@dotsetlabs/tollgate 0.2.2 → 0.3.0

package/dist/guard/learning/pattern-extractor.js

@@ -0,0 +1,372 @@
+/**
+ * Pattern Extractor for Shell Guardian Learning System
+ *
+ * Extracts normalizable patterns from commands to identify
+ * similar command structures across different arguments.
+ */
+import { parseCommand } from '../preview/parser.js';
+/**
+ * Known argument patterns for normalization.
+ */
+const ARGUMENT_PATTERNS = [
+    // URLs
+    { pattern: /^https?:\/\/[^\s]+$/, type: 'url' },
+    // Git branches/refs
+    { pattern: /^(origin|upstream)\/[\w-]+$/, type: 'branch', context: ['git'] },
+    { pattern: /^(main|master|develop|HEAD|HEAD~\d+)$/, type: 'branch', context: ['git'] },
+    // Process IDs
+    { pattern: /^\d{2,6}$/, type: 'pid', context: ['kill', 'pkill'] },
+    // Signals
+    { pattern: /^-?(TERM|KILL|HUP|INT|QUIT|USR1|USR2|\d{1,2})$/, type: 'signal', context: ['kill'] },
+    // Permissions (octal)
+    { pattern: /^[0-7]{3,4}$/, type: 'permission', context: ['chmod'] },
+    // Common node_modules pattern
+    { pattern: /^node_modules\/?.*$/, type: 'directory' },
+    // Glob patterns
+    { pattern: /\*|\?|\[.+\]/, type: 'glob' },
+    // Package names (npm style)
+    { pattern: /^@?[\w-]+\/[\w-]+$/, type: 'package' },
+    { pattern: /^[\w-]+@[\d.]+$/, type: 'package' },
+    // Paths with common patterns
+    { pattern: /^[./~].*\/.*$/, type: 'path' },
+    { pattern: /^\/.*$/, type: 'path' },
+    // Files with extensions
+    { pattern: /^[\w.-]+\.\w+$/, type: 'file' },
+    // Directories (ending with /)
+    { pattern: /^[\w.-]+\/$/, type: 'directory' },
+];
+/**
+ * Commands where arguments are typically packages.
+ */
+const PACKAGE_COMMANDS = new Set([
+    'npm install', 'npm uninstall', 'npm update', 'npm remove',
+    'yarn add', 'yarn remove',
+    'pnpm add', 'pnpm remove',
+    'pip install', 'pip uninstall',
+    'cargo add', 'cargo remove',
+    'gem install', 'gem uninstall',
+    'go get',
+]);
+/**
+ * Commands where arguments are typically files/paths.
+ */
+const FILE_COMMANDS = new Set([
+    'rm', 'mv', 'cp', 'cat', 'less', 'head', 'tail', 'touch',
+    'mkdir', 'rmdir', 'chmod', 'chown',
+]);
+/**
+ * Commands where arguments are typically branches.
+ */
+const BRANCH_COMMANDS = new Set([
+    'git checkout', 'git switch', 'git merge', 'git rebase',
+    'git branch', 'git push', 'git pull',
+]);
+/**
+ * Commands where arguments are typically messages.
+ */
+const MESSAGE_COMMANDS = new Set([
+    'git commit',
+]);
+/**
+ * Extract a normalized pattern from a command.
