thumbgate 1.27.4 → 1.27.7

package/scripts/thumbgate-search.js

@@ -151,8 +151,67 @@ function sortResults(results) {
   });
 }
 
-function getFeedbackResults(query, limit, signal) {
-  const results = searchFeedbackLog(query, Math.max(limit * 3, limit));
+function extractFeedbackId(str) {
+  if (!str) return null;
+  const match = str.match(/fb[_-]\d+[_-][a-z0-9]+/i);
+  return match ? match[0].replace(/-/g, '_').toLowerCase() : null;
+}
+
+function deduplicateResults(results) {
+  const bestByFeedbackId = new Map();
+
+  for (const r of results) {
+    const feedId = extractFeedbackId(r.id || r.title || r.file || '');
+    if (feedId) {
+      const existing = bestByFeedbackId.get(feedId);
+      if (!existing) {
+        bestByFeedbackId.set(feedId, r);
+      } else {
+        const sourceOrder = { feedback: 4, contextfs: 3, prevention_rule: 2, document: 1 };
+        const existingOrder = sourceOrder[existing.source] || 0;
+        const currentOrder = sourceOrder[r.source] || 0;
+        if (currentOrder > existingOrder) {
+          bestByFeedbackId.set(feedId, r);
+        } else if (currentOrder === existingOrder && (r.score || 0) > (existing.score || 0)) {
+          bestByFeedbackId.set(feedId, r);
+        }
+      }
+    }
+  }
+
+  const finalResults = [];
+  const seenContent = new Set();
+  const seenIds = new Set();
+
+  for (const r of results) {
+    const feedId = extractFeedbackId(r.id || r.title || r.file || '');
+    let recordToUse = r;
+    if (feedId) {
+      recordToUse = bestByFeedbackId.get(feedId);
+      if (seenIds.has(recordToUse.id)) continue;
+    } else {
+      if (r.id && r.id !== 'null' && String(r.id).trim() !== '') {
+        if (seenIds.has(r.id)) continue;
+      }
+    }
+
+    const normTitle = String(recordToUse.title || '').trim().toLowerCase();
+    const normContext = String(recordToUse.context || '').trim().toLowerCase();
+    const contentKey = `${normTitle}|${normContext}`;
+    if (seenContent.has(contentKey)) continue;
+
+    if (recordToUse.id && recordToUse.id !== 'null' && String(recordToUse.id).trim() !== '') {
+      seenIds.add(recordToUse.id);
+    }
+    seenContent.add(contentKey);
+    finalResults.push(recordToUse);
+  }
+
+  return finalResults;
+}
+
+function getFeedbackResults(query, limit, signal, feedbackDir) {
+  const results = searchFeedbackLog(query, Math.max(limit * 3, limit), { feedbackDir });
   const normalizedSignal = normalizeSignal(signal);
   const filtered = normalizedSignal
     ? results.filter((record) => normalizeRecordSignal(record.signal) === normalizedSignal)
@@ -160,19 +219,19 @@ function getFeedbackResults(query, limit, signal) {
   return filtered.slice(0, limit).map(mapFeedbackResult);
 }
 
-function getContextResults(query, limit) {
-  return searchContextFs(query, limit).map(mapContextResult);
+function getContextResults(query, limit, feedbackDir) {
+  return searchContextFs(query, limit, { feedbackDir }).map(mapContextResult);
 }
 
-function getRuleResults(query, limit) {
-  return searchPreventionRulesSync(query, limit).map(mapRuleResult);
+function getRuleResults(query, limit, feedbackDir) {
+  return searchPreventionRulesSync(query, limit, { feedbackDir }).map(mapRuleResult);
 }
 
-function getDocumentResults(query, limit) {
-  return searchImportedDocuments({ query, limit }).map(mapDocumentResult);
+function getDocumentResults(query, limit, feedbackDir) {
+  return searchImportedDocuments({ query, limit, feedbackDir }).map(mapDocumentResult);
 }
 
-function searchThumbgate({ query, source = 'all', limit = 10, signal = null } = {}) {
+function searchThumbgate({ query, source = 'all', limit = 10, signal = null, feedbackDir = null } = {}) {
   const trimmedQuery = String(query || '').trim();
   if (!trimmedQuery) {
     throw new Error('query is required');
@@ -182,22 +241,29 @@ function searchThumbgate({ query, source = 'all', limit = 10, signal = null } =
   const normalizedSignal = normalizeSignal(signal);
   const normalizedLimit = normalizeLimit(limit);
 
