@codexstar/bug-hunter 3.0.0 → 3.0.6

package/schemas/fix-plan.schema.json

@@ -0,0 +1,94 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "schemaVersion": 1,
+  "artifact": "fix-plan",
+  "title": "Bug Hunter Fix Plan Artifact",
+  "type": "object",
+  "required": [
+    "generatedAt",
+    "confidenceThreshold",
+    "canarySize",
+    "totals",
+    "canary",
+    "rollout",
+    "manualReview"
+  ],
+  "properties": {
+    "generatedAt": { "type": "string", "minLength": 1 },
+    "confidenceThreshold": { "type": "integer", "minimum": 1 },
+    "canarySize": { "type": "integer", "minimum": 1 },
+    "totals": {
+      "type": "object",
+      "required": ["findings", "eligible", "canary", "rollout", "manualReview"],
+      "properties": {
+        "findings": { "type": "integer", "minimum": 0 },
+        "eligible": { "type": "integer", "minimum": 0 },
+        "canary": { "type": "integer", "minimum": 0 },
+        "rollout": { "type": "integer", "minimum": 0 },
+        "manualReview": { "type": "integer", "minimum": 0 }
+      },
+      "additionalProperties": false
+    },
+    "canary": { "$ref": "#/definitions/fixPlanEntries" },
+    "rollout": { "$ref": "#/definitions/fixPlanEntries" },
+    "manualReview": { "$ref": "#/definitions/fixPlanEntries" }
+  },
+  "definitions": {
+    "fixPlanEntries": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "required": [
+          "bugId",
+          "severity",
+          "category",
+          "file",
+          "lines",
+          "claim",
+          "evidence",
+          "runtimeTrigger",
+          "crossReferences",
+          "confidenceScore",
+          "strategy",
+          "executionStage",
+          "autofixEligible",
+          "reason"
+        ],
+        "properties": {
+          "bugId": { "type": "string", "minLength": 1 },
+          "severity": { "type": "string", "enum": ["Critical", "Medium", "Low"] },
+          "category": { "type": "string", "minLength": 1 },
+          "file": { "type": "string", "minLength": 1 },
+          "lines": { "type": "string", "minLength": 1 },
+          "claim": { "type": "string", "minLength": 1 },
+          "evidence": { "type": "string", "minLength": 1 },
+          "runtimeTrigger": { "type": "string", "minLength": 1 },
+          "crossReferences": {
+            "type": "array",
+            "items": { "type": "string", "minLength": 1 }
+          },
+          "confidenceScore": { "type": "number", "minimum": 0, "maximum": 100 },
+          "confidenceLabel": { "type": "string", "enum": ["high", "medium", "low"] },
+          "stride": { "type": "string", "minLength": 1 },
+          "cwe": { "type": "string", "minLength": 1 },
+          "key": { "type": "string", "minLength": 1 },
+          "status": { "type": "string", "minLength": 1 },
+          "source": { "type": "string", "minLength": 1 },
+          "updatedAt": { "type": "string", "minLength": 1 },
+          "strategy": {
+            "type": "string",
+            "enum": ["safe-autofix", "manual-review", "larger-refactor", "architectural-remediation"]
+          },
+          "executionStage": {
+            "type": "string",
+            "enum": ["canary", "rollout", "manual-review", "report-only"]
+          },
+          "autofixEligible": { "type": "boolean" },
+          "reason": { "type": "string", "minLength": 1 }
+        },
+        "additionalProperties": false
+      }
+    }
+  },
+  "additionalProperties": false
+}

