argusqa-os 9.2.0

package/src/orchestration/report-processor.js

@@ -0,0 +1,134 @@
+/**
+ * Argus Report Processor (v9.1.3)
+ *
+ * Post-crawl pipeline: dedup → severity overrides → summary rebuild →
+ * baseline load/apply/save → trend append → JSON write.
+ *
+ * Extracted from crawl-and-report.js god object.
+ */
+
+import fs   from 'fs';
+import path from 'path';
+
+import { childLogger } from '../utils/logger.js';
+import { applyOverrides }                                                  from '../utils/severity-overrides.js';
+import { loadBaseline, saveBaseline, applyBaseline, appendTrend, getCurrentBranch } from '../utils/baseline-manager.js';
+
+const logger = childLogger('report-processor');
+
+// ── Deduplication ─────────────────────────────────────────────────────────────
+
+/**
+ * Deduplicate findings: same type + message (first 200 chars) + url = one entry.
+ * @param {object[]} findings
+ * @returns {object[]}
+ */
+export function deduplicateFindings(findings) {
+  const seen = new Set();
+  return findings.filter(e => {
+    if (!e || typeof e !== 'object') return false;
+    const key = `${e.type ?? 'unknown'}::${(e.message ?? '').slice(0, 200)}::${e.url ?? ''}`;
+    if (seen.has(key)) return false;
+    seen.add(key);
+    return true;
+  });
+}
+
+// ── Summary Rebuild ───────────────────────────────────────────────────────────
+
+/**
+ * Recount report.summary from all findings in routes, flows, and codebase.
+ * Called after applyOverrides() which may suppress or reclassify findings.
+ * @param {object} report - Mutable report object
+ */
+export function rebuildSummary(report) {
+  report.summary = { total: 0, critical: 0, warning: 0, info: 0 };
+
+  function countFinding(finding) {
+    report.summary.total++;
+    if (finding.severity === 'critical' || finding.severity === 'warning' || finding.severity === 'info') {
+      report.summary[finding.severity]++;
+    } else if (finding.severity) {
+      logger.warn(`[ARGUS] Unknown severity "${finding.severity}" on finding type "${finding.type ?? 'unknown'}"`);
+    }
+  }
+
+  for (const routeResult of report.routes) {
+    for (const err of routeResult.errors) countFinding(err);
+  }
+  for (const flowResult of (report.flows ?? [])) {
+    for (const finding of (flowResult.findings ?? [])) countFinding(finding);
+  }
+  for (const finding of (report.codebase ?? [])) {
+    countFinding(finding);
+  }
+}
+
+// ── Main Post-Crawl Processor ─────────────────────────────────────────────────
+
+/**
+ * Apply overrides → rebuild summary → baseline load/apply → write JSON → save baseline + trend.
+ *
+ * @param {object} report     - Mutable report object (modified in place)
+ * @param {object} options
+ * @param {string} options.outputDir         - Directory to write error-report-*.json
+ * @param {Array}  options.severityOverrides - From targets.js
+ * @returns {{ reportPath: string, diff: object }}
+ */
+export async function processReport(report, { outputDir, severityOverrides }) {
+  // 1. Apply severity overrides (suppress or reclassify findings)
+  const { overriddenCount, suppressedCount } = applyOverrides(report, severityOverrides);
+  if (overriddenCount > 0 || suppressedCount > 0) {
+    logger.info(`[ARGUS] Severity overrides: ${overriddenCount} remapped, ${suppressedCount} suppressed`);
+  }
+
+  // 2. Rebuild summary after overrides
+  rebuildSummary(report);
+
+  // 3. Load baseline + compute diff
+  const branch     = getCurrentBranch();
+  const safeBranch = branch.replace(/[/\\]/g, '__').replace(/[^a-zA-Z0-9._-]/g, '_');
+  const baselinePath = path.join(outputDir, 'baselines', `${safeBranch}.json`);
+  const trendsPath   = path.join(outputDir, 'baselines', `${safeBranch}-trends.json`);
+  logger.info(`[ARGUS] Branch: "${branch}" → baseline: ${baselinePath}`);
