gdmcode 0.1.0__py3-none-any.whl

src/models/schemas.py

@@ -0,0 +1,389 @@
+"""Pydantic models for ALL structured outputs from Grok API calls.
+
+Rule: every LLM response that contains structured data MUST be parsed
+through one of these models via `client.beta.chat.completions.parse()`.
+Zero `json.loads(raw_text)` calls anywhere in this codebase.
+"""
+from __future__ import annotations
+
+from enum import Enum
+from typing import Annotated, Literal
+
+from datetime import datetime
+
+from pydantic import BaseModel, Field, field_validator
+
+from src.models.router import FailureType
+
+__all__ = [
+    "Severity",
+    "AgentPerspective",
+    "DebateReport",
+    "ReviewFinding",
+    "ReviewReport",
+    "Subtask",
+    "TaskPlan",
+    "CommitMessage",
+    "SymbolRef",
+    "ImpactReport",
+    "CostSnapshot",
+    "Convention",
+    "ConventionSet",
+    "SymbolMatch",
+    "TestResult",
+    "PermissionDecision",
+    "ProjectScan",
+    "SessionDigest",
+    "EnsemblePatch",
+    "DebateMode",
+    "ADRReport",
+    "ThreatModelReport",
+    "DebugHypotheses",
+    "EscalationRecord",
+    "FailureType",
+]
+
+
+# ---------------------------------------------------------------------------
+# Shared enums
+# ---------------------------------------------------------------------------
+
+class Severity(str, Enum):
+    CRITICAL = "critical"
+    HIGH = "high"
+    MEDIUM = "medium"
+    LOW = "low"
+    INFO = "info"
+
+
+class PermissionVerdict(str, Enum):
+    ALLOW = "allow"
+    DENY = "deny"
+    ALLOW_SESSION = "allow_session"  # allow for rest of session, don't persist
+
+
+class TaskStatus(str, Enum):
+    PENDING = "pending"
+    IN_PROGRESS = "in_progress"
+    DONE = "done"
+    BLOCKED = "blocked"
+
+
+# ---------------------------------------------------------------------------
+# Review gate
+# ---------------------------------------------------------------------------
+
+class ReviewFinding(BaseModel):
+    """A single finding from the multi-agent review gate."""
+
+    severity: Severity
+    category: Annotated[str, Field(description="e.g. 'security', 'correctness', 'style'")]
+    file: str | None = None
+    line: int | None = None
+    message: str
+    suggestion: str | None = None
+
+
+class ReviewReport(BaseModel):
+    """Output of the 4-agent review gate."""
+
+    approved: bool
+    confidence: Annotated[float, Field(ge=0.0, le=1.0)]
+    findings: list[ReviewFinding] = Field(default_factory=list)
+    summary: str
+
+    @property
+    def blocking_findings(self) -> list[ReviewFinding]:
+        return [f for f in self.findings if f.severity in (Severity.CRITICAL, Severity.HIGH)]
+
+
+# ---------------------------------------------------------------------------
+# Task planning
+# ---------------------------------------------------------------------------
+
+class Subtask(BaseModel):
+    id: str
+    title: str
+    description: str
+    files_to_touch: list[str] = Field(default_factory=list)
+    depends_on: list[str] = Field(default_factory=list)
+    status: TaskStatus = TaskStatus.PENDING
+
+
+class TaskPlan(BaseModel):
+    """Decomposed task plan from the planning agent."""
+
+    goal: str
+    subtasks: list[Subtask]
+    estimated_cost_usd: float | None = None
+    estimated_turns: int | None = None
+    risks: list[str] = Field(default_factory=list)
+
+
+# ---------------------------------------------------------------------------
+# Git workflow
+# ---------------------------------------------------------------------------
+
+class CommitMessage(BaseModel):
+    """Semantic commit message in Conventional Commits format."""
