PyPI - marvisx-cli - Versions diffs - 0.1.0__py3-none-any.whl - Mend

marvisx-cli 0.1.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (587) hide show

core/api/__init__.py +0 -0
core/api/agents/__init__.py +0 -0
core/api/agents/session_health.py +59 -0
core/api/agents/session_manager.py +206 -0
core/api/bin/marvisx-state-hook.py +182 -0
core/api/config.py +533 -0
core/api/db.py +1516 -0
core/api/dependencies/__init__.py +0 -0
core/api/dependencies/tenant.py +34 -0
core/api/main.py +1641 -0
core/api/mcp/__init__.py +8 -0
core/api/mcp/_adapter.py +184 -0
core/api/mcp/server.py +58 -0
core/api/mcp/tools/__init__.py +59 -0
core/api/mcp/tools/brain.py +599 -0
core/api/mcp/tools/graph.py +380 -0
core/api/mcp/tools/handoffs.py +112 -0
core/api/mcp/tools/ingest.py +326 -0
core/api/mcp/tools/learnings.py +144 -0
core/api/mcp/tools/projects.py +99 -0
core/api/mcp/tools/pull_requests.py +173 -0
core/api/mcp/tools/safety.py +111 -0
core/api/mcp/tools/search.py +79 -0
core/api/mcp/tools/tasks.py +258 -0
core/api/middleware/__init__.py +0 -0
core/api/middleware/tool_call_audit.py +111 -0
core/api/models/__init__.py +346 -0
core/api/models/auth.py +48 -0
core/api/models/brain.py +1006 -0
core/api/models/common.py +76 -0
core/api/models/costs.py +91 -0
core/api/models/graph.py +66 -0
core/api/models/graph_cosmo.py +125 -0
core/api/models/graph_pr_impact.py +257 -0
core/api/models/graph_ux.py +141 -0
core/api/models/inbox.py +230 -0
core/api/models/ingest_keys.py +108 -0
core/api/models/kg.py +41 -0
core/api/models/llm_config.py +56 -0
core/api/models/monitoring.py +234 -0
core/api/models/projects.py +161 -0
core/api/models/search.py +42 -0
core/api/models/sessions.py +322 -0
core/api/models/tasks.py +184 -0
core/api/models/teams.py +63 -0
core/api/models/users.py +184 -0
core/api/observability/__init__.py +0 -0
core/api/observability/tracing.py +92 -0
core/api/paths.py +26 -0
core/api/rate_limit.py +24 -0
core/api/rbac.py +112 -0
core/api/routers/__init__.py +0 -0
core/api/routers/_adapter.py +24 -0
core/api/routers/admin_pr_impact.py +230 -0
core/api/routers/admin_settings.py +147 -0
core/api/routers/agent.py +1079 -0
core/api/routers/agent_tokens.py +276 -0
core/api/routers/app_settings.py +112 -0
core/api/routers/audit.py +89 -0
core/api/routers/auth.py +586 -0
core/api/routers/bench.py +161 -0
core/api/routers/brain.py +881 -0
core/api/routers/brain_directions.py +527 -0
core/api/routers/ci_checks.py +140 -0
core/api/routers/comments.py +273 -0
core/api/routers/costs.py +148 -0
core/api/routers/docs_coverage.py +217 -0
core/api/routers/docs_governance.py +63 -0
core/api/routers/documents.py +318 -0
core/api/routers/files.py +163 -0
core/api/routers/finder.py +987 -0
core/api/routers/graph.py +836 -0
core/api/routers/handoffs.py +156 -0
core/api/routers/inbox.py +496 -0
core/api/routers/ingest_api_keys.py +205 -0
core/api/routers/ingest_triage.py +1227 -0
core/api/routers/judge.py +306 -0
core/api/routers/kg.py +336 -0
core/api/routers/learnings.py +253 -0
core/api/routers/llm_config.py +130 -0
core/api/routers/monitoring.py +347 -0
core/api/routers/notifications.py +125 -0
core/api/routers/pr_impact.py +315 -0
core/api/routers/projects.py +1061 -0
core/api/routers/pull_requests.py +312 -0
core/api/routers/push.py +67 -0
core/api/routers/raci.py +228 -0
core/api/routers/search.py +125 -0
core/api/routers/sessions.py +3100 -0
core/api/routers/settings.py +90 -0
core/api/routers/share_repo.py +68 -0
core/api/routers/status_updates.py +96 -0
core/api/routers/tags.py +45 -0
core/api/routers/tasks.py +526 -0
core/api/routers/teams.py +425 -0
core/api/routers/terminal.py +105 -0
core/api/routers/users.py +331 -0
core/api/routers/webhooks.py +330 -0
core/api/runtime_settings.py +84 -0
core/api/security.py +652 -0
core/api/services/__init__.py +0 -0
core/api/services/audit.py +58 -0
core/api/services/auto_approval.py +82 -0
core/api/services/brain/__init__.py +52 -0
core/api/services/brain/baseline.py +230 -0
core/api/services/brain/capabilities.py +75 -0
core/api/services/brain/cascade_rollup.py +388 -0
core/api/services/brain/compound_bridge.py +215 -0
core/api/services/brain/cycle.py +1242 -0
core/api/services/brain/cycle_snapshot.py +371 -0
core/api/services/brain/digest_collector.py +147 -0
core/api/services/brain/direction.py +421 -0
core/api/services/brain/drift.py +356 -0
core/api/services/brain/drift_router.py +409 -0
core/api/services/brain/edge_metrics.py +79 -0
core/api/services/brain/events_reader.py +222 -0
core/api/services/brain/findings.py +1379 -0
core/api/services/brain/findings_reader.py +1006 -0
core/api/services/brain/jobs.py +733 -0
core/api/services/brain/journal.py +206 -0
core/api/services/brain/knowledge_forms.py +92 -0
core/api/services/brain/llm/__init__.py +37 -0
core/api/services/brain/llm/_runner.py +62 -0
core/api/services/brain/llm/base.py +70 -0
core/api/services/brain/llm/cache.py +99 -0
core/api/services/brain/llm/constants.py +46 -0
core/api/services/brain/llm/direction_alignment.py +289 -0
core/api/services/brain/llm/factory.py +132 -0
core/api/services/brain/llm/finding_reasoning.py +98 -0
core/api/services/brain/llm/finding_summary.py +92 -0
core/api/services/brain/llm/grounding.py +46 -0
core/api/services/brain/llm/journal_polish.py +96 -0
core/api/services/brain/llm/local_gateway.py +426 -0
core/api/services/brain/llm/parsers.py +71 -0
core/api/services/brain/llm/router_glue.py +422 -0
core/api/services/brain/memory_ops.py +1677 -0
core/api/services/brain/models.py +140 -0
core/api/services/brain/owner_hint.py +211 -0
core/api/services/brain/recap.py +307 -0
core/api/services/brain/rules/__init__.py +65 -0
core/api/services/brain/rules/_signals.py +205 -0
core/api/services/brain/rules/dr1_activity_without_status.py +108 -0
core/api/services/brain/rules/dr2_decision_without_adr.py +110 -0
core/api/services/brain/rules/dr3_stale_open_loop.py +127 -0
core/api/services/brain/rules/dr4_docs_governance_drift.py +79 -0
core/api/services/brain/rules/dr5_playbook_changed.py +99 -0
core/api/services/brain/rules/dr6_external_update_unpropagated.py +100 -0
