@fairfox/polly 0.83.0 → 0.85.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/dist/tools/bdd/src/cli.js +23 -19
  2. package/dist/tools/bdd/src/cli.js.map +4 -4
  3. package/dist/tools/bdd/src/index.js +23 -19
  4. package/dist/tools/bdd/src/index.js.map +4 -4
  5. package/dist/tools/bdd/src/types.d.ts +7 -0
  6. package/dist/tools/verify/src/cli.js +462 -113
  7. package/dist/tools/verify/src/cli.js.map +8 -8
  8. package/dist/tools/verify/src/config.d.ts +7 -0
  9. package/dist/tools/verify/src/config.js.map +2 -2
  10. package/dist/tools/visualize/src/cli.js +164 -1
  11. package/dist/tools/visualize/src/cli.js.map +3 -3
  12. package/package.json +1 -1
package/dist/tools/verify/src/config.d.ts CHANGED
@@ -12,6 +12,12 @@ interface SubsystemConfig {
12
12
  perMessageBounds?: Record<string, number>;
13
13
  };
14
14
  }
15
+ interface CustomTLAPath {
16
+ tla: string;
17
+ cfg: string;
18
+ module?: string;
19
+ fields?: Record<string, string>;
20
+ }
15
21
  interface LegacyVerificationConfig {
16
22
  state: Record<string, unknown>;
17
23
  /**
@@ -58,6 +64,7 @@ interface LegacyVerificationConfig {
58
64
  workers?: number;
59
65
  };
60
66
  subsystems?: Record<string, SubsystemConfig>;
67
+ customTLAPaths?: Record<string, CustomTLAPath>;
61
68
  tier2?: {
62
69
  temporalConstraints?: Array<{
63
70
  before: string;
package/dist/tools/verify/src/config.js.map CHANGED
@@ -3,9 +3,9 @@
3
3
  "sources": ["../tools/verify/src/primitives/index.ts", "../tools/verify/src/config.ts"],
4
4
  "sourcesContent": [
5
5
  "// Verification primitives for formal verification\n// These are runtime no-ops but extracted during verification\n\n/**\n * Assert a precondition that must be true when the handler executes.\n *\n * In production: No-op (compiled away)\n * In verification: Translated to TLA+ assertion\n *\n * @example\n * messageBus.on(\"USER_LOGIN\", (payload) => {\n * requires(state.user.loggedIn === false, \"User must not be logged in\")\n * state.user.loggedIn = true\n * })\n */\nexport function requires(condition: boolean, message?: string): void {\n // Runtime no-op - only used during verification\n // Condition and message are checked during static analysis only\n void condition;\n void message;\n}\n\n/**\n * Assert a postcondition that must be true after the handler completes.\n *\n * In production: No-op (compiled away)\n * In verification: Translated to TLA+ assertion\n *\n * @example\n * messageBus.on(\"USER_LOGIN\", (payload) => {\n * state.user.loggedIn = true\n * ensures(state.user.loggedIn === true, \"User must be logged in\")\n * })\n */\nexport function ensures(condition: boolean, message?: string): void {\n // Runtime no-op - only used during verification\n // Condition and message are checked during static analysis only\n void condition;\n void message;\n}\n\n/**\n * Define a global invariant that must always hold.\n *\n * In production: No-op (compiled away)\n * In verification: Translated to TLA+ invariant\n *\n * @example\n * invariant(\"UserIdConsistent\", () =>\n * state.user.loggedIn === false || state.user.id !== null\n * )\n */\nexport function invariant(_name: string, condition: () => boolean): void {\n // Runtime no-op - only used during verification\n // Name and condition are checked during static analysis only\n void condition;\n}\n\n/**\n * Assert that a value is within a valid range.\n *\n * @example\n * requires(inRange(todoCount, 0, 100), \"Todo count must be 0-100\")\n */\nexport function inRange(value: number, min: number, max: number): boolean {\n return value >= min && value <= max;\n}\n\n/**\n * Assert that a value is one of the allowed values.\n *\n * @example\n * requires(oneOf(state.user.role, [\"admin\", \"user\"]), \"Role must be admin or user\")\n */\nexport function oneOf<T>(value: T, allowed: T[]): boolean {\n return allowed.includes(value);\n}\n\n/**\n * Assert that an array has a specific length constraint.