@veraxhq/verax 0.2.0 → 0.3.0

package/src/verax/learn/ast-contract-extractor.js

@@ -21,6 +21,11 @@ function extractStaticStringValue(node) {
   if (node.type === 'StringLiteral') {
     return node.value;
   }
+
+  // Template literal without interpolation
+  if (node.type === 'TemplateLiteral' && node.expressions.length === 0 && node.quasis.length === 1) {
+    return node.quasis[0].value.cooked;
+  }
   
   // JSX expression: href={'/about'} or href={`/about`}
   if (node.type === 'JSXExpressionContainer') {
@@ -46,6 +51,22 @@ function extractStaticStringValue(node) {
   return null;
 }
 
+function extractStaticPropValue(propsNode, propNames) {
+  if (!propsNode || propsNode.type !== 'ObjectExpression') return { attributeName: null, targetPath: null };
+  const names = new Set(propNames);
+  for (const prop of propsNode.properties || []) {
+    if (prop.type !== 'ObjectProperty') continue;
+    const key = prop.key;
+    const name = key.type === 'Identifier' ? key.name : (key.type === 'StringLiteral' ? key.value : null);
+    if (!name || !names.has(name)) continue;
+    const targetPath = extractStaticStringValue(prop.value);
+    if (targetPath) {
+      return { attributeName: name, targetPath };
+    }
+  }
+  return { attributeName: null, targetPath: null };
+}
+
 /**
  * Extracts template literal pattern from Babel TemplateLiteral node.
  * Returns null if template has complex expressions that cannot be normalized.
@@ -176,6 +197,37 @@ function extractContractsFromFile(filePath, fileContent) {
       // since we cannot reliably tie them to clicked elements
       CallExpression(path) {
         const callee = path.node.callee;
+
+        // React.createElement(Link, { to: '/about' }) or createElement('a', { href: '/about' })
+        const isCreateElement = (
+          (callee.type === 'MemberExpression' && callee.object.type === 'Identifier' && callee.object.name === 'React' && callee.property.type === 'Identifier' && callee.property.name === 'createElement') ||
+          (callee.type === 'Identifier' && callee.name === 'createElement')
+        );
+
+        if (isCreateElement) {
+          const [componentArg, propsArg] = path.node.arguments;
+          let elementName = null;
+          if (componentArg?.type === 'Identifier') {
+            elementName = componentArg.name;
+          } else if (componentArg?.type === 'StringLiteral') {
+            elementName = componentArg.value;
+          }
+          if (elementName) {
+            const { attributeName, targetPath } = extractStaticPropValue(propsArg, ['to', 'href']);
+            if (targetPath && !targetPath.startsWith('http://') && !targetPath.startsWith('https://') && !targetPath.startsWith('mailto:') && !targetPath.startsWith('tel:')) {
+              const normalized = targetPath.startsWith('/') ? targetPath : '/' + targetPath;
+              contracts.push({
+                kind: 'NAVIGATION',
+                targetPath: normalized,
+                sourceFile: filePath,
+                element: elementName,
+                attribute: attributeName,
+                proof: ExpectationProof.PROVEN_EXPECTATION,
+                line: path.node.loc?.start.line || null
+              });
+            }
+          }
+        }
         
         // navigate("/about") - useNavigate hook
         if (callee.type === 'Identifier' && callee.name === 'navigate') {
@@ -308,7 +360,7 @@ export async function extractASTContracts(projectDir) {
  * Converts AST contracts to manifest expectations format.
  * Only includes contracts that can be matched at runtime (excludes imperativeOnly).
  */
-export function contractsToExpectations(contracts, projectType) {
+export function contractsToExpectations(contracts, _projectType) {
   const expectations = [];
   const seenPaths = new Set();
   

package/src/verax/learn/index.js

@@ -1,9 +1,31 @@
 import { resolve } from 'path';
-import { existsSync } from 'fs';
+import { existsSync, mkdirSync, writeFileSync } from 'fs';
 import { detectProjectType } from './project-detector.js';
 import { extractRoutes } from './route-extractor.js';
 import { writeManifest } from './manifest-writer.js';
 
