@stupify/cli 0.0.3 → 0.0.5

package/README.md

@@ -2,59 +2,54 @@
 
 Local-only diagnostic CLI for checking whether AI is making you dumber.
 
-This iteration analyzes a recent net diff locally. The default engine uses
-line-sized diff batches. The sem engine uses entity-level changes, scouts
-candidate entity IDs, optionally packs selected candidate files with Repomix,
-and prints findings.
+Stupify has one analysis path:
 
-```sh
-npx @stupify/cli --commit HEAD
+```text
+sem diff -> counter scout -> Repomix context -> local search model
 ```
 
+It emits search `matches`, not audit findings.
+
 ```sh
-npx @stupify/cli --engine sem --commit HEAD
+npx @stupify/cli --staged
+npx @stupify/cli --since "2 weeks ago"
+npx @stupify/cli --commit HEAD
+npx @stupify/cli --commits 20
+git diff HEAD~1..HEAD | npx @stupify/cli --stdin
 ```
 
-The sem engine splits findings-audit batches before local inference when the
-prompt exceeds `--max-audit-input-tokens`. Use `--audit-concurrency` to tune
-parallel local audit calls. The default sem scout uses fast deterministic
-signal counters; use `--scout llm` to compare against the older local model
-scout. Use `--audit-context none|repomix` and `--audit-prompt strict|high_bar`
-to run audit ablations without changing code.
+Install the warn-only pre-commit hook:
 
 ```sh
-stupify experiment experiments/bevyl-last-week.json
-stupify experiment experiments/bevyl-per-check.json
+stupify hook install
 ```
 
-The experiment runner shells out to the CLI and writes local JSON plus
-manual-label markdown files under `experiments/results/`.
+The hook runs `stupify --staged` and exits 0.
 
-By default, `stupify` is equivalent to `stupify --since "2 weeks ago"`.
-Commit mode analyzes `<commit>^..commit` as a net diff.
-The default registry currently runs nine concise checks for duplicated schemas,
-unnecessary complexity, fake precision, noisy metadata, mega-files,
-over-commenting, lint bypasses, inconsistent patterns, and reinvented
-utilities. `operator_style_mismatch` remains available with `--checks`, but is
-not enabled by default in the sem audit path.
+Check local setup:
 
 ```sh
-npx @stupify/cli --commits 20
+stupify doctor
 ```
 
-Recent-commits mode analyzes the selected range as one change. Findings are
-range-level for now, not per-commit blame.
+Default search enables the checks that currently pass the local hook-safety
+bench: `duplicated_schema`, `unnecessary_complexity`, `over_commenting`,
+`lint_bypass`, and `reinvented_utils`. Other registry patterns can be opted in
+with `--checks`.
 
 ```sh
-git diff HEAD~1..HEAD | npx @stupify/cli --stdin
+stupify --staged --checks over_commenting
 ```
 
+Large search inputs are skipped rather than truncated:
+
 ```sh
-stupify --help
+stupify --staged --max-search-input-tokens 24000
 ```
 
 The package is prepared for the public `@stupify` npm scope. Publishing should
 run the TypeScript build first so the executable points at `dist/stupify.js`.
 
-This iteration intentionally does not compare baselines, share data, call hosted
-LLM APIs, integrate with Ollama, or scan the whole repo.
+This iteration intentionally does not run findings audit, validators, judges,
+baselines, hosted LLM APIs, GitHub integration, dashboards, or repo-wide
+crawling.

