npm - codehere - Versions diffs - 0.1.0 → 0.3.0 - Mend

codehere 0.1.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of codehere might be problematic. Click here for more details.

Files changed (671) hide show

package/dist/application/use-cases/edit-file-use-case.js ADDED Viewed

@@ -0,0 +1,752 @@
+/**
+ * Application Use Case: EditFileUseCase
+ * Handles file editing with verification and Reflexion
+ */
+import { container } from '../services/dependency-container.js';
+import { backupFile, rollbackFile } from '../../verification/backup.js';
+import { executionTracer } from '../../infrastructure/observability/execution-tracer.js';
+import { validateFilePath } from '../../infrastructure/security/input-validator.js';
+export class EditFileUseCase {
+    aiService;
+    verificationService;
+    sastScanner;
+    enhancedSecurityGate;
+    appropriateFriction;
+    hitlValidation;
+    biDirectionalLearning;
+    teamStandards;
+    promptToCodeLineage;
+    nistAIRMF;
+    policyAsCode;
+    constructor(aiService, verificationService, sastScanner, // Optional: AI SAST scanner (legacy, prefer enhancedSecurityGate)
+    enhancedSecurityGate, // Optional: Enhanced security gate (all scanners)
+    appropriateFriction, // Optional: Appropriate friction system
+    hitlValidation, // Optional: HITL validation system
+    biDirectionalLearning, // Optional: Bi-directional learning system
+    teamStandards, // Optional: Team standards system
+    promptToCodeLineage, // Optional: Prompt-to-code lineage tracking
+    nistAIRMF, // Optional: NIST AI RMF for enterprise governance
+    policyAsCode // Optional: Policy-as-Code for automated compliance
+    ) {
+        this.aiService = aiService;
+        this.verificationService = verificationService;
+        this.sastScanner = sastScanner;
+        this.enhancedSecurityGate = enhancedSecurityGate;
+        this.appropriateFriction = appropriateFriction;
+        this.hitlValidation = hitlValidation;
+        this.biDirectionalLearning = biDirectionalLearning;
+        this.teamStandards = teamStandards;
+        this.promptToCodeLineage = promptToCodeLineage;
+        this.nistAIRMF = nistAIRMF;
+        this.policyAsCode = policyAsCode;
+    }
+    async execute(request) {
+        // 1. Start Prompt-to-Code Lineage tracking
+        let lineageId;
+        let rootNodeId;
+        if (this.promptToCodeLineage) {
+            const runId = executionTracer.getCurrentRunId();
+            if (runId) {
+                lineageId = this.promptToCodeLineage.createLineage(request.instruction, {
+                    sessionId: runId,
+                    workspace: process.cwd(),
+                });
+                const lineage = lineageId ? this.promptToCodeLineage.getLineage(lineageId) : undefined;
+                rootNodeId = lineage?.rootNodeId;
+            }
+            else {
+                // No run context - create lineage without sessionId
+                lineageId = this.promptToCodeLineage.createLineage(request.instruction);
+                const lineage = lineageId ? this.promptToCodeLineage.getLineage(lineageId) : undefined;
+                rootNodeId = lineage?.rootNodeId;
+            }
+        }
+        // Validate file path
+        const pathValidation = validateFilePath(request.filepath);
+        if (!pathValidation.valid) {
+            return {
+                success: false,
+                error: `Invalid file path: ${pathValidation.errors.join(', ')}`,
+            };
+        }
+        // NIST AI RMF: GOVERN - Establish risk culture and accountability (Enterprise Governance)
+        if (this.nistAIRMF) {
+            // Check if file exists for context type (quick check)
+            const { existsSync } = await import('fs');
+            const { join } = await import('path');
+            const safeFilePath = pathValidation.sanitized || request.filepath;
+            const fullPath = join(process.cwd(), safeFilePath);
+            const fileExists = existsSync(fullPath);
+            const riskContext = {
+                contextType: fileExists ? 'code_edit' : 'code_generation',
+                targetDomain: this.inferDomain(request.filepath, request.instruction),
+                riskLevel: this.determineRiskLevel(request.instruction, ''),
+                regulatoryRelevant: this.isRegulatoryRelevant(request.filepath, request.instruction),
+            };
+            const governDecision = await this.nistAIRMF.govern(riskContext);
+            console.log(`[EditFileUseCase] NIST AI RMF Govern: ${governDecision.decision}`);
+            if (governDecision.outcome === 'blocked') {
+                return {
+                    success: false,
+                    error: `Operation blocked by governance policy: ${governDecision.rationale}`,
+                };
+            }
+            if (governDecision.outcome === 'requires_review') {
+                console.warn(`[EditFileUseCase] ⚠️  Governance requires review: ${governDecision.rationale}`);