+/**
+ * @typedef {Object} LearnResult
+ * @property {number} version
+ * @property {string} learnedAt
+ * @property {string} projectDir
+ * @property {string} projectType
+ * @property {Array} routes
+ * @property {Array<string>} publicRoutes
+ * @property {Array<string>} internalRoutes
+ * @property {Array} [staticExpectations]
+ * @property {Array} [flows]
+ * @property {string} [expectationsStatus]
+ * @property {Array} [coverageGaps]
+ * @property {Array} notes
+ * @property {Object} [learnTruth]
+ * @property {string} [manifestPath] - Optional manifest path (added when loaded from file)
+ */
+
+/**
+ * @param {string} projectDir
+ * @returns {Promise<LearnResult>}
+ */
 export async function learn(projectDir) {
   const absoluteProjectDir = resolve(projectDir);
   
@@ -14,5 +36,17 @@ export async function learn(projectDir) {
   const projectType = await detectProjectType(absoluteProjectDir);
   const routes = await extractRoutes(absoluteProjectDir, projectType);
   
-  return await writeManifest(absoluteProjectDir, projectType, routes);
+    const manifest = await writeManifest(absoluteProjectDir, projectType, routes);
+  
+    // Write manifest to disk and return path
+    const veraxDir = resolve(absoluteProjectDir, '.verax');
+    mkdirSync(veraxDir, { recursive: true });
+  
+    const manifestPath = resolve(veraxDir, 'project.json');
+    writeFileSync(manifestPath, JSON.stringify(manifest, null, 2), 'utf-8');
+  
+    return {
+      ...manifest,
+      manifestPath
+    };
 }

package/src/verax/learn/manifest-writer.js

@@ -1,5 +1,4 @@
-import { resolve } from 'path';
-import { writeFileSync, mkdirSync } from 'fs';
+// resolve, writeFileSync, mkdirSync imports removed - currently unused
 import { extractStaticExpectations } from './static-extractor.js';
 import { assessLearnTruth } from './truth-assessor.js';
 import { runCodeIntelligence } from '../intel/index.js';
@@ -8,6 +7,29 @@ import { extractFlows } from './flow-extractor.js';
 import { createTSProgram } from '../intel/ts-program.js';
 import { extractVueNavigationPromises } from '../intel/vue-navigation-extractor.js';
 
+/**
+ * @typedef {Object} Manifest
+ * @property {number} version
+ * @property {string} learnedAt
+ * @property {string} projectDir
+ * @property {string} projectType
+ * @property {Array} routes
+ * @property {Array<string>} publicRoutes
+ * @property {Array<string>} internalRoutes
+ * @property {Array} [staticExpectations]
+ * @property {Array} [flows]
+ * @property {string} [expectationsStatus]
+ * @property {Array} [coverageGaps]
+ * @property {Array} notes
+ * @property {Object} [learnTruth]
+ */
+
+/**
+ * @param {string} projectDir
+ * @param {string} projectType
+ * @param {Array} routes
+ * @returns {Promise<Manifest>}
+ */
 export async function writeManifest(projectDir, projectType, routes) {
   const publicRoutes = routes.filter(r => r.public).map(r => r.path);
   const internalRoutes = routes.filter(r => !r.public).map(r => r.path);
@@ -44,7 +66,7 @@ export async function writeManifest(projectDir, projectType, routes) {
     const program = createTSProgram(projectDir, { includeJs: true });
     
     if (!program.error) {
-      const vueNavPromises = extractVueNavigationPromises(program, projectDir);
+      const vueNavPromises = await extractVueNavigationPromises(program, projectDir);
       
       if (vueNavPromises && vueNavPromises.length > 0) {
         intelExpectations = vueNavPromises.filter(exp => isProvenExpectation(exp));
@@ -132,16 +154,8 @@ export async function writeManifest(projectDir, projectType, routes) {
     learn: learnTruth
   });
   
