@equilateral_ai/mindmeld 3.0.0

package/src/handlers/projects/projectUpdate.js

@@ -0,0 +1,118 @@
+/**
+ * Project Update Handler
+ * Updates project metadata
+ *
+ * PUT /api/projects/{projectId}
+ * Body: { project_name, description, private }
+ */
+
+const { wrapHandler, executeQuery, createSuccessResponse, createErrorResponse, handleError } = require('./helpers');
+
+/**
+ * Update project
+ * Requires owner or admin role on project
+ */
+async function updateProject({ pathParameters = {}, body: requestBody = {}, requestContext }) {
+    try {
+        const Request_ID = requestContext.requestId;
+        // REST API: requestContext.authorizer.claims.email
+        // HTTP API: requestContext.authorizer.jwt.claims.email
+        const email = requestContext.authorizer?.claims?.email || requestContext.authorizer?.jwt?.claims?.email;
+        const { projectId } = pathParameters;
+        const { project_name, description, private: isPrivate, repo_url } = requestBody;
+
+        if (!projectId) {
+            return createErrorResponse(400, 'projectId is required');
+        }
+
+        // Check user has access to project
+        const accessQuery = `
+            SELECT
+                p.project_id,
+                p.company_id,
+                pc.role,
+                ue."Admin" as company_admin
+            FROM rapport.projects p
+            LEFT JOIN rapport.project_collaborators pc
+                ON p.project_id = pc.project_id
+                AND pc.email_address = $1
+            LEFT JOIN "UserEntitlements" ue
+                ON ue."Email_Address" = $1
+                AND ue."Company_ID" = p.company_id
+            WHERE p.project_id = $2
+        `;
+        const accessCheck = await executeQuery(accessQuery, [email, projectId]);
+
+        if (accessCheck.rowCount === 0) {
+            return createErrorResponse(404, 'Project not found');
+        }
+
+        const access = accessCheck.rows[0];
+
+        // Check permissions (owner, admin collaborator, or company admin)
+        const hasAccess = access.role === 'owner' || access.company_admin === true;
+        if (!hasAccess) {
+            return createErrorResponse(403, 'Insufficient permissions to update project');
+        }
+
+        // Build update query dynamically
+        const updates = [];
+        const values = [];
+        let paramIndex = 1;
+
+        if (project_name !== undefined) {
+            updates.push(`project_name = $${paramIndex++}`);
+            values.push(project_name);
+        }
+        if (description !== undefined) {
+            updates.push(`description = $${paramIndex++}`);
+            values.push(description);
+        }
+        if (isPrivate !== undefined) {
+            updates.push(`private = $${paramIndex++}`);
+            values.push(isPrivate);
+        }
+        if (repo_url !== undefined) {
+            updates.push(`repo_url = $${paramIndex++}`);
+            values.push(repo_url);
+        }
+
+        if (updates.length === 0) {
+            return createErrorResponse(400, 'No fields to update');
+        }
+
+        values.push(projectId);
+
+        const query = `
+            UPDATE rapport.projects
+            SET ${updates.join(', ')}, updated_at = NOW()
+            WHERE project_id = $${paramIndex}
+            RETURNING
+                project_id,
+                company_id,
+                project_name,
+                description,
+                private,
+                repo_url,
+                updated_at
+        `;
+
+        const result = await executeQuery(query, values);
+
+        return createSuccessResponse(
+            { Records: result.rows },
+            'Project updated successfully',
+            {
+                Total_Records: result.rowCount,
+                Request_ID,
+                Timestamp: new Date().toISOString()
+            }
+        );
+
+    } catch (error) {
+        console.error('Handler Error:', error);
+        return handleError(error);
+    }
+}
+
+exports.handler = wrapHandler(updateProject);