package/dist/analysis.d.ts

@@ -1,14 +1,16 @@
 import type { LocalModel } from "./model.ts";
-import type { CandidateContext, DiffBatch, AuditPromptName, AuditReviewResult, FindingsResult, NetDiff, SemCandidate, SemChangeSet, SemContext, SemContextPack, StupifyCheck } from "./types.ts";
-export declare function scoutBatch(model: LocalModel, batch: DiffBatch, checks: readonly StupifyCheck[], sourceLabel: string): Promise<readonly string[]>;
-export declare function auditCandidates(model: LocalModel, diff: NetDiff, contexts: readonly CandidateContext[], checks: readonly StupifyCheck[]): Promise<FindingsResult>;
-export declare function scoutSemChanges(model: LocalModel, changeSet: SemChangeSet, checks: readonly StupifyCheck[], maxCandidates: number): Promise<readonly SemCandidate[]>;
-export declare function runFindingsAudit(model: LocalModel, changeSet: SemChangeSet, contexts: readonly SemContext[], pack: SemContextPack, checks: readonly StupifyCheck[], request?: Readonly<{
-    prompt: string;
-    schema: unknown;
-}>): Promise<AuditReviewResult>;
-export declare function findingsAuditRequest(changeSet: SemChangeSet, contexts: readonly SemContext[], pack: SemContextPack, checks: readonly StupifyCheck[], promptName?: AuditPromptName): Readonly<{
+import type { SearchMatch, SemChangeSet, SemContext, SemContextPack, StupifyCheck } from "./types.ts";
+export declare function runSearch(model: LocalModel, request: SearchRequest): Promise<readonly SearchMatch[]>;
+export type SearchRequest = Readonly<{
     prompt: string;
     schema: unknown;
+    contexts: readonly SemContext[];
 }>;
+export declare function searchRequest(input: Readonly<{
+    changeSet: SemChangeSet;
+    contexts: readonly SemContext[];
+    pack: SemContextPack;
+    patterns: readonly StupifyCheck[];
+    includeCounterReasonInPrompt?: boolean;
+}>): SearchRequest;
 export declare function countPromptTokens(model: LocalModel, prompt: string): Promise<number>;

package/dist/analysis.js

@@ -1,34 +1,17 @@
-import { auditPrompt, findingsAuditPrompt, scoutPrompt, semScoutPrompt } from "./prompts.js";
 import { cachedJson, fingerprint } from "./cache.js";
-export async function scoutBatch(model, batch, checks, sourceLabel) {
-    const raw = await runJsonPrompt(model, scoutPrompt(batch, checks, sourceLabel), scoutSchema(batch), 0);
-    return uncheckedCandidates(raw);
-}
-export async function auditCandidates(model, diff, contexts, checks) {
-    if (contexts.length === 0)
-        return { findings: [], summary: "No candidate regions found." };
-    const raw = await runJsonPrompt(model, auditPrompt(contexts, checks, diff.label), auditSchema(contexts), 0);
-    return uncheckedRawAuditResult(raw, diff.id);
-}
-export async function scoutSemChanges(model, changeSet, checks, maxCandidates) {
-    const raw = await runJsonPrompt(model, semScoutPrompt(changeSet, checks, maxCandidates), semScoutSchema(changeSet, checks, maxCandidates), 0);
-    return uncheckedSemCandidates(raw, changeSet.id);
-}
-export async function runFindingsAudit(model, changeSet, contexts, pack, checks, request = findingsAuditRequest(changeSet, contexts, pack, checks)) {
-    if (contexts.length === 0) {
-        return {
-            findings: [],
-            summary: "No candidate entities found.",
-            stats: { totalTargets: 0, finding: 0, clean: 0, uncertain: 0, invalid: 0 },
-        };
-    }
+import { searchPrompt } from "./prompts.js";
+export async function runSearch(model, request) {
     const raw = await runJsonPrompt(model, request.prompt, request.schema, 0);
-    return uncheckedFindingsAuditResult(raw, changeSet.id, contexts);
+    return uncheckedSearchMatches(raw, request.contexts);
 }
-export function findingsAuditRequest(changeSet, contexts, pack, checks, promptName = "strict") {
+export function searchRequest(input) {
     return {
-        prompt: findingsAuditPrompt(contexts, pack, checks, changeSet.label, promptName),
-        schema: findingsAuditSchema(contexts),
+        prompt: searchPrompt({
+            ...input,
+            includeCounterReason: input.includeCounterReasonInPrompt ?? false,
+        }),
+        schema: searchSchema(input.contexts),
+        contexts: input.contexts,
     };
 }