-  const manifestDir = resolve(projectDir, '.veraxverax', 'learn');
-  mkdirSync(manifestDir, { recursive: true });
-  
-  const manifestPath = resolve(manifestDir, 'site-manifest.json');
-  writeFileSync(manifestPath, JSON.stringify(manifest, null, 2) + '\n');
-  
-  return {
-    ...manifest,
-    manifestPath: manifestPath,
-    learnTruth: learnTruth
-  };
+  // Note: This function is still used by learn() function
+  // Direct usage is deprecated in favor of CLI learn.json writer
+  return manifest;
 }
 

package/src/verax/learn/route-extractor.js

@@ -1,4 +1,4 @@
-import { resolve } from 'path';
+// resolve import removed - currently unused
 import { extractStaticRoutes } from './static-extractor.js';
 import { createTSProgram } from '../intel/ts-program.js';
 import { extractRoutes as extractRoutesAST } from '../intel/route-extractor.js';

package/src/verax/learn/route-validator.js

@@ -15,7 +15,10 @@ export async function validateRoutes(manifest, baseUrl) {
       routesReachable: 0,
       routesUnreachable: 0,
       details: [],
-      warnings: []
+      warnings: [{
+        code: 'INVALID_BASE_URL',
+        message: `Cannot parse base URL for validation: ${error.message}`
+      }]
     };
   }
   
@@ -99,14 +102,15 @@ export async function validateRoutes(manifest, baseUrl) {
           
           const request = response.request();
           
-          // Use redirectChain() if available (preferred), otherwise use redirectedFrom()
+          // Use redirectChain property if available (Playwright API)
           let redirectChain = [];
-          if (typeof request.redirectChain === 'function') {
-            try {
-              redirectChain = request.redirectChain();
-            } catch (e) {
-              // redirectChain may not be available, fall back to redirectedFrom
-            }
+          // @ts-expect-error - redirectChain exists in Playwright runtime but not in TypeScript types
+          if (request.redirectChain && Array.isArray(request.redirectChain)) {
+            // @ts-expect-error - redirectChain exists in Playwright runtime but not in TypeScript types
+            redirectChain = request.redirectChain;
+          } else if (request.redirectedFrom) {
+            // Fall back to redirectedFrom if redirectChain not available
+            redirectChain = [request.redirectedFrom];
           }
           
           // If redirectChain is empty or not available, build chain from redirectedFrom

package/src/verax/learn/state-extractor.js

@@ -11,7 +11,7 @@ const MAX_FILES_TO_SCAN = 200;
  * Extracts static string value from call expression arguments.
  * Returns null if value is dynamic.
  */
-function extractStaticActionName(node) {
+function _extractStaticActionName(node) {
   if (!node) return null;
   
   // String literal: dispatch('increment')

package/src/verax/learn/static-extractor-navigation.js

@@ -3,7 +3,7 @@
  * Detects router.push/replace/navigate calls in inline scripts.
  */
 
-function extractNavigationExpectations(root, fromPath, file, projectDir) {
+function extractNavigationExpectations(root, fromPath, file, _projectDir) {
   const expectations = [];
   
   // Extract from inline scripts

package/src/verax/learn/static-extractor-validation.js

@@ -3,7 +3,7 @@
  * Detects preventDefault() calls in onSubmit handlers.
  */
 
-function extractValidationExpectations(root, fromPath, file, projectDir) {
+function extractValidationExpectations(root, fromPath, file, _projectDir) {
   const expectations = [];
   
   // Extract from inline scripts
@@ -19,7 +19,7 @@ function extractValidationExpectations(root, fromPath, file, projectDir) {
       // Check if this is in an onSubmit context
       // Look for function definitions that might be onSubmit handlers
       const beforeMatch = scriptContent.substring(0, match.index);
-      const afterMatch = scriptContent.substring(match.index);
+      const _afterMatch = scriptContent.substring(match.index);
       
