codex-autorunner 1.2.1__py3-none-any.whl → 1.3.0__py3-none-any.whl

codex_autorunner/core/pma_safety.py

@@ -141,6 +141,45 @@ class PmaSafetyChecker:
 
         return SafetyCheckResult(allowed=True)
 
+    def check_reactive_turn(self, *, key: str = "reactive") -> SafetyCheckResult:
+        if self._is_circuit_breaker_active():
+            return SafetyCheckResult(
+                allowed=False,
+                reason="circuit_breaker_active",
+                details={
+                    "cooldown_remaining_seconds": (
+                        int(
+                            self._circuit_breaker_until
+                            - datetime.now(timezone.utc).timestamp()
+                        )
+                        if self._circuit_breaker_until
+                        else 0
+                    )
+                },
+            )
+
+        if self._config.enable_rate_limit:
+            now = datetime.now(timezone.utc).timestamp()
+            self._action_timestamps[key] = [
+                ts
+                for ts in self._action_timestamps[key]
+                if now - ts < self._config.rate_limit_window_seconds
+            ]
+            if len(self._action_timestamps[key]) >= self._config.max_actions_per_window:
+                return SafetyCheckResult(
+                    allowed=False,
+                    reason="rate_limit_exceeded",
+                    details={
+                        "key": key,
+                        "count": len(self._action_timestamps[key]),
+                        "max_allowed": self._config.max_actions_per_window,
+                        "window_seconds": self._config.rate_limit_window_seconds,
+                    },
+                )
+            self._action_timestamps[key].append(now)
+
+        return SafetyCheckResult(allowed=True)
+
     def record_chat_result(
         self,
         agent: str,
@@ -159,6 +198,25 @@ class PmaSafetyChecker:
             key = f"chat:{agent}"
             self._failure_counts[key] = 0
 
+    def record_reactive_result(
+        self,
+        *,
+        status: str,
+        error: Optional[str] = None,
+        key: str = "reactive",
+    ) -> None:
+        if (
+            status in ("error", "failed", "interrupted")
+            and self._config.enable_circuit_breaker
+        ):
+            self._failure_counts[key] += 1
+            if self._failure_counts[key] >= self._config.circuit_breaker_threshold:
+                self._activate_circuit_breaker()
+                if error:
+                    logger.warning("PMA reactive circuit breaker error: %s", error)
+        else:
+            self._failure_counts[key] = 0
+
     def record_action(
         self,
         action_type: PmaActionType,