+ *
+ * Examples:
+ *   "rm -rf node_modules" → "rm -rf <directory>"
+ *   "npm install lodash" → "npm install <package>"
+ *   "git commit -m 'fix bug'" → "git commit -m <message>"
+ *   "cat /etc/passwd" → "cat <path>"
+ *
+ * @param command - The command to extract pattern from
+ * @returns Normalized pattern string
+ */
+export function extractPattern(command) {
+    try {
+        const parsed = parseCommand(command);
+        const parts = [];
+        // Add executable
+        parts.push(parsed.executable);
+        // Add subcommand if present
+        if (parsed.subcommand) {
+            parts.push(parsed.subcommand);
+        }
+        // Get full command for context
+        const fullCommand = parsed.subcommand
+            ? `${parsed.executable} ${parsed.subcommand}`
+            : parsed.executable;
+        // Add flags (normalized - just the flag names, not values)
+        const sortedFlags = [...parsed.flags].sort((a, b) => a.name.localeCompare(b.name));
+        for (const flag of sortedFlags) {
+            if (flag.type === 'short') {
+                parts.push(`-${flag.name}`);
+            }
+            else {
+                // For long flags with values, keep the flag but normalize the value
+                if (flag.value) {
+                    const normalizedValue = normalizeArgument(flag.value, fullCommand);
+                    parts.push(`--${flag.name}=${normalizedValue}`);
+                }
+                else {
+                    parts.push(`--${flag.name}`);
+                }
+            }
+        }
+        // Normalize positional arguments
+        for (const arg of parsed.positionalArgs) {
+            const normalized = normalizeArgument(arg, fullCommand);
+            parts.push(normalized);
+        }
+        // Handle pipes recursively
+        if (parsed.pipes.length > 0) {
+            parts.push('|');
+            for (const piped of parsed.pipes) {
+                parts.push(extractPattern(piped.original));
+            }
+        }
+        // Handle redirects
+        for (const redirect of parsed.redirects) {
+            const normalized = normalizeArgument(redirect.target, fullCommand);
+            switch (redirect.type) {
+                case 'stdout':
+                    parts.push(`> ${normalized}`);
+                    break;
+                case 'append':
+                    parts.push(`>> ${normalized}`);
+                    break;
+                case 'stderr':
+                    parts.push(`2> ${normalized}`);
+                    break;
+                case 'stdin':
+                    parts.push(`< ${normalized}`);
+                    break;
+            }
+        }
+        return parts.join(' ');
+    }
+    catch {
+        // If parsing fails, do simple normalization
+        return simpleNormalize(command);
+    }
+}
+/**
+ * Normalize a single argument based on context.
+ */
+function normalizeArgument(arg, context) {
+    // Check for specific command contexts
+    if (PACKAGE_COMMANDS.has(context)) {
+        return '<package>';
+    }
+    if (MESSAGE_COMMANDS.has(context)) {
+        return '<message>';
+    }
+    if (BRANCH_COMMANDS.has(context)) {
+        // Keep common branch names, normalize others
+        if (['main', 'master', 'develop', 'HEAD'].includes(arg)) {
+            return arg;
+        }
+        return '<branch>';
+    }
+    // Check argument patterns
+    for (const pattern of ARGUMENT_PATTERNS) {
+        if (pattern.context && !pattern.context.some(c => context.includes(c))) {
+            continue;
+        }
+        if (pattern.pattern.test(arg)) {
+            return `<${pattern.type}>`;
+        }
+    }
+    // For file commands, normalize paths
+    if (FILE_COMMANDS.has(context.split(' ')[0])) {
+        // Keep known directory names
+        if (isKnownDirectory(arg)) {
+            return arg;
+        }
+        return '<path>';
+    }
+    // Keep short literal arguments (likely options or keywords)
+    if (arg.length <= 10 && /^[\w-]+$/.test(arg)) {
+        return arg;
+    }
+    // Default to generic arg placeholder
+    return '<arg>';
+}
+/**
+ * Check if this is a known directory name worth preserving.
+ */
+function isKnownDirectory(arg) {
+    const knownDirs = [
+        'node_modules', 'vendor', '.git', '.svn',
+        'build', 'dist', 'out', 'target',
+        'src', 'lib', 'test', 'tests', 'spec',
+        '__pycache__', '.pytest_cache', '.venv', 'venv',
+        '.cache', '.npm', '.yarn',
+    ];
+    const baseName = arg.replace(/\/$/, '').split('/').pop() || arg;
+    return knownDirs.includes(baseName);
+}
+/**
+ * Simple normalization when parsing fails.
+ */
+function simpleNormalize(command) {
+    // Replace quoted strings
+    let normalized = command.replace(/"[^"]*"/g, '<string>');
+    normalized = normalized.replace(/'[^']*'/g, '<string>');
+    // Replace paths
+    normalized = normalized.replace(/\/[\w./-]+/g, '<path>');
+    // Replace numbers
+    normalized = normalized.replace(/\b\d+\b/g, '<num>');
+    return normalized;
+}
+/**
+ * Group approval records by their extracted pattern.
+ *
+ * @param records - Approval records to group
+ * @returns Map of pattern to records
+ */
+export function groupByPattern(records) {
+    const groups = new Map();
+    for (const record of records) {
+        const pattern = record.normalizedPattern || extractPattern(record.command);
+        const existing = groups.get(pattern) || [];
+        existing.push(record);
+        groups.set(pattern, existing);
+    }
+    return groups;
+}
+/**
+ * Build learned patterns from grouped records.