       // Check if there's a function definition before this preventDefault
       const functionMatch = beforeMatch.match(/function\s+(\w+)\s*\([^)]*event[^)]*\)/);

package/src/verax/learn/static-extractor.js

@@ -1,13 +1,13 @@
 import { glob } from 'glob';
-import { resolve, dirname, join, relative } from 'path';
+import { resolve, dirname, relative } from 'path';
 import { readFileSync, existsSync } from 'fs';
 import { parse } from 'node-html-parser';
 
 const MAX_HTML_FILES = 200;
 
 function htmlFileToRoute(file) {
-  let path = file.replace(/[\\\/]/g, '/');
-  path = path.replace(/\/index\.html$/, '');
+  let path = file.replace(/[\\/]/g, '/');
+  path = path.replace(/\/index.html$/, '');
   path = path.replace(/\.html$/, '');
   path = path.replace(/^index$/, '');
   
@@ -159,7 +159,7 @@ function extractFormSubmissionExpectations(root, fromPath, file, routeMap, proje
   return expectations;
 }
 
-function extractNetworkExpectations(root, fromPath, file, projectDir) {
+function extractNetworkExpectations(root, fromPath, file, _projectDir) {
   const expectations = [];
   
   // Extract from inline scripts
@@ -286,9 +286,10 @@ export async function extractStaticExpectations(projectDir, routes) {
         const targetPath = resolveLinkPath(href, file, projectDir);
         if (!targetPath) continue;
         
-        if (!routeMap.has(targetPath)) continue;
-        
-        const linkText = link.textContent?.trim() || '';
+        // Extract expectation even if target route doesn't exist yet
+        // This allows detection of broken links or prevented navigation
+        // (The route may not exist, but the link promises navigation)
+        const _linkText = link.textContent?.trim() || '';
         const selectorHint = link.id ? `#${link.id}` : `a[href="${href}"]`;
         
         expectations.push({

package/src/verax/learn/ts-contract-resolver.js

@@ -9,7 +9,7 @@
 
 import ts from 'typescript';
 import { resolve, relative, dirname, sep, join } from 'path';
-import { readFileSync, existsSync, statSync } from 'fs';
+import { existsSync, statSync } from 'fs';
 import { glob } from 'glob';
 
 const MAX_DEPTH = 3;
@@ -45,14 +45,8 @@ export async function resolveActionContracts(rootDir, workspaceRoot) {
   const checker = program.getTypeChecker();
   const contracts = [];
 
-  for (const sourceFile of program.getSourceFiles()) {
-    const sourcePath = resolve(sourceFile.fileName);
-    if (!sourcePath.toLowerCase().startsWith(normalizedRoot.toLowerCase())) continue;
-    if (sourceFile.isDeclarationFile) continue;
-
-    const importMap = buildImportMap(sourceFile, rootDir, workspaceRoot);
-
-    function visit(node) {
+  function createVisitFunction(importMap, sourceFile) {
+    return function visit(node) {
       if (ts.isJsxAttribute(node)) {
         const name = node.name.getText();
         if (name !== 'onClick' && name !== 'onSubmit') return;
@@ -64,7 +58,7 @@ export async function resolveActionContracts(rootDir, workspaceRoot) {
         // We only handle identifier handlers (cross-file capable)
         if (!ts.isIdentifier(expr)) return;
 
-        const handlerName = expr.text;
+        const _handlerName = expr.text;
         const handlerRef = deriveHandlerRef(expr, importMap, sourceFile, workspaceRoot);
         if (!handlerRef) return;
 
@@ -112,8 +106,16 @@ export async function resolveActionContracts(rootDir, workspaceRoot) {
         }
       }
       ts.forEachChild(node, visit);
-    }
+    };
+  }
 
