vibepro 0.1.0-alpha.0

package/src/component-style-scanner.js

@@ -0,0 +1,336 @@
+import { readdir, readFile, stat } from 'node:fs/promises';
+import path from 'node:path';
+
+const IGNORED_DIRS = new Set([
+  '.git',
+  '.next',
+  '.turbo',
+  '.vibepro',
+  'coverage',
+  'dist',
+  'node_modules',
+  'graphify-out'
+]);
+const TEXT_EXTENSIONS = new Set(['.css', '.htm', '.html', '.js', '.jsx', '.mjs', '.ts', '.tsx']);
+const UI_ROOT_PATTERN = /^(app|components|pages|public|src|styles)\//;
+const COMPONENT_PATTERNS = [
+  { kind: 'button', pattern: /\b(button|btn|primary-button|secondary-button|action-button|terminal-action)\b/i },
+  { kind: 'tab', pattern: /\b(tab|tabs|segmented|toggle-group)\b/i },
+  { kind: 'card', pattern: /\b(card|panel|tile|item-card)\b/i },
+  { kind: 'list_item', pattern: /\b(row|list-item|task-item|session-item|item-row)\b/i },
+  { kind: 'filter', pattern: /\b(filter|search|query|sort|select)\b/i },
+  { kind: 'badge', pattern: /\b(badge|pill|chip|tag|status)\b/i },
+  { kind: 'input', pattern: /\b(input|textarea|select|field)\b/i },
+  { kind: 'modal', pattern: /\b(modal|dialog|popover|drawer|sheet)\b/i },
+  { kind: 'sidebar', pattern: /\b(sidebar|nav|navigation|activity-bar)\b/i }
+];
+const LEGACY_STYLE_TOKENS = [
+  { token: '#0f172a', kind: 'tailwind_slate_background' },
+  { token: '#1e293b', kind: 'tailwind_slate_surface' },
+  { token: '#334155', kind: 'tailwind_slate_border' },
+  { token: '#475569', kind: 'tailwind_slate_muted' },
+  { token: '#64748b', kind: 'tailwind_slate_muted' },
+  { token: '#ef4444', kind: 'default_red_accent' },
+  { token: 'rgb(239, 68, 68)', kind: 'default_red_accent' },
+  { token: 'rgba(239, 68, 68', kind: 'default_red_accent' },
+  { token: 'border-radius: 16px', kind: 'large_rounded_card' },
+  { token: 'border-radius: 20px', kind: 'large_rounded_card' },
+  { token: 'border-radius: 24px', kind: 'large_rounded_card' },
+  { token: 'box-shadow: 0 20px', kind: 'heavy_drop_shadow' },
+  { token: 'box-shadow: 0 24px', kind: 'heavy_drop_shadow' },
+  { token: 'box-shadow: 0 32px', kind: 'heavy_drop_shadow' }
+];
+const DESIGN_SYSTEM_MARKERS = [
+  '--bb-',
+  '--vibepro-component',
+  'data-component',
+  'component-style',
+  'design-token'
+];
+const INTERACTIVE_SELECTOR_PATTERN = /\b(button|btn|action|icon|menu-toggle|tab|link|trigger|start|edit|delete|play|close|submit|toggle)\b|\[role=["']?button["']?\]|button\b/i;
+const INTERACTIVE_STATE_PATTERN = /:(hover|focus|focus-visible|active)\b/i;
+const MOVING_TRANSFORM_PATTERN = /transform\s*:\s*(?!none\b)[^;]*(translate|scale|rotate|matrix)/i;
+const TRANSITION_ALL_PATTERN = /transition\s*:\s*all\b/i;
+
+export async function scanComponentStyle(repoRoot) {
+  const root = path.resolve(repoRoot);
+  const files = await collectFiles(root);
+  const result = {
+    schema_version: '0.1.0',
+    scanned_files: files.length,
+    component_inventory: [],
+    component_kinds: [],
+    legacy_style_hits: [],
+    interaction_reliability_hits: [],
+    design_system_markers: [],
+    risk_summary: {
+      legacy_style_hits: { block: 0, review: 0, info: 0 },
+      interaction_reliability_hits: { block: 0, review: 0, info: 0 }
+    },
+    coverage: {
+      observed_component_kinds: [],
+      missing_component_kinds: [],
+      replacement_observable: false
+    }
+  };
+
+  for (const file of files) {
+    const content = await readFile(file.absolutePath, 'utf8');
+    const lines = content.split(/\r?\n/);
