@rigour-labs/core 2.21.1 → 2.22.0

package/dist/gates/hallucinated-imports.js

@@ -0,0 +1,292 @@
+/**
+ * Hallucinated Imports Gate
+ *
+ * Detects imports that reference modules which don't exist in the project.
+ * This is an AI-specific failure mode — LLMs confidently generate import
+ * statements for packages, files, or modules that were never installed
+ * or created.
+ *
+ * Detection strategy:
+ * 1. Parse all import/require statements
+ * 2. For relative imports: verify the target file exists
+ * 3. For package imports: verify the package exists in node_modules or package.json
+ * 4. For Python imports: verify the module exists in the project or site-packages
+ *
+ * @since v2.16.0
+ */
+import { Gate } from './base.js';
+import { FileScanner } from '../utils/scanner.js';
+import { Logger } from '../utils/logger.js';
+import fs from 'fs-extra';
+import path from 'path';
+export class HallucinatedImportsGate extends Gate {
+    config;
+    constructor(config = {}) {
+        super('hallucinated-imports', 'Hallucinated Import Detection');
+        this.config = {
+            enabled: config.enabled ?? true,
+            check_relative: config.check_relative ?? true,
+            check_packages: config.check_packages ?? true,
+            ignore_patterns: config.ignore_patterns ?? [
+                '\\.css$', '\\.scss$', '\\.less$', '\\.svg$', '\\.png$', '\\.jpg$',
+                '\\.json$', '\\.wasm$', '\\.graphql$', '\\.gql$',
+            ],
+        };
+    }
+    async run(context) {
+        if (!this.config.enabled)
+            return [];
+        const failures = [];
+        const hallucinated = [];
+        const files = await FileScanner.findFiles({
+            cwd: context.cwd,
+            patterns: ['**/*.{ts,js,tsx,jsx,py}'],
+            ignore: [...(context.ignore || []), '**/node_modules/**', '**/dist/**', '**/build/**', '**/.venv/**'],
+        });
+        Logger.info(`Hallucinated Imports: Scanning ${files.length} files`);
+        // Build lookup sets for fast resolution
+        const projectFiles = new Set(files.map(f => f.replace(/\\/g, '/')));
+        const packageJson = await this.loadPackageJson(context.cwd);
+        const allDeps = new Set([
+            ...Object.keys(packageJson?.dependencies || {}),
+            ...Object.keys(packageJson?.devDependencies || {}),
+            ...Object.keys(packageJson?.peerDependencies || {}),
+        ]);
+        // Check if node_modules exists (for package verification)
+        const hasNodeModules = await fs.pathExists(path.join(context.cwd, 'node_modules'));
+        for (const file of files) {
+            try {
+                const fullPath = path.join(context.cwd, file);
+                const content = await fs.readFile(fullPath, 'utf-8');
+                const ext = path.extname(file);
+                if (['.ts', '.js', '.tsx', '.jsx'].includes(ext)) {
+                    await this.checkJSImports(content, file, context.cwd, projectFiles, allDeps, hasNodeModules, hallucinated);
+                }
+                else if (ext === '.py') {
+                    await this.checkPyImports(content, file, context.cwd, projectFiles, hallucinated);
+                }
+            }
+            catch (e) { }
+        }
+        // Group hallucinated imports by file for cleaner output
+        const byFile = new Map();
+        for (const h of hallucinated) {
+            const existing = byFile.get(h.file) || [];
+            existing.push(h);
+            byFile.set(h.file, existing);
+        }
+        for (const [file, imports] of byFile) {
+            const details = imports.map(i => `  L${i.line}: import '${i.importPath}' — ${i.reason}`).join('\n');
+            failures.push(this.createFailure(`Hallucinated imports in ${file}:\n${details}`, [file], `These imports reference modules that don't exist. Remove or replace with real modules. AI models often "hallucinate" package names or file paths.`, 'Hallucinated Imports', imports[0].line, undefined, 'critical'));
+        }
+        return failures;
+    }
+    async checkJSImports(content, file, cwd, projectFiles, allDeps, hasNodeModules, hallucinated) {
+        const lines = content.split('\n');
+        // Match: import ... from '...', require('...'), import('...')
