regcode 0.1.0__tar.gz

regcode-0.1.0/.env

@@ -0,0 +1 @@
+PYPI_TOKEN="pypi-AgEIcHlwaS5vcmcCJGRlMDQyOGU4LTI4YTEtNDVmNy04ZWUzLWU1NDdjNzhiNGJkNgACKlszLCI1NDJiMzFhOS1lNjBlLTQyYTYtOWY0Ny1mZDhhMWIyZTRmNTQiXQAABiDKhC48tmF9-4eFzQ3ZXXS3LEXaAsY2hSxXODNeVyMygw"

regcode-0.1.0/.gitignore

@@ -0,0 +1,13 @@
+# Python-generated files
+__pycache__/
+*.py[oc]
+build/
+dist/
+wheels/
+*.egg-info
+
+# Virtual environments
+.venv
+config.yaml
+review.py
+*.config.yaml

regcode-0.1.0/.python-version

@@ -0,0 +1 @@
+3.12

regcode-0.1.0/AGENTS.md

@@ -0,0 +1,28 @@
+# RegCode Instructions
+Always make sure to comply to these rules. Under Project Stack, you will find technology you have to STRICTLY adhere to. Make sure to comply to instructions.
+
+## Project Stack:
+- `uv`: Dependency management for Python runtime
+- Alembic: Database migrations
+- FastAPI: Backend Logic
+- SQLAlchemy ORM: Python database ORM
+- PostgreSQL/SQLITE: Target databases
+- Pytest: Test suite under `tests`
+- NextJS/React: Frontend Code under `frontend/`
+- GitLab: Code Repository/ CI CD
+- .gitlab-ci.yml: Gitlab Runner Config
+- `ruff`: Linting and Code Quality Control
+- `docker`: Deployment is done via `docker-compose.yml`
+- `pyproject.toml`: Project Setup Config
+
+## Coding/Implentation Instructions:
+- Always use `alembic` for database structure. Using `Base.create_all()` and similar syntax is PROHIBITED!
+- Use `alembic revision -m <revision explanation>` to create new revisions. Making arbitrary strings as versions etc. is PROHIBITED!
+- ALWAYS run `uv run ruff check --fix` after all changes at the end and fix linting issues
+- ALWAYS run `uv run pytest` to run test suite after all changes and fix issues shown by tests.
+- ALWAYS add test cases if relevant.
+- NEVER use emojis! Use icon packs (for example `lucid-react`) if needed. 
+- NEVER commit changes. It is upto user to review your code and commit and push it. Unless user specifically asks for it, commiting code is PROHIBITED!
+
+## Project Vision
+Under `GOALS.md` you will find current implementation scope and your tasks you need to read and implement. Update objectives in GOALS.md after you complete them and use it to track state of implementation. That is MANDATORY!

