@rigour-labs/core 2.0.0 → 2.2.0

package/dist/context.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/context.test.js

@@ -0,0 +1,61 @@
+import { describe, it, expect, beforeAll, afterAll } from 'vitest';
+import { GateRunner } from '../src/gates/runner.js';
+import fs from 'fs-extra';
+import path from 'path';
+import { fileURLToPath } from 'url';
+const __dirname = path.dirname(fileURLToPath(import.meta.url));
+const TEST_CWD = path.join(__dirname, '../temp-test-context');
+describe('Context Awareness Engine', () => {
+    beforeAll(async () => {
+        await fs.ensureDir(TEST_CWD);
+    });
+    afterAll(async () => {
+        await fs.remove(TEST_CWD);
+    });
+    it('should detect context drift for redundant env suffixes (Golden Example)', async () => {
+        // Setup: Define standard GCP_PROJECT_ID
+        await fs.writeFile(path.join(TEST_CWD, '.env.example'), 'GCP_PROJECT_ID=my-project\n');
+        // Setup: Use drifted GCP_PROJECT_ID_PRODUCTION
+        await fs.writeFile(path.join(TEST_CWD, 'feature.js'), `
+            const id = process.env.GCP_PROJECT_ID_PRODUCTION;
+            console.log(id);
+        `);
+        const config = {
+            version: 1,
+            commands: {},
+            gates: {
+                context: {
+                    enabled: true,
+                    sensitivity: 0.8,
+                    mining_depth: 10,
+                },
+            },
+            output: { report_path: 'rigour-report.json' }
+        };
+        const runner = new GateRunner(config);
+        const report = await runner.run(TEST_CWD);
+        const driftFailures = report.failures.filter(f => f.id === 'context-drift');
+        expect(driftFailures.length).toBeGreaterThan(0);
+        expect(driftFailures[0].details).toContain('GCP_PROJECT_ID_PRODUCTION');
+        expect(driftFailures[0].hint).toContain('GCP_PROJECT_ID');
+    });
+    it('should not flag valid environment variables', async () => {
+        await fs.writeFile(path.join(TEST_CWD, 'valid.js'), `
+            const id = process.env.GCP_PROJECT_ID;
+        `);
+        const config = {
+            version: 1,
+            commands: {},
+            gates: {
+                context: { enabled: true },
+            },
+            output: { report_path: 'rigour-report.json' }
+        };
+        const runner = new GateRunner(config);
+        const report = await runner.run(TEST_CWD);
+        const driftFailures = report.failures.filter(f => f.id === 'context-drift');
+        // Filter out failures from other files if they still exist in TEST_CWD
+        const specificFailures = driftFailures.filter(f => f.files?.includes('valid.js'));
+        expect(specificFailures.length).toBe(0);
+    });
+});

package/dist/discovery.js

@@ -61,15 +61,20 @@ export class DiscoveryService {
         return false;
     }
     async findSourceFiles(cwd) {
-        // Find a few files to sample
         const extensions = ['.ts', '.js', '.py', '.go', '.java', '.tf', 'package.json'];
         const samples = [];
-        const files = await fs.readdir(cwd);
-        for (const file of files) {
-            if (extensions.some(ext => file.endsWith(ext))) {
-                samples.push(path.join(cwd, file));
-                if (samples.length >= 5)
-                    break;
+        const commonDirs = ['.', 'src', 'app', 'lib', 'api', 'pkg'];
+        for (const dir of commonDirs) {
+            const fullDir = path.join(cwd, dir);
+            if (!(await fs.pathExists(fullDir)))
+                continue;
+            const files = await fs.readdir(fullDir);
+            for (const file of files) {
+                if (extensions.some(ext => file.endsWith(ext))) {
+                    samples.push(path.join(fullDir, file));
+                    if (samples.length >= 5)
+                        return samples;
+                }
             }
         }
         return samples;

package/dist/discovery.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/discovery.test.js

