ripperdoc 0.2.8__py3-none-any.whl → 0.2.10__py3-none-any.whl

ripperdoc/utils/permissions/tool_permission_utils.py

@@ -2,6 +2,7 @@
 
 from __future__ import annotations
 
+import fnmatch
 from dataclasses import dataclass
 from typing import Callable, Iterable, List, Optional, Set
 
@@ -27,8 +28,25 @@ class PermissionDecision:
     rule_suggestions: Optional[List[ToolRule] | List[str]] = None
 
 
-def create_wildcard_rule(rule_name: str) -> str:
-    """Create a wildcard/prefix rule string."""
+def create_wildcard_rule(rule_name: str, use_glob_style: bool = False) -> str:
+    """Create a wildcard/prefix rule string.
+
+    Args:
+        rule_name: The command prefix (e.g., "git", "npm")
+        use_glob_style: If True, creates "rule_name *" format;
+                       if False, creates "rule_name:*" format (default for compatibility)
+
+    Returns:
+        Wildcard rule string in requested format
+
+    Examples:
+        >>> create_wildcard_rule("git")
+        "git:*"
+        >>> create_wildcard_rule("git", use_glob_style=True)
+        "git *"
+    """
+    if use_glob_style:
+        return f"{rule_name} *"
     return f"{rule_name}:*"
 
 
@@ -36,22 +54,122 @@ def create_tool_rule(rule_content: str) -> List[ToolRule]:
     return [ToolRule(tool_name="Bash", rule_content=rule_content)]
 
 
-def create_wildcard_tool_rule(rule_name: str) -> List[ToolRule]:
-    return [ToolRule(tool_name="Bash", rule_content=create_wildcard_rule(rule_name))]
+def create_wildcard_tool_rule(rule_name: str, use_glob_style: bool = False) -> List[ToolRule]:
+    """Create a wildcard tool rule.
+
+    Args:
+        rule_name: The command prefix
+        use_glob_style: Whether to use glob-style format
+
+    Returns:
+        List containing a single ToolRule with wildcard pattern
+    """
+    return [ToolRule(tool_name="Bash", rule_content=create_wildcard_rule(rule_name, use_glob_style))]
 
 
 def extract_rule_prefix(rule_string: str) -> Optional[str]:
     return rule_string[:-2] if rule_string.endswith(":*") else None
 
 
+def _has_unquoted_shell_operators(command: str) -> bool:
+    """Check if command contains shell operators outside of quotes.
+
+    This prevents wildcard rules from matching commands with shell operators
+    like &&, ||, ;, | which could be used to chain dangerous commands.
+
+    Args:
+        command: The command to check
+
+    Returns:
+        True if command contains unquoted shell operators, False otherwise
+
+    Examples:
+        >>> _has_unquoted_shell_operators("git status && rm -rf /")
+        True
+        >>> _has_unquoted_shell_operators("echo 'foo && bar'")
+        False
+        >>> _has_unquoted_shell_operators("ls | grep foo")
+        True
+        >>> _has_unquoted_shell_operators("echo hi; rm -rf /")
+        True
+    """
+    # Parse the command into tokens, which handles quotes correctly
+    tokens = parse_shell_tokens(command)
+
+    # Check for shell operators in the tokens
+    # Note: parse_shell_tokens may attach semicolon to adjacent tokens
+    # (e.g., "echo hi; rm" -> ["echo", "hi;", "rm"] or ";echo" -> [";echo"])
+    for token in tokens:
+        # Check for separate operator tokens
+        if token in {"&&", "||", "|"}:
+            return True
+        # Check for semicolon (may be attached to previous or next token)
+        if token.endswith(";") or token.startswith(";"):
+            return True
+
+    return False
+
+
 def match_rule(command: str, rule: str) -> bool:
-    """Return True if a command matches a rule (exact or wildcard)."""
+    """Return True if a command matches a rule (exact, prefix wildcard, or glob pattern).
+
+    Supports three formats:
+    - Exact match: "git status" matches "git status" only
+    - Legacy prefix: "git:*" matches any command starting with "git"
+    - Glob patterns: "git * main" matches "git push main", "git pull main", etc.
+
+    Glob patterns support:
+    - * (matches any characters)
+    - ? (matches single character)
+    - [seq] (matches any character in seq)
+    - [!seq] (matches any character NOT in seq)
+
+    Security: Wildcard rules (both legacy and glob) will NOT match commands
+    containing shell operators (&&, ||, ;, |) outside of quotes. This prevents
+    a rule like "git:*" from matching "git status && rm -rf /". Exact match
+    rules still work with operators (user explicitly approved the full command).
+
+    Args:
+        command: The command to check
+        rule: The rule pattern to match against
+
+    Returns:
+        True if command matches rule, False otherwise
+
+    Examples:
+        >>> match_rule("git status", "git:*")
+        True
+        >>> match_rule("npm install", "npm *")
+        True
+        >>> match_rule("pip install", "* install")
+        True
+        >>> match_rule("git push main", "git * main")
+        True
+        >>> match_rule("git status && rm -rf /", "git:*")
+        False
+        >>> match_rule("git status && git commit", "git status && git commit")
+        True
+    """
     command = command.strip()
     if not command:
         return False
+
+    # Legacy format: prefix:* (highest priority for backward compatibility)
     prefix = extract_rule_prefix(rule)
     if prefix is not None:
+        # For wildcard rules, reject commands with shell operators for security
+        if _has_unquoted_shell_operators(command):
+            return False
         return command.startswith(prefix)
+
+    # New format: glob-style patterns with wildcards
+    if "*" in rule or "?" in rule or "[" in rule:
+        # For wildcard rules, reject commands with shell operators for security
+        if _has_unquoted_shell_operators(command):
+            return False
+        return fnmatch.fnmatch(command, rule)
+
+    # Exact match - allow even with operators (user explicitly approved full command)
     return command == rule
 
