@rigour-labs/core 4.2.3 → 4.3.1

package/dist/inference/types.js

@@ -1,8 +1,36 @@
+/**
+ * Model version — bump when new fine-tuned GGUF is published.
+ * The RLAIF pipeline uploads new models to HuggingFace, and
+ * model-manager checks this version to auto-update.
+ */
+export const MODEL_VERSION = '1';
 /** All supported model definitions */
 export const MODELS = {
     deep: {
         tier: 'deep',
-        name: 'Qwen2.5-Coder-0.5B-Instruct',
+        name: 'Rigour-Deep-v1 (Qwen2.5-Coder-0.5B fine-tuned)',
+        filename: `rigour-deep-v${MODEL_VERSION}-q4_k_m.gguf`,
+        url: `https://huggingface.co/rigour-labs/rigour-deep-v1-gguf/resolve/main/rigour-deep-v${MODEL_VERSION}-q4_k_m.gguf`,
+        sizeBytes: 350_000_000,
+        sizeHuman: '350MB',
+    },
+    pro: {
+        tier: 'pro',
+        name: 'Rigour-Pro-v1 (Qwen2.5-Coder-1.5B fine-tuned)',
+        filename: `rigour-pro-v${MODEL_VERSION}-q4_k_m.gguf`,
+        url: `https://huggingface.co/rigour-labs/rigour-pro-v1-gguf/resolve/main/rigour-pro-v${MODEL_VERSION}-q4_k_m.gguf`,
+        sizeBytes: 900_000_000,
+        sizeHuman: '900MB',
+    },
+};
+/**
+ * Fallback stock models — used when fine-tuned model is not yet
+ * available on HuggingFace (initial setup / first-time users).
+ */
+export const FALLBACK_MODELS = {
+    deep: {
+        tier: 'deep',
+        name: 'Qwen2.5-Coder-0.5B-Instruct (stock)',
         filename: 'qwen2.5-coder-0.5b-instruct-q4_k_m.gguf',
         url: 'https://huggingface.co/Qwen/Qwen2.5-Coder-0.5B-Instruct-GGUF/resolve/main/qwen2.5-coder-0.5b-instruct-q4_k_m.gguf',
         sizeBytes: 350_000_000,
@@ -10,7 +38,7 @@ export const MODELS = {
     },
     pro: {
         tier: 'pro',
-        name: 'Qwen2.5-Coder-1.5B-Instruct',
+        name: 'Qwen2.5-Coder-1.5B-Instruct (stock)',
         filename: 'qwen2.5-coder-1.5b-instruct-q4_k_m.gguf',
         url: 'https://huggingface.co/Qwen/Qwen2.5-Coder-1.5B-Instruct-GGUF/resolve/main/qwen2.5-coder-1.5b-instruct-q4_k_m.gguf',
         sizeBytes: 900_000_000,

package/dist/storage/db.d.ts

@@ -9,6 +9,25 @@ export interface RigourDB {
  * Returns null if better-sqlite3 is not available.
  */
 export declare function openDatabase(dbPath?: string): RigourDB | null;
+/**
+ * Compact the database — prune old data, reclaim disk space.
+ * Retention policy: keep last `retainDays` of findings, merge old patterns.
+ */
+export declare function compactDatabase(retainDays?: number): CompactResult;
+export interface CompactResult {
+    pruned: number;
+    patternsDecayed: number;
+    sizeBefore: number;
+    sizeAfter: number;
+}
+/**
+ * Get database file size in bytes. Returns 0 if DB doesn't exist.
+ */
+export declare function getDatabaseSize(): number;
+/**
+ * Reset the database — delete and recreate from scratch.
+ */
+export declare function resetDatabase(): void;
 /**
  * Check if SQLite is available (better-sqlite3 installed)
  */

