crackerjack 0.18.2__py3-none-any.whl → 0.45.2__py3-none-any.whl

crackerjack/tools/trailing_whitespace.py

@@ -0,0 +1,198 @@
+"""Remove trailing whitespace from files.
+
+This tool is a native Python implementation replacing pre-commit's
+trailing-whitespace hook. It scans files for lines with trailing whitespace
+and automatically removes it.
+
+Usage:
+    python -m crackerjack.tools.trailing_whitespace [files...]
+
+Exit Codes:
+    0: No trailing whitespace found (or successfully fixed)
+    1: Trailing whitespace found and fixed (files modified)
+"""
+
+from __future__ import annotations
+
+import argparse
+import sys
+from pathlib import Path
+
+from ._git_utils import get_files_by_extension
+
+
+def has_trailing_whitespace(line: str) -> bool:
+    """Check if a line has trailing whitespace.
+
+    Args:
+        line: Line to check (should include newline if present)
+
+    Returns:
+        True if line has trailing whitespace before newline
+    """
+    # Remove trailing newline for checking
+    line_stripped = line.rstrip("\n\r")
+    # Check if there's whitespace at the end
+    return line_stripped != line_stripped.rstrip()
+
+
+def fix_trailing_whitespace(file_path: Path) -> bool:
+    """Remove trailing whitespace from a file.
+
+    Args:
+        file_path: Path to file to process
+
+    Returns:
+        True if file was modified, False if no changes needed
+    """
+    try:
+        # Read file content
+        content = file_path.read_text(encoding="utf-8")
+        lines = content.splitlines(keepends=True)
+
+        # Process lines
+        modified = False
+        new_lines = []
+        for line in lines:
+            if has_trailing_whitespace(line):
+                # Remove trailing whitespace but preserve newline
+                stripped = line.rstrip()
+                if line.endswith("\n"):
+                    stripped += "\n"
+                elif line.endswith("\r\n"):
+                    stripped += "\r\n"
+                new_lines.append(stripped)
+                modified = True
+            else:
+                new_lines.append(line)
+
+        # Write back if modified
+        if modified:
+            file_path.write_text("".join(new_lines), encoding="utf-8")
+            print(f"Fixed trailing whitespace: {file_path}")  # noqa: T201
+
+        return modified
+
+    except UnicodeDecodeError:
+        # Skip binary files
+        return False
+    except Exception as e:
+        print(f"Error processing {file_path}: {e}", file=sys.stderr)  # noqa: T201
+        return False
+
+
+def _collect_files_to_check(args: argparse.Namespace) -> list[Path]:
+    """Collect files to check for trailing whitespace.
+
+    Args:
+        args: Parsed command-line arguments
+
+    Returns:
+        List of file paths to process
+    """
+    # Default to all git-tracked files if none specified
+    if not args.files:
+        # Get all tracked text files (respects .gitignore via git ls-files)
+        files = get_files_by_extension(
+            [".py", ".md", ".txt", ".yaml", ".yml", ".toml", ".json"]
+        )
+        if not files:
+            # Fallback to Python files if not in git repo
+            files = list(Path.cwd().rglob("*.py"))
+    else:
+        files = args.files
+
+    # Filter to existing files only
+    return [f for f in files if f.is_file()]
+
+
+def _process_files_in_check_mode(files: list[Path]) -> int:
+    """Process files in check-only mode.
+
+    Args:
+        files: List of file paths to check
+
+    Returns:
+        Count of files with trailing whitespace
+    """
+    modified_count = 0
+    for file_path in files:
+        content = file_path.read_text(encoding="utf-8")
+        lines = content.splitlines(keepends=True)
+        if any(has_trailing_whitespace(line) for line in lines):
+            print(f"Trailing whitespace found: {file_path}")  # noqa: T201
+            modified_count += 1
+    return modified_count
+
+
+def _process_files_in_fix_mode(files: list[Path]) -> int:
+    """Process files in fix mode.
+
+    Args:
+        files: List of file paths to fix
+
+    Returns:
+        Count of files modified
+    """
+    modified_count = 0
+    for file_path in files:
+        if fix_trailing_whitespace(file_path):
+            modified_count += 1
+    return modified_count
+
+
+def main(argv: list[str] | None = None) -> int:
+    """Main entry point for trailing-whitespace tool.
+
+    Args:
+        argv: Command-line arguments (defaults to sys.argv[1:])
+
+    Returns:
+        Exit code: 0 if no files modified, 1 if files were modified
+    """
+    parser = argparse.ArgumentParser(
+        description="Remove trailing whitespace from files"
+    )
+    parser.add_argument(
+        "files",
+        nargs="*",
+        type=Path,
+        help="Files to check (default: all Python files in current directory)",
+    )
+    parser.add_argument(
+        "--check",
+        action="store_true",
+        help="Check only, don't modify files",
+    )
+
+    args = parser.parse_args(argv)
+
+    files = _collect_files_to_check(args)
+
+    if not files:
+        print("No files to check")  # noqa: T201
+        return 0
+
+    # Process files based on mode
+    if args.check:
+        modified_count = _process_files_in_check_mode(files)
+    else:
+        modified_count = _process_files_in_fix_mode(files)
+
+    # Return appropriate exit code
+    if modified_count > 0:
+        if args.check:
+            print(f"\n{modified_count} file(s) with trailing whitespace")  # noqa: T201
+        else:
+            print(f"\nFixed {modified_count} file(s)")  # noqa: T201
+            # Align with pre-commit semantics so HookExecutor treats this as pass
+            # when a formatter modifies files but exits with code 1.
+            print("files were modified by this hook")  # noqa: T201
+        return 1
+
+    print("No trailing whitespace found")  # noqa: T201
+    return 0
+
+
+if __name__ == "__main__":
+    sys.exit(main())