+            }
+        }
+        // CRITICAL FIX: Security check FIRST (before any expensive operations)
+        // This prevents wasting time and tokens on dangerous code
+        // RESEARCH CONTEXT: 45% of AI-generated code has security flaws, 35% has license issues
+        // Use Enhanced Security Gate if available (includes all scanners), fallback to SAST only
+        if (this.enhancedSecurityGate) {
+            // Fast pre-check on instruction before generating edit
+            const fastCheck = await this.enhancedSecurityGate.fastCheck(request.instruction);
+            if (!fastCheck.allowed) {
+                return {
+                    success: false,
+                    error: `Security vulnerabilities detected in instruction: ${fastCheck.findings.join('; ')}`,
+                    securityFindings: fastCheck.findings,
+                };
+            }
+        }
+        else if (this.sastScanner) {
+            // Legacy: Quick security check on instruction before generating edit
+            // This is a fast pattern-based check, full AI scan happens after edit generation
+            const quickSecurityCheck = await this.sastScanner.scanInstruction(request.instruction);
+            if (quickSecurityCheck && quickSecurityCheck.findings && quickSecurityCheck.findings.length > 0) {
+                const criticalFindings = quickSecurityCheck.findings.filter((f) => f.severity === 'critical') || [];
+                const highFindings = quickSecurityCheck.findings.filter((f) => f.severity === 'high') || [];
+                if (criticalFindings.length > 0 || highFindings.length > 0) {
+                    return {
+                        success: false,
+                        error: `Security vulnerabilities detected: ${criticalFindings.length} critical, ${highFindings.length} high severity findings. Review and fix before applying.`,
+                        securityFindings: quickSecurityCheck.findings,
+                    };
+                }
+            }
+        }
+        const { readFileSync, writeFileSync, existsSync, mkdirSync } = await import('fs');
+        const { join, dirname } = await import('path');
+        // Use sanitized path if validation found issues
+        const safeFilePath = pathValidation.sanitized || request.filepath;
+        const fullPath = join(process.cwd(), safeFilePath);
+        const fileExists = existsSync(fullPath);
+        // Determine risk level for friction/HITL
+        const riskLevel = this.determineRiskLevel(request.instruction, fileExists ? '' : '');
+        // 2. Check Appropriate Friction (after security check, before edit generation)
+        let frictionApplied = null;
+        if (this.appropriateFriction) {
+            const frictionPoint = this.appropriateFriction.needsFriction('edit_file', {
+                riskLevel,
+                isDestructive: !fileExists || request.instruction.toLowerCase().includes('delete'),
+                modifiesSecuritySensitiveCode: request.instruction.toLowerCase().includes('security') ||
+                    request.instruction.toLowerCase().includes('auth') ||
+                    request.instruction.toLowerCase().includes('password'),
+            });
+            if (frictionPoint) {
+                frictionApplied = frictionPoint;
+                console.log(`[EditFileUseCase] ⚠️ Friction applied: ${frictionPoint.message}`);
+                // For CLI: Log warning. For UI: This would pause and wait for user interaction
+                if (frictionPoint.requiresExplicitConfirmation) {
+                    // In CLI, we'll allow it but log the warning
+                    // In UI, this would block until user confirms
+                    console.warn(`[EditFileUseCase] Explicit confirmation required: ${frictionPoint.message}`);
+                }
+            }
+        }
+        // Handle file creation if file doesn't exist
+        if (!fileExists) {
+            console.log(`[EditFileUseCase] File does not exist, creating new file: ${fullPath}`);
+            console.log(`[EditFileUseCase] Instruction: ${request.instruction}`);
+            return await this.createFile(request, fullPath);
+        }
+        console.log(`[EditFileUseCase] Editing existing file: ${fullPath}`);
+        console.log(`[EditFileUseCase] Instruction: ${request.instruction}`);
+        // Read current content
+        const currentContent = readFileSync(fullPath, 'utf-8');
+        console.log(`[EditFileUseCase] File size: ${currentContent.length} chars`);
+        // Update risk level with file context
+        const updatedRiskLevel = this.determineRiskLevel(request.instruction, currentContent);
+        // 3. Check HITL Validation requirement
+        let hitlRequired = false;
+        let hitlCheckpointId;
+        if (this.hitlValidation && this.hitlValidation.requiresValidation({
+            riskLevel: updatedRiskLevel,
+            isDestructive: request.instruction.toLowerCase().includes('delete'),
