ltcai 5.1.0 → 5.3.0

package/lattice_brain/portability.py

@@ -17,6 +17,7 @@ import hashlib
 import json
 import os
 import shutil
+import sqlite3
 import tempfile
 import zipfile
 from datetime import datetime, timezone
@@ -72,6 +73,18 @@ def _sqlite_siblings(db_path: Path) -> tuple[Path, Path, Path]:
     return (db_path, Path(str(db_path) + "-wal"), Path(str(db_path) + "-shm"))
 
 
+def _checkpoint_sqlite(db_path: Path) -> None:
+    if not db_path.exists():
+        return
+    try:
+        with sqlite3.connect(str(db_path)) as conn:
+            conn.execute("PRAGMA wal_checkpoint(FULL)")
+    except sqlite3.Error:
+        # Best-effort only. Existing sibling backup/restore still preserves
+        # the WAL files if a live connection prevents a checkpoint.
+        return
+
+
 def _restore_sibling(path: Path, backup: Path) -> None:
     if backup.exists():
         shutil.copy2(backup, path)
@@ -85,6 +98,7 @@ def _replace_sqlite_atomically(src: Path, dest: Path, backup_dir: Path) -> None:
     shutil.copyfile(src, tmp)
     backups: dict[Path, Path] = {}
     try:
+        _checkpoint_sqlite(dest)
         # -wal/-shm are transient: another live connection can checkpoint and
         # remove them between exists() and the copy/unlink. Treat a vanished
         # sibling as "nothing to preserve" instead of crashing the restore.

package/lattice_brain/runtime/multi_agent.py

@@ -14,7 +14,7 @@ from datetime import datetime
 from typing import Any, Callable, Dict, List, Optional
 
 
-MULTI_AGENT_VERSION = "5.1.0"
+MULTI_AGENT_VERSION = "5.3.0"
 
 AGENT_ROLES = ("researcher", "planner", "executor", "reviewer", "release")
 CORE_PIPELINE = ("planner", "executor", "reviewer")

package/latticeai/__init__.py

@@ -1,3 +1,3 @@
 """Lattice AI - modular server package."""
 
-__version__ = "5.1.0"
+__version__ = "5.3.0"

package/latticeai/api/marketplace.py

@@ -88,7 +88,7 @@ def create_marketplace_router(
     @router.get("/marketplace/templates/registry")
     async def template_registry(request: Request):
         require_user(request)
-        gate_read(request)
-        return {"registry": store.list_template_registry()}
+        scope = gate_read(request)
+        return {"registry": store.list_template_registry(workspace_id=scope)}
 
     return router

package/latticeai/api/models.py

@@ -425,6 +425,12 @@ def create_models_router(
             loaded_ids=_router.loaded_model_ids,
             current_id=_router.current_model_id,
         )
+        # 5.2.0: surface structured registry info (verified status, hf, hardware, strategies) for UX
+        try:
+            from latticeai.services.model_catalog import get_verified_models
+            verified = get_verified_models()
+        except Exception:
+            verified = []
         return {
             "recommended": recommended,
             "cloud": _router.detected_cloud_models(),
@@ -433,6 +439,12 @@ def create_models_router(
             "current": _router.current_model_id,
             "compat_profiles": _list_compat_profiles(),
             "vision": _vision_capability(_router.current_model_id, engines),
+            # 5.2+ transparent model capability registry
+            "registry": {
+                "version": "5.2.0",
+                "verified_count": len(verified),
+                "verified": verified[:12],  # compact; full via /models/recommendations or future dedicated
+            },
         }
 
     @router.get("/models/compat-profiles")
@@ -494,9 +506,8 @@ def create_models_router(
     async def model_recommendations(request: Request, engine: str = "local_mlx"):
         """Hardware-aware tri-state model recommendation for this machine.
 
