@vibecheckai/cli 3.2.5 → 3.3.0

package/bin/runners/lib/agent-firewall/risk/vectors.js

@@ -0,0 +1,421 @@
+/**
+ * Risk Vectors
+ * 
+ * Defines the risk vectors and their default weights for scoring changes.
+ * Each vector contributes to the overall risk score.
+ */
+
+"use strict";
+
+/**
+ * Risk vector definitions
+ */
+const RISK_VECTORS = {
+  /**
+   * Surface Area
+   * How many files are touched by the change
+   */
+  SURFACE_AREA: {
+    id: "surface_area",
+    name: "Surface Area",
+    description: "Number of files touched by the change",
+    baseWeight: 1,
+    calculate: (context) => {
+      const files = context.files || [];
+      const fileCount = files.length;
+      
+      // Single file changes are very common and safe - no penalty
+      if (fileCount <= 1) return 0;
+      
+      // Count "safe" files that shouldn't add to risk
+      const safeFiles = files.filter(f => {
+        const path = (f.path || f).toLowerCase();
+        return (
+          path.includes('.test.') || path.includes('.spec.') ||
+          path.includes('__tests__') || path.includes('__mocks__') ||
+          path.endsWith('.md') || path.endsWith('.mdx') ||
+          path.endsWith('.d.ts') || path.includes('.stories.') ||
+          path.endsWith('-lock.json') || path.endsWith('.lock') ||
+          path.includes('/docs/')
+        );
+      });
+      
+      // Effective file count excludes safe files
+      const effectiveCount = fileCount - safeFiles.length;
+      
+      // More generous thresholds
+      if (effectiveCount <= 1) return 0;
+      if (effectiveCount <= 3) return effectiveCount; // 1 point each
+      if (effectiveCount <= 5) return 3 + (effectiveCount - 3) * 2; // 2 points each
+      if (effectiveCount <= 10) return 7 + (effectiveCount - 5) * 3; // 3 points each
+      return 22 + (effectiveCount - 10) * 4; // 4 points each for large changes
+    },
+  },
+  
+  /**
+   * Blast Radius
+   * Impact on core vs peripheral code
+   */
+  BLAST_RADIUS: {
+    id: "blast_radius",
+    name: "Blast Radius",
+    description: "Impact on core vs peripheral code paths",
+    baseWeight: 1,
+    calculate: (context) => {
+      let score = 0;
+      const files = context.files || [];
+      
+      // For single-file changes, apply a discount since they're typically safer
+      const singleFileDiscount = files.length === 1 ? 0.6 : 1;
+      
+      for (const file of files) {
+        const path = (file.path || file).toLowerCase();
+        let fileScore = 0;
+        
+        // Tests have ZERO impact - they can't break production
+        if (path.includes("/test") || path.includes(".test.") || path.includes(".spec.") || 
+            path.includes("__tests__") || path.includes("__mocks__")) {
+          fileScore = 0;
+        }
+        // Documentation and config have minimal impact
+        else if (path.endsWith(".md") || path.endsWith(".mdx") || 
+                 path.includes("/docs/") || path.includes("readme")) {
+          fileScore = 0;
+        }
+        // Type definitions are low risk
+        else if (path.endsWith(".d.ts") || path.includes("/types/")) {
+          fileScore = 2;
+        }
+        // Storybook/examples - no production impact
+        else if (path.includes(".stories.") || path.includes("/examples/") || path.includes("/storybook/")) {
+          fileScore = 0;
+        }
+        // Core paths - high impact but reduced from 25
+        else if (path.includes("/core/") || path.includes("/lib/") || path.includes("/shared/")) {
+          fileScore = 15;
+        }
+        // Database/schema - high impact
+        else if (path.includes("/prisma/") || path.includes("/db/") || path.includes("/schema/")) {
+          fileScore = 18;
+        }
+        // Service paths - medium-high impact (reduced from 20)
+        else if (path.includes("/services/") || path.includes("/providers/")) {
+          fileScore = 12;
+        }
+        // Middleware - medium-high impact (reduced from 18)
+        else if (path.includes("/middleware/")) {
+          fileScore = 10;
+        }
+        // API routes - medium impact (reduced from 15)
+        else if (path.includes("/routes/") || path.includes("/api/")) {
+          fileScore = 8;
+        }
+        // Config files - low impact (reduced from 12)
+        else if (path.includes("/config/")) {
+          fileScore = 5;
+        }
+        // Package.json is special - lock files are fine, package.json needs care
+        else if (path.endsWith("package.json")) {
+          fileScore = 8;
+        }
+        else if (path.endsWith("package-lock.json") || path.endsWith("pnpm-lock.yaml") || path.endsWith("yarn.lock")) {
+          fileScore = 0; // Lock files are auto-generated
+        }
+        // JSON/YAML config files - minimal impact
+        else if (path.endsWith(".json") || path.endsWith(".yaml") || path.endsWith(".yml")) {
+          fileScore = 3;
+        }
