neuronlayer 0.1.0

package/src/core/confidence/source-tracker.ts

@@ -0,0 +1,263 @@
+import type { Tier2Storage } from '../../storage/tier2.js';
+import type { EmbeddingGenerator } from '../../indexing/embeddings.js';
+import type {
+  ConfidenceSources,
+  CodebaseMatch,
+  DecisionMatch,
+  PatternMatch
+} from '../../types/documentation.js';
+
+// Common code patterns to detect
+const CODE_PATTERNS = [
+  { name: 'error-handling', regex: /try\s*\{[\s\S]*?\}\s*catch/i },
+  { name: 'async-await', regex: /async\s+function|await\s+/i },
+  { name: 'null-check', regex: /\?\.|!==?\s*null|===?\s*null/i },
+  { name: 'array-methods', regex: /\.(map|filter|reduce|forEach|find)\s*\(/i },
+  { name: 'destructuring', regex: /const\s+\{[\s\S]*?\}\s*=|const\s+\[[\s\S]*?\]\s*=/i },
+  { name: 'arrow-function', regex: /=>\s*\{|=>\s*[^{]/i },
+  { name: 'class-definition', regex: /class\s+\w+(\s+extends\s+\w+)?\s*\{/i },
+  { name: 'interface-definition', regex: /interface\s+\w+\s*\{/i },
+  { name: 'type-definition', regex: /type\s+\w+\s*=/i },
+  { name: 'import-statement', regex: /import\s+.*\s+from\s+['"`]/i },
+  { name: 'export-statement', regex: /export\s+(default\s+)?(class|function|const|interface|type)/i },
+  { name: 'promise-handling', regex: /\.then\s*\(|\.catch\s*\(|Promise\./i },
+  { name: 'validation', regex: /if\s*\(.*\)\s*(throw|return)/i },
+  { name: 'logging', regex: /console\.(log|error|warn|info)/i },
+  { name: 'event-handling', regex: /\.on\(|addEventListener|emit\(/i }
+];
+
+export class SourceTracker {
+  private tier2: Tier2Storage;
+  private embeddingGenerator: EmbeddingGenerator;
+
+  constructor(tier2: Tier2Storage, embeddingGenerator: EmbeddingGenerator) {
+    this.tier2 = tier2;
+    this.embeddingGenerator = embeddingGenerator;
+  }
+
+  async trackSources(code: string, context?: string): Promise<ConfidenceSources> {
+    // Find similar code in codebase
+    const codebaseMatches = await this.findSimilarCode(code, context);
+
+    // Find related decisions
+    const decisionMatches = await this.findRelatedDecisions(code, context);
+
+    // Find matching patterns
+    const patternMatches = this.findMatchingPatterns(code);
+
+    // Determine if general knowledge was used
+    const usedGeneralKnowledge = codebaseMatches.length === 0 && decisionMatches.length === 0;
+
+    return {
+      codebase: codebaseMatches,
+      decisions: decisionMatches,
+      patterns: patternMatches,
+      usedGeneralKnowledge
+    };
+  }
+
+  private async findSimilarCode(code: string, context?: string): Promise<CodebaseMatch[]> {
+    const matches: CodebaseMatch[] = [];
+
+    try {
+      // Generate embedding for the code
+      const textToEmbed = context ? `${context}\n${code}` : code;
+      const embedding = await this.embeddingGenerator.embed(textToEmbed);
+
+      // Search for similar code
+      const results = this.tier2.search(embedding, 10);
+
+      for (const result of results) {
+        // Convert similarity to percentage (0-100)
+        const similarity = Math.round(result.similarity * 100);
+
+        if (similarity >= 30) { // Only include if at least 30% similar
+          const file = this.tier2.getFile(result.path);
+          const symbols = file ? this.tier2.getSymbolsByFile(file.id) : [];
+          const dependents = this.tier2.getFileDependents(result.path);
+
+          matches.push({
+            file: result.path,
+            similarity,
+            snippet: result.preview,
+            lastModified: file ? new Date(file.lastModified) : undefined,
+            usageCount: dependents.length + 1,