codex_autorunner/core/pma_sink.py

@@ -0,0 +1,104 @@
+from __future__ import annotations
+
+import json
+import logging
+from pathlib import Path
+from typing import Any, Optional
+
+from .locks import file_lock
+from .time_utils import now_iso
+from .utils import atomic_write
+
+PMA_ACTIVE_SINK_FILENAME = "active_sink.json"
+
+logger = logging.getLogger(__name__)
+
+
+class PmaActiveSinkStore:
+    def __init__(self, hub_root: Path) -> None:
+        self._path = hub_root / ".codex-autorunner" / "pma" / PMA_ACTIVE_SINK_FILENAME
+
+    def _lock_path(self) -> Path:
+        return self._path.with_suffix(self._path.suffix + ".lock")
+
+    def load(self) -> Optional[dict[str, Any]]:
+        with file_lock(self._lock_path()):
+            return self._load_unlocked()
+
+    def set_web(self) -> dict[str, Any]:
+        payload = {
+            "version": 1,
+            "kind": "web",
+            "updated_at": now_iso(),
+            "last_delivery_turn_id": None,
+        }
+        with file_lock(self._lock_path()):
+            self._save_unlocked(payload)
+        return payload
+
+    def set_telegram(
+        self,
+        *,
+        chat_id: int,
+        thread_id: Optional[int],
+        topic_key: Optional[str] = None,
+    ) -> dict[str, Any]:
+        payload: dict[str, Any] = {
+            "version": 1,
+            "kind": "telegram",
+            "chat_id": int(chat_id),
+            "thread_id": int(thread_id) if thread_id is not None else None,
+            "updated_at": now_iso(),
+            "last_delivery_turn_id": None,
+        }
+        if topic_key:
+            payload["topic_key"] = topic_key
+        with file_lock(self._lock_path()):
+            self._save_unlocked(payload)
+        return payload
+
+    def clear(self) -> None:
+        with file_lock(self._lock_path()):
+            try:
+                self._path.unlink()
+            except FileNotFoundError:
+                return
+            except OSError as exc:
+                logger.warning("Failed to clear PMA active sink: %s", exc)
+
+    def mark_delivered(self, turn_id: str) -> bool:
+        if not isinstance(turn_id, str) or not turn_id:
+            return False
+        with file_lock(self._lock_path()):
+            payload = self._load_unlocked()
+            if not isinstance(payload, dict):
+                return False
+            if payload.get("last_delivery_turn_id") == turn_id:
+                return False
+            payload["last_delivery_turn_id"] = turn_id
+            payload["updated_at"] = now_iso()
+            self._save_unlocked(payload)
+        return True
+
+    def _load_unlocked(self) -> Optional[dict[str, Any]]:
+        if not self._path.exists():
+            return None
+        try:
+            raw = self._path.read_text(encoding="utf-8")
+        except OSError as exc:
+            logger.warning("Failed to read PMA active sink: %s", exc)
+            return None
+        try:
+            payload = json.loads(raw)
+        except json.JSONDecodeError:
+            return None
+        if not isinstance(payload, dict):
+            return None
+        return payload
+
+    def _save_unlocked(self, payload: dict[str, Any]) -> None:
+        self._path.parent.mkdir(parents=True, exist_ok=True)
+        atomic_write(self._path, json.dumps(payload, indent=2) + "\n")
+
+
+__all__ = ["PmaActiveSinkStore", "PMA_ACTIVE_SINK_FILENAME"]