\n *\n * @example\n * requires(hasLength(state.todos, { max: 10 }), \"Too many todos\")\n */\nexport function hasLength(array: unknown[], constraint: { min?: number; max?: number }): boolean {\n if (constraint.min !== undefined && array.length < constraint.min) return false;\n if (constraint.max !== undefined && array.length > constraint.max) return false;\n return true;\n}\n\n/**\n * Declare state-level constraints for verification and optional runtime checking.\n * Maps message types to preconditions on state fields.\n *\n * The parser automatically wires these constraints to handlers during verification.\n * Optionally, constraints can be enforced at runtime by passing `{ runtime: true }`.\n *\n * @example\n * // Verification only (TLA+ generation)\n * const state = { loggedIn: false };\n *\n * $constraints(\"loggedIn\", {\n * USER_LOGOUT: { requires: \"state.loggedIn === true\", message: \"Must be logged in\" },\n * BOOKMARK_ADD: { requires: \"state.loggedIn === true\", message: \"Must be logged in\" },\n * });\n *\n * @example\n * // Runtime enforcement (function predicates)\n * $constraints(\"loggedIn\", {\n * USER_LOGOUT: {\n * requires: (state) => state.loggedIn === true,\n * message: \"Must be logged in to logout\"\n * },\n * }, { runtime: true });\n */\nexport function $constraints(\n stateField: string,\n constraints: Record<\n string,\n {\n requires?: string | ((state: unknown) => boolean);\n ensures?: string | ((state: unknown) => boolean);\n message?: string;\n }\n >,\n options?: { runtime?: boolean }\n): void {\n // Register constraints for runtime checking if enabled\n if (options?.runtime) {\n // Import dynamically to avoid circular dependencies\n // This is safe because it only happens at runtime, not during static analysis\n // @ts-expect-error - Dynamic import path resolves correctly at runtime\n import(\"../../../src/shared/lib/constraints.js\")\n .then(({ registerConstraints }) => {\n registerConstraints(stateField, constraints);\n })\n .catch(() => {\n // Silently ignore - constraints module may not be available during static analysis\n });\n }\n\n // For verification: Still a no-op at runtime\n // Parser extracts these and wires them to TLA+ handlers\n}\n\n/**\n * Declare a global state constraint that prunes structurally impossible states.\n *\n * In production: No-op (compiled away)\n * In verification: Translated to TLC CONSTRAINT clause, discarding states\n * that violate the predicate from the exploration queue entirely.\n *\n * Unlike `invariant()` (which checks but still explores), `stateConstraint()`\n * prevents the model checker from ever reaching the pruned states.\n *\n * @example\n * stateConstraint(\"LeaderRequiresConnection\", () =>\n * !connectionState.value.isLeader || connectionState.value.status === \"connected\"\n * )\n */\nexport function stateConstraint(\n name: string,\n predicate: () => boolean,\n options?: { message?: string }\n): void {\n void name;\n void predicate;\n void options;\n}\n\n/**\n * Cross-peer universal quantifier for use inside `requires` and\n * `ensures` predicates. The runtime is a no-op that simply runs the\n * predicate against a single dummy context (so the assertion never\n * triggers at runtime); the verifier recognizes the wrapper in\n * predicate source and emits a `\\A peer \\in Contexts \\ {ctx} : (...)`\n * clause that asks TLC to check the inner predicate against every\n * other context.\n *\n * @example\n * ensures(\n * forAllPeers(peer => peer.todos.value.length === todos.value.length),\n * \"every peer agrees on todo count\"\n * );\n */\nexport function forAllPeers<TPeer>(predicate: (peer: TPeer) => boolean): boolean {\n void predicate;\n return true;\n}\n\n/**\n * Cross-peer existential quantifier for use inside `requires` and\n * `ensures` predicates. Runtime no-op; the verifier emits a\n * `\\E peer \\in Contexts \\ {ctx} : (...)` clause.\n *\n * @example\n * ensures(\n * somePeer(peer => peer.user.value.loggedIn === true),\n * \"at least one peer has a logged-in user\"\n * );\n */\nexport function somePeer<TPeer>(predicate: (peer: TPeer) => boolean): boolean {\n void predicate;\n return true;\n}\n\n// Re-export for convenience\nexport const verify = {\n requires,\n ensures,\n invariant,\n inRange,\n oneOf,\n hasLength,\n $constraints,\n stateConstraint,\n forAllPeers,\n somePeer,\n};\n",
