autosnippet 2.0.2 → 2.4.0

package/lib/infrastructure/logging/ReasoningLogger.js

@@ -1,269 +0,0 @@
-/**
- * ReasoningLogger - 透明推理日志系统
- * 
- * 记录 AI 操作的完整推理过程，包括：
- * - Candidate 提交时的推理上下文
- * - Guard 检查时的规则匹配过程
- * - 搜索时的排名决策
- * 
- * 所有推理日志不可篡改，存储在 SQLite 中
- */
-
-import { v4 as uuidv4 } from 'uuid';
-import Logger from '../logging/Logger.js';
-
-export class ReasoningLogger {
-  constructor(db) {
-    this.db = typeof db?.getDb === 'function' ? db.getDb() : db;
-    this.logger = Logger.getInstance();
-    this._ensureTable();
-  }
-
-  _ensureTable() {
-    this.db.exec(`
-      CREATE TABLE IF NOT EXISTS reasoning_logs (
-        id TEXT PRIMARY KEY,
-        type TEXT NOT NULL,
-        actor TEXT NOT NULL,
-        resource_type TEXT,
-        resource_id TEXT,
-        reasoning_json TEXT NOT NULL DEFAULT '{}',
-        quality_score REAL DEFAULT 0,
-        context_json TEXT DEFAULT '{}',
-        created_at INTEGER NOT NULL
-      )
-    `);
-    this.db.exec(`CREATE INDEX IF NOT EXISTS idx_reasoning_logs_type ON reasoning_logs(type)`);
-    this.db.exec(`CREATE INDEX IF NOT EXISTS idx_reasoning_logs_actor ON reasoning_logs(actor)`);
-    this.db.exec(`CREATE INDEX IF NOT EXISTS idx_reasoning_logs_created ON reasoning_logs(created_at)`);
-  }
-
-  /**
-   * 记录 Candidate 推理过程
-   */
-  logCandidateReasoning(candidate, actor, context = {}) {
-    const reasoning = candidate.reasoning || {};
-    const qualityScore = this._assessReasoningQuality(reasoning);
-
-    return this._insert({
-      type: 'candidate_reasoning',
-      actor,
-      resourceType: 'candidate',
-      resourceId: candidate.id,
-      reasoning: {
-        whyStandard: reasoning.whyStandard || '',
-        sources: reasoning.sources || [],
-        qualitySignals: reasoning.qualitySignals || {},
-        alternatives: reasoning.alternatives || [],
-        confidence: reasoning.confidence || 0,
-        assessment: {
-          completeness: this._assessCompleteness(reasoning),
-          sourceQuality: this._assessSourceQuality(reasoning),
-          overall: qualityScore,
-        },
-      },
-      qualityScore,
-      context,
-    });
-  }
-
-  /**
-   * 记录 Guard 规则匹配推理
-   */
-  logGuardReasoning(code, matchedRules, actor, context = {}) {
-    return this._insert({
-      type: 'guard_reasoning',
-      actor,
-      resourceType: 'code_check',
-      resourceId: context.fileId || null,
-      reasoning: {
-        codeLength: code.length,
-        rulesChecked: matchedRules.length,
-        violations: matchedRules.map(r => ({
-          ruleId: r.ruleId || r.id,
-          ruleName: r.name,
-          severity: r.severity,
-          matchCount: r.matches?.length || 0,
-          sourceRecipeId: r.sourceRecipeId,
-        })),
-        checkDuration: context.duration,
-      },
-      qualityScore: 0,
-      context,
-    });
-  }
-
-  /**
-   * 记录搜索排名推理
-   */
-  logSearchReasoning(query, results, rankingFactors, actor, context = {}) {
-    return this._insert({
-      type: 'search_reasoning',
-      actor,
-      resourceType: 'search',
-      resourceId: null,
-      reasoning: {
-        query,
-        resultCount: results.length,
-        topResults: results.slice(0, 5).map(r => ({
-          id: r.id,
-          score: r.score,
-          title: r.title,
-        })),
-        rankingFactors,
-      },
-      qualityScore: 0,
-      context,
-    });
-  }
-
-  /**
-   * 查询推理日志
-   */
-  query(filters = {}, pagination = { page: 1, pageSize: 20 }) {
-    const conditions = ['1=1'];
-    const params = [];
-
-    if (filters.type) {
-      conditions.push('type = ?');
-      params.push(filters.type);
-    }
-    if (filters.actor) {
-      conditions.push('actor = ?');
-      params.push(filters.actor);
-    }
-    if (filters.resourceType) {
-      conditions.push('resource_type = ?');
-      params.push(filters.resourceType);