+        const importPatterns = [
+            /import\s+(?:{[^}]*}|\*\s+as\s+\w+|\w+(?:\s*,\s*{[^}]*})?)\s+from\s+['"]([^'"]+)['"]/g,
+            /require\s*\(\s*['"]([^'"]+)['"]\s*\)/g,
+            /import\s*\(\s*['"]([^'"]+)['"]\s*\)/g,
+            /export\s+(?:{[^}]*}|\*)\s+from\s+['"]([^'"]+)['"]/g,
+        ];
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            for (const pattern of importPatterns) {
+                pattern.lastIndex = 0;
+                let match;
+                while ((match = pattern.exec(line)) !== null) {
+                    const importPath = match[1];
+                    // Skip ignored patterns (assets, etc.)
+                    if (this.shouldIgnore(importPath))
+                        continue;
+                    if (importPath.startsWith('.')) {
+                        // Relative import — check file exists
+                        if (this.config.check_relative) {
+                            const resolved = this.resolveRelativeImport(file, importPath, projectFiles);
+                            if (!resolved) {
+                                hallucinated.push({
+                                    file, line: i + 1, importPath, type: 'relative',
+                                    reason: `File not found: ${importPath}`,
+                                });
+                            }
+                        }
+                    }
+                    else {
+                        // Package import — check it exists
+                        if (this.config.check_packages) {
+                            const pkgName = this.extractPackageName(importPath);
+                            // Skip Node.js built-ins
+                            if (this.isNodeBuiltin(pkgName))
+                                continue;
+                            if (!allDeps.has(pkgName)) {
+                                // Double-check node_modules if available
+                                if (hasNodeModules) {
+                                    const pkgPath = path.join(cwd, 'node_modules', pkgName);
+                                    if (await fs.pathExists(pkgPath))
+                                        continue;
+                                }
+                                hallucinated.push({
+                                    file, line: i + 1, importPath, type: 'package',
+                                    reason: `Package '${pkgName}' not in package.json dependencies`,
+                                });
+                            }
+                        }
+                    }
+                }
+            }
+        }
+    }
+    async checkPyImports(content, file, cwd, projectFiles, hallucinated) {
+        const lines = content.split('\n');
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i].trim();
+            // Match: from X import Y, import X
+            const fromMatch = line.match(/^from\s+([\w.]+)\s+import/);
+            const importMatch = line.match(/^import\s+([\w.]+)/);
+            const modulePath = fromMatch?.[1] || importMatch?.[1];
+            if (!modulePath)
+                continue;
+            // Skip standard library modules
+            if (this.isPythonStdlib(modulePath))
+                continue;
+            // Check if it's a relative project import
+            if (modulePath.startsWith('.')) {
+                // Relative Python import
+                const pyFile = modulePath.replace(/\./g, '/') + '.py';
+                const pyInit = modulePath.replace(/\./g, '/') + '/__init__.py';
+                const fileDir = path.dirname(file);
+                const resolved1 = path.join(fileDir, pyFile).replace(/\\/g, '/');
+                const resolved2 = path.join(fileDir, pyInit).replace(/\\/g, '/');
+                if (!projectFiles.has(resolved1) && !projectFiles.has(resolved2)) {