@@ -0,0 +1,57 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { DiscoveryService } from './discovery.js';
+import fs from 'fs-extra';
+vi.mock('fs-extra');
+describe('DiscoveryService', () => {
+    beforeEach(() => {
+        vi.resetAllMocks();
+    });
+    it('should discover project marker in root directory', async () => {
+        const service = new DiscoveryService();
+        vi.mocked(fs.pathExists).mockImplementation(async (p) => p.includes('package.json'));
+        vi.mocked(fs.readdir).mockResolvedValue(['package.json']);
+        vi.mocked(fs.readFile).mockResolvedValue('{}');
+        const result = await service.discover('/test');
+        // If package.json doesn't match a specific role marker, it stays Universal.
+        // Let's mock a specific one like 'express'
+        vi.mocked(fs.pathExists).mockImplementation(async (p) => p.includes('express'));
+        const result2 = await service.discover('/test');
+        expect(result2.matches.preset?.name).toBe('api');
+    });
+    it('should discover project marker in src/ directory (Deep Detection)', async () => {
+        const service = new DiscoveryService();
+        vi.mocked(fs.pathExists).mockImplementation((async (p) => {
+            if (p.endsWith('src'))
+                return true;
+            if (p.includes('src/index.ts'))
+                return true;
+            return false;
+        }));
+        vi.mocked(fs.readdir).mockImplementation((async (p) => {
+            if (p.toString().endsWith('/test'))
+                return ['src'];
+            if (p.toString().endsWith('src'))
+                return ['index.ts'];
+            return [];
+        }));
+        vi.mocked(fs.readFile).mockResolvedValue('export const x = 1;');
+        const result = await service.discover('/test');
+        // Since UNIVERSAL_CONFIG has a default, we check if it found something extra or matches expectation
+        // Default is universal, but detecting .ts should tilt it towards node or similar if configured
+        // In our current templates, package.json is the node marker.
+        // Let's check for paradigm detection which uses content
+        expect(result.config).toBeDefined();
+    });
+    it('should identify OOP paradigm from content in subfolder', async () => {
+        const service = new DiscoveryService();
+        vi.mocked(fs.pathExists).mockImplementation((async (p) => p.endsWith('src') || p.endsWith('src/Service.ts')));
+        vi.mocked(fs.readdir).mockImplementation((async (p) => {
+            if (p.toString().endsWith('src'))
+                return ['Service.ts'];
+            return ['src'];
+        }));
+        vi.mocked(fs.readFile).mockResolvedValue('class MyService {}');
+        const result = await service.discover('/test');
+        expect(result.matches.paradigm?.name).toBe('oop');
+    });
+});

package/dist/environment.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/environment.test.js