package/src/handlers/reports/aiLeverage.js

@@ -0,0 +1,206 @@
+/**
+ * AI Leverage Report Handler
+ * Compares AI-assisted vs non-AI development metrics
+ *
+ * GET /api/reports/ai-leverage
+ * Query: ?period=7d|30d|90d&Company_ID=xxx
+ * Auth: Cognito JWT required, Manager or Admin role
+ */
+
+const { wrapHandler, executeQuery, createSuccessResponse, createErrorResponse } = require('./helpers');
+
+exports.handler = wrapHandler(async ({ requestContext, queryStringParameters }) => {
+    const email = requestContext.authorizer?.claims?.email || requestContext.authorizer?.jwt?.claims?.email;
+
+    if (!email) {
+        return createErrorResponse(401, 'Unauthorized');
+    }
+
+    const params = queryStringParameters || {};
+    const period = params.period || '30d';
+    const companyId = params.Company_ID;
+
+    // Validate access - must be manager/admin (boolean columns in Tim-Combo schema)
+    const accessCheck = await executeQuery(`
+        SELECT ue."Company_ID"
+        FROM "UserEntitlements" ue
+        WHERE ue."Email_Address" = $1
+        AND (ue."Admin" = true OR ue."Manager" = true)
+        ${companyId ? 'AND ue."Company_ID" = $2' : ''}
+        LIMIT 1
+    `, companyId ? [email, companyId] : [email]);
+
+    if (accessCheck.rows.length === 0) {
+        return createErrorResponse(403, 'Manager or Admin access required');
+    }
+
+    const userCompanyId = companyId || accessCheck.rows[0].Company_ID;
+    const periodDays = parsePeriod(period);
+    const periodStart = new Date();
+    periodStart.setDate(periodStart.getDate() - periodDays);
+
+    // Session metrics (AI-assisted) - from Claude Code sessions
+    let sessionMetrics = { rows: [{ total_sessions: 0, unique_users: 0, avg_session_minutes: 0 }] };
+    try {
+        sessionMetrics = await executeQuery(`
+            SELECT
+                COUNT(DISTINCT s.session_id) as total_sessions,
+                COUNT(DISTINCT s.email_address) as unique_users,
+                AVG(s.duration_seconds / 60.0) as avg_session_minutes
+            FROM rapport.sessions s
+            JOIN rapport.projects p ON s.project_id = p.project_id
+            WHERE p."Company_ID" = $1
+            AND s.started_at >= $2
+        `, [userCompanyId, periodStart]);
+    } catch (e) {
+        // Table might not have data
+    }
+
+    // Developer productivity metrics
+    let devMetrics = { rows: [] };
+    try {
+        devMetrics = await executeQuery(`
+            SELECT
+                dm.developer_email,
+                dm.developer_name,
+                SUM(dm.commit_count) as total_commits,
+                SUM(dm.lines_added) as lines_added,
+                SUM(dm.prs_merged) as prs_merged,
+                AVG(dm.compliance_score) as avg_compliance
+            FROM rapport.developer_metrics dm
+            JOIN rapport.git_repositories r ON dm.repo_id = r.repo_id
+            WHERE r."Company_ID" = $1
+            AND dm.period_start >= $2
+            GROUP BY dm.developer_email, dm.developer_name
+            ORDER BY total_commits DESC
+            LIMIT 20
+        `, [userCompanyId, periodStart]);
+    } catch (e) {
+        // No metrics yet
+    }
+
+    // Users with Claude Code sessions
+    let aiUsers = { rows: [] };
+    try {
+        aiUsers = await executeQuery(`
+            SELECT DISTINCT s.email_address
+            FROM rapport.sessions s
+            JOIN rapport.projects p ON s.project_id = p.project_id
+            WHERE p."Company_ID" = $1
+            AND s.started_at >= $2
+        `, [userCompanyId, periodStart]);
+    } catch (e) {
+        // No sessions
+    }
+
+    const aiUserEmails = new Set(aiUsers.rows.map(r => r.email_address));
+
+    // Classify developers as AI-assisted or not
+    const aiAssistedDevs = devMetrics.rows.filter(d => aiUserEmails.has(d.developer_email));
+    const nonAiDevs = devMetrics.rows.filter(d => !aiUserEmails.has(d.developer_email));
+
+    // Calculate averages
+    const calcAvg = (devs, field) => {
+        if (devs.length === 0) return 0;
