codepp 0.0.437__py3-none-any.whl

code_puppy/plugins/universal_constructor/sandbox.py

@@ -0,0 +1,584 @@
+"""Code validation and safety checking for UC tools.
+
+This module provides utilities for validating tool code before
+execution or storage, including syntax checking, function extraction,
+and dangerous pattern detection.
+"""
+
+import ast
+import logging
+from dataclasses import dataclass, field
+from pathlib import Path
+from typing import Any, Dict, List, Optional, Set
+
+logger = logging.getLogger(__name__)
+
+# Required fields for TOOL_META
+TOOL_META_REQUIRED_FIELDS = {"name", "description"}
+
+# Imports that might indicate dangerous operations
+DANGEROUS_IMPORTS: Set[str] = {
+    # Execution/code generation
+    "subprocess",
+    "os.system",
+    "shutil.rmtree",
+    "eval",
+    "exec",
+    "compile",
+    "__import__",
+    "importlib",
+    "multiprocessing",
+    "pickle",
+    "marshal",
+    # Network access
+    "socket",
+    "urllib",
+    "http.client",
+    "requests",
+    # System access
+    "platform",
+    "ctypes",
+}
+
+# Dangerous function calls
+DANGEROUS_CALLS: Set[str] = {
+    # Code execution
+    "eval",
+    "exec",
+    "compile",
+    "__import__",
+    "import_module",
+    # Process creation
+    "system",
+    "popen",
+    "spawn",
+    "fork",
+    "execv",
+    "execve",
+    "execvp",
+    "execl",
+    "execle",
+    "execlp",
+    # Scope manipulation
+    "globals",
+    "locals",
+}
+
+# open() calls with write modes are dangerous
+DANGEROUS_OPEN_MODES = {"w", "a", "x", "wb", "ab", "xb", "w+", "a+", "r+", "rb+", "wb+"}
+
+
+@dataclass
+class FunctionInfo:
+    """Information extracted from a function definition."""
+
+    name: str
+    signature: str
+    docstring: Optional[str] = None
+    parameters: List[str] = field(default_factory=list)
+    return_annotation: Optional[str] = None
+    is_async: bool = False
+    decorators: List[str] = field(default_factory=list)
+    line_number: int = 0
+
+
+@dataclass
+class ValidationResult:
+    """Result of code validation."""
+
+    valid: bool
+    errors: List[str] = field(default_factory=list)
+    warnings: List[str] = field(default_factory=list)
+    functions: List[FunctionInfo] = field(default_factory=list)
+
+
+def validate_syntax(code: str) -> ValidationResult:
+    """Validate Python syntax.
+
+    Args:
+        code: Python source code to validate.
+
+    Returns:
+        ValidationResult with valid=True if syntax is correct,
+        or valid=False with error details.
+    """
+    result = ValidationResult(valid=True)
+
+    try:
+        ast.parse(code)
+    except SyntaxError as e:
+        result.valid = False
+        line_info = f" (line {e.lineno})" if e.lineno else ""
+        result.errors.append(f"Syntax error{line_info}: {e.msg}")
+
+    return result
+
+
+def extract_function_info(code: str) -> ValidationResult:
+    """Extract function information from Python code.
+
+    Parses the code and extracts information about all function
+    definitions including name, signature, docstring, and parameters.
+
+    Args:
+        code: Python source code.
+
+    Returns:
+        ValidationResult containing list of FunctionInfo objects.
+    """
+    result = validate_syntax(code)
+    if not result.valid:
+        return result
+
+    try:
+        tree = ast.parse(code)
+    except SyntaxError:
+        return result
+
+    for node in ast.walk(tree):
+        if isinstance(node, (ast.FunctionDef, ast.AsyncFunctionDef)):
+            func_info = _extract_single_function(node)
+            result.functions.append(func_info)
+
+    return result
+
+
+def _extract_single_function(
+    node: ast.FunctionDef | ast.AsyncFunctionDef,
+) -> FunctionInfo:
+    """Extract info from a single function AST node."""
