ghagga-core 2.9.1 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/dist/agents/consensus.d.ts.map +1 -1
- package/dist/agents/consensus.js +7 -2
- package/dist/agents/consensus.js.map +1 -1
- package/dist/agents/diagnostic.d.ts.map +1 -1
- package/dist/agents/diagnostic.js +7 -2
- package/dist/agents/diagnostic.js.map +1 -1
- package/dist/agents/fan-out-lenses.d.ts.map +1 -1
- package/dist/agents/fan-out-lenses.js +7 -2
- package/dist/agents/fan-out-lenses.js.map +1 -1
- package/dist/agents/prompts.d.ts +49 -1
- package/dist/agents/prompts.d.ts.map +1 -1
- package/dist/agents/prompts.js +133 -5
- package/dist/agents/prompts.js.map +1 -1
- package/dist/agents/simple.d.ts +1 -1
- package/dist/agents/simple.d.ts.map +1 -1
- package/dist/agents/simple.js +6 -4
- package/dist/agents/simple.js.map +1 -1
- package/dist/agents/workflow.d.ts.map +1 -1
- package/dist/agents/workflow.js +13 -4
- package/dist/agents/workflow.js.map +1 -1
- package/dist/critique/critique.d.ts.map +1 -1
- package/dist/critique/critique.js +14 -6
- package/dist/critique/critique.js.map +1 -1
- package/dist/diff/index.d.ts +12 -0
- package/dist/diff/index.d.ts.map +1 -0
- package/dist/diff/index.js +11 -0
- package/dist/diff/index.js.map +1 -0
- package/dist/diff/parse.d.ts +41 -0
- package/dist/diff/parse.d.ts.map +1 -0
- package/dist/diff/parse.js +303 -0
- package/dist/diff/parse.js.map +1 -0
- package/dist/diff/types.d.ts +106 -0
- package/dist/diff/types.d.ts.map +1 -0
- package/dist/diff/types.js +23 -0
- package/dist/diff/types.js.map +1 -0
- package/dist/embed.d.ts +5 -2
- package/dist/embed.d.ts.map +1 -1
- package/dist/embed.js +7 -3
- package/dist/embed.js.map +1 -1
- package/dist/enhance/prompt.d.ts +5 -1
- package/dist/enhance/prompt.d.ts.map +1 -1
- package/dist/enhance/prompt.js +9 -2
- package/dist/enhance/prompt.js.map +1 -1
- package/dist/format.d.ts +31 -0
- package/dist/format.d.ts.map +1 -1
- package/dist/format.js +256 -15
- package/dist/format.js.map +1 -1
- package/dist/index.d.ts +2 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/memory/pageindex/index.d.ts +2 -2
- package/dist/memory/pageindex/index.d.ts.map +1 -1
- package/dist/memory/pageindex/index.js.map +1 -1
- package/dist/memory/pageindex/service.d.ts +10 -1
- package/dist/memory/pageindex/service.d.ts.map +1 -1
- package/dist/memory/pageindex/service.js +2 -2
- package/dist/memory/pageindex/service.js.map +1 -1
- package/dist/memory/persist.d.ts.map +1 -1
- package/dist/memory/persist.js +10 -3
- package/dist/memory/persist.js.map +1 -1
- package/dist/memory/privacy.d.ts.map +1 -1
- package/dist/memory/privacy.js +45 -6
- package/dist/memory/privacy.js.map +1 -1
- package/dist/memory/sqlite.d.ts +1 -13
- package/dist/memory/sqlite.d.ts.map +1 -1
- package/dist/memory/sqlite.js +45 -27
- package/dist/memory/sqlite.js.map +1 -1
- package/dist/memory/taxonomy.d.ts.map +1 -1
- package/dist/memory/taxonomy.js +6 -1
- package/dist/memory/taxonomy.js.map +1 -1
- package/dist/pipeline/degrade.d.ts +61 -0
- package/dist/pipeline/degrade.d.ts.map +1 -0
- package/dist/pipeline/degrade.js +58 -0
- package/dist/pipeline/degrade.js.map +1 -0
- package/dist/pipeline/enrich.d.ts +29 -0
- package/dist/pipeline/enrich.d.ts.map +1 -0
- package/dist/pipeline/enrich.js +271 -0
- package/dist/pipeline/enrich.js.map +1 -0
- package/dist/pipeline/execute.d.ts +22 -0
- package/dist/pipeline/execute.d.ts.map +1 -0
- package/dist/pipeline/execute.js +250 -0
- package/dist/pipeline/execute.js.map +1 -0
- package/dist/pipeline/finalize.d.ts +26 -0
- package/dist/pipeline/finalize.d.ts.map +1 -0
- package/dist/pipeline/finalize.js +52 -0
- package/dist/pipeline/finalize.js.map +1 -0
- package/dist/pipeline/gather-context.d.ts +25 -0
- package/dist/pipeline/gather-context.d.ts.map +1 -0
- package/dist/pipeline/gather-context.js +169 -0
- package/dist/pipeline/gather-context.js.map +1 -0
- package/dist/pipeline/gather-safe.d.ts +39 -0
- package/dist/pipeline/gather-safe.d.ts.map +1 -0
- package/dist/pipeline/gather-safe.js +127 -0
- package/dist/pipeline/gather-safe.js.map +1 -0
- package/dist/pipeline/prepare-graph.d.ts +54 -0
- package/dist/pipeline/prepare-graph.d.ts.map +1 -0
- package/dist/pipeline/prepare-graph.js +174 -0
- package/dist/pipeline/prepare-graph.js.map +1 -0
- package/dist/pipeline/prepare.d.ts +40 -0
- package/dist/pipeline/prepare.d.ts.map +1 -0
- package/dist/pipeline/prepare.js +233 -0
- package/dist/pipeline/prepare.js.map +1 -0
- package/dist/pipeline/providers.d.ts +54 -0
- package/dist/pipeline/providers.d.ts.map +1 -0
- package/dist/pipeline/providers.js +163 -0
- package/dist/pipeline/providers.js.map +1 -0
- package/dist/pipeline/results.d.ts +35 -0
- package/dist/pipeline/results.d.ts.map +1 -0
- package/dist/pipeline/results.js +122 -0
- package/dist/pipeline/results.js.map +1 -0
- package/dist/pipeline/state.d.ts +92 -0
- package/dist/pipeline/state.d.ts.map +1 -0
- package/dist/pipeline/state.js +13 -0
- package/dist/pipeline/state.js.map +1 -0
- package/dist/pipeline.d.ts +10 -9
- package/dist/pipeline.d.ts.map +1 -1
- package/dist/pipeline.js +36 -1213
