@unerr-ai/unerr 0.2.0 → 0.2.2

package/dist/tracking/prompt-durability.js

@@ -1,202 +0,0 @@
-/**
- * Prompt Durability Profiler — analyzes which prompt types produce durable vs fragile code.
- *
- * Classifies ledger entries by action type (add/modify/refactor/fix/delete),
- * target risk level, and file scope. Computes durability per profile bucket
- * and generates recommendations for prompt strategies that historically produce
- * more stable code.
- *
- * Data flow: shadow ledger entries → classification → aggregation → profiles.
- */
-import { createModuleLogger } from "../utils/logger.js";
-const log = createModuleLogger("prompt-durability");
-const ADD_PATTERNS = [
-    /\badd(?:ing|ed|s)?\b/i,
-    /\bcreate(?:d|s|ing)?\b/i,
-    /\bnew\b/i,
-    /\bimplement(?:ed|s|ing)?\b/i,
-    /\bintroduc(?:e|ed|ing)\b/i,
-    /\bbuild(?:ing|s)?\b/i,
-    /\bset\s*up\b/i,
-];
-const MODIFY_PATTERNS = [
-    /\bmodif(?:y|ied|ying|ies)\b/i,
-    /\bupdate(?:d|s|ing)?\b/i,
-    /\bchange(?:d|s|ing)?\b/i,
-    /\bedit(?:ed|s|ing)?\b/i,
-    /\badjust(?:ed|s|ing)?\b/i,
-    /\btweak(?:ed|s|ing)?\b/i,
-    /\balter(?:ed|s|ing)?\b/i,
-];
-const REFACTOR_PATTERNS = [
-    /\brefactor(?:ed|s|ing)?\b/i,
-    /\brestructur(?:e|ed|ing)\b/i,
-    /\breorganiz(?:e|ed|ing)\b/i,
-    /\bclean\s*up\b/i,
-    /\bextract(?:ed|s|ing)?\b/i,
-    /\bmove(?:d|s|ing)?\b/i,
-    /\brename(?:d|s|ing)?\b/i,
-    /\bsimplif(?:y|ied|ying|ies)\b/i,
-];
-const FIX_PATTERNS = [
-    /\bfix(?:ed|es|ing)?\b/i,
-    /\bbug\s*fix\b/i,
-    /\bresolv(?:e|ed|ing)\b/i,
-    /\brepair(?:ed|s|ing)?\b/i,
-    /\bpatch(?:ed|es|ing)?\b/i,
-    /\bcorrect(?:ed|s|ing)?\b/i,
-    /\bhandle\b.*\berror\b/i,
-    /\bworkaround\b/i,
-];
-const DELETE_PATTERNS = [
-    /\bdelete(?:d|s|ing)?\b/i,
-    /\bremove(?:d|s|ing)?\b/i,
-    /\bdrop(?:ped|s|ping)?\b/i,
-    /\bstrip(?:ped|s|ping)?\b/i,
-    /\bdeprecate(?:d|s|ing)?\b/i,
-    /\beliminate(?:d|s|ing)?\b/i,
-];
-/**
- * Classifies a prompt string into an action type based on keyword patterns.
- *
- * Priority order: fix > refactor > delete > add > modify > other.
- * Fix is highest priority because fix prompts often also contain "modify" or "change".
- */
-export function extractActionType(prompt) {
-    if (!prompt || prompt.trim().length === 0)
-        return "other";
-    if (FIX_PATTERNS.some((p) => p.test(prompt)))
-        return "fix";
-    if (REFACTOR_PATTERNS.some((p) => p.test(prompt)))
-        return "refactor";
-    if (DELETE_PATTERNS.some((p) => p.test(prompt)))
-        return "delete";
-    if (ADD_PATTERNS.some((p) => p.test(prompt)))
-        return "add";
-    if (MODIFY_PATTERNS.some((p) => p.test(prompt)))
-        return "modify";
-    return "other";
-}
-/**
- * Computes durability profiles from ledger entries.
- *
- * Groups entries by (actionType, targetRisk, scope), computes per-bucket
- * durability as survived/total, and attaches recommendations for low-durability buckets.
