@vibecheckai/cli 3.5.0 → 3.5.1

package/bin/runners/lib/agent-firewall/lawbook/schema.js

@@ -1,420 +0,0 @@
-/**
- * Lawbook Invariant Schema
- * 
- * Defines the YAML DSL for organizational invariant rules.
- * Invariants are rules that must ALWAYS hold true in the codebase.
- * 
- * Codename: Lawbook
- */
-
-"use strict";
-
-/**
- * Invariant rule types
- */
-const INVARIANT_TYPES = {
-  // File/path based rules
-  NO_MODIFY: "no-modify",           // Files/paths that cannot be modified
-  NO_DELETE: "no-delete",           // Files/paths that cannot be deleted
-  NO_CREATE: "no-create",           // Patterns that cannot be created
-  REQUIRE_APPROVAL: "require-approval", // Changes require approval
-  
-  // Code pattern rules
-  NEVER: "never",                   // Pattern must never appear
-  ALWAYS: "always",                 // Pattern must always be present
-  BEFORE: "before",                 // Pattern A must come before pattern B
-  AFTER: "after",                   // Pattern A must come after pattern B
-  MAINTAINS: "maintains",           // Property must be maintained
-  
-  // Architectural rules
-  ALL_THROUGH: "all-through",       // All X must go through Y
-  NO_DIRECT: "no-direct",           // No direct access to X (use Y instead)
-  LAYER_BOUNDARY: "layer-boundary", // Enforce architectural layers
-  
-  // Environment rules
-  ENV_MUST_BE_REGISTERED: "env-must-be-registered", // All env vars must be in registry
-  ENV_REQUIRED: "env-required",     // Specific env vars required
-  
-  // Dependency rules
-  DEPENDENCY_LOCKED: "dependency-locked", // Dependency version locked
-  NO_DEPENDENCY: "no-dependency",   // Certain dependencies forbidden
-};
-
-/**
- * Invariant severity levels
- */
-const INVARIANT_SEVERITY = {
-  BLOCK: "block",       // Absolutely cannot proceed
-  ERROR: "error",       // Serious violation
-  WARNING: "warning",   // Should be addressed
-  INFO: "info",         // Advisory
-};
-
-/**
- * Invariant scope types
- */
-const SCOPE_TYPES = {
-  FILE: "file",         // Single file
-  DIRECTORY: "directory", // Directory and subdirectories
-  GLOB: "glob",         // Glob pattern
-  REGEX: "regex",       // Regex pattern
-  ALL: "all",           // Entire codebase
-};
-
-/**
- * JSON Schema for invariant definitions
- */
-const INVARIANT_SCHEMA = {
-  $schema: "http://json-schema.org/draft-07/schema#",
-  title: "VibeCheck Lawbook Invariant",
-  type: "object",
-  required: ["id", "rule"],
-  properties: {
-    id: {
-      type: "string",
-      description: "Unique identifier for this invariant",
-      pattern: "^[a-z0-9-]+$",
-    },
-    description: {
-      type: "string",
-      description: "Human-readable description of this invariant",
-    },
-    rule: {
-      type: "string",
-      enum: Object.values(INVARIANT_TYPES),
-      description: "Type of invariant rule",
-    },
-    scope: {
-      type: "string",
-      description: "Glob pattern defining where this rule applies",
-    },
-    target: {
-      type: "string",
-      description: "Target path/file for 'all-through' rules",
-    },
-    pattern: {
-      type: "string",
-      description: "Regex pattern to match/exclude",
-    },
-    exclude: {
-      oneOf: [
-        { type: "string" },
-        { type: "array", items: { type: "string" } },
-      ],
-      description: "Paths/patterns excluded from this rule",
-    },
-    violations: {
-      type: "array",
-      items: {
-        type: "object",
-        properties: {
-          pattern: { type: "string" },
-          exclude: {
-            oneOf: [
-              { type: "string" },
-              { type: "array", items: { type: "string" } },
-            ],
-          },
-          message: { type: "string" },
-        },
-      },
-      description: "Specific violation patterns to detect",
-    },
-    severity: {
-      type: "string",
-      enum: Object.values(INVARIANT_SEVERITY),