- package/dist/pipeline.js.map +1 -1
- package/dist/providers/gateway.d.ts.map +1 -1
- package/dist/providers/gateway.js +8 -0
- package/dist/providers/gateway.js.map +1 -1
- package/dist/recursive/index.d.ts +1 -0
- package/dist/recursive/index.d.ts.map +1 -1
- package/dist/recursive/index.js +7 -3
- package/dist/recursive/index.js.map +1 -1
- package/dist/recursive/patch-extractor.d.ts +58 -6
- package/dist/recursive/patch-extractor.d.ts.map +1 -1
- package/dist/recursive/patch-extractor.js +207 -26
- package/dist/recursive/patch-extractor.js.map +1 -1
- package/dist/sanitize.d.ts +51 -0
- package/dist/sanitize.d.ts.map +1 -0
- package/dist/sanitize.js +90 -0
- package/dist/sanitize.js.map +1 -0
- package/dist/scope/diff-mapper.d.ts +12 -0
- package/dist/scope/diff-mapper.d.ts.map +1 -1
- package/dist/scope/diff-mapper.js +25 -18
- package/dist/scope/diff-mapper.js.map +1 -1
- package/dist/scope/entity-diff.d.ts +21 -4
- package/dist/scope/entity-diff.d.ts.map +1 -1
- package/dist/scope/entity-diff.js +132 -34
- package/dist/scope/entity-diff.js.map +1 -1
- package/dist/scope/types.d.ts +10 -0
- package/dist/scope/types.d.ts.map +1 -1
- package/dist/semantic-diff/index.d.ts +25 -2
- package/dist/semantic-diff/index.d.ts.map +1 -1
- package/dist/semantic-diff/index.js +147 -53
- package/dist/semantic-diff/index.js.map +1 -1
- package/dist/tools/gitleaks-config.toml +35 -0
- package/dist/tools/plugins/gitleaks.d.ts +10 -0
- package/dist/tools/plugins/gitleaks.d.ts.map +1 -1
- package/dist/tools/plugins/gitleaks.js +29 -2
- package/dist/tools/plugins/gitleaks.js.map +1 -1
- package/dist/tools/plugins/semgrep.d.ts +11 -0
- package/dist/tools/plugins/semgrep.d.ts.map +1 -1
- package/dist/tools/plugins/semgrep.js +30 -1
- package/dist/tools/plugins/semgrep.js.map +1 -1
- package/dist/tools/semgrep-rules.yml +305 -0
- package/dist/types.d.ts +51 -1
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js.map +1 -1
- package/dist/utils/diff.d.ts +22 -2
- package/dist/utils/diff.d.ts.map +1 -1
- package/dist/utils/diff.js +36 -40
- package/dist/utils/diff.js.map +1 -1
- package/package.json +21 -22
- package/dist/providers/fallback.d.ts +0 -54
- package/dist/providers/fallback.d.ts.map +0 -1
- package/dist/providers/fallback.js +0 -102
- package/dist/providers/fallback.js.map +0 -1
- package/dist/providers/index.d.ts +0 -49
- package/dist/providers/index.d.ts.map +0 -1
- package/dist/providers/index.js +0 -146
- package/dist/providers/index.js.map +0 -1
|
@@ -0,0 +1,163 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Provider resolution helpers for the review pipeline.
|
|
3
|
+
*
|
|
4
|
+
* Moved verbatim from pipeline.ts (split-review-pipeline refactor).
|
|
5
|
+
*/
|
|
6
|
+
import { resolveCredentialEnvVar } from '../providers/cli-bridge.js';
|
|
7
|
+
import { createCLIBridgeGenerateFn, createGatewayGenerateFn, createOllamaGenerateFn, } from '../providers/generate-fn.js';
|
|
8
|
+
// ─── Provider Resolution ────────────────────────────────────────
|
|
9
|
+
/**
|
|
10
|
+
* Determine if AI review is enabled.
|
|
11
|
+
* Defaults to true for backward compatibility (CLI/Action don't set this).
|
|
12
|
+
*/
|
|
13
|
+
export function resolveAiEnabled(input) {
|
|
14
|
+
if (input.aiReviewEnabled === false)
|
|
15
|
+
return false;
|
|
16
|
+
// If chain is explicitly empty and no single provider, treat as disabled
|
|
17
|
+
if (input.providerChain && input.providerChain.length === 0 && !input.provider) {
|
|
18
|
+
console.warn('[ghagga] AI review enabled but provider chain is empty and no single provider — treating as disabled');
|
|
19
|
+
return false;
|
|
20
|
+
}
|
|
21
|
+
return true;
|
|
22
|
+
}
|
|
23
|
+
/**
|
|
24
|
+
* Resolve the primary provider from chain or flat fields.
|
|
25
|
+
* Returns the first entry in the chain, or builds one from flat fields.
|
|
26
|
+
*/
|
|
27
|
+
export function resolvePrimaryProvider(input) {
|
|
28
|
+
if (input.providerChain && input.providerChain.length > 0) {
|
|
29
|
+
const first = input.providerChain[0];
|
|
30
|
+
if (first)
|
|
31
|
+
return first;
|
|
32
|
+
}
|
|
33
|
+
// Backward compat: single provider from flat fields
|
|
34
|
+
if (!input.provider || !input.model || !input.apiKey) {
|
|
35
|
+
throw new Error('No provider chain and no single provider configured');
|
|
36
|
+
}
|
|
37
|
+
return {
|
|
38
|
+
provider: input.provider,
|
|
39
|
+
model: input.model,
|
|
40
|
+
apiKey: input.apiKey,
|
|
41
|
+
};
|
|
42
|
+
}
|
|
43
|
+
/**
|
|
44
|
+
* Build the 3-entry ConsensusModelConfig array for the for/against/neutral votes.
|
|
45
|
+
*
|
|
46
|
+
* Distribution rules (given a chain of length N):
|
|
47
|
+
* N >= 3 : chain[0]→for, chain[1]→against, chain[2]→neutral
|
|
48
|
+
* N == 2 : chain[0]→for, chain[1]→against, chain[0]→neutral
|
|
49
|
+
* N == 1 : all 3 votes use chain[0] (same as primary-only)
|
|
50
|
+
* N == 0 : all 3 votes use `primary` (backward compat)
|
|
51
|
+
*
|
|
52
|
+
* This spreads consensus votes across providers so each vote hits a
|
|
53
|
+
* different TPM budget instead of all three hammering the same limit.
