npm - @synchronized-studio/cmsassets-agent - Versions diffs - 0.2.0 → 0.3.0 - Mend

@synchronized-studio/cmsassets-agent 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/dist/chunk-MCKXYHFX.js ADDED Viewed

@@ -0,0 +1,461 @@
+import {
+  buildCmsOptions,
+  findInjectionPoints,
+  getTransformFunctionName
+} from "./chunk-SHAT7M2R.js";
+import {
+  chatCompletion,
+  isOpenAiError
+} from "./chunk-E74TGIFQ.js";
+// src/verifier/aiReview.ts
+import { readFileSync as readFileSync2, writeFileSync } from "fs";
+import { join as join2 } from "path";
+import consola from "consola";
+import pc from "picocolors";
+// src/patcher/diffValidator.ts
+var ALLOWED_ADD_PATTERNS = [
+  /import\s+\{[^}]*transform/i,
+  /response-transformer/,
+  /transformCmsAssetUrls/,
+  /transformPrismicAssetUrls/,
+  /transformContentfulAssetUrls/,
+  /transformSanityAssetUrls/,
+  /transformShopifyAssetUrls/,
+  /transformCloudinaryAssetUrls/,
+  /transformImgixAssetUrls/,
+  /transformGenericAssetUrls/
+];
+function validateDiff(diff, allowedFiles) {
+  const errors = [];
+  const lines = diff.split("\n");
+  const fileHeaders = lines.filter((l) => l.startsWith("--- ") || l.startsWith("+++ "));
+  for (const header of fileHeaders) {
+    const filePath = header.replace(/^[+-]{3}\s+[ab]\//, "").trim();
+    if (filePath === "/dev/null") continue;
+    if (!allowedFiles.some((f) => filePath.endsWith(f) || f.endsWith(filePath))) {
+      errors.push(`Diff modifies disallowed file: ${filePath}`);
+    }
+  }
+  const addedLines = lines.filter((l) => l.startsWith("+") && !l.startsWith("+++"));
+  const removedLines = lines.filter((l) => l.startsWith("-") && !l.startsWith("---"));
+  for (const added of addedLines) {
+    const lineContent = added.substring(1).trim();
+    if (!lineContent) continue;
+    const isAllowed = ALLOWED_ADD_PATTERNS.some((p) => p.test(lineContent));
+    const hasMatchingRemoval = removedLines.some((r) => {
+      const removedContent = r.substring(1).trim();
+      return lineContent.includes(removedContent) || removedContent.includes(lineContent.replace(/transform\w+AssetUrls\([^)]+\)/, ""));
+    });
+    if (!isAllowed && !hasMatchingRemoval) {
+      if (/^[{}\[\](),;\s]*$/.test(lineContent)) continue;
+      if (/^},?\s*\{?\s*(repository|spaceId|projectId|storeDomain|cloudName|imgixDomain|originUrl)\s*:/.test(lineContent)) continue;
+      if (/^\}\s*\)\s*;?\s*$/.test(lineContent)) continue;
+      if (/^\w+:\s*['"][^'"]+['"]\s*,?\s*\}?\)?\s*$/.test(lineContent)) continue;
+      errors.push(`Suspicious added line: ${lineContent.substring(0, 80)}`);
+    }
+  }
+  if (addedLines.length > 20) {
+    errors.push(`Too many additions (${addedLines.length}), expected <= 20`);
+  }
+  if (removedLines.length > 10) {
+    errors.push(`Too many removals (${removedLines.length}), expected <= 10`);
+  }
+  return { valid: errors.length === 0, errors };
+}
+// src/verifier/rescan.ts
+import { readFileSync } from "fs";
+import { join, relative } from "path";
+function rescanFile(root, filePath, framework, cms) {
+  const absPath = join(root, filePath);
+  let content;
+  try {
+    content = readFileSync(absPath, "utf-8");
+  } catch {
+    return [];
+  }
+  const hasTransformer = content.includes("@synchronized-studio/response-transformer");
+  if (!hasTransformer) {
