tissues 0.6.0 → 0.6.2

package/src/lib/enhancements.test.js

@@ -0,0 +1,294 @@
+import { test, describe } from 'node:test'
+import assert from 'node:assert/strict'
+import fs from 'node:fs'
+import path from 'node:path'
+import os from 'node:os'
+import {
+  BUILT_IN_ENHANCEMENTS,
+  builtInEnhancementKeys,
+  listEnhancements,
+  loadEnhancement,
+  loadAllEnhancements,
+  parseEnhancementFile,
+} from './enhancements.js'
+
+// ---------------------------------------------------------------------------
+// BUILT_IN_ENHANCEMENTS
+// ---------------------------------------------------------------------------
+
+describe('BUILT_IN_ENHANCEMENTS', () => {
+  test('has 8 built-in enhancements', () => {
+    assert.equal(Object.keys(BUILT_IN_ENHANCEMENTS).length, 8)
+  })
+
+  test('each enhancement has required fields', () => {
+    for (const [key, enh] of Object.entries(BUILT_IN_ENHANCEMENTS)) {
+      assert.ok(enh.key, `${key} has key`)
+      assert.ok(enh.name, `${key} has name`)
+      assert.ok(typeof enh.maxTokens === 'number', `${key} has maxTokens`)
+      assert.ok(['always', 'auto', 'never'].includes(enh.mode), `${key} has valid mode`)
+      assert.ok(['json', 'markdown'].includes(enh.format), `${key} has valid format`)
+      assert.ok(enh.contextKey, `${key} has contextKey`)
+      assert.ok(typeof enh.order === 'number', `${key} has order`)
+      assert.ok(typeof enh.prompt === 'string', `${key} has prompt`)
+      assert.ok(enh.prompt.length > 0, `${key} prompt is non-empty`)
+    }
+  })
+
+  test('triage and format are structural', () => {
+    assert.equal(BUILT_IN_ENHANCEMENTS.triage.isStructural, true)
+    assert.equal(BUILT_IN_ENHANCEMENTS.format.isStructural, true)
+    assert.equal(BUILT_IN_ENHANCEMENTS.context.isStructural, false)
+  })
+
+  test('orders are correct', () => {
+    assert.equal(BUILT_IN_ENHANCEMENTS.triage.order, 10)
+    assert.equal(BUILT_IN_ENHANCEMENTS.dedup.order, 15)
+    assert.equal(BUILT_IN_ENHANCEMENTS.context.order, 20)
+    assert.equal(BUILT_IN_ENHANCEMENTS.scope.order, 30)
+    assert.equal(BUILT_IN_ENHANCEMENTS.complexity.order, 40)
+    assert.equal(BUILT_IN_ENHANCEMENTS.risk.order, 50)
+    assert.equal(BUILT_IN_ENHANCEMENTS.labels.order, 60)
+    assert.equal(BUILT_IN_ENHANCEMENTS.format.order, 90)
+  })
+})
+
+describe('builtInEnhancementKeys', () => {
+  test('returns all 8 keys', () => {
+    const keys = builtInEnhancementKeys()
+    assert.equal(keys.length, 8)
+    assert.ok(keys.includes('triage'))
+    assert.ok(keys.includes('format'))
+  })
+})
+
+// ---------------------------------------------------------------------------
+// parseEnhancementFile
+// ---------------------------------------------------------------------------
+
+describe('parseEnhancementFile', () => {
+  test('parses frontmatter + body', () => {
+    const content = [
+      '---',
+      'name: Security Review',
+      'maxTokens: 2048',
+      'mode: always',
+      'format: json',
+      'contextKey: securityScore',
+      'order: 55',
+      'requires: ["scopeAnalysis"]',
+      '---',
+      'You are a security reviewer.',
+      'Return JSON.',
+    ].join('\n')
+
+    const { meta, prompt } = parseEnhancementFile(content)
+    assert.equal(meta.name, 'Security Review')
+    assert.equal(meta.maxTokens, 2048)
+    assert.equal(meta.mode, 'always')
+    assert.equal(meta.format, 'json')
+    assert.equal(meta.contextKey, 'securityScore')
+    assert.equal(meta.order, 55)
+    assert.deepEqual(meta.requires, ['scopeAnalysis'])
+    assert.ok(prompt.includes('You are a security reviewer.'))