package/dist/storage/db.js

@@ -26,7 +26,15 @@ function loadDatabase() {
 }
 const RIGOUR_DIR = path.join(os.homedir(), '.rigour');
 const DB_PATH = path.join(RIGOUR_DIR, 'rigour.db');
+/** Current schema version — bump when adding migrations. */
+const SCHEMA_VERSION = 2;
 const SCHEMA_SQL = `
+-- Schema version tracking
+CREATE TABLE IF NOT EXISTS meta (
+    key TEXT PRIMARY KEY,
+    value TEXT NOT NULL
+);
+
 -- Every scan result, forever
 CREATE TABLE IF NOT EXISTS scans (
     id TEXT PRIMARY KEY,
@@ -114,8 +122,9 @@ export function openDatabase(dbPath) {
     // WAL mode for better concurrent read performance
     db.pragma('journal_mode = WAL');
     db.pragma('foreign_keys = ON');
-    // Run schema migration
+    // Run schema creation + migrations
     db.exec(SCHEMA_SQL);
+    runMigrations(db);
     return {
         db,
         close() {
@@ -123,6 +132,84 @@ export function openDatabase(dbPath) {
         },
     };
 }
+/**
+ * Run incremental schema migrations based on stored version.
+ */
+function runMigrations(db) {
+    const row = db.prepare("SELECT value FROM meta WHERE key = 'schema_version'").get();
+    const current = row ? parseInt(row.value, 10) : 0;
+    if (current < 1) {
+        // v1: base schema (already created by SCHEMA_SQL)
+        db.prepare("INSERT OR REPLACE INTO meta (key, value) VALUES ('schema_version', '1')").run();
+    }
+    if (current < 2) {
+        // v2: retention indexes for compaction queries
+        db.exec(`
+            CREATE INDEX IF NOT EXISTS idx_findings_file ON findings(file);
+            CREATE INDEX IF NOT EXISTS idx_scans_repo_ts ON scans(repo, timestamp);
+        `);
+        db.prepare("INSERT OR REPLACE INTO meta (key, value) VALUES ('schema_version', '2')").run();
+    }
+    // Future: if (current < 3) { ... ALTER TABLE ... }
+}
+/**
+ * Compact the database — prune old data, reclaim disk space.
+ * Retention policy: keep last `retainDays` of findings, merge old patterns.
+ */
+export function compactDatabase(retainDays = 90) {
+    const Db = loadDatabase();
+    if (!Db)
+        return { pruned: 0, patternsDecayed: 0, sizeBefore: 0, sizeAfter: 0 };
+    const resolvedPath = DB_PATH;
+    const sizeBefore = fs.existsSync(resolvedPath) ? fs.statSync(resolvedPath).size : 0;
+    const db = new Db(resolvedPath);
+    db.pragma('journal_mode = WAL');
+    const cutoff = Date.now() - (retainDays * 24 * 60 * 60 * 1000);
+    let pruned = 0;
+    let patternsDecayed = 0;
+    try {
+        db.transaction(() => {
+            // 1. Delete old findings (keep scan records for trend lines)
+            const r1 = db.prepare(`
+                DELETE FROM findings WHERE scan_id IN (
+                    SELECT id FROM scans WHERE timestamp < ?
+                )
+            `).run(cutoff);
+            pruned += r1.changes;
+            // 2. Prune weak patterns (never grew, seen < 3 times)
+            const r2 = db.prepare("DELETE FROM patterns WHERE strength < 0.3 AND times_seen < 3").run();
+            patternsDecayed += r2.changes;
+            // 3. Prune orphaned feedback
+            db.prepare("DELETE FROM feedback WHERE finding_id NOT IN (SELECT id FROM findings)").run();
+            // 4. Prune old codebase index entries
+            db.prepare("DELETE FROM codebase WHERE last_indexed < ?").run(cutoff);
+        })();
+        // 5. Reclaim disk space
+        db.exec('VACUUM');
+    }
+    finally {
+        db.close();
+    }
+    const sizeAfter = fs.existsSync(resolvedPath) ? fs.statSync(resolvedPath).size : 0;
+    return { pruned, patternsDecayed, sizeBefore, sizeAfter };
+}
+/**
+ * Get database file size in bytes. Returns 0 if DB doesn't exist.
+ */
+export function getDatabaseSize() {
+    return fs.existsSync(DB_PATH) ? fs.statSync(DB_PATH).size : 0;
+}
+/**
+ * Reset the database — delete and recreate from scratch.
+ */
+export function resetDatabase() {
+    if (fs.existsSync(DB_PATH))
+        fs.removeSync(DB_PATH);
+    if (fs.existsSync(DB_PATH + '-wal'))
+        fs.removeSync(DB_PATH + '-wal');
+    if (fs.existsSync(DB_PATH + '-shm'))
+        fs.removeSync(DB_PATH + '-shm');
+}
 /**
  * Check if SQLite is available (better-sqlite3 installed)
  */

