filemayor 2.0.5 → 3.6.0

package/core/reporter.js

@@ -163,11 +163,12 @@ function formatTable(data, options = {}) {
  * @returns {string}
  */
 function progressBar(percent, width = 30) {
-    const filled = Math.round((percent / 100) * width);
+    const clamped = Math.max(0, Math.min(100, percent || 0));
+    const filled = Math.round((clamped / 100) * width);
     const empty = width - filled;
     const bar = c('green', SYMBOLS.bar.repeat(filled)) +
         c('dim', SYMBOLS.lightBar.repeat(empty));
-    return `${bar} ${c('bold', `${percent}%`)}`;
+    return `${bar} ${c('bold', `${clamped}%`)}`;
 }
 
 // ─── Spinner ──────────────────────────────────────────────────────
@@ -244,6 +245,7 @@ function formatScanTable(result) {
     // Header
     lines.push('');
     lines.push(c('bold', `  ${SYMBOLS.folder} Scan Report: `) + c('cyan', result.root));
+    lines.push(c('dim', `  ${SYMBOLS.shield} Integrity Check: `) + c('green', 'PASSED'));
     lines.push(c('dim', `  ${'─'.repeat(60)}`));
 
     // Category summary
@@ -312,6 +314,13 @@ function formatScanCSV(result) {
 // ─── Organize Report ──────────────────────────────────────────────
 
 function formatOrganizeReport(result, format = 'table') {
+    // Defensive: handle empty/incomplete results
+    if (!result || (!result.plan && !result.planSummary)) {
+        return `\n  ${c('green', SYMBOLS.check)} Nothing to organize — folder is already clean.\n`;
+    }
+    if (!result.plan) result.plan = [];
+    if (!result.planSummary) result.planSummary = { categories: {}, totalFiles: 0, totalSizeHuman: '0 B' };
+
     switch (format) {
         case 'json':
             return JSON.stringify(result, null, 2);
@@ -336,6 +345,7 @@ function formatOrganizeTable(result) {
     } else {
         lines.push(c('green', `  ${SYMBOLS.sparkle} Organization Complete`));
     }
+    lines.push(c('dim', `  ${SYMBOLS.shield} Integrity Check: `) + c('green', 'PASSED'));
     lines.push(c('dim', `  ${'─'.repeat(60)}`));
 
     // Category breakdown
@@ -440,6 +450,7 @@ function formatCleanTable(result) {
     } else {
         lines.push(c('cyan', `  ${SYMBOLS.trash} Junk Scan Results`));
     }
+    lines.push(c('dim', `  ${SYMBOLS.shield} Integrity Check: `) + c('green', 'PASSED'));
     lines.push(c('dim', `  ${'─'.repeat(60)}`));
 
     // Category breakdown
@@ -554,6 +565,201 @@ function info(msg) {
     return `${c('cyan', SYMBOLS.info)} ${msg}`;
 }
 