+        // Components/Pages - low impact (UI changes)
+        else if (path.includes("/components/") || path.includes("/pages/") || path.includes("/app/")) {
+          fileScore = 3;
+        }
+        // Styles - minimal impact
+        else if (path.endsWith(".css") || path.endsWith(".scss") || path.endsWith(".less")) {
+          fileScore = 1;
+        }
+        // Everything else - low impact
+        else {
+          fileScore = 2;
+        }
+        
+        score += fileScore;
+      }
+      
+      // Apply single-file discount
+      return Math.round(score * singleFileDiscount);
+    },
+  },
+  
+  /**
+   * Irreversibility
+   * How hard it is to undo the change
+   */
+  IRREVERSIBILITY: {
+    id: "irreversibility",
+    name: "Irreversibility",
+    description: "Difficulty of undoing the change",
+    baseWeight: 1,
+    calculate: (context) => {
+      let score = 0;
+      const operations = context.operations || [];
+      const files = context.files || [];
+      
+      for (const op of operations) {
+        const type = op.type?.toLowerCase();
+        const path = (op.path || "").toLowerCase();
+        
+        // Deletions are highly irreversible
+        if (type === "delete") {
+          score += 20;
+          // Even more for core files
+          if (path.includes("/core/") || path.includes("/lib/")) {
+            score += 15;
+          }
+        }
+        // Migrations are very irreversible
+        else if (path.includes("migration") || path.includes("/prisma/")) {
+          score += 30;
+        }
+        // Schema changes are irreversible
+        else if (path.includes("schema") || path.includes(".prisma")) {
+          score += 25;
+        }
+      }
+      
+      // Check for delete operations in files
+      for (const file of files) {
+        const path = (file.path || file).toLowerCase();
+        if (path.includes("migration")) {
+          score += 25;
+        }
+      }
+      
+      return score;
+    },
+  },
+  
+  /**
+   * Confidence
+   * How confident we are in the change's safety
+   */
+  CONFIDENCE: {
+    id: "confidence",
+    name: "Confidence Gap",
+    description: "Points added for unverified assumptions",
+    baseWeight: 1,
+    calculate: (context) => {
+      let score = 0;
+      
+      // Unresolved assumptions add risk (reduced from 40 to 15 per assumption)
+      // Most assumptions are benign and resolve at runtime
+      const unresolvedAssumptions = context.unresolvedAssumptions || [];
+      const assumptionCount = unresolvedAssumptions.length;
+      
+      // Use diminishing returns for multiple assumptions
+      if (assumptionCount > 0) {
+        // First assumption: 15 points, then 10, then 5 each for more
+        score += Math.min(15 + Math.max(0, assumptionCount - 1) * 5, 40);
+      }
+      
+      // Low confidence in proposal (reduced from 30/20/10 to 15/10/5)
+      const confidence = context.proposalConfidence ?? 1;
+      if (confidence < 0.3) {
+        score += 15;
+      } else if (confidence < 0.5) {
+        score += 10;
+      } else if (confidence < 0.7) {
+        score += 5;
+      }
+      // Note: 0.7+ confidence adds no penalty (default is fine)
+      
+      // Missing intent - only penalize if completely missing
+      // Many agents provide minimal but valid intents
+      if (!context.intent || context.intent.trim().length === 0) {
+        score += 8;
+      }
+      
+      return score;
+    },
+  },
+  
+  /**
+   * Novelty
+   * Whether this introduces new patterns
+   */
+  NOVELTY: {
+    id: "novelty",
+    name: "Novelty",
+    description: "Introduction of new patterns or dependencies",
+    baseWeight: 1,
+    calculate: (context) => {
+      let score = 0;
+      
+      // New dependencies - only risky if adding many
+      // Single new dependency is very common during development
+      const newDependencies = context.newDependencies || [];
+      if (newDependencies.length > 3) {
+        score += 5 + (newDependencies.length - 3) * 3; // Only penalize bulk additions
+      }
+      
+      // New files being created - very normal during development
+      // Only flag if creating many files at once (could be a scaffold)
+      const operations = context.operations || [];
+      const creations = operations.filter(op => op.type === "create");
+      if (creations.length > 5) {
+        score += (creations.length - 5) * 2;
+      }
+      
+      // New env vars - reduced from 15 to 5 per var
+      // New env vars are common when adding features
+      const newEnvVars = context.newEnvVars || [];
+      score += Math.min(newEnvVars.length * 5, 15); // Cap at 15 points
+      
+      // New routes - reduced from 8 to 3 per route
+      // Adding routes is normal API development
+      const newRoutes = context.newRoutes || [];
+      score += Math.min(newRoutes.length * 3, 12); // Cap at 12 points
+      
+      return score;