+  })
+
+  test('handles file with no frontmatter', () => {
+    const content = 'Just a plain prompt.'
+    const { meta, prompt } = parseEnhancementFile(content)
+    assert.deepEqual(meta, {})
+    assert.equal(prompt, 'Just a plain prompt.')
+  })
+
+  test('parses boolean values', () => {
+    const content = '---\nname: Test\nsome: true\nother: false\n---\nprompt'
+    const { meta } = parseEnhancementFile(content)
+    assert.equal(meta.some, true)
+    assert.equal(meta.other, false)
+  })
+
+  test('parses numeric values', () => {
+    const content = '---\nmaxTokens: 512\norder: 42\n---\nprompt'
+    const { meta } = parseEnhancementFile(content)
+    assert.equal(meta.maxTokens, 512)
+    assert.equal(meta.order, 42)
+  })
+})
+
+// ---------------------------------------------------------------------------
+// listEnhancements
+// ---------------------------------------------------------------------------
+
+describe('listEnhancements', () => {
+  test('returns an array including built-ins', () => {
+    const list = listEnhancements(os.tmpdir())
+    assert.ok(Array.isArray(list))
+    const builtInKeys = list.filter((e) => e.source === 'built-in').map((e) => e.key)
+    assert.ok(builtInKeys.includes('triage'))
+    assert.ok(builtInKeys.includes('format'))
+  })
+
+  test('each item has key, name, source, mode, order', () => {
+    const list = listEnhancements(os.tmpdir())
+    for (const item of list) {
+      assert.ok('key' in item)
+      assert.ok('name' in item)
+      assert.ok('source' in item)
+      assert.ok('mode' in item)
+      assert.ok('order' in item)
+    }
+  })
+})
+
+// ---------------------------------------------------------------------------
+// loadEnhancement
+// ---------------------------------------------------------------------------
+
+describe('loadEnhancement', () => {
+  test('loads a built-in enhancement', () => {
+    const enh = loadEnhancement('triage', os.tmpdir())
+    assert.equal(enh.key, 'triage')
+    assert.equal(enh.source, 'built-in')
+    assert.ok(enh.prompt.length > 0)
+  })
+
+  test('throws for unknown enhancement', () => {
+    assert.throws(
+      () => loadEnhancement('does-not-exist', os.tmpdir()),
+      /Enhancement "does-not-exist" not found/,
+    )
+  })
+})
+
+// ---------------------------------------------------------------------------
+// Three-tier priority
+// ---------------------------------------------------------------------------
+
+describe('three-tier priority', () => {
+  test('user enhancement overrides built-in', () => {
+    const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'tissues-enh-test-'))
+    fs.mkdirSync(path.join(tmpDir, '.git'))
+
+    // Create a user enhancement that overrides 'context'
+    const userDir = path.join(os.homedir(), '.config', 'tissues', 'enhancements')
+    const testFile = path.join(userDir, '__test-context-override.md')
+
+    try {
+      fs.mkdirSync(userDir, { recursive: true })
+      fs.writeFileSync(testFile, '---\nname: Custom Context\nmaxTokens: 512\n---\nCustom prompt here.')
+
+      const enh = loadEnhancement('__test-context-override', tmpDir)
+      assert.equal(enh.source, 'user')
+      assert.ok(enh.prompt.includes('Custom prompt here.'))
