@rigour-labs/core 5.0.1 → 5.1.0

package/dist/gates/hallucinated-imports/index.js

@@ -0,0 +1,174 @@
+/**
+ * Hallucinated Imports Gate
+ *
+ * Detects imports that reference modules which don't exist in the project.
+ * This is an AI-specific failure mode — LLMs confidently generate import
+ * statements for packages, files, or modules that were never installed
+ * or created.
+ *
+ * Supported languages (v3.0.1):
+ *   JS/TS  — package.json deps, node_modules fallback, Node.js builtins (22.x)
+ *   Python — stdlib whitelist (3.12+), relative imports, local module resolution
+ *   Go     — stdlib whitelist (1.22+), go.mod module path, aliased imports
+ *   Ruby   — stdlib whitelist (3.3+), Gemfile parsing, require + require_relative
+ *   C#     — .NET 8 framework namespaces, .csproj NuGet parsing, using directives
+ *   Rust   — std/core/alloc crates, Cargo.toml deps, use/extern crate statements
+ *   Java   — java/javax/jakarta stdlib, build.gradle + pom.xml deps, import statements
+ *   Kotlin — kotlin/kotlinx stdlib, Gradle deps, import statements
+ */
+import { Gate } from '../base.js';
+import { FileScanner } from '../../utils/scanner.js';
+import { Logger } from '../../utils/logger.js';
+import { languageAdapters } from '../language-adapters/index.js';
+import fs from 'fs-extra';
+import path from 'path';
+import { checkGoImports, checkRubyImports, checkCSharpImports, checkRustImports, checkJavaKotlinImports } from '../hallucinated-imports-lang.js';
+import { checkJSImports } from './js-resolver.js';
+import { checkPyImports } from './python-resolver.js';
+import { discoverWorkspacePackages, loadPackageJson } from './manifest-discovery.js';
+export class HallucinatedImportsGate extends Gate {
+    config;
+    constructor(config = {}) {
+        super('hallucinated-imports', 'Hallucinated Import Detection');
+        this.config = {
+            enabled: config.enabled ?? true,
+            check_relative: config.check_relative ?? true,
+            check_packages: config.check_packages ?? true,
+            ignore_patterns: config.ignore_patterns ?? [
+                '\\.css$', '\\.scss$', '\\.less$', '\\.svg$', '\\.png$', '\\.jpg$',
+                '\\.json$', '\\.wasm$', '\\.graphql$', '\\.gql$',
+            ],
+        };
+    }
+    get provenance() { return 'ai-drift'; }
+    async run(context) {
+        if (!this.config.enabled)
+            return [];
+        const failures = [];
+        const hallucinated = [];
+        const defaultPatterns = ['**/*.{ts,js,tsx,jsx,py,go,rb,cs,rs,java,kt}'];
+        const scanPatterns = context.patterns || defaultPatterns;
+        const files = await FileScanner.findFiles({
+            cwd: context.cwd,
+            patterns: scanPatterns,
+            ignore: [...(context.ignore || []), '**/node_modules/**', '**/dist/**', '**/build/**',
+                '**/examples/**',
+                '**/studio-dist/**', '**/.next/**', '**/coverage/**',
+                '**/*.test.*', '**/*.spec.*', '**/__tests__/**',
+                '**/.venv/**', '**/venv/**', '**/vendor/**', '**/bin/Debug/**', '**/bin/Release/**', '**/obj/**',
+                '**/target/debug/**', '**/target/release/**',
+                '**/out/**', '**/.gradle/**', '**/gradle/**'],
+        });
+        const analyzableFiles = files.filter(file => !this.shouldSkipFile(file));
+        Logger.info(`Hallucinated Imports: Scanning ${analyzableFiles.length} files`);
+        const projectFiles = new Set(analyzableFiles.map(f => f.replace(/\\/g, '/')));
+        const allProjectFiles = new Set(files.map(f => f.replace(/\\/g, '/')));
+        const packageJson = await loadPackageJson(context.cwd);
+        const rootDeps = new Set([
+            ...Object.keys(packageJson?.dependencies || {}),
+            ...Object.keys(packageJson?.devDependencies || {}),
+            ...Object.keys(packageJson?.peerDependencies || {}),
+            ...Object.keys(packageJson?.optionalDependencies || {}),
+        ]);
+        const workspacePackages = await discoverWorkspacePackages(context.cwd, allProjectFiles);
+        for (const wp of workspacePackages)
+            rootDeps.add(wp);
+        const depCacheByDir = new Map();
+        const tsPathCacheByDir = new Map();
+        const hasNodeModules = await fs.pathExists(path.join(context.cwd, 'node_modules'));
+        for (const file of analyzableFiles) {
+            try {
+                const fullPath = path.join(context.cwd, file);
+                const content = await fs.readFile(fullPath, 'utf-8');
+                const ext = path.extname(file);
+                const adapter = languageAdapters.getAdapter(file);
+                if (!adapter)
