@domainlang/language 0.1.81

package/src/services/dependency-analyzer.ts

@@ -0,0 +1,381 @@
+/**
+ * Dependency Analysis Service
+ * 
+ * Provides tools for visualizing and analyzing dependency relationships:
+ * - Dependency tree visualization
+ * - Impact analysis (reverse dependencies)
+ * - Circular dependency detection
+ * - Version policy enforcement
+ */
+
+import type { LockFile } from './git-url-resolver.js';
+import path from 'node:path';
+import fs from 'node:fs/promises';
+import os from 'node:os';
+import YAML from 'yaml';
+
+export interface DependencyTreeNode {
+    /** Package identifier */
+    packageKey: string;
+    /** Locked version */
+    version: string;
+    /** Commit hash */
+    commit: string;
+    /** Direct dependencies */
+    dependencies: DependencyTreeNode[];
+    /** Depth in tree (0 = root) */
+    depth: number;
+}
+
+export interface ReverseDependency {
+    /** Package that depends on the target */
+    dependentPackage: string;
+    /** Version of the dependent package */
+    version: string;
+    /** Type: direct or transitive */
+    type: 'direct' | 'transitive';
+}
+
+export interface VersionPolicy {
+    /** Policy name: latest, stable, or specific version */
+    policy: 'latest' | 'stable' | 'pinned';
+    /** Resolved version */
+    version: string;
+    /** Available versions for policy */
+    availableVersions?: string[];
+}
+
+/**
+ * Analyzes dependency relationships and provides visualization/analysis tools.
+ */
+export class DependencyAnalyzer {
+    /**
+     * Builds a dependency tree from a lock file.
+     * 
+     * @param lockFile - The lock file to analyze
+     * @param workspaceRoot - Workspace root to load dependency metadata
+     * @returns Root nodes of the dependency tree
+     */
+    async buildDependencyTree(lockFile: LockFile, workspaceRoot: string): Promise<DependencyTreeNode[]> {
+        const manifestPath = path.join(workspaceRoot, 'model.yaml');
+        
+        // Load root manifest to get direct dependencies
+        const rootDeps: Record<string, string> = {};
+        try {
+            const content = await fs.readFile(manifestPath, 'utf-8');
+            const manifest = YAML.parse(content) as {
+                dependencies?: Record<string, { source: string; version: string }>;
+            };
+            
+            if (manifest.dependencies) {
+                for (const [, dep] of Object.entries(manifest.dependencies)) {
+                    rootDeps[dep.source] = dep.version;
+                }
+            }
+        } catch {
+            // No manifest or parse error
+        }
+
+        // Build tree for each direct dependency
+        const rootNodes: DependencyTreeNode[] = [];
+        const visited = new Set<string>();
+
+        for (const packageKey of Object.keys(rootDeps)) {
+            const node = await this.buildTreeNode(packageKey, lockFile, workspaceRoot, 0, visited);
+            if (node) {
+                rootNodes.push(node);
+            }
+        }
+
+        return rootNodes;
+    }
+
+    /**
+     * Recursively builds a dependency tree node.
+     */
+    private async buildTreeNode(
+        packageKey: string,
+        lockFile: LockFile,
+        workspaceRoot: string,
+        depth: number,
+        visited: Set<string>
+    ): Promise<DependencyTreeNode | null> {
+        const locked = lockFile.dependencies[packageKey];
+        if (!locked) {
+            return null;
+        }
+
+        // Prevent infinite recursion
+        if (visited.has(packageKey)) {
+            return {
+                packageKey,
+                version: locked.version,
+                commit: locked.commit,
+                dependencies: [], // Don't recurse into already visited
+                depth,
+            };
+        }
+
+        visited.add(packageKey);
+
+        // Load package dependencies from cache
+        const cacheDir = this.getCacheDir(packageKey, locked.commit);
+        const packageDeps = await this.loadPackageDependencies(cacheDir);
+
+        // Build child nodes
+        const children: DependencyTreeNode[] = [];
+        for (const depKey of Object.keys(packageDeps)) {
+            const childNode = await this.buildTreeNode(depKey, lockFile, workspaceRoot, depth + 1, new Set(visited));
+            if (childNode) {
+                children.push(childNode);
+            }
+        }
+
+        return {
+            packageKey,
+            version: locked.version,
+            commit: locked.commit,
+            dependencies: children,
+            depth,
+        };
+    }
+
+    /**
+     * Finds all packages that depend on a given package.