+    } finally {
+      try { fs.unlinkSync(testFile) } catch { /* ignore */ }
+      fs.rmSync(tmpDir, { recursive: true, force: true })
+    }
+  })
+
+  test('repo enhancement overrides user and built-in', () => {
+    const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'tissues-enh-repo-test-'))
+    fs.mkdirSync(path.join(tmpDir, '.git'))
+    fs.mkdirSync(path.join(tmpDir, '.tissues', 'enhancements'), { recursive: true })
+    fs.writeFileSync(
+      path.join(tmpDir, '.tissues', 'enhancements', 'context.md'),
+      '---\nname: Repo Context\n---\nRepo-level context prompt.',
+    )
+
+    try {
+      const enh = loadEnhancement('context', tmpDir)
+      assert.equal(enh.source, 'repo')
+      assert.ok(enh.prompt.includes('Repo-level context prompt.'))
+    } finally {
+      fs.rmSync(tmpDir, { recursive: true, force: true })
+    }
+  })
+
+  test('repo enhancements appear before built-ins in list', () => {
+    const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'tissues-enh-list-test-'))
+    fs.mkdirSync(path.join(tmpDir, '.git'))
+    fs.mkdirSync(path.join(tmpDir, '.tissues', 'enhancements'), { recursive: true })
+    fs.writeFileSync(
+      path.join(tmpDir, '.tissues', 'enhancements', 'context.md'),
+      '---\nname: Repo Context\n---\nOverride.',
+    )
+
+    try {
+      const list = listEnhancements(tmpDir)
+      const repoIdx = list.findIndex((e) => e.source === 'repo' && e.key === 'context')
+      const builtInIdx = list.findIndex((e) => e.source === 'built-in' && e.key === 'context')
+      assert.ok(repoIdx >= 0)
+      assert.ok(builtInIdx >= 0)
+      assert.ok(repoIdx < builtInIdx)
+    } finally {
+      fs.rmSync(tmpDir, { recursive: true, force: true })
+    }
+  })
+})
+
+// ---------------------------------------------------------------------------
+// loadAllEnhancements
+// ---------------------------------------------------------------------------
+
+describe('loadAllEnhancements', () => {
+  test('returns sorted array of all enhancements', () => {
+    const all = loadAllEnhancements(os.tmpdir())
+    assert.ok(Array.isArray(all))
+    assert.ok(all.length >= 8)
+
+    // Verify sorted by order
+    for (let i = 1; i < all.length; i++) {
+      assert.ok(all[i].order >= all[i - 1].order, `${all[i].key} order >= ${all[i - 1].key}`)
+    }
+  })
+
+  test('custom enhancements are included', () => {
+    const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'tissues-enh-all-test-'))
+    fs.mkdirSync(path.join(tmpDir, '.git'))
+    fs.mkdirSync(path.join(tmpDir, '.tissues', 'enhancements'), { recursive: true })
+    fs.writeFileSync(
+      path.join(tmpDir, '.tissues', 'enhancements', 'security.md'),
+      '---\nname: Security Review\norder: 55\ncontextKey: securityScore\n---\nReview security.',
+    )
+
+    try {
+      const all = loadAllEnhancements(tmpDir)
+      const security = all.find((e) => e.key === 'security')
+      assert.ok(security)
+      assert.equal(security.name, 'Security Review')
+      assert.equal(security.order, 55)
+      assert.equal(security.source, 'repo')
+    } finally {
+      fs.rmSync(tmpDir, { recursive: true, force: true })
+    }
+  })
+
+  test('user override preserves isStructural from built-in', () => {
+    const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'tissues-enh-struct-test-'))
+    fs.mkdirSync(path.join(tmpDir, '.git'))
+
+    const userDir = path.join(os.homedir(), '.config', 'tissues', 'enhancements')
+    const testFile = path.join(userDir, 'triage.md')
+
+    // Only run this test if we can safely write and clean up
+    let wrote = false
+    try {
+      // Skip if user already has a triage override
+      if (fs.existsSync(testFile)) {
+        return
+      }
+      fs.mkdirSync(userDir, { recursive: true })
+      fs.writeFileSync(testFile, '---\nname: Custom Triage\n---\nCustom triage prompt.')
