oterminus 0.1.1__tar.gz

oterminus-0.1.1/PKG-INFO

@@ -0,0 +1,187 @@
+Metadata-Version: 2.4
+Name: oterminus
+Version: 0.1.1
+Summary: Local AI-powered terminal assistant with explicit confirmation and safety controls
+License: MIT
+Keywords: cli,terminal,assistant,safety,ollama
+Author: OTerminus contributors
+Requires-Python: >=3.13,<4.0
+Classifier: Development Status :: 3 - Alpha
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Topic :: Utilities
+Requires-Dist: ollama (>=0.6.0,<0.7.0)
+Requires-Dist: prompt_toolkit (>=3.0.52,<4.0.0)
+Requires-Dist: pydantic (>=2.9.0,<3.0.0)
+Project-URL: Documentation, https://pooriat.github.io/oterminus/
+Project-URL: Homepage, https://github.com/pooriat/oterminus
+Project-URL: Repository, https://github.com/pooriat/oterminus
+Description-Content-Type: text/markdown
+
+# OTerminus
+
+OTerminus is a local, safety-first terminal assistant. It turns natural-language requests into a
+**single proposed shell action**, shows a preview, and executes only after explicit confirmation.
+
+## Why OTerminus exists
+
+Terminal copilots are useful, but unrestricted shell generation is risky. OTerminus exists to
+provide a practical middle ground:
+
+- capability-first command support (curated workflows, not full shell emulation)
+- deterministic rendering for structured command families
+- explicit policy + validation gates before execution
+- confirmation before every execution path
+- local-first observability through JSONL audit logs
+
+## Core safety promise
+
+OTerminus is designed around an inspect-and-confirm execution contract:
+
+1. detect direct commands first
+2. intercept vague natural-language requests as ambiguous when needed
+3. route specific natural-language requests by capability
+4. plan proposals in a structured-first format
+5. validate and policy-check the command
+6. show a deterministic preview
+7. require explicit user confirmation before execution
+
+Direct shell commands are not blocked by natural-language ambiguity heuristics; they still go through
+validation and policy checks. Ambiguous natural-language requests stop before planning and execution
+and suggest safer read-only inspections. See the [user guide](docs/product/user-guide.md) and
+[request lifecycle](docs/architecture/request-lifecycle.md) for details.
+
+If ambiguity handling, validation, or policy checks block a request, OTerminus does not execute.
+
+## Quick install and setup
+
+### Requirements
+
+- Python 3.13+
+- [Poetry](https://python-poetry.org/)
+- [Ollama](https://ollama.com/)
+
+### Local development install
+
+```bash
+poetry install
+poetry run oterminus
+```
+
+### Local package artifact validation
+
+Before any publish workflow is introduced, validate local package artifacts end-to-end:
+
+```bash
+poetry run python scripts/validate_package_install.py
+```
+
+This builds both `sdist` and `wheel`, installs the wheel into a temporary clean virtualenv, and runs CLI smoke checks.
+
+
+On first run, OTerminus checks Ollama readiness (`ollama` on PATH, running service, local models),
+then prompts you to select a model if one is not already configured.
+
+## Quick start examples
+
+### Common commands
+
+```bash
+poetry run oterminus
+poetry run oterminus "show disk usage for this folder"
+poetry run oterminus --dry-run "copy notes.txt to backup/notes.txt"
+poetry run oterminus --explain "find processes matching python"
+poetry run oterminus doctor
+```
+
+### Interactive REPL
+
+`poetry run oterminus` starts the interactive REPL after startup readiness checks.
+
+Examples inside REPL:
+
+- `find all .py files`
+- `capabilities` / `commands` / `examples`
+- `help capabilities` / `help filesystem_inspection` / `help ls`
+- `show running processes`
+- `ping example.com 4 times`