- */
-export function computePromptDurabilityProfiles(ledgerEntries) {
-    const buckets = new Map();
-    for (const entry of ledgerEntries) {
-        const actionType = extractActionType(entry.prompt ?? "");
-        const targetRisk = normalizeRisk(entry.riskLevel);
-        const scope = classifyScope(entry.files);
-        const bucketId = `${actionType}:${targetRisk}:${scope}`;
-        const existing = buckets.get(bucketId) ?? {
-            survived: 0,
-            total: 0,
-            key: { actionType, targetRisk, scope },
-        };
-        existing.total += 1;
-        if (entry.survived) {
-            existing.survived += 1;
-        }
-        buckets.set(bucketId, existing);
-    }
-    const profiles = [];
-    for (const bucket of buckets.values()) {
-        const durability = bucket.total > 0 ? bucket.survived / bucket.total : 0;
-        const profile = {
-            actionType: bucket.key.actionType,
-            targetRisk: bucket.key.targetRisk,
-            scope: bucket.key.scope,
-            durability: Math.round(durability * 1000) / 1000,
-            sampleCount: bucket.total,
-        };
-        const recommendation = generateRecommendation(profile);
-        if (recommendation) {
-            profile.recommendation = recommendation;
-        }
-        profiles.push(profile);
-    }
-    profiles.sort((a, b) => {
-        if (a.durability !== b.durability)
-            return a.durability - b.durability;
-        return b.sampleCount - a.sampleCount;
-    });
-    return profiles;
-}
-/**
- * Returns the overall durability across all profiles, weighted by sample count.
- */
-export function computeOverallDurability(profiles) {
-    let totalWeighted = 0;
-    let totalSamples = 0;
-    for (const p of profiles) {
-        totalWeighted += p.durability * p.sampleCount;
-        totalSamples += p.sampleCount;
-    }
-    return totalSamples > 0
-        ? Math.round((totalWeighted / totalSamples) * 1000) / 1000
-        : 0;
-}
-/**
- * Returns the top N most fragile profiles (lowest durability with sufficient samples).
- */
-export function getMostFragile(profiles, limit = 5, minSamples = 3) {
-    return profiles
-        .filter((p) => p.sampleCount >= minSamples)
-        .sort((a, b) => a.durability - b.durability)
-        .slice(0, limit);
-}
-/**
- * Returns the top N most durable profiles.
- */
-export function getMostDurable(profiles, limit = 5, minSamples = 3) {
-    return profiles
-        .filter((p) => p.sampleCount >= minSamples)
-        .sort((a, b) => b.durability - a.durability)
-        .slice(0, limit);
-}
-function normalizeRisk(risk) {
-    if (!risk)
-        return "low";
-    const lower = risk.toLowerCase();
-    if (lower === "critical")
-        return "critical";
-    if (lower === "high")
-        return "high";
-    if (lower === "medium")
-        return "medium";
-    return "low";
-}
-function classifyScope(files) {
-    if (!files || files.length <= 1)
-        return "single_file";
-    return "multi_file";
-}
-function generateRecommendation(profile) {
-    if (profile.sampleCount < 3)
-        return undefined;
-    if (profile.durability < 0.3) {
-        if (profile.targetRisk === "critical" && profile.scope === "multi_file") {
-            return "Multi-file changes to critical entities have very low durability. Break into smaller, single-file changes with tests between each.";
-        }
-        if (profile.actionType === "refactor" &&
-            profile.targetRisk === "critical") {
-            return "Refactoring critical entities is high-risk. Consider adding tests first, then refactoring in small verified steps.";
-        }
-        if (profile.actionType === "modify" && profile.scope === "multi_file") {
-            return "Multi-file modifications have low survival. Consider narrowing scope or creating a working snapshot before proceeding.";
-        }
-        return `${profile.actionType} actions on ${profile.targetRisk}-risk entities have low durability (${Math.round(profile.durability * 100)}%). Consider smaller increments with verification.`;
-    }
-    if (profile.durability < 0.5) {
-        if (profile.actionType === "fix") {
-            return "Fix attempts have moderate durability. Ensure root cause analysis before applying fixes.";
-        }
-        return `${profile.actionType} actions show moderate durability. Consider verifying with tests after each change.`;
-    }
-    if (profile.durability >= 0.9 && profile.sampleCount >= 5) {
-        return `${profile.actionType} actions on ${profile.targetRisk}-risk entities are highly durable — this is a strong pattern.`;
-    }
-    return undefined;
-}

package/dist/tracking/quality-signals.js

@@ -1,213 +0,0 @@
-/**
- * Sprint 10.7: Code Quality Signals — Durability Score + Developer Correction Tracking.