+ *
+ * @param groups - Grouped records by pattern
+ * @returns Array of learned patterns
+ */
+export function buildLearnedPatterns(groups) {
+    const patterns = [];
+    for (const [pattern, records] of groups) {
+        if (records.length === 0)
+            continue;
+        const approved = records.filter(r => r.decision === 'approved').length;
+        const denied = records.filter(r => r.decision === 'denied').length;
+        const timeout = records.filter(r => r.decision === 'timeout').length;
+        const total = records.length;
+        const approvalRate = approved / total;
+        const denialRate = denied / total;
+        const timeoutRate = timeout / total;
+        // Calculate confidence based on sample size and consistency
+        const dominantRate = Math.max(approvalRate, denialRate, timeoutRate);
+        const sampleSizeConfidence = Math.min(1, total / 10);
+        const consistency = dominantRate;
+        const confidence = (sampleSizeConfidence + consistency) / 2;
+        // Determine suggested action
+        let suggestedAction;
+        if (approvalRate > 0.9 && total >= 3) {
+            suggestedAction = 'allow';
+        }
+        else if (denialRate > 0.9 && total >= 3) {
+            suggestedAction = 'deny';
+        }
+        else {
+            suggestedAction = 'prompt';
+        }
+        // Calculate average decision time
+        const timesWithDecision = records
+            .filter(r => r.decisionTimeMs !== undefined)
+            .map(r => r.decisionTimeMs);
+        const avgDecisionTimeMs = timesWithDecision.length > 0
+            ? timesWithDecision.reduce((a, b) => a + b, 0) / timesWithDecision.length
+            : undefined;
+        // Build context summary
+        const contextSummary = buildContextSummary(records);
+        // Sort by timestamp to get first/last seen
+        const sorted = [...records].sort((a, b) => new Date(a.timestamp).getTime() - new Date(b.timestamp).getTime());
+        patterns.push({
+            pattern,
+            frequency: total,
+            approvalRate,
+            denialRate,
+            timeoutRate,
+            suggestedAction,
+            confidence,
+            examples: records.slice(0, 5).map(r => r.command),
+            avgDecisionTimeMs,
+            lastSeen: new Date(sorted[sorted.length - 1].timestamp),
+            firstSeen: new Date(sorted[0].timestamp),
+            contextSummary,
+        });
+    }
+    // Sort by frequency
+    return patterns.sort((a, b) => b.frequency - a.frequency);
+}
+/**
+ * Build context summary from records.
+ */
+function buildContextSummary(records) {
+    const projectTypes = {};
+    const riskLevels = {};
+    let alternativeChoices = 0;
+    for (const record of records) {
+        // Project types
+        const pt = record.context.projectType || 'unknown';
+        projectTypes[pt] = (projectTypes[pt] || 0) + 1;
+        // Risk levels
+        riskLevels[record.context.riskLevel] =
+            (riskLevels[record.context.riskLevel] || 0) + 1;
+        // Alternative choices
+        if (record.chosenAlternative) {
+            alternativeChoices++;
+        }
+    }
+    return {
+        projectTypes,
+        riskLevels,
+        alternativeChoiceRate: records.length > 0 ? alternativeChoices / records.length : 0,
+    };
+}
+/**
+ * Calculate similarity between two patterns.
+ *
+ * @param pattern1 - First pattern
+ * @param pattern2 - Second pattern
+ * @returns Similarity score (0-1)
+ */
+export function patternSimilarity(pattern1, pattern2) {
+    const parts1 = pattern1.split(' ');
+    const parts2 = pattern2.split(' ');
+    // Must have same executable
+    if (parts1[0] !== parts2[0]) {
+        return 0;
+    }
+    // Count matching parts
+    let matches = 1; // executable matches
+    const maxParts = Math.max(parts1.length, parts2.length);
+    for (let i = 1; i < Math.min(parts1.length, parts2.length); i++) {
+        if (parts1[i] === parts2[i]) {
+            matches++;
+        }
+        else if (isPlaceholder(parts1[i]) && isPlaceholder(parts2[i])) {
+            // Both are placeholders - partial match
+            matches += 0.5;
+        }
+    }
+    return matches / maxParts;
+}
+/**
+ * Check if a string is a placeholder.