6
- "// Configuration Helper for @fairfox/polly/verify\n//\n// Lightweight entry point for user configuration files.\n// Does NOT include heavy dependencies (ts-morph, analysis, etc.)\n// which are only needed by the CLI tool.\n\n// Configuration Types (inlined to avoid heavy dependencies)\n\n// polly#160: a directional capability whose grant requires a precondition.\n// Desugars to a TLA+ safety invariant `(enabledBy) => (requires)`. enabledBy /\n// requires are TS boolean expressions in the requires()/ensures() dialect\n// referencing state via `state.` / signal `.value` form (e.g. \"state.authReady\").\n// Inlined here (like SubsystemConfig) so this authoring entry point stays\n// dependency-light; the canonical type is CapabilityConfig in config/types.ts.\ninterface CapabilityConfig {\n name: string;\n enabledBy: string;\n requires: string;\n message?: string;\n}\n\n// Subsystem configuration for compositional verification\ninterface SubsystemConfig {\n state: string[]; // Field names from parent state config\n handlers: string[]; // Message type names\n // Per-subsystem message bounds; override messages.maxInFlight and merge\n // into messages.perMessageBounds for this subsystem only.\n bounds?: {\n maxInFlight?: number;\n perMessageBounds?: Record<string, number>;\n };\n}\n\n// Legacy verification configuration\ninterface LegacyVerificationConfig {\n state: Record<string, unknown>;\n /**\n * polly#117: optional mesh-document declarations. When present, each\n * key names a `$meshState` document and its value declares the\n * field-level state schema for that document. The verifier emits a\n * separate slot in `contextStates[ctx].mesh[<docId>]` for these\n * fields and adds a `PropagateMeshOp` action that allows the doc's\n * value on one context to flow to another — modelling Automerge\n * sync between peers. Mesh references inside `forAllPeers` quantifiers\n * route through this slot so cross-peer convergence claims are\n * actually checked.\n *\n * @example\n * ```ts\n * defineVerification({\n * state: { localCounter: { type: \"number\", min: 0, max: 3 } },\n * mesh: {\n * todos: {\n * entries: { type: \"enum\", values: [\"empty\", \"one\", \"many\"] },\n * },\n * },\n * messages: { maxInFlight: 2 },\n * });\n * ```\n */\n mesh?: Record<string, Record<string, unknown>>;\n messages: {\n // Basic bounds\n maxInFlight?: number;\n maxTabs?: number;\n maxClients?: number;\n maxRenderers?: number;\n maxWorkers?: number;\n maxContexts?: number;\n\n // Tier 1 Optimizations (no precision loss)\n include?: string[]; // Only verify these message types\n exclude?: string[]; // Exclude these message types (mutually exclusive with include)\n symmetry?: string[][]; // Groups of symmetric message types [[type1, type2], [type3, type4]]\n perMessageBounds?: Record<string, number>; // Different maxInFlight per message type\n };\n onBuild?: \"warn\" | \"error\" | \"off\";\n onRelease?: \"warn\" | \"error\" | \"off\";\n\n // Verification engine options\n verification?: {\n timeout?: number; // Timeout in seconds (0 = no timeout)\n workers?: number; // Number of TLC workers\n };\n\n // Subsystem-scoped verification (compositional)\n subsystems?: Record<string, SubsystemConfig>;\n\n // Tier 2 Optimizations (controlled approximations)\n tier2?: {\n // Temporal constraints: ordering requirements between messages\n temporalConstraints?: Array<{\n before: string; // Message type that must occur first\n after: string; // Message type that must occur after\n description?: string; // Human-readable description\n }>;\n\n // Bounded exploration: limit depth for specific scenarios\n