+  const fetchLimit = Math.max(100, normalizedLimit * 5);
+
   let results = [];
   if (normalizedSource === 'feedback') {
-    results = getFeedbackResults(trimmedQuery, normalizedLimit, normalizedSignal);
+    const raw = getFeedbackResults(trimmedQuery, fetchLimit, normalizedSignal, feedbackDir);
+    results = deduplicateResults(raw).slice(0, normalizedLimit);
   } else if (normalizedSource === 'context') {
-    results = getContextResults(trimmedQuery, normalizedLimit);
+    const raw = getContextResults(trimmedQuery, fetchLimit, feedbackDir);
+    results = deduplicateResults(raw).slice(0, normalizedLimit);
   } else if (normalizedSource === 'rules') {
-    results = getRuleResults(trimmedQuery, normalizedLimit);
+    const raw = getRuleResults(trimmedQuery, fetchLimit, feedbackDir);
+    results = deduplicateResults(raw).slice(0, normalizedLimit);
   } else if (normalizedSource === 'documents') {
-    results = getDocumentResults(trimmedQuery, normalizedLimit);
+    const raw = getDocumentResults(trimmedQuery, fetchLimit, feedbackDir);
+    results = deduplicateResults(raw).slice(0, normalizedLimit);
   } else {
-    results = sortResults([
-      ...getFeedbackResults(trimmedQuery, normalizedLimit, normalizedSignal),
-      ...getContextResults(trimmedQuery, normalizedLimit),
-      ...getRuleResults(trimmedQuery, normalizedLimit),
-      ...getDocumentResults(trimmedQuery, normalizedLimit),
-    ]).slice(0, normalizedLimit);
+    const combined = [
+      ...getFeedbackResults(trimmedQuery, fetchLimit, normalizedSignal, feedbackDir),
+      ...getContextResults(trimmedQuery, fetchLimit, feedbackDir),
+      ...getRuleResults(trimmedQuery, fetchLimit, feedbackDir),
+      ...getDocumentResults(trimmedQuery, fetchLimit, feedbackDir),
+    ];
+    results = deduplicateResults(sortResults(combined)).slice(0, normalizedLimit);
   }
 
   return {

package/scripts/tool-contract-validator.js

@@ -0,0 +1,76 @@
+'use strict';
+
+/**
+ * Tool Contract Validator
+ * Validates tool arguments against the tool's inputSchema.
+ */
+function validateToolContract(schema, args) {
+  const errors = [];
+  if (!schema) return { valid: true, errors };
+
+  if (schema.type === 'object') {
+    if (typeof args !== 'object' || args === null || Array.isArray(args)) {
+      errors.push(`Expected object, got ${args === null ? 'null' : Array.isArray(args) ? 'array' : typeof args}`);
+      return { valid: false, errors };
+    }
+
+    // Check required fields
+    if (Array.isArray(schema.required)) {
+      for (const req of schema.required) {
+        if (args[req] === undefined || args[req] === null || args[req] === '') {
+          errors.push(`Missing required parameter: '${req}'`);
+        }
+      }
+    }
+
+    // Check properties
+    if (schema.properties) {
+      for (const [key, propSchema] of Object.entries(schema.properties)) {
+        const value = args[key];
+        if (value === undefined || value === null) continue; // Optional field not provided
+
+        const valType = typeof value;
+        if (propSchema.type === 'string') {
+          if (valType !== 'string') {
+            errors.push(`Parameter '${key}' must be a string (got ${valType})`);
+          } else if (Array.isArray(propSchema.enum)) {
+            if (!propSchema.enum.includes(value)) {
+              errors.push(`Parameter '${key}' must be one of [${propSchema.enum.join(', ')}] (got '${value}')`);
+            }
+          }
+        } else if (propSchema.type === 'number') {
+          if (valType !== 'number' || isNaN(value)) {
+            errors.push(`Parameter '${key}' must be a number (got ${valType})`);
+          }
+        } else if (propSchema.type === 'boolean') {
+          if (valType !== 'boolean') {
+            errors.push(`Parameter '${key}' must be a boolean (got ${valType})`);
+          }
+        } else if (propSchema.type === 'array') {
+          if (!Array.isArray(value)) {
+            errors.push(`Parameter '${key}' must be an array (got ${valType})`);
+          }
+        } else if (propSchema.type === 'object') {
+          if (valType !== 'object' || value === null || Array.isArray(value)) {
+            errors.push(`Parameter '${key}' must be an object (got ${valType})`);
+          } else {
+            // Recurse for nested objects
+            const subRes = validateToolContract(propSchema, value);
+            if (!subRes.valid) {
+              for (const err of subRes.errors) {
+                errors.push(`Parameter '${key}': ${err}`);
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+
+  return {
+    valid: errors.length === 0,
+    errors,
+  };
+}
+
+module.exports = { validateToolContract };

package/scripts/vector-store.js

@@ -172,6 +172,30 @@ async function embedWithGemini(text, options = {}) {
   return values.map(Number);
 }
 
