orch-code 0.1.1

package/internal/config/config_defaults_test.go

@@ -0,0 +1,138 @@
+package config
+
+import (
+	"os"
+	"path/filepath"
+	"testing"
+)
+
+func TestLoadPreservesExplicitFalseSafetyValues(t *testing.T) {
+	repoRoot := t.TempDir()
+	if err := EnsureOrchDir(repoRoot); err != nil {
+		t.Fatalf("ensure orch dir: %v", err)
+	}
+
+	raw := `{
+  "version": 1,
+  "models": {"planner":"p","coder":"c","reviewer":"r"},
+  "commands": {"test":"go test ./...","lint":"go vet ./..."},
+  "patch": {"maxFiles":10,"maxLines":800},
+  "safety": {
+    "dryRun": true,
+    "requireDestructiveApproval": false,
+    "lockStaleAfterSeconds": 60,
+    "retry": {"validationMax": 1, "testMax": 1, "reviewMax": 1},
+    "confidence": {"completeMin": 0.8, "failBelow": 0.4},
+    "featureFlags": {
+      "permissionMode": false,
+      "repoLock": false,
+      "retryLimits": false,
+      "patchConflictReporting": false,
+      "confidenceEnforcement": false
+    }
+  }
+}`
+
+	configPath := filepath.Join(repoRoot, OrchDir, ConfigFile)
+	if err := os.WriteFile(configPath, []byte(raw), 0o644); err != nil {
+		t.Fatalf("write config: %v", err)
+	}
+
+	cfg, err := Load(repoRoot)
+	if err != nil {
+		t.Fatalf("load config: %v", err)
+	}
+
+	if cfg.Safety.RequireDestructiveApproval {
+		t.Fatalf("expected explicit false requireDestructiveApproval to be preserved")
+	}
+	if cfg.Safety.FeatureFlags.PermissionMode || cfg.Safety.FeatureFlags.RepoLock || cfg.Safety.FeatureFlags.RetryLimits || cfg.Safety.FeatureFlags.PatchConflictReporting || cfg.Safety.FeatureFlags.ConfidenceEnforcement {
+		t.Fatalf("expected explicit false feature flags to be preserved")
+	}
+	if cfg.Safety.Confidence.CompleteMin != 0.8 || cfg.Safety.Confidence.FailBelow != 0.4 {
+		t.Fatalf("expected explicit confidence policy values to be preserved")
+	}
+}
+
+func TestLoadBackfillsMissingSafetyFields(t *testing.T) {
+	repoRoot := t.TempDir()
+	if err := EnsureOrchDir(repoRoot); err != nil {
+		t.Fatalf("ensure orch dir: %v", err)
+	}
+
+	raw := `{
+  "version": 1,
+  "models": {"planner":"p","coder":"c","reviewer":"r"},
+  "commands": {"test":"go test ./...","lint":"go vet ./..."},
+  "patch": {"maxFiles":10,"maxLines":800},
+  "safety": {"dryRun": true}
+}`
+
+	configPath := filepath.Join(repoRoot, OrchDir, ConfigFile)
+	if err := os.WriteFile(configPath, []byte(raw), 0o644); err != nil {
+		t.Fatalf("write config: %v", err)
+	}
+
+	cfg, err := Load(repoRoot)
+	if err != nil {
+		t.Fatalf("load config: %v", err)
+	}
+
+	if !cfg.Safety.RequireDestructiveApproval {
+		t.Fatalf("expected missing requireDestructiveApproval to be defaulted true")
+	}
+	if !cfg.Safety.FeatureFlags.PermissionMode || !cfg.Safety.FeatureFlags.RepoLock || !cfg.Safety.FeatureFlags.RetryLimits || !cfg.Safety.FeatureFlags.PatchConflictReporting || !cfg.Safety.FeatureFlags.ConfidenceEnforcement {
+		t.Fatalf("expected missing featureFlags to be defaulted true")
+	}
+	if cfg.Safety.Confidence.CompleteMin <= 0 || cfg.Safety.Confidence.FailBelow <= 0 {
+		t.Fatalf("expected missing confidence policy to be backfilled")