+     * 
+     * @param targetPackage - Package to analyze
+     * @param lockFile - Lock file with all dependencies
+     * @param workspaceRoot - Workspace root
+     * @returns List of reverse dependencies
+     */
+    async findReverseDependencies(
+        targetPackage: string,
+        lockFile: LockFile,
+        workspaceRoot: string
+    ): Promise<ReverseDependency[]> {
+        const reverseDeps: ReverseDependency[] = [];
+        const manifestPath = path.join(workspaceRoot, 'model.yaml');
+
+        // Check if target is a direct dependency of root
+        try {
+            const content = await fs.readFile(manifestPath, 'utf-8');
+            const manifest = YAML.parse(content) as {
+                dependencies?: Record<string, { source: string; version: string }>;
+            };
+
+            if (manifest.dependencies) {
+                for (const [, dep] of Object.entries(manifest.dependencies)) {
+                    if (dep.source === targetPackage) {
+                        reverseDeps.push({
+                            dependentPackage: 'root',
+                            version: 'workspace',
+                            type: 'direct',
+                        });
+                    }
+                }
+            }
+        } catch {
+            // Ignore
+        }
+
+        // Check all other packages in lock file
+        for (const [packageKey, locked] of Object.entries(lockFile.dependencies)) {
+            if (packageKey === targetPackage) {
+                continue;
+            }
+
+            const cacheDir = this.getCacheDir(packageKey, locked.commit);
+            const packageDeps = await this.loadPackageDependencies(cacheDir);
+
+            if (packageDeps[targetPackage]) {
+                reverseDeps.push({
+                    dependentPackage: packageKey,
+                    version: locked.version,
+                    type: 'direct',
+                });
+            }
+        }
+
+        return reverseDeps;
+    }
+
+    /**
+     * Formats a dependency tree as a readable string.
+     */
+    formatDependencyTree(nodes: DependencyTreeNode[], options: { showCommits?: boolean } = {}): string {
+        const lines: string[] = [];
+
+        const formatNode = (node: DependencyTreeNode, prefix: string, isLast: boolean): void => {
+            const branch = isLast ? '└── ' : '├── ';
+            const versionStr = options.showCommits
+                ? `${node.version} (${node.commit.substring(0, 7)})`
+                : node.version;
+            
+            lines.push(`${prefix}${branch}${node.packageKey}@${versionStr}`);
+
+            const childPrefix = prefix + (isLast ? '    ' : '│   ');
+            node.dependencies.forEach((child, index) => {
+                const isLastChild = index === node.dependencies.length - 1;
+                formatNode(child, childPrefix, isLastChild);
+            });
+        };
+
+        nodes.forEach((node, index) => {
+            formatNode(node, '', index === nodes.length - 1);
+        });
+
+        return lines.join('\n');
+    }
+
+    /**
+     * Detects circular dependencies in a dependency graph.
+     */
+    async detectCircularDependencies(lockFile: LockFile): Promise<string[][]> {
+        const cycles: string[][] = [];
+        const visiting = new Set<string>();
+        const completed = new Set<string>();
+
+        const dfs = async (packageKey: string, path: string[]): Promise<void> => {
+            if (visiting.has(packageKey)) {
+                const cycleStart = path.indexOf(packageKey);
+                const cycle = cycleStart >= 0
+                    ? [...path.slice(cycleStart), packageKey]
+                    : [...path, packageKey];
+                cycles.push(cycle);
+                return;
+            }
+
+            if (completed.has(packageKey)) {
+                return;
+            }
+
+            visiting.add(packageKey);
+
+            const locked = lockFile.dependencies[packageKey];
+            if (locked) {
+                const cacheDir = this.getCacheDir(packageKey, locked.commit);
+                const deps = await this.loadPackageDependencies(cacheDir);
+
+                for (const depKey of Object.keys(deps)) {
+                    await dfs(depKey, [...path, packageKey]);
+                }
+            }
+
+            visiting.delete(packageKey);
+            completed.add(packageKey);
+        };
+
+        for (const packageKey of Object.keys(lockFile.dependencies)) {
+            await dfs(packageKey, []);
+        }
+
+        return cycles;
+    }
+
+    /**
+     * Resolves version policies (latest, stable) to concrete versions.
