@vibecheckai/cli 3.3.0 → 3.5.0

package/bin/runners/lib/engines/noise-reduction-engine.js

@@ -0,0 +1,452 @@
+/**
+ * Noise Reduction Engine - Bulletproof Signal-to-Noise Ratio
+ * 
+ * This engine ensures vibecheck findings are high-signal and actionable.
+ * It addresses alert fatigue through:
+ * 
+ * 1. ADAPTIVE CAPS - Project size determines finding limits
+ * 2. QUALITY SCORING - Each finding gets a signal quality score
+ * 3. SMART DEDUPLICATION - Similar findings are grouped
+ * 4. PRIORITY RANKING - Critical path findings surface first
+ * 5. CONFIGURABLE THRESHOLDS - Per-rule severity/confidence tuning
+ */
+
+"use strict";
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// ADAPTIVE FINDING CAPS
+// Based on project size to prevent overwhelming large codebases
+// ═══════════════════════════════════════════════════════════════════════════════
+
+const PROJECT_SIZE_THRESHOLDS = {
+  tiny: { files: 50, lines: 5000 },      // Small scripts, MVPs
+  small: { files: 200, lines: 20000 },   // Side projects
+  medium: { files: 500, lines: 50000 },  // Standard apps
+  large: { files: 1500, lines: 150000 }, // Production apps
+  huge: { files: 5000, lines: 500000 },  // Enterprise/monorepos
+};
+
+const ADAPTIVE_CAPS = {
+  tiny:   { blockers: 5,  warnings: 10, info: 5,  total: 20 },
+  small:  { blockers: 10, warnings: 20, info: 10, total: 40 },
+  medium: { blockers: 15, warnings: 35, info: 15, total: 65 },
+  large:  { blockers: 25, warnings: 50, info: 25, total: 100 },
+  huge:   { blockers: 40, warnings: 80, info: 40, total: 160 },
+};
+
+function detectProjectSize(stats) {
+  const { fileCount = 0, lineCount = 0 } = stats;
+  
+  if (fileCount <= PROJECT_SIZE_THRESHOLDS.tiny.files && lineCount <= PROJECT_SIZE_THRESHOLDS.tiny.lines) return 'tiny';
+  if (fileCount <= PROJECT_SIZE_THRESHOLDS.small.files && lineCount <= PROJECT_SIZE_THRESHOLDS.small.lines) return 'small';
+  if (fileCount <= PROJECT_SIZE_THRESHOLDS.medium.files && lineCount <= PROJECT_SIZE_THRESHOLDS.medium.lines) return 'medium';
+  if (fileCount <= PROJECT_SIZE_THRESHOLDS.large.files && lineCount <= PROJECT_SIZE_THRESHOLDS.large.lines) return 'large';
+  return 'huge';
+}
+
+function getAdaptiveCaps(projectStats) {
+  const size = detectProjectSize(projectStats);
+  return { size, caps: ADAPTIVE_CAPS[size] };
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// FINDING QUALITY SCORING
+// Determines how "actionable" a finding is (0.0 - 1.0)
+// ═══════════════════════════════════════════════════════════════════════════════
+
+const QUALITY_FACTORS = {
+  // Positive factors (increase quality)
+  hasEvidence: 0.15,           // Finding includes evidence
+  hasFixHint: 0.10,            // Finding includes fix suggestion
+  astVerified: 0.20,           // Verified via AST, not just regex
+  highConfidence: 0.15,        // Confidence >= 0.8
+  criticalPath: 0.15,          // In critical code path (routes, auth, payments)
+  multipleOccurrences: 0.05,   // Pattern appears multiple times
+  recentlyIntroduced: 0.10,    // New in recent commit (if git info available)
+  
+  // Negative factors (decrease quality)
+  inTestFile: -0.30,           // In test file
+  inConfigFile: -0.15,         // In config file
+  inGeneratedCode: -0.40,      // In generated/vendored code
+  lowConfidence: -0.20,        // Confidence < 0.5
+  commonFalsePositive: -0.25,  // Known false positive pattern
+  inComment: -0.30,            // In a comment
+  inString: -0.15,             // In a string literal
+};
+
+// Critical path patterns - findings here are more important
+const CRITICAL_PATH_PATTERNS = [
+  /\/(api|routes|pages|app)\//i,
+  /\/(auth|login|logout|session|oauth)\//i,
+  /\/(payment|billing|checkout|stripe|subscription)\//i,
+  /\/(admin|dashboard|settings)\//i,
+  /middleware\.(ts|js)$/i,
+  /route\.(ts|js)$/i,
+  /\[(.*?)\]\.(ts|js|tsx|jsx)$/i, // Dynamic routes
+];
+
+// Known false positive patterns to penalize
+const KNOWN_FALSE_POSITIVE_PATTERNS = [
+  // Tailwind placeholder classes
+  /placeholder:[a-zA-Z-]+/,
+  // Environment variable checks
+  /process\.env\.\w+\s*===?\s*['"]true['"]/,