 export async function countPromptTokens(model, prompt) {
@@ -53,171 +36,45 @@ export async function countPromptTokens(model, prompt) {
     });
     return cached.count;
 }
-function findingsAuditSchema(contexts) {
-    const targetIds = contexts.map((context) => context.targetId);
-    const findingItem = {
-        type: "object",
-        properties: {
-            targetId: { type: "string", enum: targetIds },
-            why: { type: "string" },
-            proof: { type: "string" },
-        },
-        required: ["targetId", "why", "proof"],
-        additionalProperties: false,
-    };
-    const uncertainItem = {
-        type: "object",
-        properties: {
-            targetId: { type: "string", enum: targetIds },
-            why: { type: "string" },
-        },
-        required: ["targetId", "why"],
-        additionalProperties: false,
-    };
-    return {
-        type: "object",
-        properties: {
-            findings: {
-                type: "array",
-                items: findingItem,
-            },
-            uncertain: {
-                type: "array",
-                items: uncertainItem,
-            },
-        },
-        additionalProperties: false,
-    };
-}
-function auditSchema(contexts) {
-    return auditSchemaFromProofs(contexts.map((context) => context.pointer));
-}
-function auditSchemaFromProofs(proofs) {
-    return {
-        type: "object",
-        properties: {
-            findings: {
-                type: "array",
-                items: {
-                    type: "object",
-                    properties: {
-                        checkId: { type: "string" },
-                        why: { type: "string" },
-                        proof: { type: "string", enum: proofs },
-                    },
-                    required: ["checkId", "why", "proof"],
-                    additionalProperties: false,
-                },
-            },
-            summary: { type: "string" },
-        },
-        required: ["findings", "summary"],
-        additionalProperties: false,
-    };
-}
-function semScoutSchema(changeSet, checks, maxCandidates) {
+function searchSchema(contexts) {
     return {
         type: "object",
         properties: {
-            targets: {
+            matches: {
                 type: "array",
-                maxItems: maxCandidates,
+                maxItems: 5,
                 items: {
                     type: "object",
                     properties: {
-                        entityId: { type: "string", enum: changeSet.changes.map((change) => change.entityId) },
-                        checkId: { type: "string", enum: checks.map((check) => check.id) },
+                        targetId: { type: "string", enum: contexts.map((context) => context.targetId) },
                         reason: { type: "string" },
+                        proof: { type: "string" },
                     },
-                    required: ["entityId", "checkId", "reason"],
+                    required: ["targetId", "reason", "proof"],
                     additionalProperties: false,
                 },
             },
         },
-        required: ["targets"],
+        required: ["matches"],
         additionalProperties: false,
     };
 }
-function scoutSchema(batch) {
-    return {
-        type: "object",
-        properties: {
-            candidates: {
-                type: "array",
-                maxItems: 3,
-                items: { type: "string", enum: batch.hunks.map((hunk) => hunk.pointer) },
-            },
-        },
-        required: ["candidates"],
-        additionalProperties: false,
-    };
-}
-function uncheckedCandidates(value) {
-    return [...(value.candidates ?? [])];
-}
-function uncheckedRawAuditResult(value, sourceId) {
-    const output = value;
-    const findings = (output.findings ?? []).map((finding) => ({
-        sourceId,
-        checkId: (finding.checkId ?? ""),
-        why: finding.why ?? "",
-        proof: finding.proof ?? "",
-    }));
-    return { findings, summary: output.summary ?? defaultSummary(findings.length) };
-}
-function uncheckedSemCandidates(value, sourceId) {
+function uncheckedSearchMatches(value, contexts) {
     const output = value;