+	}
+
+	if cfg.Provider.Default != "openai" {
+		t.Fatalf("expected default provider to be openai, got=%s", cfg.Provider.Default)
+	}
+	if cfg.Provider.OpenAI.Models.Coder == "" {
+		t.Fatalf("expected default openai coder model to be backfilled")
+	}
+}
+
+func TestLoadPreservesExplicitProviderFlags(t *testing.T) {
+	repoRoot := t.TempDir()
+	if err := EnsureOrchDir(repoRoot); err != nil {
+		t.Fatalf("ensure orch dir: %v", err)
+	}
+
+	raw := `{
+  "version": 1,
+  "models": {"planner":"p","coder":"c","reviewer":"r"},
+  "commands": {"test":"go test ./...","lint":"go vet ./..."},
+  "patch": {"maxFiles":10,"maxLines":800},
+  "safety": {"dryRun": true},
+  "provider": {
+    "default": "openai",
+    "openai": {
+      "apiKeyEnv": "OPENAI_API_KEY",
+      "baseURL": "https://api.openai.com/v1",
+      "reasoningEffort": "medium",
+      "timeoutSeconds": 30,
+      "maxRetries": 1,
+      "models": {"planner":"a","coder":"b","reviewer":"c"}
+    },
+    "flags": {"openaiEnabled": false}
+  }
+}`
+
+	configPath := filepath.Join(repoRoot, OrchDir, ConfigFile)
+	if err := os.WriteFile(configPath, []byte(raw), 0o644); err != nil {
+		t.Fatalf("write config: %v", err)
+	}
+
+	cfg, err := Load(repoRoot)
+	if err != nil {
+		t.Fatalf("load config: %v", err)
+	}
+
+	if cfg.Provider.Flags.OpenAIEnabled {
+		t.Fatalf("expected explicit openaiEnabled=false to be preserved")
+	}
+}

package/internal/execution/contract_builder.go

@@ -0,0 +1,160 @@
+package execution
+
+import (
+	"strings"
+
+	"github.com/furkanbeydemir/orch/internal/config"
+	"github.com/furkanbeydemir/orch/internal/models"
+)
+
+type ContractBuilder struct {
+	cfg *config.Config
+}
+
+func NewContractBuilder(cfg *config.Config) *ContractBuilder {
+	return &ContractBuilder{cfg: cfg}
+}
+
+func (b *ContractBuilder) Build(task *models.Task, brief *models.TaskBrief, plan *models.Plan, ctx *models.ContextResult) *models.ExecutionContract {
+	if task == nil {
+		return nil
+	}
+
+	allowedFiles := uniqueNonEmpty(planFilesToModify(plan, ctx))
+	inspectFiles := uniqueNonEmpty(planFilesToInspect(plan, ctx))
+	requiredEdits := buildRequiredEdits(plan)
+	prohibitedActions := buildProhibitedActions(plan)
+	acceptanceCriteria := buildAcceptanceCriteria(plan)
+	invariants := buildInvariants(plan, brief)
+
+	return &models.ExecutionContract{
+		TaskID:             task.ID,
+		AllowedFiles:       allowedFiles,
+		InspectFiles:       inspectFiles,
+		RequiredEdits:      requiredEdits,
+		ProhibitedActions:  prohibitedActions,
+		AcceptanceCriteria: acceptanceCriteria,
+		Invariants:         invariants,
+		PatchBudget: models.PatchBudget{
+			MaxFiles:        patchMaxFiles(b.cfg),
+			MaxChangedLines: patchMaxLines(b.cfg),
+		},
+		ScopeExpansionPolicy: models.ScopeExpansionPolicy{
+			Allowed:        true,
+			RequiresReason: true,
+			MaxExtraFiles:  1,
+		},
+	}
+}
+
+func planFilesToModify(plan *models.Plan, ctx *models.ContextResult) []string {
+	files := make([]string, 0)
+	if plan != nil {
+		files = append(files, plan.FilesToModify...)
