crackerjack 0.31.17__py3-none-any.whl → 0.32.0__py3-none-any.whl

crackerjack/mcp/tools/workflow_executor.py

@@ -13,8 +13,24 @@ async def execute_crackerjack_workflow(
 ) -> dict[str, t.Any]:
     job_id = str(uuid.uuid4())[:8]
 
+    # Configure extended timeout for long-running test operations
+    execution_timeout = kwargs.get("execution_timeout", 900)  # 15 minutes default
+    if kwargs.get("test", False) or kwargs.get("testing", False):
+        execution_timeout = max(execution_timeout, 1200)  # 20 minutes for test runs
+
     try:
-        return await _execute_crackerjack_sync(job_id, args, kwargs, get_context())
+        # Add overall execution timeout with keep-alive
+        return await asyncio.wait_for(
+            _execute_crackerjack_sync(job_id, args, kwargs, get_context()),
+            timeout=execution_timeout,
+        )
+    except TimeoutError:
+        return {
+            "job_id": job_id,
+            "status": "timeout",
+            "error": f"Execution timed out after {execution_timeout} seconds",
+            "timestamp": time.time(),
+        }
     except Exception as e:
         import traceback
 
@@ -143,9 +159,9 @@ async def _create_advanced_orchestrator(
     from pathlib import Path
 
     from crackerjack.core.async_workflow_orchestrator import AsyncWorkflowOrchestrator
-    from crackerjack.core.enhanced_container import EnhancedContainer
+    from crackerjack.core.enhanced_container import EnhancedDependencyContainer
 
-    container = EnhancedContainer()
+    container = EnhancedDependencyContainer()
 
     await _register_core_services(container, Path(working_dir))
 
@@ -171,41 +187,37 @@ def _create_standard_orchestrator(
 async def _register_core_services(container: t.Any, working_dir: t.Any) -> None:
     from rich.console import Console
 
-    from crackerjack.core.enhanced_container import ServiceLifetime
     from crackerjack.managers.hook_manager import AsyncHookManager
-    from crackerjack.managers.publish_manager import PublishManager
-    from crackerjack.managers.test_manager import TestManager
+    from crackerjack.managers.publish_manager import PublishManagerImpl
+    from crackerjack.managers.test_manager import TestManagementImpl
     from crackerjack.models.protocols import (
-        HookManagerProtocol,
-        PublishManagerProtocol,
+        FileSystemInterface,
+        HookManager,
+        PublishManager,
         TestManagerProtocol,
     )
     from crackerjack.services.enhanced_filesystem import EnhancedFileSystemService
 
     console = Console()
 
-    container.register_service(
-        HookManagerProtocol,
-        AsyncHookManager(console, working_dir),
-        ServiceLifetime.SINGLETON,
+    container.register_singleton(
+        HookManager,
+        factory=lambda: AsyncHookManager(console, working_dir),
     )
 
-    container.register_service(
+    container.register_singleton(
         TestManagerProtocol,
-        TestManager(console, working_dir),
-        ServiceLifetime.SINGLETON,
+        factory=lambda: TestManagementImpl(console, working_dir),
     )
 
-    container.register_service(
-        PublishManagerProtocol,
-        PublishManager(console, working_dir),
-        ServiceLifetime.SINGLETON,
+    container.register_singleton(
+        PublishManager,
+        factory=lambda: PublishManagerImpl(console, working_dir),
     )
 
-    container.register_service(
-        EnhancedFileSystemService,
-        EnhancedFileSystemService(),
-        ServiceLifetime.SINGLETON,
+    container.register_singleton(
+        FileSystemInterface,
+        factory=EnhancedFileSystemService,
     )
 
 
@@ -218,17 +230,29 @@ async def _run_workflow_iterations(
     options = _create_workflow_options(kwargs)
     max_iterations = kwargs.get("max_iterations", 10)
 
