PyPI - crackerjack - Versions diffs - 0.33.0__py3-none-any.whl → 0.33.2__py3-none-any.whl - Mend

crackerjack 0.33.0py3-none-any.whl → 0.33.2py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of crackerjack might be problematic. Click here for more details.

Files changed (198) hide show

crackerjack/__main__.py +1350 -34
crackerjack/adapters/__init__.py +17 -0
crackerjack/adapters/lsp_client.py +358 -0
crackerjack/adapters/rust_tool_adapter.py +194 -0
crackerjack/adapters/rust_tool_manager.py +193 -0
crackerjack/adapters/skylos_adapter.py +231 -0
crackerjack/adapters/zuban_adapter.py +560 -0
crackerjack/agents/base.py +7 -3
crackerjack/agents/coordinator.py +271 -33
crackerjack/agents/documentation_agent.py +9 -15
crackerjack/agents/dry_agent.py +3 -15
crackerjack/agents/formatting_agent.py +1 -1
crackerjack/agents/import_optimization_agent.py +36 -180
crackerjack/agents/performance_agent.py +17 -98
crackerjack/agents/performance_helpers.py +7 -31
crackerjack/agents/proactive_agent.py +1 -3
crackerjack/agents/refactoring_agent.py +16 -85
crackerjack/agents/refactoring_helpers.py +7 -42
crackerjack/agents/security_agent.py +9 -48
crackerjack/agents/test_creation_agent.py +356 -513
crackerjack/agents/test_specialist_agent.py +0 -4
crackerjack/api.py +6 -25
crackerjack/cli/cache_handlers.py +204 -0
crackerjack/cli/cache_handlers_enhanced.py +683 -0
crackerjack/cli/facade.py +100 -0
crackerjack/cli/handlers.py +224 -9
crackerjack/cli/interactive.py +6 -4
crackerjack/cli/options.py +642 -55
crackerjack/cli/utils.py +2 -1
crackerjack/code_cleaner.py +58 -117
crackerjack/config/global_lock_config.py +8 -48
crackerjack/config/hooks.py +53 -62
crackerjack/core/async_workflow_orchestrator.py +24 -34
crackerjack/core/autofix_coordinator.py +3 -17
crackerjack/core/enhanced_container.py +4 -13
crackerjack/core/file_lifecycle.py +12 -89
crackerjack/core/performance.py +2 -2
crackerjack/core/performance_monitor.py +15 -55
crackerjack/core/phase_coordinator.py +104 -204
crackerjack/core/resource_manager.py +14 -90
crackerjack/core/service_watchdog.py +62 -95
crackerjack/core/session_coordinator.py +149 -0
crackerjack/core/timeout_manager.py +14 -72
crackerjack/core/websocket_lifecycle.py +13 -78
crackerjack/core/workflow_orchestrator.py +171 -174
crackerjack/docs/INDEX.md +11 -0
crackerjack/docs/generated/api/API_REFERENCE.md +10895 -0
crackerjack/docs/generated/api/CLI_REFERENCE.md +109 -0
crackerjack/docs/generated/api/CROSS_REFERENCES.md +1755 -0
crackerjack/docs/generated/api/PROTOCOLS.md +3 -0
crackerjack/docs/generated/api/SERVICES.md +1252 -0
crackerjack/documentation/__init__.py +31 -0
crackerjack/documentation/ai_templates.py +756 -0
crackerjack/documentation/dual_output_generator.py +765 -0
crackerjack/documentation/mkdocs_integration.py +518 -0
crackerjack/documentation/reference_generator.py +977 -0
crackerjack/dynamic_config.py +55 -50
crackerjack/executors/async_hook_executor.py +10 -15
crackerjack/executors/cached_hook_executor.py +117 -43
crackerjack/executors/hook_executor.py +8 -34
crackerjack/executors/hook_lock_manager.py +26 -183
crackerjack/executors/individual_hook_executor.py +13 -11
crackerjack/executors/lsp_aware_hook_executor.py +270 -0
crackerjack/executors/tool_proxy.py +417 -0
crackerjack/hooks/lsp_hook.py +79 -0
crackerjack/intelligence/adaptive_learning.py +25 -10
crackerjack/intelligence/agent_orchestrator.py +2 -5
crackerjack/intelligence/agent_registry.py +34 -24
crackerjack/intelligence/agent_selector.py +5 -7
crackerjack/interactive.py +17 -6
crackerjack/managers/async_hook_manager.py +0 -1
crackerjack/managers/hook_manager.py +79 -1
crackerjack/managers/publish_manager.py +44 -8
crackerjack/managers/test_command_builder.py +1 -15
crackerjack/managers/test_executor.py +1 -3
crackerjack/managers/test_manager.py +98 -7
crackerjack/managers/test_manager_backup.py +10 -9
crackerjack/mcp/cache.py +2 -2
crackerjack/mcp/client_runner.py +1 -1
crackerjack/mcp/context.py +191 -68
crackerjack/mcp/dashboard.py +7 -5
crackerjack/mcp/enhanced_progress_monitor.py +31 -28
crackerjack/mcp/file_monitor.py +30 -23
crackerjack/mcp/progress_components.py +31 -21
crackerjack/mcp/progress_monitor.py +50 -53
crackerjack/mcp/rate_limiter.py +6 -6