-      default: "error",
-      description: "Severity level when violated",
-    },
-    introduced: {
-      type: "string",
-      format: "date",
-      description: "Date this invariant was introduced",
-    },
-    incident: {
-      type: "string",
-      description: "Related incident ID that prompted this invariant",
-    },
-    owner: {
-      type: "string",
-      description: "Team/person responsible for this invariant",
-    },
-    registry: {
-      type: "string",
-      description: "Registry file for env-must-be-registered rules",
-    },
-    message: {
-      type: "string",
-      description: "Custom message when violated",
-    },
-    autofix: {
-      type: "object",
-      properties: {
-        enabled: { type: "boolean", default: false },
-        action: { type: "string" },
-        template: { type: "string" },
-      },
-      description: "Auto-fix configuration",
-    },
-    metadata: {
-      type: "object",
-      description: "Additional metadata",
-    },
-  },
-};
-
-/**
- * Schema for the full lawbook YAML file
- */
-const LAWBOOK_FILE_SCHEMA = {
-  $schema: "http://json-schema.org/draft-07/schema#",
-  title: "VibeCheck Lawbook",
-  type: "object",
-  properties: {
-    version: {
-      type: "string",
-      default: "1.0.0",
-      description: "Lawbook schema version",
-    },
-    name: {
-      type: "string",
-      description: "Name of this invariant library",
-    },
-    description: {
-      type: "string",
-      description: "Description of this invariant library",
-    },
-    extends: {
-      oneOf: [
-        { type: "string" },
-        { type: "array", items: { type: "string" } },
-      ],
-      description: "Other lawbooks this extends",
-    },
-    invariants: {
-      type: "array",
-      items: { $ref: "#/definitions/invariant" },
-      description: "List of invariant rules",
-    },
-    groups: {
-      type: "object",
-      additionalProperties: {
-        type: "array",
-        items: { type: "string" },
-      },
-      description: "Named groups of invariant IDs",
-    },
-  },
-  definitions: {
-    invariant: INVARIANT_SCHEMA,
-  },
-};
-
-/**
- * Create a default invariant template
- * @param {string} id - Invariant ID
- * @param {string} rule - Rule type
- * @returns {Object} Invariant template
- */
-function createInvariantTemplate(id, rule) {
-  return {
-    id,
-    rule,
-    description: "",
-    scope: "**/*",
-    severity: INVARIANT_SEVERITY.ERROR,
-    introduced: new Date().toISOString().split("T")[0],
-    metadata: {},
-  };
-}
-
-/**
- * Validate an invariant against the schema
- * @param {Object} invariant - Invariant to validate
- * @returns {Object} Validation result
- */
-function validateInvariant(invariant) {
-  const errors = [];
-  
-  // Check required fields
-  if (!invariant.id) {
-    errors.push({ field: "id", message: "Invariant ID is required" });
-  } else if (!/^[a-z0-9-]+$/.test(invariant.id)) {
-    errors.push({ field: "id", message: "Invariant ID must be lowercase alphanumeric with hyphens" });
-  }
-  
-  if (!invariant.rule) {
-    errors.push({ field: "rule", message: "Rule type is required" });
-  } else if (!Object.values(INVARIANT_TYPES).includes(invariant.rule)) {
-    errors.push({ field: "rule", message: `Unknown rule type: ${invariant.rule}` });
-  }
-  
-  // Validate severity
-  if (invariant.severity && !Object.values(INVARIANT_SEVERITY).includes(invariant.severity)) {
-    errors.push({ field: "severity", message: `Unknown severity: ${invariant.severity}` });
-  }
-  
-  // Rule-specific validation
-  if (invariant.rule === INVARIANT_TYPES.ALL_THROUGH && !invariant.target) {
-    errors.push({ field: "target", message: "all-through rules require a target" });
-  }
-  
-  if ((invariant.rule === INVARIANT_TYPES.NEVER || invariant.rule === INVARIANT_TYPES.ALWAYS) && !invariant.pattern) {
