arcvision 0.2.12 → 0.2.15

package/test_repos/blocked-legacy-monolith/database/dbConnection.js

@@ -0,0 +1,35 @@
+// Database Connection Module
+// This violates architectural rules by importing utility functions
+
+const utils = require('../utils/helpers');
+const fs = require('fs');
+
+class DBConnection {
+  constructor() {
+    this.connectionString = 'mysql://localhost:3306/mydb';
+    // Violation: Database layer importing utility functions
+    this.logger = utils.createLogger('database');
+  }
+
+  async query(sql, params) {
+    // Database query logic
+    this.logger.info(`Executing query: ${sql}`);
+    return { rows: [], rowCount: 0 };
+  }
+
+  async executePayment(amount, userId) {
+    // Payment execution logic
+    const transactionId = utils.generateTransactionId();
+    this.logger.info(`Processing payment ${transactionId}`);
+    
+    return {
+      id: transactionId,
+      amount,
+      userId,
+      userEmail: 'user@example.com',
+      paymentId: utils.generateId()
+    };
+  }
+}
+
+module.exports = new DBConnection();

package/test_repos/blocked-legacy-monolith/index.js

@@ -0,0 +1,38 @@
+// Main Application Entry Point
+// Legacy monolith with architectural violations
+
+const express = require('express');
+const emailService = require('./modules/emailService');
+const paymentProcessor = require('./modules/paymentProcessor');
+const db = require('./database/dbConnection');
+
+const app = express();
+const PORT = 3000;
+
+app.use(express.json());
+
+// Violation: UI layer accessing database directly
+app.get('/payments/:id', async (req, res) => {
+  try {
+    // Direct database access from "UI" endpoint
+    const payment = await db.query('SELECT * FROM payments WHERE id = ?', [req.params.id]);
+    res.json(payment);
+  } catch (error) {
+    res.status(500).json({ error: error.message });
+  }
+});
+
+app.post('/process-payment', async (req, res) => {
+  try {
+    const { amount, userId } = req.body;
+    const result = await paymentProcessor.processPayment(amount, userId);
+    res.json(result);
+  } catch (error) {
+    res.status(500).json({ error: error.message });
+  }
+});
+
+app.listen(PORT, () => {
+  console.log(`Legacy monolith server running on port ${PORT}`);
+  console.log('WARNING: This application contains multiple architectural violations!');
+});

package/test_repos/blocked-legacy-monolith/modules/emailService.js

@@ -0,0 +1,31 @@
+// Email Service Module - Part of legacy monolith
+// This module violates architectural rules by importing from database layer directly
+
+const database = require('../database/dbConnection');
+const paymentProcessor = require('./paymentProcessor');
+
+class EmailService {
+  constructor() {
+    this.db = database;
+    this.paymentProcessor = paymentProcessor;
+  }
+
+  async sendPaymentConfirmation(email, paymentId) {
+    // Violation 1: Direct database access from service layer
+    const payment = await this.db.query(`SELECT * FROM payments WHERE id = ?`, [paymentId]);
+    
+    // Violation 2: Circular dependency - emailService imports paymentProcessor
+    // and paymentProcessor imports emailService (created below)
+    await this.paymentProcessor.processEmailNotification(payment);
+    
+    // Send email logic here
+    console.log(`Sending payment confirmation to ${email}`);
+  }
+
+  async sendWelcomeEmail(user) {
+    // More email sending logic
+    console.log(`Sending welcome email to ${user.email}`);
+  }
+}
+
+module.exports = new EmailService();

package/test_repos/blocked-legacy-monolith/modules/paymentProcessor.js

@@ -0,0 +1,37 @@
+// Payment Processor Module - Part of legacy monolith
+// This creates circular dependency with emailService
+
+const emailService = require('./emailService');
+const database = require('../database/dbConnection');
+const sharedUtils = require('../shared/utils');
+
+class PaymentProcessor {
+  constructor() {
+    this.emailService = emailService;
+    this.db = database;
+  }
+
+  async processPayment(amount, userId) {
+    // Violation 1: Importing from shared directory (forbidden)
+    const transactionId = sharedUtils.generateId();
+    
+    // Process payment logic
+    const result = await this.db.executePayment(amount, userId);
+    
+    // Violation 2: Circular dependency - paymentProcessor imports emailService
+    await this.emailService.sendPaymentConfirmation(result.userEmail, result.paymentId);
+    
+    return {
+      transactionId,
+      amount,
+      status: 'completed'
+    };
+  }
+
+  async processEmailNotification(payment) {
+    // Email notification logic
+    console.log(`Processing email notification for payment ${payment.id}`);
+  }
+}
+
+module.exports = new PaymentProcessor();

package/test_repos/blocked-legacy-monolith/package.json

@@ -0,0 +1,15 @@
+{
+  "name": "blocked-legacy-monolith",
+  "version": "1.0.0",
+  "description": "Legacy monolith with architectural violations for ArcVision testing",
+  "main": "index.js",
+  "scripts": {
+    "start": "node index.js",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "dependencies": {
+    "express": "^4.18.2"
+  },
+  "author": "ArcVision Test Suite",
+  "license": "MIT"
+}

package/test_repos/blocked-legacy-monolith/shared/utils.js

@@ -0,0 +1,19 @@
+// Shared Utilities - These should not be imported by modules according to architecture rules
+
+function generateId() {
+  return Math.random().toString(36).substr(2, 9);
+}
+
+function formatDate(date) {
+  return date.toISOString();
+}
+
+function validateEmail(email) {
+  return /^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(email);
+}
+
+module.exports = {
+  generateId,
+  formatDate,
+  validateEmail
+};