codex_autorunner/core/pma_transcripts.py

@@ -0,0 +1,183 @@
+from __future__ import annotations
+
+import json
+import logging
+import re
+from dataclasses import dataclass
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Any, Optional
+
+from .time_utils import now_iso
+from .utils import atomic_write
+
+logger = logging.getLogger(__name__)
+
+PMA_TRANSCRIPTS_DIRNAME = "transcripts"
+PMA_TRANSCRIPT_VERSION = 1
+PMA_TRANSCRIPT_PREVIEW_CHARS = 400
+
+
+def default_pma_transcripts_dir(hub_root: Path) -> Path:
+    return hub_root / ".codex-autorunner" / "pma" / PMA_TRANSCRIPTS_DIRNAME
+
+
+def _safe_segment(value: str) -> str:
+    cleaned = re.sub(r"[^A-Za-z0-9._-]+", "-", (value or "").strip())
+    cleaned = cleaned.strip("-._")
+    if not cleaned:
+        return "unknown"
+    return cleaned[:120]
+
+
+def _stamp_now() -> str:
+    return datetime.now(timezone.utc).strftime("%Y%m%dT%H%M%SZ")
+
+
+def _read_preview(path: Path) -> str:
+    if not path.exists():
+        return ""
+    try:
+        with open(path, "r", encoding="utf-8") as handle:
+            text = handle.read(PMA_TRANSCRIPT_PREVIEW_CHARS + 1)
+    except OSError as exc:
+        logger.warning("Failed to read PMA transcript content at %s: %s", path, exc)
+        return ""
+    text = text.strip()
+    if len(text) <= PMA_TRANSCRIPT_PREVIEW_CHARS:
+        return text
+    return text[:PMA_TRANSCRIPT_PREVIEW_CHARS].rstrip() + "..."
+
+
+@dataclass(frozen=True)
+class PmaTranscriptPointer:
+    turn_id: str
+    metadata_path: str
+    content_path: str
+    created_at: str
+
+
+class PmaTranscriptStore:
+    def __init__(self, hub_root: Path) -> None:
+        self._root = hub_root
+        self._dir = default_pma_transcripts_dir(hub_root)
+
+    @property
+    def dir(self) -> Path:
+        return self._dir
+
+    def write_transcript(
+        self,
+        *,
+        turn_id: str,
+        metadata: dict[str, Any],
+        assistant_text: str,
+    ) -> PmaTranscriptPointer:
+        safe_turn_id = _safe_segment(turn_id)
+        stamp = _stamp_now()
+        base = f"{stamp}_{safe_turn_id}"
+        json_path = self._dir / f"{base}.json"
+        md_path = self._dir / f"{base}.md"
+
+        payload = dict(metadata)
+        payload.setdefault("version", PMA_TRANSCRIPT_VERSION)
+        payload.setdefault("turn_id", turn_id)
+        payload.setdefault("created_at", now_iso())
+        payload["metadata_path"] = str(json_path)
+        payload["content_path"] = str(md_path)
+        payload["assistant_text_chars"] = len(assistant_text or "")
+
+        self._dir.mkdir(parents=True, exist_ok=True)
+        atomic_write(md_path, (assistant_text or "") + "\n")
+        atomic_write(json_path, json.dumps(payload, indent=2) + "\n")
+
+        return PmaTranscriptPointer(
+            turn_id=turn_id,
+            metadata_path=str(json_path),
+            content_path=str(md_path),
+            created_at=payload["created_at"],
+        )
+
+    def list_recent(self, *, limit: int = 50) -> list[dict[str, Any]]:
+        if limit <= 0:
+            return []
+        if not self._dir.exists():
+            return []
+        entries: list[dict[str, Any]] = []
+        for path in sorted(self._dir.glob("*.json"), reverse=True):
+            try:
+                raw = path.read_text(encoding="utf-8")
+                data = json.loads(raw)
+            except (OSError, json.JSONDecodeError) as exc:
+                logger.warning(
+                    "Failed to read PMA transcript metadata at %s: %s", path, exc
+                )
+                continue
+            if not isinstance(data, dict):
+                continue
+            content_path = Path(str(data.get("content_path") or ""))
+            if not content_path.is_absolute():
+                content_path = (path.parent / content_path).resolve()
+            data = dict(data)
+            data["preview"] = _read_preview(content_path)
+            entries.append(data)
+            if len(entries) >= limit:
+                break
+        return entries
+
+    def read_transcript(self, turn_id: str) -> Optional[dict[str, Any]]:
+        match = self._find_metadata(turn_id)
+        if not match:
+            return None
+        meta, meta_path = match
+        content_path = Path(str(meta.get("content_path") or ""))
+        if not content_path.is_absolute():
+            content_path = (meta_path.parent / content_path).resolve()
+        try:
+            content = content_path.read_text(encoding="utf-8")
+        except OSError as exc:
+            logger.warning(
+                "Failed to read PMA transcript content at %s: %s", content_path, exc
+            )
+            content = ""
+        return {"metadata": meta, "content": content}
+
+    def _find_metadata(self, turn_id: str) -> Optional[tuple[dict[str, Any], Path]]:
+        if not self._dir.exists():
+            return None
+        safe_turn_id = _safe_segment(turn_id)
+        candidates = sorted(self._dir.glob(f"*_{safe_turn_id}.json"), reverse=True)
+        for path in candidates:
+            meta = self._read_metadata(path)
+            if meta and str(meta.get("turn_id")) == turn_id:
+                return meta, path
+        if candidates:
+            meta = self._read_metadata(candidates[0])
+            if meta:
+                return meta, candidates[0]
+        for path in sorted(self._dir.glob("*.json"), reverse=True):
+            meta = self._read_metadata(path)
+            if meta and str(meta.get("turn_id")) == turn_id:
+                return meta, path
+        return None
+
+    def _read_metadata(self, path: Path) -> Optional[dict[str, Any]]:
+        try:
+            raw = path.read_text(encoding="utf-8")
+            data = json.loads(raw)
+        except (OSError, json.JSONDecodeError) as exc:
+            logger.warning(
+                "Failed to read PMA transcript metadata at %s: %s", path, exc
+            )
+            return None
+        return data if isinstance(data, dict) else None
+
+
+__all__ = [
+    "PMA_TRANSCRIPTS_DIRNAME",
+    "PMA_TRANSCRIPT_PREVIEW_CHARS",
+    "PMA_TRANSCRIPT_VERSION",
+    "PmaTranscriptPointer",
+    "PmaTranscriptStore",
+    "default_pma_transcripts_dir",
+]

