costwright 0.2.2__tar.gz → 0.2.3__tar.gz

{costwright-0.2.2 → costwright-0.2.3}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: costwright
-Version: 0.2.2
+Version: 0.2.3
 Summary: Static budget certificates for LLM-agent workflows (LangGraph / CrewAI / OpenAI Agents SDK). Backed by a machine-checked (Lean 4) cost-soundness theorem.
 Author: Hernán Inverso
 License: Apache-2.0

{costwright-0.2.2 → costwright-0.2.3}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "costwright"
-version = "0.2.2"
+version = "0.2.3"
 description = "Static budget certificates for LLM-agent workflows (LangGraph / CrewAI / OpenAI Agents SDK). Backed by a machine-checked (Lean 4) cost-soundness theorem."
 readme = "README.md"
 requires-python = ">=3.10"

costwright-0.2.3/src/costwright/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.2.3"

{costwright-0.2.2 → costwright-0.2.3}/src/costwright/caps.py

@@ -76,6 +76,11 @@ def scan_file(path: Path):
         model_val = next((k.value.value for k in node.keywords
                           if k.arg == "model" and isinstance(k.value, ast.Constant)
                           and isinstance(k.value.value, str)), "")
+        # the model can also be the FIRST POSITIONAL arg — `ChatOpenAI("gpt-5")` (codex/Cursor r76); otherwise
+        # a reasoning model passed positionally would escape the reasoning detection below.
+        if not model_val and node.args and isinstance(node.args[0], ast.Constant) \
+                and isinstance(node.args[0].value, str):
+            model_val = node.args[0].value
         reasoning = any(model_val.startswith(p) for p in
                         ("o1", "o3", "o4", "gpt-5")) if model_val else False
         # SOLO Chat-API constructors (audit-3 R2 gpt-5.5): el constructor `OpenAI` es
@@ -134,30 +139,38 @@ def scan_file(path: Path):
 
 
 def make_patch(path: Path, src: str, findings, cap_value: int) -> str:
-    """Unified diff que agrega `kwarg=cap_value` a cada constructor sin cap.
-    Edición textual mínima: insertar el kwarg tras el paréntesis de apertura del call.
-    NUNCA escribe el archivo — solo el diff (council 002 P0-2)."""
+    """Unified diff que agrega `kwarg=cap_value` como ÚLTIMO argumento de cada constructor sin cap.
+    Inserción basada en AST (robusta a args POSICIONALES, strings con paréntesis, y kwargs previos): el kwarg
+    va antes del `)` de cierre del call, NUNCA tras el `(` (eso produciría `Ctor(kwarg=…, "positional")` =
+    SyntaxError — codex/Cursor r76). NUNCA escribe el archivo — solo el diff (council 002 P0-2)."""
+    try:
+        tree = ast.parse(src)
+    except SyntaxError:
+        return ""
+    # map (lineno, constructor) → list of Call nodes, to insert at the exact end of the right call
+    by_key = {}
+    for node in ast.walk(tree):
+        if isinstance(node, ast.Call):
+            by_key.setdefault((node.lineno, call_name(node)), []).append(node)
     lines = src.splitlines(keepends=True)
     new_lines = list(lines)
-    # de abajo hacia arriba para no correr line numbers
-    for f in sorted((f for f in findings if f["kind"] == "missing"),
-                    key=lambda x: -x["line"]):
-        i = f["line"] - 1
-        if i >= len(new_lines):
-            continue
+    edits = []   # (line_index, col, text) — applied right-to-left so columns don't shift
+    for f in (f for f in findings if f["kind"] == "missing"):
+        cands = by_key.get((f["line"], f["constructor"]), [])
+        if len(cands) != 1:
+            continue   # 0 or >1 matching calls on the line → ambiguous, skip (the finding is still reported)
+        call = cands[0]
+        if call.end_lineno != call.lineno or call.end_col_offset is None:
+            continue   # multi-line call → skip (conservative)
+        i = call.lineno - 1
+        close = call.end_col_offset - 1   # column of the closing ')'
+        had_args = bool(call.args) or bool(call.keywords)
+        sep = ", " if had_args else ""
+        edits.append((i, close, f"{sep}{f['suggest_kwarg']}={cap_value}"))
+    # apply right-to-left (highest column on a line first) so earlier insertions don't shift later columns
+    for i, col, text in sorted(edits, key=lambda e: (e[0], -e[1])):
         line = new_lines[i]
-        ctor = f["constructor"]
-        # audit-3 (gemini P0): si hay >1 ocurrencia del constructor en la línea, NO parchear
-        # (la inserción textual no sabe cuál es cuál) — conservador, el hallazgo igual se reporta
-        if line.count(ctor + "(") != 1:
-            continue
-        idx = line.find(ctor + "(")
-        if idx < 0:
-            continue  # constructor multilínea: skip (conservador)
-        insert_at = idx + len(ctor) + 1
-        rest = line[insert_at:]
-        sep = "" if rest.lstrip().startswith(")") else ", "
-        new_lines[i] = line[:insert_at] + f"{f['suggest_kwarg']}={cap_value}{sep}" + rest
+        new_lines[i] = line[:col] + text + line[col:]
     if new_lines == lines:
         return ""
     rel = str(path)

