@veraxhq/verax 0.2.1 → 0.3.0

package/src/cli/util/vue-sfc-extractor.js

@@ -0,0 +1,162 @@
+/**
+ * PHASE 20 — Vue SFC (Single File Component) Extractor
+ * 
+ * Extracts <script>, <script setup>, and <template> content from .vue files.
+ * Deterministic and robust (no external runtime execution).
+ */
+
+/**
+ * PHASE 20: Extract Vue SFC blocks
+ * 
+ * @param {string} content - Full .vue file content
+ * @param {string} filePath - Path to the .vue file (for context)
+ * @returns {Object} { scriptBlocks: [{content, lang, startLine}], template: {content, startLine} }
+ */
+export function extractVueSFC(content) {
+  const scriptBlocks = [];
+  let template = null;
+  
+  // Extract <script> blocks (including <script setup>)
+  const scriptRegex = /<script(?:\s+setup)?(?:\s+lang=["']([^"']+)["'])?[^>]*>([\s\S]*?)<\/script>/gi;
+  let scriptMatch;
+  let lineOffset = 1;
+  
+  while ((scriptMatch = scriptRegex.exec(content)) !== null) {
+    const isSetup = scriptMatch[0].includes('setup');
+    const lang = scriptMatch[1] || 'js';
+    const scriptContent = scriptMatch[2];
+    
+    // Calculate start line
+    const beforeMatch = content.substring(0, scriptMatch.index);
+    const startLine = (beforeMatch.match(/\n/g) || []).length + 1;
+    
+    scriptBlocks.push({
+      content: scriptContent.trim(),
+      lang: lang.toLowerCase(),
+      startLine,
+      isSetup,
+    });
+  }
+  
+  // Extract <template> block
+  const templateRegex = /<template[^>]*>([\s\S]*?)<\/template>/i;
+  const templateMatch = content.match(templateRegex);
+  
+  if (templateMatch) {
+    const beforeTemplate = content.substring(0, templateMatch.index);
+    const templateStartLine = (beforeTemplate.match(/\n/g) || []).length + 1;
+    
+    template = {
+      content: templateMatch[1].trim(),
+      startLine: templateStartLine,
+    };
+  }
+  
+  return {
+    scriptBlocks,
+    template,
+  };
+}
+
+/**
+ * PHASE 20: Extract template bindings and references
+ * 
+ * @param {string} templateContent - Template content
+ * @returns {Object} { bindings: string[], routerLinks: Array, eventHandlers: Array }
+ */
+export function extractTemplateBindings(templateContent) {
+  const bindings = [];
+  const routerLinks = [];
+  const eventHandlers = [];
+  
+  // Extract variable bindings: {{ var }}, :prop="var", v-if="var", etc.
+  const bindingPatterns = [
+    /\{\{\s*([a-zA-Z_$][a-zA-Z0-9_$]*)\s*\}\}/g,  // {{ var }}
+    /:([a-zA-Z-]+)=["']([^"']+)["']/g,  // :prop="value"
+    /v-if=["']([^"']+)["']/g,  // v-if="condition"
+    /v-show=["']([^"']+)["']/g,  // v-show="condition"
+    /v-model=["']([^"']+)["']/g,  // v-model="value"
+  ];
+  
+  for (const pattern of bindingPatterns) {
+    let match;
+    while ((match = pattern.exec(templateContent)) !== null) {
+      const binding = match[1] || match[2];
+      if (binding && !bindings.includes(binding)) {
+        bindings.push(binding);
+      }
+    }
+  }
+  
+  // Extract <router-link> usage
+  const routerLinkRegex = /<router-link[^>]*\s+to=["']([^"']+)["'][^>]*>/gi;
+  let routerLinkMatch;
+  while ((routerLinkMatch = routerLinkRegex.exec(templateContent)) !== null) {
+    routerLinks.push({
+      to: routerLinkMatch[1],
+      fullMatch: routerLinkMatch[0],
+    });
+  }
+  
+  // Extract event handlers: @click="handler", @submit.prevent="handler"
+  const eventHandlerRegex = /@([a-z]+)(?:\.([a-z]+)*)?=["']([^"']+)["']/gi;
+  let eventMatch;
+  while ((eventMatch = eventHandlerRegex.exec(templateContent)) !== null) {
+    eventHandlers.push({
+      event: eventMatch[1],
+      modifiers: eventMatch[2] ? eventMatch[2].split('.') : [],
+      handler: eventMatch[3],
+    });
+  }
+  
+  return {
+    bindings,
+    routerLinks,
+    eventHandlers,
+  };
+}
+
+/**
+ * PHASE 20: Map template handlers to script functions
+ * 
+ * @param {Object} templateBindings - Result from extractTemplateBindings
+ * @param {Array} scriptBlocks - Script blocks from extractVueSFC
+ * @returns {Map} handlerName -> { scriptBlock, functionInfo }
+ */
+export function mapTemplateHandlersToScript(templateBindings, scriptBlocks) {
+  const handlerMap = new Map();
+  
+  for (const handler of templateBindings.eventHandlers) {
+    const handlerName = handler.handler;
+    
+    // Find handler in script blocks
+    for (const scriptBlock of scriptBlocks) {
+      const scriptContent = scriptBlock.content;
+      
+      // Look for function declarations: function handlerName() {}
+      const functionRegex = new RegExp(`(?:function|const|let|var)\\s+${handlerName}\\s*[=(]`, 'g');
+      if (functionRegex.test(scriptContent)) {
+        handlerMap.set(handlerName, {
+          scriptBlock,
+          handler,
+          type: 'function',
+        });
+        break;
+      }
+      
+      // Look for method definitions: methods: { handlerName() {} }
+      const methodRegex = new RegExp(`(?:methods|setup)\\s*:\\s*\\{[^}]*${handlerName}\\s*[:(]`, 's');
+      if (methodRegex.test(scriptContent)) {
+        handlerMap.set(handlerName, {
+          scriptBlock,
+          handler,
+          type: 'method',
+        });
+        break;
+      }
+    }
+  }
+  
+  return handlerMap;
+}
+