+                    hallucinated.push({
+                        file, line: i + 1, importPath: modulePath, type: 'python',
+                        reason: `Relative module '${modulePath}' not found in project`,
+                    });
+                }
+            }
+            else {
+                // Absolute import — check if it's a project module
+                const topLevel = modulePath.split('.')[0];
+                const pyFile = topLevel + '.py';
+                const pyInit = topLevel + '/__init__.py';
+                // If it matches a project file, it's a local import — verify it exists
+                const isLocalModule = projectFiles.has(pyFile) || projectFiles.has(pyInit) ||
+                    [...projectFiles].some(f => f.startsWith(topLevel + '/'));
+                // If not local and not stdlib, we can't easily verify pip packages
+                // without a requirements.txt or pyproject.toml check
+                if (isLocalModule) {
+                    // It's referencing a local module — verify the full path
+                    const fullModulePath = modulePath.replace(/\./g, '/');
+                    const candidates = [
+                        fullModulePath + '.py',
+                        fullModulePath + '/__init__.py',
+                    ];
+                    const exists = candidates.some(c => projectFiles.has(c));
+                    if (!exists && modulePath.includes('.')) {
+                        // Only flag deep module paths that partially resolve
+                        hallucinated.push({
+                            file, line: i + 1, importPath: modulePath, type: 'python',
+                            reason: `Module '${modulePath}' partially resolves but target not found`,
+                        });
+                    }
+                }
+            }
+        }
+    }
+    resolveRelativeImport(fromFile, importPath, projectFiles) {
+        const dir = path.dirname(fromFile);
+        const resolved = path.join(dir, importPath).replace(/\\/g, '/');
+        // Try exact match, then common extensions
+        const extensions = ['', '.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs'];
+        const indexFiles = extensions.map(ext => `${resolved}/index${ext}`);
+        const candidates = [
+            ...extensions.map(ext => resolved + ext),
+            ...indexFiles,
+        ];
+        return candidates.some(c => projectFiles.has(c));
+    }
+    extractPackageName(importPath) {
+        // Scoped packages: @scope/package/... → @scope/package
+        if (importPath.startsWith('@')) {
+            const parts = importPath.split('/');
+            return parts.length >= 2 ? `${parts[0]}/${parts[1]}` : importPath;
+        }
+        // Regular packages: package/... → package
+        return importPath.split('/')[0];
+    }
+    shouldIgnore(importPath) {
+        return this.config.ignore_patterns.some(pattern => new RegExp(pattern).test(importPath));
+    }
+    isNodeBuiltin(name) {
+        const builtins = new Set([
+            'assert', 'buffer', 'child_process', 'cluster', 'console', 'constants',
+            'crypto', 'dgram', 'dns', 'domain', 'events', 'fs', 'http', 'http2',
+            'https', 'inspector', 'module', 'net', 'os', 'path', 'perf_hooks',
+            'process', 'punycode', 'querystring', 'readline', 'repl', 'stream',
+            'string_decoder', 'sys', 'timers', 'tls', 'trace_events', 'tty',
+            'url', 'util', 'v8', 'vm', 'wasi', 'worker_threads', 'zlib',
+            'node:assert', 'node:buffer', 'node:child_process', 'node:cluster',
+            'node:console', 'node:constants', 'node:crypto', 'node:dgram',
+            'node:dns', 'node:domain', 'node:events', 'node:fs', 'node:http',
+            'node:http2', 'node:https', 'node:inspector', 'node:module', 'node:net',
+            'node:os', 'node:path', 'node:perf_hooks', 'node:process',