 
@@ -131,10 +249,37 @@ def _is_command_read_only(
 
 
 def _collect_rule_suggestions(command: str) -> List[ToolRule]:
-    suggestions: list[ToolRule] = [ToolRule(tool_name="Bash", rule_content=command)]
+    """Collect rule suggestions for a command.
+
+    Suggests three options:
+    1. Exact command match
+    2. Legacy prefix wildcard (git:*)
+    3. Glob-style wildcard (git *)
+
+    This gives users choice between formats while maintaining backward compatibility.
+
+    Args:
+        command: The command to generate suggestions for
+
+    Returns:
+        List of suggested ToolRule objects
+    """
+    suggestions: list[ToolRule] = [
+        # Exact match
+        ToolRule(tool_name="Bash", rule_content=command)
+    ]
+
     tokens = parse_and_clean_shell_tokens(command)
     if tokens:
-        suggestions.append(ToolRule(tool_name="Bash", rule_content=create_wildcard_rule(tokens[0])))
+        # Legacy prefix format
+        suggestions.append(
+            ToolRule(tool_name="Bash", rule_content=create_wildcard_rule(tokens[0], use_glob_style=False))
+        )
+        # New glob-style format
+        suggestions.append(
+            ToolRule(tool_name="Bash", rule_content=create_wildcard_rule(tokens[0], use_glob_style=True))
+        )
+
     return suggestions
 
 
@@ -144,19 +289,34 @@ def evaluate_shell_command_permissions(
     denied_rules: Iterable[str],
     allowed_working_dirs: Set[str] | None = None,
     *,
-    command_injection_detected: bool = False,
-    injection_detector: Callable[[str], bool] | None = None,
+    danger_detector: Callable[[str], bool] | None = None,
     read_only_detector: Callable[[str, Callable[[str], bool]], bool] | None = None,
 ) -> PermissionDecision:
-    """Evaluate whether a bash command should be allowed."""
+    """Evaluate whether a bash command should be allowed.
+
+    Args:
+        tool_request: The tool request containing the command.
+        allowed_rules: Rules that allow commands.
+        denied_rules: Rules that deny commands.
+        allowed_working_dirs: Allowed working directories.
+        danger_detector: Callable that returns True if command contains dangerous
+            shell patterns (injection, destructive commands, etc.).
+        read_only_detector: Callable that returns True if command is read-only.
+
+    Returns:
+        PermissionDecision indicating whether the command should be allowed.
+    """
     command = tool_request.command if hasattr(tool_request, "command") else str(tool_request)
     trimmed_command = command.strip()
     allowed_working_dirs = allowed_working_dirs or {safe_get_cwd()}
-    injection_detector = injection_detector or (
+    danger_detector = danger_detector or (
         lambda cmd: validate_shell_command(cmd).behavior != "passthrough"
     )
     read_only_detector = read_only_detector or _is_command_read_only
 