+- `show HTTP headers for https://example.com`
+- `look up DNS for example.com`
+- `tar -tf archive.tar` / `unzip -l archive.zip`
+- `tar -xf archive.tar -C restored` / `unzip archive.zip -d restored`
+- `tar -czf backup.tar.gz src` / `zip -r docs.zip docs`
+- `ls -lah`
+- `dry-run search TODO in src`
+- `explain show disk space`
+- `audit status` / `audit tail` / `audit clear`
+
+### One-shot and diagnostics modes
+
+- One-shot requests such as `poetry run oterminus "show disk usage for this folder"` plan, validate,
+  preview, and then require confirmation before execution.
+- `--dry-run` and `--explain` are mutually exclusive one-shot inspection flags for requests. Both
+  validate and preview without confirmation or execution; explain mode also describes command choice,
+  relevant flags/arguments, risk, and policy interpretation.
+- `doctor` is diagnostics-only: it prints readiness checks and exits without starting the REPL,
+  executing a request, or invoking the Ollama planner. It cannot be combined with `--dry-run` or
+  `--explain`.
+
+## Proposal modes
+
+OTerminus supports two first-class proposal modes:
+
+- **Structured**: the preferred normal path for supported capabilities. Proposals use
+  `command_family` + typed `arguments`, and Python renders the final command/argv deterministically.
+- **Experimental**: a constrained fallback for single-command text that cannot yet be represented
+  safely as structured arguments. It is still strictly validated, previewed, and confirmed before
+  execution.
+
+See [structured rendering](docs/architecture/structured-rendering.md), [routing and
+planning](docs/architecture/routing-and-planning.md), and the [request
+lifecycle](docs/architecture/request-lifecycle.md) for details.
+
+## Network diagnostics
+
+The `network_diagnostics` capability supports only fixed-count ping, HTTP HEAD (`curl -I`), `dig`,
+and `nslookup`. These commands contact external hosts, show a network metadata warning in preview,
+and still require confirmation. OTerminus does not support POST/PUT/DELETE requests, secret headers,
+downloads, scanning, SSH, or arbitrary network automation.
+
+## Documentation
+
+The README is the landing page. Full documentation is generated from [`docs/`](docs/index.md) and
+published to GitHub Pages after merges to `main` (once Pages is enabled in repository settings).
+
+- Hosted docs (after enablement): `https://pooriat.github.io/oterminus/`
+- Docs source of truth: [`docs/`](docs/index.md)
+- Architecture overview: [`docs/architecture/overview.md`](docs/architecture/overview.md)
+- Request lifecycle (central flow):
+  [`docs/architecture/request-lifecycle.md`](docs/architecture/request-lifecycle.md)
+- User guide: [`docs/product/user-guide.md`](docs/product/user-guide.md)
+- Configuration reference: [`docs/reference/config.md`](docs/reference/config.md)
+- Contributor workflow: [`docs/contributing.md`](docs/contributing.md)
+- Contributor command-family guide:
+  [`docs/adding-command-families.md`](docs/adding-command-families.md)
+- Evals docs: [`docs/architecture/evals.md`](docs/architecture/evals.md)
+
+### Work on docs locally
+
+```bash
+poetry install --with dev,docs
+poetry run mkdocs serve
+poetry run mkdocs build --strict
+```
+
+For the full local quality checklist, including Ruff format/lint and pytest commands, see the
+[contributor workflow](docs/contributing.md). When behavior changes, update docs in the same pull
+request.
+
+- Optional local persistent REPL history is available via `OTERMINUS_HISTORY_ENABLED=true`; reruns still go through normal validation + confirmation.
+
+For a small set of deterministic natural-language requests, OTerminus can skip Ollama by producing a local structured proposal before normal validation and confirmation.
+

