@vibecheckai/cli 3.5.0 → 3.5.2

package/bin/runners/lib/prompt-builder.js

@@ -1,540 +0,0 @@
-// bin/runners/lib/prompt-builder.js
-// ═══════════════════════════════════════════════════════════════════════════════
-// CONSOLIDATED PROMPT BUILDER SERVICE
-// Combines mission templates, reality firewall, and advanced enforcement
-// ═══════════════════════════════════════════════════════════════════════════════
-
-const path = require("path");
-const fs = require("fs");
-const { templateForMissionType } = require("./missions/templates");
-const { CATEGORY_TO_MISSION_TYPE, MISSION_PRIORITY } = require("./missions/plan");
-
-// ═══════════════════════════════════════════════════════════════════════════════
-// PROMPT TEMPLATES - System prompts for different modes
-// ═══════════════════════════════════════════════════════════════════════════════
-
-const SYSTEM_PROMPTS = {
-  fix: `You are Vibecheck Fix Engine - a surgical code fixer that produces minimal, correct patches.
-
-REALITY RULES (non-negotiable):
-- Do NOT invent files, routes, env vars, middleware, or functions
-- You may ONLY edit files in ALLOWED_FILES
-- Use ONLY the provided evidence/snippets
-- If evidence is insufficient, return {"status":"needs_info","questions":[...]} and STOP
-- Output MUST be valid JSON only. No markdown. No commentary.`,
-
-  analyze: `You are Vibecheck Analyzer - an expert code reviewer that identifies issues.
-
-ANALYSIS RULES:
-- Base findings on evidence only
-- Include file paths and line numbers when possible
-- Provide actionable fix hints
-- Categorize issues by severity (BLOCK, WARN, INFO)
-- Include confidence scores (0-1)`,
-
-  verify: `You are Vibecheck Verifier - you validate fixes and check for regressions.
-
-VERIFICATION RULES:
-- Check that fixes address the original issue
-- Verify no new issues are introduced
-- Confirm allowed files constraint is respected
-- Check for pattern compliance`,
-};
-
-// ═══════════════════════════════════════════════════════════════════════════════
-// OUTPUT SCHEMAS - Expected response formats
-// ═══════════════════════════════════════════════════════════════════════════════
-
-const OUTPUT_SCHEMAS = {
-  fix: {
-    status: "ok | needs_info | cannot_fix",
-    summary: "one sentence describing the fix",
-    edits: [
-      {
-        path: "relative/file/path (must be in ALLOWED_FILES)",
-        diff: "unified diff starting with ---/+++",
-        reason: "why this edit fixes the mission",
-      },
-    ],
-    notes: ["optional context or warnings"],
-    questions: ["only when status is needs_info"],
-  },
-
-  analyze: {
-    findings: [
-      {
-        id: "unique identifier",
-        severity: "BLOCK | WARN | INFO",
-        category: "category name",
-        title: "short title",
-        message: "detailed description",
-        file: "affected file",
-        line: "line number if applicable",
-        fixHint: "suggested fix approach",
-        confidence: "0-1 confidence score",
-      },
-    ],
-    summary: "overall analysis summary",
-  },
-
-  verify: {
-    passed: "boolean",
-    checks: [
-      {
-        name: "check name",
-        status: "pass | fail | warning",
-        message: "result description",
-        evidence: "supporting evidence",
-      },
-    ],
-    blockers: ["list of blocking issues"],
-    score: "0-100 overall score",
-  },
-};
-
-// ═══════════════════════════════════════════════════════════════════════════════
-// ENFORCEMENT PATTERNS - What to check/enforce