@@ -0,0 +1,97 @@
+import { describe, it, expect, beforeEach, afterEach } from 'vitest';
+import { GateRunner } from './gates/runner.js';
+import { ConfigSchema } from './types/index.js';
+import fs from 'fs-extra';
+import path from 'path';
+describe('Environment Alignment Gate', () => {
+    const testDir = path.join(process.cwd(), 'temp-test-env');
+    beforeEach(async () => {
+        await fs.ensureDir(testDir);
+    });
+    afterEach(async () => {
+        await fs.remove(testDir);
+    });
+    it('should detect tool version mismatch (Explicit)', async () => {
+        const rawConfig = {
+            version: 1,
+            gates: {
+                environment: {
+                    enabled: true,
+                    enforce_contracts: false,
+                    tools: {
+                        node: ">=99.0.0" // Guaranteed to fail
+                    }
+                }
+            }
+        };
+        const config = ConfigSchema.parse(rawConfig);
+        const runner = new GateRunner(config);
+        const report = await runner.run(testDir);
+        expect(report.status).toBe('FAIL');
+        const envFailure = report.failures.find(f => f.id === 'environment-alignment');
+        expect(envFailure).toBeDefined();
+        expect(envFailure?.details).toContain('node');
+        expect(envFailure?.details).toContain('version mismatch');
+    });
+    it('should detect missing environment variables', async () => {
+        const rawConfig = {
+            version: 1,
+            gates: {
+                environment: {
+                    enabled: true,
+                    required_env: ["RIGOUR_TEST_VAR_MISSING"]
+                }
+            }
+        };
+        const config = ConfigSchema.parse(rawConfig);
+        const runner = new GateRunner(config);
+        const report = await runner.run(testDir);
+        expect(report.status).toBe('FAIL');
+        expect(report.failures[0].details).toContain('RIGOUR_TEST_VAR_MISSING');
+    });
+    it('should discover contracts from pyproject.toml', async () => {
+        // Create mock pyproject.toml with a version that will surely fail
+        await fs.writeFile(path.join(testDir, 'pyproject.toml'), `
+[tool.ruff]
+ruff = ">=99.14.0"
+`);
+        const rawConfig = {
+            version: 1,
+            gates: {
+                environment: {
+                    enabled: true,
+                    enforce_contracts: true,
+                    tools: {} // Should discover ruff from file
+                }
+            }
+        };
+        const config = ConfigSchema.parse(rawConfig);
+        const runner = new GateRunner(config);
+        const report = await runner.run(testDir);
+        // This might pass or fail depending on the local ruff version, 
+        // but we want to check if the gate attempted to check ruff.
+        // If ruff is missing, it will fail with "is missing".
+        const ruffFailure = report.failures.find(f => f.details.includes('ruff'));
+        expect(ruffFailure).toBeDefined();
+    });
+    it('should prioritize environment gate and run it first', async () => {
+        const rawConfig = {
+            version: 1,
+            gates: {
+                max_file_lines: 1,
+                environment: {
+                    enabled: true,
+                    required_env: ["MANDATORY_SECRET_MISSING"]
+                }
+            }
+        };
+        const config = ConfigSchema.parse(rawConfig);
+        // Create a file that would fail max_file_lines
+        await fs.writeFile(path.join(testDir, 'large.js'), 'line1\nline2\nline3');
+        const runner = new GateRunner(config);
+        const report = await runner.run(testDir);
+        // In a real priority system, we might want to stop after environment failure.
+        // Currently GateRunner runs all, but environment-alignment has been unshifted.
+        expect(Object.keys(report.summary)[0]).toBe('environment-alignment');
+    });
+});

package/dist/gates/ast-handlers/python.js

@@ -10,8 +10,22 @@ export class PythonHandler extends ASTHandler {
     async run(context) {
         const failures = [];
         const scriptPath = path.join(__dirname, 'python_parser.py');
+        // Dynamic command detection for cross-platform support (Mac/Linux usually python3, Windows usually python)
+        let pythonCmd = 'python3';
         try {
-            const { stdout } = await execa('python3', [scriptPath], {
+            await execa('python3', ['--version']);
+        }
+        catch (e) {
+            try {
+                await execa('python', ['--version']);
+                pythonCmd = 'python';
+            }
+            catch (e2) {
+                // Both missing - handled by main catch
+            }
+        }
+        try {
+            const { stdout } = await execa(pythonCmd, [scriptPath], {
                 input: context.content,
                 cwd: context.cwd
             });

package/dist/gates/ast.js

@@ -17,10 +17,13 @@ export class ASTGate extends Gate {
     }
     async run(context) {
         const failures = [];
+        const patterns = (context.patterns || ['**/*.{ts,js,tsx,jsx,py,go,rs,cs,java,rb,c,cpp,php,swift,kt}']).map(p => p.replace(/\\/g, '/'));
+        const ignore = (context.ignore || ['node_modules/**', 'dist/**', 'build/**', '**/*.test.*', '**/*.spec.*', '**/__pycache__/**']).map(p => p.replace(/\\/g, '/'));
+        const normalizedCwd = context.cwd.replace(/\\/g, '/');
         // Find all supported files
-        const files = await globby(['**/*.{ts,js,tsx,jsx,py,go,rs,cs,java,rb,c,cpp,php,swift,kt}'], {
-            cwd: context.cwd,
-            ignore: ['node_modules/**', 'dist/**', 'build/**', '**/*.test.*', '**/*.spec.*', '**/__pycache__/**'],
+        const files = await globby(patterns, {
+            cwd: normalizedCwd,
+            ignore: ignore,
         });
         for (const file of files) {
             const handler = this.handlers.find(h => h.supports(file));