+     */
+    async resolveVersionPolicy(
+        packageKey: string,
+        policy: string,
+        availableVersions: string[]
+    ): Promise<VersionPolicy> {
+        if (policy === 'latest') {
+            // Return the most recent version
+            const sorted = this.sortVersions(availableVersions);
+            return {
+                policy: 'latest',
+                version: sorted[0] || 'main',
+                availableVersions: sorted,
+            };
+        }
+
+        if (policy === 'stable') {
+            // Return the most recent stable version (exclude pre-release)
+            const stable = availableVersions.filter(v => !this.isPreRelease(v));
+            const sorted = this.sortVersions(stable);
+            return {
+                policy: 'stable',
+                version: sorted[0] || 'main',
+                availableVersions: sorted,
+            };
+        }
+
+        // Pinned version
+        return {
+            policy: 'pinned',
+            version: policy,
+        };
+    }
+
+    /**
+     * Gets the cache directory for a package.
+     */
+    private getCacheDir(packageKey: string, commit: string): string {
+        const [owner, repo] = packageKey.split('/');
+        return path.join(
+            os.homedir(),
+            '.dlang',
+            'cache',
+            'github', // Assume GitHub for now
+            owner,
+            repo,
+            commit
+        );
+    }
+
+    /**
+     * Loads dependencies from a cached package.
+     */
+    private async loadPackageDependencies(cacheDir: string): Promise<Record<string, string>> {
+        const manifestPath = path.join(cacheDir, 'model.yaml');
+
+        try {
+            const content = await fs.readFile(manifestPath, 'utf-8');
+            const manifest = YAML.parse(content) as {
+                dependencies?: Record<string, { source: string; version: string }>;
+            };
+
+            const deps: Record<string, string> = {};
+            if (manifest.dependencies) {
+                for (const [, dep] of Object.entries(manifest.dependencies)) {
+                    deps[dep.source] = dep.version;
+                }
+            }
+
+            return deps;
+        } catch {
+            return {};
+        }
+    }
+
+    /**
+     * Sorts versions in descending order (newest first).
+     */
+    private sortVersions(versions: string[]): string[] {
+        return versions.sort((a, b) => {
+            // Simple lexicographic sort (good enough for basic semver)
+            // Production: use semver library
+            const aParts = a.replace(/^v/, '').split('.').map(Number);
+            const bParts = b.replace(/^v/, '').split('.').map(Number);
+
+            for (let i = 0; i < Math.max(aParts.length, bParts.length); i++) {
+                const aNum = aParts[i] || 0;
+                const bNum = bParts[i] || 0;
+                if (aNum !== bNum) {
+                    return bNum - aNum; // Descending
+                }
+            }
+
+            return 0;
+        });
+    }
+
+    /**
+     * Checks if a version is a pre-release.
+     */
+    private isPreRelease(version: string): boolean {
+        const clean = version.replace(/^v/, '');
+        return /-(alpha|beta|rc|pre|dev)/.test(clean);
+    }
+}

package/src/services/dependency-resolver.ts

@@ -0,0 +1,334 @@
+/**
+ * Dependency Resolution Service
+ * 
+ * Discovers and resolves transitive dependencies for DomainLang packages.
+ * Generates lock files for reproducible builds.
+ * 
+ * Algorithm:
+ * 1. Parse root model.yaml
+ * 2. Download all direct dependencies
+ * 3. Parse each dependency's model.yaml
+ * 4. Recursively discover transitive dependencies
+ * 5. Resolve version constraints (simple: use latest satisfying version)
+ * 6. Generate lock file with pinned commit hashes
+ */
+
+import path from 'node:path';
+import fs from 'node:fs/promises';
+import YAML from 'yaml';
+import { GitUrlParser, GitUrlResolver, PackageMetadata, LockFile, LockedDependency } from './git-url-resolver.js';
+
+/**
+ * Dependency graph node representing a package and its dependencies.
+ */
+export interface DependencyNode {
+    /** Package identifier (owner/repo) */
+    packageKey: string;
+    /** Version constraint from parent (e.g., "^1.0.0") */
+    versionConstraint: string;
+    /** Resolved version */
+    resolvedVersion?: string;
+    /** Resolved commit hash */
+    commitHash?: string;
+    /** Full git URL */
+    repoUrl?: string;
+    /** Direct dependencies of this package */
+    dependencies: Record<string, string>;
+    /** Parent packages that depend on this one */
+    dependents: string[];
+}
+
+/**
+ * Dependency graph for the entire workspace.
+ */
+export interface DependencyGraph {
+    /** All discovered packages, keyed by owner/repo */
+    nodes: Record<string, DependencyNode>;
+    /** Root package name */
+    root: string;
+}
+
+/**
+ * Resolves dependencies and generates lock files.
