@mhingston5/lasso 0.1.0

package/src/synthesis/harness-builder.ts

@@ -0,0 +1,113 @@
+import type { HarnessSpec } from "../spec/types.js";
+import type { TaskNode } from "../spec/types.js";
+import { buildPatchValidationHarnessSpec } from "../reference/patch-validation.js";
+import { buildPrReviewMergeHarnessSpec } from "../reference/pr-review-merge.js";
+import type { LocalPatchValidationBundle, LocalPrBundle } from "../reference/types.js";
+import type { TaskGraph, WorkflowStage } from "./graph-builder.js";
+import type { RiskModel } from "./risk-analyzer.js";
+import { synthesizePolicy } from "./policy-builder.js";
+
+interface HarnessSynthesisResult {
+  spec: HarnessSpec;
+  rationale: string[];
+  warnings: string[];
+}
+
+function stageTypeToNodeKind(stageType: WorkflowStage["type"]): TaskNode["kind"] {
+  switch (stageType) {
+    case "setup":
+    case "reproduce":
+    case "apply":
+    case "verify":
+    case "merge":
+      return "tool";
+    case "review":
+      return "llm";
+    case "approval":
+      return "human";
+    default:
+      return "tool";
+  }
+}
+
+function buildGenericHarnessSpec(graph: TaskGraph): HarnessSpec {
+  const nodes: TaskNode[] = [];
+  const edges: Array<{ from: string; to: string }> = [];
+
+  if (graph.stages.length === 0) {
+    // Empty graph — create a single no-op tool node
+    const entryId = `${graph.family}-noop`;
+    nodes.push({
+      id: entryId,
+      label: `Execute ${graph.family}`,
+      kind: "tool",
+      tool: "echo",
+      args: [`Running ${graph.family} workflow`]
+    });
+    return {
+      name: graph.family,
+      graph: { entryNodeId: entryId, nodes, edges }
+    };
+  }
+
+  // Build nodes from stages
+  for (const stage of graph.stages) {
+    const kind = stageTypeToNodeKind(stage.type);
+    const node: TaskNode = kind === "tool"
+      ? { id: stage.id, label: stage.description, kind: "tool", tool: "echo", args: [stage.description] }
+      : kind === "llm"
+        ? { id: stage.id, label: stage.description, kind: "llm", provider: "generic", model: "default", prompt: stage.description }
+        : { id: stage.id, label: stage.description, kind: "human", prompt: stage.description, interactionType: "approval" };
+    nodes.push(node);
+  }
+
+  // Build edges from dependencies
+  for (const stage of graph.stages) {
+    for (const dep of stage.dependencies) {
+      edges.push({ from: dep, to: stage.id });
+    }
+  }
+
+  // Entry node is the first stage with no dependencies
+  const entryNode = graph.stages.find(s => s.dependencies.length === 0);
+  const entryNodeId = entryNode ? entryNode.id : graph.stages[0].id;
+
+  return {
+    name: graph.family,
+    graph: { entryNodeId, nodes, edges }
+  };
+}
+
+function synthesizeHarnessResult(
+  graph: TaskGraph,
+  risks: RiskModel
+): HarnessSynthesisResult {
+  // Derive policy from graph and risks
+  const policyResult = synthesizePolicy(graph, risks);
+  
+  if (!policyResult.success) {
+    throw new Error(`Policy synthesis failed: ${policyResult.reasons.join(", ")}`);
+  }
+  
+  const policy = policyResult.policy;
+  let spec: HarnessSpec;
+  
+  if (policy.workflow === "patch-validation") {
+    spec = buildPatchValidationHarnessSpec(policy.bundle as LocalPatchValidationBundle);
+  } else if (policy.workflow === "pr-review-merge") {
+    spec = buildPrReviewMergeHarnessSpec(policy.bundle as LocalPrBundle);
+  } else {
+    // Generic fallback for custom workflow families
+    spec = buildGenericHarnessSpec(graph);
+  }
+  
+  return {
+    spec,
+    rationale: policy.rationale,
+    warnings: policy.warnings
+  };
+}
+
+export function synthesizeHarness(graph: TaskGraph, risks: RiskModel): HarnessSpec {
+  return synthesizeHarnessResult(graph, risks).spec;
+}

