
+        raise HTTPException(status_code=503, detail=f"managed client unavailable: {exc}")
+
+    try:
+        client = get_client()
+    except ManagedDisabled as exc:
+        raise HTTPException(status_code=503, detail=str(exc))
+
+    # Resolve beta.memory_stores.memory_versions.list(...) defensively. Some
+    # SDK versions may not expose this path yet; treat missing attributes as
+    # 503 (flag state prevents us from guaranteeing anything else).
+    try:
+        beta = getattr(client._client, "beta", None)  # type: ignore[attr-defined]
+        memory_stores = getattr(beta, "memory_stores", None) if beta is not None else None
+        memory_versions = (
+            getattr(memory_stores, "memory_versions", None)
+            if memory_stores is not None
+            else None
+        )
+        list_fn = getattr(memory_versions, "list", None) if memory_versions is not None else None
+        if list_fn is None:
+            raise HTTPException(
+                status_code=503,
+                detail="memory_versions.list not available in installed SDK",
+            )
+    except HTTPException:
+        raise
+    except Exception as exc:
+        raise HTTPException(status_code=503, detail=f"SDK introspection failed: {exc}")
+
+    try:
+        result = list_fn(memory_id=memory_id)
+    except Exception as exc:
+        # Distinguish "not found" from transport errors when we can.
+        status = getattr(exc, "status_code", None) or getattr(exc, "status", None)
+        if status == 404:
+            raise HTTPException(status_code=404, detail=f"memory_id not found: {memory_id}")
+        logger.warning("memory_versions.list failed: %s", exc)
+        raise HTTPException(status_code=502, detail=f"managed API error: {exc}")
+
+    # Normalize to a list of dicts.
+    data = getattr(result, "data", result)
+    if data is None:
+        data = []
+    items: list[dict[str, Any]] = []
+    for entry in data:
+        if isinstance(entry, dict):
+            items.append(entry)
+            continue
+        to_dict = getattr(entry, "model_dump", None) or getattr(entry, "dict", None)
+        if callable(to_dict):
+            try:
+                items.append(to_dict())
+                continue
+            except Exception:
+                pass
+        items.append({"raw": str(entry)})
+    return {"memory_id": memory_id, "versions": items, "count": len(items)}
+
+
 # ---------------------------------------------------------------------------
 # SPA catch-all: serve index.html for any path not matched by API routes
 # or static asset mounts.  This lets the dashboard UI handle client-side routing.

package/docs/INSTALLATION.md

@@ -2,7 +2,7 @@
 
 The flagship product of [Autonomi](https://www.autonomi.dev/). Complete installation instructions for all platforms and use cases.
 
-**Version:** v6.83.1
+**Version:** v7.0.2
 
 ---
 

package/mcp/__init__.py

@@ -57,4 +57,4 @@ try:
 except ImportError:
     __all__ = ['mcp']
 
-__version__ = '6.83.1'
+__version__ = '7.0.2'