+ */
+export type { LockFile, PackageMetadata } from './git-url-resolver.js';
+export class DependencyResolver {
+    private gitResolver: GitUrlResolver;
+    private workspaceRoot: string;
+
+    constructor(workspaceRoot: string, gitResolver?: GitUrlResolver) {
+        this.workspaceRoot = workspaceRoot;
+        this.gitResolver = gitResolver || new GitUrlResolver();
+    }
+
+    /**
+     * Resolves all dependencies for a workspace.
+     * 
+     * Process:
+     * 1. Load root model.yaml
+     * 2. Build dependency graph (discover transitive deps)
+     * 3. Resolve version constraints
+     * 4. Generate lock file
+     * 5. Download all dependencies to cache
+     * 
+     * @returns Generated lock file
+     */
+    async resolveDependencies(): Promise<LockFile> {
+        // Load root package config
+        const rootConfig = await this.loadPackageConfig(this.workspaceRoot);
+        
+        if (!rootConfig.dependencies || Object.keys(rootConfig.dependencies).length === 0) {
+            // No dependencies
+            return { version: '1', dependencies: {} };
+        }
+
+        // Build dependency graph
+        const graph = await this.buildDependencyGraph(rootConfig);
+
+        // Resolve version constraints
+        await this.resolveVersions(graph);
+
+        // Generate and return lock file (caller writes to disk)
+        return this.generateLockFile(graph);
+    }
+
+    /**
+     * Builds the complete dependency graph by recursively discovering transitive dependencies.
+     */
+    private async buildDependencyGraph(rootConfig: PackageMetadata): Promise<DependencyGraph> {
+        const graph: DependencyGraph = {
+            nodes: {},
+            root: rootConfig.name || 'root',
+        };
+
+        // Process root dependencies
+        const queue: Array<{ packageKey: string; versionConstraint: string; parent: string }> = [];
+        
+        for (const [depName, versionConstraint] of Object.entries(rootConfig.dependencies || {})) {
+            queue.push({ 
+                packageKey: depName, 
+                versionConstraint, 
+                parent: graph.root 
+            });
+        }
+
+        // BFS to discover all transitive dependencies
+        const visited = new Set<string>();
+
+        while (queue.length > 0) {
+            const entry = queue.shift();
+            if (!entry) break;
+            const { packageKey, versionConstraint, parent } = entry;
+
+            // Skip if already processed
+            if (visited.has(packageKey)) {
+                // Update dependents list
+                if (!graph.nodes[packageKey].dependents.includes(parent)) {
+                    graph.nodes[packageKey].dependents.push(parent);
+                }
+                continue;
+            }
+            visited.add(packageKey);
+
+            // Parse package identifier
+            const gitInfo = GitUrlParser.parse(packageKey);
+            
+            // Download package to get its dlang.toml
+            const packageUri = await this.gitResolver.resolve(packageKey);
+            const packageDir = path.dirname(packageUri.fsPath);
+
+            // Load package config
+            const packageConfig = await this.loadPackageConfig(packageDir);
+
+            // Add to graph
+            graph.nodes[packageKey] = {
+                packageKey,
+                versionConstraint,
+                repoUrl: gitInfo.repoUrl,
+                dependencies: packageConfig.dependencies || {},
+                dependents: [parent],
+            };
+
+            // Queue transitive dependencies
+            for (const [transDepName, transVersionConstraint] of Object.entries(packageConfig.dependencies || {})) {
+                queue.push({
+                    packageKey: transDepName,
+                    versionConstraint: transVersionConstraint,
+                    parent: packageKey,
+                });
+            }
+        }
+
+        return graph;
+    }
+
+    /**
+     * Resolves version constraints to specific versions.
+     * 
+     * Simple algorithm: Use the latest version that satisfies all constraints.
+     * Future: Implement proper semantic versioning resolution.
+     */
+    private async resolveVersions(graph: DependencyGraph): Promise<void> {
+        for (const [packageKey, node] of Object.entries(graph.nodes)) {
+            // Parse package to get repo info
+            const gitInfo = GitUrlParser.parse(packageKey);
+
+            // For now, resolve to the version specified in the constraint
+            // Future: Implement proper semver range resolution
+            const version = this.extractVersionFromConstraint(node.versionConstraint);
+            
+            // Resolve version to commit hash
+            const commitHash = await this.resolveCommitHash(gitInfo.repoUrl, version);
+
+            node.resolvedVersion = version;
+            node.commitHash = commitHash;
+        }
+    }
+
+    /**
+     * Extracts a version from a constraint string.