crackerjack/mcp/server_core.py +17 -16
crackerjack/mcp/service_watchdog.py +2 -1
crackerjack/mcp/state.py +4 -7
crackerjack/mcp/task_manager.py +11 -9
crackerjack/mcp/tools/core_tools.py +173 -32
crackerjack/mcp/tools/error_analyzer.py +3 -2
crackerjack/mcp/tools/execution_tools.py +8 -10
crackerjack/mcp/tools/execution_tools_backup.py +42 -30
crackerjack/mcp/tools/intelligence_tool_registry.py +7 -5
crackerjack/mcp/tools/intelligence_tools.py +5 -2
crackerjack/mcp/tools/monitoring_tools.py +33 -70
crackerjack/mcp/tools/proactive_tools.py +24 -11
crackerjack/mcp/tools/progress_tools.py +5 -8
crackerjack/mcp/tools/utility_tools.py +20 -14
crackerjack/mcp/tools/workflow_executor.py +62 -40
crackerjack/mcp/websocket/app.py +8 -0
crackerjack/mcp/websocket/endpoints.py +352 -357
crackerjack/mcp/websocket/jobs.py +40 -57
crackerjack/mcp/websocket/monitoring_endpoints.py +2935 -0
crackerjack/mcp/websocket/server.py +7 -25
crackerjack/mcp/websocket/websocket_handler.py +6 -17
crackerjack/mixins/__init__.py +0 -2
crackerjack/mixins/error_handling.py +1 -70
crackerjack/models/config.py +12 -1
crackerjack/models/config_adapter.py +49 -1
crackerjack/models/protocols.py +122 -122
crackerjack/models/resource_protocols.py +55 -210
crackerjack/monitoring/ai_agent_watchdog.py +13 -13
crackerjack/monitoring/metrics_collector.py +426 -0
crackerjack/monitoring/regression_prevention.py +8 -8
crackerjack/monitoring/websocket_server.py +643 -0
crackerjack/orchestration/advanced_orchestrator.py +11 -6
crackerjack/orchestration/coverage_improvement.py +3 -3
crackerjack/orchestration/execution_strategies.py +26 -6
crackerjack/orchestration/test_progress_streamer.py +8 -5
crackerjack/plugins/base.py +2 -2
crackerjack/plugins/hooks.py +7 -0
crackerjack/plugins/managers.py +11 -8
crackerjack/security/__init__.py +0 -1
crackerjack/security/audit.py +6 -35
crackerjack/services/anomaly_detector.py +392 -0
crackerjack/services/api_extractor.py +615 -0
crackerjack/services/backup_service.py +2 -2
crackerjack/services/bounded_status_operations.py +15 -152
crackerjack/services/cache.py +127 -1
crackerjack/services/changelog_automation.py +395 -0
crackerjack/services/config.py +15 -9
crackerjack/services/config_merge.py +19 -80
crackerjack/services/config_template.py +506 -0
crackerjack/services/contextual_ai_assistant.py +48 -22
crackerjack/services/coverage_badge_service.py +171 -0
crackerjack/services/coverage_ratchet.py +27 -25
crackerjack/services/debug.py +3 -3
crackerjack/services/dependency_analyzer.py +460 -0
crackerjack/services/dependency_monitor.py +14 -11
crackerjack/services/documentation_generator.py +491 -0
crackerjack/services/documentation_service.py +675 -0
crackerjack/services/enhanced_filesystem.py +6 -5
crackerjack/services/enterprise_optimizer.py +865 -0
crackerjack/services/error_pattern_analyzer.py +676 -0
crackerjack/services/file_hasher.py +1 -1
crackerjack/services/git.py +8 -25
crackerjack/services/health_metrics.py +10 -8
crackerjack/services/heatmap_generator.py +735 -0
crackerjack/services/initialization.py +11 -30
crackerjack/services/input_validator.py +5 -97
crackerjack/services/intelligent_commit.py +327 -0
crackerjack/services/log_manager.py +15 -12
crackerjack/services/logging.py +4 -3
crackerjack/services/lsp_client.py +628 -0
crackerjack/services/memory_optimizer.py +19 -87
crackerjack/services/metrics.py +42 -33
crackerjack/services/parallel_executor.py +9 -67
crackerjack/services/pattern_cache.py +1 -1
crackerjack/services/pattern_detector.py +6 -6
crackerjack/services/performance_benchmarks.py +18 -59
crackerjack/services/performance_cache.py +20 -81
crackerjack/services/performance_monitor.py +27 -95
crackerjack/services/predictive_analytics.py +510 -0
crackerjack/services/quality_baseline.py +234 -0
crackerjack/services/quality_baseline_enhanced.py +646 -0
crackerjack/services/quality_intelligence.py +785 -0
crackerjack/services/regex_patterns.py +618 -524
crackerjack/services/regex_utils.py +43 -123
crackerjack/services/secure_path_utils.py +5 -164
crackerjack/services/secure_status_formatter.py +30 -141
crackerjack/services/secure_subprocess.py +11 -92
crackerjack/services/security.py +9 -41
crackerjack/services/security_logger.py +12 -24
