tribunal-kit 4.4.1 → 4.4.2

package/.agent/scripts/dependency_analyzer.js

@@ -1,272 +1,234 @@
-#!/usr/bin/env node
-/**
- * dependency_analyzer.js — Dependency health checker for the Tribunal Agent Kit.
- *
- * Analyzes project dependencies for:
- *   - Unused packages (in package.json but never imported)
- *   - Phantom imports (imported but not in package.json)
- *   - npm audit / pip-audit results
- *   - Duplicate/overlapping packages
- *
- * Usage:
- *   node .agent/scripts/dependency_analyzer.js .
- *   node .agent/scripts/dependency_analyzer.js . --audit
- *   node .agent/scripts/dependency_analyzer.js . --check-unused
- */
-
-'use strict';
-
-const fs = require('fs');
-const path = require('path');
-const { spawnSync } = require('child_process');
-
-const { RED, GREEN, YELLOW, BLUE, BOLD, RESET } = require('./colors.js');
-
-const SOURCE_EXTENSIONS = new Set([".ts", ".tsx", ".js", ".jsx", ".mjs", ".cjs"]);
-const SKIP_DIRS = new Set(["node_modules", ".git", "dist", "build", ".next", ".agent", "__pycache__", "test", "tests", "__tests__"]);
-
-const NODE_BUILTINS = new Set([
-    "fs", "path", "os", "crypto", "http", "https", "url", "util",
-    "stream", "events", "child_process", "cluster", "net", "dns",
-    "tls", "readline", "zlib", "buffer", "querystring", "string_decoder",
-    "assert", "perf_hooks", "worker_threads", "timers", "v8",
-    "node:fs", "node:path", "node:os", "node:crypto", "node:http",
-    "node:https", "node:url", "node:util", "node:stream", "node:events",
-    "node:child_process", "node:net", "node:dns", "node:tls",
-    "node:readline", "node:zlib", "node:buffer", "node:assert",
-    "node:perf_hooks", "node:worker_threads", "node:timers"
-]);
-
-function header(title) {
-    console.log(`\n${BOLD}${BLUE}━━━ ${title} ━━━${RESET}`);
-}
-
-function ok(msg) {
-    console.log(`  ${GREEN}✅ ${msg}${RESET}`);
-}
-
-function fail(msg) {
-    console.log(`  ${RED}❌ ${msg}${RESET}`);
-}
-
-function warn(msg) {
-    console.log(`  ${YELLOW}⚠️  ${msg}${RESET}`);
-}
-
-function skip(msg) {
-    console.log(`  ${YELLOW}⏭️  ${msg}${RESET}`);
-}
-
-function loadPackageJson(projectRoot) {
-    const pkgPath = path.resolve(projectRoot, "package.json");
-    if (!fs.existsSync(pkgPath)) return null;
-    try {
-        return JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
-    } catch {
-        return null;
-    }
-}
-
-function extractImports(projectRoot) {
-    const imports = new Set();
-    const importPatterns = [
-        /(?:import|export)\s+.*?\s+from\s+["']([^"'.][^"']*)["']/g,
-        /require\s*\(\s*["']([^"'.][^"']*)["']/g,
-        /import\s*\(\s*["']([^"'.][^"']*)["']/g
-    ];
-
-    function walk(dir) {
-        let items;
-        try {
-            items = fs.readdirSync(dir, { withFileTypes: true });
-        } catch {
-            return;
-        }
-
-        for (const item of items) {
-            if (item.isDirectory()) {
-                if (!SKIP_DIRS.has(item.name)) walk(path.join(dir, item.name));
-            } else {
-                const ext = path.extname(item.name);
-                if (SOURCE_EXTENSIONS.has(ext)) {
-                    try {
-                        const content = fs.readFileSync(path.join(dir, item.name), 'utf8');
-                        for (const pattern of importPatterns) {
-                            let match;
-                            while ((match = pattern.exec(content)) !== null) {
-                                let pkg = match[1];
-                                if (pkg.startsWith("@")) {
-                                    const parts = pkg.split("/");
-                                    pkg = parts.length >= 2 ? `${parts[0]}/${parts[1]}` : pkg;
-                                } else {
-                                    pkg = pkg.split("/")[0];
-                                }
-                                imports.add(pkg);
-                            }
-                        }
-                    } catch {}
-                }
-            }
-        }
-    }
-
-    walk(projectRoot);
-    return imports;
-}
-
-function checkUnused(pkg, usedImports) {
-    const allDeps = new Set([
-        ...Object.keys(pkg.dependencies || {}),
-        ...Object.keys(pkg.devDependencies || {})
-    ]);
-