- *
- * Two signals:
- *   1. Code Durability Score: how long AI-generated code survives before modification.
- *   2. Developer Corrections: detects when humans edit AI-generated lines.
- *
- * Computed on drift events. Stored locally, stored locally.
- *
- * Design authority: Phase 5.5 §1.6.1 (Code Durability Score), §1.6.2 (Developer Correction Tracking)
- */
-import { existsSync, readFileSync, writeFileSync } from "node:fs";
-import { join } from "node:path";
-/** stderr logger */
-const _log = {
-    info: (msg) => process.stderr.write(`[unerr:quality] ${msg}\n`),
-};
-/** Durability score thresholds (hours). */
-const FRAGILE_THRESHOLD_MS = 24 * 60 * 60 * 1000; // <24h = fragile
-const MODERATE_THRESHOLD_MS = 7 * 24 * 60 * 60 * 1000; // 7d = moderate
-const DURABLE_THRESHOLD_MS = 30 * 24 * 60 * 60 * 1000; // 30d = durable
-/** Human origin threshold: >60s after last sync = human timing. */
-const HUMAN_TIMING_MS = 60_000;
-/**
- * Compute durability score from survival time.
- */
-function computeDurabilityFromAge(survivalMs) {
-    if (survivalMs < FRAGILE_THRESHOLD_MS) {
-        // 0.0 - 0.3 range
-        return 0.1 + (survivalMs / FRAGILE_THRESHOLD_MS) * 0.2;
-    }
-    if (survivalMs < MODERATE_THRESHOLD_MS) {
-        // 0.3 - 0.7 range
-        return (0.3 +
-            ((survivalMs - FRAGILE_THRESHOLD_MS) /
-                (MODERATE_THRESHOLD_MS - FRAGILE_THRESHOLD_MS)) *
-                0.4);
-    }
-    if (survivalMs < DURABLE_THRESHOLD_MS) {
-        // 0.7 - 0.9 range
-        return (0.7 +
-            ((survivalMs - MODERATE_THRESHOLD_MS) /
-                (DURABLE_THRESHOLD_MS - MODERATE_THRESHOLD_MS)) *
-                0.2);
-    }
-    return 0.9;
-}
-export class QualitySignalTracker {
-    signalsPath;
-    signals;
-    /** Maximum corrections to retain in memory/disk. */
-    static MAX_CORRECTIONS = 200;
-    constructor(unerrDir) {
-        this.signalsPath = join(unerrDir, "state", "quality_signals.json");
-        this.signals = this.load();
-    }
-    /**
-     * Record a drift event for an entity.
-     * Called by DriftTracker when an entity is modified.
-     *
-     * @param entityKey Entity key
-     * @param entityName Entity name
-     * @param origin "ai" | "human" | "mixed" from DriftTracker attribution
-     * @param lastSyncTimestamp Timestamp of last sync_local_diff
-     * @param ledgerEntries Recent ledger entries for AI creation lookup
-     */
-    onEntityModified(entityKey, entityName, origin, lastSyncTimestamp, ledgerEntries) {
-        const now = Date.now();
-        // Check if this entity was previously created/modified by AI
-        const aiEntry = this.findAiCreationEntry(entityKey, entityName, ledgerEntries);
-        if (aiEntry) {
-            const aiCreatedAt = new Date(aiEntry.ts).getTime();
-            const survivalMs = now - aiCreatedAt;
-            // Update durability score
-            this.signals.durabilityScores[entityKey] = {
-                entityKey,
-                entityName,
-                score: computeDurabilityFromAge(survivalMs),
-                survivalMs,
-                aiCreatedAt: aiEntry.ts,
-                computedAt: new Date().toISOString(),
-            };
-            // Check for developer correction (human modifying AI code)
-            if (origin === "human" && lastSyncTimestamp > 0) {
-                const timeSinceSync = now - lastSyncTimestamp;
-                if (timeSinceSync > HUMAN_TIMING_MS) {
-                    this.signals.corrections.push({
-                        entityKey,
-                        entityName,
-                        correctionLatencyMs: timeSinceSync,
-                        originalPrompt: this.extractPrompt(aiEntry),
-                        linesChanged: 0, // Updated by caller if available
-                        correctedAt: new Date().toISOString(),
-                    });
-                    // Cap corrections list
-                    if (this.signals.corrections.length >
-                        QualitySignalTracker.MAX_CORRECTIONS) {
-                        this.signals.corrections = this.signals.corrections.slice(-QualitySignalTracker.MAX_CORRECTIONS);
-                    }
-                }
-            }
-        }
-        this.signals.updatedAt = new Date().toISOString();
-    }
-    /**
-     * Get current quality signals for ledger flush.
