@equilateral_ai/mindmeld 3.3.0 → 3.4.0

package/src/handlers/webhooks/githubWebhook.js

@@ -10,16 +10,35 @@ const crypto = require('crypto');
 const { wrapHandler, executeQuery, createSuccessResponse, createErrorResponse } = require('./helpers');
 
 exports.handler = wrapHandler(async ({ body, headers }) => {
-    // Verify webhook signature
+    // Verify webhook signature — try per-repo secret first, then global fallback
     const signature = headers['x-hub-signature-256'] || headers['X-Hub-Signature-256'];
-    const secret = process.env.GITHUB_WEBHOOK_SECRET;
+    const rawBody = JSON.stringify(body);
+    const repoFullName = body?.repository?.full_name;
 
-    if (!secret) {
-        console.error('GITHUB_WEBHOOK_SECRET not configured');
-        return createErrorResponse(500, 'Webhook not configured');
+    let verified = false;
+
+    // Try per-repo secret from git_repositories
+    if (repoFullName) {
+        const repoResult = await executeQuery(`
+            SELECT webhook_secret FROM rapport.git_repositories
+            WHERE repo_name = $1 AND webhook_secret IS NOT NULL
+            LIMIT 1
+        `, [repoFullName]);
+
+        if (repoResult.rowCount > 0 && repoResult.rows[0].webhook_secret) {
+            verified = verifySignature(rawBody, signature, repoResult.rows[0].webhook_secret);
+        }
+    }
+
+    // Fallback to global secret
+    if (!verified) {
+        const globalSecret = process.env.GITHUB_WEBHOOK_SECRET;
+        if (globalSecret) {
+            verified = verifySignature(rawBody, signature, globalSecret);
+        }
     }
 
-    if (!verifySignature(JSON.stringify(body), signature, secret)) {
+    if (!verified) {
         return createErrorResponse(401, 'Invalid signature');
     }
 
@@ -58,94 +77,93 @@ async function handlePushEvent(payload) {
     const repoFullName = payload.repository?.full_name;
     if (!repoFullName) return;
 
-    // Find project by repo URL
-    const projectResult = await executeQuery(`
-        SELECT project_id FROM rapport.projects
-        WHERE repo_url LIKE $1
-    `, [`%${repoFullName}%`]);
+    const repoUrl = payload.repository?.html_url || `https://github.com/${repoFullName}`;
+    const branch = payload.ref?.replace('refs/heads/', '') || 'unknown';
 
-    if (projectResult.rowCount === 0) {
-        console.log(`Project not found for repo: ${repoFullName}`);
-        return;
+    // Find or create repo in git_repositories
+    let repoResult = await executeQuery(`
+        SELECT repo_id, company_id FROM rapport.git_repositories
+        WHERE repo_name = $1 OR repo_url = $2
+    `, [repoFullName, repoUrl]);
+
+    if (repoResult.rowCount === 0) {
+        // Look up company from projects table
+        const projectResult = await executeQuery(`
+            SELECT project_id, company_id FROM rapport.projects
+            WHERE repo_url LIKE $1
+            LIMIT 1
+        `, [`%${repoFullName}%`]);
+
+        const companyId = projectResult.rows[0]?.company_id || null;
+
+        // Auto-register the repo
+        repoResult = await executeQuery(`
+            INSERT INTO rapport.git_repositories (repo_id, repo_name, repo_url, company_id, default_branch, created_at, updated_at)
+            VALUES (gen_random_uuid(), $1, $2, $3, $4, NOW(), NOW())
+            RETURNING repo_id, company_id
+        `, [repoFullName, repoUrl, companyId, branch]);
+
+        console.log(`Auto-registered repo: ${repoFullName} (repo_id: ${repoResult.rows[0].repo_id})`);
     }
 
-    const projectId = projectResult.rows[0].project_id;
-    const branch = payload.ref?.replace('refs/heads/', '') || 'unknown';
+    const repoId = repoResult.rows[0].repo_id;
 
     for (const commit of (payload.commits || [])) {
-        await recordCommit(commit, projectId, branch);
+        await recordCommit(commit, repoId, repoFullName, repoUrl);
+    }
+
+    // Update last_commit_sha on the repo
+    const lastCommit = payload.head_commit?.id || payload.commits?.[payload.commits.length - 1]?.id;
+    if (lastCommit) {
+        await executeQuery(`
+            UPDATE rapport.git_repositories SET last_commit_sha = $1, updated_at = NOW()
+            WHERE repo_id = $2
+        `, [lastCommit, repoId]);
     }
 }
 