+            function: symbols.length > 0 ? symbols[0].name : undefined
+          });
+        }
+      }
+    } catch (error) {
+      console.error('Error finding similar code:', error);
+    }
+
+    return matches.slice(0, 5); // Return top 5
+  }
+
+  private async findRelatedDecisions(code: string, context?: string): Promise<DecisionMatch[]> {
+    const matches: DecisionMatch[] = [];
+
+    try {
+      // Generate embedding for decision search
+      const textToEmbed = context ? `${context}\n${code}` : code;
+      const embedding = await this.embeddingGenerator.embed(textToEmbed);
+
+      // Search decisions
+      const decisions = this.tier2.searchDecisions(embedding, 5);
+
+      for (const decision of decisions) {
+        // Calculate relevance based on similarity
+        const relevance = Math.round(decision.similarity * 100);
+
+        if (relevance >= 40) { // Only include if at least 40% relevant
+          matches.push({
+            id: decision.id,
+            title: decision.title,
+            date: decision.createdAt,
+            relevance
+          });
+        }
+      }
+    } catch (error) {
+      console.error('Error finding related decisions:', error);
+    }
+
+    return matches;
+  }
+
+  private findMatchingPatterns(code: string): PatternMatch[] {
+    const matches: PatternMatch[] = [];
+
+    for (const pattern of CODE_PATTERNS) {
+      if (pattern.regex.test(code)) {
+        // Calculate confidence based on how common the pattern is
+        const confidence = this.calculatePatternConfidence(pattern.name, code);
+
+        matches.push({
+          pattern: pattern.name,
+          confidence,
+          examples: this.findPatternExamples(pattern.name)
+        });
+      }
+    }
+
+    // Sort by confidence
+    matches.sort((a, b) => b.confidence - a.confidence);
+
+    return matches.slice(0, 5); // Return top 5
+  }
+
+  private calculatePatternConfidence(patternName: string, code: string): number {
+    // Base confidence for detecting a pattern
+    let confidence = 60;
+
+    // Boost for common patterns
+    const commonPatterns = ['error-handling', 'async-await', 'null-check', 'validation'];
+    if (commonPatterns.includes(patternName)) {
+      confidence += 15;
+    }
+
+    // Check if pattern is used correctly (basic heuristics)
+    switch (patternName) {
+      case 'error-handling':
+        if (/catch\s*\(\s*\w+\s*\)\s*\{[\s\S]*\}/.test(code)) confidence += 10;
+        break;
+      case 'async-await':
+        if (/await\s+[^;]+;/.test(code) && /async\s+/.test(code)) confidence += 10;
+        break;
+      case 'null-check':
+        if (/\?\.\w+/.test(code) || /!==?\s*null/.test(code)) confidence += 10;
+        break;
+    }
+
+    return Math.min(95, confidence);
+  }
+
+  private findPatternExamples(patternName: string): string[] {
+    // Get files that use this pattern
+    const examples: string[] = [];
+    const files = this.tier2.getAllFiles();
+
+    for (const file of files.slice(0, 50)) { // Check first 50 files
+      const preview = file.preview || '';
+      const pattern = CODE_PATTERNS.find(p => p.name === patternName);
+
+      if (pattern && pattern.regex.test(preview)) {
+        examples.push(file.path);
+        if (examples.length >= 3) break;
+      }
+    }
+
+    return examples;
+  }
+
+  // Get detailed source tracking for display
+  async getDetailedTracking(code: string, context?: string): Promise<{
+    codebaseWeight: number;
+    decisionWeight: number;
+    patternWeight: number;
+    sources: ConfidenceSources;
+    formatted: string;