+        return devs.reduce((sum, d) => sum + parseFloat(d[field] || 0), 0) / devs.length;
+    };
+
+    const sessionData = sessionMetrics.rows[0] || {};
+
+    return createSuccessResponse({
+        report_type: 'ai_leverage',
+        period: period,
+        period_start: periodStart.toISOString(),
+        period_end: new Date().toISOString(),
+        summary: {
+            ai_sessions: parseInt(sessionData.total_sessions) || 0,
+            ai_users: aiAssistedDevs.length,
+            non_ai_users: nonAiDevs.length,
+            avg_session_minutes: parseFloat(sessionData.avg_session_minutes || 0).toFixed(1)
+        },
+        ai_assisted: {
+            developers_count: aiAssistedDevs.length,
+            avg_commits: calcAvg(aiAssistedDevs, 'total_commits').toFixed(1),
+            avg_lines: calcAvg(aiAssistedDevs, 'lines_added').toFixed(0),
+            avg_prs: calcAvg(aiAssistedDevs, 'prs_merged').toFixed(1),
+            avg_compliance: calcAvg(aiAssistedDevs, 'avg_compliance').toFixed(1),
+            developers: aiAssistedDevs
+        },
+        non_ai: {
+            developers_count: nonAiDevs.length,
+            avg_commits: calcAvg(nonAiDevs, 'total_commits').toFixed(1),
+            avg_lines: calcAvg(nonAiDevs, 'lines_added').toFixed(0),
+            avg_prs: calcAvg(nonAiDevs, 'prs_merged').toFixed(1),
+            avg_compliance: calcAvg(nonAiDevs, 'avg_compliance').toFixed(1),
+            developers: nonAiDevs
+        },
+        productivity_multiplier: calculateMultiplier(aiAssistedDevs, nonAiDevs),
+        insights: generateInsights(aiAssistedDevs, nonAiDevs, sessionData)
+    });
+});
+
+function calculateMultiplier(aiDevs, nonAiDevs) {
+    if (aiDevs.length === 0 || nonAiDevs.length === 0) {
+        return { available: false, message: 'Need both AI and non-AI developers to calculate' };
+    }
+
+    const aiAvgCommits = aiDevs.reduce((s, d) => s + parseFloat(d.total_commits || 0), 0) / aiDevs.length;
+    const nonAiAvgCommits = nonAiDevs.reduce((s, d) => s + parseFloat(d.total_commits || 0), 0) / nonAiDevs.length;
+
+    if (nonAiAvgCommits === 0) {
+        return { available: false, message: 'Non-AI baseline has no commits' };
+    }
+
+    return {
+        available: true,
+        value: (aiAvgCommits / nonAiAvgCommits).toFixed(2),
+        interpretation: aiAvgCommits > nonAiAvgCommits
+            ? 'AI-assisted developers are more productive'
+            : 'Non-AI developers are more productive'
+    };
+}
+
+function generateInsights(aiDevs, nonAiDevs, sessionData) {
+    const insights = [];
+
+    const totalSessions = parseInt(sessionData.total_sessions) || 0;
+
+    if (totalSessions === 0) {
+        insights.push({
+            type: 'info',
+            message: 'No Claude Code sessions detected. Install Claude Code CLI to start tracking AI-assisted development.'
+        });
+        return insights;
+    }
+
+    if (aiDevs.length > 0) {
+        const aiAvgCompliance = aiDevs.reduce((s, d) => s + parseFloat(d.avg_compliance || 0), 0) / aiDevs.length;
+        const nonAiAvgCompliance = nonAiDevs.length > 0
+            ? nonAiDevs.reduce((s, d) => s + parseFloat(d.avg_compliance || 0), 0) / nonAiDevs.length
+            : 0;
+
+        if (aiAvgCompliance > nonAiAvgCompliance + 10) {
+            insights.push({
+                type: 'positive',
+                message: `AI-assisted developers have ${(aiAvgCompliance - nonAiAvgCompliance).toFixed(0)}% higher compliance scores`
+            });
+        }
+    }
+
+    return insights;
+}
+
+function parsePeriod(period) {
+    const match = period.match(/^(\d+)([dwm])$/);
+    if (!match) return 30;
+
+    const [, num, unit] = match;
+    const n = parseInt(num);
+
+    switch (unit) {
+        case 'd': return n;
+        case 'w': return n * 7;
+        case 'm': return n * 30;
+        default: return 30;
+    }
+}

package/src/handlers/reports/engineeringInvestment.js

@@ -0,0 +1,132 @@
+/**
+ * Engineering Investment Report Handler