oterminus-0.1.1/README.md

@@ -0,0 +1,161 @@
+# OTerminus
+
+OTerminus is a local, safety-first terminal assistant. It turns natural-language requests into a
+**single proposed shell action**, shows a preview, and executes only after explicit confirmation.
+
+## Why OTerminus exists
+
+Terminal copilots are useful, but unrestricted shell generation is risky. OTerminus exists to
+provide a practical middle ground:
+
+- capability-first command support (curated workflows, not full shell emulation)
+- deterministic rendering for structured command families
+- explicit policy + validation gates before execution
+- confirmation before every execution path
+- local-first observability through JSONL audit logs
+
+## Core safety promise
+
+OTerminus is designed around an inspect-and-confirm execution contract:
+
+1. detect direct commands first
+2. intercept vague natural-language requests as ambiguous when needed
+3. route specific natural-language requests by capability
+4. plan proposals in a structured-first format
+5. validate and policy-check the command
+6. show a deterministic preview
+7. require explicit user confirmation before execution
+
+Direct shell commands are not blocked by natural-language ambiguity heuristics; they still go through
+validation and policy checks. Ambiguous natural-language requests stop before planning and execution
+and suggest safer read-only inspections. See the [user guide](docs/product/user-guide.md) and
+[request lifecycle](docs/architecture/request-lifecycle.md) for details.
+
+If ambiguity handling, validation, or policy checks block a request, OTerminus does not execute.
+
+## Quick install and setup
+
+### Requirements
+
+- Python 3.13+
+- [Poetry](https://python-poetry.org/)
+- [Ollama](https://ollama.com/)
+
+### Local development install
+
+```bash
+poetry install
+poetry run oterminus
+```
+
+### Local package artifact validation
+
+Before any publish workflow is introduced, validate local package artifacts end-to-end:
+
+```bash
+poetry run python scripts/validate_package_install.py
+```
+
+This builds both `sdist` and `wheel`, installs the wheel into a temporary clean virtualenv, and runs CLI smoke checks.
+
+
+On first run, OTerminus checks Ollama readiness (`ollama` on PATH, running service, local models),
+then prompts you to select a model if one is not already configured.
+
+## Quick start examples
+
+### Common commands
+
+```bash
+poetry run oterminus
+poetry run oterminus "show disk usage for this folder"
+poetry run oterminus --dry-run "copy notes.txt to backup/notes.txt"
+poetry run oterminus --explain "find processes matching python"
+poetry run oterminus doctor
+```
+
+### Interactive REPL
+
+`poetry run oterminus` starts the interactive REPL after startup readiness checks.
+
+Examples inside REPL:
+
+- `find all .py files`
+- `capabilities` / `commands` / `examples`
+- `help capabilities` / `help filesystem_inspection` / `help ls`
+- `show running processes`
+- `ping example.com 4 times`
+- `show HTTP headers for https://example.com`
+- `look up DNS for example.com`
+- `tar -tf archive.tar` / `unzip -l archive.zip`
+- `tar -xf archive.tar -C restored` / `unzip archive.zip -d restored`
+- `tar -czf backup.tar.gz src` / `zip -r docs.zip docs`
+- `ls -lah`
+- `dry-run search TODO in src`
+- `explain show disk space`
+- `audit status` / `audit tail` / `audit clear`
+
+### One-shot and diagnostics modes
+
+- One-shot requests such as `poetry run oterminus "show disk usage for this folder"` plan, validate,
+  preview, and then require confirmation before execution.
+- `--dry-run` and `--explain` are mutually exclusive one-shot inspection flags for requests. Both
+  validate and preview without confirmation or execution; explain mode also describes command choice,
+  relevant flags/arguments, risk, and policy interpretation.
+- `doctor` is diagnostics-only: it prints readiness checks and exits without starting the REPL,
+  executing a request, or invoking the Ollama planner. It cannot be combined with `--dry-run` or
+  `--explain`.
+
+## Proposal modes
+
+OTerminus supports two first-class proposal modes:
+
+- **Structured**: the preferred normal path for supported capabilities. Proposals use
+  `command_family` + typed `arguments`, and Python renders the final command/argv deterministically.
+- **Experimental**: a constrained fallback for single-command text that cannot yet be represented
+  safely as structured arguments. It is still strictly validated, previewed, and confirmed before
+  execution.
+
+See [structured rendering](docs/architecture/structured-rendering.md), [routing and
+planning](docs/architecture/routing-and-planning.md), and the [request
+lifecycle](docs/architecture/request-lifecycle.md) for details.
+
+## Network diagnostics
+
+The `network_diagnostics` capability supports only fixed-count ping, HTTP HEAD (`curl -I`), `dig`,
+and `nslookup`. These commands contact external hosts, show a network metadata warning in preview,
+and still require confirmation. OTerminus does not support POST/PUT/DELETE requests, secret headers,
+downloads, scanning, SSH, or arbitrary network automation.
+
+## Documentation
+
+The README is the landing page. Full documentation is generated from [`docs/`](docs/index.md) and
+published to GitHub Pages after merges to `main` (once Pages is enabled in repository settings).
+
+- Hosted docs (after enablement): `https://pooriat.github.io/oterminus/`
+- Docs source of truth: [`docs/`](docs/index.md)
+- Architecture overview: [`docs/architecture/overview.md`](docs/architecture/overview.md)
+- Request lifecycle (central flow):
+  [`docs/architecture/request-lifecycle.md`](docs/architecture/request-lifecycle.md)
+- User guide: [`docs/product/user-guide.md`](docs/product/user-guide.md)
+- Configuration reference: [`docs/reference/config.md`](docs/reference/config.md)
+- Contributor workflow: [`docs/contributing.md`](docs/contributing.md)
+- Contributor command-family guide:
+  [`docs/adding-command-families.md`](docs/adding-command-families.md)
+- Evals docs: [`docs/architecture/evals.md`](docs/architecture/evals.md)
+
+### Work on docs locally
+
+```bash
+poetry install --with dev,docs
+poetry run mkdocs serve
+poetry run mkdocs build --strict
+```
+
+For the full local quality checklist, including Ruff format/lint and pytest commands, see the
+[contributor workflow](docs/contributing.md). When behavior changes, update docs in the same pull
+request.
+
+- Optional local persistent REPL history is available via `OTERMINUS_HISTORY_ENABLED=true`; reruns still go through normal validation + confirmation.
+
+For a small set of deterministic natural-language requests, OTerminus can skip Ollama by producing a local structured proposal before normal validation and confirmation.

