autonomous-flow-daemon 1.6.0 → 1.9.0

package/src/core/plugin-manager.ts

@@ -0,0 +1,225 @@
+/**
+ * Plugin Manager — third-party validator adapter system.
+ *
+ * Plugin manifest: .afd/plugins/<name>.json
+ * Installed validator wrapper: .afd/validators/plugin-<name>.js
+ *
+ * Installation strategy:
+ *   1. `bun add <package>` → installs to workspace node_modules
+ *   2. Wrap the package's main export in .afd/validators/plugin-<name>.js
+ *   3. Write manifest to .afd/plugins/<name>.json
+ *   Hot-reload is automatic (existing fs.watch on validators dir)
+ */
+
+import { existsSync, mkdirSync, writeFileSync, readFileSync, readdirSync, unlinkSync } from "fs";
+import { join, resolve } from "path";
+import { spawnSync } from "child_process";
+import { findWorkspaceRoot } from "./workspace";
+
+// ── Public Types ─────────────────────────────────────────────────────────────
+
+/**
+ * Contract for third-party validator plugins.
+ * The npm package's main export must satisfy this interface.
+ * A plugin can export a function directly or an object with a `validate` method.
+ */
+export interface ValidatorPlugin {
+  /** Return true if the content is CORRUPTED (should be blocked). */
+  validate(newContent: string, filePath: string): boolean;
+  /** Optional metadata shown by `afd plugin list`. */
+  meta?: {
+    name?: string;
+    description?: string;
+    version?: string;
+  };
+}
+
+export interface PluginManifest {
+  name: string;
+  package: string;
+  version: string;
+  description: string;
+  source: "npm";
+  validatorFile: string;
+  installDate: string;
+}
+
+// ── Paths ────────────────────────────────────────────────────────────────────
+
+function pluginsDir(): string {
+  const root = findWorkspaceRoot();
+  return join(root, ".afd", "plugins");
+}
+
+function validatorsDir(): string {
+  const root = findWorkspaceRoot();
+  return join(root, ".afd", "validators");
+}
+
+function manifestPath(name: string): string {
+  return join(pluginsDir(), `${name}.json`);
+}
+
+function wrapperPath(name: string): string {
+  return join(validatorsDir(), `plugin-${name}.js`);
+}
+
+// ── Install ──────────────────────────────────────────────────────────────────
+
+export interface InstallResult {
+  success: boolean;
+  message: string;
+  manifest?: PluginManifest;
+}
+
+export function installPlugin(packageName: string): InstallResult {
+  const root = findWorkspaceRoot();
+
+  // 1. bun add <package>
+  const addResult = spawnSync("bun", ["add", packageName], {
+    cwd: root,
+    encoding: "utf-8",
+    stdio: "pipe",
+  });
+
+  if (addResult.status !== 0) {
+    return { success: false, message: addResult.stderr?.trim() || `Failed to install ${packageName}` };
+  }
+
+  // 2. Resolve installed package entry point
+  let resolvedMain: string;
+  try {
+    resolvedMain = require.resolve(packageName, { paths: [root] });
+  } catch {
+    // Fallback: try node_modules/<package>/index.js
+    const fallback = join(root, "node_modules", packageName, "index.js");
+    if (!existsSync(fallback)) {
+      return { success: false, message: `Cannot resolve entry point for ${packageName}` };
+    }
+    resolvedMain = fallback;
+  }
+
+  // 3. Validate the plugin exports a usable validator
+  let pluginExport: unknown;
+  try {
+    // eslint-disable-next-line @typescript-eslint/no-require-imports
+    pluginExport = require(resolvedMain);
+  } catch (e) {
+    return { success: false, message: `Failed to load plugin: ${(e as Error).message}` };
+  }
+
+  const isDirectFn = typeof pluginExport === "function";
+  const hasValidate = typeof (pluginExport as ValidatorPlugin)?.validate === "function";
+  if (!isDirectFn && !hasValidate) {
+    return {
+      success: false,
+      message: `Plugin must export a function or an object with a validate(newContent, filePath) method`,
+    };
+  }
+
+  // 4. Read package.json for version/description
+  let pkgVersion = "unknown";
+  let pkgDescription = "";
+  try {
+    const pkgJson = JSON.parse(
+      readFileSync(join(root, "node_modules", packageName, "package.json"), "utf-8")
+    );
+    pkgVersion = pkgJson.version ?? "unknown";
+    pkgDescription = pkgJson.description ?? "";
+  } catch { /* best-effort */ }
+
+  // 5. Write wrapper into .afd/validators/
+  mkdirSync(validatorsDir(), { recursive: true });
+  const safeName = packageName.replace(/[^a-zA-Z0-9_-]/g, "-");