+            modifiesSecuritySensitiveCode: request.instruction.toLowerCase().includes('security') ||
+                request.instruction.toLowerCase().includes('auth') ||
+                request.instruction.toLowerCase().includes('password'),
+        })) {
+            hitlRequired = true;
+            // Note: In CLI, we proceed with warning. In UI, this would block until approval
+            console.warn(`[EditFileUseCase] ⚠️ HITL validation required for this operation`);
+        }
+        // Track edit generation in lineage
+        if (this.promptToCodeLineage && lineageId && rootNodeId) {
+            this.promptToCodeLineage.addNode(lineageId, {
+                type: 'plan',
+                timestamp: Date.now(),
+                description: `Generating edit for ${request.filepath}`,
+                input: { instruction: request.instruction, filepath: request.filepath },
+                metadata: { riskLevel: updatedRiskLevel },
+            }, rootNodeId);
+        }
+        // Generate edit (with progress indicator for better UX)
+        let diff;
+        try {
+            // Show progress indicator for code generation (can take 20-30s)
+            const { createSpinner } = await import('../../ui.js');
+            const codeGenSpinner = createSpinner('Generating code changes...');
+            codeGenSpinner.start();
+            diff = await this.aiService.generateEdit(currentContent, request.instruction, request.filepath);
+            codeGenSpinner.stop();
+            console.log(`[EditFileUseCase] Generated diff length: ${diff.length} chars`);
+            if (diff.length > 0) {
+                console.log(`[EditFileUseCase] Diff preview: ${diff.substring(0, 200)}...`);
+            }
+            else {
+                console.warn(`[EditFileUseCase] Warning: Empty diff generated`);
+            }
+        }
+        catch (error) {
+            console.error(`[EditFileUseCase] Failed to generate edit:`, error);
+            return {
+                success: false,
+                error: `Failed to generate edit: ${error instanceof Error ? error.message : String(error)}`,
+            };
+        }
+        // Apply diff
+        let newContent;
+        try {
+            newContent = await this.applyDiff(currentContent, diff);
+            console.log(`[EditFileUseCase] Applied diff, new content size: ${newContent.length} chars`);
+            // Check if content actually changed
+            if (newContent === currentContent) {
+                console.warn(`[EditFileUseCase] Warning: Content unchanged after applying diff`);
+            }
+            else {
+                const diffSize = newContent.length - currentContent.length;
+                console.log(`[EditFileUseCase] Content changed: ${diffSize > 0 ? '+' : ''}${diffSize} chars difference`);
+            }
+        }
+        catch (error) {
+            console.error(`[EditFileUseCase] Failed to apply diff:`, error);
+            return {
+                success: false,
+                error: `Failed to apply diff: ${error instanceof Error ? error.message : String(error)}`,
+            };
+        }
+        // Comprehensive security scan - before verification
+        // RESEARCH CONTEXT: 45% AI code has flaws, 35% license issues, provider bias risk
+        // Use Enhanced Security Gate if available (all scanners), fallback to SAST only
+        let securityResult = null; // Will be set by security scan
+        if (this.enhancedSecurityGate) {
+            // Show progress indicator for security scanning (can take 10-15s)
+            const { createSpinner } = await import('../../ui.js');
+            const securitySpinner = createSpinner('Scanning for security vulnerabilities...');
+            securitySpinner.start();
+            // Comprehensive scan: SAST + License + Provider Bias + Uncertainty
+            securityResult = await this.enhancedSecurityGate.scan(request.filepath, newContent, request.instruction, { query: request.instruction });
+            securitySpinner.stop();
+            if (!securityResult.passed) {
+                const errorMessages = [
+                    ...securityResult.errors,
+                    ...securityResult.warnings.map((w) => `Warning: ${w}`),
+                ];
+                return {
+                    success: false,
+                    error: `Security validation failed: ${errorMessages.join('; ')}`,
+                    securityFindings: securityResult.sast.findings,
+                    licenseFindings: securityResult.license.findings,
+                    providerBiasFindings: securityResult.providerBias.findings,
+                    uncertaintyFindings: securityResult.uncertainty,
+                };
+            }
+            // Log warnings for non-blocking issues (provider bias, uncertainty)
+            if (securityResult.warnings.length > 0) {
+                console.warn(`[EditFileUseCase] Security warnings: ${securityResult.warnings.join('; ')}`);