crackerjack/tools/validate_input_validator_patterns.py

@@ -0,0 +1,236 @@
+import sys
+from pathlib import Path
+
+sys.path.insert(0, str(Path(__file__).parent.parent))
+
+from crackerjack.services.input_validator import SecureInputValidator
+from crackerjack.services.regex_patterns import SAFE_PATTERNS
+
+
+def test_sql_injection_patterns() -> bool:
+    print("Testing SQL injection patterns...")
+
+    test_cases = [
+        ("SELECT * FROM users", True, "Basic SELECT"),
+        ("UNION SELECT password FROM admin", True, "UNION injection"),
+        ("'; DROP TABLE users; --", True, "SQL comment injection"),
+        ("' OR 1=1--", True, "Boolean injection"),
+        ("xp_cmdshell('dir')", True, "SQL Server specific"),
+        ("sp_executesql @sql", True, "SQL Server procedure"),
+        ("user selected item", False, "Legitimate text with 'select'"),
+        ("button execution", False, "Legitimate text with 'execution'"),
+        ("team membership", False, "Legitimate text without SQL keywords"),
+        ("normal text", False, "Normal text"),
+    ]
+
+    patterns = [
+        "validate_sql_injection_patterns",
+        "validate_sql_comment_patterns",
+        "validate_sql_boolean_injection",
+        "validate_sql_server_specific",
+    ]
+
+    for text, should_detect, description in test_cases:
+        detected = False
+        for pattern_name in patterns:
+            if SAFE_PATTERNS[pattern_name].test(text):
+                detected = True
+                break
+
+        status = "✅" if detected == should_detect else "❌"
+        print(
+            f" {status} {description}: '{text}' -> {'BLOCKED' if detected else 'ALLOWED'}"
+        )
+
+        if detected != should_detect:
+            print(f" Expected: {'BLOCKED' if should_detect else 'ALLOWED'}")
+            return False
+
+    print("✅ All SQL injection pattern tests passed!")
+    return True
+
+
+def test_code_injection_patterns() -> bool:
+    print("\nTesting code injection patterns...")
+
+    test_cases = [
+        ("eval(user_input)", True, "eval() execution"),
+        ("exec(malicious_code)", True, "exec() execution"),
+        ("__import__('os')", True, "Dynamic import"),
+        ("getattr(obj, 'dangerous')", True, "Dynamic attribute access"),
+        ("subprocess.run(cmd)", True, "System command"),
+        ("os.system('rm -rf')", True, "OS system call"),
+        ("compile(code, 'string', 'exec')", True, "Code compilation"),
+        ("evaluate the results", False, "Legitimate text with 'eval'"),
+        ("execute the plan", False, "Legitimate text with 'execute'"),
+        ("import statement", False, "Normal import discussion"),
+        ("compiled successfully", False, "Normal compilation discussion"),
+    ]
+
+    patterns = [
+        "validate_code_eval_injection",
+        "validate_code_dynamic_access",
+        "validate_code_system_commands",
+        "validate_code_compilation",
+    ]
+
+    for text, should_detect, description in test_cases:
+        detected = False
+        for pattern_name in patterns:
+            if SAFE_PATTERNS[pattern_name].test(text):
+                detected = True
+                break
+
+        status = "✅" if detected == should_detect else "❌"
+        print(
+            f" {status} {description}: '{text}' -> {'BLOCKED' if detected else 'ALLOWED'}"
+        )
+
+        if detected != should_detect:
+            print(f" Expected: {'BLOCKED' if should_detect else 'ALLOWED'}")
+            return False
+
+    print("✅ All code injection pattern tests passed!")
+    return True
+
+
+def test_job_id_validation() -> bool:
+    print("\nTesting job ID validation...")
+
+    test_cases = [
+        ("valid_job-123", True, "Standard job ID"),
+        ("another-valid_job", True, "Hyphen and underscore"),
+        ("JOB123", True, "Uppercase"),
+        ("job_456", True, "Underscore only"),
+        ("job-789", True, "Hyphen only"),
+        ("complex_job-id_123", True, "Complex valid ID"),
+        ("job with spaces", False, "Contains spaces"),
+        ("job@invalid", False, "Contains @ symbol"),
+        ("job.invalid", False, "Contains dot"),
+        ("job/invalid", False, "Contains slash"),
+        ("job=invalid", False, "Contains equals"),