package/schemas/fix-report.schema.json

@@ -0,0 +1,105 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "schemaVersion": 1,
+  "artifact": "fix-report",
+  "title": "Bug Hunter Fix Report Artifact",
+  "type": "object",
+  "required": [
+    "version",
+    "fix_branch",
+    "base_commit",
+    "dry_run",
+    "circuit_breaker_tripped",
+    "phase2_timeout_hit",
+    "fixes",
+    "verification",
+    "summary"
+  ],
+  "properties": {
+    "version": { "type": "string", "minLength": 1 },
+    "fix_branch": { "type": "string", "minLength": 1 },
+    "base_commit": { "type": "string", "minLength": 1 },
+    "dry_run": { "type": "boolean" },
+    "circuit_breaker_tripped": { "type": "boolean" },
+    "phase2_timeout_hit": { "type": "boolean" },
+    "fixes": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "required": ["bugId", "severity", "status", "files", "lines"],
+        "properties": {
+          "bugId": { "type": "string", "minLength": 1 },
+          "severity": {
+            "type": "string",
+            "enum": ["CRITICAL", "HIGH", "MEDIUM", "LOW", "Critical", "Medium", "Low"]
+          },
+          "status": { "type": "string", "minLength": 1 },
+          "files": {
+            "type": "array",
+            "items": { "type": "string", "minLength": 1 }
+          },
+          "lines": { "type": "string", "minLength": 1 },
+          "commit": { "type": "string", "minLength": 1 },
+          "description": { "type": "string", "minLength": 1 },
+          "reason": { "type": "string", "minLength": 1 }
+        },
+        "additionalProperties": false
+      }
+    },
+    "verification": {
+      "type": "object",
+      "required": [
+        "baseline_pass",
+        "baseline_fail",
+        "flaky_tests",
+        "final_pass",
+        "final_fail",
+        "new_failures",
+        "resolved_failures",
+        "typecheck_pass",
+        "build_pass",
+        "fixer_bugs_found"
+      ],
+      "properties": {
+        "baseline_pass": { "type": "integer", "minimum": 0 },
+        "baseline_fail": { "type": "integer", "minimum": 0 },
+        "flaky_tests": { "type": "integer", "minimum": 0 },
+        "final_pass": { "type": "integer", "minimum": 0 },
+        "final_fail": { "type": "integer", "minimum": 0 },
+        "new_failures": { "type": "integer", "minimum": 0 },
+        "resolved_failures": { "type": "integer", "minimum": 0 },
+        "typecheck_pass": { "type": "boolean" },
+        "build_pass": { "type": "boolean" },
+        "fixer_bugs_found": { "type": "integer", "minimum": 0 }
+      },
+      "additionalProperties": false
+    },
+    "summary": {
+      "type": "object",
+      "required": [
+        "total_confirmed",
+        "eligible",
+        "manual_review",
+        "fixed",
+        "fix_reverted",
+        "fix_failed",
+        "skipped",
+        "fixer_bug",
+        "partial"
+      ],
+      "properties": {
+        "total_confirmed": { "type": "integer", "minimum": 0 },
+        "eligible": { "type": "integer", "minimum": 0 },
+        "manual_review": { "type": "integer", "minimum": 0 },
+        "fixed": { "type": "integer", "minimum": 0 },
+        "fix_reverted": { "type": "integer", "minimum": 0 },
+        "fix_failed": { "type": "integer", "minimum": 0 },
+        "skipped": { "type": "integer", "minimum": 0 },
+        "fixer_bug": { "type": "integer", "minimum": 0 },
+        "partial": { "type": "integer", "minimum": 0 }
+      },
+      "additionalProperties": false
+    }
+  },
+  "additionalProperties": false
+}