+            }
+            // NIST AI RMF: MAP - Context framing and risk identification (Enterprise Governance)
+            if (this.nistAIRMF) {
+                const riskContext = {
+                    contextType: fileExists ? 'code_edit' : 'code_generation',
+                    targetDomain: this.inferDomain(request.filepath, request.instruction),
+                    riskLevel: this.determineRiskLevel(request.instruction, newContent),
+                    regulatoryRelevant: this.isRegulatoryRelevant(request.filepath, request.instruction),
+                };
+                const { decision: mapDecision, riskProfile } = await this.nistAIRMF.map(riskContext, {
+                    security: {
+                        vulnerabilities: securityResult.sast.findings?.length || 0,
+                        licenseConflicts: securityResult.license.findings?.length || 0,
+                        providerBias: (securityResult.providerBias.findings?.length || 0) > 0,
+                        uncertainty: securityResult.uncertainty?.combined?.value || 0.5,
+                    },
+                    compliance: {
+                        gdprRelevant: riskContext.regulatoryRelevant,
+                        hipaaRelevant: this.inferDomain(request.filepath, request.instruction) === 'healthcare',
+                    },
+                    operational: {
+                        complexity: newContent.length > 1000 ? 0.8 : 0.5,
+                        dependencies: 0, // Could be enhanced
+                    },
+                });
+                console.log(`[EditFileUseCase] NIST AI RMF Map: ${mapDecision.decision}`);
+                if (mapDecision.outcome === 'blocked') {
+                    return {
+                        success: false,
+                        error: `Operation blocked by risk mapping: ${mapDecision.rationale}`,
+                        securityFindings: securityResult.sast.findings,
+                        licenseFindings: securityResult.license.findings,
+                        providerBiasFindings: securityResult.providerBias.findings,
+                        uncertaintyFindings: securityResult.uncertainty,
+                    };
+                }
+                // NIST AI RMF: MEASURE - Quantify and monitor risks (Enterprise Governance)
+                const measureDecision = await this.nistAIRMF.measure(riskProfile, {
+                    sastFindings: securityResult.sast.findings?.length || 0,
+                    licenseFindings: securityResult.license.findings?.length || 0,
+                    providerBiasFindings: securityResult.providerBias.findings?.length || 0,
+                    uncertaintyScore: securityResult.uncertainty?.combined?.value,
+                });
+                console.log(`[EditFileUseCase] NIST AI RMF Measure: ${measureDecision.decision}`);
+            }
+            // Policy-as-Code: Evaluate policies before proceeding (Enterprise Governance)
+            if (this.policyAsCode) {
+                // Debug: Log security findings before policy evaluation
+                const criticalHighFindings = securityResult.sast.findings.filter((f) => f.severity === 'critical' || f.severity === 'high');
+                console.log(`[EditFileUseCase] Security scan: ${securityResult.sast.findings.length} total findings, ${criticalHighFindings.length} critical/high`);
+                if (criticalHighFindings.length > 0) {
+                    console.log(`[EditFileUseCase] Critical/High findings:`, criticalHighFindings.map((f) => `${f.severity}: ${f.category} - ${f.description}`).join('; '));
+                }
+                const policyEvaluation = await this.policyAsCode.evaluate({
+                    filepath: request.filepath,
+                    code: newContent,
+                    instruction: request.instruction,
+                    securityFindings: securityResult.sast.findings,
+                    licenseFindings: securityResult.license.findings,
+                    providerBiasFindings: securityResult.providerBias.findings,
+                    uncertainty: securityResult.uncertainty,
+                });
+                // Debug: Log policy evaluation results
+                console.log(`[EditFileUseCase] Policy evaluation: ${policyEvaluation.results.length} rules evaluated, ${policyEvaluation.blockingRules.length} blocking`);
+                policyEvaluation.results.forEach((result) => {
+                    if (!result.passed) {
+                        console.log(`[EditFileUseCase] Policy rule "${result.ruleName}": ${result.message}`);
+                        if (result.evidence) {
+                            console.log(`[EditFileUseCase] Evidence:`, JSON.stringify(result.evidence, null, 2));
+                        }
+                    }
+                });
+                if (!policyEvaluation.passed && policyEvaluation.blockingRules.length > 0) {
+                    const blockingRule = policyEvaluation.blockingRules[0];