+	}
+	if len(files) == 0 && ctx != nil {
+		files = append(files, ctx.SelectedFiles...)
+	}
+	return files
+}
+
+func planFilesToInspect(plan *models.Plan, ctx *models.ContextResult) []string {
+	files := make([]string, 0)
+	if plan != nil {
+		files = append(files, plan.FilesToInspect...)
+		files = append(files, plan.FilesToModify...)
+	}
+	if ctx != nil {
+		files = append(files, ctx.SelectedFiles...)
+		files = append(files, ctx.RelatedTests...)
+		files = append(files, ctx.RelevantConfigs...)
+	}
+	return files
+}
+
+func buildRequiredEdits(plan *models.Plan) []string {
+	if plan == nil {
+		return []string{}
+	}
+	items := make([]string, 0, len(plan.AcceptanceCriteria)+len(plan.Steps))
+	for _, criterion := range plan.AcceptanceCriteria {
+		if strings.TrimSpace(criterion.Description) == "" {
+			continue
+		}
+		items = append(items, criterion.Description)
+	}
+	if len(items) == 0 {
+		for _, step := range plan.Steps {
+			if strings.TrimSpace(step.Description) == "" {
+				continue
+			}
+			items = append(items, step.Description)
+		}
+	}
+	return uniqueNonEmpty(items)
+}
+
+func buildProhibitedActions(plan *models.Plan) []string {
+	items := []string{
+		"Do not modify files outside the allowed file set unless scope expansion is explicitly justified.",
+		"Do not introduce unrelated refactors or formatting-only churn.",
+		"Do not change sensitive files, secrets, or unrelated configuration.",
+	}
+	if plan != nil {
+		items = append(items, plan.ForbiddenChanges...)
+	}
+	return uniqueNonEmpty(items)
+}
+
+func buildAcceptanceCriteria(plan *models.Plan) []string {
+	if plan == nil {
+		return []string{}
+	}
+	items := make([]string, 0, len(plan.AcceptanceCriteria))
+	for _, criterion := range plan.AcceptanceCriteria {
+		items = append(items, criterion.Description)
+	}
+	return uniqueNonEmpty(items)
+}
+
+func buildInvariants(plan *models.Plan, brief *models.TaskBrief) []string {
+	items := make([]string, 0)
+	if plan != nil {
+		items = append(items, plan.Invariants...)
+	}
+	if brief != nil && brief.RiskLevel == models.RiskHigh {
+		items = append(items, "Preserve existing behavior and public interfaces unless the task explicitly requires a contract change.")
+	}
+	return uniqueNonEmpty(items)
+}
+
+func patchMaxFiles(cfg *config.Config) int {
+	if cfg == nil || cfg.Patch.MaxFiles <= 0 {
+		return 10
+	}
+	return cfg.Patch.MaxFiles
+}
+
+func patchMaxLines(cfg *config.Config) int {
+	if cfg == nil || cfg.Patch.MaxLines <= 0 {
+		return 800
+	}
+	return cfg.Patch.MaxLines
+}
+
+func uniqueNonEmpty(values []string) []string {
+	result := make([]string, 0, len(values))
+	seen := map[string]struct{}{}
+	for _, value := range values {
+		trimmed := strings.TrimSpace(value)
+		if trimmed == "" {
+			continue
+		}
+		if _, ok := seen[trimmed]; ok {
+			continue
+		}
+		seen[trimmed] = struct{}{}
+		result = append(result, trimmed)
+	}
+	return result
+}

package/internal/execution/contract_builder_test.go

@@ -0,0 +1,68 @@
+package execution
+
+import (
+	"testing"
+	"time"
+
+	"github.com/furkanbeydemir/orch/internal/config"
+	"github.com/furkanbeydemir/orch/internal/models"
+)
+
+func TestContractBuilderBuildsStructuredContract(t *testing.T) {
+	builder := NewContractBuilder(config.DefaultConfig())
+	task := &models.Task{ID: "task-1", Description: "fix race condition in auth service", CreatedAt: time.Now()}
+	brief := &models.TaskBrief{TaskID: "task-1", TaskType: models.TaskTypeBugfix, RiskLevel: models.RiskHigh}
+	plan := &models.Plan{
