auto-code-fixer 0.3.5__tar.gz → 0.3.7__tar.gz

{auto_code_fixer-0.3.5 → auto_code_fixer-0.3.7}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: auto-code-fixer
-Version: 0.3.5
+Version: 0.3.7
 Summary: Automatically fix Python code using ChatGPT
 Author-email: Arif Shah <ashah7775@gmail.com>
 License: MIT
@@ -87,6 +87,18 @@ pip install requests
 Before overwriting any file, it creates a backup:
 - `file.py.bak` (or `.bak1`, `.bak2`, ...)
 
+### Approval mode (diff review)
+```bash
+auto-code-fixer path/to/main.py --project-root . --approve
+```
+In patch-protocol mode, approvals are **file-by-file** (apply/skip).
+
+### Diff / size guards
+To prevent huge edits from being applied accidentally:
+- `--max-diff-lines` limits unified-diff size per file
+- `--max-file-bytes` limits the proposed new content size per file
+- `--max-total-bytes` limits total proposed new content across all files
+
 ### Dry run
 ```bash
 auto-code-fixer path/to/main.py --project-root . --dry-run
@@ -103,6 +115,16 @@ Instead of `python main.py`, run tests:
 auto-code-fixer . --project-root . --run "pytest -q" --no-ask
 ```
 
+When you use `--run`, the tool (by default) also performs a **post-apply check**:
+after copying fixes back to your project, it re-runs the same command against the real project files
+(using the sandbox venv for dependencies).
+
+You can disable that extra check with:
+
+```bash
+auto-code-fixer . --project-root . --run "pytest -q" --no-post-apply-check
+```
+
 ### Model selection
 ```bash
 export AUTO_CODE_FIXER_MODEL=gpt-4.1-mini
@@ -121,13 +143,18 @@ auto-code-fixer main.py --ai-plan
 ```
 This enables a helper that can suggest which local file to edit. It is best-effort.
 
-### Optional structured patch protocol (JSON + sha256)
+### Structured patch protocol (JSON + sha256) (default)
+By default, Auto Code Fixer uses a structured **patch protocol** where the model returns strict JSON:
+
+`{ "files": [ {"path": "...", "new_content": "...", "sha256": "..."}, ... ] }`
+
+The tool verifies the SHA-256 hash of `new_content` before applying edits.
+
+To disable this and use legacy full-text mode only:
+
 ```bash
-auto-code-fixer main.py --patch-protocol
+auto-code-fixer main.py --legacy-mode
 ```
-When enabled, the model is asked to return strict JSON with `{files:[{path,new_content,sha256}]}`.
-The tool verifies the SHA-256 hash of `new_content` before applying edits, and falls back to the
-legacy full-text mode if parsing/validation fails.
 
 ### Optional formatting / linting (best-effort)
 ```bash

{auto_code_fixer-0.3.5 → auto_code_fixer-0.3.7}/README.md

@@ -66,6 +66,18 @@ pip install requests
 Before overwriting any file, it creates a backup:
 - `file.py.bak` (or `.bak1`, `.bak2`, ...)
 
+### Approval mode (diff review)
+```bash
+auto-code-fixer path/to/main.py --project-root . --approve
+```
+In patch-protocol mode, approvals are **file-by-file** (apply/skip).
+
+### Diff / size guards
+To prevent huge edits from being applied accidentally:
+- `--max-diff-lines` limits unified-diff size per file
+- `--max-file-bytes` limits the proposed new content size per file
+- `--max-total-bytes` limits total proposed new content across all files
+
 ### Dry run
 ```bash
 auto-code-fixer path/to/main.py --project-root . --dry-run
@@ -82,6 +94,16 @@ Instead of `python main.py`, run tests:
 auto-code-fixer . --project-root . --run "pytest -q" --no-ask
 ```
 
+When you use `--run`, the tool (by default) also performs a **post-apply check**:
+after copying fixes back to your project, it re-runs the same command against the real project files
+(using the sandbox venv for dependencies).
+
+You can disable that extra check with:
+
+```bash
+auto-code-fixer . --project-root . --run "pytest -q" --no-post-apply-check
+```
+
 ### Model selection
 ```bash
 export AUTO_CODE_FIXER_MODEL=gpt-4.1-mini
@@ -100,13 +122,18 @@ auto-code-fixer main.py --ai-plan
 ```
 This enables a helper that can suggest which local file to edit. It is best-effort.
 
-### Optional structured patch protocol (JSON + sha256)
+### Structured patch protocol (JSON + sha256) (default)
+By default, Auto Code Fixer uses a structured **patch protocol** where the model returns strict JSON:
+
+`{ "files": [ {"path": "...", "new_content": "...", "sha256": "..."}, ... ] }`
+
+The tool verifies the SHA-256 hash of `new_content` before applying edits.
+
+To disable this and use legacy full-text mode only:
+
 ```bash
-auto-code-fixer main.py --patch-protocol
+auto-code-fixer main.py --legacy-mode
 ```
-When enabled, the model is asked to return strict JSON with `{files:[{path,new_content,sha256}]}`.
-The tool verifies the SHA-256 hash of `new_content` before applying edits, and falls back to the
-legacy full-text mode if parsing/validation fails.
 
 ### Optional formatting / linting (best-effort)
 ```bash

