methodproof 0.4.5__tar.gz → 0.5.1__tar.gz

{methodproof-0.4.5 → methodproof-0.5.1}/CHANGELOG.md

@@ -1,5 +1,18 @@
 # Changelog
 
+## [0.5.1] — 2026-04-06
+
+### Fixed
+- macOS daemon segfault: replaced `os.fork()` with `subprocess.Popen()` — CoreFoundation crash after fork killed all capture agents, producing 0 events
+- Hook type mismatches: `task_created`→`task_start`, `task_completed`→`task_end`, added required `tool` field to all hook metadata
+- Unmapped hook events dropped instead of sent as invalid `claude_code_event` type (rejected entire batch)
+- Daemon output logged to `~/.methodproof/daemon.log` instead of `/dev/null`
+- ~20 silent `except Exception: pass` blocks replaced with structured logging across bridge, hooks, live streaming, sync, keychain, MCP, and proxy
+
+### Changed
+- Daemon health check on startup — immediate error if daemon exits
+- Extension status check shows actual error on failure
+
 ## [0.3.4] — 2026-04-05
 
 ### Added

{methodproof-0.4.5 → methodproof-0.5.1}/PKG-INFO

@@ -1,18 +1,16 @@
 Metadata-Version: 2.4
 Name: methodproof
-Version: 0.4.5
+Version: 0.5.1
 Summary: See how you code. Capture and visualize your engineering process.
 License-Expression: Apache-2.0
 License-File: LICENSE
 Requires-Python: >=3.11
+Requires-Dist: cryptography>=43.0
+Requires-Dist: keyring>=25.0
 Requires-Dist: watchdog>=4.0
 Requires-Dist: websocket-client>=1.7
-Provides-Extra: e2e
-Requires-Dist: cryptography>=43.0; extra == 'e2e'
 Provides-Extra: proxy
 Requires-Dist: mitmproxy>=10.0; extra == 'proxy'
-Provides-Extra: signing
-Requires-Dist: cryptography>=43.0; extra == 'signing'
 Description-Content-Type: text/markdown
 
 <p align="center">

{methodproof-0.4.5 → methodproof-0.5.1}/methodproof/__init__.py

@@ -1,3 +1,3 @@
 """MethodProof — see how you code."""
 
-__version__ = "0.4.5"
+__version__ = "0.5.0"

methodproof-0.5.1/methodproof/_daemon.py

@@ -0,0 +1,114 @@
+"""Daemon process for methodproof capture — spawned by cmd_start via subprocess.
+
+Uses subprocess.Popen (fork+exec) instead of os.fork() to avoid macOS
+CoreFoundation segfaults when forking a multi-threaded Python 3.12+ process.
+"""
+
+import signal
+import sys
+import threading
+import time
+
+from methodproof import config, store, graph
+from methodproof.agents import base
+
+PIDFILE = config.DIR / "methodproof.pid"
+
+
+def main() -> None:
+    sid = sys.argv[1]
+    watch_dir = sys.argv[2]
+
+    cfg = config.load()
+    capture = cfg.get("capture", {})
+    live_url = cfg.get("_live_url", "")
+
+    # Clean up transient key
+    if "_live_url" in cfg:
+        del cfg["_live_url"]
+        config.save(cfg)
+
+    base.init(sid, live=bool(live_url))
+
+    # Environment profile (was done pre-fork in old code, now done in daemon)
+    if capture.get("environment_analysis", True):
+        try:
+            from methodproof.analysis import scan_environment
+            env_profile = scan_environment(watch_dir)
+            base.emit("environment_profile", env_profile)
+        except Exception as exc:
+            base.log("warning", "environment_scan.failed", error=str(exc))
+
+    stop_event = threading.Event()
+    threads: list[threading.Thread] = []
+
+    files_enabled = (
+        capture.get("file_changes", True)
+        or capture.get("git_diffs", True)
+        or capture.get("git_commits", True)
+    )
+    if files_enabled:
+        from methodproof.agents import watcher
+        threads.append(threading.Thread(
+            target=watcher.start, args=(watch_dir, stop_event), daemon=True,
+        ))
+
+    if capture.get("terminal_commands", True) or capture.get("test_results", True):
+        from methodproof.agents import terminal
+        threads.append(threading.Thread(
+            target=terminal.start, args=(stop_event,), daemon=True,
+        ))
+
+    if capture.get("browser", True):
+        from methodproof import bridge
+        threads.append(threading.Thread(
+            target=bridge.start,
+            args=(sid, stop_event, 9877,
+                  cfg.get("token", ""), cfg.get("api_url", ""), cfg.get("e2e_key", "")),
+            daemon=True,
+        ))
+
+    if capture.get("music", True):
+        from methodproof.agents import music
+        threads.append(threading.Thread(
+            target=music.start, args=(stop_event,), daemon=True,
+        ))
+
+    def _shutdown(sig_num: int, frame: object) -> None:
+        stop_event.set()
+        try:
+            if live_url:
+                from methodproof import live as live_mod
+                live_mod.stop()
+            base.flush()
+            store.complete_session(sid)
+            graph.build(sid)
+        except Exception as exc:
+            base.log("error", "daemon.shutdown_cleanup_failed", error=str(exc))
+        try:
+            cfg_now = config.load()
+            cfg_now["active_session"] = None
+            config.save(cfg_now)
+        except Exception as exc:
+            base.log("error", "daemon.config_cleanup_failed", error=str(exc))
+        PIDFILE.unlink(missing_ok=True)
+        sys.exit(0)
+
+    for t in threads:
+        t.start()
+    signal.signal(signal.SIGINT, _shutdown)
+    signal.signal(signal.SIGTERM, _shutdown)
+
+    base.log("info", "daemon.started", session_id=sid, watch_dir=watch_dir, agents=len(threads))
+
+    try:
+        while not stop_event.is_set():
+            time.sleep(5)
+            base.flush()
+    except Exception as exc:
+        base.log("error", "daemon.loop_crashed", error=str(exc))
+        _shutdown(0, None)
+
+
+if __name__ == "__main__":
+    main()