+        ("job$invalid", False, "Contains dollar"),
+        ("", False, "Empty string"),
+    ]
+
+    pattern = SAFE_PATTERNS["validate_job_id_format"]
+
+    for job_id, should_be_valid, description in test_cases:
+        is_valid = pattern.test(job_id)
+        status = "✅" if is_valid == should_be_valid else "❌"
+        print(
+            f" {status} {description}: '{job_id}' -> {'VALID' if is_valid else 'INVALID'}"
+        )
+
+        if is_valid != should_be_valid:
+            print(f" Expected: {'VALID' if should_be_valid else 'INVALID'}")
+            return False
+
+    print("✅ All job ID validation tests passed!")
+    return True
+
+
+def test_env_var_validation() -> bool:
+    print("\nTesting environment variable name validation...")
+
+    test_cases = [
+        ("VALID_VAR", True, "Standard env var"),
+        ("_PRIVATE_VAR", True, "Starting with underscore"),
+        ("API_KEY_123", True, "With numbers"),
+        ("DATABASE_URL", True, "Typical env var"),
+        ("MAX_RETRIES", True, "Another typical var"),
+        ("lowercase_var", False, "Contains lowercase"),
+        ("123_INVALID", False, "Starts with number"),
+        ("INVALID-VAR", False, "Contains hyphen"),
+        ("INVALID.VAR", False, "Contains dot"),
+        ("INVALID VAR", False, "Contains space"),
+        ("INVALID@VAR", False, "Contains @ symbol"),
+        ("", False, "Empty string"),
+    ]
+
+    pattern = SAFE_PATTERNS["validate_env_var_name_format"]
+
+    for env_var, should_be_valid, description in test_cases:
+        is_valid = pattern.test(env_var)
+        status = "✅" if is_valid == should_be_valid else "❌"
+        print(
+            f" {status} {description}: '{env_var}' -> {'VALID' if is_valid else 'INVALID'}"
+        )
+
+        if is_valid != should_be_valid:
+            print(f" Expected: {'VALID' if should_be_valid else 'INVALID'}")
+            return False
+
+    print("✅ All environment variable validation tests passed!")
+    return True
+
+
+def test_integration_with_validator() -> bool:
+    print("\nTesting integration with SecureInputValidator...")
+
+    validator = SecureInputValidator()
+
+    result = validator.sanitizer.sanitize_string("'; DROP TABLE users; --")
+    if result.valid:
+        print("❌ SQL injection should have been detected")
+        return False
+    print("✅ SQL injection properly detected and blocked")
+
+    result = validator.validate_job_id("valid_job-123")
+    if not result.valid:
+        print("❌ Valid job ID should have been accepted")
+        return False
+    print("✅ Valid job ID properly accepted")
+
+    result = validator.validate_job_id("invalid job with spaces")
+    if result.valid:
+        print("❌ Invalid job ID should have been rejected")
+        return False
+    print("✅ Invalid job ID properly rejected")
+
+    result = validator.validate_environment_var("VALID_VAR", "some_value")
+    if not result.valid:
+        print("❌ Valid env var should have been accepted")
+        return False
+    print("✅ Valid environment variable properly accepted")
+
+    result = validator.validate_environment_var("invalid_var", "some_value")
+    if result.valid:
+        print("❌ Invalid env var should have been rejected")
+        return False
+    print("✅ Invalid environment variable properly rejected")
+
+    print("✅ All integration tests passed!")
+    return True
+
+
+def main() -> int:
+    print("🔒 Validating Input Validator Security Patterns")
+    print("=" * 50)
+
+    tests = [
+        test_sql_injection_patterns,
+        test_code_injection_patterns,
+        test_job_id_validation,
+        test_env_var_validation,
+        test_integration_with_validator,
+    ]
+
+    all_passed = True
+    for test_func in tests:
+        if not test_func():
+            all_passed = False
+
+    print("\n" + "=" * 50)
+    if all_passed:
+        print("✅ ALL SECURITY VALIDATION TESTS PASSED!")
+        print("🔒 Input validation is properly secured with SAFE_PATTERNS")
+        return 0
+    else:
+        print("❌ SOME TESTS FAILED!")
+        print("🚨 Security issues detected - review failed tests")
+        return 1
+
+
+if __name__ == "__main__":
+    sys.exit(main())

