@eduardbar/drift 1.2.0 → 1.4.0

package/dist/trust-kpi-fs.js

@@ -0,0 +1,141 @@
+import { existsSync, readdirSync, statSync } from 'node:fs';
+import { dirname, isAbsolute, resolve } from 'node:path';
+const IGNORED_DIRECTORIES = new Set(['node_modules', '.git', 'dist', '.next', 'build']);
+function toPosixPath(path) {
+    return path.replace(/\\/g, '/');
+}
+function processDirectoryEntry(current, entry, stack, out) {
+    const fullPath = resolve(current, entry);
+    const info = statSync(fullPath);
+    if (!info.isDirectory()) {
+        out.push(fullPath);
+        return;
+    }
+    if (IGNORED_DIRECTORIES.has(entry))
+        return;
+    stack.push(fullPath);
+}
+function listFilesRecursively(root) {
+    if (!existsSync(root))
+        return [];
+    const out = [];
+    const stack = [root];
+    while (stack.length > 0) {
+        const current = stack.pop();
+        for (const entry of readdirSync(current)) {
+            processDirectoryEntry(current, entry, stack, out);
+        }
+    }
+    return out;
+}
+function isGlobPattern(input) {
+    return /[*?[\]{}]/.test(input);
+}
+function escapeRegex(char) {
+    return /[\\^$+?.()|{}\[\]]/.test(char) ? `\\${char}` : char;
+}
+function globToRegex(pattern) {
+    const normalized = toPosixPath(pattern);
+    let expression = '^';
+    for (let index = 0; index < normalized.length; index += 1) {
+        const char = normalized[index];
+        const nextChar = normalized[index + 1];
+        const nextNextChar = normalized[index + 2];
+        if (char === '*' && nextChar === '*') {
+            if (nextNextChar === '/') {
+                expression += '(?:.*/)?';
+                index += 2;
+                continue;
+            }
+            expression += '.*';
+            index += 1;
+            continue;
+        }
+        if (char === '*') {
+            expression += '[^/]*';
+            continue;
+        }
+        if (char === '?') {
+            expression += '[^/]';
+            continue;
+        }
+        expression += escapeRegex(char);
+    }
+    expression += '$';
+    return new RegExp(expression);
+}
+function globBaseDir(pattern) {
+    const normalized = toPosixPath(pattern);
+    const wildcardIndex = normalized.search(/[*?[\]{}]/);
+    if (wildcardIndex < 0)
+        return dirname(pattern);
+    const prefix = normalized.slice(0, wildcardIndex);
+    const slashIndex = prefix.lastIndexOf('/');
+    if (slashIndex < 0)
+        return '.';
+    if (slashIndex === 0)
+        return '/';
+    return prefix.slice(0, slashIndex);
+}
+function discoverFromGlob(source, cwd) {
+    const diagnostics = [];
+    const absolutePattern = isAbsolute(source) ? source : resolve(cwd, source);
+    const regex = globToRegex(toPosixPath(absolutePattern));
+    const base = resolve(cwd, globBaseDir(source));
+    if (!existsSync(base)) {
+        diagnostics.push({
+            level: 'error',
+            code: 'path-not-found',
+            message: `Glob base path does not exist: ${base}`,
+        });
+        return { files: [], diagnostics };
+    }
+    const matched = listFilesRecursively(base)
+        .filter((filePath) => regex.test(toPosixPath(filePath)))
+        .filter((filePath) => filePath.toLowerCase().endsWith('.json'))
+        .sort((a, b) => a.localeCompare(b));
+    return { files: matched, diagnostics };
+}
+function discoverFromPath(source, cwd) {
+    const diagnostics = [];
+    const absolute = isAbsolute(source) ? source : resolve(cwd, source);
+    if (!existsSync(absolute)) {
+        diagnostics.push({
+            level: 'error',
+            code: 'path-not-found',
+            message: `Path does not exist: ${absolute}`,
+        });
+        return { files: [], diagnostics };
+    }
+    const info = statSync(absolute);
+    if (info.isDirectory()) {
+        const files = listFilesRecursively(absolute)
+            .filter((filePath) => filePath.toLowerCase().endsWith('.json'))
+            .sort((a, b) => a.localeCompare(b));
+        return { files, diagnostics };
+    }
+    if (info.isFile()) {
+        if (!absolute.toLowerCase().endsWith('.json')) {
+            diagnostics.push({
+                level: 'warning',
+                code: 'path-not-supported',
+                file: absolute,
+                message: 'Input file is not JSON; attempting to parse anyway',
+            });
+        }
+        return { files: [absolute], diagnostics };
+    }
+    diagnostics.push({
+        level: 'error',
+        code: 'path-not-supported',
+        message: `Path is neither a file nor directory: ${absolute}`,
+    });
+    return { files: [], diagnostics };
+}
+export function discoverTrustJsonFiles(input, cwd) {
+    const source = input.trim() || '.';
+    return isGlobPattern(source)
+        ? discoverFromGlob(source, cwd)
+        : discoverFromPath(source, cwd);
+}
+//# sourceMappingURL=trust-kpi-fs.js.map

