@vibecheckai/cli 3.2.0 → 3.2.2

package/bin/runners/lib/agent-firewall/unblock/planner.js

@@ -0,0 +1,337 @@
+/**
+ * Auto-Unblock Planner
+ * 
+ * Generates exact missing proofs and minimal patch plans when blocked.
+ * No open-ended advice - specific file/line instructions.
+ */
+
+"use strict";
+
+const path = require("path");
+const fs = require("fs");
+const { CLAIM_TYPES } = require("../claims/claim-types");
+
+/**
+ * Generate unblock plan from violations
+ * @param {object} params
+ * @param {array} params.violations - Rule violations
+ * @param {array} params.claims - Extracted claims
+ * @param {string} params.projectRoot - Project root directory
+ * @returns {object} Unblock plan with specific steps
+ */
+function generateUnblockPlan({ violations, claims, projectRoot }) {
+  const steps = [];
+  
+  for (const violation of violations) {
+    if (violation.severity !== "block") {
+      continue; // Only generate plans for blocking violations
+    }
+    
+    const claim = violation.claim || claims.find(c => 
+      violation.claimId && c.type === violation.claim?.type
+    );
+    
+    switch (violation.rule) {
+      case "ghost_route":
+        steps.push(...planGhostRoute(claim, projectRoot));
+        break;
+        
+      case "ghost_env":
+        steps.push(...planGhostEnv(claim, projectRoot));
+        break;
+        
+      case "auth_drift":
+        steps.push(...planAuthDrift(claim, projectRoot));
+        break;
+        
+      case "contract_drift":
+        steps.push(...planContractDrift(claim, projectRoot));
+        break;
+        
+      case "scope_explosion":
+        steps.push(...planScopeExplosion(violation));
+        break;
+        
+      case "unsafe_side_effect":
+        steps.push(...planUnsafeSideEffect(claim, projectRoot));
+        break;
+        
+      case "fake_success_ui":
+        steps.push(...planFakeSuccess(claim, projectRoot));
+        break;
+    }
+  }
+  
+  return {
+    steps: deduplicateSteps(steps)
+  };
+}
+
+/**
+ * Plan for ghost route violation
+ */
+function planGhostRoute(claim, projectRoot) {
+  if (!claim || claim.type !== CLAIM_TYPES.ROUTE) {
+    return [];
+  }
+  
+  const routePath = claim.value;
+  const steps = [];
+  
+  // Determine framework and suggest route file location
+  const isApiRoute = routePath.startsWith("/api/");
+  
+  if (isApiRoute) {
+    // Next.js App Router
+    const routePathSegments = routePath.replace("/api/", "").split("/");
+    const routeFile = path.join("app", "api", ...routePathSegments, "route.ts");
+    const routeFileAbs = path.join(projectRoot, routeFile);
+    
+    steps.push({
+      action: "create",
+      file: routeFile,
+      line: 1,
+      description: `Create route handler at ${routeFile} for ${routePath}`
+    });
+    
+    // Also suggest adding to truthpack
+    steps.push({
+      action: "modify",
+      file: ".vibecheck/truthpack/routes.json",
+      line: null,
+      description: `Run 'vibecheck truth' to regenerate truthpack with new route`
+    });
+  }
+  
+  return steps;
+}
+
+/**
+ * Plan for ghost env violation
+ */
+function planGhostEnv(claim, projectRoot) {
+  if (!claim || claim.type !== CLAIM_TYPES.ENV) {
+    return [];
+  }
+  
+  const envVarName = claim.value;
+  const steps = [];
+  
+  // Find env schema file
+  const envSchemaFiles = [
+    "apps/api/src/config/env.schema.ts",
+    "apps/api/src/env.schema.ts",
+    "src/config/env.schema.ts",
+    "src/env.schema.ts"
+  ];
+  
+  let envSchemaFile = null;
+  for (const candidate of envSchemaFiles) {
+    const fullPath = path.join(projectRoot, candidate);
+    if (fs.existsSync(fullPath)) {
+      envSchemaFile = candidate;
+      break;
+    }
+  }
+  
+  if (!envSchemaFile) {
+    // Create new schema file
+    envSchemaFile = "apps/api/src/config/env.schema.ts";
+    steps.push({
+      action: "create",
+      file: envSchemaFile,
+      line: 1,
+      description: `Create env schema file and add ${envVarName}`
+    });
+  } else {
+    // Add to existing schema
+    steps.push({
+      action: "modify",
+      file: envSchemaFile,
+      line: null, // Will need to find insertion point
+      description: `Add ${envVarName} to env schema`