-        Detects the system profile (OS/RAM/CPU/GPU/disk) and classifies the
-        ``engine`` catalog into recommended / compatible / not_recommended,
-        grouped by family. Used by the onboarding and model-picker UIs.
+        5.2.0: now includes rich capability fields (hf_repo_id, verification,
+        hardware, load_strategy, license, safety_notes) from the structured registry.
         """
         require_user(request)
         from auto_setup import probe as auto_setup_probe
@@ -504,6 +515,11 @@ def create_models_router(
 
         profile = await asyncio.to_thread(lambda: auto_setup_probe().to_json())
         catalog = recommend_catalog(profile, engine=engine)
-        return {"profile": profile, "recommendations": catalog}
+        try:
+            from latticeai.services.model_catalog import get_verified_models
+            reg_meta = {"version": "5.2.0", "verified_total": len(get_verified_models())}
+        except Exception:
+            reg_meta = {"version": "5.2.0"}
+        return {"profile": profile, "recommendations": catalog, "registry": reg_meta}
 
     return router

package/latticeai/app_factory.py

@@ -17,90 +17,16 @@ from __future__ import annotations
 import threading
 from typing import TYPE_CHECKING, Any, Dict, List, Optional
 
+from latticeai.runtime.brain_runtime import build_brain_runtime
+from latticeai.runtime.config_runtime import build_config_runtime
+from latticeai.runtime.security_runtime import build_security_runtime
+
 if TYPE_CHECKING:  # imports for annotations only — keep module import light
     from fastapi import FastAPI
 
     from latticeai.core.config import Config
 
 
-def build_config_runtime(config: "Optional[Config]" = None) -> Dict[str, Any]:
-    """Build the app configuration runtime without importing heavy model code."""
-
-    from latticeai.core.config import Config
-
-    cfg = config if config is not None else Config.from_env()
-    return {
-        "CONFIG": cfg,
-        "APP_MODE": cfg.app_mode,
-        "IS_PUBLIC_MODE": cfg.is_public,
-        "DEFAULT_HOST": cfg.host,
-        "DEFAULT_PORT": cfg.port,
-        "NETWORK_EXPOSED": cfg.network_exposed,
-        "ENABLE_TELEGRAM": cfg.enable_telegram,
-        "ENABLE_GRAPH": cfg.enable_graph,
-        "AUTOLOAD_MODELS": cfg.autoload_models,
-        "MODEL_IDLE_UNLOAD_SECONDS": cfg.model_idle_unload_seconds,
-        "ALLOW_LOCAL_MODELS": cfg.allow_local_models,
-        "REQUIRE_AUTH": cfg.require_auth,
-        "ALLOW_PLAINTEXT_API_KEYS": cfg.allow_plaintext_api_keys,
-        "CORS_ALLOW_NETWORK": cfg.cors_allow_network,
-        "CORS_EXTRA_ORIGINS": cfg.cors_extra_origins,
-        "PUBLIC_MODEL": cfg.public_model,
-        "LOCAL_MODEL": cfg.local_model,
-        "LOCAL_DRAFT_MODEL": cfg.local_draft_model,
-    }
-
-
-def build_security_runtime(config: "Config") -> Dict[str, Any]:
-    """Build auth/security-derived runtime settings from the central config."""
-
-    from latticeai.core.security import configure_trusted_proxies
-
-    configure_trusted_proxies(config.trusted_proxies)
-    return {
-        "SSO_DISCOVERY_URL": config.sso_discovery_url,
-        "SSO_CLIENT_ID": config.sso_client_id,
-        "SSO_CLIENT_SECRET": config.sso_client_secret,
-        "SSO_REDIRECT_URI": config.sso_redirect_uri,
-        "SSO_PROVIDER_NAME": config.sso_provider_name,
-        "RATE_LIMIT_ENABLED": config.rate_limit_enabled,
-        "OPEN_REGISTRATION": config.open_registration,
-        "INVITE_CODE": config.invite_code,
-        "INVITE_GATE_ENABLED": config.invite_gate_enabled,
-    }
-
-
-def build_brain_runtime(
-    *,
-    data_dir: Any,
-    history_file: Any,
-    enable_graph: bool,
-    embedder: Any,
-    storage_engine: Any,
-) -> Dict[str, Any]:
-    """Construct Brain Core storage/conversation primitives behind one seam."""
-
-    from lattice_brain import BrainCore, ConversationStore
-
-    brain_core = BrainCore.from_paths(
-        data_dir,
-        embedder=embedder.provider,
-        storage_engine=storage_engine,
-    ) if enable_graph else None
-    knowledge_graph = brain_core.knowledge if brain_core is not None else None
-    conversations = (
-        brain_core.conversations
-        if brain_core is not None
-        else ConversationStore(data_dir / "knowledge_graph.sqlite")
-    )
-    conversations.import_legacy_json(history_file)
-    return {
-        "BRAIN_CORE": brain_core,
-        "KNOWLEDGE_GRAPH": knowledge_graph,
-        "CONVERSATIONS": conversations,
-    }
-
-
 def _build(config: "Optional[Config]" = None) -> Dict[str, Any]:
     """The legacy ``server_app`` assembly, moved verbatim into function scope.
 