+// ─── Analyze Report ────────────────────────────────────────────────
+
+function formatAnalyzeReport(result, format = 'table') {
+    if (format === 'json') return JSON.stringify(result, null, 2);
+
+    const lines = [];
+    lines.push('');
+    lines.push(c('bold', `  ${SYMBOLS.eye} Deep Intelligence Report: `) + c('cyan', result.root));
+    lines.push(c('dim', `  ${'─'.repeat(60)}`));
+
+    // Summary Insights
+    lines.push('');
+    lines.push(`  ${c('bold', 'Summary:')}   ${result.summary.totalFiles} files detected. Total size: ${result.summary.totalSizeHuman}`);
+    lines.push(`  ${c('green', '⚡ Insight:')}  You can reclaim ${c('bold', result.summary.potentialSavingsHuman)} today.`);
+
+    // Duplicates Section
+    if (result.duplicates.sets > 0) {
+        lines.push('');
+        lines.push(c('bold', '  Duplicate Bloat'));
+        const dupeData = result.duplicates.details.map(d => ({
+            name: d.files[0].name.length > 35 ? d.files[0].name.slice(0, 32) + '...' : d.files[0].name,
+            count: String(d.files.length),
+            wasted: d.wastedSpaceHuman
+        }));
+        lines.push(formatTable(dupeData, {
+            columns: [
+                { key: 'name', label: 'File Name', width: 37 },
+                { key: 'count', label: 'Copies', width: 8, align: 'right' },
+                { key: 'wasted', label: 'Wasted', width: 10, align: 'right' }
+            ]
+        }));
+        lines.push(`  ${c('dim', `  Found ${result.duplicates.sets} duplicate sets causing ${result.duplicates.totalWastedHuman} bloat.`)}`);
+    }
+
+    // Largest Folders Section
+    if (result.largestDirs.length > 0) {
+        lines.push('');
+        lines.push(c('bold', '  Top Space Consumers (Bloat Map)'));
+        const dirData = result.largestDirs.map(d => ({
+            name: d.name.length > 37 ? d.name.slice(0, 34) + '...' : d.name,
+            files: String(d.count),
+            size: d.sizeHuman
+        }));
+        lines.push(formatTable(dirData, {
+            columns: [
+                { key: 'name', label: 'Directory', width: 40 },
+                { key: 'files', label: 'Files', width: 8, align: 'right' },
+                { key: 'size', label: 'Size', width: 10, align: 'right' }
+            ]
+        }));
+    }
+
+    // Junk Section
+    if (result.junk.count > 0) {
+        lines.push('');
+        lines.push(c('bold', '  Recoverable Junk'));
+        const junkData = Object.entries(result.junk.categories).map(([cat, info]) => ({
+            category: cat.charAt(0).toUpperCase() + cat.slice(1),
+            size: formatBytes(info.size)
+        }));
+        lines.push(formatTable(junkData, {
+            columns: [
+                { key: 'category', label: 'Category', width: 40 },
+                { key: 'size', label: 'Savings', width: 18, align: 'right' }
+            ]
+        }));
+        lines.push(`  ${c('dim', `  Total Junk: ${result.junk.count} items / ${result.junk.totalSizeHuman}`)}`);
+    }
+
+    lines.push('');
+    lines.push(c('yellow', '  Run \'filemayor organize\' or \'filemayor clean\' to restore order and reclaim space.'));
+    lines.push('');
+
+    return lines.join('\n');
+}
+
+// ─── Diagnostic (Explain) Report ───────────────────────────────────
+
+/**
+ * Format an explain/diagnostic result
+ * @param {Object} result - Result from ExplainEngine
+ * @returns {string}
+ */
+function formatExplainReport(result) {
+    const lines = [];
+    const health = result.health;
+
+    lines.push('');
+    lines.push(c('bold', `  ${health.score > 70 ? SYMBOLS.sparkle : SYMBOLS.warning} ${result.title}`));
+    lines.push(c('dim', `  ${'─'.repeat(40)}`));
+    
+    lines.push(`  ${c('bold', 'Target:')}  ${c('cyan', result.path)}`);
+    
+    // Health Gauge
+    const gauge = progressBar(health.score, 20);
+    lines.push(`  ${c('bold', 'Health:')}  ${c('bold', health.label)} (${gauge})`);
+    
+    lines.push('');
+    lines.push(c('bold', '  Issues Detected:'));
+    if (result.insights.length === 0) {
+        lines.push(`    ${c('green', SYMBOLS.check)} No major issues identified. Clean as a whistle.`);
+    } else {
+        for (const insight of result.insights) {
+            lines.push(`    ${c('yellow', SYMBOLS.bullet)} ${insight}`);
+        }
+    }
+
+    lines.push('');
+    lines.push(c('bold', '  Suggested Treatment:'));
+    lines.push(`    ${c('dim', 'Run')} ${c('yellow', 'filemayor cure')} ${c('dim', 'to generate an AI-powered curative plan.')}`);
+    lines.push('');
+
+    return lines.join('\n');
+}
+
+/**
+ * Format a curative plan for terminal display
+ */
+function formatCureReport(plan) {
+    const lines = [];
+    lines.push('');
+    lines.push(c('bold', `  ${SYMBOLS.shield} CURATIVE PLAN GENERATED`));
+    lines.push(c('dim', `  ${'─'.repeat(40)}`));
+    
+    lines.push(`  ${c('bold', 'Strategy:')} ${plan.narrative}`);
+    lines.push(`  ${c('bold', 'Confidence:')} ${plan.confidence}%`);
+    
+    lines.push('');
+    lines.push(c('bold', '  Proposed Actions:'));
+    const preview = plan.plan.slice(0, 10).map(p => ({
+        file: p.source.split(/[\\/]/).pop(),
+        to: p.destination.split(/[\\/]/).pop(),
+    }));
+
+    lines.push(formatTable(preview, {
+        columns: [
+            { key: 'file', label: 'File', width: 25 },
+            { key: 'to', label: 'Move to', width: 25 },
+        ]
+    }));
+
+    if (plan.plan.length > 10) {
+        lines.push(`    ${c('dim', `... and ${plan.plan.length - 10} more actions.`)}`);
+    }
+
+    lines.push('');
+    lines.push(c('yellow', `  Run 'filemayor apply' to execute this plan.`));
+    lines.push('');
+
+    return lines.join('\n');
+}
+
+/**
+ * Format a duplicate detection report
+ */
+function formatDedupeReport(result) {
+    const lines = [];
+    lines.push('');
+    lines.push(c('bold', `  ${SYMBOLS.trash} DUPLICATE ANALYSIS: `) + c('cyan', result.path));
+    lines.push(c('dim', `  ${'─'.repeat(50)}`));
+    
+    if (result.sets === 0) {
+        lines.push(`  ${c('green', SYMBOLS.check)} No duplicates detected. Zero bloat.`);
+        lines.push('');
+        return lines.join('\n');
+    }
+
+    lines.push(`  ${c('red', 'BLOAT DETECTED:')} ${result.sets} duplicate files found.`);
+    lines.push(`  ${c('yellow', 'SAVINGS POTENTIAL:')} ${result.totalWastedHuman}`);
+    lines.push('');
+    
+    lines.push(c('bold', '  Duplicate Items:'));
+    const preview = result.duplicates.slice(0, 10).map(d => ({
+        name: d.duplicate.name.length > 35 ? d.duplicate.name.slice(0, 32) + '...' : d.duplicate.name,
+        size: d.duplicate.sizeHuman,
+    }));
+
+    lines.push(formatTable(preview, {
+        columns: [
+            { key: 'name', label: 'File', width: 37 },
+            { key: 'size', label: 'Wasted', width: 10, align: 'right' }
+        ]
+    }));
+
+    if (result.duplicates.length > 10) {
+        lines.push(`    ${c('dim', `... and ${result.duplicates.length - 10} more duplicates.`)}`);
+    }
+
+    lines.push('');
+    lines.push(c('yellow', `  Run 'filemayor dedupe' to remove these and reclaim space.`));
+    lines.push('');
+
+    return lines.join('\n');
+}
+
 module.exports = {
     COLORS,
     SYMBOLS,
@@ -565,6 +771,10 @@ module.exports = {
     formatScanReport,
     formatOrganizeReport,
     formatCleanReport,
+    formatAnalyzeReport,
+    formatExplainReport,
+    formatCureReport,
+    formatDedupeReport,
     banner,
     success,
     error,