auto_code_fixer-0.3.7/auto_code_fixer/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.3.7"

auto_code_fixer-0.3.7/auto_code_fixer/approval.py

@@ -0,0 +1,114 @@
+import difflib
+from dataclasses import dataclass
+
+
+@dataclass(frozen=True)
+class PlannedChange:
+    abs_path: str
+    rel_path: str
+    old_content: str
+    new_content: str
+
+
+class UserAbort(Exception):
+    pass
+
+
+def unified_diff_text(rel_path: str, old: str, new: str) -> str:
+    return "".join(
+        difflib.unified_diff(
+            (old or "").splitlines(keepends=True),
+            (new or "").splitlines(keepends=True),
+            fromfile=rel_path + " (before)",
+            tofile=rel_path + " (after)",
+        )
+    )
+
+
+def guard_planned_changes(
+    planned: list[PlannedChange],
+    *,
+    max_file_bytes: int,
+    max_total_bytes: int,
+    max_diff_lines: int,
+) -> None:
+    """Safety guards against huge edits.
+
+    Raises ValueError when limits are exceeded.
+    """
+
+    if max_file_bytes <= 0 or max_total_bytes <= 0 or max_diff_lines <= 0:
+        raise ValueError("Guard limits must be positive")
+
+    total = 0
+
+    for ch in planned:
+        b = len((ch.new_content or "").encode("utf-8"))
+        total += b
+        if b > max_file_bytes:
+            raise ValueError(
+                f"Proposed content for {ch.rel_path} is {b} bytes, exceeding --max-file-bytes={max_file_bytes}"
+            )
+
+        diff = unified_diff_text(ch.rel_path, ch.old_content, ch.new_content)
+        diff_lines = len(diff.splitlines())
+        if diff_lines > max_diff_lines:
+            raise ValueError(
+                f"Diff for {ch.rel_path} is {diff_lines} lines, exceeding --max-diff-lines={max_diff_lines}"
+            )
+
+    if total > max_total_bytes:
+        raise ValueError(
+            f"Total proposed content is {total} bytes, exceeding --max-total-bytes={max_total_bytes}"
+        )
+
+
+def prompt_approve_file_by_file(
+    planned: list[PlannedChange],
+    *,
+    input_fn=input,
+    print_fn=print,
+) -> list[PlannedChange]:
+    """Interactive approval per file.
+
+    Commands:
+      y = apply this change
+      n = skip this change
+      a = apply this and all remaining
+      q = abort
+    """
+
+    if not planned:
+        return []
+
+    out: list[PlannedChange] = []
+    apply_all = False
+
+    for ch in planned:
+        diff = unified_diff_text(ch.rel_path, ch.old_content, ch.new_content)
+        print_fn("\nPROPOSED CHANGE:")
+        print_fn(diff)
+
+        if apply_all:
+            out.append(ch)
+            continue
+
+        ans = (
+            input_fn(f"Apply change for {ch.rel_path}? (y/n/a/q): ")
+            .strip()
+            .lower()
+        )
+        if ans == "y":
+            out.append(ch)
+        elif ans == "n":
+            continue
+        elif ans == "a":
+            out.append(ch)
+            apply_all = True
+        elif ans == "q":
+            raise UserAbort("User aborted approvals")
+        else:
+            # default: be safe
+            continue
+
+    return out

