role-os 2.2.0 → 2.3.0

package/src/swarm/domain-detect.mjs

@@ -0,0 +1,230 @@
+/**
+ * Domain Detection — Repo type detection and swarm manifest generation.
+ *
+ * Detects the repo type from directory structure and package metadata,
+ * then generates a swarm-manifest.json with non-overlapping domain assignments.
+ */
+
+import { existsSync, readFileSync, readdirSync, statSync } from "node:fs";
+import { join, relative } from "node:path";
+
+// ── Repo type detection ───────────────────────────────────────────────────────
+
+const REPO_TYPE_SIGNALS = {
+  desktop: {
+    files: ["src-tauri/tauri.conf.json", "src-tauri/Cargo.toml"],
+    deps: ["@tauri-apps/api", "electron", "electron-builder"],
+    dirs: ["src-tauri"],
+  },
+  web: {
+    files: ["next.config.js", "next.config.mjs", "nuxt.config.ts", "vite.config.ts", "vite.config.js", "astro.config.mjs"],
+    deps: ["react-dom", "next", "nuxt", "vue", "@angular/core", "svelte", "astro"],
+    dirs: ["pages", "app", "views"],
+  },
+  mcp: {
+    files: [],
+    deps: ["@modelcontextprotocol/sdk"],
+    dirs: [],
+  },
+  cli: {
+    files: [],
+    deps: [],
+    dirs: [],
+    // CLI is the default fallback
+  },
+};
+
+/**
+ * Detect the repo type from directory structure and package metadata.
+ * @param {string} cwd - Repository root directory
+ * @returns {"desktop"|"web"|"mcp"|"cli"|"monorepo"}
+ */
+export function detectRepoType(cwd) {
+  // Check for monorepo signals first
+  const hasWorkspaces = hasPackageWorkspaces(cwd);
+  const hasLerna = existsSync(join(cwd, "lerna.json"));
+  if (hasWorkspaces || hasLerna) return "monorepo";
+
+  const pkg = readPackageJson(cwd);
+  const allDeps = { ...pkg.dependencies, ...pkg.devDependencies };
+
+  // Check each type in priority order
+  for (const type of ["desktop", "web", "mcp"]) {
+    const signals = REPO_TYPE_SIGNALS[type];
+
+    // Check files
+    for (const f of signals.files) {
+      if (existsSync(join(cwd, f))) return type;
+    }
+
+    // Check dependencies
+    for (const dep of signals.deps) {
+      if (allDeps[dep]) return type;
+    }
+
+    // Check directories
+    for (const dir of signals.dirs) {
+      if (existsSync(join(cwd, dir)) && statSync(join(cwd, dir)).isDirectory()) return type;
+    }
+  }
+
+  // Check for Rust CLI (Cargo.toml without Tauri)
+  if (existsSync(join(cwd, "Cargo.toml")) && !existsSync(join(cwd, "src-tauri"))) return "cli";
+
+  // Check for Python CLI
+  if (existsSync(join(cwd, "pyproject.toml")) || existsSync(join(cwd, "setup.py"))) return "cli";
+
+  // Check for Go
+  if (existsSync(join(cwd, "go.mod"))) return "cli";
+
+  return "cli";
+}
+
+// ── Domain assignment ─────────────────────────────────────────────────────────
+
+/**
+ * Default domain templates per repo type.
+ * Each domain defines glob patterns for file ownership.
