archrisk-engine 1.0.0

package/dist/aiDiagnosis.d.ts

@@ -0,0 +1,24 @@
+/**
+ * [The Brain] AI Diagnosis Engine (TypeScript Version)
+ *
+ * Transforms errors and architecture issues into actionable solutions using Gemini API.
+ */
+import { ArchIssue } from "./archScanner.js";
+export interface DiagnosisResult {
+    severity: 'error' | 'warning';
+    issue: string;
+    suggestion: string;
+    fixedCode: string;
+    confidence: number;
+}
+/**
+ * Diagnose code error using Gemini AI
+ */
+export declare function diagnoseCodeError(file: string, line: number, errorType: string, errorMessage: string, codeContext: string): Promise<DiagnosisResult>;
+/**
+ * Diagnose architecture issue using Gemini AI
+ */
+export declare function diagnoseArchIssue(issue: ArchIssue, fileContexts: {
+    path: string;
+    content: string;
+}[]): Promise<DiagnosisResult>;

package/dist/aiDiagnosis.js

@@ -0,0 +1,125 @@
+"use strict";
+/**
+ * [The Brain] AI Diagnosis Engine (TypeScript Version)
+ *
+ * Transforms errors and architecture issues into actionable solutions using Gemini API.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.diagnoseCodeError = diagnoseCodeError;
+exports.diagnoseArchIssue = diagnoseArchIssue;
+const diagnosisCache = new Map();
+/**
+ * Call Gemini API with structured prompt
+ */
+async function callGeminiAPI(prompt) {
+    const apiKey = process.env.GEMINI_API_KEY;
+    if (!apiKey) {
+        console.warn('[Brain] Gemini API key not configured. Returning mock diagnosis.');
+        return mockDiagnosis();
+    }
+    const model = process.env.AI_DIAGNOSIS_MODEL || 'gemini-2.0-flash';
+    const url = `https://generativelanguage.googleapis.com/v1beta/models/${model}:generateContent?key=${apiKey}`;
+    try {
+        const response = await fetch(url, {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+                contents: [{
+                        parts: [{ text: prompt }]
+                    }],
+                generationConfig: {
+                    temperature: 0.2,
+                    maxOutputTokens: parseInt(process.env.AI_DIAGNOSIS_MAX_TOKENS || '1024')
+                }
+            })
+        });
+        const data = await response.json();
+        if (data.error) {
+            throw new Error(data.error.message);
+        }
+        const text = data.candidates[0].content.parts[0].text;
+        const jsonMatch = text.match(/```json\n([\s\S]*?)\n```/) || text.match(/\{[\s\S]*\}/);
+        if (jsonMatch) {
+            return JSON.parse(jsonMatch[1] || jsonMatch[0]);
+        }
+        throw new Error('Failed to parse JSON from Gemini response');
+    }
+    catch (error) {
+        console.error('[Brain] Gemini API error:', error.message);
+        return mockDiagnosis('AI Diagnosis limited - using fallback', error.message);
+    }
+}
+function mockDiagnosis(issue = 'API key not configured - using mock diagnosis', suggestion = 'Set GEMINI_API_KEY in environment variables') {
+    return {
+        severity: 'error',
+        issue: issue,
+        suggestion: suggestion,
+        fixedCode: '# Gemini API quota exceeded or key missing. Using static fallback analysis.',
+        confidence: 0.0
+    };
+}
+/**
+ * Diagnose code error using Gemini AI
+ */
+async function diagnoseCodeError(file, line, errorType, errorMessage, codeContext) {
+    const cacheKey = `${file}:${line}:${errorType}`;
+    if (diagnosisCache.has(cacheKey)) {
+        return diagnosisCache.get(cacheKey);
+    }
+    const prompt = `당신은 AI-to-Job 컴파일러입니다. Python 에러를 실행 가능한 작업 정의로 변환하는 역할입니다.
+
+**에러 정보:**
+- 타입: ${errorType}
+- 라인: ${line}
+- 파일: ${file}
+- 에러 메시지: ${errorMessage}
+
+**코드 컨텍스트:**
+\`\`\`python
+${codeContext}
+\`\`\`
+
+**작업:**
+이 에러를 분석하고 다음의 정확한 구조로 JSON 응답만 제공하세요:
+{
+    "severity": "error" | "warning",
+    "issue": "문제에 대한 간단한 설명 (한글)",
+    "suggestion": "실행 가능한 수정 지침 (한글)",
+    "fixedCode": "수정된 코드 스니펫",
+    "confidence": 0.0 ~ 1.0 사이의 값
+}
+
+**중요**: 유효한 JSON만 응답하세요. 설명이나 JSON 블록 밖의 마크다운은 작성하지 마세요.`;
+    const diagnosis = await callGeminiAPI(prompt);
+    diagnosisCache.set(cacheKey, diagnosis);
+    return diagnosis;
+}
+/**
+ * Diagnose architecture issue using Gemini AI
+ */
+async function diagnoseArchIssue(issue, fileContexts) {
+    const contexts = fileContexts.map(f => `--- File: ${f.path} ---\n${f.content.slice(0, 2000)}...`).join('\n\n');
+    const prompt = `당신은 Senior Software Architect AI입니다. 현재 프로젝트의 아키텍처 결함을 분석하고 리팩토링 방안을 제시하는 역할입니다.
+
+**탐지된 이슈 정보:**
+- 타입(RuleId): ${issue.ruleId}
+- 제목: ${issue.title}
+- 상세 설명: ${issue.details}
+- 관련 경로: ${issue.relatedPaths?.join(', ') || 'N/A'}
+
+**코드 컨텍스트 (일부):**
+${contexts}
+
+**작업:**
+이 아키텍처 이슈를 분석하고 다음의 정확한 구조로 JSON 응답만 제공하세요:
+{
+    "severity": "error" | "warning",
+    "issue": "아키텍처 문제에 대한 구조적 분석 (한글)",
+    "suggestion": "구체적인 리팩토링 가이드 및 단계별 조치 사항 (한글)",
+    "fixedCode": "리팩토링에 도움이 되는 코드 스니펫 또는 인터페이스 설계 예시",
+    "confidence": 0.0 ~ 1.0 사이의 값
+}
+
+**중요**: 유효한 JSON만 응답하세요. 설명이나 JSON 블록 밖의 마크다운은 작성하지 마세요.`;
+    return await callGeminiAPI(prompt);
+}

