@agenit/cli 1.1.0 → 1.3.4

package/config/flow.toml

@@ -0,0 +1,396 @@
+[gemini]
+# Gemini CLI binary. Use a bare name to let agenIT resolve it via PATH
+# (cross-platform: searches PATH, then well-known install locations like
+# /opt/homebrew/bin on macOS, /usr/local/bin on Linux, %APPDATA%\npm on
+# Windows). Set an absolute path only if you need to pin a specific install.
+binary      = "gemini"
+# Model override — leave commented out to use Gemini CLI's own default
+# model     = "gemini-2.5-pro"
+# Working dir handed to the spawned Gemini-CLI as cwd. Resolved against the
+# directory the user invoked `agenit` from (NOT the directory holding this
+# file). Leave unset (or "." ) to follow the user's project — every
+# `write_file` from Gemini then lands inside the project. Set to an absolute
+# path only if you want all projects to share one workspace.
+# working_dir = "."
+
+[tools]
+# Use the project venv so all tool dependencies (pdfplumber, cantools, etc.) are available
+python    = "/Users/mohamedeldabaa/TheFlow/.venv/bin/python3"
+tools_dir = "../.flow/tools"
+
+[jlink]
+# Set per project: e.g. "STM32F407VG", "S32K144", "nRF52840_xxAA"
+device    = ""
+interface = "SWD"
+speed_khz = 4000
+
+[flow]
+# TheFlow installation root — auto-detected from binary; override with FLOW_HOME env var
+flow_home     = ".."
+# All assets live under .flow/ (centralised)
+soul_path     = "../.flow/soul.md"
+prompts_dir   = "../.flow/prompts"
+templates_dir = "../.flow/templates"
+# Memory + codedigest are project-scoped: the orchestrator resolves these
+# relative to the directory the user invoked `agenit` from, so each
+# project owns its own `memory/` and `memory/codedigest/`. Use plain
+# names (no leading `../`) so artefacts land *inside* the project.
+memory_dir     = "memory/projects"
+codedigest_dir = "memory/codedigest"
+
+# ─── Backend ─────────────────────────────────────────────────────────────────
+# Selects which LLM provider the free-text REPL path and `/squad`'s
+# primary-agent auto-fire use. V-Model nodes (`/swe1`/`/swe2`/`/swe4`/`/swe5`)
+# always use the Gemini CLI directly. All squad helpers (the parallel
+# fleet) also always use Gemini — see [squad] below for tier routing.
+[backend]
+# Accepted values: "gemini-cli" (default), "claude", "openai", "ollama".
+# Each provider has its own auth requirement:
+#   gemini-cli  — Google OAuth (no API key); requires the gemini binary above.
+#   claude      — export ANTHROPIC_API_KEY.
+#   openai      — export OPENAI_API_KEY.
+#   ollama      — local daemon at http://localhost:11434 (override via OLLAMA_HOST).
+provider = "gemini-cli"
+# model    = "claude-opus-4-7"  # claude
+# model    = "gpt-4o-mini"      # openai
+# model    = "llama3.2"         # ollama
+# model    = "gemini-2.5-pro"   # gemini-cli
+
+# ─── Web tools — vendor docs, GitHub refs, RFCs ─────────────────────────────
+# Backs `web_fetch.py` and `web_search.py` invoked by swe1 / swe2 / debug
+# system prompts. The fetch sidecar enforces `allowed_domains` on every
+# call (fnmatch-style; `*.example.com` matches subdomains, not the apex).
+# Empty list → web fetch refuses every call (and the tool block is omitted
+# from system prompts entirely so the LLM doesn't dangle a useless tool).