+    # Get parameter names
+    params = []
+    for arg in node.args.args:
+        param_str = arg.arg
+        if arg.annotation:
+            param_str += f": {ast.unparse(arg.annotation)}"
+        params.append(param_str)
+
+    # Handle *args and **kwargs
+    if node.args.vararg:
+        vararg = f"*{node.args.vararg.arg}"
+        if node.args.vararg.annotation:
+            vararg += f": {ast.unparse(node.args.vararg.annotation)}"
+        params.append(vararg)
+
+    if node.args.kwarg:
+        kwarg = f"**{node.args.kwarg.arg}"
+        if node.args.kwarg.annotation:
+            kwarg += f": {ast.unparse(node.args.kwarg.annotation)}"
+        params.append(kwarg)
+
+    # Build signature string
+    signature = f"{node.name}({', '.join(params)})"
+
+    # Get return annotation
+    return_annotation = None
+    if node.returns:
+        return_annotation = ast.unparse(node.returns)
+        signature += f" -> {return_annotation}"
+
+    # Get docstring
+    docstring = ast.get_docstring(node)
+
+    # Get decorators
+    decorators = []
+    for dec in node.decorator_list:
+        decorators.append(ast.unparse(dec))
+
+    return FunctionInfo(
+        name=node.name,
+        signature=signature,
+        docstring=docstring,
+        parameters=params,
+        return_annotation=return_annotation,
+        is_async=isinstance(node, ast.AsyncFunctionDef),
+        decorators=decorators,
+        line_number=node.lineno,
+    )
+
+
+def check_dangerous_patterns(code: str) -> ValidationResult:
+    """Check for potentially dangerous patterns in code.
+
+    This is an advisory check - it warns about patterns that might
+    be dangerous but doesn't prevent tool execution. Users should
+    review warned code before trusting it.
+
+    Args:
+        code: Python source code to check.
+
+    Returns:
+        ValidationResult with warnings for dangerous patterns.
+    """
+    result = validate_syntax(code)
+    if not result.valid:
+        return result
+
+    try:
+        tree = ast.parse(code)
+    except SyntaxError:
+        return result
+
+    # Track dangerous imports
+    dangerous_found: List[str] = []
+
+    for node in ast.walk(tree):
+        # Check imports
+        if isinstance(node, ast.Import):
+            for alias in node.names:
+                if alias.name in DANGEROUS_IMPORTS:
+                    dangerous_found.append(f"import {alias.name}")
+
+        elif isinstance(node, ast.ImportFrom):
+            module = node.module or ""
+            for alias in node.names:
+                full_name = f"{module}.{alias.name}"
+                if module in DANGEROUS_IMPORTS or full_name in DANGEROUS_IMPORTS:
+                    dangerous_found.append(f"from {module} import {alias.name}")
+
+        # Check function calls
+        elif isinstance(node, ast.Call):
+            func_name = _get_call_name(node)
+            if func_name in DANGEROUS_CALLS:
+                line = getattr(node, "lineno", "?")
+                dangerous_found.append(f"{func_name}() call at line {line}")
+            # Special handling for open() - check if write mode is used
+            elif func_name == "open":
+                if _is_dangerous_open_call(node):
+                    line = getattr(node, "lineno", "?")
+                    dangerous_found.append(f"open() with write mode at line {line}")
+
+    # Add warnings for dangerous patterns
+    if dangerous_found:
+        result.warnings.append(
+            f"Potentially dangerous patterns found: {', '.join(dangerous_found)}"
+        )
+
+    return result
+
+
+def _get_call_name(node: ast.Call) -> str:
+    """Extract the function name from a Call node."""
+    if isinstance(node.func, ast.Name):
+        return node.func.id
+    elif isinstance(node.func, ast.Attribute):
+        return node.func.attr
+    return ""
+
+
+def _is_dangerous_open_call(node: ast.Call) -> bool:
+    """Check if an open() call uses a dangerous (write) mode.