package/src/synthesis/intent-ir.ts

@@ -0,0 +1,63 @@
+export type SupportedWorkflowFamily = string;
+
+export type IntentStepKind = "tool" | "llm" | "human" | "condition";
+
+export interface IntentStep {
+  id: string;
+  label: string;
+  kind: IntentStepKind;
+  command?: string;
+  prompt?: string;
+  description?: string;
+}
+
+export interface IntentIR {
+  family: SupportedWorkflowFamily;
+  goal: string;
+  inputs: Record<string, unknown>;
+  requiredTools: string[];
+  humanCheckpoints: string[];
+  verificationTargets: string[];
+  steps?: IntentStep[];
+  capabilities?: string[];
+}
+
+export interface UnsupportedIntentRejection {
+  rejected: true;
+  reasons: string[];
+  candidateFamily?: string;
+  guidance: string[];
+}
+
+export type IntentParseResult = 
+  | { success: true; intent: IntentIR }
+  | UnsupportedIntentRejection;
+
+export function validateIntent(intent: IntentIR): UnsupportedIntentRejection | null {
+  if (!intent.family || typeof intent.family !== "string" || intent.family.trim().length === 0) {
+    return {
+      rejected: true,
+      reasons: ["Workflow family is missing or empty"],
+      guidance: [
+        "Please specify a workflow family (e.g., 'patch-validation', 'pr-review-merge', or any custom name)"
+      ]
+    };
+  }
+  
+  return null;
+}
+
+export function rejectUnsupportedIntent(
+  reasons: string[],
+  candidateFamily?: string,
+  guidance?: string[]
+): UnsupportedIntentRejection {
+  return {
+    rejected: true,
+    reasons,
+    candidateFamily,
+    guidance: guidance || [
+      "Please specify a workflow family with the required inputs for that workflow type"
+    ]
+  };
+}

package/src/synthesis/policy-builder.ts

@@ -0,0 +1,320 @@
+import type { LocalPatchValidationBundle, LocalPrBundle, LocalCandidateSource } from "../reference/types.js";
+import type { TaskGraph } from "./graph-builder.js";
+import type { RiskModel } from "./risk-analyzer.js";
+
+export interface PolicyBundle {
+  workflow: string;
+  bundle: LocalPatchValidationBundle | LocalPrBundle | Record<string, unknown>;
+  rationale: string[];
+  warnings: string[];
+  missingFields: string[];
+}
+
+export type PolicyResult = 
+  | { success: true; policy: PolicyBundle }
+  | { success: false; reasons: string[]; missingFields: string[]; guidance: string[] };
+
+export function synthesizePolicy(graph: TaskGraph, risks: RiskModel): PolicyResult {
+  const missingFields: string[] = [];
+  const warnings: string[] = [];
+  const rationale: string[] = [];
+  
+  // Add risk-based warnings
+  if (risks.mitigations.length > 0) {
+    warnings.push(...risks.mitigations);
+  }
+  
+  const hasSteps = graph.stages.some(s => s.id.startsWith("step-"));
+  const hasCapabilities = graph.capabilityMatch !== undefined;
+  
+  if (hasCapabilities) {
+    rationale.push(
+      `Capability-driven workflow: ${graph.family}`,
+      `Matched capabilities: ${graph.capabilityMatch!.matched.join(", ") || "none"}`,
+      `Risk level: ${risks.overallRisk}`
+    );
+    
+    if (graph.capabilityMatch!.missing.length > 0) {
+      warnings.push(`Missing capabilities: ${graph.capabilityMatch!.missing.join(", ")}`);
+    }
+    
+    if (risks.capabilityRisk) {
+      for (const factor of risks.capabilityRisk.riskFactors) {
+        warnings.push(`Risk: ${factor}`);
+      }
+    }
+    
+    const bundle: Record<string, unknown> = { ...graph.inputs };
+    
+    return {
+      success: true,
+      policy: {
+        workflow: graph.family,
+        bundle,
+        rationale,
+        warnings,
+        missingFields: []
+      }
+    };
+  }
+  
+  if (hasSteps) {
+    rationale.push(
+      `Workflow includes ${graph.stages.filter(s => s.id.startsWith("step-")).length} custom step(s)`,
+      `Risk level: ${risks.overallRisk}`