boundedExploration?: {\n maxDepth?: number; // Maximum state depth to explore\n criticalPaths?: string[][]; // Sequences of message types that must be fully explored\n };\n };\n\n // polly#160: directional capability invariants + write-coupling lint groups\n capabilities?: CapabilityConfig[];\n coupledFields?: string[][];\n}\n\n// Adapter-based configuration (for future use)\ninterface AdapterVerificationConfig {\n adapter: unknown; // Adapter interface not exported to avoid heavy deps\n state: Record<string, unknown>;\n bounds?: {\n maxInFlight?: number;\n [key: string]: unknown;\n };\n onBuild?: \"warn\" | \"error\" | \"off\";\n\n // polly#160: directional capability invariants + write-coupling lint groups\n capabilities?: CapabilityConfig[];\n coupledFields?: string[][];\n}\n\n// Union type for both config formats\ntype UnifiedVerificationConfig = LegacyVerificationConfig | AdapterVerificationConfig;\n\n/**\n * Define verification configuration with type checking\n *\n * Used in generated verification.config.ts files.\n *\n * @example\n * ```typescript\n * import { defineVerification } from '@fairfox/polly/verify'\n *\n * export default defineVerification({\n * state: {\n * \"user.role\": { type: \"enum\", values: [\"admin\", \"user\", \"guest\"] },\n * },\n * messages: {\n * maxInFlight: 6,\n * maxTabs: 2,\n * },\n * })\n * ```\n */\nexport function defineVerification<T extends UnifiedVerificationConfig>(config: T): T {\n // Validate configuration structure\n if (\"adapter\" in config) {\n // New adapter-based format\n if (!config.adapter) {\n throw new Error(\"Configuration must include an adapter\");\n }\n if (!config.state) {\n throw new Error(\"Configuration must include state bounds\");\n }\n } else if (\"messages\" in config) {\n // Legacy format\n if (!config.state) {\n throw new Error(\"Configuration must include state bounds\");\n }\n if (!config.messages) {\n throw new Error(\"Legacy configuration must include messages bounds\");\n }\n } else {\n throw new Error(\n \"Invalid configuration format. Must include either 'adapter' (new format) or 'messages' (legacy format)\"\n );\n }\n\n return config;\n}\n\n// Re-export verification primitives for user code\nexport {\n $constraints,\n ensures,\n forAllPeers,\n hasLength,\n inRange,\n oneOf,\n requires,\n somePeer,\n stateConstraint,\n} from \"./primitives/index.js\";\n"
6
+ "// Configuration Helper for @fairfox/polly/verify\n//\n// Lightweight entry point for user configuration files.\n// Does NOT include heavy dependencies (ts-morph, analysis, etc.)\n// which are only needed by the CLI tool.\n\n// Configuration Types (inlined to avoid heavy dependencies)\n\n// polly#160: a directional capability whose grant requires a precondition.\n// Desugars to a TLA+ safety invariant `(enabledBy) => (requires)`. enabledBy /\n// requires are TS boolean expressions in the requires()/ensures() dialect\n// referencing state via `state.` / signal `.value` form (e.g. \"state.authReady\").\n// Inlined here (like SubsystemConfig) so this authoring entry point stays\n// dependency-light; the canonical type is CapabilityConfig in config/types.ts.\ninterface CapabilityConfig {\n name: string;\n enabledBy: string;\n requires: string;\n message?: string;\n}\n\n// Subsystem configuration for compositional verification\ninterface SubsystemConfig {\n state: string[]; // Field names from parent state config\n handlers: string[]; // Message type names\n // Per-subsystem message bounds; override messages.maxInFlight and merge\n // into messages.perMessageBounds for this subsystem only.\n bounds?: {\n maxInFlight?: number;\n perMessageBounds?: Record<string, number>;\n };\n}\n\n// Point a subsystem's reachability witnesses at a hand-written TLA+ spec instead\n// of the generated UserApp_<subsystem>. Inlined here (like SubsystemConfig) to\n// keep this authoring entry point dependency-light; canonical type is\n// CustomTLAPath in config/types.ts.