aru-code 0.19.2__tar.gz → 0.20.1__tar.gz

{aru_code-0.19.2/aru_code.egg-info → aru_code-0.20.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aru-code
-Version: 0.19.2
+Version: 0.20.1
 Summary: A Claude Code clone built with Agno agents
 Author-email: Estevao <estevaofon@gmail.com>
 License-Expression: MIT
@@ -312,8 +312,47 @@ Without any `aru.json` config, aru applies safe defaults:
 - Bash → ~40 safe command prefixes auto-allowed (`ls`, `git status`, `grep`, etc.), rest → `ask`
 - Sensitive files (`*.env`, `*.env.*`) → `deny` for read/edit/write (except `*.env.example`)
 
-> `aru.json` can also be placed at `.aru/config.json`.
->
+#### Config file locations
+
+Aru loads configuration from two levels, with project settings overriding global ones:
+
+| Level | Path | Purpose |
+|-------|------|---------|
+| **Global (user)** | `~/.aru/config.json` | Defaults that apply to all projects (model, aliases, permissions, providers) |
+| **Project** | `aru.json` or `.aru/config.json` | Project-specific overrides |
+
+Global config is loaded first, then the project config is **deep-merged** on top — scalar values and lists are replaced, nested objects (like `permission`, `providers`, `model_aliases`) are merged recursively. This means you can set your preferred model and aliases globally and only override what's different per project.
+
+**Example `~/.aru/config.json`:**
+
+```json
+{
+  "default_model": "anthropic/claude-sonnet-4-6",
+  "model_aliases": {
+    "sonnet": "anthropic/claude-sonnet-4-6",
+    "opus": "anthropic/claude-opus-4-6"
+  },
+  "permission": {
+    "read": "allow",
+    "glob": "allow",
+    "grep": "allow"
+  }
+}
+```
+
+Then a project `aru.json` only needs project-specific settings:
+
+```json
+{
+  "default_model": "ollama/codellama",
+  "permission": {
+    "bash": { "pytest *": "allow" }
+  }
+}
+```
+
+The result: `default_model` becomes `ollama/codellama`, `model_aliases` come from global, and `permission` merges both levels (`read`, `glob`, `grep` from global + `bash` from project).
+
 > A full `aru.json` config reference here: [`aru.json`](./aru.json)
 
 ### AGENTS.md

{aru_code-0.19.2 → aru_code-0.20.1}/README.md

@@ -265,8 +265,47 @@ Without any `aru.json` config, aru applies safe defaults:
 - Bash → ~40 safe command prefixes auto-allowed (`ls`, `git status`, `grep`, etc.), rest → `ask`
 - Sensitive files (`*.env`, `*.env.*`) → `deny` for read/edit/write (except `*.env.example`)
 
-> `aru.json` can also be placed at `.aru/config.json`.
->
+#### Config file locations
+
+Aru loads configuration from two levels, with project settings overriding global ones:
+
+| Level | Path | Purpose |
+|-------|------|---------|
+| **Global (user)** | `~/.aru/config.json` | Defaults that apply to all projects (model, aliases, permissions, providers) |
+| **Project** | `aru.json` or `.aru/config.json` | Project-specific overrides |
+
+Global config is loaded first, then the project config is **deep-merged** on top — scalar values and lists are replaced, nested objects (like `permission`, `providers`, `model_aliases`) are merged recursively. This means you can set your preferred model and aliases globally and only override what's different per project.
+
+**Example `~/.aru/config.json`:**
+
+```json
+{
+  "default_model": "anthropic/claude-sonnet-4-6",
+  "model_aliases": {
+    "sonnet": "anthropic/claude-sonnet-4-6",
+    "opus": "anthropic/claude-opus-4-6"
+  },
+  "permission": {
+    "read": "allow",
+    "glob": "allow",
+    "grep": "allow"
+  }
+}
+```
+
+Then a project `aru.json` only needs project-specific settings:
+
+```json
+{
+  "default_model": "ollama/codellama",
+  "permission": {
+    "bash": { "pytest *": "allow" }
+  }
+}
+```
+
+The result: `default_model` becomes `ollama/codellama`, `model_aliases` come from global, and `permission` merges both levels (`read`, `glob`, `grep` from global + `bash` from project).
+
 > A full `aru.json` config reference here: [`aru.json`](./aru.json)
 