+    );
+
+    if (graph.family === "patch-validation") {
+      if (!graph.inputs.repoPath) missingFields.push("repoPath");
+      if (!graph.inputs.baselineRef) missingFields.push("baselineRef");
+
+      const hasCandidateBranch = graph.inputs.candidateBranch && (graph.inputs.candidateBranch as string).length > 0;
+      const hasPatchFile = graph.inputs.patchFilePath && (graph.inputs.patchFilePath as string).length > 0;
+
+      if (!hasCandidateBranch && !hasPatchFile) {
+        missingFields.push("candidateSource (branch or patchFile)");
+      }
+
+      if (missingFields.length > 0) {
+        return {
+          success: false,
+          reasons: [`Patch validation with steps requires: ${missingFields.join(", ")}`],
+          missingFields,
+          guidance: [
+            "For patch-validation with custom steps, provide:",
+            "- repoPath",
+            "- baselineRef",
+            "- candidateSource (branch or .patch file path)"
+          ]
+        };
+      }
+
+      const candidateSource: LocalCandidateSource = hasPatchFile
+        ? { kind: "patchFile", value: graph.inputs.patchFilePath as string }
+        : { kind: "branch", value: graph.inputs.candidateBranch as string };
+
+      const bundle: LocalPatchValidationBundle = {
+        repoPath: graph.inputs.repoPath as string,
+        baselineRef: graph.inputs.baselineRef as string,
+        candidateSource,
+        reproduceCommands: (graph.inputs.reproduceCommands as string[]) || [],
+        verificationCommands: (graph.inputs.verificationCommands as string[]) || [],
+        reviewInstructions: (graph.inputs.reviewInstructions as string) || "",
+        approvalRequired: risks.approvalRequired
+      };
+
+      rationale.push(`Classified as patch-validation with custom steps`);
+
+      return {
+        success: true,
+        policy: {
+          workflow: "patch-validation",
+          bundle,
+          rationale,
+          warnings,
+          missingFields: []
+        }
+      };
+    } else if (graph.family === "pr-review-merge") {
+      if (!graph.inputs.repoPath) missingFields.push("repoPath");
+      if (!graph.inputs.sourceBranch) missingFields.push("sourceBranch");
+      if (!graph.inputs.targetBranch) missingFields.push("targetBranch");
+
+      if (missingFields.length > 0) {
+        return {
+          success: false,
+          reasons: [`PR review/merge with steps requires: ${missingFields.join(", ")}`],
+          missingFields,
+          guidance: [
+            "For pr-review-merge with custom steps, provide:",
+            "- repoPath (absolute path)",
+            "- sourceBranch",
+            "- targetBranch"
+          ]
+        };
+      }
+
+      const bundle: LocalPrBundle = {
+        repoPath: graph.inputs.repoPath as string,
+        sourceBranch: graph.inputs.sourceBranch as string,
+        targetBranch: graph.inputs.targetBranch as string,
+        reviewInstructions: (graph.inputs.reviewInstructions as string) || "",
+        verificationCommands: (graph.inputs.verificationCommands as string[]) || []
+      };
+
+      rationale.push(`Classified as pr-review-merge with custom steps`);
+
+      return {
+        success: true,
+        policy: {
+          workflow: "pr-review-merge",
+          bundle,
+          rationale,
+          warnings,
+          missingFields: []
+        }
+      };
+    }
+  }
+  
+  if (graph.family === "patch-validation") {
+    // Validate required fields
+    if (!graph.inputs.repoPath) missingFields.push("repoPath");
+    if (!graph.inputs.baselineRef) missingFields.push("baselineRef");
+    if (!graph.inputs.reviewInstructions) missingFields.push("reviewInstructions");
+    
+    const hasCandidateBranch = graph.inputs.candidateBranch && (graph.inputs.candidateBranch as string).length > 0;