-     */
-    getSignals() {
-        return { ...this.signals };
-    }
-    /**
-     * Get durability scores for specific entities.
-     */
-    getDurabilityScores(entityKeys) {
-        const result = {};
-        for (const key of entityKeys) {
-            const score = this.signals.durabilityScores[key];
-            if (score) {
-                result[key] = score.score;
-            }
-        }
-        return result;
-    }
-    /**
-     * Get average durability score across all tracked entities.
-     */
-    getAverageDurability() {
-        const scores = Object.values(this.signals.durabilityScores);
-        if (scores.length === 0)
-            return 0;
-        const sum = scores.reduce((acc, s) => acc + s.score, 0);
-        return sum / scores.length;
-    }
-    /**
-     * Get recent corrections (for status display).
-     */
-    getRecentCorrections(limit = 10) {
-        return this.signals.corrections.slice(-limit);
-    }
-    /**
-     * Persist signals to disk.
-     */
-    save() {
-        try {
-            const dir = join(this.signalsPath, "..");
-            if (!existsSync(dir)) {
-                const { mkdirSync } = require("node:fs");
-                mkdirSync(dir, { recursive: true });
-            }
-            writeFileSync(this.signalsPath, JSON.stringify(this.signals, null, 2), "utf-8");
-        }
-        catch {
-            // Non-critical — signals persist best-effort
-        }
-    }
-    /**
-     * Find the ledger entry where AI created/modified this entity.
-     */
-    findAiCreationEntry(entityKey, entityName, entries) {
-        // Look for sync_local_diff entries that mention this entity
-        for (let i = entries.length - 1; i >= 0; i--) {
-            const entry = entries[i];
-            if (!entry || entry.tool !== "sync_local_diff")
-                continue;
-            const args = entry.args_summary;
-            // Check if the diff mentions this entity name
-            const diff = args.diff ?? "";
-            if (diff.includes(entityName) || diff.includes(entityKey)) {
-                return entry;
-            }
-            // Check structured files for entity reference
-            const files = args.files;
-            if (files) {
-                for (const file of files) {
-                    if (file.entities?.includes(entityName) ||
-                        file.entities?.includes(entityKey)) {
-                        return entry;
-                    }
-                }
-            }
-        }
-        return null;
-    }
-    /**
-     * Extract the prompt text from a ledger entry.
-     */
-    extractPrompt(entry) {
-        const prompt = entry.args_summary.prompt ?? "";
-        return prompt.slice(0, 200); // Truncate for storage
-    }
-    /**
-     * Load signals from disk.
-     */
-    load() {
-        if (!existsSync(this.signalsPath)) {
-            return {
-                durabilityScores: {},
-                corrections: [],
-                updatedAt: new Date().toISOString(),
-            };
-        }
-        try {
-            return JSON.parse(readFileSync(this.signalsPath, "utf-8"));
-        }
-        catch {
-            return {
-                durabilityScores: {},
-                corrections: [],
-                updatedAt: new Date().toISOString(),
-            };
-        }
-    }
-}

package/dist/tracking/redactor.js

@@ -1,73 +0,0 @@
-/**
- * Shadow Ledger Redactor (ST-6).
- *
- * Strips known secret patterns from any `args_summary` payload before it lands
- * in `.unerr/ledger/shadow.jsonl`. Best-effort defence — patterns are tuned
- * for the obvious cases (API tokens, bearer headers, env-style assignments)
- * and DO NOT replace a real secret scanner. We deliberately stay regex-only
- * to keep the hot path under a millisecond.
