leashd 0.4.0__tar.gz

leashd-0.4.0/.editorconfig

@@ -0,0 +1,11 @@
+root = true
+
+[*]
+end_of_line = lf
+insert_final_newline = true
+charset = utf-8
+trim_trailing_whitespace = true
+
+[*.py]
+indent_style = space
+indent_size = 4

leashd-0.4.0/.gitignore

@@ -0,0 +1,31 @@
+# Virtual environments
+.venv/
+
+# Python
+__pycache__/
+*.py[cod]
+*.egg-info/
+dist/
+build/
+
+# Environment
+.env
+
+# Coverage
+htmlcov/
+.coverage
+.coverage.*
+
+# IDE
+.claude/
+!.claude/commands/
+
+# Specs
+specs/
+
+# OS
+.DS_Store
+
+# Logs & sqlite3
+logs/
+*.db

leashd-0.4.0/.python-version

@@ -0,0 +1 @@
+3.13

leashd-0.4.0/CHANGELOG.md

@@ -0,0 +1,63 @@
+# Changelog
+
+## [0.4.0] - 2026-03-01
+- **changed**: Rebranded from "tether" to "leashd" — package name, env var prefix (`LEASHD_*`), config dir (`.leashd/`), all imports, CLI entry point, and documentation
+- **added**: Apache 2.0 license
+- **added**: PyPI package metadata (classifiers, URLs, keywords, `py.typed` marker)
+- **added**: `/workspace` (alias `/ws`) — group related repos under named workspaces for multi-repo context. YAML config in `.leashd/workspaces.yaml`, inline keyboard buttons, and workspace-aware system prompt injection
+- **added**: Behavioral integration tests for plan approval flow — verify Write/Edit actually succeed after clean_edit, edit, and default approvals (closes coverage gap that let `_cancel_agent()` deletion slip through)
+- **fixed**: `_SafeSDKClient` now handles SDK returning `None` for unknown message types (compatibility with claude-agent-sdk 0.1.44+)
+
+## [0.3.0] - 2026-02-26
+
+### Added
+- `/git merge <branch>` — AI-assisted conflict resolution with auto-resolve/abort buttons and 4-phase merge workflow
+- `/test` command — 9-phase agent-driven test workflow with structured args (`--url`, `--framework`, `--dir`, `--no-e2e`, `--no-unit`, `--no-backend`), project config (`.leashd/test.yaml`), write-ahead crash recovery, and context persistence across sessions
+- `/plan <text>` and `/edit <text>` — switch mode and start agent in one step
+- `/dir` inline keyboard buttons for one-tap directory switching
+- Message interrupt — inline buttons to interrupt or wait during agent execution instead of silent queuing
+- `dev-tools.yaml` policy overlay — auto-allows common dev commands (package managers, linters, test runners)
+- Auto-delete transient messages (interrupt prompts, ack messages, completion notices)
+
+### Fixed
+- Git callback buttons now auto-delete after action completes instead of persisting as stale UI
+- Plan approval messages (content + buttons) now fully cleaned up after user decision, with brief ack for proceed actions
+- **fixed**: Comprehensive edge case tests for git callback and plan approval cleanup (8 tests: exception resilience, non-Message guards, missing handlers, empty/missing plan IDs, dedup, ack failures, expired interactions)
+- Agent resilience — exponential backoff on retries, auto-retry for transient API errors, 30-minute execution timeout, human-readable error messages
+- Session continuity — `claude_session_id` persisted on agent timeout so next message resumes
+- Pending messages no longer dropped on transient errors
+- Playwright MCP tools now available when agent works in repos without their own `.mcp.json`
+- **fixed**: Documentation audit — 30+ discrepancies corrected across README, config, plugins, engine, architecture, events, storage, and index docs (wrong defaults, missing features, stale counts, version mismatch)
+
+## [0.2.1] - 2026-02-23
+- **added**: Network resilience for Telegram connector — exponential-backoff retries on `NetworkError`/`TimedOut` for startup and send operations
+- **fixed**: Streaming freezes on long responses — overflow now finalizes current message and chains into a new one instead of silently truncating at 4000 chars
+- **fixed**: Sub-agent permission inheritance — map session modes to SDK `PermissionMode` so Task-spawned sub-agents can write/edit files in auto mode
+- **added**: 3-word approval keys — `uv run pytest` and `uv run python` now get distinct auto-approve keys instead of both being `Bash::uv run`
+- **added**: CD prefix stripping — `cd /project && git status` now matches `^git` policy patterns and produces `Bash::git status` approval keys instead of `Bash::cd`
+- **added**: Hierarchical auto-approve matching — stored `Bash::uv run` covers `Bash::uv run pytest` with word-boundary safety
+
+
+## [0.2.0] - 2026-02-23
+
+### Added
+- **Git integration** — full `/git` command suite accessible from Telegram with inline action buttons
+  - `status`, `branch`, `checkout`, `diff`, `log`, `add`, `commit`, `push`, `pull`
+  - Auto-generated commit messages from staged changes
+  - Fuzzy branch matching with fallback to remote tracking
+  - Interactive workflows: stage files, confirm pushes, enter commit messages via chat
+- **Git service layer** (`leashd/git/service.py`) — async wrapper around git CLI with 30s timeout, input validation against shell injection
+- **Git data models** (`leashd/git/models.py`) — frozen Pydantic models for status, branches, log entries, and results
+- **Git display formatters** (`leashd/git/formatter.py`) — Telegram-friendly formatting with emoji indicators and 4096-char truncation
+- **Git callback routing** — inline button support in Telegram connector for git operations
+- **Audit logging for git operations** — every git command logged with session context and working directory
+
+### Changed
+- **Engine** wired to route `/git` commands and git button callbacks to the new handler
+- **App bootstrap** instantiates `GitService` and `GitCommandHandler` during startup
+- **Connector base protocol** extended with `set_git_handler()` for registering git callbacks
+- **Telegram connector** routes `git:` prefix callbacks to the git handler
+
+## [0.1.0] - 2026-02-22
+
+- Initial release