+[web]
+allowed_domains = [
+    "github.com",
+    "raw.githubusercontent.com",
+    "*.readthedocs.io",
+    "docs.python.org",
+    "*.st.com",
+    "*.nxp.com",
+    "*.nordicsemi.com",
+    "*.infineon.com",
+    "*.ti.com",
+    "*.microchip.com",
+    "*.renesas.com",
+    "*.espressif.com",
+    "developer.arm.com",
+]
+search_provider     = "duckduckgo"   # PR-2: "brave" | "tavily"
+search_api_key_env  = ""              # env var name carrying the API key (brave/tavily only)
+fetch_timeout_secs  = 10
+fetch_max_bytes     = 65536
+
+# ─── Language Server Protocol (code intelligence) ────────────────────────────
+# Backs `/lsp` and the LSP tool block injected into swe4-implementer / debug
+# system prompts. Servers are auto-selected by file extension. Binaries are
+# resolved in this order:
+#   1. env var (FLOW_CLANGD / FLOW_PYRIGHT / FLOW_RUST_ANALYZER)
+#   2. the value below
+#   3. PATH lookup of the bare name
+#
+# clangd needs `compile_commands.json` somewhere above the queried file;
+# generate one with CMake (CMAKE_EXPORT_COMPILE_COMMANDS=ON), `bear -- make`,
+# or Bazel's hedron_compile_commands. The tool prints a friendly fix-it
+# message if it's missing.
+[lsp]
+clangd_binary         = "clangd"
+pyright_binary        = "pyright-langserver"
+rust_analyzer_binary  = "rust-analyzer"
+compile_commands_dir  = "."          # relative to flow_home (this file's dir)
+mode                  = "spawn"      # PR-1: spawn-per-query; "daemon" lands in PR-2
+query_timeout_secs    = 15
+
+# ─── Mission Squad ───────────────────────────────────────────────────────────
+# Parallel helper-agent orchestration. `/squad <template> <task>` fans out
+# a fleet of focused helpers across phases, then auto-fires the template's
+# primary skill agent with the assembled briefing pre-injected.
+[squad]
+# Auto-run a matching squad template before each V-Model stage
+# (`/swe1` / `/swe2` / `/swe4` / `/swe5`). Default off so existing flows
+# keep their previous behaviour.
+auto_squad = false
+
+# Auto-fire the primary skill agent at the end of `/squad <…>`. Set to
+# false to revert to briefing-only output (user copy-pastes manually).
+auto_chain = true
+
+# Per-helper wall-clock budget for *worker-tier* helpers (req-reader,
+# code-scanner, trace-analyzer, etc., plus AgentTier::Worker LLM
+# helpers). Cheap file-readers still finish in <100ms — the upper
+# bound only kicks in when something is legitimately slow (large
+# LLM call, fastembed first-run model download).
+helper_timeout_secs = 90
+
+# Per-helper wall-clock budget for *planner-tier* reducers / queens.
+# Defaults to 3 × helper_timeout_secs when omitted (see #42 — the
+# planner needs longer than a worker because it synthesises across
+# every worker's briefing). Override here when running on slower
+# hardware or with very long context windows.
+# helper_timeout_planner_secs = 270
+
+# Hard cap on the *total* number of helpers per squad (across phases).
+max_helpers = 8
+
+# Hard cap on the number of `gemini --prompt` subprocesses alive at the
+# same instant — memory pressure brake. 4 × ~300 MB ≈ 1.2 GB worst case.
+max_concurrent_agents = 4
+
+# Gemini model for AgentTier::Worker slots — fast, cheap, many in parallel.
+worker_model  = "gemini-2.0-flash"
+
+# Gemini model for AgentTier::Planner slots — smart, slower, usually one.
+# All synthesisers (Phase 3 of every template) are Planner tier.
+planner_model = "gemini-2.5-pro"
+
+# Advise mode — when true, every agent prompt gains a non-strippable prefix
+# instructing it to recommend rather than execute (no file mutation, no
+# destructive shell). Useful for "reason but don't act" sessions.
+advise_mode = false
+
+# Reducer model for hierarchy queens and mesh reducers. Empty = inherit
+# `planner_model`. Hierarchy/Mesh topologies emit a single Planner-tier
+# call at the end of the run, so this knob lets you upgrade just that
+# call (e.g. opus-4.7 reducer with flash workers).
+reducer_model = ""
+
+# ─── Topology-aware orchestration (Phase 1 of ruflo gap-closure) ────────────
+# Controls how /squad and /orchestrate arrange helpers. `star` reproduces
+# today's phased fan-out exactly. `pipeline` chains helpers serially.
