@rigour-labs/core 2.22.0 → 3.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (117) hide show
  1. package/README.md +58 -0
  2. package/dist/context.test.js +2 -3
  3. package/dist/environment.test.js +2 -1
  4. package/dist/gates/agent-team.d.ts +2 -1
  5. package/dist/gates/agent-team.js +1 -0
  6. package/dist/gates/base.d.ts +3 -1
  7. package/dist/gates/base.js +3 -0
  8. package/dist/gates/checkpoint.d.ts +2 -1
  9. package/dist/gates/checkpoint.js +3 -2
  10. package/dist/gates/context-window-artifacts.d.ts +2 -1
  11. package/dist/gates/context-window-artifacts.js +6 -3
  12. package/dist/gates/context.d.ts +2 -1
  13. package/dist/gates/context.js +1 -0
  14. package/dist/gates/coverage.js +3 -1
  15. package/dist/gates/dependency.js +5 -5
  16. package/dist/gates/duplication-drift.d.ts +2 -1
  17. package/dist/gates/duplication-drift.js +4 -1
  18. package/dist/gates/environment.js +4 -4
  19. package/dist/gates/hallucinated-imports.d.ts +21 -2
  20. package/dist/gates/hallucinated-imports.js +116 -2
  21. package/dist/gates/inconsistent-error-handling.d.ts +2 -1
  22. package/dist/gates/inconsistent-error-handling.js +21 -7
  23. package/dist/gates/promise-safety.d.ts +68 -0
  24. package/dist/gates/promise-safety.js +509 -0
  25. package/dist/gates/retry-loop-breaker.d.ts +2 -1
  26. package/dist/gates/retry-loop-breaker.js +2 -1
  27. package/dist/gates/runner.js +34 -1
  28. package/dist/gates/safety.d.ts +2 -1
  29. package/dist/gates/safety.js +2 -1
  30. package/dist/gates/security-patterns-owasp.test.d.ts +1 -0
  31. package/dist/gates/security-patterns-owasp.test.js +171 -0
  32. package/dist/gates/security-patterns.d.ts +6 -1
  33. package/dist/gates/security-patterns.js +101 -0
  34. package/dist/gates/structure.js +1 -1
  35. package/dist/hooks/checker.d.ts +23 -0
  36. package/dist/hooks/checker.js +222 -0
  37. package/dist/hooks/checker.test.d.ts +1 -0
  38. package/dist/hooks/checker.test.js +132 -0
  39. package/dist/hooks/index.d.ts +9 -0
  40. package/dist/hooks/index.js +8 -0
  41. package/dist/hooks/standalone-checker.d.ts +15 -0
  42. package/dist/hooks/standalone-checker.js +106 -0
  43. package/dist/hooks/templates.d.ts +22 -0
  44. package/dist/hooks/templates.js +232 -0
  45. package/dist/hooks/types.d.ts +34 -0
  46. package/dist/hooks/types.js +21 -0
  47. package/dist/index.d.ts +2 -0
  48. package/dist/index.js +2 -0
  49. package/dist/services/fix-packet-service.d.ts +0 -1
  50. package/dist/services/fix-packet-service.js +9 -14
  51. package/dist/services/score-history.d.ts +54 -0
  52. package/dist/services/score-history.js +122 -0
  53. package/dist/templates/index.js +176 -0
  54. package/dist/types/fix-packet.d.ts +5 -5
  55. package/dist/types/fix-packet.js +1 -1
  56. package/dist/types/index.d.ts +207 -0
  57. package/dist/types/index.js +32 -0
  58. package/package.json +21 -1
  59. package/src/context.test.ts +0 -256
  60. package/src/discovery.test.ts +0 -88
  61. package/src/discovery.ts +0 -112
  62. package/src/environment.test.ts +0 -115
  63. package/src/gates/agent-team.test.ts +0 -134
  64. package/src/gates/agent-team.ts +0 -210
  65. package/src/gates/ast-handlers/base.ts +0 -13
  66. package/src/gates/ast-handlers/python.ts +0 -145
  67. package/src/gates/ast-handlers/python_parser.py +0 -181
  68. package/src/gates/ast-handlers/typescript.ts +0 -264
  69. package/src/gates/ast-handlers/universal.ts +0 -184
  70. package/src/gates/ast.ts +0 -54
  71. package/src/gates/base.ts +0 -28
  72. package/src/gates/checkpoint.test.ts +0 -135
  73. package/src/gates/checkpoint.ts +0 -311
  74. package/src/gates/content.ts +0 -51
  75. package/src/gates/context-window-artifacts.ts +0 -277
  76. package/src/gates/context.ts +0 -270
  77. package/src/gates/coverage.ts +0 -74
  78. package/src/gates/dependency.ts +0 -108
  79. package/src/gates/duplication-drift.ts +0 -231
  80. package/src/gates/environment.ts +0 -94
  81. package/src/gates/file.ts +0 -46
  82. package/src/gates/hallucinated-imports.ts +0 -361
  83. package/src/gates/inconsistent-error-handling.ts +0 -254
  84. package/src/gates/retry-loop-breaker.ts +0 -151
  85. package/src/gates/runner.ts +0 -188
