contextforge-cli-ai-prompt-pirates 0.4.0

package/src/services/ai/providers/openai.js

@@ -0,0 +1,32 @@
+import OpenAI from 'openai';
+import { getApiKey } from '../../../core/env.js';
+
+/**
+ * @param {{ model: string, maxTokens: number, timeoutMs: number }} options
+ */
+export async function callOpenAI(messages, options) {
+  const apiKey = getApiKey('openai');
+  if (!apiKey) {
+    throw new Error('OPENAI_API_KEY is not set in .env');
+  }
+
+  const client = new OpenAI({
+    apiKey,
+    timeout: options.timeoutMs,
+  });
+
+  const response = await client.chat.completions.create({
+    model: options.model,
+    messages,
+    max_tokens: options.maxTokens,
+    temperature: 0.3,
+    response_format: { type: 'json_object' },
+  });
+
+  return {
+    content: response.choices[0]?.message?.content || '',
+    model: response.model,
+    provider: 'openai',
+    usage: response.usage,
+  };
+}

package/src/services/ai/redact.js

@@ -0,0 +1,33 @@
+const SECRET_PATTERNS = [
+  /sk-[a-zA-Z0-9]{20,}/g,
+  /gsk_[a-zA-Z0-9]{20,}/g,
+  /api[_-]?key\s*[:=]\s*['"]?[\w-]+/gi,
+  /password\s*[:=]\s*['"]?[^\s'"]+/gi,
+  /Bearer\s+[a-zA-Z0-9._-]+/g,
+];
+
+/**
+ * Redact secrets from text before sending to AI.
+ * @param {string} text
+ */
+export function redactSecrets(text) {
+  let out = text;
+  for (const re of SECRET_PATTERNS) {
+    out = out.replace(re, '[REDACTED]');
+  }
+  return out;
+}
+
+/**
+ * Sanitize snapshot clone for AI — no paths with .env etc.
+ */
+export function sanitizeSnapshotForAi(snapshot) {
+  const clone = JSON.parse(JSON.stringify(snapshot));
+  delete clone.projectRoot;
+  if (clone.configFiles) {
+    clone.configFiles = clone.configFiles.filter(
+      (p) => !/\.env(?!\.example)/i.test(p) && !/secret|credential|\.pem/i.test(p)
+    );
+  }
+  return redactSecrets(JSON.stringify(clone));
+}

package/src/services/ai/validate.js

@@ -0,0 +1,70 @@
+const REQUIRED_KEYS = [
+  'executiveSummary',
+  'architectureDeepDive',
+  'apiAndDataFlow',
+  'businessLogicAnalysis',
+  'importantRules',
+];
+
+const OPTIONAL_KEYS = [
+  'techStackNarrative',
+  'databaseAnalysis',
+  'authenticationNotes',
+  'deploymentNotes',
+  'gitEvolution',
+  'codingConventions',
+  'possibleIssues',
+  'suggestedImprovements',
+];
+
+/**
+ * Validate AI JSON response structure and content sanity.
+ * @param {object} parsed
+ * @param {object} snapshot
+ */
+export function validateAiSections(parsed, snapshot) {
+  const errors = [];
+
+  if (!parsed || typeof parsed !== 'object') {
+    return { valid: false, errors: ['Response is not an object'] };
+  }
+
+  for (const key of REQUIRED_KEYS) {
+    if (!parsed[key] || String(parsed[key]).trim().length < 10) {
+      errors.push(`Missing or too short: ${key}`);
+    }
+  }
+
+  const scanTech = [
+    ...(snapshot.techStack?.frontend || []),
+    ...(snapshot.techStack?.backend || []),
+  ].map((t) => t.toLowerCase());
+
+  const narrative = JSON.stringify(parsed).toLowerCase();
+  const hallucinations = ['django', 'laravel', 'spring boot', 'ruby on rails'].filter(
+    (fw) => narrative.includes(fw) && !scanTech.some((t) => t.includes(fw.split(' ')[0]))
+  );
+
+  if (hallucinations.length) {
+    errors.push(`Possible hallucinated stack: ${hallucinations.join(', ')}`);
+  }
+
+  if (parsed.importantRules && !Array.isArray(parsed.importantRules)) {
+    parsed.importantRules = [String(parsed.importantRules)];
+  }
+  if (parsed.suggestedImprovements && !Array.isArray(parsed.suggestedImprovements)) {
+    parsed.suggestedImprovements = [String(parsed.suggestedImprovements)];
+  }
+  if (parsed.codingConventions && !Array.isArray(parsed.codingConventions)) {
+    parsed.codingConventions = [String(parsed.codingConventions)];
+  }
+  if (parsed.possibleIssues && !Array.isArray(parsed.possibleIssues)) {
+    parsed.possibleIssues = [String(parsed.possibleIssues)];
+  }
+
+  return {
+    valid: errors.length === 0,
+    errors,
+    parsed,
+  };
+}