package/dist/trust-kpi-parse.d.ts

@@ -0,0 +1,7 @@
+import type { TrustKpiDiagnostic } from './types.js';
+import type { ParsedTrustArtifact } from './trust-kpi-types.js';
+export declare function parseTrustArtifact(filePath: string): {
+    record?: ParsedTrustArtifact;
+    diagnostics: TrustKpiDiagnostic[];
+};
+//# sourceMappingURL=trust-kpi-parse.d.ts.map

package/dist/trust-kpi-parse.js

@@ -0,0 +1,186 @@
+import { readFileSync } from 'node:fs';
+import { MERGE_RISK_ORDER, normalizeMergeRiskLevel } from './trust.js';
+const DIFF_STATUS_VALUES = new Set(['improved', 'regressed', 'neutral']);
+function isObjectLike(value) {
+    return typeof value === 'object' && value !== null;
+}
+function createDiffContextWarning(message) {
+    return {
+        diagnostic: {
+            level: 'warning',
+            code: 'invalid-diff-context',
+            message,
+        },
+    };
+}
+function getFiniteNumber(raw, key) {
+    const value = raw[key];
+    return typeof value === 'number' && Number.isFinite(value) ? value : null;
+}
+function resolveDiffStatus(rawStatus, scoreDelta) {
+    if (typeof rawStatus === 'string' && DIFF_STATUS_VALUES.has(rawStatus)) {
+        return rawStatus;
+    }
+    if (scoreDelta < 0)
+        return 'improved';
+    if (scoreDelta > 0)
+        return 'regressed';
+    return 'neutral';
+}
+function parseDiffContextBase(raw) {
+    return {
+        baseRef: typeof raw.baseRef === 'string' ? raw.baseRef : 'unknown',
+        scoreDelta: getFiniteNumber(raw, 'scoreDelta'),
+        newIssues: getFiniteNumber(raw, 'newIssues'),
+        resolvedIssues: getFiniteNumber(raw, 'resolvedIssues'),
+        filesChanged: getFiniteNumber(raw, 'filesChanged') ?? 0,
+        penalty: getFiniteNumber(raw, 'penalty') ?? 0,
+        bonus: getFiniteNumber(raw, 'bonus') ?? 0,
+        netImpact: getFiniteNumber(raw, 'netImpact') ?? 0,
+    };
+}
+function normalizeDiffContext(raw) {
+    if (!isObjectLike(raw)) {
+        return createDiffContextWarning('diff_context is present but malformed; skipping diff trend fields for this artifact');
+    }
+    const parsed = parseDiffContextBase(raw);
+    if (parsed.scoreDelta == null || parsed.newIssues == null || parsed.resolvedIssues == null) {
+        return createDiffContextWarning('diff_context is missing numeric scoreDelta/newIssues/resolvedIssues; skipping diff trend fields for this artifact');
+    }
+    const normalizedStatus = resolveDiffStatus(raw.status, parsed.scoreDelta);
+    return {
+        diffContext: {
+            baseRef: parsed.baseRef,
+            status: normalizedStatus,
+            scoreDelta: parsed.scoreDelta,
+            newIssues: parsed.newIssues,
+            resolvedIssues: parsed.resolvedIssues,
+            filesChanged: parsed.filesChanged,
+            penalty: parsed.penalty,
+            bonus: parsed.bonus,
+            netImpact: parsed.netImpact,
+        },
+    };
+}
+function readJsonFile(filePath) {
+    let rawContent = '';
+    try {
+        rawContent = readFileSync(filePath, 'utf8');
+    }
+    catch (error) {
+        return {
+            diagnostics: [{
+                    level: 'error',
+                    code: 'read-failed',
+                    file: filePath,
+                    message: error instanceof Error ? error.message : String(error),
+                }],
+        };
+    }
+    try {
+        return { parsed: JSON.parse(rawContent), diagnostics: [] };
+    }
+    catch (error) {
+        return {
+            diagnostics: [{
+                    level: 'error',
+                    code: 'parse-failed',
+                    file: filePath,
+                    message: error instanceof Error ? error.message : String(error),
+                }],
+        };
+    }
+}
+function normalizeArtifactShape(parsed, filePath) {
+    if (isObjectLike(parsed)) {
+        const rawSchema = parsed.$schema;
+        if (rawSchema !== undefined && rawSchema !== 'schemas/drift-trust.v1.json') {
+            return {
+                diagnostics: [{
+                        level: 'error',
+                        code: 'invalid-shape',
+                        file: filePath,
+                        message: 'Invalid $schema for trust artifact (expected schemas/drift-trust.v1.json)',
+                    }],
+            };
+        }
+        return { artifact: parsed, diagnostics: [] };
+    }
+    return {
+        diagnostics: [{
+                level: 'error',
+                code: 'invalid-shape',
+                file: filePath,
+                message: 'Trust artifact must be a JSON object',
+            }],
+    };
+}
+function parseTrustScore(raw, filePath) {
+    const trustScore = raw.trust_score;
+    if (typeof trustScore === 'number' && Number.isFinite(trustScore)) {
+        return { trustScore, diagnostics: [] };
+    }
+    return {
+        diagnostics: [{
+                level: 'error',
+                code: 'invalid-shape',
+                file: filePath,
+                message: 'Missing numeric trust_score',
+            }],
+    };
+}
+function parseMergeRisk(raw, filePath) {
+    const mergeRisk = typeof raw.merge_risk === 'string'
+        ? normalizeMergeRiskLevel(raw.merge_risk)
+        : undefined;
+    if (mergeRisk) {
+        return { mergeRisk, diagnostics: [] };
+    }
+    return {
+        diagnostics: [{
+                level: 'error',
+                code: 'invalid-shape',
+                file: filePath,
+                message: `Missing/invalid merge_risk (expected one of ${MERGE_RISK_ORDER.join(', ')})`,
+            }],
+    };
+}
+export function parseTrustArtifact(filePath) {
+    const readResult = readJsonFile(filePath);
+    if (readResult.diagnostics.length > 0) {
+        return { diagnostics: readResult.diagnostics };
+    }
+    const shape = normalizeArtifactShape(readResult.parsed, filePath);
+    if (!shape.artifact) {
+        return { diagnostics: shape.diagnostics };
+    }
+    const trustScoreResult = parseTrustScore(shape.artifact, filePath);
+    if (trustScoreResult.trustScore === undefined) {
+        return { diagnostics: trustScoreResult.diagnostics };
+    }
+    const mergeRiskResult = parseMergeRisk(shape.artifact, filePath);
+    if (!mergeRiskResult.mergeRisk) {
+        return { diagnostics: mergeRiskResult.diagnostics };
+    }
+    const diagnostics = [];
+    let diffContext;
+    if (shape.artifact.diff_context !== undefined) {
+        const normalized = normalizeDiffContext(shape.artifact.diff_context);
+        if (normalized.diagnostic) {
+            diagnostics.push({ ...normalized.diagnostic, file: filePath });
+        }
+        else {
+            diffContext = normalized.diffContext;
+        }
+    }
+    return {
+        record: {
+            filePath,
+            trustScore: trustScoreResult.trustScore,
+            mergeRisk: mergeRiskResult.mergeRisk,
+            diffContext,
+        },
+        diagnostics,
+    };
+}
+//# sourceMappingURL=trust-kpi-parse.js.map

