rigortype 0.1.10 → 0.1.11

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3425a6183f3c9312517a9a82de77b561907c0afd99f8f77844d08741a766fae8
-  data.tar.gz: cef2e0e925fb844e4112552626966319c942ff0f31ff6d2af05b04ec8c2ee93f
+  metadata.gz: 9c5853d88c57eb0ded87f9fbf801e3cfbbc7672be2a16bcc3171bd7e3f33122c
+  data.tar.gz: d3f3b9d936dd4aab4a10c93b7879b34bee26aa1313007619baadb1381b87310c
 SHA512:
-  metadata.gz: 749cd171f08f03311d70da91e742b07980974876889d152827ae8e3aa4518d2c2f933475efa889e3c63a7f715eddb96112584445967c3e15fe7c58c38d0ed3cd
-  data.tar.gz: bb5f032e6663cb137b774bfd18d39ad1498b0913d552a92b86c0256fd8a2fb76c1426d9914f01caf3f78359c96079d8dfc7c84f09e2fb473681cf0889ee46e09
+  metadata.gz: bebba3258c508b893a7ca22e98b17838bcc7267399882956a4ced9c214e87947754f5a15ecf80029cf601eed58c93fc53ffcb50636002df9f75c00d498a0585b
+  data.tar.gz: 4ac6679d930144ffc5a675a9189ed7ce20d500c5ae9d61820b44fcfbf3e02149b615b3b11a44fa48760c17a75b57ec6d6b5ee3e4a80a4b9139514c742c9c612a

data/lib/rigor/analysis/baseline.rb

@@ -52,6 +52,15 @@ module Rigor
     # CLI or `baseline: <path>` in `.rigor.yml`). The presence
     # of `.rigor-baseline.yml` on disk alone never triggers a
     # load — that's the CLI / Configuration's job to enforce.
+    #
+    # ## Path handling
+    #
+    # Baselines store file paths **relative to the project root**
+    # (the working directory when `rigor` is run). This makes the
+    # generated `.rigor-baseline.yml` portable across machines and
+    # checkout locations. When filtering a live diagnostic stream,
+    # the instance normalises each diagnostic's absolute path to a
+    # relative one before the bucket lookup.
     class Baseline
       # The bucket key is intentionally tuple-shaped so rule-ID
       # rows and message-pattern rows can coexist in a single
@@ -69,12 +78,16 @@ module Rigor
         # path is nil (the caller's "no baseline configured"
         # state). Raises {LoadError} on malformed content;
         # callers translate to a user-facing diagnostic.
-        def load(path)
+        #
+        # `project_root:` is the working directory against which
+        # stored relative paths are resolved during filtering.
+        # Defaults to `Dir.pwd`.
+        def load(path, project_root: Dir.pwd)
           return nil if path.nil?
-          return new([]) unless File.exist?(path)
+          return new([], project_root: project_root) unless File.exist?(path)
 
           raw = YAML.safe_load_file(path, permitted_classes: [Symbol])
-          parse_loaded(raw, path: path)
+          parse_loaded(raw, path: path, project_root: project_root)
         end
 
         # Build a baseline from a current run's diagnostic stream.
@@ -82,10 +95,14 @@ module Rigor
         # message-mode generator passes literal messages through
         # `Regexp.escape` so generated rows never accidentally
         # over-match on punctuation.
-        def from_diagnostics(diagnostics, match_mode: :rule)
+        #
+        # `project_root:` is used to convert absolute diagnostic
+        # paths to relative paths in the generated YAML. Defaults
+        # to `Dir.pwd`.
+        def from_diagnostics(diagnostics, match_mode: :rule, project_root: Dir.pwd)
           raise ArgumentError, "match_mode must be :rule or :message" unless %i[rule message].include?(match_mode)
 
-          grouped = group_for_baseline(diagnostics, match_mode)
+          grouped = group_for_baseline(diagnostics, match_mode, project_root)
           buckets = grouped.map do |key, entries|
             Bucket.new(
               file: key[0],
@@ -94,12 +111,12 @@ module Rigor
               count: entries.size
             )
           end
-          new(buckets)
+          new(buckets, project_root: project_root)
         end
 
         private
 
-        def parse_loaded(raw, path:)
+        def parse_loaded(raw, path:, project_root:)
           raise LoadError, "#{path}: expected a Hash at top level, got #{raw.class}" unless raw.is_a?(Hash)
 
           version = raw["version"]
@@ -110,7 +127,8 @@ module Rigor
           rows = raw["ignored"] || []
           raise LoadError, "#{path}: `ignored:` must be an Array" unless rows.is_a?(Array)
 
