@neurcode-ai/cli 0.16.6 → 0.16.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/eval.d.ts.map +1 -1
- package/dist/commands/eval.js +120 -0
- package/dist/commands/eval.js.map +1 -1
- package/dist/index.js +5 -0
- package/dist/index.js.map +1 -1
- package/dist/runtime-build.json +5 -5
- package/dist/utils/enterprise-eval-report.d.ts +232 -0
- package/dist/utils/enterprise-eval-report.d.ts.map +1 -0
- package/dist/utils/enterprise-eval-report.js +402 -0
- package/dist/utils/enterprise-eval-report.js.map +1 -0
- package/dist/utils/eval-demo.d.ts +97 -0
- package/dist/utils/eval-demo.d.ts.map +1 -0
- package/dist/utils/eval-demo.js +635 -0
- package/dist/utils/eval-demo.js.map +1 -0
- package/dist/utils/guided-eval.d.ts.map +1 -1
- package/dist/utils/guided-eval.js +27 -13
- package/dist/utils/guided-eval.js.map +1 -1
- package/package.json +3 -4
- package/.telemetry-bundle/dist/__tests__/harvest-verify.test.d.ts +0 -1
- package/.telemetry-bundle/dist/__tests__/harvest-verify.test.js +0 -86
- package/.telemetry-bundle/dist/contracts.d.ts +0 -58
- package/.telemetry-bundle/dist/contracts.js +0 -8
- package/.telemetry-bundle/dist/harvest-verify.d.ts +0 -9
- package/.telemetry-bundle/dist/harvest-verify.js +0 -128
- package/.telemetry-bundle/dist/index.d.ts +0 -10
- package/.telemetry-bundle/dist/index.js +0 -22
- package/.telemetry-bundle/dist/precision/leaderboards.d.ts +0 -20
- package/.telemetry-bundle/dist/precision/leaderboards.js +0 -72
- package/.telemetry-bundle/dist/reader.d.ts +0 -5
- package/.telemetry-bundle/dist/reader.js +0 -46
- package/.telemetry-bundle/dist/stable-json.d.ts +0 -5
- package/.telemetry-bundle/dist/stable-json.js +0 -24
- package/.telemetry-bundle/dist/store.d.ts +0 -10
- package/.telemetry-bundle/dist/store.js +0 -52
- package/.telemetry-bundle/dist/trust-scoring.d.ts +0 -20
- package/.telemetry-bundle/dist/trust-scoring.js +0 -58
- package/.telemetry-bundle/package.json +0 -8
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
export { GOVERNANCE_TELEMETRY_SCHEMA_VERSION } from './contracts';
|
|
2
|
-
export type { GovernanceTelemetryEnvelope, GovernanceTelemetryEventType, GovernanceTelemetryPayload, GovernanceVerifyCompletedPayload, FindingLifecyclePayload, RuleTriggerPayload, ReplayArtifactPayload, CiBypassPayload, ReviewerInteractionPayload, } from './contracts';
|
|
3
|
-
export { stableStringify } from './stable-json';
|
|
4
|
-
export { harvestGovernanceVerifyCompleted } from './harvest-verify';
|
|
5
|
-
export { appendGovernanceTelemetryEvent, appendVerifyCompletedFromCanonical, telemetryEventsPath, } from './store';
|
|
6
|
-
export { readGovernanceTelemetryEvents } from './reader';
|
|
7
|
-
export { rollupRulePrecisionFromEvents, noisyRuleLeaderboard, highTrustRuleLeaderboard, } from './precision/leaderboards';
|
|
8
|
-
export type { RulePrecisionRollup, TelemetryRollup } from './precision/leaderboards';
|
|
9
|
-
export { trustFromVerifyPayload, trustFromRollups } from './trust-scoring';
|
|
10
|
-
export type { BoundedTrustScores } from './trust-scoring';
|
|