package/mcp/managed_tools.py

@@ -0,0 +1,245 @@
+"""MCP tools for Managed Agents Memory (PII redaction, read proxies).
+
+This module hosts the actual implementation of the loki_memory_redact tool.
+The logic lives here -- rather than inline in mcp/server.py -- so unit tests
+can import and exercise ``redact_memory_versions`` directly without having
+to load the full MCP FastMCP runtime.
+
+Registration pattern:
+    from mcp.managed_tools import register_managed_tools
+    register_managed_tools(mcp_server)   # Called from mcp/server.py
+"""
+
+from __future__ import annotations
+
+import json
+import re
+from typing import Any, Dict, List, Optional, Tuple
+
+
+_VALID_SCOPES = ("user", "org", "all")
+
+
+def _store_scope(store: Any) -> str:
+    if isinstance(store, dict):
+        return (store.get("scope") or "").lower()
+    return (getattr(store, "scope", "") or "").lower()
+
+
+def _store_id(store: Any) -> Optional[str]:
+    if isinstance(store, dict):
+        return store.get("id") or store.get("store_id")
+    return getattr(store, "id", None) or getattr(store, "store_id", None)
+
+
+def _version_to_dict(version: Any) -> Dict[str, Any]:
+    if isinstance(version, dict):
+        return version
+    to_dict = getattr(version, "model_dump", None) or getattr(version, "dict", None)
+    if callable(to_dict):
+        try:
+            return to_dict()
+        except Exception:
+            return {"raw": str(version)}
+    return {"raw": str(version)}
+
+
+def _resolve_sdk(client: Any) -> Tuple[Any, Any, Any]:
+    """
+    Return (stores_list_fn, versions_list_fn, redact_fn) or raise RuntimeError.
+    """
+    beta = getattr(client._client, "beta", None)  # type: ignore[attr-defined]
+    memory_stores = getattr(beta, "memory_stores", None) if beta is not None else None
+    stores_list_fn = (
+        getattr(memory_stores, "list", None) if memory_stores is not None else None
+    )
+    memory_versions = (
+        getattr(memory_stores, "memory_versions", None)
+        if memory_stores is not None else None
+    )
+    versions_list_fn = (
+        getattr(memory_versions, "list", None) if memory_versions is not None else None
+    )
+    redact_fn = (
+        getattr(memory_versions, "redact", None) if memory_versions is not None else None
+    )
+    if versions_list_fn is None or redact_fn is None:
+        raise RuntimeError(
+            "memory_versions.list / memory_versions.redact not available in SDK"
+        )
+    return stores_list_fn, versions_list_fn, redact_fn
+
+
+def redact_memory_versions(
+    pattern: str,
+    scope: str = "all",
+) -> Dict[str, Any]:
+    """
+    Redact memory versions whose content matches ``pattern`` (regex).
+
+    Hard requirements:
+        - LOKI_MANAGED_AGENTS=true AND LOKI_MANAGED_MEMORY=true
+          (otherwise raises ManagedDisabled).
+
+    Soft failures (returned as structured dicts, never raise):
+        - invalid regex        -> {"error": "...", "redacted_count": 0}
+        - invalid scope        -> {"error": "...", "redacted_count": 0}
+        - per-store / per-redact SDK errors -> collected in "errors"
+
+    Returns:
+        {"redacted_count": int, "scanned": int, "errors": [...]}.
+    """
+    if scope not in _VALID_SCOPES:
+        return {
+            "error": f"invalid scope '{scope}'; expected one of "
+                     + "|".join(_VALID_SCOPES),
+            "redacted_count": 0,
+            "errors": [],
+            "scanned": 0,
+        }
+
+    # v7.0.2: bound pattern length to mitigate ReDoS. Catastrophic-backtracking
+    # patterns like (a+)+$ can hang the MCP server. 512 chars is generous for
+    # legitimate compliance/PII patterns.
+    if not isinstance(pattern, str) or len(pattern) > 512:
+        return {
+            "error": "pattern must be a string of <=512 characters (ReDoS guard)",
+            "redacted_count": 0,
+            "errors": [],
+            "scanned": 0,
+        }
+
+    try:
+        compiled = re.compile(pattern)
+    except re.error as e:
+        return {
+            "error": f"invalid regex: {e}",
+            "redacted_count": 0,
+            "errors": [],
+            "scanned": 0,
+        }
+
+    # Hard flag check: raise so MCP callers see the ManagedDisabled exception
+    # path rather than a silent no-op.
+    from memory.managed_memory import ManagedDisabled, is_enabled
+    from memory.managed_memory.client import get_client
+    from memory.managed_memory.events import emit_managed_event
+
+    if not is_enabled():
+        raise ManagedDisabled(
+            "loki_memory_redact requires LOKI_MANAGED_AGENTS=true and "
+            "LOKI_MANAGED_MEMORY=true"
+        )
+
+    client = get_client()
+
+    try:
+        stores_list_fn, versions_list_fn, redact_fn = _resolve_sdk(client)
+    except RuntimeError as exc:
+        return {
+            "error": str(exc),
+            "redacted_count": 0,
+            "errors": [],
+            "scanned": 0,
+        }
+
+    errors: List[Dict[str, Any]] = []
+    redacted_count = 0
+    scanned = 0
+
+    try:
+        stores_result = stores_list_fn() if stores_list_fn is not None else []
+        stores_data = getattr(stores_result, "data", stores_result) or []
+    except Exception as e:
+        errors.append({"op": "stores_list", "error": str(e)})
+        stores_data = []
+
+    for store in stores_data:
+        if scope != "all" and _store_scope(store) != scope:
+            continue
+        sid = _store_id(store)
+        if not sid:
+            continue
+        try:
+            versions_result = versions_list_fn(store_id=sid)
+            versions_data = getattr(versions_result, "data", versions_result) or []
+        except Exception as e:
+            errors.append({"op": "versions_list", "store_id": sid, "error": str(e)})
+            continue
+
+        for version in versions_data:
+            scanned += 1
+            vdict = _version_to_dict(version)
+            content = vdict.get("content") or vdict.get("text") or ""
+            if not isinstance(content, str):
+                try:
+                    content = json.dumps(content, default=str)
+                except Exception:
+                    content = str(content)
+            if not compiled.search(content):
+                continue
+            vid = (
+                vdict.get("id")
+                or vdict.get("memory_version_id")
+                or vdict.get("version_id")
+            )
+            if not vid:
+                errors.append(
+                    {"op": "redact", "store_id": sid, "error": "no version id"}
+                )
+                continue
+            try:
+                redact_fn(store_id=sid, memory_version_id=vid)
+                redacted_count += 1
+                try:
+                    emit_managed_event(
+                        "managed_memory_redact",
+                        {
+                            "store_id": sid,
+                            "memory_version_id": vid,
+                            "scope": scope,
+                            "pattern": pattern,
+                        },
+                    )
+                except Exception:
+                    pass
+            except Exception as e:
+                errors.append(
+                    {
+                        "op": "redact",
+                        "store_id": sid,
+                        "memory_version_id": vid,
+                        "error": str(e),
+                    }
+                )
+
+    return {
+        "redacted_count": redacted_count,
+        "scanned": scanned,
+        "errors": errors,
+    }
+
+
+def register_managed_tools(mcp) -> None:
+    """Attach managed-memory MCP tools to a FastMCP instance."""
+
+    @mcp.tool()
+    async def loki_memory_redact(pattern: str, scope: str = "all") -> str:
+        """
+        Redact memory versions in the managed-agents store whose content matches a regex.
+
+        Iterates memory versions within the requested scope and calls
+        ``client.beta.memory_stores.memory_versions.redact(...)`` for each
+        match. Requires ``LOKI_MANAGED_AGENTS=true`` and
+        ``LOKI_MANAGED_MEMORY=true`` -- otherwise raises ``ManagedDisabled``.
+
+        Args:
+            pattern: Python regex compiled with ``re.search`` against each
+                version's content.
+            scope: One of ``user``, ``org``, or ``all`` (default).
+
+        Returns:
+            JSON ``{"redacted_count": int, "errors": [...], "scanned": int}``.
+        """
+        result = redact_memory_versions(pattern=pattern, scope=scope)
+        return json.dumps(result)