leashd-0.4.0/CLAUDE.md

@@ -0,0 +1,163 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Project Overview
+
+leashd is a remote AI-assisted development system with safety constraints. It lets developers drive Claude Code agent sessions from any device (e.g., phone via Telegram) while enforcing YAML-driven safety policies that gate dangerous AI actions behind human approval.
+
+## Commands
+
+```bash
+# Install dependencies
+uv sync
+
+# Run the CLI
+uv run -m leashd
+
+# Run all tests
+uv run pytest tests/
+
+# Run a single test file
+uv run pytest tests/test_policy.py -v
+
+# Run a specific test
+uv run pytest tests/test_policy.py::test_function_name -v
+
+# Run tests with coverage
+uv run pytest --cov=leashd tests/
+
+# Lint
+uv run ruff check .
+
+# Lint and auto-fix (removes unused imports, sorts imports, etc.)
+uv run ruff check --fix .
+
+# Format
+uv run ruff format .
+
+# Lint fix + format (equivalent to VS Code save)
+uv run ruff check --fix . && uv run ruff format .
+```
+
+## Architecture
+
+The system follows a three-layer safety pipeline: **Sandbox → Policy → Approval**.
+
+**Bootstrap** (`app.py`) wires all subsystems together: builds config, storage, connectors, middleware, plugins, safety pipeline, git handler, and engine. Entry point is `main.py` → `app.py`.
+
+**Engine** (`core/engine.py`) is the central orchestrator. It receives user messages from connectors, passes them through the middleware chain, routes messages to the Claude Code agent, and sends responses back through connectors. Supports `/dir`, `/plan <text>`, `/edit <text>`, `/git`, and `/workspace` (alias `/ws`) commands.
+
+**Safety pipeline** (all in `core/safety/`):
+0. **Gatekeeper** (`gatekeeper.py`) — `ToolGatekeeper` orchestrates the full sandbox → policy → approval chain per tool call, emitting events at each stage. Extracted from Engine to keep it focused on message routing.
+1. **Sandbox** (`sandbox.py`) — enforces directory boundaries, prevents path traversal
+2. **Policy** (`policy.py`) — stateless YAML rule matching that classifies tool calls as ALLOW, DENY, or REQUIRE_APPROVAL based on tool name, command patterns, and path patterns
+3. **Approvals** (`approvals.py`) — async human-in-the-loop approval via connectors with configurable timeout (defaults to deny)
+4. **Analyzer** (`analyzer.py`) — detects risky bash patterns and credential file access, used by the policy engine
+5. **Audit** (`audit.py`) — append-only JSONL log of all tool attempts and decisions
+
+**Middleware** (`middleware/`): `MiddlewareChain` processes messages before they reach the Engine. Each middleware can pass through or short-circuit.
+- `AuthMiddleware` — user whitelist via `LEASHD_ALLOWED_USER_IDS`
+- `RateLimitMiddleware` — token-bucket rate limiting per user via `LEASHD_RATE_LIMIT_RPM`
+
+**EventBus** (`core/events.py`): Pub/sub system for decoupling subsystems. Plugins and internal components subscribe to named events. Key events: `tool.gated`, `tool.allowed`, `tool.denied`, `message.in`, `message.out`, `approval.requested`, `approval.resolved`, `safety.violation`, `engine.started`, `engine.stopped`, `command.test`, `test.started`, `test.completed`, `command.merge`, `merge.started`, `merge.completed`, `interaction.requested`, `interaction.resolved`, `message.queued`, `execution.interrupted`.
+
+**Plugin system** (`plugins/`):
+- `LeashdPlugin` ABC with lifecycle hooks: `initialize → start → stop`
+- `PluginRegistry` for explicit registration (no auto-discovery)
+- Plugins receive a `PluginContext` (event bus + config) and subscribe to `EventBus` events in `initialize()`
+- Built-in: `AuditPlugin` logs sandbox violations from `tool.denied` events
+- Built-in: `BrowserToolsPlugin` provides structured logging for the 28 Playwright MCP browser tools (classifies as readonly vs mutation, logs gated/allowed/denied events)
+- Built-in: `TestRunnerPlugin` activates 9-phase test workflow via `/test` command, auto-approves browser tools and test commands
+- Built-in: `MergeResolverPlugin` handles `/git merge` conflict resolution, auto-approves Edit/Write/Read and git read commands
+- Built-in: `TestConfigLoaderPlugin` loads per-project test configuration from `.leashd/test.yaml` to customize the `/test` workflow
+