+                    continue;
+                switch (adapter.id) {
+                    case 'js':
+                        await checkJSImports(content, file, context.cwd, projectFiles, rootDeps, depCacheByDir, hasNodeModules, hallucinated, tsPathCacheByDir, (importPath) => this.shouldIgnore(importPath), (resolvedPath) => this.buildImportCandidates(resolvedPath), (fromFile, importPath, files) => this.resolveRelativeImport(fromFile, importPath, files), (importPath) => this.extractPackageName(importPath));
+                        break;
+                    case 'python':
+                        await checkPyImports(content, file, context.cwd, projectFiles, hallucinated);
+                        break;
+                    case 'go':
+                        checkGoImports(content, file, context.cwd, projectFiles, hallucinated);
+                        break;
+                    case 'ruby':
+                        checkRubyImports(content, file, context.cwd, projectFiles, hallucinated);
+                        break;
+                    case 'csharp':
+                        checkCSharpImports(content, file, context.cwd, projectFiles, hallucinated);
+                        break;
+                    case 'rust':
+                        checkRustImports(content, file, context.cwd, projectFiles, hallucinated);
+                        break;
+                    case 'java':
+                        checkJavaKotlinImports(content, file, ext, context.cwd, projectFiles, hallucinated);
+                        break;
+                }
+            }
+            catch (e) { }
+        }
+        const byFile = new Map();
+        for (const h of hallucinated) {
+            const existing = byFile.get(h.file) || [];
+            existing.push(h);
+            byFile.set(h.file, existing);
+        }
+        for (const [file, imports] of byFile) {
+            const details = imports.map(i => `  L${i.line}: import '${i.importPath}' — ${i.reason}`).join('\n');
+            failures.push(this.createFailure(`Hallucinated imports in ${file}:\n${details}`, [file], `These imports reference modules that don't exist. Remove or replace with real modules. AI models often "hallucinate" package names or file paths.`, 'Hallucinated Imports', imports[0].line, undefined, 'critical'));
+        }
+        return failures;
+    }
+    resolveRelativeImport(fromFile, importPath, projectFiles) {
+        const dir = path.dirname(fromFile);
+        const resolved = path.join(dir, importPath).replace(/\\/g, '/');
+        const candidates = this.buildImportCandidates(resolved);
+        return candidates.some(c => projectFiles.has(c));
+    }
+    extractPackageName(importPath) {
+        if (importPath.startsWith('@')) {
+            const parts = importPath.split('/');
+            return parts.length >= 2 ? `${parts[0]}/${parts[1]}` : importPath;
+        }
+        return importPath.split('/')[0];
+    }
+    shouldIgnore(importPath) {
+        return this.config.ignore_patterns.some(pattern => new RegExp(pattern).test(importPath));
+    }
+    buildImportCandidates(resolvedPath) {
+        const extension = path.extname(resolvedPath).toLowerCase();
+        const sourceExtensions = ['', '.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs', '.d.ts'];
+        const runtimeExtensions = new Set(['.js', '.jsx', '.mjs', '.cjs']);
+        let candidates = [];
+        if (runtimeExtensions.has(extension)) {
+            const withoutExt = resolvedPath.slice(0, -extension.length);
+            candidates = [
+                ...sourceExtensions.map(ext => withoutExt + ext),
+                ...sourceExtensions.map(ext => `${withoutExt}/index${ext}`),
+                resolvedPath,
+                `${resolvedPath}/index`,
+            ];
+        }
+        else if (extension) {
+            candidates = [resolvedPath, `${resolvedPath}/index`];
+        }
+        else {
+            candidates = [
+                ...sourceExtensions.map(ext => resolvedPath + ext),
+                ...sourceExtensions.map(ext => `${resolvedPath}/index${ext}`),
+            ];
+        }
+        return [...new Set(candidates)];
+    }
+    shouldSkipFile(file) {
+        const normalized = file.replace(/\\/g, '/');
+        return (normalized.includes('/examples/') ||
+            normalized.includes('/studio-dist/') ||
+            normalized.includes('/__tests__/') ||
+            /\.test\.[^.]+$/i.test(normalized) ||
+            /\.spec\.[^.]+$/i.test(normalized));
+    }
+}

package/dist/gates/hallucinated-imports/js-resolver.d.ts

@@ -0,0 +1,45 @@
+/**
+ * JavaScript/TypeScript import resolution for hallucinated-imports gate.
