x-fidelity 3.19.1 → 3.20.0

package/CHANGELOG.md

@@ -1,3 +1,31 @@
+# [3.20.0](https://github.com/zotoio/x-fidelity/compare/v3.19.1...v3.20.0) (2025-04-01)
+
+
+### Bug Fixes
+
+* add error handling and await for markdown report generation ([c199ffe](https://github.com/zotoio/x-fidelity/commit/c199ffe7bdc2de689baf939441e0819f7637b2ea))
+* add missing imports and convert fs operations to async ([a9185b0](https://github.com/zotoio/x-fidelity/commit/a9185b0da399ba3b5500a6a5c27415b41f220061))
+* correct line number property reference in sensitive data report ([53c3da2](https://github.com/zotoio/x-fidelity/commit/53c3da25f4d47b008d3159de03c39fb54052731a))
+* update execution time precision to 4 decimal places and round totals ([04ef987](https://github.com/zotoio/x-fidelity/commit/04ef9878c43cef8184f6cb26f0ec1bab1363dc5e))
+* update getDependencyVersionFacts to use correct argument ([890f27c](https://github.com/zotoio/x-fidelity/commit/890f27c8960186ae4cbeed0589b92833cfdacb27))
+* update property names for sensitive data table generation ([1e1bfaf](https://github.com/zotoio/x-fidelity/commit/1e1bfafc2753aca5f64819a1c82ec5e8c9dbf222))
+* use correct property name for sensitive data match pattern ([49b3914](https://github.com/zotoio/x-fidelity/commit/49b3914ee5bfd744eb06fe62ee765622ffaab8f2))
+
+
+### Features
+
+* add average execution time per fact in pie chart labels ([4cdf959](https://github.com/zotoio/x-fidelity/commit/4cdf95916389b5b4181a502b7edcbb1ce3f9e958))
+* add debug logging for empty report diagnosis ([ef55d2c](https://github.com/zotoio/x-fidelity/commit/ef55d2ca9570f30f0ae5f9d1c12c924bbcd5caa9))
+* add fact execution metrics tracking and reporting ([dc3c541](https://github.com/zotoio/x-fidelity/commit/dc3c541370f93225280b713c8017306dd2f3c4d8))
+* add getFormattedDate utility function for date formatting ([3586378](https://github.com/zotoio/x-fidelity/commit/3586378394f646102e80ca1d22d4f691fdb66a1a))
+* add line number anchors to report table URLs ([a8723ce](https://github.com/zotoio/x-fidelity/commit/a8723cefc2250c096c8af5fd9cd1fc66649fce73))
+* add line number anchors to sensitive data issue links ([f8488ea](https://github.com/zotoio/x-fidelity/commit/f8488ea01a12edb579b6cf370ea16cf6ab139cb5))
+* add metrics tracking for dynamic fact executions ([757853f](https://github.com/zotoio/x-fidelity/commit/757853f5a3241e72d88ff57165b99e05334ab01d))
+* add minimum version requirements to outdatedFramework rule ([3412333](https://github.com/zotoio/x-fidelity/commit/3412333dd2110e0cf0b50664407736528e531117))
+* add repo name and date to report title ([f00855e](https://github.com/zotoio/x-fidelity/commit/f00855e4b5c2b400baaa4e8ee769cca8553d1ace))
+* add report generation with JSON and Markdown output ([0b735e4](https://github.com/zotoio/x-fidelity/commit/0b735e4a86cd043c57f1e01160264641b151247d))
+* add report generator for X-Fidelity analysis results ([e58d56d](https://github.com/zotoio/x-fidelity/commit/e58d56d510aadbd417c3950372680f704389788f))
+
 ## [3.19.1](https://github.com/zotoio/x-fidelity/compare/v3.19.0...v3.19.1) (2025-03-25)
 
 