package/dist/analyzer.d.ts

@@ -0,0 +1,18 @@
+/**
+ * [The Eye] Error Capture Engine (TypeScript Version)
+ *
+ * Intercepts Python syntax/runtime errors.
+ */
+export interface AnalysisResult {
+    hasError: boolean;
+    error?: string;
+    line?: number;
+    type?: string;
+    file?: string;
+}
+/**
+ * Analyze Python code string for syntax errors and security risks
+ * @param code - Python source code
+ * @param fileName - Original filename for context
+ */
+export declare function analyzePythonCode(code: string, fileName: string): Promise<AnalysisResult>;

package/dist/analyzer.js

@@ -0,0 +1,136 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.analyzePythonCode = analyzePythonCode;
+const child_process_1 = require("child_process");
+const path = __importStar(require("path"));
+const fs = __importStar(require("fs"));
+const os_1 = require("os");
+const crypto_1 = require("crypto");
+/**
+ * Analyze Python code string for syntax errors and security risks
+ * @param code - Python source code
+ * @param fileName - Original filename for context
+ */
+async function analyzePythonCode(code, fileName) {
+    // 1. Architecture Health Scan (God Module / Large File)
+    const lines = code.split('\n');
+    if (lines.length > 800) {
+        return {
+            hasError: true,
+            error: `Large File Risk: ${lines.length} lines. 이 파일의 수정은 시스템 전반에 예측 불가능한 영향을 미칠 수 있습니다.`,
+            line: 1,
+            type: 'ProductionRisk',
+            file: fileName
+        };
+    }
+    // 2. Risk Scan (Operational & Production Readiness)
+    const riskResult = scanForRisks(code, fileName);
+    if (riskResult.hasError) {
+        return riskResult;
+    }
+    // 3. Syntax Check
+    const flatFileName = fileName.replace(/[\/\\]/g, '_');
+    const tempFilePath = path.join((0, os_1.tmpdir)(), `arch_risk_${(0, crypto_1.randomBytes)(4).toString('hex')}_${flatFileName}`);
+    try {
+        fs.writeFileSync(tempFilePath, code);
+        return new Promise((resolve) => {
+            const proc = (0, child_process_1.spawn)('python3', ['-m', 'py_compile', tempFilePath]);
+            let stderr = '';
+            proc.stderr.on('data', (data) => {
+                stderr += data.toString();
+            });
+            proc.on('close', (code) => {
+                if (code !== 0) {
+                    const errorInfo = parseErrorMessage(stderr, fileName);
+                    resolve({
+                        hasError: true,
+                        ...errorInfo
+                    });
+                }
+                else {
+                    resolve({ hasError: false });
+                }
+                // Cleanup temp file
+                if (fs.existsSync(tempFilePath))
+                    fs.unlinkSync(tempFilePath);
+            });
+            setTimeout(() => {
+                proc.kill();
+                resolve({ hasError: false, error: 'Analysis timeout' });
+                if (fs.existsSync(tempFilePath))
+                    fs.unlinkSync(tempFilePath);
+            }, 5000);
+        });
+    }
+    catch (error) {
+        return { hasError: true, error: error.message };