+ *
+ * Handles JS/TS-specific import validation including:
+ * - Relative imports with file resolution
+ * - TypeScript path alias resolution (tsconfig.json)
+ * - Workspace package discovery (pnpm, npm, yarn, lerna)
+ * - Node.js builtin checking
+ * - node_modules dependency verification
+ */
+import { HallucinatedImport } from './index.js';
+interface TsPathRule {
+    key: string;
+    hasWildcard: boolean;
+    prefix: string;
+    suffix: string;
+    targets: string[];
+}
+interface TsPathConfig {
+    baseDir: string;
+    rules: TsPathRule[];
+}
+/**
+ * Check JavaScript/TypeScript imports in a source file and add hallucinated findings.
+ */
+export declare function checkJSImports(content: string, file: string, cwd: string, projectFiles: Set<string>, rootDeps: Set<string>, depCacheByDir: Map<string, Set<string>>, hasNodeModules: boolean, hallucinated: HallucinatedImport[], tsPathCacheByDir: Map<string, TsPathConfig | null>, shouldIgnore: (importPath: string) => boolean, buildImportCandidates: (resolvedPath: string) => string[], resolveRelativeImport: (fromFile: string, importPath: string, projectFiles: Set<string>) => boolean, extractPackageName: (importPath: string) => string): Promise<void>;
+/**
+ * Collect all import statements from JavaScript/TypeScript file content.
+ * Handles import, export, require(), and dynamic import() statements.
+ */
+export declare function collectJSImportSpecs(content: string, file: string): Array<{
+    importPath: string;
+    line: number;
+}>;
+/**
+ * Resolve JavaScript dependencies for a file by walking up the directory tree
+ * to find package.json files and merging their dependencies.
+ */
+export declare function resolveJSDepsForFile(file: string, cwd: string, rootDeps: Set<string>, depCacheByDir: Map<string, Set<string>>): Promise<Set<string>>;
+/**
+ * Resolve TypeScript path aliases from tsconfig.json or jsconfig.json.
+ * Returns true if resolved, false if alias exists but doesn't resolve, null if no alias found.
+ */
+export declare function resolveTsPathAlias(file: string, importPath: string, cwd: string, projectFiles: Set<string>, tsPathCacheByDir: Map<string, TsPathConfig | null>): Promise<boolean | null>;
+export {};

package/dist/gates/hallucinated-imports/js-resolver.js

@@ -0,0 +1,320 @@
+/**
+ * JavaScript/TypeScript import resolution for hallucinated-imports gate.
+ *
+ * Handles JS/TS-specific import validation including:
+ * - Relative imports with file resolution
+ * - TypeScript path alias resolution (tsconfig.json)
+ * - Workspace package discovery (pnpm, npm, yarn, lerna)
+ * - Node.js builtin checking
+ * - node_modules dependency verification
+ */
+import fs from 'fs-extra';
+import path from 'path';
+import ts from 'typescript';
+import { isNodeBuiltin } from '../hallucinated-imports-stdlib.js';
+/**
+ * Check JavaScript/TypeScript imports in a source file and add hallucinated findings.