 ### AGENTS.md

aru_code-0.20.1/aru/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.20.1"

{aru_code-0.19.2 → aru_code-0.20.1}/aru/agents/base.py

@@ -21,6 +21,12 @@ Examples of ideal responses:
 - user: "what command lists files?" → assistant: "ls"
 - user: "fix the typo in line 5" → [call edit_file immediately, no narration]
 
+## Permission denials — CRITICAL
+
+When a tool returns "PERMISSION DENIED", the user intentionally refused the action. \
+NEVER retry the same operation. Do NOT try alternative approaches to achieve the same edit. \
+Instead, stop immediately and ask the user what they would like you to do instead.
+
 ## Scope rules
 
 NEVER create documentation files (*.md) unless the user explicitly asks for them.

{aru_code-0.19.2 → aru_code-0.20.1}/aru/cli.py

@@ -208,6 +208,38 @@ async def run_cli(skip_permissions: bool = False, resume_id: str | None = None):
     paste_state = PasteState()
     prompt_session = _create_prompt_session(paste_state, config)
 
+    # Load custom tools (synchronous — fast, no network)
+    from aru.plugins.custom_tools import discover_custom_tools, register_custom_tools
+    _disabled_tools = config.disabled_tools if hasattr(config, "disabled_tools") else []
+    _custom_tool_descs = discover_custom_tools(disabled=_disabled_tools)
+    if _custom_tool_descs:
+        _ct_count = register_custom_tools(_custom_tool_descs)
+        console.print(f"[dim]Loaded {_ct_count} custom tool(s): {', '.join(d['name'] for d in _custom_tool_descs)}[/dim]")
+
+    # Load plugins (local imports only, no network)
+    from aru.plugins.manager import PluginManager
+    from aru.plugins.hooks import PluginInput
+    _plugin_mgr = PluginManager()
+    ctx.plugin_manager = _plugin_mgr
+
+    try:
+        _p_input = PluginInput(
+            directory=os.getcwd(),
+            config_path="aru.json" if os.path.isfile("aru.json") else "",
+            model_ref=session.model_ref,
+        )
+        _plugin_specs = config.plugin_specs if hasattr(config, "plugin_specs") else []
+        _plugin_count = await _plugin_mgr.load_all(_p_input, plugin_specs=_plugin_specs)
+        if _plugin_count:
+            plugin_tools = _plugin_mgr.get_plugin_tools()
+            if plugin_tools:
+                _pt_count = register_custom_tools(plugin_tools)
+                console.print(f"[dim]Loaded {_plugin_count} plugin(s): {', '.join(_plugin_mgr.plugin_names)} ({_pt_count} tool(s))[/dim]")
+            else:
+                console.print(f"[dim]Loaded {_plugin_count} plugin(s): {', '.join(_plugin_mgr.plugin_names)}[/dim]")
+    except Exception as exc:
+        console.print(f"[dim yellow]Warning: plugin loading failed: {exc}[/dim yellow]")
+
     # Startup: load MCP tools in background (don't block REPL)
     async def _load_mcp_background():
         from aru.tools.codebase import load_mcp_tools

{aru_code-0.19.2 → aru_code-0.20.1}/aru/config.py

@@ -161,6 +161,8 @@ class AgentConfig:
     custom_agents: dict[str, CustomAgent] = field(default_factory=dict)
     plan_reviewer: bool = True
     tree_depth: int = 2  # max depth for directory tree in system prompt
+    disabled_tools: list[str] = field(default_factory=list)  # tools to skip loading
+    plugin_specs: list = field(default_factory=list)  # plugin specs from aru.json
 
     @property
     def has_instructions(self) -> bool:
@@ -434,6 +436,63 @@ def _discover_agents(search_roots: list[Path]) -> dict[str, CustomAgent]:
     return agents
 