+async function embedWithCoreAI(text, options = {}) {
+  if (process.platform !== 'darwin') {
+    throw new Error('Core AI is only supported on macOS');
+  }
+  const endpoint = process.env.THUMBGATE_COREAI_ENDPOINT || 'http://localhost:8088';
+  try {
+    const res = await fetch(`${endpoint}/embed`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ text, options }),
+      signal: AbortSignal.timeout(2000),
+    });
+    if (res.ok) {
+      const payload = await res.json();
+      if (Array.isArray(payload.embedding)) {
+        return payload.embedding.map(Number);
+      }
+    }
+  } catch (err) {
+    throw new Error(`Core AI local service unavailable: ${err.message}`);
+  }
+  throw new Error('Core AI local service did not return a valid embedding');
+}
+
 async function embed(text, options = {}) {
   if (process.env.THUMBGATE_VECTOR_STUB_EMBED === 'true') {
     // Deterministic 384-dim unit vector: first element = 1.0, rest = 0.0
@@ -180,6 +204,26 @@ async function embed(text, options = {}) {
     return stub;
   }
   const geminiConfig = resolveGeminiEmbeddingConfig();
+  if (geminiConfig.provider === 'coreai') {
+    try {
+      const vector = await embedWithCoreAI(text, options);
+      _lastEmbeddingProfile = {
+        generatedAt: new Date().toISOString(),
+        source: 'local-coreai',
+        activeProfile: {
+          id: 'coreai',
+          model: 'Core AI local model',
+          outputDimensionality: vector.length,
+          task: options.task || 'code retrieval',
+          rationale: 'Local Core AI Apple Silicon accelerated path.',
+        },
+        fallbackUsed: false,
+      };
+      return vector;
+    } catch (coreaiError) {
+      console.warn(`Core AI embedding failed, falling back to local: ${coreaiError.message}`);
+    }
+  }
   if (geminiConfig.enabled) {
     try {
       const vector = await embedWithGemini(text, options);

package/scripts/workspace-evolver.js

@@ -108,14 +108,74 @@ function parseCommandScore(output = '', status = 0, approvalRate = 0.5) {
   };
 }
 
+function parseCommandLine(cmdString) {
+  const args = [];
+  let current = '';
+  let inDoubleQuote = false;
+  let inSingleQuote = false;
+  let escaped = false;
+
+  for (let i = 0; i < cmdString.length; i++) {
+    const char = cmdString[i];
+
+    if (escaped) {
+      current += char;
+      escaped = false;
+    } else if (char === '\\') {
+      if (inSingleQuote) {
+        current += char;
+      } else {
+        escaped = true;
+      }
+    } else if (char === '"' && !inSingleQuote) {
+      inDoubleQuote = !inDoubleQuote;
+    } else if (char === "'" && !inDoubleQuote) {
+      inSingleQuote = !inSingleQuote;
+    } else if (char === ' ' && !inDoubleQuote && !inSingleQuote) {
+      if (current) {
+        args.push(current);
+        current = '';
+      }
+    } else {
+      current += char;
+    }
+  }
+  if (current) {
+    args.push(current);
+  }
+  return args;
+}
+
 function runCommand(command, {
   cwd = process.cwd(),
   env = process.env,
   timeoutMs = DEFAULT_TIMEOUT_MS,
 } = {}) {
   const startedAt = Date.now();
-  const result = spawnSync(command, [], {
-    shell: true,
+  const args = parseCommandLine(command);
+  const exec = args.shift();
+
+  const execBase = require('node:path').basename(exec).toLowerCase();
+  let safeExec;
+  if (exec === process.execPath) {
+    safeExec = process.execPath;
+  } else if (execBase === 'node' || execBase === 'node.exe') {
+    safeExec = process.execPath;
+  } else if (execBase === 'npm') {
+    safeExec = 'npm';
+  } else if (execBase === 'npm.cmd') {
+    safeExec = 'npm.cmd';
+  } else if (execBase === 'python3') {
+    safeExec = 'python3';
+  } else if (execBase === 'python') {
+    safeExec = 'python';
+  } else if (execBase === 'pytest') {
+    safeExec = 'pytest';
+  } else {
+    throw new Error(`Binary ${exec} is not authorized for workspace evolution.`);
+  }
+
+  const result = spawnSync(safeExec, args, {
     cwd,
     env,
     encoding: 'utf8',