+    const hasPatchFile = graph.inputs.patchFilePath && (graph.inputs.patchFilePath as string).length > 0;
+    
+    if (!hasCandidateBranch && !hasPatchFile) {
+      missingFields.push("candidateSource (branch or patchFile)");
+    }
+    
+    if (!graph.inputs.reproduceCommands || (graph.inputs.reproduceCommands as string[]).length === 0) {
+      missingFields.push("reproduceCommands");
+    }
+    
+    if (!graph.inputs.verificationCommands || (graph.inputs.verificationCommands as string[]).length === 0) {
+      missingFields.push("verificationCommands");
+    }
+    
+    if (missingFields.length > 0) {
+      return {
+        success: false,
+        reasons: [`Patch validation requires: ${missingFields.join(", ")}`],
+        missingFields,
+        guidance: [
+          "For patch-validation, provide:",
+          "- repoPath",
+          "- baselineRef",
+          "- candidateSource (branch or .patch file path)",
+          "- reproduceCommands (should fail on baseline)",
+          "- verificationCommands (should still pass after fix)",
+          "- reviewInstructions"
+        ]
+      };
+    }
+    
+    // Build candidate source
+    const candidateSource: LocalCandidateSource = hasPatchFile
+      ? { kind: "patchFile", value: graph.inputs.patchFilePath as string }
+      : { kind: "branch", value: graph.inputs.candidateBranch as string };
+    
+    // Determine approval requirement from risks or explicit input
+    const approvalRequired = risks.approvalRequired;
+    
+    const bundle: LocalPatchValidationBundle = {
+      repoPath: graph.inputs.repoPath as string,
+      baselineRef: graph.inputs.baselineRef as string,
+      candidateSource,
+      reproduceCommands: graph.inputs.reproduceCommands as string[],
+      verificationCommands: graph.inputs.verificationCommands as string[],
+      reviewInstructions: graph.inputs.reviewInstructions as string,
+      approvalRequired
+    };
+    
+    if (!risks.approvalRequired) {
+      warnings.push("approvalRequired not specified; defaulting to false");
+    }
+    
+    const candidateDesc = candidateSource.kind === "patchFile" 
+      ? `patch file: ${candidateSource.value}` 
+      : `candidate branch: ${candidateSource.value}`;
+    
+    rationale.push(
+      `Classified as patch-validation workflow`,
+      `Baseline: ${graph.inputs.baselineRef}`,
+      `Candidate: ${candidateDesc}`,
+      `Reproduce: ${(graph.inputs.reproduceCommands as string[]).length} command(s)`,
+      `Verify: ${(graph.inputs.verificationCommands as string[]).length} command(s)`,
+      `Approval required: ${approvalRequired}`,
+      `Risk level: ${risks.overallRisk}`
+    );
+    
+    return {
+      success: true,
+      policy: {
+        workflow: "patch-validation",
+        bundle,
+        rationale,
+        warnings,
+        missingFields: []
+      }
+    };
+  } else if (graph.family === "pr-review-merge") {
+    // Validate required fields
+    if (!graph.inputs.repoPath) missingFields.push("repoPath");
+    if (!graph.inputs.sourceBranch) missingFields.push("sourceBranch");
+    if (!graph.inputs.targetBranch) missingFields.push("targetBranch");
+    if (!graph.inputs.reviewInstructions) missingFields.push("reviewInstructions");
+    if (!graph.inputs.verificationCommands || (graph.inputs.verificationCommands as string[]).length === 0) {
+      missingFields.push("verificationCommands");
+    }
+    
+    if (missingFields.length > 0) {
+      return {
+        success: false,
+        reasons: [`PR review/merge requires: ${missingFields.join(", ")}`],
+        missingFields,
+        guidance: [
+          "For pr-review-merge, provide:",
+          "- repoPath (absolute path)",
+          "- sourceBranch",