+ * Jellyfish-style "where is engineering time going" report
+ *
+ * GET /api/reports/engineering-investment
+ * Query: ?period=7d|30d|90d&Company_ID=xxx
+ * Auth: Cognito JWT required, Manager or Admin role
+ */
+
+const { wrapHandler, executeQuery, createSuccessResponse, createErrorResponse } = require('./helpers');
+
+exports.handler = wrapHandler(async ({ requestContext, queryStringParameters }) => {
+    const email = requestContext.authorizer?.claims?.email || requestContext.authorizer?.jwt?.claims?.email;
+
+    if (!email) {
+        return createErrorResponse(401, 'Unauthorized');
+    }
+
+    const params = queryStringParameters || {};
+    const period = params.period || '7d';
+    const companyId = params.Company_ID;
+
+    // Validate access - must be manager/admin (boolean columns in Tim-Combo schema)
+    const accessCheck = await executeQuery(`
+        SELECT ue."Company_ID"
+        FROM "UserEntitlements" ue
+        WHERE ue."Email_Address" = $1
+        AND (ue."Admin" = true OR ue."Manager" = true)
+        ${companyId ? 'AND ue."Company_ID" = $2' : ''}
+        LIMIT 1
+    `, companyId ? [email, companyId] : [email]);
+
+    if (accessCheck.rows.length === 0) {
+        return createErrorResponse(403, 'Manager or Admin access required');
+    }
+
+    const userCompanyId = companyId || accessCheck.rows[0].Company_ID;
+    const periodDays = parsePeriod(period);
+    const periodStart = new Date();
+    periodStart.setDate(periodStart.getDate() - periodDays);
+
+    // Get engineering investment breakdown
+    const investment = await executeQuery(`
+        WITH commit_modules AS (
+            SELECT
+                COALESCE(SUBSTRING(c.file_path FROM '^([^/]+)'), 'root') as module,
+                COUNT(*) as commit_count,
+                SUM(c.lines_added) as lines_added,
+                SUM(c.lines_removed) as lines_removed,
+                COUNT(DISTINCT c.author_email) as contributors
+            FROM rapport.commits c
+            JOIN rapport.git_repositories r ON c.repo_id = r.repo_id
+            WHERE r.Company_ID = $1
+            AND c.committed_at >= $2
+            GROUP BY module
+        )
+        SELECT
+            module,
+            commit_count,
+            lines_added,
+            lines_removed,
+            contributors,
+            ROUND(commit_count * 100.0 / SUM(commit_count) OVER (), 1) as commit_percentage,
+            ROUND((lines_added + lines_removed) * 100.0 / SUM(lines_added + lines_removed) OVER (), 1) as churn_percentage
+        FROM commit_modules
+        ORDER BY commit_count DESC
+        LIMIT 20
+    `, [userCompanyId, periodStart]);
+
+    // Get top contributors
+    const contributors = await executeQuery(`
+        SELECT
+            dm.developer_name,
+            dm.developer_email,
+            SUM(dm.commit_count) as total_commits,
+            SUM(dm.lines_added) as total_lines_added,
+            SUM(dm.prs_merged) as total_prs_merged,
+            AVG(dm.compliance_score) as avg_compliance
+        FROM rapport.developer_metrics dm
+        JOIN rapport.git_repositories r ON dm.repo_id = r.repo_id
+        WHERE r.Company_ID = $1
+        AND dm.period_start >= $2
+        GROUP BY dm.developer_name, dm.developer_email
+        ORDER BY total_commits DESC
+        LIMIT 10
+    `, [userCompanyId, periodStart]);
+
+    // Get repo breakdown
+    const repos = await executeQuery(`
+        SELECT
+            r.repo_name,
+            COUNT(DISTINCT c.commit_sha) as commit_count,
+            COUNT(DISTINCT c.author_email) as contributors,
+            SUM(c.lines_added) as lines_added
+        FROM rapport.git_repositories r
+        LEFT JOIN rapport.commits c ON r.repo_id = c.repo_id AND c.committed_at >= $2
+        WHERE r.Company_ID = $1
+        GROUP BY r.repo_id, r.repo_name
+        ORDER BY commit_count DESC
+    `, [userCompanyId, periodStart]);
+
+    return createSuccessResponse({
+        report_type: 'engineering_investment',
+        period: period,
+        period_start: periodStart.toISOString(),
