npm - @veraxhq/verax - Versions diffs - 0.2.1 → 0.4.0 - Mend

@veraxhq/verax 0.2.1 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (213) hide show

package/README.md +10 -6
package/bin/verax.js +11 -11
package/package.json +29 -8
package/src/cli/commands/baseline.js +103 -0
package/src/cli/commands/default.js +51 -6
package/src/cli/commands/doctor.js +29 -0
package/src/cli/commands/ga.js +246 -0
package/src/cli/commands/gates.js +95 -0
package/src/cli/commands/inspect.js +4 -2
package/src/cli/commands/release-check.js +215 -0
package/src/cli/commands/run.js +45 -6
package/src/cli/commands/security-check.js +212 -0
package/src/cli/commands/truth.js +113 -0
package/src/cli/entry.js +30 -20
package/src/cli/util/angular-component-extractor.js +179 -0
package/src/cli/util/angular-navigation-detector.js +141 -0
package/src/cli/util/angular-network-detector.js +161 -0
package/src/cli/util/angular-state-detector.js +162 -0
package/src/cli/util/ast-interactive-detector.js +544 -0
package/src/cli/util/ast-network-detector.js +603 -0
package/src/cli/util/ast-promise-extractor.js +581 -0
package/src/cli/util/ast-usestate-detector.js +602 -0
package/src/cli/util/atomic-write.js +12 -1
package/src/cli/util/bootstrap-guard.js +86 -0
package/src/cli/util/console-reporter.js +72 -0
package/src/cli/util/detection-engine.js +105 -41
package/src/cli/util/determinism-runner.js +124 -0
package/src/cli/util/determinism-writer.js +129 -0
package/src/cli/util/digest-engine.js +359 -0
package/src/cli/util/dom-diff.js +226 -0
package/src/cli/util/evidence-engine.js +287 -0
package/src/cli/util/expectation-extractor.js +151 -5
package/src/cli/util/findings-writer.js +3 -0
package/src/cli/util/framework-detector.js +572 -0
package/src/cli/util/idgen.js +1 -1
package/src/cli/util/interaction-planner.js +529 -0
package/src/cli/util/learn-writer.js +2 -0
package/src/cli/util/ledger-writer.js +110 -0
package/src/cli/util/monorepo-resolver.js +162 -0
package/src/cli/util/observation-engine.js +127 -278
package/src/cli/util/observe-writer.js +2 -0
package/src/cli/util/project-discovery.js +284 -0
package/src/cli/util/project-writer.js +2 -0
package/src/cli/util/run-id.js +23 -27
package/src/cli/util/run-resolver.js +64 -0
package/src/cli/util/run-result.js +778 -0
package/src/cli/util/selector-resolver.js +235 -0
package/src/cli/util/source-requirement.js +55 -0
package/src/cli/util/summary-writer.js +2 -0
package/src/cli/util/svelte-navigation-detector.js +163 -0
package/src/cli/util/svelte-network-detector.js +80 -0
package/src/cli/util/svelte-sfc-extractor.js +146 -0
package/src/cli/util/svelte-state-detector.js +242 -0
package/src/cli/util/trust-activation-integration.js +496 -0
package/src/cli/util/trust-activation-wrapper.js +85 -0
package/src/cli/util/trust-integration-hooks.js +164 -0
package/src/cli/util/types.js +153 -0
package/src/cli/util/url-validation.js +40 -0
package/src/cli/util/vue-navigation-detector.js +178 -0
package/src/cli/util/vue-sfc-extractor.js +161 -0
package/src/cli/util/vue-state-detector.js +215 -0
package/src/types/fs-augment.d.ts +23 -0
package/src/types/global.d.ts +137 -0
package/src/types/internal-types.d.ts +35 -0
package/src/verax/cli/init.js +4 -18
package/src/verax/core/action-classifier.js +4 -3
package/src/verax/core/artifacts/registry.js +139 -0
