sentinelayer-cli 0.1.2 → 0.4.4

package/src/ai/site-store.js

@@ -1,145 +1,145 @@
-import fsp from "node:fs/promises";
-import path from "node:path";
-
-const REGISTRY_SCHEMA_VERSION = "1.0.0";
-
-function normalizeString(value) {
-  return String(value || "").trim();
-}
-
-function normalizeSiteRecord(record = {}) {
-  return {
-    siteId: normalizeString(record.siteId),
-    projectId: normalizeString(record.projectId) || null,
-    identityId: normalizeString(record.identityId) || null,
-    domainId: normalizeString(record.domainId) || null,
-    host: normalizeString(record.host) || null,
-    callbackPath: normalizeString(record.callbackPath) || null,
-    callbackUrl: normalizeString(record.callbackUrl) || null,
-    status: normalizeString(record.status) || "UNKNOWN",
-    dnsCleanupStatus: normalizeString(record.dnsCleanupStatus) || "UNKNOWN",
-    expiresAt: normalizeString(record.expiresAt) || null,
-    teardownReason: normalizeString(record.teardownReason) || null,
-    teardownAt: normalizeString(record.teardownAt) || null,
-    createdAt: normalizeString(record.createdAt) || new Date().toISOString(),
-    lastUpdatedAt: normalizeString(record.lastUpdatedAt) || new Date().toISOString(),
-    dnsCleanupContract:
-      record.dnsCleanupContract && typeof record.dnsCleanupContract === "object"
-        ? record.dnsCleanupContract
-        : {},
-    metadata: record.metadata && typeof record.metadata === "object" ? record.metadata : {},
-  };
-}
-
-export function resolveSiteRegistryPath({ outputRoot } = {}) {
-  const resolvedOutputRoot = path.resolve(String(outputRoot || "."));
-  return path.join(resolvedOutputRoot, "aidenid", "site-registry.json");
-}
-
-async function loadRegistryInternal(filePath) {
-  try {
-    const raw = await fsp.readFile(filePath, "utf-8");
-    const parsed = JSON.parse(raw);
-    const sites = Array.isArray(parsed.sites)
-      ? parsed.sites.map((item) => normalizeSiteRecord(item)).filter((item) => item.siteId)
-      : [];
-    return {
-      schemaVersion: normalizeString(parsed.schemaVersion) || REGISTRY_SCHEMA_VERSION,
-      generatedAt: normalizeString(parsed.generatedAt) || new Date().toISOString(),
-      sites,
-    };
-  } catch (error) {
-    if (error && typeof error === "object" && error.code === "ENOENT") {
-      return {
-        schemaVersion: REGISTRY_SCHEMA_VERSION,
-        generatedAt: new Date().toISOString(),
-        sites: [],
-      };
-    }
-    throw error;
-  }
-}
-
-async function writeRegistryInternal(filePath, registry = {}) {
-  const normalized = {
-    schemaVersion: REGISTRY_SCHEMA_VERSION,
-    generatedAt: new Date().toISOString(),
-    sites: Array.isArray(registry.sites) ? registry.sites.map(normalizeSiteRecord) : [],
-  };
-  await fsp.mkdir(path.dirname(filePath), { recursive: true });
-  await fsp.writeFile(filePath, `${JSON.stringify(normalized, null, 2)}\n`, "utf-8");
-  return normalized;
-}
-
-export async function listSites({ outputRoot, identityId = "" } = {}) {
-  const registryPath = resolveSiteRegistryPath({ outputRoot });
-  const registry = await loadRegistryInternal(registryPath);
-  const normalizedIdentityId = normalizeString(identityId);
-  const filteredSites = normalizedIdentityId
-    ? registry.sites.filter((item) => item.identityId === normalizedIdentityId)
-    : registry.sites;
-  return {
-    registryPath,
-    sites: filteredSites,
-  };
-}
-
-export async function recordTemporarySite({
-  outputRoot,
-  site = {},
-  context = {},
-} = {}) {
-  const siteId = normalizeString(site.id || context.siteId);
-  if (!siteId) {