+            'node:punycode', 'node:querystring', 'node:readline', 'node:repl',
+            'node:stream', 'node:string_decoder', 'node:sys', 'node:timers',
+            'node:tls', 'node:trace_events', 'node:tty', 'node:url', 'node:util',
+            'node:v8', 'node:vm', 'node:wasi', 'node:worker_threads', 'node:zlib',
+            'fs-extra', // common enough to skip
+        ]);
+        return builtins.has(name) || name.startsWith('node:');
+    }
+    isPythonStdlib(modulePath) {
+        const topLevel = modulePath.split('.')[0];
+        const stdlibs = new Set([
+            'abc', 'aifc', 'argparse', 'array', 'ast', 'asyncio', 'atexit',
+            'base64', 'bdb', 'binascii', 'binhex', 'bisect', 'builtins',
+            'calendar', 'cgi', 'cgitb', 'chunk', 'cmath', 'cmd', 'code',
+            'codecs', 'codeop', 'collections', 'colorsys', 'compileall',
+            'concurrent', 'configparser', 'contextlib', 'contextvars', 'copy',
+            'copyreg', 'cProfile', 'csv', 'ctypes', 'curses', 'dataclasses',
+            'datetime', 'dbm', 'decimal', 'difflib', 'dis', 'distutils',
+            'doctest', 'email', 'encodings', 'enum', 'errno', 'faulthandler',
+            'fcntl', 'filecmp', 'fileinput', 'fnmatch', 'fractions', 'ftplib',
+            'functools', 'gc', 'getopt', 'getpass', 'gettext', 'glob', 'grp',
+            'gzip', 'hashlib', 'heapq', 'hmac', 'html', 'http', 'idlelib',
+            'imaplib', 'imghdr', 'importlib', 'inspect', 'io', 'ipaddress',
+            'itertools', 'json', 'keyword', 'lib2to3', 'linecache', 'locale',
+            'logging', 'lzma', 'mailbox', 'mailcap', 'marshal', 'math',
+            'mimetypes', 'mmap', 'modulefinder', 'multiprocessing', 'netrc',
+            'nis', 'nntplib', 'numbers', 'operator', 'optparse', 'os',
+            'ossaudiodev', 'parser', 'pathlib', 'pdb', 'pickle', 'pickletools',
+            'pipes', 'pkgutil', 'platform', 'plistlib', 'poplib', 'posix',
+            'posixpath', 'pprint', 'profile', 'pstats', 'pty', 'pwd', 'py_compile',
+            'pyclbr', 'pydoc', 'queue', 'quopri', 'random', 're', 'readline',
+            'reprlib', 'resource', 'rlcompleter', 'runpy', 'sched', 'secrets',
+            'select', 'selectors', 'shelve', 'shlex', 'shutil', 'signal',
+            'site', 'smtpd', 'smtplib', 'sndhdr', 'socket', 'socketserver',
+            'spwd', 'sqlite3', 'sre_compile', 'sre_constants', 'sre_parse',
+            'ssl', 'stat', 'statistics', 'string', 'stringprep', 'struct',
+            'subprocess', 'sunau', 'symtable', 'sys', 'sysconfig', 'syslog',
+            'tabnanny', 'tarfile', 'telnetlib', 'tempfile', 'termios', 'test',
+            'textwrap', 'threading', 'time', 'timeit', 'tkinter', 'token',
+            'tokenize', 'tomllib', 'trace', 'traceback', 'tracemalloc', 'tty',
+            'turtle', 'turtledemo', 'types', 'typing', 'unicodedata', 'unittest',
+            'urllib', 'uu', 'uuid', 'venv', 'warnings', 'wave', 'weakref',
+            'webbrowser', 'winreg', 'winsound', 'wsgiref', 'xdrlib', 'xml',
+            'xmlrpc', 'zipapp', 'zipfile', 'zipimport', 'zlib',
+            '_thread', '__future__', '__main__',
+        ]);
+        return stdlibs.has(topLevel);
+    }
+    async loadPackageJson(cwd) {
+        try {
+            const pkgPath = path.join(cwd, 'package.json');
+            if (await fs.pathExists(pkgPath)) {
+                return await fs.readJson(pkgPath);
+            }
+        }
+        catch (e) { }
+        return null;
+    }
+}

package/dist/gates/inconsistent-error-handling.d.ts

@@ -0,0 +1,38 @@
+/**
+ * Inconsistent Error Handling Gate
+ *
+ * Detects when the same error type is handled differently across the codebase.
+ * This is an AI-specific failure mode — each agent session writes error handling
+ * from scratch, leading to 4 different patterns for the same error type.