crackerjack/services/server_manager.py +124 -16
crackerjack/services/status_authentication.py +16 -159
crackerjack/services/status_security_manager.py +4 -131
crackerjack/services/thread_safe_status_collector.py +19 -125
crackerjack/services/unified_config.py +21 -13
crackerjack/services/validation_rate_limiter.py +5 -54
crackerjack/services/version_analyzer.py +459 -0
crackerjack/services/version_checker.py +1 -1
crackerjack/services/websocket_resource_limiter.py +10 -144
crackerjack/services/zuban_lsp_service.py +390 -0
crackerjack/slash_commands/__init__.py +2 -7
crackerjack/slash_commands/run.md +2 -2
crackerjack/tools/validate_input_validator_patterns.py +14 -40
crackerjack/tools/validate_regex_patterns.py +19 -48
{crackerjack-0.33.0.dist-info → crackerjack-0.33.2.dist-info}/METADATA +196 -25
crackerjack-0.33.2.dist-info/RECORD +229 -0
crackerjack/CLAUDE.md +0 -207
crackerjack/RULES.md +0 -380
crackerjack/py313.py +0 -234
crackerjack-0.33.0.dist-info/RECORD +0 -187
{crackerjack-0.33.0.dist-info → crackerjack-0.33.2.dist-info}/WHEEL +0 -0
{crackerjack-0.33.0.dist-info → crackerjack-0.33.2.dist-info}/entry_points.txt +0 -0
{crackerjack-0.33.0.dist-info → crackerjack-0.33.2.dist-info}/licenses/LICENSE +0 -0

crackerjack/services/secure_subprocess.py CHANGED Viewed

@@ -1,10 +1,3 @@
-"""
-Secure subprocess execution with environment sanitization and command validation.
-This module provides production-ready security for all subprocess operations in Crackerjack,
-implementing comprehensive validation, sanitization, and logging to prevent injection attacks.
-"""
 import os
 import re
 import subprocess
@@ -16,26 +9,18 @@ from .security_logger import SecurityEventLevel, SecurityEventType, get_security
 class SecurityError(Exception):
-    """Raised when a security violation is detected."""
     pass
 class CommandValidationError(SecurityError):
-    """Raised when command validation fails."""
     pass
 class EnvironmentValidationError(SecurityError):
-    """Raised when environment validation fails."""
     pass
 class SubprocessSecurityConfig:
-    """Configuration for secure subprocess execution."""
     def __init__(
         self,
         max_command_length: int = 10000,
@@ -44,7 +29,7 @@ class SubprocessSecurityConfig:
         max_env_vars: int = 1000,
         allowed_executables: set[str] | None = None,
         blocked_executables: set[str] | None = None,
-        max_timeout: float = 3600,  # 1 hour max
+        max_timeout: float = 3600,
         enable_path_validation: bool = True,
         enable_command_logging: bool = True,
     ):
@@ -92,24 +77,20 @@ class SubprocessSecurityConfig:
 class SecureSubprocessExecutor:
-    """Secure subprocess executor with comprehensive validation and logging."""
     def __init__(self, config: SubprocessSecurityConfig | None = None):
         self.config = config or SubprocessSecurityConfig()
         self.security_logger = get_security_logger()
-        # Dangerous patterns for command injection detection
         self.dangerous_patterns = [
-            r"[;&|`$(){}[\]<>*?~]",  # Shell metacharacters
-            r"\.\./",  # Path traversal
-            r"\$\{.*\}",  # Variable expansion
-            r"`.*`",  # Command substitution
-            r"\$\(.*\)",  # Command substitution
-            r">\s*/",  # Redirect to system paths
-            r"<\s*/",  # Redirect from system paths
+            r"[;&|`$(){}[\]<>*?~]",
+            r"\.\./",
+            r"\$\{.*\}",
+            r"`.*`",
+            r"\$\(.*\)",
+            r">\s*/",
+            r"<\s*/",
         ]
-        # Environment variables that should never be passed through
         self.dangerous_env_vars = {
             "LD_PRELOAD",
             "DYLD_INSERT_LIBRARIES",
@@ -125,7 +106,6 @@ class SecureSubprocessExecutor:
             "BASHOPTS",
         }
-        # Minimal safe environment variables
         self.safe_env_vars = {
             "HOME",
             "USER",
@@ -152,28 +132,6 @@ class SecureSubprocessExecutor:
         check: bool = False,
         **kwargs: t.Any,
     ) -> subprocess.CompletedProcess[str]:
-        """
-        Execute a subprocess with comprehensive security validation.