core/api/services/brain/rules/dr7_claimed_decision_gap.py +123 -0
core/api/services/brain/rules/dr8_direction_misalignment.py +230 -0
core/api/services/brain/runs_reader.py +485 -0
core/api/services/brain/scope.py +79 -0
core/api/services/brain/sources/__init__.py +46 -0
core/api/services/brain/sources/base.py +86 -0
core/api/services/brain/sources/git_kg.py +393 -0
core/api/services/brain/sources/handoffs.py +157 -0
core/api/services/brain/sources/ingestor.py +130 -0
core/api/services/brain/sources/learnings.py +121 -0
core/api/services/brain/sources/pir_tasks.py +245 -0
core/api/services/brain/watermarks.py +147 -0
core/api/services/brain/ws_emitter.py +170 -0
core/api/services/cc_tasks_reader.py +76 -0
core/api/services/ci_service.py +263 -0
core/api/services/claude_metrics.py +796 -0
core/api/services/codex_metrics.py +364 -0
core/api/services/conversation_reader.py +102 -0
core/api/services/cost_service.py +243 -0
core/api/services/crypto.py +147 -0
core/api/services/docs_governance/__init__.py +1 -0
core/api/services/docs_governance/confidence.py +230 -0
core/api/services/docs_governance/config.py +87 -0
core/api/services/docs_governance/enrichment.py +65 -0
core/api/services/docs_governance/frontmatter_validator.py +83 -0
core/api/services/docs_governance/hard_gates.py +221 -0
core/api/services/docs_governance/triage_orchestrator.py +98 -0
core/api/services/embedding_internal.py +395 -0
core/api/services/embedding_service.py +832 -0
core/api/services/event_dispatcher.py +167 -0
core/api/services/events.py +70 -0
core/api/services/git_ops.py +621 -0
core/api/services/graph_cosmo_service.py +440 -0
core/api/services/graph_ranker.py +306 -0
core/api/services/graph_service.py +1589 -0
core/api/services/inbox.py +800 -0
core/api/services/inbox_digest.py +221 -0
core/api/services/inbox_digest_deep_research.py +80 -0
core/api/services/inbox_digest_jobs.py +595 -0
core/api/services/inbox_gmail_sync.py +167 -0
core/api/services/inbox_llm_classifier.py +906 -0
core/api/services/inbox_source_identity.py +116 -0
core/api/services/inbox_sources.py +456 -0
core/api/services/inbox_taxonomy.py +195 -0
core/api/services/inbox_tldr.py +1079 -0
core/api/services/inbox_triage.py +899 -0
core/api/services/ingest/__init__.py +13 -0
core/api/services/ingest/api_key_auth.py +136 -0
core/api/services/ingest/auto_approve.py +120 -0
core/api/services/ingest/classifier.py +138 -0
core/api/services/ingest/confidence.py +173 -0
core/api/services/ingest/dispatch.py +88 -0
core/api/services/ingest/embedding_router.py +272 -0
core/api/services/ingest/events.py +33 -0
core/api/services/ingest/ignore_patterns.py +79 -0
core/api/services/ingest/image_probe.py +218 -0
core/api/services/ingest/ingress.py +263 -0
core/api/services/ingest/insert_saga.py +793 -0
core/api/services/ingest/llm/__init__.py +13 -0
core/api/services/ingest/llm/anthropic_haiku.py +23 -0
core/api/services/ingest/llm/base.py +59 -0
core/api/services/ingest/llm/byok_provider.py +130 -0
core/api/services/ingest/llm/classification_context.py +301 -0
core/api/services/ingest/llm/config_store.py +246 -0
core/api/services/ingest/llm/factory.py +24 -0
core/api/services/ingest/llm/kg_enricher.py +306 -0
core/api/services/ingest/llm/local_gateway.py +821 -0
core/api/services/ingest/llm/local_vllm.py +23 -0
core/api/services/ingest/llm/openai_nano.py +349 -0
core/api/services/ingest/lock_advisory.py +57 -0
core/api/services/ingest/parser_router.py +1756 -0
core/api/services/ingest/parsers/__init__.py +1 -0
core/api/services/ingest/parsers/docling_parser.py +142 -0
core/api/services/ingest/parsers/docparse_gateway.py +178 -0
core/api/services/ingest/parsers/docx_parser.py +127 -0
core/api/services/ingest/parsers/folder_unpacker.py +85 -0
core/api/services/ingest/parsers/gateway_aux.py +147 -0
core/api/services/ingest/parsers/image_parser.py +251 -0
core/api/services/ingest/parsers/internal_markdown.py +89 -0
core/api/services/ingest/parsers/ocr_gateway.py +117 -0
core/api/services/ingest/parsers/ocr_pdf_parser.py +112 -0
core/api/services/ingest/parsers/pdf_types.py +13 -0
core/api/services/ingest/parsers/transcript_parser.py +445 -0
core/api/services/ingest/parsers/vision_gateway.py +186 -0
core/api/services/ingest/parsers/xlsx_parser.py +91 -0
core/api/services/ingest/parsers/zip_unpacker.py +126 -0
core/api/services/ingest/preflight.py +393 -0
core/api/services/ingest/retry_voyage.py +88 -0
core/api/services/ingest/routing_policy.py +307 -0
core/api/services/ingest/serializers/__init__.py +1 -0
core/api/services/ingest/serializers/xlsx_to_markdown.py +80 -0
core/api/services/ingest/skip_log.py +74 -0
core/api/services/ingest/watcher.py +637 -0
core/api/services/kg/__init__.py +0 -0
core/api/services/kg/audit.py +49 -0
core/api/services/kg/hybrid_search.py +691 -0
core/api/services/kg/lens.py +339 -0
core/api/services/kg/pr_impact.py +770 -0
core/api/services/kg/queries.py +152 -0
core/api/services/kg/ranking.py +89 -0
core/api/services/kg/rrf.py +143 -0
core/api/services/kg_watcher_control.py +161 -0
core/api/services/local_llm/__init__.py +19 -0
core/api/services/local_llm/async_client.py +385 -0
core/api/services/local_llm/client.py +173 -0
core/api/services/local_llm/url_validator.py +44 -0
core/api/services/metrics_collector.py +646 -0
core/api/services/metrics_providers.py +65 -0
core/api/services/model_registry.py +266 -0
core/api/services/model_router.py +137 -0
core/api/services/n8n_client.py +77 -0
core/api/services/newsletter_llm_gateway.py +66 -0
core/api/services/notification_service.py +134 -0
core/api/services/openai_responses.py +55 -0
core/api/services/opencode_metrics.py +375 -0
core/api/services/opencode_sessions.py +173 -0
core/api/services/pii_redactor.py +138 -0
core/api/services/pr_impact_pipeline/__init__.py +21 -0
core/api/services/pr_impact_pipeline/differ.py +421 -0
core/api/services/pr_impact_pipeline/dispatcher.py +415 -0
core/api/services/pr_impact_pipeline/gc.py +93 -0
core/api/services/pr_impact_pipeline/languages.py +192 -0
core/api/services/pr_impact_pipeline/parser.py +178 -0
core/api/services/pr_impact_pipeline/writer.py +394 -0