+ */
+const DOMAIN_TEMPLATES = {
+  cli: [
+    { id: "backend", role: "Swarm Backend Agent", patterns: ["src/**", "lib/**", "bin/**", "*.mjs", "*.js", "*.ts", "*.py", "*.rs", "*.go"] },
+    { id: "tests", role: "Swarm Tests Agent", patterns: ["test/**", "tests/**", "spec/**", "__tests__/**", "*.test.*", "*.spec.*"] },
+    { id: "infra", role: "Swarm Infra Agent", patterns: [".github/**", "*.md", "*.json", "*.yaml", "*.yml", "*.toml", ".eslintrc*", ".prettierrc*", "Makefile", "Dockerfile"] },
+  ],
+  web: [
+    { id: "backend", role: "Swarm Backend Agent", patterns: ["src/server/**", "src/api/**", "src/lib/**", "server/**", "api/**"] },
+    { id: "frontend", role: "Swarm Frontend Agent", patterns: ["src/components/**", "src/pages/**", "src/app/**", "src/views/**", "src/styles/**", "public/**", "*.css", "*.html"] },
+    { id: "tests", role: "Swarm Tests Agent", patterns: ["test/**", "tests/**", "spec/**", "__tests__/**", "*.test.*", "*.spec.*", "e2e/**", "cypress/**"] },
+    { id: "infra", role: "Swarm Infra Agent", patterns: [".github/**", "*.md", "*.json", "*.yaml", "*.yml", "*.toml", ".eslintrc*", ".prettierrc*", "Makefile", "Dockerfile", "*.config.*"] },
+  ],
+  desktop: [
+    { id: "backend", role: "Swarm Backend Agent", patterns: ["src-tauri/**", "src/lib/**", "src/server/**"] },
+    { id: "bridge", role: "Swarm Bridge Agent", patterns: ["src/bridge/**", "src/ipc/**", "src/commands/**"] },
+    { id: "frontend", role: "Swarm Frontend Agent", patterns: ["src/components/**", "src/pages/**", "src/app/**", "src/views/**", "src/styles/**", "public/**"] },
+    { id: "tests", role: "Swarm Tests Agent", patterns: ["test/**", "tests/**", "spec/**", "__tests__/**", "*.test.*", "*.spec.*"] },
+    { id: "infra", role: "Swarm Infra Agent", patterns: [".github/**", "*.md", "*.json", "*.yaml", "*.yml", "*.toml", ".eslintrc*", ".prettierrc*", "Makefile", "Dockerfile"] },
+  ],
+  mcp: [
+    { id: "backend", role: "Swarm Backend Agent", patterns: ["src/**", "lib/**", "*.mjs", "*.js", "*.ts"] },
+    { id: "tests", role: "Swarm Tests Agent", patterns: ["test/**", "tests/**", "spec/**", "__tests__/**", "*.test.*", "*.spec.*"] },
+    { id: "infra", role: "Swarm Infra Agent", patterns: [".github/**", "*.md", "*.json", "*.yaml", "*.yml", "*.toml", ".eslintrc*", ".prettierrc*"] },
+  ],
+};
+
+/**
+ * Generate a swarm manifest for the given repo.
+ * @param {string} cwd - Repository root directory
+ * @param {object} [options]
+ * @param {string} [options.repoType] - Override auto-detected repo type
+ * @returns {object} Swarm manifest
+ */
+export function generateSwarmManifest(cwd, options = {}) {
+  const repoType = options.repoType || detectRepoType(cwd);
+  const templates = DOMAIN_TEMPLATES[repoType] || DOMAIN_TEMPLATES.cli;
+
+  // Build domains from templates
+  const domains = templates.map((tmpl, idx) => ({
+    id: tmpl.id,
+    role: tmpl.role,
+    patterns: tmpl.patterns,
+    agentSlot: idx,
+  }));
+
+  // Read repo metadata
+  const pkg = readPackageJson(cwd);
+  const repoName = pkg.name || cwd.split(/[/\\]/).pop();
+
+  return {
+    version: "1.0",
+    repo: repoName,
+    repoType,
+    domains,
+    stages: ["health-a", "health-b", "health-c", "feature"],
+    exclusiveOwnership: {
+      mode: "strict",
+      maxAgentsPerWave: domains.length,
+    },
+  };
+}
+
+/**
+ * Validate a swarm manifest for correctness.