+
+  const baseline = loadBaseline(baselinePath);
+  const diff     = applyBaseline(report, baseline);
+
+  if (!diff.isFirstRun) {
+    logger.info(`[ARGUS] Baseline diff: ${diff.newCount} new finding(s), ${diff.resolvedCount} resolved`);
+    if ((diff.flowNewCount ?? 0) > 0 || (diff.flowResolvedCount ?? 0) > 0) {
+      logger.info(`[ARGUS] Flow diff: ${diff.flowNewCount} new flow finding(s), ${diff.flowResolvedCount} resolved`);
+    }
+  } else {
+    logger.info('[ARGUS] First run — no baseline to compare; all findings treated as new');
+  }
+
+  // 4. Write JSON report
+  const timestamp  = new Date().toISOString().replace(/[:.]/g, '-');
+  const reportPath = path.join(outputDir, `error-report-${timestamp}.json`);
+  try {
+    fs.writeFileSync(reportPath, JSON.stringify(report, null, 2));
+  } catch (err) {
+    logger.error(`[ARGUS] Failed to write report JSON: ${err.message}`);
+    throw err;
+  }
+  logger.info(`[ARGUS] Report written: ${reportPath}`);
+
+  // 5. Persist baseline + append trend entry
+  saveBaseline(baselinePath, report);
+  appendTrend(trendsPath, {
+    runAt:                report.generatedAt,
+    baseUrl:              report.baseUrl,
+    summary:              report.summary,
+    newFindings:          diff.newCount,
+    resolvedFindings:     diff.resolvedCount,
+    routeCount:           report.routes.length,
+    flowCount:            report.flows?.length ?? 0,
+    flowNewFindings:      diff.flowNewCount  ?? 0,
+    flowResolvedFindings: diff.flowResolvedCount ?? 0,
+  });
+  logger.info(`[ARGUS] Baseline saved → ${baselinePath} (branch: "${branch}")`);
+
+  return { reportPath, diff };
+}

package/src/orchestration/slack-notifier.js

@@ -0,0 +1,337 @@
+/**
+ * ARGUS Phase 4: Slack Notification Dispatcher
+ *
+ * Posts rich Block Kit bug reports to Slack with:
+ *   - Severity-based channel routing
+ *   - Screenshot uploads via files.getUploadURLExternal + files.completeUploadExternal
+ *   - Interactive action buttons (View Page, Acknowledge, Retest)
+ *   - Threaded follow-up support
+ *
+ * Requires environment variables:
+ *   SLACK_BOT_TOKEN        — xoxb-... token
+ *   SLACK_CHANNEL_CRITICAL — channel ID for critical bugs
+ *   SLACK_CHANNEL_WARNINGS — channel ID for warnings
+ *   SLACK_CHANNEL_DIGEST   — channel ID for daily digest
+ */
+
+import { WebClient } from '@slack/web-api';
+import fs from 'fs';
+import path from 'path';
+import 'dotenv/config';
+import { childLogger } from '../utils/logger.js';
+
+const logger = childLogger('slack-notifier');
+
+const slack = new WebClient(process.env.SLACK_BOT_TOKEN);
+
+const CHANNELS = {
+  critical: process.env.SLACK_CHANNEL_CRITICAL,
+  warning: process.env.SLACK_CHANNEL_WARNINGS,
+  info: process.env.SLACK_CHANNEL_DIGEST,
+};
+
+const SEVERITY_EMOJI = {
+  critical: '🔴',
+  warning: '🟡',
+  info: '🔵',
+};
+
+// ── Rate-limit-aware postMessage wrapper ─────────────────────────────────────
+
+const SLACK_RATE_LIMIT_RETRIES = 3;
+
+async function slackPostWithBackoff(args) {
+  for (let attempt = 0; attempt < SLACK_RATE_LIMIT_RETRIES; attempt++) {
+    try {
+      return await slack.chat.postMessage(args);
+    } catch (err) {
+      const isRateLimit = err.code === 'slack_webapi_rate_limited'
+        || err.message?.toLowerCase().includes('ratelimited');
+      if (!isRateLimit || attempt === SLACK_RATE_LIMIT_RETRIES - 1) throw err;
+      const retryAfterMs = (err.retryAfter ?? 1) * 1000;
+      logger.warn(`[ARGUS] Slack rate limited — retrying in ${retryAfterMs}ms (attempt ${attempt + 1})`);
+      await new Promise(r => setTimeout(r, retryAfterMs));
+    }
+  }
+}
+
+// ── File Upload (Current Slack API) ───────────────────────────────────────────
+
+/**
+ * Upload a file to Slack using the current (non-deprecated) upload API.
