@rigour-labs/core 2.21.2 → 3.0.0

package/dist/gates/hallucinated-imports.js

@@ -0,0 +1,406 @@
+/**
+ * Hallucinated Imports Gate
+ *
+ * Detects imports that reference modules which don't exist in the project.
+ * This is an AI-specific failure mode — LLMs confidently generate import
+ * statements for packages, files, or modules that were never installed
+ * or created.
+ *
+ * Detection strategy:
+ * 1. Parse all import/require statements
+ * 2. For relative imports: verify the target file exists
+ * 3. For package imports: verify the package exists in node_modules or package.json
+ * 4. For Python imports: verify the module exists in the project or site-packages
+ * 5. For Go imports: verify relative package paths exist in the project
+ * 6. For Ruby/C#: verify relative require/using paths exist
+ *
+ * Supported languages: JS/TS, Python, Go, Ruby, C#
+ *
+ * @since v2.16.0
+ */
+import { Gate } from './base.js';
+import { FileScanner } from '../utils/scanner.js';
+import { Logger } from '../utils/logger.js';
+import fs from 'fs-extra';
+import path from 'path';
+export class HallucinatedImportsGate extends Gate {
+    config;
+    constructor(config = {}) {
+        super('hallucinated-imports', 'Hallucinated Import Detection');
+        this.config = {
+            enabled: config.enabled ?? true,
+            check_relative: config.check_relative ?? true,
+            check_packages: config.check_packages ?? true,
+            ignore_patterns: config.ignore_patterns ?? [
+                '\\.css$', '\\.scss$', '\\.less$', '\\.svg$', '\\.png$', '\\.jpg$',
+                '\\.json$', '\\.wasm$', '\\.graphql$', '\\.gql$',
+            ],
+        };
+    }
+    get provenance() { return 'ai-drift'; }
+    async run(context) {
+        if (!this.config.enabled)
+            return [];
+        const failures = [];
+        const hallucinated = [];
+        const files = await FileScanner.findFiles({
+            cwd: context.cwd,
+            patterns: ['**/*.{ts,js,tsx,jsx,py,go,rb,cs}'],
+            ignore: [...(context.ignore || []), '**/node_modules/**', '**/dist/**', '**/build/**',
+                '**/.venv/**', '**/venv/**', '**/vendor/**', '**/bin/Debug/**', '**/bin/Release/**', '**/obj/**'],
+        });
+        Logger.info(`Hallucinated Imports: Scanning ${files.length} files`);
+        // Build lookup sets for fast resolution
+        const projectFiles = new Set(files.map(f => f.replace(/\\/g, '/')));
+        const packageJson = await this.loadPackageJson(context.cwd);
+        const allDeps = new Set([
+            ...Object.keys(packageJson?.dependencies || {}),
+            ...Object.keys(packageJson?.devDependencies || {}),
+            ...Object.keys(packageJson?.peerDependencies || {}),
+        ]);
+        // Check if node_modules exists (for package verification)
+        const hasNodeModules = await fs.pathExists(path.join(context.cwd, 'node_modules'));
+        for (const file of files) {
+            try {
+                const fullPath = path.join(context.cwd, file);
+                const content = await fs.readFile(fullPath, 'utf-8');
+                const ext = path.extname(file);
+                if (['.ts', '.js', '.tsx', '.jsx'].includes(ext)) {
+                    await this.checkJSImports(content, file, context.cwd, projectFiles, allDeps, hasNodeModules, hallucinated);
+                }
+                else if (ext === '.py') {
+                    await this.checkPyImports(content, file, context.cwd, projectFiles, hallucinated);
+                }
+                else if (ext === '.go') {
+                    this.checkGoImports(content, file, context.cwd, projectFiles, hallucinated);
+                }
+                else if (ext === '.rb') {
+                    this.checkRubyImports(content, file, projectFiles, hallucinated);
+                }
+                else if (ext === '.cs') {
+                    this.checkCSharpImports(content, file, projectFiles, hallucinated);
+                }
+            }
+            catch (e) { }
+        }
+        // Group hallucinated imports by file for cleaner output
+        const byFile = new Map();
+        for (const h of hallucinated) {
+            const existing = byFile.get(h.file) || [];
+            existing.push(h);
+            byFile.set(h.file, existing);
+        }
+        for (const [file, imports] of byFile) {
+            const details = imports.map(i => `  L${i.line}: import '${i.importPath}' — ${i.reason}`).join('\n');
+            failures.push(this.createFailure(`Hallucinated imports in ${file}:\n${details}`, [file], `These imports reference modules that don't exist. Remove or replace with real modules. AI models often "hallucinate" package names or file paths.`, 'Hallucinated Imports', imports[0].line, undefined, 'critical'));
+        }
+        return failures;
+    }
+    async checkJSImports(content, file, cwd, projectFiles, allDeps, hasNodeModules, hallucinated) {
+        const lines = content.split('\n');
+        // Match: import ... from '...', require('...'), import('...')
