sillyspec 3.16.0 → 3.16.1

package/src/run.js

@@ -8,6 +8,7 @@ import { basename, join } from 'path'
 import { existsSync, readdirSync, mkdirSync, writeFileSync, appendFileSync, readFileSync, statSync } from 'fs'
 import { ProgressManager } from './progress.js'
 import { stageRegistry, auxiliaryStages } from './stages/index.js'
+import { checkTransition, runValidators } from './stage-contract.js'
 import { buildExecuteSteps } from './stages/execute.js'
 import { buildPlanSteps } from './stages/plan.js'
 import { formatExecuteSummary } from './worktree-apply.js'
@@ -15,10 +16,122 @@ import { formatExecuteSummary } from './worktree-apply.js'
 /**
  * 同步触发辅助函数：_write 后 best-effort 同步到平台
  */
+/**
+ * quick 完成审计：对比 baseline 与实际变更
+ */
+async function auditQuickCompletion(cwd, guard, options = {}) {
+  const { baselineFiles, allowedFiles = [], allowNew = false, forceBaseline = false } = guard
+  const { isConfirm } = options
+  const result = { status: 'safe', reasons: [], changedFiles: [], newFiles: [], deletedFiles: [], baselineHit: [] }
+
+  try {
+    const { execSync } = await import('child_process')
+    const gitStatus = execSync('git status --porcelain', { cwd, encoding: 'utf8', timeout: 10000 })
+    const currentEntries = gitStatus.trim().split('\n').filter(Boolean)
+
+    const DANGEROUS_PATTERNS = [
+      '.sillyspec/',
+      'package.json',
+      'package-lock.json',
+      'yarn.lock',
+      'pnpm-lock.yaml',
+      '.eslintrc',
+      'tsconfig.json',
+    ]
+
+    for (const entry of currentEntries) {
+      const status = entry.slice(0, 2).trim()
+      const file = entry.slice(3).trim()
+      if (!file || file.startsWith('??. ')) continue
+
+      result.changedFiles.push(file)
+      if (status === 'D' || status === ' D') result.deletedFiles.push(file)
+      if (status === '??') result.newFiles.push(file)
+
+      // 检查是否命中 baseline protected files
+      if (baselineFiles.includes(file)) {
+        result.baselineHit.push(file)
+      }
+
+      // 检查危险文件（除非 force-baseline）
+      if (DANGEROUS_PATTERNS.some(p => file.includes(p)) && !forceBaseline) {
+        result.reasons.push(`危险文件变更: ${file}`)
+      }
+    }
+
+    // 检查 deleted files
+    for (const f of result.deletedFiles) {
+      result.reasons.push(`删除文件: ${f}`)
+    }
+
+    // 检查 baseline hit（除非 force-baseline）
+    if (!forceBaseline) {
+      for (const f of result.baselineHit) {
+        result.reasons.push(`覆盖 baseline 文件: ${f}`)
+      }
+    }
+
+    // 检查 new files（除非 allow-new）
+    if (!allowNew) {
+      for (const f of result.newFiles) {
+        if (!f.startsWith('.sillyspec/quicklog/') && !f.startsWith('.sillyspec/.runtime/')) {
+          result.reasons.push(`新增文件（需 --allow-new）: ${f}`)
+        }
+      }
+    }
+
+    // 检查 allowedFiles 范围
+    if (allowedFiles.length > 0) {
+      for (const f of result.changedFiles) {
+        if (!allowedFiles.includes(f) && !f.startsWith('.sillyspec/')) {
+          result.reasons.push(`超出 allowedFiles: ${f}`)
+        }
+      }
+    }
+
+    // 判定结果
+    if (result.baselineHit.length > 0 || result.deletedFiles.length > 0 || result.reasons.some(r => r.startsWith('危险') || r.startsWith('删除'))) {
+      result.status = 'blocked'
+    } else if (result.newFiles.length > 0 || (allowedFiles.length > 0 && result.reasons.some(r => r.startsWith('超出')))) {
+      result.status = 'warning'
+    }
+
+    // --confirm 模式：展示 diff 并等待确认
+    if (isConfirm && (result.status === 'warning' || result.status === 'blocked')) {
+      console.log(`\n📋 quick 变更概览：`)
+      console.log(`   新增: ${result.newFiles.length}, 修改: ${result.changedFiles.length - result.newFiles.length - result.deletedFiles.length}, 删除: ${result.deletedFiles.length}`)
+      if (result.changedFiles.length > 0) {
+        console.log(`\n   变更文件：`)
+        for (const f of result.changedFiles) {
+          const isBaseline = baselineFiles.includes(f)
+          const isDangerous = DANGEROUS_PATTERNS.some(p => f.includes(p))
+          const marker = isBaseline ? '🔴' : isDangerous ? '⚠️' : '  '
+          console.log(`   ${marker} ${f}`)
+        }
+      }
+      console.log(`\n   状态: ${result.status.toUpperCase()}`)
+      if (result.reasons.length > 0) {
+        console.log(`   原因:`)
+        for (const r of result.reasons) {
+          console.log(`     - ${r}`)
+        }
+      }
+      console.log(`\n   如确认接受这些变更，重新运行：sillyspec run quick --done --confirm --output "..."`)
+      console.log(`   或使用 --force-baseline 允许覆盖 baseline 文件，--allow-new 允许新增文件`)
+    }
+  } catch (e) {
+    result.reasons.push(`审计失败: ${e.message}`)
+    result.status = 'warning'
+  }
+
+  return result
+}
+
 async function triggerSync(cwd, changeName) {
   try {
+    if (changeName && !existsSync(join(cwd, '.sillyspec', 'changes', changeName))) return
     const syncMod = await import('./sync.js')
-    await syncMod.sync(cwd, changeName)
+    await syncMod.sync(changeName, cwd)
   } catch (e) {
     // sync.js 不存在或同步失败，静默跳过
     console.warn('⚠️ 同步失败:', e.message)
@@ -32,7 +145,7 @@ async function triggerSync(cwd, changeName) {
 async function checkApproval(cwd, changeName) {
   try {
     const syncMod = await import('./sync.js')
-    return await syncMod.checkApproval(cwd, changeName)
+    return await syncMod.checkApproval(changeName, cwd)
   } catch (e) {
     // sync.js 不存在或检查失败，静默跳过
     return null
@@ -367,11 +480,22 @@ export async function runCommand(args, cwd) {
     changeName = flags[changeIdx + 1]
   }
 