{auto_code_fixer-0.3.5 → auto_code_fixer-0.3.7}/auto_code_fixer/cli.py

@@ -32,6 +32,13 @@ def fix_file(
     max_retries: int,
     run_cmd: str | None,
     patch_protocol: bool,
+    max_files_changed: int,
+    context_files: int,
+    approve: bool,
+    max_diff_lines: int,
+    max_file_bytes: int,
+    max_total_bytes: int,
+    post_apply_check: bool,
     fmt: str | None,
     lint: str | None,
     lint_fix: bool,
@@ -160,6 +167,8 @@ def fix_file(
                     sr = os.path.realpath(os.path.abspath(sandbox_root))
                     pr = os.path.realpath(os.path.abspath(project_root))
 
+                    backups: dict[str, str] = {}
+
                     for p in sorted(changed_sandbox_files):
                         p_real = os.path.realpath(os.path.abspath(p))
 
@@ -189,12 +198,44 @@ def fix_file(
 
                         if os.path.exists(dst_real):
                             bak = backup_file(dst_real)
+                            backups[dst_real] = bak
                             log(f"Backup created: {bak}", "DEBUG")
 
                         os.makedirs(os.path.dirname(dst_real), exist_ok=True)
                         shutil.copy(p_real, dst_real)
                         log(f"File updated: {dst_real}")
 
+                    # Optional post-apply verification: run the same command against the real project files,
+                    # using the sandbox venv for dependencies.
+                    if post_apply_check and run_cmd and changed_sandbox_files:
+                        from auto_code_fixer.command_runner import run_command
+
+                        rc2, out2, err2 = run_command(
+                            run_cmd,
+                            timeout_s=timeout_s,
+                            python_exe=venv_python,
+                            cwd=project_root,
+                            extra_env={"PYTHONPATH": project_root},
+                        )
+                        if verbose:
+                            if out2:
+                                log(f"POST-APPLY STDOUT:\n{out2}", "DEBUG")
+                            if err2:
+                                log(f"POST-APPLY STDERR:\n{err2}", "DEBUG")
+
+                        if rc2 != 0:
+                            log(
+                                "Post-apply command failed; restoring backups (best-effort).",
+                                "ERROR",
+                            )
+                            for dst_real, bak in backups.items():
+                                try:
+                                    shutil.copy(bak, dst_real)
+                                except Exception as e:
+                                    log(f"WARN: failed to restore {dst_real} from {bak}: {e}")
+                            cleanup_sandbox()
+                            return False
+
             cleanup_sandbox()
             log(f"Fix completed in {attempt + 1} attempt(s) 🎉")
             return True
@@ -247,34 +288,110 @@ def fix_file(
 
         if patch_protocol:
             try:
+                import difflib
+
                 from auto_code_fixer.fixer import fix_code_with_gpt_patch_protocol
                 from auto_code_fixer.patch_protocol import (
                     parse_patch_protocol_response,
                     validate_and_resolve_patch_files,
                 )
-                from auto_code_fixer.patcher import safe_read, safe_write
+                from auto_code_fixer.patcher import safe_read, atomic_write_verified_sha256
+                from auto_code_fixer.utils import find_imports
 