core/api/services/pr_service.py +1393 -0
core/api/services/project_paths.py +70 -0
core/api/services/project_status_updates.py +265 -0
core/api/services/providers.py +276 -0
core/api/services/push_service.py +170 -0
core/api/services/reminder_service.py +89 -0
core/api/services/runas.py +41 -0
core/api/services/salience_service.py +69 -0
core/api/services/security_collector.py +281 -0
core/api/services/session_catalog.py +385 -0
core/api/services/session_metrics_service.py +301 -0
core/api/services/session_ops.py +272 -0
core/api/services/session_state.py +173 -0
core/api/services/share_links.py +222 -0
core/api/services/task_transitions.py +146 -0
core/api/services/terminal_metrics.py +462 -0
core/api/services/terminal_metrics_dump.py +203 -0
core/api/services/tmux.py +1205 -0
core/api/services/webhook_service.py +422 -0
core/api/services/workspace_sync.py +164 -0
core/api/templates/__init__.py +1 -0
core/api/templates/markdown_share.py +164 -0
core/api/terminal.py +1031 -0
core/api/tests/__init__.py +0 -0
core/api/tests/test_agent_facing_auth_dependencies.py +132 -0
core/api/tests/test_audit_permissions.py +133 -0
core/api/tests/test_backfill_session_conversations.py +90 -0
core/api/tests/test_backfill_working_seconds_msg.py +129 -0
core/api/tests/test_claude_metrics.py +326 -0
core/api/tests/test_codex_metrics.py +189 -0
core/api/tests/test_finder_paths.py +74 -0
core/api/tests/test_git_ops_merge.py +155 -0
core/api/tests/test_learnings_check_search.py +81 -0
core/api/tests/test_metrics_providers.py +133 -0
core/api/tests/test_migration_087.py +164 -0
core/api/tests/test_migration_088.py +94 -0
core/api/tests/test_migration_089.py +116 -0
core/api/tests/test_openai_responses.py +24 -0
core/api/tests/test_opencode_metrics.py +740 -0
core/api/tests/test_opencode_sessions.py +321 -0
core/api/tests/test_pr_workflow_e2e.py +457 -0
core/api/tests/test_projects_handoffs.py +31 -0
core/api/tests/test_providers.py +138 -0
core/api/tests/test_safety_bridge.py +347 -0
core/api/tests/test_session_catalog.py +142 -0
core/api/tests/test_session_conversations.py +512 -0
core/api/tests/test_session_metrics_service.py +270 -0
core/api/tests/test_session_resume_paths.py +548 -0
core/api/tests/test_session_theme_mode_migration.py +56 -0
core/api/tests/test_sessions_rbac.py +131 -0
core/api/tests/test_share_edit.py +398 -0
core/api/tests/test_share_repo.py +200 -0
core/api/tests/test_terminal_session_manager.py +98 -0
core/api/tests/test_terminal_upload.py +34 -0
core/api/tests/test_tmux.py +272 -0
core/api/tests/test_workspace_sync.py +186 -0
core/api/tests/test_ws_ticket_in_memory.py +73 -0
core/api/use_cases/__init__.py +11 -0
core/api/use_cases/_context.py +89 -0
core/api/use_cases/_errors.py +62 -0
core/api/use_cases/_roles.py +16 -0
core/api/use_cases/audit.py +171 -0
core/api/use_cases/brain.py +1232 -0
core/api/use_cases/costs.py +249 -0
core/api/use_cases/graph.py +1153 -0
core/api/use_cases/handoffs.py +506 -0
core/api/use_cases/ingest_triage.py +1229 -0
core/api/use_cases/learnings.py +538 -0
core/api/use_cases/projects.py +705 -0
core/api/use_cases/pull_requests.py +415 -0
core/api/use_cases/search.py +926 -0
core/api/use_cases/tasks.py +1495 -0
core/api/visibility.py +141 -0
core/cli/__init__.py +5 -0
core/cli/_index_source.py +632 -0
core/cli/_runtime_ctx.py +160 -0
core/cli/_transmute.py +241 -0
core/cli/marvis_doctor.py +704 -0
core/cli/marvis_feedback.py +396 -0
core/cli/marvis_governance.py +315 -0
core/cli/marvis_hooks.py +515 -0
core/cli/marvis_init.py +757 -0
core/cli/marvis_mcp.py +401 -0
core/cli/marvis_runtime.py +855 -0
core/cli/marvis_telemetry.py +228 -0
core/scripts/_drift_check.py +716 -0
core/scripts/_frontmatter.py +66 -0
core/scripts/_graph_writer.py +189 -0
core/scripts/ast_parser.py +1553 -0
core/scripts/install_hooks/__init__.py +1 -0
core/scripts/install_hooks/_config.sh +109 -0
core/scripts/install_hooks/block-dangerous-bash.sh +23 -0
core/scripts/install_hooks/block-db-direct-write.sh +23 -0
core/scripts/install_hooks/block-push-no-task.sh +23 -0
core/scripts/install_hooks/block-staging-to-prod.sh +23 -0
core/scripts/install_hooks/block-subtree-push.sh +23 -0
core/scripts/install_hooks/config.json +53 -0
core/scripts/install_hooks/enforce-no-merge-main.sh +23 -0
core/scripts/install_hooks/enforce-worktree.sh +23 -0
core/scripts/install_hooks/quality-gate.sh +170 -0
core/scripts/install_hooks/safety_bridge.py +968 -0
core/scripts/install_hooks/secret-scan.sh +23 -0
core/scripts/migrate_spike_node_ids.py +122 -0
core/scripts/populate_artifacts.py +2198 -0
core/scripts/populate_cross_project.py +2457 -0
core/scripts/populate_inbox_nodes.py +357 -0
core/scripts/populate_pr_impact.py +267 -0
core/scripts/populate_project_nodes.py +603 -0
core/scripts/populate_touch_counter.py +337 -0
core/scripts/reparse_failed.py +57 -0
core/scripts/safety_bridge.py +968 -0
core/telemetry/__init__.py +9 -0
core/telemetry/client.py +405 -0
core/telemetry/schema.py +122 -0
core/wizard/__init__.py +65 -0
core/wizard/byok_vault.py +147 -0
core/wizard/defaults.py +58 -0
core/wizard/state.py +117 -0
core/wizard/steps.py +70 -0
core/wizard/validation.py +136 -0
marvisx_cli-0.1.0.dist-info/METADATA +201 -0
marvisx_cli-0.1.0.dist-info/RECORD +587 -0
marvisx_cli-0.1.0.dist-info/WHEEL +5 -0
marvisx_cli-0.1.0.dist-info/entry_points.txt +3 -0
marvisx_cli-0.1.0.dist-info/licenses/LICENSE +98 -0
marvisx_cli-0.1.0.dist-info/top_level.txt +3 -0
migrations/001_initial.sql +33 -0
migrations/002_tasks.sql +30 -0
migrations/003_session_management.sql +7 -0
migrations/004_projects_comments.sql +65 -0
migrations/005_session_intelligence.sql +15 -0
migrations/006_settings.sql +12 -0
migrations/007_task_scoring.sql +12 -0
migrations/008_cost_tracking.sql +31 -0
migrations/009_session_card_metrics.sql +3 -0
migrations/010_monitoring.sql +55 -0
migrations/012_agent_api.sql +21 -0
migrations/013_session_complete.sql +8 -0
migrations/015_pull_requests.sql +43 -0
migrations/015_pull_requests_down.sql +5 -0
migrations/016_users_raci.sql +116 -0
migrations/017_task_cost_entries.sql +87 -0
migrations/018_agents.sql +73 -0
