chainlesschain 0.37.12 → 0.40.1

package/src/lib/compliance-manager.js

@@ -0,0 +1,290 @@
+/**
+ * Compliance Manager — evidence collection, report generation,
+ * data classification, compliance scanning, and policy management.
+ */
+
+import crypto from "crypto";
+
+/* ── In-memory stores ──────────────────────────────────────── */
+const _evidence = new Map();
+const _reports = new Map();
+const _policies = new Map();
+
+const FRAMEWORKS = ["gdpr", "soc2", "hipaa", "iso27001"];
+const POLICY_TYPES = [
+  "retention",
+  "access_control",
+  "encryption",
+  "data_classification",
+  "audit_trail",
+];
+
+/* ── Schema ────────────────────────────────────────────────── */
+
+export function ensureComplianceTables(db) {
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS compliance_evidence (
+      id TEXT PRIMARY KEY,
+      framework TEXT NOT NULL,
+      type TEXT,
+      description TEXT,
+      source TEXT,
+      status TEXT DEFAULT 'collected',
+      collected_at TEXT DEFAULT (datetime('now'))
+    )
+  `);
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS compliance_reports (
+      id TEXT PRIMARY KEY,
+      framework TEXT NOT NULL,
+      title TEXT,
+      summary TEXT,
+      score REAL DEFAULT 0,
+      content TEXT,
+      generated_at TEXT DEFAULT (datetime('now'))
+    )
+  `);
+  db.exec(`
+    CREATE TABLE IF NOT EXISTS compliance_policies (
+      id TEXT PRIMARY KEY,
+      name TEXT NOT NULL,
+      type TEXT,
+      framework TEXT,
+      rules TEXT,
+      enabled INTEGER DEFAULT 1,
+      severity TEXT DEFAULT 'medium',
+      created_at TEXT DEFAULT (datetime('now'))
+    )
+  `);
+}
+
+/* ── Evidence Collection ──────────────────────────────────── */
+
+export function collectEvidence(db, framework, type, description, source) {
+  if (!framework) throw new Error("Framework is required");
+  if (!FRAMEWORKS.includes(framework)) {
+    throw new Error(
+      `Unknown framework: ${framework}. Valid: ${FRAMEWORKS.join(", ")}`,
+    );
+  }
+
+  const id = crypto.randomUUID();
+  const now = new Date().toISOString();
+
+  const evidence = {
+    id,
+    framework,
+    type: type || "general",
+    description: description || "",
+    source: source || "cli",
+    status: "collected",
+    collectedAt: now,
+  };
+
+  _evidence.set(id, evidence);
+
+  db.prepare(
+    `INSERT INTO compliance_evidence (id, framework, type, description, source, status, collected_at)
+     VALUES (?, ?, ?, ?, ?, ?, ?)`,
+  ).run(
+    id,
+    framework,
+    evidence.type,
+    evidence.description,
+    evidence.source,
+    "collected",
+    now,
+  );
+
+  return evidence;
+}
+
+/* ── Report Generation ────────────────────────────────────── */
+
+export function generateReport(db, framework, title) {
+  if (!framework) throw new Error("Framework is required");
+
+  const id = crypto.randomUUID();
+  const now = new Date().toISOString();
+
+  const evidenceList = [..._evidence.values()].filter(
+    (e) => e.framework === framework,
+  );
+  const policyList = [..._policies.values()].filter(
+    (p) => p.framework === framework && p.enabled,
+  );
+
+  const score =
+    policyList.length > 0 ? Math.min(100, evidenceList.length * 20) : 0;
+
+  const report = {
+    id,
+    framework,
+    title: title || `${framework.toUpperCase()} Compliance Report`,
+    summary: `${evidenceList.length} evidence items, ${policyList.length} active policies`,
+    score,
+    content: { evidence: evidenceList.length, policies: policyList.length },
+    generatedAt: now,
+  };
+
+  _reports.set(id, report);
+
+  db.prepare(
+    `INSERT INTO compliance_reports (id, framework, title, summary, score, content, generated_at)
+     VALUES (?, ?, ?, ?, ?, ?, ?)`,
+  ).run(
+    id,
+    framework,
+    report.title,
+    report.summary,
+    score,
+    JSON.stringify(report.content),
+    now,
+  );
+
+  return report;
+}
+
+/* ── Data Classification ────────────────────────────────────── */
+
+export function classifyData(content) {
+  if (!content) throw new Error("Content is required");
+
+  const patterns = {
+    pii: /\b\d{3}-\d{2}-\d{4}\b|\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z]{2,}\b/i,
+    financial:
+      /\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b|\baccount\s*#?\s*\d+/i,