 
+def _load_json_file(path: Path) -> dict | None:
+    """Read and parse a JSON file, returning None on any error."""
+    if not path.is_file():
+        return None
+    try:
+        content = path.read_text(encoding="utf-8")
+        data = json.loads(content)
+        return data if isinstance(data, dict) else None
+    except (OSError, UnicodeDecodeError, json.JSONDecodeError):
+        return None
+
+
+def _deep_merge(base: dict, override: dict) -> dict:
+    """Recursively merge override into base. Override values win for scalars;
+    dicts are merged recursively; lists are replaced (not concatenated)."""
+    result = base.copy()
+    for key, value in override.items():
+        if key in result and isinstance(result[key], dict) and isinstance(value, dict):
+            result[key] = _deep_merge(result[key], value)
+        else:
+            result[key] = value
+    return result
+
+
+def _apply_config_data(config: AgentConfig, data: dict, root: Path) -> None:
+    """Apply a merged config dict to an AgentConfig object."""
+    if "permission" in data:
+        config.permissions = data["permission"]
+    if "providers" in data:
+        from aru.providers import load_providers_from_config
+        load_providers_from_config(data)
+    if "default_model" in data:
+        config.default_model = data["default_model"]
+    if "model_aliases" in data and isinstance(data["model_aliases"], dict):
+        config.model_aliases = data["model_aliases"]
+    if "plan_reviewer" in data:
+        config.plan_reviewer = bool(data["plan_reviewer"])
+    if "tree_depth" in data:
+        td = data["tree_depth"]
+        if isinstance(td, int) and 0 <= td <= 5:
+            config.tree_depth = td
+    if "plugins" in data and isinstance(data["plugins"], list):
+        config.plugin_specs = data["plugins"]
+    if "tools" in data and isinstance(data["tools"], dict):
+        tools_cfg = data["tools"]
+        if "disabled" in tools_cfg and isinstance(tools_cfg["disabled"], list):
+            config.disabled_tools = [str(t) for t in tools_cfg["disabled"]]
+    if "instructions" in data and isinstance(data["instructions"], list):
+        entries = [str(e) for e in data["instructions"] if isinstance(e, str)]
+        config.rules_instructions = _resolve_instructions(entries, root)
+    if "agent" in data and isinstance(data["agent"], dict):
+        for agent_name, agent_data in data["agent"].items():
+            if agent_name in config.custom_agents and isinstance(agent_data, dict):
+                if "permission" in agent_data:
+                    config.custom_agents[agent_name].permission = agent_data["permission"]
+
+
 def load_config(cwd: str | None = None) -> AgentConfig:
     """Load agent configuration from AGENTS.md and .agents/ directory.
 
@@ -490,44 +549,27 @@ def load_config(cwd: str | None = None) -> AgentConfig:
     config.skills = _discover_skills(skill_roots)
     config.custom_agents = _discover_agents(skill_roots)
 