-    for iteration in range(max_iterations):
-        _update_progress(
-            job_id,
-            {
-                "type": "iteration",
-                "iteration": iteration + 1,
-                "max_iterations": max_iterations,
-                "status": "running",
-            },
-            context,
+    # Start keep-alive task to prevent TCP timeouts
+    keep_alive_task = asyncio.create_task(_keep_alive_heartbeat(job_id, context))
+
+    try:
+        result = await _execute_iterations_loop(
+            job_id, orchestrator, options, kwargs, max_iterations, context
         )
+        return result
+    finally:
+        await _cleanup_keep_alive_task(keep_alive_task)
+
+
+async def _execute_iterations_loop(
+    job_id: str,
+    orchestrator: t.Any,
+    options: t.Any,
+    kwargs: dict[str, t.Any],
+    max_iterations: int,
+    context: t.Any,
+) -> dict[str, t.Any]:
+    """Execute the main iterations loop."""
+    for iteration in range(max_iterations):
+        _update_iteration_progress(job_id, iteration, max_iterations, context)
 
         try:
             success = await _execute_single_iteration(
@@ -236,13 +260,8 @@ async def _run_workflow_iterations(
             )
 
             if success:
-                coverage_result = None
-                if kwargs.get("boost_coverage", False):
-                    coverage_result = await _attempt_coverage_improvement(
-                        job_id, orchestrator, context
-                    )
-                return _create_success_result(
-                    job_id, iteration + 1, context, coverage_result
+                return await _handle_iteration_success(
+                    job_id, iteration, orchestrator, kwargs, context
                 )
 
             if iteration < max_iterations - 1:
@@ -254,6 +273,77 @@ async def _run_workflow_iterations(
     return _create_failure_result(job_id, max_iterations, context)
 
 
+def _update_iteration_progress(
+    job_id: str, iteration: int, max_iterations: int, context: t.Any
+) -> None:
+    """Update progress for current iteration."""
+    _update_progress(
+        job_id,
+        {
+            "type": "iteration",
+            "iteration": iteration + 1,
+            "max_iterations": max_iterations,
+            "status": "running",
+        },
+        context,
+    )
+
+
+async def _handle_iteration_success(
+    job_id: str,
+    iteration: int,
+    orchestrator: t.Any,
+    kwargs: dict[str, t.Any],
+    context: t.Any,
+) -> dict[str, t.Any]:
+    """Handle successful iteration."""
+    coverage_result = None
+    if kwargs.get("boost_coverage", False):
+        coverage_result = await _attempt_coverage_improvement(
+            job_id, orchestrator, context
+        )
+    return _create_success_result(job_id, iteration + 1, context, coverage_result)
+
+
+async def _cleanup_keep_alive_task(keep_alive_task: asyncio.Task[t.Any]) -> None:
+    """Clean up the keep-alive task."""
+    if not keep_alive_task.cancelled():
+        keep_alive_task.cancel()
+        try:
+            await keep_alive_task
+        except asyncio.CancelledError:
+            pass
+
+
+async def _keep_alive_heartbeat(job_id: str, context: t.Any) -> None:
+    """Send periodic keep-alive messages to prevent TCP timeouts."""
+    try:
+        while True:
+            # Send heartbeat every 60 seconds (well under 2-minute TCP timeout)
+            await asyncio.sleep(60)
+            _update_progress(
+                job_id,
+                {
+                    "type": "keep_alive",
+                    "status": "heartbeat",
+                    "timestamp": time.time(),
+                    "message": "Keep-alive heartbeat to prevent connection timeout",
+                },
+                context,
+            )
+    except asyncio.CancelledError:
+        # Task was cancelled, cleanup
+        _update_progress(
+            job_id,
+            {
+                "type": "keep_alive",
+                "status": "cancelled",
+                "timestamp": time.time(),
+            },
+            context,
+        )
+
+
 def _create_workflow_options(kwargs: dict[str, t.Any]) -> t.Any:
     from types import SimpleNamespace
 

crackerjack/models/protocols.py

@@ -83,8 +83,12 @@ class GitInterface(t.Protocol):
 
     def add_files(self, files: list[str]) -> bool: ...
 