-async function recordCommit(commit, projectId, branch) {
+async function recordCommit(commit, repoId, repoName, repoUrl) {
     const authorEmail = commit.author?.email;
     if (!authorEmail) return;
 
-    // Find user by email
-    const userResult = await executeQuery(`
-        SELECT "Email_Address" FROM "Users"
-        WHERE "Email_Address" = $1 AND active = true
-    `, [authorEmail]);
+    // Check for duplicate
+    const existing = await executeQuery(`
+        SELECT 1 FROM rapport.commits WHERE commit_sha = $1 LIMIT 1
+    `, [commit.id]);
 
-    if (userResult.rowCount === 0) {
-        console.log(`User not found for email: ${authorEmail}`);
+    if (existing.rowCount > 0) {
+        console.log(`Commit ${commit.id.substring(0, 8)} already recorded, skipping`);
         return;
     }
 
-    const email = userResult.rows[0].Email_Address;
-
-    // Find recent session for correlation
-    const sessionResult = await executeQuery(`
-        SELECT session_id, ended_at, started_at
-        FROM rapport.sessions
-        WHERE email_address = $1
-        AND project_id = $2
-        ORDER BY started_at DESC
-        LIMIT 1
-    `, [email, projectId]);
-
-    let sessionId = null;
-    let withinSession = false;
-    let timeSinceSession = null;
-
-    if (sessionResult.rowCount > 0) {
-        const session = sessionResult.rows[0];
-        const commitTime = new Date(commit.timestamp);
-        const sessionEnd = session.ended_at ? new Date(session.ended_at) : new Date();
-        const sessionStart = new Date(session.started_at);
-
-        // Commit within session if after start and before/during end
-        withinSession = commitTime >= sessionStart && (!session.ended_at || commitTime <= sessionEnd);
-
-        if (!withinSession && session.ended_at) {
-            timeSinceSession = Math.round((commitTime - sessionEnd) / (1000 * 60));
-        }
+    // Build changed_files JSONB from GitHub payload
+    const changedFiles = [
+        ...(commit.added || []).map(f => ({ path: f, action: 'added' })),
+        ...(commit.modified || []).map(f => ({ path: f, action: 'modified' })),
+        ...(commit.removed || []).map(f => ({ path: f, action: 'removed' }))
+    ];
 
-        sessionId = session.session_id;
-    }
-
-    // Insert commit
     await executeQuery(`
         INSERT INTO rapport.commits (
-            commit_hash, project_id, email_address, branch, message,
-            committed_at, files_changed,
-            session_id, within_session, time_since_session_minutes
-        ) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10)
-        ON CONFLICT (commit_hash) DO NOTHING
+            commit_id, commit_sha, repo_id, repo_url, repo_name,
+            author_email, author_name, commit_timestamp, message,
+            changed_files, is_merge, created_at
+        ) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, NOW())
     `, [
         commit.id,
-        projectId,
-        email,
-        branch,
-        commit.message?.substring(0, 500), // Truncate long messages
+        commit.id,
+        repoId,
+        repoUrl,
+        repoName,
+        authorEmail,
+        commit.author?.name || authorEmail,
         commit.timestamp,
-        (commit.added?.length || 0) + (commit.modified?.length || 0) + (commit.removed?.length || 0),
-        sessionId,
-        withinSession,
-        timeSinceSession
+        commit.message?.substring(0, 2000),
+        JSON.stringify(changedFiles),
+        commit.message?.toLowerCase().startsWith('merge') || false
     ]);
 
-    console.log(`Recorded commit ${commit.id} for ${email}`);
+    console.log(`Recorded commit ${commit.id.substring(0, 8)} by ${authorEmail}`);
 }
 
 async function handlePREvent(payload) {
@@ -153,71 +171,45 @@ async function handlePREvent(payload) {
     const repoFullName = payload.repository?.full_name;
     if (!pr || !repoFullName) return;
 
-    // Find project by repo URL
-    const projectResult = await executeQuery(`
-        SELECT project_id FROM rapport.projects
-        WHERE repo_url LIKE $1
-    `, [`%${repoFullName}%`]);
-
-    if (projectResult.rowCount === 0) {
-        console.log(`Project not found for repo: ${repoFullName}`);
-        return;
-    }
+    const repoUrl = payload.repository?.html_url || `https://github.com/${repoFullName}`;
 