+    for (const [index, line] of lines.entries()) {
+      collectComponentInventory(result.component_inventory, file.relativePath, index + 1, line);
+      collectLegacyStyleHits(result.legacy_style_hits, file.relativePath, index + 1, line);
+      collectDesignSystemMarkers(result.design_system_markers, file.relativePath, index + 1, line);
+    }
+    if (path.extname(file.relativePath).toLowerCase() === '.css') {
+      collectInteractionReliabilityHits(result.interaction_reliability_hits, file.relativePath, content);
+    }
+  }
+
+  result.component_kinds = [...new Set(result.component_inventory.map((item) => item.kind))].sort();
+  result.coverage.observed_component_kinds = result.component_kinds;
+  result.coverage.replacement_observable = result.design_system_markers.length > 0;
+  result.coverage.missing_component_kinds = inferMissingComponentKinds(result.component_kinds);
+  result.risk_summary.legacy_style_hits = summarizeGateEffects(result.legacy_style_hits);
+  result.risk_summary.interaction_reliability_hits = summarizeGateEffects(result.interaction_reliability_hits);
+  return result;
+}
+
+async function collectFiles(root, current = root) {
+  const entries = await readdir(current, { withFileTypes: true });
+  const files = [];
+
+  for (const entry of entries) {
+    if (entry.isDirectory() && IGNORED_DIRS.has(entry.name)) continue;
+    const absolutePath = path.join(current, entry.name);
+    const relativePath = path.relative(root, absolutePath).split(path.sep).join('/');
+
+    if (entry.isDirectory()) {
+      files.push(...await collectFiles(root, absolutePath));
+      continue;
+    }
+
+    if (!entry.isFile()) continue;
+    if (!shouldScanFile(relativePath)) continue;
+    const fileStat = await stat(absolutePath);
+    if (fileStat.size > 1024 * 1024) continue;
+    files.push({ absolutePath, relativePath });
+  }
+
+  return files;
+}
+
+function shouldScanFile(relativePath) {
+  const ext = path.extname(relativePath).toLowerCase();
+  if (!TEXT_EXTENSIONS.has(ext)) return false;
+  if (!UI_ROOT_PATTERN.test(relativePath) && relativePath.includes('/')) return false;
+  return !relativePath.endsWith('.test.js')
+    && !relativePath.endsWith('.test.jsx')
+    && !relativePath.endsWith('.test.ts')
+    && !relativePath.endsWith('.test.tsx');
+}
+
+function collectComponentInventory(inventory, file, lineNumber, line) {
+  const excerpt = line.trim();
+  if (!excerpt) return;
+  for (const { kind, pattern } of COMPONENT_PATTERNS) {
+    if (!pattern.test(line)) continue;
+    inventory.push({
+      file,
+      line: lineNumber,
+      kind,
+      excerpt: excerpt.slice(0, 160)
+    });
+    return;
+  }
+}
+
+function collectLegacyStyleHits(hits, file, lineNumber, line) {
+  const normalized = line.toLowerCase();
+  for (const { token, kind } of LEGACY_STYLE_TOKENS) {
+    if (!normalized.includes(token.toLowerCase())) continue;
+    hits.push({
+      file,
+      line: lineNumber,
+      kind,
+      token,
+      excerpt: line.trim().slice(0, 160),
+      confidence: classifyLegacyConfidence(file, line),
+      gate_effect: 'review'
+    });
+    return;
+  }
+}
+
+function collectDesignSystemMarkers(markers, file, lineNumber, line) {
+  const marker = DESIGN_SYSTEM_MARKERS.find((candidate) => line.includes(candidate));
+  if (!marker) return;
+  markers.push({
+    file,
+    line: lineNumber,
+    marker,
+    excerpt: line.trim().slice(0, 160)
+  });
+}
+
+function collectInteractionReliabilityHits(hits, file, content) {
