@rigour-labs/core 2.21.2 → 3.0.0

package/src/gates/coverage.ts

@@ -1,74 +0,0 @@
-import fs from 'fs-extra';
-import path from 'path';
-import { Gate, GateContext } from './base.js';
-import { Failure, Gates } from '../types/index.js';
-import { globby } from 'globby';
-
-export class CoverageGate extends Gate {
-    constructor(private config: Gates) {
-        super('coverage-guard', 'Dynamic Coverage Guard');
-    }
-
-    async run(context: GateContext): Promise<Failure[]> {
-        const failures: Failure[] = [];
-
-        // 1. Locate coverage report (lcov.info is standard)
-        const reports = await globby(['**/lcov.info', '**/coverage-final.json'], {
-            cwd: context.cwd,
-            ignore: ['node_modules/**']
-        });
-
-        if (reports.length === 0) {
-            // If no reports found, and coverage is required, we could flag it.
-            // But for now, we'll just skip silently if not configured.
-            return [];
-        }
-
-        // 2. Parse coverage (Simplified LCOV parser for demonstration)
-        const coverageData = await this.parseLcov(path.join(context.cwd, reports[0]));
-
-        // 3. Quality Handshake: SME SME LOGIC
-        // We look for files that have high complexity but low coverage.
-        // In a real implementation, we would share data between ASTGate and CoverageGate.
-        // For this demo, we'll implement a standalone check.
-
-        for (const [file, stats] of Object.entries(coverageData)) {
-            const coverage = (stats.hit / stats.found) * 100;
-            const threshold = stats.isComplex ? 80 : 50; // SME logic: Complex files need higher coverage
-
-            if (coverage < threshold) {
-                failures.push({
-                    id: 'DYNAMIC_COVERAGE_LOW',
-                    title: `Low coverage for high-risk file: ${file}`,
-                    details: `Current coverage: ${coverage.toFixed(2)}%. Required: ${threshold}% due to structural risk.`,
-                    files: [file],
-                    hint: `Add dynamic tests to cover complex logical branches in this file.`
-                });
-            }
-        }
-
-        return failures;
-    }
-
-    private async parseLcov(reportPath: string): Promise<Record<string, { found: number, hit: number, isComplex: boolean }>> {
-        const content = await fs.readFile(reportPath, 'utf-8');
-        const results: Record<string, { found: number, hit: number, isComplex: boolean }> = {};
-        let currentFile = '';
-
-        for (const line of content.split('\n')) {
-            if (line.startsWith('SF:')) {
-                currentFile = line.substring(3);
-                results[currentFile] = { found: 0, hit: 0, isComplex: false };
-            } else if (line.startsWith('LF:')) {
-                const found = parseInt(line.substring(3));
-                results[currentFile].found = found;
-                // SME Logic: If a file has > 100 logical lines, it's considered "Complex"
-                // and triggers the higher (80%) coverage requirement.
-                if (found > 100) results[currentFile].isComplex = true;
-            } else if (line.startsWith('LH:')) {
-                results[currentFile].hit = parseInt(line.substring(3));
-            }
-        }
-        return results;
-    }
-}