{costwright-0.2.2 → costwright-0.2.3}/src/costwright/cli.py

@@ -143,6 +143,11 @@ def cmd_caps(args) -> int:
             print(f"\n  {total} finding(s) in {len(per_file)} file(s) "
                   f"({scanned} scanned). Use --patch to emit a unified diff.")
         if args.patch:
+            if args.cap < 1:
+                # a cap of 0/negative is not an effective token bound — the patch would insert an inert kwarg
+                # that costwright itself flags `ineffective` (codex r75). Refuse instead of suggesting it.
+                print(f"costwright: --cap must be a positive integer (got {args.cap})", file=sys.stderr)
+                return 2
             chunks = []
             for p, (fs, src) in sorted(per_file.items()):
                 d = caps_mod.make_patch(p.relative_to(root), src, fs, args.cap)

{costwright-0.2.2 → costwright-0.2.3}/src/costwright/extract.py

@@ -227,8 +227,16 @@ class Extractor(ast.NodeVisitor):
             # CrewAI Agent sin max_iter → default 20 (lo decide el mapper por-kind)
         elif last == "Crew":
             proc = next((k for k in n.keywords if k.arg == "process"), None)
-            if proc is not None and "hierarchical" in ast.dump(proc.value):
-                s.features.append({"feature": "hierarchical-manager", "line": n.lineno})
+            if proc is not None:
+                # a hierarchical Crew runs a MANAGER that re-delegates (an unbounded loop) → fail closed. The
+                # only SAFE value is a confirmed-sequential LITERAL (`Process.sequential` / "sequential"). A
+                # hierarchical literal, a VARIABLE (`mode = Process.hierarchical; process=mode` — codex r75), or
+                # any computed expression could be the manager → conservatively flag hierarchical-manager.
+                dump = ast.dump(proc.value)
+                confirmed_sequential = (isinstance(proc.value, (ast.Attribute, ast.Constant))
+                                        and "sequential" in dump and "hierarchical" not in dump)
+                if not confirmed_sequential:
+                    s.features.append({"feature": "hierarchical-manager", "line": n.lineno})
 
         # caps de tokens en cualquier call (constructores de modelos, llamadas)
         for k in n.keywords:
@@ -243,6 +251,12 @@ class Extractor(ast.NodeVisitor):
 
     def _scan_invoke(s, n):
         """Busca recursion_limit / max_turns en el config del call-site (D2)."""
+        # a **kwargs spread on an invoke/run call is OPAQUE — it could carry a max_turns / recursion_limit that
+        # DISABLES the cap (e.g. `Runner.run(a, **{"max_turns": None})`, `app.invoke({}, **opts)`) and the bound
+        # would be unrecoverable → record an UNRESOLVED bound so the mapper fails closed (codex/Cursor r79).
+        if any(k.arg is None for k in n.keywords):
+            s.bounds.append({"param": "invoke-kwargs-spread", "value": None,
+                             "source": "explicit", "line": n.lineno})
         for k in n.keywords:
             if k.arg == "max_turns":
                 # distinguir None LITERAL (desactivación deliberada) de expresión no-constante