+  // 解析 --files a.js,b.js（quick 专用：显式声明 allowedFiles）
+  let quickFiles = []
+  const filesIdx = flags.indexOf('--files')
+  if (filesIdx !== -1 && flags[filesIdx + 1]) {
+    quickFiles = flags[filesIdx + 1].split(',').map(f => f.trim()).filter(Boolean)
+  }
+
+  const isAllowNew = flags.includes('--allow-new')
+  const isForceBaseline = flags.includes('--force-baseline')
+
   // 未知参数 fail-fast
   const knownFlags = new Set([
     '--done', '--skip', '--status', '--reset', '--confirm', '--skip-approval',
     '--output', '--input', '--change',
     '--spec-root', '--runtime-root', '--workspace-id', '--scan-run-id',
+    '--files', '--allow-new', '--force-baseline',
     '--json', '--dir', '--help',
   ])
   for (let i = 0; i < flags.length; i++) {
@@ -482,6 +606,18 @@ function resolveChangeNameAuto(cwd) {
 }
 
 async function runStage(pm, progress, stageName, cwd, changeName, skipApproval = false, platformOpts = {}) {
+  // 状态转换校验
+  const prevStage = progress.currentStage || ''
+  const transition = checkTransition(prevStage, stageName)
+  if (!transition.allowed) {
+    console.error(`❌ 阶段转换不允许: ${prevStage || '(起始)'} → ${stageName}`)
+    console.error(`   原因: ${transition.reason}`)
+    console.error(`   提示: 使用 --skip-approval 绕过（需明确意图）`)
+    if (!skipApproval) {
+      process.exit(1)
+    }
+  }
+
   // execute 阶段启动前检查审批
   if (stageName === 'execute' && !skipApproval) {
     const approval = await checkApproval(cwd, changeName)
@@ -536,6 +672,39 @@ async function runStage(pm, progress, stageName, cwd, changeName, skipApproval =
     console.log(`🔄 ${stageName} 阶段已自动重置，重新开始。\n`)
   }
 
