deepparallel 0.5.0__tar.gz → 0.5.2__tar.gz

{deepparallel-0.5.0 → deepparallel-0.5.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: deepparallel
-Version: 0.5.0
+Version: 0.5.2
 Summary: DeepParallel - a multi-model agentic coding CLI with cross-model Guardian review, served via Crowe Logic.
 Author-email: Michael Crowe <michael@crowelogic.com>
 License: Apache-2.0

{deepparallel-0.5.0 → deepparallel-0.5.2}/deepparallel/__init__.py

@@ -1,3 +1,3 @@
 """DeepParallel CLI package."""
 
-__version__ = "0.5.0"
+__version__ = "0.5.2"

{deepparallel-0.5.0 → deepparallel-0.5.2}/deepparallel/agent.py

@@ -204,6 +204,38 @@ def _guardian_verdict(guardian, name: str, args: dict) -> str | None:
     return guardian_review(guardian, _guardian_review_content(name, args))
 
 
+def _local_module_names(target_path: str) -> set[str]:
+    """Module names that resolve to files in the workspace, so a sibling import
+    like `from compound_library import ...` is never flagged as a hallucinated
+    PyPI package. Scans the target file's directory and the cwd (capped)."""
+    names: set[str] = set()
+    roots = []
+    try:
+        roots.append(Path(target_path).expanduser().resolve().parent)
+    except Exception:  # noqa: BLE001
+        pass
+    try:
+        roots.append(Path.cwd().resolve())
+    except Exception:  # noqa: BLE001
+        pass
+    seen_roots: set[Path] = set()
+    for root in roots:
+        if root in seen_roots:
+            continue
+        seen_roots.add(root)
+        try:
+            for i, p in enumerate(root.rglob("*.py")):
+                names.add(p.stem)
+                if p.name == "__init__.py":
+                    names.add(p.parent.name)
+                if i >= 5000:
+                    break
+        except Exception:  # noqa: BLE001
+            pass
+    names.discard("__init__")
+    return names
+
+
 def _supply_chain_note(name: str, args: dict) -> str | None:
     """Best-effort: flag hallucinated/slopsquatted deps an edit introduces."""
     content = args.get("new_source") or args.get("new_string") or args.get("content") or ""
@@ -213,7 +245,7 @@ def _supply_chain_note(name: str, args: dict) -> str | None:
     try:
         from deepparallel import supply_chain
 
-        result = supply_chain.audit(content, path)
+        result = supply_chain.audit(content, path, _local_module_names(path))
     except Exception:  # noqa: BLE001 - supply-chain check is best-effort
         return None
     if result["hallucinated"]:

{deepparallel-0.5.0 → deepparallel-0.5.2}/deepparallel/backend.py

@@ -11,6 +11,8 @@ stream_chat yields (channel, text) tuples where channel is "content" or
 from __future__ import annotations
 
 import json
+import os
+import sys
 from typing import Iterator, Protocol
 from urllib.parse import urlparse
 
@@ -142,6 +144,24 @@ class Backend(Protocol):
     ) -> Iterator[Chunk]: ...
 
 
+def _should_failover(exc: Exception) -> bool:
+    """Fail over to direct Azure only on transport errors or upstream 5xx;
+    a 4xx means the request itself is bad, so retrying elsewhere is pointless."""
+    if isinstance(exc, httpx.TransportError):
+        return True
+    if isinstance(exc, httpx.HTTPStatusError):
+        return exc.response.status_code >= 500
+    return False
+
+
+def _log_failover(label: str, exc: Exception) -> None:
+    sys.stderr.write(
+        f"[deepparallel] {label}: primary endpoint failed "
+        f"({exc.__class__.__name__}); failing over to direct Azure\n"
+    )
+    sys.stderr.flush()
+
+
 class AzureBackend:
     label = "Azure OpenAI"
 
@@ -151,13 +171,56 @@ class AzureBackend:
         self._deployment = deployment
         self._api_version = api_version
 
-    @property
-    def _url(self) -> str:
+    def _build_url(self, endpoint: str) -> str:
+        # Cloudflare AI Gateway azure-openai routes carry the resource in the
+        # path and drop the native "/openai/deployments" segment; native Azure
+        # endpoints keep it.
+        endpoint = endpoint.rstrip("/")
+        if "/azure-openai/" in endpoint:
+            return (
+                f"{endpoint}/{self._deployment}"
+                f"/chat/completions?api-version={self._api_version}"
+            )
         return (
-            f"{self._endpoint}/openai/deployments/{self._deployment}"
+            f"{endpoint}/openai/deployments/{self._deployment}"
             f"/chat/completions?api-version={self._api_version}"
         )
 
