@rigour-labs/core 2.21.2 → 3.0.0

package/src/gates/ast-handlers/typescript.ts

@@ -1,264 +0,0 @@
-import ts from 'typescript';
-import { ASTHandler, ASTHandlerContext } from './base.js';
-import { Failure } from '../../types/index.js';
-import micromatch from 'micromatch';
-import path from 'path';
-
-export class TypeScriptHandler extends ASTHandler {
-    supports(file: string): boolean {
-        return /\.(ts|js|tsx|jsx)$/.test(file);
-    }
-
-    async run(context: ASTHandlerContext): Promise<Failure[]> {
-        const failures: Failure[] = [];
-        const sourceFile = ts.createSourceFile(context.file, context.content, ts.ScriptTarget.Latest, true);
-        this.analyzeSourceFile(sourceFile, context.file, failures);
-        return failures;
-    }
-
-    private analyzeSourceFile(sourceFile: ts.SourceFile, relativePath: string, failures: Failure[]) {
-        const astConfig = this.config.ast || {};
-        const stalenessConfig = (this.config as any).staleness || {};
-        const stalenessRules = stalenessConfig.rules || {};
-        const maxComplexity = astConfig.complexity || 10;
-        const maxMethods = astConfig.max_methods || 10;
-        const maxParams = astConfig.max_params || 5;
-
-        // Limit failures per file to avoid output bloat on large files
-        const MAX_FAILURES_PER_FILE = 50;
-        const fileFailureCount: Record<string, number> = {};
-
-        const addFailure = (failure: Failure): boolean => {
-            const ruleId = failure.id;
-            fileFailureCount[ruleId] = (fileFailureCount[ruleId] || 0) + 1;
-            if (fileFailureCount[ruleId] <= MAX_FAILURES_PER_FILE) {
-                failures.push(failure);
-                return true;
-            }
-            // Add summary failure once when limit is reached
-            if (fileFailureCount[ruleId] === MAX_FAILURES_PER_FILE + 1) {
-                failures.push({
-                    id: `${ruleId}_LIMIT_EXCEEDED`,
-                    title: `More than ${MAX_FAILURES_PER_FILE} ${ruleId} violations in ${relativePath}`,
-                    details: `Truncated output: showing first ${MAX_FAILURES_PER_FILE} violations. Consider fixing the root cause.`,
-                    files: [relativePath],
-                    hint: `This file has many violations. Fix them systematically or exclude the file if it's legacy code.`
-                });
-            }
-            return false;
-        };
-
-        // Helper to check if a staleness rule is enabled
-        const isRuleEnabled = (rule: string): boolean => {
-            if (!stalenessConfig.enabled) return false;
-            return stalenessRules[rule] !== false; // Enabled by default if staleness is on
-        };
-
-        const visit = (node: ts.Node) => {
-            // === STALENESS CHECKS (Rule-based) ===
-
-            // no-var: Forbid legacy 'var' keyword
-            if (isRuleEnabled('no-var') && ts.isVariableStatement(node)) {
-                const declarationList = node.declarationList;
-                // NodeFlags: Let = 1, Const = 2, None = 0 (var)
-                if ((declarationList.flags & (ts.NodeFlags.Let | ts.NodeFlags.Const)) === 0) {
-                    const line = sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1;
-                    addFailure({
-                        id: 'STALENESS_NO_VAR',
-                        title: `Stale 'var' keyword`,
-                        details: `Use 'const' or 'let' instead of 'var' in ${relativePath}:${line}`,
-                        files: [relativePath],
-                        line,
-                        hint: `Replace 'var' with 'const' (preferred) or 'let' for modern JavaScript.`
-                    });
-                }
-            }
-
-            // no-commonjs: Forbid require() in favor of import
-            if (isRuleEnabled('no-commonjs') && ts.isCallExpression(node)) {
-                if (ts.isIdentifier(node.expression) && node.expression.text === 'require') {
-                    const line = sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1;
-                    addFailure({
-                        id: 'STALENESS_NO_COMMONJS',
