ci(boundary): enforce Hawk ecosystem import boundaries (#50)

* ci(boundary): add ecosystem boundary guard

eyrie is a Hawk support engine whose provider/transport types are eyrie-local,
so it stays contract-free. Add the one-way ecosystem boundary guard:

- add scripts/check-ecosystem-boundaries.sh (forbids hawk/internal and
  hawk/shared/types imports)
- wire the guard into the Makefile and CI
- document the boundary rule in the README

Scoped to the boundary guard only; unrelated in-progress changes in the working
tree are intentionally left uncommitted.

* refactor: decouple eyrie from tok helpers

* feat(api): wire reranker injection and live protocol updates

* fix: harden catalog and streaming provider paths

* docs: remove legacy shared types references

* fix(boundary): fall back to grep when rg is unavailable

* build(deps): go mod tidy — promote tiktoken, drop unused indirects

* fix(lint): drop redundant max helper shadowing the builtin (gocritic)

* fix(client): preserve inner stream cancel in BudgetProvider and UsageLimitProvider

Both StreamChat wrappers were returning StreamResult without the inner
cancel function, making Close() a no-op and leaking the upstream stream.
Switch to NewStreamResult(wrappedCh, result.Close) to wire cancellation.

Author: Patel230

.github/workflows/ci.yml

@@ -37,6 +37,8 @@ jobs:
         with:
           go-version: ${{ env.GO_VERSION }}
           cache: true
+      - name: Boundary guard
+        run: bash ./scripts/check-ecosystem-boundaries.sh
       - name: gofumpt
         run: |
           go install mvdan.cc/gofumpt@v0.10.0
@@ -118,6 +120,8 @@ jobs:
           cache: true
       - name: Clone tok (workspace dep)
         run: git clone --depth=1 https://github.com/GrayCodeAI/tok.git ../tok
+      - name: Boundary guard
+        run: bash ./scripts/check-ecosystem-boundaries.sh
       - name: Run golangci-lint
         run: |
           go install github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.1.0
@@ -138,6 +142,8 @@ jobs:
           cache: true
       - name: Clone tok (workspace dep)
         run: git clone --depth=1 https://github.com/GrayCodeAI/tok.git ../tok
+      - name: Boundary guard
+        run: bash ./scripts/check-ecosystem-boundaries.sh
       - name: Test with race detector
         run: go test ./... -race -count=1 -shuffle=on -coverprofile=coverage.out -covermode=atomic -timeout=300s
       - name: Coverage summary

AGENTS.md

@@ -46,7 +46,7 @@ make ci                          # Full CI suite
 
 - Provider interface is the boundary — keep it stable
 - Streaming tests need careful goroutine management
-- `go.work` here replaces only `github.com/GrayCodeAI/tok => ../tok`; hawk's own `go.work` adds an `external/eyrie` replace so hawk can develop against a local eyrie checkout. Do not add other `replace` directives here without coordinating with hawk's workspace.
+- `go.work` here should stay minimal; hawk's own `go.work` adds an `external/eyrie` replace so hawk can develop against a local eyrie checkout. Do not add extra local `replace` directives here without coordinating with hawk's workspace.
 
 ## Naming Conventions
 

Makefile

@@ -31,9 +31,12 @@ GOVULNCHECK  := $(GOBIN_DIR)/govulncheck
 # ---------------------------------------------------------------------------
 # Phony declarations (alphabetical).
 # ---------------------------------------------------------------------------
-.PHONY: all bench build ci clean cover fmt help lint lint-fix \
+.PHONY: all bench boundaries build ci clean cover fmt help lint lint-fix \
         security test test-10x test-race tidy version vet
 
+boundaries: ## Enforce support-repo import boundaries.
+	bash ./scripts/check-ecosystem-boundaries.sh
+
 # ---------------------------------------------------------------------------
 # Default target.
 # ---------------------------------------------------------------------------
@@ -97,7 +100,7 @@ tidy: ## Tidy go.mod / go.sum.
 # ---------------------------------------------------------------------------
 # Composite gate used by CI and pre-push.
 # ---------------------------------------------------------------------------
-ci: tidy fmt vet lint test-race security ## Run everything CI runs.
+ci: tidy fmt vet lint boundaries test-race security ## Run everything CI runs.
 	@echo "All CI checks passed."
 
 # ---------------------------------------------------------------------------

README.md

@@ -36,6 +36,14 @@ When your app calls a model, eyrie figures out which provider to use, how to tal
 