-    throw new Error("Cannot record temporary site without site.id.");
-  }
-
-  const registryPath = resolveSiteRegistryPath({ outputRoot });
-  const registry = await loadRegistryInternal(registryPath);
-  const nowIso = new Date().toISOString();
-  const nextRecord = normalizeSiteRecord({
-    siteId,
-    projectId: site.projectId || context.projectId,
-    identityId: site.identityId || context.identityId,
-    domainId: site.domainId || context.domainId,
-    host: site.host,
-    callbackPath: site.callbackPath,
-    callbackUrl: site.callbackUrl,
-    status: site.status,
-    dnsCleanupStatus: site.dnsCleanupStatus,
-    expiresAt: site.expiresAt,
-    teardownReason: site.teardownReason,
-    teardownAt: site.teardownAt,
-    createdAt: nowIso,
-    lastUpdatedAt: nowIso,
-    dnsCleanupContract: site.dnsCleanupContract,
-    metadata: {
-      ...(site.metadata && typeof site.metadata === "object" ? site.metadata : {}),
-      source: normalizeString(context.source) || "site-create",
-      idempotencyKey: context.idempotencyKey || null,
-    },
-  });
-
-  const index = registry.sites.findIndex((item) => item.siteId === siteId);
-  if (index >= 0) {
-    const existing = registry.sites[index];
-    registry.sites[index] = normalizeSiteRecord({
-      ...existing,
-      ...nextRecord,
-      createdAt: existing.createdAt || nextRecord.createdAt,
-      metadata: {
-        ...existing.metadata,
-        ...nextRecord.metadata,
-      },
-    });
-  } else {
-    registry.sites.push(nextRecord);
-  }
-
-  const saved = await writeRegistryInternal(registryPath, registry);
-  const savedSite = saved.sites.find((item) => item.siteId === siteId) || null;
-  return {
-    registryPath,
-    site: savedSite,
-  };
-}
+import fsp from "node:fs/promises";
+import path from "node:path";
+
+const REGISTRY_SCHEMA_VERSION = "1.0.0";
+
+function normalizeString(value) {
+  return String(value || "").trim();
+}
+
+function normalizeSiteRecord(record = {}) {
+  return {
+    siteId: normalizeString(record.siteId),
+    projectId: normalizeString(record.projectId) || null,
+    identityId: normalizeString(record.identityId) || null,
+    domainId: normalizeString(record.domainId) || null,
+    host: normalizeString(record.host) || null,
+    callbackPath: normalizeString(record.callbackPath) || null,
+    callbackUrl: normalizeString(record.callbackUrl) || null,
+    status: normalizeString(record.status) || "UNKNOWN",
+    dnsCleanupStatus: normalizeString(record.dnsCleanupStatus) || "UNKNOWN",
+    expiresAt: normalizeString(record.expiresAt) || null,
+    teardownReason: normalizeString(record.teardownReason) || null,
+    teardownAt: normalizeString(record.teardownAt) || null,
+    createdAt: normalizeString(record.createdAt) || new Date().toISOString(),
+    lastUpdatedAt: normalizeString(record.lastUpdatedAt) || new Date().toISOString(),
+    dnsCleanupContract:
+      record.dnsCleanupContract && typeof record.dnsCleanupContract === "object"
+        ? record.dnsCleanupContract
+        : {},
+    metadata: record.metadata && typeof record.metadata === "object" ? record.metadata : {},
+  };
+}
+
+export function resolveSiteRegistryPath({ outputRoot } = {}) {
+  const resolvedOutputRoot = path.resolve(String(outputRoot || "."));
+  return path.join(resolvedOutputRoot, "aidenid", "site-registry.json");
+}
+
+async function loadRegistryInternal(filePath) {
+  try {
+    const raw = await fsp.readFile(filePath, "utf-8");
+    const parsed = JSON.parse(raw);
+    const sites = Array.isArray(parsed.sites)
+      ? parsed.sites.map((item) => normalizeSiteRecord(item)).filter((item) => item.siteId)