codex_autorunner/core/safe_paths.py

@@ -0,0 +1,117 @@
+"""Safe path validation utilities for web endpoints.
+
+This module provides utilities for validating user-controlled paths to prevent
+directory traversal attacks and other path-based security issues.
+"""
+
+from pathlib import PurePosixPath
+from typing import Optional
+
+
+class SafePathError(Exception):
+    """Raised when a path fails safety validation."""
+
+    def __init__(self, message: str, path: Optional[str] = None) -> None:
+        super().__init__(message)
+        self.path = path
+
+
+def validate_relative_posix_path(raw: str) -> PurePosixPath:
+    """Validate a user-provided path string and return a PurePosixPath.
+
+    This function validates that:
+    1. The path is not absolute
+    2. The path does not contain '..' segments (parent directory traversal)
+    3. The path does not contain backslashes (Windows separators)
+    4. The path is not empty, '.', or only slashes
+
+    Args:
+        raw: The user-provided path string (typically from a URL path parameter)
+
+    Returns:
+        A validated PurePosixPath object
+
+    Raises:
+        SafePathError: If the path fails validation
+
+    Examples:
+        >>> validate_relative_posix_path("file.txt")
+        PurePosixPath('file.txt')
+
+        >>> validate_relative_posix_path("a/b/c.txt")
+        PurePosixPath('a/b/c.txt')
+
+        >>> validate_relative_posix_path("../etc/passwd")
+        SafePathError: Invalid path: '..' not allowed
+
+        >>> validate_relative_posix_path("/etc/passwd")
+        SafePathError: Absolute paths not allowed
+    """
+    if not raw or raw.strip() == "" or raw == ".":
+        raise SafePathError("Invalid path: empty or '.'", path=raw)
+
+    # Reject backslashes early (Windows separators)
+    if "\\" in raw:
+        raise SafePathError("Invalid path: backslashes not allowed", path=raw)
+
+    # Reject '..' in the raw path before PurePosixPath normalizes it
+    # We need to check the raw string because PurePosixPath("a/../b")
+    # normalizes to "b", which would bypass the later parts check
+    if ".." in raw:
+        raise SafePathError("Invalid path: '..' not allowed", path=raw)
+
+    # Parse with PurePosixPath to ensure POSIX semantics
+    try:
+        file_rel = PurePosixPath(raw)
+    except Exception as exc:
+        raise SafePathError(f"Invalid path: {exc}", path=raw) from exc
+
+    # Reject absolute paths
+    if file_rel.is_absolute():
+        raise SafePathError("Absolute paths not allowed", path=raw)
+
+    # Double-check '..' traversal segments after parsing (for edge cases)
+    if ".." in file_rel.parts:
+        raise SafePathError("Invalid path: '..' not allowed", path=raw)
+
+    return file_rel
+
+
+def validate_single_filename(raw: str) -> str:
+    """Validate that a path string represents only a single filename (no subpaths).
+
+    This is a stricter version of validate_relative_posix_path that only allows
+    a single filename component, not subdirectories.
+
+    Args:
+        raw: The user-provided path string
+
+    Returns:
+        The validated filename
+
+    Raises:
+        SafePathError: If the path contains slashes or is otherwise invalid
+
+    Examples:
+        >>> validate_single_filename("file.txt")
+        'file.txt'
+
+        >>> validate_single_filename("a/b.txt")
+        SafePathError: Subpaths not allowed: only single filenames permitted
+
+        >>> validate_single_filename("../etc/passwd")
+        SafePathError: Subpaths not allowed: only single filenames permitted
+    """
+    file_rel = validate_relative_posix_path(raw)
+
+    # Ensure only a single component (no subpaths)
+    if len(file_rel.parts) != 1:
+        raise SafePathError(
+            "Subpaths not allowed: only single filenames permitted", path=raw
+        )
+
+    # Return the string representation of the filename
+    return str(file_rel)
+
+
+__all__ = ["SafePathError", "validate_relative_posix_path", "validate_single_filename"]