                 hint_paths = [os.path.relpath(target_file, sandbox_root)]
+
+                # Add a few related local files as read-only context to reduce back-and-forth.
+                ctx_pairs: list[tuple[str, str]] = []
+                if context_files and context_files > 0:
+                    rels: list[str] = []
+                    for abs_p in find_imports(target_file, sandbox_root):
+                        try:
+                            rels.append(os.path.relpath(abs_p, sandbox_root))
+                        except Exception:
+                            continue
+                    # drop duplicates and the target itself
+                    rels = [r for r in rels if r not in hint_paths]
+                    for rel in rels[:context_files]:
+                        abs_p = os.path.join(sandbox_root, rel)
+                        if os.path.exists(abs_p):
+                            try:
+                                ctx_pairs.append((rel, safe_read(abs_p)))
+                            except Exception:
+                                pass
+
                 raw = fix_code_with_gpt_patch_protocol(
                     sandbox_root=sandbox_root,
                     error_log=stderr,
                     api_key=api_key,
                     model=model,
                     hint_paths=hint_paths,
+                    context_files=ctx_pairs,
                 )
 
                 patch_files = parse_patch_protocol_response(raw)
+
+                if len(patch_files) > max_files_changed:
+                    raise ValueError(
+                        f"Patch wants to change {len(patch_files)} files, exceeding --max-files-changed={max_files_changed}"
+                    )
+
                 resolved = validate_and_resolve_patch_files(patch_files, sandbox_root=sandbox_root)
 
-                # Apply patches (only if they change content)
+                # Prepare diffs / approvals and apply atomically.
+                sha_by_rel = {pf.path: pf.sha256 for pf in patch_files}
+
+                from auto_code_fixer.approval import (
+                    PlannedChange,
+                    UserAbort,
+                    guard_planned_changes,
+                    prompt_approve_file_by_file,
+                )
+
+                planned: list[PlannedChange] = []
                 for abs_path, new_content in resolved:
                     old = ""
                     if os.path.exists(abs_path):
                         old = safe_read(abs_path)
                     if new_content.strip() == (old or "").strip():
                         continue
-                    safe_write(abs_path, new_content)
-                    changed_sandbox_files.add(os.path.abspath(abs_path))
+                    rel = os.path.relpath(abs_path, sandbox_root)
+                    planned.append(
+                        PlannedChange(
+                            abs_path=abs_path,
+                            rel_path=rel,
+                            old_content=old,
+                            new_content=new_content,
+                        )
+                    )
+
+                if planned:
+                    if len(planned) > max_files_changed:
+                        raise ValueError(
+                            f"Patch would change {len(planned)} files, exceeding --max-files-changed={max_files_changed}"
+                        )
+
+                    guard_planned_changes(
+                        planned,
+                        max_file_bytes=max_file_bytes,
+                        max_total_bytes=max_total_bytes,
+                        max_diff_lines=max_diff_lines,
+                    )
+
+                    if approve:
+                        try:
+                            planned = prompt_approve_file_by_file(planned)
+                        except UserAbort:
+                            log("User aborted patch application", "WARN")
+                            planned = []
+
+                for ch in planned:
+                    expected_sha = sha_by_rel.get(ch.rel_path)
+                    if not expected_sha:
+                        # Shouldn't happen; keep safe.
+                        raise ValueError(f"Missing sha256 for {ch.rel_path} in patch protocol payload")
+
+                    atomic_write_verified_sha256(ch.abs_path, ch.new_content, expected_sha)
+                    changed_sandbox_files.add(os.path.abspath(ch.abs_path))
                     applied_any = True
 
             except Exception as e:
@@ -292,9 +409,48 @@ def fix_file(
                 log("GPT returned no changes. Stopping.", "WARN")
                 break
 
-            with open(target_file, "w", encoding="utf-8") as f:
-                f.write(fixed_code)
+            from auto_code_fixer.approval import (
+                PlannedChange,
+                UserAbort,
+                guard_planned_changes,
+                prompt_approve_file_by_file,
+            )
+
+            old = open(target_file, encoding="utf-8").read()
+            rel = os.path.relpath(target_file, sandbox_root)
+
+            planned = [
+                PlannedChange(
+                    abs_path=target_file,
+                    rel_path=rel,
+                    old_content=old,
+                    new_content=fixed_code,
+                )
+            ]
+
+            guard_planned_changes(
+                planned,
+                max_file_bytes=max_file_bytes,
+                max_total_bytes=max_total_bytes,
+                max_diff_lines=max_diff_lines,
+            )
+
+            if approve:
+                try:
+                    planned = prompt_approve_file_by_file(planned)
+                except UserAbort:
+                    log("User declined patch application", "WARN")
+                    cleanup_sandbox()
+                    return False
 