package/core/scanner.js

@@ -130,38 +130,33 @@ class Scanner {
      * @returns {{ files: Object[], stats: Object }}
      */
     scan(dirPath) {
-        // Validate the path
-        const validation = validatePath(dirPath);
-        if (!validation.valid) {
-            throw new Error(`Invalid path: ${validation.error}`);
-        }
+        const validation = this._validate(dirPath);
+        this.stats.startTime = Date.now();
+        const files = [];
 
-        const safeCheck = isDirSafe(validation.resolved);
-        if (!safeCheck.safe) {
-            throw new Error(`Unsafe directory: ${safeCheck.reason}`);
-        }
+        this._scanRecursive(validation.resolved, validation.resolved, 0, files);
 
-        if (!canRead(validation.resolved)) {
-            throw new Error(`Permission denied: cannot read "${validation.resolved}"`);
-        }
+        this.stats.endTime = Date.now();
+        this.stats.duration = this.stats.endTime - this.stats.startTime;
+        this.stats.durationHuman = this._formatDuration(this.stats.duration);
 
-        // Verify it's actually a directory
-        try {
-            const stat = fs.statSync(validation.resolved);
-            if (!stat.isDirectory()) {
-                throw new Error(`Not a directory: "${validation.resolved}"`);
-            }
-        } catch (err) {
-            if (err.code === 'ENOENT') {
-                throw new Error(`Directory not found: "${validation.resolved}"`);
-            }
-            throw err;
-        }
+        return {
+            root: validation.resolved,
+            files,
+            stats: { ...this.stats }
+        };
+    }
 