+      : [];
+    return {
+      schemaVersion: normalizeString(parsed.schemaVersion) || REGISTRY_SCHEMA_VERSION,
+      generatedAt: normalizeString(parsed.generatedAt) || new Date().toISOString(),
+      sites,
+    };
+  } catch (error) {
+    if (error && typeof error === "object" && error.code === "ENOENT") {
+      return {
+        schemaVersion: REGISTRY_SCHEMA_VERSION,
+        generatedAt: new Date().toISOString(),
+        sites: [],
+      };
+    }
+    throw error;
+  }
+}
+
+async function writeRegistryInternal(filePath, registry = {}) {
+  const normalized = {
+    schemaVersion: REGISTRY_SCHEMA_VERSION,
+    generatedAt: new Date().toISOString(),
+    sites: Array.isArray(registry.sites) ? registry.sites.map(normalizeSiteRecord) : [],
+  };
+  await fsp.mkdir(path.dirname(filePath), { recursive: true });
+  await fsp.writeFile(filePath, `${JSON.stringify(normalized, null, 2)}\n`, "utf-8");
+  return normalized;
+}
+
+export async function listSites({ outputRoot, identityId = "" } = {}) {
+  const registryPath = resolveSiteRegistryPath({ outputRoot });
+  const registry = await loadRegistryInternal(registryPath);
+  const normalizedIdentityId = normalizeString(identityId);
+  const filteredSites = normalizedIdentityId
+    ? registry.sites.filter((item) => item.identityId === normalizedIdentityId)
+    : registry.sites;
+  return {
+    registryPath,
+    sites: filteredSites,
+  };
+}
+
+export async function recordTemporarySite({
+  outputRoot,
+  site = {},
+  context = {},
+} = {}) {
+  const siteId = normalizeString(site.id || context.siteId);
+  if (!siteId) {
+    throw new Error("Cannot record temporary site without site.id.");
+  }
+
+  const registryPath = resolveSiteRegistryPath({ outputRoot });
+  const registry = await loadRegistryInternal(registryPath);
+  const nowIso = new Date().toISOString();
+  const nextRecord = normalizeSiteRecord({
+    siteId,
+    projectId: site.projectId || context.projectId,
+    identityId: site.identityId || context.identityId,
+    domainId: site.domainId || context.domainId,
+    host: site.host,
+    callbackPath: site.callbackPath,
+    callbackUrl: site.callbackUrl,
+    status: site.status,
+    dnsCleanupStatus: site.dnsCleanupStatus,
+    expiresAt: site.expiresAt,
+    teardownReason: site.teardownReason,
+    teardownAt: site.teardownAt,
+    createdAt: nowIso,
+    lastUpdatedAt: nowIso,
+    dnsCleanupContract: site.dnsCleanupContract,
+    metadata: {
+      ...(site.metadata && typeof site.metadata === "object" ? site.metadata : {}),
+      source: normalizeString(context.source) || "site-create",
+      idempotencyKey: context.idempotencyKey || null,
+    },
+  });
+
+  const index = registry.sites.findIndex((item) => item.siteId === siteId);
+  if (index >= 0) {
+    const existing = registry.sites[index];
+    registry.sites[index] = normalizeSiteRecord({
+      ...existing,
+      ...nextRecord,
+      createdAt: existing.createdAt || nextRecord.createdAt,
+      metadata: {
+        ...existing.metadata,
+        ...nextRecord.metadata,
+      },
+    });
+  } else {
+    registry.sites.push(nextRecord);
+  }
+
+  const saved = await writeRegistryInternal(registryPath, registry);
+  const savedSite = saved.sites.find((item) => item.siteId === siteId) || null;
+  return {
+    registryPath,
+    site: savedSite,
+  };
+}

package/src/audit/agents/architecture.js

@@ -1,180 +1,180 @@
-function normalizeString(value) {
-  return String(value || "").trim();
-}
-
-function toPosixPath(value) {
-  return String(value || "").replace(/\\/g, "/");
-}
-
-function summarizeSeverity(findings = []) {