+  }> {
+    const sources = await this.trackSources(code, context);
+
+    // Calculate weights based on what was found
+    let codebaseWeight = 0.5;
+    let decisionWeight = 0.3;
+    let patternWeight = 0.2;
+
+    // Adjust weights if sources are missing
+    if (sources.codebase.length === 0) {
+      codebaseWeight = 0;
+      decisionWeight += 0.25;
+      patternWeight += 0.25;
+    }
+
+    if (sources.decisions.length === 0) {
+      decisionWeight = 0;
+      codebaseWeight += 0.15;
+      patternWeight += 0.15;
+    }
+
+    // Format for display
+    const lines: string[] = [];
+    lines.push('\u{1F4CA} Suggestion Sources\n');
+
+    if (sources.codebase.length > 0) {
+      lines.push(`Codebase (${Math.round(codebaseWeight * 100)}% weight):`);
+      for (const match of sources.codebase) {
+        lines.push(`\u251C\u2500\u2500 ${match.file}${match.line ? `:${match.line}` : ''} (${match.similarity}% similar)`);
+      }
+      lines.push('');
+    }
+
+    if (sources.decisions.length > 0) {
+      lines.push(`Decisions (${Math.round(decisionWeight * 100)}% weight):`);
+      for (const decision of sources.decisions) {
+        lines.push(`\u2514\u2500\u2500 "${decision.title}" (${decision.relevance}% relevant)`);
+      }
+      lines.push('');
+    }
+
+    if (sources.patterns.length > 0) {
+      lines.push(`Patterns (${Math.round(patternWeight * 100)}% weight):`);
+      for (const pattern of sources.patterns) {
+        lines.push(`\u2514\u2500\u2500 ${pattern.pattern} (${pattern.confidence}% confidence)`);
+      }
+      lines.push('');
+    }
+
+    if (sources.usedGeneralKnowledge) {
+      lines.push('General Knowledge: Used (no codebase matches found)');
+    } else {
+      lines.push('General Knowledge: Not used');
+    }
+
+    return {
+      codebaseWeight,
+      decisionWeight,
+      patternWeight,
+      sources,
+      formatted: lines.join('\n')
+    };
+  }
+}

package/src/core/confidence/warning-detector.ts

@@ -0,0 +1,241 @@
+import type { Tier2Storage } from '../../storage/tier2.js';
+import type {
+  ConfidenceSources,
+  ConfidenceWarning,
+  WarningType
+} from '../../types/documentation.js';
+
+// Security patterns to detect
+const SECURITY_PATTERNS = [
+  { pattern: /eval\s*\(/, issue: 'eval() usage', suggestion: 'Avoid eval() - use safer alternatives' },
+  { pattern: /innerHTML\s*=/, issue: 'innerHTML assignment', suggestion: 'Use textContent or sanitize input to prevent XSS' },
+  { pattern: /document\.write\s*\(/, issue: 'document.write() usage', suggestion: 'Use DOM manipulation methods instead' },
+  { pattern: /\$\{.*\}.*(?:SELECT|INSERT|UPDATE|DELETE)/i, issue: 'SQL injection risk', suggestion: 'Use parameterized queries' },
+  { pattern: /exec\s*\(.*\$\{/, issue: 'Command injection risk', suggestion: 'Sanitize user input before shell execution' },
+  { pattern: /password\s*[:=]\s*['"`][^'"`]+['"`]/, issue: 'Hardcoded password', suggestion: 'Use environment variables or secure vaults' },
+  { pattern: /api[_-]?key\s*[:=]\s*['"`][^'"`]+['"`]/i, issue: 'Hardcoded API key', suggestion: 'Use environment variables' },
+  { pattern: /\bhttp:\/\//, issue: 'Insecure HTTP', suggestion: 'Use HTTPS for secure communication' },
+  { pattern: /dangerouslySetInnerHTML/, issue: 'React XSS risk', suggestion: 'Sanitize content before using dangerouslySetInnerHTML' }
+];
+
+// Deprecated patterns to detect
+const DEPRECATED_PATTERNS = [
+  { pattern: /var\s+\w+\s*=/, suggestion: 'Use const or let instead of var' },
+  { pattern: /new\s+Buffer\s*\(/, suggestion: 'Use Buffer.from() or Buffer.alloc() instead' },