- *
- * Replacement: `<redacted>` (visible in logs and the timeline UI so users know
- * a value was scrubbed).
- */
-const REDACTION_PATTERNS = [
-    // Anthropic / OpenAI-style secret prefixes
-    /sk-[a-zA-Z0-9_-]{16,}/g,
-    /sk_(?:live|test)_[a-zA-Z0-9_-]{16,}/g,
-    // GitHub personal access tokens (ghp_, gho_, ghu_, ghs_, ghr_)
-    /gh[opsur]_[A-Za-z0-9_]{20,}/g,
-    // Slack tokens (xox*-...)
-    /xox[abprs]-[A-Za-z0-9-]{10,}/g,
-    // AWS access key id
-    /AKIA[0-9A-Z]{16}/g,
-    // Google API keys
-    /AIza[0-9A-Za-z_-]{30,}/g,
-    // JWT-ish three-segment base64url
-    /eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}/g,
-    // Authorization headers (Bearer / Basic / Token)
-    /(?:Bearer|Basic|Token)\s+[A-Za-z0-9._=/+-]{8,}/gi,
-    // password|secret|token|api_key = value | : value
-    /\b(?:password|passwd|secret|token|api[-_]?key)\s*[:=]\s*['"]?[^\s'"&]+/gi,
-    // VAR=value style env assignments where VAR looks secret-like
-    /\b[A-Z][A-Z0-9_]*(?:KEY|TOKEN|SECRET|PASS|PASSWORD|CRED|CREDENTIAL)\s*=\s*[^\s]+/g,
-    // .env-style export FOO=secret
-    /export\s+[A-Z][A-Z0-9_]*(?:KEY|TOKEN|SECRET|PASS|PASSWORD|CRED|CREDENTIAL)=[^\s]+/g,
-];
-const REDACTED = "<redacted>";
-export function redactString(input) {
-    if (typeof input !== "string" || input.length === 0)
-        return input;
-    let out = input;
-    for (const re of REDACTION_PATTERNS) {
-        out = out.replace(re, REDACTED);
-    }
-    return out;
-}
-/**
- * Walk an arg payload depth-first and redact every string value in place.
- * Arrays/objects are recursed; non-string scalars are returned unchanged.
- * The input is treated as immutable — a new object is returned for any
- * branch that contained a redaction (and the original for branches that
- * didn't, which keeps GC pressure low on clean inputs).
- */
-export function redactArgs(args) {
-    const result = {};
-    for (const [k, v] of Object.entries(args)) {
-        result[k] = redactValue(v);
-    }
-    return result;
-}
-function redactValue(v) {
-    if (typeof v === "string")
-        return redactString(v);
-    if (Array.isArray(v))
-        return v.map(redactValue);
-    if (v && typeof v === "object") {
-        const out = {};
-        for (const [k, vv] of Object.entries(v)) {
-            out[k] = redactValue(vv);
-        }
-        return out;
-    }
-    return v;
-}

package/dist/tracking/rewind-engine.js

@@ -1,161 +0,0 @@
-/**
- * Sprint 10.2: Deterministic Rewind — `unerr_revert_to_working_state` MCP tool.
- *
- * Wraps offline-rewind.ts with working snapshot targeting.
- * The MCP tool accepts either a snapshot ID or "latest" to rewind to.
- *
- * Design authority: Phase 5.5 §1.3 (Deterministic Rewind)
- */
-import { checkoutFile, getChangedFiles } from "../utils/git.js";
-import { createModuleLogger } from "../utils/logger.js";
-import { offlineRewind } from "./offline-rewind.js";
-const log = createModuleLogger("rewind");
-/**
- * Execute a deterministic rewind to a working snapshot.