package/src/cli/util/vue-state-detector.js

@@ -0,0 +1,215 @@
+/**
+ * PHASE 20 — Vue State Promise Detection
+ * 
+ * Detects ref/reactive mutations that are UI-bound:
+ * - ref declarations: const count = ref(0);
+ * - reactive: const state = reactive({ x: 1 });
+ * - Only emit if identifiers are used in template bindings
+ */
+
+import { parse } from '@babel/parser';
+import _traverse from '@babel/traverse';
+
+const traverse = _traverse.default || _traverse;
+
+/**
+ * PHASE 20: Detect Vue state promises
+ * 
+ * @param {string} scriptContent - Script block content
+ * @param {string} filePath - File path
+ * @param {string} relPath - Relative path
+ * @param {Object} scriptBlock - Script block metadata
+ * @param {Object} templateBindings - Template bindings
+ * @returns {Array} State promises
+ */
+export function detectVueStatePromises(scriptContent, filePath, relPath, scriptBlock, templateBindings) {
+  const promises = [];
+  const templateVars = new Set(templateBindings.bindings || []);
+  
+  if (templateVars.size === 0) {
+    return promises; // No template bindings, skip
+  }
+  
+  try {
+    const ast = parse(scriptContent, {
+      sourceType: 'module',
+      plugins: [
+        'typescript',
+        'classProperties',
+        'optionalChaining',
+        'nullishCoalescingOperator',
+        'dynamicImport',
+        'topLevelAwait',
+        'objectRestSpread',
+      ],
+      errorRecovery: true,
+    });
+    
+    const lines = scriptContent.split('\n');
+    const refDeclarations = new Map(); // varName -> { loc, astSource }
+    const reactiveDeclarations = new Map();
+    
+    traverse(ast, {
+      // Detect ref() declarations
+      VariableDeclarator(path) {
+        const node = path.node;
+        const init = node.init;
+        
+        if (init && init.type === 'CallExpression') {
+          const callee = init.callee;
+          
+          // ref(0) or ref({})
+          if (callee.type === 'Identifier' && callee.name === 'ref') {
+            const varName = node.id.name;
+            if (templateVars.has(varName)) {
+              const loc = node.loc;
+              const line = loc ? loc.start.line : 1;
+              const astSource = lines.slice(line - 1, loc ? loc.end.line : line)
+                .join('\n')
+                .substring(0, 200);
+              
+              refDeclarations.set(varName, {
+                loc,
+                astSource,
+                line,
+              });
+            }
+          }
+          
+          // reactive({})
+          if (callee.type === 'Identifier' && callee.name === 'reactive') {
+            const varName = node.id.name;
+            if (templateVars.has(varName)) {
+              const loc = node.loc;
+              const line = loc ? loc.start.line : 1;
+              const astSource = lines.slice(line - 1, loc ? loc.end.line : line)
+                .join('\n')
+                .substring(0, 200);
+              
+              reactiveDeclarations.set(varName, {
+                loc,
+                astSource,
+                line,
+              });
+            }
+          }
+        }
+      },
+      
+      // Detect mutations: count.value = ... or state.x = ...
+      AssignmentExpression(path) {
+        const node = path.node;
+        const left = node.left;
+        
+        // count.value = ...