-    errors.push({ field: "pattern", message: `${invariant.rule} rules require a pattern` });
-  }
-  
-  if (invariant.rule === INVARIANT_TYPES.ENV_MUST_BE_REGISTERED && !invariant.registry) {
-    errors.push({ field: "registry", message: "env-must-be-registered rules require a registry file" });
-  }
-  
-  return {
-    valid: errors.length === 0,
-    errors,
-  };
-}
-
-/**
- * Parse a lawbook YAML string
- * @param {string} content - YAML content
- * @returns {Object} Parsed lawbook
- */
-function parseLawbook(content) {
-  // Try to use js-yaml if available
-  try {
-    const yaml = require("js-yaml");
-    return yaml.load(content);
-  } catch {
-    // Fallback: basic YAML-like parsing for simple cases
-    return parseSimpleLawbook(content);
-  }
-}
-
-/**
- * Simple lawbook parser for basic YAML structures
- * @param {string} content - YAML content
- * @returns {Object} Parsed lawbook
- */
-function parseSimpleLawbook(content) {
-  const lines = content.split("\n");
-  const lawbook = {
-    version: "1.0.0",
-    invariants: [],
-  };
-  
-  let currentInvariant = null;
-  let currentKey = null;
-  let indent = 0;
-  
-  for (const line of lines) {
-    const trimmed = line.trim();
-    
-    // Skip comments and empty lines
-    if (!trimmed || trimmed.startsWith("#")) continue;
-    
-    // Check indent level
-    const currentIndent = line.search(/\S/);
-    
-    // Key-value pair
-    const kvMatch = trimmed.match(/^(\w+):\s*(.*)$/);
-    if (kvMatch) {
-      const [, key, value] = kvMatch;
-      
-      if (key === "invariants") {
-        // Start of invariants array
-        continue;
-      }
-      
-      if (currentIndent > indent && currentInvariant) {
-        // Nested property
-        currentInvariant[key] = value || undefined;
-      } else {
-        // Top-level property
-        lawbook[key] = value;
-      }
-      
-      currentKey = key;
-    }
-    
-    // Array item
-    if (trimmed.startsWith("- ")) {
-      const itemContent = trimmed.slice(2).trim();
-      
-      if (itemContent.startsWith("id:")) {
-        // New invariant
-        if (currentInvariant) {
-          lawbook.invariants.push(currentInvariant);
-        }
-        currentInvariant = { id: itemContent.slice(3).trim() };
-        indent = currentIndent;
-      }
-    }
-  }
-  
-  // Push last invariant
-  if (currentInvariant) {
-    lawbook.invariants.push(currentInvariant);
-  }
-  
-  return lawbook;
-}
-
-/**
- * Serialize a lawbook to YAML string
- * @param {Object} lawbook - Lawbook to serialize
- * @returns {string} YAML string
- */
-function serializeLawbook(lawbook) {
-  try {
-    const yaml = require("js-yaml");
-    return yaml.dump(lawbook, {
-      indent: 2,
-      lineWidth: 120,
-      noRefs: true,
-    });
-  } catch {
-    // Fallback: simple serialization
-    return JSON.stringify(lawbook, null, 2);
-  }
-}
-
-/**
- * Create a default lawbook template
- * @param {string} name - Lawbook name
- * @returns {Object} Default lawbook
- */
-function createDefaultLawbook(name = "project-invariants") {
-  return {
-    version: "1.0.0",
-    name,
-    description: "Project-specific invariant rules",
-    invariants: [
-      {
-        id: "example-no-console",
-        description: "No console.log in production code",
-        rule: INVARIANT_TYPES.NEVER,
-        scope: "src/**/*.{ts,tsx,js,jsx}",
-        pattern: "console\\.log\\(",
-        exclude: ["**/*.test.*", "**/*.spec.*"],
-        severity: INVARIANT_SEVERITY.WARNING,
-        introduced: new Date().toISOString().split("T")[0],
-      },
-    ],
-    groups: {
-      security: [],
-      architecture: [],
-      quality: [],
-    },
-  };
-}
-
-module.exports = {
-  INVARIANT_TYPES,
-  INVARIANT_SEVERITY,
-  INVARIANT_SCHEMA,
-  LAWBOOK_FILE_SCHEMA,
-  createInvariantTemplate,
-  validateInvariant,
-  parseLawbook,
-  serializeLawbook,
-  createDefaultLawbook,
-};