package/dist/storage/findings.d.ts

@@ -9,6 +9,7 @@ export declare function insertFindings(store: RigourDB, scanId: string, failures
  */
 export declare function getFindingsForScan(store: RigourDB, scanId: string): any[];
 /**
- * Get all deep analysis findings for a repo.
+ * Get deep analysis and high-confidence AST findings for a repo.
+ * Used by local memory to match known patterns against new scans.
  */
 export declare function getDeepFindings(store: RigourDB, repo: string, limit?: number): any[];

package/dist/storage/findings.js

@@ -25,13 +25,14 @@ export function getFindingsForScan(store, scanId) {
     return stmt.all(scanId);
 }
 /**
- * Get all deep analysis findings for a repo.
+ * Get deep analysis and high-confidence AST findings for a repo.
+ * Used by local memory to match known patterns against new scans.
  */
 export function getDeepFindings(store, repo, limit = 50) {
     const stmt = store.db.prepare(`
         SELECT f.* FROM findings f
         JOIN scans s ON f.scan_id = s.id
-        WHERE s.repo = ? AND f.source = 'llm'
+        WHERE s.repo = ? AND (f.source = 'llm' OR f.source = 'hybrid' OR f.confidence >= 0.7)
         ORDER BY f.confidence DESC LIMIT ?
     `);
     return stmt.all(repo, limit);

package/dist/storage/index.d.ts

@@ -2,8 +2,10 @@
  * Rigour Brain — SQLite storage layer.
  * Everything in one file: ~/.rigour/rigour.db
  */
-export { openDatabase, isSQLiteAvailable, RIGOUR_DIR, DB_PATH } from './db.js';
-export type { RigourDB } from './db.js';
+export { openDatabase, isSQLiteAvailable, compactDatabase, getDatabaseSize, resetDatabase, RIGOUR_DIR, DB_PATH } from './db.js';
+export type { RigourDB, CompactResult } from './db.js';
 export { insertScan, getRecentScans, getScoreTrendFromDB, getTopIssues } from './scans.js';
 export { insertFindings, getFindingsForScan, getDeepFindings } from './findings.js';
 export { reinforcePattern, decayPatterns, getStrongPatterns, getPatterns, getHardRules } from './patterns.js';
+export { checkLocalPatterns, persistAndReinforce, getProjectStats } from './local-memory.js';
+export type { ProjectStats } from './local-memory.js';

package/dist/storage/index.js

@@ -2,7 +2,8 @@
  * Rigour Brain — SQLite storage layer.
  * Everything in one file: ~/.rigour/rigour.db
  */
-export { openDatabase, isSQLiteAvailable, RIGOUR_DIR, DB_PATH } from './db.js';
+export { openDatabase, isSQLiteAvailable, compactDatabase, getDatabaseSize, resetDatabase, RIGOUR_DIR, DB_PATH } from './db.js';
 export { insertScan, getRecentScans, getScoreTrendFromDB, getTopIssues } from './scans.js';
 export { insertFindings, getFindingsForScan, getDeepFindings } from './findings.js';
 export { reinforcePattern, decayPatterns, getStrongPatterns, getPatterns, getHardRules } from './patterns.js';
+export { checkLocalPatterns, persistAndReinforce, getProjectStats } from './local-memory.js';