+            if not planned:
+                log("No legacy changes approved", "WARN")
+                cleanup_sandbox()
+                return False
+
+            from auto_code_fixer.patcher import safe_write
+
+            safe_write(target_file, planned[0].new_content)
             changed_sandbox_files.add(os.path.abspath(target_file))
             applied_any = True
 
@@ -346,14 +502,74 @@ def main():
     )
 
     parser.add_argument(
-        "--patch-protocol",
+        "--legacy-mode",
         action="store_true",
         help=(
-            "Optional: ask the model for a strict JSON patch protocol with sha256 verification "
-            "(falls back to full-text mode if parsing/validation fails)"
+            "Disable the default JSON patch protocol and use legacy full-text edit mode only. "
+            "(Not recommended; patch protocol is safer and supports multi-file fixes.)"
         ),
     )
 
+    parser.add_argument(
+        "--max-files-changed",
+        type=int,
+        default=20,
+        help="Safety guard: maximum number of files the model may change per attempt (default: 20)",
+    )
+
+    parser.add_argument(
+        "--context-files",
+        type=int,
+        default=3,
+        help=(
+            "Include up to N related local files (imports) as read-only context in the LLM prompt "
+            "when using patch protocol (default: 3)"
+        ),
+    )
+
+    parser.add_argument(
+        "--approve",
+        action="store_true",
+        help=(
+            "Show diffs for proposed changes and ask for approval before applying them in the sandbox. "
+            "In patch-protocol mode, approvals are file-by-file."
+        ),
+    )
+
+    parser.add_argument(
+        "--max-diff-lines",
+        type=int,
+        default=4000,
+        help="Safety guard: maximum unified-diff lines to display/apply per file (default: 4000)",
+    )
+    parser.add_argument(
+        "--max-file-bytes",
+        type=int,
+        default=200_000,
+        help="Safety guard: maximum size (bytes) of proposed new content per file (default: 200000)",
+    )
+    parser.add_argument(
+        "--max-total-bytes",
+        type=int,
+        default=1_000_000,
+        help="Safety guard: maximum total bytes of proposed new content across all files (default: 1000000)",
+    )
+
+    post_apply_group = parser.add_mutually_exclusive_group()
+    post_apply_group.add_argument(
+        "--post-apply-check",
+        action="store_true",
+        help=(
+            "If using --run, re-run the command against the real project files after applying fixes "
+            "(uses sandbox venv for deps)."
+        ),
+    )
+    post_apply_group.add_argument(
+        "--no-post-apply-check",
+        action="store_true",
+        help="Disable the post-apply re-run check (even if --run is set).",
+    )
+
     parser.add_argument(
         "--format",
         default=None,
@@ -415,6 +631,13 @@ def main():
     if args.ai_plan:
         os.environ["AUTO_CODE_FIXER_AI_PLAN"] = "1"
 
+    if args.no_post_apply_check:
+        post_apply_check = False
+    elif args.post_apply_check:
+        post_apply_check = True
+    else:
+        post_apply_check = bool(args.run)
+
     ok = fix_file(
         args.entry_file,
         args.project_root,
@@ -426,7 +649,14 @@ def main():
         timeout_s=args.timeout,
         max_retries=args.max_retries,
         run_cmd=args.run,
-        patch_protocol=args.patch_protocol,
+        patch_protocol=not args.legacy_mode,
+        max_files_changed=args.max_files_changed,
+        context_files=args.context_files,
+        approve=args.approve,
+        max_diff_lines=args.max_diff_lines,
+        max_file_bytes=args.max_file_bytes,
+        max_total_bytes=args.max_total_bytes,
+        post_apply_check=post_apply_check,
         fmt=args.format,
         lint=args.lint,
         lint_fix=args.fix,

{auto_code_fixer-0.3.5 → auto_code_fixer-0.3.7}/auto_code_fixer/fixer.py

@@ -86,12 +86,13 @@ def fix_code_with_gpt_patch_protocol(
     api_key: str | None = None,
     model: str | None = None,
     hint_paths: list[str] | None = None,
+    context_files: list[tuple[str, str]] | None = None,
 ) -> str:
     """Ask the model for structured edits (patch protocol).
 