+    def _endpoints(self) -> list[str]:
+        # Primary is whatever is configured (typically the Cloudflare AI Gateway
+        # route). When that primary is a gateway route, derive the direct Azure
+        # endpoint from its resource segment and append it as automatic failover:
+        # fail-open, so a gateway outage degrades to direct Azure instead of
+        # taking down every CroweLM request. The failover request is not logged
+        # by the gateway -- the acceptable cost of staying available.
+        eps = [self._endpoint]
+        marker = "/azure-openai/"
+        if marker in self._endpoint:
+            resource = self._endpoint.split(marker, 1)[1].split("/", 1)[0]
+            if resource:
+                eps.append(f"https://{resource}.cognitiveservices.azure.com")
+        return eps
+
+    @property
+    def _url(self) -> str:
+        return self._build_url(self._endpoint)
+
+    @property
+    def _headers(self) -> dict:
+        # cf-aig-* headers configure AI Gateway per-request (no management API
+        # needed). Cache TTL is operationally tunable via DEEPPARALLEL_CACHE_TTL
+        # (seconds; "0" or empty disables caching for this agentic workload).
+        # Ignored by direct Azure on the failover path.
+        headers = {
+            "api-key": self._api_key,
+            "content-type": "application/json",
+        }
+        ttl = os.getenv("DEEPPARALLEL_CACHE_TTL", "300").strip()
+        if ttl and ttl != "0":
+            headers["cf-aig-cache-ttl"] = ttl
+            headers["cf-aig-metadata"] = '{"via":"deepparallel-gateway"}'
+        return headers
+
     def check(self) -> tuple[bool, str]:
         if not self._endpoint or not self._api_key:
             return False, "Azure endpoint or API key not configured."
@@ -167,49 +230,86 @@ class AzureBackend:
             return False, f"Azure endpoint unreachable ({e.__class__.__name__})"
         return True, f"Azure @ {_host(self._endpoint)}"
 
+    def _payload(self, messages, stream, temperature, max_tokens) -> dict:
+        # GPT-5 family deployments require `max_completion_tokens` and reject a
+        # custom `temperature` (only the default is accepted) -> they 400 on the
+        # legacy `max_tokens`/`temperature` shape. Everything else uses the
+        # classic params.
+        payload = {"messages": messages, "stream": stream}
+        dep = self._deployment.lower()
+        if dep.startswith("gpt-5") or dep.startswith("gpt-chat"):
+            # GPT-5 family + gpt-chat-latest require max_completion_tokens and
+            # reject a custom temperature (only the default is accepted).
+            payload["max_completion_tokens"] = max_tokens
+        else:
+            payload["temperature"] = temperature
+            payload["max_tokens"] = max_tokens
+        return payload
+
     def stream_chat(self, messages, temperature, max_tokens):
-        payload = {
-            "messages": messages,
-            "stream": True,
-            "temperature": temperature,
-            "max_tokens": max_tokens,
-        }
-        headers = {"api-key": self._api_key, "content-type": "application/json"}
-        with httpx.stream(
-            "POST", self._url, json=payload, headers=headers, timeout=_STREAM_TIMEOUT
-        ) as r:
-            r.raise_for_status()
-            yield from parse_sse_lines(r.iter_lines())
+        payload = self._payload(messages, True, temperature, max_tokens)
+        urls = [self._build_url(e) for e in self._endpoints()]
+        for i, url in enumerate(urls):
+            last = i == len(urls) - 1
+            started = False
+            try:
+                with httpx.stream(
+                    "POST", url, json=payload, headers=self._headers, timeout=_STREAM_TIMEOUT
+                ) as r:
+                    r.raise_for_status()
+                    for chunk in parse_sse_lines(r.iter_lines()):
+                        started = True
+                        yield chunk
+                return
+            except (httpx.TransportError, httpx.HTTPStatusError) as e:
+                if last or started or not _should_failover(e):
+                    raise
+                _log_failover(self.label, e)
+                continue
 