+ */
+function isPlaceholder(s) {
+    return s.startsWith('<') && s.endsWith('>');
+}
+/**
+ * Find similar patterns in a list.
+ */
+export function findSimilarPatterns(target, patterns, threshold = 0.7) {
+    const results = [];
+    for (const pattern of patterns) {
+        if (pattern === target)
+            continue;
+        const similarity = patternSimilarity(target, pattern);
+        if (similarity >= threshold) {
+            results.push({ pattern, similarity });
+        }
+    }
+    return results.sort((a, b) => b.similarity - a.similarity);
+}
+//# sourceMappingURL=pattern-extractor.js.map

package/dist/guard/learning/pattern-extractor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pattern-extractor.js","sourceRoot":"","sources":["../../../src/guard/learning/pattern-extractor.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AA+BpD;;GAEG;AACH,MAAM,iBAAiB,GAAsB;IAC3C,OAAO;IACP,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,KAAK,EAAE;IAE/C,oBAAoB;IACpB,EAAE,OAAO,EAAE,6BAA6B,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,KAAK,CAAC,EAAE;IAC5E,EAAE,OAAO,EAAE,uCAAuC,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,KAAK,CAAC,EAAE;IAEtF,cAAc;IACd,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE;IAEjE,UAAU;IACV,EAAE,OAAO,EAAE,gDAAgD,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,MAAM,CAAC,EAAE;IAEhG,sBAAsB;IACtB,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC,OAAO,CAAC,EAAE;IAEnE,8BAA8B;IAC9B,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,WAAW,EAAE;IAErD,gBAAgB;IAChB,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,EAAE;IAEzC,4BAA4B;IAC5B,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,SAAS,EAAE;IAClD,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,SAAS,EAAE;IAE/C,6BAA6B;IAC7B,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,MAAM,EAAE;IAC1C,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE;IAEnC,wBAAwB;IACxB,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,MAAM,EAAE;IAE3C,8BAA8B;IAC9B,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,WAAW,EAAE;CAC9C,CAAC;AAEF;;GAEG;AACH,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC;IAC/B,aAAa,EAAE,eAAe,EAAE,YAAY,EAAE,YAAY;IAC1D,UAAU,EAAE,aAAa;IACzB,UAAU,EAAE,aAAa;IACzB,aAAa,EAAE,eAAe;IAC9B,WAAW,EAAE,cAAc;IAC3B,aAAa,EAAE,eAAe;IAC9B,QAAQ;CACT,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC;IAC5B,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO;IACxD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO;CACnC,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC;IAC9B,cAAc,EAAE,YAAY,EAAE,WAAW,EAAE,YAAY;IACvD,YAAY,EAAE,UAAU,EAAE,UAAU;CACrC,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC;IAC/B,YAAY;CACb,CAAC,CAAC;AAEH;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,cAAc,CAAC,OAAe;IAC5C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,KAAK,GAAa,EAAE,CAAC;QAE3B,iBAAiB;QACjB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAE9B,4BAA4B;QAC5B,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;YACtB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAChC,CAAC;QAED,+BAA+B;QAC/B,MAAM,WAAW,GAAG,MAAM,CAAC,UAAU;YACnC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,IAAI,MAAM,CAAC,UAAU,EAAE;YAC7C,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC;QAEtB,2DAA2D;QAC3D,MAAM,WAAW,GAAG,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAClD,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAC7B,CAAC;QACF,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;YAC/B,IAAI,IAAI,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;gBAC1B,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;YAC9B,CAAC;iBAAM,CAAC;gBACN,oEAAoE;gBACpE,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;oBACf,MAAM,eAAe,GAAG,iBAAiB,CAAC,IAAI,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;oBACnE,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,IAAI,IAAI,eAAe,EAAE,CAAC,CAAC;gBAClD,CAAC;qBAAM,CAAC;oBACN,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC/B,CAAC;YACH,CAAC;QACH,CAAC;QAED,iCAAiC;QACjC,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,cAAc,EAAE,CAAC;YACxC,MAAM,UAAU,GAAG,iBAAiB,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;YACvD,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACzB,CAAC;QAED,2BAA2B;QAC3B,IAAI,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5B,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAChB,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;gBACjC,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;QAED,mBAAmB;QACnB,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACxC,MAAM,UAAU,GAAG,iBAAiB,CAAC,QAAQ,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;YACnE,QAAQ,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACtB,KAAK,QAAQ;oBACX,KAAK,CAAC,IAAI,CAAC,KAAK,UAAU,EAAE,CAAC,CAAC;oBAC9B,MAAM;gBACR,KAAK,QAAQ;oBACX,KAAK,CAAC,IAAI,CAAC,MAAM,UAAU,EAAE,CAAC,CAAC;oBAC/B,MAAM;gBACR,KAAK,QAAQ;oBACX,KAAK,CAAC,IAAI,CAAC,MAAM,UAAU,EAAE,CAAC,CAAC;oBAC/B,MAAM;gBACR,KAAK,OAAO;oBACV,KAAK,CAAC,IAAI,CAAC,KAAK,UAAU,EAAE,CAAC,CAAC;oBAC9B,MAAM;YACV,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,4CAA4C;QAC5C,OAAO,eAAe,CAAC,OAAO,CAAC,CAAC;IAClC,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,GAAW,EAAE,OAAe;IACrD,sCAAsC;IACtC,IAAI,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QAClC,OAAO,WAAW,CAAC;IACrB,CAAC;IACD,IAAI,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QAClC,OAAO,WAAW,CAAC;IACrB,CAAC;IACD,IAAI,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QACjC,6CAA6C;QAC7C,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACxD,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,0BAA0B;IAC1B,KAAK,MAAM,OAAO,IAAI,iBAAiB,EAAE,CAAC;QACxC,IAAI,OAAO,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACvE,SAAS;QACX,CAAC;QACD,IAAI,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9B,OAAO,IAAI,OAAO,CAAC,IAAI,GAAG,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,qCAAqC;IACrC,IAAI,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAE,CAAC,EAAE,CAAC;QAC9C,6BAA6B;QAC7B,IAAI,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,4DAA4D;IAC5D,IAAI,GAAG,CAAC,MAAM,IAAI,EAAE,IAAI,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7C,OAAO,GAAG,CAAC;IACb,CAAC;IAED,qCAAqC;IACrC,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,GAAW;IACnC,MAAM,SAAS,GAAG;QAChB,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM;QACxC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ;QAChC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;QACrC,aAAa,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM;QAC/C,QAAQ,EAAE,MAAM,EAAE,OAAO;KAC1B,CAAC;IAEF,MAAM,QAAQ,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,GAAG,CAAC;IAChE,OAAO,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACtC,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,OAAe;IACtC,yBAAyB;IACzB,IAAI,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;IACzD,UAAU,GAAG,UAAU,CAAC,OAAO,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;IAExD,gBAAgB;IAChB,UAAU,GAAG,UAAU,CAAC,OAAO,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;IAEzD,kBAAkB;IAClB,UAAU,GAAG,UAAU,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAErD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,OAAyB;IACtD,MAAM,MAAM,GAAG,IAAI,GAAG,EAA4B,CAAC;IAEnD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,MAAM,OAAO,GAAG,MAAM,CAAC,iBAAiB,IAAI,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAC3E,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QAC3C,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACtB,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAChC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAClC,MAAqC;IAErC,MAAM,QAAQ,GAAqB,EAAE,CAAC;IAEtC,KAAK,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,MAAM,EAAE,CAAC;QACxC,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEnC,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;QACvE,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;QACnE,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,MAAM,CAAC;QACrE,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC;QAE7B,MAAM,YAAY,GAAG,QAAQ,GAAG,KAAK,CAAC;QACtC,MAAM,UAAU,GAAG,MAAM,GAAG,KAAK,CAAC;QAClC,MAAM,WAAW,GAAG,OAAO,GAAG,KAAK,CAAC;QAEpC,4DAA4D;QAC5