+  const rulePattern = /([^{}]+)\{([^{}]*)\}/gm;
+  const smallTargetCandidates = new Map();
+  const interactiveSvgChildren = new Map();
+  const svgPointerEventsNone = new Set();
+  let match;
+  while ((match = rulePattern.exec(content)) !== null) {
+    const selector = match[1].trim().replace(/\s+/g, ' ');
+    const body = match[2];
+    const lineNumber = lineNumberAt(content, match.index);
+    collectInteractiveSvgChildRule({
+      interactiveSvgChildren,
+      svgPointerEventsNone,
+      selector,
+      body,
+      file,
+      lineNumber
+    });
+    if (!INTERACTIVE_SELECTOR_PATTERN.test(selector)) continue;
+
+    const excerpt = `${selector} { ${body.trim().replace(/\s+/g, ' ').slice(0, 140)} }`;
+
+    if (INTERACTIVE_STATE_PATTERN.test(selector) && MOVING_TRANSFORM_PATTERN.test(body)) {
+      hits.push({
+        file,
+        line: lineNumber,
+        kind: 'interactive_target_moves_on_state',
+        selector,
+        excerpt,
+        confidence: 'high',
+        gate_effect: 'review',
+        recommendation: 'クリック可能要素のhover/focus/activeではhit targetを移動せず、色・border・shadowで状態を表現する。'
+      });
+    }
+
+    if (TRANSITION_ALL_PATTERN.test(body)) {
+      hits.push({
+        file,
+        line: lineNumber,
+        kind: 'transition_all_on_interactive_target',
+        selector,
+        excerpt,
+        confidence: 'medium',
+        gate_effect: 'review',
+        recommendation: 'transition: all はhit targetやlayoutの意図しない遷移を含むため、background-color/border-color/color/box-shadowなどに限定する。'
+      });
+    }
+
+    const targetSize = extractStaticTargetSize(body);
+    if (targetSize && !isInteractiveChildGraphicSelector(selector)) {
+      smallTargetCandidates.set(selector, {
+        file,
+        line: lineNumber,
+        kind: 'small_interactive_target',
+        selector,
+        width_px: targetSize.width,
+        height_px: targetSize.height,
+        excerpt,
+        confidence: 'medium',
+        gate_effect: 'review',
+        recommendation: '高頻度操作のclick targetは少なくとも28px程度を確保し、端クリックでも取りこぼさないようにする。'
+      });
+    }
+  }
+
+  for (const candidate of smallTargetCandidates.values()) {
+    if (candidate.width_px < 28 && candidate.height_px < 28) {
+      hits.push(candidate);
+    }
+  }
+
+  for (const [baseSelector, candidate] of interactiveSvgChildren.entries()) {
+    if (svgPointerEventsNone.has(baseSelector)) continue;
+    hits.push(candidate);
+  }
+}
+
+function collectInteractiveSvgChildRule({
+  interactiveSvgChildren,
+  svgPointerEventsNone,
+  selector,
+  body,
+  file,
+  lineNumber
+}) {
+  const hasPointerEventsNone = /pointer-events\s*:\s*none\b/i.test(body);
+  for (const rawPart of selector.split(',')) {
+    const part = rawPart.trim().replace(/\s+/g, ' ');
+    const baseSelector = extractInteractiveSvgBaseSelector(part);
+    if (!baseSelector) continue;
+    if (hasPointerEventsNone) {
+      svgPointerEventsNone.add(baseSelector);
+      continue;
+    }
+    if (interactiveSvgChildren.has(baseSelector)) continue;
+    interactiveSvgChildren.set(baseSelector, {
+      file,
+      line: lineNumber,
+      kind: 'icon_child_captures_click_target',
+      selector: part,
+      base_selector: baseSelector,
+      excerpt: `${selector} { ${body.trim().replace(/\s+/g, ' ').slice(0, 140)} }`,
+      confidence: 'high',
+      gate_effect: 'review',
+      recommendation: 'アイコンボタン配下のsvg/svg *はpointer-events:noneにし、実座標クリックのtargetをbutton本体へ固定する。Playwrightではlocator.clickだけでなくelementFromPoint(center)とpage.mouse.clickで検証する。'