|
|
54
|
+
*/
|
|
55
|
+
export function buildConsensusModels(chain, primary) {
|
|
56
|
+
const stances = ['for', 'against', 'neutral'];
|
|
57
|
+
return stances.map((stance, i) => {
|
|
58
|
+
const entry = chain && chain.length > 0 ? chain[i % chain.length] : primary;
|
|
59
|
+
return {
|
|
60
|
+
provider: entry.provider,
|
|
61
|
+
model: entry.model,
|
|
62
|
+
apiKey: entry.apiKey,
|
|
63
|
+
stance,
|
|
64
|
+
};
|
|
65
|
+
});
|
|
66
|
+
}
|
|
67
|
+
/**
|
|
68
|
+
* Resolve the model name for token budget calculation.
|
|
69
|
+
*/
|
|
70
|
+
export function resolvePrimaryModel(input) {
|
|
71
|
+
if (input.providerChain && input.providerChain.length > 0) {
|
|
72
|
+
return input.providerChain[0]?.model ?? 'gpt-4o-mini';
|
|
73
|
+
}
|
|
74
|
+
return input.model ?? 'gpt-4o-mini';
|
|
75
|
+
}
|
|
76
|
+
// ─── GenerateTextFn Resolution ──────────────────────────────────
|
|
77
|
+
/**
|
|
78
|
+
* Create the appropriate GenerateTextFn(s) based on the provider type.
|
|
79
|
+
*
|
|
80
|
+
* - cli-bridge: single fn wrapping generateViaCLI
|
|
81
|
+
* - gateway: one fn per gateway chain entry (for round-robin distribution)
|
|
82
|
+
* - ollama: single fn wrapping local Ollama OpenAI-compatible API
|
|
83
|
+
*
|
|
84
|
+
* Providers that are no longer supported directly (anthropic, openai, etc.)
|
|
85
|
+
* throw a migration error pointing users to gateway mode.
|
|
86
|
+
*/
|
|
87
|
+
export function resolveGenerateTextFns(input, isCliBridge, isGateway, isOllama) {
|
|
88
|
+
if (isCliBridge) {
|
|
89
|
+
// Resolve CLI bridge options from provider chain or flat input fields
|
|
90
|
+
const cliBridgeEntry = input.providerChain?.[0];
|
|
91
|
+
const preferredCLI = (cliBridgeEntry?.model ?? input.model) !== 'auto'
|
|
92
|
+
? (cliBridgeEntry?.model ?? input.model)
|
|
93
|
+
: undefined;
|
|
94
|
+
const cliModel = cliBridgeEntry?.cliModel;
|
|
95
|
+
// Build credentials from the decrypted API key
|
|
96
|
+
const decryptedKey = cliBridgeEntry?.apiKey || input.apiKey;
|
|
97
|
+
const credentialEnvName = resolveCredentialEnvVar(preferredCLI, cliModel);
|
|
98
|
+
const credentials = {};
|
|
99
|
+
if (preferredCLI && credentialEnvName && decryptedKey) {
|
|
100
|
+
credentials[credentialEnvName] = decryptedKey;
|
|
101
|
+
}
|
|
102
|
+
return [
|
|
103
|
+
createCLIBridgeGenerateFn({
|
|
104
|
+
preferredCLI,
|
|
105
|
+
cliModel,
|
|
106
|
+
credentials: Object.keys(credentials).length > 0 ? credentials : undefined,
|
|
107
|
+
}),
|
|
108
|
+
];
|
|
109
|
+
}
|
|
110
|
+
if (isGateway) {
|
|
111
|
+
// Map ALL gateway entries in the chain — one GenerateTextFn per model
|
|
112
|
+
// for round-robin distribution in workflow/consensus modes
|
|
113
|
+
const chain = input.providerChain?.filter((e) => e.provider === 'gateway') ?? [];
|
|
114
|
+
if (chain.length > 0) {
|
|
115
|
+
// Use gatewayUrl and token from the first entry (shared across all)
|
|
116
|
+
const gatewayUrl = chain[0]?.gatewayUrl ?? '';
|
|
117
|
+
const gatewayToken = chain[0]?.apiKey || input.apiKey || '';
|
|
118
|
+
return chain.map((entry) => {
|
|
119
|
+
const model = entry.model !== 'auto' ? entry.model : undefined;
|
|
120
|
+
return createGatewayGenerateFn({
|
|
121
|
+
gatewayUrl,
|
|
122
|
+
gatewayToken,
|
|
123
|
+
model,
|
|
124
|
+
project: 'ghagga',
|
|
125
|
+
});
|
|
126
|
+
});
|
|
127
|
+
}
|
|
128
|
+
// Fallback: single entry from flat input fields
|
|
129
|
+
return [
|
|
130
|
+
createGatewayGenerateFn({
|
|
131
|
+
gatewayUrl: '',
|
|
132
|
+
gatewayToken: input.apiKey || '',
|
|
133
|
+
model: input.model !== 'auto' ? input.model : undefined,
|
|
134
|
+
project: 'ghagga',
|
|
135
|
+
}),
|
|
136
|
+
];
|
|
137
|
+
}
|
|
138
|
+
if (isOllama) {
|
|
139
|
+
const model = input.model && input.model !== 'auto' ? input.model : 'llama3';
|
|
140
|
+
return [createOllamaGenerateFn(model, input.ollamaBaseURL)];
|
|
141
|
+
}
|
|
142
|
+
// Legacy provider migration guard — should never reach here with the narrowed type,
|
|
143
|
+
// but protects against runtime strings from older configs.
|
|
144
|
+
const legacyProvider = input.providerChain?.[0]?.provider ?? input.provider ?? 'unknown';
|
|
145
|
+
throw new Error(`Provider '${legacyProvider}' is no longer supported directly. ` +
|
|
146
|
+
`Set provider: 'gateway' and configure credentials in mcp-llm-bridge. ` +
|
|
147
|
+
`See docs/configuration.md#gateway-mode-mcp-llm-bridge`);
|
|
148
|
+
}
|
|
149
|
+
/**
|
|
150
|
+
* Resolve the effective review mode.
|
|
151
|
+
*
|
|
152
|
+
* Diagnostic mode requires direct model access. Ollama provides it
|
|
153
|
+
* (runDiagnosticReview uses createOllamaGenerateFn); CLI bridge and
|
|
154
|
+
* gateway do not, so they fall back to simple mode.