+    health: /\bdiagnosis\b|\bpatient\b|\bmedical\b|\bprescription\b/i,
+  };
+
+  const classifications = [];
+  for (const [type, regex] of Object.entries(patterns)) {
+    if (regex.test(content)) {
+      classifications.push(type);
+    }
+  }
+
+  return {
+    hasClassifiedData: classifications.length > 0,
+    classifications,
+    sensitivity:
+      classifications.length > 1
+        ? "high"
+        : classifications.length === 1
+          ? "medium"
+          : "low",
+  };
+}
+
+/* ── Compliance Scanning ──────────────────────────────────── */
+
+export function scanCompliance(db, framework) {
+  if (!framework) throw new Error("Framework is required");
+
+  const policies = [..._policies.values()].filter(
+    (p) => p.framework === framework && p.enabled,
+  );
+  const evidence = [..._evidence.values()].filter(
+    (e) => e.framework === framework,
+  );
+
+  const checks = policies.map((policy) => {
+    const relatedEvidence = evidence.filter((e) => e.type === policy.type);
+    return {
+      policyId: policy.id,
+      policyName: policy.name,
+      status: relatedEvidence.length > 0 ? "pass" : "fail",
+      evidenceCount: relatedEvidence.length,
+    };
+  });
+
+  const passed = checks.filter((c) => c.status === "pass").length;
+  const total = checks.length;
+  const score = total > 0 ? Math.round((passed / total) * 100) : 0;
+
+  return { framework, score, total, passed, failed: total - passed, checks };
+}
+
+/* ── Policy Management ────────────────────────────────────── */
+
+export function listPolicies(db, filter = {}) {
+  let policies = [..._policies.values()];
+  if (filter.framework) {
+    policies = policies.filter((p) => p.framework === filter.framework);
+  }
+  if (filter.type) {
+    policies = policies.filter((p) => p.type === filter.type);
+  }
+  return policies;
+}
+
+export function addPolicy(db, name, type, framework, rules, severity) {
+  if (!name) throw new Error("Policy name is required");
+  if (!POLICY_TYPES.includes(type)) {
+    throw new Error(
+      `Invalid policy type: ${type}. Valid: ${POLICY_TYPES.join(", ")}`,
+    );
+  }
+  if (!FRAMEWORKS.includes(framework)) {
+    throw new Error(`Invalid framework: ${framework}`);
+  }
+
+  const id = crypto.randomUUID();
+  const now = new Date().toISOString();
+
+  const policy = {
+    id,
+    name,
+    type,
+    framework,
+    rules: rules || {},
+    enabled: true,
+    severity: severity || "medium",
+    createdAt: now,
+  };
+
+  _policies.set(id, policy);
+
+  db.prepare(
+    `INSERT INTO compliance_policies (id, name, type, framework, rules, enabled, severity, created_at)
+     VALUES (?, ?, ?, ?, ?, ?, ?, ?)`,
+  ).run(
+    id,
+    name,
+    type,
+    framework,
+    JSON.stringify(rules || {}),
+    1,
+    policy.severity,
+    now,
+  );
+
+  return policy;
+}
+
+/* ── Access Check ─────────────────────────────────────────── */
+
+export function checkAccess(resource, action, role) {
+  // Simplified RBAC check
+  const allowedRoles = {
+    admin: ["read", "write", "delete", "audit"],
+    auditor: ["read", "audit"],
+    user: ["read"],
+  };
+
+  const allowed = allowedRoles[role] || [];
+  return {
+    resource,
+    action,
+    role,
+    granted: allowed.includes(action),
+  };
+}
+
+/* ── Reset (for testing) ───────────────────────────────────── */
+
+export function _resetState() {
+  _evidence.clear();
+  _reports.clear();
+  _policies.clear();
+}

package/src/lib/content-recommender.js

@@ -0,0 +1,205 @@
+/**
+ * CLI Content Recommender — tool similarity, chain detection, and skill matching.
+ *
+ * Uses TF-IDF for tool feature extraction and cosine similarity,
+ * plus sequential chain frequency for next-tool prediction.
+ * BM25 for skill recommendation.
+ */
+
+import { BM25Search } from "./bm25-search.js";
+
+// Exported for test injection
+export const _deps = {
+  BM25Search,
+};
+
+export class CLIContentRecommender {
+  constructor() {
+    this._toolFeatures = new Map(); // tool → feature vector
+    this._toolUsageLog = []; // sequential tool usage log
+    this._chainFrequency = new Map(); // "toolA→toolB" → count
+    this._skillIndex = null;
+    this._vocabulary = new Set();
+  }
+
+  /**
+   * Build TF-IDF feature vectors for tools.
