@equilateral_ai/mindmeld 3.3.1 → 3.5.0

package/src/handlers/scheduled/maturityUpdateJob.js

@@ -0,0 +1,166 @@
+/**
+ * Maturity Update Scheduled Job
+ * Auto-progresses/demotes standards maturity based on 30-day compliance evidence
+ *
+ * Schedule: Daily
+ * Auth: None (Lambda scheduled event)
+ *
+ * Maturity progression rules (based on session_standards compliance data):
+ * - >90% followed + >50 sessions → enforced
+ * - >70% followed + >20 sessions → validated
+ * - <30% followed + >20 sessions → demote to provisional
+ *
+ * Records all transitions in standards_audit_trail for traceability
+ */
+
+const { wrapHandler, executeQuery, createSuccessResponse } = require('./helpers');
+
+/**
+ * Main handler
+ */
+exports.handler = wrapHandler(async (event, context) => {
+    console.log('[MaturityUpdateJob] Starting maturity auto-progression...');
+
+    const lookbackDays = (event && event.lookbackDays) || 30;
+    const dryRun = (event && event.dryRun) || false;
+
+    const summary = {
+        startedAt: new Date().toISOString(),
+        standardsEvaluated: 0,
+        promotions: 0,
+        demotions: 0,
+        unchanged: 0,
+        transitions: [],
+        errors: []
+    };
+
+    try {
+        // Query 30-day compliance rates per standard from session_standards
+        const complianceQuery = `
+            SELECT
+                ss.standard_id,
+                ss.standard_name,
+                COUNT(*) as total_sessions,
+                COUNT(*) FILTER (WHERE ss.followed = true) as followed_count,
+                COUNT(*) FILTER (WHERE ss.violated = true) as violated_count,
+                ROUND(
+                    COUNT(*) FILTER (WHERE ss.followed = true)::decimal /
+                    NULLIF(COUNT(*), 0),
+                    3
+                ) as follow_rate,
+                sp.maturity as current_maturity
+            FROM rapport.session_standards ss
+            LEFT JOIN rapport.standards_patterns sp ON sp.pattern_id = ss.standard_id
+            WHERE ss.shown_at > NOW() - INTERVAL '${lookbackDays} days'
+            GROUP BY ss.standard_id, ss.standard_name, sp.maturity
+            HAVING COUNT(*) >= 10
+            ORDER BY total_sessions DESC
+        `;
+
+        const complianceResult = await executeQuery(complianceQuery);
+        const standards = complianceResult.rows;
+
+        summary.standardsEvaluated = standards.length;
+        console.log(`[MaturityUpdateJob] Evaluating ${standards.length} standards with sufficient data`);
+
+        for (const standard of standards) {
+            const totalSessions = parseInt(standard.total_sessions);
+            const followRate = parseFloat(standard.follow_rate) || 0;
+            const currentMaturity = standard.current_maturity || 'provisional';
+
+            // Determine target maturity
+            let targetMaturity = currentMaturity;
+
+            if (followRate > 0.90 && totalSessions >= 50) {
+                targetMaturity = 'enforced';
+            } else if (followRate > 0.70 && totalSessions >= 20) {
+                targetMaturity = 'validated';
+            } else if (followRate < 0.30 && totalSessions >= 20) {
+                targetMaturity = 'provisional';
+            }
+
+            if (targetMaturity === currentMaturity) {
+                summary.unchanged++;
+                continue;
+            }
+
+            // Determine if this is a promotion or demotion
+            const maturityOrder = { provisional: 0, validated: 1, reinforced: 2, enforced: 3 };
+            const isPromotion = (maturityOrder[targetMaturity] || 0) > (maturityOrder[currentMaturity] || 0);
+
+            const transition = {
+                standard_id: standard.standard_id,
+                standard_name: standard.standard_name,
+                from: currentMaturity,
+                to: targetMaturity,
+                direction: isPromotion ? 'promotion' : 'demotion',
+                follow_rate: followRate,
+                total_sessions: totalSessions
+            };
+
+            summary.transitions.push(transition);
+
+            if (dryRun) {
+                console.log(`[MaturityUpdateJob] DRY RUN: Would ${transition.direction} ${standard.standard_id}: ${currentMaturity} → ${targetMaturity} (${(followRate * 100).toFixed(1)}% followed, ${totalSessions} sessions)`);
+                if (isPromotion) summary.promotions++;
+                else summary.demotions++;
+                continue;
+            }
+
+            try {
+                // Update standards_patterns maturity
+                await executeQuery(`
+                    UPDATE rapport.standards_patterns
+                    SET maturity = $1, last_updated = NOW()
+                    WHERE pattern_id = $2
+                `, [targetMaturity, standard.standard_id]);
+
+                // Record in audit trail
+                await executeQuery(`
+                    INSERT INTO rapport.standards_audit_trail (
+                        standard_id, action, old_state, new_state,
+                        user_email, reason, metadata, created_at
+                    ) VALUES ($1, $2, $3, $4, $5, $6, $7, NOW())
+                `, [
+                    standard.standard_id,
+                    isPromotion ? 'auto_promote' : 'auto_demote',
+                    currentMaturity,
+                    targetMaturity,
+                    'system@mindmeld.dev',
+                    `Auto-${transition.direction}: ${(followRate * 100).toFixed(1)}% follow rate across ${totalSessions} sessions (30-day window)`,
+                    JSON.stringify({
+                        follow_rate: followRate,
+                        total_sessions: totalSessions,
+                        followed_count: parseInt(standard.followed_count),
+                        violated_count: parseInt(standard.violated_count),
+                        lookback_days: lookbackDays
+                    })
+                ]);
+
+                if (isPromotion) summary.promotions++;
+                else summary.demotions++;
+
+                console.log(`[MaturityUpdateJob] ${transition.direction}: ${standard.standard_id} ${currentMaturity} → ${targetMaturity}`);
+
+            } catch (error) {
+                console.error(`[MaturityUpdateJob] Error updating ${standard.standard_id}:`, error.message);
+                summary.errors.push({
+                    standard_id: standard.standard_id,
+                    error: error.message
+                });
+            }
+        }
+
+    } catch (error) {
+        console.error('[MaturityUpdateJob] Job failed:', error);
+        summary.errors.push({ step: 'main', error: error.message });
+    }
+
+    summary.completedAt = new Date().toISOString();
+    console.log(`[MaturityUpdateJob] Complete: ${summary.promotions} promotions, ${summary.demotions} demotions, ${summary.unchanged} unchanged`);
+
+    return createSuccessResponse(
+        summary,
+        `Maturity update complete: ${summary.promotions} promotions, ${summary.demotions} demotions`
+    );
+});