-          new(rows.each_with_index.map { |row, idx| parse_row(row, path: path, index: idx) })
+          new(rows.each_with_index.map { |row, idx| parse_row(row, path: path, index: idx) },
+              project_root: project_root)
         end
 
         def parse_row(row, path:, index:)
@@ -141,16 +159,19 @@ module Rigor
         # In message mode, each unique message gets its own bucket;
         # in rule mode, every diagnostic for a (file, rule) pair
         # contributes to a single bucket regardless of message.
-        def group_for_baseline(diagnostics, match_mode)
+        # File paths are normalised to relative before keying.
+        def group_for_baseline(diagnostics, match_mode, project_root)
+          root = Pathname.new(project_root)
           diagnostics.each_with_object({}) do |diag, into|
             next if diag.qualified_rule.nil?
             next if diag.path.nil?
 
+            rel = relative_path(diag.path, root)
             key = case match_mode
                   when :rule
-                    [diag.path, diag.qualified_rule, nil]
+                    [rel, diag.qualified_rule, nil]
                   when :message
-                    [diag.path, diag.qualified_rule, message_pattern_for(diag.message)]
+                    [rel, diag.qualified_rule, message_pattern_for(diag.message)]
                   end
             (into[key] ||= []) << diag
           end
@@ -164,13 +185,20 @@ module Rigor
         def message_pattern_for(message)
           Regexp.new(Regexp.escape(message.to_s))
         end
+
+        def relative_path(path, root_pathname)
+          Pathname.new(path).relative_path_from(root_pathname).to_s
+        rescue ArgumentError
+          path # different drive letter on Windows or non-child path
+        end
       end
 
       class LoadError < StandardError; end
 
       attr_reader :buckets
 
-      def initialize(buckets)
+      def initialize(buckets, project_root: Dir.pwd)
+        @project_root = Pathname.new(project_root)
         @buckets = buckets.freeze
         # For each (file, qualified_rule) pair, two arrays:
         # - rule-ID rows (message_regex == nil)
@@ -264,7 +292,7 @@ module Rigor
       # cleared buckets (`actual == 0`) from the on-disk file.
       def without(buckets_to_drop)
         dropset = buckets_to_drop.to_set
-        self.class.new(buckets.reject { |b| dropset.include?(b) })
+        self.class.new(buckets.reject { |b| dropset.include?(b) }, project_root: @project_root)
       end
 
       # Serialise to a YAML string. The generator path writes
@@ -307,6 +335,14 @@ module Rigor
         [bucket.file, bucket.rule, bucket.message_regex&.source]
       end
 
+      def normalize_path(path)
+        return path if path.nil?
+
+        Pathname.new(path).relative_path_from(@project_root).to_s
+      rescue ArgumentError
+        path # different drive letter on Windows or non-child path
+      end
+
       def group_diagnostics_for_filtering(diagnostics)
         # First pass: bin each diagnostic into the bucket that
         # claims it. Message-pattern rows take precedence over
@@ -322,7 +358,7 @@ module Rigor
                   [bucket.file, bucket.rule,
                    bucket.message_regex&.source]
                 else
-                  [diag.path, diag.qualified_rule, :__none__]
+                  [normalize_path(diag.path), diag.qualified_rule, :__none__]
                 end
           bin = (bins[key] ||= { bucket: bucket, diagnostics: [] })
           bin[:diagnostics] << diag
@@ -331,7 +367,7 @@ module Rigor
       end
 
       def claim_bucket_for(diagnostic)
-        candidates = @by_pair[[diagnostic.path, diagnostic.qualified_rule]]
+        candidates = @by_pair[[normalize_path(diagnostic.path), diagnostic.qualified_rule]]
         return nil if candidates.nil? || candidates.empty?
 
