@rigour-labs/core 2.0.0 → 2.1.0

package/src/gates/environment.ts

@@ -0,0 +1,94 @@
+import { Gate, GateContext } from './base.js';
+import { Failure, Gates } from '../types/index.js';
+import { execa } from 'execa';
+import semver from 'semver';
+import fs from 'fs-extra';
+import path from 'path';
+
+export class EnvironmentGate extends Gate {
+    constructor(private config: Gates) {
+        super('environment-alignment', 'Environment & Tooling Alignment');
+    }
+
+    async run(context: GateContext): Promise<Failure[]> {
+        const failures: Failure[] = [];
+        const envConfig = this.config.environment;
+        if (!envConfig || !envConfig.enabled) return [];
+
+        const contracts = envConfig.enforce_contracts ? await this.discoverContracts(context.cwd) : {};
+        const toolsToCheck = { ...contracts, ...(envConfig.tools || {}) };
+
+        // 1. Verify Tool Versions
+        for (const [tool, range] of Object.entries(toolsToCheck)) {
+            // Ensure range is a string
+            const semverRange = String(range);
+            try {
+                const { stdout } = await execa(tool, ['--version'], { shell: true });
+                const versionMatch = stdout.match(/(\d+\.\d+\.\d+)/);
+
+                if (versionMatch) {
+                    const version = versionMatch[1];
+                    if (!semver.satisfies(version, semverRange)) {
+                        failures.push(this.createFailure(
+                            `Environment Alignment: Tool '${tool}' version mismatch.`,
+                            [],
+                            `Project requires '${tool} ${semverRange}' (discovered from contract), but found version '${version}'. Please align your local environment to prevent drift.`
+                        ));
+                    }
+                } else {
+                    failures.push(this.createFailure(
+                        `Environment Alignment: Could not determine version for '${tool}'.`,
+                        [],
+                        `Ensure '${tool} --version' returns a standard SemVer string.`
+                    ));
+                }
+            } catch (e) {
+                failures.push(this.createFailure(
+                    `Environment Alignment: Required tool '${tool}' is missing.`,
+                    [],
+                    `Install '${tool}' and ensure it is in your $PATH.`
+                ));
+            }
+        }
+
+        // 2. Verify Required Env Vars
+        const requiredEnv = envConfig.required_env || [];
+        for (const envVar of requiredEnv) {
+            if (!process.env[envVar]) {
+                failures.push(this.createFailure(
+                    `Environment Alignment: Missing required environment variable '${envVar}'.`,
+                    [],
+                    `Ensure '${envVar}' is defined in your environment or .env file.`
+                ));
+            }
+        }
+
+        return failures;
+    }
+
+    private async discoverContracts(cwd: string): Promise<Record<string, string>> {
+        const contracts: Record<string, string> = {};
+
+        // 1. Scan pyproject.toml (for ruff, mypy)
+        const pyprojectPath = path.join(cwd, 'pyproject.toml');
+        if (await fs.pathExists(pyprojectPath)) {
+            const content = await fs.readFile(pyprojectPath, 'utf-8');
+            // SME Logic: Look for ruff and mypy version constraints
+            // Handle both ruff = "^0.14.0" and ruff = { version = "^0.14.0" }
+            const ruffMatch = content.match(/ruff\s*=\s*(?:['"]([^'"]+)['"]|\{\s*version\s*=\s*['"]([^'"]+)['"]\s*\})/);
+            if (ruffMatch) contracts['ruff'] = ruffMatch[1] || ruffMatch[2];
+
+            const mypyMatch = content.match(/mypy\s*=\s*(?:['"]([^'"]+)['"]|\{\s*version\s*=\s*['"]([^'"]+)['"]\s*\})/);
+            if (mypyMatch) contracts['mypy'] = mypyMatch[1] || mypyMatch[2];
+        }
+
+        // 2. Scan package.json (for node/npm/pnpm)
+        const pkgPath = path.join(cwd, 'package.json');
+        if (await fs.pathExists(pkgPath)) {
+            const pkg = await fs.readJson(pkgPath);
+            if (pkg.engines?.node) contracts['node'] = pkg.engines.node;
+        }
+
+        return contracts;
+    }
+}

package/src/gates/file.ts

@@ -12,7 +12,11 @@ export class FileGate extends Gate {
     }
 
     async run(context: GateContext): Promise<Failure[]> {
-        const files = await FileScanner.findFiles({ cwd: context.cwd });
+        const files = await FileScanner.findFiles({
+            cwd: context.cwd,
+            ignore: context.ignore,
+            patterns: context.patterns
+        });
         const contents = await FileScanner.readFiles(context.cwd, files);
 
         const violations: string[] = [];

package/src/gates/runner.ts

@@ -7,6 +7,9 @@ import { ASTGate } from './ast.js';
 import { SafetyGate } from './safety.js';
 import { DependencyGate } from './dependency.js';
 import { CoverageGate } from './coverage.js';
+import { ContextGate } from './context.js';
+import { ContextEngine } from '../services/context-engine.js';
+import { EnvironmentGate } from './environment.js'; // [NEW]
 import { execa } from 'execa';
 import { Logger } from '../utils/logger.js';
 