+    },
+  },
+  
+  /**
+   * Domain Risk
+   * Risk based on the domain being modified
+   */
+  DOMAIN: {
+    id: "domain",
+    name: "Domain Risk",
+    description: "Risk associated with specific domains",
+    baseWeight: 1,
+    calculate: (context) => {
+      const domains = context.domains || [];
+      
+      // If no domains identified, it's likely a safe general change
+      if (domains.length === 0) return 0;
+      
+      // Reduced domain weights to avoid over-penalizing
+      // Single-file auth changes shouldn't trigger blocks by themselves
+      const domainWeights = {
+        payments: 20,      // Reduced from 35 - payments is sensitive but not always blocking
+        auth: 15,          // Reduced from 30 - many auth changes are benign
+        security: 15,      // Reduced from 30 - security patterns are common
+        database: 12,      // Reduced from 25 - schema changes are normal
+        middleware: 8,     // Reduced from 20 - middleware is often safe
+        core: 10,          // Reduced from 20 - core changes happen regularly
+        routes: 5,         // Reduced from 15 - route changes are common
+        contracts: 8,      // Reduced from 15 - API contracts evolve
+        config: 3,         // Reduced from 12 - config is usually safe
+        ui: 0,             // Reduced from 5 - UI changes are generally safe
+        test: 0,           // Reduced from 2 - tests have no production impact
+        general: 0,        // Reduced from 3 - general is the default, shouldn't add risk
+      };
+      
+      // Only count the highest-risk domain (don't stack)
+      // This prevents a file in "auth + routes" from getting double-penalized
+      let maxScore = 0;
+      for (const domain of domains) {
+        const weight = domainWeights[domain] ?? 2;
+        maxScore = Math.max(maxScore, weight);
+      }
+      
+      return maxScore;
+    },
+  },
+  
+  /**
+   * Side Effects
+   * Potential for unintended side effects
+   */
+  SIDE_EFFECTS: {
+    id: "side_effects",
+    name: "Side Effects",
+    description: "Potential for unintended side effects",
+    baseWeight: 1,
+    calculate: (context) => {
+      let score = 0;
+      const claims = context.claims || [];
+      
+      // Network calls - very common, reduced impact
+      // Only penalize if there are many or if they're to external services
+      const networkClaims = claims.filter(c => 
+        c.type === "fetch" || c.type === "api_call" || c.type === "network"
+      );
+      // First 3 network calls are free (normal API usage)
+      if (networkClaims.length > 3) {
+        score += (networkClaims.length - 3) * 5;
+      }
+      
+      // File system operations - only server-side concerns
+      const fsClaims = claims.filter(c => 
+        c.type === "fs_write" || c.type === "fs_delete"
+      );
+      // Writes are more concerning than reads
+      const writeOps = fsClaims.filter(c => c.type === "fs_write");
+      const deleteOps = fsClaims.filter(c => c.type === "fs_delete");
+      score += writeOps.length * 5;
+      score += deleteOps.length * 10; // Deletes are more dangerous
+      
+      // Database mutations - important but common
+      const dbClaims = claims.filter(c => 
+        c.type === "db_write" || c.type === "db_delete" || c.type === "db_mutation"
+      );
+      // Only penalize destructive DB operations heavily
+      const dbDeletes = dbClaims.filter(c => c.type === "db_delete");
+      const dbWrites = dbClaims.filter(c => c.type !== "db_delete");
+      score += dbWrites.length * 3;
+      score += dbDeletes.length * 12;
+      
+      // External service calls - reduced from 18 to 8
+      // Calling external APIs is normal
+      const externalClaims = claims.filter(c => 
+        c.type === "external_service" || c.type === "webhook"
+      );
+      score += Math.min(externalClaims.length * 8, 20); // Cap at 20
+      
+      return score;
+    },
+  },
+};
+
+/**
+ * Risk level thresholds
+ */
+const RISK_LEVELS = {
+  LOW: { min: 0, max: 25, label: "LOW", color: "green" },
+  MEDIUM: { min: 26, max: 50, label: "MEDIUM", color: "yellow" },
+  HIGH: { min: 51, max: 80, label: "HIGH", color: "orange" },
+  CRITICAL: { min: 81, max: Infinity, label: "CRITICAL", color: "red" },
+};
+
+/**
+ * Get risk level from score
+ */
+function getRiskLevel(score) {
+  if (score <= RISK_LEVELS.LOW.max) return RISK_LEVELS.LOW;
+  if (score <= RISK_LEVELS.MEDIUM.max) return RISK_LEVELS.MEDIUM;
+  if (score <= RISK_LEVELS.HIGH.max) return RISK_LEVELS.HIGH;
+  return RISK_LEVELS.CRITICAL;
+}
+
+/**
+ * Get all vector IDs
+ */
+function getVectorIds() {
+  return Object.values(RISK_VECTORS).map(v => v.id);
+}
+
+/**
+ * Get vector by ID
+ */
+function getVector(id) {
+  return Object.values(RISK_VECTORS).find(v => v.id === id);
+}
+
+module.exports = {
+  RISK_VECTORS,
+  RISK_LEVELS,
+  getRiskLevel,
+  getVectorIds,
+  getVector,
+};