- *
- * Steps:
- *   1. Resolve snapshot (by ID or "latest")
- *   2. Find the ledger entry closest to the snapshot timestamp
- *   3. Delegate to offlineRewind() for file restoration
- *   4. Return result with blast radius and restored files
- */
-export async function revertToWorkingState(request) {
-    const { snapshotId, cwd, unerrDir, graph, ledger, snapshotStore, dryRun } = request;
-    // Step 1: Resolve snapshot
-    let snapshot;
-    if (snapshotId === "latest") {
-        snapshot = snapshotStore.getLatest();
-    }
-    else {
-        snapshot = snapshotStore.get(snapshotId);
-    }
-    if (!snapshot) {
-        return {
-            success: false,
-            snapshot: null,
-            rewindResult: null,
-            error: snapshotId === "latest"
-                ? "No working snapshots found. Use unerr_mark_working to create one."
-                : `Snapshot ${snapshotId} not found.`,
-        };
-    }
-    log.info(`Reverting to snapshot ${snapshot.id} at ${snapshot.commitSha.slice(0, 8)} (${snapshot.reason})`);
-    // Step 2: Find the closest ledger entry to the snapshot
-    const allEntries = ledger.readAllEntries();
-    const snapshotTime = new Date(snapshot.timestamp).getTime();
-    // Find the entry closest to (but not after) the snapshot timestamp
-    let targetEntry = null;
-    let closestDelta = Number.POSITIVE_INFINITY;
-    for (const entry of allEntries) {
-        const entryTime = new Date(entry.ts).getTime();
-        const delta = snapshotTime - entryTime;
-        // Entry must be at or before snapshot time
-        if (delta >= 0 && delta < closestDelta) {
-            closestDelta = delta;
-            targetEntry = entry;
-        }
-    }
-    if (!targetEntry) {
-        // No ledger entry found — fall back to git-only rewind
-        log.info("No matching ledger entry found. Performing git-only rewind.");
-        return await performGitOnlyRewind(snapshot, cwd, dryRun);
-    }
-    const result = await offlineRewind({
-        targetEntryId: targetEntry.id,
-        cwd,
-        unerrDir,
-        graph,
-        ledger,
-        dryRun,
-    });
-    return {
-        success: result.status !== "error",
-        snapshot,
-        rewindResult: result,
-    };
-}
-/**
- * Git-only rewind when no ledger entry matches.
- * Uses checkoutFile to restore files from the snapshot commit.
- */
-async function performGitOnlyRewind(snapshot, cwd, dryRun) {
-    if (dryRun) {
-        return {
-            success: true,
-            snapshot,
-            rewindResult: {
-                status: "dry_run",
-                rewindEntryId: null,
-                timelineBranch: snapshot.timelineBranch,
-                entriesReverted: 0,
-                blastRadius: {
-                    safeFiles: [],
-                    conflictedFiles: [],
-                    affectedEntities: [],
-                    affectedCallers: 0,
-                    resolvedInMs: 0,
-                },
-                filesRestored: [],
-            },
-        };
-    }
-    try {
-        const changedFiles = await getChangedFiles(cwd, snapshot.commitSha, "HEAD");
-        if (changedFiles.length === 0) {
-            return {
-                success: true,
-                snapshot,
-                rewindResult: {
-                    status: "simulated",
-                    rewindEntryId: null,
-                    timelineBranch: snapshot.timelineBranch,
-                    entriesReverted: 0,
-                    blastRadius: {
-                        safeFiles: [],
-                        conflictedFiles: [],
-                        affectedEntities: [],
-                        affectedCallers: 0,
-                        resolvedInMs: 0,
-                    },
-                    filesRestored: [],
-                },
-            };
-        }
-        const filesRestored = [];
-        for (const file of changedFiles) {
-            try {
-                await checkoutFile(cwd, snapshot.commitSha, file);
-                filesRestored.push(file);
-            }
-            catch {
-                // File may not exist at snapshot commit
-            }
-        }
-        return {
-            success: true,
-            snapshot,
-            rewindResult: {
-                status: "simulated",
-                rewindEntryId: null,
-                timelineBranch: snapshot.timelineBranch,
-                entriesReverted: 0,
-                blastRadius: {
-                    safeFiles: filesRestored,
-                    conflictedFiles: [],
-                    affectedEntities: [],
-                    affectedCallers: 0,
-                    resolvedInMs: 0,
-                },
-                filesRestored,
-            },
-        };
-    }
-    catch (err) {
-        return {
-            success: false,
-            snapshot,
-            rewindResult: null,
-            error: `Git rewind failed: ${err instanceof Error ? err.message : String(err)}`,
-        };
-    }
-}