         # Tighter (message-pattern) buckets first, then the

data/lib/rigor/cli/baseline_command.rb

@@ -84,7 +84,8 @@ module Rigor
         configuration = Configuration.load(options.fetch(:config))
         diagnostics = collect_diagnostics(configuration, options)
 
-        baseline = Analysis::Baseline.from_diagnostics(diagnostics, match_mode: options.fetch(:match_mode))
+        baseline = Analysis::Baseline.from_diagnostics(diagnostics, match_mode: options.fetch(:match_mode),
+                                                                    project_root: Dir.pwd)
         File.write(path, baseline.to_yaml)
 
         @err.puts(
@@ -149,7 +150,7 @@ module Rigor
         defaults = Configuration::DEFAULTS.merge(
           "paths" => configuration.paths,
           "exclude" => configuration.exclude_patterns,
-          "plugins" => configuration.plugins.map(&:to_h),
+          "plugins" => configuration.plugins,
           "disable" => configuration.disabled_rules,
           "libraries" => configuration.libraries,
           "signature_paths" => configuration.signature_paths,
@@ -372,7 +373,7 @@ module Rigor
           @err.puts("rigor: baseline file not found: #{path}")
           return :error
         end
-        Analysis::Baseline.load(path)
+        Analysis::Baseline.load(path, project_root: Dir.pwd)
       rescue Analysis::Baseline::LoadError => e
         @err.puts("rigor: baseline load failed: #{e.message}")
         :error

data/lib/rigor/cli.rb

@@ -31,7 +31,8 @@ module Rigor
       "mcp" => :run_mcp,
       "baseline" => :run_baseline,
       "triage" => :run_triage,
-      "coverage" => :run_coverage
+      "coverage" => :run_coverage,
+      "playground" => :run_playground
     }.freeze
 
     def self.start(argv = ARGV, out: $stdout, err: $stderr)
@@ -120,7 +121,7 @@ module Rigor
         return false
       end
 
-      baseline = Analysis::Baseline.load(path)
+      baseline = Analysis::Baseline.load(path, project_root: Dir.pwd)
       return false if baseline.nil? || baseline.empty?
 
       drifted = baseline.audit(raw_diagnostics).reject { |row| row.status == :within }
@@ -163,7 +164,7 @@ module Rigor
       path = resolve_baseline_path(configuration, options)
       return result if path.nil?
 
-      baseline = Analysis::Baseline.load(path)
+      baseline = Analysis::Baseline.load(path, project_root: Dir.pwd)
       return result if baseline.nil?
 
       surfaced, silenced_count = baseline.filter(result.diagnostics)
@@ -596,6 +597,17 @@ module Rigor
       CLI::CoverageCommand.new(argv: @argv, out: @out, err: @err).run
     end
 
+    def run_playground
+      begin
+        require "rigor/playground"
+      rescue LoadError
+        @err.puts "rigor playground requires the rigor-playground gem."
+        @err.puts "Install it with: gem install rigor-playground"
+        return EXIT_USAGE
+      end
+      Rigor::CLI::PlaygroundCommand.new(@argv[1..], @out, @err).run
+    end
+
     def write_result(result, format)
       case format
       when "json"
@@ -641,6 +653,7 @@ module Rigor
           mcp        Run the Rigor MCP server over stdio (ADR-33)
           triage     Summarise diagnostics: distribution, hotspots, hints (ADR-23)
           coverage   Report type-precision coverage (precise vs Dynamic ratio)
+          playground Start the browser playground (requires rigor-playground gem)
           version    Print the Rigor version
           help       Print this help
       HELP

data/lib/rigor/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Rigor
-  VERSION = "0.1.10"
+  VERSION = "0.1.11"
 end