package/dist/trust-kpi-types.d.ts

@@ -0,0 +1,16 @@
+import type { MergeRiskLevel, TrustDiffContext } from './types.js';
+export interface ParsedTrustArtifact {
+    filePath: string;
+    trustScore: number;
+    mergeRisk: MergeRiskLevel;
+    diffContext?: TrustDiffContext;
+}
+export interface DiscoverResult {
+    files: string[];
+    diagnostics: import('./types.js').TrustKpiDiagnostic[];
+}
+export type DiffStatus = 'improved' | 'regressed' | 'neutral';
+export interface TrustKpiOptions {
+    cwd?: string;
+}
+//# sourceMappingURL=trust-kpi-types.d.ts.map

package/dist/trust-kpi-types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=trust-kpi-types.js.map

package/dist/trust-kpi.d.ts

@@ -0,0 +1,7 @@
+import type { DriftTrustReport, TrustKpiReport } from './types.js';
+import type { TrustKpiOptions } from './trust-kpi-types.js';
+export declare function computeTrustKpis(input: string, options?: TrustKpiOptions): TrustKpiReport;
+export declare function formatTrustKpiConsole(kpi: TrustKpiReport): string;
+export declare function formatTrustKpiJson(kpi: TrustKpiReport): string;
+export declare function computeTrustKpisFromReports(reports: DriftTrustReport[]): TrustKpiReport;
+//# sourceMappingURL=trust-kpi.d.ts.map