package/src/watcher/watcher.js

@@ -0,0 +1,128 @@
+import chokidar from 'chokidar';
+import path from 'node:path';
+import fs from 'fs-extra';
+import { runPipeline } from '../core/pipeline.js';
+import { loadConfig } from '../core/config.js';
+import { getPidPath } from '../core/paths.js';
+import { detectFileChanges } from '../scanner/change-detector.js';
+
+let debounceTimer = null;
+let intervalTimer = null;
+let running = false;
+
+export async function startWatcher(projectRoot, options = {}) {
+  const { verbose = false } = options;
+  const config = await loadConfig(projectRoot);
+
+  const intervalMinutes =
+    options.intervalMinutes ??
+    config.refreshIntervalMinutes ??
+    0;
+
+  const watchPaths = ['.'];
+  const ignored = config.ignore.map((p) => {
+    if (p.startsWith('.')) return `**/${p}/**`;
+    return `**/${p}/**`;
+  });
+
+  if (options.daemon) {
+    await fs.writeFile(getPidPath(projectRoot), String(process.pid));
+  }
+
+  const run = async (reason = 'change') => {
+    if (running) return;
+    running = true;
+    try {
+      if (reason === 'scheduled') {
+        const check = await detectFileChanges(projectRoot, config);
+        if (!check.hasChanges) {
+          console.log('  [timer] No file/code changes — context is up to date');
+          return;
+        }
+        console.log(
+          `  [timer] File/code changes detected (+${check.counts.added} ~${check.counts.modified} -${check.counts.removed}) — updating...`
+        );
+      } else if (reason === 'file-change') {
+        console.log('  File saved — scanning for code changes...');
+      }
+
+      if (verbose) console.log(`[contextforge] Regenerating (${reason})...`);
+      const snapshot = await runPipeline(projectRoot, { verbose });
+      const ch = snapshot.changelog;
+      if (ch) {
+        if (ch.hasChanges) {
+          console.log(`  Changes: ${ch.summary}`);
+          if (ch.addedFiles?.length) console.log(`  + ${ch.addedFiles.length} new file(s)`);
+          if (ch.modifiedFiles?.length) console.log(`  ~ ${ch.modifiedFiles.length} modified file(s)`);
+        } else {
+          console.log('  No changes since last run.');
+        }
+      }
+    } catch (err) {
+      console.error('Regeneration failed:', err.message);
+    } finally {
+      running = false;
+    }
+  };
+
+  console.log('Watching for changes... (Ctrl+C to stop)');
+  console.log(`  File debounce: ${config.debounceMs || 2000}ms`);
+  if (intervalMinutes > 0) {
+    console.log(`  Auto-refresh every: ${intervalMinutes} minute(s)`);
+    await run('initial');
+    intervalTimer = setInterval(
+      () => run('scheduled'),
+      intervalMinutes * 60 * 1000
+    );
+  }
+
+  const watcher = chokidar.watch(watchPaths, {
+    cwd: projectRoot,
+    ignored: [...ignored, '**/.contextforge/cache/**', '**/.contextforge/logs/**'],
+    persistent: true,
+    ignoreInitial: true,
+    awaitWriteFinish: {
+      stabilityThreshold: 400,
+      pollInterval: 100,
+    },
+  });
+
+  const schedule = () => {
+    clearTimeout(debounceTimer);
+    debounceTimer = setTimeout(() => run('file-change'), config.debounceMs || 2000);
+  };
+
+  watcher.on('add', schedule);
+  watcher.on('change', schedule);
+  watcher.on('unlink', schedule);
+
+  const cleanup = async () => {
+    clearTimeout(debounceTimer);
+    if (intervalTimer) clearInterval(intervalTimer);
+    await watcher.close();
+    await fs.remove(getPidPath(projectRoot)).catch(() => {});
+  };
+
+  process.on('SIGINT', async () => {
+    await cleanup();
+    process.exit(0);
+  });
+
+  return { watcher, cleanup };
+}
+
+export async function stopWatcher(projectRoot) {
+  const pidPath = getPidPath(projectRoot);
+  if (!(await fs.pathExists(pidPath))) {
+    throw new Error('No watcher PID file found. Is watch running with --daemon?');
+  }
+  const pid = parseInt(await fs.readFile(pidPath, 'utf8'), 10);
+  try {
+    process.kill(pid, 'SIGTERM');
+    await fs.remove(pidPath);
+    console.log(`Stopped watcher (PID ${pid})`);
+  } catch (err) {
+    await fs.remove(pidPath);
+    throw new Error(`Could not stop process ${pid}: ${err.message}`);
+  }
+}