data/plugins/rigor-actioncable/lib/rigor/plugin/actioncable/analyzer.rb

@@ -0,0 +1,190 @@
+# frozen_string_literal: true
+
+require "did_you_mean"
+require "prism"
+
+module Rigor
+  module Plugin
+    class Actioncable < Rigor::Plugin::Base
+      # Walks a parsed file's AST looking for ActionCable
+      # entry-point calls and validates each against the
+      # {ChannelIndex}.
+      #
+      # Recognised shapes:
+      #
+      # - `<ChannelClass>.broadcast_to(record, data)` —
+      #   class-targeted broadcast. The class must exist in
+      #   the index.
+      # - `ActionCable.server.broadcast(stream_name, data)`
+      #   — string-targeted broadcast. When `stream_name`
+      #   is a literal string and the index has at least
+      #   one channel with no dynamic stream registrations,
+      #   we check that the name appears in
+      #   `index.all_stream_names`. Otherwise the
+      #   `unknown-stream` warning is suppressed (we can't
+      #   prove absence).
+      module Analyzer
+        # `ActionCable.server.broadcast(...)` — the receiver
+        # path we recognise as a server-targeted broadcast.
+        # Single-symbol form (just `broadcast`) is too
+        # ambiguous to validate.
+        SERVER_BROADCAST_RECEIVER_NAMES = %w[
+          ActionCable.server
+          ::ActionCable.server
+        ].freeze
+
+        Diagnostic = Struct.new(:path, :line, :column, :severity, :rule, :message, keyword_init: true)
+
+        module_function
+
+        # @param path [String]
+        # @param root [Prism::Node]
+        # @param channel_index [ChannelIndex]
+        # @return [Array<Diagnostic>]
+        def diagnose(path:, root:, channel_index:)
+          diagnostics = []
+          walk(root) do |call_node|
+            case call_node.name
+            when :broadcast_to
+              diagnostics.concat(analyse_broadcast_to(path, call_node, channel_index))
+            when :broadcast
+              diagnostics.concat(analyse_server_broadcast(path, call_node, channel_index))
+            end
+          end
+          diagnostics
+        end
+
+        def walk(node, &)
+          return unless node.is_a?(Prism::Node)
+
+          yield node if node.is_a?(Prism::CallNode)
+          node.compact_child_nodes.each { |child| walk(child, &) }
+        end
+
+        def analyse_broadcast_to(path, call_node, channel_index)
+          class_name = constant_receiver_name(call_node.receiver)
+          return [] if class_name.nil?
+
+          # broadcast_to with a class-name receiver that
+          # doesn't end in "Channel" is almost certainly
+          # not ActionCable — pass through silently to
+          # avoid flagging unrelated `broadcast_to` methods.
+          return [] unless class_name.end_with?("Channel")
+
+          entry = channel_index.find(class_name) || channel_index.find("::#{class_name}")
+          return [unknown_channel_diagnostic(path, call_node, class_name, channel_index)] if entry.nil?
+
+          [broadcast_target_info(path, call_node, entry)]
+        end
+
+        def analyse_server_broadcast(path, call_node, channel_index)
+          receiver_path = call_chain_string(call_node.receiver)
+          return [] unless SERVER_BROADCAST_RECEIVER_NAMES.include?(receiver_path)
+
+          args = call_node.arguments&.arguments || []
+          stream_arg = args.first
+          return [] if stream_arg.nil?
+          return [] unless stream_arg.is_a?(Prism::StringNode)
+          return [] if channel_index.any_dynamic_streams?
+
+          stream_name = stream_arg.unescaped
+          if channel_index.all_stream_names.include?(stream_name)