+**Interactions** (`core/interactions.py`): `InteractionCoordinator` bridges Claude's `AskUserQuestion` and `ExitPlanMode` SDK events to connectors — forwards questions/plan reviews to Telegram, collects user responses, and returns them to the agent.
+
+**Session management** (`core/session.py`): `SessionManager` handles session lifecycle — creation, lookup by user+chat pair, working directory switching, and delegation to the storage backend.
+
+**Workspaces** (`core/workspace.py`): Groups related repos under a named workspace so the agent gets multi-repo context. `Workspace` is a frozen Pydantic model; `load_workspaces()` reads `.leashd/workspaces.yaml`, validates dirs against `LEASHD_APPROVED_DIRECTORIES`. `/workspace` (alias `/ws`) command activates a workspace — sets cwd to primary dir, injects multi-repo context into system prompt. MCP servers are **not** copied from workspace directories; the agent only uses MCP from the working directory and LeashdConfig.
+
+**Git integration** (`git/`): Full `/git` command suite accessible from Telegram with inline action buttons.
+- `GitService` (`service.py`) — async wrapper around git CLI with 30s timeout and input validation
+- `GitCommandHandler` (`handler.py`) — routes `/git` subcommands (status, branch, checkout, diff, log, add, commit, push, pull, merge) and callback buttons
+- `GitFormatter` (`formatter.py`) — Telegram-friendly display with emoji indicators and 4096-char truncation
+- `GitModels` (`models.py`) — frozen Pydantic models for status, branches, log entries, and results
+
+**Agent abstraction** (`agents/`): `BaseAgent` protocol with `ClaudeCodeAgent` implementation wrapping `claude-agent-sdk`. Supports session resume for multi-turn continuity.
+
+**Connector protocol** (`connectors/base.py`): Abstract interface for I/O transports (Telegram, Slack, etc.). Handles message delivery, typing indicators, approval requests, and file sending.
+
+**Policies** (`policies/`): Four built-in YAML policies — `default.yaml` (balanced), `strict.yaml` (maximum restrictions, shorter timeout), `permissive.yaml` (maximum freedom for trusted environments), `dev-tools.yaml` (overlay that auto-allows common dev commands like package managers, linters, test runners — meant to be combined with other policies). All deny credential file access and destructive patterns.
+
+**Configuration** (`core/config.py`): `LeashdConfig` uses pydantic-settings, loaded from environment variables prefixed with `LEASHD_`. Required: `LEASHD_APPROVED_DIRECTORIES` (comma-separated paths). `build_directory_names()` derives short names from basenames for the `/dir` command.
+
+**Storage** (`storage/`): `SessionStore` ABC with two backends — `MemorySessionStore` (in-process dict) and `SqliteSessionStore` (persistent via aiosqlite). Sessions are keyed by user+chat pair.
+
+## Browser Testing (Playwright MCP)
+
+leashd integrates with Playwright MCP for browser automation. The `.mcp.json` at project root configures Claude Code to spawn the MCP server (pinned `@playwright/mcp@0.0.41`, headed mode by default). leashd's Python process does not touch Playwright — Claude Code's SDK manages the MCP server lifecycle.
+
+- **Prerequisites:** Node.js 18+, one-time `npx playwright install chromium`
+- **28 browser tools** (7 readonly, 21 mutation) flow through the existing safety pipeline — policy rules are defined in all three YAML presets (`default.yaml`, `strict.yaml`, `permissive.yaml`)
+- **`BrowserToolsPlugin`** (`plugins/builtin/browser_tools.py`) provides structured logging; exports `BROWSER_READONLY_TOOLS`, `BROWSER_MUTATION_TOOLS`, `ALL_BROWSER_TOOLS`, `is_browser_tool()`
+- **Playwright test agents:** `npx playwright init-agents --loop=claude` initializes Planner, Generator, and Healer agents
+- **`/healer` slash command** at `.claude/commands/healer.md` runs the healer agent workflow to find and fix broken Playwright tests
+- **`/test` command** activates 9-phase test workflow via `TestRunnerPlugin` (`plugins/builtin/test_runner.py`) — auto-approves all browser tools, test bash commands, and file writes. Accepts `--url`, `--server`, `--framework`, `--dir`, `--unit`, `--backend`, `--no-e2e`, `--no-unit`, `--no-backend` flags.
+- **Setup guide:** `docs/testing-setup.md` covers how to configure target repos for e2e testing (three tiers: zero-config, Playwright Test framework, AI agents)