package/src/handlers/sessions/sessionStandardsPost.js

@@ -41,7 +41,7 @@ async function recordSessionStandards({ body: requestBody = {}, requestContext }
         }
 
         // Try to ensure session exists (upsert with minimal data)
-        // This may fail if project_id is not provided or invalid - that's OK
+        // If project doesn't exist, auto-create it to prevent silent session loss
         if (project_id && user_id) {
             const sessionUpsertQuery = `
                 INSERT INTO rapport.sessions (
@@ -59,9 +59,42 @@ async function recordSessionStandards({ body: requestBody = {}, requestContext }
             try {
                 await executeQuery(sessionUpsertQuery, [session_id, project_id, user_id]);
             } catch (sessionError) {
-                // Session insert failed (FK constraint probably)
-                // Continue anyway - we'll try to record standards
-                console.error('[sessionStandardsPost] Session upsert failed:', sessionError.message);
+                // FK constraint on project_id — auto-create the project and retry
+                if (sessionError.code === '23503' && sessionError.constraint && sessionError.constraint.includes('project_id')) {
+                    console.log(`[sessionStandardsPost] Project ${project_id} not found, auto-creating`);
+                    try {
+                        // Look up user's company_id
+                        const entResult = await executeQuery(
+                            `SELECT company_id FROM rapport.user_entitlements WHERE email_address = $1 LIMIT 1`,
+                            [user_id]
+                        );
+                        if (entResult.rowCount > 0) {
+                            const company_id = entResult.rows[0].company_id;
+                            // Derive a readable project name from the project_id
+                            // e.g. prj_pareidolia_main_1770727596802 → pareidolia main
+                            const projectName = project_id
+                                .replace(/^prj_/, '')
+                                .replace(/_\d+$/, '')
+                                .replace(/_/g, ' ');
+
+                            await executeQuery(`
+                                INSERT INTO rapport.projects (project_id, company_id, project_name, private)
+                                VALUES ($1, $2, $3, false)
+                                ON CONFLICT (project_id) DO NOTHING
+                            `, [project_id, company_id, projectName]);
+
+                            // Retry session upsert
+                            await executeQuery(sessionUpsertQuery, [session_id, project_id, user_id]);
+                            console.log(`[sessionStandardsPost] Auto-created project ${project_id} under ${company_id}`);
+                        } else {
+                            console.error(`[sessionStandardsPost] No entitlement found for ${user_id}, cannot auto-create project`);
+                        }
+                    } catch (autoCreateError) {
+                        console.error('[sessionStandardsPost] Auto-create project failed:', autoCreateError.message);
+                    }
+                } else {
+                    console.error('[sessionStandardsPost] Session upsert failed:', sessionError.message);
+                }
             }
         }
 