+  // Test data in test utilities
+  /createMock|mockData|testData|fixtureData/i,
+  // Documentation examples
+  /example\.com|localhost:3000|127\.0\.0\.1/,
+];
+
+function calculateQualityScore(finding, context = {}) {
+  let score = 0.5; // Base score
+  
+  // Positive factors
+  if (finding.evidence?.length > 0) score += QUALITY_FACTORS.hasEvidence;
+  if (finding.fixHint || finding.fixHints?.length > 0) score += QUALITY_FACTORS.hasFixHint;
+  if (finding.astVerified || finding.verificationMethod === 'ast') score += QUALITY_FACTORS.astVerified;
+  if ((finding.confidence || finding.confidenceScore || 0) >= 0.8) score += QUALITY_FACTORS.highConfidence;
+  if (finding.occurrenceCount > 1) score += QUALITY_FACTORS.multipleOccurrences;
+  if (context.recentCommit) score += QUALITY_FACTORS.recentlyIntroduced;
+  
+  // Check critical path
+  const filePath = finding.file || finding.filePath || '';
+  if (CRITICAL_PATH_PATTERNS.some(p => p.test(filePath))) {
+    score += QUALITY_FACTORS.criticalPath;
+  }
+  
+  // Negative factors
+  if (context.isTestFile || /\.(test|spec)\.(ts|tsx|js|jsx)$/.test(filePath)) {
+    score += QUALITY_FACTORS.inTestFile;
+  }
+  if (context.isConfigFile || /\.config\.(ts|js|mjs|cjs)$/.test(filePath)) {
+    score += QUALITY_FACTORS.inConfigFile;
+  }
+  if (context.isGeneratedCode || /\/(generated|__generated__|codegen)\//i.test(filePath)) {
+    score += QUALITY_FACTORS.inGeneratedCode;
+  }
+  if ((finding.confidence || finding.confidenceScore || 0.5) < 0.5) {
+    score += QUALITY_FACTORS.lowConfidence;
+  }
+  if (finding.inComment) score += QUALITY_FACTORS.inComment;
+  if (finding.inString) score += QUALITY_FACTORS.inString;
+  
+  // Check for known false positive patterns
+  const message = finding.message || finding.title || '';
+  const code = finding.codeSnippet || finding.evidence?.[0]?.snippet || '';
+  if (KNOWN_FALSE_POSITIVE_PATTERNS.some(p => p.test(message) || p.test(code))) {
+    score += QUALITY_FACTORS.commonFalsePositive;
+  }
+  
+  // Clamp to 0.0 - 1.0
+  return Math.max(0, Math.min(1, score));
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// SMART DEDUPLICATION
+// Groups similar findings to reduce noise
+// ═══════════════════════════════════════════════════════════════════════════════
+
+function normalizeMessage(message) {
+  return (message || '')
+    .toLowerCase()
+    .replace(/[`'"]/g, '')
+    .replace(/\s+/g, ' ')
+    .replace(/line \d+/gi, 'line N')
+    .replace(/\d+/g, 'N')
+    .trim();
+}
+
+function generateDedupeKey(finding) {
+  const file = (finding.file || finding.filePath || '').replace(/\\/g, '/');
+  const type = finding.type || finding.category || 'unknown';
+  const line = finding.line || 0;
+  
+  return `${type}:${file}:${line}`;
+}
+
+function generateSimilarityKey(finding) {
+  const type = finding.type || finding.category || 'unknown';
+  const normalizedMsg = normalizeMessage(finding.message || finding.title);
+  
+  // Group by type + similar message
+  return `${type}:${normalizedMsg.slice(0, 50)}`;
+}
+
+function deduplicateFindings(findings, options = {}) {
+  const { groupSimilar = true, keepHighestQuality = true } = options;
+  
+  // Exact deduplication
+  const exactDedupeMap = new Map();
+  
+  for (const finding of findings) {
+    const key = generateDedupeKey(finding);
+    
+    if (exactDedupeMap.has(key)) {
+      const existing = exactDedupeMap.get(key);
+      // Keep highest quality/confidence
+      if (keepHighestQuality) {
+        const existingScore = existing.qualityScore || calculateQualityScore(existing);
+        const newScore = finding.qualityScore || calculateQualityScore(finding);
+        if (newScore > existingScore) {
+          finding.occurrenceCount = (existing.occurrenceCount || 1) + 1;
+          exactDedupeMap.set(key, finding);
+        } else {
+          existing.occurrenceCount = (existing.occurrenceCount || 1) + 1;
+        }
+      }
+    } else {
+      exactDedupeMap.set(key, { ...finding, occurrenceCount: finding.occurrenceCount || 1 });
+    }
+  }
+  
+  let dedupedFindings = Array.from(exactDedupeMap.values());
+  