package/dist/core/engine/analyzer.js

@@ -8,13 +8,21 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.analyzeCodebase = analyzeCodebase;
+const promises_1 = __importDefault(require("fs/promises"));
+const path_1 = __importDefault(require("path"));
 const logger_1 = require("../../utils/logger");
+const utils_1 = require("../../utils/utils");
 const configManager_1 = require("../configManager");
+const reportGenerator_1 = require("../../notifications/reportGenerator");
 const package_json_1 = require("../../../package.json");
 const openaiUtils_1 = require("../../utils/openaiUtils");
 const telemetry_1 = require("../../utils/telemetry");
+const factMetricsTracker_1 = require("../../utils/factMetricsTracker");
 const repoFilesystemFacts_1 = require("../../facts/repoFilesystemFacts");
 const repoXFIConfigLoader_1 = require("../../utils/repoXFIConfigLoader");
 const repoDependencyFacts_1 = require("../../facts/repoDependencyFacts");
@@ -22,13 +30,15 @@ const openaiAnalysisFacts_1 = require("../../facts/openaiAnalysisFacts");
 const telemetryCollector_1 = require("./telemetryCollector");
 const engineSetup_1 = require("./engineSetup");
 const engineRunner_1 = require("./engineRunner");
-const utils_1 = require("../../utils/utils");
+const utils_2 = require("../../utils/utils");
 const jsonSchemas_1 = require("../../utils/jsonSchemas");
 const pluginRegistry_1 = require("../pluginRegistry");
 const cli_1 = require("../cli");
 function analyzeCodebase(params) {
     return __awaiter(this, void 0, void 0, function* () {
         const { repoPath, archetype = 'node-fullstack', configServer = '', localConfigPath = '', executionLogPrefix = '' } = params;
+        // Reset metrics at start of analysis
+        factMetricsTracker_1.factMetricsTracker.reset();
         logger_1.logger.info(`STARTING..`);
         const telemetryData = yield (0, telemetryCollector_1.collectTelemetryData)({ repoPath, configServer });
         const repoUrl = telemetryData.repoUrl;
@@ -125,12 +135,20 @@ function analyzeCodebase(params) {
         }
         if ((0, openaiUtils_1.isOpenAIEnabled)() && archetypeConfig.facts.includes('openaiAnalysisFacts')) {
             logger_1.logger.info(`adding additional openai facts to engine..`);
-            engine.addFact('openaiAnalysis', openaiAnalysisFacts_1.openaiAnalysis);
+            engine.addFact('openaiAnalysis', (params, almanac) => __awaiter(this, void 0, void 0, function* () {
+                return factMetricsTracker_1.factMetricsTracker.trackFactExecution('openaiAnalysis', () => (0, openaiAnalysisFacts_1.openaiAnalysis)(params, almanac));
+            }));
+            // Static data doesn't need execution tracking
             engine.addFact('openaiSystemPrompt', openaiSystemPrompt);
         }
         // add functions for dependency and file analysis
-        engine.addFact('repoDependencyAnalysis', repoDependencyFacts_1.repoDependencyAnalysis);
-        engine.addFact('repoFileAnalysis', repoFilesystemFacts_1.repoFileAnalysis);
+        engine.addFact('repoDependencyAnalysis', (params, almanac) => __awaiter(this, void 0, void 0, function* () {
+            return factMetricsTracker_1.factMetricsTracker.trackFactExecution('repoDependencyAnalysis', () => (0, repoDependencyFacts_1.repoDependencyAnalysis)(params, almanac));
+        }));
+        engine.addFact('repoFileAnalysis', (params, almanac) => __awaiter(this, void 0, void 0, function* () {
+            return factMetricsTracker_1.factMetricsTracker.trackFactExecution('repoFileAnalysis', () => (0, repoFilesystemFacts_1.repoFileAnalysis)(params, almanac));
+        }));
+        // Static data doesn't need execution tracking
         engine.addFact('globalFileMetadata', fileData, { priority: 50 });
         logger_1.logger.trace(fileData, 'Added globalFileData as fact');
         // add xfiConfig as a fact
@@ -146,12 +164,12 @@ function analyzeCodebase(params) {
         });
         const finishMsg = `\n==========================\nCHECKS COMPLETED..\n==========================`;
         logger_1.logger.info(finishMsg);
-        const totalFailureCount = (0, utils_1.countRuleFailures)(failures);
+        const totalFailureCount = (0, utils_2.countRuleFailures)(failures);
         logger_1.logger.info(`${fileData.length - 1} files analyzed. ${totalFailureCount} rule failures.`);
-        const fatalityCount = (0, utils_1.countRuleFailures)(failures, 'fatality');
-        const warningCount = (0, utils_1.countRuleFailures)(failures, 'warning');
-        const exemptCount = (0, utils_1.countRuleFailures)(failures, 'exempt');
-        const errorCount = (0, utils_1.countRuleFailures)(failures, 'error');
+        const fatalityCount = (0, utils_2.countRuleFailures)(failures, 'fatality');
+        const warningCount = (0, utils_2.countRuleFailures)(failures, 'warning');
+        const exemptCount = (0, utils_2.countRuleFailures)(failures, 'exempt');
+        const errorCount = (0, utils_2.countRuleFailures)(failures, 'error');
         const finishTime = new Date().getTime();
         const memoryUsage = process.memoryUsage();
         logger_1.logger.info('Assemblying result metadata..');
@@ -161,6 +179,7 @@ function analyzeCodebase(params) {
                 telemetryData,
                 memoryUsage,
                 repoXFIConfig: repoXFIConfig,
+                factMetrics: factMetricsTracker_1.factMetricsTracker.getMetrics(),
                 issueDetails: failures,
                 startTime: telemetryData.startTime,
                 finishTime: finishTime,
@@ -177,6 +196,25 @@ function analyzeCodebase(params) {
                 xfiVersion: package_json_1.version
             }
         };
+        // Generate reports
+        try {
+            // Save JSON report
+            const jsonReportPath = path_1.default.join(process.cwd(), `xfi-report-${(0, utils_1.getFormattedDate)()}.json`);
+            yield promises_1.default.writeFile(jsonReportPath, JSON.stringify(resultMetadata, null, 2));
+            logger_1.logger.info(`JSON report saved to: ${jsonReportPath}`);
+            // Generate and save markdown report
+            const generator = new reportGenerator_1.XFiReportGenerator(resultMetadata);
+            const markdownReportPath = path_1.default.join(process.cwd(), `xfi-report-${(0, utils_1.getFormattedDate)()}.md`);
+            try {
+                yield generator.saveReportToFile(markdownReportPath);
+            }
+            catch (error) {
+                logger_1.logger.error(`Failed to generate markdown report: ${error instanceof Error ? error.message : 'Unknown error'}`);
+            }
+        }
+        catch (error) {
+            logger_1.logger.error('Failed to save analysis reports - continuing with execution');
+        }
         // Send telemetry for analysis end
         yield (0, telemetry_1.sendTelemetry)({
             eventType: 'analysisResults',