migrations/018_agents_down.sql +13 -0
migrations/019_review_feedback.sql +18 -0
migrations/020_pr_commit_sha.sql +4 -0
migrations/021_webhook_events.sql +18 -0
migrations/022_devx_agent_managed.sql +11 -0
migrations/022_devx_agent_managed_down.sql +6 -0
migrations/023_devx_p1_gate.sql +7 -0
migrations/023_devx_p1_gate_down.sql +3 -0
migrations/024_chat_messages.sql +16 -0
migrations/024_pr_conversation_id.sql +8 -0
migrations/024_task_indexes.sql +21 -0
migrations/024_task_indexes_down.sql +7 -0
migrations/025_audit_log.sql +17 -0
migrations/026_agent_tokens.sql +20 -0
migrations/027_teams_auth_phase_b.sql +35 -0
migrations/028_learnings.sql +23 -0
migrations/029_team_roles.sql +14 -0
migrations/030_finder_pins.sql +10 -0
migrations/031_pr_deploy_status.sql +9 -0
migrations/032_task_reminders.sql +7 -0
migrations/033_events_retry_count.sql +6 -0
migrations/033_session_owner.sql +9 -0
migrations/034_notifications.sql +38 -0
migrations/035_shared_links.sql +15 -0
migrations/036_session_index_upgrade.sql +29 -0
migrations/037_pr_approval.sql +15 -0
migrations/038_pr_submitted_by.sql +6 -0
migrations/039_push_subscriptions.sql +17 -0
migrations/040_semantic_search.sql +16 -0
migrations/041_workspaces.sql +63 -0
migrations/042_oidc_providers.sql +24 -0
migrations/043_ci_checks.sql +31 -0
migrations/044_agent_metrics.sql +30 -0
migrations/045_documents_doc_type.sql +5 -0
migrations/046_salience.sql +13 -0
migrations/047_seed_missing_agents.sql +6 -0
migrations/048_fix_agent_paths_roles.sql +5 -0
migrations/049_agent_role_and_learnings_schema.sql +3 -0
migrations/050_session_provider.sql +2 -0
migrations/051_session_launch_profile.sql +4 -0
migrations/052_session_theme_mode.sql +2 -0
migrations/052_task_kind.sql +4 -0
migrations/053_inbox_items.sql +31 -0
migrations/054_inbox_triage_contract.sql +30 -0
migrations/055_inbox_topic_treatment.sql +12 -0
migrations/056_inbox_treatment_read_save.sql +57 -0
migrations/057_session_theme_mode_backfill.sql +4 -0
migrations/058_inbox_item_status_lifecycle.sql +13 -0
migrations/059_inbox_tldr_and_source_scores.sql +18 -0
migrations/060_newsletter.sql +16 -0
migrations/061_inbox_redesign.sql +69 -0
migrations/062_fix_inbox_sources_backfill.sql +37 -0
migrations/063_task_completion_mode.sql +23 -0
migrations/064_judge_mode_setting.sql +4 -0
migrations/065_knowledge_graph_spike.sql +40 -0
migrations/066_digest_ranking_inputs.sql +10 -0
migrations/066_kg_artifact_nodes.sql +129 -0
migrations/067_inbox_digest_selections.sql +28 -0
migrations/067_kg_temporal.sql +53 -0
migrations/068_inbox_digest_app_settings.sql +9 -0
migrations/068_kg_touch_counter.sql +52 -0
migrations/069_kg_doc_types.sql +117 -0
migrations/070_digest_ranking_inputs_recovery.sql +3 -0
migrations/071_inbox_digest_selections_recovery.sql +3 -0
migrations/072_inbox_digest_app_settings_recovery.sql +3 -0
migrations/073_kg_cross_project.sql +216 -0
migrations/073_kg_cross_project_down.sql +77 -0
migrations/074_kg_infra_types.sql +208 -0
migrations/074_kg_infra_types_down.sql +80 -0
migrations/075_kg_file_state_recovery.sql +35 -0
migrations/075_kg_file_state_recovery_down.sql +5 -0
migrations/076_kg_watcher_state.sql +33 -0
migrations/076_kg_watcher_state_down.sql +3 -0
migrations/077_kg_doc_types_extend.sql +226 -0
migrations/077_kg_doc_types_extend_down.sql +80 -0
migrations/078_kg_fts5.sql +102 -0
migrations/078_kg_fts5_down.sql +14 -0
migrations/079_kg_missing_indexes.sql +31 -0
migrations/079_kg_missing_indexes_down.sql +10 -0
migrations/080_kg_fts5_extended.sql +232 -0
migrations/080_kg_fts5_extended_down.sql +25 -0
migrations/081_kg_lens_indexes.sql +9 -0
migrations/081_kg_lens_indexes_down.sql +3 -0
migrations/082_kg_pins.sql +26 -0
migrations/082_kg_pins_down.sql +14 -0
migrations/083_kg_graph_nodes_degree.sql +20 -0
migrations/083_kg_graph_nodes_degree_down.sql +15 -0
migrations/084_drop_legacy_scheduler_tables.sql +58 -0
migrations/084_drop_legacy_scheduler_tables_down.sql +112 -0
migrations/085_kg_edge_resolves_to.sql +142 -0
migrations/085_kg_edge_resolves_to_down.sql +66 -0
migrations/086_project_status_updates_feed.sql +20 -0
migrations/086_project_status_updates_feed_down.sql +36 -0
migrations/087_session_metrics_dual.sql +50 -0
migrations/087_session_metrics_dual_down.sql +21 -0
migrations/088_rename_context_pct_legacy.sql +23 -0
migrations/088_rename_context_pct_legacy_down.sql +8 -0
migrations/089_session_metrics_equivalent_cost.sql +26 -0
migrations/089_session_metrics_equivalent_cost_down.sql +11 -0
migrations/090_kg_inbox_node_type.sql +26 -0
migrations/090_kg_inbox_node_type_down.sql +20 -0
migrations/091_kg_inbox_node_type_check.sql +265 -0
migrations/091_kg_inbox_node_type_check_down.sql +129 -0
migrations/092_sessions_activity_state_ts.sql +29 -0
migrations/092_sessions_activity_state_ts_down.sql +14 -0
migrations/093_sessions_activity_state_column.sql +29 -0
migrations/093_sessions_activity_state_column_down.sql +10 -0
migrations/094_ingest_pending.sql +55 -0
migrations/094_ingest_pending_down.sql +15 -0
migrations/095_kg_intent_first.sql +77 -0
migrations/095_kg_intent_first_down.sql +25 -0
migrations/096_kg_xlsx_artifact_prefix.sql +17 -0
migrations/096_kg_xlsx_artifact_prefix_down.sql +11 -0
migrations/097_ingest_change_history.sql +37 -0
migrations/097_ingest_change_history_down.sql +13 -0
migrations/098_kg_node_type_business.sql +254 -0
migrations/098_kg_node_type_business_down.sql +195 -0
migrations/099_kg_edges_restore_weight.sql +58 -0
migrations/099_kg_edges_restore_weight_down.sql +12 -0
migrations/100_kg_enriched_at.sql +25 -0
migrations/100_kg_enriched_at_down.sql +12 -0
migrations/101_local_llm_shadow_comparisons.sql +66 -0
migrations/101_local_llm_shadow_comparisons_down.sql +15 -0
migrations/102_promote_llm_costs.sql +69 -0
migrations/102_promote_llm_costs_down.sql +19 -0
migrations/103_ingest_skipped_log.sql +46 -0
migrations/103_ingest_skipped_log_down.sql +15 -0
migrations/120_docs_governance.sql +50 -0
migrations/120_docs_governance_down.sql +11 -0
migrations/121_notification_event_fk_cleanup.sql +21 -0
migrations/121_notification_event_fk_cleanup_down.sql +10 -0