 **Your app never talks to an LLM API directly. eyrie does.**
 
+## Ecosystem Boundaries
+
+eyrie is a Hawk support engine. Keep the dependency edge one-way:
+
+- depend on `hawk-core-contracts` when a stable cross-repo contract is needed
+- do not import `hawk/internal/*`
+- do not import removed legacy path `hawk/shared/types`; use `hawk-core-contracts/types`
+
 ## Quick Start
 
 ```bash

catalog/discover/merge.go

@@ -87,9 +87,9 @@ func MergeCatalogV1WithPolicy(dst, src *catalog.CatalogV1, policy MergePolicy) *
 			}
 			continue
 		}
-		if dst.Models[id].ID == "" {
-			dst.Models[id] = m
-		}
+		// Key is absent here (the ok branch above continues), so the model is
+		// always new — assign unconditionally.
+		dst.Models[id] = m
 	}
 	seen := map[string]int{}
 	for i, o := range dst.Offerings {

catalog/live/fetchers.go

@@ -7,6 +7,7 @@ import (
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
+	"io"
 	"net/http"
 	"sort"
 	"strings"
@@ -15,6 +16,18 @@ import (
 	"github.com/GrayCodeAI/eyrie/catalog/opencodego"
 )
 
+// maxLiveResponseBytes caps how much of an external provider's HTTP response
+// the live catalog fetchers will read, so a malicious or buggy provider cannot
+// exhaust memory by returning an unbounded body.
+const maxLiveResponseBytes = 10 * 1024 * 1024 // 10 MiB
+
+// decodeJSONLimited decodes JSON from r into v, reading at most
+// maxLiveResponseBytes. Use this instead of json.NewDecoder(resp.Body) for
+// responses from untrusted/remote endpoints.
+func decodeJSONLimited(r io.Reader, v any) error {
+	return json.NewDecoder(io.LimitReader(r, maxLiveResponseBytes)).Decode(v)
+}
+
 // Provider FetchFunc implementations live in fetchers_cloud.go and
 // fetchers_providers.go; this file holds the registry, shared parsing/pricing
 // helpers, and AWS SigV4 signing helpers.
@@ -166,7 +179,7 @@ func fetchOpenAICompatModels(ctx context.Context, baseURL, apiKey, authHeader st
 	var payload struct {
 		Data []json.RawMessage `json:"data"`
 	}
-	if err := json.NewDecoder(resp.Body).Decode(&payload); err != nil {
+	if err := decodeJSONLimited(resp.Body, &payload); err != nil {
 		return nil, err
 	}
 	var entries []Entry

catalog/live/fetchers_cloud.go

@@ -52,7 +52,7 @@ func enrichOpenAIWithOpenRouter(entries []Entry) {
 	var payload struct {
 		Data []openRouterModelEntry `json:"data"`
 	}
-	if err := json.NewDecoder(resp.Body).Decode(&payload); err != nil {
+	if err := decodeJSONLimited(resp.Body, &payload); err != nil {
 		return
 	}
 	// Build lookup map: "gpt-4o" → openRouterModelEntry
@@ -136,7 +136,7 @@ func enrichFromOpenRouter(entries []Entry, prefix string) {
 	var payload struct {
 		Data []openRouterModelEntry `json:"data"`
 	}
-	if err := json.NewDecoder(resp.Body).Decode(&payload); err != nil {
+	if err := decodeJSONLimited(resp.Body, &payload); err != nil {
 		return
 	}
 	// Build lookup map by stripping prefix
@@ -239,7 +239,7 @@ func FetchAzure(env map[string]string) ([]Entry, error) {
 	var payload struct {
 		Value []json.RawMessage `json:"value"`
 	}
-	if err := json.NewDecoder(resp.Body).Decode(&payload); err != nil {
+	if err := decodeJSONLimited(resp.Body, &payload); err != nil {
 		return nil, err
 	}
 	var entries []Entry
@@ -304,7 +304,7 @@ func FetchBedrock(env map[string]string) ([]Entry, error) {
 	var payload struct {
 		ModelSummaries []json.RawMessage `json:"modelSummaries"`
 	}
-	if err := json.NewDecoder(resp.Body).Decode(&payload); err != nil {
+	if err := decodeJSONLimited(resp.Body, &payload); err != nil {
 		return nil, err
 	}
 	var entries []Entry
@@ -377,7 +377,7 @@ func FetchVertex(env map[string]string) ([]Entry, error) {
 		PublisherModels []json.RawMessage `json:"publisherModels"`
 		Models          []json.RawMessage `json:"models"`
 	}
-	if err := json.NewDecoder(resp.Body).Decode(&payload); err != nil {
+	if err := decodeJSONLimited(resp.Body, &payload); err != nil {
 		return nil, err
 	}
 	rawModels := payload.PublisherModels

catalog/live/fetchers_providers.go

@@ -82,6 +82,7 @@ func FetchOpenCodeGo(env map[string]string) ([]Entry, error) {
 	if err != nil {
 		return nil, err
 	}
+	protocolEntries := make([]struct{ ID, Protocol string }, 0, len(entries))
 	for i := range entries {
 		entries[i].ID = opencodego.NativeModelID(entries[i].ID)
 		// Merge with static metadata from docs (pricing, protocol, context windows).
@@ -91,7 +92,9 @@ func FetchOpenCodeGo(env map[string]string) ([]Entry, error) {