+        period_end: new Date().toISOString(),
+        summary: {
+            total_commits: investment.rows.reduce((sum, r) => sum + parseInt(r.commit_count), 0),
+            total_contributors: new Set(contributors.rows.map(r => r.developer_email)).size,
+            total_repos: repos.rows.length,
+            total_lines_changed: investment.rows.reduce((sum, r) => sum + parseInt(r.lines_added || 0) + parseInt(r.lines_removed || 0), 0)
+        },
+        investment_by_module: investment.rows,
+        top_contributors: contributors.rows,
+        repository_breakdown: repos.rows
+    });
+});
+
+function parsePeriod(period) {
+    const match = period.match(/^(\d+)([dwm])$/);
+    if (!match) return 7;
+
+    const [, num, unit] = match;
+    const n = parseInt(num);
+
+    switch (unit) {
+        case 'd': return n;
+        case 'w': return n * 7;
+        case 'm': return n * 30;
+        default: return 7;
+    }
+}

package/src/handlers/reports/riskForecast.js

@@ -0,0 +1,186 @@
+/**
+ * Risk Forecast Report Handler
+ * Identifies delivery risks, bus factors, and attention areas
+ *
+ * GET /api/reports/risk-forecast
+ * Query: ?Company_ID=xxx
+ * Auth: Cognito JWT required, Manager or Admin role
+ */
+
+const { wrapHandler, executeQuery, createSuccessResponse, createErrorResponse } = require('./helpers');
+
+exports.handler = wrapHandler(async ({ requestContext, queryStringParameters }) => {
+    const email = requestContext.authorizer?.claims?.email || requestContext.authorizer?.jwt?.claims?.email;
+
+    if (!email) {
+        return createErrorResponse(401, 'Unauthorized');
+    }
+
+    const params = queryStringParameters || {};
+    const companyId = params.Company_ID;
+
+    // Validate access - must be manager/admin (boolean columns in Tim-Combo schema)
+    const accessCheck = await executeQuery(`
+        SELECT ue."Company_ID"
+        FROM "UserEntitlements" ue
+        WHERE ue."Email_Address" = $1
+        AND (ue."Admin" = true OR ue."Manager" = true)
+        ${companyId ? 'AND ue."Company_ID" = $2' : ''}
+        LIMIT 1
+    `, companyId ? [email, companyId] : [email]);
+
+    if (accessCheck.rows.length === 0) {
+        return createErrorResponse(403, 'Manager or Admin access required');
+    }
+
+    const userCompanyId = companyId || accessCheck.rows[0].Company_ID;
+
+    // Knowledge silos (bus factor analysis)
+    let silos = { rows: [] };
+    try {
+        silos = await executeQuery(`
+            SELECT
+                ks.module_path,
+                ks.primary_contributor,
+                ks.contribution_percentage,
+                ks.total_contributors,
+                ks.risk_level
+            FROM rapport.knowledge_silos ks
+            JOIN rapport.git_repositories r ON ks.repo_id = r.repo_id
+            WHERE r."Company_ID" = $1
+            ORDER BY
+                CASE ks.risk_level
+                    WHEN 'critical' THEN 1
+                    WHEN 'high' THEN 2
+                    WHEN 'medium' THEN 3
+                    ELSE 4
+                END
+            LIMIT 20
+        `, [userCompanyId]);
+    } catch (e) {
+        // Table might not have data
+    }
+
+    // Stale PRs (open for more than 7 days)
+    let stalePRs = { rows: [] };
+    try {
+        stalePRs = await executeQuery(`
+            SELECT
+                pr.title,
+                pr.author_email,
+                pr.created_at,
+                EXTRACT(DAY FROM NOW() - pr.created_at) as days_open,
+                pr.files_changed,
+                pr.lines_added + pr.lines_removed as total_changes
+            FROM rapport.pull_requests pr
+            JOIN rapport.git_repositories r ON pr.repo_id = r.repo_id
+            WHERE r."Company_ID" = $1
+            AND pr.status = 'open'
+            AND pr.created_at < NOW() - INTERVAL '7 days'
+            ORDER BY pr.created_at ASC
+            LIMIT 10
+        `, [userCompanyId]);
+    } catch (e) {
+        // No PRs
+    }
+
+    // Working patterns - burnout risk (after-hours commits)