-        Args:
-            command: Command and arguments as list
-            cwd: Working directory (validated for path traversal)
-            env: Environment variables (will be sanitized)
-            timeout: Maximum execution time
-            input_data: Input to pass to subprocess
-            capture_output: Whether to capture stdout/stderr
-            text: Whether to use text mode
-            check: Whether to raise on non-zero exit
-            **kwargs: Additional subprocess.run arguments
-        Returns:
-            CompletedProcess result
-        Raises:
-            SecurityError: If security validation fails
-            CommandValidationError: If command validation fails
-            EnvironmentValidationError: If environment validation fails
-        """
         start_time = time.time()
         try:
@@ -215,16 +173,12 @@ class SecureSubprocessExecutor:
         kwargs: dict[str, t.Any],
         start_time: float,
     ) -> subprocess.CompletedProcess[str]:
-        """Execute subprocess with validation and logging."""
-        # Validate and sanitize all inputs
         execution_params = self._prepare_execution_params(command, cwd, env, timeout)
-        # Log and execute subprocess
         result = self._execute_subprocess(
             execution_params, input_data, capture_output, text, check, kwargs
         )
-        # Log success
         self._log_successful_execution(execution_params, result, start_time)
         return result
@@ -235,7 +189,6 @@ class SecureSubprocessExecutor:
         env: dict[str, str] | None,
         timeout: float | None,
     ) -> dict[str, t.Any]:
-        """Prepare and validate all execution parameters."""
         return {
             "command": self._validate_command(command),
             "cwd": self._validate_cwd(cwd),
@@ -252,7 +205,6 @@ class SecureSubprocessExecutor:
         check: bool,
         kwargs: dict[str, t.Any],
     ) -> subprocess.CompletedProcess[str]:
-        """Execute subprocess with validated parameters."""
         if self.config.enable_command_logging:
             self.security_logger.log_subprocess_execution(
                 command=params["command"],
@@ -279,13 +231,12 @@ class SecureSubprocessExecutor:
         result: subprocess.CompletedProcess[str],
         start_time: float,
     ) -> None:
-        """Log successful subprocess execution."""
         execution_time = time.time() - start_time
         if self.config.enable_command_logging:
             self.security_logger.log_security_event(
                 SecurityEventType.SUBPROCESS_EXECUTION,
                 SecurityEventLevel.LOW,
-                f"Subprocess completed successfully in {execution_time:.2f}s",
+                f"Subprocess completed successfully in {execution_time: .2f}s",
                 command_preview=params["command"][:3],
                 execution_time=execution_time,
                 exit_code=result.returncode,
@@ -294,7 +245,6 @@ class SecureSubprocessExecutor:
     def _handle_timeout_error(
         self, command: list[str], timeout: float | None, start_time: float
     ) -> None:
-        """Handle subprocess timeout errors."""
         execution_time = time.time() - start_time
         self.security_logger.log_subprocess_timeout(
             command=command,
@@ -305,7 +255,6 @@ class SecureSubprocessExecutor:
     def _handle_process_error(
         self, command: list[str], error: subprocess.CalledProcessError
     ) -> None:
-        """Handle subprocess called process errors."""
         self.security_logger.log_subprocess_failure(
             command=command,
             exit_code=error.returncode,
@@ -313,7 +262,6 @@ class SecureSubprocessExecutor:
         )
     def _handle_unexpected_error(self, command: list[str], error: Exception) -> None:
-        """Handle unexpected subprocess errors."""
         self.security_logger.log_security_event(
             SecurityEventType.SUBPROCESS_FAILURE,
             SecurityEventLevel.HIGH,
@@ -324,7 +272,6 @@ class SecureSubprocessExecutor:
         )
     def _validate_command(self, command: list[str]) -> list[str]:
-        """Validate command arguments for security issues."""
         self._validate_command_structure(command)
         validated_command, issues = self._validate_command_arguments(command)
@@ -334,11 +281,9 @@ class SecureSubprocessExecutor:
         return validated_command
     def _validate_command_structure(self, command: list[str]) -> None:
-        """Validate basic command structure."""
         if not command:
             raise CommandValidationError("Command cannot be empty")
-        # Check overall command length
         total_length = sum(len(arg) for arg in command)
         if total_length > self.config.max_command_length:
             raise CommandValidationError(
@@ -348,19 +293,16 @@ class SecureSubprocessExecutor:
     def _validate_command_arguments(
         self, command: list[str]
     ) -> tuple[list[str], list[str]]:
-        """Validate individual command arguments."""