codex_autorunner/housekeeping.py

@@ -8,6 +8,8 @@ from collections import deque
 from pathlib import Path
 from typing import Any, Iterable, Optional, Protocol, cast
 
+_MAX_ERROR_SAMPLES = 5
+
 
 @dataclasses.dataclass(frozen=True)
 class HousekeepingRule:
@@ -42,6 +44,7 @@ class HousekeepingRuleResult:
     deleted_bytes: int = 0
     truncated_bytes: int = 0
     errors: int = 0
+    error_samples: list[str] = dataclasses.field(default_factory=list)
     duration_ms: int = 0
 
 
@@ -136,21 +139,26 @@ def run_housekeeping_once(
             continue
         results.append(result)
         if logger is not None:
+            log_fields: dict[str, Any] = {
+                "name": result.name,
+                "kind": result.kind,
+                "scanned_count": result.scanned_count,
+                "eligible_count": result.eligible_count,
+                "deleted_count": result.deleted_count,
+                "deleted_bytes": result.deleted_bytes,
+                "truncated_bytes": result.truncated_bytes,
+                "errors": result.errors,
+                "duration_ms": result.duration_ms,
+                "dry_run": config.dry_run,
+                "root": str(root),
+            }
+            if result.errors > 0 and result.error_samples:
+                log_fields["error_samples"] = result.error_samples
             _log_event(
                 logger,
                 logging.INFO,
                 "housekeeping.rule",
-                name=result.name,
-                kind=result.kind,
-                scanned_count=result.scanned_count,
-                eligible_count=result.eligible_count,
-                deleted_count=result.deleted_count,
-                deleted_bytes=result.deleted_bytes,
-                truncated_bytes=result.truncated_bytes,
-                errors=result.errors,
-                duration_ms=result.duration_ms,
-                dry_run=config.dry_run,
-                root=str(root),
+                **log_fields,
             )
     if logger is not None:
         _log_event(
@@ -174,7 +182,7 @@ def _apply_directory_rule(
         return result
     now = time.time()
     min_age = max(config.min_file_age_seconds, 0)
-    files = _collect_files(base, rule)
+    files = _collect_files(base, rule, result)
     result.scanned_count = len(files)
     if not files:
         result.duration_ms = int((time.monotonic() - start) * 1000)
@@ -192,8 +200,9 @@ def _apply_directory_rule(
         if not config.dry_run:
             try:
                 entry.path.unlink()
-            except OSError:
+            except OSError as e:
                 errors += 1
+                _add_error_sample(result, "unlink", entry.path, e)
                 return
         deleted.add(entry.path)
         deleted_bytes += entry.size
@@ -254,8 +263,9 @@ def _apply_file_rule(
         return result
     try:
         stat = path.stat()
-    except OSError:
+    except OSError as e:
         result.errors = 1
+        _add_error_sample(result, "stat", path, e)
         return result
     if not path.is_file():
         return result
@@ -271,6 +281,7 @@ def _apply_file_rule(
             path,
             rule.max_lines,
             dry_run=config.dry_run,
+            result=result,
         )
         result.truncated_bytes += truncated
     if rule.max_bytes is not None:
@@ -278,13 +289,16 @@ def _apply_file_rule(
             path,
             rule.max_bytes,
             dry_run=config.dry_run,
+            result=result,
         )
         result.truncated_bytes += truncated
     result.duration_ms = int((time.monotonic() - start) * 1000)
     return result
 