-    }
-    if (filters.resourceId) {
-      conditions.push('resource_id = ?');
-      params.push(filters.resourceId);
-    }
-    if (filters.minQuality !== undefined) {
-      conditions.push('quality_score >= ?');
-      params.push(filters.minQuality);
-    }
-    if (filters.since) {
-      conditions.push('created_at >= ?');
-      params.push(filters.since);
-    }
-
-    const offset = (pagination.page - 1) * pagination.pageSize;
-    const where = conditions.join(' AND ');
-
-    const rows = this.db.prepare(
-      `SELECT * FROM reasoning_logs WHERE ${where} ORDER BY created_at DESC LIMIT ? OFFSET ?`
-    ).all(...params, pagination.pageSize, offset);
-
-    const countRow = this.db.prepare(
-      `SELECT COUNT(*) as total FROM reasoning_logs WHERE ${where}`
-    ).get(...params);
-
-    return {
-      items: rows.map(this._mapRow),
-      total: countRow.total,
-      page: pagination.page,
-      pageSize: pagination.pageSize,
-    };
-  }
-
-  /**
-   * 获取推理质量统计
-   */
-  getQualityStats(since = null) {
-    const params = [];
-    let where = '1=1';
-    if (since) {
-      where = 'created_at >= ?';
-      params.push(since);
-    }
-
-    const stats = this.db.prepare(`
-      SELECT 
-        type,
-        COUNT(*) as count,
-        AVG(quality_score) as avg_quality,
-        MIN(quality_score) as min_quality,
-        MAX(quality_score) as max_quality
-      FROM reasoning_logs 
-      WHERE ${where}
-      GROUP BY type
-    `).all(...params);
-
-    return stats;
-  }
-
-  // ========== Private Methods ==========
-
-  _insert({ type, actor, resourceType, resourceId, reasoning, qualityScore, context }) {
-    const id = uuidv4();
-    const now = Math.floor(Date.now() / 1000);
-
-    this.db.prepare(`
-      INSERT INTO reasoning_logs (id, type, actor, resource_type, resource_id, reasoning_json, quality_score, context_json, created_at)
-      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
-    `).run(id, type, actor, resourceType, resourceId, JSON.stringify(reasoning), qualityScore, JSON.stringify(context), now);
-
-    return { id, type, actor, qualityScore, createdAt: now };
-  }
-
-  _mapRow(row) {
-    return {
-      id: row.id,
-      type: row.type,
-      actor: row.actor,
-      resourceType: row.resource_type,
-      resourceId: row.resource_id,
-      reasoning: JSON.parse(row.reasoning_json || '{}'),
-      qualityScore: row.quality_score,
-      context: JSON.parse(row.context_json || '{}'),
-      createdAt: row.created_at,
-    };
-  }
-
-  /**
-   * 评估推理质量（0-1）
-   */
-  _assessReasoningQuality(reasoning) {
-    if (!reasoning) return 0;
-
-    const completeness = this._assessCompleteness(reasoning);
-    const sourceQuality = this._assessSourceQuality(reasoning);
-    const confidenceScore = typeof reasoning.confidence === 'number' ? reasoning.confidence : 0;
-
-    // 权重: 完整性 40%, 来源质量 35%, 置信度 25%
-    return Math.round((completeness * 0.4 + sourceQuality * 0.35 + confidenceScore * 0.25) * 100) / 100;
-  }
-
-  _assessCompleteness(reasoning) {
-    if (!reasoning) return 0;
-    let score = 0;
-    if (reasoning.whyStandard && reasoning.whyStandard.length > 10) score += 0.3;
-    if (Array.isArray(reasoning.sources) && reasoning.sources.length > 0) score += 0.25;
-    if (reasoning.qualitySignals && Object.keys(reasoning.qualitySignals).length > 0) score += 0.2;
-    if (Array.isArray(reasoning.alternatives) && reasoning.alternatives.length > 0) score += 0.15;
-    if (typeof reasoning.confidence === 'number') score += 0.1;
-    return Math.min(1, score);
-  }
-
-  _assessSourceQuality(reasoning) {
-    if (!reasoning || !Array.isArray(reasoning.sources) || reasoning.sources.length === 0) return 0;
-    // 多来源 + 来源有类型或链接 → 较高质量
-    const count = Math.min(reasoning.sources.length, 5);
-    return count / 5;
-  }
-}
-
-let instance = null;
-
-export function initReasoningLogger(db) {