package/src/verax/core/artifacts/verifier.js +990 -0
package/src/verax/core/baseline/baseline.enforcer.js +137 -0
package/src/verax/core/baseline/baseline.snapshot.js +233 -0
package/src/verax/core/capabilities/gates.js +505 -0
package/src/verax/core/capabilities/registry.js +475 -0
package/src/verax/core/confidence/confidence-compute.js +144 -0
package/src/verax/core/confidence/confidence-invariants.js +234 -0
package/src/verax/core/confidence/confidence-report-writer.js +112 -0
package/src/verax/core/confidence/confidence-weights.js +44 -0
package/src/verax/core/confidence/confidence.defaults.js +65 -0
package/src/verax/core/confidence/confidence.loader.js +80 -0
package/src/verax/core/confidence/confidence.schema.js +94 -0
package/src/verax/core/confidence-engine-refactor.js +489 -0
package/src/verax/core/confidence-engine.js +625 -0
package/src/verax/core/contracts/index.js +29 -0
package/src/verax/core/contracts/types.js +186 -0
package/src/verax/core/contracts/validators.js +456 -0
package/src/verax/core/decisions/decision.trace.js +278 -0
package/src/verax/core/determinism/contract-writer.js +89 -0
package/src/verax/core/determinism/contract.js +139 -0
package/src/verax/core/determinism/diff.js +405 -0
package/src/verax/core/determinism/engine.js +222 -0
package/src/verax/core/determinism/finding-identity.js +149 -0
package/src/verax/core/determinism/normalize.js +466 -0
package/src/verax/core/determinism/report-writer.js +93 -0
package/src/verax/core/determinism/run-fingerprint.js +123 -0
package/src/verax/core/dynamic-route-intelligence.js +529 -0
package/src/verax/core/evidence/evidence-capture-service.js +308 -0
package/src/verax/core/evidence/evidence-intent-ledger.js +166 -0
package/src/verax/core/evidence-builder.js +487 -0
package/src/verax/core/execution-mode-context.js +77 -0
package/src/verax/core/execution-mode-detector.js +192 -0
package/src/verax/core/failures/exit-codes.js +88 -0
package/src/verax/core/failures/failure-summary.js +76 -0
package/src/verax/core/failures/failure.factory.js +225 -0
package/src/verax/core/failures/failure.ledger.js +133 -0
package/src/verax/core/failures/failure.types.js +196 -0
package/src/verax/core/failures/index.js +10 -0
package/src/verax/core/ga/ga-report-writer.js +43 -0
package/src/verax/core/ga/ga.artifact.js +49 -0
package/src/verax/core/ga/ga.contract.js +435 -0
package/src/verax/core/ga/ga.enforcer.js +87 -0
package/src/verax/core/guardrails/guardrails-report-writer.js +109 -0
package/src/verax/core/guardrails/policy.defaults.js +210 -0
package/src/verax/core/guardrails/policy.loader.js +84 -0
package/src/verax/core/guardrails/policy.schema.js +110 -0
package/src/verax/core/guardrails/truth-reconciliation.js +136 -0
package/src/verax/core/guardrails-engine.js +505 -0
package/src/verax/core/incremental-store.js +1 -0
package/src/verax/core/integrity/budget.js +138 -0
package/src/verax/core/integrity/determinism.js +342 -0
package/src/verax/core/integrity/integrity.js +208 -0
package/src/verax/core/integrity/poisoning.js +108 -0
package/src/verax/core/integrity/transaction.js +140 -0
package/src/verax/core/observe/run-timeline.js +318 -0
package/src/verax/core/perf/perf.contract.js +186 -0
package/src/verax/core/perf/perf.display.js +65 -0
package/src/verax/core/perf/perf.enforcer.js +91 -0
package/src/verax/core/perf/perf.monitor.js +209 -0