-// ═══════════════════════════════════════════════════════════════════════════════
-
-const ENFORCEMENT_PATTERNS = {
-  // Files that should NEVER be edited
-  forbiddenFiles: [
-    /node_modules\//,
-    /\.git\//,
-    /package-lock\.json$/,
-    /pnpm-lock\.yaml$/,
-    /yarn\.lock$/,
-    /\.env$/,
-    /\.env\.local$/,
-    /dist\//,
-    /build\//,
-    /\.next\//,
-  ],
-
-  // Patterns that indicate hallucination
-  hallucinationIndicators: [
-    /TODO:?\s*implement/i,
-    /TODO:?\s*add/i,
-    /\.\.\.\s*more\s+code/i,
-    /\/\/\s*rest\s+of/i,
-    /placeholder/i,
-    /example\.com/i,
-    /foo|bar|baz|qux/i,
-  ],
-
-  // Required patterns for certain mission types
-  requiredPatterns: {
-    FIX_STRIPE_WEBHOOKS: [
-      /stripe\.webhooks\.constructEvent/,
-      /rawBody|text\(\)|arrayBuffer\(\)/,
-    ],
-    ADD_SERVER_AUTH: [
-      /getServerSession|getSession|useAuth|withAuth/,
-      /401|403|unauthorized|forbidden/i,
-    ],
-    FIX_HARDCODED_SECRETS: [/process\.env\./],
-    FIX_TEST_KEYS: [/process\.env\./],
-  },
-};
-
-// ═══════════════════════════════════════════════════════════════════════════════
-// PROMPT BUILDER CLASS
-// ═══════════════════════════════════════════════════════════════════════════════
-
-class PromptBuilder {
-  constructor(projectPath) {
-    this.projectPath = projectPath;
-    this.enforcementEnabled = true;
-  }
-
-  /**
-   * Build a fix prompt with full context and enforcement
-   */
-  buildFixPrompt({
-    mission,
-    findings,
-    truthpackSummary,
-    fileSnippets,
-    allowedFiles,
-    options = {},
-  }) {
-    // Get mission template
-    const template = templateForMissionType(mission.type);
-
-    // Validate allowed files
-    const validatedFiles = this.validateAllowedFiles(allowedFiles);
-
-    // Build the prompt sections
-    const sections = [];
-
-    // System prompt
-    sections.push(SYSTEM_PROMPTS.fix);
-
-    // Allowed files constraint
-    sections.push(`
-ALLOWED_FILES (you may ONLY edit these):
-${JSON.stringify(validatedFiles, null, 2)}`);
-
-    // Mission template with instructions
-    sections.push(`
-MISSION TEMPLATE:
-Intent: ${template.intent}
-
-DO:
-${template.do.map((d, i) => `${i + 1}. ${d}`).join("\n")}
-
-DON'T:
-${template.dont.map((d) => `- ${d}`).join("\n")}
-
-SUCCESS CRITERIA:
-${template.success.map((s) => `- ${s}`).join("\n")}`);
-
-    // Output schema
-    sections.push(`
-OUTPUT SCHEMA (return ONLY this JSON structure):
-${JSON.stringify(OUTPUT_SCHEMAS.fix, null, 2)}`);
-
-    // Truthpack context
-    if (truthpackSummary) {
-      sections.push(`
-TRUTHPACK SUMMARY (project reality - DO NOT contradict):
-${JSON.stringify(truthpackSummary, null, 2)}`);
-    }
-
-    // Mission details
-    sections.push(`
-MISSION:
-${JSON.stringify(
-      {
-        id: mission.id,
-        type: mission.type,
-        title: mission.title,
-        severity: mission.severity,
-        targetFindingIds: mission.targetFindingIds,
-      },
-      null,
-      2
-    )}`);
-
-    // Target findings
-    sections.push(`
-TARGET FINDINGS (what to fix):
-${JSON.stringify(findings, null, 2)}`);
-
-    // Evidence snippets
-    if (fileSnippets && Object.keys(fileSnippets).length > 0) {
-      sections.push(`
-EVIDENCE SNIPPETS (use these as reference):
-${JSON.stringify(fileSnippets, null, 2)}`);
-    }
-
-    // Final instruction
-    sections.push(`
-TASK:
-Produce the smallest correct patch(es) to satisfy the mission success criteria.
