@veewo/gitnexus 1.5.6 → 1.5.8

package/dist/rule-lab/promote.js

@@ -1,387 +0,0 @@
-import fs from 'node:fs/promises';
-import path from 'node:path';
-import { getRuleLabPaths } from './paths.js';
-import { writeCompiledRuleBundle, loadCompiledRuleBundle } from './compiled-bundles.js';
-function quoteYaml(value) {
-    const raw = String(value || '');
-    if (/^[a-zA-Z0-9._-]+$/.test(raw))
-        return raw;
-    return `'${raw.replace(/'/g, "''")}'`;
-}
-function inferTriggerFamily(item) {
-    const fromTitle = String(item.title || '').trim().split(/\s+/)[0];
-    if (fromTitle)
-        return fromTitle.toLowerCase();
-    return 'runtime';
-}
-function unique(values) {
-    return [...new Set(values.map((value) => String(value || '').trim()).filter(Boolean))];
-}
-function toComparableToken(value) {
-    return String(value || '').trim().toLowerCase();
-}
-function isForbiddenPlaceholder(value) {
-    const token = toComparableToken(value);
-    return token === 'unknown' || token === 'todo' || token === 'tbd' || /<[^>]+>/.test(token);
-}
-function hasPlaceholderText(value) {
-    const raw = String(value || '').trim();
-    return !raw || /TODO|TBD|placeholder|<[^>]+>/i.test(raw);
-}
-function assertNoPlaceholderScope(values, field) {
-    if (values.length === 0) {
-        throw new Error(`promote lint failed: ${field} must be non-empty`);
-    }
-    if (values.some((entry) => isForbiddenPlaceholder(entry))) {
-        throw new Error(`promote lint failed: unknown scope placeholder is forbidden (${field})`);
-    }
-}
-function assertResolvedBindings(resourceBindings, ruleId) {
-    if (!Array.isArray(resourceBindings) || resourceBindings.length === 0)
-        return;
-    const raw = JSON.stringify(resourceBindings);
-    if (/UnknownClass|UnknownMethod|UnknownSource|UnknownTarget|TODO|TBD|placeholder|<[^>]+>/i.test(raw)) {
-        throw new Error(`binding_unresolved: placeholder binding values are forbidden for rule ${ruleId}`);
-    }
-}
-function requireEvidenceGuard(item, ruleId) {
-    const steps = Array.isArray(item.confirmed_chain?.steps) ? item.confirmed_chain.steps : [];
-    if (steps.length === 0) {
-        throw new Error(`evidence_guard_failed: confirmed_chain.steps must be non-empty for rule ${ruleId}`);
-    }
-    for (let index = 0; index < steps.length; index += 1) {
-        const step = steps[index];
-        if (hasPlaceholderText(step.anchor)) {
-            throw new Error(`evidence_guard_failed: confirmed_chain.steps[${index}].anchor invalid for rule ${ruleId}`);
-        }
-        if (hasPlaceholderText(step.snippet)) {
-            throw new Error(`evidence_guard_failed: confirmed_chain.steps[${index}].snippet invalid for rule ${ruleId}`);
-        }
-    }
-}
-function isExactPairEventDelegateItem(item) {
-    const triggerTokens = Array.isArray(item.match?.trigger_tokens)
-        ? item.match?.trigger_tokens || []
-        : [];
-    const hasEventDelegateTrigger = triggerTokens.some((token) => toComparableToken(token) === 'event_delegate');
-    if (!hasEventDelegateTrigger)
-        return false;
-    const hasCodeRuntimeTopology = Array.isArray(item.topology)
-        && item.topology.some((hop) => toComparableToken(hop.hop) === 'code_runtime');
-    const hasEvidence = Array.isArray(item.confirmed_chain?.steps) && item.confirmed_chain.steps.length > 0;
-    return hasCodeRuntimeTopology && hasEvidence;
-}
-function requireBindingGuard(item, ruleId) {
-    const bindings = item.resource_bindings;
-    if (isExactPairEventDelegateItem(item) && (!Array.isArray(bindings) || bindings.length === 0)) {
-        throw new Error(`binding_unresolved: exact_pair_binding_missing for rule ${ruleId}`);
-    }
-    assertResolvedBindings(bindings, ruleId);
-}
-function toDraftFromCurated(item) {
-    const triggerTokens = unique(item.match?.trigger_tokens || [inferTriggerFamily(item)]);
-    const topology = Array.isArray(item.topology) && item.topology.length > 0
-        ? item.topology
-        : item.confirmed_chain.steps.map((step) => ({
-            hop: String(step.hop_type || 'resource'),
-            from: { entity: 'resource' },
-            to: { entity: 'script' },
-            edge: { kind: 'binds_script' },
-        }));
-    const requiredHops = unique(item.closure?.required_hops || topology.map((step) => step.hop));
-    const failureMap = item.closure?.failure_map && Object.keys(item.closure.failure_map).length > 0
