npm - ripp-cli - Versions diffs - 1.0.0 - Mend

ripp-cli 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/lib/confirmation.js ADDED Viewed

@@ -0,0 +1,183 @@
+const fs = require('fs');
+const path = require('path');
+const yaml = require('js-yaml');
+const readline = require('readline');
+/**
+ * RIPP Intent Confirmation
+ * Human confirmation workflow for candidate intent
+ */
+/**
+ * Confirm candidates interactively
+ */
+async function confirmIntent(cwd, options = {}) {
+  const candidatesPath = path.join(cwd, '.ripp', 'intent.candidates.yaml');
+  if (!fs.existsSync(candidatesPath)) {
+    throw new Error('No candidate intent found. Run "ripp discover" first.');
+  }
+  const candidatesContent = fs.readFileSync(candidatesPath, 'utf8');
+  const candidates = yaml.load(candidatesContent);
+  if (!candidates.candidates || candidates.candidates.length === 0) {
+    throw new Error('No candidates found in intent.candidates.yaml');
+  }
+  // Interactive mode
+  if (options.interactive !== false) {
+    return await interactiveConfirm(cwd, candidates);
+  } else {
+    // Generate markdown checklist mode
+    return await generateChecklistConfirm(cwd, candidates);
+  }
+}
+/**
+ * Interactive confirmation via terminal
+ */
+async function interactiveConfirm(cwd, candidates) {
+  const rl = readline.createInterface({
+    input: process.stdin,
+    output: process.stdout
+  });
+  const confirmed = [];
+  const rejected = [];
+  console.log('\n=== RIPP Intent Confirmation ===');
+  console.log(`Found ${candidates.candidates.length} candidate(s)\n`);
+  for (let i = 0; i < candidates.candidates.length; i++) {
+    const candidate = candidates.candidates[i];
+    console.log(`\n--- Candidate ${i + 1}/${candidates.candidates.length} ---`);
+    console.log(`Section: ${candidate.section || 'unknown'}`);
+    console.log(`Confidence: ${(candidate.confidence * 100).toFixed(1)}%`);
+    console.log(`Evidence: ${candidate.evidence.length} reference(s)`);
+    console.log('\nContent:');
+    console.log(yaml.dump(candidate.content, { indent: 2 }));
+    const answer = await question(rl, '\nAccept this candidate? (y/n/e to edit/s to skip): ');
+    if (answer.toLowerCase() === 'y') {
+      confirmed.push({
+        section: candidate.section,
+        source: 'confirmed',
+        confirmed_at: new Date().toISOString(),
+        confirmed_by: options.user || 'unknown',
+        original_confidence: candidate.confidence,
+        evidence: candidate.evidence,
+        content: candidate.content
+      });
+      console.log('✓ Accepted');
+    } else if (answer.toLowerCase() === 'e') {
+      console.log('Manual editing not yet supported. Skipping...');
+      // TODO: Open editor for manual changes
+    } else if (answer.toLowerCase() === 's') {
+      console.log('⊘ Skipped');
+    } else {
+      rejected.push({
+        section: candidate.section,
+        original_content: candidate.content,
+        original_confidence: candidate.confidence,
+        rejected_at: new Date().toISOString(),
+        rejected_by: options.user || 'unknown'
+      });
+      console.log('✗ Rejected');
+    }
+  }
+  rl.close();
+  // Save confirmed intent
+  const confirmedData = {
+    version: '1.0',
+    confirmed
+  };
+  const confirmedPath = path.join(cwd, '.ripp', 'intent.confirmed.yaml');
+  fs.writeFileSync(confirmedPath, yaml.dump(confirmedData, { indent: 2 }), 'utf8');
+  // Save rejected intent (optional)
+  if (rejected.length > 0) {
+    const rejectedData = {
+      version: '1.0',
+      rejected
+    };
+    const rejectedPath = path.join(cwd, '.ripp', 'intent.rejected.yaml');
+    fs.writeFileSync(rejectedPath, yaml.dump(rejectedData, { indent: 2 }), 'utf8');
+  }
+  return {
+    confirmedPath,
+    confirmedCount: confirmed.length,
+    rejectedCount: rejected.length
+  };
+}
+/**