package/src/gates/dependency.ts

@@ -1,108 +0,0 @@
-import fs from 'fs-extra';
-import path from 'path';
-import { Failure, Config } from '../types/index.js';
-import { Gate, GateContext } from './base.js';
-
-export class DependencyGate extends Gate {
-    constructor(private config: Config) {
-        super('dependency-guardian', 'Dependency Guardian');
-    }
-
-    async run(context: GateContext): Promise<Failure[]> {
-        const failures: Failure[] = [];
-        const forbidden = this.config.gates.dependencies?.forbid || [];
-
-        if (forbidden.length === 0) return [];
-
-        const { cwd } = context;
-
-        // 1. Scan Node.js (package.json)
-        const pkgPath = path.join(cwd, 'package.json');
-        if (await fs.pathExists(pkgPath)) {
-            try {
-                const pkg = await fs.readJson(pkgPath);
-                const allDeps = {
-                    ...(pkg.dependencies || {}),
-                    ...(pkg.devDependencies || {}),
-                    ...(pkg.peerDependencies || {}),
-                };
-
-                for (const dep of forbidden) {
-                    if (allDeps[dep]) {
-                        failures.push(this.createFailure(
-                            `The package '${dep}' is forbidden by project standards.`,
-                            ['package.json'],
-                            `Remove '${dep}' from package.json and use approved alternatives.`,
-                            'Forbidden Dependency'
-                        ));
-                    }
-                }
-            } catch (e) { }
-        }
-
-        // 2. Scan Python (requirements.txt, pyproject.toml)
-        const reqPath = path.join(cwd, 'requirements.txt');
-        if (await fs.pathExists(reqPath)) {
-            const content = await fs.readFile(reqPath, 'utf-8');
-            for (const dep of forbidden) {
-                if (new RegExp(`^${dep}([=<>! ]|$)`, 'm').test(content)) {
-                    failures.push(this.createFailure(
-                        `The Python package '${dep}' is forbidden.`,
-                        ['requirements.txt'],
-                        `Remove '${dep}' from requirements.txt.`,
-                        'Forbidden Dependency'
-                    ));
-                }
-            }
-        }
-
-        const pyprojPath = path.join(cwd, 'pyproject.toml');
-        if (await fs.pathExists(pyprojPath)) {
-            const content = await fs.readFile(pyprojPath, 'utf-8');
-            for (const dep of forbidden) {
-                if (new RegExp(`^${dep}\\s*=`, 'm').test(content)) {
-                    failures.push(this.createFailure(
-                        `The Python package '${dep}' is forbidden in pyproject.toml.`,
-                        ['pyproject.toml'],
-                        `Remove '${dep}' from pyproject.toml dependencies.`,
-                        'Forbidden Dependency'
-                    ));
-                }
-            }
-        }
-
-        // 3. Scan Go (go.mod)
-        const goModPath = path.join(cwd, 'go.mod');
-        if (await fs.pathExists(goModPath)) {
-            const content = await fs.readFile(goModPath, 'utf-8');
-            for (const dep of forbidden) {
-                if (content.includes(dep)) {
-                    failures.push(this.createFailure(
-                        `The Go module '${dep}' is forbidden.`,
-                        ['go.mod'],
-                        `Remove '${dep}' from go.mod.`,
-                        'Forbidden Dependency'
-                    ));
-                }
-            }
-        }
-
-        // 4. Scan Java (pom.xml)
-        const pomPath = path.join(cwd, 'pom.xml');
-        if (await fs.pathExists(pomPath)) {
-            const content = await fs.readFile(pomPath, 'utf-8');
-            for (const dep of forbidden) {
-                if (content.includes(`<artifactId>${dep}</artifactId>`)) {
-                    failures.push(this.createFailure(
-                        `The Java artifact '${dep}' is forbidden.`,
-                        ['pom.xml'],
-                        `Remove '${dep}' from pom.xml.`,
-                        'Forbidden Dependency'
-                    ));
-                }
-            }
-        }
-
-        return failures;
-    }
-}