+    let burnoutRisk = { rows: [] };
+    try {
+        burnoutRisk = await executeQuery(`
+            SELECT
+                wp.developer_email,
+                SUM(wp.weekend_commits) as weekend_commits,
+                SUM(wp.after_hours_commits) as after_hours_commits,
+                wp.peak_hour
+            FROM rapport.working_patterns wp
+            JOIN rapport.git_repositories r ON wp.repo_id = r.repo_id
+            WHERE r."Company_ID" = $1
+            AND wp.period_start >= NOW() - INTERVAL '30 days'
+            GROUP BY wp.developer_email, wp.peak_hour
+            HAVING SUM(wp.after_hours_commits) > 10 OR SUM(wp.weekend_commits) > 5
+            ORDER BY (SUM(wp.after_hours_commits) + SUM(wp.weekend_commits)) DESC
+            LIMIT 10
+        `, [userCompanyId]);
+    } catch (e) {
+        // No working patterns data
+    }
+
+    // Calculate overall risk score
+    const criticalSilos = silos.rows.filter(s => s.risk_level === 'critical').length;
+    const highSilos = silos.rows.filter(s => s.risk_level === 'high').length;
+    const staleCount = stalePRs.rows.length;
+    const burnoutCount = burnoutRisk.rows.length;
+
+    const riskScore = Math.min(100, criticalSilos * 20 + highSilos * 10 + staleCount * 5 + burnoutCount * 5);
+
+    return createSuccessResponse({
+        report_type: 'risk_forecast',
+        generated_at: new Date().toISOString(),
+        risk_score: {
+            value: riskScore,
+            level: riskScore >= 70 ? 'critical' : riskScore >= 40 ? 'elevated' : 'normal',
+            factors: {
+                knowledge_silos: criticalSilos + highSilos,
+                stale_prs: staleCount,
+                burnout_indicators: burnoutCount
+            }
+        },
+        knowledge_silos: silos.rows,
+        stale_pull_requests: stalePRs.rows,
+        burnout_indicators: burnoutRisk.rows,
+        recommendations: generateRecommendations(silos.rows, stalePRs.rows, burnoutRisk.rows)
+    });
+});
+
+function generateRecommendations(silos, stalePRs, burnout) {
+    const recommendations = [];
+
+    // Knowledge silo recommendations
+    const criticalSilos = silos.filter(s => s.risk_level === 'critical');
+    if (criticalSilos.length > 0) {
+        recommendations.push({
+            priority: 'high',
+            category: 'Knowledge Sharing',
+            message: `${criticalSilos.length} critical knowledge silo(s) detected. Only one developer knows these areas.`,
+            action: 'Schedule pair programming or code review sessions to spread knowledge.',
+            modules: criticalSilos.map(s => s.module_path)
+        });
+    }
+
+    // Stale PR recommendations
+    if (stalePRs.length > 0) {
+        const veryStale = stalePRs.filter(pr => parseInt(pr.days_open) > 14);
+        if (veryStale.length > 0) {
+            recommendations.push({
+                priority: 'medium',
+                category: 'Code Review',
+                message: `${veryStale.length} PR(s) open for more than 2 weeks.`,
+                action: 'Review and either merge, close, or request updates on these PRs.',
+                prs: veryStale.map(pr => pr.title)
+            });
+        }
+    }
+
+    // Burnout recommendations
+    if (burnout.length > 0) {
+        recommendations.push({
+            priority: 'high',
+            category: 'Team Health',
+            message: `${burnout.length} developer(s) showing potential burnout indicators (frequent after-hours/weekend commits).`,
+            action: 'Check in with these team members about workload and work-life balance.',
+            developers: burnout.map(b => b.developer_email)
+        });
+    }
+
+    if (recommendations.length === 0) {
+        recommendations.push({
+            priority: 'info',
+            category: 'Status',
+            message: 'No significant risks detected.',
+            action: 'Continue monitoring and maintaining healthy development practices.'
+        });
+    }
+
+    return recommendations;
+}