+        if (left.type === 'MemberExpression' && 
+            left.property.name === 'value' &&
+            left.object.type === 'Identifier') {
+          const varName = left.object.name;
+          
+          if (refDeclarations.has(varName) && templateVars.has(varName)) {
+            const decl = refDeclarations.get(varName);
+            const loc = node.loc;
+            const line = loc ? loc.start.line : 1;
+            const column = loc ? loc.start.column : 0;
+            
+            const astSource = lines.slice(line - 1, loc ? loc.end.line : line)
+              .join('\n')
+              .substring(0, 200);
+            
+            const context = buildContext(path);
+            
+            promises.push({
+              type: 'state',
+              promise: {
+                kind: 'state-change',
+                value: `${varName}.value`,
+                stateVar: varName,
+              },
+              source: {
+                file: relPath,
+                line,
+                column,
+                context,
+                astSource,
+              },
+              confidence: 0.9,
+            });
+          }
+        }
+        
+        // state.x = ...
+        if (left.type === 'MemberExpression' &&
+            left.object.type === 'Identifier') {
+          const varName = left.object.name;
+          
+          if (reactiveDeclarations.has(varName) && templateVars.has(varName)) {
+            const loc = node.loc;
+            const line = loc ? loc.start.line : 1;
+            const column = loc ? loc.start.column : 0;
+            
+            const astSource = lines.slice(line - 1, loc ? loc.end.line : line)
+              .join('\n')
+              .substring(0, 200);
+            
+            const context = buildContext(path);
+            const propName = left.property.name || '<property>';
+            
+            promises.push({
+              type: 'state',
+              promise: {
+                kind: 'state-change',
+                value: `${varName}.${propName}`,
+                stateVar: varName,
+              },
+              source: {
+                file: relPath,
+                line,
+                column,
+                context,
+                astSource,
+              },
+              confidence: 0.9,
+            });
+          }
+        }
+      },
+    });
+  } catch (error) {
+    // Parse error - skip
+  }
+  
+  return promises;
+}
+
+/**
+ * Build context chain from AST path
+ */
+function buildContext(path) {
+  const context = [];
+  let current = path;
+  
+  while (current) {
+    if (current.isFunctionDeclaration()) {
+      context.push({
+        type: 'function',
+        name: current.node.id?.name || '<anonymous>',
+      });
+    } else if (current.isArrowFunctionExpression()) {
+      context.push({
+        type: 'arrow-function',
+        name: '<arrow>',
+      });
+    } else if (current.isMethodDefinition()) {
+      context.push({
+        type: 'method',
+        name: current.node.key?.name || '<method>',
+      });
+    }
+    
+    current = current.parentPath;
+  }
+  
+  return context.reverse().map(c => `${c.type}:${c.name}`).join(' > ');
+}
+

package/src/verax/cli/finding-explainer.js

@@ -14,11 +14,22 @@
 export function formatFinding(finding, expectation = null) {
   const lines = [];
   