-Return ONLY valid JSON matching the OUTPUT SCHEMA.`);
-
-    const prompt = sections.join("\n\n");
-
-    // Enforce constraints if enabled
-    if (this.enforcementEnabled && !options.skipEnforcement) {
-      return this.enforcePromptConstraints(prompt, {
-        missionType: mission.type,
-        allowedFiles: validatedFiles,
-      });
-    }
-
-    return { prompt, valid: true, warnings: [] };
-  }
-
-  /**
-   * Build an analysis prompt
-   */
-  buildAnalysisPrompt({ code, filePath, category, options = {} }) {
-    const sections = [];
-
-    sections.push(SYSTEM_PROMPTS.analyze);
-    sections.push(`
-OUTPUT SCHEMA:
-${JSON.stringify(OUTPUT_SCHEMAS.analyze, null, 2)}`);
-
-    sections.push(`
-FILE: ${filePath}
-CATEGORY: ${category || "general"}`);
-
-    if (options.patterns) {
-      sections.push(`
-PATTERNS TO CHECK:
-${JSON.stringify(options.patterns, null, 2)}`);
-    }
-
-    sections.push(`
-CODE:
-\`\`\`
-${code}
-\`\`\``);
-
-    sections.push(`
-TASK:
-Analyze the code and return findings in the OUTPUT SCHEMA format.`);
-
-    return { prompt: sections.join("\n\n"), valid: true, warnings: [] };
-  }
-
-  /**
-   * Build a verification prompt
-   */
-  buildVerificationPrompt({ originalCode, patchedCode, mission, findings }) {
-    const template = templateForMissionType(mission.type);
-    const sections = [];
-
-    sections.push(SYSTEM_PROMPTS.verify);
-    sections.push(`
-OUTPUT SCHEMA:
-${JSON.stringify(OUTPUT_SCHEMAS.verify, null, 2)}`);
-
-    sections.push(`
-MISSION TYPE: ${mission.type}
-SUCCESS CRITERIA:
-${template.success.map((s) => `- ${s}`).join("\n")}`);
-
-    sections.push(`
-ORIGINAL FINDINGS:
-${JSON.stringify(findings, null, 2)}`);
-
-    sections.push(`
-BEFORE (original code):
-\`\`\`
-${originalCode}
-\`\`\`
-
-AFTER (patched code):
-\`\`\`
-${patchedCode}
-\`\`\``);
-
-    sections.push(`
-TASK:
-Verify the patch fixes the original findings without introducing new issues.
-Return verification result in the OUTPUT SCHEMA format.`);
-
-    return { prompt: sections.join("\n\n"), valid: true, warnings: [] };
-  }
-
-  /**
-   * Validate allowed files against forbidden patterns
-   */
-  validateAllowedFiles(allowedFiles) {
-    if (!allowedFiles || !Array.isArray(allowedFiles)) return [];
-
-    return allowedFiles.filter((file) => {
-      // Check against forbidden patterns
-      for (const pattern of ENFORCEMENT_PATTERNS.forbiddenFiles) {
-        if (pattern.test(file)) {
-          return false;
-        }
-      }
-      return true;
-    });
-  }
-
-  /**
-   * Enforce prompt constraints and check for issues
-   */
-  enforcePromptConstraints(prompt, { missionType, allowedFiles }) {
-    const warnings = [];
-    let valid = true;
-
-    // Check for hallucination indicators in any provided code snippets
-    for (const pattern of ENFORCEMENT_PATTERNS.hallucinationIndicators) {
-      if (pattern.test(prompt)) {
-        warnings.push(
-          `Potential hallucination indicator detected: ${pattern.source}`
-        );
-      }
-    }
-
-    // Check that required patterns are mentioned for specific mission types
-    const required = ENFORCEMENT_PATTERNS.requiredPatterns[missionType];
-    if (required) {
-      const missingPatterns = required.filter((p) => !p.test(prompt));
-      if (missingPatterns.length > 0) {
-        warnings.push(
-          `Mission type ${missionType} may need: ${missingPatterns.map((p) => p.source).join(", ")}`
-        );
-      }
-    }
-
-    // Validate that allowed files are actually needed
-    if (!allowedFiles || allowedFiles.length === 0) {
-      warnings.push("No allowed files specified - LLM may hallucinate files");
-    }
-
-    // Check prompt length (very long prompts may hit token limits)
-    if (prompt.length > 50000) {
-      warnings.push(
-        `Prompt is very long (${prompt.length} chars) - consider reducing context`
-      );
-    }
-
-    return {
-      prompt,
-      valid,
-      warnings,
-    };
-  }
-
-  /**
-   * Validate LLM response against expected schema
-   */
-  validateResponse(response, mode = "fix") {
-    const errors = [];