regcode-0.1.0/GOALS.md

@@ -0,0 +1,502 @@
+# RegCode Goals
+
+## Vision
+A minimalistic coding agent with:
+- Python API bindings
+- CLI interface
+- YAML configuration (max_tokens, context_window, litellm provider settings, etc.)
+- litellm as the LLM backbone
+
+---
+
+## Architecture
+
+```
+regcode/
+├── config.yaml          # All configuration
+├── regcode/
+│   ├── __init__.py      # Python API entry point
+│   ├── main.py          # Agent core (chat, code review, etc.)
+│   ├── cli.py           # CLI entry point (click)
+│   └── config.py        # Config loader (yaml + pydantic)
+├── tests/
+│   ├── conftest.py
+│   └── test_main.py
+├── pyproject.toml
+├── uv.lock
+└── README.md
+```
+
+No database. No Alembic. No Docker. No NextJS. No API endpoints.
+Just a Python agent with CLI and config.
+
+---
+
+## Phase 1: Configuration
+
+### Step 1: Create config.yaml and config loader
+
+**File: `config.yaml`**
+```yaml
+agent:
+  model: "openai/gpt-4o"
+  max_tokens: 4096
+  context_window: 128000
+  temperature: 0.7
+
+provider:
+  name: "openai"
+  api_key: "${OPENAI_API_KEY}"
+
+system_prompt: |
+  You are a coding agent. Help the user with code.
+
+tools:
+  code_review: true
+  security_scan: false
+  sandbox: false
+```
+
+**File: `regcode/config.py`**
+```python
+import os
+from pathlib import Path
+
+import yaml
+from pydantic import BaseModel
+
+
+class AgentConfig(BaseModel):
+    model: str = "openai/gpt-4o"
+    max_tokens: int = 4096
+    context_window: int = 128000
+    temperature: float = 0.7
+
+
+class ProviderConfig(BaseModel):
+    name: str = "openai"
+    api_key: str = ""
+
+
+class Config(BaseModel):
+    agent: AgentConfig = AgentConfig()
+    provider: ProviderConfig = ProviderConfig()
+    system_prompt: str = "You are a coding agent."
+    tools: dict = {}
+
+    @classmethod
+    def load(cls, path: str | Path = "config.yaml") -> "Config":
+        p = Path(path)
+        if not p.exists():
+            return cls()
+        with open(p) as f:
+            data = yaml.safe_load(f)
+        # Expand env vars in values
+        data = _expand_env_vars(data)
+        return cls(**data)
+
+
+def _expand_env_vars(obj):
+    if isinstance(obj, str):
+        return os.path.expandvars(obj)
+    if isinstance(obj, dict):
+        return {k: _expand_env_vars(v) for k, v in obj.items()}
+    if isinstance(obj, list):
+        return [_expand_env_vars(v) for v in obj]
+    return obj
+```
+
+**Test:**
+```python
+# tests/test_config.py
+import tempfile, os
+from regcode.config import Config
+
+def test_config_load_defaults():
+    c = Config()
+    assert c.agent.model == "openai/gpt-4o"
+    assert c.agent.max_tokens == 4096
+
+def test_config_load_from_file(tmp_path):
+    yaml_file = tmp_path / "config.yaml"
+    yaml_file.write_text("agent:\n  model: anthropic/claude-3-opus\n  temperature: 0.5\n")
+    c = Config.load(yaml_file)
+    assert c.agent.model == "anthropic/claude-3-opus"
+    assert c.agent.temperature == 0.5
+
+def test_config_env_var_expansion(tmp_path):
+    os.environ["TEST_KEY"] = "sk-test123"
+    yaml_file = tmp_path / "config.yaml"
+    yaml_file.write_text('provider:\n  api_key: "${TEST_KEY}"\n')
+    c = Config.load(yaml_file)
+    assert c.provider.api_key == "sk-test123"
+```
+
+---
+
+## Phase 2: Agent Core
+
+### Step 2: Create the agent class using litellm
+
+**File: `regcode/main.py`**
+
+```python
+import litellm
+
+from regcode.config import Config
+
+
+class Agent:
+    """Core coding agent using litellm for LLM calls."""
+
+    def __init__(self, config: Config | None = None):
+        self.config = config or Config.load()
+        self.system_prompt = self.config.system_prompt
+        self._history: list[dict] = []
+
+    def chat(self, message: str, stream: bool = False) -> str:
+        """Send a message and get a response."""
+        messages = [
+            {"role": "system", "content": self.system_prompt},
+            *self._history,