+
+    Args:
+        node: AST Call node for open()
+
+    Returns:
+        True if the open call uses a write mode, False otherwise.
+    """
+    # Check positional args - mode is typically the second argument
+    if len(node.args) >= 2:
+        mode_arg = node.args[1]
+        if isinstance(mode_arg, ast.Constant) and isinstance(mode_arg.value, str):
+            return mode_arg.value in DANGEROUS_OPEN_MODES
+
+    # Check keyword arguments
+    for kw in node.keywords:
+        if kw.arg == "mode":
+            if isinstance(kw.value, ast.Constant) and isinstance(kw.value.value, str):
+                return kw.value.value in DANGEROUS_OPEN_MODES
+
+    # If no mode specified, open() defaults to "r" which is safe
+    return False
+
+
+def full_validation(code: str) -> ValidationResult:
+    """Perform full validation including syntax, function extraction, and safety.
+
+    Args:
+        code: Python source code to validate.
+
+    Returns:
+        Complete ValidationResult with all checks performed.
+    """
+    # Start with syntax validation
+    result = validate_syntax(code)
+    if not result.valid:
+        return result
+
+    # Extract function info
+    func_result = extract_function_info(code)
+    result.functions = func_result.functions
+
+    # Check dangerous patterns
+    safety_result = check_dangerous_patterns(code)
+    result.warnings.extend(safety_result.warnings)
+
+    # Additional validation: ensure there's at least one function
+    if not result.functions:
+        result.warnings.append("No functions found in code - tool may not be callable")
+
+    return result
+
+
+@dataclass
+class ToolFileValidationResult(ValidationResult):
+    """Extended validation result for tool files.
+
+    Includes TOOL_META extraction and main function validation.
+    """
+
+    tool_meta: Optional[Dict[str, Any]] = None
+    main_function: Optional[FunctionInfo] = None
+    file_path: Optional[Path] = None
+
+
+def _extract_tool_meta(code: str) -> Optional[Dict[str, Any]]:
+    """Extract TOOL_META dictionary from code.
+
+    Args:
+        code: Python source code containing TOOL_META.
+
+    Returns:
+        The TOOL_META dict if found and valid, None otherwise.
+    """
+    try:
+        tree = ast.parse(code)
+    except SyntaxError:
+        return None
+
+    for node in ast.walk(tree):
+        if isinstance(node, ast.Assign):
+            for target in node.targets:
+                if isinstance(target, ast.Name) and target.id == "TOOL_META":
+                    # Try to evaluate the dict literal
+                    if isinstance(node.value, ast.Dict):
+                        try:
+                            # Safely evaluate the dict using ast.literal_eval
+                            meta_str = ast.unparse(node.value)
+                            return ast.literal_eval(meta_str)
+                        except (ValueError, SyntaxError):
+                            return None
+    return None
+
+
+def _validate_tool_meta(meta: Dict[str, Any]) -> List[str]:
+    """Validate that TOOL_META has required fields.
+
+    Args:
+        meta: The TOOL_META dictionary to validate.
+
+    Returns:
+        List of error messages (empty if valid).
+    """
+    errors = []
+    for field_name in TOOL_META_REQUIRED_FIELDS:
+        if field_name not in meta:
+            errors.append(f"TOOL_META missing required field: '{field_name}'")
+        elif not meta[field_name]:
+            errors.append(f"TOOL_META field '{field_name}' cannot be empty")
+    return errors
+
+
+def _find_main_function(
+    functions: List[FunctionInfo], tool_name: str
+) -> Optional[FunctionInfo]:
+    """Find the main function for a tool.
+
+    The main function is expected to have the same name as the tool.
+
+    Args:
+        functions: List of functions found in the code.
+        tool_name: Expected name of the main function.
+
+    Returns:
+        The main FunctionInfo if found, None otherwise.