  86. package/src/gates/safety.ts +0 -56
  87. package/src/gates/security-patterns.test.ts +0 -162
  88. package/src/gates/security-patterns.ts +0 -306
  89. package/src/gates/structure.ts +0 -36
  90. package/src/index.ts +0 -13
  91. package/src/pattern-index/embeddings.ts +0 -84
  92. package/src/pattern-index/index.ts +0 -59
  93. package/src/pattern-index/indexer.test.ts +0 -276
  94. package/src/pattern-index/indexer.ts +0 -1023
  95. package/src/pattern-index/matcher.test.ts +0 -293
  96. package/src/pattern-index/matcher.ts +0 -493
  97. package/src/pattern-index/overrides.ts +0 -235
  98. package/src/pattern-index/security.ts +0 -151
  99. package/src/pattern-index/staleness.test.ts +0 -313
  100. package/src/pattern-index/staleness.ts +0 -568
  101. package/src/pattern-index/types.ts +0 -339
  102. package/src/safety.test.ts +0 -53
  103. package/src/services/adaptive-thresholds.test.ts +0 -189
  104. package/src/services/adaptive-thresholds.ts +0 -275
  105. package/src/services/context-engine.ts +0 -104
  106. package/src/services/fix-packet-service.ts +0 -42
  107. package/src/services/state-service.ts +0 -138
  108. package/src/smoke.test.ts +0 -18
  109. package/src/templates/index.ts +0 -338
  110. package/src/types/fix-packet.ts +0 -32
  111. package/src/types/index.ts +0 -200
  112. package/src/utils/logger.ts +0 -43
  113. package/src/utils/scanner.test.ts +0 -37
  114. package/src/utils/scanner.ts +0 -43
  115. package/tsconfig.json +0 -10
  116. package/vitest.config.ts +0 -7
  117. package/vitest.setup.ts +0 -30
package/dist/templates/index.js CHANGED
@@ -135,6 +135,167 @@ export const TEMPLATES = [
135
135
  ],
136
136
  },
137
137
  },
138
+ // --- Regulated Industry Presets ---
139
+ {
140
+ name: 'healthcare',
141
+ markers: [
142
+ 'hl7', 'fhir', 'hipaa', 'medical', 'patient', 'health',
143
+ 'ehr', 'phi', 'dicom', 'icd-10', 'snomed',
144
+ ],
145
+ config: {
146
+ preset: 'healthcare',
147
+ ignore: [
148
+ '.git/**', 'node_modules/**', 'dist/**', 'build/**',
149
+ 'venv/**', '.venv/**', '__pycache__/**',
150
+ ],
151
+ gates: {
152
+ max_file_lines: 300,
153
+ required_files: ['docs/COMPLIANCE.md', 'docs/SPEC.md', 'docs/ARCH.md', 'README.md'],
154
+ security: {
155
+ enabled: true,
156
+ sql_injection: true,
157
+ xss: true,
158
+ path_traversal: true,
159
+ hardcoded_secrets: true,
160
+ insecure_randomness: true,
161
+ command_injection: true,
162
+ block_on_severity: 'critical',
163
+ },
164
+ },
165
+ },
166
+ },
167
+ {
168
+ name: 'fintech',
169
+ markers: [
170
+ 'trading', 'payment', 'kyc', 'aml', 'pci', 'transaction',
171
+ 'ledger', 'banking', 'stripe', 'plaid', 'sox',
172
+ ],
173
+ config: {
174
+ preset: 'fintech',
175
+ ignore: [
176
+ '.git/**', 'node_modules/**', 'dist/**', 'build/**',
177
+ 'venv/**', '.venv/**', '__pycache__/**', 'vendor/**',
178
+ ],
179
+ gates: {
180
+ max_file_lines: 350,
181
+ required_files: ['docs/AUDIT_LOG.md', 'docs/SPEC.md', 'docs/ARCH.md', 'README.md'],
182
+ security: {
183
+ enabled: true,
184
+ sql_injection: true,
185
+ xss: true,
186
+ path_traversal: true,
187
+ hardcoded_secrets: true,
188
+ insecure_randomness: true,
189
+ command_injection: true,
190
+ block_on_severity: 'high',
191
+ },
192
+ agent_team: {
193
+ enabled: true,
194
+ max_concurrent_agents: 3,
195
+ cross_agent_pattern_check: true,
196
+ handoff_verification: true,
197
+ task_ownership: 'strict',
198
+ },
199
+ },
200
+ },
201
+ },
202
+ {
203
+ name: 'government',
204
+ markers: [
205
+ 'fedramp', 'nist', 'cmmc', 'federal', 'govcloud',
206
+ 'il4', 'il5', 'fisma', 'itar', 'cui',
207
+ ],
208
+ config: {
209
+ preset: 'government',
210
+ ignore: [
211
+ '.git/**', 'node_modules/**', 'dist/**', 'build/**',
212
+ 'venv/**', '.venv/**', '__pycache__/**', 'vendor/**',
213
+ ],
214
+ gates: {
215
+ max_file_lines: 250,
216
+ required_files: ['docs/SECURITY.md', 'docs/SPEC.md', 'docs/ARCH.md', 'README.md'],
217
+ ast: {
218
+ complexity: 8,
219
+ max_methods: 10,
220
+ max_params: 4,
221
+ max_nesting: 3,
222
+ max_inheritance_depth: 3,
223
+ max_class_dependencies: 5,
224
+ max_function_lines: 40,
225
+ },
226
+ security: {
227
+ enabled: true,
228
+ sql_injection: true,