+            {"role": "user", "content": message},
+        ]
+
+        if stream:
+            return self._stream(messages)
+
+        response = litellm.completion(
+            model=self.config.agent.model,
+            messages=messages,
+            max_tokens=self.config.agent.max_tokens,
+            temperature=self.config.agent.temperature,
+            api_key=self.config.provider.api_key or None,
+        )
+        reply = response.choices[0].message.content
+        self._history.append({"role": "user", "content": message})
+        self._history.append({"role": "assistant", "content": reply})
+        return reply
+
+    def _stream(self, messages: list[dict]) -> str:
+        """Stream response."""
+        response = litellm.completion(
+            model=self.config.agent.model,
+            messages=messages,
+            max_tokens=self.config.agent.max_tokens,
+            temperature=self.config.agent.temperature,
+            stream=True,
+            api_key=self.config.provider.api_key or None,
+        )
+        full = ""
+        for chunk in response:
+            delta = chunk.choices[0].delta.content
+            if delta:
+                full += delta
+        return full
+
+    def reset(self):
+        """Clear conversation history."""
+        self._history = []
+
+    @property
+    def history(self) -> list[dict]:
+        return list(self._history)
+```
+
+**Test:**
+```python
+# tests/test_main.py
+from unittest.mock import patch, MagicMock
+from regcode.main import Agent
+from regcode.config import Config
+
+
+def test_agent_chat():
+    config = Config(
+        agent={"model": "openai/gpt-4o", "max_tokens": 100},
+        system_prompt="test",
+    )
+    agent = Agent(config=config)
+
+    with patch("regcode.main.litellm.completion") as mock_completion:
+        mock_response = MagicMock()
+        mock_response.choices = [
+            MagicMock(message=MagicMock(content="Hello from agent"))
+        ]
+        mock_completion.return_value = mock_response
+
+        result = agent.chat("hi")
+        assert result == "Hello from agent"
+
+    # Check history was recorded
+    assert len(agent.history) == 2
+    assert agent.history[0]["role"] == "user"
+    assert agent.history[1]["role"] == "assistant"
+
+
+def test_agent_reset():
+    config = Config()
+    agent = Agent(config=config)
+    with patch("regcode.main.litellm.completion") as mock_completion:
+        mock_completion.return_value = MagicMock(
+            choices=[MagicMock(message=MagicMock(content="x"))]
+        )
+        agent.chat("msg")
+        assert len(agent.history) == 2
+        agent.reset()
+        assert len(agent.history) == 0
+
+
+def test_agent_stream():
+    config = Config()
+    agent = Agent(config=config)
+    with patch("regcode.main.litellm.completion") as mock_completion:
+        mock_chunk = MagicMock(choices=[MagicMock(delta=MagicMock(content="ok"))])
+        mock_completion.return_value = [mock_chunk]
+        result = agent.chat("hi", stream=True)
+        assert result == "ok"
+```
+
+---
+
+## Phase 3: Python API
+
+### Step 3: Create clean public API
+
+**File: `regcode/__init__.py`**
+```python
+from regcode.config import Config
+from regcode.main import Agent
+
+__all__ = ["Agent", "Config"]
+__version__ = "0.1.0"
+```
+
+**Test:**
+```python
+# tests/test_api.py
+import regcode
+
+
+def test_import():
+    assert hasattr(regcode, "Agent")
+    assert hasattr(regcode, "Config")
+    assert regcode.__version__ == "0.1.0"
+
+
+def test_agent_instantiation():
+    agent = regcode.Agent()
+    assert agent.config is not None
+```
+
+---
+
+## Phase 4: CLI
+
+### Step 4: Create CLI with click
+
+**File: `regcode/cli.py`**
+
+```python
+import click
+import regcode
+
+
+@click.group()
+def cli():
+    """RegCode - Minimalistic Coding Agent"""
+    pass
+
+
+@cli.command()
+@click.option("--model", default=None, help="Model to use (e.g. openai/gpt-4o)")