migrations/122_docs_drift_history.sql +34 -0
migrations/122_docs_drift_history_down.sql +15 -0
migrations/123_ingest_parser_waiting_status.sql +69 -0
migrations/123_ingest_parser_waiting_status_down.sql +69 -0
migrations/124_heypocket_recordings.sql +63 -0
migrations/124_heypocket_recordings_down.sql +13 -0
migrations/125_kg_node_type_record.sql +219 -0
migrations/125_kg_node_type_record_down.sql +205 -0
migrations/126_ingest_terminal_upload_source_kind.sql +69 -0
migrations/126_ingest_terminal_upload_source_kind_down.sql +69 -0
migrations/127_brain_v1_substrate.sql +200 -0
migrations/127_brain_v1_substrate_down.sql +32 -0
migrations/128_brain_drift_signals.sql +157 -0
migrations/128_brain_drift_signals_down.sql +23 -0
migrations/129_brain_memory_operations.sql +232 -0
migrations/129_brain_memory_operations_down.sql +27 -0
migrations/130_brain_findings.sql +258 -0
migrations/130_brain_findings_down.sql +29 -0
migrations/132_kg_pr_modifies.sql +242 -0
migrations/132_kg_pr_modifies_down.sql +99 -0
migrations/133_brain_v1_2_direction_schema.sql +476 -0
migrations/133_brain_v1_2_direction_schema_down.sql +273 -0
migrations/134_brain_journal_narrative_polished.sql +8 -0
migrations/134_brain_journal_narrative_polished_down.sql +6 -0
migrations/135_kg_edges_provider.sql +21 -0
migrations/136_documents_fts.sql +56 -0
migrations/137_promote_llm_costs.sql +59 -0
migrations/137_promote_llm_costs_down.sql +19 -0
migrations/138_ingest_api_keys.sql +39 -0
migrations/138_ingest_api_keys_down.sql +8 -0
migrations/139_ingest_pending_ingress.sql +91 -0
migrations/139_ingest_pending_ingress_down.sql +73 -0
migrations/140_ingest_idempotency_quota.sql +45 -0
migrations/140_ingest_idempotency_quota_down.sql +9 -0
migrations/141_ingest_pending_metadata.sql +16 -0
migrations/141_ingest_pending_metadata_down.sql +7 -0
migrations/142_llm_function_config.sql +36 -0
migrations/142_llm_function_config_down.sql +8 -0
migrations/143_kg_code_embeddings.sql +25 -0
migrations/143_kg_code_embeddings_down.sql +5 -0
migrations/__init__.py +4 -0
projects/_template/project.yaml +46 -0

core/api/config.py ADDED Viewed

@@ -0,0 +1,533 @@
+# v1.18.0 - 2026-05-16 - KG PR-Impact PRE phase: function cap + branch stale + replay buffer + pr_impact_enabled
+from __future__ import annotations
+import os
+from pathlib import Path
+from typing import Literal
+from pydantic import AliasChoices, Field, SecretStr
+from pydantic_settings import BaseSettings, SettingsConfigDict
+class Settings(BaseSettings):
+    model_config = SettingsConfigDict(
+        env_file=".env",
+        env_file_encoding="utf-8",
+        extra="ignore",  # ignora env vars non dichiarate
+        populate_by_name=True,
+    )
+    pir_env: str = "development"
+    # Free-form tenant identifier. Default "core" (OSS). Deploy bundles set
+    # DEPLOY_MODE to their own tenant slug via .env; no tenant names are
+    # hard-coded in core.
+    deploy_mode: str = Field(default="core", alias="DEPLOY_MODE")
+    pir_instance: str = Field(default="prod", alias="PIR_INSTANCE")
+    marvisx_phase: Literal["A", "B", "C", "D"] = Field(
+        default="A", alias="MARVISX_PHASE"
+    )
+    pir_canary_banner: bool = Field(default=False, alias="PIR_CANARY_BANNER")
+    pir_voyage_disabled: bool = Field(default=False, alias="PIR_VOYAGE_DISABLED")
+    pir_jwt_secret: str = "dev-secret-change-in-production"
+    pir_admin_password_hash: str = ""
+    db_path: str = Field(
+        default="console.db",
+        validation_alias=AliasChoices("PIR_DB_PATH", "DB_PATH"),
+    )
+    cookie_domain: str | None = Field(default=None, alias="COOKIE_DOMAIN")
+    cors_origins_prod: list[str] = Field(
+        default_factory=list,
+        alias="CORS_ORIGINS_PROD",
+    )
+    cors_origins_dev: list[str] = ["http://localhost:3000", "http://localhost:3001"]
+    console_base_url: str | None = Field(default=None, alias="CONSOLE_BASE_URL")
+    jwt_expiry_hours: int = 24
+    ws_ticket_ttl_seconds: int = 30
+    tasks_api_token: str = ""
+    sqlite_busy_timeout_ms: int = 30000  # 30s — backfill/reindex can hold lock >15s
+    db_pool_size: int = 8  # bounded connection pool size
+    auto_hibernate_enabled: bool = True
+    tasks_rate_limit_per_min: int = 60
+    kg_deep_rate_limit_per_min: int = (
+        30  # max deep KG bundle requests per user per minute
+    )
+    inbox_sources_json: str = "{}"
+    inbox_max_title_chars: int = 500
+    inbox_max_content_chars: int = 20000
+    inbox_max_metadata_bytes: int = 20000
+    inbox_digest_scheduler_interval_seconds: int = 3600
+    brain_scheduler_interval_seconds: int = 3600
+    brain_run_off_peak_only: bool = Field(
+        default=False, alias="BRAIN_RUN_OFF_PEAK_ONLY"
+    )
+    # GitHub Webhook
+    github_webhook_secret: str = ""
+    # KG PR-Impact View (planned 2026-05-16, sub-01/02/03 sequential implementation)
+    # Source-of-truth single owner per setting: vedi docs/plans/2026-05-16-feat-kg-pr-impact-view-plan.md §9.10
+    # Magic numbers cross-sub extracted per Emilio decision (D-MAGIC-NUMBERS-SETTINGS)
+    pr_impact_enabled: Literal["off", "shadow", "on"] = Field(
+        default="shadow", alias="PR_IMPACT_ENABLED"
+    )
+    function_cap_default: int = Field(
+        default=800, alias="FUNCTION_CAP_DEFAULT"
+    )  # PR-impact response: top-N functions per priority ranking (sub-02 §2.1)
+    function_cap_max_deep_link: int = Field(
+        default=50, alias="FUNCTION_CAP_MAX_DEEP_LINK"
+    )  # sub-04 deep-link ?op= max highlighted nodes
+    kg_branch_stale_days: int = Field(
+        default=30, alias="KG_BRANCH_STALE_DAYS"
+    )  # branch is_stale threshold (sub-02 §2.2)
+    pr_events_replay_maxlen: int = Field(
+        default=20, alias="PR_EVENTS_REPLAY_MAXLEN"
+    )  # in-memory WS ring buffer per project_slug (sub-02 §3.2)
+    telegram_bot_token: str | None = Field(default=None, alias="TELEGRAM_BOT_TOKEN")
+    telegram_owner_chat_id: str | None = Field(
+        default=None, alias="TELEGRAM_OWNER_CHAT_ID"
+    )
+    # Plan 3 tenant scaffolding. Defaults stay off for marvis-personal/core.