package/dist/storage/local-memory.d.ts

@@ -0,0 +1,37 @@
+import type { Failure } from '../types/index.js';
+import type { DeepFinding } from '../inference/types.js';
+/**
+ * Pre-scan: check local SQLite for known patterns → produce instant findings.
+ * Returns findings that match known project patterns, WITHOUT model inference.
+ *
+ * @param cwd     - Absolute project root path
+ * @param fileList - Relative file paths (from FileFacts.path or globby)
+ */
+export declare function checkLocalPatterns(cwd: string, fileList: string[]): DeepFinding[];
+/**
+ * Post-scan: persist findings and reinforce patterns.
+ * Wrapped in a single transaction for atomicity.
+ * Called after every scan (check, scan, scan --deep).
+ */
+export declare function persistAndReinforce(cwd: string, report: {
+    status: string;
+    failures: Failure[];
+    stats: any;
+}, meta?: {
+    deepTier?: string;
+    deepModel?: string;
+}): void;
+/**
+ * Get project learning stats (for display in scan output).
+ */
+export declare function getProjectStats(cwd: string): ProjectStats | null;
+export interface ProjectStats {
+    totalScans: number;
+    learnedPatterns: number;
+    hardRules: number;
+    topPatterns: Array<{
+        name: string;
+        strength: number;
+        timesSeen: number;
+    }>;
+}

package/dist/storage/local-memory.js

@@ -0,0 +1,153 @@
+/**
+ * Local Project Memory — the hybrid intelligence layer.
+ *
+ * Before deep scan: checks local SQLite for known patterns in this project.
+ * After any scan: stores verified findings and reinforces patterns.
+ * Result: Rigour gets smarter every time you use it, code never leaves the machine.
+ */
+import path from 'path';
+import { openDatabase } from './db.js';
+import { insertScan, getRecentScans } from './scans.js';
+import { insertFindings, getDeepFindings } from './findings.js';
+import { reinforcePattern, getStrongPatterns, getHardRules, decayPatterns } from './patterns.js';
+import { Logger } from '../utils/logger.js';
+/** Minimum pattern strength to produce instant findings (skip LLM). */
+const INSTANT_MATCH_THRESHOLD = 0.7;
+/** Max local findings to inject per scan (avoid flooding). */
+const MAX_LOCAL_FINDINGS = 15;
+/** Min confidence to reuse a past finding from local memory. */
+const MIN_REUSE_CONFIDENCE = 0.7;
+/**
+ * Build a map of relative file path → known issues from past findings.
+ */
+function buildFileIssueMap(recentFindings) {
+    const map = new Map();
+    for (const f of recentFindings) {
+        const existing = map.get(f.file) || [];
+        existing.push(f);
+        map.set(f.file, existing);
+    }
+    return map;
+}
+/**
+ * Pre-scan: check local SQLite for known patterns → produce instant findings.
+ * Returns findings that match known project patterns, WITHOUT model inference.
+ *
+ * @param cwd     - Absolute project root path
+ * @param fileList - Relative file paths (from FileFacts.path or globby)
+ */
+export function checkLocalPatterns(cwd, fileList) {
+    const db = openDatabase();
+    if (!db)
+        return [];
+    const repoName = path.basename(cwd);
+    const findings = [];
+    try {
+        const patterns = getStrongPatterns(db, repoName, INSTANT_MATCH_THRESHOLD);
+        if (patterns.length === 0)
+            return [];
+        // Include both AST and LLM findings from history
+        const recentFindings = getDeepFindings(db, repoName, 200);
+        if (recentFindings.length === 0)
+            return [];
+        const fileIssueMap = buildFileIssueMap(recentFindings);
+        // fileList contains relative paths — match directly against DB (also relative)
+        for (const relPath of fileList) {
+            const known = fileIssueMap.get(relPath);
+            if (!known)
+                continue;
+            for (const issue of known) {
+                if ((issue.confidence ?? 0) < MIN_REUSE_CONFIDENCE)
+                    continue;
+                const matchingPattern = patterns.find((p) => p.pattern === issue.category && p.strength >= INSTANT_MATCH_THRESHOLD);
+                if (!matchingPattern)
+                    continue;
+                findings.push({
+                    category: issue.category,
+                    severity: issue.severity || 'medium',
+                    file: relPath,
+                    line: issue.line ?? undefined,
+                    description: `[Local Memory] ${issue.description}`,
+                    suggestion: issue.suggestion || 'Review this known issue.',
+                    confidence: Math.min(matchingPattern.strength, issue.confidence ?? 0.5),
+                });
+                if (findings.length >= MAX_LOCAL_FINDINGS)
+                    break;
+            }
+            if (findings.length >= MAX_LOCAL_FINDINGS)
+                break;
+        }
+    }
+    catch (error) {
+        Logger.warn(`Local memory check failed: ${error}`);
+    }
+    finally {
+        db?.db.close();
+    }
+    return findings;
+}
+/**
+ * Post-scan: persist findings and reinforce patterns.
+ * Wrapped in a single transaction for atomicity.
+ * Called after every scan (check, scan, scan --deep).
+ */
+export function persistAndReinforce(cwd, report, meta) {
+    const db = openDatabase();
+    if (!db)
+        return;
+    const repoName = path.basename(cwd);
+    try {
+        // Wrap all writes in a single transaction for atomicity
+        const persist = db.db.transaction(() => {
+            const scanId = insertScan(db, repoName, report, meta);
+            if (report.failures.length > 0) {
+                insertFindings(db, scanId, report.failures);
+            }
+            for (const f of report.failures) {
+                const category = f.category || f.id;
+                const source = f.source === 'llm' ? 'llm' : 'ast';
+                reinforcePattern(db, repoName, category, `${f.title}: ${f.details?.substring(0, 120)}`, source);
+            }
+            decayPatterns(db, 30);
+        });
+        persist();
+        Logger.info(`Local memory: stored ${report.failures.length} findings, ` +
+            `reinforced ${report.failures.length} patterns for ${repoName}`);
+    }
+    catch (error) {
+        Logger.warn(`Local memory persist failed: ${error}`);
+    }
+    finally {
+        db?.db.close();
+    }
+}
+/**
+ * Get project learning stats (for display in scan output).
+ */
+export function getProjectStats(cwd) {
+    const db = openDatabase();
+    if (!db)
+        return null;
+    const repoName = path.basename(cwd);
+    try {
+        const scans = getRecentScans(db, repoName, 100);
+        const patterns = getStrongPatterns(db, repoName, 0.3);
+        const hardRules = getHardRules(db, repoName);
+        return {
+            totalScans: scans.length,
+            learnedPatterns: patterns.length,
+            hardRules: hardRules.length,
+            topPatterns: patterns.slice(0, 5).map(p => ({
+                name: p.pattern,
+                strength: p.strength,
+                timesSeen: p.times_seen,
+            })),
+        };
+    }
+    catch {
+        return null;
+    }
+    finally {
+        db?.db.close();
+    }
+}