{costwright-0.2.2 → costwright-0.2.3}/src/costwright/fusion.py

@@ -80,6 +80,8 @@ _SLA_MODES = {"strict", "balanced"}
 # it is a reported analysis the signed bundle BINDS (tamper-evidence) and whose ARITHMETIC fusion
 # re-checks in pure stdlib — but whose operational ASSUMPTIONS fusion canNOT verify (self-asserted).
 _INTERF_KIND = "tv-coupling-bound"
+_CHANNEL_COVERED = "budget-cap-distribution-shift (channel 1 of N; N unknown)"
+_SOURCE_ESTIMATOR = "eleata-verify.epsilon.interference_risk_bound"
 _ASSURANCE_LEVELS = {"self_asserted", "evidence_attached", "independently_reviewed"}
 _ASSUMPTIONS = {"A", "C", "D"}                            # the operational assumptions the (ii) bound needs
 # status is NEVER "bounded" (council P0-1: no word that reads as a guarantee). Derived by fusion.
@@ -423,8 +425,8 @@ def conditional_analysis_from_epsilon(epsilon_bound: dict, *, assumptions_attest
     _bound_auth = _inflate_alpha(float(_ab), _eps_auth, float(_cu))
     block = {
         "kind": _INTERF_KIND,
-        "channel_covered": "budget-cap-distribution-shift (channel 1 of N; N unknown)",
-        "source_estimator": "eleata-verify.epsilon.interference_risk_bound",
+        "channel_covered": _CHANNEL_COVERED,
+        "source_estimator": _SOURCE_ESTIMATOR,
         "verify_version": str(verify_version),
         "note": INTERF_NOTE,
         "channel1_conditional_risk_upper": _bound_auth,   # RECOMPUTED, not the caller's alpha_effective
@@ -562,6 +564,16 @@ def _validate_conditional_analyses(ca: dict, risk_block: dict) -> dict:
     out["assumptions_complete"] = assumptions_complete
     out["bound_verification"] = bound_verification
     out["open_channels_non_exhaustive"] = True        # forced — the list is non-exhaustive by construction
+    # FORCE the honesty/provenance fields to costwright's own constants — the caller cannot inject a
+    # `disclaimer="GUARANTEED SAFE"`, a reassuring `note`, a shrunk `open_channels=["none"]`, or a misleading
+    # `channel_covered`/`source_estimator` into the signed bundle (codex r78). Only measured PRIMITIVES
+    # (k, m, δ_eps, α, c, attestations) come from the caller; every honesty string is costwright's.
+    out["kind"] = _INTERF_KIND
+    out["channel_covered"] = _CHANNEL_COVERED
+    out["source_estimator"] = _SOURCE_ESTIMATOR
+    out["note"] = INTERF_NOTE
+    out["open_channels"] = list(_OPEN_CHANNELS)
+    out["disclaimer"] = NON_INTERFERENCE
     return {"channel1_budget_cap_risk": out}
 
 

{costwright-0.2.2 → costwright-0.2.3}/src/costwright.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: costwright
-Version: 0.2.2
+Version: 0.2.3
 Summary: Static budget certificates for LLM-agent workflows (LangGraph / CrewAI / OpenAI Agents SDK). Backed by a machine-checked (Lean 4) cost-soundness theorem.
 Author: Hernán Inverso
 License: Apache-2.0

costwright-0.2.2/src/costwright/__init__.py

@@ -1 +0,0 @@
-__version__ = "0.2.2"