package/src/verax/core/perf/perf.report.js +200 -0
package/src/verax/core/pipeline-tracker.js +243 -0
package/src/verax/core/product-definition.js +127 -0
package/src/verax/core/release/provenance.builder.js +130 -0
package/src/verax/core/release/release-report-writer.js +40 -0
package/src/verax/core/release/release.enforcer.js +164 -0
package/src/verax/core/release/reproducibility.check.js +222 -0
package/src/verax/core/release/sbom.builder.js +292 -0
package/src/verax/core/replay-validator.js +2 -0
package/src/verax/core/replay.js +4 -0
package/src/verax/core/report/cross-index.js +195 -0
package/src/verax/core/report/human-summary.js +362 -0
package/src/verax/core/route-intelligence.js +420 -0
package/src/verax/core/run-id.js +6 -3
package/src/verax/core/run-manifest.js +4 -3
package/src/verax/core/security/secrets.scan.js +329 -0
package/src/verax/core/security/security-report.js +50 -0
package/src/verax/core/security/security.enforcer.js +128 -0
package/src/verax/core/security/supplychain.defaults.json +38 -0
package/src/verax/core/security/supplychain.policy.js +334 -0
package/src/verax/core/security/vuln.scan.js +265 -0
package/src/verax/core/truth/truth.certificate.js +252 -0
package/src/verax/core/ui-feedback-intelligence.js +481 -0
package/src/verax/detect/conditional-ui-silent-failure.js +84 -0
package/src/verax/detect/confidence-engine.js +62 -34
package/src/verax/detect/confidence-helper.js +34 -0
package/src/verax/detect/dynamic-route-findings.js +338 -0
package/src/verax/detect/expectation-chain-detector.js +417 -0
package/src/verax/detect/expectation-model.js +2 -2
package/src/verax/detect/failure-cause-inference.js +293 -0
package/src/verax/detect/findings-writer.js +131 -35
package/src/verax/detect/flow-detector.js +2 -2
package/src/verax/detect/form-silent-failure.js +98 -0
package/src/verax/detect/index.js +46 -5
package/src/verax/detect/invariants-enforcer.js +147 -0
package/src/verax/detect/journey-stall-detector.js +558 -0
package/src/verax/detect/navigation-silent-failure.js +82 -0
package/src/verax/detect/problem-aggregator.js +361 -0
package/src/verax/detect/route-findings.js +219 -0
package/src/verax/detect/summary-writer.js +477 -0
package/src/verax/detect/test-failure-cause-inference.js +314 -0
package/src/verax/detect/ui-feedback-findings.js +207 -0
package/src/verax/detect/view-switch-correlator.js +242 -0
package/src/verax/flow/flow-engine.js +2 -1
package/src/verax/flow/flow-spec.js +0 -6
package/src/verax/index.js +4 -0
package/src/verax/intel/ts-program.js +1 -0
package/src/verax/intel/vue-navigation-extractor.js +3 -0
package/src/verax/learn/action-contract-extractor.js +3 -0
package/src/verax/learn/ast-contract-extractor.js +1 -1
package/src/verax/learn/flow-extractor.js +1 -0
package/src/verax/learn/project-detector.js +5 -0
package/src/verax/learn/react-router-extractor.js +2 -0
package/src/verax/learn/source-instrumenter.js +1 -0
package/src/verax/learn/state-extractor.js +2 -1
package/src/verax/learn/static-extractor.js +1 -0
package/src/verax/observe/coverage-gaps.js +132 -0
package/src/verax/observe/expectation-handler.js +126 -0
package/src/verax/observe/incremental-skip.js +46 -0
package/src/verax/observe/index.js +51 -155
package/src/verax/observe/interaction-executor.js +192 -0