-        ? item.closure.failure_map
-        : { missing_evidence: 'rule_matched_but_evidence_missing' };
-    const guarantees = unique(item.claims?.guarantees || item.guarantees);
-    const nonGuarantees = unique(item.claims?.non_guarantees || item.non_guarantees);
-    const nextAction = String(item.claims?.next_action || '').trim() || 'gitnexus query "runtime"';
-    return {
-        id: String(item.rule_id || item.id || '').trim(),
-        version: '2.0.0',
-        match: {
-            trigger_tokens: triggerTokens,
-            symbol_kind: item.match?.symbol_kind || [],
-            module_scope: item.match?.module_scope || [],
-            resource_types: unique(item.match?.resource_types || []),
-            host_base_type: unique(item.match?.host_base_type || []),
-        },
-        topology,
-        closure: {
-            required_hops: requiredHops,
-            failure_map: failureMap,
-        },
-        claims: {
-            guarantees,
-            non_guarantees: nonGuarantees,
-            next_action: nextAction,
-        },
-        ...(Array.isArray(item.resource_bindings)
-            ? { resource_bindings: item.resource_bindings }
-            : {}),
-    };
-}
-function compileRule(ruleId, version, draft) {
-    const triggerFamily = String(draft.match.trigger_tokens[0] || '').trim() || 'runtime';
-    const resourceTypes = unique(draft.match.resource_types || []);
-    const hostBaseType = unique(draft.match.host_base_type || []);
-    if (resourceTypes.length === 0) {
-        resourceTypes.push('unspecified_resource');
-    }
-    if (hostBaseType.length === 0) {
-        hostBaseType.push('unspecified_host');
-    }
-    const requiredHops = unique(draft.closure.required_hops);
-    const guarantees = unique(draft.claims.guarantees);
-    const nonGuarantees = unique(draft.claims.non_guarantees);
-    const nextAction = String(draft.claims.next_action || '').trim() || 'gitnexus query "runtime"';
-    assertNoPlaceholderScope(resourceTypes, 'resource_types');
-    assertNoPlaceholderScope(hostBaseType, 'host_base_type');
-    assertResolvedBindings(draft.resource_bindings, ruleId);
-    return {
-        id: ruleId,
-        version,
-        trigger_family: triggerFamily,
-        resource_types: resourceTypes,
-        host_base_type: hostBaseType,
-        required_hops: requiredHops,
-        guarantees,
-        non_guarantees: nonGuarantees,
-        next_action: nextAction,
-        match: draft.match,
-        topology: draft.topology,
-        closure: draft.closure,
-        claims: draft.claims,
-        ...(draft.resource_bindings ? { resource_bindings: draft.resource_bindings } : {}),
-        ...(draft.lifecycle_overrides ? { lifecycle_overrides: draft.lifecycle_overrides } : {}),
-    };
-}
-function toStageAwareCompiledRule(rule, relativeFile) {
-    return {
-        id: rule.id,
-        version: rule.version,
-        trigger_family: rule.trigger_family,
-        trigger_tokens: [...rule.match.trigger_tokens],
-        resource_types: [...rule.resource_types],
-        host_base_type: [...rule.host_base_type],
-        required_hops: [...rule.required_hops],
-        guarantees: [...rule.guarantees],
-        non_guarantees: [...rule.non_guarantees],
-        next_action: rule.next_action,
-        file_path: relativeFile,
-        match: rule.match,
-        topology: rule.topology,
-        closure: rule.closure,
-        claims: rule.claims,
-        ...(rule.resource_bindings ? { resource_bindings: rule.resource_bindings } : {}),
-        ...(rule.lifecycle_overrides ? { lifecycle_overrides: rule.lifecycle_overrides } : {}),
-    };
-}
-function pushList(lines, key, values, indent = '') {
-    lines.push(`${indent}${key}:`);
-    values.forEach((value) => lines.push(`${indent}  - ${quoteYaml(value)}`));
-}
-function renderObjectLines(lines, object, indent = '') {
-    const entries = Object.entries(object || {});
-    for (const [key, value] of entries) {
-        const scalar = typeof value === 'string' || typeof value === 'number' || typeof value === 'boolean'
-            ? String(value)
-            : JSON.stringify(value);
-        lines.push(`${indent}${key}: ${quoteYaml(scalar)}`);
-    }
-}
-function buildRuleYaml(rule) {
-    const lines = [
-        `id: ${quoteYaml(rule.id)}`,
-        `version: ${quoteYaml(rule.version)}`,
-        ...(rule.family ? [`family: ${quoteYaml(rule.family)}`] : []),