D,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC;QACrE,MAAM,oBAAoB,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,EAAE,CAAC,CAAC;QACrD,MAAM,WAAW,GAAG,YAAY,CAAC;QACjC,MAAM,UAAU,GAAG,CAAC,oBAAoB,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QAE5D,6BAA6B;QAC7B,IAAI,eAA4C,CAAC;QACjD,IAAI,YAAY,GAAG,GAAG,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;YACrC,eAAe,GAAG,OAAO,CAAC;QAC5B,CAAC;aAAM,IAAI,UAAU,GAAG,GAAG,IAAI,KAAK,IAAI,CAAC,EAAE,CAAC;YAC1C,eAAe,GAAG,MAAM,CAAC;QAC3B,CAAC;aAAM,CAAC;YACN,eAAe,GAAG,QAAQ,CAAC;QAC7B,CAAC;QAED,kCAAkC;QAClC,MAAM,iBAAiB,GAAG,OAAO;aAC9B,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,cAAc,KAAK,SAAS,CAAC;aAC3C,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,cAAe,CAAC,CAAC;QAC/B,MAAM,iBAAiB,GAAG,iBAAiB,CAAC,MAAM,GAAG,CAAC;YACpD,CAAC,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,iBAAiB,CAAC,MAAM;YACzE,CAAC,CAAC,SAAS,CAAC;QAEd,wBAAwB;QACxB,MAAM,cAAc,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;QAEpD,2CAA2C;QAC3C,MAAM,MAAM,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,IAAI,CAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAC5E,CAAC;QAEF,QAAQ,CAAC,IAAI,CAAC;YACZ,OAAO;YACP,SAAS,EAAE,KAAK;YAChB,YAAY;YACZ,UAAU;YACV,WAAW;YACX,eAAe;YACf,UAAU;YACV,QAAQ,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;YACjD,iBAAiB;YACjB,QAAQ,EAAE,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAE,CAAC,SAAS,CAAC;YACxD,SAAS,EAAE,IAAI,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC,SAAS,CAAC;YACzC,cAAc;SACf,CAAC,CAAC;IACL,CAAC;IAED,oBAAoB;IACpB,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC;AAC5D,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,OAAyB;IACpD,MAAM,YAAY,GAA2B,EAAE,CAAC;IAChD,MAAM,UAAU,GAA8B,EAA+B,CAAC;IAC9E,IAAI,kBAAkB,GAAG,CAAC,CAAC;IAE3B,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,gBAAgB;QAChB,MAAM,EAAE,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,IAAI,SAAS,CAAC;QACnD,YAAY,CAAC,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAE/C,cAAc;QACd,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC;YAClC,CAAC,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAElD,sBAAsB;QACtB,IAAI,MAAM,CAAC,iBAAiB,EAAE,CAAC;YAC7B,kBAAkB,EAAE,CAAC;QACvB,CAAC;IACH,CAAC;IAED,OAAO;QACL,YAAY;QACZ,UAAU;QACV,qBAAqB,EAAE,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,kBAAkB,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;KACpF,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,iBAAiB,CAAC,QAAgB,EAAE,QAAgB;IAClE,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACnC,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAEnC,4BAA4B;IAC5B,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,CAAC;IACX,CAAC;IAED,uBAAuB;IACvB,IAAI,OAAO,GAAG,CAAC,CAAC,CAAC,qBAAqB;IACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IAExD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAChE,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;YAC5B,OAAO,EAAE,CAAC;QACZ,CAAC;aAAM,IACL,aAAa,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC,IAAI,aAAa,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC,EACtD,CAAC;YACD,wCAAwC;YACxC,OAAO,IAAI,GAAG,CAAC;QACjB,CAAC;IACH,CAAC;IAED,OAAO,OAAO,GAAG,QAAQ,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,CAAS;IAC9B,OAAO,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAc,EACd,QAAkB,EAClB,SAAS,GAAG,GAAG;IAEf,MAAM,OAAO,GAAmD,EAAE,CAAC;IAEnE,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,OAAO,KAAK,MAAM;YAAE,SAAS;QACjC,MAAM,UAAU,GAAG,iBAAiB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACtD,IAAI,UAAU,IAAI,SAAS,EAAE,CAAC;YAC5B,OAAO,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC;AAC7D,CAAC"}

package/dist/guard/learning/rule-suggester.d.ts

@@ -0,0 +1,67 @@
+/**
+ * Rule Suggester for Shell Guardian Learning System
+ *
+ * Analyzes approval history and learned patterns to suggest
+ * policy rules that would automate common decisions.
+ */
+import type { ApprovalRecord, LearnedPattern, RuleSuggestion, LearningConfig } from './types.js';
+import type { GuardConfig, GuardRule } from '../types.js';
+/**
+ * Result of analyzing patterns for rule suggestions.