+    """
+    for func in functions:
+        if func.name == tool_name:
+            return func
+    return None
+
+
+def validate_tool_file(file_path: Path) -> ToolFileValidationResult:
+    """Validate a tool file including TOOL_META and main function.
+
+    This function performs comprehensive validation:
+    1. Reads the file content
+    2. Validates Python syntax
+    3. Extracts and validates TOOL_META dict
+    4. Extracts and validates the main function
+    5. Checks for dangerous patterns
+
+    Args:
+        file_path: Path to the tool file to validate.
+
+    Returns:
+        ToolFileValidationResult with all validation details.
+    """
+    result = ToolFileValidationResult(valid=True, file_path=file_path)
+
+    # Check file exists
+    if not file_path.exists():
+        result.valid = False
+        result.errors.append(f"File not found: {file_path}")
+        return result
+
+    if not file_path.is_file():
+        result.valid = False
+        result.errors.append(f"Path is not a file: {file_path}")
+        return result
+
+    # Read file content
+    try:
+        code = file_path.read_text(encoding="utf-8")
+    except Exception as e:
+        result.valid = False
+        result.errors.append(f"Failed to read file: {e}")
+        return result
+
+    # Validate syntax
+    syntax_result = validate_syntax(code)
+    if not syntax_result.valid:
+        result.valid = False
+        result.errors.extend(syntax_result.errors)
+        return result
+
+    # Extract TOOL_META
+    meta = _extract_tool_meta(code)
+    if meta is None:
+        result.valid = False
+        result.errors.append("TOOL_META not found or invalid in file")
+        return result
+
+    result.tool_meta = meta
+
+    # Validate TOOL_META has required fields
+    meta_errors = _validate_tool_meta(meta)
+    if meta_errors:
+        result.valid = False
+        result.errors.extend(meta_errors)
+        return result
+
+    # Extract functions
+    func_result = extract_function_info(code)
+    result.functions = func_result.functions
+
+    # Find main function (should match tool name)
+    tool_name = meta.get("name", "")
+    main_func = _find_main_function(result.functions, tool_name)
+    if main_func is None:
+        result.warnings.append(
+            f"No function named '{tool_name}' found - "
+            f"tool may not be callable as expected"
+        )
+    else:
+        result.main_function = main_func
+
+    # Check dangerous patterns
+    safety_result = check_dangerous_patterns(code)
+    result.warnings.extend(safety_result.warnings)
+
+    return result
+
+
+def _validate_safe_path(file_path: Path, safe_root: Path) -> bool:
+    """Validate that file_path is contained within safe_root.
+
+    Args:
+        file_path: The path to validate.
+        safe_root: The root directory that file_path must be within.
+
+    Returns:
+        True if file_path is safely within safe_root, False otherwise.
+    """
+    try:
+        # Resolve both paths to absolute paths
+        resolved_path = file_path.resolve()
+        resolved_root = safe_root.resolve()
+        # Check if the resolved path is relative to the root
+        resolved_path.relative_to(resolved_root)
+        return True
+    except ValueError:
+        return False
+
+
+def validate_and_write_tool(
+    code: str, file_path: Path, safe_root: Optional[Path] = None
+) -> ToolFileValidationResult:
+    """Validate code and write to file only if valid.
+
+    This function performs full validation before writing,
+    ensuring only valid tool code is persisted to disk.
+
+    Args:
+        code: Python source code for the tool.
+        file_path: Path where the tool file should be written.
+        safe_root: Optional root directory to validate against. Defaults to USER_UC_DIR.
+            Pass the parent directory of file_path to skip validation (for testing).
+
+    Returns:
+        ToolFileValidationResult indicating success/failure.
+        If valid, the file will be written to file_path.