-    const rawTargets = output.targets ?? output.candidates ?? [];
-    return rawTargets.flatMap((candidate) => {
-        if (candidate.checkId) {
-            return [{
-                    sourceId,
-                    targetId: candidate.targetId ?? "",
-                    entityId: candidate.entityId ?? "",
-                    checkId: candidate.checkId,
-                    reason: candidate.reason ?? "",
-                }];
-        }
-        return (candidate.checkIds ?? []).map((checkId) => ({
-            sourceId,
-            targetId: candidate.targetId ?? "",
-            entityId: candidate.entityId ?? "",
-            checkId: checkId,
-            reason: candidate.reason ?? "",
-        }));
+    const contextsByTargetId = new Map(contexts.map((context) => [context.targetId, context]));
+    return (output.matches ?? []).flatMap((match) => {
+        const targetId = match.targetId ?? "";
+        const context = contextsByTargetId.get(targetId);
+        if (!context)
+            return [];
+        return [{
+                targetId,
+                patternId: context.checkId,
+                reason: match.reason ?? "",
+                proof: match.proof ?? "",
+            }];
     });
 }
-function uncheckedFindingsAuditResult(value, sourceId, contexts) {
-    const output = value;
-    const targetsById = new Map(contexts.map((context) => [context.targetId, context]));
-    const findings = (output.findings ?? []).map((finding) => {
-        const target = targetsById.get(finding.targetId ?? "");
-        return {
-            sourceId,
-            checkId: (target?.checkId ?? ""),
-            why: finding.why ?? "",
-            proof: finding.proof ?? "",
-        };
-    });
-    const uncertain = output.uncertain?.length ?? 0;
-    const totalTargets = contexts.length;
-    return {
-        findings,
-        summary: defaultSummary(findings.length),
-        stats: {
-            totalTargets,
-            finding: findings.length,
-            clean: Math.max(0, totalTargets - findings.length - uncertain),
-            uncertain,
-            invalid: 0,
-        },
-    };
-}
-function defaultSummary(findingCount) {
-    return findingCount === 0
-        ? "No clear judgment-offload signal found."
-        : `${findingCount} finding review${findingCount === 1 ? "" : "s"} accepted.`;
-}
 async function runJsonPrompt(model, prompt, schema, temperature) {
     return cachedJson("model-json", fingerprint({
         version: 1,

package/dist/checks.d.ts

@@ -1,3 +1,4 @@
 import { type StupifyCheck } from "./types.ts";
 export declare const defaultChecks: readonly StupifyCheck[];
 export declare function enabledChecks(checkIds: readonly string[] | null): readonly StupifyCheck[];
+export declare function searchChecks(checkIds: readonly string[] | null): readonly StupifyCheck[];

package/dist/checks.js

@@ -10,7 +10,19 @@ export const defaultChecks = [
         ],
         ignoreWhen: [
             "test fixture, mock, or intentional external contract",
-        ],
+            "public API DTO filters, omits, protects, renames, or versions fields",
+        ],
+        hookMode: "warn",
+        searchPrompt: "Find only local/private payload or schema shapes that clearly copy another local shape one-for-one without creating a boundary. Do not match ordinary Input/Output/Request/Response types by name alone, public DTOs, external contracts, client types, or types that omit/protect private fields.",
+        searchExamples: {
+            match: [
+                "LocalUserPayload repeats User fields and maps id/email/displayName one-for-one.",
+            ],
+            nonMatch: [
+                "PublicWebhookDto omits privateNotes from InternalJob.",
+                "A client type describes an external dependency boundary.",
+            ],
+        },
     },
     {
         id: checkId("unnecessary_complexity"),
@@ -22,6 +34,35 @@ export const defaultChecks = [
         ignoreWhen: [
             "isolates dependency, removes duplication, or improves testability",
         ],
+        hookMode: "warn",
+        searchPrompt: `Find staged changes where a locally simple decision is made harder to understand by new indirection.