     def chat(self, messages, tools, temperature, max_tokens) -> dict:
-        payload = {
-            "messages": messages,
-            "stream": False,
-            "temperature": temperature,
-            "max_tokens": max_tokens,
-        }
+        payload = self._payload(messages, False, temperature, max_tokens)
         if tools:
             payload["tools"] = tools
-        headers = {"api-key": self._api_key, "content-type": "application/json"}
-        r = httpx.post(self._url, json=payload, headers=headers, timeout=_STREAM_TIMEOUT)
-        r.raise_for_status()
-        return _message_from_choice(r.json()["choices"][0])
+        urls = [self._build_url(e) for e in self._endpoints()]
+        for i, url in enumerate(urls):
+            last = i == len(urls) - 1
+            try:
+                r = httpx.post(url, json=payload, headers=self._headers, timeout=_STREAM_TIMEOUT)
+                r.raise_for_status()
+                return _message_from_choice(r.json()["choices"][0])
+            except (httpx.TransportError, httpx.HTTPStatusError) as e:
+                if last or not _should_failover(e):
+                    raise
+                _log_failover(self.label, e)
+                continue
 
     def stream_chat_tools(self, messages, tools, temperature, max_tokens):
-        payload = {
-            "messages": messages,
-            "stream": True,
-            "temperature": temperature,
-            "max_tokens": max_tokens,
-        }
+        payload = self._payload(messages, True, temperature, max_tokens)
         if tools:
             payload["tools"] = tools
-        headers = {"api-key": self._api_key, "content-type": "application/json"}
-        with httpx.stream(
-            "POST", self._url, json=payload, headers=headers, timeout=_STREAM_TIMEOUT
-        ) as r:
-            r.raise_for_status()
-            return (yield from parse_sse_stream(r.iter_lines()))
+        urls = [self._build_url(e) for e in self._endpoints()]
+        for i, url in enumerate(urls):
+            last = i == len(urls) - 1
+            started = False
+            try:
+                with httpx.stream(
+                    "POST", url, json=payload, headers=self._headers, timeout=_STREAM_TIMEOUT
+                ) as r:
+                    r.raise_for_status()
+                    gen = parse_sse_stream(r.iter_lines())
+                    while True:
+                        try:
+                            chunk = next(gen)
+                        except StopIteration as stop:
+                            return stop.value
+                        started = True
+                        yield chunk
+            except (httpx.TransportError, httpx.HTTPStatusError) as e:
+                if last or started or not _should_failover(e):
+                    raise
+                _log_failover(self.label, e)
+                continue
 
 
 class FoundryBackend:

{deepparallel-0.5.0 → deepparallel-0.5.2}/deepparallel/cli.py

@@ -495,13 +495,15 @@ def review(ctx: click.Context, as_diff: bool, path: str | None) -> None:
 
     Reviews a file (PATH) or a unified diff (--diff, from stdin) with a second
     model and prints a verdict. Exit code: 0 safe, 1 risky, 2 bug - so it can
-    gate a commit or PR. Paid (Pro+).
+    gate a commit or PR. Free with your own key (DEEPPARALLEL_BACKEND=openai or
+    ollama); Pro unlocks the hosted Crowe Logic model stack.
     """
     settings: Settings = ctx.obj["settings"]
-    ok, msg = licensing.check_feature("review")
-    if not ok:
-        branding.error(msg)
-        sys.exit(3)
+    if not settings.byok:
+        ok, msg = licensing.check_feature("review")
+        if not ok:
+            branding.error(msg)
+            sys.exit(3)
     if as_diff:
         content = sys.stdin.read()
     elif path:

{deepparallel-0.5.0 → deepparallel-0.5.2}/deepparallel/config.py

@@ -45,6 +45,10 @@ class Settings:
     mycelium_key: str | None = None
     mycelium_secret: str | None = None
     mycelium_model: str = "Mcrowe1210/gemma-4-mycelium-e4b"
+    # True when the user brings their own key/model (openai/ollama/foundry):
+    # the FREE tier. review + the agent run unlicensed; only the Crowe-hosted
+    # stack (azure/crowe) is gated to Pro.
+    byok: bool = False
     # Crowe ID agent identity (backend="crowe"): route through the Foundry gateway
     # authenticated by a client_credentials token instead of a raw provider key.
     gateway_url: str | None = None
@@ -102,17 +106,36 @@ def _int_env(name: str, default: int) -> int:
 