+  // quick 阶段：记录 baselineFiles
+  if (stageName === 'quick' && !progress.quickGuard) {
+    try {
+      const { execSync } = await import('child_process')
+      const gitStatus = execSync('git status --porcelain', { cwd, encoding: 'utf8', timeout: 10000 })
+      const baselineFiles = gitStatus
+        .trim().split('\n').filter(Boolean)
+        .map(line => line.slice(3).trim())
+        .filter(f => !f.startsWith('.sillyspec/'))
+      const allowedFiles = quickFiles || []
+      const allowNew = isAllowNew || false
+      const forceBaseline = isForceBaseline || false
+      progress.quickGuard = {
+        baselineCommit: execSync('git rev-parse HEAD', { cwd, encoding: 'utf8', timeout: 5000 }).trim(),
+        baselineFiles,
+        allowedFiles,
+        allowNew,
+        forceBaseline,
+        startedAt: new Date().toISOString(),
+      }
+      // 写入 quick-guard.json 供 worktree-guard hook 读取
+      const guardFile = join(cwd, '.sillyspec', '.runtime', 'quick-guard.json')
+      writeFileSync(guardFile, JSON.stringify(progress.quickGuard, null, 2))
+      const parts = [`${baselineFiles.length} 个已有脏文件`]
+      if (allowedFiles.length > 0) parts.push(`${allowedFiles.length} 个 allowedFiles`)
+      if (allowNew) parts.push('允许新增文件')
+      console.log(`🛡️ quick 变更边界已记录: ${parts.join(', ')}`)
+      await pm._write(cwd, progress, changeName)
+    } catch (e) {
+      console.warn(`⚠️ baseline 记录失败: ${e.message}`)
+    }
+  }
+
   if (currentIdx > 0) {
     const completed = currentIdx
     const total = steps.length
@@ -627,6 +796,39 @@ function validateFileLocations(cwd, stageName, progress, changeName) {
   }
 }
 
+async function archiveChangeDirectory(pm, cwd, progress) {
+  const { renameSync } = await import('fs')
+  const archiveChangeName = progress.currentChange
+  if (!archiveChangeName) {
+    console.error('❌ 归档失败：未找到当前变更名（currentChange）')
+    process.exit(1)
+  }
+  const changesDir = join(cwd, '.sillyspec', 'changes')
+  const archiveDir = join(changesDir, 'archive')
+  const srcDir = join(changesDir, archiveChangeName)
+  const date = new Date().toISOString().slice(0, 10)
+  const destDir = join(archiveDir, `${date}-${archiveChangeName}`)
+
+  if (!existsSync(srcDir)) {
+    console.error(`❌ 归档失败：源目录不存在 ${srcDir}`)
+    process.exit(1)
+  }
+  if (existsSync(destDir)) {
+    console.error(`❌ 归档失败：目标目录已存在 ${destDir}`)
+    process.exit(1)
+  }
+  mkdirSync(archiveDir, { recursive: true })
+  renameSync(srcDir, destDir)
+
+  if (!existsSync(destDir) || existsSync(srcDir)) {
+    console.error('❌ 归档校验失败：移动操作异常')
+    process.exit(1)
+  }
+
+  await pm.unregisterChange(cwd, archiveChangeName)
+  console.log(`📦 已归档：${archiveChangeName} → archive/${date}-${archiveChangeName}/`)
+}
+
 async function completeStep(pm, progress, stageName, cwd, outputText, inputText = null, options = {}) {
   const { printNext = true, confirm = false, changeName, platformOpts = {} } = options
   const stageData = progress.stages[stageName]
@@ -661,6 +863,36 @@ async function completeStep(pm, progress, stageName, cwd, outputText, inputText
     }
   }
 
+  if (stageName === 'archive' && steps[currentIdx]?.name === '确认归档') {
+    if (!confirm) {
+      steps[currentIdx].status = 'pending'
+      steps[currentIdx].completedAt = null
+      if (outputText) steps[currentIdx].output = null
+      await pm._write(cwd, progress, changeName)
+      console.log('⚠️  请添加 --confirm 确认归档，例如：sillyspec run archive --done --confirm --output "确认归档"')
+      return { stageCompleted: false, currentIdx, nextPendingIdx: currentIdx }
+    }
+    await archiveChangeDirectory(pm, cwd, progress)
+  }
+
+  // archive "确认归档" 步骤完成后，校验归档完整性
+  if (stageName === 'archive' && steps[currentIdx]?.name === '确认归档' && confirm) {
+    const projectName = progress.project || basename(cwd)
+    const contractResult = runValidators('archive', cwd, changeName, { projectName })
+    if (contractResult.errors.length > 0) {
+      console.error(`\n❌ 归档校验失败：`)
+      for (const err of contractResult.errors) {
+        console.error(`   - ${err}`)
+      }
+    }
+    if (contractResult.warnings.length > 0) {
+      console.warn(`\n⚠️ 归档校验警告：`)
+      for (const w of contractResult.warnings) {
+        console.warn(`   - ${w}`)
+      }
+    }
+  }
+
   // plan 阶段 "展开任务" 完成后，动态插入任务蓝图协调器步骤
   if (stageName === 'plan' && steps[currentIdx]?.name === '展开任务并分组') {
     const changeDir = resolveChangeDir(cwd, progress)
@@ -842,45 +1074,6 @@ async function completeStep(pm, progress, stageName, cwd, outputText, inputText
     // 验证关键文件是否在正确的变更目录下
     validateFileLocations(cwd, stageName, progress, changeName)
 