         validated_command = []
         issues = []
         for i, arg in enumerate(command):
-            # Check argument length
             if len(arg) > self.config.max_arg_length:
                 issues.append(
                     f"Argument {i} too long: {len(arg)} > {self.config.max_arg_length}"
                 )
                 continue
-            # Check for injection patterns
             if self._has_dangerous_patterns(arg, i, issues):
                 continue
@@ -369,7 +311,6 @@ class SecureSubprocessExecutor:
         return validated_command, issues
     def _has_dangerous_patterns(self, arg: str, index: int, issues: list[str]) -> bool:
-        """Check if argument has dangerous patterns."""
         for pattern in self.dangerous_patterns:
             if re.search(pattern, arg):
                 issues.append(
@@ -381,7 +322,6 @@ class SecureSubprocessExecutor:
     def _validate_executable_permissions(
         self, validated_command: list[str], issues: list[str]
     ) -> None:
-        """Validate executable allowlist/blocklist."""
         if not validated_command:
             return
@@ -397,7 +337,6 @@ class SecureSubprocessExecutor:
             issues.append(f"Executable '{executable}' is blocked")
     def _handle_validation_results(self, command: list[str], issues: list[str]) -> None:
-        """Handle validation results and logging."""
         validation_passed = len(issues) == 0
         if self.config.enable_command_logging:
             self.security_logger.log_subprocess_command_validation(
@@ -407,7 +346,6 @@ class SecureSubprocessExecutor:
             )
         if issues:
-            # Block dangerous commands
             self.security_logger.log_dangerous_command_blocked(
                 command=command,
                 reason="Command validation failed",
@@ -418,7 +356,6 @@ class SecureSubprocessExecutor:
             )
     def _validate_cwd(self, cwd: Path | str | None) -> Path | None:
-        """Validate working directory for path traversal."""
         if cwd is None:
             return None
@@ -428,10 +365,8 @@ class SecureSubprocessExecutor:
         cwd_path = Path(cwd) if isinstance(cwd, str) else cwd
         try:
-            # Resolve to absolute path and check for traversal
             resolved_path = cwd_path.resolve()
-            # Check for dangerous path components
             path_str = str(resolved_path)
             if ".." in path_str or path_str.startswith(
                 ("/etc", "/usr/bin", "/bin", "/sbin")
@@ -448,13 +383,12 @@ class SecureSubprocessExecutor:
             raise CommandValidationError(f"Invalid working directory '{cwd}': {e}")
     def _sanitize_environment(self, env: dict[str, str] | None) -> dict[str, str]:
-        """Sanitize environment variables."""
         if env is None:
             env = os.environ.copy()
         self._validate_environment_size(env)
-        filtered_vars = []
+        filtered_vars: list[str] = []
         sanitized_env = self._filter_environment_variables(env, filtered_vars)
         self._add_safe_environment_variables(sanitized_env)
@@ -463,7 +397,6 @@ class SecureSubprocessExecutor:
         return sanitized_env
     def _validate_environment_size(self, env: dict[str, str]) -> None:
-        """Validate environment variable count limits."""
         if len(env) > self.config.max_env_vars:
             self.security_logger.log_security_event(
                 SecurityEventType.INPUT_SIZE_EXCEEDED,
@@ -479,7 +412,6 @@ class SecureSubprocessExecutor:
     def _filter_environment_variables(
         self, env: dict[str, str], filtered_vars: list[str]
     ) -> dict[str, str]:
-        """Filter environment variables for security."""
         sanitized_env = {}
         for key, value in env.items():
@@ -499,7 +431,6 @@ class SecureSubprocessExecutor:
     def _is_dangerous_environment_key(
         self, key: str, value: str, filtered_vars: list[str]
     ) -> bool:
-        """Check if environment key is dangerous."""
         if key in self.dangerous_env_vars:
             filtered_vars.append(key)
             self.security_logger.log_environment_variable_filtered(
@@ -513,7 +444,6 @@ class SecureSubprocessExecutor:
     def _is_environment_value_too_long(
         self, key: str, value: str, filtered_vars: list[str]
     ) -> bool:
-        """Check if environment value exceeds length limits."""
         if len(value) > self.config.max_env_var_length:
             filtered_vars.append(key)
             self.security_logger.log_environment_variable_filtered(
@@ -527,8 +457,7 @@ class SecureSubprocessExecutor:
     def _has_environment_injection(
         self, key: str, value: str, filtered_vars: list[str]
     ) -> bool:
-        """Check if environment value has injection patterns."""