+    });
+  }
+}
+
+function extractInteractiveSvgBaseSelector(selector) {
+  const match = selector.match(/^(.+?)(?:\s*>\s*|\s+)svg(?:\s+\*)?$/i);
+  if (!match) return null;
+  const baseSelector = match[1].trim();
+  if (!baseSelector || !INTERACTIVE_SELECTOR_PATTERN.test(baseSelector)) return null;
+  return baseSelector;
+}
+
+function isInteractiveChildGraphicSelector(selector) {
+  return selector
+    .split(',')
+    .every((part) => /(?:^|[\s>+~])(?:i|svg|path|use)\b/i.test(part.trim()));
+}
+
+function lineNumberAt(content, index) {
+  return content.slice(0, index).split(/\r?\n/).length;
+}
+
+function extractStaticTargetSize(body) {
+  const width = extractPxValue(body, 'width');
+  const height = extractPxValue(body, 'height');
+  if (width == null || height == null) return null;
+  return { width, height };
+}
+
+function extractPxValue(body, property) {
+  const match = body.match(new RegExp(`(?:^|[;\\s])${property}\\s*:\\s*(\\d+(?:\\.\\d+)?)px\\b`, 'i'));
+  return match ? Number.parseFloat(match[1]) : null;
+}
+
+function classifyLegacyConfidence(file, line) {
+  if (/\/\*|\/\/|example|sample/i.test(line) || file.includes('/fixtures/')) return 'low';
+  if (path.extname(file).toLowerCase() === '.css') return 'high';
+  return 'medium';
+}
+
+function inferMissingComponentKinds(componentKinds) {
+  const observed = new Set(componentKinds);
+  const requiredWhenUiExists = ['button', 'card', 'input'];
+  if (observed.size === 0) return [];
+  return requiredWhenUiExists.filter((kind) => !observed.has(kind));
+}
+
+function summarizeGateEffects(hits) {
+  const summary = { block: 0, review: 0, info: 0 };
+  for (const hit of hits) {
+    if (hit.gate_effect === 'block') summary.block += 1;
+    else if (hit.gate_effect === 'review') summary.review += 1;
+    else summary.info += 1;
+  }
+  return summary;
+}

package/src/coverage-report.js

@@ -0,0 +1,99 @@
+import { readFile } from 'node:fs/promises';
+import path from 'node:path';
+
+import { normalizeGraphPath } from './graph-context.js';
+
+// Coverage ingestion for regression-risk scoring.
+//
+// Reads a coverage report produced by the project's own tooling (c8 / istanbul /
+// nyc) and returns a Map of repo-relative file path -> line-coverage fraction
+// (0..1). We never run coverage ourselves: coverage commands vary per project
+// and belong to the project's test setup, not to a static scanner. If no report
+// is present we return null so callers degrade to fan-in-only scoring.
+
+// Standard locations, most specific (already has percentages) first.
+const COVERAGE_CANDIDATES = [
+  'coverage/coverage-summary.json',
+  'coverage/coverage-final.json',
+  'coverage/lcov.info'
+];
+
+export async function loadCoverage(repoRoot, options = {}) {
+  const root = path.resolve(repoRoot);
+  const candidates = options.file ? [options.file] : COVERAGE_CANDIDATES;
+
+  for (const candidate of candidates) {
+    const absolute = path.resolve(root, candidate);
+    let raw;
+    try {
+      raw = await readFile(absolute, 'utf8');
+    } catch (error) {
+      if (error.code === 'ENOENT') continue;
+      throw error;
+    }
+    const parsed = candidate.endsWith('.info') ? parseLcov(raw) : parseIstanbulJson(raw);
+    if (parsed && parsed.size > 0) {
+      return { coverage: normalizeCoveragePaths(parsed, root), source: candidate };
+    }
+  }
+  return null;
+}
+
+// lcov.info -> Map<rawPath, fraction>. Uses line counts (LF/LH).