-    const implicitPackages = new Set([
-        "typescript", "eslint", "prettier", "vitest", "jest", "ts-node",
-        "@types/node", "@types/react", "tailwindcss", "postcss", "autoprefixer",
-        "nodemon", "tsx", "vite", "next", "webpack", "babel", "@babel/core"
-    ]);
-
-    const unused = [];
-    for (const d of allDeps) {
-        if (!implicitPackages.has(d) && !d.startsWith("@types/") && !usedImports.has(d)) {
-            unused.push(d);
-        }
-    }
-    return unused.sort();
-}
-
-function checkPhantom(pkg, usedImports) {
-    const allDeps = new Set([
-        ...Object.keys(pkg.dependencies || {}),
-        ...Object.keys(pkg.devDependencies || {})
-    ]);
-
-    const phantom = [];
-    for (const imp of usedImports) {
-        if (!NODE_BUILTINS.has(imp) && !allDeps.has(imp)) {
-            phantom.push(imp);
-        }
-    }
-    return phantom.sort();
-}
-
-function runNpmAudit(projectRoot) {
-    try {
-        const executable = process.platform === 'win32' ? 'npm.cmd' : 'npm';
-        const result = spawnSync(executable, ["audit", "--json"], {
-            cwd: projectRoot,
-            encoding: 'utf8',
-            timeout: 60000,
-            shell: process.platform === 'win32'
-        });
-
-        try {
-            const auditData = JSON.parse(result.stdout);
-            const vulns = (auditData.metadata && auditData.metadata.vulnerabilities) || {};
-            const critical = vulns.critical || 0;
-            const high = vulns.high || 0;
-            const moderate = vulns.moderate || 0;
-            const low = vulns.low || 0;
-
-            if (critical + high > 0) {
-                fail(`npm audit: ${critical} critical, ${high} high, ${moderate} moderate, ${low} low`);
-                return false;
-            } else if (moderate + low > 0) {
-                warn(`npm audit: ${moderate} moderate, ${low} low vulnerabilities`);
-                return true;
-            } else {
-                ok("npm audit — no known vulnerabilities");
-                return true;
-            }
-        } catch {
-            if (result.status === 0) {
-                ok("npm audit — clean");
-                return true;
-            }
-            fail("npm audit returned errors");
-            return false;
-        }
-    } catch {
-        skip("npm not installed — skipping audit");
-        return true;
-    }
-}
-
-function main() {
-    const args = process.argv.slice(2);
-    let targetPath = null;
-    let auditFlag = false;
-    let checkUnusedFlag = false;
-
-    for (let i = 0; i < args.length; i++) {
-        if (args[i] === '--audit') auditFlag = true;
-        else if (args[i] === '--check-unused') checkUnusedFlag = true;
-        else if (args[i] === '-h' || args[i] === '--help') {
-            console.log("Usage: node dependency_analyzer.js <path> [--audit] [--check-unused]");
-            process.exit(0);
-        } else if (!args[i].startsWith('-') && !targetPath) {
-            targetPath = args[i];
-        }
-    }
-
-    if (!targetPath) {
-        console.log("Usage: node dependency_analyzer.js <path> [--audit] [--check-unused]");
-        process.exit(1);
-    }
-
-    const projectRoot = path.resolve(targetPath);
-    if (!fs.existsSync(projectRoot) || !fs.statSync(projectRoot).isDirectory()) {
-        fail(`Directory not found: ${projectRoot}`);
-        process.exit(1);
-    }
-
-    console.log(`${BOLD}Tribunal — dependency_analyzer.js${RESET}`);
-    console.log(`Project: ${projectRoot}`);
-
-    const pkg = loadPackageJson(projectRoot);
-    if (!pkg) {
-        skip("No package.json found — dependency analysis requires a Node.js project");
-        process.exit(0);
-    }
-
-    let issues = 0;
-    const usedImports = extractImports(projectRoot);
-    console.log(`\n  Found ${usedImports.size} unique external imports in source code`);
-
-    if (!checkUnusedFlag) {
-        header("Phantom Imports (not in package.json)");
-        const phantom = checkPhantom(pkg, usedImports);
-        if (phantom.length > 0) {
-            for (const p of phantom) fail(`'${p}' is imported but not in package.json — possible hallucination`);
-            issues += phantom.length;
-        } else {
-            ok("All imports found in package.json");
-        }
-    }
-