package/dist/trust-kpi.js

@@ -0,0 +1,185 @@
+import { normalizeMergeRiskLevel } from './trust.js';
+import { discoverTrustJsonFiles } from './trust-kpi-fs.js';
+import { parseTrustArtifact } from './trust-kpi-parse.js';
+function round(value, decimals = 2) {
+    return Number(value.toFixed(decimals));
+}
+function median(values) {
+    if (values.length === 0)
+        return null;
+    const sorted = [...values].sort((a, b) => a - b);
+    const mid = Math.floor(sorted.length / 2);
+    if (sorted.length % 2 === 0) {
+        return round((sorted[mid - 1] + sorted[mid]) / 2);
+    }
+    return round(sorted[mid]);
+}
+function average(values) {
+    if (values.length === 0)
+        return null;
+    return round(values.reduce((sum, value) => sum + value, 0) / values.length);
+}
+function buildDiffTrend(records) {
+    const withDiff = records.filter((record) => record.diffContext);
+    if (withDiff.length === 0) {
+        return {
+            available: false,
+            samples: 0,
+            statusDistribution: {
+                improved: 0,
+                regressed: 0,
+                neutral: 0,
+            },
+            scoreDelta: {
+                average: null,
+                median: null,
+            },
+            issues: {
+                newTotal: 0,
+                resolvedTotal: 0,
+                netNew: 0,
+            },
+        };
+    }
+    const scoreDeltas = withDiff.map((record) => record.diffContext.scoreDelta);
+    const newIssues = withDiff.reduce((sum, record) => sum + record.diffContext.newIssues, 0);
+    const resolvedIssues = withDiff.reduce((sum, record) => sum + record.diffContext.resolvedIssues, 0);
+    const statusDistribution = {
+        improved: withDiff.filter((record) => record.diffContext.status === 'improved').length,
+        regressed: withDiff.filter((record) => record.diffContext.status === 'regressed').length,
+        neutral: withDiff.filter((record) => record.diffContext.status === 'neutral').length,
+    };
+    return {
+        available: true,
+        samples: withDiff.length,
+        statusDistribution,
+        scoreDelta: {
+            average: average(scoreDeltas),
+            median: median(scoreDeltas),
+        },
+        issues: {
+            newTotal: newIssues,
+            resolvedTotal: resolvedIssues,
+            netNew: newIssues - resolvedIssues,
+        },
+    };
+}
+const KPI_RATIO_DECIMALS = 4;
+export function computeTrustKpis(input, options) {
+    const cwd = options?.cwd ?? process.cwd();
+    const discovered = discoverTrustJsonFiles(input, cwd);
+    const records = [];
+    const diagnostics = [...discovered.diagnostics];
+    for (const filePath of discovered.files) {
+        const parsed = parseTrustArtifact(filePath);
+        diagnostics.push(...parsed.diagnostics);
+        if (parsed.record)
+            records.push(parsed.record);
+    }
+    const trustScores = records.map((record) => record.trustScore);
+    const mergeRiskDistribution = {
+        LOW: 0,
+        MEDIUM: 0,
+        HIGH: 0,
+        CRITICAL: 0,
+    };
+    for (const record of records) {
+        mergeRiskDistribution[record.mergeRisk] += 1;
+    }
+    const highRiskCount = mergeRiskDistribution.HIGH + mergeRiskDistribution.CRITICAL;
+    return {
+        generatedAt: new Date().toISOString(),
+        input,
+        files: {
+            matched: discovered.files.length,
+            parsed: records.length,
+            malformed: discovered.files.length - records.length,
+        },
+        prsEvaluated: records.length,
+        mergeRiskDistribution,
+        trustScore: {
+            average: average(trustScores),
+            median: median(trustScores),