+		TaskID:         "task-1",
+		FilesToModify:  []string{"internal/auth/service.go"},
+		FilesToInspect: []string{"internal/auth/service.go", "internal/auth/service_test.go"},
+		AcceptanceCriteria: []models.AcceptanceCriterion{{
+			ID:          "ac-1",
+			Description: "Race condition is no longer reproducible.",
+		}},
+		Invariants:       []string{"Public API remains unchanged."},
+		ForbiddenChanges: []string{"Do not change config files."},
+		Steps: []models.PlanStep{{
+			Order:       1,
+			Description: "Protect auth state mutation.",
+		}},
+	}
+	ctx := &models.ContextResult{
+		SelectedFiles: []string{"internal/auth/service.go"},
+		RelatedTests:  []string{"internal/auth/service_test.go"},
+	}
+
+	contract := builder.Build(task, brief, plan, ctx)
+	if contract == nil {
+		t.Fatalf("expected contract")
+	}
+	if len(contract.AllowedFiles) != 1 || contract.AllowedFiles[0] != "internal/auth/service.go" {
+		t.Fatalf("unexpected allowed files: %#v", contract.AllowedFiles)
+	}
+	if len(contract.InspectFiles) < 2 {
+		t.Fatalf("expected inspect files to include plan and test context")
+	}
+	if len(contract.RequiredEdits) == 0 {
+		t.Fatalf("expected required edits")
+	}
+	if len(contract.ProhibitedActions) == 0 {
+		t.Fatalf("expected prohibited actions")
+	}
+	if contract.PatchBudget.MaxFiles <= 0 || contract.PatchBudget.MaxChangedLines <= 0 {
+		t.Fatalf("expected patch budget from config")
+	}
+}
+
+func TestScopeGuardRejectsOutOfScopePatch(t *testing.T) {
+	guard := NewScopeGuard()
+	contract := &models.ExecutionContract{AllowedFiles: []string{"internal/auth/service.go"}}
+	patch := &models.Patch{Files: []models.PatchFile{{Path: "internal/auth/service.go"}, {Path: "internal/auth/config.go"}}}
+
+	result := guard.Validate(contract, patch)
+	if result.Status != models.ValidationFail {
+		t.Fatalf("expected validation failure, got %s", result.Status)
+	}
+	if len(result.Details) != 1 || result.Details[0] != "internal/auth/config.go" {
+		t.Fatalf("unexpected scope violation details: %#v", result.Details)
+	}
+}

package/internal/execution/plan_compliance.go

@@ -0,0 +1,161 @@
+package execution
+
+import (
+	"fmt"
+	"path/filepath"
+	"strings"
+
+	"github.com/furkanbeydemir/orch/internal/models"
+)
+
+type PlanComplianceGuard struct{}
+
+func NewPlanComplianceGuard() *PlanComplianceGuard {
+	return &PlanComplianceGuard{}
+}
+
+func (g *PlanComplianceGuard) Validate(plan *models.Plan, contract *models.ExecutionContract, patch *models.Patch) models.ValidationResult {
+	result := models.ValidationResult{
+		Name:     "plan_compliance",
+		Stage:    "validation",
+		Status:   models.ValidationPass,
+		Severity: models.SeverityLow,
+		Summary:  "patch remains compliant with the structured plan",
+		Metadata: map[string]string{},
+	}
+
+	if plan == nil {
+		result.Status = models.ValidationWarn
+		result.Severity = models.SeverityMedium
+		result.Summary = "structured plan missing; plan compliance could not be fully validated"
+		return result
+	}
+	if patch == nil {
+		result.Status = models.ValidationFail
+		result.Severity = models.SeverityHigh
+		result.Summary = "patch missing for plan compliance validation"
+		return result
+	}
+	if len(plan.AcceptanceCriteria) == 0 && (contract == nil || len(contract.AcceptanceCriteria) == 0) {
+		result.Status = models.ValidationFail
+		result.Severity = models.SeverityHigh
+		result.Summary = "structured plan is missing acceptance criteria"