package/dist/templates/universal-config.js

@@ -187,6 +187,18 @@ export const UNIVERSAL_CONFIG = {
             ignore_patterns: [],
             audit_log: true,
         },
+        side_effect_analysis: {
+            enabled: true,
+            check_unbounded_timers: true,
+            check_unbounded_loops: true,
+            check_process_lifecycle: true,
+            check_recursive_depth: true,
+            check_resource_lifecycle: true,
+            check_retry_without_limit: true,
+            check_circular_triggers: true,
+            check_auto_restart: true,
+            ignore_patterns: [],
+        },
         deep: {
             enabled: false,
             pro: false,

package/dist/types/index.d.ts

@@ -452,6 +452,40 @@ export declare const GatesSchema: z.ZodObject<{
         custom_patterns?: string[] | undefined;
         audit_log?: boolean | undefined;
     }>>>;
+    side_effect_analysis: z.ZodDefault<z.ZodOptional<z.ZodObject<{
+        enabled: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+        check_unbounded_timers: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+        check_unbounded_loops: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+        check_process_lifecycle: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+        check_recursive_depth: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+        check_resource_lifecycle: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+        check_retry_without_limit: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+        check_circular_triggers: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+        check_auto_restart: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+        ignore_patterns: z.ZodDefault<z.ZodOptional<z.ZodArray<z.ZodString, "many">>>;
+    }, "strip", z.ZodTypeAny, {
+        enabled: boolean;
+        ignore_patterns: string[];
+        check_unbounded_timers: boolean;
+        check_unbounded_loops: boolean;
+        check_process_lifecycle: boolean;
+        check_recursive_depth: boolean;
+        check_resource_lifecycle: boolean;
+        check_retry_without_limit: boolean;
+        check_circular_triggers: boolean;
+        check_auto_restart: boolean;
+    }, {
+        enabled?: boolean | undefined;
+        ignore_patterns?: string[] | undefined;
+        check_unbounded_timers?: boolean | undefined;
+        check_unbounded_loops?: boolean | undefined;
+        check_process_lifecycle?: boolean | undefined;
+        check_recursive_depth?: boolean | undefined;
+        check_resource_lifecycle?: boolean | undefined;
+        check_retry_without_limit?: boolean | undefined;
+        check_circular_triggers?: boolean | undefined;
+        check_auto_restart?: boolean | undefined;
+    }>>>;
     deep: z.ZodDefault<z.ZodOptional<z.ZodObject<{
         enabled: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
         pro: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
@@ -725,6 +759,18 @@ export declare const GatesSchema: z.ZodObject<{
         custom_patterns: string[];
         audit_log: boolean;
     };
+    side_effect_analysis: {
+        enabled: boolean;
+        ignore_patterns: string[];
+        check_unbounded_timers: boolean;
+        check_unbounded_loops: boolean;
+        check_process_lifecycle: boolean;
+        check_recursive_depth: boolean;
+        check_resource_lifecycle: boolean;
+        check_retry_without_limit: boolean;
+        check_circular_triggers: boolean;
+        check_auto_restart: boolean;
+    };
 }, {
     deep?: {
         enabled?: boolean | undefined;
@@ -913,6 +959,18 @@ export declare const GatesSchema: z.ZodObject<{
         custom_patterns?: string[] | undefined;
         audit_log?: boolean | undefined;
     } | undefined;
+    side_effect_analysis?: {
+        enabled?: boolean | undefined;
+        ignore_patterns?: string[] | undefined;
+        check_unbounded_timers?: boolean | undefined;
+        check_unbounded_loops?: boolean | undefined;
+        check_process_lifecycle?: boolean | undefined;
+        check_recursive_depth?: boolean | undefined;
+        check_resource_lifecycle?: boolean | undefined;
+        check_retry_without_limit?: boolean | undefined;
+        check_circular_triggers?: boolean | undefined;
+        check_auto_restart?: boolean | undefined;
+    } | undefined;
 }>;
 export declare const CommandsSchema: z.ZodObject<{
     format: z.ZodOptional<z.ZodString>;
@@ -1426,6 +1484,40 @@ export declare const ConfigSchema: z.ZodObject<{
             custom_patterns?: string[] | undefined;
             audit_log?: boolean | undefined;
         }>>>;
+        side_effect_analysis: z.ZodDefault<z.ZodOptional<z.ZodObject<{