+    def add_all_files(self) -> bool: ...
+
     def get_commit_message_suggestions(self, changed_files: list[str]) -> list[str]: ...
 
+    def get_unpushed_commit_count(self) -> int: ...
+
 
 @t.runtime_checkable
 class HookManager(t.Protocol):
@@ -99,6 +103,47 @@ class HookManager(t.Protocol):
     def get_hook_summary(self, results: t.Any) -> t.Any: ...
 
 
+@t.runtime_checkable
+class SecurityAwareHookManager(HookManager, t.Protocol):
+    """Security-aware hook manager that tracks security-critical failures."""
+
+    def get_security_critical_failures(self, results: list[t.Any]) -> list[t.Any]:
+        """Extract security-critical failures from hook results.
+
+        Args:
+            results: List of hook results from run_fast_hooks or run_comprehensive_hooks
+
+        Returns:
+            List of results that are security-critical and failed
+        """
+        ...
+
+    def has_security_critical_failures(self, results: list[t.Any]) -> bool:
+        """Check if any security-critical hooks failed.
+
+        Args:
+            results: List of hook results
+
+        Returns:
+            True if any CRITICAL security level hooks failed
+        """
+        ...
+
+    def get_security_audit_report(
+        self, fast_results: list[t.Any], comprehensive_results: list[t.Any]
+    ) -> dict[str, t.Any]:
+        """Generate security audit report for publishing decisions.
+
+        Args:
+            fast_results: Results from fast hooks
+            comprehensive_results: Results from comprehensive hooks
+
+        Returns:
+            Dict containing security status, failed critical checks, and recommendations
+        """
+        ...
+
+
 @t.runtime_checkable
 class TestManagerProtocol(t.Protocol):
     def run_tests(self, options: OptionsProtocol) -> bool: ...

crackerjack/security/__init__.py

@@ -0,0 +1 @@
+"""Security utilities for Crackerjack."""