 def resolve_settings() -> Settings:
     backend = os.environ.get("DEEPPARALLEL_BACKEND", "azure").strip().lower()
-    if backend not in {"azure", "foundry", "crowe"}:
+    if backend not in {"azure", "foundry", "crowe", "openai", "ollama"}:
         backend = "azure"
+
+    # BYOK (bring-your-own-key) backends are the FREE tier. "openai" and "ollama"
+    # are friendly aliases onto the OpenAI-compatible foundry transport with
+    # sensible defaults, so `dp` works with no Crowe account and no license.
+    foundry_base_url = os.environ.get("FOUNDRY_BASE_URL")
+    foundry_api_key = os.environ.get("FOUNDRY_API_KEY")
+    foundry_model = os.environ.get("DEEPPARALLEL_FOUNDRY_MODEL", "DeepSeek-V3-1")
+    if backend == "openai":
+        foundry_base_url = os.environ.get("OPENAI_BASE_URL", "https://api.openai.com")
+        foundry_api_key = os.environ.get("OPENAI_API_KEY") or foundry_api_key
+        foundry_model = os.environ.get("DEEPPARALLEL_MODEL", "gpt-4o-mini")
+        backend = "foundry"
+    elif backend == "ollama":
+        foundry_base_url = os.environ.get("OLLAMA_HOST", "http://localhost:11434")
+        foundry_api_key = foundry_api_key or "ollama"
+        foundry_model = os.environ.get("DEEPPARALLEL_MODEL", "llama3.1")
+        backend = "foundry"
+    byok = backend == "foundry"
+
     return Settings(
         backend=backend,
         azure_endpoint=os.environ.get("AZURE_CORE_ENDPOINT"),
         azure_api_key=os.environ.get("AZURE_CORE_API_KEY"),
         deployment=os.environ.get("DEEPPARALLEL_DEPLOYMENT", "DeepSeek-V4-Pro"),
         api_version=os.environ.get("DEEPPARALLEL_API_VERSION", "2024-08-01-preview"),
-        foundry_base_url=os.environ.get("FOUNDRY_BASE_URL"),
-        foundry_api_key=os.environ.get("FOUNDRY_API_KEY"),
-        foundry_model=os.environ.get("DEEPPARALLEL_FOUNDRY_MODEL", "DeepSeek-V3-1"),
+        foundry_base_url=foundry_base_url,
+        foundry_api_key=foundry_api_key,
+        foundry_model=foundry_model,
         temperature=_float_env("DEEPPARALLEL_TEMPERATURE", 0.4),
         max_tokens=_int_env("DEEPPARALLEL_MAX_TOKENS", 8192),
         show_thinking=_bool_env("DEEPPARALLEL_THINK", False),
@@ -149,6 +172,7 @@ def resolve_settings() -> Settings:
         crowe_id_client_id=os.environ.get("CROWE_ID_CLIENT_ID"),
         crowe_id_client_secret=os.environ.get("CROWE_ID_CLIENT_SECRET"),
         crowe_id_audience=os.environ.get("CROWE_ID_AUDIENCE"),
+        byok=byok,
     )
 
 

{deepparallel-0.5.0 → deepparallel-0.5.2}/deepparallel/serve.py

@@ -51,16 +51,35 @@ _SCRUB: list[tuple[re.Pattern[str], str]] = [
 # The listing must never leak raw deployment names; chat accepts either the
 # alias or the raw name, so existing callers keep working.
 _MODEL_ALIASES: dict[str, str] = {
+    # DeepSeek family
     "crowelm-apex": "DeepSeek-V4-Pro",
     "crowelm-reason": "DeepSeek-R1-0528",
     "crowelm-flash": "DeepSeek-V4-Flash",
-    "crowelm-vector": "DeepSeek-V3.1",
+    "crowelm-vector": "DeepSeek-V3-1",
+    # GPT family (Azure frontier)
+    "crowelm-zenith": "gpt-5.5",
+    # --- gpt-5.4 family back-burnered (de-prioritized) — uncomment to re-enable ---
+    # "crowelm-prime": "gpt-5.4",
+    # "crowelm-prime-mini": "gpt-5.4-mini",
+    # "crowelm-prime-nano": "gpt-5.4-nano",
+    "crowelm-chat": "gpt-chat-latest",
+    "crowelm-swift": "gpt-4o",
+    # Grok family
     "crowelm-quasar": "grok-4-3",
     "crowelm-quasar-fast": "grok-4-1-fast-reasoning",
-    "crowelm-herald": "cohere-command-a",
+    "crowelm-quasar-lite": "grok-4-1-fast-non-r",
+    "crowelm-quasar-max": "grok-4-20-reasoning",
+    # Kimi family
     "crowelm-eclipse": "Kimi-K2-6",
+    "crowelm-eclipse-lite": "Kimi-K2.5",
+    # Llama family
     "crowelm-titan": "Llama-3-3-70B",
-    "crowelm-swift": "gpt-4o",
+    "crowelm-maverick": "Llama-4-Maverick",
+    "crowelm-scout": "Llama-4-Scout",
+    # Specialist tiers
+    "crowelm-herald": "Cohere-Command-A",
+    "crowelm-forge": "Codestral-2501",
+    "crowelm-router": "model-router",
     # Free base tier: the sovereign Gemma 4 Mycelium model on Modal. Only listed
     # in /v1/models when MODAL_MYCELIUM_ENDPOINT is configured (see below).
     "crowelm-mycelium": "Mcrowe1210/gemma-4-mycelium-e4b",
@@ -174,8 +193,11 @@ def _models_payload(settings) -> dict:
     # this gateway process. Never list raw deployment names; chat still accepts
     # them for existing callers, but discovery should not advertise unknown
     # deployments.
-    configured = _configured_deployments(settings)
-    ids = [alias for alias, deployment in _MODEL_ALIASES.items() if deployment in configured]
+    ids = [
+        alias
+        for alias, deployment in _MODEL_ALIASES.items()
+        if _deployment_available(deployment, settings)
+    ]
     created = int(time.time())
     return {
         "object": "list",