     Returns raw model text (expected JSON). Parsing/validation happens elsewhere.
 
-    The protocol is optional and should be enabled explicitly by the caller.
+    context_files: optional list of (relative_path, content) to include as read-only context.
     """
 
     client = get_openai_client(api_key)
@@ -113,11 +114,23 @@ def fix_code_with_gpt_patch_protocol(
             f"- {p}" for p in hint_paths
         )
 
+    ctx = ""
+    if context_files:
+        # Keep it readable and avoid enormous prompts.
+        blocks: list[str] = []
+        for rel, content in context_files:
+            snippet = content
+            if len(snippet) > 4000:
+                snippet = snippet[:4000] + "\n... (truncated)"
+            blocks.append(f"--- FILE: {rel} ---\n{snippet}\n")
+        ctx = "\n\nREAD-ONLY CONTEXT FILES:\n" + "\n".join(blocks)
+
     prompt = (
         "You are a senior Python engineer. Fix the project so it runs without errors.\n"
         "Return ONLY valid JSON that matches this schema (no markdown, no commentary):\n"
         + json.dumps(schema)
         + hints
+        + ctx
         + "\n\nSANDBOX ROOT:\n"
         + sandbox_root
         + "\n\nERROR LOG:\n"

auto_code_fixer-0.3.7/auto_code_fixer/patcher.py

@@ -0,0 +1,67 @@
+import os
+import tempfile
+from dataclasses import dataclass
+
+from auto_code_fixer.patch_protocol import compute_sha256_utf8
+
+
+@dataclass
+class FileEdit:
+    path: str
+    new_content: str
+
+
+def _atomic_write(path: str, content: str) -> None:
+    """Atomically write text content to path.
+
+    Writes to a temp file in the same directory then os.replace() to avoid partial writes.
+    """
+
+    dir_name = os.path.dirname(path) or "."
+    os.makedirs(dir_name, exist_ok=True)
+
+    fd, tmp_path = tempfile.mkstemp(prefix=".acf_", suffix=".tmp", dir=dir_name)
+    try:
+        with os.fdopen(fd, "w", encoding="utf-8") as f:
+            f.write(content)
+            f.flush()
+            os.fsync(f.fileno())
+        os.replace(tmp_path, path)
+    finally:
+        try:
+            if os.path.exists(tmp_path):
+                os.unlink(tmp_path)
+        except Exception:
+            pass
+
+
+def atomic_write_verified_sha256(path: str, content: str, expected_sha256: str) -> None:
+    """Atomically write text content, verifying sha256(content) before commit."""
+
+    got = compute_sha256_utf8(content)
+    if got != (expected_sha256 or "").strip().lower():
+        raise ValueError(f"sha256 mismatch for {path}: expected {expected_sha256}, got {got}")
+
+    _atomic_write(path, content)
+
+
+def safe_write(path: str, content: str) -> None:
+    # Backwards-compatible name; now atomic.
+    _atomic_write(path, content)
+
+
+def safe_read(path: str) -> str:
+    with open(path, "r", encoding="utf-8") as f:
+        return f.read()
+
+
+def backup_file(path: str) -> str:
+    bak = path + ".bak"
+    # Avoid overwriting an existing bak
+    i = 1
+    while os.path.exists(bak):
+        bak = f"{path}.bak{i}"
+        i += 1
+    with open(path, "rb") as src, open(bak, "wb") as dst:
+        dst.write(src.read())
+    return bak

{auto_code_fixer-0.3.5 → auto_code_fixer-0.3.7}/auto_code_fixer.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: auto-code-fixer
-Version: 0.3.5
+Version: 0.3.7
 Summary: Automatically fix Python code using ChatGPT
 Author-email: Arif Shah <ashah7775@gmail.com>
 License: MIT
@@ -87,6 +87,18 @@ pip install requests
 Before overwriting any file, it creates a backup:
 - `file.py.bak` (or `.bak1`, `.bak2`, ...)
 