crackerjack/security/audit.py

@@ -0,0 +1,212 @@
+"""Security audit utilities for secure SDLC practices."""
+
+import typing as t
+from dataclasses import dataclass
+from enum import Enum
+
+from crackerjack.config.hooks import SecurityLevel
+
+
+@dataclass
+class SecurityCheckResult:
+    """Result of a security check."""
+    
+    hook_name: str
+    security_level: SecurityLevel
+    passed: bool
+    error_message: str | None = None
+    details: dict[str, t.Any] | None = None
+
+
+@dataclass  
+class SecurityAuditReport:
+    """Comprehensive security audit report for publishing decisions."""
+    
+    critical_failures: list[SecurityCheckResult]
+    high_failures: list[SecurityCheckResult] 
+    medium_failures: list[SecurityCheckResult]
+    low_failures: list[SecurityCheckResult]
+    
+    allows_publishing: bool
+    security_warnings: list[str]
+    recommendations: list[str]
+    
+    @property
+    def has_critical_failures(self) -> bool:
+        """Check if there are any critical security failures."""
+        return len(self.critical_failures) > 0
+    
+    @property
+    def total_failures(self) -> int:
+        """Get total number of failed checks."""
+        return (
+            len(self.critical_failures) + 
+            len(self.high_failures) + 
+            len(self.medium_failures) + 
+            len(self.low_failures)
+        )
+
+
+class SecurityAuditor:
+    """Security auditor for hook results following OWASP secure SDLC practices."""
+    
+    # Security-critical hooks that CANNOT be bypassed for publishing
+    CRITICAL_HOOKS = {
+        'bandit': 'Security vulnerability detection (OWASP A09)',
+        'pyright': 'Type safety prevents runtime security holes (OWASP A04)', 
+        'gitleaks': 'Secret/credential detection (OWASP A07)',
+    }
+    
+    # High-importance security hooks that can be bypassed with warnings
+    HIGH_SECURITY_HOOKS = {
+        'validate-regex-patterns': 'Regex vulnerability detection',
+        'creosote': 'Dependency vulnerability analysis',
+        'check-added-large-files': 'Large file security analysis',
+        'uv-lock': 'Dependency lock security',
+    }
+    
+    def audit_hook_results(
+        self, 
+        fast_results: list[t.Any], 
+        comprehensive_results: list[t.Any]
+    ) -> SecurityAuditReport:
+        """Audit hook results and generate security report.
+        
+        Args:
+            fast_results: Results from fast hooks
+            comprehensive_results: Results from comprehensive hooks
+            
+        Returns:
+            SecurityAuditReport with security analysis
+        """
+        all_results = fast_results + comprehensive_results
+        
+        critical_failures = []
+        high_failures = []  
+        medium_failures = []
+        low_failures = []
+        
+        for result in all_results:
+            check_result = self._analyze_hook_result(result)
+            if not check_result.passed:
+                if check_result.security_level == SecurityLevel.CRITICAL:
+                    critical_failures.append(check_result)
+                elif check_result.security_level == SecurityLevel.HIGH:
+                    high_failures.append(check_result)
+                elif check_result.security_level == SecurityLevel.MEDIUM:
+                    medium_failures.append(check_result)
+                else:
+                    low_failures.append(check_result)
+        
+        # Publishing is allowed only if no critical failures exist
+        allows_publishing = len(critical_failures) == 0
+        
+        security_warnings = self._generate_security_warnings(
+            critical_failures, high_failures, medium_failures
+        )
+        
+        recommendations = self._generate_security_recommendations(
+            critical_failures, high_failures, medium_failures
+        )
+        
+        return SecurityAuditReport(
+            critical_failures=critical_failures,
+            high_failures=high_failures,
+            medium_failures=medium_failures,
+            low_failures=low_failures,
+            allows_publishing=allows_publishing,
+            security_warnings=security_warnings,
+            recommendations=recommendations,
+        )
+    
+    def _analyze_hook_result(self, result: t.Any) -> SecurityCheckResult:
+        """Analyze a single hook result for security implications."""
+        hook_name = getattr(result, 'name', 'unknown')
+        is_failed = getattr(result, 'status', 'unknown') in ('failed', 'error', 'timeout')
+        error_message = getattr(result, 'output', None) or getattr(result, 'error', None)
+        
+        # Determine security level
+        security_level = self._get_hook_security_level(hook_name)
+        
+        return SecurityCheckResult(
+            hook_name=hook_name,
+            security_level=security_level,
+            passed=not is_failed,
+            error_message=error_message,
+            details={'status': getattr(result, 'status', 'unknown')},
+        )
+    
+    def _get_hook_security_level(self, hook_name: str) -> SecurityLevel:
+        """Get security level for a hook name."""
+        hook_name_lower = hook_name.lower()
+        
+        if hook_name_lower in [name.lower() for name in self.CRITICAL_HOOKS]:
+            return SecurityLevel.CRITICAL
+        elif hook_name_lower in [name.lower() for name in self.HIGH_SECURITY_HOOKS]:
+            return SecurityLevel.HIGH
+        elif hook_name_lower in ['ruff-check', 'vulture', 'refurb', 'complexipy']:
+            return SecurityLevel.MEDIUM
+        else:
+            return SecurityLevel.LOW
+    
+    def _generate_security_warnings(
+        self, 
+        critical: list[SecurityCheckResult],
+        high: list[SecurityCheckResult], 
+        medium: list[SecurityCheckResult]
+    ) -> list[str]:
+        """Generate security warnings based on failed checks."""
+        warnings = []
+        
+        if critical:
+            warnings.append(
+                f"🔒 CRITICAL: {len(critical)} security-critical checks failed - publishing BLOCKED"
+            )
+            for failure in critical:
+                reason = self.CRITICAL_HOOKS.get(failure.hook_name.lower(), "Security-critical check")
+                warnings.append(f"   • {failure.hook_name}: {reason}")
+        
+        if high:
+            warnings.append(
+                f"⚠️ HIGH: {len(high)} high-security checks failed - review recommended"
+            )
+        
+        if medium:
+            warnings.append(
+                f"ℹ️ MEDIUM: {len(medium)} standard quality checks failed"
+            )
+        
+        return warnings
+    
+    def _generate_security_recommendations(
+        self,
+        critical: list[SecurityCheckResult],
+        high: list[SecurityCheckResult],
+        medium: list[SecurityCheckResult]
+    ) -> list[str]:
+        """Generate security recommendations based on OWASP best practices."""
+        recommendations = []
+        
+        if critical:
+            recommendations.append("🔧 Fix all CRITICAL security issues before publishing")
+            
+            # Specific recommendations based on failed checks
+            critical_names = [f.hook_name.lower() for f in critical]
+            
+            if 'bandit' in critical_names:
+                recommendations.append("   • Review bandit security findings - may indicate vulnerabilities")
+            if 'pyright' in critical_names:
+                recommendations.append("   • Fix type errors - type safety prevents runtime security holes")
+            if 'gitleaks' in critical_names:
+                recommendations.append("   • Remove secrets/credentials from code - use environment variables")
+        
+        if high:
+            recommendations.append("🔍 Review HIGH-security findings before production deployment")
+        
+        if len(critical) == 0 and len(high) == 0:
+            recommendations.append("✅ Security posture is acceptable for publishing")
+        
+        # Add OWASP best practices reference
+        recommendations.append("📖 Follow OWASP Secure Coding Practices for comprehensive security")
+        
+        return recommendations