+                    console.error(`[EditFileUseCase] Policy violation: ${blockingRule.ruleName} - ${blockingRule.message}`);
+                    return {
+                        success: false,
+                        error: `Policy violation: ${blockingRule.message}`,
+                        securityFindings: securityResult.sast.findings,
+                        licenseFindings: securityResult.license.findings,
+                        providerBiasFindings: securityResult.providerBias.findings,
+                        uncertaintyFindings: securityResult.uncertainty,
+                    };
+                }
+                if (policyEvaluation.results.length > 0) {
+                    console.log(`[EditFileUseCase] Policy evaluation: ${policyEvaluation.results.filter(r => r.passed).length}/${policyEvaluation.results.length} passed`);
+                }
+            }
+            // Track security scan in lineage
+            if (this.promptToCodeLineage && lineageId && rootNodeId) {
+                this.promptToCodeLineage.addNode(lineageId, {
+                    type: 'verification',
+                    timestamp: Date.now(),
+                    description: 'Security scan completed',
+                    input: { filepath: request.filepath },
+                    output: { passed: securityResult.passed, findings: securityResult.errors.length },
+                    metadata: {
+                        securityScan: true,
+                        licenseIssues: securityResult.license.findings?.length || 0,
+                        providerBiasIssues: securityResult.providerBias.findings?.length || 0,
+                    },
+                }, rootNodeId);
+            }
+        }
+        else if (this.sastScanner) {
+            // Legacy: SAST-only scan
+            const securityCheck = await this.sastScanner.scan(request.filepath, newContent);
+            const criticalFindings = securityCheck.findings?.filter(f => f.severity === 'critical') || [];
+            const highFindings = securityCheck.findings?.filter(f => f.severity === 'high') || [];
+            // Block edits with critical or high severity findings
+            if (criticalFindings.length > 0 || highFindings.length > 0) {
+                return {
+                    success: false,
+                    error: `Security vulnerabilities detected: ${criticalFindings.length} critical, ${highFindings.length} high severity findings. Review and fix before applying.`,
+                    securityFindings: securityCheck.findings,
+                };
+            }
+        }
+        // Create backup before applying edit
+        let backupPath;
+        try {
+            backupPath = await backupFile(fullPath);
+            console.log(`[EditFileUseCase] Backup created: ${backupPath}`);
+            // Link backup to current run for undo capability
+            const runId = executionTracer.getCurrentRunId();
+            if (runId) {
+                executionTracer.trace({
+                    operationType: 'file_operation',
+                    operationName: 'backup',
+                    input: { filepath: fullPath },
+                    output: { backupPath },
+                    metadata: {
+                        runId,
+                        filepath: fullPath,
+                    },
+                });
+            }
+        }
+        catch (error) {
+            console.warn(`[EditFileUseCase] Failed to create backup: ${error instanceof Error ? error.message : String(error)}`);
+            // Continue anyway - backup failure shouldn't block edit
+        }
+        // 4. Team Standards Validation (before writing file)
+        let teamStandardsApplied = false;
+        if (this.teamStandards && newContent) {
+            const teamId = 'default'; // TODO: Get from config or context
+            const standardsResult = this.teamStandards.validateCode(teamId, newContent, request.filepath);
+            if (!standardsResult.passed) {
+                console.warn(`[EditFileUseCase] Team standards violations: ${standardsResult.violations.length}`);
+                // Try auto-fix
+                const fixedResult = this.teamStandards.applyStyleGuide(teamId, newContent, request.filepath);
+                if (fixedResult.fixesApplied > 0) {
+                    newContent = fixedResult.modified;
+                    teamStandardsApplied = true;
+                    console.log(`[EditFileUseCase] Auto-fixed ${fixedResult.fixesApplied} style issues`);
+                }
+                else {
+                    // Critical violations that can't be auto-fixed
+                    const criticalViolations = standardsResult.issues.filter(i => i.severity === 'error');
+                    if (criticalViolations.length > 0) {
+                        return {
+                            success: false,
+                            error: `Team standards validation failed: ${criticalViolations.length} critical violations`,