+ * Steps: getUploadURLExternal → POST binary → completeUploadExternal
+ *
+ * @param {string} filePath - Absolute path to the file
+ * @param {string} channelId - Channel to share the file into
+ * @param {string} filename - Display filename in Slack
+ * @returns {string|null} Slack file ID if successful, null on failure
+ */
+async function uploadFileToSlack(filePath, channelId, filename) {
+  if (!filePath || !fs.existsSync(filePath)) return null;
+
+  const fileBuffer = fs.readFileSync(filePath);
+  const fileSize = fileBuffer.length;
+
+  // Step 1: Get a pre-signed upload URL from Slack
+  let uploadUrl, fileId;
+  try {
+    const urlResponse = await slack.files.getUploadURLExternal({
+      filename,
+      length: fileSize,
+    });
+    uploadUrl = urlResponse.upload_url;
+    fileId = urlResponse.file_id;
+  } catch (err) {
+    logger.error('[ARGUS] Failed to get Slack upload URL:', err.message);
+    return null;
+  }
+
+  // Step 2: PUT the binary data to the pre-signed URL
+  // Slack requires PUT here — POST silently fails and produces a broken/missing file
+  try {
+    const response = await fetch(uploadUrl, {
+      method: 'PUT',
+      headers: { 'Content-Type': 'application/octet-stream' },
+      body: fileBuffer,
+      signal: AbortSignal.timeout(30000),
+    });
+    if (!response.ok) {
+      logger.error('[ARGUS] Slack upload PUT failed:', response.status, response.statusText);
+      return null;
+    }
+  } catch (err) {
+    logger.error('[ARGUS] Slack upload fetch error:', err.message);
+    return null;
+  }
+
+  // Step 3: Complete the upload and share to channel
+  try {
+    await slack.files.completeUploadExternal({
+      files: [{ id: fileId, title: filename }],
+      channel_id: channelId,
+    });
+  } catch (err) {
+    logger.error('[ARGUS] Failed to complete Slack upload:', err.message);
+    return null;
+  }
+
+  return fileId;
+}
+
+// ── Block Kit Message Builder ─────────────────────────────────────────────────
+
+/**
+ * Build a Slack Block Kit message payload for a bug report.
+ *
+ * @param {object} opts
+ * @param {string} opts.severity - 'critical' | 'warning' | 'info'
+ * @param {string} opts.title - Short title
+ * @param {string} opts.description - Longer description / AI-generated summary
+ * @param {string} opts.url - Affected URL
+ * @param {string|null} opts.fileId - Slack file ID of uploaded screenshot (or null)
+ * @param {object} opts.details - Raw detail object (shown as JSON in fallback)
+ * @returns {object[]} Slack blocks array
+ */
+function buildBugReportBlocks({ severity, title, description, url, fileId, details }) {
+  const emoji = SEVERITY_EMOJI[severity] ?? '⚪';
+  const severityLabel = severity.charAt(0).toUpperCase() + severity.slice(1);
+
+  const blocks = [
+    // Header
+    {
+      type: 'header',
+      text: {
+        type: 'plain_text',
+        text: `${emoji} [${severityLabel}] ${title}`,
+        emoji: true,
+      },
+    },
+    // Description
+    {
+      type: 'section',
+      text: {
+        type: 'mrkdwn',
+        text: description.length > 3000 ? description.slice(0, 2997) + '...' : description,
+      },
+    },
+    // URL + timestamp
+    {
+      type: 'context',
+      elements: [
+        {
+          type: 'mrkdwn',
+          text: `*URL:* ${url}  |  *Detected:* <!date^${Math.floor(Date.now() / 1000)}^{date_short_pretty} at {time}|${new Date().toISOString()}>`,
+        },
+      ],
+    },
+    // Divider
+    { type: 'divider' },
+  ];
+
+  // Screenshot block — uses slack_file reference so no external hosting needed
+  if (fileId) {
+    blocks.push({
+      type: 'image',
+      slack_file: { id: fileId },
+      alt_text: `Screenshot for: ${title}`,
+    });
+    blocks.push({ type: 'divider' });
+  }
+
+  // Action buttons
+  blocks.push({
+    type: 'actions',
+    elements: [
+      {
+        type: 'button',
+        text: { type: 'plain_text', text: 'View Page', emoji: true },
+        url,
+        action_id: 'view_page',
+        style: severity === 'critical' ? 'danger' : 'primary',
+      },
+      {
+        type: 'button',
+        text: { type: 'plain_text', text: 'Acknowledge', emoji: true },
+        action_id: 'acknowledge',
+        value: JSON.stringify({ title: title.slice(0, 100), url: url.slice(0, 200), severity }),
+      },
+      {
+        type: 'button',
+        text: { type: 'plain_text', text: 'Retest', emoji: true },
+        action_id: 'retest',
+        value: JSON.stringify({ url: url.slice(0, 200), severity }),
+      },
+    ],
+  });
+
+  return blocks;
+}
+
+// ── Main Dispatcher ───────────────────────────────────────────────────────────
+
+/**
+ * Post a bug report to the appropriate Slack channel.