{deepparallel-0.5.0 → deepparallel-0.5.2}/deepparallel/supply_chain.py

@@ -44,23 +44,30 @@ _IMPORT_RE = re.compile(r"^\s*(?:import\s+([a-zA-Z0-9_.]+)|from\s+([a-zA-Z0-9_.]
 _REQ_RE = re.compile(r"^\s*([A-Za-z0-9][A-Za-z0-9._-]*)")
 
 
-def extract_dependencies(content: str, filename: str) -> list[dict]:
-    """Return [{name, ecosystem, raw}] introduced by this content."""
+def extract_dependencies(
+    content: str, filename: str, local_modules: set[str] | None = None
+) -> list[dict]:
+    """Return [{name, ecosystem, raw}] introduced by this content.
+
+    `local_modules` names resolve to files in the workspace (sibling modules,
+    local packages) and are never treated as third-party dependencies.
+    """
     fn = filename.rsplit("/", 1)[-1].lower()
     if fn == "package.json":
         return _from_package_json(content)
     if fn in ("requirements.txt",) or fn.startswith("requirements"):
         return _from_requirements(content)
     if fn.endswith(".py"):
-        return _from_python(content)
+        return _from_python(content, local_modules)
     return []
 
 
-def _from_python(content: str) -> list[dict]:
+def _from_python(content: str, local: set[str] | None = None) -> list[dict]:
+    local = local or set()
     out, seen = [], set()
     for imp, frm in _IMPORT_RE.findall(content):
         mod = (imp or frm).split(".")[0]
-        if not mod or mod.startswith("_") or mod in _STDLIB or mod in seen:
+        if not mod or mod.startswith("_") or mod in _STDLIB or mod in seen or mod in local:
             continue
         seen.add(mod)
         dist = _PYPI_ALIASES.get(mod, mod)
@@ -117,11 +124,15 @@ def check_exists(name: str, ecosystem: str) -> bool | None:
     return None
 
 
-def audit(content: str, filename: str) -> dict:
-    """Audit a change's dependencies. Returns findings + the hallucinated list."""
+def audit(content: str, filename: str, local_modules: set[str] | None = None) -> dict:
+    """Audit a change's dependencies. Returns findings + the hallucinated list.
+
+    `local_modules` are workspace-local module names (sibling files, local
+    packages) that must not be checked against PyPI/npm.
+    """
     findings = []
     hallucinated = []
-    for dep in extract_dependencies(content, filename):
+    for dep in extract_dependencies(content, filename, local_modules):
         exists = check_exists(dep["name"], dep["ecosystem"])
         status = "ok" if exists is True else "missing" if exists is False else "unknown"
         findings.append({"name": dep["name"], "ecosystem": dep["ecosystem"], "status": status})