-                        title: `CommonJS require()`,
-                        details: `Use ES6 'import' instead of 'require()' in ${relativePath}:${line}`,
-                        files: [relativePath],
-                        line,
-                        hint: `Replace require('module') with import module from 'module'.`
-                    });
-                }
-            }
-
-            // no-arguments: Forbid 'arguments' object (use rest params)
-            if (isRuleEnabled('no-arguments') && ts.isIdentifier(node) && node.text === 'arguments') {
-                // Check if it's actually the arguments keyword and not a variable named arguments
-                const parent = node.parent;
-                if (!ts.isVariableDeclaration(parent) && !ts.isPropertyAccessExpression(parent)) {
-                    const line = sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1;
-                    addFailure({
-                        id: 'STALENESS_NO_ARGUMENTS',
-                        title: `Legacy 'arguments' object`,
-                        details: `Use rest parameters (...args) instead of 'arguments' in ${relativePath}:${line}`,
-                        files: [relativePath],
-                        line,
-                        hint: `Replace 'arguments' with rest parameters: function(...args) { }`
-                    });
-                }
-            }
-
-            // === SECURITY CHECKS (Prototype Pollution) ===
-
-            // Check for direct __proto__ access: obj.__proto__
-            if (ts.isPropertyAccessExpression(node) && ts.isIdentifier(node.name) && node.name.text === '__proto__') {
-                const line = sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1;
-                addFailure({
-                    id: 'SECURITY_PROTOTYPE_POLLUTION',
-                    title: `Direct __proto__ access`,
-                    details: `Prototype pollution vulnerability in ${relativePath}:${line}`,
-                    files: [relativePath],
-                    line,
-                    hint: `Use Object.getPrototypeOf() or Object.setPrototypeOf() instead of __proto__.`
-                });
-            }
-
-            // Check for bracket notation __proto__ access: obj["__proto__"]
-            if (ts.isElementAccessExpression(node) && ts.isStringLiteral(node.argumentExpression)) {
-                const accessKey = node.argumentExpression.text;
-                if (accessKey === '__proto__' || accessKey === 'constructor' || accessKey === 'prototype') {
-                    const line = sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1;
-                    addFailure({
-                        id: 'SECURITY_PROTOTYPE_POLLUTION',
-                        title: `Unsafe bracket notation access to '${accessKey}'`,
-                        details: `Potential prototype pollution via bracket notation in ${relativePath}:${line}`,
-                        files: [relativePath],
-                        line,
-                        hint: `Block access to '${accessKey}' property when handling user input. Use allowlist for object keys.`
-                    });
-                }
-            }
-
-            // Check for Object.assign with user-controllable input (common prototype pollution pattern)
-            if (ts.isCallExpression(node) && ts.isPropertyAccessExpression(node.expression)) {
-                const propAccess = node.expression;
-                if (ts.isIdentifier(propAccess.expression) && propAccess.expression.text === 'Object' &&
-                    ts.isIdentifier(propAccess.name) && propAccess.name.text === 'assign') {
-                    // This is Object.assign() - warn if first arg is empty object (merge pattern)
-                    if (node.arguments.length >= 2) {
-                        const firstArg = node.arguments[0];
-                        if (ts.isObjectLiteralExpression(firstArg) && firstArg.properties.length === 0) {
-                            const line = sourceFile.getLineAndCharacterOfPosition(node.getStart()).line + 1;
-                            addFailure({