@@ -34,6 +37,15 @@ export class GateRunner {
         this.gates.push(new DependencyGate(this.config));
         this.gates.push(new SafetyGate(this.config.gates));
         this.gates.push(new CoverageGate(this.config.gates));
+
+        if (this.config.gates.context?.enabled) {
+            this.gates.push(new ContextGate(this.config.gates));
+        }
+
+        // Environment Alignment Gate (Should be prioritized)
+        if (this.config.gates.environment?.enabled) {
+            this.gates.unshift(new EnvironmentGate(this.config.gates));
+        }
     }
 
     /**
@@ -43,15 +55,24 @@ export class GateRunner {
         this.gates.push(gate);
     }
 
-    async run(cwd: string): Promise<Report> {
+    async run(cwd: string, patterns?: string[]): Promise<Report> {
         const start = Date.now();
         const failures: Failure[] = [];
         const summary: Record<string, Status> = {};
 
+        const ignore = this.config.ignore;
+
+        // 0. Run Context Discovery
+        let record;
+        if (this.config.gates.context?.enabled) {
+            const engine = new ContextEngine(this.config);
+            record = await engine.discover(cwd);
+        }
+
         // 1. Run internal gates
         for (const gate of this.gates) {
             try {
-                const gateFailures = await gate.run({ cwd });
+                const gateFailures = await gate.run({ cwd, record, ignore, patterns });
                 if (gateFailures.length > 0) {
                     failures.push(...gateFailures);
                     summary[gate.id] = 'FAIL';

package/src/services/context-engine.ts

@@ -0,0 +1,104 @@
+import { FileScanner } from '../utils/scanner.js';
+import { Config } from '../types/index.js';
+import path from 'path';
+import fs from 'fs-extra';
+
+export interface ProjectAnchor {
+    id: string;
+    type: 'env' | 'naming' | 'import';
+    pattern: string;
+    confidence: number;
+    occurrences: number;
+}
+
+export interface GoldenRecord {
+    anchors: ProjectAnchor[];
+    metadata: {
+        scannedFiles: number;
+        detectedCasing: 'camelCase' | 'snake_case' | 'PascalCase' | 'unknown';
+    };
+}
+
+export class ContextEngine {
+    constructor(private config: Config) { }
+
+    async discover(cwd: string): Promise<GoldenRecord> {
+        const anchors: ProjectAnchor[] = [];
+        const files = await FileScanner.findFiles({
+            cwd,
+            patterns: [
+                '**/*.{ts,js,py,yaml,yml,json}',
+                '.env*',
+                '**/.env*',
+                '**/package.json',
+                '**/Dockerfile',
+                '**/*.tf'
+            ]
+        });
+
+        const limit = this.config.gates.context?.mining_depth || 100;
+        const samples = files.slice(0, limit);
+
+        const envVars = new Map<string, number>();
+        let scannedFiles = 0;
+
+        for (const file of samples) {
+            try {
+                const content = await fs.readFile(path.join(cwd, file), 'utf-8');
+                scannedFiles++;
+                this.mineEnvVars(content, file, envVars);
+            } catch (e) { }
+        }
+
+        console.log(`[ContextEngine] Discovered ${envVars.size} env anchors`);
+
+        // Convert envVars to anchors
+        for (const [name, count] of envVars.entries()) {
+            const confidence = count >= 2 ? 1 : 0.5;
+            anchors.push({
+                id: name,
+                type: 'env',
+                pattern: name,
+                occurrences: count,
+                confidence
+            });
+        }
+
+        return {
+            anchors,
+            metadata: {
+                scannedFiles,
+                detectedCasing: 'unknown', // TODO: Implement casing discovery
+            }
+        };
+    }
+
+    private mineEnvVars(content: string, file: string, registry: Map<string, number>) {
+        const isAnchorSource = file.includes('.env') || file.includes('yml') || file.includes('yaml');
+
+        if (isAnchorSource) {
+            const matches = content.matchAll(/^\s*([A-Z0-9_]+)\s*=/gm);
+            for (const match of matches) {
+                // Anchors from .env count for more initially
+                registry.set(match[1], (registry.get(match[1]) || 0) + 2);
+            }
+        }
+
+        // Source code matches (process.env.VAR or process.env['VAR'])
+        const tsJsMatches = content.matchAll(/process\.env(?:\.([A-Z0-9_]+)|\[['"]([A-Z0-9_]+)['"]\])/g);
+        for (const match of tsJsMatches) {
+            const name = match[1] || match[2];
+            this.incrementRegistry(registry, name);
+        }
+
+        // Python matches (os.environ.get('VAR') or os.environ['VAR'])
+        const pyMatches = content.matchAll(/os\.environ(?:\.get\(|\[)['"]([A-Z0-9_]+)['"]/g);
+        for (const match of pyMatches) {
+            this.incrementRegistry(registry, match[1]);
+        }
+    }
+
+    private incrementRegistry(registry: Map<string, number>, key: string) {
+        registry.set(key, (registry.get(key) || 0) + 1);
+    }
+}