package/latticeai/core/marketplace.py

@@ -11,7 +11,7 @@ from copy import deepcopy
 from typing import Any, Dict, List, Optional
 
 
-MARKETPLACE_VERSION = "5.1.0"
+MARKETPLACE_VERSION = "5.3.0"
 TEMPLATE_KINDS = ("plugin", "workflow", "agent")
 
 

package/latticeai/core/workspace_os.py

@@ -19,7 +19,7 @@ from pathlib import Path
 from typing import Any, Callable, Dict, Iterable, List, Optional
 
 
-WORKSPACE_OS_VERSION = "5.1.0"
+WORKSPACE_OS_VERSION = "5.3.0"
 
 # Workspace types separate single-user Personal workspaces from shared
 # Organization workspaces. Both keep the same local-first JSON store; the type
@@ -2309,8 +2309,22 @@ class WorkspaceOSStore:
     # Marketplace template registry (v2.1 foundation)
     # ------------------------------------------------------------------
 
-    def list_template_registry(self) -> Dict[str, Any]:
-        return dict(self.load_state().get("template_registry") or {})
+    @staticmethod
+    def _template_registry_key(kind: str, template_id: str, workspace_id: str) -> str:
+        base = f"{kind}:{template_id}"
+        return base if workspace_id == DEFAULT_WORKSPACE_ID else f"{workspace_id}:{base}"
+
+    def list_template_registry(self, workspace_id: Optional[str] = None) -> Dict[str, Any]:
+        state = self.load_state()
+        registry = dict(state.get("template_registry") or {})
+        if workspace_id is None:
+            return registry
+        scope = self._resolve_scope(workspace_id, state)
+        return {
+            key: value
+            for key, value in registry.items()
+            if self._record_workspace(value) == scope
+        }
 
     def mark_template_installed(
         self,
@@ -2323,7 +2337,7 @@ class WorkspaceOSStore:
     ) -> Dict[str, Any]:
         state = self.load_state()
         scope = self._resolve_scope(workspace_id, state)
-        key = f"{kind}:{template_id}"
+        key = self._template_registry_key(kind, template_id, scope)
         entry = state.setdefault("template_registry", {}).setdefault(key, {"id": template_id, "kind": kind})
         entry.update({
             "id": template_id,

package/latticeai/runtime/__init__.py

@@ -0,0 +1,2 @@
+"""Runtime assembly seams for the Lattice AI application factory."""
+