@@ -1,22 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.trustFromRollups = exports.trustFromVerifyPayload = exports.highTrustRuleLeaderboard = exports.noisyRuleLeaderboard = exports.rollupRulePrecisionFromEvents = exports.readGovernanceTelemetryEvents = exports.telemetryEventsPath = exports.appendVerifyCompletedFromCanonical = exports.appendGovernanceTelemetryEvent = exports.harvestGovernanceVerifyCompleted = exports.stableStringify = exports.GOVERNANCE_TELEMETRY_SCHEMA_VERSION = void 0;
|
|
4
|
-
var contracts_1 = require("./contracts");
|
|
5
|
-
Object.defineProperty(exports, "GOVERNANCE_TELEMETRY_SCHEMA_VERSION", { enumerable: true, get: function () { return contracts_1.GOVERNANCE_TELEMETRY_SCHEMA_VERSION; } });
|
|
6
|
-
var stable_json_1 = require("./stable-json");
|
|
7
|
-
Object.defineProperty(exports, "stableStringify", { enumerable: true, get: function () { return stable_json_1.stableStringify; } });
|
|
8
|
-
var harvest_verify_1 = require("./harvest-verify");
|
|
9
|
-
Object.defineProperty(exports, "harvestGovernanceVerifyCompleted", { enumerable: true, get: function () { return harvest_verify_1.harvestGovernanceVerifyCompleted; } });
|
|
10
|
-
var store_1 = require("./store");
|
|
11
|
-
Object.defineProperty(exports, "appendGovernanceTelemetryEvent", { enumerable: true, get: function () { return store_1.appendGovernanceTelemetryEvent; } });
|
|
12
|
-
Object.defineProperty(exports, "appendVerifyCompletedFromCanonical", { enumerable: true, get: function () { return store_1.appendVerifyCompletedFromCanonical; } });
|
|
13
|
-
Object.defineProperty(exports, "telemetryEventsPath", { enumerable: true, get: function () { return store_1.telemetryEventsPath; } });
|
|
14
|
-
var reader_1 = require("./reader");
|
|
15
|
-
Object.defineProperty(exports, "readGovernanceTelemetryEvents", { enumerable: true, get: function () { return reader_1.readGovernanceTelemetryEvents; } });
|
|
16
|
-
var leaderboards_1 = require("./precision/leaderboards");
|
|
17
|
-
Object.defineProperty(exports, "rollupRulePrecisionFromEvents", { enumerable: true, get: function () { return leaderboards_1.rollupRulePrecisionFromEvents; } });
|
|
18
|
-
Object.defineProperty(exports, "noisyRuleLeaderboard", { enumerable: true, get: function () { return leaderboards_1.noisyRuleLeaderboard; } });
|
|
19
|
-
Object.defineProperty(exports, "highTrustRuleLeaderboard", { enumerable: true, get: function () { return leaderboards_1.highTrustRuleLeaderboard; } });
|
|
20
|
-
var trust_scoring_1 = require("./trust-scoring");
|
|
21
|
-
Object.defineProperty(exports, "trustFromVerifyPayload", { enumerable: true, get: function () { return trust_scoring_1.trustFromVerifyPayload; } });
|
|
22
|
-
Object.defineProperty(exports, "trustFromRollups", { enumerable: true, get: function () { return trust_scoring_1.trustFromRollups; } });
|
|
@@ -1,20 +0,0 @@
|
|
|
1
|
-
import type { GovernanceTelemetryEnvelope } from '../contracts';
|
|
2
|
-
export interface RulePrecisionRollup {
|
|
3
|
-
ruleId: string;
|
|
4
|
-
triggerCount: number;
|
|
5
|
-
suppressionCount: number;
|
|
6
|
-
suppressionRate: number;
|
|
7
|
-
}
|
|
8
|
-
export interface TelemetryRollup {
|
|
9
|
-
verifyCompletedEvents: number;
|
|
10
|
-
ruleRollups: RulePrecisionRollup[];
|
|
11
|
-
}
|
|
12
|
-
/**
|
|
13
|
-
* Aggregate rule-level signals from governance.verify.completed events only.
|
|
14
|
-
* Deterministic: rules sorted by ruleId for stable output order.