+                            frictionApplied,
+                            hitlRequired,
+                            hitlCheckpointId,
+                        };
+                    }
+                }
+            }
+        }
+        // Review Checkpoint: Show summary before applying edits (Task 5.1)
+        // Display review checkpoint with diff summary, security status, and risk level
+        const { displayReviewCheckpoint, calculateDiffSummary } = await import('../../infrastructure/ux/review-checkpoint.js');
+        const diffSummary = calculateDiffSummary(currentContent, newContent);
+        // Determine risk level for review checkpoint
+        let reviewRiskLevel = 'medium';
+        if (securityResult) {
+            if (securityResult.errors && securityResult.errors.length > 0) {
+                reviewRiskLevel = 'critical';
+            }
+            else if (securityResult.warnings && securityResult.warnings.length > 0) {
+                reviewRiskLevel = 'high';
+            }
+            else {
+                reviewRiskLevel = 'low';
+            }
+        }
+        const reviewInfo = {
+            filesToModify: [{
+                    filepath: request.filepath,
+                    linesAdded: diffSummary.linesAdded,
+                    linesRemoved: diffSummary.linesRemoved,
+                    linesChanged: diffSummary.linesChanged,
+                }],
+            securityScanPassed: securityResult?.passed ?? true,
+            compilationValid: true, // Will be verified after write
+            riskLevel: reviewRiskLevel,
+            uncertainty: securityResult?.uncertainty?.combined?.value,
+        };
+        displayReviewCheckpoint(reviewInfo);
+        // Verify if verification service available
+        let verification;
+        if (this.verificationService) {
+            console.log(`[EditFileUseCase] Writing file and verifying...`);
+            writeFileSync(fullPath, newContent, 'utf-8');
+            // Show progress indicator for verification (can take 5-10s)
+            const { createSpinner } = await import('../../ui.js');
+            const verificationSpinner = createSpinner('Verifying code compilation...');
+            verificationSpinner.start();
+            verification = await this.verificationService.verify(fullPath);
+            if (verification.success) {
+                verificationSpinner.succeed('Verification passed');
+            }
+            else {
+                verificationSpinner.fail('Verification failed');
+            }
+            console.log(`[EditFileUseCase] Verification result: success=${verification.success}, compiled=${verification.compiled}, testsPassed=${verification.testsPassed}`);
+            if (verification.errors && verification.errors.length > 0) {
+                console.error(`[EditFileUseCase] Verification errors: ${verification.errors.join('; ')}`);
+            }
+            if (!verification.success) {
+                console.warn(`[EditFileUseCase] Verification failed, rolling back...`);
+                // Automatic rollback on verification failure
+                if (backupPath) {
+                    try {
+                        await rollbackFile(fullPath, backupPath);
+                        console.log(`[EditFileUseCase] File rolled back successfully`);
+                    }
+                    catch (rollbackError) {
+                        console.error(`[EditFileUseCase] Rollback failed: ${rollbackError instanceof Error ? rollbackError.message : String(rollbackError)}`);
+                        // Try to restore from original content as fallback
+                        try {
+                            writeFileSync(fullPath, currentContent, 'utf-8');
+                            console.log(`[EditFileUseCase] File restored from original content`);
+                        }
+                        catch (restoreError) {
+                            console.error(`[EditFileUseCase] Restore also failed: ${restoreError instanceof Error ? restoreError.message : String(restoreError)}`);
+                        }
+                    }
+                }
+                // Use Reflexion to learn from failure
+                const reflexionUseCase = container.reflexionUseCase;
+                const reflection = await reflexionUseCase.execute({
+                    trajectory: {
+                        query: request.instruction,
+                        steps: [{
+                                thought: { content: 'Attempting edit', reasoning: request.instruction },
+                                action: { type: 'tool', name: 'edit', parameters: {} },
+                                observation: { result: null, success: false, error: verification.errors.join('; ') },
+                                timestamp: new Date(),
+                            }],
+                        success: false,
+                    },
+                    reward: 0,