-  instance = new ReasoningLogger(db);
-  return instance;
-}
-
-export function getReasoningLogger() {
-  return instance;
-}
-
-export default ReasoningLogger;

package/lib/infrastructure/monitoring/RoleDriftMonitor.js

@@ -1,259 +0,0 @@
-/**
- * RoleDriftMonitor - 角色漂移检测系统
- * 
- * 功能：
- * - 监控 AI 角色切换行为
- * - 检测非法角色转移
- * - 记录漂移事件供审计
- * - 提供角色稳定性评分
- */
-
-import Logger from '../logging/Logger.js';
-
-/**
- * 角色转移矩阵
- * 定义每个角色允许转移到哪些角色
- */
-const ALLOWED_TRANSITIONS = {
-  cursor_agent: ['cursor_agent'],
-  asd_ais: ['asd_ais'],
-  guard_engine: ['guard_engine'],
-  developer_admin: ['developer_admin', 'developer_contributor'],
-  developer_contributor: ['developer_contributor'],
-};
-
-/**
- * 角色能力边界
- * 每个角色可以执行的 action 前缀
- */
-const ROLE_CAPABILITIES = {
-  cursor_agent: ['candidate:create', 'candidate:list', 'candidate:search', 'recipe:list', 'recipe:search', 'recipe:get', 'recipe:guard_check', 'search:query'],
-  asd_ais: ['candidate:create', 'candidate:list', 'candidate:search', 'recipe:list', 'recipe:search', 'search:query'],
-  guard_engine: ['recipe:guard_check', 'recipe:list', 'recipe:get'],
-  developer_admin: ['*'],
-  developer_contributor: ['candidate:create', 'candidate:list', 'candidate:approve', 'candidate:reject', 'recipe:create', 'recipe:list', 'recipe:search', 'recipe:publish', 'recipe:guard_create', 'search:query'],
-};
-
-export class RoleDriftMonitor {
-  constructor(db) {
-    this.db = typeof db?.getDb === 'function' ? db.getDb() : db;
-    this.logger = Logger.getInstance();
-    this.sessionRoles = new Map(); // sessionId → { currentRole, history[], driftCount }
-    this._ensureTable();
-  }
-
-  _ensureTable() {
-    this.db.exec(`
-      CREATE TABLE IF NOT EXISTS role_drift_events (
-        id INTEGER PRIMARY KEY AUTOINCREMENT,
-        session_id TEXT NOT NULL,
-        actor TEXT NOT NULL,
-        from_role TEXT,
-        to_role TEXT,
-        action_attempted TEXT,
-        drift_type TEXT NOT NULL,
-        severity TEXT NOT NULL DEFAULT 'warning',
-        details_json TEXT DEFAULT '{}',
-        created_at INTEGER NOT NULL
-      )
-    `);
-    this.db.exec(`CREATE INDEX IF NOT EXISTS idx_drift_session ON role_drift_events(session_id)`);
-    this.db.exec(`CREATE INDEX IF NOT EXISTS idx_drift_actor ON role_drift_events(actor)`);
-  }
-
-  /**
-   * 检查角色行为是否合法
-   * @param {string} actor - 角色 ID
-   * @param {string} action - 尝试执行的操作
-   * @param {string} sessionId - 会话 ID
-   * @returns {{ allowed: boolean, drift?: object }}
-   */
-  checkAction(actor, action, sessionId) {
-    // 获取角色能力
-    const capabilities = ROLE_CAPABILITIES[actor];
-    if (!capabilities) {
-      const drift = this._recordDrift(sessionId, actor, null, null, action, 'unknown_role', 'error');
-      return { allowed: false, drift };
-    }
-
-    // 通配符 (admin)
-    if (capabilities.includes('*')) {
-      return { allowed: true };
-    }
-
-    // 检查 action 是否在角色能力范围内
-    const isAllowed = capabilities.some(cap => {
-      if (cap === action) return true;
-      // 前缀匹配: 'candidate:*' 匹配 'candidate:create'
-      if (cap.endsWith(':*')) {
-        return action.startsWith(cap.slice(0, -1));
-      }
-      return false;
-    });
-
-    if (!isAllowed) {
-      const drift = this._recordDrift(
-        sessionId, actor, actor, actor, action,
-        'capability_violation', 'warning'
-      );
-      return { allowed: false, drift };
-    }
-
-    return { allowed: true };
-  }
-
-  /**
-   * 检查角色转移是否合法
-   * @param {string} sessionId - 会话 ID
-   * @param {string} currentRole - 当前角色
-   * @param {string} nextRole - 目标角色
-   * @returns {{ allowed: boolean, drift?: object }}
-   */
-  checkRoleTransition(sessionId, currentRole, nextRole) {
-    if (currentRole === nextRole) return { allowed: true };
-
-    const allowed = ALLOWED_TRANSITIONS[currentRole];
-    if (!allowed || !allowed.includes(nextRole)) {
