@vibecheckai/cli 3.5.0 → 3.5.1

package/bin/runners/lib/agent-firewall/policy/verdict.js

@@ -1,54 +0,0 @@
-/**
- * Verdict Generator
- * 
- * Combines rule results into final verdict.
- * Priority: BLOCK > WARN > ALLOW
- */
-
-"use strict";
-
-/**
- * Generate verdict from violations
- * @param {array} violations - Array of rule violations
- * @returns {object} Verdict object
- */
-function generateVerdict(violations) {
-  if (!violations || violations.length === 0) {
-    return {
-      decision: "ALLOW",
-      violations: [],
-      message: "No violations detected"
-    };
-  }
-  
-  // Check for blocks (highest priority)
-  const blocks = violations.filter(v => v.severity === "block");
-  if (blocks.length > 0) {
-    return {
-      decision: "BLOCK",
-      violations,
-      message: `BLOCKED: ${blocks.length} blocking violation(s) found`
-    };
-  }
-  
-  // Check for warnings
-  const warns = violations.filter(v => v.severity === "warn");
-  if (warns.length > 0) {
-    return {
-      decision: "WARN",
-      violations,
-      message: `WARNING: ${warns.length} warning(s) found`
-    };
-  }
-  
-  // Only allows (shouldn't happen, but handle gracefully)
-  return {
-    decision: "ALLOW",
-    violations,
-    message: "Violations found but all are allow-level"
-  };
-}
-
-module.exports = {
-  generateVerdict
-};

package/bin/runners/lib/agent-firewall/proposal/extractor.js

@@ -1,394 +0,0 @@
-/**
- * Assumption Extractor
- * 
- * Auto-extracts assumptions from code content.
- * Used when proposals don't explicitly declare their assumptions.
- */
-
-"use strict";
-
-/**
- * Extract environment variable assumptions
- * @param {string} content - File content
- * @returns {Array} Env var assumptions
- */
-function extractEnvAssumptions(content) {
-  const assumptions = [];
-  const seen = new Set();
-  
-  // process.env.VAR_NAME
-  const processEnvRegex = /process\.env\.([A-Z][A-Z0-9_]+)/g;
-  let match;
-  
-  while ((match = processEnvRegex.exec(content)) !== null) {
-    const key = match[1];
-    if (!seen.has(key)) {
-      seen.add(key);
-      assumptions.push({
-        type: "env",
-        key,
-        reason: `Used in code: process.env.${key}`,
-        line: content.substring(0, match.index).split("\n").length,
-      });
-    }
-  }
-  
-  // import.meta.env.VAR_NAME (Vite)
-  const viteEnvRegex = /import\.meta\.env\.([A-Z][A-Z0-9_]+)/g;
-  
-  while ((match = viteEnvRegex.exec(content)) !== null) {
-    const key = match[1];
-    if (!seen.has(key)) {
-      seen.add(key);
-      assumptions.push({
-        type: "env",
-        key,
-        reason: `Used in code: import.meta.env.${key}`,
-        line: content.substring(0, match.index).split("\n").length,
-      });
-    }
-  }
-  
-  // Destructured: const { VAR } = process.env
-  const destructuredRegex = /const\s*\{\s*([^}]+)\s*\}\s*=\s*process\.env/g;
-  
-  while ((match = destructuredRegex.exec(content)) !== null) {
-    const vars = match[1].split(",").map(s => s.trim().split(/\s+as\s+/)[0].trim());
-    for (const varName of vars) {
-      if (varName && /^[A-Z][A-Z0-9_]*$/.test(varName) && !seen.has(varName)) {
-        seen.add(varName);
-        assumptions.push({
-          type: "env",
-          key: varName,
-          reason: "Destructured from process.env",
-          line: content.substring(0, match.index).split("\n").length,
-        });
-      }
-    }
-  }
-  
-  return assumptions;
-}
-
-/**
- * Extract route assumptions
- * @param {string} content - File content
- * @returns {Array} Route assumptions
- */
-function extractRouteAssumptions(content) {
-  const assumptions = [];
-  const seen = new Set();
-  
-  // fetch('/api/...')