+ * Generate markdown checklist for manual confirmation
+ */
+async function generateChecklistConfirm(cwd, candidates) {
+  const checklistPath = path.join(cwd, '.ripp', 'intent.checklist.md');
+  let markdown = '# RIPP Intent Confirmation Checklist\n\n';
+  markdown += `Generated: ${new Date().toISOString()}\n\n`;
+  markdown += `Total Candidates: ${candidates.candidates.length}\n\n`;
+  markdown += '## Instructions\n\n';
+  markdown += '1. Review each candidate below\n';
+  markdown += '2. Check the box [ ] if you accept the candidate (change to [x])\n';
+  markdown += '3. Edit the content as needed\n';
+  markdown +=
+    '4. Save this file and run `ripp build --from-checklist` to compile confirmed intent\n\n';
+  markdown += '---\n\n';
+  candidates.candidates.forEach((candidate, index) => {
+    markdown += `## Candidate ${index + 1}: ${candidate.section || 'unknown'}\n\n`;
+    markdown += `- **Confidence**: ${(candidate.confidence * 100).toFixed(1)}%\n`;
+    markdown += `- **Evidence**: ${candidate.evidence.length} reference(s)\n\n`;
+    markdown += '### Accept?\n\n';
+    markdown += '- [ ] Accept this candidate\n\n';
+    markdown += '### Content\n\n';
+    markdown += '```yaml\n';
+    markdown += yaml.dump(candidate.content, { indent: 2 });
+    markdown += '```\n\n';
+    markdown += '### Evidence References\n\n';
+    candidate.evidence.forEach(ev => {
+      markdown += `- \`${ev.file}:${ev.line}\`\n`;
+      if (ev.snippet) {
+        markdown += `  \`\`\`\n  ${ev.snippet}\n  \`\`\`\n`;
+      }
+    });
+    markdown += '\n---\n\n';
+  });
+  fs.writeFileSync(checklistPath, markdown, 'utf8');
+  return {
+    checklistPath,
+    totalCandidates: candidates.candidates.length
+  };
+}
+/**
+ * Helper to ask questions in readline
+ */
+function question(rl, prompt) {
+  return new Promise(resolve => {
+    rl.question(prompt, resolve);
+  });
+}
+module.exports = {
+  confirmIntent,
+  interactiveConfirm,
+  generateChecklistConfirm
+};

package/lib/discovery.js ADDED Viewed

@@ -0,0 +1,119 @@
+const fs = require('fs');
+const path = require('path');
+const yaml = require('js-yaml');
+const { createProvider } = require('./ai-provider');
+const { loadConfig, checkAiEnabled } = require('./config');
+/**
+ * RIPP Intent Discovery
+ * AI-assisted candidate intent inference from evidence packs
+ */
+/**
+ * Discover candidate intent from evidence pack
+ */
+async function discoverIntent(cwd, options = {}) {
+  // Load configuration
+  const config = loadConfig(cwd);
+  // Check if AI is enabled
+  const aiCheck = checkAiEnabled(config);
+  if (!aiCheck.enabled) {
+    throw new Error(`AI is not enabled: ${aiCheck.reason}`);
+  }
+  // Load evidence pack
+  const evidencePath = path.join(cwd, '.ripp', 'evidence', 'evidence.index.json');
+  if (!fs.existsSync(evidencePath)) {
+    throw new Error('Evidence pack not found. Run "ripp evidence build" first.');
+  }
+  const evidencePack = JSON.parse(fs.readFileSync(evidencePath, 'utf8'));
+  // Create AI provider
+  const provider = createProvider(config.ai);
+  if (!provider.isConfigured()) {
+    throw new Error('AI provider is not properly configured. Check environment variables.');
+  }
+  // Infer intent
+  const targetLevel = options.targetLevel || 1;
+  const candidates = await provider.inferIntent(evidencePack, {
+    targetLevel,
+    minConfidence: config.discovery.minConfidence
+  });
+  // Filter by minimum confidence if configured
+  if (config.discovery.minConfidence > 0) {
+    candidates.candidates = candidates.candidates.filter(
+      c => c.confidence >= config.discovery.minConfidence
+    );
+  }
+  // Write candidates to file
+  const candidatesPath = path.join(cwd, '.ripp', 'intent.candidates.yaml');
+  const yamlContent = yaml.dump(candidates, { indent: 2, lineWidth: 100 });
+  fs.writeFileSync(candidatesPath, yamlContent, 'utf8');