@@ -71,6 +104,7 @@ async function recordSessionStandards({ body: requestBody = {}, requestContext }
 
         for (const standard of standards) {
             const standardId = standard.pattern_id || standard.element;
+            const standardName = standard.title || standard.element || standardId;
             const relevanceScore = standard.relevance_score || standard.score || 0;
 
             if (!standardId) {
@@ -82,14 +116,15 @@ async function recordSessionStandards({ body: requestBody = {}, requestContext }
                 INSERT INTO rapport.session_standards (
                     session_id,
                     standard_id,
+                    standard_name,
                     relevance_score,
-                    shown_at
+                    created_at
                 ) VALUES (
-                    $1, $2, $3, NOW()
+                    $1, $2, $3, $4, NOW()
                 )
                 ON CONFLICT (session_id, standard_id) DO UPDATE SET
                     relevance_score = EXCLUDED.relevance_score,
-                    shown_at = NOW()
+                    created_at = NOW()
                 RETURNING id
             `;
 
@@ -97,6 +132,7 @@ async function recordSessionStandards({ body: requestBody = {}, requestContext }
                 const result = await executeQuery(insertQuery, [
                     session_id,
                     standardId,
+                    standardName,
                     relevanceScore
                 ]);
 

package/src/handlers/standards/discoveriesGet.js

@@ -0,0 +1,93 @@
+/**
+ * Discoveries Get Handler
+ * Returns discovery review queue for a project
+ *
+ * GET /api/standards/discoveries?project_id=xxx&status=proposed
+ * Auth: Cognito JWT required
+ */
+
+const { wrapHandler, executeQuery, createSuccessResponse, createErrorResponse } = require('./helpers');
+
+async function getDiscoveries({ queryStringParameters, requestContext }) {
+    try {
+        const email = requestContext.authorizer?.claims?.email || requestContext.authorizer?.jwt?.claims?.email;
+
+        if (!email) {
+            return createErrorResponse(401, 'Authentication required');
+        }
+
+        const projectId = (queryStringParameters || {}).project_id;
+        const status = (queryStringParameters || {}).status;
+
+        if (!projectId) {
+            return createErrorResponse(400, 'project_id is required');
+        }
+
+        // Verify user has access to project
+        const accessResult = await executeQuery(`
+            SELECT role FROM rapport.project_collaborators
+            WHERE project_id = $1 AND email_address = $2
+        `, [projectId, email]);
+
+        if (accessResult.rowCount === 0) {
+            return createErrorResponse(403, 'Access denied to project');
+        }
+
+        // Build query with optional status filter
+        let query = `
+            SELECT
+                discovery_id,
+                project_id,
+                pattern_name,
+                pattern_description,
+                confidence,
+                discovery_type,
+                status,
+                evidence,
+                reason,
+                reason_code,
+                created_at,
+                updated_at
+            FROM rapport.onboarding_discoveries
+            WHERE project_id = $1
+        `;
+        const params = [projectId];
+
+        if (status) {
+            query += ` AND status = $2`;
+            params.push(status);
+        }
+
+        query += ` ORDER BY confidence DESC, created_at DESC`;
+
+        const result = await executeQuery(query, params);
+
+        // Map DB columns to frontend Discovery interface
+        const records = result.rows.map(row => ({
+            id: row.discovery_id,
+            project_id: row.project_id,
+            name: row.pattern_name,
+            description: row.pattern_description || '',
+            confidence: parseFloat(row.confidence) || 0,
+            source: 'github',
+            category: row.discovery_type || 'Architecture',
+            status: row.status || 'proposed',
+            rule_text: null,
+            action_type: null,
+            evidence: row.evidence || null,
+            created_at: row.created_at,
+            updated_at: row.updated_at
+        }));
+
+        return createSuccessResponse({
+            records,
+            total: result.rowCount
+        }, `Found ${result.rowCount} discoveries`);
+
+    } catch (error) {
+        console.error('Discoveries Get Error:', error);
+        return createErrorResponse(500, 'Failed to load discoveries');
+    }
+}
+
+exports.handler = wrapHandler(getDiscoveries);

package/src/handlers/standards/projectStandardsGet.js

@@ -8,7 +8,7 @@
 
 const { wrapHandler, executeQuery, createSuccessResponse, createErrorResponse } = require('./helpers');
 