+  { pattern: /\.substr\s*\(/, suggestion: 'Use .slice() or .substring() instead of .substr()' },
+  { pattern: /__proto__/, suggestion: 'Use Object.getPrototypeOf() instead of __proto__' },
+  { pattern: /arguments\s*\[/, suggestion: 'Use rest parameters (...args) instead of arguments' },
+  { pattern: /\.bind\s*\(this\)/, suggestion: 'Consider using arrow functions instead of .bind(this)' }
+];
+
+// Complexity indicators
+const COMPLEXITY_INDICATORS = [
+  { pattern: /if\s*\([^)]*\)\s*{[^}]*if\s*\([^)]*\)\s*{[^}]*if/s, level: 'high' as const },
+  { pattern: /\?\s*[^:]+\s*:\s*[^:]+\s*\?\s*[^:]+\s*:/s, level: 'high' as const },
+  { pattern: /for\s*\([^)]*\)\s*{[^}]*for\s*\([^)]*\)\s*{/s, level: 'medium' as const },
+  { pattern: /&&.*&&.*&&||\|\|.*\|\|.*\|\|/s, level: 'medium' as const }
+];
+
+const WARNING_DEFINITIONS: Record<WarningType, { defaultMessage: string; defaultSeverity: 'info' | 'warning' | 'critical' }> = {
+  'no_similar_pattern': {
+    defaultMessage: 'No similar pattern found in your codebase',
+    defaultSeverity: 'warning'
+  },
+  'conflicts_with_decision': {
+    defaultMessage: 'This conflicts with a past decision',
+    defaultSeverity: 'critical'
+  },
+  'untested_approach': {
+    defaultMessage: 'This approach has no tests in your codebase',
+    defaultSeverity: 'info'
+  },
+  'high_complexity': {
+    defaultMessage: 'This is complex code',
+    defaultSeverity: 'warning'
+  },
+  'potential_security_issue': {
+    defaultMessage: 'Potential security concern detected',
+    defaultSeverity: 'critical'
+  },
+  'deprecated_approach': {
+    defaultMessage: 'This uses deprecated patterns',
+    defaultSeverity: 'warning'
+  }
+};
+
+export class WarningDetector {
+  private tier2: Tier2Storage;
+
+  constructor(tier2: Tier2Storage) {
+    this.tier2 = tier2;
+  }
+
+  async detectWarnings(code: string, sources: ConfidenceSources): Promise<ConfidenceWarning[]> {
+    const warnings: ConfidenceWarning[] = [];
+
+    // 1. Check for no similar patterns
+    if (sources.codebase.length === 0 && sources.patterns.length === 0) {
+      warnings.push(this.createWarning(
+        'no_similar_pattern',
+        'No similar code or patterns found in your codebase',
+        'warning',
+        'Review carefully - this is new for your project'
+      ));
+    }
+
+    // 2. Check for security issues
+    const securityWarnings = this.detectSecurityIssues(code);
+    warnings.push(...securityWarnings);
+
+    // 3. Check for deprecated patterns
+    const deprecationWarnings = this.detectDeprecatedPatterns(code);
+    warnings.push(...deprecationWarnings);
+
+    // 4. Check complexity
+    const complexityWarning = this.detectComplexity(code);
+    if (complexityWarning) {
+      warnings.push(complexityWarning);
+    }
+
+    // 5. Check for untested approach
+    const untestedWarning = await this.checkForTests(code, sources);
+    if (untestedWarning) {
+      warnings.push(untestedWarning);
+    }
+
+    // Sort by severity (critical first)
+    warnings.sort((a, b) => {
+      const severityOrder = { critical: 0, warning: 1, info: 2 };
+      return severityOrder[a.severity] - severityOrder[b.severity];
+    });
+
+    return warnings;
+  }
+
+  private detectSecurityIssues(code: string): ConfidenceWarning[] {
+    const warnings: ConfidenceWarning[] = [];
+
+    for (const { pattern, issue, suggestion } of SECURITY_PATTERNS) {
+      if (pattern.test(code)) {
+        warnings.push(this.createWarning(
+          'potential_security_issue',
+          `Security concern: ${issue}`,