+
+    type: Annotated[str, Field(description="feat|fix|refactor|test|docs|chore")]
+    scope: str | None = None
+    description: str
+    body: str | None = None
+    breaking_change: bool = False
+
+    @field_validator("type")
+    @classmethod
+    def validate_type(cls, v: str) -> str:
+        valid = {"feat", "fix", "refactor", "test", "docs", "chore", "perf", "ci"}
+        if v not in valid:
+            raise ValueError(f"commit type must be one of {valid}")
+        return v
+
+    def format(self) -> str:
+        scope_part = f"({self.scope})" if self.scope else ""
+        bang = "!" if self.breaking_change else ""
+        header = f"{self.type}{scope_part}{bang}: {self.description}"
+        if self.body:
+            return f"{header}\n\n{self.body}"
+        return header
+
+
+# ---------------------------------------------------------------------------
+# Impact analysis
+# ---------------------------------------------------------------------------
+
+class SymbolRef(BaseModel):
+    file: str
+    line: int
+    symbol: str
+    kind: Annotated[str, Field(description="function|class|method|variable|import")]
+
+
+class ImpactReport(BaseModel):
+    """Blast radius of a proposed change to a symbol."""
+
+    symbol: str
+    callers_count: int = 0
+    callers: list[dict] = Field(default_factory=list)
+    affected_tests: list[str] = Field(default_factory=list)
+    is_public_api: bool = False
+    semver_recommendation: str = ""
+    change_type: str = "signature_change"
+    # Legacy fields kept for backward compatibility
+    changed_symbol: str = ""
+    changed_file: str = ""
+    direct_callers: list[SymbolRef] = Field(default_factory=list)
+    indirect_callers: list[SymbolRef] = Field(default_factory=list)
+    breaking: bool = False
+    migration_notes: str | None = None
+
+
+# ---------------------------------------------------------------------------
+# Cost tracking
+# ---------------------------------------------------------------------------
+
+class CostSnapshot(BaseModel):
+    """Point-in-time cost snapshot for a session."""
+
+    session_id: str
+    scout_usd: float = 0.0
+    coder_usd: float = 0.0
+    thinker_usd: float = 0.0
+    reasoner_usd: float = 0.0
+    debate_usd: float = 0.0
+    tool_calls_usd: float = 0.0
+    cached_savings_usd: float = 0.0
+
+    @property
+    def total_usd(self) -> float:
+        return (
+            self.scout_usd + self.coder_usd + self.thinker_usd
+            + self.reasoner_usd + self.debate_usd + self.tool_calls_usd
+        )
+
+
+# ---------------------------------------------------------------------------
+# Convention extraction
+# ---------------------------------------------------------------------------
+
+class Convention(BaseModel):
+    key: str
+    value: str
+    confidence: Annotated[float, Field(ge=0.0, le=1.0)] = 1.0
+    source_file: str | None = None
+
+
+class ConventionSet(BaseModel):
+    """Extracted coding conventions from a codebase scan."""
+
+    language: str
+    naming: list[Convention] = Field(default_factory=list)
+    imports: list[Convention] = Field(default_factory=list)
+    error_handling: list[Convention] = Field(default_factory=list)
+    testing: list[Convention] = Field(default_factory=list)
+    style: list[Convention] = Field(default_factory=list)
+
+
+# ---------------------------------------------------------------------------
+# Code search
+# ---------------------------------------------------------------------------
+
+class SymbolMatch(BaseModel):
+    """A symbol found by the Tree-sitter code index."""
+
+    file: str
+    line: int
+    symbol: str
+    kind: str
+    signature: str | None = None
+    score: float = 1.0
+
+
+# ---------------------------------------------------------------------------
+# Testing
+# ---------------------------------------------------------------------------
+
+class TestResult(BaseModel):
+    """Result of running the test suite."""
+
+    passed: int
+    failed: int
+    errors: int
+    skipped: int
+    duration_s: float
+    failed_tests: list[str] = Field(default_factory=list)
+    coverage_pct: float | None = None
+
+    @property
+    def all_passed(self) -> bool:
+        return self.failed == 0 and self.errors == 0
+
+
+# ---------------------------------------------------------------------------
+# Permissions
+# ---------------------------------------------------------------------------
+
+class PermissionDecision(BaseModel):
+    """Model-generated permission recommendation for a tool + path."""