-    header("Unused Dependencies");
-    const unused = checkUnused(pkg, usedImports);
-    if (unused.length > 0) {
-        for (const u of unused) warn(`'${u}' is in package.json but never imported — may be unused`);
-    } else {
-        ok("No obviously unused dependencies found");
-    }
-
-    if (auditFlag) {
-        header("Vulnerability Audit");
-        if (!runNpmAudit(projectRoot)) issues += 1;
-    }
-
-    console.log(`\n${BOLD}━━━ Dependency Analysis Summary ━━━${RESET}`);
-    if (issues === 0) {
-        ok("All dependency checks passed");
-    } else {
-        fail(`${issues} issue(s) found — review above`);
-    }
-
-    process.exit(issues > 0 ? 1 : 0);
-}
-
-if (require.main === module) {
-    main();
-}
+#!/usr/bin/env node
+/**
+ * dependency_analyzer.js — Dependency health checker for the Tribunal Agent Kit.
+ *
+ * Analyzes project dependencies for:
+ *   - Unused packages (in package.json but never imported)
+ *   - Phantom imports (imported but not in package.json)
+ *   - npm audit / pip-audit results
+ *   - Duplicate/overlapping packages
+ *
+ * Usage:
+ *   node .agent/scripts/dependency_analyzer.js .
+ *   node .agent/scripts/dependency_analyzer.js . --audit
+ *   node .agent/scripts/dependency_analyzer.js . --check-unused
+ */
+
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+
+const {
+    RED, GREEN, YELLOW, BLUE, BOLD, DIM, CYAN, RESET,
+    banner, sectionHeader, timer, formatMs,
+    ok, fail, warn, skip,
+} = require('./_colors');
+
+const { walkDir, loadJson, runCommand } = require('./_utils');
+
+const SOURCE_EXTENSIONS = new Set([".ts", ".tsx", ".js", ".jsx", ".mjs", ".cjs"]);
+
+const NODE_BUILTINS = new Set([
+    "fs", "path", "os", "crypto", "http", "https", "url", "util",
+    "stream", "events", "child_process", "cluster", "net", "dns",
+    "tls", "readline", "zlib", "buffer", "querystring", "string_decoder",
+    "assert", "perf_hooks", "worker_threads", "timers", "v8",
+    "node:fs", "node:path", "node:os", "node:crypto", "node:http",
+    "node:https", "node:url", "node:util", "node:stream", "node:events",
+    "node:child_process", "node:net", "node:dns", "node:tls",
+    "node:readline", "node:zlib", "node:buffer", "node:assert",
+    "node:perf_hooks", "node:worker_threads", "node:timers"
+]);
+
+function extractImports(projectRoot) {
+    const imports = new Set();
+    const importPatterns = [
+        /(?:import|export)\s+.*?\s+from\s+["']([^"'.][^"']*)["']/g,
+        /require\s*\(\s*["']([^"'.][^"']*)["']/g,
+        /import\s*\(\s*["']([^"'.][^"']*)["']/g
+    ];
+
+    // Use shared walkDir from _utils.js
+    const files = walkDir(projectRoot, { extensions: SOURCE_EXTENSIONS });
+
+    for (const fullPath of files) {
+        let content;
+        try { content = fs.readFileSync(fullPath, 'utf8'); } catch { continue; }
+
+        for (const pattern of importPatterns) {
+            // Reset regex state for each file
+            pattern.lastIndex = 0;
+            let match;
+            while ((match = pattern.exec(content)) !== null) {
+                let pkg = match[1];
+                if (pkg.startsWith("@")) {
+                    const parts = pkg.split("/");
+                    pkg = parts.length >= 2 ? `${parts[0]}/${parts[1]}` : pkg;
+                } else {
+                    pkg = pkg.split("/")[0];
+                }
+                imports.add(pkg);
+            }
+        }
+    }
+
+    return imports;
+}
+
+function checkUnused(pkg, usedImports) {
+    const allDeps = new Set([
+        ...Object.keys(pkg.dependencies || {}),
+        ...Object.keys(pkg.devDependencies || {})
+    ]);
+
+    const implicitPackages = new Set([
+        "typescript", "eslint", "prettier", "vitest", "jest", "ts-node",
+        "@types/node", "@types/react", "tailwindcss", "postcss", "autoprefixer",
+        "nodemon", "tsx", "vite", "next", "webpack", "babel", "@babel/core"
+    ]);
+
+    const unused = [];
+    for (const d of allDeps) {
+        if (!implicitPackages.has(d) && !d.startsWith("@types/") && !usedImports.has(d)) {
+            unused.push(d);
+        }
+    }
+    return unused.sort();
+}
+
+function checkPhantom(pkg, usedImports) {
+    const allDeps = new Set([
+        ...Object.keys(pkg.dependencies || {}),