+          "- targetBranch",
+          "- reviewInstructions",
+          "- verificationCommands (array of test commands)"
+        ]
+      };
+    }
+    
+    const bundle: LocalPrBundle = {
+      repoPath: graph.inputs.repoPath as string,
+      sourceBranch: graph.inputs.sourceBranch as string,
+      targetBranch: graph.inputs.targetBranch as string,
+      reviewInstructions: graph.inputs.reviewInstructions as string,
+      verificationCommands: graph.inputs.verificationCommands as string[]
+    };
+    
+    rationale.push(
+      `Classified as pr-review-merge workflow`,
+      `Source branch: ${graph.inputs.sourceBranch}`,
+      `Target branch: ${graph.inputs.targetBranch}`,
+      `Verification: ${(graph.inputs.verificationCommands as string[]).length} command(s)`,
+      `Risk level: ${risks.overallRisk}`
+    );
+    
+    return {
+      success: true,
+      policy: {
+        workflow: "pr-review-merge",
+        bundle,
+        rationale,
+        warnings,
+        missingFields: []
+      }
+    };
+  }
+  
+  // Generic fallback for custom workflow families
+  rationale.push(
+    `Classified as custom workflow: ${graph.family}`,
+    `Risk level: ${risks.overallRisk}`
+  );
+
+  if (graph.stages.length > 0) {
+    rationale.push(`Workflow has ${graph.stages.length} stage(s)`);
+  }
+
+  const bundle: Record<string, unknown> = { ...graph.inputs };
+
+  return {
+    success: true,
+    policy: {
+      workflow: graph.family,
+      bundle,
+      rationale,
+      warnings,
+      missingFields: []
+    }
+  };
+}

package/src/synthesis/risk-analyzer.ts

@@ -0,0 +1,182 @@
+import type { TaskGraph, WorkflowStage } from "./graph-builder.js";
+import type { CapabilityRegistry } from "../capabilities/types.js";
+import { matchCapabilities } from "../capabilities/matcher.js";
+
+export type RiskLevel = "low" | "medium" | "high";
+
+export interface CapabilityRisk {
+  allAvailable: boolean;
+  missing: string[];
+  riskFactors: string[];
+}
+
+export interface RiskModel {
+  overallRisk: RiskLevel;
+  approvalRequired: boolean;
+  candidateSourceKind: "branch" | "patchFile" | "pr" | null;
+  verificationBreadth: "narrow" | "moderate" | "comprehensive";
+  stageRisks: Map<string, StageRisk>;
+  mitigations: string[];
+  capabilityRisk?: CapabilityRisk;
+}
+
+export interface StageRisk {
+  stageId: string;
+  risk: RiskLevel;
+  factors: string[];
+}
+
+export function analyzeRisks(graph: TaskGraph, registry?: CapabilityRegistry): RiskModel {
+  const stageRisks = new Map<string, StageRisk>();
+  let approvalRequired = false;
+  let candidateSourceKind: "branch" | "patchFile" | "pr" | null = null;
+  let capabilityRisk: CapabilityRisk | undefined;
+  
+  if (graph.capabilityMatch && registry) {
+    const requiredTools = graph.capabilityMatch.matched.concat(graph.capabilityMatch.missing);
+    const { matched, missing } = matchCapabilities(requiredTools, registry);
+    
+    const riskFactors: string[] = [];
+    
+    for (const cap of matched) {
+      riskFactors.push(...cap.risks);
+    }
+    
+    if (missing.length > 0) {
+      riskFactors.push(`Missing capabilities: ${missing.join(", ")}`);
+    }
+    
+    capabilityRisk = {
+      allAvailable: missing.length === 0,
+      missing,
+      riskFactors
+    };
+    
+    if (missing.length > 0) {
+      for (const stage of graph.stages) {
+        stageRisks.set(stage.id, {
+          stageId: stage.id,
+          risk: "high",
+          factors: [`Missing required capabilities: ${missing.join(", ")}`]
+        });
+      }
+    }
+  }
+  
+  // Determine candidate source kind
+  if (graph.family === "patch-validation") {
+    if (graph.inputs.patchFilePath) {
+      candidateSourceKind = "patchFile";
+    } else if (graph.inputs.candidateBranch) {