+    # Detect dangerous patterns once, reuse the result
+    has_dangerous_patterns = danger_detector(trimmed_command)
+
     merged_denied = _merge_rules(denied_rules)
     merged_allowed = _merge_rules(allowed_rules)
 
@@ -217,11 +377,10 @@ def evaluate_shell_command_permissions(
             merged_allowed,
             merged_denied,
             allowed_working_dirs,
-            command_injection_detected=command_injection_detected,
-            injection_detector=injection_detector,
+            danger_detector=danger_detector,
             read_only_detector=read_only_detector,
         )
-        right_read_only = read_only_detector(right_command, injection_detector)
+        right_read_only = read_only_detector(right_command, danger_detector)
 
         if left_result.behavior == "deny":
             return left_result
@@ -245,7 +404,7 @@ def evaluate_shell_command_permissions(
             rule_suggestions=_collect_rule_suggestions(trimmed_command),
         )
 
-    if read_only_detector(trimmed_command, injection_detector) and not command_injection_detected:
+    if read_only_detector(trimmed_command, danger_detector) and not has_dangerous_patterns:
         return PermissionDecision(
             behavior="allow",
             updated_input=tool_request,

ripperdoc/utils/safe_get_cwd.py

@@ -23,7 +23,8 @@ def safe_get_cwd() -> str:
     except (OSError, RuntimeError, ValueError) as exc:
         logger.warning(
             "[safe_get_cwd] Failed to resolve cwd: %s: %s",
-            type(exc).__name__, exc,
+            type(exc).__name__,
+            exc,
         )
         return get_original_cwd()
 