 			// Unknown model — derive protocol from name pattern.
 			entries[i].Protocol = opencodego.ProtocolForModel(entries[i].ID)
 		}
+		protocolEntries = append(protocolEntries, struct{ ID, Protocol string }{ID: entries[i].ID, Protocol: entries[i].Protocol})
 	}
+	opencodego.UpdateProtocolMap(protocolEntries)
 	return entries, nil
 }
 
@@ -230,7 +233,7 @@ func FetchOpenRouter(env map[string]string) ([]Entry, error) {
 	var payload struct {
 		Data []json.RawMessage `json:"data"`
 	}
-	if err := json.NewDecoder(resp.Body).Decode(&payload); err != nil {
+	if err := decodeJSONLimited(resp.Body, &payload); err != nil {
 		return nil, err
 	}
 	var entries []Entry
@@ -350,7 +353,7 @@ func FetchAnthropic(env map[string]string) ([]Entry, error) {
 	var payload struct {
 		Data []json.RawMessage `json:"data"`
 	}
-	if err := json.NewDecoder(resp.Body).Decode(&payload); err != nil {
+	if err := decodeJSONLimited(resp.Body, &payload); err != nil {
 		return nil, err
 	}
 	var entries []Entry
@@ -471,7 +474,7 @@ func FetchGemini(env map[string]string) ([]Entry, error) {
 	var payload struct {
 		Models []json.RawMessage `json:"models"`
 	}
-	if err := json.NewDecoder(resp.Body).Decode(&payload); err != nil {
+	if err := decodeJSONLimited(resp.Body, &payload); err != nil {
 		return nil, err
 	}
 	var entries []Entry
@@ -539,7 +542,7 @@ func FetchOllama(env map[string]string) ([]Entry, error) {
 	var payload struct {
 		Models []json.RawMessage `json:"models"`
 	}
-	if err := json.NewDecoder(resp.Body).Decode(&payload); err != nil {
+	if err := decodeJSONLimited(resp.Body, &payload); err != nil {
 		return nil, err
 	}
 	var entries []Entry

catalog/live/opencodego_test.go

@@ -5,6 +5,8 @@ import (
 	"net/http"
 	"net/http/httptest"
 	"testing"
+
+	"github.com/GrayCodeAI/eyrie/catalog/opencodego"
 )
 
 func TestFetchOpenCodeGo_MockHTTPServer(t *testing.T) {
@@ -45,6 +47,44 @@ func TestFetchOpenCodeGo_MockHTTPServer(t *testing.T) {
 	}
 }
 
+func TestFetchOpenCodeGoUpdatesProtocolMap(t *testing.T) {
+	opencodego.ResetProtocolMap()
+	defer opencodego.ResetProtocolMap()
+
+	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.URL.Path != "/models" {
+			http.NotFound(w, r)
+			return
+		}
+		resp := struct {
+			Data []json.RawMessage `json:"data"`
+		}{
+			Data: []json.RawMessage{
+				json.RawMessage(`{"id":"new-live-model","owned_by":"opencode","api_type":"anthropic"}`),
+			},
+		}
+		_ = json.NewEncoder(w).Encode(resp)
+	}))
+	defer srv.Close()
+
+	if opencodego.UsesMessagesAPI("new-live-model") {
+		t.Fatal("expected heuristic fallback to use OpenAI before live fetch")
+	}
+	entries, err := FetchOpenCodeGo(map[string]string{
+		"OPENCODEGO_API_KEY":  "test-ocg-key",
+		"OPENCODEGO_BASE_URL": srv.URL,
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+	if len(entries) != 1 {
+		t.Fatalf("expected 1 model, got %d", len(entries))
+	}
+	if !opencodego.UsesMessagesAPI("new-live-model") {
+		t.Fatal("expected live fetch to route anthropic model to Messages API")
+	}
+}
+
 func TestFetchOpenCodeGo_NoKey(t *testing.T) {
 	entries, err := FetchOpenCodeGo(map[string]string{})
 	if err != nil {

client/budget_provider.go

@@ -103,7 +103,34 @@ func (bp *BudgetProvider) StreamChat(ctx context.Context, messages []EyrieMessag
 	if err := bp.store.CheckBudget(ctx, vk, est.TotalCostUSD); err != nil {
 		return nil, err
 	}
-	return bp.inner.StreamChat(ctx, messages, opts)
+
+	result, err := bp.inner.StreamChat(ctx, messages, opts)
+	if err != nil {
+		return nil, err
+	}
+
+	// Wrap the events channel to record actual spend from the final usage
+	// event. Without this, streamed calls under a virtual key never debit the
+	// budget (unlike the non-streaming Chat path), so streaming-heavy clients
+	// would underreport spend. Mirrors UsageLimitProvider.StreamChat.
+	wrappedCh := make(chan EyrieStreamEvent, cap(result.Events))
+	go func() {
+		defer close(wrappedCh)
+		for evt := range result.Events {
+			if evt.Type == "usage" && evt.Usage != nil {
+				cost := ActualCostUSD(opts.Model, evt.Usage)
+				_ = bp.store.RecordUsage(ctx, vk, cost, evt.Usage.PromptTokens, evt.Usage.CompletionTokens)
+			}
+			select {
+			case wrappedCh <- evt:
+			case <-ctx.Done():
+				result.Close()
+				return
+			}
+		}
+	}()
+
+	return NewStreamResult(wrappedCh, result.Close), nil
 }
 
 func (bp *BudgetProvider) recordUsage(ctx context.Context, vk, model string, resp *EyrieResponse) {