+  return {
+    candidates,
+    candidatesPath,
+    totalCandidates: candidates.candidates.length
+  };
+}
+/**
+ * Validate candidate intent structure
+ */
+function validateCandidates(candidates) {
+  const errors = [];
+  if (!candidates.version || candidates.version !== '1.0') {
+    errors.push('Missing or invalid version field');
+  }
+  if (!candidates.created) {
+    errors.push('Missing created timestamp');
+  }
+  if (!Array.isArray(candidates.candidates)) {
+    errors.push('candidates must be an array');
+    return errors; // Can't continue validation
+  }
+  candidates.candidates.forEach((candidate, index) => {
+    const prefix = `Candidate ${index + 1}`;
+    if (candidate.source !== 'inferred') {
+      errors.push(`${prefix}: source must be "inferred"`);
+    }
+    if (
+      typeof candidate.confidence !== 'number' ||
+      candidate.confidence < 0 ||
+      candidate.confidence > 1
+    ) {
+      errors.push(`${prefix}: confidence must be between 0.0 and 1.0`);
+    }
+    if (!Array.isArray(candidate.evidence) || candidate.evidence.length === 0) {
+      errors.push(`${prefix}: must have at least one evidence reference`);
+    }
+    if (candidate.requires_human_confirmation !== true) {
+      errors.push(`${prefix}: requires_human_confirmation must be true`);
+    }
+    if (!candidate.content) {
+      errors.push(`${prefix}: missing content field`);
+    }
+  });
+  return errors;
+}
+module.exports = {
+  discoverIntent,
+  validateCandidates
+};

package/lib/evidence.js ADDED Viewed

@@ -0,0 +1,368 @@
+const fs = require('fs');
+const path = require('path');
+const crypto = require('crypto');
+const { glob } = require('glob');
+const yaml = require('js-yaml');
+/**
+ * RIPP Evidence Pack Builder
+ * Scans repository and extracts high-signal facts for intent discovery
+ */
+// Secret patterns for redaction (best-effort)
+// More conservative patterns to avoid false positives
+const SECRET_PATTERNS = [
+  /api[_-]?key[s]?\s*[:=]\s*['"]([^'"]+)['"]/gi,
+  /secret[_-]?key[s]?\s*[:=]\s*['"]([^'"]+)['"]/gi,
+  /password[s]?\s*[:=]\s*['"]([^'"]+)['"]/gi,
+  /token[s]?\s*[:=]\s*['"]([^'"]+)['"]/gi,
+  /bearer\s+([a-zA-Z0-9_\-\.]{20,})/gi, // Bearer tokens
+  /sk-[a-zA-Z0-9]{32,}/gi, // OpenAI-style keys
+  /ghp_[a-zA-Z0-9]{36,}/gi // GitHub tokens
+];
+/**
+ * Build evidence pack from repository
+ */
+async function buildEvidencePack(cwd, config) {
+  const evidenceDir = path.join(cwd, '.ripp', 'evidence');
+  // Create evidence directory
+  if (!fs.existsSync(evidenceDir)) {
+    fs.mkdirSync(evidenceDir, { recursive: true });
+  }
+  // Scan files
+  const { files, excludedCount } = await scanFiles(cwd, config.evidencePack);
+  // Extract evidence from files
+  const evidence = await extractEvidence(files, cwd);
+  // Build index
+  const index = {
+    version: '1.0',
+    created: new Date().toISOString(),
+    stats: {
+      totalFiles: files.length + excludedCount,
+      totalSize: files.reduce((sum, f) => sum + f.size, 0),
+      includedFiles: files.length,
+      excludedFiles: excludedCount
+    },
+    includePatterns: config.evidencePack.includeGlobs,
+    excludePatterns: config.evidencePack.excludeGlobs,
+    files: files.map(f => ({
+      path: f.path,
+      hash: f.hash,
+      size: f.size,
+      type: f.type
+    })),
+    evidence
+  };
+  // Write index
+  const indexPath = path.join(evidenceDir, 'evidence.index.json');
+  fs.writeFileSync(indexPath, JSON.stringify(index, null, 2), 'utf8');
+  // Copy relevant files to evidence directory (optional, for provenance)
+  // For now, we just keep the index with hashes
+  return { index, evidenceDir, indexPath };
+}
+/**
+ * Scan files matching include/exclude patterns
+ */
+async function scanFiles(cwd, evidenceConfig) {
+  const files = [];
+  const { includeGlobs, excludeGlobs, maxFileSize } = evidenceConfig;