package/latticeai/runtime/brain_runtime.py

@@ -0,0 +1,41 @@
+"""Brain Core runtime assembly for app startup."""
+
+from __future__ import annotations
+
+from typing import Any, Dict
+
+
+def build_brain_runtime(
+    *,
+    data_dir: Any,
+    history_file: Any,
+    enable_graph: bool,
+    embedder: Any,
+    storage_engine: Any,
+) -> Dict[str, Any]:
+    """Construct Brain Core storage/conversation primitives behind one seam."""
+
+    from lattice_brain import BrainCore, ConversationStore
+
+    brain_core = (
+        BrainCore.from_paths(
+            data_dir,
+            embedder=embedder.provider,
+            storage_engine=storage_engine,
+        )
+        if enable_graph
+        else None
+    )
+    knowledge_graph = brain_core.knowledge if brain_core is not None else None
+    conversations = (
+        brain_core.conversations
+        if brain_core is not None
+        else ConversationStore(data_dir / "knowledge_graph.sqlite")
+    )
+    conversations.import_legacy_json(history_file)
+    return {
+        "BRAIN_CORE": brain_core,
+        "KNOWLEDGE_GRAPH": knowledge_graph,
+        "CONVERSATIONS": conversations,
+    }
+

package/latticeai/runtime/config_runtime.py

@@ -0,0 +1,36 @@
+"""Configuration runtime assembly for the FastAPI composition root."""
+
+from __future__ import annotations
+
+from typing import TYPE_CHECKING, Any, Dict, Optional
+
+if TYPE_CHECKING:
+    from latticeai.core.config import Config
+
+
+def build_config_runtime(config: "Optional[Config]" = None) -> Dict[str, Any]:
+    """Build app configuration values without importing model/runtime code."""
+
+    from latticeai.core.config import Config
+
+    cfg = config if config is not None else Config.from_env()
+    return {
+        "CONFIG": cfg,
+        "APP_MODE": cfg.app_mode,
+        "IS_PUBLIC_MODE": cfg.is_public,
+        "DEFAULT_HOST": cfg.host,
+        "DEFAULT_PORT": cfg.port,
+        "NETWORK_EXPOSED": cfg.network_exposed,
+        "ENABLE_TELEGRAM": cfg.enable_telegram,
+        "ENABLE_GRAPH": cfg.enable_graph,
+        "AUTOLOAD_MODELS": cfg.autoload_models,
+        "MODEL_IDLE_UNLOAD_SECONDS": cfg.model_idle_unload_seconds,
+        "ALLOW_LOCAL_MODELS": cfg.allow_local_models,
+        "REQUIRE_AUTH": cfg.require_auth,
+        "ALLOW_PLAINTEXT_API_KEYS": cfg.allow_plaintext_api_keys,
+        "CORS_ALLOW_NETWORK": cfg.cors_allow_network,
+        "CORS_EXTRA_ORIGINS": cfg.cors_extra_origins,
+        "PUBLIC_MODEL": cfg.public_model,
+        "LOCAL_MODEL": cfg.local_model,
+        "LOCAL_DRAFT_MODEL": cfg.local_draft_model,
+    }

package/latticeai/runtime/security_runtime.py

@@ -0,0 +1,27 @@
+"""Security runtime assembly for app startup."""
+
+from __future__ import annotations
+
+from typing import TYPE_CHECKING, Any, Dict
+
+if TYPE_CHECKING:
+    from latticeai.core.config import Config
+
+
+def build_security_runtime(config: "Config") -> Dict[str, Any]:
+    """Build auth/security-derived runtime settings from the central config."""
+
+    from latticeai.core.security import configure_trusted_proxies
+
+    configure_trusted_proxies(config.trusted_proxies)
+    return {
+        "SSO_DISCOVERY_URL": config.sso_discovery_url,
+        "SSO_CLIENT_ID": config.sso_client_id,
+        "SSO_CLIENT_SECRET": config.sso_client_secret,
+        "SSO_REDIRECT_URI": config.sso_redirect_uri,
+        "SSO_PROVIDER_NAME": config.sso_provider_name,
+        "RATE_LIMIT_ENABLED": config.rate_limit_enabled,
+        "OPEN_REGISTRATION": config.open_registration,
+        "INVITE_CODE": config.invite_code,
+        "INVITE_GATE_ENABLED": config.invite_gate_enabled,
+    }