+
+    tool_name: str
+    path: str | None
+    verdict: PermissionVerdict
+    reason: str
+    remember_for_session: bool = False
+
+
+# ---------------------------------------------------------------------------
+# Project scan
+# ---------------------------------------------------------------------------
+
+class ProjectScan(BaseModel):
+    """Initial project scan result stored in gdm.db on first run."""
+
+    tech_stack: list[str]
+    entry_points: list[str]
+    test_framework: str | None = None
+    package_manager: str | None = None
+    key_modules: dict[str, str] = Field(default_factory=dict)
+    conventions: list[str] = Field(default_factory=list)
+
+
+# ---------------------------------------------------------------------------
+# Session compression
+# ---------------------------------------------------------------------------
+
+class SessionDigest(BaseModel):
+    """Compressed summary of a session window (every 5 turns)."""
+
+    decisions: list[str] = Field(default_factory=list)
+    files_modified: list[str] = Field(default_factory=list)
+    errors_fixed: list[str] = Field(default_factory=list)
+    user_preferences: list[str] = Field(default_factory=list)
+    summary: str
+
+
+# ---------------------------------------------------------------------------
+# Ensemble patching
+# ---------------------------------------------------------------------------
+
+class EnsemblePatch(BaseModel):
+    """One candidate patch from an ensemble patching strategy."""
+
+    strategy: Annotated[str, Field(description="e.g. 'minimal_fix', 'refactor', 'defensive'")]
+    diff: str
+    explanation: str
+    tests_passed: int = 0
+    tests_failed: int = 0
+
+    @property
+    def score(self) -> float:
+        total = self.tests_passed + self.tests_failed
+        return self.tests_passed / total if total > 0 else 0.0
+
+
+# ---------------------------------------------------------------------------
+# Debate modes
+# ---------------------------------------------------------------------------
+
+class DebateMode(str, Enum):
+    CODE_REVIEW = "code_review"
+    ADR = "adr"
+    SECURITY = "security"
+    DEBUG_HYPOTHESIS = "debug_hypothesis"
+
+
+class ADRReport(BaseModel):
+    decision: str
+    rationale: str
+    alternatives_rejected: list[str]
+    risks: list[str]
+
+
+class ThreatModelReport(BaseModel):
+    attack_surfaces: list[str]
+    mitigations: list[str]
+    severity: Literal["critical", "high", "medium", "low"]
+
+
+class DebugHypotheses(BaseModel):
+    hypotheses: list[str]        # ranked by likelihood
+    suggested_next_action: str
+    dead_ends_identified: list[str]
+
+
+class EscalationRecord(BaseModel):
+    """Structured record of a single escalation event."""
+    failure_type: FailureType
+    from_tier: str
+    to_tier: str | None
+    attempt: int
+    cost_usd: float = 0.0
+    timestamp: datetime
+
+
+# ---------------------------------------------------------------------------
+# 4-agent debate schemas
+# ---------------------------------------------------------------------------
+
+class AgentPerspective(BaseModel):
+    """One debate agent's perspective on the change under review."""
+
+    role: str  # "architect" | "security" | "performance" | "devil_advocate"
+    findings: list[ReviewFinding] = Field(default_factory=list)
+    confidence: Annotated[float, Field(ge=0.0, le=1.0)]
+    summary: str
+
+
+class DebateReport(BaseModel):
+    """Aggregated output of the 4-agent debate run."""
+
+    perspectives: list[AgentPerspective] = Field(default_factory=list)  # 2-4 entries
+    consensus_points: list[str] = Field(default_factory=list)
+    disagreements: list[str] = Field(default_factory=list)
+    missing_evidence: list[str] = Field(default_factory=list)
+    recommendation: str
+    approved: bool
+    confidence: Annotated[float, Field(ge=0.0, le=1.0)]
+    debate_skipped: bool = False

src/permissions.py

@@ -0,0 +1,294 @@
+"""Tool permissions — user-controlled allow/deny for dangerous tool calls.