+  for (const sourceFile of program.getSourceFiles()) {
+    const sourcePath = resolve(sourceFile.fileName);
+    if (!sourcePath.toLowerCase().startsWith(normalizedRoot.toLowerCase())) continue;
+    if (sourceFile.isDeclarationFile) continue;
+
+    const importMap = buildImportMap(sourceFile, rootDir, workspaceRoot);
+    const visit = createVisitFunction(importMap, sourceFile);
     visit(sourceFile);
   }
 
@@ -313,7 +315,7 @@ function analyzeStateCall(node) {
 
   // Zustand: store.set(...) or setState(...)
   if (ts.isPropertyAccessExpression(callee)) {
-    const obj = callee.expression;
+    const _obj = callee.expression;
     const prop = callee.name;
     // Common pattern: storeObj.set(...)
     if (prop.text === 'set') {

package/src/verax/observe/browser.js

@@ -16,12 +16,31 @@ export async function navigateToUrl(page, url, scanBudget = DEFAULT_SCAN_BUDGET)
     if (url.startsWith('file:') || url.includes('localhost:') || url.includes('127.0.0.1')) {
       stableWait = 200; // Short wait for local fixtures
     }
-  } catch {}
-  await page.goto(url, { waitUntil: 'networkidle', timeout: scanBudget.initialNavigationTimeoutMs });
+  } catch {
+    // Ignore config errors
+  }
+  // Use domcontentloaded first for faster timeout, then wait for networkidle separately
+  await page.goto(url, { waitUntil: 'domcontentloaded', timeout: scanBudget.initialNavigationTimeoutMs });
+  await page.waitForLoadState('networkidle', { timeout: 10000 }).catch(() => {
+    // Network idle timeout is acceptable, continue
+  });
   await page.waitForTimeout(stableWait);
 }
 
 export async function closeBrowser(browser) {
-  await browser.close();
+  try {
+    // Close all contexts first
+    const contexts = browser.contexts();
+    for (const context of contexts) {
+      try {
+        await context.close({ timeout: 5000 }).catch(() => {});
+      } catch (e) {
+        // Ignore context close errors
+      }
+    }
+    await browser.close({ timeout: 5000 }).catch(() => {});
+  } catch (e) {
+    // Ignore browser close errors - best effort cleanup
+  }
 }
 

package/src/verax/observe/console-sensor.js

@@ -57,7 +57,7 @@ export class ConsoleSensor {
     };
 
     // Capture unhandled promise rejections
-    const onUnhandledRejection = (promise, reason) => {
+    const _onUnhandledRejection = (promise, reason) => {
       const message = (reason?.toString?.() || String(reason)).slice(0, 200);
       state.unhandledRejections.push({
         message: message,
@@ -104,7 +104,7 @@ export class ConsoleSensor {
   /**
    * Stop monitoring and return a summary for the window.
    */
-  stopWindow(windowId, page) {
+  stopWindow(windowId, _page) {
     const state = this.windows.get(windowId);
     if (!state) {
       return this.getEmptySummary();

package/src/verax/observe/expectation-executor.js

@@ -3,6 +3,7 @@
  * 
  * Executes every PROVEN expectation from the manifest.
  * Each expectation must result in: VERIFIED, SILENT_FAILURE, or COVERAGE_GAP.
+ * @typedef {import('playwright').Page} Page
  */
 
 import { isProvenExpectation } from '../shared/expectation-prover.js';
@@ -11,7 +12,7 @@ import { hasMeaningfulUrlChange, hasVisibleChange, hasDomChange } from '../detec
 import { runInteraction } from './interaction-runner.js';
 import { captureScreenshot } from './evidence-capture.js';
 import { getBaseOrigin } from './domain-boundary.js';
-import { resolve, dirname } from 'path';
+import { resolve } from 'path';
 
 /**
  * Execute a single PROVEN expectation.