package/src/gates/environment.ts

@@ -1,94 +0,0 @@
-import { Gate, GateContext } from './base.js';
-import { Failure, Gates } from '../types/index.js';
-import { execa } from 'execa';
-import semver from 'semver';
-import fs from 'fs-extra';
-import path from 'path';
-
-export class EnvironmentGate extends Gate {
-    constructor(private config: Gates) {
-        super('environment-alignment', 'Environment & Tooling Alignment');
-    }
-
-    async run(context: GateContext): Promise<Failure[]> {
-        const failures: Failure[] = [];
-        const envConfig = this.config.environment;
-        if (!envConfig || !envConfig.enabled) return [];
-
-        const contracts = envConfig.enforce_contracts ? await this.discoverContracts(context.cwd) : {};
-        const toolsToCheck = { ...contracts, ...(envConfig.tools || {}) };
-
-        // 1. Verify Tool Versions
-        for (const [tool, range] of Object.entries(toolsToCheck)) {
-            // Ensure range is a string
-            const semverRange = String(range);
-            try {
-                const { stdout } = await execa(tool, ['--version'], { shell: true });
-                const versionMatch = stdout.match(/(\d+\.\d+\.\d+)/);
-
-                if (versionMatch) {
-                    const version = versionMatch[1];
-                    if (!semver.satisfies(version, semverRange)) {
-                        failures.push(this.createFailure(
-                            `Environment Alignment: Tool '${tool}' version mismatch.`,
-                            [],
-                            `Project requires '${tool} ${semverRange}' (discovered from contract), but found version '${version}'. Please align your local environment to prevent drift.`
-                        ));
-                    }
-                } else {
-                    failures.push(this.createFailure(
-                        `Environment Alignment: Could not determine version for '${tool}'.`,
-                        [],
-                        `Ensure '${tool} --version' returns a standard SemVer string.`
-                    ));
-                }
-            } catch (e) {
-                failures.push(this.createFailure(
-                    `Environment Alignment: Required tool '${tool}' is missing.`,
-                    [],
-                    `Install '${tool}' and ensure it is in your $PATH.`
-                ));
-            }
-        }
-
-        // 2. Verify Required Env Vars
-        const requiredEnv = envConfig.required_env || [];
-        for (const envVar of requiredEnv) {
-            if (!process.env[envVar]) {
-                failures.push(this.createFailure(
-                    `Environment Alignment: Missing required environment variable '${envVar}'.`,
-                    [],
-                    `Ensure '${envVar}' is defined in your environment or .env file.`
-                ));
-            }
-        }
-
-        return failures;
-    }
-
-    private async discoverContracts(cwd: string): Promise<Record<string, string>> {
-        const contracts: Record<string, string> = {};
-
-        // 1. Scan pyproject.toml (for ruff, mypy)
-        const pyprojectPath = path.join(cwd, 'pyproject.toml');
-        if (await fs.pathExists(pyprojectPath)) {
-            const content = await fs.readFile(pyprojectPath, 'utf-8');
-            // SME Logic: Look for ruff and mypy version constraints
-            // Handle both ruff = "^0.14.0" and ruff = { version = "^0.14.0" }
-            const ruffMatch = content.match(/ruff\s*=\s*(?:['"]([^'"]+)['"]|\{\s*version\s*=\s*['"]([^'"]+)['"]\s*\})/);
-            if (ruffMatch) contracts['ruff'] = ruffMatch[1] || ruffMatch[2];
-
-            const mypyMatch = content.match(/mypy\s*=\s*(?:['"]([^'"]+)['"]|\{\s*version\s*=\s*['"]([^'"]+)['"]\s*\})/);
-            if (mypyMatch) contracts['mypy'] = mypyMatch[1] || mypyMatch[2];
-        }
-
-        // 2. Scan package.json (for node/npm/pnpm)
-        const pkgPath = path.join(cwd, 'package.json');
-        if (await fs.pathExists(pkgPath)) {
-            const pkg = await fs.readJson(pkgPath);
-            if (pkg.engines?.node) contracts['node'] = pkg.engines.node;
-        }
-
-        return contracts;
-    }
-}

package/src/gates/file.ts

@@ -1,42 +0,0 @@
-import { Gate, GateContext } from './base.js';
-import { Failure } from '../types/index.js';
-import { FileScanner } from '../utils/scanner.js';
-
-export interface FileGateConfig {
-    maxLines: number;
-}
-
-export class FileGate extends Gate {
-    constructor(private config: FileGateConfig) {
-        super('file-size', 'File Size Limit');
-    }
-
-    async run(context: GateContext): Promise<Failure[]> {
-        const files = await FileScanner.findFiles({
-            cwd: context.cwd,
-            ignore: context.ignore,
-            patterns: context.patterns
-        });
-        const contents = await FileScanner.readFiles(context.cwd, files);
-
-        const violations: string[] = [];
-        for (const [file, content] of contents) {
-            const lines = content.split('\n').length;
-            if (lines > this.config.maxLines) {
-                violations.push(`${file} (${lines} lines)`);
-            }
-        }
-
-        if (violations.length > 0) {
-            return [
-                this.createFailure(
-                    `The following files exceed the maximum limit of ${this.config.maxLines} lines:`,
-                    violations,
-                    'Break these files into smaller, more modular components to improve maintainability (SOLID - Single Responsibility Principle).'
-                ),
-            ];
-        }
-
-        return [];
-    }
-}

