@voodocs/cli 2.4.0 → 2.5.1

package/lib/darkarts/priority_analyzer/security.py

@@ -0,0 +1,200 @@
+"""
+Security Analyzer for VooDocs Priority System
+
+Detects security-sensitive code based on keyword analysis.
+"""
+
+import re
+from typing import Dict, List, Set
+
+
+class SecurityAnalyzer:
+    """Analyzes code for security-sensitive keywords and patterns."""
+    
+    # Critical security keywords (10 points each)
+    CRITICAL_KEYWORDS = {
+        'password', 'secret', 'token', 'key', 'private',
+        'auth', 'authentication', 'authorization',
+        'admin', 'root', 'sudo', 'privilege',
+        'encrypt', 'decrypt', 'hash', 'crypto',
+        'payment', 'credit', 'card', 'billing',
+        'sql', 'query', 'execute', 'eval',
+        'unsafe', 'dangerous', 'vulnerable',
+    }
+    
+    # High priority security keywords (5 points each)
+    HIGH_KEYWORDS = {
+        'user', 'session', 'cookie', 'jwt',
+        'login', 'logout', 'signin', 'signup',
+        'access', 'permission', 'role', 'grant',
+        'sanitize', 'validate', 'escape', 'filter',
+        'upload', 'download', 'file', 'path',
+        'api', 'endpoint', 'route', 'handler',
+    }
+    
+    # Medium priority security keywords (2 points each)
+    MEDIUM_KEYWORDS = {
+        'input', 'output', 'request', 'response',
+        'data', 'database', 'db', 'storage',
+        'config', 'settings', 'env', 'environment',
+        'error', 'exception', 'fail', 'crash',
+    }
+    
+    def __init__(self):
+        """Initialize security analyzer."""
+        pass
+    
+    def analyze_file(self, filepath: str) -> Dict:
+        """
+        Analyze a file for security-sensitive keywords.
+        
+        Args:
+            filepath: Path to file to analyze
+            
+        Returns:
+            Dictionary with security analysis results
+        """
+        try:
+            with open(filepath, 'r', encoding='utf-8') as f:
+                content = f.read()
+        except Exception as e:
+            return {
+                'critical_keywords': [],
+                'high_keywords': [],
+                'medium_keywords': [],
+                'total_score': 0,
+                'error': str(e)
+            }
+        
+        # Scan for keywords
+        critical_found = self._scan_keywords(content, self.CRITICAL_KEYWORDS)
+        high_found = self._scan_keywords(content, self.HIGH_KEYWORDS)
+        medium_found = self._scan_keywords(content, self.MEDIUM_KEYWORDS)
+        
+        # Calculate score
+        score = (
+            len(critical_found) * 10 +
+            len(high_found) * 5 +
+            len(medium_found) * 2
+        )
+        
+        # Cap at 100
+        total_score = min(100, score)
+        
+        return {
+            'critical_keywords': sorted(list(critical_found)),
+            'high_keywords': sorted(list(high_found)),
+            'medium_keywords': sorted(list(medium_found)),
+            'total_score': total_score,
+            'keyword_count': len(critical_found) + len(high_found) + len(medium_found)
+        }
+    
+    def _scan_keywords(self, content: str, keywords: Set[str]) -> Set[str]:
+        """
+        Scan content for keywords (case-insensitive).
+        
+        Args:
+            content: File content
+            keywords: Set of keywords to search for
+            
+        Returns:
+            Set of found keywords
+        """
+        found = set()
+        content_lower = content.lower()
+        
+        for keyword in keywords:
+            # Use word boundaries to avoid partial matches
+            pattern = r'\b' + re.escape(keyword) + r'\b'
+            if re.search(pattern, content_lower):
+                found.add(keyword)
+        
+        return found
+    
+    def get_security_reasons(self, analysis: Dict) -> List[str]:
+        """
+        Generate human-readable reasons for security score.
+        
+        Args:
+            analysis: Security analysis results
+            
+        Returns:
+            List of reason strings
+        """
+        reasons = []
+        
+        if analysis['critical_keywords']:
+            keywords_str = ', '.join(analysis['critical_keywords'][:5])
+            if len(analysis['critical_keywords']) > 5:
+                keywords_str += f" (+{len(analysis['critical_keywords']) - 5} more)"
+            reasons.append(f"Critical security keywords: {keywords_str}")
+        
+        if analysis['high_keywords']:
+            keywords_str = ', '.join(analysis['high_keywords'][:5])
+            if len(analysis['high_keywords']) > 5:
+                keywords_str += f" (+{len(analysis['high_keywords']) - 5} more)"
+            reasons.append(f"High-priority keywords: {keywords_str}")
+        
+        if analysis['total_score'] >= 80:
+            reasons.append("Highly security-sensitive code")
+        elif analysis['total_score'] >= 50:
+            reasons.append("Security-sensitive code")
+        
+        return reasons
+    
+    def get_security_suggestions(self, analysis: Dict) -> List[str]:
+        """
+        Generate security-specific suggestions.