+export function parseLcov(text) {
+  const coverage = new Map();
+  let file = null;
+  let found = 0;
+  let hit = 0;
+  for (const line of String(text).split(/\r?\n/)) {
+    if (line.startsWith('SF:')) {
+      file = line.slice(3).trim();
+      found = 0;
+      hit = 0;
+    } else if (line.startsWith('LF:')) {
+      found = Number(line.slice(3).trim()) || 0;
+    } else if (line.startsWith('LH:')) {
+      hit = Number(line.slice(3).trim()) || 0;
+    } else if (line.startsWith('end_of_record') && file) {
+      coverage.set(file, found > 0 ? hit / found : 1);
+      file = null;
+    }
+  }
+  return coverage;
+}
+
+// istanbul coverage-summary.json or coverage-final.json -> Map<rawPath, fraction>.
+export function parseIstanbulJson(text) {
+  const data = JSON.parse(text);
+  const coverage = new Map();
+  for (const [key, value] of Object.entries(data)) {
+    if (key === 'total' || !value || typeof value !== 'object') continue;
+    // coverage-summary.json shape: { lines: { total, covered, pct } }
+    if (value.lines && typeof value.lines === 'object') {
+      const { total, covered, pct } = value.lines;
+      if (typeof covered === 'number' && typeof total === 'number') {
+        coverage.set(key, total > 0 ? covered / total : 1);
+      } else if (typeof pct === 'number') {
+        coverage.set(key, pct / 100);
+      }
+      continue;
+    }
+    // coverage-final.json shape: { statementMap, s: { id: hitCount } }
+    if (value.s && typeof value.s === 'object') {
+      const counts = Object.values(value.s);
+      const total = counts.length;
+      const covered = counts.filter((count) => count > 0).length;
+      coverage.set(key, total > 0 ? covered / total : 1);
+    }
+  }
+  return coverage;
+}
+
+function normalizeCoveragePaths(rawCoverage, root) {
+  const normalized = new Map();
+  for (const [rawPath, fraction] of rawCoverage) {
+    const relative = path.isAbsolute(rawPath) ? path.relative(root, rawPath) : rawPath;
+    normalized.set(normalizeGraphPath(relative), fraction);
+  }
+  return normalized;
+}

package/src/database-access-scanner.js

@@ -0,0 +1,163 @@
+import { readdir, readFile, stat } from 'node:fs/promises';
+import path from 'node:path';
+
+const IGNORED_DIRS = new Set([
+  '.git',
+  '.next',
+  '.turbo',
+  '.vibepro',
+  'coverage',
+  'node_modules',
+  'graphify-out'
+]);
+const SOURCE_EXTENSIONS = new Set(['.js', '.jsx', '.mjs', '.ts', '.tsx']);
+const GATE_EFFECTS = ['block', 'review', 'info'];
+
+export async function scanDatabaseAccess(repoRoot) {
+  const root = path.resolve(repoRoot);
+  const files = await collectFiles(root);
+  const result = {
+    scanned_files: files.length,
+    unbounded_find_many: []
+  };
+
+  for (const file of files) {
+    const content = await readFile(file.absolutePath, 'utf8');
+    collectUnboundedFindMany(result.unbounded_find_many, file.relativePath, content);
+  }
+
+  result.risk_summary = {
+    unbounded_find_many: summarizeGateEffects(result.unbounded_find_many)
+  };
+  return result;
+}
+
+async function collectFiles(root, current = root) {
+  const entries = await readdir(current, { withFileTypes: true });
+  const files = [];
+
+  for (const entry of entries) {
+    if (entry.isDirectory() && IGNORED_DIRS.has(entry.name)) continue;
+    const absolutePath = path.join(current, entry.name);
+    const relativePath = path.relative(root, absolutePath).split(path.sep).join('/');
+
+    if (entry.isDirectory()) {
+      files.push(...await collectFiles(root, absolutePath));
+      continue;