package/src/gates/retry-loop-breaker.ts

@@ -1,151 +0,0 @@
-import { Gate, GateContext } from './base.js';
-import { Failure, Gates } from '../types/index.js';
-import fs from 'fs-extra';
-import path from 'path';
-
-interface FailureRecord {
-    category: string;
-    count: number;
-    lastError: string;
-    lastTimestamp: string;
-}
-
-interface RigourState {
-    failureHistory: Record<string, FailureRecord>;
-}
-
-const ERROR_PATTERNS: [RegExp, string][] = [
-    [/ERR_REQUIRE_ESM|Cannot find module|MODULE_NOT_FOUND/i, 'module_resolution'],
-    [/FUNCTION_INVOCATION_FAILED|Build Failed|deploy.*fail/i, 'deployment'],
-    [/TypeError|SyntaxError|ReferenceError|compilation.*error/i, 'runtime_error'],
-    [/Connection refused|ECONNREFUSED|timeout|ETIMEDOUT/i, 'network'],
-    [/Permission denied|EACCES|EPERM/i, 'permissions'],
-    [/ENOMEM|heap out of memory|OOM/i, 'resources'],
-];
-
-/**
- * Retry Loop Breaker Gate
- * 
- * Detects when an agent is stuck in a retry loop and forces them to consult
- * official documentation before continuing. This gate is universal and works
- * with any type of failure, not just specific tools or languages.
- */
-export class RetryLoopBreakerGate extends Gate {
-    constructor(private options: Gates['retry_loop_breaker']) {
-        super('retry_loop_breaker', 'Retry Loop Breaker');
-    }
-
-    async run(context: GateContext): Promise<Failure[]> {
-        const state = await this.loadState(context.cwd);
-        const failures: Failure[] = [];
-
-        for (const [category, record] of Object.entries(state.failureHistory)) {
-            if (record.count >= (this.options?.max_retries ?? 3)) {
-                const docUrl = this.options?.doc_sources?.[category] || this.getDefaultDocUrl(category);
-                failures.push(this.createFailure(
-                    `Operation '${category}' has failed ${record.count} times consecutively. Last error: ${record.lastError}`,
-                    undefined,
-                    `STOP RETRYING. You are in a loop. Consult the official documentation: ${docUrl}. Extract the canonical solution pattern and apply it.`,
-                    `Retry Loop Detected: ${category}`
-                ));
-            }
-        }
-
-        return failures;
-    }
-
-    /**
-     * Classify an error message into a category based on patterns.
-     */
-    static classifyError(errorMessage: string): string {
-        for (const [pattern, category] of ERROR_PATTERNS) {
-            if (pattern.test(errorMessage)) {
-                return category;
-            }
-        }
-        return 'general';
-    }
-
-    /**
-     * Record a failure for retry loop detection.
-     * Call this when an operation fails.
-     */
-    static async recordFailure(cwd: string, errorMessage: string, category?: string): Promise<void> {
-        const resolvedCategory = category || this.classifyError(errorMessage);
-        const state = await this.loadStateStatic(cwd);
-
-        const existing = state.failureHistory[resolvedCategory] || {
-            category: resolvedCategory,
-            count: 0,
-            lastError: '',
-            lastTimestamp: ''
-        };
-        existing.count += 1;
-        existing.lastError = errorMessage.slice(0, 500); // Truncate for storage
-        existing.lastTimestamp = new Date().toISOString();
-        state.failureHistory[resolvedCategory] = existing;
-
-        await this.saveStateStatic(cwd, state);
-    }
-
-    /**
-     * Clear failure history for a specific category after successful resolution.
-     */
-    static async clearFailure(cwd: string, category: string): Promise<void> {
-        const state = await this.loadStateStatic(cwd);
-        delete state.failureHistory[category];
-        await this.saveStateStatic(cwd, state);
-    }
-
-    /**
-     * Clear all failure history.
-     */
-    static async clearAllFailures(cwd: string): Promise<void> {
-        const state = await this.loadStateStatic(cwd);
-        state.failureHistory = {};
-        await this.saveStateStatic(cwd, state);
-    }
-
-    /**
-     * Get the current failure state for inspection.
-     */
-    static async getState(cwd: string): Promise<RigourState> {
-        return this.loadStateStatic(cwd);
-    }
-
-    private getDefaultDocUrl(category: string): string {
-        const defaults: Record<string, string> = {
-            module_resolution: 'https://nodejs.org/api/esm.html',
-            deployment: 'Check the deployment platform\'s official documentation',
-            runtime_error: 'Check the language\'s official documentation',
-            network: 'Check network configuration and firewall rules',
-            permissions: 'Check file/directory permissions and ownership',
-            resources: 'Check system resource limits and memory allocation',
-            general: 'Consult the relevant official documentation',
-        };
-        return defaults[category] || defaults.general;
-    }
-
-    private async loadState(cwd: string): Promise<RigourState> {
-        return RetryLoopBreakerGate.loadStateStatic(cwd);
-    }
-
-    private static async loadStateStatic(cwd: string): Promise<RigourState> {
-        const statePath = path.join(cwd, '.rigour', 'state.json');
-        if (await fs.pathExists(statePath)) {
-            try {
-                const data = await fs.readJson(statePath);
-                return { failureHistory: data.failureHistory || {}, ...data };
-            } catch {
-                return { failureHistory: {} };
-            }
-        }
-        return { failureHistory: {} };
-    }
-
-    private static async saveStateStatic(cwd: string, state: RigourState): Promise<void> {
-        const statePath = path.join(cwd, '.rigour', 'state.json');
-        await fs.ensureDir(path.dirname(statePath));
-        await fs.writeJson(statePath, state, { spaces: 2 });
-    }
-}