+    });
+  }
+  
+  // Also add to .env.example
+  steps.push({
+    action: "modify",
+    file: ".env.example",
+    line: null,
+    description: `Add ${envVarName}=<value> to .env.example`
+  });
+  
+  return steps;
+}
+
+/**
+ * Plan for auth drift violation
+ */
+function planAuthDrift(claim, projectRoot) {
+  if (!claim || claim.type !== CLAIM_TYPES.AUTH) {
+    return [];
+  }
+  
+  const steps = [];
+  
+  // Find middleware file
+  const middlewareFiles = [
+    "middleware.ts",
+    "src/middleware.ts",
+    "apps/api/src/middleware.ts"
+  ];
+  
+  let middlewareFile = null;
+  for (const candidate of middlewareFiles) {
+    const fullPath = path.join(projectRoot, candidate);
+    if (fs.existsSync(fullPath)) {
+      middlewareFile = candidate;
+      break;
+    }
+  }
+  
+  if (middlewareFile) {
+    steps.push({
+      action: "modify",
+      file: middlewareFile,
+      line: null,
+      description: `Add protected route pattern to middleware matcher for ${claim.file || "affected route"}`
+    });
+  } else {
+    steps.push({
+      action: "create",
+      file: "middleware.ts",
+      line: 1,
+      description: `Create middleware.ts and add auth protection for ${claim.file || "affected route"}`
+    });
+  }
+  
+  return steps;
+}
+
+/**
+ * Plan for contract drift violation
+ */
+function planContractDrift(claim, projectRoot) {
+  if (!claim || claim.type !== CLAIM_TYPES.CONTRACT) {
+    return [];
+  }
+  
+  const steps = [];
+  
+  steps.push({
+    action: "modify",
+    file: ".vibecheck/truthpack/contracts.json",
+    line: null,
+    description: `Update contract definition for ${claim.value} or run 'vibecheck truth' to regenerate`
+  });
+  
+  return steps;
+}
+
+/**
+ * Plan for scope explosion violation
+ */
+function planScopeExplosion(violation) {
+  const steps = [];
+  
+  const metadata = violation.metadata || {};
+  
+  if (metadata.totalFiles) {
+    steps.push({
+      action: "modify",
+      file: null,
+      line: null,
+      description: `Reduce scope: ${metadata.totalFiles} files touched (max: ${metadata.maxFiles}). Split into smaller changes or provide explicit intent message.`
+    });
+  }
+  
+  if (metadata.totalLines) {
+    steps.push({
+      action: "modify",
+      file: null,
+      line: null,
+      description: `Reduce scope: ${metadata.totalLines} lines changed (max: ${metadata.maxLines}). Split into smaller changes or provide explicit intent message.`
+    });
+  }
+  
+  return steps;
+}
+
+/**
+ * Plan for unsafe side effect violation
+ */
+function planUnsafeSideEffect(claim, projectRoot) {
+  if (!claim || claim.type !== CLAIM_TYPES.SIDE_EFFECT) {
+    return [];
+  }
+  
+  const steps = [];
+  
+  // Suggest creating test file
+  const claimFile = claim.file || "";
+  if (claimFile) {
+    const baseName = path.basename(claimFile, path.extname(claimFile));
+    const dir = path.dirname(claimFile);
+    const testFile = path.join(dir, `${baseName}.test.ts`);
+    
+    steps.push({
+      action: "create",
+      file: testFile,
+      line: 1,
+      description: `Create test file to verify side effect: ${claim.value}`
+    });
+  }
+  
+  // Also suggest reality proof
+  steps.push({
+    action: "modify",
+    file: null,
+    line: null,
+    description: `Run 'vibecheck reality' to generate proof for side effect: ${claim.value}`
+  });
+  
+  return steps;
+}
+
+/**
+ * Plan for fake success UI violation
+ */
+function planFakeSuccess(claim, projectRoot) {
+  if (!claim || claim.type !== CLAIM_TYPES.UI_SUCCESS) {
+    return [];
+  }
+  
+  const steps = [];
+  
+  steps.push({
+    action: "modify",
+    file: claim.file || "unknown",
+    line: null,
+    description: `Add HTTP call or side effect before showing success message: ${claim.value}`
+  });
+  
+  return steps;
+}
+
+/**
+ * Deduplicate steps by file+action
+ */
+function deduplicateSteps(steps) {
+  const seen = new Set();
+  const unique = [];
+  
+  for (const step of steps) {
+    const key = `${step.action}|${step.file || "null"}`;
+    if (!seen.has(key)) {
+      seen.add(key);
+      unique.push(step);
+    }
+  }
+  
+  return unique;
+}
+
+module.exports = {
+  generateUnblockPlan
+};