 
-def _collect_files(base: Path, rule: HousekeepingRule) -> list[_FileInfo]:
+def _collect_files(
+    base: Path, rule: HousekeepingRule, result: Optional[HousekeepingRuleResult] = None
+) -> list[_FileInfo]:
     results: list[_FileInfo] = []
     glob_pattern = rule.glob or "*"
     iterator = base.rglob(glob_pattern) if rule.recursive else base.glob(glob_pattern)
@@ -293,7 +307,9 @@ def _collect_files(base: Path, rule: HousekeepingRule) -> list[_FileInfo]:
             if not path.is_file():
                 continue
             stat = path.stat()
-        except OSError:
+        except OSError as e:
+            if result is not None:
+                _add_error_sample(result, "stat", path, e)
             continue
         results.append(_FileInfo(path=path, size=stat.st_size, mtime=stat.st_mtime))
     return results
@@ -310,12 +326,21 @@ def _is_absolute_path(path: str) -> bool:
     return Path(path).expanduser().is_absolute()
 
 
-def _truncate_bytes(path: Path, max_bytes: int, *, dry_run: bool) -> int:
+def _truncate_bytes(
+    path: Path,
+    max_bytes: int,
+    *,
+    dry_run: bool,
+    result: Optional[HousekeepingRuleResult] = None,
+) -> int:
     if max_bytes <= 0:
         return 0
     try:
         size = path.stat().st_size
-    except OSError:
+    except OSError as e:
+        if result is not None:
+            result.errors += 1
+            _add_error_sample(result, "truncate_bytes", path, e)
         return 0
     if size <= max_bytes:
         return 0
@@ -328,23 +353,38 @@ def _truncate_bytes(path: Path, max_bytes: int, *, dry_run: bool) -> int:
             payload = handle.read()
         _atomic_write_bytes(path, payload)
         return truncated
-    except OSError:
+    except OSError as e:
+        if result is not None:
+            result.errors += 1
+            _add_error_sample(result, "truncate_bytes", path, e)
         return 0
 
 
-def _truncate_lines(path: Path, max_lines: int, *, dry_run: bool) -> int:
+def _truncate_lines(
+    path: Path,
+    max_lines: int,
+    *,
+    dry_run: bool,
+    result: Optional[HousekeepingRuleResult] = None,
+) -> int:
     if max_lines <= 0:
         return 0
     try:
         size = path.stat().st_size
-    except OSError:
+    except OSError as e:
+        if result is not None:
+            result.errors += 1
+            _add_error_sample(result, "truncate_lines", path, e)
         return 0
     lines: deque[bytes] = deque(maxlen=max_lines)
     try:
         with path.open("rb") as handle:
             for line in handle:
                 lines.append(line)
-    except OSError:
+    except OSError as e:
+        if result is not None:
+            result.errors += 1
+            _add_error_sample(result, "truncate_lines", path, e)
         return 0
     payload = b"".join(lines)
     if len(payload) >= size:
@@ -353,7 +393,10 @@ def _truncate_lines(path: Path, max_lines: int, *, dry_run: bool) -> int:
         return size - len(payload)
     try:
         _atomic_write_bytes(path, payload)
-    except OSError:
+    except OSError as e:
+        if result is not None:
+            result.errors += 1
+            _add_error_sample(result, "truncate_lines", path, e)
         return 0
     return size - len(payload)
 
@@ -379,6 +422,17 @@ def _prune_empty_dirs(base: Path) -> None:
                 continue
 
 
+def _add_error_sample(
+    result: HousekeepingRuleResult, operation: str, path: Path, exc: OSError
+) -> None:
+    if len(result.error_samples) >= _MAX_ERROR_SAMPLES:
+        return
+    exc_info = f"{type(exc).__name__}"
+    if exc.strerror:
+        exc_info += f": {exc.strerror}"
+    result.error_samples.append(f"{operation} {path}: {exc_info}")
+
+
 def _int_or_none(value: object) -> Optional[int]:
     if value is None:
         return None