+  // Group similar findings
+  if (groupSimilar) {
+    const similarityMap = new Map();
+    
+    for (const finding of dedupedFindings) {
+      const key = generateSimilarityKey(finding);
+      
+      if (!similarityMap.has(key)) {
+        similarityMap.set(key, { primary: finding, similar: [] });
+      } else {
+        similarityMap.get(key).similar.push(finding);
+      }
+    }
+    
+    // For groups with many similar findings, show count instead of all
+    dedupedFindings = [];
+    for (const [, group] of similarityMap) {
+      if (group.similar.length >= 3) {
+        // Collapse into single finding with count
+        group.primary.similarCount = group.similar.length;
+        group.primary.collapsedFiles = group.similar.map(f => f.file || f.filePath).filter(Boolean);
+        dedupedFindings.push(group.primary);
+      } else {
+        dedupedFindings.push(group.primary, ...group.similar);
+      }
+    }
+  }
+  
+  return dedupedFindings;
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// PRIORITY RANKING
+// Sort findings by importance
+// ═══════════════════════════════════════════════════════════════════════════════
+
+const SEVERITY_ORDER = {
+  'BLOCK': 0, 'block': 0, 'critical': 0, 'error': 0,
+  'WARN': 1, 'warn': 1, 'warning': 1, 'high': 1, 'medium': 1,
+  'INFO': 2, 'info': 2, 'low': 2, 'hint': 2,
+};
+
+function rankFindings(findings) {
+  return findings.sort((a, b) => {
+    // 1. Severity (BLOCK > WARN > INFO)
+    const sevA = SEVERITY_ORDER[a.severity] ?? 3;
+    const sevB = SEVERITY_ORDER[b.severity] ?? 3;
+    if (sevA !== sevB) return sevA - sevB;
+    
+    // 2. Quality score (higher is better)
+    const qualA = a.qualityScore || calculateQualityScore(a);
+    const qualB = b.qualityScore || calculateQualityScore(b);
+    if (Math.abs(qualA - qualB) > 0.1) return qualB - qualA;
+    
+    // 3. Confidence (higher is better)
+    const confA = a.confidence || a.confidenceScore || 0.5;
+    const confB = b.confidence || b.confidenceScore || 0.5;
+    if (Math.abs(confA - confB) > 0.1) return confB - confA;
+    
+    // 4. Critical path first
+    const fileA = a.file || a.filePath || '';
+    const fileB = b.file || b.filePath || '';
+    const critA = CRITICAL_PATH_PATTERNS.some(p => p.test(fileA)) ? 0 : 1;
+    const critB = CRITICAL_PATH_PATTERNS.some(p => p.test(fileB)) ? 0 : 1;
+    if (critA !== critB) return critA - critB;
+    
+    // 5. File path (alphabetical for stability)
+    return fileA.localeCompare(fileB);
+  });
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// CONFIGURABLE THRESHOLDS
+// Per-rule severity and confidence tuning
+// ═══════════════════════════════════════════════════════════════════════════════
+
+const DEFAULT_RULE_CONFIG = {
+  minConfidence: 0.5,      // Minimum confidence to report
+  maxPerFile: 5,           // Maximum findings per file per rule
+  maxTotal: 50,            // Maximum total findings for this rule
+  severity: null,          // Override severity (null = use engine default)
+  enabled: true,           // Enable/disable rule
+};
+
+function loadRuleConfig(config, ruleName) {
+  const rules = config?.rules || {};
+  const ruleConfig = rules[ruleName] || {};
+  
+  return {
+    ...DEFAULT_RULE_CONFIG,
+    ...ruleConfig,
+    // Handle legacy config formats
+    minConfidence: ruleConfig.minConfidence ?? ruleConfig.confidence ?? DEFAULT_RULE_CONFIG.minConfidence,
+    enabled: ruleConfig.enabled !== false,
+  };
+}
+
+function applyRuleConfig(findings, config) {
+  const ruleGroups = new Map();
+  
+  // Group by rule
+  for (const finding of findings) {
+    const rule = finding.type || finding.category || finding.ruleId || 'unknown';
+    if (!ruleGroups.has(rule)) ruleGroups.set(rule, []);
+    ruleGroups.get(rule).push(finding);
+  }
+  
+  const filtered = [];
+  
+  for (const [rule, ruleFindings] of ruleGroups) {
+    const ruleConfig = loadRuleConfig(config, rule);
+    
+    // Skip disabled rules
+    if (!ruleConfig.enabled) continue;
+    
+    // Filter by confidence
+    let applicable = ruleFindings.filter(f => {
+      const conf = f.confidence || f.confidenceScore || 0.5;