oterminus-0.1.1/pyproject.toml

@@ -0,0 +1,71 @@
+[tool.poetry]
+name = "oterminus"
+version = "0.1.1"
+description = "Local AI-powered terminal assistant with explicit confirmation and safety controls"
+authors = ["OTerminus contributors"]
+license = "MIT"
+readme = "README.md"
+homepage = "https://github.com/pooriat/oterminus"
+repository = "https://github.com/pooriat/oterminus"
+documentation = "https://pooriat.github.io/oterminus/"
+keywords = ["cli", "terminal", "assistant", "safety", "ollama"]
+classifiers = [
+    "Development Status :: 3 - Alpha",
+    "Environment :: Console",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Operating System :: OS Independent",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.13",
+    "Topic :: Utilities",
+]
+include = [
+    "README.md",
+    { path = "src/oterminus/eval_fixtures/*.json", format = ["sdist", "wheel"] },
+]
+exclude = [
+    "site/**",
+    ".github/**",
+    ".venv/**",
+]
+packages = [
+    { include = "oterminus", from = "src", format = ["sdist", "wheel"] },
+]
+
+[tool.poetry.dependencies]
+python = "^3.13"
+ollama = "^0.6.0"
+pydantic = "^2.9.0"
+prompt_toolkit = "^3.0.52"
+
+[tool.poetry.group.dev.dependencies]
+pytest = "^8.3.0"
+pytest-cov = "^5.0.0"
+ruff = "^0.11.13"
+
+
+[tool.poetry.group.docs.dependencies]
+mkdocs = "^1.6.1"
+mkdocs-material = "^9.5.25"
+
+[tool.poetry.scripts]
+oterminus = "oterminus.cli:main"
+oterminus-evals = "oterminus.evals:main"
+
+[build-system]
+requires = ["poetry-core>=1.8.0"]
+build-backend = "poetry.core.masonry.api"
+
+[tool.pytest.ini_options]
+pythonpath = ["src"]
+addopts = "-q"
+
+[tool.ruff]
+line-length = 100
+target-version = "py313"
+
+[tool.ruff.lint]
+select = ["F"]
+
+[tool.ruff.lint.per-file-ignores]
+"tests/*" = ["F401"]

oterminus-0.1.1/src/oterminus/__init__.py

@@ -0,0 +1,4 @@
+"""oterminus package."""
+
+__all__ = ["__version__"]
+__version__ = "0.1.0"