|
|
15
|
-
*/
|
|
16
|
-
export declare function rollupRulePrecisionFromEvents(events: GovernanceTelemetryEnvelope[]): TelemetryRollup;
|
|
17
|
-
/** Higher score = more noise (suppressions relative to triggers). */
|
|
18
|
-
export declare function noisyRuleLeaderboard(rollup: TelemetryRollup, limit?: number): RulePrecisionRollup[];
|
|
19
|
-
/** Higher score = fewer suppressions per trigger (reviewer trust proxy). */
|
|
20
|
-
export declare function highTrustRuleLeaderboard(rollup: TelemetryRollup, limit?: number): RulePrecisionRollup[];
|
|
@@ -1,72 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.rollupRulePrecisionFromEvents = rollupRulePrecisionFromEvents;
|
|
4
|
-
exports.noisyRuleLeaderboard = noisyRuleLeaderboard;
|
|
5
|
-
exports.highTrustRuleLeaderboard = highTrustRuleLeaderboard;
|
|
6
|
-
function isVerifyCompletedPayload(p) {
|
|
7
|
-
return (typeof p === 'object' &&
|
|
8
|
-
p !== null &&
|
|
9
|
-
'structuralRuleTriggerHistogram' in p &&
|
|
10
|
-
'structuralRuleSuppressionHistogram' in p);
|
|
11
|
-
}
|
|
12
|
-
/**
|
|
13
|
-
* Aggregate rule-level signals from governance.verify.completed events only.
|
|
14
|
-
* Deterministic: rules sorted by ruleId for stable output order.
|
|
15
|
-
*/
|
|
16
|
-
function rollupRulePrecisionFromEvents(events) {
|
|
17
|
-
const triggers = {};
|
|
18
|
-
const suppressions = {};
|
|
19
|
-
let verifyCompletedEvents = 0;
|
|
20
|
-
for (const ev of events) {
|
|
21
|
-
if (ev.eventType !== 'governance.verify.completed') {
|
|
22
|
-
continue;
|
|
23
|
-
}
|
|
24
|
-
if (!isVerifyCompletedPayload(ev.payload)) {
|
|
25
|
-
continue;
|
|
26
|
-
}
|
|
27
|
-
verifyCompletedEvents += 1;
|
|
28
|
-
const p = ev.payload;
|
|
29
|
-
for (const [ruleId, c] of Object.entries(p.structuralRuleTriggerHistogram)) {
|
|
30
|
-
triggers[ruleId] = (triggers[ruleId] ?? 0) + c;
|
|
31
|
-
}
|
|
32
|
-
for (const [ruleId, c] of Object.entries(p.structuralRuleSuppressionHistogram)) {
|
|
33
|
-
suppressions[ruleId] = (suppressions[ruleId] ?? 0) + c;
|
|
34
|
-
}
|
|
35
|
-
}
|
|
36
|
-
const ruleIds = new Set([...Object.keys(triggers), ...Object.keys(suppressions)]);
|
|
37
|
-
const ruleRollups = [...ruleIds]
|
|
38
|
-
.sort()
|
|
39
|
-
.map(ruleId => {
|
|
40
|
-
const triggerCount = triggers[ruleId] ?? 0;
|
|
41
|
-
const suppressionCount = suppressions[ruleId] ?? 0;
|
|
42
|
-
const suppressionRate = triggerCount > 0 ? suppressionCount / triggerCount : 0;
|
|
43
|
-
return { ruleId, triggerCount, suppressionCount, suppressionRate };
|
|
44
|
-
});
|
|
45
|
-
return { verifyCompletedEvents, ruleRollups };
|
|
46
|
-
}
|
|
47
|
-
/** Higher score = more noise (suppressions relative to triggers). */
|
|
48
|
-
function noisyRuleLeaderboard(rollup, limit = 20) {
|
|
49
|
-
return [...rollup.ruleRollups]
|
|
50
|
-
.filter(r => r.triggerCount > 0)
|
|
51
|
-
.sort((a, b) => {
|
|
52
|
-
const dr = b.suppressionRate - a.suppressionRate;
|
|
53
|
-
if (dr !== 0) {
|
|
54
|
-
return dr;
|
|
55
|
-
}
|
|
56
|
-
return b.triggerCount - a.triggerCount;
|
|
57
|
-
})
|
|
58
|
-
.slice(0, limit);
|
|
59
|
-
}
|
|
60
|
-
/** Higher score = fewer suppressions per trigger (reviewer trust proxy). */
|
|
61
|
-
function highTrustRuleLeaderboard(rollup, limit = 20) {
|
|
62
|
-
return [...rollup.ruleRollups]
|
|
63
|
-
.filter(r => r.triggerCount >= 3)
|
|
64
|
-
.sort((a, b) => {
|
|
65
|
-
const dr = a.suppressionRate - b.suppressionRate;
|
|
66
|
-
if (dr !== 0) {
|
|
67
|
-
return dr;
|
|
68
|
-
}
|
|
69
|
-
return b.triggerCount - a.triggerCount;
|
|
70
|
-
})
|
|
71
|
-
.slice(0, limit);
|
|
72
|
-
}
|
|
@@ -1,46 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.readGovernanceTelemetryEvents = readGovernanceTelemetryEvents;
|
|
4
|
-
const fs_1 = require("fs");
|
|
5
|
-
const contracts_1 = require("./contracts");
|
|
6
|
-
const store_1 = require("./store");
|
|
7
|
-
function isRecord(x) {
|
|
8
|
-
return typeof x === 'object' && x !== null && !Array.isArray(x);
|
|
9
|
-
}
|
|
10
|
-
/**
|
|
11
|
-
* Load all telemetry envelopes from the local JSONL store (newest lines last).