package/schemas/fix-strategy.schema.json

@@ -0,0 +1,99 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "schemaVersion": 1,
+  "artifact": "fix-strategy",
+  "title": "Bug Hunter Fix Strategy Artifact",
+  "type": "object",
+  "required": [
+    "version",
+    "generatedAt",
+    "confidenceThreshold",
+    "summary",
+    "clusters"
+  ],
+  "properties": {
+    "version": { "type": "string", "minLength": 1 },
+    "generatedAt": { "type": "string", "minLength": 1 },
+    "confidenceThreshold": { "type": "integer", "minimum": 1 },
+    "summary": {
+      "type": "object",
+      "required": [
+        "confirmed",
+        "safeAutofix",
+        "manualReview",
+        "largerRefactor",
+        "architecturalRemediation",
+        "canaryCandidates",
+        "rolloutCandidates"
+      ],
+      "properties": {
+        "confirmed": { "type": "integer", "minimum": 0 },
+        "safeAutofix": { "type": "integer", "minimum": 0 },
+        "manualReview": { "type": "integer", "minimum": 0 },
+        "largerRefactor": { "type": "integer", "minimum": 0 },
+        "architecturalRemediation": { "type": "integer", "minimum": 0 },
+        "canaryCandidates": { "type": "integer", "minimum": 0 },
+        "rolloutCandidates": { "type": "integer", "minimum": 0 }
+      },
+      "additionalProperties": false
+    },
+    "clusters": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "required": [
+          "clusterId",
+          "strategy",
+          "executionStage",
+          "autofixEligible",
+          "bugIds",
+          "files",
+          "maxSeverity",
+          "summary",
+          "recommendedAction",
+          "reasons"
+        ],
+        "properties": {
+          "clusterId": { "type": "string", "minLength": 1 },
+          "strategy": {
+            "type": "string",
+            "enum": [
+              "safe-autofix",
+              "manual-review",
+              "larger-refactor",
+              "architectural-remediation"
+            ]
+          },
+          "executionStage": {
+            "type": "string",
+            "enum": ["canary", "rollout", "manual-review", "report-only"]
+          },
+          "autofixEligible": { "type": "boolean" },
+          "bugIds": {
+            "type": "array",
+            "minItems": 1,
+            "items": { "type": "string", "minLength": 1 }
+          },
+          "files": {
+            "type": "array",
+            "minItems": 1,
+            "items": { "type": "string", "minLength": 1 }
+          },
+          "maxSeverity": {
+            "type": "string",
+            "enum": ["CRITICAL", "HIGH", "MEDIUM", "LOW", "Critical", "High", "Medium", "Low"]
+          },
+          "summary": { "type": "string", "minLength": 1 },
+          "recommendedAction": { "type": "string", "minLength": 1 },
+          "reasons": {
+            "type": "array",
+            "minItems": 1,
+            "items": { "type": "string", "minLength": 1 }
+          }
+        },
+        "additionalProperties": false
+      }
+    }
+  },
+  "additionalProperties": false
+}

package/schemas/recon.schema.json

@@ -0,0 +1,31 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "schemaVersion": 1,
+  "artifact": "recon",
+  "title": "Bug Hunter Recon Artifact",
+  "type": "object",
+  "required": ["critical", "high", "medium", "contextOnly"],
+  "properties": {
+    "critical": {
+      "type": "array",
+      "items": { "type": "string", "minLength": 1 }
+    },
+    "high": {
+      "type": "array",
+      "items": { "type": "string", "minLength": 1 }
+    },
+    "medium": {
+      "type": "array",
+      "items": { "type": "string", "minLength": 1 }
+    },
+    "contextOnly": {
+      "type": "array",
+      "items": { "type": "string", "minLength": 1 }
+    },
+    "notes": {
+      "type": "array",
+      "items": { "type": "string", "minLength": 1 }
+    }
+  },
+  "additionalProperties": false
+}

package/schemas/referee.schema.json

@@ -0,0 +1,46 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "schemaVersion": 1,
+  "artifact": "referee",
+  "title": "Bug Hunter Referee Artifact",
+  "type": "array",
+  "items": {
+    "type": "object",
+    "required": [
+      "bugId",
+      "verdict",
+      "trueSeverity",
+      "confidenceScore",
+      "confidenceLabel",
+      "verificationMode",
+      "analysisSummary"
+    ],
+    "properties": {
+      "bugId": { "type": "string", "minLength": 1 },
+      "verdict": {
+        "type": "string",
+        "enum": ["REAL_BUG", "NOT_A_BUG", "MANUAL_REVIEW"]
+      },
+      "trueSeverity": {
+        "type": "string",
+        "enum": ["Critical", "Medium", "Low"]
+      },
+      "confidenceScore": {
+        "type": "number",
+        "minimum": 0,
+        "maximum": 100
+      },
+      "confidenceLabel": {
+        "type": "string",
+        "enum": ["high", "medium", "low"]
+      },
+      "verificationMode": {
+        "type": "string",
+        "enum": ["INDEPENDENTLY_VERIFIED", "EVIDENCE_BASED"]
+      },
+      "analysisSummary": { "type": "string", "minLength": 1 },
+      "suggestedFix": { "type": "string", "minLength": 1 }
+    },
+    "additionalProperties": false
+  }
+}