\ninterface CustomTLAPath {\n tla: string; // path (relative to cwd) to the hand-written .tla the witness EXTENDS\n cfg: string; // path (relative to cwd) to its .cfg\n module?: string; // module to EXTEND; defaults to the MODULE name parsed from `tla`\n fields?: Record<string, string>; // BDD field name → this spec's TLA+ variable name\n}\n\n// Legacy verification configuration\ninterface LegacyVerificationConfig {\n state: Record<string, unknown>;\n /**\n * polly#117: optional mesh-document declarations. When present, each\n * key names a `$meshState` document and its value declares the\n * field-level state schema for that document. The verifier emits a\n * separate slot in `contextStates[ctx].mesh[<docId>]` for these\n * fields and adds a `PropagateMeshOp` action that allows the doc's\n * value on one context to flow to another — modelling Automerge\n * sync between peers. Mesh references inside `forAllPeers` quantifiers\n * route through this slot so cross-peer convergence claims are\n * actually checked.\n *\n * @example\n * ```ts\n * defineVerification({\n * state: { localCounter: { type: \"number\", min: 0, max: 3 } },\n * mesh: {\n * todos: {\n * entries: { type: \"enum\", values: [\"empty\", \"one\", \"many\"] },\n * },\n * },\n * messages: { maxInFlight: 2 },\n * });\n * ```\n */\n mesh?: Record<string, Record<string, unknown>>;\n messages: {\n // Basic bounds\n maxInFlight?: number;\n maxTabs?: number;\n maxClients?: number;\n maxRenderers?: number;\n maxWorkers?: number;\n maxContexts?: number;\n\n // Tier 1 Optimizations (no precision loss)\n include?: string[]; // Only verify these message types\n exclude?: string[]; // Exclude these message types (mutually exclusive with include)\n symmetry?: string[][]; // Groups of symmetric message types [[type1, type2], [type3, type4]]\n perMessageBounds?: Record<string, number>; // Different maxInFlight per message type\n };\n onBuild?: \"warn\" | \"error\" | \"off\";\n onRelease?: \"warn\" | \"error\" | \"off\";\n\n // Verification engine options\n verification?: {\n timeout?: number; // Timeout in seconds (0 = no timeout)\n workers?: number; // Number of TLC workers\n };\n\n // Subsystem-scoped verification (compositional)\n subsystems?: Record<string, SubsystemConfig>;\n\n // Bind a subsystem's witnesses to a hand-written .tla/.cfg (read only by the\n // --witness pass; a custom subsystem is skipped during generated-spec verify).\n customTLAPaths?: Record<string, CustomTLAPath>;\n\n // Tier 2 Optimizations (controlled approximations)\n tier2?: {\n // Temporal constraints: ordering requirements between messages\n temporalConstraints?: Array<{\n before: string; // Message type that must occur first\n after: string; // Message type that must occur after\n description?: string; // Human-readable description\n }>;\n\n // Bounded exploration: limit depth for specific scenarios\n boundedExploration?: {\n maxDepth?: number; // Maximum state depth to explore\n criticalPaths?: string[][]; // Sequences of message types that must be fully explored\n };\n };\n\n // polly#160: directional capability invariants + write-coupling lint groups\n capabilities?: CapabilityConfig[];\n coupledFields?: string[][];\n}\n\n// Adapter-based configuration (for future use)\ninterface AdapterVerificationConfig {\n adapter: unknown; // Adapter interface not exported to avoid heavy deps\n state: Record<string, unknown>;\n bounds?: {\n maxInFlight?: number;\n [key: string]: unknown;\n };\n onBuild?: \"warn\" | \"error\" | \"off\";\n\n // polly#160: directional capability invariants + write-coupling lint groups\n capabilities?: CapabilityConfig[];\n coupledFields?: string[][];\n}\n\n// Union type for both config formats\ntype UnifiedVerificationConfig = LegacyVerificationConfig | AdapterVerificationConfig;\n\n/**\n * Define verification configuration with type checking\n *\n * Used in generated verification.config.ts files.