+@click.option("--config", "config_path", default="config.yaml", help="Path to config.yaml")
+@click.option("--stream", is_flag=True, help="Stream response")
+def chat(model, config_path, stream):
+    """Chat with the agent."""
+    config = regcode.Config.load(config_path)
+    if model:
+        config.agent.model = model
+    agent = regcode.Agent(config=config)
+
+    if stream:
+        msg = click.prompt("You", type=str)
+        full = ""
+        click.echo("Agent> ", nl=False)
+        for word in agent.chat(msg, stream=True).split():
+            click.echo(word, nl=False)
+            click.echo(" ", nl=False)
+        click.echo()
+    else:
+        msg = click.prompt("You", type=str)
+        reply = agent.chat(msg)
+        click.echo(f"Agent> {reply}")
+
+
+@cli.command()
+def configure():
+    """Print config or generate config.yaml."""
+    config = regcode.Config.load()
+    click.echo(config.model_dump_json(indent=2))
+
+
+@cli.command()
+def version():
+    """Print version."""
+    click.echo(f"RegCode v{regcode.__version__}")
+
+
+if __name__ == "__main__":
+    cli()
+```
+
+**pyproject.toml entry point:**
+```toml
+[project.scripts]
+regcode = "regcode.cli:cli"
+```
+
+**Test:**
+```python
+# tests/test_cli.py
+from click.testing import CliRunner
+from regcode.cli import cli
+
+
+def test_cli_help():
+    r = CliRunner()
+    result = r.invoke(cli, ["--help"])
+    assert result.exit_code == 0
+    assert "RegCode" in result.output
+
+
+def test_version_command():
+    r = CliRunner()
+    result = r.invoke(cli, ["version"])
+    assert result.exit_code == 0
+    assert "v0.1.0" in result.output
+
+
+def test_configure_command():
+    r = CliRunner()
+    result = r.invoke(cli, ["configure"])
+    assert result.exit_code == 0
+    assert "model" in result.output
+```
+
+---
+
+## Phase 5: Add Dependencies
+
+**pyproject.toml:**
+```toml
+[project]
+name = "regcode"
+version = "0.1.0"
+description = "Minimalistic coding agent with Python API and CLI"
+readme = "README.md"
+requires-python = ">=3.12"
+dependencies = [
+    "litellm>=1.83.17",
+    "pydantic-settings>=2.14.2",
+    "pyyaml>=6.0",
+    "click>=8.0",
+]
+
+[project.scripts]
+regcode = "regcode.cli:cli"
+
+[project.optional-dependencies]
+dev = [
+    "pytest>=8.0",
+    "ruff>=0.8",
+]
+
+[tool.ruff.lint]
+select = ["E", "F", "W", "I"]
+
+[tool.pytest.ini_options]
+testpaths = ["tests"]
+```
+
+---
+
+## Verification
+
+```bash
+uv sync
+uv run pytest tests/ -v
+uv run ruff check --fix regcode/ tests/
+uv run regcode --help
+uv run regcode configure
+```
+
+---
+
+## Phase 6: Monty Sandbox Integration
+
+### Step 6: Implement secure code execution with pydantic-monty
+
+**File: `regcode/monty_sandbox.py`**
+
+```python
+# Monty-based sandbox with:
+# - Rust-based secure Python interpreter
+# - Resource limits (memory, CPU, recursion, allocations)
+# - External function registration (whiteboxed)
+# - File I/O within sandbox directory
+# - Proper event loop handling for pytest compatibility
+```
+
+**File: `regcode/tools/builtins.py`** - Updated to use `MontySandbox` instead of `subprocess`
+
+**File: `regcode/config.py`** - Added `SandboxConfig` with `use_monty` toggle
+
+**File: `regcode/main.py`** - Agent now uses `MontySandbox` by default
+
+**Test:** `tests/test_monty_sandbox.py` - 29 tests covering execution, limits, file I/O, external functions, integration
+
+## Implementation Status
+
+All phases complete. 50/50 tests passing. Lint clean.
+
+| Phase | Status | Details |
+|-------|--------|---------|
+| Phase 1: Configuration | DONE | `config.yaml`, `Config`/`AgentConfig`/`ProviderConfig` with env var expansion |
+| Phase 2: Agent Core | DONE | `Agent` class with `chat()`, `_stream()`, `reset()`, `history` |
+| Phase 3: Python API | DONE | Clean `regcode` package with `Agent` and `Config` exports |
+| Phase 4: CLI | DONE | `regcode chat`, `regcode configure`, `regcode version` commands |
+| Phase 5: Dependencies | DONE | `pyproject.toml` with litellm, pydantic, pyyaml, click, dev deps |