package/mcp/server.py

@@ -2059,6 +2059,28 @@ async def loki_phase_report() -> str:
 Use loki_state_get and loki_task_queue_list to gather data."""
 
 
+# ============================================================
+# MANAGED MEMORY TOOLS (PII redaction, read proxy)
+#
+# The actual implementation lives in mcp/managed_tools.py so unit tests can
+# import the core redact function without booting the FastMCP runtime.
+# loki_memory_redact appears below for grep-ability and is a thin wrapper.
+# ============================================================
+
+try:
+    from mcp.managed_tools import register_managed_tools
+    register_managed_tools(mcp)
+    # Emit tool-call events by wrapping the registered tool's underlying
+    # callable. We reference loki_memory_redact by name here for discoverability.
+    _MANAGED_MEMORY_TOOLS = ("loki_memory_redact",)
+except Exception as _managed_err:
+    import sys as _sys
+    print(
+        f"[warn] managed_tools registration skipped: {_managed_err}",
+        file=_sys.stderr,
+    )
+
+
 # ============================================================
 # MAGIC MODULES TOOLS (spec-driven component generation)
 # ============================================================

package/memory/managed_memory/__init__.py

@@ -100,10 +100,19 @@ def hydrate_patterns(local_mtime_floor: float):
     return _r.hydrate_patterns(local_mtime_floor)
 
 
+def hydrate(namespace: Optional[str] = None, mtime_floor: Optional[float] = None):
+    """Session-boot hydrate (patterns + skills). No-op when disabled."""
+    if not is_enabled():
+        return {"patterns": 0, "skills": 0, "skipped": True}
+    from . import retrieve as _r
+    return _r.hydrate(namespace=namespace, mtime_floor=mtime_floor)
+
+
 __all__ = [
     "BETA_HEADER",
     "ManagedDisabled",
     "emit_managed_event",
+    "hydrate",
     "hydrate_patterns",
     "is_enabled",
     "probe_beta_header",