+    return findInjectionPoints(root, framework, cms).filter((c) => c.filePath === relative(root, absPath) || c.filePath === filePath);
+  }
+  return findUnwrappedCmsCalls(content, filePath, cms);
+}
+var CMS_CALL_PATTERNS = [
+  /client\.\w+\s*\(/g,
+  /\$prismic\.\w+\s*\(/g,
+  /\$contentful\.\w+\s*\(/g,
+  /\$sanity\.\w+\s*\(/g,
+  /usePrismic\(\)/g,
+  /createClient\(\)/g,
+  /\$fetch\s*\(\s*['"`]\/api\//g
+];
+var TRANSFORM_WRAPPERS = [
+  "transformPrismicAssetUrls",
+  "transformContentfulAssetUrls",
+  "transformSanityAssetUrls",
+  "transformShopifyAssetUrls",
+  "transformCloudinaryAssetUrls",
+  "transformImgixAssetUrls",
+  "transformGenericAssetUrls",
+  "transformCmsAssetUrls"
+];
+function findEnclosingFunctionRange(lines, lineIdx) {
+  let start = lineIdx;
+  let braceDepth = 0;
+  for (let i = lineIdx; i >= 0; i--) {
+    for (const c of lines[i]) {
+      if (c === "}") braceDepth++;
+      else if (c === "{") braceDepth--;
+    }
+    if (/(?:async\s+)?(?:function\b|\w+\s*\(|=>\s*\{)/.test(lines[i]) && braceDepth <= 0) {
+      start = i;
+      break;
+    }
+  }
+  braceDepth = 0;
+  let end = lineIdx;
+  for (let i = start; i < lines.length; i++) {
+    for (const c of lines[i]) {
+      if (c === "{") braceDepth++;
+      else if (c === "}") braceDepth--;
+    }
+    if (braceDepth === 0 && i > start) {
+      end = i;
+      break;
+    }
+  }
+  return { start, end };
+}
+function findUnwrappedCmsCalls(content, filePath, cms) {
+  const lines = content.split("\n");
+  const candidates = [];
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    const trimmed = line.trim();
+    if (trimmed.startsWith("import ") || trimmed.startsWith("//") || trimmed.startsWith("*")) {
+      continue;
+    }
+    const hasCmsCall = CMS_CALL_PATTERNS.some((p) => {
+      p.lastIndex = 0;
+      return p.test(trimmed);
+    });
+    if (!hasCmsCall) continue;
+    const isWrappedInline = TRANSFORM_WRAPPERS.some((fn) => trimmed.includes(fn));
+    if (isWrappedInline) continue;
+    const fnRange = findEnclosingFunctionRange(lines, i);
+    const fnBody = lines.slice(fnRange.start, fnRange.end + 1).join("\n");
+    const fnHasTransform = TRANSFORM_WRAPPERS.some((fn) => fnBody.includes(fn));
+    if (fnHasTransform) continue;
+    const simpleAssign = trimmed.match(/(?:const|let)\s+(\w+)\s*=/);
+    const destructAssign = trimmed.match(/(?:const|let)\s+\{([^}]+)\}\s*=/);
+    const varNames = [];
+    if (simpleAssign) varNames.push(simpleAssign[1]);
+    if (destructAssign) {
+      varNames.push(...destructAssign[1].split(",").map((s) => s.trim().split(":")[0].trim()).filter(Boolean));
+    }
+    if (varNames.length > 0) {
+      const ahead = lines.slice(i + 1, Math.min(lines.length, i + 40)).join("\n");
+      const isAnyVarWrapped = varNames.some(
+        (varName) => TRANSFORM_WRAPPERS.some(
+          (fn) => ahead.includes(`${fn}(${varName}`) || ahead.includes(`${fn}( ${varName}`) || new RegExp(`${fn}\\([\\s\\S]{0,300}\\b${varName}\\b`).test(ahead)
+        )
+      );
+      if (isAnyVarWrapped) continue;
+    }
+    const contextSlice = lines.slice(Math.max(0, i - 10), Math.min(lines.length, i + 15)).join("\n");
+    if (/transform\s*:/.test(contextSlice)) continue;
+    candidates.push({
+      filePath,
+      line: i + 1,