oterminus-0.1.1/src/oterminus/ambiguity.py

@@ -0,0 +1,153 @@
+from __future__ import annotations
+
+from dataclasses import dataclass
+import re
+
+
+_SAFE_INSPECTION_OPTIONS: tuple[str, ...] = (
+    "list large files",
+    "list recently modified files",
+    "inspect permissions",
+    "show temporary-looking files",
+    "show project files",
+)
+
+_AMBIGUOUS_PHRASES: tuple[str, ...] = (
+    "clean this folder",
+    "fix this",
+    "remove junk",
+    "make everything executable",
+    "delete unnecessary files",
+    "organize this directory",
+    "repair permissions",
+    "make this project work",
+    "extract this",
+    "archive everything",
+    "backup this project",
+    "compress my files",
+    "zip this",
+)
+
+_BROAD_MUTATION_VERBS: tuple[str, ...] = (
+    "clean",
+    "fix",
+    "remove",
+    "delete",
+    "organize",
+    "repair",
+    "optimize",
+    "make",
+)
+
+_VAGUE_OBJECT_HINTS: tuple[str, ...] = (
+    "this",
+    "that",
+    "everything",
+    "junk",
+    "unnecessary",
+    "folder",
+    "directory",
+    "project",
+    "permissions",
+    "files",
+)
+
+
+@dataclass(frozen=True, slots=True)
+class AmbiguityResult:
+    is_ambiguous: bool
+    reason: str
+    suggested_safe_options: tuple[str, ...]
+    follow_up_questions: tuple[str, ...] = ()
+
+
+_NOT_AMBIGUOUS = AmbiguityResult(
+    is_ambiguous=False,
+    reason="Request is specific enough for planning.",
+    suggested_safe_options=(),
+)
+
+
+def detect_ambiguity(user_input: str) -> AmbiguityResult:
+    text = user_input.strip().lower()
+    if not text:
+        return _NOT_AMBIGUOUS
+
+    matched_phrase = _match_phrase(text)
+    if matched_phrase is not None:
+        return AmbiguityResult(
+            is_ambiguous=True,
+            reason=f"Matched ambiguous phrase: '{matched_phrase}'.",
+            suggested_safe_options=_SAFE_INSPECTION_OPTIONS,
+            follow_up_questions=(
+                "What exact folder or file set should I inspect first?",
+                "Do you want a read-only inspection report before any changes?",
+            ),
+        )
+
+    if _looks_like_archive_extraction_without_destination(text):
+        return AmbiguityResult(
+            is_ambiguous=True,
+            reason="Archive extraction request is missing an explicit destination.",
+            suggested_safe_options=("list archive contents", "inspect archive before extracting"),
+            follow_up_questions=("Which explicit destination directory should receive the files?",),
+        )
+
+    if _looks_broad_destructive_request(text):
+        return AmbiguityResult(
+            is_ambiguous=True,
+            reason="Request combines broad mutation wording with vague target scope.",
+            suggested_safe_options=_SAFE_INSPECTION_OPTIONS,
+            follow_up_questions=(
+                "Which exact path should be targeted?",
+                "What should be considered junk or unnecessary in your context?",
+            ),
+        )
+
+    return _NOT_AMBIGUOUS
+
+
+def _match_phrase(text: str) -> str | None:
+    for phrase in _AMBIGUOUS_PHRASES:
+        if _matches_hint(text, phrase):
+            return phrase
+    return None
+
+
+def _looks_broad_destructive_request(text: str) -> bool:
+    tokens = re.findall(r"[a-z0-9_./-]+", text)
+    if not tokens:
+        return False
+
+    has_broad_verb = any(_matches_hint(text, verb) for verb in _BROAD_MUTATION_VERBS)
+    has_vague_target = any(_matches_hint(text, hint) for hint in _VAGUE_OBJECT_HINTS)
+    has_explicit_scope = any(
+        token.startswith(("/", "./", "../", "~"))
+        or token.endswith((".py", ".md", ".txt", ".log", ".json", ".yaml", ".yml", ".toml"))
+        for token in tokens
+    )
+    return has_broad_verb and has_vague_target and not has_explicit_scope
+
+
+def _looks_like_archive_extraction_without_destination(text: str) -> bool:
+    has_archive_action = any(
+        _matches_hint(text, hint) for hint in ("extract", "unpack", "unzip", "restore")
+    )
+    has_archive_target = any(
+        _matches_hint(text, hint) or re.search(rf"\S+\.{hint}(?:\s|$)", text) is not None
+        for hint in ("archive", "tar", "zip")
+    )
+    has_destination = any(fragment in text for fragment in (" into ", " to ", " in "))
+    has_destination = has_destination or _has_guarded_archive_destination_flag(text)
+    return has_archive_action and has_archive_target and not has_destination
+
+
+def _has_guarded_archive_destination_flag(text: str) -> bool:
+    return re.search(r"(?<!\S)(?:-c|-d)(?!\S)\s+\S+", text, flags=re.IGNORECASE) is not None
+
+
+def _matches_hint(text: str, hint: str) -> bool:
+    escaped = re.escape(hint.strip())
+    if not escaped:
+        return False
+    return re.search(rf"(?<!\w){escaped}(?!\w)", text) is not None