package/src/verax/observe/interaction-runner.js +782 -513
package/src/verax/observe/network-firewall.js +86 -0
package/src/verax/observe/observation-builder.js +169 -0
package/src/verax/observe/observe-context.js +205 -0
package/src/verax/observe/observe-helpers.js +192 -0
package/src/verax/observe/observe-runner.js +230 -0
package/src/verax/observe/observers/budget-observer.js +185 -0
package/src/verax/observe/observers/console-observer.js +102 -0
package/src/verax/observe/observers/coverage-observer.js +107 -0
package/src/verax/observe/observers/interaction-observer.js +471 -0
package/src/verax/observe/observers/navigation-observer.js +132 -0
package/src/verax/observe/observers/network-observer.js +87 -0
package/src/verax/observe/observers/safety-observer.js +82 -0
package/src/verax/observe/observers/ui-feedback-observer.js +99 -0
package/src/verax/observe/page-traversal.js +138 -0
package/src/verax/observe/snapshot-ops.js +94 -0
package/src/verax/observe/ui-feedback-detector.js +742 -0
package/src/verax/scan-summary-writer.js +2 -0
package/src/verax/shared/artifact-manager.js +25 -5
package/src/verax/shared/caching.js +1 -0
package/src/verax/shared/css-spinner-rules.js +204 -0
package/src/verax/shared/expectation-tracker.js +1 -0
package/src/verax/shared/view-switch-rules.js +208 -0
package/src/verax/shared/zip-artifacts.js +6 -0
package/src/verax/shared/config-loader.js +0 -169
/package/src/verax/shared/{expectation-proof.js → expectation-validation.js} +0 -0

package/src/cli/util/digest-engine.js ADDED Viewed

@@ -0,0 +1,359 @@
+/**
+ * Digest Engine
+ * Produces cryptographic hashes of run artifacts for determinism proof
+ * Ensures two identical runs produce identical digests
+ */
+import { createHash } from 'crypto';
+import { readFileSync, writeFileSync } from 'fs';
+import { resolve } from 'path';
+/**
+ * Normalize JSON for hashing (canonicalize)
+ * Removes volatile fields, sorts keys consistently
+ */
+function normalizeJSON(obj, volatileFields = []) {
+  if (typeof obj !== 'object' || obj === null) {
+    return obj;
+  }
+  if (Array.isArray(obj)) {
+    return obj.map(item => normalizeJSON(item, volatileFields));
+  }
+  const normalized = {};
+  const keys = Object.keys(obj).sort();
+  for (const key of keys) {
+    // Skip volatile fields
+    if (volatileFields.some(field => key.includes(field))) {
+      continue;
+    }
+    const value = obj[key];
+    if (typeof value === 'object' && value !== null) {
+      normalized[key] = normalizeJSON(value, volatileFields);
+    } else {
+      normalized[key] = value;
+    }
+  }
+  return normalized;
+}
+/**
+ * Strip timestamps and volatile data from string content
+ */
+function stripVolatile(content) {
+  if (typeof content !== 'string') {
+    return content;
+  }
+  let cleaned = content;
+  // Strip ISO timestamps
+  cleaned = cleaned.replace(/\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}[.Z0-9]*/g, '[TIMESTAMP]');
+  // Strip UUIDs
+  cleaned = cleaned.replace(/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/gi, '[UUID]');
+  // Strip run IDs (format: YYYY-MM-DDTHH-MM-SSZ_XXXXXX)
+  cleaned = cleaned.replace(/\d{4}-\d{2}-\d{2}T\d{2}-\d{2}-\d{2}Z_[a-z0-9]+/gi, '[RUN_ID]');
+  // Strip execution times (durations)
+  cleaned = cleaned.replace(/"endedAt":\s*"[^"]*"/g, '"endedAt":"[TIMESTAMP]"');