package/schemas/shared.schema.json

@@ -0,0 +1,51 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "schemaVersion": 1,
+  "artifact": "shared",
+  "title": "Bug Hunter Shared Definitions",
+  "$defs": {
+    "severity": {
+      "type": "string",
+      "enum": ["Critical", "Medium", "Low"]
+    },
+    "category": {
+      "type": "string",
+      "enum": [
+        "logic",
+        "security",
+        "error-handling",
+        "concurrency",
+        "edge-case",
+        "data-integrity",
+        "type-safety",
+        "resource-leak",
+        "api-contract",
+        "cross-file"
+      ]
+    },
+    "stride": {
+      "type": "string",
+      "enum": [
+        "Spoofing",
+        "Tampering",
+        "Repudiation",
+        "InfoDisclosure",
+        "DoS",
+        "ElevationOfPrivilege",
+        "N/A"
+      ]
+    },
+    "verificationMode": {
+      "type": "string",
+      "enum": ["INDEPENDENTLY_VERIFIED", "EVIDENCE_BASED"]
+    },
+    "confidenceLabel": {
+      "type": "string",
+      "enum": ["high", "medium", "low"]
+    },
+    "coverageStatus": {
+      "type": "string",
+      "enum": ["pending", "in_progress", "done", "failed"]
+    }
+  }
+}

package/schemas/skeptic.schema.json

@@ -0,0 +1,21 @@
+{
+  "$schema": "http://json-schema.org/draft-07/schema#",
+  "schemaVersion": 1,
+  "artifact": "skeptic",
+  "title": "Bug Hunter Skeptic Artifact",
+  "type": "array",
+  "items": {
+    "type": "object",
+    "required": ["bugId", "response", "analysisSummary"],
+    "properties": {
+      "bugId": { "type": "string", "minLength": 1 },
+      "response": {
+        "type": "string",
+        "enum": ["ACCEPT", "DISPROVE", "MANUAL_REVIEW"]
+      },
+      "analysisSummary": { "type": "string", "minLength": 1 },
+      "counterEvidence": { "type": "string", "minLength": 1 }
+    },
+    "additionalProperties": false
+  }
+}

package/scripts/bug-hunter-state.cjs

@@ -3,6 +3,7 @@
 const crypto = require('crypto');
 const fs = require('fs');
 const path = require('path');
+const { validateArtifactValue } = require('./schema-runtime.cjs');
 
 const VALID_CHUNK_STATUS = new Set(['pending', 'in_progress', 'done', 'failed']);
 const DEFAULT_CHUNK_SIZE = 30;
@@ -163,7 +164,7 @@ function assertArray(value, label) {
   }
 }
 
-function toConfidence(value) {
+function toConfidenceScore(value) {
   if (value === null || value === undefined || value === '') {
     return null;
   }
@@ -270,19 +271,26 @@ function main() {
     }
     const state = readState(statePath);
     const findings = readJson(findingsJsonPath);
-    assertArray(findings, 'findingsJson');
+    const validation = validateArtifactValue({
+      artifactName: 'findings',
+      value: findings
+    });
+    if (!validation.ok) {
+      throw new Error(`Invalid findings artifact: ${validation.errors.join('; ')}`);
+    }
 