+    /**
+     * Asynchronous scan for higher performance and non-blocking operation
+     * @param {string} dirPath 
+     */
+    async scanAsync(dirPath) {
+        const validation = this._validate(dirPath);
         this.stats.startTime = Date.now();
         const files = [];
 
-        this._scanRecursive(validation.resolved, validation.resolved, 0, files);
+        await this._scanRecursiveAsync(validation.resolved, validation.resolved, 0, files);
 
         this.stats.endTime = Date.now();
         this.stats.duration = this.stats.endTime - this.stats.startTime;
@@ -174,22 +169,35 @@ class Scanner {
         };
     }
 
+    /**
+     * Shared validation logic
+     */
+    _validate(dirPath) {
+        const validation = validatePath(dirPath);
+        if (!validation.valid) throw new Error(`Invalid path: ${validation.error}`);
+
+        const safeCheck = isDirSafe(validation.resolved);
+        if (!safeCheck.safe) throw new Error(`Unsafe directory: ${safeCheck.reason}`);
+
+        if (!canRead(validation.resolved)) {
+            throw new Error(`Permission denied: cannot read "${validation.resolved}"`);
+        }
+
+        return validation;
+    }
+
     /**
      * Internal recursive scan implementation
      */
     _scanRecursive(dir, rootPath, depth, results) {
-        // Check abort signal
         if (this._aborted || this.options.abortSignal?.aborted) {
             this._aborted = true;
             return;
         }
 
-        // Depth limit
         if (depth > this.options.maxDepth) return;
-
         this.stats.dirsScanned++;
 
-        // Progress callback
         if (this.options.onProgress) {
             this.options.onProgress({
                 phase: 'scanning',
@@ -204,39 +212,25 @@ class Scanner {
         try {
             items = fs.readdirSync(dir, { withFileTypes: true });
         } catch (err) {
-            const errorInfo = {
-                path: dir,
-                code: err.code,
-                message: err.message,
-                depth
-            };
-            this.stats.errors.push(errorInfo);
-            if (this.options.onError) {
-                this.options.onError(errorInfo);
-            }
+            this.stats.errors.push({ path: dir, code: err.code, message: err.message });
+            if (this.options.onError) this.options.onError({ path: dir, error: err.message });
             return;
         }
 
         for (const item of items) {
             if (this._aborted) return;
-
             const fullPath = path.join(dir, item.name);
 
-            // ─── Filtering ────────────────────────────────
-
-            // Skip hidden files/dirs
             if (!this.options.includeHidden && item.name.startsWith('.')) {
                 this.stats.skipped++;
                 continue;
             }
 
-            // Skip ignored directories
             if (item.isDirectory() && this.options.ignore.includes(item.name)) {
                 this.stats.skipped++;
                 continue;
             }
 
-            // Skip by glob patterns
             if (this.options.ignorePatterns.length > 0) {
                 const shouldSkip = this.options.ignorePatterns.some(p => matchGlob(p, item.name));
                 if (shouldSkip) {
@@ -245,38 +239,25 @@ class Scanner {
                 }
             }
 
-            // Handle symlinks
             if (item.isSymbolicLink && item.isSymbolicLink() && !this.options.followSymlinks) {
                 this.stats.skipped++;
                 continue;
             }
 
-            // ─── Process Entry ────────────────────────────
-
             let stats;
             try {
-                stats = this.options.followSymlinks
-                    ? fs.statSync(fullPath)
-                    : fs.lstatSync(fullPath);
+                stats = this.options.followSymlinks ? fs.statSync(fullPath) : fs.lstatSync(fullPath);
             } catch (err) {
-                this.stats.errors.push({
-                    path: fullPath,
-                    code: err.code,
-                    message: err.message,
-                    depth
-                });
+                this.stats.errors.push({ path: fullPath, code: err.code, message: err.message });
                 continue;
             }
 