+    }
+}
+function scanForRisks(code, fileName) {
+    const risks = [
+        { pattern: /os\.system\(/, type: 'SecurityRisk', message: '[보안] os.system() 사용이 감지되었습니다. 외부 공격에 노출될 위험이 있습니다.' },
+        { pattern: /subprocess\.(popen|run|call|check_output)\(.*shell\s*=\s*True/, type: 'SecurityRisk', message: '[보안] shell=True 옵션은 명령어 주입 공격의 통로가 될 수 있습니다.' },
+        { pattern: /eval\(|exec\(/, type: 'SecurityRisk', message: '[보안] 동적 코드 실행 함수 사용은 잠재적인 보안 홀을 형성합니다.' },
+        { pattern: /requests\.(get|post|put|delete|patch)\((?!.*timeout=)/, type: 'ProductionRisk', message: '[운영] 외부 API 호출 시 timeout 설정이 없습니다. 장애 발생 시 서비스가 무한 대기에 빠질 수 있습니다.' },
+        { pattern: /aiohttp\.ClientSession\(\).*(get|post|put|delete|patch)\((?!.*timeout=)/, type: 'ProductionRisk', message: '[운영] 비동기 호출 시 timeout 설정이 없습니다. 시스템 리소스 고갈의 원인이 됩니다.' },
+        { pattern: /(?:api_key|password|secret|token)\s*=\s*['"][a-zA-Z0-9_-]{10,}['"]/, type: 'ProductionRisk', message: '[운영] 민감 정보(API Key/Password)가 코드 내에 하드코딩 되어 있습니다. 보안 사고의 직접적인 원인입니다.' },
+    ];
+    const lines = code.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        for (const risk of risks) {
+            if (risk.pattern.test(lines[i])) {
+                return {
+                    hasError: true,
+                    error: risk.message,
+                    line: i + 1,
+                    type: risk.type,
+                    file: fileName
+                };
+            }
+        }
+    }
+    return { hasError: false };
+}
+function parseErrorMessage(stderr, fileName) {
+    const lineMatch = stderr.match(/line (\d+)/);
+    const typeMatch = stderr.match(/(\w+Error):/);
+    return {
+        error: stderr.trim(),
+        line: lineMatch ? parseInt(lineMatch[1]) : undefined,
+        type: typeMatch ? typeMatch[1] : 'SyntaxError',
+        file: fileName
+    };
+}

package/dist/archScanner.d.ts

@@ -0,0 +1,46 @@
+/**
+ * [Phase 8] Architecture Scanner - Ported from Code Observatory
+ */
+export interface ArchIssue {
+    id: string;
+    severity: 'WARN' | 'ERROR';
+    ruleId: string;
+    title: string;
+    details: string;
+    relatedPaths?: string[];
+    metrics?: any;
+}
+export interface ArchNode {
+    id: string;
+    kind: 'project' | 'folder' | 'file' | 'hotspot' | 'cycle';
+    label: string;
+    health: 'OK' | 'WARN' | 'ERROR';
+    path: string;
+    metrics: any;
+    issues?: string[];
+}
+export interface ArchEdge {
+    id: string;
+    source: string;
+    target: string;
+    type: 'contains' | 'imports';
+}
+export interface ArchScanResult {
+    scanId: string;
+    rootPath: string;
+    createdAt: number;
+    health: 'OK' | 'WARN' | 'ERROR';
+    nodes: ArchNode[];
+    edges: ArchEdge[];
+    issues: ArchIssue[];
+    phase: 'FAST' | 'DEPS' | 'DONE';
+}
+export declare function fastScan(rootPath: string): ArchScanResult;
+export declare function depsScan(rootPath: string): {
+    adj: Map<string, Set<string>>;
+    cycles: string[][];
+};
+/**
+ * Note: Full DEPS scan requires complex dependency resolution logic.
+ * For now, we provide the FAST scan as the baseline for the GitHub App.
+ */