+      candidateSourceKind = "branch";
+    }
+    
+    if (graph.inputs.approvalRequired === true) {
+      approvalRequired = true;
+    }
+  } else if (graph.family === "pr-review-merge") {
+    candidateSourceKind = "pr";
+  }
+  
+  // Analyze verification breadth
+  const verificationCommands = graph.inputs.verificationCommands as string[] | undefined;
+  const reproduceCommands = graph.inputs.reproduceCommands as string[] | undefined;
+  
+  const totalCommands = (verificationCommands?.length || 0) + (reproduceCommands?.length || 0);
+  let verificationBreadth: "narrow" | "moderate" | "comprehensive";
+  
+  if (totalCommands === 0) {
+    verificationBreadth = "narrow";
+  } else if (totalCommands <= 2) {
+    verificationBreadth = "moderate";
+  } else {
+    verificationBreadth = "comprehensive";
+  }
+  
+  // Analyze each stage
+  for (const stage of graph.stages) {
+    const factors: string[] = [];
+    let risk: RiskLevel = "low";
+    
+    const isCapabilityStage = stage.id.startsWith("capability-");
+    
+    if (isCapabilityStage && capabilityRisk) {
+      if (stage.type === "verify") {
+        risk = capabilityRisk.allAvailable ? "low" : "medium";
+        factors.push(capabilityRisk.allAvailable ? "All capabilities verified" : "Some capabilities missing");
+      } else if (stage.type === "review") {
+        risk = capabilityRisk.allAvailable ? "low" : "medium";
+        factors.push(...capabilityRisk.riskFactors.slice(0, 2));
+      } else if (stage.type === "approval") {
+        risk = "low";
+        factors.push("Human gate prevents automatic progression");
+      } else if (stage.type === "setup") {
+        risk = "low";
+        factors.push("Capability verification setup");
+      }
+    } else if (stage.type === "reproduce" || stage.type === "verify") {
+      if (verificationBreadth === "narrow") {
+        risk = "medium";
+        factors.push("Limited test coverage");
+      } else if (verificationBreadth === "moderate") {
+        risk = "low";
+        factors.push("Moderate test coverage");
+      } else {
+        risk = "low";
+        factors.push("Comprehensive test coverage");
+      }
+    } else if (stage.type === "apply") {
+      if (candidateSourceKind === "patchFile") {
+        risk = "medium";
+        factors.push("Patch file may not apply cleanly");
+      } else {
+        risk = "low";
+        factors.push("Branch-based candidate");
+      }
+    } else if (stage.type === "merge") {
+      risk = "medium";
+      factors.push("Merge operation modifies target branch");
+    } else if (stage.type === "approval") {
+      risk = "low";
+      factors.push("Human gate prevents automatic progression");
+    }
+    
+    stageRisks.set(stage.id, { stageId: stage.id, risk, factors });
+  }
+  
+  // Determine overall risk
+  let overallRisk: RiskLevel = "low";
+  for (const stageRisk of stageRisks.values()) {
+    if (stageRisk.risk === "high") {
+      overallRisk = "high";
+      break;
+    } else if (stageRisk.risk === "medium") {
+      overallRisk = "medium";
+    }
+  }
+  
+  // Generate mitigations
+  const mitigations: string[] = [];
+  
+  if (verificationBreadth === "narrow") {
+    mitigations.push("Consider adding more verification commands for better coverage");
+  }
+  
+  if (candidateSourceKind === "patchFile") {
+    mitigations.push("Patch application failures will be handled gracefully");
+  }
+  
+  if (!approvalRequired && graph.family === "patch-validation") {
+    mitigations.push("Consider setting approvalRequired: true for production changes");
+  }
+  
+  return {
+    overallRisk,
+    approvalRequired,
+    candidateSourceKind,
+    verificationBreadth,
+    stageRisks,
+    mitigations,
+    capabilityRisk
+  };
+}