+ *
+ * Detection strategy:
+ * 1. Extract all try-catch blocks and error handling patterns
+ * 2. Cluster by caught error type (e.g. "Error", "TypeError", custom errors)
+ * 3. Compare handling strategies within each cluster
+ * 4. Flag types with >2 distinct handling patterns across files
+ *
+ * Examples of inconsistency:
+ * - File A: catch(e) { console.log(e) }
+ * - File B: catch(e) { throw new AppError(e) }
+ * - File C: catch(e) { return null }
+ * - File D: catch(e) { [empty] }
+ *
+ * @since v2.16.0
+ */
+import { Gate, GateContext } from './base.js';
+import { Failure } from '../types/index.js';
+export interface InconsistentErrorHandlingConfig {
+    enabled?: boolean;
+    max_strategies_per_type?: number;
+    min_occurrences?: number;
+    ignore_empty_catches?: boolean;
+}
+export declare class InconsistentErrorHandlingGate extends Gate {
+    private config;
+    constructor(config?: InconsistentErrorHandlingConfig);
+    run(context: GateContext): Promise<Failure[]>;
+    private extractErrorHandlers;
+    private classifyStrategy;
+    private extractCatchBody;
+    private extractCatchCallbackBody;
+}

package/dist/gates/inconsistent-error-handling.js

@@ -0,0 +1,222 @@
+/**
+ * Inconsistent Error Handling Gate
+ *
+ * Detects when the same error type is handled differently across the codebase.
+ * This is an AI-specific failure mode — each agent session writes error handling
+ * from scratch, leading to 4 different patterns for the same error type.
+ *
+ * Detection strategy:
+ * 1. Extract all try-catch blocks and error handling patterns
+ * 2. Cluster by caught error type (e.g. "Error", "TypeError", custom errors)
+ * 3. Compare handling strategies within each cluster
+ * 4. Flag types with >2 distinct handling patterns across files
+ *
+ * Examples of inconsistency:
+ * - File A: catch(e) { console.log(e) }
+ * - File B: catch(e) { throw new AppError(e) }
+ * - File C: catch(e) { return null }
+ * - File D: catch(e) { [empty] }
+ *
+ * @since v2.16.0
+ */
+import { Gate } from './base.js';
+import { FileScanner } from '../utils/scanner.js';
+import { Logger } from '../utils/logger.js';
+import fs from 'fs-extra';
+import path from 'path';
+export class InconsistentErrorHandlingGate extends Gate {
+    config;
+    constructor(config = {}) {
+        super('inconsistent-error-handling', 'Inconsistent Error Handling Detection');
+        this.config = {
+            enabled: config.enabled ?? true,
+            max_strategies_per_type: config.max_strategies_per_type ?? 2,
+            min_occurrences: config.min_occurrences ?? 3,
+            ignore_empty_catches: config.ignore_empty_catches ?? false,
+        };
+    }
+    async run(context) {
+        if (!this.config.enabled)
+            return [];
+        const failures = [];
+        const handlers = [];
+        const files = await FileScanner.findFiles({
+            cwd: context.cwd,
+            patterns: ['**/*.{ts,js,tsx,jsx}'],
+            ignore: [...(context.ignore || []), '**/node_modules/**', '**/dist/**', '**/*.test.*', '**/*.spec.*'],
+        });
+        Logger.info(`Inconsistent Error Handling: Scanning ${files.length} files`);
+        for (const file of files) {
+            try {
+                const content = await fs.readFile(path.join(context.cwd, file), 'utf-8');
+                this.extractErrorHandlers(content, file, handlers);
+            }
+            catch (e) { }
+        }
+        // Group by error type
+        const byType = new Map();
+        for (const handler of handlers) {
+            const existing = byType.get(handler.errorType) || [];
+            existing.push(handler);
+            byType.set(handler.errorType, existing);
+        }
+        // Analyze each error type for inconsistent handling
+        for (const [errorType, typeHandlers] of byType) {
+            if (typeHandlers.length < this.config.min_occurrences)
+                continue;
+            // Count unique strategies
+            const strategies = new Map();
+            for (const handler of typeHandlers) {
+                const existing = strategies.get(handler.strategy) || [];