+      type: "return",
+      score: 70,
+      confidence: "medium",
+      targetCode: trimmed,
+      context: lines.slice(Math.max(0, i - 2), Math.min(lines.length, i + 3)).join("\n"),
+      reasons: ["CMS SDK call without transform wrapper (post-patch rescan)"]
+    });
+  }
+  return candidates;
+}
+// src/verifier/aiReview.ts
+async function aiReviewAll(root, patchedFiles, plan, opts = {}) {
+  const startTime = Date.now();
+  const maxIterations = opts.maxIterations ?? 3;
+  const model = opts.model ?? "gpt-4o";
+  const results = [];
+  let totalTokens = 0;
+  const uniqueFiles = [...new Set(patchedFiles)];
+  for (const filePath of uniqueFiles) {
+    consola.info(`${pc.cyan("AI review:")} ${filePath}`);
+    const result = await reviewFileLoop(root, filePath, plan, {
+      maxIterations,
+      model
+    });
+    totalTokens += result.tokensUsed;
+    results.push(result.fileResult);
+    const icon = result.fileResult.passed ? pc.green("\u2713") : pc.red("\u2717");
+    const detail = result.fileResult.fixApplied ? pc.dim("(auto-fixed)") : "";
+    consola.info(`  ${icon} ${filePath} ${detail}`);
+    if (!result.fileResult.passed) {
+      for (const issue of result.fileResult.issues) {
+        consola.info(`    ${pc.yellow("\u26A0")} ${issue}`);
+      }
+    }
+  }
+  const filesPassed = results.filter((r) => r.passed).length;
+  const filesFixed = results.filter((r) => r.fixApplied).length;
+  const filesFailed = results.filter((r) => !r.passed).length;
+  return {
+    schemaVersion: "1.0",
+    filesReviewed: results.length,
+    filesPassed,
+    filesFixed,
+    filesFailed,
+    results,
+    totalDurationMs: Date.now() - startTime,
+    tokensUsed: totalTokens
+  };
+}
+async function reviewFileLoop(root, filePath, plan, opts) {
+  let tokensUsed = 0;
+  let fixAttempted = false;
+  let fixApplied = false;
+  for (let iter = 0; iter < opts.maxIterations; iter++) {
+    const remaining = rescanFile(
+      root,
+      filePath,
+      plan.scan.framework.name,
+      plan.scan.cms
+    );
+    const rescanIssues = remaining.map(
+      (c) => `Line ${c.line}: ${c.targetCode.substring(0, 80)}`
+    );
+    const absPath = join2(root, filePath);
+    let content;
+    try {
+      content = readFileSync2(absPath, "utf-8");
+    } catch {
+      return {
+        fileResult: {
+          filePath,
+          passed: false,
+          issues: ["Cannot read file"],
+          fixAttempted,
+          fixApplied,
+          iterations: iter + 1
+        },
+        tokensUsed
+      };
+    }
+    const reviewResult = await aiSemanticReview(content, filePath, plan, opts.model, rescanIssues);
+    tokensUsed += reviewResult.tokensUsed;
+    if (reviewResult.passed) {
+      return {
+        fileResult: {
+          filePath,
+          passed: true,
+          issues: [],
+          fixAttempted,
+          fixApplied,
+          iterations: iter + 1
+        },
+        tokensUsed
+      };
+    }
+    if (!reviewResult.diff) {
+      return {
+        fileResult: {
+          filePath,
+          passed: false,
+          issues: reviewResult.issues,
+          fixAttempted,
+          fixApplied,
+          iterations: iter + 1
+        },
+        tokensUsed
+      };
+    }
+    fixAttempted = true;