229
+ xss: true,
230
+ path_traversal: true,
231
+ hardcoded_secrets: true,
232
+ insecure_randomness: true,
233
+ command_injection: true,
234
+ block_on_severity: 'medium',
235
+ },
236
+ agent_team: {
237
+ enabled: true,
238
+ max_concurrent_agents: 3,
239
+ cross_agent_pattern_check: true,
240
+ handoff_verification: true,
241
+ task_ownership: 'strict',
242
+ },
243
+ checkpoint: {
244
+ enabled: true,
245
+ interval_minutes: 10,
246
+ quality_threshold: 85,
247
+ drift_detection: true,
248
+ auto_save_on_failure: true,
249
+ },
250
+ },
251
+ },
252
+ },
253
+ // DevSecOps / Security SRE preset
254
+ {
255
+ name: 'devsecops',
256
+ markers: [
257
+ 'trivy', 'snyk', 'semgrep', 'sonarqube', 'owasp',
258
+ 'sast', 'dast', 'pentest', 'vulnerability', 'cve',
259
+ 'security-scan', 'falco', 'wazuh', 'ossec',
260
+ ],
261
+ config: {
262
+ preset: 'devsecops',
263
+ ignore: [
264
+ '.git/**', 'node_modules/**', 'dist/**', 'build/**',
265
+ 'venv/**', '.venv/**', '__pycache__/**', 'vendor/**',
266
+ ],
267
+ gates: {
268
+ max_file_lines: 300,
269
+ required_files: ['docs/SECURITY.md', 'docs/RUNBOOK.md', 'README.md'],
270
+ ast: {
271
+ complexity: 10,
272
+ max_methods: 10,
273
+ max_params: 5,
274
+ max_nesting: 3,
275
+ max_inheritance_depth: 3,
276
+ max_class_dependencies: 5,
277
+ max_function_lines: 50,
278
+ },
279
+ security: {
280
+ enabled: true,
281
+ sql_injection: true,
282
+ xss: true,
283
+ path_traversal: true,
284
+ hardcoded_secrets: true,
285
+ insecure_randomness: true,
286
+ command_injection: true,
287
+ block_on_severity: 'high',
288
+ },
289
+ agent_team: {
290
+ enabled: true,
291
+ max_concurrent_agents: 3,
292
+ cross_agent_pattern_check: true,
293
+ handoff_verification: true,
294
+ task_ownership: 'strict',
295
+ },
296
+ },
297
+ },
298
+ },
138
299
  ];
139
300
  export const PARADIGM_TEMPLATES = [
140
301
  {
@@ -312,6 +473,21 @@ export const UNIVERSAL_CONFIG = {
312
473
  degradation_threshold: 0.4,
313
474
  signals_required: 2,
314
475
  },
476
+ promise_safety: {
477
+ enabled: true,
478
+ check_unhandled_then: true,
479
+ check_unsafe_parse: true,
480
+ check_async_without_await: true,
481
+ check_unsafe_fetch: true,
482
+ ignore_patterns: [],
483
+ },
484
+ },
485
+ hooks: {
486
+ enabled: false,
487
+ tools: [],
488
+ fast_gates: ['hallucinated-imports', 'promise-safety', 'security-patterns', 'file-size'],
489
+ timeout_ms: 5000,
490
+ block_on_failure: false,
315
491
  },
316
492
  output: {
317
493
  report_path: 'rigour-report.json',
package/dist/types/fix-packet.d.ts CHANGED
@@ -9,7 +9,7 @@ export declare const FixPacketV2Schema: z.ZodObject<{
9
9
  violations: z.ZodArray<z.ZodObject<{
10
10
  id: z.ZodString;
11
11
  gate: z.ZodString;
12
- severity: z.ZodDefault<z.ZodEnum<["low", "medium", "high", "critical"]>>;
12
+ severity: z.ZodDefault<z.ZodEnum<["info", "low", "medium", "high", "critical"]>>;
13
13
  category: z.ZodOptional<z.ZodString>;
14
14
  title: z.ZodString;
15
15
  details: z.ZodString;
@@ -21,7 +21,7 @@ export declare const FixPacketV2Schema: z.ZodObject<{
21
21
  id: string;
22
22
  title: string;
23
23
  details: string;
24
- severity: "critical" | "high" | "medium" | "low";
24
+ severity: "critical" | "high" | "medium" | "low" | "info";
25
25
  gate: string;
26
26
  files?: string[] | undefined;
27
27
  hint?: string | undefined;
@@ -33,7 +33,7 @@ export declare const FixPacketV2Schema: z.ZodObject<{
33
33
  title: string;
34
34
  details: string;
35
35
  gate: string;
36
- severity?: "critical" | "high" | "medium" | "low" | undefined;
36
+ severity?: "critical" | "high" | "medium" | "low" | "info" | undefined;
37
37
  files?: string[] | undefined;
38
38
  hint?: string | undefined;
39
39
  category?: string | undefined;
@@ -69,7 +69,7 @@ export declare const FixPacketV2Schema: z.ZodObject<{
69
69
  id: string;
70
70
  title: string;
71
71
  details: string;
72
- severity: "critical" | "high" | "medium" | "low";
72
+ severity: "critical" | "high" | "medium" | "low" | "info";
73
73
  gate: string;
74
74
  files?: string[] | undefined;
75
75
  hint?: string | undefined;
@@ -92,7 +92,7 @@ export declare const FixPacketV2Schema: z.ZodObject<{
92
92