+  cleaned = cleaned.replace(/"startedAt":\s*"[^"]*"/g, '"startedAt":"[TIMESTAMP]"');
+  cleaned = cleaned.replace(/"observedAt":\s*"[^"]*"/g, '"observedAt":"[TIMESTAMP]"');
+  // Strip finding IDs
+  cleaned = cleaned.replace(/"findingId":\s*"[^"]*"/g, '"findingId":"[FINDING_ID]"');
+  return cleaned;
+}
+/**
+ * Compute SHA256 hash of content
+ */
+function hashContent(content) {
+  const hash = createHash('sha256');
+  hash.update(content, 'utf-8');
+  return hash.digest('hex');
+}
+/**
+ * Normalize and hash a JSON file
+ */
+function hashJSONFile(filePath, volatileFields = []) {
+  try {
+    const content = readFileSync(filePath, 'utf-8');
+  // @ts-expect-error - readFileSync with encoding returns string
+    const parsed = JSON.parse(content);
+    const normalized = normalizeJSON(parsed, volatileFields);
+    const serialized = JSON.stringify(normalized);
+    const stripped = stripVolatile(serialized);
+    return hashContent(stripped);
+  } catch (e) {
+    return null;
+  }
+}
+/**
+ * Hash a raw file (e.g., screenshot PNG)
+ */
+function _hashFile(filePath) {
+  try {
+    const content = readFileSync(filePath);
+    return hashContent(content.toString('utf-8'));
+  } catch (e) {
+    return null;
+  }
+}
+/**
+ * H5: Compute deterministic digest for observations
+ * Ensures identical inputs produce identical digests
+ * Used for reproducibility proof
+ */
+export function computeDigest(expectations, observations, metadata = {}) {
+  const digest = {
+    version: '1.0',
+    deterministicSeed: 'verax-h5-determinism-proof',
+    contentHashes: {},
+    normalized: {},
+  };
+  // Normalize expectations
+  const normalizedExpectations = (expectations || []).map(exp => ({
+    id: exp.id,
+    type: exp.type,
+    category: exp.category,
+    promise: exp.promise,
+  }));
+  const expString = JSON.stringify(normalizedExpectations);
+  digest.contentHashes.expectations = hashContent(expString);
+  digest.normalized.expectations = normalizedExpectations;
+  // Normalize observations (remove timing)
+  const normalizedObservations = (observations || []).map(obs => ({
+    id: obs.id,
+    category: obs.category,
+    observed: obs.observed,
+    reason: obs.reason,
+  }));
+  const obsString = JSON.stringify(normalizedObservations);
+  digest.contentHashes.observations = hashContent(obsString);
+  digest.normalized.observations = normalizedObservations;
+  // Normalize metadata
+  const normalizedMetadata = {
+    framework: metadata.framework,
+    url: metadata.url,
+    version: metadata.version,
+  };
+  const metaString = JSON.stringify(normalizedMetadata);
+  digest.contentHashes.metadata = hashContent(metaString);
+  digest.normalized.metadata = normalizedMetadata;
+  // Compute final digest
+  const digestInput = [
+    digest.contentHashes.expectations,
+    digest.contentHashes.observations,
+    digest.contentHashes.metadata,
+    digest.deterministicSeed,
+  ].join(':');
+  digest.deterministicDigest = hashContent(digestInput);
+  return digest;
+}
+/**
+ * H5: Validate determinism across multiple runs
+ */
+export function validateDeterminism(digests) {
+  if (!digests || digests.length === 0) {
+    return {
+      isDeterministic: true,
+      reason: 'No runs to compare',
+    };
+  }
+  const firstDigest = digests[0].deterministicDigest;