-    # Load opencode-style config (aru.json or .aru/config.json)
-    config_paths = [root / "aru.json", root / ".aru" / "config.json"]
-    for config_path in config_paths:
-        if config_path.is_file():
-            try:
-                content = config_path.read_text(encoding="utf-8")
-                data = json.loads(content)
-                if isinstance(data, dict):
-                    if "permission" in data:
-                        config.permissions = data["permission"]
-                    # Load provider configuration
-                    if "providers" in data:
-                        from aru.providers import load_providers_from_config
-                        load_providers_from_config(data)
-                    # Store default model and aliases for CLI
-                    if "default_model" in data:
-                        config.default_model = data["default_model"]
-                    if "model_aliases" in data and isinstance(data["model_aliases"], dict):
-                        config.model_aliases = data["model_aliases"]
-                    if "plan_reviewer" in data:
-                        config.plan_reviewer = bool(data["plan_reviewer"])
-                    if "tree_depth" in data:
-                        td = data["tree_depth"]
-                        if isinstance(td, int) and 0 <= td <= 5:
-                            config.tree_depth = td
-                    # Resolve instructions (local files, globs, URLs)
-                    if "instructions" in data and isinstance(data["instructions"], list):
-                        entries = [str(e) for e in data["instructions"] if isinstance(e, str)]
-                        config.rules_instructions = _resolve_instructions(entries, root)
-                    # Agent-level permission overrides from aru.json
-                    if "agent" in data and isinstance(data["agent"], dict):
-                        for agent_name, agent_data in data["agent"].items():
-                            if agent_name in config.custom_agents and isinstance(agent_data, dict):
-                                if "permission" in agent_data:
-                                    config.custom_agents[agent_name].permission = agent_data["permission"]
-                break
-            except (OSError, UnicodeDecodeError, json.JSONDecodeError):
-                pass
+    # Load config: global (~/.aru/config.json) first, then project-level on top.
+    # Project values override global values via deep merge.
+    home = Path.home()
+    global_config_paths = [home / ".aru" / "config.json"]
+    project_config_paths = [root / "aru.json", root / ".aru" / "config.json"]
+
+    merged_data: dict = {}
+    for config_path in global_config_paths:
+        data = _load_json_file(config_path)
+        if data is not None:
+            merged_data = data
+            break
+
+    for config_path in project_config_paths:
+        data = _load_json_file(config_path)
+        if data is not None:
+            merged_data = _deep_merge(merged_data, data)
+            break
+
+    if merged_data:
+        _apply_config_data(config, merged_data, root)
 
     return config
 

{aru_code-0.19.2 → aru_code-0.20.1}/aru/context.py

@@ -420,34 +420,52 @@ def truncate_output(
     # Save full output to disk before truncating (like OpenCode)
     saved_path = _save_truncated_output(text)
 
-    # Truncate by lines
+    # Truncate by lines — keep head + tail so summaries at the end are visible
     if line_count > TRUNCATE_MAX_LINES:
         head = lines[:TRUNCATE_KEEP_START]
-        omitted = line_count - TRUNCATE_KEEP_START
+        tail = lines[-TRUNCATE_KEEP_END:]
+        omitted = line_count - TRUNCATE_KEEP_START - TRUNCATE_KEEP_END
         hint = _build_truncation_hint(source_file, source_tool, TRUNCATE_KEEP_START, saved_path)
         return (
             "".join(head)
             + f"\n\n[... {omitted:,} lines omitted ({line_count:,} total)]\n"
-            + hint + "\n"
+            + hint + "\n\n"
+            + "".join(tail)
         )
 
     # Truncate by bytes (lines fit but total bytes too large)
-    kept_lines: list[str] = []
-    total = 0
+    # Reserve ~20% of budget for tail lines
+    head_budget = int(TRUNCATE_MAX_BYTES * 0.75)
+    tail_budget = TRUNCATE_MAX_BYTES - head_budget
+
+    head_lines: list[str] = []
+    head_bytes = 0
     for line in lines:
         line_bytes = len(line.encode("utf-8", errors="replace"))
-        if total + line_bytes > TRUNCATE_MAX_BYTES:
+        if head_bytes + line_bytes > head_budget:
             break
-        kept_lines.append(line)
-        total += line_bytes
+        head_lines.append(line)
+        head_bytes += line_bytes
 
-    remaining = line_count - len(kept_lines)
-    hint = _build_truncation_hint(source_file, source_tool, len(kept_lines), saved_path)
+    # Collect tail lines within tail budget
+    tail_lines: list[str] = []
+    tail_bytes = 0
+    for line in reversed(lines[len(head_lines):]):
+        line_bytes = len(line.encode("utf-8", errors="replace"))
+        if tail_bytes + line_bytes > tail_budget:
+            break
+        tail_lines.append(line)
+        tail_bytes += line_bytes
+    tail_lines.reverse()
+
+    omitted = line_count - len(head_lines) - len(tail_lines)
+    hint = _build_truncation_hint(source_file, source_tool, len(head_lines), saved_path)
     return (
-        "".join(kept_lines)
+        "".join(head_lines)
         + f"\n\n[... truncated at ~{TRUNCATE_MAX_BYTES // 1024}KB — "
-        f"{remaining:,} more lines]\n"
-        + hint + "\n"
+        f"{omitted:,} lines omitted]\n"
+        + hint + "\n\n"
+        + "".join(tail_lines)
     )
 