+        
+        Args:
+            analysis: Security analysis results
+            
+        Returns:
+            List of suggestion strings
+        """
+        suggestions = []
+        
+        critical = set(analysis['critical_keywords'])
+        high = set(analysis['high_keywords'])
+        
+        # Authentication/Authorization
+        if critical & {'auth', 'authentication', 'authorization', 'login', 'logout'}:
+            suggestions.append("Document authentication/authorization flow")
+            suggestions.append("Specify security invariants and assumptions")
+        
+        # Cryptography
+        if critical & {'encrypt', 'decrypt', 'hash', 'crypto', 'key', 'secret'}:
+            suggestions.append("Document encryption algorithms and key management")
+            suggestions.append("Specify cryptographic assumptions")
+        
+        # Payment/Financial
+        if critical & {'payment', 'credit', 'card', 'billing'}:
+            suggestions.append("Document payment processing flow")
+            suggestions.append("Add PCI-DSS compliance notes")
+        
+        # SQL/Database
+        if critical & {'sql', 'query', 'execute'}:
+            suggestions.append("Document SQL injection prevention measures")
+            suggestions.append("Specify query sanitization rules")
+        
+        # Input Validation
+        if high & {'sanitize', 'validate', 'escape', 'filter', 'input'}:
+            suggestions.append("Document input validation rules")
+            suggestions.append("Specify allowed input formats")
+        
+        # File Operations
+        if high & {'upload', 'download', 'file', 'path'}:
+            suggestions.append("Document file validation and size limits")
+            suggestions.append("Specify path traversal prevention")
+        
+        # Session Management
+        if high & {'session', 'cookie', 'jwt', 'token'}:
+            suggestions.append("Document session/token lifecycle")
+            suggestions.append("Specify expiration and refresh logic")
+        
+        # Generic security suggestions
+        if analysis['total_score'] >= 60 and not suggestions:
+            suggestions.append("Add security assumptions and invariants")
+            suggestions.append("Document security-critical logic")
+        
+        return suggestions

package/lib/darkarts/voodocs_lite_dict.py

@@ -0,0 +1,216 @@
+"""
+VooDocs Lite - Abbreviation Dictionary
+
+Provides bidirectional mapping between full words and abbreviations
+for ultra-compact symbolic notation.
+"""
+
+# Abbreviation dictionary: abbr -> full
+ABBREVIATIONS = {
+    # Storage & Data
+    'db': 'database',
+    'cfg': 'configuration',
+    'var': 'variable',
+    'const': 'constant',
+    'param': 'parameter',
+    'arg': 'argument',
+    'id': 'identifier',
+    
+    # Common verbs
+    'must': 'must',
+    'be': 'be',
+    'is': 'is',
+    'are': 'are',
+    'has': 'has',
+    'have': 'have',
+    'does': 'does',
+    'do': 'do',
+    'will': 'will',
+    'can': 'can',
+    'should': 'should',
+    'may': 'may',
+    'contains': 'contains',
+    'returns': 'returns',
+    'expire': 'expire',
+    'expires': 'expires',
+    'stored': 'stored',
+    'signed': 'signed',
+    'hashed': 'hashed',
+    'valid': 'valid',
+    'logged': 'logged',
+    
+    # Actions
+    'init': 'initialize',
+    'val': 'validate',
+    'ver': 'verify',
+    'gen': 'generate',
+    'cr': 'create',
+    'upd': 'update',
+    'del': 'delete',
+    'mod': 'modify',
+    'get': 'retrieve',
+    'qry': 'query',
+    'chk': 'check',
+    
+    # Security
+    'auth': 'authentication',
+    'authz': 'authorization',
+    'pwd': 'password',
+    'tok': 'token',
+    
+    # Entities
+    'usr': 'user',
+    'usrs': 'users',