     let inserted = 0;
     let updated = 0;
     for (const finding of findings) {
       const file = String(finding.file || '').trim();
-      if (!file) {
-        continue;
-      }
       const lines = String(finding.lines || '').trim();
       const claim = String(finding.claim || '').trim();
       const severity = String(finding.severity || 'Low');
-      const confidence = toConfidence(finding.confidence);
+      const category = String(finding.category || '').trim();
+      const evidence = String(finding.evidence || '').trim();
+      const runtimeTrigger = String(finding.runtimeTrigger || '').trim();
+      const crossReferences = Array.isArray(finding.crossReferences) ? finding.crossReferences : [];
+      const confidenceScore = toConfidenceScore(finding.confidenceScore);
       const bugId = String(finding.bugId || '').trim();
       const key = `${file}|${lines}|${claim}`;
       const existing = state.bugLedger.find((entry) => entry.key === key);
@@ -293,8 +301,12 @@ function main() {
           severity,
           file,
           lines,
+          category,
           claim,
-          confidence,
+          evidence,
+          runtimeTrigger,
+          crossReferences,
+          confidenceScore,
           status: 'open',
           source,
           updatedAt: nowIso()
@@ -310,10 +322,14 @@ function main() {
       if (!existing.bugId && bugId) {
         existing.bugId = bugId;
       }
-      if (existing.confidence === null && confidence !== null) {
-        existing.confidence = confidence;
-      } else if (existing.confidence !== null && confidence !== null) {
-        existing.confidence = Math.max(existing.confidence, confidence);
+      existing.category = category || existing.category;
+      existing.evidence = evidence || existing.evidence;
+      existing.runtimeTrigger = runtimeTrigger || existing.runtimeTrigger;
+      existing.crossReferences = crossReferences.length > 0 ? crossReferences : existing.crossReferences;
+      if (existing.confidenceScore === null && confidenceScore !== null) {
+        existing.confidenceScore = confidenceScore;
+      } else if (existing.confidenceScore !== null && confidenceScore !== null) {
+        existing.confidenceScore = Math.max(existing.confidenceScore, confidenceScore);
       }
       existing.updatedAt = nowIso();
       existing.source = source;
@@ -323,7 +339,7 @@ function main() {
     state.metrics.findingsTotal += findings.length;
     state.metrics.findingsUnique = state.bugLedger.length;
     state.metrics.lowConfidenceFindings = state.bugLedger.filter((entry) => {
-      return entry.confidence === null || entry.confidence < 75;
+      return entry.confidenceScore === null || entry.confidenceScore < 75;
     }).length;
     saveState(statePath, state);
     console.log(JSON.stringify({
@@ -495,6 +511,13 @@ function main() {
     }
     const state = readState(statePath);
     const fixPlan = readJson(fixPlanJsonPath);
+    const validation = validateArtifactValue({
+      artifactName: 'fix-plan',
+      value: fixPlan
+    });
+    if (!validation.ok) {
+      throw new Error(`Invalid fix-plan artifact: ${validation.errors.join('; ')}`);
+    }
     state.fixPlan = fixPlan;
     saveState(statePath, state);
     console.log(JSON.stringify({

package/scripts/code-index.cjs

@@ -453,11 +453,18 @@ function queryBugs(indexPath, bugsJsonPath, hopsRaw) {
     .map((bug) => String((bug && bug.file) || '').trim())
     .filter(Boolean)
     .map((filePath) => path.resolve(filePath));
-  const tempSeedPath = path.join(path.dirname(path.resolve(bugsJsonPath)), '.seed-files.tmp.json');
+  const tempSeedPath = path.join(
+    path.dirname(path.resolve(bugsJsonPath)),
+    `.seed-files.${process.pid}.${Date.now()}.${crypto.randomUUID()}.tmp.json`
+  );
   writeJson(tempSeedPath, seedFiles);
-  const result = query(indexPath, tempSeedPath, hopsRaw);
-  fs.unlinkSync(tempSeedPath);
-  return result;
+  try {
+    return query(indexPath, tempSeedPath, hopsRaw);
+  } finally {
+    if (fs.existsSync(tempSeedPath)) {
+      fs.unlinkSync(tempSeedPath);
+    }
+  }
 }
 
 function main() {