+          'critical',
+          suggestion
+        ));
+      }
+    }
+
+    return warnings;
+  }
+
+  private detectDeprecatedPatterns(code: string): ConfidenceWarning[] {
+    const warnings: ConfidenceWarning[] = [];
+
+    for (const { pattern, suggestion } of DEPRECATED_PATTERNS) {
+      if (pattern.test(code)) {
+        warnings.push(this.createWarning(
+          'deprecated_approach',
+          'Uses deprecated pattern',
+          'warning',
+          suggestion
+        ));
+      }
+    }
+
+    return warnings;
+  }
+
+  private detectComplexity(code: string): ConfidenceWarning | null {
+    for (const { pattern, level } of COMPLEXITY_INDICATORS) {
+      if (pattern.test(code)) {
+        const severity = level === 'high' ? 'warning' : 'info';
+        return this.createWarning(
+          'high_complexity',
+          `${level.charAt(0).toUpperCase() + level.slice(1)} complexity detected`,
+          severity,
+          'Consider breaking this into smaller functions'
+        );
+      }
+    }
+
+    // Check line count and nesting
+    const lines = code.split('\n');
+    if (lines.length > 50) {
+      return this.createWarning(
+        'high_complexity',
+        'Long code block (>50 lines)',
+        'info',
+        'Consider splitting into multiple functions'
+      );
+    }
+
+    return null;
+  }
+
+  private async checkForTests(code: string, sources: ConfidenceSources): Promise<ConfidenceWarning | null> {
+    // Check if any of the matched files have corresponding tests
+    const hasTests = sources.codebase.some(match => {
+      const testPath = match.file.replace(/\.ts$/, '.test.ts').replace(/\.js$/, '.test.js');
+      const specPath = match.file.replace(/\.ts$/, '.spec.ts').replace(/\.js$/, '.spec.js');
+
+      return this.tier2.getFile(testPath) !== null ||
+             this.tier2.getFile(specPath) !== null ||
+             match.file.includes('.test.') ||
+             match.file.includes('.spec.') ||
+             match.file.includes('__tests__');
+    });
+
+    if (!hasTests && sources.codebase.length > 0) {
+      return this.createWarning(
+        'untested_approach',
+        'Similar code has no tests',
+        'info',
+        'Consider adding tests before using this approach'
+      );
+    }
+
+    // Check if the code itself looks like test code
+    const isTestCode = /describe\s*\(|it\s*\(|test\s*\(|expect\s*\(|assert\./i.test(code);
+    if (!isTestCode && code.includes('function') && sources.codebase.length === 0) {
+      return this.createWarning(
+        'untested_approach',
+        'New function without matching tests',
+        'info',
+        'Consider writing tests for this functionality'
+      );
+    }
+
+    return null;
+  }
+
+  private createWarning(
+    type: WarningType,
+    message?: string,
+    severity?: 'info' | 'warning' | 'critical',
+    suggestion?: string
+  ): ConfidenceWarning {
+    const defaults = WARNING_DEFINITIONS[type];
+    return {
+      type,
+      message: message || defaults.defaultMessage,
+      severity: severity || defaults.defaultSeverity,
+      suggestion
+    };
+  }
+
+  // Check for specific warning types
+  hasSecurityWarnings(code: string): boolean {
+    return SECURITY_PATTERNS.some(({ pattern }) => pattern.test(code));
+  }
+
+  hasDeprecatedPatterns(code: string): boolean {
+    return DEPRECATED_PATTERNS.some(({ pattern }) => pattern.test(code));
+  }
+
+  isHighComplexity(code: string): boolean {
+    return COMPLEXITY_INDICATORS.some(({ pattern, level }) =>
+      level === 'high' && pattern.test(code)
+    );
+  }
+}