-    const projectId = projectResult.rows[0].project_id;
-    const prId = `github:${repoFullName}:${pr.number}`;
+    // Find repo
+    const repoResult = await executeQuery(`
+        SELECT repo_id FROM rapport.git_repositories
+        WHERE repo_name = $1 OR repo_url = $2
+    `, [repoFullName, repoUrl]);
 
-    // Try to find user by email or login
-    const authorEmail = pr.user?.email || `${pr.user?.login}@users.noreply.github.com`;
-    const userResult = await executeQuery(`
-        SELECT "Email_Address" FROM "Users"
-        WHERE "Email_Address" = $1 AND active = true
-    `, [authorEmail]);
-
-    if (userResult.rowCount === 0) {
-        console.log(`User not found for: ${authorEmail}`);
+    if (repoResult.rowCount === 0) {
+        console.log(`Repo not found for: ${repoFullName} — push event must arrive first`);
         return;
     }
 
-    const email = userResult.rows[0].Email_Address;
-
-    // Calculate review time if merged
-    let reviewTimeHours = null;
-    if (pr.merged_at && pr.created_at) {
-        const created = new Date(pr.created_at);
-        const merged = new Date(pr.merged_at);
-        reviewTimeHours = (merged - created) / (1000 * 60 * 60);
-    }
+    const repoId = repoResult.rows[0].repo_id;
+    const authorEmail = pr.user?.email || `${pr.user?.login}@users.noreply.github.com`;
+    const status = pr.merged ? 'merged' : pr.state;
 
-    // Upsert PR
+    // Upsert PR by repo_id + pr_number
     await executeQuery(`
         INSERT INTO rapport.pull_requests (
-            pr_id, project_id, email_address, title, branch, base_branch,
-            status, opened_at, merged_at, closed_at,
-            commits_count, files_changed, additions, deletions, review_time_hours
-        ) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15)
-        ON CONFLICT (pr_id) DO UPDATE SET
-            status = EXCLUDED.status,
-            merged_at = EXCLUDED.merged_at,
-            closed_at = EXCLUDED.closed_at,
-            review_time_hours = EXCLUDED.review_time_hours
+            pr_id, repo_id, pr_number, title, author_email,
+            status, created_at, merged_at, closed_at,
+            lines_added, lines_removed, files_changed, review_comments
+        ) VALUES (gen_random_uuid(), $1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12)
+        ON CONFLICT (pr_id) DO NOTHING
     `, [
-        prId,
-        projectId,
-        email,
+        repoId,
+        pr.number,
         pr.title?.substring(0, 500),
-        pr.head?.ref,
-        pr.base?.ref,
-        pr.merged ? 'merged' : pr.state,
+        authorEmail,
+        status,
         pr.created_at,
-        pr.merged_at,
-        pr.closed_at,
-        pr.commits,
-        pr.changed_files,
-        pr.additions,
-        pr.deletions,
-        reviewTimeHours
+        pr.merged_at || null,
+        pr.closed_at || null,
+        pr.additions || 0,
+        pr.deletions || 0,
+        pr.changed_files || 0,
+        pr.review_comments || 0
     ]);
 
-    console.log(`Recorded PR ${prId} for ${email}`);
+    console.log(`Recorded PR #${pr.number} (${status}) for ${authorEmail}`);
 }

package/src/index.js

@@ -65,7 +65,7 @@ class MindmeldClient {
         companyId: config.companyId || null,
         collaborators: config.collaborators || [],
         userEmail: config.userEmail || null,
-        subscriptionTier: config.subscriptionTier || 'free'
+        subscriptionTier: config.subscriptionTier || 'enterprise'
       };
 
       return this.currentProject;
@@ -310,72 +310,64 @@ class MindmeldClient {
       try {
         const apiUrl = this.config.apiUrl;
 