+    multi_tenant_enabled: bool = Field(default=False, alias="MULTI_TENANT_ENABLED")
+    per_user_api_key_enabled: bool = Field(
+        default=False, alias="PER_USER_API_KEY_ENABLED"
+    )
+    byok_fernet_secret: str | None = Field(
+        default=None, alias="BYOK_FERNET_SECRET"
+    )
+    fernet_salt_version: str = Field(default="v1", alias="FERNET_SALT_VERSION")
+    uid_isolation_enabled: bool = Field(default=False, alias="UID_ISOLATION_ENABLED")
+    uid_pool_size: int = Field(default=0, alias="UID_POOL_SIZE")
+    uid_pool_prefix: str = Field(default="tenant", alias="UID_POOL_PREFIX")
+    uid_pool_base: int = Field(default=10100, alias="UID_POOL_BASE")
+    # Git run-as user for deployments where the API service account differs from
+    # the user that owns the git repositories. When set and != the current
+    # process user, git runs via `sudo -u <user>` and chown targets `<user>:<user>`.
+    # Empty default (single-user / self-hosted): git runs directly and chown is
+    # skipped — the API process already owns the repos. See services/runas.py.
+    git_runas_user: str = Field(default="", alias="GIT_RUNAS_USER")
+    force_password_change_on_first_login: bool = Field(
+        default=False, alias="FORCE_PASSWORD_CHANGE_ON_FIRST_LOGIN"
+    )
+    # Extra env-var names a tenant exposes into its user tmux panes, on top of
+    # the generic core defaults. JSON array form, e.g.
+    #   TENANT_ENV_WHITELIST=["DATABASE_URL","DEPLOY_MODE","TENANT_SLUG"]
+    # The tenant overlay (deploy/<tenant>/, tenants/<tenant>/config.env) ships
+    # this. No tenant-specific whitelist is hardcoded in core.
+    tenant_env_whitelist: list[str] = Field(
+        default_factory=list, alias="TENANT_ENV_WHITELIST"
+    )
+    # Agents whose `hybrid` self-improvement proposals always require human
+    # review (auto-approval veto). JSON array form, e.g.
+    #   SELF_IMPROVEMENT_AGENTS=["agent-a","agent-b"]
+    # Default empty: OSS core ships no internal agent names hardcoded. The deploy
+    # bundle (.env) sets the names so the safety veto stays armed on our prod /
+    # tenant installs. Empty list = no veto (auto-approval proceeds per the other
+    # rules), which is safe for a fresh OSS install that has no self-improvement
+    # agent. See services/auto_approval.py::ApprovalPolicy.evaluate.
+    self_improvement_agents: list[str] = Field(
+        default_factory=list, alias="SELF_IMPROVEMENT_AGENTS"
+    )
+    # Static agent identities accepted for X-Agent-Name attribution on top of the
+    # DB `users` table (the authoritative source via get_valid_agent_names) and
+    # the generic system identities. JSON array form, e.g.
+    #   STATIC_AGENT_IDENTITIES=["agent-a","agent-b"]
+    # Default empty: OSS core hardcodes no tenant agent names. Agents still
+    # authenticate via their DB row; this list only covers the legacy shared
+    # TASKS_API_TOKEN attribution path + the scope-enforcement gate in rbac.py,
+    # which do not query the DB. The deploy bundle (.env) sets the names.
+    # See security.py::_VALID_AGENT_NAMES and rbac.py::require_scope.
+    static_agent_identities: list[str] = Field(
+        default_factory=list, alias="STATIC_AGENT_IDENTITIES"
+    )
+    # Monitoring
+    monitoring_metrics_interval: int = (
+        60  # was 10 — caused DB lock every ~30min via metrics_collector.save_to_db
+    )
+    monitoring_docker_interval: int = (
+        60  # Docker stats interval (separate from system metrics)
+    )
+    monitoring_security_interval: int = 60
+    monitoring_retention_raw_hours: int = 24
+    monitoring_retention_candles_days: int = 30
+    monitoring_retention_events_days: int = 30
+    monitoring_rate_limit_per_min: int = 30
+    # Finder
+    finder_root: str = "/data"
+    workspace_root: str | None = Field(
+        default=None, alias="WORKSPACE_ROOT"
+    )
+    repo_share_root: str | None = Field(
+        default=None, alias="REPO_SHARE_ROOT"
+    )
+    runtime_home: str | None = Field(default=None, alias="RUNTIME_HOME")
+    agents_base: str | None = Field(
+        default=None, alias="AGENTS_BASE"
+    )
+    constitution_path: str | None = Field(
+        default=None,
+        alias="CONSTITUTION_PATH",
+    )
+    finder_max_upload_bytes: int = 50_000_000  # 50MB
+    finder_max_edit_bytes: int = 1_000_000  # 1MB
+    finder_max_view_bytes: int = 10_000_000  # 10MB
+    finder_hidden_patterns: list[str] = [
+        ".ssh",
+        ".gnupg",
+        ".env",
+        "*.key",
+        "*.pem",
+        "node_modules",
+        ".npm",
+        "__pycache__",
+        ".cache",
+        "proc",
+        "sys",
+        "dev",
+        "run",
+    ]
+    finder_symlink_whitelist: list[str] = Field(
+        default_factory=list,
+        alias="FINDER_SYMLINK_WHITELIST",
+    )
+    # n8n Integration
+    n8n_webhook_url: str = ""
+    n8n_api_url: str = ""
+    n8n_api_key: str = ""
+    n8n_webhook_secret: str = ""
+    n8n_dispatch_interval: int = 30
+    n8n_max_retry_count: int = 5
+    # Web Push (VAPID)
+    vapid_private_key: str = ""
+    vapid_public_key: str = ""
+    # SSO / WorkOS AuthKit
+    workos_api_key: str = ""
+    workos_client_id: str = ""
+    workos_cookie_password: str = ""  # 32+ chars for state cookie encryption
+    sso_enabled: bool = False  # feature flag for gradual rollout
+    expose_openapi: bool = (
+        True  # expose /docs and /openapi.json (auth-protected in prod)
+    )
+    openai_api_key: str = ""
+    anthropic_api_key: str = ""  # used by inbox_tldr and other Anthropic SDK callers
+    # MAC-Phase 0.5: LiteLLM gateway endpoint. Example forms:
+    #   http://<tailnet-host>:4000/v1
+    #   https://llm.<your-domain>/v1
+    # The deploy bundle (e.g. deploy/marvis-personal/.env) provides the actual value.
