mirror of
https://github.com/Kaelio/ktx.git
synced 2026-06-28 08:49:38 +02:00
2366b00301
* refactor(workspace): relocate @ktx/llm source into packages/cli/src/llm * refactor(workspace): rewrite @ktx/llm imports to relative paths * refactor(workspace): fold internal packages into cli * chore(workspace): gate dead-code with knip production mode Turn on production-mode knip plus an autofix run in pre-commit and the `pnpm dead-code` script, document the `/** @internal */` convention for test-only exports in AGENTS.md, annotate test-only exports across the CLI with that JSDoc, and drop dead exports/wrappers the new gate surfaced (e.g. `cli-project.ts`, `lookerRuntimeSourceToFileAdapterSource`, `createLocalScanEnrichmentProvidersFromConfig`, `PGLITE_OWNER_PROCESS_BACKEND_CAPABILITIES`, stale type re-exports). Replace the loose `ignoreIssues` allowlist in `knip.json` with explicit production entries so cross-package barrel leaks are caught. * refactor(cli): delete internal barrel index.ts files The 34 `index.ts` re-export barrels inside `packages/cli/src/` were holdovers from the pre-fold multi-workspace structure. Post-fold-in they served no production purpose: external consumers go through the single package main entry, and in-repo callers mostly imported through them only because the path was short. Internally, knip flagged most barrel re-exports as production-dead (only reached via tests). This change: - Deletes every internal barrel except `packages/cli/src/index.ts` (the published package entry). - Rewrites ~270 source/test files to import each name directly from the file that defines it. - Moves `tools/warehouse-verification/index.ts` to `create-warehouse-verification-tools.ts` (the function it defined locally) and updates its single consumer. - Renames `search/backend-conformance.ts` → `.test-utils.ts` to match the existing test-helper file convention. - Deletes 13 dead test-only chains (dbt-descriptions/*, live-database/extracted-schema, live-database/structural-sync, relationship-* feedback/review chain) plus their tests and a cascading orphan integration test. - Updates test mocks that pointed at deleted barrel paths (notion-client, connector barrels in scan/local-scan-connectors tests) to mock the source files instead. - Points the maintainer benchmark script (`scripts/relationship-benchmark-report.mjs`) at source files instead of `dist/context/scan/index.js`. - Drops the barrel `!` entries from `knip.json`; adds explicit production entries only for the benchmark code reached via dist by the maintainer script. Net: 413 files changed, ~1.2k insertions, ~9.4k deletions. `pnpm run dead-code` (Biome + knip default + knip production) and `pnpm run type-check` are clean; 2277 tests pass. * refactor(workspace): rename @ktx/cli to @kaelio/ktx and pack it directly Promote the CLI workspace package to the public name `@kaelio/ktx` and drop the separate `scripts/build-public-npm-package.mjs` wrapper. The CLI package is now publishable in place (`publishConfig.access: public`, `provenance: true`), so artifact packing uses `pnpm pack` against `packages/cli/` instead of assembling a parallel package tree. Updates all workspace filter invocations, docs, tests, and release readiness checks to reference the new package name, and folds the tarball-name helper into `scripts/public-npm-release-metadata.mjs`. * docs: align "agent clients" and "data agents" terminology Replace "client agents" with "agent clients" and "database agents" with "data agents" across AGENTS.md, README.md, the docs-site copy, and the matching setup-agents test description, matching the canonical vocabulary in docs/terminology.md. Also moves packages/cli/tsconfig.json's tsBuildInfoFile from