+    const applied = applyAiDiff(root, filePath, content, reviewResult.diff);
+    if (applied) {
+      fixApplied = true;
+      consola.info(`    ${pc.blue("\u21BB")} Applied AI fix (iteration ${iter + 1})`);
+    } else {
+      return {
+        fileResult: {
+          filePath,
+          passed: false,
+          issues: [...reviewResult.issues, "AI fix could not be applied"],
+          fixAttempted,
+          fixApplied,
+          iterations: iter + 1
+        },
+        tokensUsed
+      };
+    }
+  }
+  const finalRemaining = rescanFile(root, filePath, plan.scan.framework.name, plan.scan.cms);
+  const passed = finalRemaining.length === 0;
+  return {
+    fileResult: {
+      filePath,
+      passed,
+      issues: passed ? [] : finalRemaining.map((c) => `Line ${c.line}: unwrapped CMS call \u2014 ${c.targetCode.substring(0, 80)}`),
+      fixAttempted,
+      fixApplied,
+      iterations: opts.maxIterations
+    },
+    tokensUsed
+  };
+}
+async function aiSemanticReview(content, filePath, plan, model, rescanIssues) {
+  const fn = getTransformFunctionName(plan.scan.cms.type);
+  const opts = buildCmsOptions(plan.scan.cms.type, plan.scan.cms.params);
+  const rescanSection = rescanIssues.length > 0 ? `
+Rule-based rescan found these potentially unwrapped CMS calls:
+${rescanIssues.map((i) => `- ${i}`).join("\n")}
+` : "";
+  const prompt = `You are verifying that CMS asset URL transformations were correctly applied to a source file, AND that the file is still structurally correct.
+CMS: ${plan.scan.cms.type}
+Transform function: ${fn}
+Expected options: ${opts}
+Framework: ${plan.scan.framework.name}
+${rescanSection}
+File (${filePath}):
+\`\`\`
+${content}
+\`\`\`
+CHECK THE FOLLOWING:
+A. Transform correctness:
+1. Is the import \`import { ${fn} } from '@synchronized-studio/response-transformer'\` present?
+2. For functions that RETURN CMS data objects/arrays, is the return wrapped with ${fn}()?
+   - Wrapping at the return level is CORRECT and SUFFICIENT.
+   - \`return ${fn}({ model: document }, ${opts})\` is correct.
+   - \`return ${fn}(data, ${opts})\` is correct.
+   - Do NOT flag intermediate CMS SDK calls ($prismic, $contentful, client.get) as unwrapped
+     when the function's return is already wrapped.
+3. Are the options (${opts}) correct in every ${fn}() call?
+B. Code integrity (CRITICAL \u2014 the patch must not break existing code):
+4. Are all functions that existed before still defined and accessible? (e.g. if a function like getPage, fetchData, etc. was defined, it must still be there)
+5. Are there any obvious undefined references \u2014 calls to functions or variables that don't exist in the file?
+6. Does the code structure look intact \u2014 no truncated functions, missing closing brackets, orphaned statements?
+7. Are all exports still present and correct?
+8. CRITICAL: If a return value is an object containing FUNCTION references (like \`{ getPage, generateMetadata }\`),
+   wrapping it with ${fn}() will BREAK it because the transform uses JSON.stringify which destroys functions.
+   The transform should ONLY wrap CMS DATA returns (objects/arrays with data properties), NOT factory/API returns
+   that provide callable functions. If you see this pattern, report it as an issue and provide a diff that REMOVES
+   the incorrect wrapping.