-    const schema = OUTPUT_SCHEMAS[mode];
-
-    if (!response) {
-      errors.push("Response is empty");
-      return { valid: false, errors };
-    }
-
-    // Check required fields based on mode
-    if (mode === "fix") {
-      if (!response.status) {
-        errors.push("Missing required field: status");
-      } else if (!["ok", "needs_info", "cannot_fix"].includes(response.status)) {
-        errors.push(
-          `Invalid status: ${response.status} (expected ok, needs_info, or cannot_fix)`
-        );
-      }
-
-      if (response.status === "ok" && (!response.edits || !Array.isArray(response.edits))) {
-        errors.push("Status is 'ok' but no edits array provided");
-      }
-
-      if (response.status === "needs_info" && (!response.questions || !Array.isArray(response.questions))) {
-        errors.push(
-          "Status is 'needs_info' but no questions array provided"
-        );
-      }
-
-      // Validate each edit
-      if (response.edits) {
-        for (const edit of response.edits) {
-          if (!edit.path) errors.push("Edit missing path");
-          if (!edit.diff) errors.push("Edit missing diff");
-          if (!edit.reason) errors.push("Edit missing reason");
-        }
-      }
-    }
-
-    if (mode === "analyze") {
-      if (!response.findings || !Array.isArray(response.findings)) {
-        errors.push("Missing required field: findings array");
-      }
-    }
-
-    if (mode === "verify") {
-      if (typeof response.passed !== "boolean") {
-        errors.push("Missing required field: passed (boolean)");
-      }
-      if (!response.checks || !Array.isArray(response.checks)) {
-        errors.push("Missing required field: checks array");
-      }
-    }
-
-    return {
-      valid: errors.length === 0,
-      errors,
-    };
-  }
-
-  /**
-   * Validate that edits only touch allowed files
-   */
-  validateEditsAgainstAllowedFiles(edits, allowedFiles) {
-    const violations = [];
-    const allowedSet = new Set(allowedFiles.map((f) => f.replace(/\\/g, "/")));
-
-    for (const edit of edits || []) {
-      const normalizedPath = (edit.path || "").replace(/\\/g, "/");
-      if (!allowedSet.has(normalizedPath)) {
-        violations.push({
-          path: edit.path,
-          message: `File "${edit.path}" is not in allowed files list`,
-        });
-      }
-    }
-
-    return {
-      valid: violations.length === 0,
-      violations,
-    };
-  }
-
-  /**
-   * Get mission template by type
-   */
-  getMissionTemplate(missionType) {
-    return templateForMissionType(missionType);
-  }
-
-  /**
-   * Get mission type for a category
-   */
-  getMissionTypeForCategory(category) {
-    return CATEGORY_TO_MISSION_TYPE[category] || "GENERIC_FIX";
-  }
-
-  /**
-   * Get priority for a mission type
-   */
-  getMissionPriority(missionType) {
-    return MISSION_PRIORITY[missionType] || 99;
-  }
-
-  /**
-   * Enable/disable enforcement
-   */
-  setEnforcement(enabled) {
-    this.enforcementEnabled = enabled;
-  }
-}
-
-// ═══════════════════════════════════════════════════════════════════════════════
-// LEGACY COMPATIBILITY - buildRealityFirewall
-// ═══════════════════════════════════════════════════════════════════════════════
-
-/**
- * Legacy function for backward compatibility
- * Maps to PromptBuilder.buildFixPrompt
- */
-function buildRealityFirewall({
-  truthpackSummary,
-  mission,
-  template,
-  findings,
-  fileSnippets,
-  allowedFiles,
-}) {
-  const builder = new PromptBuilder(process.cwd());
-  const result = builder.buildFixPrompt({
-    mission,
-    findings,
-    truthpackSummary,
-    fileSnippets,
-    allowedFiles,
-    options: { skipEnforcement: true }, // Legacy doesn't use enforcement
-  });
-  return result.prompt;
-}
-
-// ═══════════════════════════════════════════════════════════════════════════════
-// EXPORTS
-// ═══════════════════════════════════════════════════════════════════════════════
-
-module.exports = {
-  PromptBuilder,
-  buildRealityFirewall, // Legacy compatibility
-  SYSTEM_PROMPTS,
-  OUTPUT_SCHEMAS,
-  ENFORCEMENT_PATTERNS,
-};