-                                id: 'SECURITY_PROTOTYPE_POLLUTION_MERGE',
-                                title: `Object.assign() merge pattern`,
-                                details: `Object.assign({}, ...) can propagate prototype pollution in ${relativePath}:${line}`,
-                                files: [relativePath],
-                                line,
-                                hint: `Validate and sanitize source objects before merging. Block __proto__ and constructor keys.`
-                            });
-                        }
-                    }
-                }
-            }
-
-            // === COMPLEXITY CHECKS ===
-
-            if (ts.isFunctionDeclaration(node) || ts.isMethodDeclaration(node) || ts.isArrowFunction(node)) {
-                const name = this.getNodeName(node);
-
-                if (node.parameters.length > maxParams) {
-                    addFailure({
-                        id: 'AST_MAX_PARAMS',
-                        title: `Function '${name}' has ${node.parameters.length} parameters (max: ${maxParams})`,
-                        details: `High parameter count detected in ${relativePath}`,
-                        files: [relativePath],
-                        hint: `Reduce number of parameters or use an options object.`
-                    });
-                }
-
-                let complexity = 1;
-                const countComplexity = (n: ts.Node) => {
-                    if (ts.isIfStatement(n) || ts.isCaseClause(n) || ts.isDefaultClause(n) ||
-                        ts.isForStatement(n) || ts.isForInStatement(n) || ts.isForOfStatement(n) ||
-                        ts.isWhileStatement(n) || ts.isDoStatement(n) || ts.isConditionalExpression(n)) {
-                        complexity++;
-                    }
-                    if (ts.isBinaryExpression(n)) {
-                        if (n.operatorToken.kind === ts.SyntaxKind.AmpersandAmpersandToken ||
-                            n.operatorToken.kind === ts.SyntaxKind.BarBarToken) {
-                            complexity++;
-                        }
-                    }
-                    ts.forEachChild(n, countComplexity);
-                };
-                ts.forEachChild(node, countComplexity);
-
-                if (complexity > maxComplexity) {
-                    addFailure({
-                        id: 'AST_COMPLEXITY',
-                        title: `Function '${name}' has cyclomatic complexity of ${complexity} (max: ${maxComplexity})`,
-                        details: `High complexity detected in ${relativePath}`,
-                        files: [relativePath],
-                        hint: `Refactor '${name}' into smaller, more focused functions.`
-                    });
-                }
-            }
-
-            if (ts.isClassDeclaration(node)) {
-                const name = node.name?.text || 'Anonymous Class';
-                const methods = node.members.filter(ts.isMethodDeclaration);
-
-                if (methods.length > maxMethods) {
-                    addFailure({
-                        id: 'AST_MAX_METHODS',
-                        title: `Class '${name}' has ${methods.length} methods (max: ${maxMethods})`,
-                        details: `God Object pattern detected in ${relativePath}`,
-                        files: [relativePath],
-                        hint: `Class '${name}' is becoming too large. Split it into smaller services.`
-                    });
-                }
-            }
-
-            if (ts.isImportDeclaration(node)) {
-                const importPath = (node.moduleSpecifier as ts.StringLiteral).text;
-                this.checkBoundary(importPath, relativePath, failures);
-            }
-
-            ts.forEachChild(node, visit);
-        };
-
-        ts.forEachChild(sourceFile, visit);
-    }
-
-    private checkBoundary(importPath: string, relativePath: string, failures: Failure[]) {
-        const boundaries = (this.config as any).architecture?.boundaries || [];
-        for (const rule of boundaries) {
-            if (micromatch.isMatch(relativePath, rule.from)) {
-                const resolved = importPath.startsWith('.')