+                existing.push(handler);
+                strategies.set(handler.strategy, existing);
+            }
+            // Filter out empty catches if configured
+            const activeStrategies = this.config.ignore_empty_catches
+                ? new Map([...strategies].filter(([k]) => k !== 'swallow'))
+                : strategies;
+            if (activeStrategies.size > this.config.max_strategies_per_type) {
+                // Only flag if handlers span multiple files
+                const uniqueFiles = new Set(typeHandlers.map(h => h.file));
+                if (uniqueFiles.size < 2)
+                    continue;
+                const strategyBreakdown = [...activeStrategies.entries()]
+                    .map(([strategy, handlers]) => {
+                    const files = [...new Set(handlers.map(h => h.file))].slice(0, 3);
+                    return `  • ${strategy} (${handlers.length}x): ${files.join(', ')}`;
+                })
+                    .join('\n');
+                failures.push(this.createFailure(`Inconsistent error handling for '${errorType}': ${activeStrategies.size} different strategies found across ${uniqueFiles.size} files:\n${strategyBreakdown}`, [...uniqueFiles].slice(0, 5), `Standardize error handling for '${errorType}'. Create a shared error handler or establish a project convention. AI agents often write error handling from scratch each session, leading to divergent patterns.`, 'Inconsistent Error Handling', typeHandlers[0].line, undefined, 'high'));
+            }
+        }
+        return failures;
+    }
+    extractErrorHandlers(content, file, handlers) {
+        const lines = content.split('\n');
+        for (let i = 0; i < lines.length; i++) {
+            // Match catch clauses: catch (e), catch (error: Error), catch (e: TypeError)
+            const catchMatch = lines[i].match(/\bcatch\s*\(\s*(\w+)(?:\s*:\s*(\w+))?\s*\)/);
+            if (!catchMatch)
+                continue;
+            const varName = catchMatch[1];
+            const explicitType = catchMatch[2] || 'any';
+            // Extract catch body (up to next closing brace at same level)
+            const body = this.extractCatchBody(lines, i);
+            if (!body)
+                continue;
+            const strategy = this.classifyStrategy(body, varName);
+            const rawPattern = body.split('\n')[0]?.trim() || '';
+            handlers.push({
+                file,
+                line: i + 1,
+                errorType: explicitType,
+                strategy,
+                rawPattern,
+            });
+        }
+        // Also detect .catch() promise patterns
+        for (let i = 0; i < lines.length; i++) {
+            const catchMatch = lines[i].match(/\.catch\s*\(\s*(?:async\s+)?(?:\(\s*)?(\w+)/);
+            if (!catchMatch)
+                continue;
+            const varName = catchMatch[1];
+            // Extract the callback body
+            const body = this.extractCatchCallbackBody(lines, i);
+            if (!body)
+                continue;
+            const strategy = this.classifyStrategy(body, varName);
+            handlers.push({
+                file,
+                line: i + 1,
+                errorType: 'Promise',
+                strategy,
+                rawPattern: body.split('\n')[0]?.trim() || '',
+            });
+        }
+    }
+    classifyStrategy(body, varName) {
+        const trimmed = body.trim();
+        // Empty catch (swallow)
+        if (!trimmed || trimmed === '{}' || trimmed === '') {
+            return 'swallow';
+        }
+        // Re-throw
+        if (/\bthrow\b/.test(trimmed)) {
+            if (/\bthrow\s+new\b/.test(trimmed))
+                return 'wrap-and-throw';
+            if (new RegExp(`\\bthrow\\s+${varName}\\b`).test(trimmed))
+                return 'rethrow';
+            return 'throw-new';
+        }
+        // Return patterns
+        if (/\breturn\s+null\b/.test(trimmed))
+            return 'return-null';
+        if (/\breturn\s+undefined\b/.test(trimmed) || /\breturn\s*;/.test(trimmed))
+            return 'return-undefined';