-        `trigger_family: ${quoteYaml(rule.trigger_family)}`,
-    ];
-    pushList(lines, 'resource_types', rule.resource_types);
-    pushList(lines, 'host_base_type', rule.host_base_type);
-    pushList(lines, 'required_hops', rule.required_hops);
-    pushList(lines, 'guarantees', rule.guarantees);
-    pushList(lines, 'non_guarantees', rule.non_guarantees);
-    lines.push(`next_action: ${quoteYaml(rule.next_action)}`);
-    lines.push('match:');
-    pushList(lines, 'trigger_tokens', rule.match.trigger_tokens, '  ');
-    if (Array.isArray(rule.match.symbol_kind) && rule.match.symbol_kind.length > 0) {
-        pushList(lines, 'symbol_kind', rule.match.symbol_kind, '  ');
-    }
-    if (Array.isArray(rule.match.module_scope) && rule.match.module_scope.length > 0) {
-        pushList(lines, 'module_scope', rule.match.module_scope, '  ');
-    }
-    if (Array.isArray(rule.match.resource_types) && rule.match.resource_types.length > 0) {
-        pushList(lines, 'resource_types', rule.match.resource_types, '  ');
-    }
-    if (Array.isArray(rule.match.host_base_type) && rule.match.host_base_type.length > 0) {
-        pushList(lines, 'host_base_type', rule.match.host_base_type, '  ');
-    }
-    lines.push('topology:');
-    for (const hop of rule.topology) {
-        lines.push(`  - hop: ${quoteYaml(hop.hop)}`);
-        lines.push('    from:');
-        renderObjectLines(lines, hop.from || {}, '      ');
-        lines.push('    to:');
-        renderObjectLines(lines, hop.to || {}, '      ');
-        lines.push('    edge:');
-        lines.push(`      kind: ${quoteYaml(String(hop.edge?.kind || 'calls'))}`);
-        if (hop.constraints && Object.keys(hop.constraints).length > 0) {
-            lines.push('    constraints:');
-            renderObjectLines(lines, hop.constraints, '      ');
-        }
-    }
-    lines.push('closure:');
-    pushList(lines, 'required_hops', rule.closure.required_hops, '  ');
-    lines.push('  failure_map:');
-    for (const [key, value] of Object.entries(rule.closure.failure_map || {})) {
-        lines.push(`    ${quoteYaml(key)}: ${quoteYaml(String(value || 'rule_matched_but_evidence_missing'))}`);
-    }
-    lines.push('claims:');
-    pushList(lines, 'guarantees', rule.claims.guarantees, '  ');
-    pushList(lines, 'non_guarantees', rule.claims.non_guarantees, '  ');
-    lines.push(`  next_action: ${quoteYaml(rule.claims.next_action)}`);
-    if (rule.resource_bindings && rule.resource_bindings.length > 0) {
-        lines.push('resource_bindings:');
-        for (const binding of rule.resource_bindings) {
-            lines.push(`  - kind: ${binding.kind}`);
-            if (binding.ref_field_pattern)
-                lines.push(`    ref_field_pattern: ${quoteYaml(binding.ref_field_pattern)}`);
-            if (binding.target_entry_points?.length)
-                pushList(lines, 'target_entry_points', binding.target_entry_points, '    ');
-            if (binding.host_class_pattern)
-                lines.push(`    host_class_pattern: ${quoteYaml(binding.host_class_pattern)}`);
-            if (binding.field_name)
-                lines.push(`    field_name: ${quoteYaml(binding.field_name)}`);
-            if (binding.loader_methods?.length)
-                pushList(lines, 'loader_methods', binding.loader_methods, '    ');
-            if (binding.scene_name)
-                lines.push(`    scene_name: ${quoteYaml(binding.scene_name)}`);
-            if (binding.source_class_pattern)
-                lines.push(`    source_class_pattern: ${quoteYaml(binding.source_class_pattern)}`);
-            if (binding.source_method)
-                lines.push(`    source_method: ${quoteYaml(binding.source_method)}`);
-            if (binding.target_class_pattern)
-                lines.push(`    target_class_pattern: ${quoteYaml(binding.target_class_pattern)}`);
-            if (binding.target_method)
-                lines.push(`    target_method: ${quoteYaml(binding.target_method)}`);
-        }
-    }
-    if (rule.lifecycle_overrides) {
-        lines.push('lifecycle_overrides:');
-        if (rule.lifecycle_overrides.additional_entry_points?.length) {
-            pushList(lines, 'additional_entry_points', rule.lifecycle_overrides.additional_entry_points, '  ');
-        }
-        if (rule.lifecycle_overrides.scope) {
-            lines.push(`  scope: ${quoteYaml(rule.lifecycle_overrides.scope)}`);
-        }
-    }
-    return `${lines.join('\n')}\n`;
-}