+        ...Object.keys(pkg.devDependencies || {})
+    ]);
+
+    const phantom = [];
+    for (const imp of usedImports) {
+        if (!NODE_BUILTINS.has(imp) && !allDeps.has(imp)) {
+            phantom.push(imp);
+        }
+    }
+    return phantom.sort();
+}
+
+function runNpmAudit(projectRoot) {
+    const result = runCommand('npm', ['audit', '--json'], {
+        cwd: projectRoot,
+        timeout: 60000,
+    });
+
+    if (result.status === null && !result.stdout) {
+        skip("npm not installed — skipping audit");
+        return true;
+    }
+
+    try {
+        const auditData = JSON.parse(result.stdout);
+        const vulns = (auditData.metadata && auditData.metadata.vulnerabilities) || {};
+        const critical = vulns.critical || 0;
+        const high = vulns.high || 0;
+        const moderate = vulns.moderate || 0;
+        const low = vulns.low || 0;
+
+        if (critical + high > 0) {
+            fail(`npm audit: ${critical} critical, ${high} high, ${moderate} moderate, ${low} low`);
+            return false;
+        } else if (moderate + low > 0) {
+            warn(`npm audit: ${moderate} moderate, ${low} low vulnerabilities`);
+            return true;
+        } else {
+            ok("npm audit — no known vulnerabilities");
+            return true;
+        }
+    } catch {
+        if (result.ok) {
+            ok("npm audit — clean");
+            return true;
+        }
+        fail("npm audit returned errors");
+        return false;
+    }
+}
+
+function main() {
+    const args = process.argv.slice(2);
+    let targetPath = null;
+    let auditFlag = false;
+    let checkUnusedFlag = false;
+
+    for (let i = 0; i < args.length; i++) {
+        if (args[i] === '--audit') auditFlag = true;
+        else if (args[i] === '--check-unused') checkUnusedFlag = true;
+        else if (args[i] === '-h' || args[i] === '--help') {
+            console.log("Usage: node dependency_analyzer.js <path> [--audit] [--check-unused]");
+            process.exit(0);
+        } else if (!args[i].startsWith('-') && !targetPath) {
+            targetPath = args[i];
+        }
+    }
+
+    if (!targetPath) {
+        console.log("Usage: node dependency_analyzer.js <path> [--audit] [--check-unused]");
+        process.exit(1);
+    }
+
+    const projectRoot = path.resolve(targetPath);
+    if (!fs.existsSync(projectRoot) || !fs.statSync(projectRoot).isDirectory()) {
+        fail(`Directory not found: ${projectRoot}`);
+        process.exit(1);
+    }
+
+    console.log(banner('dependency_analyzer.js', { Project: projectRoot }));
+
+    const pkg = loadJson(path.join(projectRoot, 'package.json'));
+    if (!pkg) {
+        skip("No package.json found — dependency analysis requires a Node.js project");
+        process.exit(0);
+    }
+
+    let issues = 0;
+    const elapsed = timer();
+    const usedImports = extractImports(projectRoot);
+    const scanMs = elapsed();
+
+    console.log(`\n  ${DIM}Found ${usedImports.size} unique external imports in ${formatMs(scanMs)}${RESET}`);
+
+    if (!checkUnusedFlag) {
+        console.log(sectionHeader('Phantom Imports (not in package.json)'));
+        const phantom = checkPhantom(pkg, usedImports);
+        if (phantom.length > 0) {
+            for (const p of phantom) fail(`'${p}' is imported but not in package.json — possible hallucination`);
+            issues += phantom.length;
+        } else {
+            ok("All imports found in package.json");
+        }
+    }
+
+    console.log(sectionHeader('Unused Dependencies'));
+    const unused = checkUnused(pkg, usedImports);
+    if (unused.length > 0) {
+        for (const u of unused) warn(`'${u}' is in package.json but never imported — may be unused`);
+    } else {
+        ok("No obviously unused dependencies found");
+    }
+
+    if (auditFlag) {
+        console.log(sectionHeader('Vulnerability Audit'));
+        if (!runNpmAudit(projectRoot)) issues += 1;
+    }
+
+    console.log(`\n${BOLD}${CYAN}━━━ Dependency Analysis Summary ━━━${RESET}`);
+    if (issues === 0) {
+        ok("All dependency checks passed");
+    } else {
+        fail(`${issues} issue(s) found — review above`);
+    }
+    console.log();
+
+    process.exit(issues > 0 ? 1 : 0);
+}
+
+if (require.main === module) {
+    main();
+}

