switchman-dev 0.1.6 → 0.1.8

package/src/core/planner.js

@@ -2,12 +2,14 @@ import { execSync } from 'child_process';
 import { existsSync, readdirSync, statSync } from 'fs';
 import { basename, join } from 'path';
 
+import { loadChangePolicy } from './policy.js';
+
 const DOMAIN_RULES = [
   { key: 'auth', regex: /\b(auth|login|session|oauth|permission|rbac|token)\b/i, source: ['src/auth/**', 'app/auth/**', 'lib/auth/**', 'server/auth/**', 'client/auth/**'] },
   { key: 'api', regex: /\b(api|endpoint|route|graphql|rest|handler)\b/i, source: ['src/api/**', 'app/api/**', 'server/api/**', 'routes/**'] },
   { key: 'schema', regex: /\b(schema|migration|database|db|sql|prisma)\b/i, source: ['db/**', 'database/**', 'migrations/**', 'prisma/**', 'schema/**', 'src/db/**'] },
   { key: 'config', regex: /\b(config|configuration|env|feature flag|settings?)\b/i, source: ['config/**', '.github/**', '.switchman/**', 'src/config/**'] },
-  { key: 'payments', regex: /\b(payment|billing|invoice|checkout|subscription|stripe)\b/i, source: ['src/payments/**', 'app/payments/**', 'lib/payments/**', 'server/payments/**'] },
+  { key: 'payments', regex: /\b(payments?|billing|invoice|checkout|subscription|stripe)\b/i, source: ['src/payments/**', 'app/payments/**', 'lib/payments/**', 'server/payments/**'] },
   { key: 'ui', regex: /\b(ui|ux|frontend|component|screen|page|layout)\b/i, source: ['src/components/**', 'src/ui/**', 'app/**', 'client/**'] },
   { key: 'infra', regex: /\b(deploy|infra|infrastructure|build|pipeline|docker|kubernetes|terraform)\b/i, source: ['infra/**', '.github/**', 'docker/**', 'scripts/**'] },
   { key: 'docs', regex: /\b(docs?|readme|documentation|integration notes)\b/i, source: ['docs/**', 'README.md'] },
@@ -152,10 +154,8 @@ function deriveSubtaskTitles(title, description) {
   const text = `${title}\n${description || ''}`.toLowerCase();
   const subtasks = [];
   const domains = detectDomains(text);
-  const highRisk = /\b(auth|payment|schema|migration|security|permission|billing)\b/.test(text);
-
-  const docsOnly = /\b(docs?|readme|documentation)\b/.test(text)
-    && !/\b(api|auth|bug|feature|fix|refactor|schema|migration|config|build|test)\b/.test(text);
+  const highRisk = /\b(auth|payments?|schema|migration|security|permission|billing)\b/.test(text);
+  const docsOnly = isDocsOnlyRequest(text);
 
   if (docsOnly) {
     return [`Update docs for: ${title}`];
@@ -178,8 +178,14 @@ function deriveSubtaskTitles(title, description) {
   return subtasks;
 }
 
+function isDocsOnlyRequest(text) {
+  return /\b(docs?|readme|documentation)\b/.test(text)
+    && !/\b(auth|bug|feature|fix|refactor|schema|migration|config|build|test|implement|route|handler|endpoint|model)\b/.test(text);
+}
+
 function inferRiskLevel(text) {
-  if (/\b(auth|payment|schema|migration|security|permission|billing)\b/.test(text)) return 'high';
+  if (isDocsOnlyRequest(text)) return 'low';
+  if (/\b(auth|payments?|schema|migration|security|permission|billing)\b/.test(text)) return 'high';
   if (/\b(api|config|deploy|build|infra)\b/.test(text)) return 'medium';
   return 'low';
 }
@@ -376,7 +382,7 @@ function buildFollowupDeliverables({ taskType, riskLevel, domains }) {
   return uniq(deliverables);
 }
 
-function buildValidationRules({ taskType, riskLevel, domains }) {
+function buildValidationRules({ taskType, riskLevel, domains, changePolicy = null }) {
   if (taskType !== 'implementation') {
     return {
       enforcement: 'none',
@@ -403,14 +409,30 @@ function buildValidationRules({ taskType, riskLevel, domains }) {
     rationale.push('public or shared boundaries require updated docs or integration notes');
   }
 