+     * 
+     * Examples:
+     * - "^1.0.0" → "1.0.0"
+     * - "~2.3.0" → "2.3.0"
+     * - "1.5.0" → "1.5.0"
+     * - "owner/repo@1.0.0" → "1.0.0"
+     * 
+     * Future: Implement proper semver range parsing and resolution.
+     */
+    private extractVersionFromConstraint(constraint: string): string {
+        // Remove semver operators
+        let version = constraint.replace(/^[\^~>=<]/, '');
+        
+        // Extract version from full import URL if present
+        if (version.includes('@')) {
+            version = version.split('@')[1];
+        }
+        
+        return version || 'main';
+    }
+
+    /**
+     * Resolves a version (tag/branch) to a commit hash using git ls-remote.
+     */
+    private async resolveCommitHash(repoUrl: string, version: string): Promise<string> {
+        // This is a placeholder - the actual implementation is in GitUrlResolver
+        // We need to extract it or call the resolver
+        const gitInfo = GitUrlParser.parse(`${repoUrl}@${version}`);
+        const uri = await this.gitResolver.resolve(gitInfo.original);
+        
+        // Extract commit hash from cache path
+        // Cache format: ~/.dlang/cache/{platform}/{owner}/{repo}/{commit-hash}/
+        const pathParts = uri.fsPath.split(path.sep);
+        const commitHashIndex = pathParts.length - 2; // Second to last segment
+        return pathParts[commitHashIndex];
+    }
+
+    /**
+     * Generates a lock file from the resolved dependency graph.
+     */
+    private generateLockFile(graph: DependencyGraph): LockFile {
+        const dependencies: Record<string, LockedDependency> = {};
+
+        for (const [packageKey, node] of Object.entries(graph.nodes)) {
+            if (!node.resolvedVersion || !node.commitHash) {
+                throw new Error(`Failed to resolve version for ${packageKey}`);
+            }
+
+            dependencies[packageKey] = {
+                version: node.resolvedVersion,
+                resolved: node.repoUrl || '',
+                commit: node.commitHash,
+                // Future: Calculate integrity hash
+            };
+        }
+
+        return {
+            version: '1',
+            dependencies,
+        };
+    }
+
+    /**
+     * Loads and parses a package's model.yaml file.
+     */
+    private async loadPackageConfig(packageDir: string): Promise<PackageMetadata> {
+        const yamlPath = path.join(packageDir, 'model.yaml');
+
+        try {
+            const yamlContent = await fs.readFile(yamlPath, 'utf-8');
+            return this.parseYaml(yamlContent);
+        } catch {
+            // No model.yaml found
+            return {};
+        }
+    }
+
+    /**
+     * Parses model.yaml content.
+     * 
+     * Expected structure:
+     * model:
+     *   name: package-name
+     *   version: 1.0.0
+     *   entry: index.dlang
+     * 
+     * dependencies:
+     *   package-name:
+     *     source: owner/repo
+     *     version: ^1.0.0
+     */
+    private parseYaml(content: string): PackageMetadata {
+        const parsed = YAML.parse(content) as {
+            model?: {
+                name?: string;
+                version?: string;
+                entry?: string;
+            };
+            dependencies?: Record<string, { source?: string; version?: string }>;
+        };
+
+        const config: PackageMetadata = {};
+
+        if (parsed.model) {
+            config.name = parsed.model.name;
+            config.version = parsed.model.version;
+            config.main = parsed.model.entry;
+        }
+
+        if (parsed.dependencies) {
+            config.dependencies = {};
+            for (const [, depInfo] of Object.entries(parsed.dependencies)) {
+                if (depInfo.source) {
+                    const versionConstraint = depInfo.version || 'main';
+                    // Store as "source@version" for consistency with import resolution
+                    config.dependencies[depInfo.source] = versionConstraint;
+                }
+            }
+        }
+
+        return config;
+    }
+
+    /**
+     * Loads an existing lock file from disk.
+     */
+    static async loadLockFile(workspaceRoot: string): Promise<LockFile | undefined> {
+        const lockPath = path.join(workspaceRoot, 'model.lock');
+
+        try {
+            const content = await fs.readFile(lockPath, 'utf-8');
+            return JSON.parse(content) as LockFile;
+        } catch {
+            // No lock file
+            return undefined;
+        }
+    }
+
+    /**
+     * Parses a lock file from JSON format.
+     */
+    static parseLockFile(content: string): LockFile {
+        return JSON.parse(content) as LockFile;
+    }
+}