-                    ? path.join(path.dirname(relativePath), importPath)
-                    : importPath;
-
-                if (rule.mode === 'deny' && micromatch.isMatch(resolved, rule.to)) {
-                    failures.push({
-                        id: 'ARCH_BOUNDARY',
-                        title: `Architectural Violation`,
-                        details: `'${relativePath}' is forbidden from importing '${importPath}' (denied by boundary rule).`,
-                        files: [relativePath],
-                        hint: `Remove this import to maintain architectural layering.`
-                    });
-                }
-            }
-        }
-    }
-
-    private getNodeName(node: ts.Node): string {
-        if (ts.isFunctionDeclaration(node) || ts.isMethodDeclaration(node)) {
-            return node.name?.getText() || 'anonymous';
-        }
-        if (ts.isArrowFunction(node)) {
-            const parent = node.parent;
-            if (ts.isVariableDeclaration(parent)) return parent.name.getText();
-            return 'anonymous arrow';
-        }
-        return 'unknown';
-    }
-}

package/src/gates/ast-handlers/universal.ts

@@ -1,184 +0,0 @@
-import * as _Parser from 'web-tree-sitter';
-const Parser = (_Parser as any).default || _Parser;
-import { ASTHandler, ASTHandlerContext } from './base.js';
-import { Failure } from '../../types/index.js';
-import path from 'path';
-import { fileURLToPath } from 'url';
-
-const __dirname = path.dirname(fileURLToPath(import.meta.url));
-
-interface LanguageConfig {
-    grammarPath: string;
-    extensions: string[];
-    queries: {
-        methods: string;
-        parameters: string;
-        complexity: string; // Cyclomatic
-        nesting: string;    // For Cognitive Complexity
-        securitySinks?: string;
-        resourceLeaks?: string;
-        nPlusOne?: string;
-        ecosystemBlunders?: string;
-    }
-}
-
-export class UniversalASTHandler extends ASTHandler {
-    private parser?: any;
-    private languages: Record<string, LanguageConfig> = {
-        '.go': {
-            grammarPath: '../../vendor/grammars/tree-sitter-go.wasm',
-            extensions: ['.go'],
-            queries: {
-                complexity: '(if_statement) (for_statement) (select_statement) (case_clause)',
-                nesting: '(if_statement (block . (if_statement))) (for_statement (block . (for_statement)))',
-                parameters: '(parameter_list (parameter_declaration) @param)',
-                methods: '(method_declaration) @method (function_declaration) @method',
-                securitySinks: '(call_expression function: (selector_expression field: (field_identifier) @id (#match? @id "^(Command|exec|System)$")))',
-                ecosystemBlunders: '(if_statement !condition: (binary_expression left: (identifier) @err (#eq? @err "err")))' // Missing err check
-            }
-        },
-        '.py': {
-            grammarPath: '../../vendor/grammars/tree-sitter-python.wasm',
-            extensions: ['.py'],
-            queries: {
-                complexity: '(if_statement) (for_statement) (while_statement) (with_statement)',
-                nesting: '(if_statement (block (if_statement)))',
-                parameters: '(parameters (identifier) @param)',
-                methods: '(function_definition) @method',
-                securitySinks: '(call_expression function: (identifier) @func (#match? @func "^(eval|exec|os\\.system)$"))',
-                ecosystemBlunders: '(parameters (default_parameter value: (list) @mutable))' // Mutable default
-            }
-        },
-        '.java': {
-            grammarPath: '../../vendor/grammars/tree-sitter-java.wasm',
-            extensions: ['.java'],
-            queries: {
-                complexity: '(if_statement) (for_statement) (while_statement) (switch_label)',
-                nesting: '(if_statement (block (if_statement))) (for_statement (block (for_statement)))',
-                parameters: '(formal_parameters (formal_parameter) @param)',
-                methods: '(method_declaration) @method',
-                securitySinks: '(method_declaration (modifiers (native))) @native (method_invocation name: (identifier) @name (#match? @name "^(exec|System\\.load)$"))',
-                ecosystemBlunders: '(catch_clause body: (block . ))' // Empty catch
-            }
-        },
-        '.rs': {
-            grammarPath: '../../vendor/grammars/tree-sitter-rust.wasm',
-            extensions: ['.rs'],
-            queries: {
-                complexity: '(if_expression) (for_expression) (while_expression) (loop_expression) (match_arm)',