+  const allMatch = digests.every(d => d.deterministicDigest === firstDigest);
+  return {
+    isDeterministic: allMatch,
+    firstDigest,
+    mismatchedRuns: !allMatch ? digests.map((d, i) => ({
+      runIndex: i,
+      digest: d.deterministicDigest,
+    })).filter(d => d.digest !== firstDigest) : [],
+  };
+}
+/**
+ * Produce a complete run digest
+ */
+export async function produceRunDigest(runPath, runData) {
+  const digest = {
+    format: 'run-digest-v1',
+    timestamp: new Date().toISOString(),
+    digests: {
+      learn: null,
+      observe: null,
+      findings: null,
+      evidence: {},
+    },
+    metadata: {
+      runPath,
+      isReproducible: false,
+    },
+  };
+  // Hash learn.json (should be deterministic)
+  const learnPath = resolve(runPath, 'learn.json');
+  const learnHash = hashJSONFile(learnPath, ['extractedAt', 'duration']);
+  if (learnHash) {
+    digest.digests.learn = learnHash;
+  }
+  // Hash observe.json (normalized)
+  const observePath = resolve(runPath, 'observe.json');
+  const observeHash = hashJSONFile(observePath, [
+    'observedAt',
+    'startedAt',
+    'endedAt',
+    'timing',
+    'duration',
+    'findingId',
+  ]);
+  if (observeHash) {
+    digest.digests.observe = observeHash;
+  }
+  // Hash findings.json (normalized)
+  const findingsPath = resolve(runPath, 'findings.json');
+  const findingsHash = hashJSONFile(findingsPath, ['findingId', 'confidence']);
+  if (findingsHash) {
+    digest.digests.findings = findingsHash;
+  }
+  // Hash evidence directory
+  if (runData?.evidence && Array.isArray(runData.evidence)) {
+    const evidenceDigests = {};
+    for (const evidenceFile of runData.evidence) {
+      if (evidenceFile.endsWith('.png') || evidenceFile.endsWith('.jpg')) {
+        // Skip images (they may have subtle compression differences)
+        evidenceDigests[evidenceFile] = '[IMAGE_SKIPPED]';
+      } else if (evidenceFile.endsWith('.json')) {
+        const filePath = resolve(runPath, 'evidence', evidenceFile);
+        const hash = hashJSONFile(filePath, ['timestamp', 'duration']);
+        if (hash) {
+          evidenceDigests[evidenceFile] = hash;
+        }
+      }
+    }
+    digest.digests.evidence = evidenceDigests;
+  }
+  // Determine if reproducible (all core files match if run again)
+  const hasAllHashes =
+    digest.digests.learn &&
+    digest.digests.observe &&
+    digest.digests.findings &&
+    Object.keys(digest.digests.evidence).length > 0;
+  digest.metadata.isReproducible = hasAllHashes;
+  return digest;
+}
+/**
+ * Compare two digests for determinism
+ */
+export function compareDigests(digest1, digest2) {
+  const comparison = {
+    match: false,
+    diffs: [],
+  };
+  // Learn must match (deterministic)
+  if (digest1.digests.learn !== digest2.digests.learn) {
+    comparison.diffs.push('learn.json hash differs');
+  }
+  // Observe must match (deterministic execution)
+  if (digest1.digests.observe !== digest2.digests.observe) {
+    comparison.diffs.push('observe.json hash differs');
+  }
+  // Findings must match (deterministic classification)
+  if (digest1.digests.findings !== digest2.digests.findings) {
+    comparison.diffs.push('findings.json hash differs');
+  }
+  // Evidence files should match
+  const evidenceKeys1 = Object.keys(digest1.digests.evidence || {});