|
|
155
|
+
*/
|
|
156
|
+
export function resolveEffectiveMode(mode, isCliBridge, isGateway) {
|
|
157
|
+
if (mode === 'diagnostic' && (isCliBridge || isGateway)) {
|
|
158
|
+
return 'simple';
|
|
159
|
+
}
|
|
160
|
+
// Fan-out works with all backends (uses generateFns like workflow/consensus)
|
|
161
|
+
return mode;
|
|
162
|
+
}
|
|
163
|
+
//# sourceMappingURL=providers.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"providers.js","sourceRoot":"","sources":["../../src/pipeline/providers.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,uBAAuB,EAAE,MAAM,4BAA4B,CAAC;AACrE,OAAO,EACL,yBAAyB,EACzB,uBAAuB,EACvB,sBAAsB,GAEvB,MAAM,6BAA6B,CAAC;AAGrC,mEAAmE;AAEnE;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAkB;IACjD,IAAI,KAAK,CAAC,eAAe,KAAK,KAAK;QAAE,OAAO,KAAK,CAAC;IAClD,yEAAyE;IACzE,IAAI,KAAK,CAAC,aAAa,IAAI,KAAK,CAAC,aAAa,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;QAC/E,OAAO,CAAC,IAAI,CACV,sGAAsG,CACvG,CAAC;QACF,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,KAAkB;IACvD,IAAI,KAAK,CAAC,aAAa,IAAI,KAAK,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1D,MAAM,KAAK,GAAG,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;QACrC,IAAI,KAAK;YAAE,OAAO,KAAK,CAAC;IAC1B,CAAC;IAED,oDAAoD;IACpD,IAAI,CAAC,KAAK,CAAC,QAAQ,IAAI,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;QACrD,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;IACzE,CAAC;IACD,OAAO;QACL,QAAQ,EAAE,KAAK,CAAC,QAA0C;QAC1D,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,MAAM,EAAE,KAAK,CAAC,MAAM;KACrB,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,oBAAoB,CAClC,KAAuC,EACvC,OAA2B;IAE3B,MAAM,OAAO,GAAG,CAAC,KAAK,EAAE,SAAS,EAAE,SAAS,CAAU,CAAC;IAEvD,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE;QAC/B,MAAM,KAAK,GACT,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAE,KAAK,CAAC,CAAC,GAAG,KAAK,CAAC,MAAM,CAAwB,CAAC,CAAC,CAAC,OAAO,CAAC;QACxF,OAAO;YACL,QAAQ,EAAE,KAAK,CAAC,QAA6C;YAC7D,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,MAAM;SACP,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,KAAkB;IACpD,IAAI,KAAK,CAAC,aAAa,IAAI,KAAK,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1D,OAAO,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,aAAa,CAAC;IACxD,CAAC;IACD,OAAO,KAAK,CAAC,KAAK,IAAI,aAAa,CAAC;AACtC,CAAC;AAED,mEAAmE;AAEnE;;;;;;;;;GASG;AACH,MAAM,UAAU,sBAAsB,CACpC,KAAkB,EAClB,WAAoB,EACpB,SAAkB,EAClB,QAAiB;IAEjB,IAAI,WAAW,EAAE,CAAC;QAChB,sEAAsE;QACtE,MAAM,cAAc,GAAG,KAAK,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,CAAC;QAChD,MAAM,YAAY,GAChB,CAAC,cAAc,EAAE,KAAK,IAAI,KAAK,CAAC,KAAK,CAAC,KAAK,MAAM;YAC/C,CAAC,CAAC,CAAC,cAAc,EAAE,KAAK,IAAI,KAAK,CAAC,KAAK,CAAC;YACxC,CAAC,CAAC,SAAS,CAAC;QAEhB,MAAM,QAAQ,GAAG,cAAc,EAAE,QAAQ,CAAC;QAE1C,+CAA+C;QAC/C,MAAM,YAAY,GAAG,cAAc,EAAE,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC;QAC5D,MAAM,iBAAiB,GAAG,uBAAuB,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;QAC1E,MAAM,WAAW,GAA2B,EAAE,CAAC;QAC/C,IAAI,YAAY,IAAI,iBAAiB,IAAI,YAAY,EAAE,CAAC;YACtD,WAAW,CAAC,iBAAiB,CAAC,GAAG,YAAY,CAAC;QAChD,CAAC;QAED,OAAO;YACL,yBAAyB,CAAC;gBACxB,YAAY;gBACZ,QAAQ;gBACR,WAAW,EAAE,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;aAC3E,CAAC;SACH,CAAC;IACJ,CAAC;IAED,IAAI,SAAS,EAAE,CAAC;QACd,sEAAsE;QACtE,2DAA2D;QAC3D,MAAM,KAAK,GAAG,KAAK,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,IAAI,EAAE,CAAC;QAEjF,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,oEAAoE;YACpE,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,EAAE,UAAU,IAAI,EAAE,CAAC;YAC9C,MAAM,YAAY,GAAG,KAAK,CAAC,CAAC,CAAC,EAAE,MAAM,IAAI,KAAK,CAAC,MAAM,IAAI,EAAE,CAAC;YAE5D,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;gBACzB,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;gBAC/D,OAAO,uBAAuB,CAAC;oBAC7B,UAAU;oBACV,YAAY;oBACZ,KAAK;oBACL,OAAO,EAAE,QAAQ;iBAClB,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC;QAED,gDAAgD;QAChD,OAAO;YACL,uBAAuB,CAAC;gBACtB,UAAU,EAAE,EAAE;gBACd,YAAY,EAAE,KAAK,CAAC,MAAM,IAAI,EAAE;gBAChC,KAAK,EAAE,KAAK,CAAC,KAAK,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;gBACvD,OAAO,EAAE,QAAQ;aAClB,CAAC;SACH,CAAC;IACJ,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,KAAK,CAAC,KAAK,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC;QAC7E,OAAO,CAAC,sBAAsB,CAAC,KAAK,EAAE,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC;IAC9D,CAAC;IAED,oFAAoF;IACpF,2DAA2D;IAC3D,MAAM,cAAc,GAAG,KAAK,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,QAAQ,IAAI,KAAK,CAAC,QAAQ,IAAI,SAAS,CAAC;IACzF,MAAM,IAAI,KAAK,CACb,aAAa,cAAc,qCAAqC;QAC9D,uEAAuE;QACvE,uDAAuD,CAC1D,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAClC,IAAgB,EAChB,WAAoB,EACpB,SAAkB;IAElB,IAAI,IAAI,KAAK,YAAY,IAAI,CAAC,WAAW,IAAI,SAAS,CAAC,EAAE,CAAC;QACxD,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,6EAA6E;IAC7E,OAAO,IAAI,CAAC;AACd,CAAC"}
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Skipped / static-only result builders for the review pipeline.
|
|
3
|
+
*
|
|
4
|
+
* Moved verbatim from pipeline.ts (split-review-pipeline refactor).