-        for pattern in self.dangerous_patterns[:3]:  # Check first 3 most dangerous
+        for pattern in self.dangerous_patterns[:3]:
             if re.search(pattern, value):
                 filtered_vars.append(key)
                 self.security_logger.log_environment_variable_filtered(
@@ -540,7 +469,6 @@ class SecureSubprocessExecutor:
         return False
     def _add_safe_environment_variables(self, sanitized_env: dict[str, str]) -> None:
-        """Add essential safe environment variables."""
         for safe_var in self.safe_env_vars:
             if safe_var not in sanitized_env and safe_var in os.environ:
                 sanitized_env[safe_var] = os.environ[safe_var]
@@ -548,7 +476,6 @@ class SecureSubprocessExecutor:
     def _log_environment_sanitization(
         self, original_count: int, sanitized_count: int, filtered_vars: list[str]
     ) -> None:
-        """Log environment sanitization results."""
         if self.config.enable_command_logging:
             self.security_logger.log_subprocess_environment_sanitized(
                 original_count=original_count,
@@ -557,7 +484,6 @@ class SecureSubprocessExecutor:
             )
     def _validate_timeout(self, timeout: float | None) -> float | None:
-        """Validate timeout value."""
         if timeout is None:
             return None
@@ -579,14 +505,12 @@ class SecureSubprocessExecutor:
         return timeout
-# Global secure executor instance
 _global_executor: SecureSubprocessExecutor | None = None
 def get_secure_executor(
     config: SubprocessSecurityConfig | None = None,
 ) -> SecureSubprocessExecutor:
-    """Get the global secure subprocess executor."""
     global _global_executor
     if _global_executor is None:
         _global_executor = SecureSubprocessExecutor(config)
@@ -597,9 +521,4 @@ def execute_secure_subprocess(
     command: list[str],
     **kwargs: t.Any,
 ) -> subprocess.CompletedProcess[str]:
-    """
-    Convenience function for secure subprocess execution.
-    This is the recommended way to execute subprocesses in Crackerjack.
-    """
     return get_secure_executor().execute_secure(command, **kwargs)

crackerjack/services/security.py CHANGED Viewed

@@ -9,7 +9,6 @@ from crackerjack.services.regex_patterns import SAFE_PATTERNS
 class SecurityService:
-    # Security token masking patterns - now using validated patterns from regex_patterns.py
     TOKEN_PATTERN_NAMES = [
         "mask_pypi_token",
         "mask_github_token",
@@ -29,31 +28,16 @@ class SecurityService:
     }
     def mask_tokens(self, text: str) -> str:
-        """
-        Mask sensitive tokens in text using validated regex patterns.
-        This method applies security token masking patterns to hide:
-        - PyPI authentication tokens (pypi-*)
-        - GitHub personal access tokens (ghp_*)
-        - Generic long tokens (32+ characters)
-        - Token assignments (token="value")
-        - Password assignments (password="value")
-        - Environment variable values
-        Returns masked text with sensitive data replaced by "**** or similar.
-        """
         if not text:
             return text
         masked_text = text
-        # Apply validated token masking patterns
         for pattern_name in self.TOKEN_PATTERN_NAMES:
             if pattern_name in SAFE_PATTERNS:
                 pattern = SAFE_PATTERNS[pattern_name]
                 masked_text = pattern.apply(masked_text)
-        # Also mask sensitive environment variable values
         for env_var in self.SENSITIVE_ENV_VARS:
             value = os.getenv(env_var)
             if value and len(value) > 8:
@@ -97,7 +81,7 @@ class SecurityService:
                 with suppress(OSError):
                     temp_file.unlink()
                 raise FileError(
-                    message="Failed to set secure file permissions",
+                    message="Failed to set[t.Any] secure file permissions",
                     details=str(e),
                     recovery="Check file system permissions and try again",
                 ) from e
@@ -148,30 +132,17 @@ class SecurityService:
         return env_summary
     def validate_token_format(self, token: str, token_type: str | None = None) -> bool:
-        """
-        Validate token format for known token types.
-        Args:
-            token: The token string to validate
-            token_type: Optional token type ("pypi", "github", or None)
-        Returns:
-            True if the token appears to be valid for the specified type
-        """
         if not token:
             return False
         if len(token) < 8:
             return False
         if token_type and token_type.lower() == "pypi":
-            # PyPI tokens start with "pypi-" (not "pypi -" which was a typo)
             return token.startswith("pypi-") and len(token) >= 16
         if token_type and token_type.lower() == "github":
-            # GitHub personal access tokens: ghp_ + 36 chars = 40 total
             return token.startswith("ghp_") and len(token) == 40
-        # Generic validation for unknown token types
         return len(token) >= 16 and not token.isspace()
     def create_secure_command_env(
@@ -201,13 +172,12 @@ class SecurityService:
         return secure_env
     def validate_file_safety(self, path: str | Path) -> bool:
-        """Protocol method: Validate file safety."""
