create-qa-architect 5.0.0

package/lib/config-validator.js

@@ -0,0 +1,163 @@
+'use strict'
+
+const Ajv = require('ajv')
+const addFormats = require('ajv-formats')
+const fs = require('fs')
+const path = require('path')
+
+function validateQualityConfig(configPath) {
+  const result = {
+    valid: false,
+    errors: [],
+    config: null,
+  }
+
+  // DEBUG: Log entry
+  if (process.env.DEBUG_VALIDATOR) {
+    console.error(`[DEBUG] validateQualityConfig called with: ${configPath}`)
+  }
+
+  if (!fs.existsSync(configPath)) {
+    result.errors.push('Configuration file not found: ' + configPath)
+    return result
+  }
+
+  let config
+  try {
+    const configContent = fs.readFileSync(configPath, 'utf8')
+    config = JSON.parse(configContent)
+    result.config = config
+  } catch (error) {
+    result.errors.push('Failed to parse configuration file: ' + error.message)
+    return result
+  }
+
+  let schema
+  try {
+    const schemaPath = path.join(
+      __dirname,
+      '..',
+      'config',
+      'quality-config.schema.json'
+    )
+    const schemaContent = fs.readFileSync(schemaPath, 'utf8')
+    schema = JSON.parse(schemaContent)
+  } catch (error) {
+    result.errors.push('Failed to load configuration schema: ' + error.message)
+    return result
+  }
+
+  const ajv = new Ajv({ allErrors: true, strict: false })
+  addFormats(ajv)
+
+  const validate = ajv.compile(schema)
+  const valid = validate(config)
+
+  if (!valid) {
+    if (validate.errors) {
+      validate.errors.forEach(error => {
+        const errorPath = error.instancePath || '(root)'
+        const message = error.message || 'validation failed'
+
+        if (error.keyword === 'required') {
+          result.errors.push(
+            'Missing required field: ' +
+              (error.params?.missingProperty || 'unknown')
+          )
+        } else if (error.keyword === 'enum') {
+          result.errors.push(
+            'Invalid value at ' +
+              errorPath +
+              ': must be one of ' +
+              (error.params?.allowedValues?.join(', ') || 'unknown values')
+          )
+        } else if (error.keyword === 'type') {
+          result.errors.push(
+            'Invalid type at ' +
+              errorPath +
+              ': expected ' +
+              (error.params?.type || 'unknown')
+          )
+        } else if (error.keyword === 'pattern') {
+          result.errors.push('Invalid format at ' + errorPath + ': ' + message)
+        } else if (error.keyword === 'minimum') {
+          result.errors.push(
+            'Invalid value at ' +
+              errorPath +
+              ': must be >= ' +
+              (error.params?.limit ?? 'unknown')
+          )
+        } else if (error.keyword === 'additionalProperties') {
+          result.errors.push(
+            'Unknown property at ' +
+              errorPath +
+              ': ' +
+              (error.params?.additionalProperty || 'unknown')
+          )
+        } else {
+          result.errors.push(
+            'Validation error at ' + errorPath + ': ' + message
+          )
+        }
+      })
+    }
+  } else {
+    result.valid = true
+  }
+
+  return result
+}
+
+/**
+ * Validate configuration and print results to console
+ * @param {string} configPath - Path to .qualityrc.json file
+ * @returns {boolean} - true if valid, false if invalid
+ */
+function validateAndReport(configPath) {
+  const { formatMessage } = require('./ui-helpers')
+
+  console.log(
+    formatMessage('working', 'Validating .qualityrc.json configuration...')
+  )
+  console.log('')
+
+  const result = validateQualityConfig(configPath)
+
+  if (!result.valid) {
+    console.error(formatMessage('error', 'Configuration validation failed!\n'))
+    result.errors.forEach((error, index) => {
+      console.error(`   ${index + 1}. ${error}`)
+    })
+    console.error('')
+    console.error(formatMessage('info', 'Fix the errors above and try again.'))
+    console.error(
+      formatMessage('info', 'See .qualityrc.json.example for reference.\n')
+    )
+    return false
+  }
+
+  console.log(formatMessage('success', 'Configuration is valid!\n'))
+
+  if (result.config) {
+    console.log('Configuration summary:')
+    console.log(`   Version: ${result.config.version}`)
+    console.log(`   Maturity: ${result.config.maturity || 'auto'}`)
+
+    if (result.config.checks) {
+      const enabledChecks = Object.entries(result.config.checks)
+        .filter(
+          ([, check]) => check.enabled === true || check.enabled === 'auto'
+        )
+        .map(([name]) => name)
+
+      console.log(
+        `   Enabled checks: ${enabledChecks.length > 0 ? enabledChecks.join(', ') : 'none'}`
+      )
+    }
+    console.log('')
+  }
+
+  return true
+}
+
+module.exports = { validateQualityConfig, validateAndReport }