node_modules/.cache/ to dist/.tsbuildinfo so incremental builds survive node_modules reinstalls. * refactor(release): single source of truth for package version Make packages/cli/package.json the single source of truth for the @kaelio/ktx version. publicNpmPackageVersion() now reads it directly, so artifact filenames, release-readiness checks, and the Python wheel version all derive from one field. The duplicate release-policy.json.publicNpmPackageVersion is removed. Previously the two fields could drift: tarballs were named kaelio-ktx-0.4.1.tgz while internally containing @kaelio/ktx@0.0.0-private. - update-public-release-version.mjs rewrites both Python pyproject.toml files (ktx-daemon, ktx-sl) alongside the npm package.jsons, normalizing the version for PEP 440 (e.g. 0.1.0-rc.2 -> 0.1.0rc2). - semantic-release-config.cjs adds the two pyproject.toml files to @semantic-release/git assets so the release commit back to main carries every version source in lockstep. - The six "?? '0.0.0-private'" fallback literals across the CLI are replaced with "?? getKtxCliPackageInfo().version", and createDefaultKtxMcpServer makes its version arg required. - docs/release.md describes the actual commit-back model: the dev tree always reflects the most recent release; no sentinel pin to maintain. Verified: pnpm run artifacts:build now produces kaelio-ktx-0.4.1.tgz and kaelio_ktx-0.4.1-py3-none-any.whl with @kaelio/ktx@0.4.1 inside. Full type-check, dead-code, and 2287 vitests + 173 script tests pass. * refactor(cli): inject embedding provider resolution and detect sentence-transformers runtime Make resolveProjectEmbeddingProvider and runtimeIo injectable in ingest and scan command entrypoints so tests can stub them, and teach resolvePublicIngestRuntimeRequirements to flag the local-embeddings runtime feature when ktx.yaml selects sentence-transformers. * chore(cli): mark buildLocalStatsStatus and LocalStatsStatus as @internal Both symbols are consumed only by status-project.test.ts. Annotating with /** @internal */ keeps knip's production-mode check clean without changing runtime behavior. * fix(cli): use real package metadata in print-command-tree The stubbed package name embedded a forbidden product identifier that tripped the boundary check in CI. Read the metadata from package.json instead — keeps the rendered tree unchanged and removes a duplicate source of truth. * feat(cli): show embedding coverage in `ktx status`, drop duplicate disk counts Inline `(N embedded)` next to the Wiki scope counts and Semantic-layer source counts, computed with `SUM(embedding_json IS NOT NULL)` over `knowledge_pages` and `local_sl_sources`. Rename the "Knowledge" label to "Wiki" (canonical per `docs/terminology.md`) and rename the matching `localStats.knowledgePages` field to `localStats.wikiPages`. Drop `wiki=N md` and `semantic-layer=N yaml` from the Disk row — those duplicated the per-surface rows above. Disk now reports only actual byte usage (db, cache, raw-sources). The unused `wikiGlobalMarkdownCount` / `semanticLayerYamlCount` fields, the `isMarkdownEntry` / `isYamlEntry` helpers, and the `filter` arg on `summarizeDir` are removed.
230 lines
7.7 KiB
TypeScript
230 lines
7.7 KiB
TypeScript
import { mkdir, readFile, writeFile } from 'node:fs/promises';
|
|
import { dirname, join } from 'node:path';
|
|
import { z } from 'zod';
|
|
import type { AgentRunnerPort, KtxRuntimeToolSet } from '../../context/llm/runtime-port.js';
|
|
import type { TouchedSlSource } from '../../context/tools/touched-sl-sources.js';
|
|
import type { IngestTraceWriter } from './ingest-trace.js';
|
|
import { traceTimed } from './ingest-trace.js';
|
|
|
|
type FinalGateRepairKind = 'patch_semantic_gate' | 'final_artifact_gate';