+      wrote = true
+
+      const all = loadAllEnhancements(tmpDir)
+      const triage = all.find((e) => e.key === 'triage')
+      assert.ok(triage)
+      assert.equal(triage.isStructural, true) // preserved from built-in
+      assert.equal(triage.source, 'user')
+    } finally {
+      if (wrote) try { fs.unlinkSync(testFile) } catch { /* ignore */ }
+      fs.rmSync(tmpDir, { recursive: true, force: true })
+    }
+  })
+})

package/src/lib/gh.js

@@ -321,16 +321,22 @@ export function addLabelsToIssue(repo, issueNumber, labels) {
  */
 export function listIssues(repo, opts = {}) {
   const limit = opts.limit ?? 100
-  const raw = execFileSync('gh', [
-    'issue', 'list',
-    '--repo', repo,
-    '--state', 'open',
-    '--limit', String(limit),
-    '--json', 'number,title,url,labels,createdAt',
-  ], {
-    encoding: 'utf8',
-    stdio: ['ignore', 'pipe', 'ignore'],
-  }).trim()
+  let raw
+  try {
+    raw = execFileSync('gh', [
+      'issue', 'list',
+      '--repo', repo,
+      '--state', 'open',
+      '--limit', String(limit),
+      '--json', 'number,title,url,labels,createdAt',
+    ], {
+      encoding: 'utf8',
+      stdio: ['ignore', 'pipe', 'pipe'],
+    }).trim()
+  } catch (err) {
+    const reason = (err.stderr || err.message || '').trim()
+    throw new Error(`gh issue list failed: ${reason}`)
+  }
 
   if (!raw) return []
   const issues = JSON.parse(raw)
@@ -375,6 +381,66 @@ export function uploadImageToRepo(repo, localPath, filename) {
   return { url, path: repoPath }
 }
 
+/**
+ * Fetch issues via `gh api` with incremental sync support.
+ * Returns raw GitHub API issue objects (not pull requests).
+ *
+ * @param {string} repo - owner/name
+ * @param {{ since?: string, state?: string, perPage?: number, page?: number }} [opts]
+ * @returns {Array<object>} raw API issue objects
+ */
+export function fetchIssuesApi(repo, opts = {}) {
+  const { since, state = 'all', perPage = 100, page = 1 } = opts
+  let endpoint = `repos/${repo}/issues?state=${state}&per_page=${perPage}&page=${page}&sort=updated&direction=asc`
+  if (since) endpoint += `&since=${since}`
+
+  let raw
+  try {
+    raw = execFileSync('gh', ['api', endpoint], {
+      encoding: 'utf8',
+      stdio: ['ignore', 'pipe', 'pipe'],
+    }).trim()
+  } catch (err) {
+    const reason = (err.stderr || err.message || '').trim()
+    throw new Error(`gh api issues failed: ${reason}`)
+  }
+
+  if (!raw) return []
+  const items = JSON.parse(raw)
+  // Filter out pull requests (they have a pull_request key)
+  return items.filter(i => !i.pull_request)
+}
+
+/**
+ * Fetch labels via `gh api` with full details.
+ *
+ * @param {string} repo - owner/name
+ * @param {{ perPage?: number, page?: number }} [opts]
+ * @returns {Array<{ name: string, color: string, description: string }>}
+ */
+export function fetchLabelsApi(repo, opts = {}) {
+  const { perPage = 100, page = 1 } = opts
+  let raw
+  try {
+    raw = execFileSync('gh', [
+      'api', `repos/${repo}/labels?per_page=${perPage}&page=${page}`,
+    ], {
+      encoding: 'utf8',
+      stdio: ['ignore', 'pipe', 'pipe'],
+    }).trim()
+  } catch (err) {
+    const reason = (err.stderr || err.message || '').trim()
+    throw new Error(`gh api labels failed: ${reason}`)
+  }
+
+  if (!raw) return []
+  return JSON.parse(raw).map(l => ({
+    name: l.name,
+    color: l.color || '',
+    description: l.description || '',
+  }))
+}
+
 /**
  * List repos the user has access to.
  * @param {{ limit?: number }} [opts]

package/src/lib/safety.test.js

@@ -0,0 +1,217 @@
+/**
+ * Tests for safety.js
+ *
+ * safety.js depends heavily on db.js (SQLite). These tests focus on the
+ * pure/isolated behaviors: formatCooldownRemaining logic is internal, so we
+ * test the exported interface surface that does NOT require a live DB.