-  const summary = { P0: 0, P1: 0, P2: 0, P3: 0 };
-  for (const finding of findings) {
-    const severity = normalizeString(finding.severity).toUpperCase();
-    if (Object.prototype.hasOwnProperty.call(summary, severity)) {
-      summary[severity] += 1;
-    }
-  }
-  summary.blocking = summary.P0 > 0 || summary.P1 > 0;
-  return summary;
-}
-
-function buildHotspots(ingest = {}) {
-  const indexed = Array.isArray(ingest.indexedFiles?.files) ? ingest.indexedFiles.files : [];
-  return indexed
-    .filter((file) => Number(file.loc || 0) >= 300)
-    .sort((left, right) => Number(right.loc || 0) - Number(left.loc || 0))
-    .slice(0, 20)
-    .map((file) => ({
-      path: toPosixPath(file.path),
-      language: file.language,
-      loc: Number(file.loc || 0),
-      sizeBytes: Number(file.sizeBytes || 0),
-      risk: Number(file.loc || 0) >= 700 ? "high" : "medium",
-    }));
-}
-
-function deriveArchitectureFindings({ findings = [], hotspots = [] } = {}) {
-  const derived = [];
-  const base = Array.isArray(findings) ? findings : [];
-
-  for (const finding of base) {
-    const message = normalizeString(finding.message).toLowerCase();
-    if (/n\+1|loop|query|component|cleanup|stale|coupling|dependency/.test(message)) {
-      derived.push(finding);
-    }
-  }
-
-  for (const hotspot of hotspots) {
-    const existing = derived.some((finding) => toPosixPath(finding.file) === hotspot.path);
-    if (existing) {
-      continue;
-    }
-    derived.push({
-      severity: hotspot.risk === "high" ? "P1" : "P2",
-      file: hotspot.path,
-      line: 1,
-      message: `Large architectural hotspot detected (${hotspot.loc} LOC).`,
-      excerpt: `${hotspot.language} module at ${hotspot.path}`,
-      ruleId: "SL-ARCH-001",
-      suggestedFix: "Split this module into bounded components with explicit interfaces.",
-      layer: "architecture",
-    });
-  }
-
-  return derived.slice(0, 120);
-}
-
-function estimateCouplingRisk(ingest = {}) {
-  const files = Array.isArray(ingest.indexedFiles?.files) ? ingest.indexedFiles.files : [];
-  const byDirectory = new Map();
-  for (const file of files) {
-    const normalizedPath = toPosixPath(file.path);
-    const dir = normalizedPath.includes("/") ? normalizedPath.slice(0, normalizedPath.lastIndexOf("/")) : ".";
-    const existing = byDirectory.get(dir) || 0;
-    byDirectory.set(dir, existing + 1);
-  }
-  const denseDirs = [...byDirectory.entries()].filter((entry) => entry[1] >= 20);
-  return {
-    denseDirectoryCount: denseDirs.length,
-    denseDirectories: denseDirs
-      .sort((left, right) => right[1] - left[1])
-      .slice(0, 12)
-      .map((entry) => ({ directory: entry[0], fileCount: entry[1] })),
-  };
-}
-
-function estimateArchitectureScore(hotspots = [], summary = {}) {
-  const penalty =
-    hotspots.length * 3 +
-    Number(summary.P1 || 0) * 6 +
-    Number(summary.P2 || 0) * 3 +
-    Number(summary.P3 || 0);
-  return Math.max(0, 100 - Math.min(100, penalty));
-}
-
-function buildRecommendations({ hotspots = [], summary = {}, couplingRisk } = {}) {
-  const recommendations = [];
-  if (hotspots.length > 0) {
-    recommendations.push(
-      "Split high-LOC modules into bounded contexts and enforce explicit interface contracts."
-    );
-  }
-  if (Number(summary.P1 || 0) > 0) {
-    recommendations.push("Resolve all P1 architecture findings before onboarding additional feature work.");
-  }
-  if (couplingRisk.denseDirectoryCount > 0) {
-    recommendations.push(
-      "Introduce package-level ownership boundaries for dense directories to reduce cross-module coupling."