-async function getProjectStandards({ queryStringParameters, requestContext }) {
+async function getProjectStandards({ queryStringParameters, pathParameters, requestContext }) {
     try {
         const email = requestContext.authorizer?.claims?.email || requestContext.authorizer?.jwt?.claims?.email;
 
@@ -16,7 +16,7 @@ async function getProjectStandards({ queryStringParameters, requestContext }) {
             return createErrorResponse(401, 'Authentication required');
         }
 
-        const projectId = (queryStringParameters || {}).project_id;
+        const projectId = pathParameters?.projectId || (queryStringParameters || {}).project_id;
 
         if (!projectId) {
             return createErrorResponse(400, 'projectId is required');

package/src/handlers/standards/projectStandardsPut.js

@@ -9,7 +9,7 @@
 
 const { wrapHandler, executeQuery, createSuccessResponse, createErrorResponse } = require('./helpers');
 
-async function updateProjectStandards({ body, requestContext }) {
+async function updateProjectStandards({ body, pathParameters, requestContext }) {
     try {
         const email = requestContext.authorizer?.claims?.email || requestContext.authorizer?.jwt?.claims?.email;
 
@@ -17,7 +17,7 @@ async function updateProjectStandards({ body, requestContext }) {
             return createErrorResponse(401, 'Authentication required');
         }
 
-        const projectId = (body || {}).project_id;
+        const projectId = pathParameters?.projectId || (body || {}).project_id;
 
         if (!projectId) {
             return createErrorResponse(400, 'projectId is required');

package/src/handlers/standards/standardsRelevantPost.js

@@ -18,15 +18,16 @@ const { wrapHandler, executeQuery, createSuccessResponse, createErrorResponse }
  */
 const CATEGORY_WEIGHTS = {
     'serverless-saas-aws': 1.0,
-    'multi-agent-orchestration': 1.0,
     'frontend-development': 1.0,
     'database': 0.9,
-    'compliance-security': 0.8,
-    'cost-optimization': 0.7,
-    'real-time-systems': 0.8,
-    'testing': 0.6,
     'backend': 0.9,
-    'well-architected': 0.7
+    'compliance-security': 0.9,
+    'deployment': 0.8,
+    'testing': 0.7,
+    'real-time-systems': 0.7,
+    'well-architected': 0.7,
+    'cost-optimization': 0.7,
+    'multi-agent-orchestration': 0.1,  // Infrastructure config, rarely needed in coding sessions
 };
 
 /**
@@ -54,6 +55,9 @@ function mapCharacteristicsToCategories(characteristics) {
     if (characteristics.hasTests) {
         categories.add('testing');
     }
+    if (characteristics.hasSAM || characteristics.hasLambda || characteristics.hasAPI) {
+        categories.add('deployment');
+    }
 
     // Always relevant
     categories.add('compliance-security');
@@ -65,7 +69,7 @@ function mapCharacteristicsToCategories(characteristics) {
 /**
  * Rank standards by relevance score
  */
-function rankStandards(standards) {
+function rankStandards(standards, recentCategories) {
     return standards.map(standard => {
         let score = 0;
 
@@ -98,6 +102,23 @@ function rankStandards(standards) {
             if (apCount > 0) score += 5;
         }
 
+        // Workflow bonus — workflows are high-value procedural knowledge
+        const isWorkflow = (standard.rule && standard.rule.startsWith('WORKFLOW:'))
+            || (Array.isArray(standard.keywords) && standard.keywords.includes('workflow'));
+        if (isWorkflow) score += 10;
+
+        // Recency bonus — boost categories the user has been working in recently
+        // Scaled by category weight to prevent feedback loops (low-weight categories
+        // that got injected shouldn't bootstrap themselves back into the top 10)
+        if (recentCategories && recentCategories[standard.category]) {
+            const usageCount = recentCategories[standard.category];
+            let rawBonus;
+            if (usageCount >= 8) rawBonus = 25;
+            else if (usageCount >= 4) rawBonus = 18;
+            else rawBonus = 10;
+            score += rawBonus * categoryWeight;
+        }
+
         return {
             ...standard,
             relevance_score: Math.round(score * 10) / 10
@@ -141,6 +162,25 @@ async function getRelevantStandards({ body, requestContext }) {
         return createErrorResponse(401, 'Authentication required');
     }
 