crackerjack/tools/validate_regex_patterns.py

@@ -0,0 +1,188 @@
+import ast
+import re
+import sys
+from pathlib import Path
+
+REGEX_IMPORTS = {
+    "re",
+    "regex",
+}
+
+REGEX_FUNCTIONS = {
+    "re.sub",
+    "re.search",
+    "re.match",
+    "re.findall",
+    "re.split",
+    "re.compile",
+    "regex.sub",
+    "regex.search",
+    "regex.match",
+    "regex.findall",
+    "regex.split",
+    "regex.compile",
+}
+
+
+ALLOWED_PATTERNS = {
+    r"re\.escape\(",
+    r"re\.compile\(r?['\"]\\\\[wd]",
+    r"# REGEX OK: ",
+    r"crackerjack/services/regex_patterns\.py$",
+    r"tools/validate_regex_patterns_standalone\.py$",
+    r"crackerjack/tools/validate_regex_patterns\.py$",
+    r"tests/test_.*\.py$",
+    r"crackerjack/services/secure_subprocess\.py$",
+    r"crackerjack/mcp/tools/core_tools\.py$",
+    r"crackerjack/intelligence/agent_selector\.py$",
+    r"crackerjack/managers/test_.*\.py$",
+    r"crackerjack/core/async_workflow_orchestrator\.py$",
+    r"crackerjack/core/workflow_orchestrator\.py$",
+    r"crackerjack/agents/.*\.py$",
+}
+
+FORBIDDEN_REPLACEMENT_PATTERNS = [
+    r"\\g\s+<\s*\d+\s*>",  # Only match when there are spaces before <
+    r"\\g<\s+\d+>",  # Spaces after opening <
+    r"\\g<\d+\s+>",  # Spaces before closing >
+]
+
+
+class RegexVisitor(ast.NodeVisitor):
+    def __init__(self, file_path: Path) -> None:
+        self.file_path = file_path
+        self.issues: list[tuple[int, str]] = []
+        self.has_regex_import = False
+        self.allowed_file = any(
+            re.search(pattern, str(file_path)) for pattern in ALLOWED_PATTERNS
+        )
+
+    def visit_Import(self, node: ast.Import) -> None:
+        for alias in node.names:
+            if alias.name in REGEX_IMPORTS:
+                self.has_regex_import = True
+        self.generic_visit(node)
+
+    def visit_ImportFrom(self, node: ast.ImportFrom) -> None:
+        if node.module in REGEX_IMPORTS:
+            self.has_regex_import = True
+        self.generic_visit(node)
+
+    def visit_Call(self, node: ast.Call) -> None:
+        if self.allowed_file:
+            self.generic_visit(node)
+            return
+
+        func_name = self._get_function_name(node.func)
+
+        if func_name in REGEX_FUNCTIONS:
+            for arg in node.args:
+                if isinstance(arg, ast.Constant) and isinstance(arg.value, str):
+                    self._check_replacement_syntax(arg.value, node.lineno)
+
+            if not self._is_exempted_line(node.lineno):
+                self.issues.append(
+                    (
+                        node.lineno,
+                        f"Raw regex usage detected: {func_name}(). "
+                        f"Use validated patterns from crackerjack.services.regex_patterns instead.",
+                    )
+                )
+
+        self.generic_visit(node)
+
+    def _get_function_name(self, func_node: ast.AST) -> str:
+        if isinstance(func_node, ast.Name):
+            return func_node.id
+        elif isinstance(func_node, ast.Attribute):
+            if isinstance(func_node.value, ast.Name):