-  const enforcement = domains.some((domain) => ['auth', 'payments', 'schema'].includes(domain))
+  const matchedPolicyRules = domains
+    .map((domain) => changePolicy?.domain_rules?.[domain] || null)
+    .filter(Boolean);
+  for (const rule of matchedPolicyRules) {
+    requiredCompletedTaskTypes.push(...(rule.required_completed_task_types || []));
+    rationale.push(...(rule.rationale || []));
+  }
+
+  const enforcementRank = { none: 0, warn: 1, blocked: 2 };
+  const defaultEnforcement = domains.some((domain) => ['auth', 'payments', 'schema'].includes(domain))
     ? 'blocked'
     : (requiredCompletedTaskTypes.length > 0 ? 'warn' : 'none');
+  const policyEnforcement = matchedPolicyRules
+    .map((rule) => rule.enforcement || 'none')
+    .reduce((highest, current) =>
+      enforcementRank[current] > enforcementRank[highest] ? current : highest, 'none');
+  const enforcement = enforcementRank[policyEnforcement] > enforcementRank[defaultEnforcement]
+    ? policyEnforcement
+    : defaultEnforcement;
 
   return {
     enforcement,
     required_completed_task_types: uniq(requiredCompletedTaskTypes),
-    rationale,
+    rationale: uniq(rationale),
   };
 }
 
@@ -430,7 +452,7 @@ function extractObjectiveKeywords(title, domains = []) {
   ]).slice(0, 8);
 }
 
-export function buildTaskSpec({ pipelineId, taskId, title, issueTitle, issueDescription = null, suggestedWorktree = null, dependencies = [], repoContext = null }) {
+export function buildTaskSpec({ pipelineId, taskId, title, issueTitle, issueDescription = null, suggestedWorktree = null, dependencies = [], repoContext = null, changePolicy = null }) {
   const taskType = inferTaskType(title);
   const text = `${issueTitle}\n${issueDescription || ''}\n${title}`.toLowerCase();
   const domains = detectDomains(text);
@@ -458,7 +480,7 @@ export function buildTaskSpec({ pipelineId, taskId, title, issueTitle, issueDesc
     expected_output_types: expectedOutputTypes,
     required_deliverables: buildRequiredDeliverables({ taskType, riskLevel, domains }),
     followup_deliverables: buildFollowupDeliverables({ taskType, riskLevel, domains }),
-    validation_rules: buildValidationRules({ taskType, riskLevel, domains }),
+    validation_rules: buildValidationRules({ taskType, riskLevel, domains, changePolicy }),
     success_criteria: buildSuccessCriteria({ taskType, allowedPaths, dependencies }),
     risk_level: riskLevel,
     execution_policy: buildExecutionPolicy({ taskType, riskLevel }),
@@ -468,6 +490,7 @@ export function buildTaskSpec({ pipelineId, taskId, title, issueTitle, issueDesc
 export function planPipelineTasks({ pipelineId, title, description = null, worktrees = [], maxTasks = 5, repoRoot = null }) {
   const subtaskTitles = deriveSubtaskTitles(title, description).slice(0, maxTasks);
   const repoContext = buildRepoContext(repoRoot);
+  const changePolicy = loadChangePolicy(repoRoot);
   let implementationTaskId = null;
 
   return subtaskTitles.map((subtaskTitle, index) => {
@@ -489,6 +512,7 @@ export function planPipelineTasks({ pipelineId, title, description = null, workt
       suggestedWorktree,
       dependencies,
       repoContext,
+      changePolicy,
     });
 
     const task = {

package/src/core/policy.js

@@ -4,14 +4,56 @@ import { dirname, join } from 'path';
 export const DEFAULT_LEASE_POLICY = {
   heartbeat_interval_seconds: 60,
   stale_after_minutes: 15,
-  reap_on_status_check: false,
+  reap_on_status_check: true,
   requeue_task_on_reap: true,
 };
 