+ *
+ * @param {object} opts
+ * @param {'critical'|'warning'|'info'} opts.severity
+ * @param {string} opts.title
+ * @param {string} opts.description
+ * @param {string} opts.url - Affected URL
+ * @param {string|null} opts.screenshotPath - Local path to screenshot file
+ * @param {object} opts.details - Additional raw detail data
+ * @param {string|null} opts.threadTs - If set, post as thread reply (from follow-up retest)
+ * @returns {{ ts: string, channel: string }|null} Message timestamp + channel, or null on failure
+ */
+export async function postBugReport({ severity, title, description, url, screenshotPath, details, threadTs = null }) {
+  const channelId = CHANNELS[severity];
+
+  if (!channelId) {
+    logger.warn(`[ARGUS] No Slack channel configured for severity: ${severity}. Set SLACK_CHANNEL_${severity.toUpperCase()} in .env`);
+    return null;
+  }
+
+  if (!process.env.SLACK_BOT_TOKEN) {
+    logger.warn('[ARGUS] SLACK_BOT_TOKEN not set — skipping Slack notification');
+    logger.info(`[ARGUS] Would post: [${severity}] ${title} → ${url}`);
+    return null;
+  }
+
+  // Upload screenshot if provided
+  const filename = screenshotPath ? path.basename(screenshotPath) : null;
+  const fileId = screenshotPath
+    ? await uploadFileToSlack(screenshotPath, channelId, filename)
+    : null;
+
+  // Build Block Kit blocks
+  const blocks = buildBugReportBlocks({ severity, title, description, url, fileId, details });
+
+  // Post message
+  try {
+    const result = await slackPostWithBackoff({
+      channel: channelId,
+      text: `[${severity.toUpperCase()}] ${title} — ${url}`, // fallback text
+      blocks,
+      thread_ts: threadTs ?? undefined,
+    });
+
+    logger.info(`[ARGUS] Slack message posted: ${result.ts} → channel ${channelId}`);
+    return { ts: result.ts, channel: channelId };
+  } catch (err) {
+    logger.error('[ARGUS] Failed to post Slack message:', err.message);
+    return null;
+  }
+}
+
+/**
+ * Post a retest follow-up as a thread reply to the original bug message.
+ *
+ * @param {string} originalTs - Timestamp of the original bug message
+ * @param {string} channelId - Channel of the original message
+ * @param {'pass'|'fail'} outcome
+ * @param {string} details - Human-readable retest result summary
+ */
+export async function postRetestResult(originalTs, channelId, outcome, details) {
+  if (!process.env.SLACK_BOT_TOKEN) return;
+
+  const emoji = outcome === 'pass' ? '✅' : '❌';
+  const text = `${emoji} *Retest ${outcome.toUpperCase()}*\n${details}`;
+
+  try {
+    await slackPostWithBackoff({
+      channel: channelId,
+      text,
+      thread_ts: originalTs,
+    });
+  } catch (err) {
+    logger.error('[ARGUS] Failed to post retest reply:', err.message);
+  }
+}
+
+/**
+ * Update an existing Slack message (e.g., to mark a bug as acknowledged).
+ *
+ * @param {string} ts - Message timestamp
+ * @param {string} channelId - Channel ID
+ * @param {string} acknowledgingUser - Display name of acknowledging user
+ */
+export async function acknowledgeMessage(ts, channelId, acknowledgingUser) {
+  if (!process.env.SLACK_BOT_TOKEN) return;
+
+  try {
+    // Append an acknowledged context block by updating the message
+    const existing = await slack.conversations.history({
+      channel: channelId,
+      latest: ts,
+      inclusive: true,
+      limit: 1,
+    });
+
+    const msg = existing.messages?.[0];
+    if (!msg) {
+      logger.warn('[ARGUS] acknowledgeMessage: original message not found for ts:', ts);
+      return;
+    }
+
+    const updatedBlocks = [
+      ...(msg.blocks ?? []),
+      {
+        type: 'context',
+        elements: [
+          {
+            type: 'mrkdwn',
+            text: `✅ Acknowledged by *${acknowledgingUser}* at <!date^${Math.floor(Date.now() / 1000)}^{time}|now>`,
+          },
+        ],
+      },
+    ];
+
+    await slack.chat.update({
+      channel: channelId,
+      ts,
+      blocks: updatedBlocks,
+      text: msg.text + ' [ACKNOWLEDGED]',
+    });
+  } catch (err) {
+    logger.error('[ARGUS] Failed to acknowledge message:', err.message);
+  }
+}