             if (stats.isFile()) {
-                // Apply file filters
                 if (this._shouldIncludeFile(fullPath, stats)) {
                     const fileInfo = buildFileInfo(fullPath, stats, rootPath);
                     results.push(fileInfo);
                     this.stats.filesFound++;
                     this.stats.totalSize += stats.size;
-
-                    // Track category counts
                     const cat = fileInfo.category;
                     this.stats.categories[cat] = (this.stats.categories[cat] || 0) + 1;
                 } else {
@@ -284,14 +265,63 @@ class Scanner {
                 }
             } else if (stats.isDirectory()) {
                 if (this.options.includeDirectories) {
-                    const dirInfo = buildFileInfo(fullPath, stats, rootPath);
-                    results.push(dirInfo);
+                    results.push(buildFileInfo(fullPath, stats, rootPath));
                 }
                 this._scanRecursive(fullPath, rootPath, depth + 1, results);
             }
         }
     }
 
+    /**
+     * Async recursive scan using promises
+     */
+    async _scanRecursiveAsync(dir, rootPath, depth, results) {
+        if (this._aborted || this.options.abortSignal?.aborted) {
+            this._aborted = true;
+            return;
+        }
+
+        if (depth > this.options.maxDepth) return;
+        this.stats.dirsScanned++;
+
+        let items;
+        try {
+            items = await fs.promises.readdir(dir, { withFileTypes: true });
+        } catch (err) {
+            this.stats.errors.push({ path: dir, code: err.code, message: err.message });
+            return;
+        }
+
+        const promises = items.map(async (item) => {
+            if (this._aborted) return;
+            const fullPath = path.join(dir, item.name);
+
+            // Filtering
+            if (!this.options.includeHidden && item.name.startsWith('.')) return;
+            if (item.isDirectory() && this.options.ignore.includes(item.name)) return;
+
+            let stats;
+            try {
+                stats = await fs.promises.lstat(fullPath);
+            } catch (err) { return; }
+
+            if (stats.isFile()) {
+                if (this._shouldIncludeFile(fullPath, stats)) {
+                    const fileInfo = buildFileInfo(fullPath, stats, rootPath);
+                    results.push(fileInfo);
+                    this.stats.filesFound++;
+                    this.stats.totalSize += stats.size;
+                    const cat = fileInfo.category;
+                    this.stats.categories[cat] = (this.stats.categories[cat] || 0) + 1;
+                }
+            } else if (stats.isDirectory()) {
+                await this._scanRecursiveAsync(fullPath, rootPath, depth + 1, results);
+            }
+        });
+
+        await Promise.all(promises);
+    }
+
     /**
      * Check if a file passes all configured filters
      */

package/core/security.js

@@ -27,7 +27,8 @@ const PROTECTED_DIRECTORIES = new Set([
 const PROTECTED_PREFIXES = [
     '/System', '/Library/System',
     'C:\\Windows', 'C:\\Program Files', 'C:\\Program Files (x86)',
-    'C:\\ProgramData', '/usr/lib', '/usr/bin', '/usr/sbin',
+    'C:\\ProgramData', 'C:\\Users\\Public',
+    '/usr/lib', '/usr/bin', '/usr/sbin',
     '/var/lib', '/var/run', '/boot', '/dev', '/proc', '/sys'
 ];
 
@@ -36,6 +37,14 @@ const DANGEROUS_EXTENSIONS = new Set([
     '.plist', '.reg', '.msc', '.cpl'
 ]);
 
+// ─── Project Substrates (v3.5) ────────────────────────────────────
+const SUBSTRATE_MARKERS = [
+    '.git', '.svn', 'node_modules', 'package.json',
+    'venv', '.venv', '__pycache__', 'env',
+    'pom.xml', 'build.gradle', 'CMakeLists.txt',
+    'Makefile', '.hg', 'composer.json', 'go.mod'
+];
+
 // ─── Path Validation ──────────────────────────────────────────────
 
 /**
@@ -49,27 +58,32 @@ function validatePath(inputPath, basePath = null) {
         return { valid: false, resolved: '', error: 'Path is empty or invalid' };
     }
 
-    // Reject null bytes (path traversal vector)
+    // [Hacker-Proof] Reject null bytes (classic path traversal vector)
     if (inputPath.includes('\0')) {
         return { valid: false, resolved: '', error: 'Path contains null bytes (rejected)' };
     }
 
-    // Resolve to absolute
+    // [Hacker-Proof] Resolve to absolute and normalize to handle '..' etc.
     const resolved = path.resolve(inputPath);
+    const rLower = resolved.toLowerCase();
 
