npm - @mainahq/core - Versions diffs - 0.2.0 - Mend

@mainahq/core 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (156) hide show

package/README.md +31 -0
package/package.json +37 -0
package/src/ai/__tests__/ai.test.ts +207 -0
package/src/ai/__tests__/design-approaches.test.ts +192 -0
package/src/ai/__tests__/spec-questions.test.ts +191 -0
package/src/ai/__tests__/tiers.test.ts +110 -0
package/src/ai/commit-msg.ts +28 -0
package/src/ai/design-approaches.ts +76 -0
package/src/ai/index.ts +205 -0
package/src/ai/pr-summary.ts +60 -0
package/src/ai/spec-questions.ts +74 -0
package/src/ai/tiers.ts +52 -0
package/src/ai/try-generate.ts +89 -0
package/src/ai/validate.ts +66 -0
package/src/benchmark/__tests__/reporter.test.ts +525 -0
package/src/benchmark/__tests__/runner.test.ts +113 -0
package/src/benchmark/__tests__/story-loader.test.ts +152 -0
package/src/benchmark/reporter.ts +332 -0
package/src/benchmark/runner.ts +91 -0
package/src/benchmark/story-loader.ts +88 -0
package/src/benchmark/types.ts +95 -0
package/src/cache/__tests__/keys.test.ts +97 -0
package/src/cache/__tests__/manager.test.ts +312 -0
package/src/cache/__tests__/ttl.test.ts +94 -0
package/src/cache/keys.ts +44 -0
package/src/cache/manager.ts +231 -0
package/src/cache/ttl.ts +77 -0
package/src/config/__tests__/config.test.ts +376 -0
package/src/config/index.ts +198 -0
package/src/context/__tests__/budget.test.ts +179 -0
package/src/context/__tests__/engine.test.ts +163 -0
package/src/context/__tests__/episodic.test.ts +291 -0
package/src/context/__tests__/relevance.test.ts +323 -0
package/src/context/__tests__/retrieval.test.ts +143 -0
package/src/context/__tests__/selector.test.ts +174 -0
package/src/context/__tests__/semantic.test.ts +252 -0
package/src/context/__tests__/treesitter.test.ts +229 -0
package/src/context/__tests__/working.test.ts +236 -0
package/src/context/budget.ts +130 -0
package/src/context/engine.ts +394 -0
package/src/context/episodic.ts +251 -0
package/src/context/relevance.ts +325 -0
package/src/context/retrieval.ts +325 -0
package/src/context/selector.ts +93 -0
package/src/context/semantic.ts +331 -0
package/src/context/treesitter.ts +216 -0
package/src/context/working.ts +192 -0
package/src/db/__tests__/db.test.ts +151 -0
package/src/db/index.ts +211 -0
package/src/db/schema.ts +84 -0
package/src/design/__tests__/design.test.ts +310 -0
package/src/design/__tests__/generate-hld-lld.test.ts +109 -0
package/src/design/__tests__/review.test.ts +561 -0
package/src/design/index.ts +297 -0
package/src/design/review.ts +327 -0
package/src/explain/__tests__/explain.test.ts +173 -0
package/src/explain/index.ts +181 -0
package/src/features/__tests__/analyzer.test.ts +358 -0
package/src/features/__tests__/checklist.test.ts +454 -0
package/src/features/__tests__/numbering.test.ts +319 -0
package/src/features/__tests__/quality.test.ts +295 -0
package/src/features/__tests__/traceability.test.ts +147 -0
package/src/features/analyzer.ts +445 -0
package/src/features/checklist.ts +366 -0
package/src/features/index.ts +18 -0
package/src/features/numbering.ts +404 -0
package/src/features/quality.ts +349 -0
package/src/features/test-stubs.ts +157 -0
package/src/features/traceability.ts +260 -0
package/src/feedback/__tests__/async-feedback.test.ts +52 -0
package/src/feedback/__tests__/collector.test.ts +219 -0
package/src/feedback/__tests__/compress.test.ts +150 -0
package/src/feedback/__tests__/preferences.test.ts +169 -0
package/src/feedback/collector.ts +135 -0
package/src/feedback/compress.ts +92 -0
package/src/feedback/preferences.ts +108 -0
package/src/git/__tests__/git.test.ts +62 -0
package/src/git/index.ts +110 -0
package/src/hooks/__tests__/runner.test.ts +266 -0
package/src/hooks/index.ts +8 -0
package/src/hooks/runner.ts +130 -0