  title: string;
93
93
  details: string;
94
94
  gate: string;
95
- severity?: "critical" | "high" | "medium" | "low" | undefined;
95
+ severity?: "critical" | "high" | "medium" | "low" | "info" | undefined;
96
96
  files?: string[] | undefined;
97
97
  hint?: string | undefined;
98
98
  category?: string | undefined;
package/dist/types/fix-packet.js CHANGED
@@ -9,7 +9,7 @@ export const FixPacketV2Schema = z.object({
9
9
  violations: z.array(z.object({
10
10
  id: z.string(),
11
11
  gate: z.string(),
12
- severity: z.enum(['low', 'medium', 'high', 'critical']).default('medium'),
12
+ severity: z.enum(['info', 'low', 'medium', 'high', 'critical']).default('medium'),
13
13
  category: z.string().optional(),
14
14
  title: z.string(),
15
15
  details: z.string(),
package/dist/types/index.d.ts CHANGED
@@ -293,6 +293,28 @@ export declare const GatesSchema: z.ZodObject<{
293
293
  degradation_threshold?: number | undefined;
294
294
  signals_required?: number | undefined;
295
295
  }>>>;
296
+ promise_safety: z.ZodDefault<z.ZodOptional<z.ZodObject<{
297
+ enabled: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
298
+ check_unhandled_then: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
299
+ check_unsafe_parse: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
300
+ check_async_without_await: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
301
+ check_unsafe_fetch: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
302
+ ignore_patterns: z.ZodDefault<z.ZodOptional<z.ZodArray<z.ZodString, "many">>>;
303
+ }, "strip", z.ZodTypeAny, {
304
+ enabled: boolean;
305
+ ignore_patterns: string[];
306
+ check_unhandled_then: boolean;
307
+ check_unsafe_parse: boolean;
308
+ check_async_without_await: boolean;
309
+ check_unsafe_fetch: boolean;
310
+ }, {
311
+ enabled?: boolean | undefined;
312
+ ignore_patterns?: string[] | undefined;
313
+ check_unhandled_then?: boolean | undefined;
314
+ check_unsafe_parse?: boolean | undefined;
315
+ check_async_without_await?: boolean | undefined;
316
+ check_unsafe_fetch?: boolean | undefined;
317
+ }>>>;
296
318
  }, "strip", z.ZodTypeAny, {
297
319
  max_file_lines: number;
298
320
  forbid_todos: boolean;
@@ -403,6 +425,14 @@ export declare const GatesSchema: z.ZodObject<{
403
425
  degradation_threshold: number;
404
426
  signals_required: number;
405
427
  };
428
+ promise_safety: {
429
+ enabled: boolean;
430
+ ignore_patterns: string[];
431
+ check_unhandled_then: boolean;
432
+ check_unsafe_parse: boolean;
433
+ check_async_without_await: boolean;
434
+ check_unsafe_fetch: boolean;
435
+ };
406
436
  }, {
407
437
  max_file_lines?: number | undefined;
408
438
  forbid_todos?: boolean | undefined;
@@ -513,6 +543,14 @@ export declare const GatesSchema: z.ZodObject<{
513
543
  degradation_threshold?: number | undefined;
514
544
  signals_required?: number | undefined;
515
545
  } | undefined;
546
+ promise_safety?: {
547
+ enabled?: boolean | undefined;
548
+ ignore_patterns?: string[] | undefined;
549
+ check_unhandled_then?: boolean | undefined;
550
+ check_unsafe_parse?: boolean | undefined;
551
+ check_async_without_await?: boolean | undefined;
552
+ check_unsafe_fetch?: boolean | undefined;
553
+ } | undefined;
516
554
  }>;
517
555
  export declare const CommandsSchema: z.ZodObject<{
518
556
  format: z.ZodOptional<z.ZodString>;
@@ -530,6 +568,25 @@ export declare const CommandsSchema: z.ZodObject<{
530
568
  typecheck?: string | undefined;
531
569
  test?: string | undefined;
532
570
  }>;
571
+ export declare const HooksSchema: z.ZodDefault<z.ZodOptional<z.ZodObject<{
572
+ enabled: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
573
+ tools: z.ZodDefault<z.ZodOptional<z.ZodArray<z.ZodEnum<["claude", "cursor", "cline", "windsurf"]>, "many">>>;
574
+ fast_gates: z.ZodDefault<z.ZodOptional<z.ZodArray<z.ZodString, "many">>>;
575
+ timeout_ms: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
576
+ block_on_failure: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
577
+ }, "strip", z.ZodTypeAny, {
578
+ enabled: boolean;
579
+ tools: ("claude" | "cursor" | "cline" | "windsurf")[];
580
+ fast_gates: string[];
581
+ timeout_ms: number;
582
+ block_on_failure: boolean;