+ */
+export interface SuggestionAnalysis {
+    /** Generated suggestions */
+    suggestions: RuleSuggestion[];
+    /** Patterns that need more data */
+    insufficientData: Array<{
+        pattern: string;
+        occurrences: number;
+        needed: number;
+    }>;
+    /** Patterns that are too inconsistent */
+    inconsistent: Array<{
+        pattern: string;
+        approvalRate: number;
+        denialRate: number;
+    }>;
+    /** Summary statistics */
+    stats: {
+        patternsAnalyzed: number;
+        suggestionsGenerated: number;
+        highConfidenceSuggestions: number;
+    };
+}
+/**
+ * Analyze approval history and suggest rules.
+ *
+ * @param records - Approval history records
+ * @param existingConfig - Current guard config (to avoid duplicate rules)
+ * @param config - Learning configuration
+ * @returns Analysis result with suggestions
+ */
+export declare function analyzeAndSuggest(records: ApprovalRecord[], existingConfig?: GuardConfig, config?: LearningConfig): SuggestionAnalysis;
+/**
+ * Convert a rule suggestion to a guard rule.
+ */
+export declare function suggestionToRule(suggestion: RuleSuggestion): GuardRule;
+/**
+ * Format suggestions for display.
+ */
+export declare function formatSuggestions(suggestions: RuleSuggestion[]): string;
+/**
+ * Export suggestions as YAML rules.
+ */
+export declare function exportSuggestionsAsYaml(suggestions: RuleSuggestion[]): string;
+/**
+ * Merge suggestions with existing config.
+ */
+export declare function mergeSuggestionsWithConfig(suggestions: RuleSuggestion[], config: GuardConfig): GuardConfig;
+/**
+ * Find patterns that might benefit from more specific rules.
+ */
+export declare function findRefinementOpportunities(patterns: LearnedPattern[]): Array<{
+    pattern: string;
+    reason: string;
+    suggestion: string;
+}>;
+//# sourceMappingURL=rule-suggester.d.ts.map

package/dist/guard/learning/rule-suggester.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rule-suggester.d.ts","sourceRoot":"","sources":["../../../src/guard/learning/rule-suggester.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EACV,cAAc,EACd,cAAc,EACd,cAAc,EAEd,cAAc,EACf,MAAM,YAAY,CAAC;AAEpB,OAAO,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAG1D;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,4BAA4B;IAC5B,WAAW,EAAE,cAAc,EAAE,CAAC;IAC9B,mCAAmC;IACnC,gBAAgB,EAAE,KAAK,CAAC;QACtB,OAAO,EAAE,MAAM,CAAC;QAChB,WAAW,EAAE,MAAM,CAAC;QACpB,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC,CAAC;IACH,yCAAyC;IACzC,YAAY,EAAE,KAAK,CAAC;QAClB,OAAO,EAAE,MAAM,CAAC;QAChB,YAAY,EAAE,MAAM,CAAC;QACrB,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC,CAAC;IACH,yBAAyB;IACzB,KAAK,EAAE;QACL,gBAAgB,EAAE,MAAM,CAAC;QACzB,oBAAoB,EAAE,MAAM,CAAC;QAC7B,yBAAyB,EAAE,MAAM,CAAC;KACnC,CAAC;CACH;AAED;;;;;;;GAOG;AACH,wBAAgB,iBAAiB,CAC/B,OAAO,EAAE,cAAc,EAAE,EACzB,cAAc,CAAC,EAAE,WAAW,EAC5B,MAAM,GAAE,cAAwC,GAC/C,kBAAkB,CA6EpB;AA2KD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,UAAU,EAAE,cAAc,GAAG,SAAS,CAyBtE;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,WAAW,EAAE,cAAc,EAAE,GAAG,MAAM,CAsBvE;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,WAAW,EAAE,cAAc,EAAE,GAAG,MAAM,CA6B7E;AAED;;GAEG;AACH,wBAAgB,0BAA0B,CACxC,WAAW,EAAE,cAAc,EAAE,EAC7B,MAAM,EAAE,WAAW,GAClB,WAAW,CAUb;AAED;;GAEG;AACH,wBAAgB,2BAA2B,CACzC,QAAQ,EAAE,cAAc,EAAE,GACzB,KAAK,CAAC;IACP,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;CACpB,CAAC,CAyCD"}