+    // Verify active subscription — no free tier access
+    const subResult = await executeQuery(`
+        SELECT c.subscription_tier, c.subscription_status
+        FROM rapport.users u
+        JOIN rapport.clients c ON u.client_id = c.client_id
+        WHERE u.email_address = $1
+        LIMIT 1
+    `, [email]);
+
+    if (subResult.rows.length > 0) {
+        const { subscription_tier, subscription_status } = subResult.rows[0];
+        if (!subscription_tier || subscription_tier === 'free') {
+            return createErrorResponse(403, 'Active MindMeld subscription required. Subscribe at app.mindmeld.dev');
+        }
+        if (subscription_status === 'canceled') {
+            return createErrorResponse(403, 'Subscription canceled. Resubscribe at app.mindmeld.dev');
+        }
+    }
+
     // Parse request body
     let requestBody;
     try {
@@ -166,13 +206,43 @@ async function getRelevantStandards({ body, requestContext }) {
         }, 'No relevant categories detected');
     }
 
-    // Query standards matching categories
+    // Query recent session categories first (fast), then merge into categories for main query
+    const recentCategories = {};
+    try {
+        const recencyResult = await executeQuery(`
+            SELECT sp.category, COUNT(*) as usage_count
+            FROM rapport.session_standards ss
+            JOIN rapport.sessions s ON s.session_id = ss.session_id
+            JOIN rapport.standards_patterns sp ON sp.pattern_id = ss.standard_id
+            WHERE s.email_address = $1
+                AND s.started_at >= NOW() - INTERVAL '7 days'
+            GROUP BY sp.category
+            ORDER BY usage_count DESC
+            LIMIT 5
+        `, [email]);
+        for (const row of recencyResult.rows) {
+            recentCategories[row.category] = parseInt(row.usage_count, 10);
+        }
+    } catch (err) {
+        console.error('[standardsRelevant] Recency query failed:', err.message);
+    }
+
+    // Merge recency categories into query — recent activity should always be represented
+    for (const category of Object.keys(recentCategories)) {
+        if (!categories.includes(category)) {
+            categories.push(category);
+        }
+    }
+
+    // Query standards from all relevant categories (static + recency)
     const result = await executeQuery(`
         SELECT
             pattern_id,
             element,
+            title,
             rule,
             category,
+            keywords,
             correlation,
             maturity,
             applicable_files,
@@ -192,16 +262,41 @@ async function getRelevantStandards({ body, requestContext }) {
             correlation DESC
     `, [categories]);
 
-    // Rank by relevance
-    let ranked = rankStandards(result.rows);
+    // Rank by relevance with recency boost
+    let ranked = rankStandards(result.rows, recentCategories);
+
+    // Deduplicate by element name (same rule can be ingested with different path prefixes)
+    const seenElements = new Set();
+    ranked = ranked.filter(standard => {
+        const key = standard.element;
+        if (seenElements.has(key)) return false;
+        seenElements.add(key);
+        return true;
+    });
 
     // Apply preferences if provided
     if (preferences) {
         ranked = applyPreferences(ranked, preferences);
     }
 
-    // Return top 10
-    const top = ranked.slice(0, 10);
+    // Return top 10 with diversity caps:
+    // - Max 2 per category (prevents single-category saturation)
+    // - Max 1 per standard title (prevents same-file rule pairs wasting slots)
+    const MAX_PER_CATEGORY = 2;
+    const MAX_PER_TITLE = 1;
+    const top = [];
+    const categoryCounts = {};
+    const titleCounts = {};
+    for (const standard of ranked) {
+        const cat = standard.category;
+        const title = standard.title || standard.element;
+        categoryCounts[cat] = (categoryCounts[cat] || 0) + 1;
+        titleCounts[title] = (titleCounts[title] || 0) + 1;
+        if (categoryCounts[cat] <= MAX_PER_CATEGORY && titleCounts[title] <= MAX_PER_TITLE) {
+            top.push(standard);
+            if (top.length >= 10) break;
+        }
+    }
 
     return createSuccessResponse({
         standards: top,