package/dist/gates/base.d.ts

@@ -1,11 +1,15 @@
+import { GoldenRecord } from '../services/context-engine.js';
 import { Failure } from '../types/index.js';
 export interface GateContext {
     cwd: string;
+    record?: GoldenRecord;
+    ignore?: string[];
+    patterns?: string[];
 }
 export declare abstract class Gate {
     readonly id: string;
     readonly title: string;
     constructor(id: string, title: string);
     abstract run(context: GateContext): Promise<Failure[]>;
-    protected createFailure(details: string, files?: string[], hint?: string): Failure;
+    protected createFailure(details: string, files?: string[], hint?: string, title?: string): Failure;
 }

package/dist/gates/base.js

@@ -5,10 +5,10 @@ export class Gate {
         this.id = id;
         this.title = title;
     }
-    createFailure(details, files, hint) {
+    createFailure(details, files, hint, title) {
         return {
             id: this.id,
-            title: this.title,
+            title: title || this.title,
             details,
             files,
             hint,

package/dist/gates/content.js

@@ -14,7 +14,11 @@ export class ContentGate extends Gate {
             patterns.push(/FIXME/i);
         if (patterns.length === 0)
             return [];
-        const files = await FileScanner.findFiles({ cwd: context.cwd });
+        const files = await FileScanner.findFiles({
+            cwd: context.cwd,
+            ignore: context.ignore,
+            patterns: context.patterns
+        });
         const contents = await FileScanner.readFiles(context.cwd, files);
         const violations = [];
         for (const [file, content] of contents) {

package/dist/gates/context.d.ts

@@ -0,0 +1,8 @@
+import { Gate, GateContext } from './base.js';
+import { Failure, Gates } from '../types/index.js';
+export declare class ContextGate extends Gate {
+    private config;
+    constructor(config: Gates);
+    run(context: GateContext): Promise<Failure[]>;
+    private checkEnvDrift;
+}

package/dist/gates/context.js

@@ -0,0 +1,43 @@
+import { Gate } from './base.js';
+import { FileScanner } from '../utils/scanner.js';
+import fs from 'fs-extra';
+import path from 'path';
+export class ContextGate extends Gate {
+    config;
+    constructor(config) {
+        super('context-drift', 'Context Awareness & Drift Detection');
+        this.config = config;
+    }
+    async run(context) {
+        const failures = [];
+        const record = context.record;
+        if (!record || !this.config.context?.enabled)
+            return [];
+        const files = await FileScanner.findFiles({ cwd: context.cwd });
+        const envAnchors = record.anchors.filter(a => a.type === 'env' && a.confidence >= 1);
+        for (const file of files) {
+            try {
+                const content = await fs.readFile(path.join(context.cwd, file), 'utf-8');
+                // 1. Detect Redundant Suffixes (The Golden Example)
+                this.checkEnvDrift(content, file, envAnchors, failures);
+            }
+            catch (e) { }
+        }
+        return failures;
+    }
+    checkEnvDrift(content, file, anchors, failures) {
+        // Find all environment variable accesses in the content
+        const matches = content.matchAll(/process\.env(?:\.([A-Z0-9_]+)|\[['"]([A-Z0-9_]+)['"]\])/g);
+        for (const match of matches) {
+            const accessedVar = match[1] || match[2];
+            for (const anchor of anchors) {
+                // If the accessed variable contains the anchor but is not equal to it, 
+                // it's a potential "invented" redundancy (e.g. CORE_URL vs CORE_URL_PROD)
+                if (accessedVar !== anchor.id && accessedVar.includes(anchor.id)) {
+                    const deviation = accessedVar.replace(anchor.id, '').replace(/^_|_$/, '');
+                    failures.push(this.createFailure(`Context Drift: Redundant variation '${accessedVar}' detected in ${file}.`, [file], `The project already uses '${anchor.id}' as a standard anchor. Avoid inventing variations like '${deviation}'. Reuse the existing anchor or align with established project patterns.`));
+                }
+            }
+        }
+    }
+}