{methodproof-0.4.5 → methodproof-0.5.1}/methodproof/agents/base.py

@@ -19,6 +19,8 @@ _buffer: list[dict[str, Any]] = []
 _FLUSH_SIZE = 50
 _MAX_RETRIES = 3
 _prev_hash = "genesis"
+_account_id = ""
+_journal_mode = False
 
 # Maps event types to the capture category that gates them
 _EVENT_GATES: dict[str, str] = {
@@ -74,21 +76,33 @@ _FIELD_GATES: dict[str, list[tuple[str, str]]] = {
     "code_capture": [("file_edit", "diff"), ("git_commit", "diff")],
 }
 
-_journal_mode = False
+
+def _load_encryption_key(cfg: dict) -> bytes | None:
+    """Load db_key from keychain (preferred) or legacy e2e_key config."""
+    account_id = cfg.get("account_id", "")
+    if account_id and cfg.get("master_key_fingerprint"):
+        from methodproof.keychain import load_secret
+        from methodproof.kdf import derive_master, derive_db_key
+        master_entropy = load_secret(account_id)
+        if master_entropy:
+            master = derive_master(master_entropy)
+            return derive_db_key(master, account_id)
+    raw = cfg.get("e2e_key", "")
+    return bytes.fromhex(raw) if raw else None
 
 
 def init(session_id: str, live: bool = False) -> None:
-    global _session_id, _initialized, _e2e_key, _capture, _live_mode, _prev_hash, _journal_mode
+    global _session_id, _initialized, _e2e_key, _capture, _live_mode, _prev_hash, _journal_mode, _account_id
     _session_id = session_id
     _initialized = True
     _live_mode = live
     _prev_hash = "genesis"
     from methodproof import config
     cfg = config.load()
-    raw = cfg.get("e2e_key", "")
-    _e2e_key = bytes.fromhex(raw) if raw else None
+    _e2e_key = _load_encryption_key(cfg)
     _capture = cfg.get("capture", {})
     _journal_mode = cfg.get("journal_mode", False)
+    _account_id = cfg.get("account_id", "")
 
 
 def log(level: str, event: str, **kw: object) -> None:
@@ -133,7 +147,7 @@ def emit(event_type: str, metadata: dict[str, Any]) -> None:
         entry["metadata"] = encrypt_metadata(dict(entry["metadata"]), _e2e_key)
     global _prev_hash
     from methodproof.integrity import compute_event_hash
-    entry["_chain_hash"] = compute_event_hash(entry, _prev_hash)
+    entry["_chain_hash"] = compute_event_hash(entry, _prev_hash, _account_id)
     _prev_hash = entry["_chain_hash"]
     if _live_mode:
         from methodproof import live as live_mod