         try:
             file_path = Path(path)
-            # Check if path exists and is safe
             if not file_path.exists():
                 return False
-            # Basic safety checks
             if file_path.is_symlink():
                 return False
             return True
@@ -215,13 +185,12 @@ class SecurityService:
             return False
     def check_hardcoded_secrets(self, content: str) -> list[dict[str, t.Any]]:
-        """Protocol method: Check for hardcoded secrets."""
         secrets = []
-        # Basic patterns for common secrets
         patterns = {
-            "api_key": r'api[_-]?key["\s]*[:=]["\s]*([a-zA-Z0-9_-]{20,})',
-            "password": r'password["\s]*[:=]["\s]*([^\s"]{8,})',
-            "token": r'token["\s]*[:=]["\s]*([a-zA-Z0-9_-]{20,})',
+            "api_key": r'api[_-]?key["\s]*[: =]["\s]*([a-zA-Z0-9_-]{20, })',
+            "password": r'password["\s]*[: =]["\s]*([^\s"]{8, })',
+            "token": r'token["\s]*[: =]["\s]*([a-zA-Z0-9_-]{20, })',
         }
         import re
@@ -232,14 +201,13 @@ class SecurityService:
                 secrets.append(
                     {
                         "type": secret_type,
-                        "value": match.group(1)[:10] + "...",  # Truncated for safety
+                        "value": match.group(1)[:10] + "...",
                         "line": content[: match.start()].count("\n") + 1,
                     }
                 )
         return secrets
     def is_safe_subprocess_call(self, cmd: list[str]) -> bool:
-        """Protocol method: Check if subprocess call is safe."""
         if not cmd:
             return False
@@ -259,5 +227,5 @@ class SecurityService:
             "netcat",
         }
-        command = cmd[0].split("/")[-1]  # Get base command name
+        command = cmd[0].split("/")[-1]
         return command not in dangerous_commands

crackerjack/services/security_logger.py CHANGED Viewed

@@ -37,7 +37,7 @@ class SecurityEventType(str, Enum):
     STATUS_ACCESS_ATTEMPT = "status_access_attempt"
     SENSITIVE_DATA_SANITIZED = "sensitive_data_sanitized"
     STATUS_INFORMATION_DISCLOSURE = "status_information_disclosure"
-    # Authentication and authorization events
     ACCESS_DENIED = "access_denied"
     API_KEY_CREATED = "api_key_created"
     API_KEY_REVOKED = "api_key_revoked"
@@ -46,40 +46,40 @@ class SecurityEventType(str, Enum):
     AUTH_SUCCESS = "auth_success"
     LOCAL_ACCESS_GRANTED = "local_access_granted"
     INSUFFICIENT_PRIVILEGES = "insufficient_privileges"
-    # Circuit breaker and resilience events
     CIRCUIT_BREAKER_CLOSED = "circuit_breaker_closed"
     CIRCUIT_BREAKER_HALF_OPEN = "circuit_breaker_half_open"
     CIRCUIT_BREAKER_OPEN = "circuit_breaker_open"
     CIRCUIT_BREAKER_RESET = "circuit_breaker_reset"
-    # Collection and data processing events
     COLLECTION_END = "collection_end"
     COLLECTION_ERROR = "collection_error"
     COLLECTION_START = "collection_start"
     STATUS_COLLECTED = "status_collected"
     FILE_READ_ERROR = "file_read_error"
-    # Connection and network events
     CONNECTION_CLOSED = "connection_closed"
     CONNECTION_ESTABLISHED = "connection_established"
     CONNECTION_IDLE = "connection_idle"
     CONNECTION_TIMEOUT = "connection_timeout"
-    # Request lifecycle events
     REQUEST_END = "request_end"
     REQUEST_START = "request_start"
     REQUEST_TIMEOUT = "request_timeout"
-    # Resource and operation management events
     RESOURCE_CLEANUP = "resource_cleanup"
     RESOURCE_EXHAUSTED = "resource_exhausted"
     RESOURCE_LIMIT_EXCEEDED = "resource_limit_exceeded"
     SERVICE_CLEANUP = "service_cleanup"
     SERVICE_START = "service_start"
     SERVICE_STOP = "service_stop"
-    # Operation monitoring events
     MONITORING_ERROR = "monitoring_error"
     OPERATION_DURATION_EXCEEDED = "operation_duration_exceeded"
     OPERATION_FAILURE = "operation_failure"
     OPERATION_SUCCESS = "operation_success"
     OPERATION_TIMEOUT = "operation_timeout"
-    # Input validation events
     INVALID_INPUT = "invalid_input"
@@ -127,13 +127,11 @@ class SecurityLogger:
         if not self.logger.handlers:
             console_handler = logging.StreamHandler()
-            # Only show security logs in debug modes
             debug_enabled = os.environ.get("CRACKERJACK_DEBUG", "0") == "1"
             if debug_enabled:
                 console_handler.setLevel(logging.WARNING)
             else:
-                # In non-debug mode, suppress detailed security logs
-                console_handler.setLevel(logging.CRITICAL + 1)  # Effectively disable
+                console_handler.setLevel(logging.CRITICAL + 1)
             formatter = logging.Formatter(
                 "%(asctime)s - SECURITY - %(levelname)s-%(message)s"
@@ -304,12 +302,11 @@ class SecurityLogger:
         env_vars_count: int = 0,
         **kwargs: t.Any,
     ) -> None:
-        """Log secure subprocess execution."""