+            enabled: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+            check_unbounded_timers: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+            check_unbounded_loops: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+            check_process_lifecycle: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+            check_recursive_depth: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+            check_resource_lifecycle: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+            check_retry_without_limit: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+            check_circular_triggers: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+            check_auto_restart: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
+            ignore_patterns: z.ZodDefault<z.ZodOptional<z.ZodArray<z.ZodString, "many">>>;
+        }, "strip", z.ZodTypeAny, {
+            enabled: boolean;
+            ignore_patterns: string[];
+            check_unbounded_timers: boolean;
+            check_unbounded_loops: boolean;
+            check_process_lifecycle: boolean;
+            check_recursive_depth: boolean;
+            check_resource_lifecycle: boolean;
+            check_retry_without_limit: boolean;
+            check_circular_triggers: boolean;
+            check_auto_restart: boolean;
+        }, {
+            enabled?: boolean | undefined;
+            ignore_patterns?: string[] | undefined;
+            check_unbounded_timers?: boolean | undefined;
+            check_unbounded_loops?: boolean | undefined;
+            check_process_lifecycle?: boolean | undefined;
+            check_recursive_depth?: boolean | undefined;
+            check_resource_lifecycle?: boolean | undefined;
+            check_retry_without_limit?: boolean | undefined;
+            check_circular_triggers?: boolean | undefined;
+            check_auto_restart?: boolean | undefined;
+        }>>>;
         deep: z.ZodDefault<z.ZodOptional<z.ZodObject<{
             enabled: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
             pro: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
@@ -1699,6 +1791,18 @@ export declare const ConfigSchema: z.ZodObject<{
             custom_patterns: string[];
             audit_log: boolean;
         };
+        side_effect_analysis: {
+            enabled: boolean;
+            ignore_patterns: string[];
+            check_unbounded_timers: boolean;
+            check_unbounded_loops: boolean;
+            check_process_lifecycle: boolean;
+            check_recursive_depth: boolean;
+            check_resource_lifecycle: boolean;
+            check_retry_without_limit: boolean;
+            check_circular_triggers: boolean;
+            check_auto_restart: boolean;
+        };
     }, {
         deep?: {
             enabled?: boolean | undefined;
@@ -1887,6 +1991,18 @@ export declare const ConfigSchema: z.ZodObject<{
             custom_patterns?: string[] | undefined;
             audit_log?: boolean | undefined;
         } | undefined;
+        side_effect_analysis?: {
+            enabled?: boolean | undefined;
+            ignore_patterns?: string[] | undefined;
+            check_unbounded_timers?: boolean | undefined;
+            check_unbounded_loops?: boolean | undefined;
+            check_process_lifecycle?: boolean | undefined;
+            check_recursive_depth?: boolean | undefined;
+            check_resource_lifecycle?: boolean | undefined;
+            check_retry_without_limit?: boolean | undefined;
+            check_circular_triggers?: boolean | undefined;
+            check_auto_restart?: boolean | undefined;
+        } | undefined;
     }>>>;
     hooks: z.ZodDefault<z.ZodOptional<z.ZodObject<{
         enabled: z.ZodDefault<z.ZodOptional<z.ZodBoolean>>;
@@ -2117,6 +2233,18 @@ export declare const ConfigSchema: z.ZodObject<{
             custom_patterns: string[];
             audit_log: boolean;
         };
+        side_effect_analysis: {
+            enabled: boolean;
+            ignore_patterns: string[];
+            check_unbounded_timers: boolean;
+            check_unbounded_loops: boolean;
+            check_process_lifecycle: boolean;
+            check_recursive_depth: boolean;
+            check_resource_lifecycle: boolean;
+            check_retry_without_limit: boolean;
+            check_circular_triggers: boolean;
+            check_auto_restart: boolean;
+        };
     };
     hooks: {
         enabled: boolean;
@@ -2331,6 +2459,18 @@ export declare const ConfigSchema: z.ZodObject<{
             custom_patterns?: string[] | undefined;
             audit_log?: boolean | undefined;
         } | undefined;
+        side_effect_analysis?: {
+            enabled?: boolean | undefined;
+            ignore_patterns?: string[] | undefined;
+            check_unbounded_timers?: boolean | undefined;
+            check_unbounded_loops?: boolean | undefined;
+            check_process_lifecycle?: boolean | undefined;
+            check_recursive_depth?: boolean | undefined;
+            check_resource_lifecycle?: boolean | undefined;
+            check_retry_without_limit?: boolean | undefined;
+            check_circular_triggers?: boolean | undefined;
+            check_auto_restart?: boolean | undefined;
+        } | undefined;
     } | undefined;
     hooks?: {
         enabled?: boolean | undefined;