+### Approval mode (diff review)
+```bash
+auto-code-fixer path/to/main.py --project-root . --approve
+```
+In patch-protocol mode, approvals are **file-by-file** (apply/skip).
+
+### Diff / size guards
+To prevent huge edits from being applied accidentally:
+- `--max-diff-lines` limits unified-diff size per file
+- `--max-file-bytes` limits the proposed new content size per file
+- `--max-total-bytes` limits total proposed new content across all files
+
 ### Dry run
 ```bash
 auto-code-fixer path/to/main.py --project-root . --dry-run
@@ -103,6 +115,16 @@ Instead of `python main.py`, run tests:
 auto-code-fixer . --project-root . --run "pytest -q" --no-ask
 ```
 
+When you use `--run`, the tool (by default) also performs a **post-apply check**:
+after copying fixes back to your project, it re-runs the same command against the real project files
+(using the sandbox venv for dependencies).
+
+You can disable that extra check with:
+
+```bash
+auto-code-fixer . --project-root . --run "pytest -q" --no-post-apply-check
+```
+
 ### Model selection
 ```bash
 export AUTO_CODE_FIXER_MODEL=gpt-4.1-mini
@@ -121,13 +143,18 @@ auto-code-fixer main.py --ai-plan
 ```
 This enables a helper that can suggest which local file to edit. It is best-effort.
 
-### Optional structured patch protocol (JSON + sha256)
+### Structured patch protocol (JSON + sha256) (default)
+By default, Auto Code Fixer uses a structured **patch protocol** where the model returns strict JSON:
+
+`{ "files": [ {"path": "...", "new_content": "...", "sha256": "..."}, ... ] }`
+
+The tool verifies the SHA-256 hash of `new_content` before applying edits.
+
+To disable this and use legacy full-text mode only:
+
 ```bash
-auto-code-fixer main.py --patch-protocol
+auto-code-fixer main.py --legacy-mode
 ```
-When enabled, the model is asked to return strict JSON with `{files:[{path,new_content,sha256}]}`.
-The tool verifies the SHA-256 hash of `new_content` before applying edits, and falls back to the
-legacy full-text mode if parsing/validation fails.
 