+ */
+export async function checkJSImports(content, file, cwd, projectFiles, rootDeps, depCacheByDir, hasNodeModules, hallucinated, tsPathCacheByDir, shouldIgnore, buildImportCandidates, resolveRelativeImport, extractPackageName) {
+    const depsForFile = await resolveJSDepsForFile(file, cwd, rootDeps, depCacheByDir);
+    for (const spec of collectJSImportSpecs(content, file)) {
+        const { importPath, line } = spec;
+        if (!importPath || shouldIgnore(importPath))
+            continue;
+        if (importPath.startsWith('.')) {
+            const resolved = resolveRelativeImport(file, importPath, projectFiles);
+            if (!resolved) {
+                hallucinated.push({
+                    file, line, importPath, type: 'relative',
+                    reason: `File not found: ${importPath}`,
+                });
+            }
+        }
+        else {
+            const aliasResolution = await resolveTsPathAlias(file, importPath, cwd, projectFiles, tsPathCacheByDir);
+            if (aliasResolution === true)
+                continue;
+            if (aliasResolution === false) {
+                hallucinated.push({
+                    file, line, importPath, type: 'package',
+                    reason: `Path alias '${importPath}' does not resolve to a project file`,
+                });
+                continue;
+            }
+            const pkgName = extractPackageName(importPath);
+            if (isNodeBuiltin(pkgName))
+                continue;
+            if (!depsForFile.has(pkgName)) {
+                if (hasNodeModules) {
+                    const pkgPath = path.join(cwd, 'node_modules', pkgName);
+                    if (await fs.pathExists(pkgPath))
+                        continue;
+                }
+                hallucinated.push({
+                    file, line, importPath, type: 'package',
+                    reason: `Package '${pkgName}' not in package.json dependencies`,
+                });
+            }
+        }
+    }
+}
+/**
+ * Collect all import statements from JavaScript/TypeScript file content.
+ * Handles import, export, require(), and dynamic import() statements.
+ */
+export function collectJSImportSpecs(content, file) {
+    const sourceFile = ts.createSourceFile(file, content, ts.ScriptTarget.Latest, true);
+    const specs = [];
+    const add = (node, value) => {
+        if (!value)
+            return;
+        const line = sourceFile.getLineAndCharacterOfPosition(node.getStart(sourceFile)).line + 1;
+        specs.push({ importPath: value, line });
+    };
+    const visit = (node) => {
+        if (ts.isImportDeclaration(node) && ts.isStringLiteral(node.moduleSpecifier)) {
+            add(node, node.moduleSpecifier.text);
+        }
+        else if (ts.isExportDeclaration(node) && node.moduleSpecifier && ts.isStringLiteral(node.moduleSpecifier)) {
+            add(node, node.moduleSpecifier.text);
+        }
+        else if (ts.isCallExpression(node)) {
+            if (ts.isIdentifier(node.expression) && node.expression.text === 'require') {
+                const firstArg = node.arguments[0];
+                if (firstArg && ts.isStringLiteral(firstArg)) {
+                    add(node, firstArg.text);
+                }
+            }
+            if (node.expression.kind === ts.SyntaxKind.ImportKeyword) {
+                const firstArg = node.arguments[0];
+                if (firstArg && ts.isStringLiteral(firstArg)) {
+                    add(node, firstArg.text);
+                }
+            }
+        }
+        ts.forEachChild(node, visit);
+    };
+    ts.forEachChild(sourceFile, visit);
+    return specs;
+}
+/**
+ * Resolve JavaScript dependencies for a file by walking up the directory tree
+ * to find package.json files and merging their dependencies.
+ */
+export async function resolveJSDepsForFile(file, cwd, rootDeps, depCacheByDir) {
+    const rootDir = path.resolve(cwd);
+    let currentDir = path.dirname(path.resolve(cwd, file));
+    while (currentDir.startsWith(rootDir)) {
+        const cached = depCacheByDir.get(currentDir);
+        if (cached)
+            return cached;
+        const packageJsonPath = path.join(currentDir, 'package.json');
+        if (await fs.pathExists(packageJsonPath)) {
+            try {
+                const packageJson = await fs.readJson(packageJsonPath);
+                const deps = new Set([
+                    ...rootDeps,
+                    ...Object.keys(packageJson?.dependencies || {}),
+                    ...Object.keys(packageJson?.devDependencies || {}),
+                    ...Object.keys(packageJson?.peerDependencies || {}),
+                    ...Object.keys(packageJson?.optionalDependencies || {}),
+                ]);
+                depCacheByDir.set(currentDir, deps);
+                return deps;
+            }
+            catch {
+                depCacheByDir.set(currentDir, rootDeps);
+                return rootDeps;
+            }
+        }
+        const parent = path.dirname(currentDir);
+        if (parent === currentDir)
+            break;
+        currentDir = parent;
+    }
+    return rootDeps;
+}
+/**
+ * Resolve TypeScript path aliases from tsconfig.json or jsconfig.json.