+                return f"{func_node.value.id}.{func_node.attr}"
+            return func_node.attr
+        return ""
+
+    def _check_replacement_syntax(self, replacement: str, line_no: int) -> None:
+        for pattern in FORBIDDEN_REPLACEMENT_PATTERNS:
+            if re.search(pattern, replacement):
+                self.issues.append(
+                    (
+                        line_no,
+                        f"CRITICAL: Bad replacement syntax detected: '{replacement}'. "
+                        f"Use \\g<1> not \\g<1>",
+                    )
+                )
+
+    def _is_exempted_line(self, line_no: int) -> bool:
+        from contextlib import suppress
+
+        with suppress(OSError, UnicodeDecodeError):
+            with self.file_path.open(encoding="utf-8") as f:
+                lines = f.readlines()
+                # Check current line and next 5 lines for exemption comments
+                # This handles multi-line statements
+                for offset in range(6):  # Check lines: current, +1, +2, +3, +4, +5
+                    check_line = line_no - 1 + offset
+                    if check_line < len(lines):
+                        line = lines[check_line]
+                        if "# REGEX OK:" in line or "# regex ok:" in line.lower():
+                            return True
+        return False
+
+
+def validate_file(file_path: Path) -> list[tuple[int, str]]:
+    try:
+        content = file_path.read_text(encoding="utf-8")
+    except (OSError, UnicodeDecodeError) as e:
+        return [(1, f"Error reading file: {e}")]
+
+    try:
+        tree = ast.parse(content, filename=str(file_path))
+    except SyntaxError as e:
+        return [(e.lineno or 1, f"Syntax error: {e}")]
+
+    visitor = RegexVisitor(file_path)
+    visitor.visit(tree)
+    return visitor.issues
+
+
+def main(file_paths: list[str]) -> int:
+    if not file_paths:
+        print("✅ No Python files to validate")
+        return 0
+
+    exit_code = 0
+
+    for file_path_str in file_paths:
+        file_path = Path(file_path_str)
+
+        if file_path.suffix != ".py":
+            continue
+
+        if not file_path.exists():
+            continue
+
+        issues = validate_file(file_path)
+
+        if issues:
+            exit_code = 1
+            print(f"\n❌ {file_path}: ")
+            for line_no, message in issues:
+                print(f" Line {line_no}: {message}")
+
+    if exit_code == 0:
+        print("✅ All regex patterns validated successfully!")
+    else:
+        print("\n" + "=" * 70)
+        print("REGEX VALIDATION FAILED")
+        print("=" * 70)
+        print("To fix these issues: ")
+        print("1. Use patterns from crackerjack.services.regex_patterns")
+        print("2. Add new patterns to SAFE_PATTERNS with comprehensive tests")
+        print("3. Use '# REGEX OK: reason' comment for legitimate exceptions")
+        print("4. Fix \\g<1> replacement syntax (no spaces)")
+        print("=" * 70)
+
+    return exit_code
+
+
+if __name__ == "__main__":
+    sys.exit(main(sys.argv[1:]))