+		result.ActionableItems = []string{"Regenerate the plan with explicit acceptance criteria before coding."}
+		return result
+	}
+	if len(patch.Files) == 0 {
+		result.Status = models.ValidationFail
+		result.Severity = models.SeverityHigh
+		result.Summary = "patch contains no changed files despite a code task plan"
+		result.ActionableItems = []string{"Generate a non-empty patch that satisfies the required edits and acceptance criteria."}
+		return result
+	}
+
+	changedFiles := changedFileSet(patch)
+	requiredFiles := requiredModifyFiles(plan, contract)
+	missingFiles := make([]string, 0)
+	for _, file := range requiredFiles {
+		if _, ok := changedFiles[file]; ok {
+			continue
+		}
+		missingFiles = append(missingFiles, file)
+	}
+	if len(missingFiles) > 0 {
+		result.Status = models.ValidationFail
+		result.Severity = models.SeverityHigh
+		result.Summary = fmt.Sprintf("patch did not modify required planned files: %s", strings.Join(missingFiles, ", "))
+		result.Details = missingFiles
+		result.ActionableItems = []string{"Ensure all required planned files are updated or explicitly reduce scope before retrying."}
+		result.Metadata["required_files"] = strings.Join(requiredFiles, ",")
+		return result
+	}
+
+	forbiddenViolations := detectForbiddenViolations(plan, patch)
+	if len(forbiddenViolations) > 0 {
+		result.Status = models.ValidationFail
+		result.Severity = models.SeverityHigh
+		result.Summary = fmt.Sprintf("patch appears to violate forbidden change rules: %s", strings.Join(forbiddenViolations, "; "))
+		result.Details = forbiddenViolations
+		result.ActionableItems = []string{"Remove forbidden changes and keep the patch aligned with the approved plan."}
+		return result
+	}
+
+	result.Metadata["changed_files"] = strings.Join(sortedKeys(changedFiles), ",")
+	result.Metadata["required_files"] = strings.Join(requiredFiles, ",")
+	return result
+}
+
+func changedFileSet(patch *models.Patch) map[string]struct{} {
+	result := map[string]struct{}{}
+	if patch == nil {
+		return result
+	}
+	for _, file := range patch.Files {
+		path := strings.TrimSpace(file.Path)
+		if path == "" {
+			continue
+		}
+		result[path] = struct{}{}
+	}
+	return result
+}
+
+func requiredModifyFiles(plan *models.Plan, contract *models.ExecutionContract) []string {
+	files := make([]string, 0)
+	if plan != nil {
+		files = append(files, plan.FilesToModify...)
+	}
+	if len(files) == 0 && contract != nil {
+		files = append(files, contract.AllowedFiles...)
+	}
+	return uniqueNonEmpty(files)
+}
+
+func detectForbiddenViolations(plan *models.Plan, patch *models.Patch) []string {
+	if plan == nil || patch == nil {
+		return nil
+	}
+	violations := make([]string, 0)
+	for _, rule := range plan.ForbiddenChanges {
+		lowerRule := strings.ToLower(rule)
+		for _, file := range patch.Files {
+			path := strings.TrimSpace(file.Path)
+			if path == "" {
+				continue
+			}
+			if strings.Contains(lowerRule, "config") && isConfigLike(path) {
+				violations = append(violations, fmt.Sprintf("forbidden config change touched %s", path))
+			}
+			if strings.Contains(lowerRule, "test") && isTestLike(path) {
+				violations = append(violations, fmt.Sprintf("forbidden test change touched %s", path))
+			}
+		}
+	}
+	return uniqueNonEmpty(violations)
+}
+
+func isConfigLike(path string) bool {
+	lower := strings.ToLower(path)
+	base := strings.ToLower(filepath.Base(path))