+ * Returns true if resolved, false if alias exists but doesn't resolve, null if no alias found.
+ */
+export async function resolveTsPathAlias(file, importPath, cwd, projectFiles, tsPathCacheByDir) {
+    const config = await resolveTsPathConfigForFile(file, cwd, tsPathCacheByDir);
+    if (!config || config.rules.length === 0)
+        return null;
+    for (const rule of config.rules) {
+        const wildcard = matchTsPathRule(rule, importPath);
+        if (wildcard === null)
+            continue;
+        for (const target of rule.targets) {
+            const candidatePattern = rule.hasWildcard ? target.replace('*', wildcard) : target;
+            if (resolveTsPathTarget(config.baseDir, candidatePattern, cwd, projectFiles)) {
+                return true;
+            }
+        }
+        return false;
+    }
+    return null;
+}
+/**
+ * Match a TypeScript path rule against an import path.
+ * Returns the wildcard portion if matched, null otherwise.
+ */
+function matchTsPathRule(rule, importPath) {
+    if (!rule.hasWildcard) {
+        return importPath === rule.key ? '' : null;
+    }
+    if (!importPath.startsWith(rule.prefix) || !importPath.endsWith(rule.suffix)) {
+        return null;
+    }
+    return importPath.slice(rule.prefix.length, importPath.length - rule.suffix.length);
+}
+/**
+ * Check if a TypeScript path target resolves to an actual project file.
+ */
+function resolveTsPathTarget(baseDir, candidatePattern, cwd, projectFiles) {
+    const absolute = path.resolve(baseDir, candidatePattern);
+    const relative = path.relative(cwd, absolute).replace(/\\/g, '/');
+    const normalized = relative.replace(/\/$/, '');
+    const extensions = ['', '.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs', '.d.ts'];
+    const candidates = [
+        ...extensions.map(ext => normalized + ext),
+        ...extensions.map(ext => `${normalized}/index${ext}`),
+    ];
+    return candidates.some(c => projectFiles.has(c));
+}
+/**
+ * Find and load TypeScript/JavaScript config for a file.
+ * Walks up the directory tree to find tsconfig.json or jsconfig.json.
+ */
+async function resolveTsPathConfigForFile(file, cwd, tsPathCacheByDir) {
+    const rootDir = path.resolve(cwd);
+    let currentDir = path.dirname(path.resolve(cwd, file));
+    while (currentDir.startsWith(rootDir)) {
+        if (tsPathCacheByDir.has(currentDir)) {
+            const cached = tsPathCacheByDir.get(currentDir) || null;
+            if (cached)
+                return cached;
+        }
+        else {
+            const config = await loadTsPathConfig(currentDir);
+            tsPathCacheByDir.set(currentDir, config);
+            if (config)
+                return config;
+        }
+        const parent = path.dirname(currentDir);
+        if (parent === currentDir)
+            break;
+        currentDir = parent;
+    }
+    return null;
+}
+/**
+ * Load TypeScript path aliases from tsconfig.json, jsconfig.json, or tsconfig.base.json.
+ * Follows the extends chain to merge path mappings.
+ */
+async function loadTsPathConfig(searchDir) {
+    const candidates = ['tsconfig.json', 'jsconfig.json', 'tsconfig.base.json'];
+    for (const configName of candidates) {
+        const configPath = path.join(searchDir, configName);
+        if (!(await fs.pathExists(configPath)))
+            continue;
+        const mergedPaths = {};
+        let baseUrl = '.';
+        let resolvedBaseDir = searchDir;
+        await resolveExtendsChain(configPath, mergedPaths, (bu) => { baseUrl = bu; }, new Set());
+        const parsed = await readLooseJson(configPath);
+        const compilerOptions = parsed?.compilerOptions || {};
+        if (compilerOptions.paths) {
+            for (const [key, value] of Object.entries(compilerOptions.paths)) {
+                if (typeof key === 'string' && Array.isArray(value)) {
+                    mergedPaths[key] = value;
+                }
+            }
+        }
+        if (compilerOptions.baseUrl)
+            baseUrl = compilerOptions.baseUrl;
+        if (Object.keys(mergedPaths).length === 0)
+            continue;
+        resolvedBaseDir = path.resolve(searchDir, baseUrl);
+        const rules = [];
+        for (const [key, value] of Object.entries(mergedPaths)) {
+            if (typeof key !== 'string' || !Array.isArray(value) || value.length === 0)
+                continue;
+            const hasWildcard = key.includes('*');
+            const [prefix, suffix = ''] = key.split('*');
+            const targets = value.filter(v => typeof v === 'string');
+            if (targets.length === 0)
+                continue;
+            rules.push({ key, hasWildcard, prefix, suffix, targets });
+        }
+        if (rules.length === 0)
+            continue;
+        return { baseDir: resolvedBaseDir, rules };
+    }
+    return null;
+}
+/**
+ * Recursively follow tsconfig `extends` chain to collect path mappings.