package/src/index.ts +356 -0
package/src/init/__tests__/init.test.ts +228 -0
package/src/init/index.ts +364 -0
package/src/language/__tests__/detect.test.ts +77 -0
package/src/language/__tests__/profile.test.ts +51 -0
package/src/language/detect.ts +70 -0
package/src/language/profile.ts +110 -0
package/src/prompts/__tests__/defaults.test.ts +52 -0
package/src/prompts/__tests__/engine.test.ts +183 -0
package/src/prompts/__tests__/evolution-resolve.test.ts +169 -0
package/src/prompts/__tests__/evolution.test.ts +187 -0
package/src/prompts/__tests__/loader.test.ts +105 -0
package/src/prompts/candidates/review-v2.md +55 -0
package/src/prompts/defaults/ai-review.md +49 -0
package/src/prompts/defaults/commit.md +30 -0
package/src/prompts/defaults/context.md +26 -0
package/src/prompts/defaults/design-approaches.md +57 -0
package/src/prompts/defaults/design-hld-lld.md +55 -0
package/src/prompts/defaults/design.md +53 -0
package/src/prompts/defaults/explain.md +31 -0
package/src/prompts/defaults/fix.md +32 -0
package/src/prompts/defaults/index.ts +38 -0
package/src/prompts/defaults/review.md +41 -0
package/src/prompts/defaults/spec-questions.md +59 -0
package/src/prompts/defaults/tests.md +72 -0
package/src/prompts/engine.ts +137 -0
package/src/prompts/evolution.ts +409 -0
package/src/prompts/loader.ts +71 -0
package/src/review/__tests__/review.test.ts +288 -0
package/src/review/comprehensive.ts +362 -0
package/src/review/index.ts +417 -0
package/src/stats/__tests__/tracker.test.ts +323 -0
package/src/stats/index.ts +11 -0
package/src/stats/tracker.ts +492 -0
package/src/ticket/__tests__/ticket.test.ts +273 -0
package/src/ticket/index.ts +185 -0
package/src/utils.ts +87 -0
package/src/verify/__tests__/ai-review.test.ts +242 -0
package/src/verify/__tests__/coverage.test.ts +83 -0
package/src/verify/__tests__/detect.test.ts +175 -0
package/src/verify/__tests__/diff-filter.test.ts +338 -0
package/src/verify/__tests__/fix.test.ts +478 -0
package/src/verify/__tests__/linters/clippy.test.ts +45 -0
package/src/verify/__tests__/linters/go-vet.test.ts +27 -0
package/src/verify/__tests__/linters/ruff.test.ts +64 -0
package/src/verify/__tests__/mutation.test.ts +141 -0
package/src/verify/__tests__/pipeline.test.ts +553 -0
package/src/verify/__tests__/proof.test.ts +97 -0
package/src/verify/__tests__/secretlint.test.ts +190 -0
package/src/verify/__tests__/semgrep.test.ts +217 -0
package/src/verify/__tests__/slop.test.ts +366 -0
package/src/verify/__tests__/sonar.test.ts +113 -0
package/src/verify/__tests__/syntax-guard.test.ts +227 -0
package/src/verify/__tests__/trivy.test.ts +191 -0
package/src/verify/__tests__/visual.test.ts +139 -0
package/src/verify/ai-review.ts +276 -0
package/src/verify/coverage.ts +134 -0
package/src/verify/detect.ts +171 -0
package/src/verify/diff-filter.ts +183 -0
package/src/verify/fix.ts +317 -0
package/src/verify/linters/clippy.ts +52 -0
package/src/verify/linters/go-vet.ts +32 -0
package/src/verify/linters/ruff.ts +47 -0
package/src/verify/mutation.ts +143 -0
package/src/verify/pipeline.ts +328 -0
package/src/verify/proof.ts +277 -0
package/src/verify/secretlint.ts +168 -0
package/src/verify/semgrep.ts +170 -0
package/src/verify/slop.ts +493 -0
package/src/verify/sonar.ts +146 -0
package/src/verify/syntax-guard.ts +251 -0
package/src/verify/trivy.ts +161 -0
package/src/verify/visual.ts +460 -0
package/src/workflow/__tests__/context.test.ts +110 -0
package/src/workflow/context.ts +81 -0

package/src/verify/secretlint.ts ADDED Viewed

@@ -0,0 +1,168 @@
+/**
+ * Secretlint Integration for the Verify Engine.
+ *
+ * Runs Secretlint for secrets detection in source files.
+ * Parses JSON output into the unified Finding type.
+ * Gracefully skips if secretlint is not installed.