+	return strings.Contains(lower, "/config/") || strings.Contains(lower, "\\config\\") || strings.Contains(base, "config") || strings.Contains(base, ".env") || base == "package.json" || base == "go.mod" || base == "dockerfile" || strings.HasSuffix(base, ".yaml") || strings.HasSuffix(base, ".yml") || strings.HasSuffix(base, ".toml") || strings.HasSuffix(base, ".ini")
+}
+
+func isTestLike(path string) bool {
+	lower := strings.ToLower(path)
+	return strings.Contains(lower, "_test.") || strings.Contains(lower, ".test.") || strings.Contains(lower, ".spec.") || strings.Contains(lower, "/test") || strings.Contains(lower, "\\test")
+}
+
+func sortedKeys(values map[string]struct{}) []string {
+	result := make([]string, 0, len(values))
+	for key := range values {
+		result = append(result, key)
+	}
+	for i := 0; i < len(result); i++ {
+		for j := i + 1; j < len(result); j++ {
+			if result[j] < result[i] {
+				result[i], result[j] = result[j], result[i]
+			}
+		}
+	}
+	return result
+}

package/internal/execution/plan_compliance_test.go

@@ -0,0 +1,71 @@
+package execution
+
+import (
+	"testing"
+
+	"github.com/furkanbeydemir/orch/internal/models"
+)
+
+func TestPlanComplianceFailsWhenRequiredFilesAreMissing(t *testing.T) {
+	guard := NewPlanComplianceGuard()
+	plan := &models.Plan{
+		FilesToModify: []string{"internal/auth/service.go", "internal/auth/store.go"},
+		AcceptanceCriteria: []models.AcceptanceCriterion{{
+			ID:          "ac-1",
+			Description: "Race condition no longer occurs.",
+		}},
+	}
+	contract := &models.ExecutionContract{AllowedFiles: []string{"internal/auth/service.go", "internal/auth/store.go"}}
+	patch := &models.Patch{Files: []models.PatchFile{{Path: "internal/auth/service.go"}}}
+
+	result := guard.Validate(plan, contract, patch)
+	if result.Status != models.ValidationFail {
+		t.Fatalf("expected failure, got %s", result.Status)
+	}
+	if len(result.Details) != 1 || result.Details[0] != "internal/auth/store.go" {
+		t.Fatalf("unexpected missing files: %#v", result.Details)
+	}
+}
+
+func TestPlanComplianceFailsOnForbiddenConfigChange(t *testing.T) {
+	guard := NewPlanComplianceGuard()
+	plan := &models.Plan{
+		FilesToModify:      []string{"internal/auth/service.go"},
+		AcceptanceCriteria: []models.AcceptanceCriterion{{ID: "ac-1", Description: "Behavior remains stable."}},
+		ForbiddenChanges:   []string{"Do not change config files."},
+	}
+	patch := &models.Patch{Files: []models.PatchFile{{Path: "config/app.yaml"}, {Path: "internal/auth/service.go"}}}
+
+	result := guard.Validate(plan, nil, patch)
+	if result.Status != models.ValidationFail {
+		t.Fatalf("expected failure, got %s", result.Status)
+	}
+}
+
+func TestRetryDirectiveBuilderUsesValidationFailures(t *testing.T) {
+	builder := NewRetryDirectiveBuilder()
+	state := &models.RunState{
+		ValidationResults: []models.ValidationResult{{
+			Name:            "plan_compliance",
+			Stage:           "validation",
+			Status:          models.ValidationFail,
+			Severity:        models.SeverityHigh,
+			Summary:         "missing required file",
+			ActionableItems: []string{"Modify the required file."},
+		}},
+	}
+
+	directive := builder.FromValidation(state, 2)
+	if directive == nil {
+		t.Fatalf("expected directive")
+	}
+	if directive.Attempt != 2 || directive.Stage != "validation" {
+		t.Fatalf("unexpected directive: %#v", directive)
+	}
+	if len(directive.FailedGates) != 1 || directive.FailedGates[0] != "plan_compliance" {
+		t.Fatalf("unexpected failed gates: %#v", directive.FailedGates)
+	}
+	if len(directive.Instructions) == 0 {
+		t.Fatalf("expected actionable retry instructions")
+	}
+}