package/dist/gates/coverage.js

@@ -51,7 +51,12 @@ export class CoverageGate extends Gate {
                 results[currentFile] = { found: 0, hit: 0, isComplex: false };
             }
             else if (line.startsWith('LF:')) {
-                results[currentFile].found = parseInt(line.substring(3));
+                const found = parseInt(line.substring(3));
+                results[currentFile].found = found;
+                // SME Logic: If a file has > 100 logical lines, it's considered "Complex"
+                // and triggers the higher (80%) coverage requirement.
+                if (found > 100)
+                    results[currentFile].isComplex = true;
             }
             else if (line.startsWith('LH:')) {
                 results[currentFile].hit = parseInt(line.substring(3));

package/dist/gates/dependency.js

@@ -25,12 +25,51 @@ export class DependencyGate extends Gate {
                 };
                 for (const dep of forbidden) {
                     if (allDeps[dep]) {
-                        failures.push(this.createFailure(`The package '${dep}' is forbidden by project standards.`, ['package.json'], `Remove '${dep}' from package.json and use approved alternatives.`));
+                        failures.push(this.createFailure(`The package '${dep}' is forbidden by project standards.`, ['package.json'], `Remove '${dep}' from package.json and use approved alternatives.`, 'Forbidden Dependency'));
                     }
                 }
             }
             catch (e) { }
         }
+        // 2. Scan Python (requirements.txt, pyproject.toml)
+        const reqPath = path.join(cwd, 'requirements.txt');
+        if (await fs.pathExists(reqPath)) {
+            const content = await fs.readFile(reqPath, 'utf-8');
+            for (const dep of forbidden) {
+                if (new RegExp(`^${dep}([=<>! ]|$)`, 'm').test(content)) {
+                    failures.push(this.createFailure(`The Python package '${dep}' is forbidden.`, ['requirements.txt'], `Remove '${dep}' from requirements.txt.`, 'Forbidden Dependency'));
+                }
+            }
+        }
+        const pyprojPath = path.join(cwd, 'pyproject.toml');
+        if (await fs.pathExists(pyprojPath)) {
+            const content = await fs.readFile(pyprojPath, 'utf-8');
+            for (const dep of forbidden) {
+                if (new RegExp(`^${dep}\\s*=`, 'm').test(content)) {
+                    failures.push(this.createFailure(`The Python package '${dep}' is forbidden in pyproject.toml.`, ['pyproject.toml'], `Remove '${dep}' from pyproject.toml dependencies.`, 'Forbidden Dependency'));
+                }
+            }
+        }
+        // 3. Scan Go (go.mod)
+        const goModPath = path.join(cwd, 'go.mod');
+        if (await fs.pathExists(goModPath)) {
+            const content = await fs.readFile(goModPath, 'utf-8');
+            for (const dep of forbidden) {
+                if (content.includes(dep)) {
+                    failures.push(this.createFailure(`The Go module '${dep}' is forbidden.`, ['go.mod'], `Remove '${dep}' from go.mod.`, 'Forbidden Dependency'));
+                }
+            }
+        }
+        // 4. Scan Java (pom.xml)
+        const pomPath = path.join(cwd, 'pom.xml');
+        if (await fs.pathExists(pomPath)) {
+            const content = await fs.readFile(pomPath, 'utf-8');
+            for (const dep of forbidden) {
+                if (content.includes(`<artifactId>${dep}</artifactId>`)) {
+                    failures.push(this.createFailure(`The Java artifact '${dep}' is forbidden.`, ['pom.xml'], `Remove '${dep}' from pom.xml.`, 'Forbidden Dependency'));
+                }
+            }
+        }
         return failures;
     }
 }

package/dist/gates/environment.d.ts

@@ -0,0 +1,8 @@
+import { Gate, GateContext } from './base.js';
+import { Failure, Gates } from '../types/index.js';
+export declare class EnvironmentGate extends Gate {
+    private config;
+    constructor(config: Gates);
+    run(context: GateContext): Promise<Failure[]>;
+    private discoverContracts;
+}