+| Phase 6: Monty Sandbox | DONE | `MontySandbox` class with resource limits, external functions, file I/O, 29 tests |
+
+
+### Agent Permissions
+- DONE: Implemented permissions for Agent: AgentPermission.Read, AgentPermission.Write, AgentPermission.Delete, AgentPermission.Execute
+- DONE: Filter tools based on AgentPermissions
+- DONE: Standard Permissions: [AgentPermission.Read, AgentPermission.Execute] (default instead of ALL)
+- DONE: Fixed permission filtering to run after tools are registered (was running on empty registry)
+
+### Agent Response
+- DONE: Added `tool_budget` (default 20) and when tool budget is exhausted, send message to agent telling it to stop using tools and respond with its answer
+- DONE: When budget exhausted, LLM is called without tools (tools=None) so agent cannot make more tool calls
+- DONE: Track `_tool_budget_exhausted` flag and `_tool_budget_remaining` counter per agent run
+- DONE: Add explicit user message "You have exhausted your tool budget (20 tool calls) and must now answer..." when budget hits 0
+- DONE: Added explicit break when budget was exhausted to return the agent's text response
+
+### Code Review DRY Refactoring
+- DONE: Refactored `code_review()` to build enhanced prompt and delegate to `chat(messages=...)`, eliminating 149 lines of duplicated tool-call loop logic
+
+### ShellCommandTool Security Fix
+- DONE: Replaced unrestricted `subprocess.run()` with a command allowlist approach. `ShellCommandTool` now validates every command against a whitelist of safe, read-only commands (`ls`, `cat`, `echo`, `head`, `tail`, `wc`, `grep`, `sort`, `uniq`, `date`, `pwd`, `whoami`, `id`, `uname`, `df`, `free`, `which`, `type`, `stat`, `file`, `sha256sum`, `md5sum`, `base64`, `xxd`, `od`, `hexdump`). Dangerous characters (`;`, `&&`, `|`, backticks, `$()`, etc.) are blocked at the character level. Path traversal (`..`) is rejected. This eliminates the previous security vulnerability where the LLM could execute arbitrary destructive commands with full host access.
+
+### LLM Hallucinated Tool Calls Fix
+- DONE: Model was hallucinating tool calls (e.g. `<tool_call>`) when budget was exhausted and `tools=None`. Root cause: tool definitions were baked into the system prompt string, so even with `tools=None` the model still saw tool names and hallucinated calling them. Fix: when budget is exhausted, replace the system prompt with a version stripped of tool definitions (`_build_system_prompt_no_tools()`). Additionally set `tool_choice="none"` and stop sequences `["<tool_call>", "</tool_use>"]`. Message history (including tool_call_ids) is preserved intact to maintain proper conversation continuity.
+
+## Top Priority To-Dos:
+
+- Currently agent could keep on loading files running into context window limitations. We need to add content compaction threshold and add automatic compaction support.
+- I think for this agent to be able to work on big repos, we need to add `add_review_note` tool which basically can write review notes into file which can survive compaction. Review notes are supposed to be preleminary findings. Add `read_review_notes` as well. This must work intune with compaction feature
+- Save tokens reported by litellm and use following logic `context_window=max_tokens + message_chain_token_size` and compact based on compaction threshold.
+- _build_system_prompt in regcode/main.py and _build_code_review_system_prompt in the same file share an identical loop that constructs a "tool descriptions" string from registered tools. The same logic appears twice. This should be extracted into a single helper method, e.g. _format_tool_descriptions(self) -> str, called by both.
+
+Additionally, _build_code_review_system_prompt in regcode/main.py calls self.registry.list_tools() and builds tool descriptions, but it could simply accept a system prompt string and tool descriptions as parameters, instead of duplicating the logic again.