crackerjack/ui/README.md

@@ -0,0 +1,11 @@
+> Crackerjack Docs: [Main](<../../README.md>) | [Crackerjack Package](<../README.md>) | [UI](<./README.md>)
+
+# UI
+
+User interface components and templates.
+
+## Related
+
+- [Crackerjack Package](<../README.md>) - Parent package
+- [UI Templates](<./templates/README.md>) - Template files for UI components
+- [MCP](<../mcp/README.md>) - MCP progress monitor UI

crackerjack/ui/__init__.py

@@ -0,0 +1 @@
+"""UI components for Crackerjack."""

crackerjack/ui/dashboard_renderer.py

@@ -0,0 +1,28 @@
+"""Utilities for rendering the monitoring dashboard UI."""
+
+from __future__ import annotations
+
+from functools import lru_cache
+from pathlib import Path
+
+_TEMPLATE_DIR = Path(__file__).with_suffix("").parent / "templates"
+
+
+def _load_asset(filename: str) -> str:
+    path = _TEMPLATE_DIR / filename
+    if not path.exists():
+        msg = f"Dashboard asset not found: {filename}"
+        raise FileNotFoundError(msg)
+    return path.read_text(encoding="utf-8")
+
+
+@lru_cache(maxsize=1)
+def render_monitoring_dashboard() -> str:
+    """Render the monitoring dashboard HTML using cached assets."""
+    html_template = _load_asset("monitoring_dashboard.html")
+    css_styles = _load_asset("monitoring_dashboard.css")
+    javascript_code = _load_asset("monitoring_dashboard.js")
+    return html_template.format(
+        css_styles=css_styles,
+        javascript_code=javascript_code,
+    )

crackerjack/ui/templates/README.md

@@ -0,0 +1,11 @@
+> Crackerjack Docs: [Main](<../../../README.md>) | [Crackerjack Package](<../../README.md>) | [UI](<../README.md>) | [Templates](<./README.md>)
+
+# UI Templates
+
+Templates used by UI components.
+
+## Related
+
+- [UI](<../README.md>) - Parent UI package
+- [Crackerjack Package](<../../README.md>) - Root package
+- [Data](<../../data/README.md>) - Static data and assets

crackerjack/utils/console_utils.py

@@ -0,0 +1,13 @@
+from __future__ import annotations
+
+from crackerjack.config import get_console_width
+
+
+def separator(char: str = "-", width: int | None = None) -> str:
+    """Return a horizontal separator string.
+
+    - char: the character to repeat (default '-')
+    - width: explicit width; if None, uses configured console width
+    """
+    w = width if isinstance(width, int) and width > 0 else get_console_width()
+    return char * w