package/test_repos/blocked-legacy-monolith/utils/helpers.js

@@ -0,0 +1,23 @@
+// Utility Helpers - These should not be imported by database layer
+
+function createLogger(name) {
+  return {
+    info: (message) => console.log(`[${name}] INFO: ${message}`),
+    error: (message) => console.error(`[${name}] ERROR: ${message}`)
+  };
+}
+
+function generateTransactionId() {
+  return `txn_${Date.now()}_${Math.random().toString(36).substr(2, 5)}`;
+}
+
+function sanitizeInput(input) {
+  // Input sanitization logic
+  return input.replace(/[^a-zA-Z0-9]/g, '');
+}
+
+module.exports = {
+  createLogger,
+  generateTransactionId,
+  sanitizeInput
+};

package/test_repos/risky-microservices-concerns/.arcvision/invariants.json

@@ -0,0 +1,69 @@
+{
+  "version": "1.0",
+  "project_specific_invariants": [
+    {
+      "id": "limit-common-module-size",
+      "system": "risky-microservices-concerns",
+      "description": "Common modules should not grow beyond reasonable size limits",
+      "severity": "risk",
+      "scope": {
+        "files": ["common/*"]
+      },
+      "rule": {
+        "type": "pattern",
+        "condition": {
+          "pattern": "TODO.*refactor|FIXME.*split"
+        }
+      }
+    },
+    {
+      "id": "avoid-service-interdependence",
+      "system": "risky-microservices-concerns",
+      "description": "Services should minimize direct dependencies on each other",
+      "severity": "risk",
+      "scope": {
+        "files": ["services/*"]
+      },
+      "rule": {
+        "type": "dependency",
+        "condition": {
+          "forbiddenDependency": {
+            "from": "userService",
+            "to": "orderService"
+          }
+        }
+      }
+    },
+    {
+      "id": "gateway-complexity-warning",
+      "system": "risky-microservices-concerns",
+      "description": "Gateway modules approaching concerning complexity levels",
+      "severity": "risk",
+      "scope": {
+        "files": ["gateways/*"]
+      },
+      "rule": {
+        "type": "pattern",
+        "condition": {
+          "pattern": "complexRoutingLogic|manualLoadBalancing"
+        }
+      }
+    },
+    {
+      "id": "library-version-drift",
+      "system": "risky-microservices-concerns",
+      "description": "Libraries showing signs of version drift or inconsistent usage",
+      "severity": "risk",
+      "scope": {
+        "files": ["libs/*"]
+      },
+      "rule": {
+        "type": "existence",
+        "condition": {
+          "mustExist": "deprecatedHelper.js"
+        }
+      }
+    }
+  ],
+  "generated_at": "2026-01-22T12:00:00Z"
+}

package/test_repos/risky-microservices-concerns/arcvision_context/README.md

@@ -0,0 +1,93 @@
+# ArcVision System Context Artifact
+
+
+## What This Is [arcvision.context.json](./arcvision.context.json)
+
+This file is the **canonical structural context** of this codebase.
+It represents how the system actually works — not how it is described.
+
+It is generated directly from source code by ArcVision.
+
+## What This Replaces
+
+This artifact replaces:
+- Manual repository scanning
+- Tribal knowledge held by senior engineers
+- Re-explaining the system to new developers
+- Re-prompting LLMs with partial or incorrect context
+- Guessing blast radius of changes
+
+## When You Must Use This
+
+Use this artifact when:
+- Onboarding a new developer
+- Prompting an AI assistant about this codebase
+- Making architectural changes
+- Investigating unexpected behavior
+- Assessing risk before modifying core modules
+
+## What This Artifact Contains
+
+- Canonical module and dependency graph
+- Execution and data flow relationships
+- Structural roles (service, store, boundary, etc.)
+- Invariants inferred from the system
+- Impact metrics (blast radius, coupling)
+- Authority core identification
+- Hidden coupling detection
+- Architectural archetype classification
+- Analysis completeness metrics
+
+## Determinism & Trust
+
+- Generated from commit: ae164d81a70b781ce2aa48702aa493acc245b50c
+- Generation timestamp: 2026-01-22T06:51:00.837Z
+- Tool version: 0.2.14
+- Deterministic: same input → same output
+- Explicit assumptions listed inside the artifact
+
+If this artifact conflicts with human memory, **trust the artifact**.
+
+## Structural Context Hubs
+
+The following files have the highest blast radius and represent critical structural hubs in the system:
+
+- **services/orderService.js**
+  - Blast Radius: 3 files (42.86% of codebase)
+  - Risk: Changes here may silently propagate across the system.
+
+- **services/userService.js**
+  - Blast Radius: 3 files (42.86% of codebase)
+  - Risk: Acts as a coordination layer between components.
+
+- **common/utils.js**
+  - Blast Radius: 2 files (28.57% of codebase)
+  - Risk: Modifications can cause widespread inconsistencies.
+
+
+
+## How to Use With AI
+
+When prompting AI tools, include this file as system context.
+Do not ask the AI to infer architecture without it.
+
+## When to Regenerate
+
+Regenerate this artifact when:
+- Core modules change
+- New services are added
+- Dependency structure shifts
+
+Run:
+
+```
+arcvision scan --upload
+```
+
+## Source of Truth
+
+This artifact is the **source of truth** for system structure.
+All explanations, decisions, and AI reasoning should reference it.
+
+Some execution script invocations are dynamically assembled at runtime and may not be statically traceable; such scripts are included 
+as execution boundaries without guaranteed call-site resolution