+export const DEFAULT_CHANGE_POLICY = {
+  domain_rules: {
+    auth: {
+      required_completed_task_types: ['tests', 'governance'],
+      enforcement: 'blocked',
+      rationale: [
+        'auth changes require completed tests before landing',
+        'auth changes require completed governance review before landing',
+      ],
+    },
+    payments: {
+      required_completed_task_types: ['tests', 'governance'],
+      enforcement: 'blocked',
+      rationale: [
+        'payments changes require completed tests before landing',
+        'payments changes require completed governance review before landing',
+      ],
+    },
+    schema: {
+      required_completed_task_types: ['tests', 'governance', 'docs'],
+      enforcement: 'blocked',
+      rationale: [
+        'schema changes require completed tests before landing',
+        'schema changes require completed governance review before landing',
+        'schema changes require completed docs or migration notes before landing',
+      ],
+    },
+    config: {
+      required_completed_task_types: ['docs', 'governance'],
+      enforcement: 'warn',
+      rationale: [
+        'shared config changes should include updated docs or runbooks',
+        'shared config changes should include governance review',
+      ],
+    },
+  },
+};
+
 export function getLeasePolicyPath(repoRoot) {
   return join(repoRoot, '.switchman', 'lease-policy.json');
 }
 
+export function getChangePolicyPath(repoRoot) {
+  return join(repoRoot, '.switchman', 'change-policy.json');
+}
+
 export function loadLeasePolicy(repoRoot) {
   const policyPath = getLeasePolicyPath(repoRoot);
   if (!existsSync(policyPath)) {
@@ -47,3 +89,66 @@ export function writeLeasePolicy(repoRoot, policy = {}) {
   writeFileSync(policyPath, `${JSON.stringify(normalized, null, 2)}\n`);
   return policyPath;
 }
+
+function normalizeDomainRule(rule = {}, fallback = {}) {
+  const requiredCompletedTaskTypes = Array.isArray(rule.required_completed_task_types)
+    ? rule.required_completed_task_types.filter(Boolean)
+    : (fallback.required_completed_task_types || []);
+  const enforcement = ['none', 'warn', 'blocked'].includes(rule.enforcement)
+    ? rule.enforcement
+    : (fallback.enforcement || 'none');
+  const rationale = Array.isArray(rule.rationale)
+    ? rule.rationale.filter(Boolean)
+    : (fallback.rationale || []);
+
+  return {
+    required_completed_task_types: [...new Set(requiredCompletedTaskTypes)],
+    enforcement,
+    rationale,
+  };
+}
+
+export function loadChangePolicy(repoRoot) {
+  const policyPath = getChangePolicyPath(repoRoot);
+  if (!existsSync(policyPath)) {
+    return JSON.parse(JSON.stringify(DEFAULT_CHANGE_POLICY));
+  }
+
+  try {
+    const parsed = JSON.parse(readFileSync(policyPath, 'utf8'));
+    const rules = {
+      ...DEFAULT_CHANGE_POLICY.domain_rules,
+      ...(parsed?.domain_rules || {}),
+    };
+
+    return {
+      domain_rules: Object.fromEntries(
+        Object.entries(rules).map(([domain, rule]) => [
+          domain,
+          normalizeDomainRule(rule, DEFAULT_CHANGE_POLICY.domain_rules[domain] || {}),
+        ]),
+      ),
+    };
+  } catch {
+    return JSON.parse(JSON.stringify(DEFAULT_CHANGE_POLICY));
+  }
+}
+
+export function writeChangePolicy(repoRoot, policy = {}) {
+  const policyPath = getChangePolicyPath(repoRoot);
+  mkdirSync(dirname(policyPath), { recursive: true });
+  const mergedRules = {
+    ...DEFAULT_CHANGE_POLICY.domain_rules,
+    ...(policy?.domain_rules || {}),
+  };
+  const normalized = {
+    domain_rules: Object.fromEntries(
+      Object.entries(mergedRules).map(([domain, rule]) => [
+        domain,
+        normalizeDomainRule(rule, DEFAULT_CHANGE_POLICY.domain_rules[domain] || {}),
+      ]),
+    ),
+  };
+  writeFileSync(policyPath, `${JSON.stringify(normalized, null, 2)}\n`);
+  return policyPath;
+}