+        const importPatterns = [
+            /import\s+(?:{[^}]*}|\*\s+as\s+\w+|\w+(?:\s*,\s*{[^}]*})?)\s+from\s+['"]([^'"]+)['"]/g,
+            /require\s*\(\s*['"]([^'"]+)['"]\s*\)/g,
+            /import\s*\(\s*['"]([^'"]+)['"]\s*\)/g,
+            /export\s+(?:{[^}]*}|\*)\s+from\s+['"]([^'"]+)['"]/g,
+        ];
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            for (const pattern of importPatterns) {
+                pattern.lastIndex = 0;
+                let match;
+                while ((match = pattern.exec(line)) !== null) {
+                    const importPath = match[1];
+                    // Skip ignored patterns (assets, etc.)
+                    if (this.shouldIgnore(importPath))
+                        continue;
+                    if (importPath.startsWith('.')) {
+                        // Relative import — check file exists
+                        if (this.config.check_relative) {
+                            const resolved = this.resolveRelativeImport(file, importPath, projectFiles);
+                            if (!resolved) {
+                                hallucinated.push({
+                                    file, line: i + 1, importPath, type: 'relative',
+                                    reason: `File not found: ${importPath}`,
+                                });
+                            }
+                        }
+                    }
+                    else {
+                        // Package import — check it exists
+                        if (this.config.check_packages) {
+                            const pkgName = this.extractPackageName(importPath);
+                            // Skip Node.js built-ins
+                            if (this.isNodeBuiltin(pkgName))
+                                continue;
+                            if (!allDeps.has(pkgName)) {
+                                // Double-check node_modules if available
+                                if (hasNodeModules) {
+                                    const pkgPath = path.join(cwd, 'node_modules', pkgName);
+                                    if (await fs.pathExists(pkgPath))
+                                        continue;
+                                }
+                                hallucinated.push({
+                                    file, line: i + 1, importPath, type: 'package',
+                                    reason: `Package '${pkgName}' not in package.json dependencies`,
+                                });
+                            }
+                        }
+                    }
+                }
+            }
+        }
+    }
+    async checkPyImports(content, file, cwd, projectFiles, hallucinated) {
+        const lines = content.split('\n');
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i].trim();
+            // Match: from X import Y, import X
+            const fromMatch = line.match(/^from\s+([\w.]+)\s+import/);
+            const importMatch = line.match(/^import\s+([\w.]+)/);
+            const modulePath = fromMatch?.[1] || importMatch?.[1];
+            if (!modulePath)
+                continue;
+            // Skip standard library modules
+            if (this.isPythonStdlib(modulePath))
+                continue;
+            // Check if it's a relative project import
+            if (modulePath.startsWith('.')) {
+                // Relative Python import
+                const pyFile = modulePath.replace(/\./g, '/') + '.py';
+                const pyInit = modulePath.replace(/\./g, '/') + '/__init__.py';
+                const fileDir = path.dirname(file);
+                const resolved1 = path.join(fileDir, pyFile).replace(/\\/g, '/');
+                const resolved2 = path.join(fileDir, pyInit).replace(/\\/g, '/');
+                if (!projectFiles.has(resolved1) && !projectFiles.has(resolved2)) {
+                    hallucinated.push({
+                        file, line: i + 1, importPath: modulePath, type: 'python',
+                        reason: `Relative module '${modulePath}' not found in project`,
+                    });
+                }
+            }
+            else {
+                // Absolute import — check if it's a project module
+                const topLevel = modulePath.split('.')[0];
+                const pyFile = topLevel + '.py';
+                const pyInit = topLevel + '/__init__.py';
+                // If it matches a project file, it's a local import — verify it exists