|
|
12
|
-
*/
|
|
13
|
-
function readGovernanceTelemetryEvents(repoRoot) {
|
|
14
|
-
const path = (0, store_1.telemetryEventsPath)(repoRoot);
|
|
15
|
-
if (!(0, fs_1.existsSync)(path)) {
|
|
16
|
-
return [];
|
|
17
|
-
}
|
|
18
|
-
let raw;
|
|
19
|
-
try {
|
|
20
|
-
raw = (0, fs_1.readFileSync)(path, 'utf8');
|
|
21
|
-
}
|
|
22
|
-
catch {
|
|
23
|
-
return [];
|
|
24
|
-
}
|
|
25
|
-
const out = [];
|
|
26
|
-
for (const line of raw.split('\n')) {
|
|
27
|
-
const t = line.trim();
|
|
28
|
-
if (!t) {
|
|
29
|
-
continue;
|
|
30
|
-
}
|
|
31
|
-
try {
|
|
32
|
-
const parsed = JSON.parse(t);
|
|
33
|
-
if (!isRecord(parsed)) {
|
|
34
|
-
continue;
|
|
35
|
-
}
|
|
36
|
-
if (parsed.schemaVersion !== contracts_1.GOVERNANCE_TELEMETRY_SCHEMA_VERSION) {
|
|
37
|
-
continue;
|
|
38
|
-
}
|
|
39
|
-
out.push(parsed);
|
|
40
|
-
}
|
|
41
|
-
catch {
|
|
42
|
-
continue;
|
|
43
|
-
}
|
|
44
|
-
}
|
|
45
|
-
return out;
|
|
46
|
-
}
|
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.stableStringify = stableStringify;
|
|
4
|
-
/**
|
|
5
|
-
* Deterministic JSON serialization: sorted object keys at every depth.
|
|
6
|
-
* Used so identical logical events stringify identically across Node versions.
|
|
7
|
-
*/
|
|
8
|
-
function stableStringify(value) {
|
|
9
|
-
return JSON.stringify(sortKeysDeep(value));
|
|
10
|
-
}
|
|
11
|
-
function sortKeysDeep(value) {
|
|
12
|
-
if (value === null || typeof value !== 'object') {
|
|
13
|
-
return value;
|
|
14
|
-
}
|
|
15
|
-
if (Array.isArray(value)) {
|
|
16
|
-
return value.map(sortKeysDeep);
|
|
17
|
-
}
|
|
18
|
-
const obj = value;
|
|
19
|
-
const out = {};
|
|
20
|
-
for (const key of Object.keys(obj).sort()) {
|
|
21
|
-
out[key] = sortKeysDeep(obj[key]);
|
|
22
|
-
}
|
|
23
|
-
return out;
|
|
24
|
-
}
|
|
@@ -1,10 +0,0 @@
|
|
|
1
|
-
import type { GovernanceTelemetryEnvelope } from './contracts';
|
|
2
|
-
export declare function telemetryEventsPath(repoRoot: string): string;
|
|
3
|
-
/**
|
|
4
|
-
* Append one telemetry line. Never throws — calibration must not break verify.
|
|
5
|
-
*/
|
|
6
|
-
export declare function appendGovernanceTelemetryEvent(repoRoot: string, envelope: GovernanceTelemetryEnvelope): void;
|
|
7
|
-
/**
|
|
8
|
-
* Record verify completion from canonical CLI verify JSON (already normalized).