-  // Finding type and confidence
-  const confidenceLevel = finding.confidence?.level || 'UNKNOWN';
-  const confidenceScore = finding.confidence?.score || 0;
+  // PHASE 15: Finding type and unified confidence
+  const confidenceLevel = finding.confidenceLevel || finding.confidence?.level || 'UNPROVEN';
+  const confidenceScore = finding.confidence !== undefined 
+    ? (finding.confidence <= 1 ? Math.round(finding.confidence * 100) : finding.confidence)
+    : (finding.confidence?.score || 0);
+  const confidenceReasons = finding.confidenceReasons || [];
+  
   lines.push(`  [${confidenceLevel} (${confidenceScore}%)] ${finding.type || 'unknown'}`);
   
+  // PHASE 15: Show top confidence reasons
+  if (confidenceReasons.length > 0) {
+    const topReasons = confidenceReasons.slice(0, 3);
+    const reasonText = topReasons.join(', ');
+    lines.push(`  └─ Confidence: ${reasonText}`);
+  }
+  
   // Expectation (what was promised)
   if (expectation) {
     let expectationDesc = '';
@@ -84,6 +95,48 @@ export function formatFinding(finding, expectation = null) {
     lines.push(`  └─ Source: ${expectation.source.file}${sourceLine}`);
   }
   
+  // PHASE 16: Show evidence completeness
+  if (finding.evidencePackage) {
+    if (finding.evidencePackage.isComplete) {
+      lines.push(`  └─ Evidence: Complete`);
+    } else {
+      lines.push(`  └─ Evidence: Incomplete (missing: ${finding.evidencePackage.missingEvidence.join(', ')})`);
+    }
+  }
+  
+  // PHASE 16: Show downgrade reason if evidence was incomplete
+  if (finding.evidenceCompleteness?.downgraded) {
+    lines.push(`  └─ Downgraded: ${finding.evidenceCompleteness.downgradeReason}`);
+  }
+  
+  // PHASE 17/23: Show guardrails applied and reconciliation
+  if (finding.guardrails) {
+    const guardrails = finding.guardrails;
+    if (guardrails.appliedRules && guardrails.appliedRules.length > 0) {
+      const ruleCodes = guardrails.appliedRules.map(r => r.code || r.ruleId).filter(Boolean);
+      if (ruleCodes.length > 0) {
+        lines.push(`  └─ Final status due to guardrails: ${ruleCodes.join(', ')}`);
+      }
+    }
+    if (guardrails.contradictions && guardrails.contradictions.length > 0) {
+      lines.push(`  └─ Contradiction: ${guardrails.contradictions[0].message}`);
+    }
+    
+    // PHASE 23: Show confidence reconciliation if present
+    if (guardrails.reconciliation) {
+      const recon = guardrails.reconciliation;
+      if (recon.confidenceBefore !== recon.confidenceAfter) {
+        const beforePercent = Math.round(recon.confidenceBefore * 100);
+        const afterPercent = Math.round(recon.confidenceAfter * 100);
+        lines.push(`  └─ Confidence: ${beforePercent}% → ${afterPercent}% (${recon.confidenceLevelBefore} → ${recon.confidenceLevelAfter})`);
+      }
+      if (recon.reconciliationReasons && recon.reconciliationReasons.length > 0) {
+        const topReasons = recon.reconciliationReasons.slice(0, 2);
+        lines.push(`  └─ Reconciliation: ${topReasons.join(', ')}`);
+      }
+    }
+  }
+  
   return lines.join('\n');
 }
 