+  // Build combined pattern
+  const patterns = includeGlobs.map(pattern => path.join(cwd, pattern));
+  for (const pattern of patterns) {
+    const matches = await glob(pattern, {
+      ignore: excludeGlobs.map(ex => path.join(cwd, ex)),
+      nodir: true,
+      absolute: true
+    });
+    for (const filePath of matches) {
+      try {
+        const stats = fs.statSync(filePath);
+        // Skip files that are too large
+        if (stats.size > maxFileSize) {
+          continue;
+        }
+        const content = fs.readFileSync(filePath, 'utf8');
+        const hash = crypto.createHash('sha256').update(content).digest('hex');
+        const relativePath = path.relative(cwd, filePath);
+        files.push({
+          path: relativePath,
+          absolutePath: filePath,
+          hash,
+          size: stats.size,
+          type: detectFileType(relativePath),
+          content
+        });
+      } catch (error) {
+        // Skip files we can't read
+        continue;
+      }
+    }
+  }
+  return files;
+}
+/**
+ * Detect file type based on path and extension
+ */
+function detectFileType(filePath) {
+  const ext = path.extname(filePath).toLowerCase();
+  if (filePath.includes('.github/workflows/')) {
+    return 'workflow';
+  }
+  if (ext === '.json' && (filePath.includes('package.json') || filePath.includes('schema'))) {
+    return 'config';
+  }
+  if (ext === '.sql' || filePath.includes('migration') || filePath.includes('schema')) {
+    return 'schema';
+  }
+  if (['.js', '.ts', '.jsx', '.tsx', '.py', '.rb', '.go', '.java', '.cs'].includes(ext)) {
+    return 'source';
+  }
+  return 'other';
+}
+/**
+ * Extract high-signal evidence from files
+ */
+async function extractEvidence(files, cwd) {
+  const evidence = {
+    dependencies: [],
+    routes: [],
+    schemas: [],
+    auth: [],
+    workflows: []
+  };
+  for (const file of files) {
+    try {
+      // Extract dependencies
+      if (file.path.includes('package.json')) {
+        const deps = extractDependencies(file);
+        evidence.dependencies.push(...deps);
+      }
+      // Extract routes (best-effort pattern matching)
+      if (file.type === 'source') {
+        const routes = extractRoutes(file);
+        evidence.routes.push(...routes);
+        // Extract auth signals
+        const auth = extractAuthSignals(file);
+        evidence.auth.push(...auth);
+      }
+      // Extract schemas
+      if (file.type === 'schema' || file.path.includes('model')) {
+        const schemas = extractSchemas(file);
+        evidence.schemas.push(...schemas);
+      }
+      // Extract workflows
+      if (file.type === 'workflow') {
+        const workflow = extractWorkflow(file);
+        if (workflow) {
+          evidence.workflows.push(workflow);
+        }
+      }
+    } catch (error) {
+      // Skip files with extraction errors
+      continue;
+    }
+  }
+  return evidence;
+}
+/**
+ * Extract dependencies from package.json
+ */
+function extractDependencies(file) {
+  const deps = [];
+  try {
+    const pkg = JSON.parse(file.content);
+    if (pkg.dependencies) {
+      for (const [name, version] of Object.entries(pkg.dependencies)) {
+        deps.push({
+          name,
+          version,
+          type: 'runtime',
+          source: file.path
+        });
+      }
+    }
+    if (pkg.devDependencies) {
+      for (const [name, version] of Object.entries(pkg.devDependencies)) {
+        deps.push({
+          name,
+          version,
+          type: 'dev',
+          source: file.path
+        });
+      }
+    }
+  } catch (error) {
+    // Invalid JSON, skip
+  }
+  return deps;
+}
+/**
+ * Extract API routes (best-effort pattern matching)
+ */
+function extractRoutes(file) {
+  const routes = [];
+  const lines = file.content.split('\n');
+  // Common patterns for Express, FastAPI, etc.