{methodproof-0.4.5 → methodproof-0.5.1}/methodproof/agents/music.py

@@ -39,7 +39,8 @@ def _get_now_playing_macos() -> dict[str, str] | None:
         if len(parts) != 3 or not parts[0]:
             return None
         return {"track": parts[0], "artist": parts[1], "player": parts[2]}
-    except Exception:
+    except Exception as exc:
+        base.log("debug", "music.macos_poll_failed", error=str(exc))
         return None
 
 
@@ -58,7 +59,8 @@ def _get_now_playing_linux() -> dict[str, str] | None:
         return {"track": parts[1], "artist": parts[0], "player": player_map.get(parts[2].lower(), "unknown")}
     except FileNotFoundError:
         return None
-    except Exception:
+    except Exception as exc:
+        base.log("debug", "music.linux_poll_failed", error=str(exc))
         return None
 
 

methodproof-0.5.1/methodproof/binding.py

@@ -0,0 +1,28 @@
+"""Session binding — HMAC ties sessions to account + device."""
+
+import hashlib
+import hmac
+import os
+import platform
+import sys
+import time as _time
+
+
+def compute_binding(bind_key: bytes, session_id: str, account_id: str,
+                    device_id: str, created_at: float) -> str:
+    """HMAC-SHA256 binding signature for a session."""
+    msg = f"{session_id}:{account_id}:{device_id}:{created_at}".encode()
+    return hmac.new(bind_key, msg, hashlib.sha256).hexdigest()
+
+
+def compute_device_id() -> str:
+    """Deterministic device fingerprint — hash of stable machine attributes."""
+    parts = [
+        platform.node(),
+        platform.system(),
+        platform.machine(),
+        platform.python_version(),
+        _time.tzname[0],
+        str(os.cpu_count()),
+    ]
+    return hashlib.sha256(":".join(parts).encode()).hexdigest()[:16]

methodproof-0.5.1/methodproof/bip39.py

@@ -0,0 +1,37 @@
+"""BIP39 mnemonic encoding — 128-bit entropy to 12-word recovery phrase."""
+
+import hashlib
+
+
+def entropy_to_phrase(entropy: bytes) -> str:
+    """Encode 16 bytes (128 bits) as 12 BIP39 words with checksum."""
+    from methodproof.wordlist import WORDS
+    if len(entropy) != 16:
+        raise ValueError("Expected 16 bytes of entropy")
+    checksum = hashlib.sha256(entropy).digest()[0] >> 4  # 4 bits
+    bits = int.from_bytes(entropy) << 4 | checksum  # 132 bits
+    words = []
+    for _ in range(12):
+        words.append(WORDS[bits & 0x7FF])
+        bits >>= 11
+    return " ".join(reversed(words))
+
+
+def phrase_to_entropy(phrase: str) -> bytes:
+    """Decode 12 BIP39 words back to 16 bytes of entropy."""
+    from methodproof.wordlist import WORDS
+    word_list = phrase.strip().lower().split()
+    if len(word_list) != 12:
+        raise ValueError("Expected 12 words")
+    index = {w: i for i, w in enumerate(WORDS)}
+    bits = 0
+    for word in word_list:
+        if word not in index:
+            raise ValueError(f"Unknown word: {word}")
+        bits = (bits << 11) | index[word]
+    checksum = bits & 0xF
+    entropy = (bits >> 4).to_bytes(16)
+    expected = hashlib.sha256(entropy).digest()[0] >> 4
+    if checksum != expected:
+        raise ValueError("Invalid checksum")
+    return entropy

{methodproof-0.4.5 → methodproof-0.5.1}/methodproof/bridge.py

@@ -73,7 +73,9 @@ def generate_pair_token(session_id: str, api_token: str, api_base: str, e2e_key:
 
 class _Handler(BaseHTTPRequestHandler):
     def log_message(self, fmt: str, *args: Any) -> None:
-        pass
+        # Log errors (4xx/5xx) to structured log; suppress normal request chatter
+        if args and str(args[0]).startswith(("4", "5")):
+            base.log("warning", "bridge.http_error", status=args[0], path=self.path)
 
     def do_GET(self) -> None:
         if self.path == "/session":