+            return [server_broadcast_info(path, call_node, stream_name)]
+          end
+
+          [unknown_stream_diagnostic(path, call_node, stream_name, channel_index)]
+        end
+
+        def broadcast_target_info(path, call_node, entry)
+          location = call_node.location
+          Diagnostic.new(
+            path: path,
+            line: location.start_line,
+            column: location.start_column + 1,
+            severity: :info,
+            rule: "broadcast-target",
+            message: "`#{entry.class_name}.broadcast_to(...)` matches discovered channel"
+          )
+        end
+
+        def server_broadcast_info(path, call_node, stream_name)
+          location = call_node.location
+          Diagnostic.new(
+            path: path,
+            line: location.start_line,
+            column: location.start_column + 1,
+            severity: :info,
+            rule: "broadcast-stream",
+            message: "`broadcast(\"#{stream_name}\", ...)` matches a registered `stream_from`"
+          )
+        end
+
+        def unknown_channel_diagnostic(path, call_node, class_name, channel_index)
+          location = call_node.location
+          suggestions = DidYouMean::SpellChecker.new(dictionary: channel_index.names).correct(class_name)
+          suggestion_part = suggestions.empty? ? "" : " (did you mean `#{suggestions.first}`?)"
+          Diagnostic.new(
+            path: path,
+            line: location.start_line,
+            column: location.start_column + 1,
+            severity: :error,
+            rule: "unknown-channel",
+            message: "no ActionCable channel `#{class_name}`#{suggestion_part}"
+          )
+        end
+
+        def unknown_stream_diagnostic(path, call_node, stream_name, channel_index)
+          location = call_node.location
+          dictionary = channel_index.all_stream_names.to_a
+          suggestions = DidYouMean::SpellChecker.new(dictionary: dictionary).correct(stream_name)
+          suggestion_part = suggestions.empty? ? "" : " (did you mean `\"#{suggestions.first}\"`?)"
+          Diagnostic.new(
+            path: path,
+            line: location.start_line,
+            column: location.start_column + 1,
+            severity: :warning,
+            rule: "unknown-stream",
+            message: "no `stream_from \"#{stream_name}\"` registration in any discovered " \
+                     "channel#{suggestion_part}"
+          )
+        end
+
+        # Renders an `A.b.c` chain as a string (used to
+        # detect `ActionCable.server`). Returns nil for
+        # non-chained nodes.
+        def call_chain_string(node)
+          parts = []
+          current = node
+          while current.is_a?(Prism::CallNode) && current.arguments.nil?
+            parts.unshift(current.name.to_s)
+            current = current.receiver
+          end
+          base = constant_receiver_name(current)
+          return nil if base.nil? || parts.empty?
+
+          [base, *parts].join(".")
+        end
+
+        def constant_receiver_name(node)
+          case node
+          when Prism::ConstantReadNode then node.name.to_s
+          when Prism::ConstantPathNode then constant_path_name(node)
+          end
+        end
+
+        def constant_path_name(node)
+          parts = []
+          current = node
+          while current.is_a?(Prism::ConstantPathNode)
+            parts.unshift(current.name.to_s)
+            current = current.parent
+          end
+          case current
+          when nil then "::#{parts.join('::')}"
+          when Prism::ConstantReadNode then "#{current.name}::#{parts.join('::')}"
+          end
+        end
+      end
+    end
+  end
+end