+
+## Code Conventions
+
+- Python 3.13+ required
+- **Always use `uv run` for all Python commands** — never use `python3`, `python`, or `python3 -m`. Examples: `uv run pytest`, `uv run ruff`, `uv run mypy`, `uv run leashd`
+- Async-first: all agent/connector operations use asyncio
+- Ruff for linting and formatting (88-char line length, rules: E, F, I, N, W, UP, B, SIM, RUF, S, C4, PT, RET, ARG)
+- Pydantic models for data validation, pydantic-settings for configuration
+- structlog for structured logging — keyword args only, no string interpolation in log messages
+- Protocol classes (`BaseAgent`, `BaseConnector`) define extensibility points
+- Custom exception hierarchy in `exceptions.py`: `ConfigError`, `AgentError`, `SafetyError`, `ApprovalTimeoutError`, `SessionError`, `StorageError`, `PluginError`
+- Tests use `pytest-asyncio` with `asyncio_mode = "auto"`; coverage minimum: 89% (`fail_under = 89`)
+- No `__init__.py` or other boilerplate junk files — use implicit namespace packages
+- No redundant or obvious comments — only comment non-obvious logic
+- Only use `from __future__ import annotations` when necessary (e.g., forward references needed at runtime by Pydantic models)
+- `TYPE_CHECKING` blocks to break circular imports — runtime imports only what's needed
+- Modern union syntax: `X | None` not `Optional[X]`, `X | Y` not `Union[X, Y]`
+- Composition over inheritance; prefer small collaborating objects
+- Flat over nested: early returns, extract before exceeding 2 indentation levels
+- `_` prefix for internal APIs, no `__` name mangling
+- YAGNI: don't build for speculative future requirements
+- Rule of Three: don't abstract until third duplication
+- Test behavior, not implementation details
+
+## Logging & Observability
+
+leashd produces three data surfaces per project, all under `{project}/.leashd/`:
+
+| Surface | Path | Format | Purpose |
+|---------|------|--------|---------|
+| App logs | `logs/app.log` | JSON lines (rotating, 10 MB × 5 backups) | Structured application events from structlog |
+| Audit log | `audit.jsonl` | JSON lines (append-only) | Tool-gating decisions, approvals, security violations |
+| Message store | `messages.db` | SQLite | Conversation history (user/assistant messages, cost, duration) |
+
+Session metadata lives in a separate fixed-location store at `{leashd_root}/.leashd/sessions.db`.
+
+**Context variable auto-propagation** (`core/engine.py`): The engine binds `request_id`, `chat_id`, and `session_id` to structlog contextvars at the start of each turn. These fields automatically appear in every log entry during that turn without explicit passing. `request_id` is ephemeral (8-char hex, fresh per turn); `session_id` persists across the conversation.
+
+**Correlation keys across surfaces**:
+- `session_id` — present in all three surfaces; primary join key
+- `request_id` — app logs only; isolates a single turn's log entries
+- `user_id` + `chat_id` — session store, message store, and app logs
+- `working_directory` — links session store to the correct project's per-project files
+
+**Logging env vars**: `LEASHD_LOG_LEVEL` (default `INFO`), `LEASHD_LOG_DIR` (default `.leashd/logs`), `LEASHD_LOG_MAX_BYTES` (default 10 MB), `LEASHD_LOG_BACKUP_COUNT` (default 5), `LEASHD_AUDIT_LOG_PATH` (default `.leashd/audit.jsonl`).
+
+## Changelog
+
+After completing each feature, bug fix, or notable change, add a concise entry to `CHANGELOG.md` under the **current (latest) version heading**. All new entries accumulate under that version until a new version is explicitly introduced (e.g., bumping from `0.2.1` to `0.2.2` or `0.3.0`).
+
+```markdown
+## [0.3.0] - 2026-02-26
+- **category**: Short description of what changed
+```
+
+Categories: `added`, `fixed`, `changed`, `removed`. Keep entries to one line each. Do not create a new version heading — append to the existing one.

leashd-0.4.0/LICENSE

@@ -0,0 +1,190 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to the Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by the Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding any notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   Copyright 2025 NodeNova
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.