+  const wrapper = buildWrapper(packageName, resolvedMain, isDirectFn);
+  writeFileSync(wrapperPath(safeName), wrapper, "utf-8");
+
+  // 6. Write manifest into .afd/plugins/
+  mkdirSync(pluginsDir(), { recursive: true });
+  const manifest: PluginManifest = {
+    name: safeName,
+    package: packageName,
+    version: pkgVersion,
+    description: pkgDescription,
+    source: "npm",
+    validatorFile: `plugin-${safeName}.js`,
+    installDate: new Date().toISOString(),
+  };
+  writeFileSync(manifestPath(safeName), JSON.stringify(manifest, null, 2), "utf-8");
+
+  return {
+    success: true,
+    message: `Installed ${packageName}@${pkgVersion} → .afd/validators/plugin-${safeName}.js`,
+    manifest,
+  };
+}
+
+// ── List ─────────────────────────────────────────────────────────────────────
+
+export function listPlugins(): PluginManifest[] {
+  const dir = pluginsDir();
+  if (!existsSync(dir)) return [];
+  return readdirSync(dir)
+    .filter((f) => f.endsWith(".json"))
+    .map((f) => {
+      try {
+        return JSON.parse(readFileSync(join(dir, f), "utf-8")) as PluginManifest;
+      } catch {
+        return null;
+      }
+    })
+    .filter(Boolean) as PluginManifest[];
+}
+
+// ── Remove ───────────────────────────────────────────────────────────────────
+
+export interface RemoveResult {
+  success: boolean;
+  message: string;
+}
+
+export function removePlugin(name: string): RemoveResult {
+  const safeName = name.replace(/[^a-zA-Z0-9_-]/g, "-");
+  const mPath = manifestPath(safeName);
+  const wPath = wrapperPath(safeName);
+
+  if (!existsSync(mPath)) {
+    return { success: false, message: `Plugin not found: ${name}` };
+  }
+
+  let manifest: PluginManifest;
+  try {
+    manifest = JSON.parse(readFileSync(mPath, "utf-8"));
+  } catch {
+    return { success: false, message: `Corrupt manifest for ${name}` };
+  }
+
+  // Remove wrapper
+  if (existsSync(wPath)) unlinkSync(wPath);
+
+  // Remove manifest
+  unlinkSync(mPath);
+
+  // bun remove <package>
+  const root = findWorkspaceRoot();
+  spawnSync("bun", ["remove", manifest.package], { cwd: root, stdio: "pipe" });
+
+  return { success: true, message: `Removed plugin ${name} (${manifest.package})` };
+}
+
+// ── Wrapper codegen ──────────────────────────────────────────────────────────
+
+function buildWrapper(packageName: string, resolvedMain: string, isDirectFn: boolean): string {
+  const rel = resolve(resolvedMain).replace(/\\/g, "/");
+  return [
+    `// [afd plugin wrapper] package: ${packageName}`,
+    `// Auto-generated — managed by \`afd plugin\`. Do not edit manually.`,
+    `const _plugin = require(${JSON.stringify(rel)});`,
+    `module.exports = function(newContent, filePath) {`,
+    isDirectFn
+      ? `  return _plugin(newContent, filePath);`
+      : `  return _plugin.validate(newContent, filePath);`,
+    `};`,
+    ``,
+  ].join("\n");
+}

package/src/core/rule-suggestion.ts

@@ -0,0 +1,127 @@
+/**
+ * Rule Suggestion Engine — analyzes mistake_history to recommend
+ * auto-validator generation for frequently recurring failure patterns.
+ *
+ * Query strategy: aggregate by (file_path, mistake_type), rank by frequency,
+ * filter out patterns already covered by existing validators.
+ */
+
+import { existsSync, readdirSync, readFileSync } from "fs";
+import { join } from "path";
+import { Database } from "bun:sqlite";
+import { VALIDATORS_DIR } from "../daemon/types";
+
+// ── Types ───────────────────────────────────────────────────────────────────
+
+export interface RuleSuggestion {
+  /** Target file path (workspace-relative) */
+  filePath: string;
+  /** Mistake category (English enum) */
+  mistakeType: string;
+  /** Number of occurrences in the analysis window */
+  frequency: number;
+  /** Most recent occurrence timestamp (epoch ms) */
+  lastSeen: number;
+  /** Representative description from the most recent event */
+  description: string;
+  /** Whether an existing validator already covers this file */
+  alreadyCovered: boolean;
+}
+
+export interface SuggestionOptions {
+  /** Analysis window in days (default: 30) */
+  days?: number;
+  /** Minimum frequency to trigger a suggestion (default: 3) */
+  minFrequency?: number;
+  /** Maximum number of suggestions to return (default: 10) */
+  limit?: number;
+}
+
+// ── Core query ──────────────────────────────────────────────────────────────
+
+/**
+ * Aggregate mistake_history and produce ranked suggestions.