-  const fetchRegex = /fetch\s*\(\s*['"`]([^'"`]+)['"`]/g;
-  let match;
-  
-  while ((match = fetchRegex.exec(content)) !== null) {
-    const path = match[1];
-    if (path.startsWith("/api/") || path.startsWith("/")) {
-      const key = path.split("?")[0]; // Remove query params
-      if (!seen.has(key)) {
-        seen.add(key);
-        assumptions.push({
-          type: "route",
-          path: key,
-          method: detectHttpMethod(content, match.index),
-          reason: `Fetch call to ${key}`,
-          line: content.substring(0, match.index).split("\n").length,
-        });
-      }
-    }
-  }
-  
-  // axios.get('/api/...')
-  const axiosRegex = /axios\.(get|post|put|patch|delete)\s*\(\s*['"`]([^'"`]+)['"`]/gi;
-  
-  while ((match = axiosRegex.exec(content)) !== null) {
-    const method = match[1].toUpperCase();
-    const path = match[2];
-    if (path.startsWith("/api/") || path.startsWith("/")) {
-      const key = `${method}:${path.split("?")[0]}`;
-      if (!seen.has(key)) {
-        seen.add(key);
-        assumptions.push({
-          type: "route",
-          path: path.split("?")[0],
-          method,
-          reason: `Axios ${method} call`,
-          line: content.substring(0, match.index).split("\n").length,
-        });
-      }
-    }
-  }
-  
-  return assumptions;
-}
-
-/**
- * Detect HTTP method from context
- */
-function detectHttpMethod(content, index) {
-  // Look back for method specification
-  const context = content.substring(Math.max(0, index - 200), index);
-  
-  if (context.includes("method: 'POST'") || context.includes('method: "POST"')) return "POST";
-  if (context.includes("method: 'PUT'") || context.includes('method: "PUT"')) return "PUT";
-  if (context.includes("method: 'DELETE'") || context.includes('method: "DELETE"')) return "DELETE";
-  if (context.includes("method: 'PATCH'") || context.includes('method: "PATCH"')) return "PATCH";
-  
-  return "GET"; // Default
-}
-
-/**
- * Extract import/dependency assumptions
- * @param {string} content - File content
- * @returns {Array} Dependency assumptions
- */
-function extractDependencyAssumptions(content) {
-  const assumptions = [];
-  const seen = new Set();
-  
-  // External imports
-  const importRegex = /import\s+.*?\s+from\s+['"]([^'"./][^'"]*)['"]/g;
-  let match;
-  
-  while ((match = importRegex.exec(content)) !== null) {
-    const pkg = match[1].split("/")[0]; // Get package name
-    if (!seen.has(pkg) && !isBuiltinModule(pkg)) {
-      seen.add(pkg);
-      assumptions.push({
-        type: "dependency",
-        key: pkg,
-        reason: `Import statement: ${match[0].slice(0, 50)}...`,
-        line: content.substring(0, match.index).split("\n").length,
-      });
-    }
-  }
-  
-  // require() calls
-  const requireRegex = /require\s*\(\s*['"]([^'"./][^'"]*)['"]\s*\)/g;
-  
-  while ((match = requireRegex.exec(content)) !== null) {
-    const pkg = match[1].split("/")[0];
-    if (!seen.has(pkg) && !isBuiltinModule(pkg)) {
-      seen.add(pkg);
-      assumptions.push({
-        type: "dependency",
-        key: pkg,
-        reason: "Required module",
-        line: content.substring(0, match.index).split("\n").length,
-      });
-    }
-  }
-  
-  return assumptions;
-}
-
-/**
- * Check if module is Node.js builtin
- */
-function isBuiltinModule(name) {
-  const builtins = [
-    "fs", "path", "os", "http", "https", "crypto", "util", "events",
-    "stream", "buffer", "url", "querystring", "child_process", "net",
-    "assert", "zlib", "readline", "cluster", "dns", "tls", "dgram",
-    "process", "module", "vm", "worker_threads",
-  ];
-  return builtins.includes(name) || name.startsWith("node:");