-    );
-  }
-  if (recommendations.length === 0) {
-    recommendations.push("Architecture signals are stable; continue tracking drift with periodic audits.");
-  }
-  return recommendations;
-}
-
-export function runArchitectureSpecialist({
-  findings = [],
-  ingest = {},
-} = {}) {
-  const hotspots = buildHotspots(ingest);
-  const architectureFindings = deriveArchitectureFindings({
-    findings,
-    hotspots,
-  });
-  const summary = summarizeSeverity(architectureFindings);
-  const couplingRisk = estimateCouplingRisk(ingest);
-  const architectureScore = estimateArchitectureScore(hotspots, summary);
-  const confidence = architectureFindings.length > 0 ? Math.max(0.72, 1 - architectureFindings.length * 0.002) : 0.9;
-
-  return {
-    schemaVersion: "1.0.0",
-    generatedAt: new Date().toISOString(),
-    summary: {
-      ...summary,
-      findingCount: architectureFindings.length,
-      architectureScore,
-    },
-    confidence,
-    hotspots,
-    couplingRisk,
-    recommendations: buildRecommendations({
-      hotspots,
-      summary,
-      couplingRisk,
-    }),
-    findings: architectureFindings,
-  };
-}
-
-export function renderArchitectureSpecialistMarkdown(report = {}) {
-  const hotspots = (report.hotspots || [])
-    .map((item) => `- ${item.path} (${item.loc} LOC, risk=${item.risk})`)
-    .join("\n");
-  const couplings = (report.couplingRisk?.denseDirectories || [])
-    .map((item) => `- ${item.directory}: ${item.fileCount} files`)
-    .join("\n");
-  const recommendations = (report.recommendations || []).map((item) => `- ${item}`).join("\n");
-
-  return `# ARCHITECTURE_AGENT_REPORT
-
-Generated: ${report.generatedAt}
-Architecture score: ${report.summary?.architectureScore ?? 0}/100
-Confidence: ${((report.confidence || 0) * 100).toFixed(0)}%
-
-Summary:
-- Findings: P0=${report.summary?.P0 ?? 0} P1=${report.summary?.P1 ?? 0} P2=${report.summary?.P2 ?? 0} P3=${report.summary?.P3 ?? 0}
-- Blocking: ${report.summary?.blocking ? "yes" : "no"}
-- Total findings: ${report.summary?.findingCount ?? 0}
-
-Hotspots:
-${hotspots || "- none"}
-
-Coupling density:
-${couplings || "- none"}
-
-Recommendations:
-${recommendations || "- none"}
-`;
-}
-
+function normalizeString(value) {
+  return String(value || "").trim();
+}
+
+function toPosixPath(value) {
+  return String(value || "").replace(/\\/g, "/");
+}
+
+function summarizeSeverity(findings = []) {
+  const summary = { P0: 0, P1: 0, P2: 0, P3: 0 };
+  for (const finding of findings) {
+    const severity = normalizeString(finding.severity).toUpperCase();
+    if (Object.prototype.hasOwnProperty.call(summary, severity)) {
+      summary[severity] += 1;
+    }
+  }
+  summary.blocking = summary.P0 > 0 || summary.P1 > 0;
+  return summary;
+}
+
+function buildHotspots(ingest = {}) {
+  const indexed = Array.isArray(ingest.indexedFiles?.files) ? ingest.indexedFiles.files : [];
+  return indexed
+    .filter((file) => Number(file.loc || 0) >= 300)
+    .sort((left, right) => Number(right.loc || 0) - Number(left.loc || 0))
+    .slice(0, 20)
+    .map((file) => ({
+      path: toPosixPath(file.path),
+      language: file.language,
+      loc: Number(file.loc || 0),
+      sizeBytes: Number(file.sizeBytes || 0),
+      risk: Number(file.loc || 0) >= 700 ? "high" : "medium",
+    }));
+}
+
+function deriveArchitectureFindings({ findings = [], hotspots = [] } = {}) {
+  const derived = [];
+  const base = Array.isArray(findings) ? findings : [];
+
+  for (const finding of base) {
+    const message = normalizeString(finding.message).toLowerCase();
+    if (/n\+1|loop|query|component|cleanup|stale|coupling|dependency/.test(message)) {
+      derived.push(finding);
+    }
+  }
+
+  for (const hotspot of hotspots) {
+    const existing = derived.some((finding) => toPosixPath(finding.file) === hotspot.path);
+    if (existing) {
+      continue;
+    }
+    derived.push({
+      severity: hotspot.risk === "high" ? "P1" : "P2",
+      file: hotspot.path,
+      line: 1,
+      message: `Large architectural hotspot detected (${hotspot.loc} LOC).`,
+      excerpt: `${hotspot.language} module at ${hotspot.path}`,