         self.log_security_event(
             SecurityEventType.SUBPROCESS_EXECUTION,
             SecurityEventLevel.LOW,
             f"Subprocess executed: {' '.join(command[:3])}{'...' if len(command) > 3 else ''}",
-            command=command[:10],  # Log first 10 args only
+            command=command[:10],
             cwd=cwd,
             env_vars_count=env_vars_count,
             **kwargs,
@@ -322,14 +319,13 @@ class SecurityLogger:
         filtered_vars: list[str],
         **kwargs: t.Any,
     ) -> None:
-        """Log environment sanitization for subprocess."""
         self.log_security_event(
             SecurityEventType.SUBPROCESS_ENVIRONMENT_SANITIZED,
             SecurityEventLevel.LOW,
             f"Environment sanitized: {original_count} -> {sanitized_count} vars",
             original_count=original_count,
             sanitized_count=sanitized_count,
-            filtered_vars=filtered_vars[:20],  # Log first 20 filtered vars
+            filtered_vars=filtered_vars[:20],
             **kwargs,
         )
@@ -340,7 +336,6 @@ class SecurityLogger:
         issues: list[str] | None = None,
         **kwargs: t.Any,
     ) -> None:
-        """Log subprocess command validation results."""
         level = SecurityEventLevel.LOW if validation_result else SecurityEventLevel.HIGH
         status = "passed" if validation_result else "failed"
@@ -361,7 +356,6 @@ class SecurityLogger:
         actual_duration: float,
         **kwargs: t.Any,
     ) -> None:
-        """Log subprocess timeout events."""
         self.log_security_event(
             SecurityEventType.SUBPROCESS_TIMEOUT,
             SecurityEventLevel.MEDIUM,
@@ -375,14 +369,13 @@ class SecurityLogger:
     def log_subprocess_failure(
         self, command: list[str], exit_code: int, error_output: str, **kwargs: t.Any
     ) -> None:
-        """Log subprocess execution failures."""
         self.log_security_event(
             SecurityEventType.SUBPROCESS_FAILURE,
             SecurityEventLevel.MEDIUM,
             f"Subprocess failed (exit code {exit_code}): {' '.join(command[:2])}{'...' if len(command) > 2 else ''}",
             command_preview=command[:3],
             exit_code=exit_code,
-            error_preview=error_output[:200],  # Log first 200 chars of error
+            error_preview=error_output[:200],
             **kwargs,
         )
@@ -393,7 +386,6 @@ class SecurityLogger:
         dangerous_patterns: list[str],
         **kwargs: t.Any,
     ) -> None:
-        """Log blocking of dangerous commands."""
         self.log_security_event(
             SecurityEventType.DANGEROUS_COMMAND_BLOCKED,
             SecurityEventLevel.CRITICAL,
@@ -411,7 +403,6 @@ class SecurityLogger:
         value_preview: str | None = None,
         **kwargs: t.Any,
     ) -> None:
-        """Log filtering of environment variables."""
         self.log_security_event(
             SecurityEventType.ENVIRONMENT_VARIABLE_FILTERED,
             SecurityEventLevel.LOW,
@@ -430,7 +421,6 @@ class SecurityLogger:
         data_keys: list[str] | None = None,
         **kwargs: t.Any,
     ) -> None:
-        """Log status endpoint access attempts."""
         self.log_security_event(
             SecurityEventType.STATUS_ACCESS_ATTEMPT,
             SecurityEventLevel.LOW,
@@ -450,7 +440,6 @@ class SecurityLogger:
         patterns_matched: list[str] | None = None,
         **kwargs: t.Any,
     ) -> None:
-        """Log sensitive data sanitization events."""
         self.log_security_event(
             SecurityEventType.SENSITIVE_DATA_SANITIZED,
             SecurityEventLevel.LOW,
@@ -470,7 +459,6 @@ class SecurityLogger:
         severity: str = "medium",
         **kwargs: t.Any,
     ) -> None:
-        """Log potential information disclosure in status responses."""
         level_map = {
             "low": SecurityEventLevel.LOW,
             "medium": SecurityEventLevel.MEDIUM,

crackerjack 0.33.0__py3-none-any.whl → 0.33.2__py3-none-any.whl

Potentially problematic release.

crackerjack 0.33.0py3-none-any.whl → 0.33.2py3-none-any.whl