ripperdoc/utils/session_heatmap.py

@@ -0,0 +1,244 @@
+"""Activity heatmap visualization for session statistics."""
+
+from __future__ import annotations
+
+from datetime import datetime, timedelta
+from typing import Dict
+
+from rich.console import Console
+from rich.text import Text
+
+
+def _get_intensity_char(count: int, max_count: int) -> str:
+    """Get unicode block character based on activity intensity.
+
+    Returns character and color code for 8 intensity levels.
+    """
+    if count == 0:
+        return "·"
+    if max_count == 0:
+        return "█"
+
+    # Calculate intensity (0-1)
+    intensity = count / max_count
+
+    # Use unicode block characters for different intensities (8 levels)
+    if intensity <= 0.125:
+        return "░"
+    elif intensity <= 0.25:
+        return "░"
+    elif intensity <= 0.375:
+        return "▒"
+    elif intensity <= 0.5:
+        return "▒"
+    elif intensity <= 0.625:
+        return "▓"
+    elif intensity <= 0.75:
+        return "▓"
+    elif intensity <= 0.875:
+        return "█"
+    else:
+        return "█"
+
+
+def _get_intensity_color(count: int, max_count: int) -> str:
+    """Get color style based on activity intensity (8 levels)."""
+    if count == 0:
+        return "dim white"
+    if max_count == 0:
+        return "bold color(46)"
+
+    # Calculate intensity (0-1)
+    intensity = count / max_count
+
+    # 8-level green gradient from very light to very dark
+    if intensity <= 0.125:
+        return "color(22)"  # Very light green
+    elif intensity <= 0.25:
+        return "color(28)"  # Light green
+    elif intensity <= 0.375:
+        return "color(34)"  # Light-medium green
+    elif intensity <= 0.5:
+        return "color(40)"  # Medium green
+    elif intensity <= 0.625:
+        return "color(46)"  # Medium-dark green
+    elif intensity <= 0.75:
+        return "color(82)"  # Dark green
+    elif intensity <= 0.875:
+        return "bold color(46)"  # Bright green with bold
+    else:
+        return "bold color(82)"  # Very dark green with bold
+
+
+def _get_week_grid(
+    daily_activity: Dict[str, int], weeks_count: int = 52
+) -> tuple[list[list[tuple[str, int]]], int]:
+    """Build a grid of weeks for heatmap display.
+
+    Args:
+        daily_activity: Dictionary mapping date strings to activity counts
+        weeks_count: Number of weeks to display (default 52 for full year)
+
+    Returns:
+        Tuple of (grid, max_count) where grid is a list of weeks,
+        each week is a list of (date_str, count) tuples.
+    """
+    # Calculate total days to display
+    total_days = weeks_count * 7
+
+    # Start from today and go back
+    end_date = datetime.now().date()
+    start_date = end_date - timedelta(days=total_days - 1)
+
+    # Find max count for intensity calculation
+    max_count = max(daily_activity.values()) if daily_activity else 1
+
+    # Build grid by weeks (Sunday to Saturday)
+    weeks: list[list[tuple[str, int]]] = []
+    current_week: list[tuple[str, int]] = []
+
+    current_date = start_date
+    # Pad the start to align with week start (Sunday = 6 in Python's weekday, we want 0)
+    weekday = (current_date.weekday() + 1) % 7  # Convert to Sunday=0
+    if weekday > 0:
+        # Add empty days at the start
+        for _ in range(weekday):
+            current_week.append(("", 0))
+
+    while current_date <= end_date:
+        date_str = current_date.isoformat()
+        count = daily_activity.get(date_str, 0)
+        current_week.append((date_str, count))
+
+        # If we've completed a week (7 days), start a new week
+        if len(current_week) == 7:
+            weeks.append(current_week)
+            current_week = []
+
+        current_date += timedelta(days=1)
+
+    # Add remaining days
+    if current_week:
+        # Pad to complete the week
+        while len(current_week) < 7:
+            current_week.append(("", 0))
+        weeks.append(current_week)
+
+    return weeks, max_count
+
+
+def render_heatmap(
+    console: Console, daily_activity: Dict[str, int], weeks_count: int = 52
+) -> None:
+    """Render activity heatmap to console.
+
+    Args:
+        console: Rich console for output
+        daily_activity: Dictionary mapping date strings to activity counts
+        weeks_count: Number of weeks to display (default 52 for full year)
+    """
+    # Alignment constant: width of weekday labels column
+    WEEKDAY_LABEL_WIDTH = 8
+
+    weeks, max_count = _get_week_grid(daily_activity, weeks_count)
+    if not weeks:
+        console.print("[dim]No activity data[/dim]")
+        return
+
+    # Build month labels row
+    # Each week column is exactly 1 character wide in the heatmap
+    # Month labels are 3 characters wide (e.g., "Dec", "Jan", "Feb")
+    month_positions = []  # List of (week_idx, month_name) tuples
+    current_month = None
+
+    for week_idx, week in enumerate(weeks):
+        # Check first non-empty day in week for month
+        for date_str, _ in week:
+            if date_str:
+                date = datetime.fromisoformat(date_str).date()
+                month_str = date.strftime("%b")
+
+                # Record position when month changes
+                if month_str != current_month:
+                    month_positions.append((week_idx, month_str))
+                    current_month = month_str
+                break
+
+    # Build month label string with precise alignment
+    month_chars = [" "] * len(weeks)
+
+    for week_idx, month_name in month_positions:
+        # Check if we have space for the full month name (3 chars)
+        can_place = True
+        for i in range(3):
+            if week_idx + i < len(month_chars) and month_chars[week_idx + i] != " ":
+                can_place = False
+                break
+
+        if can_place and week_idx < len(month_chars):
+            # Place the month name starting at this week position
+            for i, char in enumerate(month_name):
+                if week_idx + i < len(month_chars):
+                    month_chars[week_idx + i] = char
+
+    # Print month labels with proper alignment
+    month_row = " " * WEEKDAY_LABEL_WIDTH + "".join(month_chars)
+    console.print(month_row)
+
+    # Weekday labels - show Mon, Wed, Fri
+    weekday_labels = ["Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"]
+    show_weekdays = [1, 3, 5]  # Show Mon, Wed, Fri
+
+    # Render each row (weekday)
+    for weekday_idx in range(7):
+        row = Text()
+
+        # Add weekday label - exactly WEEKDAY_LABEL_WIDTH characters
+        if weekday_idx in show_weekdays:
+            label = weekday_labels[weekday_idx]
+            # Right-align the label within the width, then add a space
+            row.append(f"{label:>3} ", style="dim")  # "Mon " = 4 chars
+            row.append(" " * (WEEKDAY_LABEL_WIDTH - 4))  # Fill remaining space
+        else:
+            row.append(" " * WEEKDAY_LABEL_WIDTH)
+
+        # Add activity cells for this weekday across all weeks
+        # Each week column is exactly 1 character wide
+        for week in weeks:
+            if weekday_idx < len(week):
+                date_str, count = week[weekday_idx]
+                if date_str:
+                    char = _get_intensity_char(count, max_count)
+                    color = _get_intensity_color(count, max_count)
+                    row.append(char, style=color)
+                else:
+                    row.append("·", style="dim white")
+            else:
+                row.append(" ")
+
+        console.print(row)
+
+    # Legend with 8-level green gradient
+    console.print()
+    legend = Text(" " * WEEKDAY_LABEL_WIDTH + "Less ", style="dim")
+    # Show representative levels from the 8-level gradient
+    legend.append("░", style="color(22)")  # Level 1: Very light green
+    legend.append(" ", style="dim")
+    legend.append("░", style="color(28)")  # Level 2: Light green
+    legend.append(" ", style="dim")
+    legend.append("▒", style="color(34)")  # Level 3: Light-medium green
+    legend.append(" ", style="dim")
+    legend.append("▒", style="color(40)")  # Level 4: Medium green
+    legend.append(" ", style="dim")
+    legend.append("▓", style="color(46)")  # Level 5: Medium-dark green
+    legend.append(" ", style="dim")
+    legend.append("▓", style="color(82)")  # Level 6: Dark green
+    legend.append(" ", style="dim")
+    legend.append("█", style="bold color(46)")  # Level 7: Bright green
+    legend.append(" ", style="dim")
+    legend.append("█", style="bold color(82)")  # Level 8: Very dark green
+    legend.append(" More", style="dim")
+    console.print(legend)
+
+
+__all__ = ["render_heatmap"]