-    // archive 阶段确认归档
-    if (stageName === 'archive' && steps[currentIdx]?.name === '确认归档') {
-      if (confirm) {
-        const { renameSync } = await import('fs')
-        const archiveChangeName = progress.currentChange
-        if (!archiveChangeName) {
-          console.error('❌ 归档失败：未找到当前变更名（currentChange）')
-          process.exit(1)
-        }
-        const changesDir = join(cwd, '.sillyspec', 'changes')
-        const archiveDir = join(changesDir, 'archive')
-        const srcDir = join(changesDir, archiveChangeName)
-        const date = new Date().toISOString().slice(0, 10)
-        const destDir = join(archiveDir, `${date}-${archiveChangeName}`)
-
-        if (!existsSync(srcDir)) {
-          console.error(`❌ 归档失败：源目录不存在 ${srcDir}`)
-          process.exit(1)
-        }
-        if (existsSync(destDir)) {
-          console.error(`❌ 归档失败：目标目录已存在 ${destDir}`)
-          process.exit(1)
-        }
-        mkdirSync(archiveDir, { recursive: true })
-        renameSync(srcDir, destDir)
-
-        if (!existsSync(destDir) || existsSync(srcDir)) {
-          console.error('❌ 归档校验失败：移动操作异常')
-          process.exit(1)
-        }
-
-        // 从全局活跃列表移除
-        await pm.unregisterChange(cwd, archiveChangeName)
-        console.log(`📦 已归档：${archiveChangeName} → archive/${date}-${archiveChangeName}/`)
-      } else {
-        console.log('⚠️  请添加 --confirm 确认归档，例如：sillyspec run archive --done --confirm --output "确认归档"')
-      }
-    }
-
     // 辅助阶段完成后重置步骤
     const stageDef = stageRegistry[stageName]
     if (stageDef?.auxiliary) {
@@ -893,6 +1086,7 @@ async function completeStep(pm, progress, stageName, cwd, outputText, inputText
       stageData.steps = freshSteps
       stageData.status = 'pending'
       stageData.completedAt = null
+      if (progress.currentStage === stageName) progress.currentStage = ''
       await pm._write(cwd, progress, changeName)
     }
 
@@ -925,6 +1119,50 @@ async function completeStep(pm, progress, stageName, cwd, outputText, inputText
     return { stageCompleted: true, currentIdx, nextPendingIdx: -1 }
   }
 
+  // 阶段完成校验
+  const projectName = progress.project || basename(cwd)
+  const contractResult = runValidators(stageName, cwd, changeName, { projectName })
+  if (contractResult.errors.length > 0) {
+    console.error(`\n❌ 阶段 ${stageName} 校验失败：`)
+    for (const err of contractResult.errors) {
+      console.error(`   - ${err}`)
+    }
+    console.error(`\n   提示：修复缺失产物后重新运行此步骤，或使用 --skip-approval 跳过校验`)
+  }
+  if (contractResult.warnings.length > 0) {
+    console.warn(`\n⚠️ 阶段 ${stageName} 校验警告：`)
+    for (const w of contractResult.warnings) {
+      console.warn(`   - ${w}`)
+    }
+  }
+
+  // quick 阶段完成审计
+  if (stageName === 'quick' && progress.quickGuard) {
+    const review = await auditQuickCompletion(cwd, progress.quickGuard, { isConfirm })
+    progress.quickGuard.review = review
+    progress.quickGuard.completedAt = new Date().toISOString()
+    // 清理 quick-guard.json
+    try {
+      const { unlinkSync } = await import('fs')
+      const guardFile = join(cwd, '.sillyspec', '.runtime', 'quick-guard.json')
+      unlinkSync(guardFile)
+    } catch {}
+    if (review.status === 'blocked') {
+      console.error(`\n🚫 quick 变更边界审计 — BLOCKED：`)
+      for (const r of review.reasons) {
+        console.error(`   - ${r}`)
+      }
+      console.error(`\n   这些文件是 baseline 保护的，不应被修改。`)
+    } else if (review.status === 'warning') {
+      console.warn(`\n⚠️ quick 变更边界审计 — WARNING：`)
+      for (const r of review.reasons) {
+        console.warn(`   - ${r}`)
+      }
+    } else {
+      console.log(`\n✅ quick 变更边界审计 — SAFE (变更 ${review.changedFiles.length} 个文件)`)
+    }
+  }
+
   progress.lastActive = new Date().toLocaleString('zh-CN',{hour12:false})
   await pm._write(cwd, progress, changeName)
   triggerSync(cwd, changeName)