package/src/gates/runner.ts

@@ -1,156 +0,0 @@
-import { Gate } from './base.js';
-import { Failure, Config, Report, Status } from '../types/index.js';
-import { FileGate } from './file.js';
-import { ContentGate } from './content.js';
-import { StructureGate } from './structure.js';
-import { ASTGate } from './ast.js';
-import { FileGuardGate } from './safety.js';
-import { DependencyGate } from './dependency.js';
-import { CoverageGate } from './coverage.js';
-import { ContextGate } from './context.js';
-import { ContextEngine } from '../services/context-engine.js';
-import { EnvironmentGate } from './environment.js';
-import { RetryLoopBreakerGate } from './retry-loop-breaker.js';
-import { AgentTeamGate } from './agent-team.js';
-import { CheckpointGate } from './checkpoint.js';
-import { SecurityPatternsGate } from './security-patterns.js';
-import { execa } from 'execa';
-import { Logger } from '../utils/logger.js';
-
-export class GateRunner {
-    private gates: Gate[] = [];
-
-    constructor(private config: Config) {
-        this.initializeGates();
-    }
-
-    private initializeGates() {
-        // Retry Loop Breaker Gate - HIGHEST PRIORITY (runs first)
-        if (this.config.gates.retry_loop_breaker?.enabled !== false) {
-            this.gates.push(new RetryLoopBreakerGate(this.config.gates.retry_loop_breaker));
-        }
-
-        if (this.config.gates.max_file_lines) {
-            this.gates.push(new FileGate({ maxLines: this.config.gates.max_file_lines }));
-        }
-        this.gates.push(
-            new ContentGate({
-                forbidTodos: !!this.config.gates.forbid_todos,
-                forbidFixme: !!this.config.gates.forbid_fixme,
-            })
-        );
-        if (this.config.gates.required_files) {
-            this.gates.push(new StructureGate({ requiredFiles: this.config.gates.required_files }));
-        }
-        this.gates.push(new ASTGate(this.config.gates));
-        this.gates.push(new DependencyGate(this.config));
-        this.gates.push(new FileGuardGate(this.config.gates));
-        this.gates.push(new CoverageGate(this.config.gates));
-
-        if (this.config.gates.context?.enabled) {
-            this.gates.push(new ContextGate(this.config.gates));
-        }
-
-        // Agent Team Governance Gate (for Opus 4.6 / GPT-5.3 multi-agent workflows)
-        if (this.config.gates.agent_team?.enabled) {
-            this.gates.push(new AgentTeamGate(this.config.gates.agent_team));
-        }
-
-        // Checkpoint Supervision Gate (for long-running GPT-5.3 coworking mode)
-        if (this.config.gates.checkpoint?.enabled) {
-            this.gates.push(new CheckpointGate(this.config.gates.checkpoint));
-        }
-
-        // Security Patterns Gate (code-level vulnerability detection) — enabled by default since v2.15
-        if (this.config.gates.security?.enabled !== false) {
-            this.gates.push(new SecurityPatternsGate(this.config.gates.security));
-        }
-
-        // Environment Alignment Gate (Should be prioritized)
-        if (this.config.gates.environment?.enabled) {
-            this.gates.unshift(new EnvironmentGate(this.config.gates));
-        }
-    }
-
-    /**
-     * Allows adding custom gates dynamically (SOLID - Open/Closed Principle)
-     */
-    addGate(gate: Gate) {
-        this.gates.push(gate);
-    }
-
-    async run(cwd: string, patterns?: string[]): Promise<Report> {
-        const start = Date.now();
-        const failures: Failure[] = [];
-        const summary: Record<string, Status> = {};
-
-        const ignore = this.config.ignore;
-
-        // 0. Run Context Discovery
-        let record;
-        if (this.config.gates.context?.enabled) {
-            const engine = new ContextEngine(this.config);
-            record = await engine.discover(cwd);
-        }
-
-        // 1. Run internal gates
-        for (const gate of this.gates) {
-            try {
-                const gateFailures = await gate.run({ cwd, record, ignore, patterns });
-                if (gateFailures.length > 0) {
-                    failures.push(...gateFailures);
-                    summary[gate.id] = 'FAIL';
-                } else {
-                    summary[gate.id] = 'PASS';
-                }
-            } catch (error: any) {
-                Logger.error(`Gate ${gate.id} failed with error: ${error.message}`);
-                summary[gate.id] = 'ERROR';
-                failures.push({
-                    id: gate.id,
-                    title: `Gate Error: ${gate.title}`,
-                    details: error.message,
-                    hint: 'There was an internal error running this gate. Check the logs.',
-                });
-            }
-        }
-
-        // 2. Run command gates (lint, test, etc.)
-        const commands = this.config.commands;
-        if (commands) {
-            for (const [key, cmd] of Object.entries(commands)) {
-                if (!cmd) {
-                    summary[key] = 'SKIP';
-                    continue;
-                }
-
-                try {
-                    Logger.info(`Running command gate: ${key} (${cmd})`);
-                    await execa(cmd, { shell: true, cwd });
-                    summary[key] = 'PASS';
-                } catch (error: any) {
-                    summary[key] = 'FAIL';
-                    failures.push({
-                        id: key,
-                        title: `${key.toUpperCase()} Check Failed`,
-                        details: error.stderr || error.stdout || error.message,
-                        hint: `Fix the issues reported by \`${cmd}\`. Use rigorous standards (SOLID, DRY) in your resolution.`,
-                    });
-                }
-            }
-        }
-
-        const status: Status = failures.length > 0 ? 'FAIL' : 'PASS';
-        const score = Math.max(0, 100 - (failures.length * 5)); // Basic SME scoring logic
-
-        return {
-            status,
-            summary,
-            failures,
-            stats: {
-                duration_ms: Date.now() - start,
-                score,
-            },
-        };
-    }
-}