crackerjack/services/git.py

@@ -113,6 +113,21 @@ class GitService:
             self.console.print(f"[red]❌[/ red] Error adding files: {e}")
             return False
 
+    def add_all_files(self) -> bool:
+        """Stage all changes including new, modified, and deleted files."""
+        try:
+            result = self._run_git_command(["add", "-A", "."])
+            if result.returncode == 0:
+                self.console.print("[green]✅[/ green] Staged all changes")
+                return True
+            self.console.print(
+                f"[red]❌[/ red] Failed to stage changes: {result.stderr}"
+            )
+            return False
+        except Exception as e:
+            self.console.print(f"[red]❌[/ red] Error staging files: {e}")
+            return False
+
     def commit(self, message: str) -> bool:
         try:
             result = self._run_git_command(["commit", "- m", message])
@@ -172,9 +187,10 @@ class GitService:
 
     def push(self) -> bool:
         try:
-            result = self._run_git_command(["push"])
+            # Get detailed push information
+            result = self._run_git_command(["push", "--porcelain"])
             if result.returncode == 0:
-                self.console.print("[green]✅[/ green] Pushed to remote")
+                self._display_push_success(result.stdout)
                 return True
             self.console.print(f"[red]❌[/ red] Push failed: {result.stderr}")
             return False
@@ -182,6 +198,66 @@ class GitService:
             self.console.print(f"[red]❌[/ red] Error pushing: {e}")
             return False
 