-                nesting: '(if_expression (block (if_expression))) (for_expression (block (for_expression)))',
-                parameters: '(parameters (parameter) @param)',
-                methods: '(impl_item (function_item)) @method (function_item) @method',
-                securitySinks: '(unsafe_block) @unsafe',
-                ecosystemBlunders: '(call_expression function: (field_expression field: (field_identifier) @id (#eq? @id "unwrap")))' // .unwrap()
-            }
-        },
-        '.cs': {
-            grammarPath: '../../vendor/grammars/tree-sitter-c_sharp.wasm',
-            extensions: ['.cs'],
-            queries: {
-                complexity: '(if_statement) (for_statement) (foreach_statement) (while_statement) (switch_section)',
-                nesting: '(if_statement (block (if_statement))) (for_statement (block (for_statement)))',
-                parameters: '(parameter_list (parameter) @param)',
-                methods: '(method_declaration) @method',
-                securitySinks: '(attribute name: (identifier) @attr (#eq? @attr "DllImport")) @violation'
-            }
-        },
-        '.cpp': {
-            grammarPath: '../../vendor/grammars/tree-sitter-cpp.wasm',
-            extensions: ['.cpp', '.cc', '.cxx', '.h', '.hpp'],
-            queries: {
-                complexity: '(if_statement) (for_statement) (while_statement) (case_statement)',
-                nesting: '(if_statement (compound_statement (if_statement)))',
-                parameters: '(parameter_list (parameter_declaration) @param)',
-                methods: '(function_definition) @method',
-                securitySinks: '(call_expression function: (identifier) @name (#match? @name "^(malloc|free|system|popen)$"))'
-            }
-        }
-    };
-
-    supports(file: string): boolean {
-        const ext = path.extname(file).toLowerCase();
-        return ext in this.languages;
-    }
-
-    async run(context: ASTHandlerContext): Promise<Failure[]> {
-        const failures: Failure[] = [];
-        const ext = path.extname(context.file).toLowerCase();
-        const config = this.languages[ext];
-        if (!config) return [];
-
-        if (!this.parser) {
-            await (Parser as any).init();
-            this.parser = new (Parser as any)();
-        }
-
-        try {
-            const Lang = await Parser.Language.load(path.resolve(__dirname, config.grammarPath));
-            this.parser.setLanguage(Lang);
-            const tree = this.parser.parse(context.content);
-            const astConfig = this.config.ast || {};
-
-            // 1. Structural Methods Audit
-            const methodQuery = (Lang as any).query(config.queries.methods);
-            const methodMatches = methodQuery.matches(tree.rootNode);
-
-            for (const match of methodMatches) {
-                for (const capture of match.captures) {
-                    const node = capture.node;
-                    const name = node.childForFieldName('name')?.text || 'anonymous';
-
-                    // SME: Cognitive Complexity (Nesting depth + Cyclomatic)
-                    const nesting = (Lang as any).query(config.queries.nesting).captures(node).length;
-                    const cyclomatic = (Lang as any).query(config.queries.complexity).captures(node).length + 1;
-                    const cognitive = cyclomatic + (nesting * 2);
-
-                    if (cognitive > (astConfig.complexity || 10)) {
-                        failures.push({
-                            id: 'SME_COGNITIVE_LOAD',
-                            title: `Method '${name}' has high cognitive load (${cognitive})`,
-                            details: `Deeply nested or complex logic detected in ${context.file}.`,
-                            files: [context.file],
-                            hint: `Flatten logical branches and extract nested loops.`
-                        });
-                    }
-                }
-            }
-
-            // 2. Security Sinks
-            if (config.queries.securitySinks) {
-                const securityQuery = (Lang as any).query(config.queries.securitySinks);
-                const sinks = securityQuery.captures(tree.rootNode);
-                for (const capture of sinks) {
-                    failures.push({
-                        id: 'SME_SECURITY_SINK',
-                        title: `Unsafe function call detected: ${capture.node.text}`,
-                        details: `Potentially dangerous execution in ${context.file}.`,
-                        files: [context.file],
-                        hint: `Avoid using shell execution or eval. Use safe alternatives.`