package/dist/gates/environment.js

@@ -0,0 +1,73 @@
+import { Gate } from './base.js';
+import { execa } from 'execa';
+import semver from 'semver';
+import fs from 'fs-extra';
+import path from 'path';
+export class EnvironmentGate extends Gate {
+    config;
+    constructor(config) {
+        super('environment-alignment', 'Environment & Tooling Alignment');
+        this.config = config;
+    }
+    async run(context) {
+        const failures = [];
+        const envConfig = this.config.environment;
+        if (!envConfig || !envConfig.enabled)
+            return [];
+        const contracts = envConfig.enforce_contracts ? await this.discoverContracts(context.cwd) : {};
+        const toolsToCheck = { ...contracts, ...(envConfig.tools || {}) };
+        // 1. Verify Tool Versions
+        for (const [tool, range] of Object.entries(toolsToCheck)) {
+            // Ensure range is a string
+            const semverRange = String(range);
+            try {
+                const { stdout } = await execa(tool, ['--version'], { shell: true });
+                const versionMatch = stdout.match(/(\d+\.\d+\.\d+)/);
+                if (versionMatch) {
+                    const version = versionMatch[1];
+                    if (!semver.satisfies(version, semverRange)) {
+                        failures.push(this.createFailure(`Environment Alignment: Tool '${tool}' version mismatch.`, [], `Project requires '${tool} ${semverRange}' (discovered from contract), but found version '${version}'. Please align your local environment to prevent drift.`));
+                    }
+                }
+                else {
+                    failures.push(this.createFailure(`Environment Alignment: Could not determine version for '${tool}'.`, [], `Ensure '${tool} --version' returns a standard SemVer string.`));
+                }
+            }
+            catch (e) {
+                failures.push(this.createFailure(`Environment Alignment: Required tool '${tool}' is missing.`, [], `Install '${tool}' and ensure it is in your $PATH.`));
+            }
+        }
+        // 2. Verify Required Env Vars
+        const requiredEnv = envConfig.required_env || [];
+        for (const envVar of requiredEnv) {
+            if (!process.env[envVar]) {
+                failures.push(this.createFailure(`Environment Alignment: Missing required environment variable '${envVar}'.`, [], `Ensure '${envVar}' is defined in your environment or .env file.`));
+            }
+        }
+        return failures;
+    }
+    async discoverContracts(cwd) {
+        const contracts = {};
+        // 1. Scan pyproject.toml (for ruff, mypy)
+        const pyprojectPath = path.join(cwd, 'pyproject.toml');
+        if (await fs.pathExists(pyprojectPath)) {
+            const content = await fs.readFile(pyprojectPath, 'utf-8');
+            // SME Logic: Look for ruff and mypy version constraints
+            // Handle both ruff = "^0.14.0" and ruff = { version = "^0.14.0" }
+            const ruffMatch = content.match(/ruff\s*=\s*(?:['"]([^'"]+)['"]|\{\s*version\s*=\s*['"]([^'"]+)['"]\s*\})/);
+            if (ruffMatch)
+                contracts['ruff'] = ruffMatch[1] || ruffMatch[2];
+            const mypyMatch = content.match(/mypy\s*=\s*(?:['"]([^'"]+)['"]|\{\s*version\s*=\s*['"]([^'"]+)['"]\s*\})/);
+            if (mypyMatch)
+                contracts['mypy'] = mypyMatch[1] || mypyMatch[2];
+        }
+        // 2. Scan package.json (for node/npm/pnpm)
+        const pkgPath = path.join(cwd, 'package.json');
+        if (await fs.pathExists(pkgPath)) {
+            const pkg = await fs.readJson(pkgPath);
+            if (pkg.engines?.node)
+                contracts['node'] = pkg.engines.node;
+        }
+        return contracts;
+    }
+}