+
+Every potentially destructive operation goes through PermissionContext.
+Users can pre-approve tools for the session, or deny them permanently.
+All decisions are persisted to gdm.db so they survive crashes.
+
+Decision hierarchy (first match wins):
+  1. Always-deny list (hardcoded in constants — never overridable)
+  2. Session-scoped deny (user said "no" this session)
+  3. Session-scoped allow (user said "yes" this session)
+  4. Persisted allow (user approved on a prior run with --remember)
+  5. Ask the user (interactive prompt → blocks until answered)
+"""
+from __future__ import annotations
+
+import logging
+from dataclasses import dataclass, field
+from enum import StrEnum
+from typing import TYPE_CHECKING
+
+from src._internal.constants import _ALWAYS_DENY_TOOLS
+from src.exceptions import ToolPermissionError
+
+if TYPE_CHECKING:
+    from src.memory.db import GdmDatabase
+    from src.session.permission_bridge import PermissionBridge
+
+__all__ = [
+    "Decision", "PermissionContext", "AutonomyPolicy",
+    "set_permission_bridge", "clear_permission_bridge",
+]
+
+
+@dataclass
+class AutonomyPolicy:
+    """Encodes which autonomous actions are permitted at a given level."""
+
+    level: int = 1
+    auto_apply_edits: bool = False
+    auto_run_tests: bool = False
+    auto_commit: bool = False
+    auto_push: bool = False
+    auto_fix_failures: bool = False
+    git_remote_allowlist: list[str] = field(default_factory=list)
+    max_fix_attempts: int = 3
+
+    @classmethod
+    def from_level(cls, level: int) -> "AutonomyPolicy":
+        defaults = {
+            1: dict(auto_apply_edits=False, auto_run_tests=False, auto_commit=False, auto_push=False, auto_fix_failures=False),
+            2: dict(auto_apply_edits=True,  auto_run_tests=False, auto_commit=False, auto_push=False, auto_fix_failures=False),
+            3: dict(auto_apply_edits=True,  auto_run_tests=True,  auto_commit=False, auto_push=False, auto_fix_failures=False),
+            4: dict(auto_apply_edits=True,  auto_run_tests=True,  auto_commit=True,  auto_push=False, auto_fix_failures=False),
+            5: dict(auto_apply_edits=True,  auto_run_tests=True,  auto_commit=True,  auto_push=True,  auto_fix_failures=True),
+        }
+        return cls(level=level, **defaults.get(level, defaults[1]))
+
+log = logging.getLogger(__name__)
+
+# Module-level permission bridge (set by session controller)
+_active_bridge: "PermissionBridge | None" = None
+
+
+def set_permission_bridge(bridge: "PermissionBridge") -> None:
+    """Activate a PermissionBridge so _prompt_user() delegates to it."""
+    global _active_bridge
+    _active_bridge = bridge
+    log.debug("PermissionBridge activated")
+
+
+def clear_permission_bridge() -> None:
+    """Deactivate the bridge; _prompt_user() falls back to rich.Prompt.ask()."""
+    global _active_bridge
+    _active_bridge = None
+    log.debug("PermissionBridge cleared")
+
+
+class Decision(StrEnum):
+    ALLOW = "allow"
+    ALLOW_SESSION = "allow_session"
+    ALLOW_ALWAYS = "allow_always"
+    DENY = "deny"
+    DENY_SESSION = "deny_session"
+
+
+class PermissionContext:
+    """Manages per-tool permission decisions for a session.