-}
-
-/**
- * Extract service/class assumptions
- * @param {string} content - File content
- * @returns {Array} Service assumptions
- */
-function extractServiceAssumptions(content) {
-  const assumptions = [];
-  const seen = new Set();
-  
-  // new ServiceName() or ServiceName.method()
-  const serviceRegex = /(?:new\s+|(?:await\s+)?)((?:[A-Z][a-z]+)+(?:Service|Client|Provider|Manager|Controller|Repository))(?:\s*\(|\.)/g;
-  let match;
-  
-  while ((match = serviceRegex.exec(content)) !== null) {
-    const service = match[1];
-    if (!seen.has(service)) {
-      seen.add(service);
-      assumptions.push({
-        type: "service",
-        key: service,
-        reason: `Service usage: ${service}`,
-        line: content.substring(0, match.index).split("\n").length,
-      });
-    }
-  }
-  
-  // Prisma client
-  if (content.includes("prisma.")) {
-    const prismaRegex = /prisma\.(\w+)\./g;
-    while ((match = prismaRegex.exec(content)) !== null) {
-      const model = match[1];
-      const key = `prisma.${model}`;
-      if (!seen.has(key)) {
-        seen.add(key);
-        assumptions.push({
-          type: "service",
-          key: `PrismaModel:${model}`,
-          reason: `Prisma model access: ${model}`,
-          line: content.substring(0, match.index).split("\n").length,
-        });
-      }
-    }
-  }
-  
-  return assumptions;
-}
-
-/**
- * Extract file reference assumptions
- * @param {string} content - File content
- * @param {string} currentFile - Current file path
- * @returns {Array} File assumptions
- */
-function extractFileAssumptions(content, currentFile = "") {
-  const assumptions = [];
-  const seen = new Set();
-  
-  // Relative imports
-  const relativeImportRegex = /(?:import|require)\s*\(?['"](\.[^'"]+)['"]/g;
-  let match;
-  
-  while ((match = relativeImportRegex.exec(content)) !== null) {
-    const importPath = match[1];
-    if (!seen.has(importPath)) {
-      seen.add(importPath);
-      assumptions.push({
-        type: "file",
-        path: importPath,
-        reason: `Relative import: ${importPath}`,
-        line: content.substring(0, match.index).split("\n").length,
-      });
-    }
-  }
-  
-  // fs.readFileSync, fs.writeFileSync, etc.
-  const fsOpRegex = /fs(?:Promises)?\.(?:read|write|unlink|mkdir|rmdir|access)(?:File)?(?:Sync)?\s*\(\s*['"`]([^'"`]+)['"`]/g;
-  
-  while ((match = fsOpRegex.exec(content)) !== null) {
-    const filePath = match[1];
-    if (!seen.has(filePath) && !filePath.includes("${")) { // Skip template literals
-      seen.add(filePath);
-      assumptions.push({
-        type: "file",
-        path: filePath,
-        reason: `File system operation on: ${filePath}`,
-        line: content.substring(0, match.index).split("\n").length,
-      });
-    }
-  }
-  
-  return assumptions;
-}
-
-/**
- * Extract all assumptions from content
- * @param {string} content - File content
- * @param {Object} options - Extraction options
- * @returns {Array} All extracted assumptions
- */
-function extractAssumptions(content, options = {}) {
-  const { filePath = "", includeTypes = ["env", "route", "dependency", "service", "file"] } = options;
-  
-  const assumptions = [];
-  
-  if (includeTypes.includes("env")) {
-    assumptions.push(...extractEnvAssumptions(content));
-  }
-  
-  if (includeTypes.includes("route")) {
-    assumptions.push(...extractRouteAssumptions(content));
-  }
-  
-  if (includeTypes.includes("dependency")) {
-    assumptions.push(...extractDependencyAssumptions(content));
-  }
-  
-  if (includeTypes.includes("service")) {
-    assumptions.push(...extractServiceAssumptions(content));