|
|
5
|
+
*/
|
|
6
|
+
import type { ReviewFinding, ReviewInput, ReviewResult } from '../types.js';
|
|
7
|
+
/**
|
|
8
|
+
* Whether a static-analysis finding may DRIVE the verdict (i.e. flip it to
|
|
9
|
+
* FAILED). Static tools scan the whole repo, so a 1-file change can surface
|
|
10
|
+
* pre-existing findings from unrelated files; those must stay informational
|
|
11
|
+
* and not fail the review.
|
|
12
|
+
*
|
|
13
|
+
* A finding is verdict-driving when it is:
|
|
14
|
+
* - an SCA / dependency-vulnerability finding (exempt — see isScaFinding), OR
|
|
15
|
+
* - located in one of the changed "affected" files.
|
|
16
|
+
*
|
|
17
|
+
* `affectedFiles` is the set of changed (diff) files that survived blast-radius
|
|
18
|
+
* filtering — a SUBSET of the diff. It does NOT include out-of-diff dependents.
|
|
19
|
+
* That is intentional: a static finding in an unchanged file is pre-existing and
|
|
20
|
+
* must not fail the change, even when that file depends on something we touched
|
|
21
|
+
* (the whole point is to stop failing on unrelated repo-wide debt). When
|
|
22
|
+
* affectedFiles is undefined or empty we fall back to legacy behavior (every
|
|
23
|
+
* finding counts) — never silently pass everything.
|
|
24
|
+
*/
|
|
25
|
+
export declare function isVerdictDrivingFinding(f: ReviewFinding, affectedFiles: ReadonlySet<string> | undefined): boolean;
|
|
26
|
+
/**
|
|
27
|
+
* Create a SKIPPED result when all files are filtered out.
|
|
28
|
+
*/
|
|
29
|
+
export declare function createSkippedResult(input: ReviewInput, startTime: number): ReviewResult;
|
|
30
|
+
/**
|
|
31
|
+
* Create a result with only static analysis findings (no AI).
|
|
32
|
+
* Used when AI review is disabled or when all providers fail.
|
|
33
|
+
*/
|
|
34
|
+
export declare function createStaticOnlyResult(staticResult: import('../types.js').StaticAnalysisResult, mode: import('../types.js').ReviewMode, startTime: number, affectedFiles?: readonly string[]): ReviewResult;
|
|
35
|
+
//# sourceMappingURL=results.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"results.d.ts","sourceRoot":"","sources":["../../src/pipeline/results.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH,OAAO,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,YAAY,EAAgB,MAAM,aAAa,CAAC;AAc1F;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,uBAAuB,CACrC,CAAC,EAAE,aAAa,EAChB,aAAa,EAAE,WAAW,CAAC,MAAM,CAAC,GAAG,SAAS,GAC7C,OAAO,CAIT;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,GAAG,YAAY,CA2CvF;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CACpC,YAAY,EAAE,OAAO,aAAa,EAAE,oBAAoB,EACxD,IAAI,EAAE,OAAO,aAAa,EAAE,UAAU,EACtC,SAAS,EAAE,MAAM,EACjB,aAAa,CAAC,EAAE,SAAS,MAAM,EAAE,GAChC,YAAY,CAqCd"}
|
|
@@ -0,0 +1,122 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Skipped / static-only result builders for the review pipeline.
|
|
3
|
+
*
|
|
4
|
+
* Moved verbatim from pipeline.ts (split-review-pipeline refactor).
|
|
5
|
+
*/
|
|
6
|
+
import { initializeDefaultTools } from '../tools/plugins/index.js';
|
|
7
|
+
import { toolRegistry } from '../tools/registry.js';
|
|
8
|
+
import { isToolRegistryEnabled } from '../tools/runner.js';
|
|
9
|
+
/**
|
|
10
|
+
* Dependency / SCA (software-composition-analysis) findings are EXEMPT from
|
|
11
|
+
* the changed-file scope filter. They live in lockfiles / manifests
|
|
12
|
+
* (package-lock.json, go.sum, …) that are usually NOT in the staged diff, yet
|
|
13
|
+
* a vulnerable transitive dependency is still a real risk for the change. We
|
|
14
|
+
* match EITHER the `source` (Trivy is the SCA scanner) or the
|
|
15
|
+
* `dependency-vulnerability` category to be robust against future SCA tools.
|
|
16
|
+
*/
|
|
17
|
+
function isScaFinding(f) {
|
|
18
|
+
return f.source === 'trivy' || f.category === 'dependency-vulnerability';
|
|
19
|
+
}
|
|
20
|
+
/**
|
|
21
|
+
* Whether a static-analysis finding may DRIVE the verdict (i.e. flip it to
|
|
22
|
+
* FAILED). Static tools scan the whole repo, so a 1-file change can surface
|
|
23
|
+
* pre-existing findings from unrelated files; those must stay informational
|
|
24
|
+
* and not fail the review.
|
|
25
|
+
*
|
|
26
|
+
* A finding is verdict-driving when it is:
|
|
27
|
+
* - an SCA / dependency-vulnerability finding (exempt — see isScaFinding), OR
|
|
28
|
+
* - located in one of the changed "affected" files.
|
|
29
|
+
*
|
|
30
|
+
* `affectedFiles` is the set of changed (diff) files that survived blast-radius
|
|
31
|
+
* filtering — a SUBSET of the diff. It does NOT include out-of-diff dependents.
|
|
32
|
+
* That is intentional: a static finding in an unchanged file is pre-existing and
|
|
33
|
+
* must not fail the change, even when that file depends on something we touched
|
|
34
|
+
* (the whole point is to stop failing on unrelated repo-wide debt). When
|
|
35
|
+
* affectedFiles is undefined or empty we fall back to legacy behavior (every
|
|
36
|
+
* finding counts) — never silently pass everything.
|
|
37
|
+
*/
|
|
38
|
+
export function isVerdictDrivingFinding(f, affectedFiles) {
|
|
39
|
+
if (isScaFinding(f))
|
|
40
|
+
return true;
|
|
41
|
+
if (!affectedFiles || affectedFiles.size === 0)
|
|
42
|
+
return true;
|
|
43
|
+
return affectedFiles.has(f.file);
|
|
44
|
+
}
|
|
45
|
+
/**
|
|
46
|
+
* Create a SKIPPED result when all files are filtered out.