583
+ }, {
584
+ enabled?: boolean | undefined;
585
+ tools?: ("claude" | "cursor" | "cline" | "windsurf")[] | undefined;
586
+ fast_gates?: string[] | undefined;
587
+ timeout_ms?: number | undefined;
588
+ block_on_failure?: boolean | undefined;
589
+ }>>>;
533
590
  export declare const ConfigSchema: z.ZodObject<{
534
591
  version: z.ZodDefault<z.ZodNumber>;
535
592
  preset: z.ZodOptional<z.ZodString>;
@@ -844,6 +901,28 @@ export declare const ConfigSchema: z.ZodObject<{
844
901
  degradation_threshold?: number | undefined;
845
902
  signals_required?: number | undefined;
846
903
  }>>>;
904
+ promise_safety: z.ZodDefault<z.ZodOptional<z.ZodObject<{
905
+ enabled: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
906
+ check_unhandled_then: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
907
+ check_unsafe_parse: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
908
+ check_async_without_await: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
909
+ check_unsafe_fetch: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
910
+ ignore_patterns: z.ZodDefault<z.ZodOptional<z.ZodArray<z.ZodString, "many">>>;
911
+ }, "strip", z.ZodTypeAny, {
912
+ enabled: boolean;
913
+ ignore_patterns: string[];
914
+ check_unhandled_then: boolean;
915
+ check_unsafe_parse: boolean;
916
+ check_async_without_await: boolean;
917
+ check_unsafe_fetch: boolean;
918
+ }, {
919
+ enabled?: boolean | undefined;
920
+ ignore_patterns?: string[] | undefined;
921
+ check_unhandled_then?: boolean | undefined;
922
+ check_unsafe_parse?: boolean | undefined;
923
+ check_async_without_await?: boolean | undefined;
924
+ check_unsafe_fetch?: boolean | undefined;
925
+ }>>>;
847
926
  }, "strip", z.ZodTypeAny, {
848
927
  max_file_lines: number;
849
928
  forbid_todos: boolean;
@@ -954,6 +1033,14 @@ export declare const ConfigSchema: z.ZodObject<{
954
1033
  degradation_threshold: number;
955
1034
  signals_required: number;
956
1035
  };
1036
+ promise_safety: {
1037
+ enabled: boolean;
1038
+ ignore_patterns: string[];
1039
+ check_unhandled_then: boolean;
1040
+ check_unsafe_parse: boolean;
1041
+ check_async_without_await: boolean;
1042
+ check_unsafe_fetch: boolean;
1043
+ };
957
1044
  }, {
958
1045
  max_file_lines?: number | undefined;
959
1046
  forbid_todos?: boolean | undefined;
@@ -1064,6 +1151,33 @@ export declare const ConfigSchema: z.ZodObject<{
1064
1151
  degradation_threshold?: number | undefined;
1065
1152
  signals_required?: number | undefined;
1066
1153
  } | undefined;
1154
+ promise_safety?: {
1155
+ enabled?: boolean | undefined;
1156
+ ignore_patterns?: string[] | undefined;
1157
+ check_unhandled_then?: boolean | undefined;
1158
+ check_unsafe_parse?: boolean | undefined;
1159
+ check_async_without_await?: boolean | undefined;
1160
+ check_unsafe_fetch?: boolean | undefined;
1161
+ } | undefined;
1162
+ }>>>;
1163
+ hooks: z.ZodDefault<z.ZodOptional<z.ZodObject<{
1164
+ enabled: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
1165
+ tools: z.ZodDefault<z.ZodOptional<z.ZodArray<z.ZodEnum<["claude", "cursor", "cline", "windsurf"]>, "many">>>;
1166
+ fast_gates: z.ZodDefault<z.ZodOptional<z.ZodArray<z.ZodString, "many">>>;
1167
+ timeout_ms: z.ZodDefault<z.ZodOptional<z.ZodNumber>>;
1168
+ block_on_failure: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
1169
+ }, "strip", z.ZodTypeAny, {
1170
+ enabled: boolean;
1171
+ tools: ("claude" | "cursor" | "cline" | "windsurf")[];
1172
+ fast_gates: string[];
1173
+ timeout_ms: number;
1174
+ block_on_failure: boolean;
1175
+ }, {
1176
+ enabled?: boolean | undefined;
1177
+ tools?: ("claude" | "cursor" | "cline" | "windsurf")[] | undefined;
1178
+ fast_gates?: string[] | undefined;
1179
+ timeout_ms?: number | undefined;
1180
+ block_on_failure?: boolean | undefined;
1067
1181
  }>>>;
1068
1182
  output: z.ZodDefault<z.ZodOptional<z.ZodObject<{
1069
1183
  report_path: z.ZodDefault<z.ZodString>;
@@ -1193,6 +1307,21 @@ export declare const ConfigSchema: z.ZodObject<{
1193
1307
  degradation_threshold: number;
1194
1308
  signals_required: number;
1195
1309
  };
1310
+ promise_safety: {
1311
+ enabled: boolean;
1312
+ ignore_patterns: string[];