deepparallel-0.5.2/deepparallel/system_prompt.txt

@@ -0,0 +1,14 @@
+You are DeepParallel, a precise coding assistant from Crowe Logic.
+
+Voice: direct and concise. Lead with the answer, not a preamble — never open with "I'd be happy to", "Great question", or by restating the request. Give depth only when asked or when the problem genuinely needs it. Stop when the answer is complete; don't pad with summaries or follow-up offers unless they add real value.
+
+Formatting: clean Markdown. Single blank lines between paragraphs — never double. Fenced code blocks with a language tag for code, inline backticks for identifiers and paths, tight lists (no blank line between items). Prefer a short prose answer over a bulleted list when a sentence will do.
+
+You can use tools to read, search, analyze, edit, open, and run code. Use them when they help; do not call them speculatively. When the user asks to "open" a file (an HTML report, image, PDF, or folder) for viewing, use open_path to launch it in the default app rather than read_file, which only returns text. When asked to run something with different parameters, prefer non-destructive approaches (CLI arguments, environment variables, or a temporary copy) over editing the user's source files. Only edit a source file when changing it is the actual goal, and explain what you changed.
+
+Engineering discipline — how you build:
+- Build the smallest unit that can be verified, and verify it before scaling up. Before generating a multi-file system, write the single most fundamental primitive and run it (or a one-line check) to confirm it works. Never emit hundreds of lines across several files before executing anything — a wrong assumption then costs many rounds of debugging instead of one.
+- Ground before you generate. For domain work (chemistry, biology, finance, an API or library you are not certain of), prefer retrieving real data or references over inventing them. Use mcp_search with a single keyword (e.g. "pubchem") to find a domain MCP server, web_fetch for documentation, and read_file/grep for local truth. Reach for a database or a reference before reconstructing it from memory.
+- Treat warnings as signal, not noise. A Guardian "risky/bug" verdict, a supply-chain flag, a parser or valence error, or a low similarity-to-reference score is evidence that something is wrong. Investigate and fix the cause; never rationalize it away or approve through it.
+- Validate against known-good references. When generating structured artifacts (molecules, schemas, configs, queries), check a sample against a known-correct example before trusting the whole batch. If your output does not resemble the references you expect, the generator is wrong, not the references.
+- Label honestly. Never emit an output whose name, ID, or label does not match what it actually is. If you cannot represent something correctly, say so rather than silently substituting a near-miss.

{deepparallel-0.5.0 → deepparallel-0.5.2}/deepparallel/tools/mcp.py

@@ -10,6 +10,7 @@ from __future__ import annotations
 
 import json
 import os
+import re
 import subprocess
 import sys
 import threading
@@ -159,6 +160,35 @@ def _reap_idle() -> None:
             del _pool[key]
 
 
+def _registry_query(query: str, limit: int) -> list[dict]:
+    """One registry search call; returns raw server entries (possibly empty)."""
+    r = httpx.get(
+        _REGISTRY_API,
+        params={"search": query, "limit": limit},
+        timeout=_TIMEOUT,
+        headers={"user-agent": _UA},
+    )
+    r.raise_for_status()
+    return r.json().get("servers", [])
+
+
+def _format_server(entry: dict) -> dict:
+    server = entry.get("server", entry)
+    return {
+        "name": server.get("name", "unknown"),
+        "description": server.get("description", ""),
+        "version": server.get("version", ""),
+        "packages": [
+            {
+                "type": p.get("registryType", ""),
+                "package": p.get("identifier", ""),
+                "transport": p.get("transport", {}).get("type", "unknown"),
+            }
+            for p in server.get("packages", [])
+        ],
+    }
+
+
 @tool(dangerous=False)
 def mcp_search(query: str, limit: int = 10) -> str:
     """Search the MCP server registry (5,800+ servers) for a capability.
@@ -166,39 +196,34 @@ def mcp_search(query: str, limit: int = 10) -> str:
     Returns matching server names, descriptions, and package install info.
     Use this first to discover what exists, then mcp_list_tools to connect.
 