+ * @param {object} manifest
+ * @returns {{ valid: boolean, issues: string[] }}
+ */
+export function validateSwarmManifest(manifest) {
+  const issues = [];
+
+  if (!manifest) {
+    issues.push("Manifest is null or undefined");
+    return { valid: false, issues };
+  }
+
+  if (!manifest.version) issues.push("Missing version");
+  if (!manifest.repo) issues.push("Missing repo");
+  if (!Array.isArray(manifest.domains)) {
+    issues.push("Missing or invalid domains array");
+    return { valid: false, issues };
+  }
+
+  if (manifest.domains.length === 0) {
+    issues.push("No domains defined — need at least 1");
+  }
+
+  if (manifest.domains.length > 10) {
+    issues.push(`Too many domains (${manifest.domains.length}) — max 10`);
+  }
+
+  // Check for empty domains
+  for (const domain of manifest.domains) {
+    if (!domain.id) issues.push("Domain missing id");
+    if (!domain.role) issues.push(`Domain ${domain.id || "?"} missing role`);
+    if (!Array.isArray(domain.patterns) || domain.patterns.length === 0) {
+      issues.push(`Domain ${domain.id || "?"} has no patterns`);
+    }
+  }
+
+  // Check for duplicate domain IDs
+  const ids = manifest.domains.map(d => d.id);
+  const uniqueIds = new Set(ids);
+  if (uniqueIds.size !== ids.length) {
+    issues.push("Duplicate domain IDs found");
+  }
+
+  // Check for pattern overlaps (simple heuristic — exact pattern match)
+  const allPatterns = [];
+  for (const domain of manifest.domains) {
+    for (const pattern of domain.patterns || []) {
+      const existing = allPatterns.find(p => p.pattern === pattern);
+      if (existing) {
+        issues.push(`Pattern "${pattern}" claimed by both ${existing.domain} and ${domain.id}`);
+      }
+      allPatterns.push({ pattern, domain: domain.id });
+    }
+  }
+
+  // Check stages
+  if (!Array.isArray(manifest.stages) || manifest.stages.length === 0) {
+    issues.push("Missing or empty stages array");
+  }
+
+  return { valid: issues.length === 0, issues };
+}
+
+// ── Helpers ───────────────────────────────────────────────────────────────────
+
+function readPackageJson(cwd) {
+  const pkgPath = join(cwd, "package.json");
+  if (!existsSync(pkgPath)) return {};
+  try {
+    return JSON.parse(readFileSync(pkgPath, "utf8"));
+  } catch {
+    return {};
+  }
+}
+
+function hasPackageWorkspaces(cwd) {
+  const pkg = readPackageJson(cwd);
+  return Array.isArray(pkg.workspaces) || (pkg.workspaces && pkg.workspaces.packages);
+}

package/src/swarm/persist-bridge.mjs

@@ -0,0 +1,174 @@
+/**
+ * Evidence Persistence Bridge — Optional connection to dogfood-labs.
+ *
+ * Converts swarm wave results into dogfood submission format and audit DB
+ * payloads. The core swarm mission works without this — it's activated by
+ * the --persist-evidence flag on `roleos swarm`.
+ *
+ * This mirrors the logic from dogfood-labs/tools/swarm/persist-results.js
+ * but produces the payloads without requiring dogfood-labs to be present.
+ */
+
+// ── Surface mapping ─────────────────────────────────────────────────────────
+
+/**
+ * Map a domain ID to a product surface string for dogfood submissions.
+ * @param {string} domainId - e.g. "backend", "frontend", "tests"
+ * @returns {string}
+ */
+export function surfaceFromDomain(domainId) {
+  const map = {
+    backend: "cli",
+    bridge: "cli",
+    tests: "cli",
+    infra: "cli",
+    frontend: "web",
+  };
+  return map[domainId] || "cli";
+}
+
+// ── Verdict derivation ──────────────────────────────────────────────────────
+
+/**
+ * Derive a verdict from findings.
+ * @param {{ severity: string, status?: string }[]} findings
+ * @returns {"pass"|"partial"|"fail"}
+ */
+export function deriveVerdict(findings) {
+  if (!findings || findings.length === 0) return "pass";
+
+  const open = findings.filter(f => f.status !== "fixed" && f.status !== "accepted_risk");
+  const hasCritical = open.some(f => f.severity === "critical");
+  const hasHigh = open.some(f => f.severity === "high");
+
+  if (hasCritical) return "fail";
+  if (hasHigh) return "partial";
+  return "pass";
+}
+
+// ── Scenario results ────────────────────────────────────────────────────────
+
+/**
+ * Build per-domain scenario results from wave reports.