+   * @param {Array<{ name: string, description: string }>} tools
+   */
+  buildToolFeatures(tools) {
+    if (!tools || tools.length === 0) return;
+
+    this._vocabulary = new Set();
+    const docTokens = [];
+
+    // Tokenize each tool description
+    for (const tool of tools) {
+      const text = `${tool.name} ${tool.description || ""}`.toLowerCase();
+      const tokens = text.split(/\W+/).filter((t) => t.length > 2);
+      docTokens.push({ name: tool.name, tokens });
+      for (const t of tokens) this._vocabulary.add(t);
+    }
+
+    // Calculate TF-IDF
+    const N = docTokens.length;
+    const df = new Map(); // term → doc frequency
+
+    for (const { tokens } of docTokens) {
+      const unique = new Set(tokens);
+      for (const t of unique) {
+        df.set(t, (df.get(t) || 0) + 1);
+      }
+    }
+
+    for (const { name, tokens } of docTokens) {
+      const tf = new Map();
+      for (const t of tokens) {
+        tf.set(t, (tf.get(t) || 0) + 1);
+      }
+
+      const vector = new Map();
+      for (const [term, count] of tf) {
+        const idf = Math.log(N / (df.get(term) || 1));
+        vector.set(term, (count / tokens.length) * idf);
+      }
+
+      this._toolFeatures.set(name, vector);
+    }
+  }
+
+  /**
+   * Calculate cosine similarity between two tools.
+   */
+  calculateSimilarity(tool1, tool2) {
+    const v1 = this._toolFeatures.get(tool1);
+    const v2 = this._toolFeatures.get(tool2);
+    if (!v1 || !v2) return 0;
+
+    let dotProduct = 0;
+    let norm1 = 0;
+    let norm2 = 0;
+
+    for (const [term, val] of v1) {
+      norm1 += val * val;
+      if (v2.has(term)) {
+        dotProduct += val * v2.get(term);
+      }
+    }
+    for (const [, val] of v2) {
+      norm2 += val * val;
+    }
+
+    if (norm1 === 0 || norm2 === 0) return 0;
+    return dotProduct / (Math.sqrt(norm1) * Math.sqrt(norm2));
+  }
+
+  /**
+   * Record a tool usage for chain detection.
+   */
+  recordToolUse(toolName, context = {}) {
+    const entry = {
+      tool: toolName,
+      timestamp: Date.now(),
+      context: context.query || "",
+    };
+    this._toolUsageLog.push(entry);
+
+    // Update chain frequency (look at previous tool)
+    if (this._toolUsageLog.length >= 2) {
+      const prev = this._toolUsageLog[this._toolUsageLog.length - 2];
+      const key = `${prev.tool}→${toolName}`;
+      this._chainFrequency.set(key, (this._chainFrequency.get(key) || 0) + 1);
+    }
+
+    // Keep log bounded
+    if (this._toolUsageLog.length > 1000) {
+      this._toolUsageLog = this._toolUsageLog.slice(-500);
+    }
+  }
+
+  /**
+   * Recommend next tool based on usage chains.
+   * @returns {Array<{ tool: string, confidence: number }>}
+   */
+  recommendNextTool(currentTool, _context = {}) {
+    const candidates = [];
+    let totalFromCurrent = 0;
+
+    for (const [key, count] of this._chainFrequency) {
+      if (key.startsWith(`${currentTool}→`)) {
+        const nextTool = key.split("→")[1];
+        candidates.push({ tool: nextTool, count });
+        totalFromCurrent += count;
+      }
+    }
+
+    if (totalFromCurrent === 0) return [];
+
+    return candidates
+      .map((c) => ({
+        tool: c.tool,
+        confidence: Math.round((c.count / totalFromCurrent) * 100) / 100,
+      }))
+      .sort((a, b) => b.confidence - a.confidence)
+      .slice(0, 5);
+  }
+
+  /**
+   * Recommend a skill based on user query using BM25.
+   * @param {string} userQuery
+   * @param {Array<{ id: string, description: string, category: string }>} skills
+   */
+  recommendSkill(userQuery, skills) {
+    if (!userQuery || !skills || skills.length === 0) return [];
+
+    // Build BM25 index
+    const bm25 = new _deps.BM25Search();
+    const docs = skills.map((s) => ({
+      id: s.id,
+      title: s.id,
+      content: `${s.id} ${s.description || ""} ${s.category || ""}`,
+    }));
+    bm25.indexDocuments(docs);
+
+    const results = bm25.search(userQuery, { topK: 5, threshold: 0.1 });
+    return results.map((r) => ({
+      skillId: r.doc.id,
+      score: r.score,
+    }));
+  }
+
+  /**
+   * Get chain statistics.
+   */
+  getChainStats() {
+    const chains = [...this._chainFrequency.entries()]
+      .map(([key, count]) => ({ chain: key, count }))
+      .sort((a, b) => b.count - a.count);
+
+    return {
+      totalUsages: this._toolUsageLog.length,
+      uniqueChains: chains.length,
+      topChains: chains.slice(0, 10),
+    };
+  }
+
+  /**
+   * Get tool similarity matrix.
+   */
+  getSimilarityMatrix() {
+    const tools = [...this._toolFeatures.keys()];
+    const matrix = {};
+
+    for (const t1 of tools) {
+      matrix[t1] = {};
+      for (const t2 of tools) {
+        if (t1 !== t2) {
+          matrix[t1][t2] =
+            Math.round(this.calculateSimilarity(t1, t2) * 1000) / 1000;
+        }
+      }
+    }
+
+    return matrix;
+  }
+}