-                    });
-                }
-            }
-
-            // 3. Ecosystem Blunders
-            if (config.queries.ecosystemBlunders) {
-                const blunderQuery = (Lang as any).query(config.queries.ecosystemBlunders);
-                const blunders = blunderQuery.captures(tree.rootNode);
-                for (const capture of blunders) {
-                    failures.push({
-                        id: 'SME_BEST_PRACTICE',
-                        title: `Ecosystem anti-pattern detected`,
-                        details: `Violation of ${ext} best practices in ${context.file}.`,
-                        files: [context.file],
-                        hint: `Review language-specific best practices (e.g., error handling or mutable defaults).`
-                    });
-                }
-            }
-
-        } catch (e) {
-            // Parser skip
-        }
-
-        return failures;
-    }
-}

package/src/gates/ast.ts

@@ -1,54 +0,0 @@
-import fs from 'fs-extra';
-import path from 'path';
-import { globby } from 'globby';
-import { Gate, GateContext } from './base.js';
-import { Failure, Gates } from '../types/index.js';
-import { ASTHandler } from './ast-handlers/base.js';
-import { TypeScriptHandler } from './ast-handlers/typescript.js';
-import { PythonHandler } from './ast-handlers/python.js';
-import { UniversalASTHandler } from './ast-handlers/universal.js';
-
-export class ASTGate extends Gate {
-    private handlers: ASTHandler[] = [];
-
-    constructor(private config: Gates) {
-        super('ast-analysis', 'AST Structural Analysis');
-        this.handlers.push(new TypeScriptHandler(config));
-        this.handlers.push(new PythonHandler(config));
-        this.handlers.push(new UniversalASTHandler(config));
-    }
-
-    async run(context: GateContext): Promise<Failure[]> {
-        const failures: Failure[] = [];
-
-        const patterns = (context.patterns || ['**/*.{ts,js,tsx,jsx,py,go,rs,cs,java,rb,c,cpp,php,swift,kt}']).map(p => p.replace(/\\/g, '/'));
-        const ignore = (context.ignore || ['**/node_modules/**', '**/dist/**', '**/build/**', '**/*.test.*', '**/*.spec.*', '**/__pycache__/**']).map(p => p.replace(/\\/g, '/'));
-        const normalizedCwd = context.cwd.replace(/\\/g, '/');
-
-        // Find all supported files
-        const files = await globby(patterns, {
-            cwd: normalizedCwd,
-            ignore: ignore,
-        });
-
-        for (const file of files) {
-            const handler = this.handlers.find(h => h.supports(file));
-            if (!handler) continue;
-
-            const fullPath = path.join(context.cwd, file);
-            try {
-                const content = await fs.readFile(fullPath, 'utf-8');
-                const gateFailures = await handler.run({
-                    cwd: context.cwd,
-                    file: file,
-                    content
-                });
-                failures.push(...gateFailures);
-            } catch (error: any) {
-                // Individual file read failures shouldn't crash the whole run
-            }
-        }
-
-        return failures;
-    }
-}

package/src/gates/base.ts

@@ -1,27 +0,0 @@
-import { GoldenRecord } from '../services/context-engine.js';
-import { Failure } from '../types/index.js';
-
-export interface GateContext {
-    cwd: string;
-    record?: GoldenRecord;
-    ignore?: string[];
-    patterns?: string[];
-}
-
-export abstract class Gate {
-    constructor(public readonly id: string, public readonly title: string) { }
-
-    abstract run(context: GateContext): Promise<Failure[]>;
-
-    protected createFailure(details: string, files?: string[], hint?: string, title?: string, line?: number, endLine?: number): Failure {
-        return {
-            id: this.id,
-            title: title || this.title,
-            details,
-            files,
-            line,
-            endLine,
-            hint,
-        };
-    }
-}

package/src/gates/checkpoint.test.ts

@@ -1,135 +0,0 @@
-import { describe, it, expect, beforeEach, afterEach } from 'vitest';
-import {
-    CheckpointGate,
-    recordCheckpoint,
-    getCheckpointSession,
-    clearCheckpointSession,
-    getOrCreateCheckpointSession,
-    completeCheckpointSession,
-    abortCheckpointSession
-} from './checkpoint.js';
-import * as fs from 'fs';
-import * as path from 'path';
-import * as os from 'os';
-
-describe('CheckpointGate', () => {
-    let testDir: string;
-
-    beforeEach(() => {
-        testDir = fs.mkdtempSync(path.join(os.tmpdir(), 'checkpoint-test-'));
-    });
-
-    afterEach(() => {
-        clearCheckpointSession(testDir);