+                const isLocalModule = projectFiles.has(pyFile) || projectFiles.has(pyInit) ||
+                    [...projectFiles].some(f => f.startsWith(topLevel + '/'));
+                // If not local and not stdlib, we can't easily verify pip packages
+                // without a requirements.txt or pyproject.toml check
+                if (isLocalModule) {
+                    // It's referencing a local module — verify the full path
+                    const fullModulePath = modulePath.replace(/\./g, '/');
+                    const candidates = [
+                        fullModulePath + '.py',
+                        fullModulePath + '/__init__.py',
+                    ];
+                    const exists = candidates.some(c => projectFiles.has(c));
+                    if (!exists && modulePath.includes('.')) {
+                        // Only flag deep module paths that partially resolve
+                        hallucinated.push({
+                            file, line: i + 1, importPath: modulePath, type: 'python',
+                            reason: `Module '${modulePath}' partially resolves but target not found`,
+                        });
+                    }
+                }
+            }
+        }
+    }
+    resolveRelativeImport(fromFile, importPath, projectFiles) {
+        const dir = path.dirname(fromFile);
+        const resolved = path.join(dir, importPath).replace(/\\/g, '/');
+        // Try exact match, then common extensions
+        const extensions = ['', '.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs'];
+        const indexFiles = extensions.map(ext => `${resolved}/index${ext}`);
+        const candidates = [
+            ...extensions.map(ext => resolved + ext),
+            ...indexFiles,
+        ];
+        return candidates.some(c => projectFiles.has(c));
+    }
+    extractPackageName(importPath) {
+        // Scoped packages: @scope/package/... → @scope/package
+        if (importPath.startsWith('@')) {
+            const parts = importPath.split('/');
+            return parts.length >= 2 ? `${parts[0]}/${parts[1]}` : importPath;
+        }
+        // Regular packages: package/... → package
+        return importPath.split('/')[0];
+    }
+    shouldIgnore(importPath) {
+        return this.config.ignore_patterns.some(pattern => new RegExp(pattern).test(importPath));
+    }
+    isNodeBuiltin(name) {
+        const builtins = new Set([
+            'assert', 'buffer', 'child_process', 'cluster', 'console', 'constants',
+            'crypto', 'dgram', 'dns', 'domain', 'events', 'fs', 'http', 'http2',
+            'https', 'inspector', 'module', 'net', 'os', 'path', 'perf_hooks',
+            'process', 'punycode', 'querystring', 'readline', 'repl', 'stream',
+            'string_decoder', 'sys', 'timers', 'tls', 'trace_events', 'tty',
+            'url', 'util', 'v8', 'vm', 'wasi', 'worker_threads', 'zlib',
+            'node:assert', 'node:buffer', 'node:child_process', 'node:cluster',
+            'node:console', 'node:constants', 'node:crypto', 'node:dgram',
+            'node:dns', 'node:domain', 'node:events', 'node:fs', 'node:http',
+            'node:http2', 'node:https', 'node:inspector', 'node:module', 'node:net',
+            'node:os', 'node:path', 'node:perf_hooks', 'node:process',
+            'node:punycode', 'node:querystring', 'node:readline', 'node:repl',
+            'node:stream', 'node:string_decoder', 'node:sys', 'node:timers',
+            'node:tls', 'node:trace_events', 'node:tty', 'node:url', 'node:util',
+            'node:v8', 'node:vm', 'node:wasi', 'node:worker_threads', 'node:zlib',
+            'fs-extra', // common enough to skip
+        ]);
+        return builtins.has(name) || name.startsWith('node:');
+    }
+    isPythonStdlib(modulePath) {
+        const topLevel = modulePath.split('.')[0];
+        const stdlibs = new Set([
+            'abc', 'aifc', 'argparse', 'array', 'ast', 'asyncio', 'atexit',
+            'base64', 'bdb', 'binascii', 'binhex', 'bisect', 'builtins',
+            'calendar', 'cgi', 'cgitb', 'chunk', 'cmath', 'cmd', 'code',
+            'codecs', 'codeop', 'collections', 'colorsys', 'compileall',
+            'concurrent', 'configparser', 'contextlib', 'contextvars', 'copy',
+            'copyreg', 'cProfile', 'csv', 'ctypes', 'curses', 'dataclasses',
+            'datetime', 'dbm', 'decimal', 'difflib', 'dis', 'distutils',