1313
+ check_unhandled_then: boolean;
1314
+ check_unsafe_parse: boolean;
1315
+ check_async_without_await: boolean;
1316
+ check_unsafe_fetch: boolean;
1317
+ };
1318
+ };
1319
+ hooks: {
1320
+ enabled: boolean;
1321
+ tools: ("claude" | "cursor" | "cline" | "windsurf")[];
1322
+ fast_gates: string[];
1323
+ timeout_ms: number;
1324
+ block_on_failure: boolean;
1196
1325
  };
1197
1326
  output: {
1198
1327
  report_path: string;
@@ -1321,6 +1450,21 @@ export declare const ConfigSchema: z.ZodObject<{
1321
1450
  degradation_threshold?: number | undefined;
1322
1451
  signals_required?: number | undefined;
1323
1452
  } | undefined;
1453
+ promise_safety?: {
1454
+ enabled?: boolean | undefined;
1455
+ ignore_patterns?: string[] | undefined;
1456
+ check_unhandled_then?: boolean | undefined;
1457
+ check_unsafe_parse?: boolean | undefined;
1458
+ check_async_without_await?: boolean | undefined;
1459
+ check_unsafe_fetch?: boolean | undefined;
1460
+ } | undefined;
1461
+ } | undefined;
1462
+ hooks?: {
1463
+ enabled?: boolean | undefined;
1464
+ tools?: ("claude" | "cursor" | "cline" | "windsurf")[] | undefined;
1465
+ fast_gates?: string[] | undefined;
1466
+ timeout_ms?: number | undefined;
1467
+ block_on_failure?: boolean | undefined;
1324
1468
  } | undefined;
1325
1469
  output?: {
1326
1470
  report_path?: string | undefined;
@@ -1329,14 +1473,19 @@ export declare const ConfigSchema: z.ZodObject<{
1329
1473
  }>;
1330
1474
  export type Gates = z.infer<typeof GatesSchema>;
1331
1475
  export type Commands = z.infer<typeof CommandsSchema>;
1476
+ export type Hooks = z.infer<typeof HooksSchema>;
1332
1477
  export type Config = z.infer<typeof ConfigSchema>;
1333
1478
  export type RawGates = z.input<typeof GatesSchema>;
1334
1479
  export type RawCommands = z.input<typeof CommandsSchema>;
1480
+ export type RawHooks = z.input<typeof HooksSchema>;
1335
1481
  export type RawConfig = z.input<typeof ConfigSchema>;
1336
1482
  export declare const StatusSchema: z.ZodEnum<["PASS", "FAIL", "SKIP", "ERROR"]>;
1337
1483
  export type Status = z.infer<typeof StatusSchema>;
1338
1484
  export declare const SeveritySchema: z.ZodEnum<["critical", "high", "medium", "low", "info"]>;
1339
1485
  export type Severity = z.infer<typeof SeveritySchema>;
1486
+ /** Provenance tags — lets dashboards/agents filter by what matters */
1487
+ export declare const ProvenanceSchema: z.ZodEnum<["ai-drift", "traditional", "security", "governance"]>;
1488
+ export type Provenance = z.infer<typeof ProvenanceSchema>;
1340
1489
  /** Severity weights for score calculation */
1341
1490
  export declare const SEVERITY_WEIGHTS: Record<Severity, number>;
1342
1491
  export declare const FailureSchema: z.ZodObject<{
@@ -1344,6 +1493,7 @@ export declare const FailureSchema: z.ZodObject<{
1344
1493
  title: z.ZodString;
1345
1494
  details: z.ZodString;
1346
1495
  severity: z.ZodOptional<z.ZodEnum<["critical", "high", "medium", "low", "info"]>>;
1496
+ provenance: z.ZodOptional<z.ZodEnum<["ai-drift", "traditional", "security", "governance"]>>;
1347
1497
  files: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
1348
1498
  line: z.ZodOptional<z.ZodNumber>;
1349
1499
  endLine: z.ZodOptional<z.ZodNumber>;
@@ -1353,6 +1503,7 @@ export declare const FailureSchema: z.ZodObject<{
1353
1503
  title: string;
1354
1504
  details: string;
1355
1505
  severity?: "critical" | "high" | "medium" | "low" | "info" | undefined;
1506
+ provenance?: "security" | "ai-drift" | "traditional" | "governance" | undefined;
1356
1507
  files?: string[] | undefined;
1357
1508
  line?: number | undefined;
1358
1509
  endLine?: number | undefined;
@@ -1362,6 +1513,7 @@ export declare const FailureSchema: z.ZodObject<{
1362
1513
  title: string;
1363
1514
  details: string;
1364
1515
  severity?: "critical" | "high" | "medium" | "low" | "info" | undefined;
1516
+ provenance?: "security" | "ai-drift" | "traditional" | "governance" | undefined;
1365
1517
  files?: string[] | undefined;
1366
1518
  line?: number | undefined;
1367
1519
  endLine?: number | undefined;
@@ -1376,6 +1528,7 @@ export declare const ReportSchema: z.ZodObject<{
1376
1528
  title: z.ZodString;
1377
1529