package/src/verax/core/artifacts/registry.js

@@ -0,0 +1,154 @@
+import { join } from 'path';
+
+export const ARTIFACT_REGISTRY = {
+  runStatus: {
+    key: 'runStatus',
+    filename: 'run.status.json',
+    stage: 'init',
+    contractVersion: 1,
+    type: 'file'
+  },
+  runMeta: {
+    key: 'runMeta',
+    filename: 'run.meta.json',
+    stage: 'init',
+    contractVersion: 1,
+    type: 'file'
+  },
+  summary: {
+    key: 'summary',
+    filename: 'summary.json',
+    stage: 'finalize',
+    contractVersion: 1,
+    type: 'file'
+  },
+  findings: {
+    key: 'findings',
+    filename: 'findings.json',
+    stage: 'detect',
+    contractVersion: 1,
+    type: 'file'
+  },
+  learn: {
+    key: 'learn',
+    filename: 'learn.json',
+    stage: 'learn',
+    contractVersion: 1,
+    type: 'file'
+  },
+  observe: {
+    key: 'observe',
+    filename: 'observe.json',
+    stage: 'observe',
+    contractVersion: 1,
+    type: 'file'
+  },
+  project: {
+    key: 'project',
+    filename: 'project.json',
+    stage: 'init',
+    contractVersion: 1,
+    type: 'file'
+  },
+  traces: {
+    key: 'traces',
+    filename: 'traces.jsonl',
+    stage: 'finalize',
+    contractVersion: 1,
+    type: 'file'
+  },
+  evidence: {
+    key: 'evidence',
+    filename: 'evidence',
+    stage: 'observe',
+    contractVersion: 1,
+    type: 'directory'
+  },
+  scanSummary: {
+    key: 'scanSummary',
+    filename: 'scan-summary.json',
+    stage: 'finalize',
+    contractVersion: 1,
+    type: 'file'
+  },
+  determinismReport: {
+    key: 'determinismReport',
+    filename: 'determinism.report.json',
+    stage: 'finalize',
+    contractVersion: 1,
+    type: 'file'
+  },
+  evidenceIntent: {
+    key: 'evidenceIntent',
+    filename: 'evidence.intent.json',
+    stage: 'detect',
+    contractVersion: 1,
+    type: 'file'
+  },
+  guardrailsReport: {
+    key: 'guardrailsReport',
+    filename: 'guardrails.report.json',
+    stage: 'detect',
+    contractVersion: 1,
+    type: 'file'
+  },
+  confidenceReport: {
+    key: 'confidenceReport',
+    filename: 'confidence.report.json',
+    stage: 'detect',
+    contractVersion: 1,
+    type: 'file'
+  },
+  determinismContract: {
+    key: 'determinismContract',
+    filename: 'determinism.contract.json',
+    stage: 'observe',
+    contractVersion: 1,
+    type: 'file'
+  },
+  determinismReport: {
+    key: 'determinismReport',
+    filename: 'determinism.report.json',
+    stage: 'verify',
+    contractVersion: 1,
+    type: 'file'
+  },
+  runMeta: {
+    key: 'runMeta',
+    filename: 'run.meta.json',
+    stage: 'learn',
+    contractVersion: 1,
+    type: 'file'
+  }
+};
+
+export function getArtifactVersions() {
+  const versions = {};
+  for (const [key, def] of Object.entries(ARTIFACT_REGISTRY)) {
+    versions[key] = def.contractVersion;
+  }
+  return versions;
+}
+
+export function buildRunArtifactPaths(baseDir) {
+  return {
+    baseDir,
+    runStatusJson: join(baseDir, ARTIFACT_REGISTRY.runStatus.filename),
+    runMetaJson: join(baseDir, ARTIFACT_REGISTRY.runMeta.filename),
+    summaryJson: join(baseDir, ARTIFACT_REGISTRY.summary.filename),
+    findingsJson: join(baseDir, ARTIFACT_REGISTRY.findings.filename),
+    tracesJsonl: join(baseDir, ARTIFACT_REGISTRY.traces.filename),
+    evidenceDir: join(baseDir, ARTIFACT_REGISTRY.evidence.filename),
+    learnJson: join(baseDir, ARTIFACT_REGISTRY.learn.filename),
+    observeJson: join(baseDir, ARTIFACT_REGISTRY.observe.filename),
+    projectJson: join(baseDir, ARTIFACT_REGISTRY.project.filename),
+    scanSummaryJson: join(baseDir, ARTIFACT_REGISTRY.scanSummary.filename),
+    evidenceIntentJson: join(baseDir, ARTIFACT_REGISTRY.evidenceIntent.filename),
+    guardrailsReportJson: join(baseDir, ARTIFACT_REGISTRY.guardrailsReport.filename),
+    confidenceReportJson: join(baseDir, ARTIFACT_REGISTRY.confidenceReport.filename),
+    determinismContractJson: join(baseDir, ARTIFACT_REGISTRY.determinismContract.filename),
+    determinismReportJson: join(baseDir, ARTIFACT_REGISTRY.determinismReport.filename),
+    runMetaJson: join(baseDir, ARTIFACT_REGISTRY.runMeta.filename),
+    artifactVersions: getArtifactVersions()
+  };
+}