|
|
47
|
+
*/
|
|
48
|
+
export function createSkippedResult(input, startTime) {
|
|
49
|
+
const primary = input.providerChain?.[0];
|
|
50
|
+
// Build a dynamic skipped result (legacy keys always present)
|
|
51
|
+
const skippedToolResult = { status: 'skipped', findings: [], executionTimeMs: 0 };
|
|
52
|
+
const staticAnalysis = {
|
|
53
|
+
semgrep: { ...skippedToolResult },
|
|
54
|
+
trivy: { ...skippedToolResult },
|
|
55
|
+
cpd: { ...skippedToolResult },
|
|
56
|
+
};
|
|
57
|
+
// Collect all tool names for the toolsSkipped metadata
|
|
58
|
+
const allToolNames = ['semgrep', 'trivy', 'cpd'];
|
|
59
|
+
// When registry is enabled, include all registered tools as skipped
|
|
60
|
+
if (isToolRegistryEnabled()) {
|
|
61
|
+
initializeDefaultTools();
|
|
62
|
+
for (const tool of toolRegistry.getAll()) {
|
|
63
|
+
if (!staticAnalysis[tool.name]) {
|
|
64
|
+
staticAnalysis[tool.name] = { ...skippedToolResult };
|
|
65
|
+
}
|
|
66
|
+
if (!allToolNames.includes(tool.name)) {
|
|
67
|
+
allToolNames.push(tool.name);
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
|
+
return {
|
|
72
|
+
status: 'SKIPPED',
|
|
73
|
+
summary: 'All files in the diff matched ignore patterns. No review was performed.',
|
|
74
|
+
findings: [],
|
|
75
|
+
staticAnalysis,
|
|
76
|
+
memoryContext: null,
|
|
77
|
+
metadata: {
|
|
78
|
+
mode: input.mode,
|
|
79
|
+
provider: primary?.provider ?? input.provider ?? 'none',
|
|
80
|
+
model: primary?.model ?? input.model ?? 'unknown',
|
|
81
|
+
tokensUsed: 0,
|
|
82
|
+
executionTimeMs: Date.now() - startTime,
|
|
83
|
+
toolsRun: [],
|
|
84
|
+
toolsSkipped: allToolNames,
|
|
85
|
+
},
|
|
86
|
+
};
|
|
87
|
+
}
|
|
88
|
+
/**
|
|
89
|
+
* Create a result with only static analysis findings (no AI).
|
|
90
|
+
* Used when AI review is disabled or when all providers fail.
|
|
91
|
+
*/
|
|
92
|
+
export function createStaticOnlyResult(staticResult, mode, startTime, affectedFiles) {
|
|
93
|
+
// Determine status from static findings severity (dynamic — all tools)
|
|
94
|
+
const allFindings = Object.values(staticResult).flatMap((toolResult) => toolResult && typeof toolResult === 'object' && 'findings' in toolResult
|
|
95
|
+
? toolResult.findings
|
|
96
|
+
: []);
|
|
97
|
+
// Only IN-SCOPE (changed-file) findings + SCA/dependency findings may
|
|
98
|
+
// drive the verdict. Repo-wide pre-existing findings from unrelated files
|
|
99
|
+
// stay visible (merged informational in enrich step 7) but do NOT fail it.
|
|
100
|
+
const affectedSet = affectedFiles && affectedFiles.length > 0 ? new Set(affectedFiles) : undefined;
|
|
101
|
+
const verdictFindings = allFindings.filter((f) => isVerdictDrivingFinding(f, affectedSet));
|
|
102
|
+
const hasCriticalOrHigh = verdictFindings.some((f) => f.severity === 'critical' || f.severity === 'high');
|
|
103
|
+
return {
|
|
104
|
+
status: hasCriticalOrHigh ? 'FAILED' : 'PASSED',
|
|
105
|
+
summary: allFindings.length > 0
|
|
106
|
+
? `Static analysis found ${allFindings.length} finding(s). AI review was not performed.`
|
|
107
|
+
: 'Static analysis found no issues. AI review was not performed.',
|
|
108
|
+
findings: [], // Will be merged in step 7
|
|
109
|
+
staticAnalysis: staticResult,
|
|
110
|
+
memoryContext: null,
|
|
111
|
+
metadata: {
|
|
112
|
+
mode,
|
|
113
|
+
provider: 'none',
|
|
114
|
+
model: 'static-only',
|
|
115
|
+
tokensUsed: 0,
|
|
116
|
+
executionTimeMs: Date.now() - startTime,
|
|
117
|
+
toolsRun: [],
|
|
118
|
+
toolsSkipped: [],
|
|
119
|
+
},
|
|
120
|
+
};
|
|
121
|
+
}
|
|
122
|
+
//# sourceMappingURL=results.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"results.js","sourceRoot":"","sources":["../../src/pipeline/results.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AACnE,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAG3D;;;;;;;GAOG;AACH,SAAS,YAAY,CAAC,CAAgB;IACpC,OAAO,CAAC,CAAC,MAAM,KAAK,OAAO,IAAI,CAAC,CAAC,QAAQ,KAAK,0BAA0B,CAAC;AAC3E,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,UAAU,uBAAuB,CACrC,CAAgB,EAChB,aAA8C;IAE9C,IAAI,YAAY,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IACjC,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,IAAI,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAC5D,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;AACnC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,KAAkB,EAAE,SAAiB;IACvE,MAAM,OAAO,GAAG,KAAK,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,CAAC;IAEzC,8DAA8D;IAC9D,MAAM,iBAAiB,GAAG,EAAE,MAAM,EAAE,SAAkB,EAAE,QAAQ,EAAE,EAAE,EAAE,eAAe,EAAE,CAAC,EAAE,CAAC;IAC3F,MAAM,cAAc,GAA+C;QACjE,OAAO,EAAE,EAAE,GAAG,iBAAiB,EAAE;QACjC,KAAK,EAAE,EAAE,GAAG,iBAAiB,EAAE;QAC/B,GAAG,EAAE,EAAE,GAAG,iBAAiB,EAAE;KAC9B,CAAC;IAEF,uDAAuD;IACvD,MAAM,YAAY,GAAG,CAAC,SAAS,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;IAEjD,oEAAoE;IACpE,IAAI,qBAAqB,EAAE,EAAE,CAAC;QAC5B,sBAAsB,EAAE,CAAC;QACzB,KAAK,MAAM,IAAI,IAAI,YAAY,CAAC,MAAM,EAAE,EAAE,CAAC;YACzC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC/B,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,iBAAiB,EAAE,CAAC;YACvD,CAAC;YACD,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACtC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC/B,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,MAAM,EAAE,SAAyB;QACjC,OAAO,EAAE,yEAAyE;QAClF,QAAQ,EAAE,EAAE;QACZ,cAAc;QACd,aAAa,EAAE,IAAI;QACnB,QAAQ,EAAE;YACR,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,QAAQ,EAAE,OAAO,EAAE,QAAQ,IAAI,KAAK,CAAC,QAAQ,IAAI,MAAM;YACvD,KAAK,EAAE,OAAO,EAAE,KAAK,IAAI,KAAK,CAAC,KAAK,IAAI,SAAS;YACjD,UAAU,EAAE,CAAC;YACb,eAAe,