+    llm_gateway_base_url: str = Field(default="", alias="LLM_GATEWAY_BASE_URL")
+    llm_gateway_enforce_public_base_url: bool = Field(
+        default=False, alias="LLM_GATEWAY_ENFORCE_PUBLIC_BASE_URL"
+    )
+    llm_gateway_api_key: SecretStr | None = Field(
+        default=None, alias="LLM_GATEWAY_API_KEY"
+    )
+    ingest_llm_gateway_api_key: SecretStr | None = Field(
+        default=None, alias="INGEST_LLM_GATEWAY_API_KEY"
+    )
+    ingest_llm_gateway_agent_name: str = Field(
+        default="marvisx-ingester", alias="INGEST_LLM_GATEWAY_AGENT_NAME"
+    )
+    newsletter_llm_gateway_api_key: SecretStr | None = Field(
+        default=None, alias="NEWSLETTER_LLM_GATEWAY_API_KEY"
+    )
+    newsletter_llm_gateway_agent_name: str = Field(
+        default="newsletter-digest", alias="NEWSLETTER_LLM_GATEWAY_AGENT_NAME"
+    )
+    # Inbox TLDR migration flags. Both default false → behaviour unchanged
+    # (Sonnet only). Setting shadow_mode=true logs cloud + local in parallel
+    # without affecting the user response. Setting use_local=true serves the
+    # local response and falls back to cloud only on gateway failure.
+    inbox_tldr_use_local: bool = Field(default=False, alias="INBOX_TLDR_USE_LOCAL")
+    inbox_tldr_shadow_mode: bool = Field(default=False, alias="INBOX_TLDR_SHADOW_MODE")
+    inbox_tldr_local_model: Literal["tier-think", "tier-fast"] = Field(
+        default="tier-think", alias="INBOX_TLDR_LOCAL_MODEL"
+    )
+    inbox_deep_research_local_model: Literal[
+        "tier-think", "tier-fast", "tier-write"
+    ] = Field(
+        default="tier-fast", alias="INBOX_DEEP_RESEARCH_LOCAL_MODEL"
+    )
+    inbox_deep_research_llm_gateway_api_key: SecretStr | None = Field(
+        default=None, alias="INBOX_DEEP_RESEARCH_LLM_GATEWAY_API_KEY"
+    )
+    inbox_deep_research_repair_model: Literal[
+        "tier-think", "tier-fast", "tier-write"
+    ] = Field(
+        default="tier-fast", alias="INBOX_DEEP_RESEARCH_REPAIR_MODEL"
+    )
+    inbox_deep_research_local_max_tokens: int = Field(
+        default=2000, alias="INBOX_DEEP_RESEARCH_LOCAL_MAX_TOKENS"
+    )
+    inbox_deep_research_local_timeout_seconds: float = Field(
+        default=300.0, alias="INBOX_DEEP_RESEARCH_LOCAL_TIMEOUT_SECONDS"
+    )
+    ingest_parser_max_concurrency: int = Field(
+        default=1, alias="INGEST_PARSER_MAX_CONCURRENCY"
+    )
+    ingest_local_parser_max_concurrency: int = Field(
+        default=1, alias="INGEST_LOCAL_PARSER_MAX_CONCURRENCY"
+    )
+    ingest_ocr_max_concurrency: int = Field(
+        default=3, alias="INGEST_OCR_MAX_CONCURRENCY"
+    )
+    ingest_docparse_max_concurrency: int = Field(
+        default=1, alias="INGEST_DOCPARSE_MAX_CONCURRENCY"
+    )
+    ingest_transcribe_max_concurrency: int = Field(
+        default=1, alias="INGEST_TRANSCRIBE_MAX_CONCURRENCY"
+    )
+    ingest_vision_max_concurrency: int = Field(
+        default=1, alias="INGEST_VISION_MAX_CONCURRENCY"
+    )
+    # Optional AUX proxy URL for non-chat gateway endpoints (/v1/ocr,
+    # /v1/audio/transcriptions). If unset, consumers derive it from
+    # LLM_GATEWAY_BASE_URL when the private Mac tailnet URL uses :4000.
+    llm_gateway_aux_base_url: str = Field(default="", alias="LLM_GATEWAY_AUX_BASE_URL")
+    ingest_transcribe_timeout_seconds: float = Field(
+        default=900.0, alias="INGEST_TRANSCRIBE_TIMEOUT_SECONDS"
+    )
+    ingest_transcribe_ffmpeg_timeout_seconds: float = Field(
+        default=900.0, alias="INGEST_TRANSCRIBE_FFMPEG_TIMEOUT_SECONDS"
+    )
+    ingest_transcribe_max_bytes: int = Field(
+        default=500 * 1024 * 1024, alias="INGEST_TRANSCRIBE_MAX_BYTES"
+    )
+    ingest_transcribe_language: str = Field(
+        default="", alias="INGEST_TRANSCRIBE_LANGUAGE"
+    )
+    ingest_ocr_timeout_seconds: float = Field(
+        default=300.0, alias="INGEST_OCR_TIMEOUT_SECONDS"
+    )
+    ingest_ocr_max_bytes: int = Field(
+        default=500 * 1024 * 1024, alias="INGEST_OCR_MAX_BYTES"
+    )
+    ingest_docparse_enabled: bool = Field(
+        default=False, alias="INGEST_DOCPARSE_ENABLED"
+    )
+    ingest_docparse_pdfs_enabled: bool = Field(
+        default=True, alias="INGEST_DOCPARSE_PDFS_ENABLED"
+    )
+    ingest_docparse_images_enabled: bool = Field(
+        default=True, alias="INGEST_DOCPARSE_IMAGES_ENABLED"
+    )
+    ingest_docparse_mode: Literal["fast", "standard", "precise"] = Field(
+        default="standard", alias="INGEST_DOCPARSE_MODE"
+    )
+    ingest_docparse_mode_override: Literal["", "fast", "standard", "precise"] = Field(
+        default="", alias="INGEST_DOCPARSE_MODE_OVERRIDE"
+    )
+    ingest_docparse_timeout_seconds: float = Field(
+        default=900.0, alias="INGEST_DOCPARSE_TIMEOUT_SECONDS"
+    )
+    ingest_docparse_max_bytes: int = Field(
+        default=500 * 1024 * 1024, alias="INGEST_DOCPARSE_MAX_BYTES"
+    )
+    ingest_vision_images_enabled: bool = Field(
+        default=False, alias="INGEST_VISION_IMAGES_ENABLED"
+    )
+    ingest_vision_timeout_seconds: float = Field(
+        default=120.0, alias="INGEST_VISION_TIMEOUT_SECONDS"
+    )
+    ingest_vision_max_bytes: int = Field(
+        default=20 * 1024 * 1024, alias="INGEST_VISION_MAX_BYTES"
+    )
+    ingest_vision_max_tokens: int = Field(
+        default=900, alias="INGEST_VISION_MAX_TOKENS"
+    )
+    ingest_docx_max_bytes: int = Field(
+        default=25 * 1024 * 1024, alias="INGEST_DOCX_MAX_BYTES"
+    )
+    ingest_llm_classifier_model: Literal["tier-fast"] = Field(
+        default="tier-fast", alias="INGEST_LLM_CLASSIFIER_MODEL"
+    )
+    ingest_llm_provider: Literal["local", "gateway", "mac", "tier-fast"] = Field(
+        default="local", alias="INGEST_LLM_PROVIDER"
+    )
+    ingest_llm_classifier_timeout_seconds: float = Field(
+        default=30.0, alias="INGEST_LLM_CLASSIFIER_TIMEOUT_SECONDS"
+    )
+    ingest_llm_classifier_max_concurrency: int = Field(
+        default=4, alias="INGEST_LLM_CLASSIFIER_MAX_CONCURRENCY"
+    )
+    ingest_llm_classifier_max_attempts: int = Field(
+        default=3, alias="INGEST_LLM_CLASSIFIER_MAX_ATTEMPTS"
+    )
+    ingest_llm_classifier_retry_after_cap_seconds: float = Field(
+        default=30.0, alias="INGEST_LLM_CLASSIFIER_RETRY_AFTER_CAP_SECONDS"
+    )
+    ingest_llm_gateway_priority: Literal[
+        "interactive", "batch", "background"
+    ] = Field(default="batch", alias="INGEST_LLM_GATEWAY_PRIORITY")
+    ingest_llm_gateway_initial_poll_delay_seconds: int = Field(
+        default=1, alias="INGEST_LLM_GATEWAY_INITIAL_POLL_DELAY_SECONDS"
+    )
+    # Phase 7.0: KG lens default for HTTP surface (MCP default is separate: MARVIS_MCP_DEEP_DEFAULT)
+    kg_http_deep_default: bool = (
+        False  # pydantic-settings maps KG_HTTP_DEEP_DEFAULT env var
+    )
+    # WIP limit: max tasks in_progress per project (doc/none tasks count as 0.5)
+    wip_max_in_progress: int = 3
+    # Voyage AI embeddings
+    voyage_api_key: str = ""
+    # sqlite-vec
+    vec0_path: str = "/data/pir/lib/vec0"
+    # LifeOS
+    lifeos_data_dir: str = ""
+    lifeos_git_repo_dir: str = ""
+    lifeos_git_sync_interval: int = 30
+    # Brain v1.2 Wave 3.1 — LLM polish layer (master switch + sub-switches).