+            'doctest', 'email', 'encodings', 'enum', 'errno', 'faulthandler',
+            'fcntl', 'filecmp', 'fileinput', 'fnmatch', 'fractions', 'ftplib',
+            'functools', 'gc', 'getopt', 'getpass', 'gettext', 'glob', 'grp',
+            'gzip', 'hashlib', 'heapq', 'hmac', 'html', 'http', 'idlelib',
+            'imaplib', 'imghdr', 'importlib', 'inspect', 'io', 'ipaddress',
+            'itertools', 'json', 'keyword', 'lib2to3', 'linecache', 'locale',
+            'logging', 'lzma', 'mailbox', 'mailcap', 'marshal', 'math',
+            'mimetypes', 'mmap', 'modulefinder', 'multiprocessing', 'netrc',
+            'nis', 'nntplib', 'numbers', 'operator', 'optparse', 'os',
+            'ossaudiodev', 'parser', 'pathlib', 'pdb', 'pickle', 'pickletools',
+            'pipes', 'pkgutil', 'platform', 'plistlib', 'poplib', 'posix',
+            'posixpath', 'pprint', 'profile', 'pstats', 'pty', 'pwd', 'py_compile',
+            'pyclbr', 'pydoc', 'queue', 'quopri', 'random', 're', 'readline',
+            'reprlib', 'resource', 'rlcompleter', 'runpy', 'sched', 'secrets',
+            'select', 'selectors', 'shelve', 'shlex', 'shutil', 'signal',
+            'site', 'smtpd', 'smtplib', 'sndhdr', 'socket', 'socketserver',
+            'spwd', 'sqlite3', 'sre_compile', 'sre_constants', 'sre_parse',
+            'ssl', 'stat', 'statistics', 'string', 'stringprep', 'struct',
+            'subprocess', 'sunau', 'symtable', 'sys', 'sysconfig', 'syslog',
+            'tabnanny', 'tarfile', 'telnetlib', 'tempfile', 'termios', 'test',
+            'textwrap', 'threading', 'time', 'timeit', 'tkinter', 'token',
+            'tokenize', 'tomllib', 'trace', 'traceback', 'tracemalloc', 'tty',
+            'turtle', 'turtledemo', 'types', 'typing', 'unicodedata', 'unittest',
+            'urllib', 'uu', 'uuid', 'venv', 'warnings', 'wave', 'weakref',
+            'webbrowser', 'winreg', 'winsound', 'wsgiref', 'xdrlib', 'xml',
+            'xmlrpc', 'zipapp', 'zipfile', 'zipimport', 'zlib',
+            '_thread', '__future__', '__main__',
+        ]);
+        return stdlibs.has(topLevel);
+    }
+    /**
+     * Check Go imports — verify relative/project package paths exist
+     * Go stdlib packages are skipped; only project-relative imports are checked
+     */
+    checkGoImports(content, file, cwd, projectFiles, hallucinated) {
+        const lines = content.split('\n');
+        let inImportBlock = false;
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i].trim();
+            // Detect import block: import ( ... )
+            if (/^import\s*\(/.test(line)) {
+                inImportBlock = true;
+                continue;
+            }
+            if (inImportBlock && line === ')') {
+                inImportBlock = false;
+                continue;
+            }
+            // Single import: import "path"
+            const singleMatch = line.match(/^import\s+"([^"]+)"/);
+            const blockMatch = inImportBlock ? line.match(/^\s*"([^"]+)"/) : null;
+            const importPath = singleMatch?.[1] || blockMatch?.[1];
+            if (!importPath)
+                continue;
+            // Skip Go stdlib (no dots in path = stdlib or well-known)
+            if (!importPath.includes('.') && !importPath.includes('/'))
+                continue;
+            // Project-relative imports (contain module path from go.mod)
+            // We only flag imports that look like project paths but don't resolve
+            if (importPath.includes('/') && !importPath.startsWith('github.com') && !importPath.startsWith('golang.org')) {
+                // Check if the path maps to a directory in the project
+                const dirPath = importPath.split('/').slice(-2).join('/');
+                const hasMatchingFile = [...projectFiles].some(f => f.includes(dirPath));
+                if (!hasMatchingFile) {
+                    hallucinated.push({
+                        file, line: i + 1, importPath, type: 'go',
+                        reason: `Go import '${importPath}' — package path not found in project`,
+                    });
+                }
+            }
+        }
+    }
+    /**
+     * Check Ruby imports — verify require_relative paths exist
+     */
+    checkRubyImports(content, file, projectFiles, hallucinated) {
+        const lines = content.split('\n');
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i].trim();
+            // require_relative 'path' — should resolve to a real file