oterminus-0.1.1/src/oterminus/audit.py

@@ -0,0 +1,103 @@
+from __future__ import annotations
+
+import json
+from dataclasses import asdict, dataclass, field
+from datetime import datetime, timezone
+from pathlib import Path
+from typing import Any
+
+from oterminus.audit_privacy import redact_argv, redact_text
+
+
+@dataclass
+class AuditEvent:
+    timestamp: str
+    user_input: str
+    direct_command_detected: bool
+    ambiguity_detected: bool = False
+    ambiguity_reason: str | None = None
+    ambiguity_safe_options: list[str] = field(default_factory=list)
+    planner_invoked: bool = False
+    planner_skipped: bool = False
+    planner_skip_reason: str | None = None
+    routed_category: str | None = None
+    proposal_mode: str | None = None
+    command_family: str | None = None
+    rendered_command: str | None = None
+    argv: list[str] = field(default_factory=list)
+    validation_accepted: bool | None = None
+    warnings: list[str] = field(default_factory=list)
+    rejection_reasons: list[str] = field(default_factory=list)
+    confirmation_result: str | None = None
+    execution_exit_code: int | None = None
+    stdout_truncated: bool = False
+    stderr_truncated: bool = False
+    stdout_original_chars: int | None = None
+    stderr_original_chars: int | None = None
+    stdout_visible_chars: int | None = None
+    stderr_visible_chars: int | None = None
+    rerun_source_history_id: int | None = None
+    duration_ms: int | None = None
+    timings_ms: dict[str, int] = field(default_factory=dict)
+    failure_explanation_requested: bool = False
+    failure_explanation_generated: bool = False
+    failure_explanation_error: str | None = None
+    failure_suggested_next_action: str | None = None
+    failure_stderr_summary: str | None = None
+
+    @classmethod
+    def start(cls, user_input: str) -> AuditEvent:
+        return cls(
+            timestamp=datetime.now(tz=timezone.utc).isoformat(),
+            user_input=user_input,
+            direct_command_detected=False,
+        )
+
+    def to_payload(self) -> dict[str, Any]:
+        return asdict(self)
+
+
+class AuditLogger:
+    def __init__(self, path: Path, *, redact: bool = True):
+        self.path = path
+        self.redact = redact
+
+    def write(self, event: AuditEvent) -> None:
+        self.path.parent.mkdir(parents=True, exist_ok=True)
+        payload = event.to_payload()
+        if self.redact:
+            payload = self._redacted_payload(payload)
+        serialized = json.dumps(payload, sort_keys=True)
+        with self.path.open("a", encoding="utf-8") as handle:
+            handle.write(serialized + "\n")
+
+    def status(self) -> dict[str, str]:
+        return {
+            "path": str(self.path),
+            "exists": "yes" if self.path.exists() else "no",
+            "redaction": "enabled" if self.redact else "disabled (explicit opt-out)",
+        }
+
+    def _redacted_payload(self, payload: dict[str, Any]) -> dict[str, Any]:
+        cloned = dict(payload)
+        for field_name in (
+            "user_input",
+            "rendered_command",
+            "ambiguity_reason",
+            "failure_explanation_error",
+            "failure_suggested_next_action",
+            "failure_stderr_summary",
+        ):
+            value = cloned.get(field_name)
+            if isinstance(value, str):
+                cloned[field_name] = redact_text(value)
+        for field_name in ("warnings", "rejection_reasons", "ambiguity_safe_options"):
+            raw = cloned.get(field_name)
+            if isinstance(raw, list):
+                cloned[field_name] = [
+                    redact_text(item) if isinstance(item, str) else item for item in raw
+                ]
+        raw_argv = cloned.get("argv")
+        if isinstance(raw_argv, list):
+            cloned["argv"] = redact_argv([str(item) for item in raw_argv])
+        return cloned