+      return conf >= ruleConfig.minConfidence;
+    });
+    
+    // Override severity if configured
+    if (ruleConfig.severity) {
+      applicable = applicable.map(f => ({ ...f, severity: ruleConfig.severity }));
+    }
+    
+    // Apply per-file limit
+    if (ruleConfig.maxPerFile) {
+      const byFile = new Map();
+      applicable = applicable.filter(f => {
+        const file = f.file || f.filePath || '';
+        const count = byFile.get(file) || 0;
+        if (count >= ruleConfig.maxPerFile) return false;
+        byFile.set(file, count + 1);
+        return true;
+      });
+    }
+    
+    // Apply total limit
+    if (ruleConfig.maxTotal && applicable.length > ruleConfig.maxTotal) {
+      applicable = applicable.slice(0, ruleConfig.maxTotal);
+    }
+    
+    filtered.push(...applicable);
+  }
+  
+  return filtered;
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// MAIN NOISE REDUCTION PIPELINE
+// ═══════════════════════════════════════════════════════════════════════════════
+
+function reduceNoise(findings, options = {}) {
+  const {
+    projectStats = {},      // { fileCount, lineCount }
+    config = {},            // .vibecheckrc content
+    minQualityScore = 0.3,  // Minimum quality to include
+    verbose = false,
+  } = options;
+  
+  const startCount = findings.length;
+  
+  // Step 1: Calculate quality scores
+  let processed = findings.map(f => ({
+    ...f,
+    qualityScore: calculateQualityScore(f, options.context || {}),
+  }));
+  
+  // Step 2: Apply rule-specific config
+  processed = applyRuleConfig(processed, config);
+  
+  // Step 3: Filter by quality score
+  processed = processed.filter(f => f.qualityScore >= minQualityScore);
+  
+  // Step 4: Deduplicate
+  processed = deduplicateFindings(processed, {
+    groupSimilar: options.groupSimilar !== false,
+    keepHighestQuality: true,
+  });
+  
+  // Step 5: Rank by priority
+  processed = rankFindings(processed);
+  
+  // Step 6: Apply adaptive caps
+  const { size, caps } = getAdaptiveCaps(projectStats);
+  
+  const blockers = processed.filter(f => ['BLOCK', 'block', 'critical', 'error'].includes(f.severity));
+  const warnings = processed.filter(f => ['WARN', 'warn', 'warning', 'high', 'medium'].includes(f.severity));
+  const info = processed.filter(f => ['INFO', 'info', 'low', 'hint'].includes(f.severity));
+  
+  const cappedBlockers = blockers.slice(0, caps.blockers);
+  const cappedWarnings = warnings.slice(0, caps.warnings);
+  const cappedInfo = info.slice(0, caps.info);
+  
+  const capped = [...cappedBlockers, ...cappedWarnings, ...cappedInfo].slice(0, caps.total);
+  
+  // Generate reduction stats
+  const stats = {
+    input: startCount,
+    output: capped.length,
+    reduction: Math.round((1 - capped.length / Math.max(startCount, 1)) * 100),
+    projectSize: size,
+    caps,
+    breakdown: {
+      blockers: { total: blockers.length, shown: cappedBlockers.length },
+      warnings: { total: warnings.length, shown: cappedWarnings.length },
+      info: { total: info.length, shown: cappedInfo.length },
+    },
+    hidden: {
+      byQuality: findings.length - processed.length,
+      byCaps: processed.length - capped.length,
+    },
+  };
+  
+  if (verbose) {
+    console.log(`\n[Noise Reduction] ${stats.input} → ${stats.output} findings (${stats.reduction}% reduction)`);
+    console.log(`  Project size: ${size} | Caps: ${JSON.stringify(caps)}`);
+  }
+  
+  return { findings: capped, stats };
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// EXPORTS
+// ═══════════════════════════════════════════════════════════════════════════════
+
+module.exports = {
+  // Main function
+  reduceNoise,
+  
+  // Individual components (for testing/customization)
+  detectProjectSize,
+  getAdaptiveCaps,
+  calculateQualityScore,
+  deduplicateFindings,
+  rankFindings,
+  applyRuleConfig,
+  loadRuleConfig,
+  
+  // Constants (for external configuration)
+  PROJECT_SIZE_THRESHOLDS,
+  ADAPTIVE_CAPS,
+  QUALITY_FACTORS,
+  CRITICAL_PATH_PATTERNS,
+  KNOWN_FALSE_POSITIVE_PATTERNS,
+  DEFAULT_RULE_CONFIG,
+  SEVERITY_ORDER,
+};