  details: z.ZodString;
1378
1530
  severity: z.ZodOptional<z.ZodEnum<["critical", "high", "medium", "low", "info"]>>;
1531
+ provenance: z.ZodOptional<z.ZodEnum<["ai-drift", "traditional", "security", "governance"]>>;
1379
1532
  files: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
1380
1533
  line: z.ZodOptional<z.ZodNumber>;
1381
1534
  endLine: z.ZodOptional<z.ZodNumber>;
@@ -1385,6 +1538,7 @@ export declare const ReportSchema: z.ZodObject<{
1385
1538
  title: string;
1386
1539
  details: string;
1387
1540
  severity?: "critical" | "high" | "medium" | "low" | "info" | undefined;
1541
+ provenance?: "security" | "ai-drift" | "traditional" | "governance" | undefined;
1388
1542
  files?: string[] | undefined;
1389
1543
  line?: number | undefined;
1390
1544
  endLine?: number | undefined;
@@ -1394,6 +1548,7 @@ export declare const ReportSchema: z.ZodObject<{
1394
1548
  title: string;
1395
1549
  details: string;
1396
1550
  severity?: "critical" | "high" | "medium" | "low" | "info" | undefined;
1551
+ provenance?: "security" | "ai-drift" | "traditional" | "governance" | undefined;
1397
1552
  files?: string[] | undefined;
1398
1553
  line?: number | undefined;
1399
1554
  endLine?: number | undefined;
@@ -1402,21 +1557,63 @@ export declare const ReportSchema: z.ZodObject<{
1402
1557
  stats: z.ZodObject<{
1403
1558
  duration_ms: z.ZodNumber;
1404
1559
  score: z.ZodOptional<z.ZodNumber>;
1560
+ ai_health_score: z.ZodOptional<z.ZodNumber>;
1561
+ structural_score: z.ZodOptional<z.ZodNumber>;
1405
1562
  severity_breakdown: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodNumber>>;
1563
+ provenance_breakdown: z.ZodOptional<z.ZodObject<{
1564
+ 'ai-drift': z.ZodNumber;
1565
+ traditional: z.ZodNumber;
1566
+ security: z.ZodNumber;
1567
+ governance: z.ZodNumber;
1568
+ }, "strip", z.ZodTypeAny, {
1569
+ security: number;
1570
+ 'ai-drift': number;
1571
+ traditional: number;
1572
+ governance: number;
1573
+ }, {
1574
+ security: number;
1575
+ 'ai-drift': number;
1576
+ traditional: number;
1577
+ governance: number;
1578
+ }>>;
1406
1579
  }, "strip", z.ZodTypeAny, {
1407
1580
  duration_ms: number;
1408
1581
  score?: number | undefined;
1582
+ ai_health_score?: number | undefined;
1583
+ structural_score?: number | undefined;
1409
1584
  severity_breakdown?: Record<string, number> | undefined;
1585
+ provenance_breakdown?: {
1586
+ security: number;
1587
+ 'ai-drift': number;
1588
+ traditional: number;
1589
+ governance: number;
1590
+ } | undefined;
1410
1591
  }, {
1411
1592
  duration_ms: number;
1412
1593
  score?: number | undefined;
1594
+ ai_health_score?: number | undefined;
1595
+ structural_score?: number | undefined;
1413
1596
  severity_breakdown?: Record<string, number> | undefined;
1597
+ provenance_breakdown?: {
1598
+ security: number;
1599
+ 'ai-drift': number;
1600
+ traditional: number;
1601
+ governance: number;
1602
+ } | undefined;
1414
1603
  }>;
1415
1604
  }, "strip", z.ZodTypeAny, {
1416
1605
  stats: {
1417
1606
  duration_ms: number;
1418
1607
  score?: number | undefined;
1608
+ ai_health_score?: number | undefined;
1609
+ structural_score?: number | undefined;
1419
1610
  severity_breakdown?: Record<string, number> | undefined;
1611
+ provenance_breakdown?: {
1612
+ security: number;
1613
+ 'ai-drift': number;
1614
+ traditional: number;
1615
+ governance: number;
1616
+ } | undefined;
1420
1617
  };
1421
1618
  status: "PASS" | "FAIL" | "SKIP" | "ERROR";
1422
1619
  summary: Record<string, "PASS" | "FAIL" | "SKIP" | "ERROR">;
@@ -1425,6 +1622,7 @@ export declare const ReportSchema: z.ZodObject<{
1425
1622
  title: string;
1426
1623
  details: string;
1427
1624
  severity?: "critical" | "high" | "medium" | "low" | "info" | undefined;
1625
+ provenance?: "security" | "ai-drift" | "traditional" | "governance" | undefined;
1428
1626
  files?: string[] | undefined;
1429
1627
  line?: number | undefined;
1430
1628
  endLine?: number | undefined;
@@ -1434,7 +1632,15 @@ export declare const ReportSchema: z.ZodObject<{
1434
1632
  stats: {
1435
1633
  duration_ms: number;
1436
1634
  score?: number | undefined;
1635
+ ai_health_score?: number | undefined;
1636