data/plugins/rigor-actioncable/lib/rigor/plugin/actioncable/channel_discoverer.rb

@@ -0,0 +1,189 @@
+# frozen_string_literal: true
+
+require "prism"
+
+require_relative "channel_index"
+
+module Rigor
+  module Plugin
+    class Actioncable < Rigor::Plugin::Base
+      # Walks the configured channel-search paths via the
+      # plugin's `IoBoundary`, parses each `.rb` file with
+      # Prism, and collects classes whose immediate
+      # superclass is one of the configured base classes.
+      #
+      # For each discovered channel, the discoverer:
+      #
+      # - Records every public instance-side `def` whose
+      #   name isn't an ActionCable framework hook
+      #   (`subscribed`, `unsubscribed`, `_`-prefixed).
+      #   These are the action methods clients can invoke
+      #   via `subscription.perform("action_name", data)`.
+      # - Records every literal-string `stream_from "name"`
+      #   call as a registered stream name.
+      # - Sets `dynamic_streams: true` when the channel has
+      #   ANY non-literal `stream_from` argument (or a
+      #   `stream_for` call) so the analyzer knows it can't
+      #   be sure of every stream name.
+      #
+      # Limitations (intentional for v0.1.0):
+      #
+      # - Direct-superclass match only.
+      # - Public-vs-private is not tracked; the framework
+      #   hooks (`subscribed`/`unsubscribed`) are excluded
+      #   by name. Methods marked `private` after a
+      #   `private` keyword would still appear in the
+      #   `action_methods` set.
+      # - `stream_for(record)` (model-scoped streams) is
+      #   recognised as setting `dynamic_streams: true` but
+      #   not introspected further.
+      class ChannelDiscoverer
+        FRAMEWORK_HOOKS = %i[subscribed unsubscribed].to_set.freeze
+
+        def initialize(io_boundary:, search_paths:, base_classes:)
+          @io_boundary = io_boundary
+          @search_paths = search_paths
+          @base_classes = base_classes.to_set
+        end
+
+        # @return [ChannelIndex]
+        def discover
+          entries = []
+          ruby_files_under(@search_paths).each do |path|
+            contents = read_safely(path)
+            next if contents.nil?
+
+            tree = Prism.parse(contents).value
+            walk_for_channels(tree, []) do |class_name, body|
+              entries << build_entry(class_name, path, body)
+            end
+          end
+          ChannelIndex.new(entries)
+        end
+
+        private
+
+        def read_safely(path)
+          @io_boundary.read_file(path)
+        rescue Plugin::AccessDeniedError, Errno::ENOENT
+          nil
+        end
+
+        def ruby_files_under(roots)
+          roots.flat_map do |root|
+            absolute = File.expand_path(root)
+            next [] unless File.directory?(absolute)
+
+            Dir.glob(File.join(absolute, "**", "*.rb"))
+          end
+        end
+
+        def walk_for_channels(node, lexical_path, &)
+          return if node.nil?
+
+          case node
+          when Prism::ClassNode then visit_class(node, lexical_path, &)
+          when Prism::ModuleNode then visit_module(node, lexical_path, &)
+          else
+            node.compact_child_nodes.each { |child| walk_for_channels(child, lexical_path, &) }
+          end
+        end
+
+        def visit_class(node, lexical_path, &)
+          class_local_name = constant_path_name(node.constant_path)
+          return if class_local_name.nil?
+
+          full_name = (lexical_path + [class_local_name]).join("::")
+          superclass = constant_path_name(node.superclass) if node.superclass
+          yield full_name, node.body if superclass && @base_classes.include?(superclass)
+
+          inner_path = lexical_path + [class_local_name]
+          walk_for_channels(node.body, inner_path, &) if node.body
+        end
+
+        def visit_module(node, lexical_path, &)
+          module_local_name = constant_path_name(node.constant_path)
+          return if module_local_name.nil?
+
+          inner_path = lexical_path + [module_local_name]
+          walk_for_channels(node.body, inner_path, &) if node.body
+        end
+
+        def build_entry(class_name, path, body)
+          actions = []
+          (body&.compact_child_nodes || []).each do |node|
+            actions << node.name if node.is_a?(Prism::DefNode) && action_def?(node)
+          end
+
+          stream_names, dynamic_streams = collect_stream_registrations(body)
+
+          ChannelIndex::Entry.new(
+            class_name: class_name,
+            file_path: path,
+            action_methods: actions.to_set.freeze,
+            stream_names: stream_names.to_set.freeze,
+            dynamic_streams: dynamic_streams
+          )
+        end
+
+        # Walks the channel body recursively (so
+        # `stream_from` / `stream_for` calls inside
+        # `subscribed` / helper methods are picked up).
+        # Returns `[Array<String>, bool]` — the literal
+        # stream names + whether any dynamic registration
+        # was seen.
+        def collect_stream_registrations(node, names: [], dynamic: false)
+          return [names, dynamic] if node.nil?
+
+          if node.is_a?(Prism::CallNode) && node.receiver.nil?
+            case node.name
+            when :stream_from
+              arg = node.arguments&.arguments&.first
+              if arg.is_a?(Prism::StringNode)
+                names << arg.unescaped
+              else
+                dynamic = true
+              end
+            when :stream_for
+              # Model-scoped stream — name is computed from
+              # the record at runtime; treat as dynamic.
+              dynamic = true
+            end
+          end
+
+          node.compact_child_nodes.each do |child|
+            names, dynamic = collect_stream_registrations(child, names: names, dynamic: dynamic)
+          end
+          [names, dynamic]
+        end
+
+        def action_def?(node)
+          return false if node.receiver.is_a?(Prism::SelfNode)
+          return false if FRAMEWORK_HOOKS.include?(node.name)
+          return false if node.name.to_s.start_with?("_")
+
+          true
+        end
+
+        def constant_path_name(node)
+          return nil if node.nil?
+
+          case node
+          when Prism::ConstantReadNode then node.name.to_s
+          when Prism::ConstantPathNode
+            parts = []
+            current = node
+            while current.is_a?(Prism::ConstantPathNode)
+              parts.unshift(current.name.to_s)
+              current = current.parent
+            end
+            case current
+            when nil then "::#{parts.join('::')}"
+            when Prism::ConstantReadNode then "#{current.name}::#{parts.join('::')}"
+            end
+          end
+        end
+      end
+    end
+  end
+end