+  const evidenceKeys2 = Object.keys(digest2.digests.evidence || {});
+  if (evidenceKeys1.length !== evidenceKeys2.length) {
+    comparison.diffs.push(
+      `Evidence count differs: ${evidenceKeys1.length} vs ${evidenceKeys2.length}`
+    );
+  }
+  for (const key of evidenceKeys1) {
+    if (
+      digest1.digests.evidence[key] &&
+      digest2.digests.evidence[key] &&
+      digest1.digests.evidence[key] !== '[IMAGE_SKIPPED]' &&
+      digest1.digests.evidence[key] !== digest2.digests.evidence[key]
+    ) {
+      comparison.diffs.push(`Evidence file '${key}' hash differs`);
+    }
+  }
+  comparison.match = comparison.diffs.length === 0;
+  return comparison;
+}
+/**
+ * Save digest to file
+ */
+export function saveDigest(digestPath, digest) {
+  try {
+    writeFileSync(digestPath, JSON.stringify(digest, null, 2), 'utf-8');
+    return true;
+  } catch (e) {
+    return false;
+  }
+}
+/**
+ * Load digest from file
+ */
+export function loadDigest(digestPath) {
+  try {
+    const content = readFileSync(digestPath, 'utf-8');
+  // @ts-expect-error - readFileSync with encoding returns string
+    return JSON.parse(content);
+  } catch (e) {
+    return null;
+  }
+}
+/**
+ * Check if a run is deterministically reproducible
+ */
+export function isRunDeterministic(digest) {
+  if (!digest) return false;
+  return (
+    Boolean(digest.digests.learn) &&
+    Boolean(digest.digests.observe) &&
+    Boolean(digest.digests.findings)
+  );
+}

package/src/cli/util/dom-diff.js ADDED Viewed

@@ -0,0 +1,226 @@
+/**
+ * DOM Diff Engine
+ * Computes structured differences between HTML snapshots
+ * Distinguishes meaningful changes from noise
+ */
+/**
+ * Compute a diff between two HTML documents
+ * Returns a summary of changes without full tree comparison (for performance)
+ * Includes isMeaningful flag to distinguish signal from noise
+ */
+export function computeDOMDiff(htmlBefore, htmlAfter) {
+  const _before = parseHTML(htmlBefore);
+  const _after = parseHTML(htmlAfter);
+  const diff = {
+    htmlLengthBefore: htmlBefore.length,
+    htmlLengthAfter: htmlAfter.length,
+    changed: htmlBefore !== htmlAfter,
+    isMeaningful: false,
+    elementsRemoved: [],
+    elementsAdded: [],
+    attributesChanged: [],
+    contentChanged: [],
+  };
+  if (!diff.changed) {
+    return diff;
+  }
+  // Check if this is only noise (timestamps, random ids, tracking)
+  if (isNoisyChangeOnly(htmlBefore, htmlAfter)) {
+    diff.changed = true;
+    diff.isMeaningful = false;
+    return diff;
+  }
+  // Quick heuristics for specific changes
+  // Check for new elements with specific roles/classes that indicate feedback
+  const feedbackPatterns = [
+    'role="alert"',
+    'role="status"',
+    'aria-live',
+    'class="toast"',
+    'class="error"',
+    'class="success"',
+    'class="modal"',
+    'class="dialog"',
+    '[data-error]',
+    '[data-success]',
+  ];
+  for (const pattern of feedbackPatterns) {
+    if (!htmlBefore.includes(pattern) && htmlAfter.includes(pattern)) {
+      diff.elementsAdded.push(pattern);
+      diff.isMeaningful = true;
+    }
+    if (htmlBefore.includes(pattern) && !htmlAfter.includes(pattern)) {
+      diff.elementsRemoved.push(pattern);
+      diff.isMeaningful = true;
+    }
+  }
+  // Check for attribute changes (disabled, aria-invalid, etc.)