-      const drift = this._recordDrift(
-        sessionId, currentRole, currentRole, nextRole, null,
-        'illegal_transition', 'error'
-      );
-      return { allowed: false, drift };
-    }
-
-    return { allowed: true };
-  }
-
-  /**
-   * 获取会话的漂移统计
-   */
-  getSessionDriftStats(sessionId) {
-    const events = this.db.prepare(
-      `SELECT drift_type, severity, COUNT(*) as count FROM role_drift_events WHERE session_id = ? GROUP BY drift_type, severity`
-    ).all(sessionId);
-
-    const total = events.reduce((sum, e) => sum + e.count, 0);
-    const errorCount = events.filter(e => e.severity === 'error').reduce((s, e) => s + e.count, 0);
-
-    return {
-      sessionId,
-      totalDrifts: total,
-      errorDrifts: errorCount,
-      warningDrifts: total - errorCount,
-      stability: total === 0 ? 1.0 : Math.max(0, 1 - total * 0.1),
-      byType: events,
-    };
-  }
-
-  /**
-   * 获取全局漂移统计
-   */
-  getGlobalStats(since = null) {
-    const params = [];
-    let where = '1=1';
-    if (since) {
-      where = 'created_at >= ?';
-      params.push(since);
-    }
-
-    const stats = this.db.prepare(`
-      SELECT 
-        actor,
-        drift_type,
-        severity,
-        COUNT(*) as count
-      FROM role_drift_events 
-      WHERE ${where}
-      GROUP BY actor, drift_type, severity
-      ORDER BY count DESC
-    `).all(...params);
-
-    const total = this.db.prepare(
-      `SELECT COUNT(*) as total FROM role_drift_events WHERE ${where}`
-    ).get(...params);
-
-    return {
-      totalDrifts: total.total,
-      byActor: stats,
-    };
-  }
-
-  /**
-   * 获取最近的漂移事件
-   */
-  getRecentDrifts(limit = 20) {
-    const rows = this.db.prepare(
-      `SELECT * FROM role_drift_events ORDER BY created_at DESC LIMIT ?`
-    ).all(limit);
-
-    return rows.map(r => ({
-      id: r.id,
-      sessionId: r.session_id,
-      actor: r.actor,
-      fromRole: r.from_role,
-      toRole: r.to_role,
-      actionAttempted: r.action_attempted,
-      driftType: r.drift_type,
-      severity: r.severity,
-      details: JSON.parse(r.details_json || '{}'),
-      createdAt: r.created_at,
-    }));
-  }
-
-  // ========== Private ==========
-
-  _recordDrift(sessionId, actor, fromRole, toRole, action, driftType, severity) {
-    const now = Math.floor(Date.now() / 1000);
-    const details = { timestamp: now };
-
-    this.db.prepare(`
-      INSERT INTO role_drift_events (session_id, actor, from_role, to_role, action_attempted, drift_type, severity, details_json, created_at)
-      VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
-    `).run(sessionId || 'unknown', actor, fromRole, toRole, action, driftType, severity, JSON.stringify(details), now);
-
-    this.logger.warn('Role drift detected', {
-      sessionId, actor, fromRole, toRole, action, driftType, severity,
-    });
-
-    return { driftType, severity, actor, fromRole, toRole, action };
-  }
-}
-
-/**
- * Gateway 插件：角色漂移检测
- */
-export function createRoleDriftPlugin(roleDriftMonitor) {
-  return {
-    name: 'RoleDriftPlugin',
-    async pre(context) {
-      // Monitor-only: log drift events but don't block
-      // Authorization is handled by PermissionManager
-      const result = roleDriftMonitor.checkAction(
-        context.actor,
-        context.action,
-        context.session || 'default'
-      );
-      if (!result.allowed && result.drift) {
-        // 仅记录漂移事件，不阻断请求
-        roleDriftMonitor.logger.warn('Role drift detected', {
-          actor: context.actor,
-          action: context.action,
-          driftType: result.drift.driftType,
-        });
-      }
-    },
-  };
-}
-
-let instance = null;
-
-export function initRoleDriftMonitor(db) {
-  instance = new RoleDriftMonitor(db);
-  return instance;
-}
-
-export function getRoleDriftMonitor() {
-  return instance;
-}
-
-export default RoleDriftMonitor;