package/dist/archScanner.js

@@ -0,0 +1,235 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.fastScan = fastScan;
+exports.depsScan = depsScan;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+function safeId(prefix = 'id') {
+    return `${prefix}_${Date.now()}_${Math.random().toString(16).slice(2)}`;
+}
+function isTextFile(p) {
+    const ext = path.extname(p).toLowerCase();
+    return ['.js', '.jsx', '.ts', '.tsx', '.mjs', '.cjs', '.json', '.py'].includes(ext);
+}
+function isSkippableDir(name) {
+    return ['node_modules', '.git', '.next', 'dist', 'build', 'out', '.turbo', '__pycache__', 'venv', '.venv'].includes(name);
+}
+function suspiciousFolderName(name) {
+    const n = name.toLowerCase();
+    return ['temp', 'tmp', 'backup', 'bak', 'old', 'new', 'new2', 'final', 'final_final', 'copy'].some(k => n.includes(k));
+}
+function countLOC(text) {
+    return text.split(/\r?\n/).length;
+}
+function fastScan(rootPath) {
+    const start = Date.now();
+    let fileCount = 0;
+    let dirCount = 0;
+    let rootFiles = 0;
+    let maxDepth = 0;
+    let suspiciousDirs = [];
+    const hotspots = [];
+    function walk(dir, depth) {
+        maxDepth = Math.max(maxDepth, depth);
+        let entries;
+        try {
+            entries = fs.readdirSync(dir, { withFileTypes: true });
+        }
+        catch {
+            return;
+        }
+        for (const ent of entries) {
+            const full = path.join(dir, ent.name);
+            if (ent.isDirectory()) {
+                if (isSkippableDir(ent.name))
+                    continue;
+                dirCount++;
+                if (suspiciousFolderName(ent.name))
+                    suspiciousDirs.push(full);
+                walk(full, depth + 1);
+            }
+            else if (ent.isFile()) {
+                fileCount++;
+                if (dir === rootPath)
+                    rootFiles++;
+                if (isTextFile(full)) {
+                    try {
+                        const txt = fs.readFileSync(full, 'utf8');
+                        const loc = countLOC(txt);
+                        if (loc >= 800)
+                            hotspots.push({ filePath: full, loc });
+                    }
+                    catch { }
+                }
+            }
+        }
+    }
+    walk(rootPath, 0);
+    const scanId = safeId('scan');
+    const issues = [];
+    const nodes = [];
+    const edges = [];
+    let overall = 'OK';
+    if (rootFiles > 60) {
+        overall = 'WARN';
+        issues.push({ id: safeId('issue'), severity: 'WARN', ruleId: 'root-files', title: 'Root is cluttered', details: `Root directory has ${rootFiles} files. Consider moving code under src/.`, metrics: { rootFiles } });
+    }
+    if (maxDepth > 10) {
+        if (overall === 'OK')
+            overall = 'WARN';
+        issues.push({ id: safeId('issue'), severity: 'WARN', ruleId: 'deep-nesting', title: 'Deep directory nesting', details: `Max directory depth is ${maxDepth}.`, metrics: { maxDepth } });
+    }
+    if (suspiciousDirs.length >= 2) {
+        if (overall === 'OK')
+            overall = 'WARN';
+        issues.push({ id: safeId('issue'), severity: 'WARN', ruleId: 'suspicious-folders', title: 'Suspicious folders found', details: `Found folders like temp/backup/etc.`, relatedPaths: suspiciousDirs.slice(0, 10).map(p => path.relative(rootPath, p)), metrics: { count: suspiciousDirs.length } });
+    }
+    if (hotspots.length >= 3) {
+        if (overall === 'OK')
+            overall = 'WARN';
+        issues.push({ id: safeId('issue'), severity: 'WARN', ruleId: 'hotspots', title: 'Large files (hotspots)', details: `Found ${hotspots.length} files with LOC >= 800.`, relatedPaths: hotspots.slice(0, 10).map(h => path.relative(rootPath, h.filePath)), metrics: { hotspots: hotspots.length } });
+    }
+    nodes.push({ id: 'ARCH_PROJECT', kind: 'project', label: path.basename(rootPath) || 'PROJECT', health: overall, path: rootPath, metrics: { fileCount, dirCount, rootFiles, maxDepth, ms: Date.now() - start }, issues: issues.map(i => i.id) });
