tokf 0.2.33

Config-driven CLI tool that compresses command output before it reaches an LLM context
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133

//! Compute the "fair baseline" byte count by piping raw output through
//! the original pipe command the user would have used without tokf.

use std::io::Write;
use std::process::{Command, Stdio};
use std::time::{Duration, Instant};

/// Allowed first words for baseline pipe commands (security whitelist).
const ALLOWED_COMMANDS: &[&str] = &["tail", "head", "grep"];

/// Maximum time to wait for the baseline pipe command before falling back.
const TIMEOUT: Duration = Duration::from_secs(5);

/// Run the pipe command on the raw output and return the actual text the
/// user would have seen.
///
/// Only allows `tail`, `head`, and `grep` as pipe commands (matching the
/// rewrite module's strippable set). Returns `None` on validation failure,
/// spawn failure, timeout, or read error — callers should fall back to
/// `raw_output` in that case.
pub fn compute_output(raw_output: &str, pipe_cmd: &str) -> Option<String> {
    let first_word = pipe_cmd.split_whitespace().next().unwrap_or("");
    if !ALLOWED_COMMANDS.contains(&first_word) {
        eprintln!(
            "[tokf] warning: --baseline-pipe command '{first_word}' not allowed, using full output"
        );
        return None;
    }

    let Ok(mut child) = Command::new("sh")
        .args(["-c", pipe_cmd])
        .stdin(Stdio::piped())
        .stdout(Stdio::piped())
        .stderr(Stdio::null())
        .spawn()
    else {
        eprintln!("[tokf] warning: --baseline-pipe failed to spawn, using full output");
        return None;
    };

    if let Some(stdin) = child.stdin.as_mut() {
        let _ = stdin.write_all(raw_output.as_bytes());
    }
    drop(child.stdin.take());

    // Wait with timeout to prevent hanging on misbehaving pipe commands.
    let start = Instant::now();
    loop {
        match child.try_wait() {
            Ok(Some(_status)) => {
                return match child.wait_with_output() {
                    Ok(output) => String::from_utf8(output.stdout).ok(),
                    Err(e) => {
                        eprintln!(
                            "[tokf] warning: --baseline-pipe read failed: {e}, using full output"
                        );
                        None
                    }
                };
            }
            Ok(None) => {
                if start.elapsed() >= TIMEOUT {
                    let _ = child.kill();
                    eprintln!(
                        "[tokf] warning: --baseline-pipe timed out after {}s, using full output",
                        TIMEOUT.as_secs()
                    );
                    return None;
                }
                std::thread::sleep(Duration::from_millis(10));
            }
            Err(e) => {
                eprintln!("[tokf] warning: --baseline-pipe wait failed: {e}, using full output");
                return None;
            }
        }
    }
}

/// Run the pipe command on the raw output to get the exact byte count
/// the user would have seen without tokf.
///
/// Falls back to `raw_output.len()` when the pipe command fails.
pub fn compute(raw_output: &str, pipe_cmd: &str) -> usize {
    compute_output(raw_output, pipe_cmd).map_or(raw_output.len(), |s| s.len())
}

#[cfg(test)]
#[allow(clippy::unwrap_used)]
mod tests {
    use super::*;

    #[test]
    fn compute_output_tail() {
        let input = "line1\nline2\nline3\nline4\nline5\n";
        let result = compute_output(input, "tail -2").unwrap();
        assert_eq!(result, "line4\nline5\n");
    }

    #[test]
    fn compute_output_head() {
        let input = "line1\nline2\nline3\nline4\nline5\n";
        let result = compute_output(input, "head -2").unwrap();
        assert_eq!(result, "line1\nline2\n");
    }

    #[test]
    fn compute_output_grep() {
        let input = "apple\nbanana\napricot\ncherry\n";
        let result = compute_output(input, "grep ap").unwrap();
        assert_eq!(result, "apple\napricot\n");
    }

    #[test]
    fn compute_output_disallowed_command() {
        let result = compute_output("data", "rm -rf /");
        assert!(result.is_none());
    }

    #[test]
    fn compute_delegates_to_compute_output() {
        let input = "line1\nline2\nline3\n";
        let bytes = compute(input, "head -1");
        assert_eq!(bytes, "line1\n".len());
    }

    #[test]
    fn compute_fallback_on_disallowed() {
        let input = "some data";
        let bytes = compute(input, "cat");
        assert_eq!(bytes, input.len());
    }
}