package/lib/dependency-monitoring-basic.js

@@ -0,0 +1,185 @@
+/**
+ * Basic Dependency Monitoring Library (Free Tier)
+ * Generates simple Dependabot configuration without advanced features
+ */
+
+const fs = require('fs')
+const path = require('path')
+const { convertToYaml } = require('./yaml-utils')
+
+/**
+ * Detect if project has package.json (npm projects only for free tier)
+ */
+function hasNpmProject(projectPath) {
+  return fs.existsSync(path.join(projectPath, 'package.json'))
+}
+
+/**
+ * Generate basic Dependabot configuration (Free Tier)
+ * Limited to npm only, no framework detection, basic settings
+ */
+function generateBasicDependabotConfig(options = {}) {
+  const {
+    projectPath = '.',
+    schedule = 'weekly',
+    day = 'monday',
+    time = '09:00',
+  } = options
+
+  if (!hasNpmProject(projectPath)) {
+    return null // Only npm projects supported in free tier
+  }
+
+  const config = {
+    version: 2,
+    updates: [
+      {
+        'package-ecosystem': 'npm',
+        directory: '/',
+        schedule: {
+          interval: schedule,
+          day: day,
+          time: time,
+        },
+        'open-pull-requests-limit': 5,
+        labels: ['dependencies'],
+        'commit-message': {
+          prefix: 'deps',
+          include: 'scope',
+        },
+        // Note: Dependabot will create PRs for all dependency updates.
+        // To auto-merge specific updates (e.g., security patches), add a GitHub Actions
+        // workflow with conditions like: if: contains(github.event.pull_request.labels.*.name, 'security')
+        // See: https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions
+      },
+      // GitHub Actions monitoring (free tier includes this)
+      {
+        'package-ecosystem': 'github-actions',
+        directory: '/',
+        schedule: {
+          interval: schedule,
+          day: day,
+          time: time,
+        },
+        labels: ['dependencies', 'github-actions'],
+        'commit-message': {
+          prefix: 'deps(actions)',
+        },
+      },
+    ],
+  }
+
+  return config
+}
+
+/**
+ * Validate Dependabot configuration structure
+ * Ensures the configuration matches Dependabot schema requirements
+ */
+function validateDependabotConfig(config) {
+  // Basic structure validation
+  if (!config || typeof config !== 'object') {
+    throw new Error('Config must be a valid object')
+  }
+
+  if (!config.version || config.version !== 2) {
+    throw new Error('Dependabot configuration must specify version: 2')
+  }
+
+  if (!config.updates || !Array.isArray(config.updates)) {
+    throw new Error('Dependabot configuration must have an updates array')
+  }
+
+  if (config.updates.length === 0) {
+    throw new Error(
+      'Dependabot configuration must have at least one update configuration'
+    )
+  }
+
+  // Validate each update configuration
+  config.updates.forEach((update, index) => {
+    if (!update['package-ecosystem']) {
+      throw new Error(
+        `Update configuration ${index} must specify package-ecosystem`
+      )
+    }
+
+    if (!update.directory) {
+      throw new Error(`Update configuration ${index} must specify directory`)
+    }
+
+    if (!update.schedule || !update.schedule.interval) {
+      throw new Error(
+        `Update configuration ${index} must specify schedule.interval`
+      )
+    }
+
+    // Validate package-ecosystem values
+    const validEcosystems = [
+      'npm',
+      'github-actions',
+      'docker',
+      'pip',
+      'composer',
+      'bundler',
+      'go',
+      'nuget',
+      'maven',
+      'gradle',
+      'terraform',
+    ]
+    if (!validEcosystems.includes(update['package-ecosystem'])) {
+      throw new Error(
+        `Invalid package-ecosystem '${update['package-ecosystem']}' in update configuration ${index}`
+      )
+    }
+
+    // Validate schedule intervals
+    const validIntervals = ['daily', 'weekly', 'monthly']
+    if (!validIntervals.includes(update.schedule.interval)) {
+      throw new Error(
+        `Invalid schedule interval '${update.schedule.interval}' in update configuration ${index}`
+      )
+    }
+  })
+
+  return true
+}
+
+/**
+ * Write basic Dependabot configuration to file
+ */
+function writeBasicDependabotConfig(config, outputPath) {
+  // Validate configuration before writing
+  validateDependabotConfig(config)
+
+  const yamlContent = `# Basic Dependabot configuration (Free Tier)
+# Auto-generated by create-qa-architect
+# Upgrade to Pro for framework-aware grouping and multi-language support
+# See: https://create-qa-architect.dev/pro
+
+${convertToYaml(config)}`
+
+  const configDir = path.dirname(outputPath)
+  if (!fs.existsSync(configDir)) {
+    fs.mkdirSync(configDir, { recursive: true })
+  }
+
+  fs.writeFileSync(outputPath, yamlContent)
+
+  // Post-write validation: verify the file can be parsed
+  try {
+    const yaml = require('js-yaml')
+    const writtenContent = fs.readFileSync(outputPath, 'utf8')
+    yaml.load(writtenContent)
+  } catch (error) {
+    throw new Error(
+      `Generated Dependabot configuration is invalid YAML: ${error.message}`
+    )
+  }
+}
+module.exports = {
+  hasNpmProject,
+  generateBasicDependabotConfig,
+  writeBasicDependabotConfig,
+}