ripperdoc/utils/session_history.py

@@ -104,13 +104,15 @@ class SessionHistory:
                     except (json.JSONDecodeError, KeyError, TypeError, ValueError) as exc:
                         logger.debug(
                             "[session_history] Failed to parse session history line: %s: %s",
-                            type(exc).__name__, exc,
+                            type(exc).__name__,
+                            exc,
                         )
                         continue
         except (OSError, IOError) as exc:
             logger.warning(
                 "Failed to load seen IDs from session: %s: %s",
-                type(exc).__name__, exc,
+                type(exc).__name__,
+                exc,
                 extra={"session_id": self.session_id, "path": str(self.path)},
             )
             return
@@ -142,7 +144,8 @@ class SessionHistory:
             # Avoid crashing the UI if logging fails
             logger.warning(
                 "Failed to append message to session log: %s: %s",
-                type(exc).__name__, exc,
+                type(exc).__name__,
+                exc,
                 extra={"session_id": self.session_id, "path": str(self.path)},
             )
             return
@@ -163,7 +166,8 @@ def list_session_summaries(project_path: Path) -> List[SessionSummary]:
         except (OSError, IOError, json.JSONDecodeError) as exc:
             logger.warning(
                 "Failed to load session summary: %s: %s",
-                type(exc).__name__, exc,
+                type(exc).__name__,
+                exc,
                 extra={"path": str(jsonl_path)},
             )
             continue
@@ -250,13 +254,16 @@ def load_session_messages(project_path: Path, session_id: str) -> List[Conversat
                 except (json.JSONDecodeError, KeyError, TypeError, ValueError) as exc:
                     logger.debug(
                         "[session_history] Failed to deserialize message in session %s: %s: %s",
-                        session_id, type(exc).__name__, exc,
+                        session_id,
+                        type(exc).__name__,
+                        exc,
                     )
                     continue
     except (OSError, IOError) as exc:
         logger.warning(
             "Failed to load session messages: %s: %s",
-            type(exc).__name__, exc,
+            type(exc).__name__,
+            exc,
             extra={"session_id": session_id, "path": str(path)},
         )
         return []