package/.agent/scripts/graph_builder.js

@@ -10,6 +10,9 @@
 
 const fs = require('fs');
 const path = require('path');
+const crypto = require('crypto');
+
+const { RED, GREEN, BOLD, DIM, CYAN, RESET, timer, formatMs } = require('./_colors');
 
 const AGENT_DIR = path.join(process.cwd(), '.agent');
 const HISTORY_DIR = path.join(AGENT_DIR, 'history');
@@ -45,6 +48,12 @@ function isExcluded(filePath) {
     return false;
 }
 
+// ── Content Hashing ───────────────────────────────────────────────────────────
+function getFileHash(filePath) {
+    const content = fs.readFileSync(filePath);
+    return crypto.createHash('sha1').update(content).digest('hex');
+}
+
 // ── Traversal ─────────────────────────────────────────────────────────────────
 function walkDir(dir, fileList = []) {
     if (!fs.existsSync(dir) || isExcluded(dir)) return fileList;
@@ -151,7 +160,7 @@ function generateYAML(data) {
 // ── Main Execution ────────────────────────────────────────────────────────────
 function main() {
     if (!fs.existsSync(AGENT_DIR)) {
-        console.error('\x1b[31m✖ Error: .agent directory not found.\x1b[0m');
+        console.error(`${RED}✖ Error: .agent directory not found.${RESET}`);
         process.exit(1);
     }
 
@@ -162,18 +171,23 @@ function main() {
         try { cache = JSON.parse(fs.readFileSync(CACHE_FILE, 'utf8')); } catch { /* ignore */ }
     }
 
-    console.log('\x1b[96m✦ Building Architecture Graph...\x1b[0m');
+    const totalTimer = timer();
+    console.log(`${CYAN}✦ Building Architecture Graph...${RESET}`);
     const files = walkDir(process.cwd());
     const graphData = {};
 
     let parsedCount = 0;
     let cachedCount = 0;
+    const changedFiles = new Set();
 
     for (const file of files) {
-        const stat = fs.statSync(file);
         const relativePath = path.relative(process.cwd(), file).replace(/\\/g, '/');
+        let fileHash;
+        try {
+            fileHash = getFileHash(file);
+        } catch { continue; }
 