-    :param query: Capability to search for (e.g. "postgres", "slack", "github").
+    :param query: A single capability keyword works best (e.g. "pubchem",
+        "postgres", "slack"); multi-word phrases are split and merged automatically.
     :param limit: Maximum number of results (max 50).
     """
     limit = min(int(limit), 50)
     try:
-        r = httpx.get(
-            _REGISTRY_API,
-            params={"search": query, "limit": limit},
-            timeout=_TIMEOUT,
-            headers={"user-agent": _UA},
-        )
-        r.raise_for_status()
-        data = r.json()
+        servers = _registry_query(query, limit)
+        # The registry matches substrings, not phrases or meaning: a natural-
+        # language query like "chemistry molecular docking" matches nothing,
+        # while the single word "chemistry" finds servers. When a multi-word
+        # query comes back empty, retry each significant word and merge, so the
+        # model discovers servers without having to guess the exact term.
+        if not servers:
+            words = [w for w in re.findall(r"[A-Za-z0-9]+", query.lower()) if len(w) > 2]
+            seen: set[str] = set()
+            merged: list[dict] = []
+            for word in dict.fromkeys(words):
+                for entry in _registry_query(word, limit):
+                    name = entry.get("server", entry).get("name", "")
+                    if name and name not in seen:
+                        seen.add(name)
+                        merged.append(entry)
+                if len(merged) >= limit:
+                    break
+            servers = merged[:limit]
     except Exception as e:  # noqa: BLE001 - surface registry failure to the model
         return json.dumps({"error": f"registry search failed: {type(e).__name__}: {e}"})
-    results = []
-    for entry in data.get("servers", []):
-        server = entry.get("server", entry)
-        results.append(
-            {
-                "name": server.get("name", "unknown"),
-                "description": server.get("description", ""),
-                "version": server.get("version", ""),
-                "packages": [
-                    {
-                        "type": p.get("registryType", ""),
-                        "package": p.get("identifier", ""),
-                        "transport": p.get("transport", {}).get("type", "unknown"),
-                    }
-                    for p in server.get("packages", [])
-                ],
-            }
-        )
+    results = [_format_server(entry) for entry in servers]
     return json.dumps({"query": query, "count": len(results), "servers": results})
 
 

{deepparallel-0.5.0 → deepparallel-0.5.2}/deepparallel/tools/web.py

@@ -46,10 +46,10 @@ def web_search(query: str, count: int = 5) -> str:
     :param query: The search query.
     :param count: Maximum number of results.
     """
-    key = os.environ.get("DEEPPARALLEL_SEARCH_API_KEY")
+    key = (os.environ.get("DEEPPARALLEL_SEARCH_API_KEY") or "").strip()
     if not key:
         return json.dumps(
-            {"error": "search not configured: set DEEPPARALLEL_SEARCH_API_KEY (Brave Search API)"}
+            {"error": "search not configured: set DEEPPARALLEL_SEARCH_API_KEY (Brave Search API key)"}
         )
     url = os.environ.get(
         "DEEPPARALLEL_SEARCH_URL", "https://api.search.brave.com/res/v1/web/search"
@@ -61,7 +61,13 @@ def web_search(query: str, count: int = 5) -> str:
             headers={"X-Subscription-Token": key, "accept": "application/json"},
             timeout=_TIMEOUT,
         )
-        r.raise_for_status()
+        if r.status_code >= 400:
+            # Surface the provider's error body: a bare "422" hides the reason
+            # (missing key header, over-long query, plan limit). The body tells
+            # the model and the user exactly what to fix.
+            return json.dumps(
+                {"error": f"search failed: HTTP {r.status_code}: {(r.text or '')[:300]}"}
+            )
         data = r.json()
     except Exception as e:  # noqa: BLE001 - surface search failure to the model
         return json.dumps({"error": f"search failed: {type(e).__name__}: {e}"})

{deepparallel-0.5.0 → deepparallel-0.5.2}/deepparallel.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: deepparallel
-Version: 0.5.0
+Version: 0.5.2
 Summary: DeepParallel - a multi-model agentic coding CLI with cross-model Guardian review, served via Crowe Logic.
 Author-email: Michael Crowe <michael@crowelogic.com>
 License: Apache-2.0

{deepparallel-0.5.0 → deepparallel-0.5.2}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "deepparallel"
-version = "0.5.0"
+version = "0.5.2"
 description = "DeepParallel - a multi-model agentic coding CLI with cross-model Guardian review, served via Crowe Logic."
 readme = "README.md"
 license = { text = "Apache-2.0" }

{deepparallel-0.5.0 → deepparallel-0.5.2}/tests/test_supply_chain.py

@@ -69,3 +69,21 @@ def test_check_pypi_existence(monkeypatch):
 def test_audit_empty_when_no_deps():
     out = sc.audit("x = 1\nprint(x)\n", "app.py")
     assert out["findings"] == [] and out["hallucinated"] == []
+
+
+def test_audit_skips_workspace_local_modules(monkeypatch):
+    # 200 for requests, 404 for everything else (so a local module would be
+    # falsely flagged if it were checked).
+    def fake_get(url, **kw):
+        code = 200 if "/requests/" in url else 404
+        return httpx.Response(code, request=httpx.Request("GET", url))
+
+    monkeypatch.setattr(httpx, "get", fake_get)
+    code = "from compound_library import build\nimport receptor_analysis\nimport requests\n"
+    out = sc.audit(code, "scripts/workflow.py",
+                   local_modules={"compound_library", "receptor_analysis"})
+    names = {f["name"] for f in out["findings"]}
+    assert "compound_library" not in names  # local, never checked
+    assert "receptor_analysis" not in names
+    assert "requests" in names
+    assert out["hallucinated"] == []  # the false positive is gone