+ */
+import { isToolAvailable } from "./detect";
+import type { Finding } from "./diff-filter";
+// ─── Types ────────────────────────────────────────────────────────────────
+export interface SecretlintOptions {
+	files?: string[];
+	cwd?: string;
+	/** Pre-resolved availability — skips redundant detection if provided. */
+	available?: boolean;
+}
+export interface SecretlintResult {
+	findings: Finding[];
+	skipped: boolean;
+}
+// ─── JSON Parsing ─────────────────────────────────────────────────────────
+/**
+ * Map secretlint numeric severity to unified severity.
+ * secretlint uses: 0 = info, 1 = warning, 2 = error
+ */
+function mapSecretlintSeverity(severity: number): "error" | "warning" | "info" {
+	switch (severity) {
+		case 2:
+			return "error";
+		case 1:
+			return "warning";
+		default:
+			return "info";
+	}
+}
+/**
+ * Parse secretlint JSON output into Finding[].
+ *
+ * Secretlint JSON output is an array of file results:
+ * ```json
+ * [{
+ *   "filePath": "src/config.ts",
+ *   "messages": [{
+ *     "ruleId": "@secretlint/secretlint-rule-preset-recommend",
+ *     "message": "Found AWS Access Key ID",
+ *     "loc": {
+ *       "start": { "line": 5, "column": 10 },
+ *       "end": { "line": 5, "column": 30 }
+ *     },
+ *     "severity": 2
+ *   }]
+ * }]
+ * ```
+ *
+ * Handles malformed JSON and unexpected structures gracefully.
+ */
+export function parseSecretlintOutput(output: string): Finding[] {
+	if (!output.trim()) {
+		return [];
+	}
+	let parsed: unknown;
+	try {
+		parsed = JSON.parse(output);
+	} catch {
+		return [];
+	}
+	if (!Array.isArray(parsed)) {
+		return [];
+	}
+	const findings: Finding[] = [];
+	for (const fileResult of parsed) {
+		const fr = fileResult as Record<string, unknown>;
+		const filePath = (fr.filePath as string) ?? "";
+		const messages = fr.messages;
+		if (!Array.isArray(messages)) {
+			continue;
+		}
+		for (const msg of messages) {
+			const m = msg as Record<string, unknown>;
+			const ruleId = (m.ruleId as string) ?? undefined;
+			const message = (m.message as string) ?? "";
+			const severity = (m.severity as number) ?? 0;
+			const loc = m.loc as Record<string, unknown> | undefined;
+			let line = 0;
+			let column: number | undefined;
+			if (loc) {
+				const start = loc.start as Record<string, unknown> | undefined;
+				if (start) {
+					line = (start.line as number) ?? 0;
+					const col = start.column as number | undefined;
+					column = col ?? undefined;
+				}
+			}
+			findings.push({
+				tool: "secretlint",
+				file: filePath,
+				line,
+				column,
+				message,
+				severity: mapSecretlintSeverity(severity),
+				ruleId,
+			});
+		}
+	}
+	return findings;
+}
+// ─── Runner ───────────────────────────────────────────────────────────────
+/**
+ * Run Secretlint and return parsed findings.
+ *
+ * If secretlint is not installed, returns `{ findings: [], skipped: true }`.
+ * If secretlint fails, returns `{ findings: [], skipped: false }`.
+ */
+export async function runSecretlint(
+	options?: SecretlintOptions,
+): Promise<SecretlintResult> {
+	const toolAvailable =
+		options?.available ?? (await isToolAvailable("secretlint"));
+	if (!toolAvailable) {
+		return { findings: [], skipped: true };
+	}
+	const cwd = options?.cwd ?? process.cwd();
+	const args = ["secretlint", "--format", "json"];
+	if (options?.files && options.files.length > 0) {
+		args.push(...options.files);
+	} else {
+		args.push("**/*");
+	}
+	try {
+		const proc = Bun.spawn(args, {
+			cwd,
+			stdout: "pipe",
+			stderr: "pipe",
+		});
+		const stdout = await new Response(proc.stdout).text();
+		await new Response(proc.stderr).text();
+		await proc.exited;
+		const findings = parseSecretlintOutput(stdout);
+		return { findings, skipped: false };
+	} catch {
+		return { findings: [], skipped: false };
+	}
+}

package/src/verify/semgrep.ts ADDED Viewed

@@ -0,0 +1,170 @@
+/**
+ * Semgrep Integration for the Verify Engine.
+ *
+ * Runs Semgrep with auto rules + optional custom rules directory.