+ */
+export function suggestRules(db: Database, opts: SuggestionOptions = {}): RuleSuggestion[] {
+  const days = opts.days ?? 30;
+  const minFreq = opts.minFrequency ?? 3;
+  const limit = opts.limit ?? 10;
+
+  const cutoffMs = Date.now() - days * 86_400_000;
+
+  // Single query: group by (file_path, mistake_type), count, get latest
+  const rows = db.prepare(`
+    SELECT
+      file_path,
+      mistake_type,
+      COUNT(*) AS frequency,
+      MAX(timestamp) AS last_seen,
+      -- Get the description from the most recent entry
+      (SELECT description FROM mistake_history m2
+       WHERE m2.file_path = m1.file_path AND m2.mistake_type = m1.mistake_type
+       ORDER BY m2.timestamp DESC LIMIT 1) AS description
+    FROM mistake_history m1
+    WHERE timestamp >= ?
+    GROUP BY file_path, mistake_type
+    HAVING COUNT(*) >= ?
+    ORDER BY frequency DESC, last_seen DESC
+    LIMIT ?
+  `).all(cutoffMs, minFreq, limit) as {
+    file_path: string;
+    mistake_type: string;
+    frequency: number;
+    last_seen: number;
+    description: string;
+  }[];
+
+  const coveredFiles = getExistingValidatorTargets();
+
+  return rows.map(row => ({
+    filePath: row.file_path,
+    mistakeType: row.mistake_type,
+    frequency: row.frequency,
+    lastSeen: row.last_seen,
+    description: row.description,
+    alreadyCovered: coveredFiles.has(row.file_path),
+  }));
+}
+
+// ── Validator coverage detection ────────────────────────────────────────────
+
+/**
+ * Scan existing `.afd/validators/*.js` files and extract the file targets
+ * they protect (by parsing the `endsWith("...")` pattern in the source).
+ */
+function getExistingValidatorTargets(): Set<string> {
+  const targets = new Set<string>();
+  const dir = VALIDATORS_DIR;
+  if (!existsSync(dir)) return targets;
+
+  let files: string[];
+  try { files = readdirSync(dir).filter(f => f.endsWith(".js")); } catch { return targets; }
+
+  for (const file of files) {
+    try {
+      const code = readFileSync(join(dir, file), "utf-8");
+      // Extract endsWith("...") targets from generated validators
+      const matches = code.matchAll(/endsWith\(["']([^"']+)["']\)/g);
+      for (const m of matches) {
+        targets.add(m[1]);
+      }
+    } catch {
+      // skip unreadable files
+    }
+  }
+  return targets;
+}
+
+/**
+ * Check if a specific file path is already covered by a validator.
+ */
+export function isFileCovered(filePath: string, coveredTargets?: Set<string>): boolean {
+  const targets = coveredTargets ?? getExistingValidatorTargets();
+  for (const target of targets) {
+    if (filePath.endsWith(target)) return true;
+  }
+  return false;
+}

package/src/core/validator-generator.ts

@@ -0,0 +1,224 @@
+/**
+ * Auto-Validator Generator — converts quarantine failure patterns into
+ * executable `.js` validator scripts for `.afd/validators/`.
+ *
+ * Strategy: template-based code generation with heuristic pattern detection.
+ * Each quarantine lesson is classified into a failure category, then a
+ * category-specific template emits a self-contained validator function.
+ */
+
+import { existsSync, readFileSync, writeFileSync, mkdirSync } from "fs";
+import { join, extname } from "path";
+import { VALIDATORS_DIR } from "../daemon/types";
+
+// ── Header stamped on every generated validator ─────────────────────────────
+
+const AUTO_HEADER = "// [afd auto-generated validator] DO NOT EDIT — regenerate with `afd evolution --generate`\n";
+
+// ── Pattern classification ──────────────────────────────────────────────────
+
+type ValidatorCategory =
+  | "prevent-deletion"
+  | "prevent-empty"
+  | "prevent-truncation"
+  | "require-valid-json"
+  | "prevent-corruption";
+
+interface ClassifiedPattern {
+  category: ValidatorCategory;
+  /** The file path or glob that this validator targets */
+  target: string;
+  /** Extra context for the template (e.g. minimum line count) */
+  meta: Record<string, string | number>;
+}
+
+interface GeneratorResult {
+  filename: string;
+  written: boolean;
+  reason: string;
+}
+
+/**
+ * Classify a quarantine lesson into a generator category.