package/src/gates/safety.ts

@@ -1,56 +0,0 @@
-import { Gate, GateContext } from './base.js';
-import { Failure, Gates } from '../types/index.js';
-import { execa } from 'execa';
-
-export class FileGuardGate extends Gate {
-    constructor(private config: Gates) {
-        super('file-guard', 'File Guard — Protected Paths');
-    }
-
-    async run(context: GateContext): Promise<Failure[]> {
-        const failures: Failure[] = [];
-        const safety = this.config.safety || {};
-        const protectedPaths = safety.protected_paths || [];
-
-        if (protectedPaths.length === 0) return [];
-
-        try {
-            // Check for modified files in protected paths using git
-            // File Guard - if an agent touched protected files, we fail.
-            const { stdout } = await execa('git', ['status', '--porcelain'], { cwd: context.cwd });
-            const modifiedFiles = stdout.split('\n')
-                .filter(line => {
-                    const status = line.slice(0, 2);
-                    // M: Modified, A: Added (staged), D: Deleted, R: Renamed
-                    // We ignore ?? (Untracked) to allow rigour init and new doc creation
-                    return /M|A|D|R/.test(status);
-                })
-                .map(line => line.slice(3).trim());
-
-            for (const file of modifiedFiles) {
-                if (this.isProtected(file, protectedPaths)) {
-                    const message = `Protected file '${file}' was modified.`;
-                    failures.push(this.createFailure(
-                        message,
-                        [file],
-                        `Agents are forbidden from modifying files in ${protectedPaths.join(', ')}.`,
-                        message
-                    ));
-                }
-            }
-        } catch (error) {
-            // If not a git repo, skip safety for now
-        }
-
-        return failures;
-    }
-
-    private isProtected(file: string, patterns: string[]): boolean {
-        return patterns.some(p => {
-            const cleanP = p.replace('/**', '').replace('/*', '');
-            if (file === cleanP) return true;
-            if (cleanP.endsWith('/')) return file.startsWith(cleanP);
-            return file.startsWith(cleanP + '/');
-        });
-    }
-}