 ### Optional formatting / linting (best-effort)
 ```bash

{auto_code_fixer-0.3.5 → auto_code_fixer-0.3.7}/auto_code_fixer.egg-info/SOURCES.txt

@@ -2,6 +2,7 @@ LICENSE
 README.md
 pyproject.toml
 auto_code_fixer/__init__.py
+auto_code_fixer/approval.py
 auto_code_fixer/cli.py
 auto_code_fixer/command_runner.py
 auto_code_fixer/fixer.py
@@ -21,6 +22,8 @@ auto_code_fixer.egg-info/dependency_links.txt
 auto_code_fixer.egg-info/entry_points.txt
 auto_code_fixer.egg-info/requires.txt
 auto_code_fixer.egg-info/top_level.txt
+tests/test_approval_and_guards.py
+tests/test_atomic_write.py
 tests/test_fix_imported_file.py
 tests/test_internal_imports.py
 tests/test_patch_protocol.py

{auto_code_fixer-0.3.5 → auto_code_fixer-0.3.7}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "auto-code-fixer"
-version = "0.3.5"
+version = "0.3.7"
 description = "Automatically fix Python code using ChatGPT"
 readme = "README.md"
 

auto_code_fixer-0.3.7/tests/test_approval_and_guards.py

@@ -0,0 +1,55 @@
+import pytest
+
+from auto_code_fixer.approval import (
+    PlannedChange,
+    UserAbort,
+    guard_planned_changes,
+    prompt_approve_file_by_file,
+)
+
+
+def test_guard_planned_changes_rejects_big_file():
+    planned = [
+        PlannedChange(
+            abs_path="/tmp/a.py",
+            rel_path="a.py",
+            old_content="",
+            new_content="x" * 11,
+        )
+    ]
+    with pytest.raises(ValueError, match="max-file-bytes"):
+        guard_planned_changes(planned, max_file_bytes=10, max_total_bytes=100, max_diff_lines=100)
+
+
+def test_guard_planned_changes_rejects_total_bytes():
+    planned = [
+        PlannedChange("/tmp/a.py", "a.py", "", "x" * 6),
+        PlannedChange("/tmp/b.py", "b.py", "", "x" * 6),
+    ]
+    with pytest.raises(ValueError, match="max-total-bytes"):
+        guard_planned_changes(planned, max_file_bytes=100, max_total_bytes=10, max_diff_lines=100)
+
+
+def test_prompt_approve_file_by_file_apply_skip():
+    planned = [
+        PlannedChange("/tmp/a.py", "a.py", "print(1)\n", "print(2)\n"),
+        PlannedChange("/tmp/b.py", "b.py", "print(1)\n", "print(3)\n"),
+    ]
+
+    answers = iter(["y", "n"])
+
+    def _input(_prompt: str) -> str:
+        return next(answers)
+
+    chosen = prompt_approve_file_by_file(planned, input_fn=_input, print_fn=lambda *_: None)
+    assert [c.rel_path for c in chosen] == ["a.py"]
+
+
+def test_prompt_approve_file_by_file_abort():
+    planned = [PlannedChange("/tmp/a.py", "a.py", "", "x")]
+
+    def _input(_prompt: str) -> str:
+        return "q"
+
+    with pytest.raises(UserAbort):
+        prompt_approve_file_by_file(planned, input_fn=_input, print_fn=lambda *_: None)

auto_code_fixer-0.3.7/tests/test_atomic_write.py

@@ -0,0 +1,34 @@
+import os
+from pathlib import Path
+
+import pytest
+
+from auto_code_fixer.patcher import atomic_write_verified_sha256, safe_read, safe_write
+from auto_code_fixer.patch_protocol import compute_sha256_utf8
+
+
+def test_safe_write_is_atomic_and_writes_content(tmp_path: Path):
+    p = tmp_path / "a.txt"
+    safe_write(str(p), "hello")
+    assert safe_read(str(p)) == "hello"
+
+
+def test_atomic_write_verified_sha256_rejects_mismatch_and_does_not_modify(tmp_path: Path):
+    p = tmp_path / "a.txt"
+    p.write_text("old", encoding="utf-8")
+
+    with pytest.raises(ValueError, match="sha256 mismatch"):
+        atomic_write_verified_sha256(str(p), "new", expected_sha256="0" * 64)
+
+    assert p.read_text(encoding="utf-8") == "old"
+
+
+def test_atomic_write_verified_sha256_accepts_and_modifies(tmp_path: Path):
+    p = tmp_path / "a.txt"
+    p.write_text("old", encoding="utf-8")
+
+    content = "new content\n"
+    sha = compute_sha256_utf8(content)
+    atomic_write_verified_sha256(str(p), content, expected_sha256=sha)
+
+    assert p.read_text(encoding="utf-8") == content

auto_code_fixer-0.3.5/auto_code_fixer/__init__.py

@@ -1 +0,0 @@
-__version__ = "0.3.5"

auto_code_fixer-0.3.5/auto_code_fixer/patcher.py

@@ -1,31 +0,0 @@
-import os
-from dataclasses import dataclass
-
-
-@dataclass
-class FileEdit:
-    path: str
-    new_content: str
-
-
-def safe_write(path: str, content: str) -> None:
-    os.makedirs(os.path.dirname(path), exist_ok=True)
-    with open(path, "w", encoding="utf-8") as f:
-        f.write(content)
-
-
-def safe_read(path: str) -> str:
-    with open(path, "r", encoding="utf-8") as f:
-        return f.read()
-
-
-def backup_file(path: str) -> str:
-    bak = path + ".bak"
-    # Avoid overwriting an existing bak
-    i = 1
-    while os.path.exists(bak):
-        bak = f"{path}.bak{i}"
-        i += 1
-    with open(path, "rb") as src, open(bak, "wb") as dst:
-        dst.write(src.read())
-    return bak