-  }
-  
-  if (includeTypes.includes("file")) {
-    assumptions.push(...extractFileAssumptions(content, filePath));
-  }
-  
-  // Sort by line number
-  assumptions.sort((a, b) => (a.line || 0) - (b.line || 0));
-  
-  return assumptions;
-}
-
-/**
- * Extract assumptions from all operations in a proposal
- * @param {Array} operations - Proposal operations
- * @returns {Array} All assumptions
- */
-function extractFromOperations(operations) {
-  const allAssumptions = [];
-  const seen = new Set();
-  
-  for (const op of operations) {
-    if (op.content) {
-      const assumptions = extractAssumptions(op.content, { filePath: op.path });
-      
-      for (const assumption of assumptions) {
-        // Deduplicate
-        const key = `${assumption.type}:${assumption.key || assumption.path}`;
-        if (!seen.has(key)) {
-          seen.add(key);
-          allAssumptions.push({
-            ...assumption,
-            sourceFile: op.path,
-          });
-        }
-      }
-    }
-  }
-  
-  return allAssumptions;
-}
-
-/**
- * Merge extracted assumptions with declared assumptions
- * @param {Array} declared - Declared assumptions
- * @param {Array} extracted - Extracted assumptions
- * @returns {Array} Merged assumptions
- */
-function mergeAssumptions(declared, extracted) {
-  const merged = [...declared];
-  const declaredKeys = new Set(
-    declared.map(a => `${a.type}:${a.key || a.path}`)
-  );
-  
-  for (const assumption of extracted) {
-    const key = `${assumption.type}:${assumption.key || assumption.path}`;
-    if (!declaredKeys.has(key)) {
-      merged.push({
-        ...assumption,
-        autoExtracted: true,
-      });
-    }
-  }
-  
-  return merged;
-}
-
-module.exports = {
-  extractAssumptions,
-  extractEnvAssumptions,
-  extractRouteAssumptions,
-  extractDependencyAssumptions,
-  extractServiceAssumptions,
-  extractFileAssumptions,
-  extractFromOperations,
-  mergeAssumptions,
-};

package/bin/runners/lib/agent-firewall/proposal/index.js

@@ -1,212 +0,0 @@
-/**
- * Proposal Module
- * 
- * Entry point for structured change proposal handling.
- * Provides schema, validation, and assumption extraction.
- * 
- * Usage:
- *   const { proposal } = require('./proposal');
- *   
- *   // Validate a proposal
- *   const result = proposal.validate(rawProposal);
- *   if (!result.valid) {
- *     console.log('Invalid proposal:', result.errors);
- *   }
- *   
- *   // Use normalized proposal
- *   const normalized = result.normalized;
- */
-
-"use strict";
-
-const {
-  PROPOSAL_SCHEMA,
-  MINIMAL_PROPOSAL_SCHEMA,
-  DEFAULT_PROPOSAL_VALUES,
-  createProposalTemplate,
-  normalizeIntent,
-} = require("./schema");
-
-const {
-  validate,
-  validateStructure,
-  validateSemantics,
-  validateCompleteness,
-  normalizeProposal,
-  isValid,
-} = require("./validator");
-
-const {
-  extractAssumptions,
-  extractEnvAssumptions,
-  extractRouteAssumptions,
-  extractDependencyAssumptions,
-  extractServiceAssumptions,
-  extractFileAssumptions,
-  extractFromOperations,
-  mergeAssumptions,
-} = require("./extractor");
-
-/**
- * Proposal handling singleton
- */
-const proposal = {
-  /**
-   * Validate a proposal
-   * @param {Object} rawProposal - Raw proposal object
-   * @param {Object} options - Validation options
-   * @returns {Object} Validation result
-   */
-  validate(rawProposal, options = {}) {
-    return validate(rawProposal, options);
-  },
-  
-  /**
-   * Quick validity check
-   * @param {Object} rawProposal - Proposal to check
-   * @returns {boolean} Is valid
-   */
-  isValid(rawProposal) {
-    return isValid(rawProposal);
-  },
-  
-  /**