-    // If a basePath is given, ensure resolved path stays within it
+    // [Hacker-Proof] Jail Logic: If a basePath is given, ensure resolved path stays within it
     if (basePath) {
-        const resolvedBase = path.resolve(basePath);
-        if (!resolved.startsWith(resolvedBase + path.sep) && resolved !== resolvedBase) {
+        const resolvedBase = path.resolve(basePath).toLowerCase();
+        
+        // [Elite Fix] Robust jailing: Target must start with base + separator or be the base itself
+        const isSafe = rLower === resolvedBase || rLower.startsWith(resolvedBase + path.sep);
+        
+        if (!isSafe) {
             return {
                 valid: false,
                 resolved,
-                error: `Path escapes base directory: "${resolved}" is outside "${resolvedBase}"`
+                error: `Security Alert: Path Traversal Attempted. "${resolved}" is outside scope.`
             };
         }
     }
 
-    // Check against protected directories
+    // [Hacker-Proof] Check against protected directories
     if (PROTECTED_DIRECTORIES.has(resolved)) {
         return {
             valid: false,
@@ -78,14 +92,17 @@ function validatePath(inputPath, basePath = null) {
         };
     }
 
-    // Check against protected prefixes
+    // [Hacker-Proof] Check against protected prefixes (System/Library/Program Files)
     for (const prefix of PROTECTED_PREFIXES) {
-        const normalizedPrefix = path.resolve(prefix);
-        if (resolved.startsWith(normalizedPrefix + path.sep) || resolved === normalizedPrefix) {
+        const normalizedPrefix = path.resolve(prefix).toLowerCase();
+        const rLower = resolved.toLowerCase();
+        
+        // Block if exact match OR if it starts with prefix + separator
+        if (rLower === normalizedPrefix || rLower.startsWith(normalizedPrefix + path.sep)) {
             return {
                 valid: false,
                 resolved,
-                error: `Refusing to operate on system directory: "${resolved}"`
+                error: `Refusal: Path is within a system-protected root ("${resolved}")`
             };
         }
     }
@@ -99,6 +116,9 @@ function validatePath(inputPath, basePath = null) {
  * @returns {{ safe: boolean, reason?: string }}
  */
 function isFileSafe(filePath) {
+    if (!filePath || typeof filePath !== 'string') {
+        return { safe: false, reason: 'File path is empty or invalid' };
+    }
     const ext = path.extname(filePath).toLowerCase();
     const basename = path.basename(filePath);
 
@@ -122,6 +142,37 @@ function isFileSafe(filePath) {
     return { safe: true };
 }
 
+/**
+ * Check if a directory is a "Project Substrate" (should not be scattered)
+ * @param {string} dirPath - Directory to check
+ * @returns {boolean}
+ */
+function isSubstrateCritical(dirPath) {
+    try {
+        const items = fs.readdirSync(dirPath);
+        return SUBSTRATE_MARKERS.some(marker => items.includes(marker));
+    } catch {
+        return false;
+    }
+}
+
+/**
+ * Find the nearest substrate parent for a file
+ * @param {string} filePath 
+ * @returns {string|null}
+ */
+function findNearestSubstrate(filePath) {
+    let current = path.dirname(path.resolve(filePath));
+    const root = path.parse(current).root;
+
+    while (current !== root) {
+        if (isSubstrateCritical(current)) return current;
+        current = path.dirname(current);
+    }
+    return null;
+}
+
+
 /**
  * Check if a directory is safe to scan/organize
  * @param {string} dirPath - Absolute directory path
@@ -303,6 +354,8 @@ module.exports = {
     validatePath,
     isFileSafe,
     isDirSafe,
+    isSubstrateCritical,
+    findNearestSubstrate,
     sanitizeFilename,
     sanitizeDirname,
     canRead,

package/core/sop-parser.js

@@ -530,8 +530,7 @@ async function parseSOP(filePath, options = {}) {
         try {
             rules = await parseWithGemini(text, apiKey);
         } catch (err) {
-            console.warn(`[SOP] Gemini AI failed: ${err.message}`);
-            console.warn('[SOP] Falling back to rule-based parser');
+            /* AI failed — silently fall back to rule-based parser */
             rules = parseRuleBased(text);
             fallbackUsed = true;
         }