+  const routePatterns = [
+    /\.(get|post|put|delete|patch)\s*\(\s*['"`]([^'"`]+)['"`]/gi,
+    /@(Get|Post|Put|Delete|Patch)\s*\(\s*['"`]([^'"`]+)['"`]/gi,
+    /router\.(get|post|put|delete|patch)\s*\(\s*['"`]([^'"`]+)['"`]/gi,
+    /app\.(get|post|put|delete|patch)\s*\(\s*['"`]([^'"`]+)['"`]/gi
+  ];
+  lines.forEach((line, index) => {
+    for (const pattern of routePatterns) {
+      pattern.lastIndex = 0; // Reset regex
+      const match = pattern.exec(line);
+      if (match) {
+        const method = match[1].toUpperCase();
+        const routePath = match[2];
+        routes.push({
+          method,
+          path: routePath,
+          source: `${file.path}:${index + 1}`,
+          snippet: redactSecrets(line.trim())
+        });
+      }
+    }
+  });
+  return routes;
+}
+/**
+ * Extract auth/permission signals
+ */
+function extractAuthSignals(file) {
+  const signals = [];
+  const lines = file.content.split('\n');
+  const authPatterns = [
+    { pattern: /(authenticate|auth|requireAuth|isAuthenticated)/i, type: 'middleware' },
+    { pattern: /(authorize|checkPermission|requireRole|hasRole)/i, type: 'guard' },
+    { pattern: /(jwt|bearer|oauth|session)/i, type: 'config' }
+  ];
+  lines.forEach((line, index) => {
+    for (const { pattern, type } of authPatterns) {
+      if (pattern.test(line)) {
+        signals.push({
+          type,
+          source: `${file.path}:${index + 1}`,
+          snippet: redactSecrets(line.trim())
+        });
+        break; // Only one signal per line
+      }
+    }
+  });
+  return signals;
+}
+/**
+ * Extract schema definitions (best-effort)
+ */
+function extractSchemas(file) {
+  const schemas = [];
+  // Try to detect schema type
+  if (file.path.includes('migration')) {
+    schemas.push({
+      name: path.basename(file.path, path.extname(file.path)),
+      type: 'migration',
+      source: file.path,
+      snippet: redactSecrets(file.content.substring(0, 500))
+    });
+  } else if (file.path.includes('model')) {
+    schemas.push({
+      name: path.basename(file.path, path.extname(file.path)),
+      type: 'model',
+      source: file.path,
+      snippet: redactSecrets(file.content.substring(0, 500))
+    });
+  }
+  return schemas;
+}
+/**
+ * Extract workflow configuration
+ */
+function extractWorkflow(file) {
+  try {
+    const workflow = yaml.load(file.content);
+    if (workflow && workflow.name) {
+      return {
+        name: workflow.name,
+        triggers: Object.keys(workflow.on || {}),
+        source: file.path
+      };
+    }
+  } catch (error) {
+    // Invalid YAML, skip
+  }
+  return null;
+}
+/**
+ * Redact potential secrets from text (best-effort)
+ */
+function redactSecrets(text) {
+  let redacted = text;
+  for (const pattern of SECRET_PATTERNS) {
+    pattern.lastIndex = 0; // Reset regex
+    redacted = redacted.replace(pattern, (match, p1) => {
+      if (p1 && p1.length > 8) {
+        return match.replace(p1, '[REDACTED]');
+      }
+      return match;
+    });
+  }
+  return redacted;
+}
+module.exports = {
+  buildEvidencePack,
+  redactSecrets
+};