+    """
+    from . import USER_UC_DIR
+
+    result = ToolFileValidationResult(valid=True, file_path=file_path)
+
+    # Validate path is within safe root directory (prevent path traversal)
+    root_to_check = safe_root if safe_root is not None else USER_UC_DIR
+    if not _validate_safe_path(file_path, root_to_check):
+        result.valid = False
+        result.errors.append(f"Unsafe file path: must be within {root_to_check}")
+        return result
+    syntax_result = validate_syntax(code)
+    if not syntax_result.valid:
+        result.valid = False
+        result.errors.extend(syntax_result.errors)
+        return result
+
+    # Extract and validate TOOL_META
+    meta = _extract_tool_meta(code)
+    if meta is None:
+        result.valid = False
+        result.errors.append("TOOL_META not found or invalid in code")
+        return result
+
+    result.tool_meta = meta
+
+    # Validate TOOL_META has required fields
+    meta_errors = _validate_tool_meta(meta)
+    if meta_errors:
+        result.valid = False
+        result.errors.extend(meta_errors)
+        return result
+
+    # Extract functions
+    func_result = extract_function_info(code)
+    result.functions = func_result.functions
+
+    # Find main function
+    tool_name = meta.get("name", "")
+    main_func = _find_main_function(result.functions, tool_name)
+    if main_func is None:
+        result.warnings.append(
+            f"No function named '{tool_name}' found - "
+            f"tool may not be callable as expected"
+        )
+    else:
+        result.main_function = main_func
+
+    # Check dangerous patterns (warnings only, don't fail)
+    safety_result = check_dangerous_patterns(code)
+    result.warnings.extend(safety_result.warnings)
+
+    # If we got here, validation passed - write the file
+    try:
+        # Ensure parent directory exists
+        file_path.parent.mkdir(parents=True, exist_ok=True)
+        file_path.write_text(code, encoding="utf-8")
+    except Exception as e:
+        result.valid = False
+        result.errors.append(f"Failed to write file: {e}")
+        return result
+
+    return result

code_puppy/prompts/antigravity_system_prompt.md

@@ -0,0 +1 @@
+<identity>\nYou are Antigravity, a powerful agentic AI coding assistant designed by the Google Deepmind team working on Advanced Agentic Coding.\nYou are pair programming with a USER to solve their coding task. The task may require creating a new codebase, modifying or debugging an existing codebase, or simply answering a question.\nThe USER will send you requests, which you must always prioritize addressing. Along with each USER request, we will attach additional metadata about their current state, such as what files they have open and where their cursor is.\nThis information may or may not be relevant to the coding task, it is up for you to decide.\n</identity>\n\n<tool_calling>\nCall tools as you normally would. The following list provides additional guidance to help you avoid errors:\n  - **Absolute paths only**. When using tools that accept file path arguments, ALWAYS use the absolute file path.\n</tool_calling>\n\n<web_application_development>\n## Technology Stack,\nYour web applications should be built using the following technologies:,\n1. **Core**: Use HTML for structure and Javascript for logic.\n2. **Styling (CSS)**: Use Vanilla CSS for maximum flexibility and control. Avoid using TailwindCSS unless the USER explicitly requests it; in this case, first confirm which TailwindCSS version to use.\n3. **Web App**: If the USER specifies that they want a more complex web app, use a framework like Next.js or Vite. Only do this if the USER explicitly requests a web app.\n4. **New Project Creation**: If you need to use a framework for a new app, use `npx` with the appropriate script, but there are some rules to follow:,\n   - Use `npx -y` to automatically install the script and its dependencies\n   - You MUST run the command with `--help` flag to see all available options first, \n   - Initialize the app in the current directory with `./` (example: `npx -y create-vite-app@latest ./`),\n   - You should run in non-interactive mode so that the user doesn't need to input anything,\n5. **Running Locally**: When running locally, use `npm run dev` or equivalent dev server. Only build the production bundle if the USER explicitly requests it or you are validating the code for correctness.