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;YACvC,QAAQ,EAAE,EAAE;YACZ,YAAY,EAAE,YAAY;SAC3B;KACF,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CACpC,YAAwD,EACxD,IAAsC,EACtC,SAAiB,EACjB,aAAiC;IAEjC,uEAAuE;IACvE,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE,CACrE,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,IAAI,UAAU,IAAI,UAAU;QACtE,CAAC,CAAC,UAAU,CAAC,QAAQ;QACrB,CAAC,CAAC,EAAE,CACP,CAAC;IAEF,sEAAsE;IACtE,0EAA0E;IAC1E,2EAA2E;IAC3E,MAAM,WAAW,GACf,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACjF,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,uBAAuB,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC;IAC3F,MAAM,iBAAiB,GAAG,eAAe,CAAC,IAAI,CAC5C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAC1D,CAAC;IAEF,OAAO;QACL,MAAM,EAAE,iBAAiB,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ;QAC/C,OAAO,EACL,WAAW,CAAC,MAAM,GAAG,CAAC;YACpB,CAAC,CAAC,yBAAyB,WAAW,CAAC,MAAM,2CAA2C;YACxF,CAAC,CAAC,+DAA+D;QACrE,QAAQ,EAAE,EAAE,EAAE,2BAA2B;QACzC,cAAc,EAAE,YAAY;QAC5B,aAAa,EAAE,IAAI;QACnB,QAAQ,EAAE;YACR,IAAI;YACJ,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,aAAa;YACpB,UAAU,EAAE,CAAC;YACb,eAAe,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;YACvC,QAAQ,EAAE,EAAE;YACZ,YAAY,EAAE,EAAE;SACjB;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,92 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Shared pipeline state threaded through the review pipeline phases.
|
|
3
|
+
*
|
|
4
|
+
* A single mutable `PipelineState` object is created by the orchestrator
|
|
5
|
+
* and passed to each phase (`prepare → gather-context → execute → enrich
|
|
6
|
+
* → finalize`). Phases mutate it in-place — `state.result` is the SAME
|
|
7
|
+
* `ReviewResult` object the phases mutate directly, preserving the
|
|
8
|
+
* read-your-writes semantics of the original monolithic pipeline
|
|
9
|
+
* (e.g. exploitability mutates findings in-place; the step-7.4 gate
|
|
10
|
+
* reads `result.findings.length` populated by the step-7 merge).
|
|
11
|
+
*/
|
|
12
|
+
import type { ChecklistConfig } from '../checklist/index.js';
|
|
13
|
+
import type { CodeIntelMetadata, CodeIntelResult } from '../code-intel/types.js';
|
|
14
|
+
import type { EnhanceMetadata } from '../enhance/types.js';
|
|
15
|
+
import type { BlastRadiusMetadata } from '../graph/schema.js';
|
|
16
|
+
import type { ProgressEvent, ReviewFinding, ReviewInput, ReviewMode, ReviewResult, StaticAnalysisResult } from '../types.js';
|
|
17
|
+
import type { DiffFile } from '../utils/diff.js';
|
|
18
|
+
/**
|
|
19
|
+
* A pipeline step that failed but was gracefully degraded.
|
|
20
|
+
* Derived from `ReviewResult['failedSteps']` so the internal accumulator
|
|
21
|
+
* and the public result shape can never drift apart.
|
|
22
|
+
*/
|
|
23
|
+
export type FailedStep = NonNullable<ReviewResult['failedSteps']>[number];
|
|
24
|
+
/**
|
|
25
|
+
* Pipeline state WITHOUT `result` — the shape available to phases that
|
|
26
|
+
* run BEFORE the dispatch creates the `ReviewResult` (prepare,
|
|
27
|
+
* gather-context, execute). `execute` RETURNS the result; the
|
|
28
|
+
* orchestrator attaches it via `Object.assign(base, { result })` —
|
|
29
|
+
* same object, no copy — upgrading the base to a full `PipelineState`
|
|
30
|
+
* for enrich/finalize. This keeps `result` non-optional downstream.
|
|
31
|
+
*/
|
|
32
|
+
export interface PipelineStateBase {
|
|
33
|
+
readonly input: ReviewInput;
|
|
34
|
+
readonly startTime: number;
|
|
35
|
+
readonly emit: (event: ProgressEvent) => void;
|
|
36
|
+
readonly aiEnabled: boolean;
|
|
37
|
+
/** All files parsed from the raw diff (pre-filtering). */
|
|
38
|
+
readonly allFiles: DiffFile[];
|
|
39
|
+
/**
|
|
40
|
+
* ⚠️ LOAD-BEARING: captured PRE-blast-radius (right after ignore-pattern
|
|
41
|
+
* filtering, BEFORE the blast-radius filter narrows `filteredFiles`).
|
|
42
|
+
* Consumed by call-chain, static analysis, code-intel and
|
|
43
|
+
* negative-examples — they must see the PRE-filter list.
|
|
44
|
+
* Do NOT recompute from `filteredFiles`.
|
|
45
|
+
* Note: `result.metadata.fileList` is built from `allFiles` instead —
|
|
46
|
+
* a different list. Preserve both as-is.
|
|
47
|
+
*/
|
|
48
|
+
readonly fileList: string[];
|
|
49
|
+
filteredFiles: DiffFile[];
|
|
50
|
+
filteredDiff: string;
|
|
51
|
+
blastRadiusMetadata?: BlastRadiusMetadata;
|
|
52
|
+
callChainContext: string;
|
|
53
|
+
stacks: string[];
|
|
54
|
+
stackHints: string;
|
|
55
|
+
truncatedDiff: string;
|
|
56
|
+
diffBudget: number;
|
|
57
|
+
contextBudget: number;
|
|
58
|
+
staticResult: StaticAnalysisResult;
|
|
59
|
+
rawMemoryContext: string | null;
|
|
60
|
+
codeIntelResults: CodeIntelResult[];
|
|
61
|
+
codeIntelMetadata?: CodeIntelMetadata;
|
|
62
|
+
staticContext: string;
|
|
63
|
+
memoryContext: string | null;
|
|
64
|
+
codeIntelContext: string;
|
|
65
|
+
checklistContext: string;
|
|
66
|
+
resolvedChecklist: ChecklistConfig | null;
|
|
67
|
+
negativeExamplesPrompt: string;
|
|
68
|
+
selfImproveRulesPrompt: string;
|
|
69
|
+
activeProvider: string;
|
|
70
|
+
isCliBridge: boolean;
|
|
71
|
+
isGateway: boolean;
|
|
72
|
+
isOllama: boolean;
|
|
73
|
+
enhancedStaticFindings?: ReviewFinding[];
|
|
74
|
+
enhanceMetadata?: EnhanceMetadata;
|
|
75
|
+
trustOverrideMode?: ReviewMode;
|
|
76
|
+
resolvedInputMode: ReviewMode;
|
|
77
|
+
failedSteps: FailedStep[];
|
|
78
|
+
/**
|
|
79
|
+
* Step names of warn-only degradations (`runDegradable` with
|
|
80
|
+
* `reportFailure: false` — call-chain, negative-examples, self-improve,
|
|
81
|
+
* semantic-diff).