+ */
+async function resolveExtendsChain(configPath, mergedPaths, setBaseUrl, visited) {
+    const resolved = path.resolve(configPath);
+    if (visited.has(resolved))
+        return;
+    visited.add(resolved);
+    const parsed = await readLooseJson(configPath);
+    if (!parsed)
+        return;
+    if (parsed.extends) {
+        const extendsPath = typeof parsed.extends === 'string' ? parsed.extends : null;
+        if (extendsPath) {
+            let resolvedExtends;
+            if (extendsPath.startsWith('.')) {
+                resolvedExtends = path.resolve(path.dirname(configPath), extendsPath);
+            }
+            else {
+                resolvedExtends = path.resolve(path.dirname(configPath), 'node_modules', extendsPath);
+            }
+            if (!resolvedExtends.endsWith('.json')) {
+                const withJson = resolvedExtends + '.json';
+                if (await fs.pathExists(withJson)) {
+                    resolvedExtends = withJson;
+                }
+            }
+            if (await fs.pathExists(resolvedExtends)) {
+                await resolveExtendsChain(resolvedExtends, mergedPaths, setBaseUrl, visited);
+            }
+        }
+    }
+    const compilerOptions = parsed.compilerOptions || {};
+    if (compilerOptions.baseUrl) {
+        setBaseUrl(compilerOptions.baseUrl);
+    }
+    if (compilerOptions.paths) {
+        for (const [key, value] of Object.entries(compilerOptions.paths)) {
+            if (typeof key === 'string' && Array.isArray(value)) {
+                mergedPaths[key] = value;
+            }
+        }
+    }
+}
+/**
+ * Read JSON file with support for comments and trailing commas.
+ */
+async function readLooseJson(filePath) {
+    try {
+        const text = await fs.readFile(filePath, 'utf-8');
+        try {
+            return JSON.parse(text);
+        }
+        catch {
+            const noBlockComments = text.replace(/\/\*[\s\S]*?\*\//g, '');
+            const noLineComments = noBlockComments.replace(/(^|\s)\/\/.*$/gm, '$1');
+            const noTrailingCommas = noLineComments.replace(/,\s*([}\]])/g, '$1');
+            return JSON.parse(noTrailingCommas);
+        }
+    }
+    catch {
+        return null;
+    }
+}

package/dist/gates/hallucinated-imports/manifest-discovery.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Manifest discovery and workspace package detection for hallucinated-imports gate.
+ *
+ * Handles:
+ * - Discovery of workspace packages from pnpm-workspace.yaml, package.json, lerna.json
+ * - Glob pattern matching for workspace packages
+ * - Dynamic scanning of project manifests for all supported languages
+ */
+export interface LoadPackageJsonResult {
+    dependencies?: Record<string, string>;
+    devDependencies?: Record<string, string>;
+    peerDependencies?: Record<string, string>;
+    optionalDependencies?: Record<string, string>;
+    workspaces?: string[] | {
+        packages?: string[];
+    };
+    exports?: Record<string, any>;
+    name?: string;
+}
+/**
+ * Load package.json from the project root.
+ */
+export declare function loadPackageJson(cwd: string): Promise<LoadPackageJsonResult>;
+/**
+ * Discover workspace packages from pnpm-workspace.yaml, package.json workspaces, lerna.json.
+ * Returns a set of package names that are valid imports.
+ */
+export declare function discoverWorkspacePackages(cwd: string, allProjectFiles: Set<string>): Promise<Set<string>>;

package/dist/gates/hallucinated-imports/manifest-discovery.js

@@ -0,0 +1,114 @@
+/**
+ * Manifest discovery and workspace package detection for hallucinated-imports gate.