+        if (/\breturn\s+\[\s*\]/.test(trimmed))
+            return 'return-empty-array';
+        if (/\breturn\s+\{\s*\}/.test(trimmed))
+            return 'return-empty-object';
+        if (/\breturn\s+false\b/.test(trimmed))
+            return 'return-false';
+        if (/\breturn\s+/.test(trimmed))
+            return 'return-value';
+        // Logging patterns
+        if (/console\.(error|warn)\b/.test(trimmed))
+            return 'log-error';
+        if (/console\.log\b/.test(trimmed))
+            return 'log-info';
+        if (/\blogger\b/i.test(trimmed) || /\blog\b/i.test(trimmed))
+            return 'log-custom';
+        // Process.exit
+        if (/process\.exit\b/.test(trimmed))
+            return 'exit';
+        // Response patterns (Express/HTTP)
+        if (/\bres\s*\.\s*status\b/.test(trimmed) || /\bres\s*\.\s*json\b/.test(trimmed))
+            return 'http-response';
+        // Notification patterns
+        if (/\bnotif|toast|alert|modal\b/i.test(trimmed))
+            return 'user-notification';
+        return 'other';
+    }
+    extractCatchBody(lines, catchLine) {
+        let braceDepth = 0;
+        let started = false;
+        const body = [];
+        for (let i = catchLine; i < lines.length; i++) {
+            for (const ch of lines[i]) {
+                if (ch === '{') {
+                    braceDepth++;
+                    started = true;
+                }
+                if (ch === '}')
+                    braceDepth--;
+            }
+            if (started && i > catchLine)
+                body.push(lines[i]);
+            if (started && braceDepth === 0)
+                break;
+        }
+        return body.length > 0 ? body.join('\n') : null;
+    }
+    extractCatchCallbackBody(lines, startLine) {
+        let depth = 0;
+        let started = false;
+        const body = [];
+        for (let i = startLine; i < Math.min(startLine + 20, lines.length); i++) {
+            for (const ch of lines[i]) {
+                if (ch === '{' || ch === '(') {
+                    depth++;
+                    started = true;
+                }
+                if (ch === '}' || ch === ')')
+                    depth--;
+            }
+            if (started && i > startLine)
+                body.push(lines[i]);
+            if (started && depth <= 0)
+                break;
+        }
+        return body.length > 0 ? body.join('\n') : null;
+    }
+}

package/dist/gates/runner.js

@@ -1,3 +1,4 @@
+import { SEVERITY_WEIGHTS } from '../types/index.js';
 import { FileGate } from './file.js';
 import { ContentGate } from './content.js';
 import { StructureGate } from './structure.js';
@@ -12,6 +13,10 @@ import { RetryLoopBreakerGate } from './retry-loop-breaker.js';
 import { AgentTeamGate } from './agent-team.js';
 import { CheckpointGate } from './checkpoint.js';
 import { SecurityPatternsGate } from './security-patterns.js';
+import { DuplicationDriftGate } from './duplication-drift.js';
+import { HallucinatedImportsGate } from './hallucinated-imports.js';
+import { InconsistentErrorHandlingGate } from './inconsistent-error-handling.js';
+import { ContextWindowArtifactsGate } from './context-window-artifacts.js';
 import { execa } from 'execa';
 import { Logger } from '../utils/logger.js';
 export class GateRunner {
@@ -55,6 +60,19 @@ export class GateRunner {
         if (this.config.gates.security?.enabled !== false) {
             this.gates.push(new SecurityPatternsGate(this.config.gates.security));
         }
+        // v2.16+ AI-Native Drift Detection Gates (enabled by default)
+        if (this.config.gates.duplication_drift?.enabled !== false) {
+            this.gates.push(new DuplicationDriftGate(this.config.gates.duplication_drift));
+        }
+        if (this.config.gates.hallucinated_imports?.enabled !== false) {
+            this.gates.push(new HallucinatedImportsGate(this.config.gates.hallucinated_imports));
+        }
+        if (this.config.gates.inconsistent_error_handling?.enabled !== false) {
+            this.gates.push(new InconsistentErrorHandlingGate(this.config.gates.inconsistent_error_handling));