package/dist/demoConfig/rules/outdatedFramework-global-rule.json

@@ -9,9 +9,15 @@
                 "value": "REPO_GLOBAL_CHECK"
             },
             {
-                "fact": "repoDependencyAnalysis",
+                "fact": "repoDependencyAnalysis", 
                 "params": {
-                    "resultFact": "repoDependencyResults"
+                    "resultFact": "repoDependencyResults",
+                    "minimumDependencyVersions": {
+                        "typescript": "5.0.0",
+                        "node": "18.0.0",
+                        "react": "18.2.0",
+                        "next": "13.0.0"
+                    }
                 },
                 "operator": "outdatedFramework",
                 "value": true
@@ -21,7 +27,7 @@
     "event": {
         "type": "fatality",
         "params": {
-            "message": "some core framework dependencies have expired!",
+            "message": "Core framework dependencies do not meet minimum version requirements! Please update your dependencies to the required versions.",
             "details": {
                 "fact": "repoDependencyResults"
             }
@@ -29,7 +35,7 @@
     },
     "errorBehavior": "fatal",
     "onError": {
-        "action": "sendNotification",
+        "action": "sendNotification", 
         "params": {
             "channel": "security-alerts",
             "priority": "high"

package/dist/facts/index.js

@@ -17,24 +17,39 @@ const globalFileAnalysisFacts_1 = require("./globalFileAnalysisFacts");
 const pluginRegistry_1 = require("../core/pluginRegistry");
 const openaiUtils_1 = require("../utils/openaiUtils");
 const logger_1 = require("../utils/logger");
+const factMetricsTracker_1 = require("../utils/factMetricsTracker");
 function loadFacts(factNames) {
     return __awaiter(this, void 0, void 0, function* () {
         // Get the latest facts including plugins
         const allAvailableFacts = Object.assign({ repoFilesystemFacts: {
                 name: 'fileData',
-                fn: repoFilesystemFacts_1.collectRepoFileData,
+                fn: (params, almanac) => __awaiter(this, void 0, void 0, function* () {
+                    return factMetricsTracker_1.factMetricsTracker.trackFactExecution('fileData', () => (0, repoFilesystemFacts_1.collectRepoFileData)(params, almanac));
+                }),
                 priority: 100
             }, repoDependencyFacts: {
                 name: 'dependencyData',
-                fn: repoDependencyFacts_1.getDependencyVersionFacts
+                fn: (params, almanac) => __awaiter(this, void 0, void 0, function* () {
+                    const archetypeConfig = yield almanac.factValue('archetypeConfig');
+                    return factMetricsTracker_1.factMetricsTracker.trackFactExecution('dependencyData', () => (0, repoDependencyFacts_1.getDependencyVersionFacts)(archetypeConfig));
+                })
             }, openaiAnalysisFacts: {
                 name: 'openaiAnalysis',
-                fn: openaiAnalysisFacts_1.openaiAnalysis
+                fn: (params, almanac) => __awaiter(this, void 0, void 0, function* () {
+                    return factMetricsTracker_1.factMetricsTracker.trackFactExecution('openaiAnalysis', () => (0, openaiAnalysisFacts_1.openaiAnalysis)(params, almanac));
+                })
             }, globalFileAnalysisFacts: {
                 name: 'globalFileAnalysis',
-                fn: globalFileAnalysisFacts_1.globalFileAnalysis.fn,
-                priority: 50 // Set priority to run after globalFileMetadata
-            } }, Object.fromEntries(pluginRegistry_1.pluginRegistry.getPluginFacts().map(fact => [fact.name, fact])));
+                fn: (params, almanac) => __awaiter(this, void 0, void 0, function* () {
+                    return factMetricsTracker_1.factMetricsTracker.trackFactExecution('globalFileAnalysis', () => globalFileAnalysisFacts_1.globalFileAnalysis.fn(params, almanac));