+            min: trustScores.length > 0 ? Math.min(...trustScores) : null,
+            max: trustScores.length > 0 ? Math.max(...trustScores) : null,
+        },
+        highRiskRatio: records.length > 0 ? round(highRiskCount / records.length, KPI_RATIO_DECIMALS) : null,
+        diffTrend: buildDiffTrend(records),
+        diagnostics,
+    };
+}
+export function formatTrustKpiConsole(kpi) {
+    const parts = [
+        'drift kpi',
+        '',
+        `Input: ${kpi.input}`,
+        `Files matched: ${kpi.files.matched} | parsed: ${kpi.files.parsed} | malformed: ${kpi.files.malformed}`,
+        `PRs evaluated: ${kpi.prsEvaluated}`,
+        `Trust score (avg/median): ${kpi.trustScore.average ?? 'n/a'} / ${kpi.trustScore.median ?? 'n/a'}`,
+        `High-risk ratio (HIGH+CRITICAL): ${kpi.highRiskRatio == null ? 'n/a' : `${round(kpi.highRiskRatio * 100, 2)}%`}`,
+        `Merge risk distribution: LOW=${kpi.mergeRiskDistribution.LOW} MEDIUM=${kpi.mergeRiskDistribution.MEDIUM} HIGH=${kpi.mergeRiskDistribution.HIGH} CRITICAL=${kpi.mergeRiskDistribution.CRITICAL}`,
+    ];
+    if (kpi.diffTrend.available) {
+        const avgDelta = kpi.diffTrend.scoreDelta.average;
+        const signedDelta = avgDelta == null ? 'n/a' : `${avgDelta >= 0 ? '+' : ''}${avgDelta}`;
+        parts.push(`Diff trend samples: ${kpi.diffTrend.samples} | avg score delta: ${signedDelta} | new/resolved: +${kpi.diffTrend.issues.newTotal}/-${kpi.diffTrend.issues.resolvedTotal}`);
+    }
+    else {
+        parts.push('Diff trend samples: 0 (no diff_context found)');
+    }
+    if (kpi.diagnostics.length > 0) {
+        const errorCount = kpi.diagnostics.filter((diagnostic) => diagnostic.level === 'error').length;
+        const warningCount = kpi.diagnostics.filter((diagnostic) => diagnostic.level === 'warning').length;
+        parts.push(`Diagnostics: ${errorCount} error(s), ${warningCount} warning(s)`);
+    }
+    return parts.join('\n');
+}
+export function formatTrustKpiJson(kpi) {
+    return JSON.stringify(kpi, null, 2);
+}
+export function computeTrustKpisFromReports(reports) {
+    const tempRecords = reports.reduce((acc, report, index) => {
+        const mergeRisk = normalizeMergeRiskLevel(report.merge_risk);
+        if (!mergeRisk || typeof report.trust_score !== 'number')
+            return acc;
+        acc.push({
+            filePath: `report-${index + 1}`,
+            trustScore: report.trust_score,
+            mergeRisk,
+            diffContext: report.diff_context,
+        });
+        return acc;
+    }, []);
+    const trustScores = tempRecords.map((record) => record.trustScore);
+    const mergeRiskDistribution = {
+        LOW: 0,
+        MEDIUM: 0,
+        HIGH: 0,
+        CRITICAL: 0,
+    };
+    for (const record of tempRecords) {
+        mergeRiskDistribution[record.mergeRisk] += 1;
+    }
+    const highRiskCount = mergeRiskDistribution.HIGH + mergeRiskDistribution.CRITICAL;
+    return {
+        generatedAt: new Date().toISOString(),
+        input: 'in-memory',
+        files: {
+            matched: reports.length,
+            parsed: tempRecords.length,
+            malformed: reports.length - tempRecords.length,
+        },
+        prsEvaluated: tempRecords.length,
+        mergeRiskDistribution,
+        trustScore: {
+            average: average(trustScores),
+            median: median(trustScores),
+            min: trustScores.length > 0 ? Math.min(...trustScores) : null,
+            max: trustScores.length > 0 ? Math.max(...trustScores) : null,
+        },
+        highRiskRatio: tempRecords.length > 0 ? round(highRiskCount / tempRecords.length, KPI_RATIO_DECIMALS) : null,
+        diffTrend: buildDiffTrend(tempRecords),
+        diagnostics: [],
+    };
+}
+//# sourceMappingURL=trust-kpi.js.map