+            const relMatch = line.match(/require_relative\s+['"]([^'"]+)['"]/);
+            if (relMatch) {
+                const reqPath = relMatch[1];
+                const dir = path.dirname(file);
+                const resolved = path.join(dir, reqPath).replace(/\\/g, '/');
+                const candidates = [resolved + '.rb', resolved];
+                if (!candidates.some(c => projectFiles.has(c))) {
+                    hallucinated.push({
+                        file, line: i + 1, importPath: reqPath, type: 'ruby',
+                        reason: `require_relative '${reqPath}' — file not found in project`,
+                    });
+                }
+            }
+        }
+    }
+    /**
+     * Check C# imports — verify relative using paths match project namespaces
+     * (C# uses namespaces, not file paths — we check for obviously wrong namespaces)
+     */
+    checkCSharpImports(content, file, projectFiles, hallucinated) {
+        const lines = content.split('\n');
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i].trim();
+            // using ProjectName.Something — check if namespace maps to project files
+            const usingMatch = line.match(/^using\s+([\w.]+)\s*;/);
+            if (!usingMatch)
+                continue;
+            const namespace = usingMatch[1];
+            // Skip System.* and Microsoft.* and common framework namespaces
+            if (/^(?:System|Microsoft|Newtonsoft|NUnit|Xunit|Moq|AutoMapper)\b/.test(namespace))
+                continue;
+            // Check if the namespace maps to any .cs file path in the project
+            const nsPath = namespace.replace(/\./g, '/');
+            const hasMatch = [...projectFiles].some(f => f.endsWith('.cs') && (f.includes(nsPath) || f.includes(namespace.split('.')[0])));
+            // Only flag if the project has NO files that could match this namespace
+            if (!hasMatch && namespace.includes('.')) {
+                // Could be a NuGet package — we can't verify without .csproj parsing
+                // Only flag obvious project-relative namespaces
+                const topLevel = namespace.split('.')[0];
+                const hasProjectFiles = [...projectFiles].some(f => f.endsWith('.cs') && f.includes(topLevel));
+                if (hasProjectFiles) {
+                    hallucinated.push({
+                        file, line: i + 1, importPath: namespace, type: 'csharp',
+                        reason: `Namespace '${namespace}' — no matching files found in project`,
+                    });
+                }
+            }
+        }
+    }
+    async loadPackageJson(cwd) {
+        try {
+            const pkgPath = path.join(cwd, 'package.json');
+            if (await fs.pathExists(pkgPath)) {
+                return await fs.readJson(pkgPath);
+            }
+        }
+        catch (e) { }
+        return null;
+    }
+}

package/dist/gates/inconsistent-error-handling.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Inconsistent Error Handling Gate
+ *
+ * Detects when the same error type is handled differently across the codebase.
+ * This is an AI-specific failure mode — each agent session writes error handling
+ * from scratch, leading to 4 different patterns for the same error type.
+ *
+ * Detection strategy:
+ * 1. Extract all try-catch blocks and error handling patterns
+ * 2. Cluster by caught error type (e.g. "Error", "TypeError", custom errors)
+ * 3. Compare handling strategies within each cluster
+ * 4. Flag types with >2 distinct handling patterns across files
+ *
+ * Examples of inconsistency:
+ * - File A: catch(e) { console.log(e) }
+ * - File B: catch(e) { throw new AppError(e) }
+ * - File C: catch(e) { return null }
+ * - File D: catch(e) { [empty] }
+ *
+ * @since v2.16.0
+ */
+import { Gate, GateContext } from './base.js';
+import { Failure, Provenance } from '../types/index.js';
+export interface InconsistentErrorHandlingConfig {
+    enabled?: boolean;
+    max_strategies_per_type?: number;
+    min_occurrences?: number;
+    ignore_empty_catches?: boolean;
+}
+export declare class InconsistentErrorHandlingGate extends Gate {
+    private config;
+    constructor(config?: InconsistentErrorHandlingConfig);
+    protected get provenance(): Provenance;
+    run(context: GateContext): Promise<Failure[]>;
+    private extractErrorHandlers;
+    private classifyStrategy;
+    private extractCatchBody;
+    private extractCatchCallbackBody;
+}