+ structural_score?: number | undefined;
1437
1637
  severity_breakdown?: Record<string, number> | undefined;
1638
+ provenance_breakdown?: {
1639
+ security: number;
1640
+ 'ai-drift': number;
1641
+ traditional: number;
1642
+ governance: number;
1643
+ } | undefined;
1438
1644
  };
1439
1645
  status: "PASS" | "FAIL" | "SKIP" | "ERROR";
1440
1646
  summary: Record<string, "PASS" | "FAIL" | "SKIP" | "ERROR">;
@@ -1443,6 +1649,7 @@ export declare const ReportSchema: z.ZodObject<{
1443
1649
  title: string;
1444
1650
  details: string;
1445
1651
  severity?: "critical" | "high" | "medium" | "low" | "info" | undefined;
1652
+ provenance?: "security" | "ai-drift" | "traditional" | "governance" | undefined;
1446
1653
  files?: string[] | undefined;
1447
1654
  line?: number | undefined;
1448
1655
  endLine?: number | undefined;
package/dist/types/index.js CHANGED
@@ -129,6 +129,14 @@ export const GatesSchema = z.object({
129
129
  degradation_threshold: z.number().min(0).max(1).optional().default(0.4),
130
130
  signals_required: z.number().optional().default(2),
131
131
  }).optional().default({}),
132
+ promise_safety: z.object({
133
+ enabled: z.boolean().optional().default(true),
134
+ check_unhandled_then: z.boolean().optional().default(true),
135
+ check_unsafe_parse: z.boolean().optional().default(true),
136
+ check_async_without_await: z.boolean().optional().default(true),
137
+ check_unsafe_fetch: z.boolean().optional().default(true),
138
+ ignore_patterns: z.array(z.string()).optional().default([]),
139
+ }).optional().default({}),
132
140
  });
133
141
  export const CommandsSchema = z.object({
134
142
  format: z.string().optional(),
@@ -136,12 +144,25 @@ export const CommandsSchema = z.object({
136
144
  typecheck: z.string().optional(),
137
145
  test: z.string().optional(),
138
146
  });
147
+ export const HooksSchema = z.object({
148
+ enabled: z.boolean().optional().default(false),
149
+ tools: z.array(z.enum(['claude', 'cursor', 'cline', 'windsurf'])).optional().default([]),
150
+ fast_gates: z.array(z.string()).optional().default([
151
+ 'hallucinated-imports',
152
+ 'promise-safety',
153
+ 'security-patterns',
154
+ 'file-size',
155
+ ]),
156
+ timeout_ms: z.number().optional().default(5000),
157
+ block_on_failure: z.boolean().optional().default(false),
158
+ }).optional().default({});
139
159
  export const ConfigSchema = z.object({
140
160
  version: z.number().default(1),
141
161
  preset: z.string().optional(),
142
162
  paradigm: z.string().optional(),
143
163
  commands: CommandsSchema.optional().default({}),
144
164
  gates: GatesSchema.optional().default({}),
165
+ hooks: HooksSchema,
145
166
  output: z.object({
146
167
  report_path: z.string().default('rigour-report.json'),
147
168
  }).optional().default({}),
@@ -150,6 +171,8 @@ export const ConfigSchema = z.object({
150
171
  });
151
172
  export const StatusSchema = z.enum(['PASS', 'FAIL', 'SKIP', 'ERROR']);
152
173
  export const SeveritySchema = z.enum(['critical', 'high', 'medium', 'low', 'info']);
174
+ /** Provenance tags — lets dashboards/agents filter by what matters */
175
+ export const ProvenanceSchema = z.enum(['ai-drift', 'traditional', 'security', 'governance']);
153
176
  /** Severity weights for score calculation */
154
177
  export const SEVERITY_WEIGHTS = {
155
178
  critical: 20,
@@ -163,6 +186,7 @@ export const FailureSchema = z.object({
163
186
  title: z.string(),
164
187
  details: z.string(),
165
188
  severity: SeveritySchema.optional(),
189
+ provenance: ProvenanceSchema.optional(),
166
190
  files: z.array(z.string()).optional(),
167
191
  line: z.number().optional(),
168
192
  endLine: z.number().optional(),
@@ -175,6 +199,14 @@ export const ReportSchema = z.object({
175
199
  stats: z.object({
176
200
  duration_ms: z.number(),
177
201
  score: z.number().optional(),
202
+ ai_health_score: z.number().optional(),
203
+ structural_score: z.number().optional(),
178
204
  severity_breakdown: z.record(z.number()).optional(),
205
+ provenance_breakdown: z.object({
206
+ 'ai-drift': z.number(),
207
+ traditional: z.number(),
208
+ security: z.number(),
209
+ governance: z.number(),
210
+ }).optional(),
179
211
  }),
180
212
  });