+ * @param {object[]} waveReports - Array of { domain, stage, findings, remediations }
+ * @returns {object[]}
+ */
+export function buildScenarioResults(waveReports) {
+  // Group by domain
+  const byDomain = {};
+  for (const wr of waveReports) {
+    if (!byDomain[wr.domain]) byDomain[wr.domain] = [];
+    byDomain[wr.domain].push(wr);
+  }
+
+  return Object.entries(byDomain).map(([domain, reports]) => {
+    const allFindings = reports.flatMap(r => r.findings || []);
+    const allRemediations = reports.flatMap(r => r.remediations || []);
+
+    return {
+      scenario_id: `swarm-${domain}`,
+      product_surface: surfaceFromDomain(domain),
+      verdict: deriveVerdict(allFindings),
+      step_results: [
+        { step: "audit", status: allFindings.length > 0 ? "pass" : "pass" },
+        { step: "remediate", status: allRemediations.length > 0 ? "pass" : "skip" },
+      ],
+      evidence: {
+        total_findings: allFindings.length,
+        open_findings: allFindings.filter(f => f.status !== "fixed").length,
+        fixed: allFindings.filter(f => f.status === "fixed").length,
+        severities: {
+          critical: allFindings.filter(f => f.severity === "critical").length,
+          high: allFindings.filter(f => f.severity === "high").length,
+          medium: allFindings.filter(f => f.severity === "medium").length,
+          low: allFindings.filter(f => f.severity === "low").length,
+        },
+      },
+    };
+  });
+}
+
+// ── Overall verdict ─────────────────────────────────────────────────────────
+
+/**
+ * Compute overall verdict from scenario results.
+ * @param {object[]} scenarioResults
+ * @returns {"pass"|"partial"|"fail"}
+ */
+export function computeOverallVerdict(scenarioResults) {
+  if (scenarioResults.some(s => s.verdict === "fail")) return "fail";
+  if (scenarioResults.some(s => s.verdict === "partial")) return "partial";
+  return "pass";
+}
+
+// ── Dogfood submission payload ──────────────────────────────────────────────
+
+/**
+ * Build a dogfood-labs-compatible submission payload.
+ * @param {object} manifest - Swarm manifest
+ * @param {object[]} waveReports - All wave reports from the run
+ * @param {object} meta - { commitSha, branch, startedAt, completedAt }
+ * @returns {object} Dogfood submission payload
+ */
+export function buildSubmission(manifest, waveReports, meta = {}) {
+  const scenarios = buildScenarioResults(waveReports);
+  const overall = computeOverallVerdict(scenarios);
+
+  return {
+    repo: manifest.repo || "unknown",
+    product_surface: surfaceFromDomain(manifest.domains?.[0]?.id || "backend"),
+    execution_mode: "automated",
+    overall_verdict: overall,
+    scenario_results: scenarios,
+    metadata: {
+      commit_sha: meta.commitSha || "unknown",
+      branch: meta.branch || "unknown",
+      started_at: meta.startedAt || new Date().toISOString(),
+      completed_at: meta.completedAt || new Date().toISOString(),
+      tool: "role-os-swarm",
+      tool_version: "1.0.0",
+    },
+  };
+}
+
+// ── Audit DB payload ────────────────────────────────────────────────────────
+
+/**
+ * Build an audit-DB-compatible payload from wave reports.
+ * @param {object} manifest - Swarm manifest
+ * @param {object[]} waveReports - All wave reports
+ * @param {object} meta - { commitSha, branch }
+ * @returns {object}
+ */
+export function buildAuditPayload(manifest, waveReports, meta = {}) {
+  const allFindings = waveReports.flatMap(r => r.findings || []);
+  const fixed = allFindings.filter(f => f.status === "fixed").length;
+
+  const severities = {
+    critical: allFindings.filter(f => f.severity === "critical").length,
+    high: allFindings.filter(f => f.severity === "high").length,
+    medium: allFindings.filter(f => f.severity === "medium").length,
+    low: allFindings.filter(f => f.severity === "low").length,
+  };
+
+  const scenarios = buildScenarioResults(waveReports);
+  const overall = computeOverallVerdict(scenarios);
+
+  return {
+    run: {
+      slug: `swarm-${manifest.repo || "unknown"}`,
+      commit_sha: meta.commitSha || "unknown",
+      scope_level: "full",
+      overall_status: fixed === allFindings.length ? "pass" : overall,
+      overall_posture: overall,
+      blocking_release: severities.critical > 0 || severities.high > 0,
+    },
+    findings: allFindings,
+    metrics: {
+      total_findings: allFindings.length,
+      ...severities,
+      fixed,
+      pass_rate: allFindings.length > 0 ? Math.round((fixed / allFindings.length) * 100) : 100,
+    },
+  };
+}