\n *\n * @example\n * ```typescript\n * import { defineVerification } from '@fairfox/polly/verify'\n *\n * export default defineVerification({\n * state: {\n * \"user.role\": { type: \"enum\", values: [\"admin\", \"user\", \"guest\"] },\n * },\n * messages: {\n * maxInFlight: 6,\n * maxTabs: 2,\n * },\n * })\n * ```\n */\nexport function defineVerification<T extends UnifiedVerificationConfig>(config: T): T {\n // Validate configuration structure\n if (\"adapter\" in config) {\n // New adapter-based format\n if (!config.adapter) {\n throw new Error(\"Configuration must include an adapter\");\n }\n if (!config.state) {\n throw new Error(\"Configuration must include state bounds\");\n }\n } else if (\"messages\" in config) {\n // Legacy format\n if (!config.state) {\n throw new Error(\"Configuration must include state bounds\");\n }\n if (!config.messages) {\n throw new Error(\"Legacy configuration must include messages bounds\");\n }\n } else {\n throw new Error(\n \"Invalid configuration format. Must include either 'adapter' (new format) or 'messages' (legacy format)\"\n );\n }\n\n return config;\n}\n\n// Re-export verification primitives for user code\nexport {\n $constraints,\n ensures,\n forAllPeers,\n hasLength,\n inRange,\n oneOf,\n requires,\n somePeer,\n stateConstraint,\n} from \"./primitives/index.js\";\n"
7
7
  ],
8
- "mappings": ";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAeO,SAAS,QAAQ,CAAC,WAAoB,SAAwB;AAmB9D,SAAS,OAAO,CAAC,WAAoB,SAAwB;AA8B7D,SAAS,OAAO,CAAC,OAAe,KAAa,KAAsB;AAAA,EACxE,OAAO,SAAS,OAAO,SAAS;AAAA;AAS3B,SAAS,KAAQ,CAAC,OAAU,SAAuB;AAAA,EACxD,OAAO,QAAQ,SAAS,KAAK;AAAA;AASxB,SAAS,SAAS,CAAC,OAAkB,YAAqD;AAAA,EAC/F,IAAI,WAAW,QAAQ,aAAa,MAAM,SAAS,WAAW;AAAA,IAAK,OAAO;AAAA,EAC1E,IAAI,WAAW,QAAQ,aAAa,MAAM,SAAS,WAAW;AAAA,IAAK,OAAO;AAAA,EAC1E,OAAO;AAAA;AA4BF,SAAS,YAAY,CAC1B,YACA,aAQA,SACM;AAAA,EAEN,IAAI,SAAS,SAAS;AAAA,IAIb,iDACJ,KAAK,GAAG,0BAA0B;AAAA,MACjC,oBAAoB,YAAY,WAAW;AAAA,KAC5C,EACA,MAAM,MAAM,EAEZ;AAAA,EACL;AAAA;AAqBK,SAAS,eAAe,CAC7B,MACA,WACA,SACM;AAqBD,SAAS,WAAkB,CAAC,WAA8C;AAAA,EAE/E,OAAO;AAAA;AAcF,SAAS,QAAe,CAAC,WAA8C;AAAA,EAE5E,OAAO;AAAA;;;ACxDF,SAAS,kBAAuD,CAAC,QAAc;AAAA,EAEpF,IAAI,aAAa,QAAQ;AAAA,IAEvB,IAAI,CAAC,OAAO,SAAS;AAAA,MACnB,MAAM,IAAI,MAAM,uCAAuC;AAAA,IACzD;AAAA,IACA,IAAI,CAAC,OAAO,OAAO;AAAA,MACjB,MAAM,IAAI,MAAM,yCAAyC;AAAA,IAC3D;AAAA,EACF,EAAO,SAAI,cAAc,QAAQ;AAAA,IAE/B,IAAI,CAAC,OAAO,OAAO;AAAA,MACjB,MAAM,IAAI,MAAM,yCAAyC;AAAA,IAC3D;AAAA,IACA,IAAI,CAAC,OAAO,UAAU;AAAA,MACpB,MAAM,IAAI,MAAM,mDAAmD;AAAA,IACrE;AAAA,EACF,EAAO;AAAA,IACL,MAAM,IAAI,MACR,wGACF;AAAA;AAAA,EAGF,OAAO;AAAA;",
8
+ "mappings": ";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAeO,SAAS,QAAQ,CAAC,WAAoB,SAAwB;AAmB9D,SAAS,OAAO,CAAC,WAAoB,SAAwB;AA8B7D,SAAS,OAAO,CAAC,OAAe,KAAa,KAAsB;AAAA,EACxE,OAAO,SAAS,OAAO,SAAS;AAAA;AAS3B,SAAS,KAAQ,CAAC,OAAU,SAAuB;AAAA,EACxD,OAAO,QAAQ,SAAS,KAAK;AAAA;AASxB,SAAS,SAAS,CAAC,OAAkB,YAAqD;AAAA,EAC/F,IAAI,WAAW,QAAQ,aAAa,MAAM,SAAS,WAAW;AAAA,IAAK,OAAO;AAAA,EAC1E,IAAI,WAAW,QAAQ,aAAa,MAAM,SAAS,WAAW;AAAA,IAAK,OAAO;AAAA,EAC1E,OAAO;AAAA;AA4BF,SAAS,YAAY,CAC1B,YACA,aAQA,SACM;AAAA,EAEN,IAAI,SAAS,SAAS;AAAA,IAIb,iDACJ,KAAK,GAAG,0BAA0B;AAAA,MACjC,oBAAoB,YAAY,WAAW;AAAA,KAC5C,EACA,MAAM,MAAM,EAEZ;AAAA,EACL;AAAA;AAqBK,SAAS,eAAe,CAC7B,MACA,WACA,SACM;AAqBD,SAAS,WAAkB,CAAC,WAA8C;AAAA,EAE/E,OAAO;AAAA;AAcF,SAAS,QAAe,CAAC,WAA8C;AAAA,EAE5E,OAAO;AAAA;;;ACzCF,SAAS,kBAAuD,CAAC,QAAc;AAAA,EAEpF,IAAI,aAAa,QAAQ;AAAA,IAEvB,IAAI,CAAC,OAAO,SAAS;AAAA,MACnB,MAAM,IAAI,MAAM,uCAAuC;AAAA,IACzD;AAAA,IACA,IAAI,CAAC,OAAO,OAAO;AAAA,MACjB,MAAM,IAAI,MAAM,yCAAyC;AAAA,IAC3D;AAAA,EACF,EAAO,SAAI,cAAc,QAAQ;AAAA,IAE/B,IAAI,CAAC,OAAO,OAAO;AAAA,MACjB,MAAM,IAAI,MAAM,yCAAyC;AAAA,IAC3D;AAAA,IACA,IAAI,CAAC,OAAO,UAAU;AAAA,MACpB,MAAM,IAAI,MAAM,mDAAmD;AAAA,IACrE;AAAA,EACF,EAAO;AAAA,IACL,MAAM,IAAI,MACR,wGACF;AAAA;AAAA,EAGF,OAAO;AAAA;",
9
9
  "debugId": "D9257AB1F243F69864756E2164756E21",
10
10
  "names": []
11
11
  }
package/dist/tools/visualize/src/cli.js CHANGED
@@ -1732,6 +1732,7 @@ class HandlerExtractor {
1732
1732
  warnings;
1733
1733
  currentFunctionParams = [];
1734
1734
  contextOverrides;
1735