+    
+    # Time
+    'ts': 'timestamp',
+    'exp': 'expiration',
+    
+    # Communication
+    'resp': 'response',
+    'req': 'request',
+    'msg': 'message',
+    
+    # Status & Errors
+    'err': 'error',
+    'exc': 'exception',
+    'ok': 'success',
+    'fail': 'failure',
+    
+    # Boolean & Values
+    'T': 'true',
+    'F': 'false',
+    'N': 'null',
+    'U': 'undefined',
+    'E': 'empty',
+    
+    # Types
+    'str': 'string',
+    'num': 'number',
+    'int': 'integer',
+    'bool': 'boolean',
+    'arr': 'array',
+    'obj': 'object',
+    'fn': 'function',
+    
+    # Blockchain
+    'addr': 'address',
+    'ctr': 'contract',
+    'tx': 'transaction',
+    'blk': 'block',
+    'bal': 'balance',
+    'amt': 'amount',
+    
+    # Domain-specific
+    'sub': 'subdomain',
+    'subs': 'subdomains',
+    'reg': 'registry',
+    'own': 'owner',
+    'mgmt': 'management',
+    
+    # Common words
+    'w/': 'with',
+    'wo/': 'without',
+    'svc': 'service',
+    'sys': 'system',
+    'ops': 'operations',
+    'ret': 'returns',
+    'res': 'result',
+    'val': 'value',
+    'vals': 'values',
+    'len': 'length',
+    'cnt': 'count',
+    'max': 'maximum',
+    'min': 'minimum',
+    'avg': 'average',
+    'sum': 'summary',
+    'desc': 'description',
+    'info': 'information',
+    'spec': 'specification',
+    'impl': 'implementation',
+    'ref': 'reference',
+    'def': 'definition',
+    'decl': 'declaration',
+}
+
+# Reverse mapping: full -> abbr
+EXPANSIONS = {v: k for k, v in ABBREVIATIONS.items()}
+
+# Symbol mappings
+LITE_TO_STANDARD = {
+    '>': '⊢',  # Purpose/Postcondition (context-dependent)
+    '@': '∂',  # Dependencies
+    '!': '⚠',  # Assumptions
+    '<': '⊳',  # Preconditions
+    '=': '⊨',  # Invariants
+    '~': '⚡',  # Complexity
+    '#': '🔒',  # Security
+}
+
+STANDARD_TO_LITE = {v: k for k, v in LITE_TO_STANDARD.items()}
+
+
+def expand_abbreviation(abbr: str) -> str:
+    """Expand an abbreviation to its full form."""
+    return ABBREVIATIONS.get(abbr, abbr)
+
+
+def compress_word(word: str) -> str:
+    """Compress a word to its abbreviation."""
+    return EXPANSIONS.get(word.lower(), word)
+
+
+def expand_text(text: str) -> str:
+    """
+    Expand abbreviated text to full form.
+    
+    Example:
+        "usr auth svc w/ JWT gen" -> "user authentication service with JWT generation"
+    """
+    words = text.split()
+    expanded = []
+    
+    for word in words:
+        # Check if word has punctuation
+        if word[-1] in '.,;:!?':
+            punct = word[-1]
+            word_part = word[:-1]
+            expanded_word = expand_abbreviation(word_part)
+            expanded.append(expanded_word + punct)
+        else:
+            expanded.append(expand_abbreviation(word))
+    
+    return ' '.join(expanded)
+
+
+def compress_text(text: str) -> str:
+    """
+    Compress text using abbreviations.
+    
+    Example:
+        "user authentication service with JWT generation" -> "usr auth svc w/ JWT gen"
+    """
+    words = text.split()
+    compressed = []
+    
+    for word in words:
+        # Check if word has punctuation
+        if word[-1] in '.,;:!?':
+            punct = word[-1]
+            word_part = word[:-1]
+            compressed_word = compress_word(word_part)
+            compressed.append(compressed_word + punct)
+        else:
+            compressed.append(compress_word(word))
+    
+    return ' '.join(compressed)
+
+
+def get_lite_symbol(standard_symbol: str) -> str:
+    """Convert standard VooDocs symbol to Lite symbol."""
+    return STANDARD_TO_LITE.get(standard_symbol, standard_symbol)
+
+
+def get_standard_symbol(lite_symbol: str) -> str:
+    """Convert Lite symbol to standard VooDocs symbol."""