+ *
+ * For the DB-dependent functions (checkSafety, recordSuccess, recordFailure,
+ * getSafetyStatus, forceReset) we use a real SQLite DB in a temp directory so
+ * the tests remain self-contained and clean up after themselves.
+ */
+
+import { test, describe, before, after } from 'node:test'
+import assert from 'node:assert/strict'
+import fs from 'node:fs'
+import path from 'node:path'
+import os from 'node:os'
+
+// ---------------------------------------------------------------------------
+// Set up an isolated temp directory that looks like a git repo so db.js
+// writes tissues.db there instead of into the project root.
+// ---------------------------------------------------------------------------
+
+let tmpDir
+
+before(() => {
+  tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'tissues-safety-test-'))
+  // Create .git so findRepoRootForDb resolves here
+  fs.mkdirSync(path.join(tmpDir, '.git'))
+  // Point the process cwd so db.js resolves correctly when the module is loaded
+  process.chdir(tmpDir)
+})
+
+after(() => {
+  // Restore cwd to something safe
+  try { process.chdir(os.tmpdir()) } catch { /* ignore */ }
+  // Clean up temp dir
+  try { fs.rmSync(tmpDir, { recursive: true, force: true }) } catch { /* ignore */ }
+})
+
+// Import AFTER before() sets up tmpDir so db.js picks up the right cwd.
+// Node ESM caches modules so we import lazily in each test instead.
+// We use dynamic import inside the tests to defer resolution.
+// However, since ESM imports are hoisted, we need a workaround:
+// we define a helper that loads the module on demand via dynamic import.
+async function getSafety() {
+  return import('./safety.js')
+}
+
+async function getDb() {
+  return import('./db.js')
+}
+
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+
+describe('checkSafety – allowed when no events recorded', () => {
+  test('returns allowed=true and circuitState=closed for fresh repo/agent', async () => {
+    const { checkSafety } = await getSafety()
+    const result = checkSafety('test/repo-fresh', 'agent-alpha')
+    assert.equal(result.allowed, true)
+    assert.equal(result.circuitState, 'closed')
+    assert.ok(result.rateInfo)
+  })
+
+  test('rateInfo contains rate counters', async () => {
+    const { checkSafety } = await getSafety()
+    const result = checkSafety('test/repo-fresh2', 'agent-beta')
+    assert.ok('agentHourCount' in result.rateInfo)
+    assert.ok('agentBurstCount' in result.rateInfo)
+    assert.ok('globalHourCount' in result.rateInfo)
+  })
+})
+
+describe('checkSafety – rate limit enforcement', () => {
+  test('blocks when per-agent hourly limit is reached', async () => {
+    const { checkSafety } = await getSafety()
+    const { recordRateEvent } = await getDb()
+    const repo = 'test/repo-hourly'
+    const agent = 'agent-hourly'
+
+    // Simulate maxPerHour (default 10) create events
+    for (let i = 0; i < 10; i++) {
+      recordRateEvent(repo, agent, 'create')
+    }
+
+    const result = checkSafety(repo, agent)
+    assert.equal(result.allowed, false)
+    assert.ok(result.reason.includes('Hourly rate limit'))
+    assert.equal(result.circuitState, 'closed')
+  })
+
+  test('blocks when burst limit is reached', async () => {
+    const { checkSafety } = await getSafety()
+    const { recordRateEvent } = await getDb()
+    const repo = 'test/repo-burst'
+    const agent = 'agent-burst'
+
+    // Simulate burstLimit (default 5) create events in burst window
+    for (let i = 0; i < 5; i++) {
+      recordRateEvent(repo, agent, 'create')
+    }
+
+    const result = checkSafety(repo, agent)
+    assert.equal(result.allowed, false)
+    assert.ok(result.reason.includes('Burst rate limit') || result.reason.includes('Hourly rate limit'))
+  })
+