|
|
|
|
export type FinalGateRepairResult =
|
|
| { status: 'repaired'; attempts: number; changedPaths: string[] }
|
|
| { status: 'failed'; attempts: number; reason: string };
|
|
|
|
export interface RepairFinalGateFailureInput {
|
|
agentRunner: AgentRunnerPort;
|
|
workdir: string;
|
|
gateError: string;
|
|
allowedPaths: string[];
|
|
trace: IngestTraceWriter;
|
|
repairKind: FinalGateRepairKind;
|
|
maxAttempts?: number;
|
|
stepBudget?: number;
|
|
}
|
|
|
|
const readRepairFileSchema = z.object({
|
|
path: z.string().min(1),
|
|
});
|
|
|
|
const writeRepairFileSchema = z.object({
|
|
path: z.string().min(1),
|
|
content: z.string(),
|
|
});
|
|
|
|
function normalizeRepoPath(path: string): string {
|
|
const normalized = path.replace(/\\/g, '/').replace(/^\/+/, '');
|
|
const parts = normalized.split('/').filter((part) => part.length > 0);
|
|
if (parts.length === 0 || parts.some((part) => part === '.' || part === '..')) {
|
|
throw new Error(`gate repair path must be a repository-relative path: ${path}`);
|
|
}
|
|
return parts.join('/');
|
|
}
|
|
|
|
function assertAllowedPath(path: string, allowedPaths: ReadonlySet<string>): string {
|
|
const normalized = normalizeRepoPath(path);
|
|
if (!allowedPaths.has(normalized)) {
|
|
throw new Error(`gate repair path not allowed: ${normalized}`);
|
|
}
|
|
return normalized;
|
|
}
|
|
|
|
async function readOptionalFile(path: string): Promise<{ exists: boolean; content: string }> {
|
|
try {
|
|
return { exists: true, content: await readFile(path, 'utf-8') };
|
|
} catch (error) {
|
|
if (error && typeof error === 'object' && 'code' in error && error.code === 'ENOENT') {
|
|
return { exists: false, content: '' };
|
|
}
|
|
throw error;
|
|
}
|
|
}
|
|
|
|
function buildGateRepairSystemPrompt(): string {
|
|
return `<role>
|
|
You repair one KTX isolated-diff artifact gate failure inside the integration worktree.
|
|
</role>
|
|
|
|
<rules>
|
|
- Use read_gate_error first.
|
|
- Read only files exposed by read_repair_file.
|
|
- Edit only paths exposed by write_repair_file.
|
|
- Prefer the smallest text edit that makes the gate pass.
|
|
- Preserve accepted work-unit, reconciliation, and deterministic projection content.
|
|
- Do not invent warehouse facts, business definitions, or semantic-layer entities.
|
|
- If the gate error requires choosing between conflicting facts without evidence, stop without editing.
|
|
</rules>`;
|
|
}
|
|
|
|
function buildGateRepairUserPrompt(input: {
|
|
gateError: string;
|
|
allowedPaths: string[];
|
|
repairKind: FinalGateRepairKind;
|
|
attempt: number;
|
|
maxAttempts: number;
|
|
}): string {
|
|
return `Repair isolated-diff artifact gates.
|
|
|
|
Repair kind: ${input.repairKind}
|
|
Attempt: ${input.attempt} of ${input.maxAttempts}
|
|
|
|
Allowed files:
|
|
${input.allowedPaths.map((path) => `- ${path}`).join('\n')}
|
|
|
|
Gate error:
|
|
${input.gateError}
|
|
|
|
Use read_gate_error first. Then inspect only the allowed files, write the
|
|
minimal repaired content, and stop.`;
|
|
}
|
|
|
|
function buildToolSet(input: {
|
|
workdir: string;
|
|
gateError: string;
|
|
allowedPaths: ReadonlySet<string>;
|
|
editedPaths: Set<string>;
|
|
}): KtxRuntimeToolSet {
|
|
return {
|
|
read_gate_error: {
|
|
name: 'read_gate_error',
|
|
description: 'Read the artifact gate failure that must be repaired.',
|
|
inputSchema: z.object({}),
|
|
execute: async () => ({
|
|
markdown: input.gateError,
|
|
structured: { gateError: input.gateError },
|
|
}),
|
|
},
|
|
read_repair_file: {
|
|
name: 'read_repair_file',
|
|
description: 'Read one allowed file from the integration worktree.',
|
|
inputSchema: readRepairFileSchema,
|
|
execute: async ({ path }: z.infer<typeof readRepairFileSchema>) => {