package/src/verax/observe/focus-sensor.js

@@ -155,7 +155,7 @@ export class FocusSensor {
   /**
    * Detect if focus didn't move into modal (expected but didn't happen)
    */
-  detectModalFocusFailure(page) {
+  detectModalFocusFailure(_page) {
     // This is checked via modal detection - focus should move to modal
     // Presence of modal without focus change = failure
     return false; // Caller will check if modal opened

package/src/verax/observe/human-driver.js

@@ -158,7 +158,9 @@ export class HumanBehaviorDriver {
       } else if (url.includes('localhost:') || url.includes('127.0.0.1')) {
         timeoutMs = 200; // Short wait for local http fixtures
       }
-    } catch {}
+    } catch {
+      // Ignore config errors
+    }
 
     const waitForUiIdle = async () => {
       const start = Date.now();
@@ -336,7 +338,10 @@ export class HumanBehaviorDriver {
 
     const focusableSelectors = await page.evaluate(() => {
       const focusables = Array.from(document.querySelectorAll('a[href], button, input, select, textarea, [tabindex], [role="button"], [role="menuitem"], [contenteditable="true"]'))
-        .filter(el => !el.hasAttribute('disabled') && el.tabIndex >= 0 && el.offsetParent !== null);
+        .filter(el => {
+          const htmlEl = /** @type {HTMLElement} */ (el);
+          return !el.hasAttribute('disabled') && htmlEl.tabIndex >= 0 && htmlEl.offsetParent !== null;
+        });
       const describe = (el) => {
         if (!el) return 'body';
         if (el.id) return `#${el.id}`;
@@ -609,7 +614,9 @@ export class HumanBehaviorDriver {
         page.waitForTimeout(CLICK_TIMEOUT_MS)
       ]);
       await this.waitAfterAction(page, 600);
-    } catch {}
+    } catch {
+      // Ignore form submission errors
+    }
 
     const afterUrl = page.url();
     const afterStorageKeys = await page.evaluate(() => Object.keys(localStorage));
@@ -660,7 +667,9 @@ export class HumanBehaviorDriver {
           clicked = true;
           await this.waitAfterAction(page, 400);
           break;
-        } catch {}
+        } catch {
+          // Ignore interaction errors
+        }
       }
     }
 
@@ -686,17 +695,23 @@ export class HumanBehaviorDriver {
     const beforeUrl = page.url();
     try {
       await page.goto(url, { waitUntil: 'load', timeout: CLICK_TIMEOUT_MS }).catch(() => null);
-    } catch {}
+    } catch {
+      // Ignore navigation errors
+    }
 
     const afterUrl = page.url();
-    const blocked = beforeUrl !== afterUrl && (afterUrl.includes('/login') || afterUrl.includes('/signin'));
+    const redirectedToLogin = beforeUrl !== afterUrl && (afterUrl.includes('/login') || afterUrl.includes('/signin'));
     const content = await page.content();
     const hasAccessDenied = content.includes('401') || content.includes('403') || content.includes('unauthorized') || content.includes('forbidden');
+    const isProtected = redirectedToLogin || hasAccessDenied;
 
     return {
       url,
-      blocked: blocked || hasAccessDenied,
-      redirectedTo: afterUrl,
+      beforeUrl,
+      afterUrl,
+      isProtected,
+      redirectedToLogin,
+      hasAccessDenied,
       httpStatus: hasAccessDenied ? (content.includes('403') ? 403 : 401) : 200
     };
   }
@@ -710,7 +725,9 @@ export class HumanBehaviorDriver {
             const key = window.localStorage.key(i);
             if (key) result[key] = window.localStorage.getItem(key);
           }
-        } catch (e) {}
+        } catch {
+          // Ignore localStorage access errors
+        }
         return result;
       });
 
@@ -721,7 +738,9 @@ export class HumanBehaviorDriver {
             const key = window.sessionStorage.key(i);
             if (key) result[key] = window.sessionStorage.getItem(key);
           }
-        } catch (e) {}
+        } catch {
+          // Ignore sessionStorage access errors
+        }
         return result;
       });