+ onSurfaceSpans = [];
1735
1736
  constructor(tsConfigPath, contextOverrides) {
1736
1737
  this.project = new Project3({
1737
1738
  tsConfigFilePath: tsConfigPath
@@ -1791,6 +1792,7 @@ class HandlerExtractor {
1791
1792
  const meshOrPeerSignals = [];
1792
1793
  const resources = [];
1793
1794
  this.warnings = [];
1795
+ this.onSurfaceSpans = [];
1794
1796
  const allSourceFiles = this.project.getSourceFiles();
1795
1797
  const entryPoints = allSourceFiles.filter((f) => this.isWithinPackage(f.getFilePath()));
1796
1798
  this.debugLogSourceFiles(allSourceFiles, entryPoints);
@@ -1825,6 +1827,30 @@ class HandlerExtractor {
1825
1827
  continue;
1826
1828
  meshOrPeerSignals.push(...this.extractMeshOrPeerSignalsFromFile(sourceFile));
1827
1829
  }
1830
+ const stateSignalNames = new Set;
1831
+ for (const filePath of this.analyzedFiles) {
1832
+ const sourceFile = this.project.getSourceFile(filePath);
1833
+ if (!sourceFile)
1834
+ continue;
1835
+ for (const name of this.extractStateSignalVariableNames(sourceFile)) {
1836
+ stateSignalNames.add(name);
1837
+ }
1838
+ }
1839
+ for (const v of verifiedStates)
1840
+ stateSignalNames.add(v.variableName);
1841
+ for (const m of meshOrPeerSignals)
1842
+ stateSignalNames.add(m.variableName);
1843
+ const offSurfaceMutations = [];
1844
+ if (stateSignalNames.size > 0) {
1845
+ for (const filePath of this.analyzedFiles) {
1846
+ if (!this.isOffSurfaceScannable(filePath))
1847
+ continue;
1848
+ const sourceFile = this.project.getSourceFile(filePath);
1849
+ if (!sourceFile)
1850
+ continue;
1851
+ offSurfaceMutations.push(...this.findOffSurfaceMutations(sourceFile, stateSignalNames));
1852
+ }
1853
+ }
1828
1854
  this.debugLogExtractionResults(handlers.length, invalidMessageTypes.size);
1829
1855
  this.debugLogAnalysisStats(allSourceFiles.length, entryPoints.length);
1830
1856
  return {
@@ -1835,6 +1861,7 @@ class HandlerExtractor {
1835
1861
  verifiedStates,
1836
1862
  meshOrPeerSignals,
1837
1863
  resources,
1864
+ offSurfaceMutations,
1838
1865
  warnings: this.warnings
1839
1866
  };
1840
1867
  }
@@ -2245,6 +2272,7 @@ class HandlerExtractor {
2245
2272
  return false;
2246
2273
  }
2247
2274
  extractAssignments(funcNode, assignments) {
2275
+ this.recordOnSurfaceSpan(funcNode);
2248
2276
  funcNode.forEachDescendant((node) => {
2249
2277
  if (Node4.isBinaryExpression(node)) {
2250
2278
  this.extractBinaryExpressionAssignment(node, assignments);
@@ -3831,6 +3859,7 @@ class HandlerExtractor {
3831
3859
  }
3832
3860
  findStateMutationsInFunction(func, stateVarNames) {
3833
3861
  const mutations = [];
3862
+ this.recordOnSurfaceSpan(func);
3834
3863
  func.forEachDescendant((node) => {
3835
3864
  if (!Node4.isBinaryExpression(node))
3836
3865
  return;
@@ -3860,6 +3889,140 @@ class HandlerExtractor {
3860
3889
  });
3861
3890
  return mutations;
3862
3891
  }
3892
+ isOffSurfaceScannable(filePath) {
3893
+ return !/(?:\.(?:test|spec|stories)\.[cm]?[jt]sx?$)|(?:\/(?:__tests__|tests|test|features|e2e|stories|__mocks__)\/)/i.test(filePath);
3894
+ }
3895
+ static STATE_SIGNAL_FACTORIES = new Set([
3896
+ "$state",
3897
+ "$sharedState",
3898
+ "$syncedState",
3899
+ "$persistedState",
3900
+ "$meshState",
3901
+ "$peerState"
3902
+ ]);
3903
+ extractStateSignalVariableNames(sourceFile) {
3904
+ const names = [];
3905
+ sourceFile.forEachDescendant((node) => {
3906
+ if (!Node4.isCallExpression(node))
3907
+ return;
3908
+ const expr = node.getExpression();
3909
+ if (!Node4.isIdentifier(expr))
3910
+ return;
3911
+ if (!HandlerExtractor.STATE_SIGNAL_FACTORIES.has(expr.getText()))
3912
+ return;
3913
+ const varName = this.getVariableNameFromParent(node);
3914
+ if (varName)
3915
+ names.push(varName);
3916
+ });
3917
+ return names;
3918
+ }
3919
+ recordOnSurfaceSpan(node) {
3920
+ this.onSurfaceSpans.push({
3921
+ file: node.getSourceFile().getFilePath(),
3922
+ start: node.getStart(),
3923
+ end: node.getEnd()
3924
+ });
3925
+ }
3926