|
|
9
|
-
*/
|
|
10
|
-
export declare function appendVerifyCompletedFromCanonical(repoRoot: string, canonical: Record<string, unknown> | null, runId?: string | null): void;
|
|
@@ -1,52 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.telemetryEventsPath = telemetryEventsPath;
|
|
4
|
-
exports.appendGovernanceTelemetryEvent = appendGovernanceTelemetryEvent;
|
|
5
|
-
exports.appendVerifyCompletedFromCanonical = appendVerifyCompletedFromCanonical;
|
|
6
|
-
const fs_1 = require("fs");
|
|
7
|
-
const path_1 = require("path");
|
|
8
|
-
const contracts_1 = require("./contracts");
|
|
9
|
-
const harvest_verify_1 = require("./harvest-verify");
|
|
10
|
-
const stable_json_1 = require("./stable-json");
|
|
11
|
-
const REL_DIR = (0, path_1.join)('.neurcode', 'telemetry');
|
|
12
|
-
const EVENTS_FILE = 'governance-events.jsonl';
|
|
13
|
-
function telemetryEventsPath(repoRoot) {
|
|
14
|
-
return (0, path_1.join)(repoRoot, REL_DIR, EVENTS_FILE);
|
|
15
|
-
}
|
|
16
|
-
/**
|
|
17
|
-
* Append one telemetry line. Never throws — calibration must not break verify.
|
|
18
|
-
*/
|
|
19
|
-
function appendGovernanceTelemetryEvent(repoRoot, envelope) {
|
|
20
|
-
try {
|
|
21
|
-
const dir = (0, path_1.join)(repoRoot, REL_DIR);
|
|
22
|
-
if (!(0, fs_1.existsSync)(dir)) {
|
|
23
|
-
(0, fs_1.mkdirSync)(dir, { recursive: true });
|
|
24
|
-
}
|
|
25
|
-
const line = (0, stable_json_1.stableStringify)({
|
|
26
|
-
...envelope,
|
|
27
|
-
schemaVersion: contracts_1.GOVERNANCE_TELEMETRY_SCHEMA_VERSION,
|
|
28
|
-
});
|
|
29
|
-
(0, fs_1.appendFileSync)(telemetryEventsPath(repoRoot), `${line}\n`, 'utf8');
|
|
30
|
-
}
|
|
31
|
-
catch {
|
|
32
|
-
// intentional swallow
|
|
33
|
-
}
|
|
34
|
-
}
|
|
35
|
-
/**
|
|
36
|
-
* Record verify completion from canonical CLI verify JSON (already normalized).
|
|
37
|
-
*/
|
|
38
|
-
function appendVerifyCompletedFromCanonical(repoRoot, canonical, runId) {
|
|
39
|
-
const harvested = (0, harvest_verify_1.harvestGovernanceVerifyCompleted)(canonical);
|
|
40
|
-
if (!harvested) {
|
|
41
|
-
return;
|
|
42
|
-
}
|
|
43
|
-
const envelope = {
|
|
44
|
-
schemaVersion: contracts_1.GOVERNANCE_TELEMETRY_SCHEMA_VERSION,
|
|
45
|
-
emittedAt: new Date().toISOString(),
|
|
46
|
-
eventType: 'governance.verify.completed',
|
|
47
|
-
runId: runId ?? null,
|
|
48
|
-
findingSetDigest: harvested.findingSetDigest,
|
|
49
|
-
payload: harvested.payload,
|
|
50
|
-
};
|
|
51
|
-
appendGovernanceTelemetryEvent(repoRoot, envelope);
|
|
52
|
-
}
|
|
@@ -1,20 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Bounded, explainable trust signals — no opaque ML.
|
|
3
|
-
* All outputs are in [0, 1] unless noted.