package/dist/gates/file.js

@@ -7,7 +7,11 @@ export class FileGate extends Gate {
         this.config = config;
     }
     async run(context) {
-        const files = await FileScanner.findFiles({ cwd: context.cwd });
+        const files = await FileScanner.findFiles({
+            cwd: context.cwd,
+            ignore: context.ignore,
+            patterns: context.patterns
+        });
         const contents = await FileScanner.readFiles(context.cwd, files);
         const violations = [];
         for (const [file, content] of contents) {

package/dist/gates/runner.d.ts

@@ -9,5 +9,5 @@ export declare class GateRunner {
      * Allows adding custom gates dynamically (SOLID - Open/Closed Principle)
      */
     addGate(gate: Gate): void;
-    run(cwd: string): Promise<Report>;
+    run(cwd: string, patterns?: string[]): Promise<Report>;
 }

package/dist/gates/runner.js

@@ -5,6 +5,9 @@ import { ASTGate } from './ast.js';
 import { SafetyGate } from './safety.js';
 import { DependencyGate } from './dependency.js';
 import { CoverageGate } from './coverage.js';
+import { ContextGate } from './context.js';
+import { ContextEngine } from '../services/context-engine.js';
+import { EnvironmentGate } from './environment.js'; // [NEW]
 import { execa } from 'execa';
 import { Logger } from '../utils/logger.js';
 export class GateRunner {
@@ -29,6 +32,13 @@ export class GateRunner {
         this.gates.push(new DependencyGate(this.config));
         this.gates.push(new SafetyGate(this.config.gates));
         this.gates.push(new CoverageGate(this.config.gates));
+        if (this.config.gates.context?.enabled) {
+            this.gates.push(new ContextGate(this.config.gates));
+        }
+        // Environment Alignment Gate (Should be prioritized)
+        if (this.config.gates.environment?.enabled) {
+            this.gates.unshift(new EnvironmentGate(this.config.gates));
+        }
     }
     /**
      * Allows adding custom gates dynamically (SOLID - Open/Closed Principle)
@@ -36,14 +46,21 @@ export class GateRunner {
     addGate(gate) {
         this.gates.push(gate);
     }
-    async run(cwd) {
+    async run(cwd, patterns) {
         const start = Date.now();
         const failures = [];
         const summary = {};
+        const ignore = this.config.ignore;
+        // 0. Run Context Discovery
+        let record;
+        if (this.config.gates.context?.enabled) {
+            const engine = new ContextEngine(this.config);
+            record = await engine.discover(cwd);
+        }
         // 1. Run internal gates
         for (const gate of this.gates) {
             try {
-                const gateFailures = await gate.run({ cwd });
+                const gateFailures = await gate.run({ cwd, record, ignore, patterns });
                 if (gateFailures.length > 0) {
                     failures.push(...gateFailures);
                     summary[gate.id] = 'FAIL';

package/dist/gates/safety.js

@@ -17,11 +17,17 @@ export class SafetyGate extends Gate {
             // This is a "Safety Rail" - if an agent touched these, we fail.
             const { stdout } = await execa('git', ['status', '--porcelain'], { cwd: context.cwd });
             const modifiedFiles = stdout.split('\n')
-                .filter(line => line.trim().length > 0)
-                .map(line => line.slice(3));
+                .filter(line => {
+                const status = line.slice(0, 2);
+                // M: Modified, A: Added (staged), D: Deleted, R: Renamed
+                // We ignore ?? (Untracked) to allow rigour init and new doc creation
+                return /M|A|D|R/.test(status);
+            })
+                .map(line => line.slice(3).trim());
             for (const file of modifiedFiles) {
                 if (this.isProtected(file, protectedPaths)) {
-                    failures.push(this.createFailure(`Protected file '${file}' was modified.`, [file], `Agents are forbidden from modifying files in ${protectedPaths.join(', ')}.`));
+                    const message = `Protected file '${file}' was modified.`;
+                    failures.push(this.createFailure(message, [file], `Agents are forbidden from modifying files in ${protectedPaths.join(', ')}.`, message));
                 }
             }
         }

package/dist/safety.test.d.ts

@@ -0,0 +1 @@
+export {};