+ isWithinOnSurfaceSpan(file, pos) {
3927
+ for (const span of this.onSurfaceSpans) {
3928
+ if (span.file === file && pos >= span.start && pos <= span.end)
3929
+ return true;
3930
+ }
3931
+ return false;
3932
+ }
3933
+ findOffSurfaceMutations(sourceFile, stateVarNames) {
3934
+ const out = [];
3935
+ const filePath = sourceFile.getFilePath();
3936
+ sourceFile.forEachDescendant((node) => {
3937
+ if (Node4.isBinaryExpression(node)) {
3938
+ out.push(...this.offSurfaceWritesAt(node, stateVarNames, filePath));
3939
+ }
3940
+ });
3941
+ return out;
3942
+ }
3943
+ offSurfaceWritesAt(node, stateVarNames, filePath) {
3944
+ if (node.getOperatorToken().getText() !== "=")
3945
+ return [];
3946
+ const left = node.getLeft();
3947
+ if (!Node4.isPropertyAccessExpression(left))
3948
+ return [];
3949
+ const match = this.matchVerifiedStateWrite(this.getPropertyPath(left), stateVarNames);
3950
+ if (!match)
3951
+ return [];
3952
+ if (this.isWithinOnSurfaceSpan(filePath, left.getStart()))
3953
+ return [];
3954
+ const base = {
3955
+ signalVariable: match.signal,
3956
+ functionName: this.enclosingFunctionName(node),
3957
+ filePath,
3958
+ line: node.getStartLineNumber()
3959
+ };
3960
+ if (match.field !== undefined) {
3961
+ return [{ field: `${match.signal}_${match.field}`, ...base }];
3962
+ }
3963
+ const fields = this.objectLiteralFieldNames(node.getRight());
3964
+ if (fields.length === 0)
3965
+ return [{ field: match.signal, ...base }];
3966
+ return fields.map((f) => ({ field: `${match.signal}_${f}`, ...base }));
3967
+ }
3968
+ matchVerifiedStateWrite(path2, stateVarNames) {
3969
+ for (const varName of stateVarNames) {
3970
+ if (path2 === `${varName}.value`)
3971
+ return { signal: varName };
3972
+ const prefix = `${varName}.value.`;
3973
+ if (path2.startsWith(prefix))
3974
+ return { signal: varName, field: path2.substring(prefix.length) };
3975
+ }
3976
+ return null;
3977
+ }
3978
+ objectLiteralFieldNames(right) {
3979
+ if (!Node4.isObjectLiteralExpression(right))
3980
+ return [];
3981
+ const names = [];
3982
+ for (const prop of right.getProperties()) {
3983
+ if (Node4.isPropertyAssignment(prop) || Node4.isShorthandPropertyAssignment(prop)) {
3984
+ names.push(prop.getName());
3985
+ }
3986
+ }
3987
+ return names;
3988
+ }
3989
+ enclosingFunctionName(node) {
3990
+ let current = node.getParent();
3991
+ while (current) {
3992
+ const name = this.namedScope(current);
3993
+ if (name !== null)
3994
+ return name;
3995
+ current = current.getParent();
3996
+ }
3997
+ return "<module>";
3998
+ }
3999
+ namedScope(node) {
4000
+ if (Node4.isFunctionDeclaration(node)) {
4001
+ return node.getName() ?? "<anonymous function>";
4002
+ }
4003
+ if (Node4.isMethodDeclaration(node)) {
4004
+ const clsName = node.getFirstAncestorByKind(SyntaxKind.ClassDeclaration)?.getName();
4005
+ const methodName = node.getName();
4006
+ return clsName ? `${clsName}.${methodName}` : methodName;
4007
+ }
4008
+ if (Node4.isGetAccessorDeclaration(node) || Node4.isSetAccessorDeclaration(node)) {
4009
+ return node.getName();
4010
+ }
4011
+ if (Node4.isArrowFunction(node) || Node4.isFunctionExpression(node)) {
4012
+ return this.boundFunctionName(node) ?? null;
4013
+ }
4014
+ return null;
4015
+ }
4016
+ boundFunctionName(fn) {
4017
+ const parent = fn.getParent();
4018
+ if (!parent)
4019
+ return;
4020
+ if (Node4.isVariableDeclaration(parent))
4021
+ return parent.getName();
4022
+ if (Node4.isPropertyAssignment(parent))
4023
+ return parent.getName();
4024
+ return;
4025
+ }
3863
4026
  functionNameToMessageType(funcName) {
3864
4027
  let name = funcName.replace(/^handle/, "").replace(/^on/, "").replace(/^set/, "Set").replace(/^update/, "Update").replace(/^do/, "");
3865
4028
  if (name.length > 0) {
@@ -6826,4 +6989,4 @@ main().catch((_error) => {
6826
6989
  process.exit(1);
6827
6990
  });
6828
6991
 
6829
- //# debugId=FB3F999DCFFB1CAD64756E2164756E21
6992
+ //# debugId=4CA1C5520447E2E464756E2164756E21