+    return LITE_TO_STANDARD.get(lite_symbol, lite_symbol)

package/lib/darkarts/voodocs_lite_dict_v2.py

@@ -0,0 +1,198 @@
+"""
+VooDocs Lite - Ultra-Aggressive Abbreviation Dictionary v2
+
+Provides maximum compression by:
+1. Removing articles (a, an, the)
+2. Removing unnecessary words
+3. Using aggressive abbreviations
+4. Using symbols instead of words
+"""
+
+# Core abbreviations
+CORE_ABBR = {
+    # Entities
+    'user': 'u',
+    'users': 'us',
+    'database': 'db',
+    'token': 'tok',
+    'password': 'pw',
+    'authentication': 'auth',
+    'authorization': 'authz',
+    'service': 'svc',
+    'function': 'fn',
+    'identifier': 'id',
+    'configuration': 'cfg',
+    'parameter': 'p',
+    'argument': 'a',
+    'variable': 'v',
+    'constant': 'c',
+    'timestamp': 'ts',
+    'expiration': 'exp',
+    'response': 'r',
+    'request': 'q',
+    'error': 'e',
+    'exception': 'x',
+    
+    # Actions (ultra-short)
+    'initialize': 'init',
+    'validate': 'val',
+    'verify': 'ver',
+    'generate': 'gen',
+    'create': 'cr',
+    'update': 'upd',
+    'delete': 'del',
+    'modify': 'mod',
+    'retrieve': 'get',
+    'query': 'qry',
+    'check': 'chk',
+    'returns': 'ret',
+    'contains': 'has',
+    
+    # Blockchain
+    'address': 'addr',
+    'contract': 'ctr',
+    'transaction': 'tx',
+    'block': 'blk',
+    'balance': 'bal',
+    'amount': 'amt',
+    'subdomain': 'sub',
+    'registry': 'reg',
+    'owner': 'own',
+    
+    # Common words
+    'with': 'w/',
+    'without': 'wo/',
+    'management': 'mgmt',
+    'system': 'sys',
+    'operations': 'ops',
+    'result': 'res',
+    'value': 'val',
+    'length': 'len',
+    'count': 'cnt',
+    'maximum': 'max',
+    'minimum': 'min',
+    'average': 'avg',
+    'information': 'info',
+    'specification': 'spec',
+    'implementation': 'impl',
+    'reference': 'ref',
+    'definition': 'def',
+    'description': 'desc',
+    
+    # Types
+    'string': 'str',
+    'number': 'num',
+    'integer': 'int',
+    'boolean': 'bool',
+    'array': 'arr',
+    'object': 'obj',
+    
+    # Boolean/Values
+    'true': 'T',
+    'false': 'F',
+    'null': 'N',
+    'undefined': 'U',
+    'empty': 'E',
+}
+
+# Words to remove entirely
+REMOVE_WORDS = {'a', 'an', 'the', 'is', 'are', 'be', 'been', 'being', 'was', 'were', 'will', 'would', 'should', 'could', 'may', 'might', 'can', 'must'}
+
+# Symbol replacements
+SYMBOL_REPLACEMENTS = {
+    ' and ': '&',
+    ' or ': '|',
+    ' not ': '!',
+    'greater than or equal': '>=',
+    'less than or equal': '<=',
+    'greater than': '>',
+    'less than': '<',
+    'equal to': '=',
+    'not equal': '!=',
+}
+
+
+def ultra_compress(text: str) -> str:
+    """
+    Ultra-aggressive compression.
+    
+    Steps:
+    1. Replace symbols
+    2. Remove articles and unnecessary words
+    3. Apply abbreviations
+    4. Remove extra whitespace
+    """
+    # Step 1: Symbol replacements (longest first)
+    for phrase, symbol in sorted(SYMBOL_REPLACEMENTS.items(), key=lambda x: -len(x[0])):
+        text = text.replace(phrase, symbol)
+    
+    # Step 2: Split into words
+    words = text.split()
+    
+    # Step 3: Process each word
+    compressed_words = []
+    for word in words:
+        # Check for punctuation
+        punct = ''
+        if word and word[-1] in '.,;:!?':
+            punct = word[-1]
+            word = word[:-1]
+        
+        # Convert to lowercase for matching
+        word_lower = word.lower()
+        
+        # Skip if in remove list
+        if word_lower in REMOVE_WORDS:
+            continue
+        
+        # Apply abbreviation if exists
+        if word_lower in CORE_ABBR:
+            compressed_words.append(CORE_ABBR[word_lower] + punct)
+        else:
+            compressed_words.append(word + punct)
+    
+    # Step 4: Join and clean up
+    result = ' '.join(compressed_words)
+    
+    # Remove spaces around symbols
+    result = result.replace(' & ', '&')
+    result = result.replace(' | ', '|')
+    result = result.replace(' >= ', '>=')
+    result = result.replace(' <= ', '<=')
+    result = result.replace(' != ', '!=')
+    
+    return result
+
+
+def ultra_expand(text: str) -> str:
+    """
+    Expand ultra-compressed text back to full form.
+    """
+    # Reverse mapping
+    ABBR_TO_FULL = {v: k for k, v in CORE_ABBR.items()}
+    
+    # Step 1: Add spaces around symbols
+    text = text.replace('&', ' and ')
+    text = text.replace('|', ' or ')
+    text = text.replace('>=', ' greater than or equal ')
+    text = text.replace('<=', ' less than or equal ')
+    text = text.replace('!=', ' not equal ')
+    
+    # Step 2: Split and expand
+    words = text.split()
+    expanded_words = []
+    
+    for word in words:
+        # Check for punctuation
+        punct = ''
+        if word and word[-1] in '.,;:!?':
+            punct = word[-1]
+            word = word[:-1]
+        
+        # Expand if abbreviation exists
+        if word in ABBR_TO_FULL:
+            expanded_words.append(ABBR_TO_FULL[word] + punct)
+        else:
+            expanded_words.append(word + punct)
+    
+    return ' '.join(expanded_words)