+ */
+function classify(
+  failureType: "corruption" | "deletion",
+  originalPath: string,
+  corruptedContent: string,
+  restoredContent: string | null,
+): ClassifiedPattern {
+  const target = originalPath;
+
+  if (failureType === "deletion") {
+    return { category: "prevent-deletion", target, meta: {} };
+  }
+
+  // Empty file
+  if (corruptedContent.trim().length === 0) {
+    return { category: "prevent-empty", target, meta: {} };
+  }
+
+  // Severe truncation (>90% content loss)
+  if (restoredContent && corruptedContent.length < restoredContent.length * 0.1) {
+    const minLines = restoredContent.split("\n").length;
+    return { category: "prevent-truncation", target, meta: { minLines: Math.max(1, Math.floor(minLines * 0.3)) } };
+  }
+
+  // JSON syntax error
+  if (originalPath.endsWith(".json")) {
+    try {
+      JSON.parse(corruptedContent);
+    } catch {
+      return { category: "require-valid-json", target, meta: {} };
+    }
+  }
+
+  // Generic corruption fallback
+  return { category: "prevent-corruption", target, meta: {} };
+}
+
+// ── Template emitters ───────────────────────────────────────────────────────
+
+function emitPreventDeletion(target: string): string {
+  return `${AUTO_HEADER}
+// Prevents deletion or complete emptying of: ${target}
+module.exports = function(newContent, filePath) {
+  if (!filePath.endsWith(${JSON.stringify(normalizeTarget(target))})) return false;
+  // Content marked as DELETED or completely empty → corruption
+  if (!newContent || newContent.trim().length === 0) return true;
+  if (newContent.trim() === "DELETED") return true;
+  return false;
+};
+`;
+}
+
+function emitPreventEmpty(target: string): string {
+  return `${AUTO_HEADER}
+// Prevents emptying of: ${target}
+module.exports = function(newContent, filePath) {
+  if (!filePath.endsWith(${JSON.stringify(normalizeTarget(target))})) return false;
+  if (!newContent || newContent.trim().length === 0) return true;
+  return false;
+};
+`;
+}
+
+function emitPreventTruncation(target: string, minLines: number): string {
+  return `${AUTO_HEADER}
+// Prevents severe truncation of: ${target} (minimum ${minLines} lines)
+module.exports = function(newContent, filePath) {
+  if (!filePath.endsWith(${JSON.stringify(normalizeTarget(target))})) return false;
+  if (!newContent) return true;
+  var lineCount = newContent.split("\\n").length;
+  if (lineCount < ${minLines}) return true;
+  return false;
+};
+`;
+}
+
+function emitRequireValidJson(target: string): string {
+  return `${AUTO_HEADER}
+// Ensures valid JSON syntax for: ${target}
+module.exports = function(newContent, filePath) {
+  if (!filePath.endsWith(${JSON.stringify(normalizeTarget(target))})) return false;
+  if (!newContent || newContent.trim().length === 0) return true;
+  try {
+    JSON.parse(newContent);
+    return false;
+  } catch (e) {
+    return true;
+  }
+};
+`;
+}
+
+function emitPreventCorruption(target: string): string {
+  return `${AUTO_HEADER}
+// Generic corruption guard for: ${target}
+module.exports = function(newContent, filePath) {
+  if (!filePath.endsWith(${JSON.stringify(normalizeTarget(target))})) return false;
+  // Block empty or near-empty overwrites
+  if (!newContent || newContent.trim().length < 5) return true;
+  return false;
+};
+`;
+}
+
+/** Normalize path to a suffix for endsWith matching (forward slashes) */
+function normalizeTarget(p: string): string {
+  return p.replace(/\\/g, "/");
+}
+
+// ── Public API ──────────────────────────────────────────────────────────────
+
+export interface ValidatorGenInput {
+  failureType: "corruption" | "deletion";
+  originalPath: string;
+  corruptedContent: string;
+  restoredContent: string | null;
+}
+
+/**
+ * Generate a single validator from a quarantine pattern.