+Only match when the staged diff clearly shows:
+- a new named helper, wrapper, service, adapter, boundary, or abstraction
+- and the surrounding change still appears locally simple
+- and the new structure makes the decision harder to see
+Do not match:
+- plain conditionals, guard clauses, skip paths, or error handling
+- normal feature structure
+- exported utilities that are part of a real feature
+- command plumbing
+- prompt/instruction files
+- domain configuration
+- refactors that make ownership clearer
+- changes where the payoff is unclear from the diff
+Prefer no match over a weak match.`,
+        searchExamples: {
+            match: [
+                "A small inline operation becomes a helper/service/wrapper with one obvious caller.",
+                "A straightforward flow is split across files in a way that hides the decision.",
+                "A new abstraction appears before there is evidence it buys clarity, correctness, reuse, or isolation.",
+            ],
+            nonMatch: [
+                "A real external dependency boundary is isolated.",
+                "A security/auth boundary becomes clearer.",
+                "A refactor removes larger complexity elsewhere.",
+                "Framework-required structure is added.",
+            ],
+        },
     },
     {
         id: checkId("fake_precision_windowing"),
@@ -67,6 +108,22 @@ export const defaultChecks = [
         ignoreWhen: [
             "comment explains intent, constraint, workaround, or public API behavior",
         ],
+        hookMode: "warn",
+        searchPrompt: "Find staged changes where comments appear to substitute for judgment rather than clarify it.",
+        searchExamples: {
+            match: [
+                "New comments narrate obvious code instead of explaining tradeoffs.",
+                "A simple change gains multiple generic comments that restate control flow.",
+                "Comments make the code look more deliberate without adding useful reasoning.",
+            ],
+            nonMatch: [
+                "Comments explain a real domain constraint.",
+                "Comments document an external API quirk.",
+                "Comments clarify a surprising edge case.",
+                "Comments are sparse and specific.",
+                "Comments explain provider, finance, reconciliation, timezone, or ledger behavior.",
+            ],
+        },
     },
     {
         id: checkId("lint_bypass"),
@@ -80,6 +137,16 @@ export const defaultChecks = [
             "type-level test",
             "generated file convention",
         ],
+        hookMode: "warn",
+        searchPrompt: "Find only broad lint/type bypasses that hide useful feedback. Match bare @ts-ignore, bare @ts-expect-error, broad casts, any, or eslint/biome suppressions without a concrete inline reason. Do not match targeted suppressions that include a reason for a known framework, test, mock, or external-library limitation.",
+        searchExamples: {
+            match: [
+                "A bare // @ts-ignore hides property access on unknown input.",
+            ],
+            nonMatch: [
+                "// @ts-expect-error explains a known external library typing gap.",
+            ],
+        },
     },
     {
         id: checkId("inconsistent_patterns"),
@@ -103,7 +170,19 @@ export const defaultChecks = [
         ignoreWhen: [
             "existing utility has wrong contract",
             "new helper is clearer as a tiny private expression",
-        ],
+            "helper is domain-specific or used by multiple local call sites",
+        ],
+        hookMode: "warn",
+        searchPrompt: "Find only tiny generic utility functions that recreate common helpers such as clamp, debounce, throttle, slugify, group, sort, pick, omit, uniq, or shuffle without domain-specific behavior. Do not match resolve/parse/format helpers, domain formatting, feature constants, or helpers with multiple obvious call sites.",
+        searchExamples: {
+            match: [
+                "clampValue returns min, max, or value.",
+            ],
+            nonMatch: [
+                "formatCurrencyHelper is used by invoice and refund labels.",
+                "Subscription tier constants encode domain configuration.",
+            ],
+        },
     },
     {
         id: checkId("operator_style_mismatch"),
@@ -121,6 +200,14 @@ export const defaultChecks = [
 export function enabledChecks(checkIds) {
     if (!checkIds)
         return defaultChecks.filter((check) => check.enabledByDefault !== false);
+    return checksById(checkIds);
+}
+export function searchChecks(checkIds) {
+    if (!checkIds)
+        return defaultChecks.filter((check) => check.hookMode === "warn");
+    return checksById(checkIds);
+}
+function checksById(checkIds) {
     const checksById = new Map(defaultChecks.map((check) => [check.id, check]));
     return checkIds.map((id) => {
         const check = checksById.get(id);