+
+    Usage::
+
+        perms = PermissionContext(db=db, session_id=sid)
+        perms.check("bash", args={"cmd": "rm -rf /tmp/foo"})
+        # Raises ToolPermissionError if denied
+        # Prompts user if unknown
+    """
+
+    def __init__(
+        self,
+        db: GdmDatabase,
+        session_id: str,
+        non_interactive: bool = False,
+        policy_enforced: bool = False,
+    ) -> None:
+        self._db = db
+        self._session_id = session_id
+        self._non_interactive = non_interactive
+        self._all_allowed: bool = False
+        self.policy_enforced: bool = policy_enforced
+        # In-memory session caches (reset on new session)
+        self._session_allow: frozenset[str] = frozenset()
+        self._session_deny: frozenset[str] = frozenset()
+        self._pre_approved: set[str] = set()
+        self._pre_denied: set[str] = set()
+        self._load_persisted_denies()
+
+    # ------------------------------------------------------------------
+    # Public API
+    # ------------------------------------------------------------------
+
+    def check(self, tool: str, args: dict) -> Decision:  # type: ignore[type-arg]
+        """Evaluate permission for *tool*. Returns Decision or raises.
+
+        Raises:
+            ToolPermissionError: if the tool is denied.
+        """
+        # Layer 1: absolute deny (hardcoded — never bypassable)
+        if tool in _ALWAYS_DENY_TOOLS:
+            log.warning("Tool '%s' is in always-deny list — blocked", tool)
+            raise ToolPermissionError(tool=tool, reason="always-deny list")
+
+        # Layer 2: session deny (takes priority even over allow_all)
+        if tool in self._session_deny:
+            raise ToolPermissionError(tool=tool, reason="denied this session")
+
+        # Layer 2.5: blanket session allow (/allow-all or --yes)
+        if self._all_allowed:
+            log.info("Tool '%s' auto-approved (allow_all_session active)", tool)
+            return Decision.ALLOW_SESSION
+
+        # Layer 3: session allow
+        if tool in self._session_allow:
+            return Decision.ALLOW_SESSION
+
+        # Layer 4: persisted allow
+        if self._is_persisted_allow(tool):
+            return Decision.ALLOW_ALWAYS
+
+        # Layer 5: ask
+        return self._prompt_user(tool, args)
+
+    def pre_approve(self, tools: list[str]) -> None:
+        """Bulk-approve tools for this session (e.g. from --yes flag)."""
+        self._pre_approved.update(tools)
+        self._session_allow = self._session_allow | frozenset(tools)
+
+    def pre_deny(self, tools: list[str]) -> None:
+        """Bulk-deny tools for this session."""
+        self._pre_denied.update(tools)
+        self._session_deny = self._session_deny | frozenset(tools)
+
+    def allow_all_session(self) -> None:
+        """Grant blanket session-level permission for all tools (/allow-all or --yes).
+
+        The hardcoded _ALWAYS_DENY_TOOLS list still applies — those can never
+        be bypassed regardless of this flag.
+
+        A persistent audit-log warning is written so the user knows bypass is active.
+        """
+        if getattr(self, "policy_enforced", False):
+            raise RuntimeError("Blanket session approval is disabled by enterprise policy.")
+        from rich.console import Console
+        Console(stderr=True).print(
+            "\n[bold yellow]⚠  Permission bypass active.[/bold yellow] "
+            "All tool calls are auto-approved this session "
+            "(except the permanent safety blocklist). "
+            "Audit log remains active.\n"
+        )
+        self._all_allowed = True
+        log.warning("allow_all_session activated — all non-hardcoded tools auto-approved")
+
+    def set_autonomy_policy(self, policy: "AutonomyPolicy") -> None:
+        """Apply an AutonomyPolicy — pre-approve/deny tools accordingly."""
+        self._autonomy_policy = policy
+        if policy.auto_apply_edits:
+            self.pre_approve(["write_file", "patch_file"])
+        else:
+            self.pre_deny(["write_file", "patch_file"])
+        if policy.auto_run_tests:
+            self.pre_approve(["bash_test"])
+        if policy.auto_commit:
+            self.pre_approve(["git_commit"])
+        if policy.auto_push:
+            self.pre_approve(["git_push"])
+
+    def can(self, gate: str) -> bool:
+        """Return True if the active AutonomyPolicy enables *gate*."""