+    def _display_push_success(self, push_output: str) -> None:
+        """Display detailed push success information."""
+        lines = push_output.strip().split("\n") if push_output.strip() else []
+
+        if not lines:
+            self._display_no_commits_message()
+            return
+
+        pushed_refs = self._parse_pushed_refs(lines)
+        self._display_push_results(pushed_refs)
+
+    def _display_no_commits_message(self) -> None:
+        """Display message for no new commits."""
+        self.console.print("[green]✅[/ green] Pushed to remote (no new commits)")
+
+    def _parse_pushed_refs(self, lines: list[str]) -> list[str]:
+        """Parse pushed references from git output."""
+        pushed_refs = []
+        for line in lines:
+            if line.startswith(("*", "+", "=")):
+                # Parse porcelain output: flag:from:to summary
+                parts = line.split("\t")
+                if len(parts) >= 2:
+                    summary = parts[1] if len(parts) > 1 else ""
+                    pushed_refs.append(summary)
+        return pushed_refs
+
+    def _display_push_results(self, pushed_refs: list[str]) -> None:
+        """Display the push results to console."""
+        if pushed_refs:
+            self.console.print(
+                f"[green]✅[/ green] Successfully pushed {len(pushed_refs)} ref(s) to remote:"
+            )
+            for ref in pushed_refs:
+                self.console.print(f"  [dim]→ {ref}[/ dim]")
+        else:
+            # Get commit count as fallback
+            self._display_commit_count_push()
+
+    def _display_commit_count_push(self) -> None:
+        """Fallback method to show commit count information."""
+        try:
+            # Get commits ahead of remote
+            result = self._run_git_command(["rev-list", "--count", "@{u}..HEAD"])
+            if result.returncode == 0 and result.stdout.strip().isdigit():
+                commit_count = int(result.stdout.strip())
+                if commit_count > 0:
+                    self.console.print(
+                        f"[green]✅[/ green] Pushed {commit_count} commit(s) to remote"
+                    )
+                else:
+                    self.console.print(
+                        "[green]✅[/ green] Pushed to remote (up to date)"
+                    )
+            else:
+                # Even more basic fallback
+                self.console.print("[green]✅[/ green] Successfully pushed to remote")
+        except (ValueError, Exception):
+            self.console.print("[green]✅[/ green] Successfully pushed to remote")
+
     def get_current_branch(self) -> str | None:
         try:
             result = self._run_git_command(["branch", "- - show-current"])
@@ -244,3 +320,13 @@ class GitService:
             messages.append("Update README documentation")
 
         return messages
+
+    def get_unpushed_commit_count(self) -> int:
+        """Get the number of unpushed commits."""
+        from contextlib import suppress
+
+        with suppress(ValueError, Exception):
+            result = self._run_git_command(["rev-list", "--count", "@{u}..HEAD"])
+            if result.returncode == 0 and result.stdout.strip().isdigit():
+                return int(result.stdout.strip())
+        return 0

crackerjack/services/performance_benchmarks.py

@@ -181,12 +181,12 @@ class PerformanceBenchmarkService:
                         check=False,
                         capture_output=True,
                         text=True,
-                        timeout=120,
+                        timeout=300,  # Fixed: Use 300s to match pytest config
                     )
                     duration = time.time() - start_time
                     durations.append(duration)
                 except subprocess.TimeoutExpired:
-                    durations.append(120.0)
+                    durations.append(300.0)  # Fixed: Use 300s to match timeout
                 except Exception:
                     durations.append(float("inf"))
 

crackerjack/tools/validate_regex_patterns.py

@@ -44,6 +44,20 @@ ALLOWED_PATTERNS = {
     r"# REGEX OK:",  # Comment-based exemption
     # Validation in regex_patterns.py itself
     r"crackerjack/services/regex_patterns\.py$",
+    # Regex validation tools themselves
+    r"tools/validate_regex_patterns_standalone\.py$",
+    r"crackerjack/tools/validate_regex_patterns\.py$",
+    # Test files that legitimately test regex patterns
+    r"tests/test_.*\.py$",
+    # Core security and subprocess files that need regex for parsing
+    r"crackerjack/services/secure_subprocess\.py$",
+    r"crackerjack/mcp/tools/core_tools\.py$",
+    # Intelligence and workflow files with legitimate parsing needs
+    r"crackerjack/intelligence/agent_selector\.py$",
+    r"crackerjack/managers/test_.*\.py$",
+    r"crackerjack/core/async_workflow_orchestrator\.py$",
+    # Agent files that use validated patterns with dynamic escaping
+    r"crackerjack/agents/.*\.py$",
 }
 
 FORBIDDEN_REPLACEMENT_PATTERNS = [

{crackerjack-0.31.17.dist-info → crackerjack-0.32.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: crackerjack
-Version: 0.31.17
+Version: 0.32.0
 Summary: Opinionated Python project management tool
 Project-URL: documentation, https://github.com/lesleslie/crackerjack
 Project-URL: homepage, https://github.com/lesleslie/crackerjack