+  const attrPatterns = [
+    'disabled',
+    'aria-invalid',
+    'aria-disabled',
+    'data-loading',
+  ];
+  for (const attr of attrPatterns) {
+    const beforeCount = countOccurrences(htmlBefore, attr);
+    const afterCount = countOccurrences(htmlAfter, attr);
+    if (beforeCount !== afterCount) {
+      diff.attributesChanged.push({
+        attribute: attr,
+        before: beforeCount,
+        after: afterCount,
+      });
+      diff.isMeaningful = true;
+    }
+  }
+  // Check for form state changes (values, structure)
+  if (checkFormStateChange(htmlBefore, htmlAfter)) {
+    diff.isMeaningful = true;
+  }
+  return diff;
+}
+/**
+ * Parse HTML and return basic structure info
+ */
+function parseHTML(html) {
+  return {
+    bodyLength: html.length,
+    hasHead: html.includes('<head'),
+    hasBody: html.includes('<body'),
+    formCount: countOccurrences(html, '<form'),
+    inputCount: countOccurrences(html, '<input'),
+    buttonCount: countOccurrences(html, '<button'),
+  };
+}
+/**
+ * Count occurrences of a substring
+ */
+function countOccurrences(str, substr) {
+  let count = 0;
+  let pos = 0;
+  while ((pos = str.indexOf(substr, pos)) !== -1) {
+    count++;
+    pos += substr.length;
+  }
+  return count;
+}
+/**
+ * Detect if DOM appears to have feedback elements
+ */
+export function hasFeedbackElements(html) {
+  const feedbackIndicators = [
+    'role="alert"',
+    'role="status"',
+    'aria-live="polite"',
+    'aria-live="assertive"',
+    'toast',
+    'error',
+    'success',
+    'validation',
+  ];
+  return feedbackIndicators.some(indicator =>
+    html.includes(indicator)
+  );
+}
+/**
+ * Detect if DOM appears to have validation errors
+ */
+export function hasValidationErrors(html) {
+  const errorPatterns = [
+    'aria-invalid="true"',
+    'aria-invalid=\'true\'',
+    'invalid',
+    'error',
+    'required',
+  ];
+  return errorPatterns.some(pattern => html.includes(pattern));
+}
+/**
+ * Check if the HTML change is only noise (timestamps, random IDs, tracking pixels)
+ * Returns true if ONLY noise detected, false if meaningful changes exist
+ */
+function isNoisyChangeOnly(htmlBefore, htmlAfter) {
+  // Make a copy and remove known noise patterns
+  let before = htmlBefore;
+  let after = htmlAfter;
+  // Remove timestamps (ISO, Unix, etc.)
+  const timestampPattern = /\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}[^"']*/g;
+  before = before.replace(timestampPattern, '[TIMESTAMP]');
+  after = after.replace(timestampPattern, '[TIMESTAMP]');
+  // Remove UUID-like patterns
+  const uuidPattern = /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/gi;
+  before = before.replace(uuidPattern, '[UUID]');
+  after = after.replace(uuidPattern, '[UUID]');
+  // Remove random hash-like values
+  const hashPattern = /[a-f0-9]{32,}/g;
+  before = before.replace(hashPattern, '[HASH]');
+  after = after.replace(hashPattern, '[HASH]');
+  // Remove tracking params (ga, fbclid, etc.)
+  const trackingPattern = /[?&](ga[a-z_]*|fbclid|utm_[a-z]*|gclid|msclkid)=[^&"']*/g;
+  before = before.replace(trackingPattern, '[TRACKING]');
+  after = after.replace(trackingPattern, '[TRACKING]');
+  // Remove data-testid and similar noise attrs
+  const testIdPattern = /data-testid="[^"]*"/g;
+  before = before.replace(testIdPattern, '');
+  after = after.replace(testIdPattern, '');
+  // If they're now equal, it was only noise
+  return before === after;
+}
+/**
+ * Check for meaningful form state changes
+ */
+function checkFormStateChange(htmlBefore, htmlAfter) {
+  // Check for form input value changes (meaningful state change)
+  const beforeInputs = extractInputValues(htmlBefore);
+  const afterInputs = extractInputValues(htmlAfter);
+  if (beforeInputs.size !== afterInputs.size) {
+    return true;
+  }
+  for (const [key, value] of beforeInputs) {
+    if (afterInputs.get(key) !== value) {
+      return true;
+    }
+  }
+  return false;
+}
+/**
+ * Extract input name-value pairs from HTML
+ */
+function extractInputValues(html) {
+  const values = new Map();
+  const inputPattern = /<input[^>]*name="([^"]*)"[^>]*value="([^"]*)"/g;
+  let match;
+  while ((match = inputPattern.exec(html)) !== null) {
+    values.set(match[1], match[2]);
+  }
+  return values;
+}