package/src/templates/index.ts

@@ -190,9 +190,22 @@ export const UNIVERSAL_CONFIG: Config = {
             max_files_changed_per_cycle: 10,
             protected_paths: ['.github/**', 'docs/**', 'rigour.yml'],
         },
+        context: {
+            enabled: true,
+            sensitivity: 0.8,
+            mining_depth: 100,
+            ignored_patterns: [],
+        },
+        environment: {
+            enabled: true,
+            enforce_contracts: true,
+            tools: {},
+            required_env: [],
+        },
     },
     output: {
         report_path: 'rigour-report.json',
     },
     planned: [],
+    ignore: [],
 };

package/src/types/index.ts

@@ -35,6 +35,18 @@ export const GatesSchema = z.object({
         max_files_changed_per_cycle: z.number().optional().default(10),
         protected_paths: z.array(z.string()).optional().default(['.github/**', 'docs/**', 'rigour.yml']),
     }).optional().default({}),
+    context: z.object({
+        enabled: z.boolean().optional().default(true),
+        sensitivity: z.number().min(0).max(1).optional().default(0.8), // 0.8 correlation threshold
+        mining_depth: z.number().optional().default(100), // Number of files to sample
+        ignored_patterns: z.array(z.string()).optional().default([]),
+    }).optional().default({}),
+    environment: z.object({
+        enabled: z.boolean().optional().default(true),
+        enforce_contracts: z.boolean().optional().default(true), // Auto-discovery of versions from truth sources
+        tools: z.record(z.string()).optional().default({}), // Explicit overrides
+        required_env: z.array(z.string()).optional().default([]),
+    }).optional().default({}),
 });
 
 export const CommandsSchema = z.object({
@@ -54,12 +66,17 @@ export const ConfigSchema = z.object({
         report_path: z.string().default('rigour-report.json'),
     }).optional().default({}),
     planned: z.array(z.string()).optional().default([]),
+    ignore: z.array(z.string()).optional().default([]),
 });
 
 export type Gates = z.infer<typeof GatesSchema>;
 export type Commands = z.infer<typeof CommandsSchema>;
 export type Config = z.infer<typeof ConfigSchema>;
 
+export type RawGates = z.input<typeof GatesSchema>;
+export type RawCommands = z.input<typeof CommandsSchema>;
+export type RawConfig = z.input<typeof ConfigSchema>;
+
 export const StatusSchema = z.enum(['PASS', 'FAIL', 'SKIP', 'ERROR']);
 export type Status = z.infer<typeof StatusSchema>;
 

package/src/utils/scanner.ts

@@ -20,16 +20,21 @@ export class FileScanner {
     ];
 
     static async findFiles(options: ScannerOptions): Promise<string[]> {
-        return globby(options.patterns || this.DEFAULT_PATTERNS, {
-            cwd: options.cwd,
-            ignore: options.ignore || this.DEFAULT_IGNORE,
+        const patterns = (options.patterns || this.DEFAULT_PATTERNS).map(p => p.replace(/\\/g, '/'));
+        const ignore = (options.ignore || this.DEFAULT_IGNORE).map(p => p.replace(/\\/g, '/'));
+        const normalizedCwd = options.cwd.replace(/\\/g, '/');
+
+        return globby(patterns, {
+            cwd: normalizedCwd,
+            ignore: ignore,
         });
     }
 
     static async readFiles(cwd: string, files: string[]): Promise<Map<string, string>> {
         const contents = new Map<string, string>();
         for (const file of files) {
-            const filePath = path.join(cwd, file);
+            const normalizedFile = file.replace(/\//g, path.sep);
+            const filePath = path.isAbsolute(normalizedFile) ? normalizedFile : path.join(cwd, normalizedFile);
             contents.set(file, await fs.readFile(filePath, 'utf-8'));
         }
         return contents;