+      ruleId: "SL-ARCH-001",
+      suggestedFix: "Split this module into bounded components with explicit interfaces.",
+      layer: "architecture",
+    });
+  }
+
+  return derived.slice(0, 120);
+}
+
+function estimateCouplingRisk(ingest = {}) {
+  const files = Array.isArray(ingest.indexedFiles?.files) ? ingest.indexedFiles.files : [];
+  const byDirectory = new Map();
+  for (const file of files) {
+    const normalizedPath = toPosixPath(file.path);
+    const dir = normalizedPath.includes("/") ? normalizedPath.slice(0, normalizedPath.lastIndexOf("/")) : ".";
+    const existing = byDirectory.get(dir) || 0;
+    byDirectory.set(dir, existing + 1);
+  }
+  const denseDirs = [...byDirectory.entries()].filter((entry) => entry[1] >= 20);
+  return {
+    denseDirectoryCount: denseDirs.length,
+    denseDirectories: denseDirs
+      .sort((left, right) => right[1] - left[1])
+      .slice(0, 12)
+      .map((entry) => ({ directory: entry[0], fileCount: entry[1] })),
+  };
+}
+
+function estimateArchitectureScore(hotspots = [], summary = {}) {
+  const penalty =
+    hotspots.length * 3 +
+    Number(summary.P1 || 0) * 6 +
+    Number(summary.P2 || 0) * 3 +
+    Number(summary.P3 || 0);
+  return Math.max(0, 100 - Math.min(100, penalty));
+}
+
+function buildRecommendations({ hotspots = [], summary = {}, couplingRisk } = {}) {
+  const recommendations = [];
+  if (hotspots.length > 0) {
+    recommendations.push(
+      "Split high-LOC modules into bounded contexts and enforce explicit interface contracts."
+    );
+  }
+  if (Number(summary.P1 || 0) > 0) {
+    recommendations.push("Resolve all P1 architecture findings before onboarding additional feature work.");
+  }
+  if (couplingRisk.denseDirectoryCount > 0) {
+    recommendations.push(
+      "Introduce package-level ownership boundaries for dense directories to reduce cross-module coupling."
+    );
+  }
+  if (recommendations.length === 0) {
+    recommendations.push("Architecture signals are stable; continue tracking drift with periodic audits.");
+  }
+  return recommendations;
+}
+
+export function runArchitectureSpecialist({
+  findings = [],
+  ingest = {},
+} = {}) {
+  const hotspots = buildHotspots(ingest);
+  const architectureFindings = deriveArchitectureFindings({
+    findings,
+    hotspots,
+  });
+  const summary = summarizeSeverity(architectureFindings);
+  const couplingRisk = estimateCouplingRisk(ingest);
+  const architectureScore = estimateArchitectureScore(hotspots, summary);
+  const confidence = architectureFindings.length > 0 ? Math.max(0.72, 1 - architectureFindings.length * 0.002) : 0.9;
+
+  return {
+    schemaVersion: "1.0.0",
+    generatedAt: new Date().toISOString(),
+    summary: {
+      ...summary,
+      findingCount: architectureFindings.length,
+      architectureScore,
+    },
+    confidence,
+    hotspots,
+    couplingRisk,
+    recommendations: buildRecommendations({
+      hotspots,
+      summary,
+      couplingRisk,
+    }),
+    findings: architectureFindings,
+  };
+}
+
+export function renderArchitectureSpecialistMarkdown(report = {}) {
+  const hotspots = (report.hotspots || [])
+    .map((item) => `- ${item.path} (${item.loc} LOC, risk=${item.risk})`)
+    .join("\n");
+  const couplings = (report.couplingRisk?.denseDirectories || [])
+    .map((item) => `- ${item.directory}: ${item.fileCount} files`)
+    .join("\n");
+  const recommendations = (report.recommendations || []).map((item) => `- ${item}`).join("\n");
+
+  return `# ARCHITECTURE_AGENT_REPORT
+
+Generated: ${report.generatedAt}
+Architecture score: ${report.summary?.architectureScore ?? 0}/100
+Confidence: ${((report.confidence || 0) * 100).toFixed(0)}%
+
+Summary:
+- Findings: P0=${report.summary?.P0 ?? 0} P1=${report.summary?.P1 ?? 0} P2=${report.summary?.P2 ?? 0} P3=${report.summary?.P3 ?? 0}
+- Blocking: ${report.summary?.blocking ? "yes" : "no"}
+- Total findings: ${report.summary?.findingCount ?? 0}
+
+Hotspots:
+${hotspots || "- none"}
+
+Coupling density:
+${couplings || "- none"}
+
+Recommendations:
+${recommendations || "- none"}
+`;
+}
+