+    # Tier-write Gemma 3 12B QAT via Mac Gateway tenant `marvisx-brain`.
+    # Master defaults True so narrative_polished is populated out-of-the-box;
+    # sub-switches stay True (journal/finding_summary/finding_reasoning).
+    # Disable master via BRAIN_LLM_POLISH_ENABLED=false to fall back to deterministic.
+    brain_llm_polish_enabled: bool = Field(
+        default=True, alias="BRAIN_LLM_POLISH_ENABLED"
+    )
+    brain_llm_journal_polish_enabled: bool = Field(
+        default=True, alias="BRAIN_LLM_JOURNAL_POLISH_ENABLED"
+    )
+    brain_llm_finding_summary_enabled: bool = Field(
+        default=True, alias="BRAIN_LLM_FINDING_SUMMARY_ENABLED"
+    )
+    brain_llm_finding_reasoning_enabled: bool = Field(
+        default=True, alias="BRAIN_LLM_FINDING_REASONING_ENABLED"
+    )
+    brain_llm_gateway_base_url: str = Field(
+        default="",
+        alias="BRAIN_LLM_GATEWAY_BASE_URL",
+    )
+    brain_llm_gateway_api_key: SecretStr | None = Field(
+        default=None, alias="BRAIN_LLM_GATEWAY_API_KEY"
+    )
+    brain_llm_tenant: str = Field(
+        default="marvisx-brain", alias="BRAIN_LLM_TENANT"
+    )
+    brain_llm_model: str = Field(
+        default="tier-write", alias="BRAIN_LLM_MODEL"
+    )
+    brain_llm_polish_timeout_seconds: int = Field(
+        default=30, alias="BRAIN_LLM_POLISH_TIMEOUT_SECONDS"
+    )
+    brain_llm_polish_cache_ttl_seconds: int = Field(
+        default=3600, alias="BRAIN_LLM_POLISH_CACHE_TTL_SECONDS"
+    )
+    # Wave 3.1 polish UX (Emilio 2026-05-19): default DISABLED. Quando True,
+    # il polish path forza il LLM a citare ≥1 evidence_ref dal whitelist e
+    # rifiuta narrative "not grounded" — ha bloccato ~50% delle entries
+    # (~72% scope=company) senza prevenire hallucination reale (il body_json
+    # passato al LLM è già ground truth deterministico). Lasciato come escape
+    # hatch operatore via .env BRAIN_LLM_GROUNDING_STRICT=true.
+    brain_llm_grounding_strict: bool = Field(
+        default=False, alias="BRAIN_LLM_GROUNDING_STRICT"
+    )
+    brain_llm_retry_max_attempts: int = Field(
+        default=3, alias="BRAIN_LLM_RETRY_MAX_ATTEMPTS"
+    )
+    brain_llm_retry_backoff_seconds: float = Field(
+        default=1.0, alias="BRAIN_LLM_RETRY_BACKOFF_SECONDS"
+    )
+    brain_llm_semaphore_size: int = Field(
+        default=8, alias="BRAIN_LLM_SEMAPHORE_SIZE"
+    )
+    @property
+    def cors_origins(self) -> list[str]:
+        if self.pir_env == "production":
+            return self.cors_origins_prod
+        return self.cors_origins_dev
+    @property
+    def is_production(self) -> bool:
+        return self.pir_env == "production"
+    @property
+    def is_marvis_personal(self) -> bool:
+        return self.deploy_mode == "marvis-personal"
+    @property
+    def phase_index(self) -> int:
+        return ["A", "B", "C", "D"].index(self.marvisx_phase)
+    @property
+    def effective_console_base_url(self) -> str:
+        return self.console_base_url or "http://localhost:3000"
+    @property
+    def effective_workspace_root(self) -> str:
+        return self.workspace_root or os.getcwd()
+    @property
+    def effective_repo_share_root(self) -> str:
+        return self.repo_share_root or self.effective_workspace_root
+    @property
+    def effective_runtime_home(self) -> str:
+        return self.runtime_home or os.path.expanduser("~")
+    @property
+    def effective_agents_base(self) -> str:
+        return self.agents_base or f"{self.effective_runtime_home}/marvisx/data/agents"
+    @property
+    def effective_constitution_path(self) -> str:
+        return (
+            self.constitution_path
+            or f"{self.effective_workspace_root}/.claude/rules/constitution.md"
+        )
+    @property
+    def effective_git_runas_user(self) -> str:
+        """Run-as user for git/chown, or '' to act as the current process.
+        Returns '' when GIT_RUNAS_USER is unset or already matches the current
+        OS user (no privilege hop needed)."""
+        import pwd
+        user = (self.git_runas_user or "").strip()
+        if not user:
+            return ""
+        try:
+            if pwd.getpwuid(os.getuid()).pw_name == user:
+                return ""
+        except (KeyError, OSError):
+            pass
+        return user
+settings = Settings()
+def _resolve_repo_parents() -> list[Path]:
+    """Read ALLOWED_REPO_PARENTS from env (comma-separated absolute paths).
+    Falls back to a derivation from settings.effective_workspace_root +
+    /data/projects/ when ALLOWED_REPO_PARENTS is unset, so generic deploys
+    work out of the box. Personal/enterprise deploys override via .env.
+    """
+    raw = os.environ.get("ALLOWED_REPO_PARENTS", "").strip()
+    if raw:
+        return [Path(p.strip()).resolve() for p in raw.split(",") if p.strip()]
+    workspace = Path(settings.effective_workspace_root).resolve()
+    return [
+        (workspace / "projects").resolve(),
+        workspace,
+        Path("/data/projects/").resolve(),
+    ]
+# Centralized allowlist for repo_path validation (Decision S14, was duplicated in git_ops + projects)
+ALLOWED_REPO_PARENTS: list[Path] = _resolve_repo_parents()