 
@@ -660,6 +678,17 @@ async def compact_conversation(
     """
     from aru.providers import create_model
 
+    # Fire session.compact hook — plugins can pre-process history.
+    # Import is lazy here to avoid circular dependency (context ← runtime).
+    try:
+        from aru.runtime import get_ctx  # noqa: lazy to avoid circular dep
+        mgr = get_ctx().plugin_manager
+        if mgr is not None and mgr.loaded:
+            event = await mgr.fire("session.compact", {"history": history})
+            history = event.data.get("history", history)
+    except (LookupError, AttributeError, ImportError):
+        pass  # no plugin manager available — proceed without hooks
+
     prompt = build_compaction_prompt(history, plan_task, model_id=model_id)
 
     try:

{aru_code-0.19.2 → aru_code-0.20.1}/aru/permissions.py

@@ -413,6 +413,42 @@ def resolve_permission(
 # Permission gate (user-facing prompt)
 # ---------------------------------------------------------------------------
 
+def _fire_permission_hook(mgr, category: str, subject: str) -> bool | None:
+    """Fire permission.ask hook through all plugin handlers.
+
+    Supports both sync and async handlers. Returns True/False if a handler
+    sets event.data["allow"], or None if no handler overrode the decision.
+    """
+    import asyncio
+    from aru.plugins.hooks import HookEvent
+
+    evt = HookEvent(hook="permission.ask", data={"category": category, "subject": subject})
+
+    for hooks_obj in mgr._hooks:
+        for handler in hooks_obj.get_handlers("permission.ask"):
+            try:
+                if asyncio.iscoroutinefunction(handler):
+                    # Async handler — run via the event loop
+                    loop = asyncio.get_event_loop()
+                    if loop.is_running():
+                        # Schedule as a task and wait with run_until_complete
+                        # won't work, so use a new loop in a thread
+                        import concurrent.futures
+                        with concurrent.futures.ThreadPoolExecutor(max_workers=1) as pool:
+                            pool.submit(asyncio.run, handler(evt)).result(timeout=5)
+                    else:
+                        loop.run_until_complete(handler(evt))
+                else:
+                    handler(evt)
+            except Exception:
+                continue  # skip broken handlers
+
+            if "allow" in evt.data:
+                return bool(evt.data["allow"])
+
+    return None  # no handler overrode
+
+
 def check_permission(
     category: str,
     subject: str,
@@ -429,8 +465,20 @@ def check_permission(
     if action == "deny":
         return False
 
-    # action == "ask" -> prompt user
+    # Fire permission.ask hook — plugins can override the decision.
+    # check_permission runs in a sync context (called from tool threads),
+    # so we fire sync handlers directly and async handlers via the event loop.
     ctx = get_ctx()
+    mgr = getattr(ctx, "plugin_manager", None)
+    if mgr is not None and getattr(mgr, "loaded", False):
+        try:
+            override = _fire_permission_hook(mgr, category, subject)
+            if override is not None:
+                return override
+        except Exception:
+            pass  # never let plugin errors block permissions
+
+    # action == "ask" -> prompt user
     with ctx.permission_lock:
         # Re-check after acquiring lock (another thread may have resolved it)
         action2, pattern2 = resolve_permission(category, subject)

aru_code-0.20.1/aru/plugins/__init__.py

@@ -0,0 +1,12 @@
+"""Aru plugin system — custom tools, hooks, and OpenCode TS bridge.
+
+Public API for plugin authors:
+
+    from aru.plugins import tool          # @tool decorator for custom tools
+    from aru.plugins import PluginInput, Hooks  # Full plugin API (Phase 2)
+"""
+
+from aru.plugins.tool_api import tool
+from aru.plugins.hooks import Hooks, HookEvent, PluginInput
+
+__all__ = ["tool", "Hooks", "HookEvent", "PluginInput"]