+        policy = getattr(self, "_autonomy_policy", None)
+        return bool(policy and getattr(policy, gate, False))
+
+    # ------------------------------------------------------------------
+    # Persistence helpers
+    # ------------------------------------------------------------------
+
+    def _is_persisted_allow(self, tool: str) -> bool:
+        row = self._db.execute_one(
+            "SELECT decision FROM permissions WHERE tool = ? AND decision = ?",
+            (tool, Decision.ALLOW_ALWAYS),
+        )
+        return row is not None
+
+    def _persist_decision(self, tool: str, decision: Decision) -> None:
+        self._db.execute(
+            """INSERT INTO permissions (session_id, tool, decision)
+               VALUES (?, ?, ?)
+               ON CONFLICT(tool) DO UPDATE SET decision = excluded.decision""",
+            (self._session_id, tool, str(decision)),
+        )
+
+    def _load_persisted_denies(self) -> None:
+        """Load any permanently denied tools from the database into session deny cache."""
+        try:
+            rows = self._db.execute_many(
+                "SELECT tool FROM permissions WHERE decision = ?",
+                (str(Decision.DENY),),
+            )
+            if rows:
+                self._session_deny = self._session_deny | frozenset(r[0] for r in rows)
+        except Exception:
+            pass  # DB may not be initialised yet; silently skip
+
+    # ------------------------------------------------------------------
+    # Interactive prompt
+    # ------------------------------------------------------------------
+
+    def _prompt_user(self, tool: str, args: dict) -> Decision:  # type: ignore[type-arg]
+        """Ask user to allow/deny. Non-interactive mode auto-denies."""
+        if self._non_interactive:
+            log.info("Non-interactive mode — denying unknown tool '%s'", tool)
+            raise ToolPermissionError(tool=tool, reason="non-interactive mode; not pre-approved")
+
+        # Delegate to PermissionBridge when one is active (remote/voice sessions)
+        if _active_bridge is not None:
+            prompt = f"Allow tool '{tool}'?"
+            if args:
+                import json
+                prompt += f" Args: {json.dumps(args)[:200]}"
+            approved = _active_bridge.request(prompt)
+            if not approved:
+                raise ToolPermissionError(tool=tool, reason="denied via permission bridge")
+            self._session_allow = self._session_allow | {tool}
+            return Decision.ALLOW_SESSION
+
+        # Rich prompt — imported lazily to avoid circular dep at module init
+        from rich.console import Console
+        from rich.prompt import Prompt
+
+        console = Console()
+        console.print(f"\n[bold yellow]⚠  Permission request[/bold yellow]")
+        console.print(f"Tool: [cyan]{tool}[/cyan]")
+        if args:
+            import json
+            console.print(f"Args: [dim]{json.dumps(args, indent=2)[:400]}[/dim]")
+
+        choice = Prompt.ask(
+            "Allow?",
+            choices=["y", "n", "always", "session", "never"],
+            default="y",
+        )
+
+        decision_map = {
+            "y": Decision.ALLOW_SESSION,
+            "session": Decision.ALLOW_SESSION,
+            "always": Decision.ALLOW_ALWAYS,
+            "n": Decision.DENY_SESSION,
+            "never": Decision.DENY,
+        }
+        decision = decision_map.get(choice, Decision.DENY_SESSION)
+
+        if decision == Decision.DENY_SESSION:
+            self._session_deny = self._session_deny | {tool}
+            raise ToolPermissionError(tool=tool, reason="denied by user")
+
+        if decision == Decision.DENY:
+            self._persist_decision(tool, decision)
+            raise ToolPermissionError(tool=tool, reason="permanently denied by user")
+
+        if decision == Decision.ALLOW_SESSION:
+            self._session_allow = self._session_allow | {tool}
+
+        if decision == Decision.ALLOW_ALWAYS:
+            self._persist_decision(tool, decision)
+            self._session_allow = self._session_allow | {tool}
+
+        return decision

src/remote/__init__.py

@@ -0,0 +1,5 @@
+"""Remote server — LAN WebSocket/HTTP bridge for phone-based control."""
+from src.remote.server import RemoteServer
+from src.remote.models import RemoteEvent, InputMessage, SessionState, PermissionRequest
+
+__all__ = ["RemoteServer", "RemoteEvent", "InputMessage", "SessionState", "PermissionRequest"]