+    }
+
+    if (!entry.isFile()) continue;
+    if (!SOURCE_EXTENSIONS.has(path.extname(entry.name).toLowerCase())) continue;
+    const fileStat = await stat(absolutePath);
+    if (fileStat.size > 1024 * 1024) continue;
+    files.push({ absolutePath, relativePath });
+  }
+
+  return files;
+}
+
+function collectUnboundedFindMany(hits, file, content) {
+  const code = stripComments(content);
+  const pattern = /\b(?:prisma|db|client|prismaAny)\.[A-Za-z_$][\w$]*\.findMany\s*\(/g;
+  let match = pattern.exec(code);
+  while (match) {
+    const call = extractCall(code, match.index);
+    if (call && !hasResultBound(call.text)) {
+      hits.push({
+        file,
+        line: lineNumberAt(code, match.index),
+        kind: 'prisma_find_many_without_bound',
+        excerpt: firstLine(call.text).slice(0, 160),
+        ...classifyDatabaseRisk(file)
+      });
+    }
+    pattern.lastIndex = call ? call.end : match.index + match[0].length;
+    match = pattern.exec(code);
+  }
+}
+
+function hasResultBound(callText) {
+  return /\b(take|skip|cursor|distinct)\s*:/.test(callText)
+    || /\b(limit|pageSize|maxResults|maxCount)\b/.test(callText);
+}
+
+function classifyDatabaseRisk(file) {
+  const sourceKind = classifySourceKind(file);
+  if (sourceKind !== 'runtime_code') {
+    return { source_kind: sourceKind, confidence: 'low', gate_effect: 'info' };
+  }
+  if (file.startsWith('src/app/') || file.startsWith('src/lib/services/')) {
+    return { source_kind: sourceKind, confidence: 'medium', gate_effect: 'review' };
+  }
+  return { source_kind: sourceKind, confidence: 'low', gate_effect: 'info' };
+}
+
+function classifySourceKind(file) {
+  const normalized = file.toLowerCase();
+  if (normalized.startsWith('scripts/') || normalized.includes('/crawlers/')) return 'batch_or_tooling';
+  if (/(^|\/)(__tests__|tests?|spec|fixtures?)(\/|$)/.test(normalized)
+    || /\.(test|spec)\.(js|jsx|ts|tsx)$/.test(normalized)) {
+    return 'test';
+  }
+  if (normalized.startsWith('docs/') || normalized.endsWith('.md')) return 'docs';
+  return 'runtime_code';
+}
+
+function extractCall(content, startIndex) {
+  const openIndex = content.indexOf('(', startIndex);
+  if (openIndex === -1) return null;
+  let depth = 0;
+  let quote = null;
+  let escaped = false;
+
+  for (let index = openIndex; index < content.length; index += 1) {
+    const char = content[index];
+    if (quote) {
+      if (escaped) {
+        escaped = false;
+      } else if (char === '\\') {
+        escaped = true;
+      } else if (char === quote) {
+        quote = null;
+      }
+      continue;
+    }
+    if (char === '"' || char === "'" || char === '`') {
+      quote = char;
+      continue;
+    }
+    if (char === '(') depth += 1;
+    if (char === ')') {
+      depth -= 1;
+      if (depth === 0) {
+        return {
+          text: content.slice(startIndex, index + 1),
+          end: index + 1
+        };
+      }
+    }
+  }
+  return null;
+}
+
+function stripComments(content) {
+  return content
+    .replace(/\/\*[\s\S]*?\*\//g, '')
+    .replace(/(^|[^:])\/\/.*$/gm, '$1');
+}
+
+function lineNumberAt(content, index) {
+  return content.slice(0, index).split(/\r?\n/).length;
+}
+
+function firstLine(text) {
+  return text.trim().split(/\r?\n/)[0].trim();
+}
+
+function summarizeGateEffects(hits) {
+  const summary = Object.fromEntries(GATE_EFFECTS.map((effect) => [effect, 0]));
+  for (const hit of hits) {
+    if (summary[hit.gate_effect] !== undefined) summary[hit.gate_effect] += 1;
+  }
+  return summary;
+}