+                    errors: verification.errors,
+                });
+                return {
+                    success: false,
+                    verification,
+                    reflection: reflection.reflection,
+                    error: verification.errors.join('; '),
+                };
+            }
+        }
+        else {
+            // No verification - just apply (still create backup for undo capability)
+            console.log(`[EditFileUseCase] No verification service, writing file directly`);
+            writeFileSync(fullPath, newContent, 'utf-8');
+        }
+        const edit = {
+            filepath: request.filepath,
+            oldContent: currentContent,
+            newContent,
+            instruction: request.instruction,
+            diff,
+            metadata: {
+                verificationResult: verification,
+            },
+        };
+        // 5. Record Bi-directional Learning
+        if (this.biDirectionalLearning) {
+            const userId = 'default'; // TODO: Get from context
+            this.biDirectionalLearning.recordFeedback(userId, {
+                type: 'edit',
+                signal: 'positive', // Successful edit = positive signal
+                originalCode: currentContent,
+                modifiedCode: newContent,
+                filepath: request.filepath,
+                context: {
+                    query: request.instruction,
+                    generatedBy: 'EditFileUseCase',
+                },
+            });
+            console.log(`[EditFileUseCase] Edit recorded for learning`);
+        }
+        // 6. Complete Prompt-to-Code Lineage tracking
+        if (this.promptToCodeLineage && lineageId && rootNodeId) {
+            this.promptToCodeLineage.trackCodeGeneration(lineageId, rootNodeId, {
+                filepath: request.filepath,
+                content: newContent,
+                diff: diff,
+                originalContent: currentContent,
+            }, {
+                verificationPassed: verification?.success || false,
+            });
+            console.log(`[EditFileUseCase] Lineage tracking complete`);
+        }
+        console.log(`[EditFileUseCase] Edit completed successfully`);
+        return {
+            success: true,
+            edit,
+            verification,
+            frictionApplied,
+            hitlRequired,
+            hitlCheckpointId,
+        };
+    }
+    /**
+     * Create a new file with generated content
+     */
+    async createFile(request, fullPath) {
+        const { writeFileSync, mkdirSync, existsSync } = await import('fs');
+        const { dirname } = await import('path');
+        try {
+            // Ensure directory exists
+            const dir = dirname(fullPath);
+            if (!existsSync(dir)) {
+                console.log(`[EditFileUseCase] Creating directory: ${dir}`);
+                mkdirSync(dir, { recursive: true });
+            }
+            // Generate file content using AI
+            console.log(`[EditFileUseCase] Generating new file content...`);
+            let fileContent;
+            try {
+                fileContent = await this.aiService.generateFileContent(request.filepath, request.instruction, request.requirements || []);
+                console.log(`[EditFileUseCase] Generated content length: ${fileContent.length} chars`);
+            }
+            catch (error) {
+                console.error(`[EditFileUseCase] Failed to generate file content:`, error);
+                return {
+                    success: false,
+                    error: `Failed to generate file content: ${error instanceof Error ? error.message : String(error)}`,
+                };
+            }
+            // Security scan before writing
+            if (this.sastScanner) {
+                const securityCheck = await this.sastScanner.scan(request.filepath, fileContent);
+                const criticalFindings = securityCheck.findings?.filter(f => f.severity === 'critical') || [];
+                const highFindings = securityCheck.findings?.filter(f => f.severity === 'high') || [];
+                if (criticalFindings.length > 0 || highFindings.length > 0) {
+                    return {
+                        success: false,
+                        error: `Security vulnerabilities detected: ${criticalFindings.length} critical, ${highFindings.length} high severity findings. Review and fix before creating.`,
+                        securityFindings: securityCheck.findings,
+                    };
+                }
+            }
+            // Write file
+            writeFileSync(fullPath, fileContent, 'utf-8');
+            console.log(`[EditFileUseCase] File created successfully: ${fullPath}`);
+            // Verify if verification service available
+            let verification;
+            if (this.verificationService) {
+                console.log(`[EditFileUseCase] Verifying new file...`);