+IMPORTANT \u2014 do NOT flag any of these as transform issues:
+- Functions that do NOT return a value (e.g. they only commit to Vuex store) \u2014 these are FINE as-is
+- Functions that return simple strings, URLs, booleans, or "#" \u2014 these are NOT CMS data
+- Error returns like \`return err\`, \`return []\`, \`return undefined\` \u2014 skip these
+- Functions that return \`dispatch(...)\` or delegate to another action \u2014 the target action handles the transform
+- A function that already contains ${fn}() calls IS correctly handled \u2014 do not ask for more wrapping
+- If the file already imports and uses ${fn} in multiple places, assume it is correctly integrated
+Respond with JSON only (no markdown fences, no explanation):
+- If everything is correct: {"passed":true}
+- If there are issues: {"passed":false,"issues":["description of each issue"],"diff":"unified diff that fixes ALL issues"}
+The diff MUST:
+- Use standard unified diff format (--- a/file, +++ b/file, @@ hunks)
+- Only add/modify transformer-related code OR fix broken code caused by the patch
+- Restore any accidentally removed functions, variables, or exports
+- Not remove or change any existing logic beyond what's needed for the fix`;
+  const result = await chatCompletion(prompt, { model, maxTokens: 4e3 });
+  if (isOpenAiError(result)) {
+    return { passed: false, issues: [result.error], tokensUsed: 0 };
+  }
+  const raw = result.content.replace(/^```(?:json)?\s*/m, "").replace(/\s*```\s*$/m, "").trim();
+  try {
+    const parsed = JSON.parse(raw);
+    if (parsed.passed === true) {
+      return { passed: true, issues: [], tokensUsed: result.tokensUsed };
+    }
+    const issues = Array.isArray(parsed.issues) ? parsed.issues : [];
+    const diff = typeof parsed.diff === "string" ? parsed.diff : void 0;
+    return { passed: false, issues, diff, tokensUsed: result.tokensUsed };
+  } catch {
+    return {
+      passed: false,
+      issues: ["AI returned non-JSON response"],
+      tokensUsed: result.tokensUsed
+    };
+  }
+}
+function applyAiDiff(root, filePath, originalContent, diff) {
+  const validation = validateDiff(diff, [filePath]);
+  if (!validation.valid) {
+    consola.warn(`    AI diff validation failed: ${validation.errors.join("; ")}`);
+    return false;
+  }
+  const newContent = applyUnifiedDiff(originalContent, diff);
+  if (!newContent || newContent === originalContent) {
+    return false;
+  }
+  try {
+    const absPath = join2(root, filePath);
+    writeFileSync(absPath, newContent, "utf-8");
+    return true;
+  } catch {
+    return false;
+  }
+}
+function applyUnifiedDiff(original, diff) {
+  const lines = original.split("\n");
+  const diffLines = diff.split("\n");
+  const result = [...lines];
+  let offset = 0;
+  for (let i = 0; i < diffLines.length; i++) {
+    const line = diffLines[i];
+    const hunkMatch = line.match(/^@@\s*-(\d+)(?:,(\d+))?\s*\+(\d+)(?:,(\d+))?\s*@@/);
+    if (!hunkMatch) continue;
+    const oldStart = parseInt(hunkMatch[1], 10) - 1;
+    let pos = oldStart + offset;
+    for (let j = i + 1; j < diffLines.length; j++) {
+      const hunkLine = diffLines[j];
+      if (hunkLine.startsWith("@@") || hunkLine.startsWith("diff ") || hunkLine.startsWith("--- ") || hunkLine.startsWith("+++ ")) {
+        break;
+      }
+      if (hunkLine.startsWith("-")) {
+        const expected = hunkLine.substring(1);
+        if (pos < result.length && result[pos].trim() === expected.trim()) {
+          result.splice(pos, 1);
+          offset--;
+        } else {
+          let found = false;
+          for (let k = Math.max(0, pos - 8); k < Math.min(result.length, pos + 9); k++) {
+            if (result[k].trim() === expected.trim()) {
+              result.splice(k, 1);
+              offset--;
+              pos = k;
+              found = true;
+              break;
+            }
+          }
+          if (!found) return null;
+        }
+      } else if (hunkLine.startsWith("+")) {
+        const newLine = hunkLine.substring(1);
+        result.splice(pos, 0, newLine);
+        pos++;
+        offset++;
+      } else if (hunkLine.startsWith(" ")) {
+        pos++;
+      }
+    }
+  }
+  return result.join("\n");
+}
+export {
+  aiReviewAll
+};