-   * Normalize a proposal
-   * @param {Object} rawProposal - Raw proposal
-   * @returns {Object} Normalized proposal
-   */
-  normalize(rawProposal) {
-    return normalizeProposal(rawProposal);
-  },
-  
-  /**
-   * Create a proposal template
-   * @param {string} intent - Intent identifier
-   * @param {Array} operations - Operations
-   * @returns {Object} Proposal template
-   */
-  create(intent, operations) {
-    return createProposalTemplate(intent, operations);
-  },
-  
-  /**
-   * Extract assumptions from content
-   * @param {string} content - File content
-   * @param {Object} options - Extraction options
-   * @returns {Array} Extracted assumptions
-   */
-  extractAssumptions(content, options = {}) {
-    return extractAssumptions(content, options);
-  },
-  
-  /**
-   * Extract assumptions from operations
-   * @param {Array} operations - Proposal operations
-   * @returns {Array} Extracted assumptions
-   */
-  extractFromOperations(operations) {
-    return extractFromOperations(operations);
-  },
-  
-  /**
-   * Merge declared and extracted assumptions
-   * @param {Array} declared - Declared assumptions
-   * @param {Array} extracted - Extracted assumptions
-   * @returns {Array} Merged assumptions
-   */
-  mergeAssumptions(declared, extracted) {
-    return mergeAssumptions(declared, extracted);
-  },
-  
-  /**
-   * Enrich proposal with auto-extracted assumptions
-   * @param {Object} rawProposal - Raw proposal
-   * @returns {Object} Enriched proposal
-   */
-  enrich(rawProposal) {
-    const normalized = normalizeProposal(rawProposal);
-    const extracted = extractFromOperations(normalized.operations);
-    const merged = mergeAssumptions(normalized.assumptions || [], extracted);
-    
-    return {
-      ...normalized,
-      assumptions: merged,
-    };
-  },
-  
-  /**
-   * Get the proposal schema
-   * @returns {Object} JSON Schema
-   */
-  getSchema() {
-    return PROPOSAL_SCHEMA;
-  },
-  
-  /**
-   * Get default values
-   * @returns {Object} Default values
-   */
-  getDefaults() {
-    return DEFAULT_PROPOSAL_VALUES;
-  },
-  
-  /**
-   * Normalize an intent string
-   * @param {string} intent - Raw intent
-   * @returns {string} Normalized intent
-   */
-  normalizeIntent(intent) {
-    return normalizeIntent(intent);
-  },
-  
-  /**
-   * Convert legacy format to proposal format
-   * @param {Object} legacy - Legacy change object
-   * @returns {Object} Proposal format
-   */
-  fromLegacy(legacy) {
-    // Handle old formats that just have filePath + content
-    if (legacy.filePath && !legacy.operations) {
-      return {
-        intent: legacy.intent || "unknown_change",
-        summary: legacy.summary || legacy.intent || "",
-        operations: [{
-          type: legacy.type || (legacy.oldContent ? "modify" : "create"),
-          path: legacy.filePath,
-          content: legacy.content || legacy.newContent,
-        }],
-        assumptions: legacy.assumptions || [],
-        confidence: legacy.confidence || 0.5,
-      };
-    }
-    
-    // Already in proposal format
-    return legacy;
-  },
-};
-
-module.exports = {
-  proposal,
-  // Schema exports
-  PROPOSAL_SCHEMA,
-  MINIMAL_PROPOSAL_SCHEMA,
-  DEFAULT_PROPOSAL_VALUES,
-  createProposalTemplate,
-  normalizeIntent,
-  // Validator exports
-  validate,
-  validateStructure,
-  validateSemantics,
-  validateCompleteness,
-  normalizeProposal,
-  isValid,
-  // Extractor exports
-  extractAssumptions,
-  extractEnvAssumptions,
-  extractRouteAssumptions,
-  extractDependencyAssumptions,
-  extractServiceAssumptions,
-  extractFileAssumptions,
-  extractFromOperations,
-  mergeAssumptions,
-};