package/dist/trust-policy.d.ts

@@ -0,0 +1,32 @@
+import type { DriftConfig, MergeRiskLevel } from './types.js';
+export interface TrustGateOptions {
+    enabled?: boolean;
+    minTrust?: number;
+    maxRisk?: MergeRiskLevel;
+}
+export interface TrustGatePolicyResolutionOptions {
+    branchName?: string;
+    policyPack?: string;
+    overrides?: TrustGateOptions;
+}
+export interface TrustGatePolicyResolutionStep {
+    source: 'base' | 'policy-pack' | 'branch-preset' | 'overrides';
+    name: string;
+    values: TrustGateOptions;
+}
+export interface TrustGatePolicyExplanation {
+    effectivePolicy: TrustGateOptions;
+    branchName?: string;
+    selectedPolicyPack?: string;
+    invalidPolicyPack?: string;
+    steps: TrustGatePolicyResolutionStep[];
+}
+export declare const MERGE_RISK_ORDER: MergeRiskLevel[];
+export declare function normalizeMergeRiskLevel(value: string): MergeRiskLevel | undefined;
+export declare function detectBranchName(env?: NodeJS.ProcessEnv): string | undefined;
+export declare function explainTrustGatePolicy(config: DriftConfig | undefined, branchName?: string, overrides?: TrustGateOptions): TrustGatePolicyExplanation;
+export declare function explainTrustGatePolicy(config: DriftConfig | undefined, options?: TrustGatePolicyResolutionOptions): TrustGatePolicyExplanation;
+export declare function resolveTrustGatePolicy(config: DriftConfig | undefined, branchName?: string, overrides?: TrustGateOptions): TrustGateOptions;
+export declare function resolveTrustGatePolicy(config: DriftConfig | undefined, options?: TrustGatePolicyResolutionOptions): TrustGateOptions;
+export declare function formatTrustGatePolicyExplanation(explanation: TrustGatePolicyExplanation): string;
+//# sourceMappingURL=trust-policy.d.ts.map