-        // Build query params
+        // Build query params (no path parameters per standards)
+        // Uses /api/correlations/project which returns pattern effectiveness and team data
         const params = new URLSearchParams();
-        if (userId) params.append('userId', userId);
-        params.append('patternLimit', patternLimit.toString());
-        params.append('learningDays', learningDays.toString());
+        params.append('project_id', projectId);
+        params.append('lookbackDays', learningDays.toString());
 
         const response = await this._makeApiRequest(
-          `${apiUrl}/api/projects/${projectId}/context?${params.toString()}`,
+          `${apiUrl}/api/correlations/project?${params.toString()}`,
           'GET'
         );
 
         if (response.error) {
           console.error('[Rapport] loadProjectContext API error:', response.error);
           // Fall through to local storage
-        } else {
-          // Return normalized context object
+        } else if (response.data) {
+          const data = response.data;
+          // Return normalized context object from correlations endpoint
           return {
-            projectId: response.project_id || projectId,
-            projectName: response.project_name,
-            companyId: response.company_id,
-
-            // Team patterns (validated and reinforced)
-            patterns: (response.patterns || []).map(p => ({
-              patternId: p.pattern_id,
-              intent: p.intent,
-              element: p.element || p.intent,
+            projectId: data.project?.projectId || projectId,
+            projectName: data.project?.projectName,
+            companyId: data.project?.companyId,
+
+            // Team patterns from pattern effectiveness data
+            patterns: (data.patternEffectiveness || []).slice(0, patternLimit).map(p => ({
+              patternId: p.pattern_id || p.patternId,
+              intent: p.intent || p.element,
+              element: p.element,
               maturity: p.maturity,
-              confidence: p.confidence || p.success_rate,
-              usageCount: p.usage_count || p.handoff_count,
+              confidence: p.success_rate || p.correlation || 0,
+              usageCount: p.usage_count || p.usageCount || 0,
               lastUsed: p.last_used
             })),
 
-            // Load-bearing context elements
-            loadBearingElements: (response.load_bearing_elements || []).map(e => ({
-              elementId: e.element_id,
-              type: e.element_type,
-              key: e.element_key,
-              value: e.element_value,
-              correlation: e.team_correlation,
-              confidence: e.confidence,
-              isLoadBearing: e.is_load_bearing
-            })),
-
-            // Recent team learning
-            recentLearning: (response.recent_learning || []).map(l => ({
-              patternId: l.pattern_id,
-              element: l.element,
-              learnedBy: l.discovered_by || l.email_address,
-              learnedAt: l.discovered_at || l.used_at,
-              success: l.success
+            // Recent correlations as learning events
+            recentLearning: (data.recentCorrelations || []).map(c => ({
+              patternId: c.session_id,
+              element: c.commit_message || 'session',
+              learnedBy: c.email,
+              learnedAt: c.session_end || c.commit_time,
+              success: c.correlation_score > 0.5
             })),
 
-            // Collaborators
-            collaborators: (response.collaborators || []).map(c => ({
-              email: c.email_address || c.email,
-              role: c.role,
-              isExternal: c.is_external,
-              lastActive: c.last_active
+            // Developer breakdown as collaborator activity
+            collaborators: (data.developerBreakdown || []).map(d => ({
+              email: d.email,
+              role: 'collaborator',
+              isExternal: false,
+              sessions: d.totalSessions,
+              commits: d.totalCommits,
+              correlation: d.avgCorrelation
             })),
 
-            // Standards applicable to this project
-            applicableStandards: response.applicable_standards || [],
+            // Metrics
+            metrics: data.metrics,
 
             // Metadata
-            lastActive: response.last_active,
-            sessionCount: response.session_count || 0
+            lastActive: null,
+            sessionCount: data.metrics?.totalSessions || 0
           };
         }
       } catch (error) {
@@ -721,14 +713,14 @@ class MindmeldClient {
    * @param {string} sessionId - Session identifier
    * @param {Array} standards - Array of standards that were injected
    */
-  recordStandardsShown(sessionId, standards) {
+  recordStandardsShown(sessionId, standards, projectId, userId) {
     // Fire and forget - don't await to keep hook fast
-    this._recordStandardsAsync(sessionId, standards).catch(err => {
+    this._recordStandardsAsync(sessionId, standards, projectId, userId).catch(err => {
       console.error('[Rapport] recordStandardsShown error:', err.message);
     });
   }
 
-  async _recordStandardsAsync(sessionId, standards) {
+  async _recordStandardsAsync(sessionId, standards, projectId, userId) {
     if (!standards || standards.length === 0) return;
 
     const apiUrl = this.config.apiUrl;
@@ -738,9 +730,12 @@ class MindmeldClient {
     // Prepare payload
     const payload = JSON.stringify({
       session_id: sessionId,
+      project_id: projectId || undefined,
+      user_id: userId || undefined,
       standards: standards.map(s => ({
         pattern_id: s.pattern_id || s.element,
-        relevance_score: s.score || 0
+        title: s.element || s.pattern_id,
+        relevance_score: s.relevance_score || s.score || 0
       }))
     });