-        if (cache[relativePath] && cache[relativePath].mtimeMs === stat.mtimeMs) {
+        if (cache[relativePath] && cache[relativePath].hash === fileHash) {
             graphData[relativePath] = { imports: cache[relativePath].imports, exports: cache[relativePath].exports };
             cachedCount++;
         } else {
@@ -183,11 +197,12 @@ function main() {
                 graphData[relativePath] = parsed;
                 
                 cache[relativePath] = {
-                    mtimeMs: stat.mtimeMs,
+                    hash: fileHash,
                     imports: parsed.imports,
                     exports: parsed.exports
                 };
                 parsedCount++;
+                changedFiles.add(relativePath);
             } catch { /* ignore */ }
         }
     }
@@ -247,24 +262,35 @@ function main() {
     fs.writeFileSync(CACHE_FILE, JSON.stringify(cache, null, 2));
     fs.writeFileSync(GRAPH_FILE, generateYAML(graphData));
 
-    // ── Pre-Computed Context Snapshots (Option C) ───────────────────────────
+    // ── Pre-Computed Context Snapshots (Incremental) ─────────────────────────
     const SNAPSHOTS_DIR = path.join(HISTORY_DIR, 'snapshots');
     if (!fs.existsSync(SNAPSHOTS_DIR)) {
         fs.mkdirSync(SNAPSHOTS_DIR, { recursive: true });
-    } else {
-        // Clear stale snapshots
-        try {
-            const oldSnapshots = fs.readdirSync(SNAPSHOTS_DIR);
-            for (const f of oldSnapshots) fs.unlinkSync(path.join(SNAPSHOTS_DIR, f));
-        } catch { /* ignore */ }
     }
 
-    console.log('\x1b[96m✦ Generating Context Snapshots...\x1b[0m');
+    // Clean up snapshots for files that no longer exist
+    try {
+        const existingSnapshots = fs.readdirSync(SNAPSHOTS_DIR);
+        const currentFileSet = new Set(fileKeys.map(f => f.replace(/[\\/]/g, '__') + '.json'));
+        for (const snap of existingSnapshots) {
+            if (!currentFileSet.has(snap)) fs.unlinkSync(path.join(SNAPSHOTS_DIR, snap));
+        }
+    } catch { /* ignore */ }
+
+    console.log(`${CYAN}✦ Generating Context Snapshots...${RESET}`);
+    let snapshotWritten = 0;
+    let snapshotSkipped = 0;
     for (const file of fileKeys) {
         const info = graphData[file];
         const snapshotFile = file.replace(/[\\/]/g, '__') + '.json';
         const snapshotPath = path.join(SNAPSHOTS_DIR, snapshotFile);
 
+        // Skip unchanged files that already have a snapshot
+        if (!changedFiles.has(file) && fs.existsSync(snapshotPath)) {
+            snapshotSkipped++;
+            continue;
+        }
+
         let content = '';
         try {
             content = fs.readFileSync(path.join(process.cwd(), file), 'utf8');
@@ -298,15 +324,17 @@ function main() {
         }
 
         fs.writeFileSync(snapshotPath, JSON.stringify(snapshot, null, 2));
+        snapshotWritten++;
     }
-    console.log(`  \x1b[2mSaved ${fileKeys.length} snapshots to: ${SNAPSHOTS_DIR}\x1b[0m`);
+    console.log(`  ${DIM}Snapshots: ${snapshotWritten} written | ${snapshotSkipped} cached${RESET}`);
 
-    console.log(`\n\x1b[32m✔ Graph successfully built.\x1b[0m`);
-    console.log(`  \x1b[2mParsed: ${parsedCount} files | Cached: ${cachedCount} files\x1b[0m`);
-    console.log(`  \x1b[2mSaved to: ${GRAPH_FILE}\x1b[0m`);
+    const totalMs = totalTimer();
+    console.log(`\n${GREEN}${BOLD}✔ Graph successfully built.${RESET}`);
+    console.log(`  ${DIM}Parsed: ${parsedCount} files | Cached: ${cachedCount} files | ${formatMs(totalMs)}${RESET}`);
+    console.log(`  ${DIM}Saved to: ${GRAPH_FILE}${RESET}`);
 }
 // ── Exports (for testing & programmatic use) ─────────────────────────────────
-module.exports = { parseFile, generateYAML, walkDir, isExcluded, main };
+module.exports = { parseFile, generateYAML, walkDir, isExcluded, getFileHash, main };
 
 if (require.main === module) {
     main();