+        }
+        if (this.config.gates.context_window_artifacts?.enabled !== false) {
+            this.gates.push(new ContextWindowArtifactsGate(this.config.gates.context_window_artifacts));
+        }
         // Environment Alignment Gate (Should be prioritized)
         if (this.config.gates.environment?.enabled) {
             this.gates.unshift(new EnvironmentGate(this.config.gates));
@@ -125,7 +143,16 @@ export class GateRunner {
             }
         }
         const status = failures.length > 0 ? 'FAIL' : 'PASS';
-        const score = Math.max(0, 100 - (failures.length * 5)); // Basic SME scoring logic
+        // Severity-weighted scoring: each failure deducts based on its severity
+        // critical=20, high=10, medium=5, low=2, info=0
+        const severityBreakdown = {};
+        let totalDeduction = 0;
+        for (const f of failures) {
+            const sev = (f.severity || 'medium');
+            severityBreakdown[sev] = (severityBreakdown[sev] || 0) + 1;
+            totalDeduction += SEVERITY_WEIGHTS[sev] ?? 5;
+        }
+        const score = Math.max(0, 100 - totalDeduction);
         return {
             status,
             summary,
@@ -133,6 +160,7 @@ export class GateRunner {
             stats: {
                 duration_ms: Date.now() - start,
                 score,
+                severity_breakdown: severityBreakdown,
             },
         };
     }

package/dist/gates/security-patterns.js

@@ -186,7 +186,7 @@ export class SecurityPatternsGate extends Gate {
         const blockThreshold = this.severityOrder[this.config.block_on_severity ?? 'high'];
         for (const vuln of filteredVulns) {
             if (this.severityOrder[vuln.severity] <= blockThreshold) {
-                failures.push(this.createFailure(`[${vuln.cwe}] ${vuln.description}`, [vuln.file], `Found: "${vuln.match.slice(0, 60)}..." - Use parameterized queries/sanitization.`, `Security: ${vuln.type.replace('_', ' ').toUpperCase()}`, vuln.line, vuln.line));
+                failures.push(this.createFailure(`[${vuln.cwe}] ${vuln.description}`, [vuln.file], `Found: "${vuln.match.slice(0, 60)}..." - Use parameterized queries/sanitization.`, `Security: ${vuln.type.replace('_', ' ').toUpperCase()}`, vuln.line, vuln.line, vuln.severity));
             }
         }
         if (filteredVulns.length > 0 && failures.length === 0) {

package/dist/pattern-index/indexer.js

@@ -89,7 +89,8 @@ export class PatternIndexer {
         }
         // Generate embeddings in parallel batches if enabled
         if (this.config.useEmbeddings && patterns.length > 0) {
-            console.log(`Generating embeddings for ${patterns.length} patterns...`);
+            // Use stderr to avoid contaminating JSON output on stdout
+            process.stderr.write(`Generating embeddings for ${patterns.length} patterns...\n`);
             for (let i = 0; i < patterns.length; i += BATCH_SIZE) {
                 const batch = patterns.slice(i, i + BATCH_SIZE);
                 await Promise.all(batch.map(async (pattern) => {

package/dist/templates/index.js

@@ -286,6 +286,32 @@ export const UNIVERSAL_CONFIG = {
                 'prefer-const': false,
             },
         },
+        duplication_drift: {
+            enabled: true,
+            similarity_threshold: 0.8,
+            min_body_lines: 5,
+        },
+        hallucinated_imports: {
+            enabled: true,
+            check_relative: true,
+            check_packages: true,
+            ignore_patterns: [
+                '\\.css$', '\\.scss$', '\\.less$', '\\.svg$', '\\.png$', '\\.jpg$',
+                '\\.json$', '\\.wasm$', '\\.graphql$', '\\.gql$',
+            ],
+        },
+        inconsistent_error_handling: {
+            enabled: true,
+            max_strategies_per_type: 2,
+            min_occurrences: 3,
+            ignore_empty_catches: false,
+        },
+        context_window_artifacts: {
+            enabled: true,
+            min_file_lines: 100,
+            degradation_threshold: 0.4,
+            signals_required: 2,
+        },
     },
     output: {
         report_path: 'rigour-report.json',