-async function readCatalog(catalogPath) {
-    try {
-        const raw = await fs.readFile(catalogPath, 'utf-8');
-        const parsed = JSON.parse(raw);
-        return {
-            version: Number(parsed.version || 1),
-            rules: Array.isArray(parsed.rules) ? parsed.rules : [],
-        };
-    }
-    catch (error) {
-        if (error?.code === 'ENOENT') {
-            return { version: 1, rules: [] };
-        }
-        throw error;
-    }
-}
-async function fileExists(filePath) {
-    try {
-        await fs.access(filePath);
-        return true;
-    }
-    catch (error) {
-        if (error?.code === 'ENOENT')
-            return false;
-        throw error;
-    }
-}
-export async function promoteCuratedRules(input) {
-    const normalizedRepoPath = path.resolve(input.repoPath);
-    const paths = getRuleLabPaths(normalizedRepoPath, input.runId, input.sliceId);
-    const version = String(input.version || '1.0.0');
-    const curatedRaw = await fs.readFile(paths.curatedPath, 'utf-8');
-    const curatedDoc = JSON.parse(curatedRaw);
-    const curatedItems = Array.isArray(curatedDoc.curated) ? curatedDoc.curated : [];
-    if (curatedItems.length === 0) {
-        throw new Error('No curated candidates available for promotion');
-    }
-    let dslDraftFromCurate;
-    try {
-        const dslDraftRaw = await fs.readFile(path.join(path.dirname(paths.curatedPath), 'dsl-draft.json'), 'utf-8');
-        dslDraftFromCurate = JSON.parse(dslDraftRaw);
-    }
-    catch (error) {
-        if (error?.code !== 'ENOENT')
-            throw error;
-    }
-    const catalogPath = path.join(paths.rulesRoot, 'catalog.json');
-    const catalog = await readCatalog(catalogPath);
-    const promotedFiles = [];
-    const compiledRules = [];
-    await fs.mkdir(paths.promotedRoot, { recursive: true });
-    for (const item of curatedItems) {
-        const ruleId = String(item.rule_id || item.id || '').trim();
-        if (!ruleId) {
-            throw new Error('curated item missing rule id');
-        }
-        requireEvidenceGuard(item, ruleId);
-        requireBindingGuard(item, ruleId);
-        if (catalog.rules.some((entry) => entry.id === ruleId)) {
-            throw new Error(`duplicate_rule_id: ${ruleId} already exists in catalog`);
-        }
-        const relativeFile = path.join('approved', `${ruleId}.yaml`).split(path.sep).join('/');
-        const absoluteFile = path.join(paths.rulesRoot, relativeFile);
-        if (await fileExists(absoluteFile)) {
-            throw new Error(`duplicate_rule_id: ${ruleId} already exists at ${relativeFile}`);
-        }
-        const draft = dslDraftFromCurate && curatedItems.length === 1
-            ? { ...dslDraftFromCurate, id: ruleId, version }
-            : { ...toDraftFromCurated(item), id: ruleId, version };
-        const compiledRule = compileRule(ruleId, version, draft);
-        const yaml = buildRuleYaml(compiledRule);
-        await fs.writeFile(absoluteFile, yaml, 'utf-8');
-        promotedFiles.push(absoluteFile);
-        compiledRules.push(toStageAwareCompiledRule(compiledRule, relativeFile));
-        const nextEntry = {
-            id: ruleId,
-            version,
-            enabled: true,
-            file: relativeFile,
-            ...(compiledRule.family ? { family: compiledRule.family } : {}),
-        };
-        catalog.rules.push(nextEntry);
-    }
-    await fs.mkdir(path.dirname(catalogPath), { recursive: true });
-    await fs.writeFile(catalogPath, `${JSON.stringify(catalog, null, 2)}\n`, 'utf-8');
-    const mergeCompiledRules = async (family) => {
-        const existing = await loadCompiledRuleBundle(normalizedRepoPath, family, paths.rulesRoot);
-        const merged = new Map();
-        for (const rule of existing?.rules || []) {
-            merged.set(rule.id, rule);
-        }
-        for (const rule of compiledRules) {
-            merged.set(rule.id, rule);
-        }
-        return writeCompiledRuleBundle(paths.rulesRoot, family, [...merged.values()]);
-    };
-    const compiledPaths = {
-        analyze_rules: await mergeCompiledRules('analyze_rules'),
-        retrieval_rules: await mergeCompiledRules('retrieval_rules'),
-        verification_rules: await mergeCompiledRules('verification_rules'),
-    };
-    return {
-        catalog,
-        promotedFiles,
-        compiledPaths,
-        paths,
-    };
-}

package/dist/rule-lab/promote.test.d.ts

@@ -1 +0,0 @@
-export {};