|
|
const normalized = assertAllowedPath(path, input.allowedPaths);
|
|
const file = await readOptionalFile(join(input.workdir, normalized));
|
|
return {
|
|
markdown: file.exists ? file.content : `(missing file: ${normalized})`,
|
|
structured: { path: normalized, exists: file.exists },
|
|
};
|
|
},
|
|
},
|
|
write_repair_file: {
|
|
name: 'write_repair_file',
|
|
description: 'Replace one allowed integration worktree file with repaired text content.',
|
|
inputSchema: writeRepairFileSchema,
|
|
execute: async ({ path, content }: z.infer<typeof writeRepairFileSchema>) => {
|
|
const normalized = assertAllowedPath(path, input.allowedPaths);
|
|
const fullPath = join(input.workdir, normalized);
|
|
await mkdir(dirname(fullPath), { recursive: true });
|
|
await writeFile(fullPath, content, 'utf-8');
|
|
input.editedPaths.add(normalized);
|
|
return {
|
|
markdown: `Wrote ${normalized}`,
|
|
structured: { path: normalized, bytes: Buffer.byteLength(content) },
|
|
};
|
|
},
|
|
},
|
|
};
|
|
}
|
|
|
|
export function finalGateRepairPaths(input: {
|
|
changedWikiPageKeys: string[];
|
|
touchedSlSources: TouchedSlSource[];
|
|
}): string[] {
|
|
return [
|
|
...new Set([
|
|
...input.touchedSlSources.map((source) => `semantic-layer/${source.connectionId}/${source.sourceName}.yaml`),
|
|
...input.changedWikiPageKeys.map((pageKey) => `wiki/global/${pageKey}.md`),
|
|
]),
|
|
].sort();
|
|
}
|
|
|
|
export async function repairFinalGateFailure(
|
|
input: RepairFinalGateFailureInput,
|
|
): Promise<FinalGateRepairResult> {
|
|
const allowedPaths = new Set(input.allowedPaths.map(normalizeRepoPath));
|
|
const maxAttempts = input.maxAttempts ?? 1;
|
|
const stepBudget = input.stepBudget ?? 16;
|
|
let lastFailure = 'gate repair did not run';
|
|
|
|
for (let attempt = 1; attempt <= maxAttempts; attempt += 1) {
|
|
const editedPaths = new Set<string>();
|
|
const sortedAllowedPaths = [...allowedPaths].sort();
|
|
const traceData = {
|
|
repairKind: input.repairKind,
|
|
attempt,
|
|
maxAttempts,
|
|
allowedPaths: sortedAllowedPaths,
|
|
gateError: input.gateError,
|
|
};
|
|
const result = await traceTimed(input.trace, 'gate_repair', 'gate_repair', traceData, async () =>
|
|
input.agentRunner.runLoop({
|
|
modelRole: 'repair',
|
|
systemPrompt: buildGateRepairSystemPrompt(),
|
|
userPrompt: buildGateRepairUserPrompt({
|
|
gateError: input.gateError,
|
|
allowedPaths: sortedAllowedPaths,
|
|
repairKind: input.repairKind,
|
|
attempt,
|
|
maxAttempts,
|
|
}),
|
|
toolSet: buildToolSet({
|
|
workdir: input.workdir,
|
|
gateError: input.gateError,
|
|
allowedPaths,
|
|
editedPaths,
|
|
}),
|
|
stepBudget,
|
|
telemetryTags: {
|
|
operationName: 'ingest-isolated-diff-gate-repair',
|
|
source: input.trace.context.sourceKey,
|
|
jobId: input.trace.context.jobId,
|
|
repairKind: input.repairKind,
|
|
},
|
|
}),
|
|
);
|
|
|
|
if (result.stopReason === 'error') {
|
|
lastFailure = result.error?.message ?? 'gate repair agent loop errored';
|
|
await input.trace.event('error', 'gate_repair', 'gate_repair_failed', traceData, result.error);
|
|
continue;
|
|
}
|
|
|
|
const changedPaths = [...editedPaths].sort();
|
|
if (changedPaths.length === 0) {
|
|
lastFailure = 'gate repair completed without editing an allowed path';
|
|
await input.trace.event('error', 'gate_repair', 'gate_repair_failed', {
|
|
...traceData,
|
|
reason: lastFailure,
|
|
});
|
|
continue;
|
|
}
|
|
|
|
await input.trace.event('debug', 'gate_repair', 'gate_repair_repaired', {
|
|
...traceData,
|
|
changedPaths,
|
|
});
|
|
return { status: 'repaired', attempts: attempt, changedPaths };
|
|
}
|
|
|
|
return { status: 'failed', attempts: maxAttempts, reason: lastFailure };
|
|
}
|