|
|
4
|
-
*/
|
|
5
|
-
import type { GovernanceVerifyCompletedPayload } from './contracts';
|
|
6
|
-
import type { TelemetryRollup } from './precision/leaderboards';
|
|
7
|
-
export interface BoundedTrustScores {
|
|
8
|
-
/** 1 − (suppressed findings / max(1, total findings)) from the last completed verify slice. */
|
|
9
|
-
findingTrustScore: number;
|
|
10
|
-
/** Mean of per-rule (1 − suppressionRate) over rules with ≥1 trigger, from rollups. */
|
|
11
|
-
ruleTrustScore: number;
|
|
12
|
-
/** 1 if replay exact, 0.65 if bounded degradation, 0.5 if unknown/missing. */
|
|
13
|
-
replayTrustScore: number;
|
|
14
|
-
/** Density of blocking findings vs advisory (blocking / max(1, total)). */
|
|
15
|
-
reviewerTrustDensity: number;
|
|
16
|
-
/** Harmonic-style blend of finding + rule trust (operational usefulness proxy). */
|
|
17
|
-
governanceUsefulnessScore: number;
|
|
18
|
-
}
|
|
19
|
-
export declare function trustFromVerifyPayload(p: GovernanceVerifyCompletedPayload): BoundedTrustScores;
|
|
20
|
-
export declare function trustFromRollups(rollup: TelemetryRollup): Pick<BoundedTrustScores, 'ruleTrustScore'>;
|
|
@@ -1,58 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
/**
|
|
3
|
-
* Bounded, explainable trust signals — no opaque ML.
|
|
4
|
-
* All outputs are in [0, 1] unless noted.
|
|
5
|
-
*/
|
|
6
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
7
|
-
exports.trustFromVerifyPayload = trustFromVerifyPayload;
|
|
8
|
-
exports.trustFromRollups = trustFromRollups;
|
|
9
|
-
function trustFromVerifyPayload(p) {
|
|
10
|
-
const n = Math.max(1, p.governanceFindingCount);
|
|
11
|
-
const findingTrustScore = clamp01(1 - p.suppressedFindingCount / n);
|
|
12
|
-
const ruleIds = Object.keys(p.structuralRuleTriggerHistogram);
|
|
13
|
-
let sum = 0;
|
|
14
|
-
let count = 0;
|
|
15
|
-
for (const ruleId of ruleIds) {
|
|
16
|
-
const t = p.structuralRuleTriggerHistogram[ruleId] ?? 0;
|
|
17
|
-
const s = p.structuralRuleSuppressionHistogram[ruleId] ?? 0;
|
|
18
|
-
if (t <= 0) {
|
|
19
|
-
continue;
|
|
20
|
-
}
|
|
21
|
-
sum += 1 - s / t;
|
|
22
|
-
count += 1;
|
|
23
|
-
}
|
|
24
|
-
const ruleTrustScore = count > 0 ? clamp01(sum / count) : 1;
|
|
25
|
-
let replayTrustScore = 0.5;
|
|
26
|
-
if (p.replayIntegrityStatus === 'exact') {
|
|
27
|
-
replayTrustScore = 1;
|
|
28
|
-
}
|
|
29
|
-
else if (p.replayIntegrityStatus === 'bounded-degradation') {
|
|
30
|
-
replayTrustScore = 0.65;
|
|
31
|
-
}
|
|
32
|
-
const reviewerTrustDensity = clamp01(p.blockingFindingCount / n);
|
|
33
|
-
const governanceUsefulnessScore = clamp01(0.45 * findingTrustScore + 0.35 * ruleTrustScore + 0.2 * replayTrustScore);
|
|
34
|
-
return {
|
|
35
|
-
findingTrustScore,
|
|
36
|
-
ruleTrustScore,
|
|
37
|
-
replayTrustScore,
|
|
38
|
-
reviewerTrustDensity,
|
|
39
|
-
governanceUsefulnessScore,
|
|
40
|
-
};
|
|
41
|
-
}
|
|
42
|
-
function trustFromRollups(rollup) {
|
|
43
|
-
const rows = rollup.ruleRollups.filter(r => r.triggerCount > 0);
|
|
44
|
-
if (rows.length === 0) {
|
|
45
|
-
return { ruleTrustScore: 1 };
|
|
46
|
-
}
|
|
47
|
-
const acc = rows.reduce((s, r) => s + (1 - r.suppressionRate), 0) / rows.length;
|
|
48
|
-
return { ruleTrustScore: clamp01(acc) };
|
|
49
|
-
}
|
|
50
|
-
function clamp01(x) {
|
|
51
|
-
if (x < 0) {
|
|
52
|
-
return 0;
|
|
53
|
-
}
|
|
54
|
-
if (x > 1) {
|
|
55
|
-
return 1;
|
|
56
|
-
}
|
|
57
|
-
return x;
|
|
58
|
-
}
|