+  test('custom config overrides default limits', async () => {
+    const { checkSafety } = await getSafety()
+    const { recordRateEvent } = await getDb()
+    const repo = 'test/repo-custom'
+    const agent = 'agent-custom'
+
+    // Record 2 events — should be blocked with maxPerHour=2
+    recordRateEvent(repo, agent, 'create')
+    recordRateEvent(repo, agent, 'create')
+
+    const result = checkSafety(repo, agent, { maxPerHour: 2, burstLimit: 10 })
+    assert.equal(result.allowed, false)
+    assert.ok(result.reason.includes('Hourly rate limit'))
+  })
+})
+
+describe('checkSafety – circuit breaker', () => {
+  test('circuit is open after being tripped', async () => {
+    const { checkSafety } = await getSafety()
+    const { tripCircuit } = await getDb()
+    const repo = 'test/repo-circuit'
+    const agent = 'agent-circuit'
+
+    tripCircuit(repo, agent, 30)
+
+    const result = checkSafety(repo, agent)
+    assert.equal(result.allowed, false)
+    assert.equal(result.circuitState, 'open')
+    assert.ok(result.reason.includes('Circuit breaker is open'))
+  })
+
+  test('circuit resets to closed after forceReset', async () => {
+    const { checkSafety, forceReset } = await getSafety()
+    const { tripCircuit } = await getDb()
+    const repo = 'test/repo-reset'
+    const agent = 'agent-reset'
+
+    tripCircuit(repo, agent, 30)
+    forceReset(repo, agent)
+
+    const result = checkSafety(repo, agent)
+    assert.equal(result.circuitState, 'closed')
+    assert.equal(result.allowed, true)
+  })
+})
+
+describe('recordSuccess', () => {
+  test('recording success does not throw', async () => {
+    const { recordSuccess } = await getSafety()
+    assert.doesNotThrow(() => recordSuccess('test/repo-ok', 'agent-ok'))
+  })
+
+  test('recording success increments rate event count', async () => {
+    const { recordSuccess } = await getSafety()
+    const { countRecentEvents } = await getDb()
+    const repo = 'test/repo-success-count'
+    const agent = 'agent-sc'
+
+    const before = countRecentEvents(repo, agent, 60)
+    recordSuccess(repo, agent)
+    const after = countRecentEvents(repo, agent, 60)
+    assert.equal(after, before + 1)
+  })
+})
+
+describe('recordFailure', () => {
+  test('recording failures does not throw', async () => {
+    const { recordFailure } = await getSafety()
+    assert.doesNotThrow(() => recordFailure('test/repo-fail', 'agent-fail'))
+  })
+
+  test('circuit trips after tripThreshold failures', async () => {
+    const { recordFailure, checkSafety } = await getSafety()
+    const repo = 'test/repo-trip'
+    const agent = 'agent-trip'
+    const config = { tripThreshold: 3, cooldownMinutes: 30 }
+
+    recordFailure(repo, agent, config)
+    recordFailure(repo, agent, config)
+    recordFailure(repo, agent, config) // should trip
+
+    const result = checkSafety(repo, agent)
+    assert.equal(result.circuitState, 'open')
+    assert.equal(result.allowed, false)
+  })
+})
+
+describe('getSafetyStatus', () => {
+  test('returns a formatted string with status info', async () => {
+    const { getSafetyStatus } = await getSafety()
+    const status = getSafetyStatus('test/repo-status', 'agent-status')
+    assert.ok(typeof status === 'string')
+    assert.ok(status.includes('Circuit breaker'))
+    assert.ok(status.includes('Hourly'))
+    assert.ok(status.includes('Burst'))
+  })
+
+  test('shows OPEN in status when circuit is tripped', async () => {
+    const { getSafetyStatus } = await getSafety()
+    const { tripCircuit } = await getDb()
+    const repo = 'test/repo-status-open'
+    const agent = 'agent-status-open'
+
+    tripCircuit(repo, agent, 30)
+    const status = getSafetyStatus(repo, agent)
+    assert.ok(status.includes('OPEN'))
+  })
+})