-        fs.rmSync(testDir, { recursive: true, force: true });
-    });
-
-    describe('gate initialization', () => {
-        it('should create gate with default config', () => {
-            const gate = new CheckpointGate();
-            expect(gate.id).toBe('checkpoint');
-            expect(gate.title).toBe('Checkpoint Supervision');
-        });
-
-        it('should skip when not enabled', async () => {
-            const gate = new CheckpointGate({ enabled: false });
-            const failures = await gate.run({ cwd: testDir });
-            expect(failures).toEqual([]);
-        });
-    });
-
-    describe('session management', () => {
-        it('should create a new session', () => {
-            const session = getOrCreateCheckpointSession(testDir);
-            expect(session.sessionId).toMatch(/^chk-session-/);
-            expect(session.status).toBe('active');
-            expect(session.checkpoints).toHaveLength(0);
-        });
-
-        it('should record a checkpoint', () => {
-            const result = recordCheckpoint(
-                testDir,
-                25, // progressPct
-                ['src/api/users.ts'],
-                'Implemented user API',
-                85 // qualityScore
-            );
-
-            expect(result.continue).toBe(true);
-            expect(result.checkpoint.progressPct).toBe(25);
-            expect(result.checkpoint.qualityScore).toBe(85);
-        });
-
-        it('should persist session to disk', () => {
-            recordCheckpoint(testDir, 50, [], 'Test', 90);
-            const sessionPath = path.join(testDir, '.rigour', 'checkpoint-session.json');
-            expect(fs.existsSync(sessionPath)).toBe(true);
-        });
-
-        it('should complete session', () => {
-            getOrCreateCheckpointSession(testDir);
-            completeCheckpointSession(testDir);
-            const session = getCheckpointSession(testDir);
-            expect(session?.status).toBe('completed');
-        });
-
-        it('should abort session with reason', () => {
-            getOrCreateCheckpointSession(testDir);
-            abortCheckpointSession(testDir, 'Quality too low');
-            const session = getCheckpointSession(testDir);
-            expect(session?.status).toBe('aborted');
-            expect(session?.checkpoints[0].summary).toContain('Quality too low');
-        });
-    });
-
-    describe('quality threshold', () => {
-        it('should continue when quality above threshold', () => {
-            const result = recordCheckpoint(testDir, 50, [], 'Good work', 85);
-            expect(result.continue).toBe(true);
-            expect(result.warnings).toHaveLength(0);
-        });
-
-        it('should stop when quality below threshold', () => {
-            const result = recordCheckpoint(testDir, 50, [], 'Poor work', 70);
-            expect(result.continue).toBe(false);
-            expect(result.warnings).toContain('Quality score 70% is below threshold 80%');
-        });
-    });
-
-    describe('drift detection', () => {
-        it('should detect quality degradation', () => {
-            // Record several checkpoints with declining quality
-            recordCheckpoint(testDir, 20, [], 'Start', 95);
-            recordCheckpoint(testDir, 40, [], 'Middle', 90);
-            const result = recordCheckpoint(testDir, 60, [], 'Decline', 75);
-
-            expect(result.warnings.some(w => w.includes('Drift detected'))).toBe(true);
-        });
-
-        it('should not flag stable quality', () => {
-            recordCheckpoint(testDir, 20, [], 'Start', 85);
-            recordCheckpoint(testDir, 40, [], 'Middle', 85);
-            const result = recordCheckpoint(testDir, 60, [], 'Stable', 85);
-
-            expect(result.warnings.filter(w => w.includes('Drift'))).toHaveLength(0);
-        });
-    });
-
-    describe('gate run', () => {
-        it('should pass with healthy checkpoints', async () => {
-            const gate = new CheckpointGate({ enabled: true, quality_threshold: 80 });
-            recordCheckpoint(testDir, 50, [], 'Good work', 90);
-
-            const failures = await gate.run({ cwd: testDir });
-            expect(failures).toHaveLength(0);
-        });
-
-        it('should fail when quality below threshold', async () => {
-            const gate = new CheckpointGate({ enabled: true, quality_threshold: 80 });
-            recordCheckpoint(testDir, 50, [], 'Poor work', 70);
-
-            const failures = await gate.run({ cwd: testDir });
-            expect(failures.some(f => f.title === 'Quality Below Threshold')).toBe(true);
-        });
-    });
-});