{deepparallel-0.5.0 → deepparallel-0.5.2}/tests/test_tools_mcp.py

@@ -45,3 +45,38 @@ def test_call_tool_rejects_bad_arguments_json():
 def test_stop_server_not_running():
     out = json.loads(mcp_mod.mcp_stop_server("never-started"))
     assert out["note"] == "never-started was not running"
+
+
+def test_mcp_search_multiword_falls_back_to_keywords(monkeypatch):
+    # The registry matches substrings: a phrase returns nothing, but a single
+    # keyword finds a server. mcp_search should split and merge automatically.
+    calls = []
+
+    def fake_query(query, limit):
+        calls.append(query)
+        if " " in query:
+            return []  # phrase matches nothing, like the real registry
+        if query == "pubchem":
+            return [{"server": {"name": "io.github.cyanheads/pubchem-mcp-server",
+                                "description": "Search compounds.", "packages": []}}]
+        return []
+
+    monkeypatch.setattr(mcp_mod, "_registry_query", fake_query)
+    out = json.loads(mcp_mod.mcp_search("pubchem chembl bioassay"))
+    assert out["count"] >= 1
+    assert any("pubchem" in s["name"] for s in out["servers"])
+    assert "pubchem chembl bioassay" in calls  # tried the phrase first
+    assert "pubchem" in calls  # then fell back to the keyword
+
+
+def test_mcp_search_single_word_skips_fallback(monkeypatch):
+    calls = []
+
+    def fake_query(query, limit):
+        calls.append(query)
+        return [{"server": {"name": "ai.waystation/postgres", "packages": []}}]
+
+    monkeypatch.setattr(mcp_mod, "_registry_query", fake_query)
+    out = json.loads(mcp_mod.mcp_search("postgres"))
+    assert out["count"] == 1
+    assert calls == ["postgres"]  # primary hit, no fallback fan-out

{deepparallel-0.5.0 → deepparallel-0.5.2}/tests/test_tools_web.py

@@ -80,3 +80,18 @@ def test_web_search_parses_results(monkeypatch):
 
 def test_web_search_is_non_dangerous():
     assert get_registry().get("web_search").dangerous is False
+
+
+def test_web_search_surfaces_http_error_body(monkeypatch):
+    monkeypatch.setenv("DEEPPARALLEL_SEARCH_API_KEY", "k")
+    body = '{"error":{"detail":"x-subscription-token Field required"}}'
+    monkeypatch.setattr(httpx, "get", lambda url, **kw: _Resp(text=body, status=422))
+    out = json.loads(web_mod.web_search("anything"))
+    assert "HTTP 422" in out["error"]
+    assert "x-subscription-token" in out["error"]  # the real reason, not a bare 422
+
+
+def test_web_search_blank_key_treated_as_unconfigured(monkeypatch):
+    monkeypatch.setenv("DEEPPARALLEL_SEARCH_API_KEY", "   ")
+    out = json.loads(web_mod.web_search("anything"))
+    assert "DEEPPARALLEL_SEARCH_API_KEY" in out["error"]

deepparallel-0.5.0/deepparallel/system_prompt.txt

@@ -1,7 +0,0 @@
-You are DeepParallel, a precise coding assistant from Crowe Logic.
-
-Voice: direct and concise. Lead with the answer, not a preamble — never open with "I'd be happy to", "Great question", or by restating the request. Give depth only when asked or when the problem genuinely needs it. Stop when the answer is complete; don't pad with summaries or follow-up offers unless they add real value.
-
-Formatting: clean Markdown. Single blank lines between paragraphs — never double. Fenced code blocks with a language tag for code, inline backticks for identifiers and paths, tight lists (no blank line between items). Prefer a short prose answer over a bulleted list when a sentence will do.
-
-You can use tools to read, search, analyze, edit, open, and run code. Use them when they help; do not call them speculatively. When the user asks to "open" a file (an HTML report, image, PDF, or folder) for viewing, use open_path to launch it in the default app rather than read_file, which only returns text. When asked to run something with different parameters, prefer non-destructive approaches (CLI arguments, environment variables, or a temporary copy) over editing the user's source files. Only edit a source file when changing it is the actual goal, and explain what you changed.