+    return { scanId, rootPath, createdAt: Date.now(), health: overall, nodes, edges, issues, phase: 'FAST' };
+}
+// --- DEPS SCAN ---
+function parseRelativeImports(fileText) {
+    const imports = [];
+    const re1 = /import\s+[^'"]*['"]([^'"]+)['"]/g;
+    const re2 = /require\(\s*['"]([^'"]+)['"]\s*\)/g;
+    const re3 = /from\s+['"]([^'"]+)['"]\s+import/g; // Python style
+    let m;
+    while ((m = re1.exec(fileText)))
+        imports.push(m[1]);
+    while ((m = re2.exec(fileText)))
+        imports.push(m[1]);
+    while ((m = re3.exec(fileText)))
+        imports.push(m[1]);
+    return imports.filter(s => s.startsWith('./') || s.startsWith('../') || s.includes('.'));
+}
+function resolveImport(fromFile, spec) {
+    const base = path.resolve(path.dirname(fromFile), spec);
+    const candidates = [
+        base,
+        base + '.py', base + '.ts', base + '.tsx', base + '.js', base + '.jsx',
+        path.join(base, '__init__.py'), path.join(base, 'index.ts'), path.join(base, 'index.js')
+    ];
+    for (const c of candidates) {
+        if (fs.existsSync(c) && fs.statSync(c).isFile())
+            return c;
+    }
+    return null;
+}
+function depsScan(rootPath) {
+    const files = [];
+    function walk(dir) {
+        let entries;
+        try {
+            entries = fs.readdirSync(dir, { withFileTypes: true });
+        }
+        catch {
+            return;
+        }
+        for (const ent of entries) {
+            const full = path.join(dir, ent.name);
+            if (ent.isDirectory()) {
+                if (isSkippableDir(ent.name))
+                    continue;
+                walk(full);
+            }
+            else if (ent.isFile() && isTextFile(full))
+                files.push(full);
+        }
+    }
+    walk(rootPath);
+    const adj = new Map();
+    for (const f of files) {
+        let txt;
+        try {
+            txt = fs.readFileSync(f, 'utf8');
+        }
+        catch {
+            continue;
+        }
+        const specs = parseRelativeImports(txt);
+        for (const spec of specs) {
+            const resolved = resolveImport(f, spec);
+            if (!resolved)
+                continue;
+            if (!adj.has(f))
+                adj.set(f, new Set());
+            adj.get(f).add(resolved);
+        }
+    }
+    const visited = new Set();
+    const stack = new Set();
+    const parent = new Map();
+    const cycles = [];
+    function dfs(u) {
+        visited.add(u);
+        stack.add(u);
+        const nbrs = adj.get(u);
+        if (nbrs) {
+            for (const v of nbrs) {
+                if (!visited.has(v)) {
+                    parent.set(v, u);
+                    dfs(v);
+                }
+                else if (stack.has(v)) {
+                    const cycle = [v];
+                    let cur = u;
+                    while (cur && cur !== v && cycle.length < 50) {
+                        cycle.push(cur);
+                        cur = parent.get(cur);
+                    }
+                    cycle.push(v);
+                    cycle.reverse();
+                    cycles.push(cycle);
+                }
+            }
+        }
+        stack.delete(u);
+    }
+    for (const f of adj.keys()) {
+        if (!visited.has(f))
+            dfs(f);
+    }
+    return { adj, cycles };
+}
+/**
+ * Note: Full DEPS scan requires complex dependency resolution logic.
+ * For now, we provide the FAST scan as the baseline for the GitHub App.
+ */

package/dist/deepAnalysis.d.ts

@@ -0,0 +1,10 @@
+export interface DeepAnalysisResult {
+    summary: string;
+    refactoringGuides: {
+        file: string;
+        description: string;
+        suggestion: string;
+    }[];
+    techDebtScore: number;
+}
+export declare function runDeepAnalysis(repoDir: string, provider: string, apiKey: string): Promise<DeepAnalysisResult>;