+                }),
+                priority: 50
+            } }, Object.fromEntries(pluginRegistry_1.pluginRegistry.getPluginFacts().map(fact => [
+            fact.name,
+            Object.assign(Object.assign({}, fact), { fn: (params, almanac) => __awaiter(this, void 0, void 0, function* () {
+                    return factMetricsTracker_1.factMetricsTracker.trackFactExecution(fact.name, () => fact.fn(params, almanac));
+                }) })
+        ])));
         logger_1.logger.info(`Loading facts: ${factNames.join(',')}`);
         const pluginFacts = pluginRegistry_1.pluginRegistry.getPluginFacts();
         logger_1.logger.info(`Found ${pluginFacts.length} plugin facts available`);

package/dist/facts/repoDependencyFacts.js

@@ -272,16 +272,24 @@ function repoDependencyAnalysis(params, almanac) {
             const analysis = [];
             const dependencyData = yield almanac.factValue('dependencyData');
             const safeDependencyData = (0, utils_1.safeClone)(dependencyData);
-            safeDependencyData.installedDependencyVersions.forEach((versionData) => {
+            // Use rule-provided versions if they exist, otherwise use the ones from dependencyData
+            const versionsToCheck = (params === null || params === void 0 ? void 0 : params.minimumDependencyVersions) ?
+                safeDependencyData.installedDependencyVersions.filter((versionData) => params.minimumDependencyVersions[versionData.dep]) :
+                safeDependencyData.installedDependencyVersions;
+            versionsToCheck.forEach((versionData) => {
+                var _a;
                 logger_1.logger.debug(`outdatedFramework: checking ${versionData.dep}`);
                 try {
                     // Check if the installed version satisfies the required version, supporting both ranges and specific versions
-                    const isValid = semverValid(versionData.ver, versionData.min);
+                    // Get required version from rule params if it exists, otherwise from archetype config
+                    const requiredVersion = ((_a = params === null || params === void 0 ? void 0 : params.minimumDependencyVersions) === null || _a === void 0 ? void 0 : _a[versionData.dep]) || versionData.min;
+                    // Check if the installed version satisfies the required version
+                    const isValid = semverValid(versionData.ver, requiredVersion);
                     if (!isValid && semver.valid(versionData.ver)) {
                         const dependencyFailure = {
                             'dependency': versionData.dep,
                             'currentVersion': versionData.ver,
-                            'requiredVersion': versionData.min
+                            'requiredVersion': requiredVersion
                         };
                         logger_1.logger.error(`dependencyFailure: ${(0, utils_1.safeStringify)(dependencyFailure)}`);
                         analysis.push(dependencyFailure);

package/dist/notifications/reportGenerator.d.ts

@@ -0,0 +1,25 @@
+import { ResultMetadata } from '../types/typeDefs';
+export declare class XFiReportGenerator {
+    private data;
+    repoName: string;
+    private githubBaseUrl;
+    private githubHostname;
+    constructor(jsonData: ResultMetadata);
+    private getFileName;
+    private getGithubUrl;
+    private countIssuesByFile;
+    private countIssuesByRuleType;
+    private calculateSuccessRate;
+    private generateExecutiveSummary;
+    private generateFileStatusChart;
+    private generateTopRuleFailuresChart;
+    private generateFileIssuesChart;
+    private generateFactMetricsChart;
+    private generateTopIssuesSection;
+    private generateFunctionComplexitySection;
+    private generateDependencyIssuesSection;
+    private generateSensitiveDataSection;
+    private generateGlobalIssuesSection;
+    generateReport(): string;
+    saveReportToFile(outputPath: string): Promise<void>;
+}