package/dist/types/index.js

@@ -225,6 +225,19 @@ export const GatesSchema = z.object({
         ignore_patterns: z.array(z.string()).optional().default([]),
         audit_log: z.boolean().optional().default(true),
     }).optional().default({}),
+    // v4.3+ Side-Effect Safety Analysis
+    side_effect_analysis: z.object({
+        enabled: z.boolean().optional().default(true),
+        check_unbounded_timers: z.boolean().optional().default(true),
+        check_unbounded_loops: z.boolean().optional().default(true),
+        check_process_lifecycle: z.boolean().optional().default(true),
+        check_recursive_depth: z.boolean().optional().default(true),
+        check_resource_lifecycle: z.boolean().optional().default(true),
+        check_retry_without_limit: z.boolean().optional().default(true),
+        check_circular_triggers: z.boolean().optional().default(true),
+        check_auto_restart: z.boolean().optional().default(true),
+        ignore_patterns: z.array(z.string()).optional().default([]),
+    }).optional().default({}),
     // v4.0+ Deep Analysis (LLM-powered)
     deep: z.object({
         enabled: z.boolean().optional().default(false),
@@ -265,6 +278,7 @@ export const HooksSchema = z.object({
         'deprecated-apis',
         'promise-safety',
         'security-patterns',
+        'side-effect-analysis',
         'file-size',
     ]),
     timeout_ms: z.number().optional().default(5000),