+                verification = await this.verificationService.verify(fullPath);
+                console.log(`[EditFileUseCase] Verification result: success=${verification.success}, compiled=${verification.compiled}, testsPassed=${verification.testsPassed}`);
+                if (!verification.success) {
+                    console.warn(`[EditFileUseCase] Verification failed for new file, but keeping it for inspection`);
+                    return {
+                        success: false,
+                        verification,
+                        error: verification.errors?.join('; ') || 'Verification failed',
+                    };
+                }
+            }
+            const edit = {
+                filepath: request.filepath,
+                oldContent: '', // No old content for new files
+                newContent: fileContent,
+                instruction: request.instruction,
+                diff: `New file created: ${request.filepath}`,
+                metadata: {
+                    verificationResult: verification,
+                },
+            };
+            console.log(`[EditFileUseCase] File creation completed successfully`);
+            return {
+                success: true,
+                edit,
+                verification,
+            };
+        }
+        catch (error) {
+            console.error(`[EditFileUseCase] Failed to create file:`, error);
+            return {
+                success: false,
+                error: `Failed to create file: ${error instanceof Error ? error.message : String(error)}`,
+            };
+        }
+    }
+    async applyDiff(content, diff) {
+        try {
+            const { applyEditFallback } = await import('../../utils/diff-parser.js');
+            return applyEditFallback(content, diff);
+        }
+        catch (error) {
+            console.error('Failed to apply diff:', error);
+            // Fallback: if diff parsing fails, return original content
+            // This prevents silent failures
+            throw new Error(`Failed to apply diff: ${error instanceof Error ? error.message : String(error)}`);
+        }
+    }
+    /**
+     * Determine risk level based on instruction and content
+     */
+    determineRiskLevel(instruction, currentContent) {
+        const instructionLower = instruction.toLowerCase();
+        // Critical: Destructive operations
+        if (instructionLower.includes('delete') ||
+            instructionLower.includes('remove all') ||
+            instructionLower.includes('drop table') ||
+            instructionLower.includes('rm -rf')) {
+            return 'critical';
+        }
+        // High: Security-sensitive operations
+        if (instructionLower.includes('security') ||
+            instructionLower.includes('auth') ||
+            instructionLower.includes('password') ||
+            instructionLower.includes('credential') ||
+            instructionLower.includes('token') ||
+            instructionLower.includes('api key')) {
+            return 'high';
+        }
+        // High: Large file modifications
+        if (currentContent.length > 5000 && instruction.split(' ').length > 30) {
+            return 'high';
+        }
+        // Medium: Complex refactoring
+        if (instructionLower.includes('refactor') ||
+            instructionLower.includes('restructure') ||
+            instructionLower.includes('rewrite')) {
+            return 'medium';
+        }
+        // Low: Simple edits
+        return 'low';
+    }
+    /**
+     * Infer domain from filepath and instruction for NIST AI RMF
+     */
+    inferDomain(filepath, instruction) {
+        const pathLower = filepath.toLowerCase();
+        const instructionLower = instruction.toLowerCase();
+        if (pathLower.includes('health') || instructionLower.includes('health')) {
+            return 'healthcare';
+        }
+        if (pathLower.includes('finance') || pathLower.includes('payment') || instructionLower.includes('finance')) {
+            return 'financial';
+        }
+        if (pathLower.includes('auth') || instructionLower.includes('authentication')) {
+            return 'security';
+        }
+        return 'general';
+    }
+    /**
+     * Determine if operation is regulatory relevant (GDPR, HIPAA, etc.)
+     */
+    isRegulatoryRelevant(filepath, instruction) {
+        const pathLower = filepath.toLowerCase();
+        const instructionLower = instruction.toLowerCase();
+        // GDPR: Personal data processing
+        if (pathLower.includes('user') || pathLower.includes('customer') ||
+            instructionLower.includes('personal data') || instructionLower.includes('gdpr')) {
+            return true;
+        }
+        // HIPAA: Healthcare data
+        if (pathLower.includes('health') || instructionLower.includes('patient') ||
+            instructionLower.includes('medical record')) {
+            return true;
+        }
+        return false;
+    }
+}
+//# sourceMappingURL=edit-file-use-case.js.map