\n\n# Design Aesthetics,\n1. **Use Rich Aesthetics**: The USER should be wowed at first glance by the design. Use best practices in modern web design (e.g. vibrant colors, dark modes, glassmorphism, and dynamic animations) to create a stunning first impression. Failure to do this is UNACCEPTABLE.\n2. **Prioritize Visual Excellence**: Implement designs that will WOW the user and feel extremely premium:\n\t\t- Avoid generic colors (plain red, blue, green). Use curated, harmonious color palettes (e.g., HSL tailored colors, sleek dark modes).\n   - Using modern typography (e.g., from Google Fonts like Inter, Roboto, or Outfit) instead of browser defaults.\n\t\t- Use smooth gradients,\n\t\t- Add subtle micro-animations for enhanced user experience,\n3. **Use a Dynamic Design**: An interface that feels responsive and alive encourages interaction. Achieve this with hover effects and interactive elements. Micro-animations, in particular, are highly effective for improving user engagement.\n4. **Premium Designs**. Make a design that feels premium and state of the art. Avoid creating simple minimum viable products.\n4. **Don't use placeholders**. If you need an image, use your generate_image tool to create a working demonstration.,\n\n## Implementation Workflow,\nFollow this systematic approach when building web applications:,\n1. **Plan and Understand**:,\n\t\t- Fully understand the user's requirements,\n\t\t- Draw inspiration from modern, beautiful, and dynamic web designs,\n\t\t- Outline the features needed for the initial version,\n2. **Build the Foundation**:,\n\t\t- Start by creating/modifying `index.css`,\n\t\t- Implement the core design system with all tokens and utilities,\n3. **Create Components**:,\n\t\t- Build necessary components using your design system,\n\t\t- Ensure all components use predefined styles, not ad-hoc utilities,\n\t\t- Keep components focused and reusable,\n4. **Assemble Pages**:,\n\t\t- Update the main application to incorporate your design and components,\n\t\t- Ensure proper routing and navigation,\n\t\t- Implement responsive layouts,\n5. **Polish and Optimize**:,\n\t\t- Review the overall user experience,\n\t\t- Ensure smooth interactions and transitions,\n\t\t- Optimize performance where needed,\n\n## SEO Best Practices,\nAutomatically implement SEO best practices on every page:,\n- **Title Tags**: Include proper, descriptive title tags for each page,\n- **Meta Descriptions**: Add compelling meta descriptions that accurately summarize page content,\n- **Heading Structure**: Use a single `<h1>` per page with proper heading hierarchy,\n- **Semantic HTML**: Use appropriate HTML5 semantic elements,\n- **Unique IDs**: Ensure all interactive elements have unique, descriptive IDs for browser testing,\n- **Performance**: Ensure fast page load times through optimization,\nCRITICAL REMINDER: AESTHETICS ARE VERY IMPORTANT. If your web app looks simple and basic then you have FAILED!\n</web_application_development>\n<ephemeral_message>\nThere will be an <EPHEMERAL_MESSAGE> appearing in the conversation at times. This is not coming from the user, but instead injected by the system as important information to pay attention to. \nDo not respond to nor acknowledge those messages, but do follow them strictly.\n</ephemeral_message>\n\n\n<communication_style>\n- **Formatting**. Format your responses in github-style markdown to make your responses easier for the USER to parse. For example, use headers to organize your responses and bolded or italicized text to highlight important keywords. Use backticks to format file, directory, function, and class names. If providing a URL to the user, format this in markdown as well, for example `[label](example.com)`.\n- **Proactiveness**. As an agent, you are allowed to be proactive, but only in the course of completing the user's task. For example, if the user asks you to add a new component, you can edit the code, verify build and test statuses, and take any other obvious follow-up actions, such as performing additional research. However, avoid surprising the user. For example, if the user asks HOW to approach something, you should answer their question and instead of jumping into editing a file.\n- **Helpfulness**. Respond like a helpful software engineer who is explaining your work to a friendly collaborator on the project. Acknowledge mistakes or any backtracking you do as a result of new information.\n- **Ask for clarification**. If you are unsure about the USER's intent, always ask for clarification rather than making assumptions.\n</communication_style>