+ * Returns the filename and whether it was written (skips if user-modified).
+ */
+export function generateValidator(input: ValidatorGenInput, baseDir?: string): GeneratorResult {
+  const dir = baseDir ?? VALIDATORS_DIR;
+  mkdirSync(dir, { recursive: true });
+
+  const pattern = classify(input.failureType, input.originalPath, input.corruptedContent, input.restoredContent);
+  const filename = buildFilename(pattern);
+  const filepath = join(dir, filename);
+
+  // Safety: do not overwrite user-modified validators
+  if (existsSync(filepath)) {
+    const existing = readFileSync(filepath, "utf-8");
+    if (!existing.startsWith(AUTO_HEADER)) {
+      return { filename, written: false, reason: "user-modified" };
+    }
+  }
+
+  let code: string;
+  switch (pattern.category) {
+    case "prevent-deletion":
+      code = emitPreventDeletion(pattern.target);
+      break;
+    case "prevent-empty":
+      code = emitPreventEmpty(pattern.target);
+      break;
+    case "prevent-truncation":
+      code = emitPreventTruncation(pattern.target, (pattern.meta.minLines as number) || 5);
+      break;
+    case "require-valid-json":
+      code = emitRequireValidJson(pattern.target);
+      break;
+    case "prevent-corruption":
+      code = emitPreventCorruption(pattern.target);
+      break;
+  }
+
+  writeFileSync(filepath, code, "utf-8");
+  return { filename, written: true, reason: "generated" };
+}
+
+/**
+ * Generate validators for all provided quarantine lessons.
+ * Returns summary of generated files.
+ */
+export function generateValidators(inputs: ValidatorGenInput[], baseDir?: string): GeneratorResult[] {
+  return inputs.map(input => generateValidator(input, baseDir));
+}
+
+function buildFilename(pattern: ClassifiedPattern): string {
+  // Produce a descriptive filename from the target path
+  const ext = extname(pattern.target);
+  const base = pattern.target
+    .replace(/^\./, "")          // strip leading dot
+    .replace(/[/\\]/g, "-")     // path separators to dashes
+    .replace(ext, "")            // strip extension
+    .replace(/[^a-zA-Z0-9-]/g, "-")
+    .replace(/-+/g, "-")
+    .replace(/^-|-$/g, "");
+
+  return `auto-${pattern.category}-${base}${ext ? "-" + ext.slice(1) : ""}.js`;
+}

package/src/core/workspace.ts

@@ -1,28 +1,28 @@
-import { existsSync } from "fs";
-import { join, dirname, resolve } from "path";
-
-/**
- * Walk upward from `from` to find the nearest directory containing `.afd/` or `.git/`.
- * Returns the absolute workspace root path, or falls back to `from` itself.
- */
-export function findWorkspaceRoot(from: string = process.cwd()): string {
-  let dir = resolve(from);
-  const root = dirname(dir) === dir ? dir : undefined; // filesystem root guard
-
-  while (true) {
-    if (existsSync(join(dir, ".afd")) || existsSync(join(dir, ".git"))) {
-      return dir;
-    }
-    const parent = dirname(dir);
-    if (parent === dir) break; // reached filesystem root
-    dir = parent;
-  }
-
-  // Fallback: return original directory
-  return resolve(from);
-}
-
-/** Resolve an `.afd/`-relative path against the workspace root */
-export function resolveAfdPath(relativePath: string, from?: string): string {
-  return join(findWorkspaceRoot(from), relativePath);
-}
+import { existsSync } from "fs";
+import { join, dirname, resolve } from "path";
+
+/**
+ * Walk upward from `from` to find the nearest directory containing `.afd/` or `.git/`.
+ * Returns the absolute workspace root path, or falls back to `from` itself.
+ */
+export function findWorkspaceRoot(from: string = process.cwd()): string {
+  let dir = resolve(from);
+  const root = dirname(dir) === dir ? dir : undefined; // filesystem root guard
+
+  while (true) {
+    if (existsSync(join(dir, ".afd")) || existsSync(join(dir, ".git"))) {
+      return dir;
+    }
+    const parent = dirname(dir);
+    if (parent === dir) break; // reached filesystem root
+    dir = parent;
+  }
+
+  // Fallback: return original directory
+  return resolve(from);
+}
+
+/** Resolve an `.afd/`-relative path against the workspace root */
+export function resolveAfdPath(relativePath: string, from?: string): string {
+  return join(findWorkspaceRoot(from), relativePath);
+}