+ * Parses SARIF output into the unified Finding type.
+ * Gracefully skips if semgrep is not installed.
+ */
+import { isToolAvailable } from "./detect";
+import type { Finding } from "./diff-filter";
+// ─── Types ────────────────────────────────────────────────────────────────
+export interface SemgrepOptions {
+	files?: string[];
+	rulesDir?: string;
+	config?: string;
+	cwd?: string;
+	/** Pre-resolved availability — skips redundant detection if provided. */
+	available?: boolean;
+}
+export interface SemgrepResult {
+	findings: Finding[];
+	skipped: boolean;
+}
+// ─── SARIF Parsing ────────────────────────────────────────────────────────
+/**
+ * Map SARIF level to unified severity.
+ */
+function mapSarifLevel(level: string): "error" | "warning" | "info" {
+	switch (level) {
+		case "error":
+			return "error";
+		case "warning":
+			return "warning";
+		case "note":
+		case "none":
+			return "info";
+		default:
+			return "warning";
+	}
+}
+/**
+ * Parse SARIF JSON output (from semgrep --sarif) into Finding[].
+ *
+ * Handles malformed JSON and unexpected structures gracefully by
+ * returning an empty array.
+ */
+export function parseSarif(sarifJson: string): Finding[] {
+	let sarif: Record<string, unknown>;
+	try {
+		sarif = JSON.parse(sarifJson) as Record<string, unknown>;
+	} catch {
+		return [];
+	}
+	const runs = sarif.runs;
+	if (!Array.isArray(runs)) {
+		return [];
+	}
+	const findings: Finding[] = [];
+	for (const run of runs) {
+		const results = (run as Record<string, unknown>).results;
+		if (!Array.isArray(results)) {
+			continue;
+		}
+		for (const result of results) {
+			const r = result as Record<string, unknown>;
+			const ruleId = (r.ruleId as string) ?? undefined;
+			const messageObj = r.message as Record<string, unknown> | undefined;
+			const message = (messageObj?.text as string) ?? "";
+			const level = (r.level as string) ?? "warning";
+			const locations = r.locations as Array<Record<string, unknown>>;
+			let file = "";
+			let line = 0;
+			let column: number | undefined;
+			if (Array.isArray(locations) && locations.length > 0) {
+				const loc = locations[0] as Record<string, unknown>;
+				const physicalLocation = loc?.physicalLocation as
+					| Record<string, unknown>
+					| undefined;
+				if (physicalLocation) {
+					const artifactLocation = physicalLocation.artifactLocation as
+						| Record<string, unknown>
+						| undefined;
+					file = (artifactLocation?.uri as string) ?? "";
+					const region = physicalLocation.region as
+						| Record<string, unknown>
+						| undefined;
+					if (region) {
+						line = (region.startLine as number) ?? 0;
+						const startColumn = region.startColumn as number | undefined;
+						column = startColumn ?? undefined;
+					}
+				}
+			}
+			findings.push({
+				tool: "semgrep",
+				file,
+				line,
+				column,
+				message,
+				severity: mapSarifLevel(level),
+				ruleId,
+			});
+		}
+	}
+	return findings;
+}
+// ─── Runner ───────────────────────────────────────────────────────────────
+/**
+ * Run Semgrep and return parsed findings.
+ *
+ * If semgrep is not installed, returns `{ findings: [], skipped: true }`.
+ * If semgrep fails, returns `{ findings: [], skipped: false }`.
+ */
+export async function runSemgrep(
+	options?: SemgrepOptions,
+): Promise<SemgrepResult> {
+	const toolAvailable =
+		options?.available ?? (await isToolAvailable("semgrep"));
+	if (!toolAvailable) {
+		return { findings: [], skipped: true };
+	}
+	const config = options?.config ?? "auto";
+	const cwd = options?.cwd ?? process.cwd();
+	const args = ["semgrep", "scan", "--sarif", `--config=${config}`];
+	if (options?.rulesDir) {
+		args.push(`--config=${options.rulesDir}`);
+	}
+	if (options?.files && options.files.length > 0) {
+		args.push(...options.files);
+	}
+	try {
+		const proc = Bun.spawn(args, {
+			cwd,
+			stdout: "pipe",
+			stderr: "pipe",
+		});
+		const stdout = await new Response(proc.stdout).text();
+		await new Response(proc.stderr).text();
+		await proc.exited;
+		const findings = parseSarif(stdout);
+		return { findings, skipped: false };
+	} catch {
+		return { findings: [], skipped: false };
+	}
+}