+ *
+ * Handles:
+ * - Discovery of workspace packages from pnpm-workspace.yaml, package.json, lerna.json
+ * - Glob pattern matching for workspace packages
+ * - Dynamic scanning of project manifests for all supported languages
+ */
+import fs from 'fs-extra';
+import path from 'path';
+/**
+ * Load package.json from the project root.
+ */
+export async function loadPackageJson(cwd) {
+    try {
+        const packageJsonPath = path.join(cwd, 'package.json');
+        if (await fs.pathExists(packageJsonPath)) {
+            return await fs.readJson(packageJsonPath);
+        }
+    }
+    catch { /* skip */ }
+    return {};
+}
+/**
+ * Discover workspace packages from pnpm-workspace.yaml, package.json workspaces, lerna.json.
+ * Returns a set of package names that are valid imports.
+ */
+export async function discoverWorkspacePackages(cwd, allProjectFiles) {
+    const packages = new Set();
+    // 1. Check pnpm-workspace.yaml
+    const pnpmWorkspacePath = path.join(cwd, 'pnpm-workspace.yaml');
+    if (await fs.pathExists(pnpmWorkspacePath)) {
+        try {
+            const content = await fs.readFile(pnpmWorkspacePath, 'utf-8');
+            const packagesMatch = content.match(/packages:\s*\n((?:\s+-\s+['"]?[^\n]+\n?)*)/);
+            if (packagesMatch) {
+                const globs = packagesMatch[1].match(/-\s+['"]?([^'"\n]+)/g);
+                if (globs) {
+                    for (const g of globs) {
+                        const pattern = g.replace(/-\s+['"]?/, '').replace(/['"]?\s*$/, '').trim();
+                        await addWorkspacePackagesFromGlob(cwd, pattern, allProjectFiles, packages);
+                    }
+                }
+            }
+        }
+        catch { /* skip */ }
+    }
+    // 2. Check root package.json workspaces field
+    try {
+        const rootPkg = await loadPackageJson(cwd);
+        const workspaces = rootPkg?.workspaces;
+        if (workspaces) {
+            const patterns = Array.isArray(workspaces) ? workspaces : workspaces.packages || [];
+            for (const pattern of patterns) {
+                await addWorkspacePackagesFromGlob(cwd, pattern, allProjectFiles, packages);
+            }
+        }
+    }
+    catch { /* skip */ }
+    // 3. Check lerna.json
+    const lernaPath = path.join(cwd, 'lerna.json');
+    if (await fs.pathExists(lernaPath)) {
+        try {
+            const lerna = await fs.readJson(lernaPath);
+            const patterns = lerna.packages || ['packages/*'];
+            for (const pattern of patterns) {
+                await addWorkspacePackagesFromGlob(cwd, pattern, allProjectFiles, packages);
+            }
+        }
+        catch { /* skip */ }
+    }
+    return packages;
+}
+/**
+ * Find package.json files matching a workspace glob pattern
+ * and add their names to the packages set.
+ */
+async function addWorkspacePackagesFromGlob(cwd, pattern, allProjectFiles, packages) {
+    const normalizedPattern = pattern.replace(/\*\*?$/, '').replace(/\/$/, '');
+    for (const file of allProjectFiles) {
+        if (!file.endsWith('package.json'))
+            continue;
+        const dir = path.dirname(file);
+        if (dir.startsWith(normalizedPattern) || matchGlobPrefix(dir, pattern)) {
+            try {
+                const pkg = await fs.readJson(path.join(cwd, file));
+                if (pkg.name) {
+                    packages.add(pkg.name);
+                    if (pkg.exports) {
+                        packages.add(pkg.name);
+                    }
+                }
+            }
+            catch { /* skip */ }
+        }
+    }
+}
+/**
+ * Simple glob matching for workspace patterns.
+ * Handles "packages/*" and similar patterns.
+ */
+function matchGlobPrefix(dirPath, pattern) {
+    const parts = pattern.split('/');
+    const dirParts = dirPath.split('/');
+    for (let i = 0; i < parts.length; i++) {
+        if (parts[i] === '*' || parts[i] === '**')
+            return true;
+        if (i >= dirParts.length)
+            return false;
+        if (parts[i] !== dirParts[i])
+            return false;
+    }
+    return true;
+}