|
|
82
|
+
* These steps degrade WITHOUT entering `failedSteps` (no PARTIAL
|
|
83
|
+
* downgrade, no wire exposure of the step names), but they still count
|
|
84
|
+
* against `coverageComplete` — the signal must tell the WHOLE truth
|
|
85
|
+
* about coverage, tracked or not (see pipeline/finalize.ts).
|
|
86
|
+
*/
|
|
87
|
+
warnOnlyDegradations: string[];
|
|
88
|
+
}
|
|
89
|
+
export interface PipelineState extends PipelineStateBase {
|
|
90
|
+
result: ReviewResult;
|
|
91
|
+
}
|
|
92
|
+
//# sourceMappingURL=state.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"state.d.ts","sourceRoot":"","sources":["../../src/pipeline/state.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAC7D,OAAO,KAAK,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACjF,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAC9D,OAAO,KAAK,EACV,aAAa,EACb,aAAa,EACb,WAAW,EACX,UAAU,EACV,YAAY,EACZ,oBAAoB,EACrB,MAAM,aAAa,CAAC;AACrB,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAEjD;;;;GAIG;AACH,MAAM,MAAM,UAAU,GAAG,WAAW,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;AAE1E;;;;;;;GAOG;AACH,MAAM,WAAW,iBAAiB;IAEhC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,EAAE,aAAa,KAAK,IAAI,CAAC;IAC9C,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC;IAG5B,0DAA0D;IAC1D,QAAQ,CAAC,QAAQ,EAAE,QAAQ,EAAE,CAAC;IAC9B;;;;;;;;OAQG;IACH,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,CAAC;IAI5B,aAAa,EAAE,QAAQ,EAAE,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,mBAAmB,CAAC,EAAE,mBAAmB,CAAC;IAC1C,gBAAgB,EAAE,MAAM,CAAC;IACzB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IAMtB,YAAY,EAAE,oBAAoB,CAAC;IACnC,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,gBAAgB,EAAE,eAAe,EAAE,CAAC;IACpC,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,CAAC;IACzB,iBAAiB,EAAE,eAAe,GAAG,IAAI,CAAC;IAC1C,sBAAsB,EAAE,MAAM,CAAC;IAC/B,sBAAsB,EAAE,MAAM,CAAC;IAI/B,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,OAAO,CAAC;IACrB,SAAS,EAAE,OAAO,CAAC;IACnB,QAAQ,EAAE,OAAO,CAAC;IAGlB,sBAAsB,CAAC,EAAE,aAAa,EAAE,CAAC;IACzC,eAAe,CAAC,EAAE,eAAe,CAAC;IAKlC,iBAAiB,CAAC,EAAE,UAAU,CAAC;IAC/B,iBAAiB,EAAE,UAAU,CAAC;IAE9B,WAAW,EAAE,UAAU,EAAE,CAAC;IAE1B;;;;;;;;OAQG;IACH,oBAAoB,EAAE,MAAM,EAAE,CAAC;CAChC;AAED,MAAM,WAAW,aAAc,SAAQ,iBAAiB;IAGtD,MAAM,EAAE,YAAY,CAAC;CACtB"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Shared pipeline state threaded through the review pipeline phases.
|
|
3
|
+
*
|
|
4
|
+
* A single mutable `PipelineState` object is created by the orchestrator
|
|
5
|
+
* and passed to each phase (`prepare → gather-context → execute → enrich
|
|
6
|
+
* → finalize`). Phases mutate it in-place — `state.result` is the SAME
|
|
7
|
+
* `ReviewResult` object the phases mutate directly, preserving the
|
|
8
|
+
* read-your-writes semantics of the original monolithic pipeline
|
|
9
|
+
* (e.g. exploitability mutates findings in-place; the step-7.4 gate
|
|
10
|
+
* reads `result.findings.length` populated by the step-7 merge).
|
|
11
|
+
*/
|
|
12
|
+
export {};
|
|
13
|
+
//# sourceMappingURL=state.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"state.js","sourceRoot":"","sources":["../../src/pipeline/state.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG"}
|
package/dist/pipeline.d.ts
CHANGED
|
@@ -1,15 +1,16 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Main review pipeline orchestrator.
|
|
3
3
|
*
|
|
4
|
-
* Coordinates the entire review flow
|
|
5
|
-
*
|
|
6
|
-
*
|
|
7
|
-
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
10
|
-
*
|
|
11
|
-
*
|
|
12
|
-
*
|
|
4
|
+
* Coordinates the entire review flow as a thin sequence of phases
|
|
5
|
+
* (each phase lives in `pipeline/` and shares a single mutable
|
|
6
|
+
* `PipelineState` — see `pipeline/state.ts`):
|
|
7
|
+
*
|
|
8
|
+
* prepare → validate, parse/filter diff, flood check,
|
|
9
|
+
* blast-radius, call-chain, stacks, token budget
|
|
10
|
+
* gather-context → static analysis ∥ memory ∥ code-intel + prompts
|
|
11
|
+
* execute → enhance compute, trust scoring, agent dispatch
|
|
12
|
+
* enrich → merge findings + post-processing (7 → 7.8)
|
|
13
|
+
* finalize → persist to memory + status downgrade
|
|
13
14
|
*
|
|
14
15
|
* Each step degrades gracefully — if static analysis fails, or
|
|
15
16
|
* memory is unavailable, the pipeline continues with what it has.
|
package/dist/pipeline.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pipeline.d.ts","sourceRoot":"","sources":["../src/pipeline.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"pipeline.d.ts","sourceRoot":"","sources":["../src/pipeline.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAQH,OAAO,KAAK,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE5D;;;;;;;;;;GAUG;AACH,wBAAsB,cAAc,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC,CA4B9E"}
|