+# `hierarchy` plans + reduces via a Planner-tier queen. `mesh` votes
+# across worker briefings via a consensus reducer.
+[orchestrate]
+# Default coordination shape when /squad and /orchestrate omit
+# --topology=<t>. Values: "star" | "pipeline" | "hierarchy" | "mesh".
+default_topology = "star"
+# When true, /goal tick prepends a small star-topology squad to refresh
+# context (req-reader, codedigest-searcher, session-memory) before the
+# LLM call. Default off — goal stays a single-agent loop.
+pre_tick_squad = false
+# Hard cap on helpers a non-star topology may spawn. Mesh fan-out is
+# quadratic so a runaway plan needs an explicit ceiling.
+max_topology_helpers = 12
+
+[telemetry]
+# OpenTelemetry exporter — "none" (default; zero overhead),
+# "stdout" (one-line per span on stderr; useful for `flow --debug` runs),
+# "console" (verbose upstream ConsoleSpanExporter), or
+# "otlp" (batched OTLP/HTTP to `otlp_endpoint`).
+exporter      = "none"
+
+# OTLP/HTTP endpoint — only used when exporter = "otlp".
+# Examples:
+#   - http://localhost:4318/v1/traces        (Jaeger / OTel collector)
+#   - https://otlp.honeycomb.io/v1/traces    (Honeycomb)
+otlp_endpoint = ""
+
+# Resource attribute reported on every span. Override per-machine if you
+# want to distinguish hosts in your trace backend.
+service_name  = "flow"
+
+[update_check]
+# When true, the REPL polls https://registry.npmjs.org once per 24 h
+# (cached at ~/.cache/flow/version-check.json) and prints a one-line
+# notice if a newer version of `npm_package` is available. Set
+# `npm_package` to the published name once the first release tag is
+# cut; leave empty to disable until then. See
+# docs/opencode-parity-followups.md A9 for the npm-name decision.
+enabled     = true
+npm_package = "@agenit/cli"
+
+[security]
+# Whitelist of binary names allowed as the first token of any
+# `run_shell_command` invocation. The BeforeTool guard hook denies
+# anything else with a friendly message. Empty list disables the check
+# (default), so existing setups keep working until you opt in.
+#
+# Recommended starter set for embedded engineers:
+#   allowed_shell = ["git", "make", "cmake", "ninja", "pnpm", "npm",
+#                    "python3", "pytest", "cargo", "rustc", "clang",
+#                    "gcc", "ls", "cat", "head", "tail", "grep", "find",
+#                    "rg", "diff", "patch", "JLinkExe", "openocd"]
+allowed_shell = []
+
+# ─── Compliance modes (Phase 2 of ruflo gap-closure) ────────────────────────
+# Drives the AIDefence prompt-injection / PII guard and the BeforeTool
+# tool denylist. Pick the strictest mode that matches your data
+# classification — modes auto-enable the hash-chain audit log unless
+# `audit_log_enabled` is set explicitly below.
+#
+#   "off"   — no extra restrictions (default; today's behaviour).
+#   "soc2"  — warn-only PII; every BeforeTool call appends to audit.log.
+#   "gdpr"  — PII redacted from prompts; audit log enabled.
+#   "hipaa" — PII denies the prompt outright; web_fetch / google_web_search /
+#             run_shell_command are forbidden; audit log enabled.
+compliance_mode = "off"
+
+# Optional subset of PII categories the AIDefence scanner should check.
+# Empty = all 14 (email, phone_us, phone_intl, ssn_us, credit_card,
+# iban, ip_v4, ip_v6, mac_address, aws_access_key, aws_secret_key,
+# private_key_block, github_pat, jwt). Set to a subset if scan latency
+# is a concern (the scanner is ~5MB/s but ~80ms on very large prompts).
+pii_categories = []
+
+# Tamper-evident audit log. When enabled, every BeforeTool fire appends
+# a SHA-256 chained record to `<memory_dir>/audit.log` so any tampering
+# breaks every subsequent hash. Auto-enabled by compliance_mode != "off".
+# audit_log_enabled = true
+
+[modes.plan]
+# Tool names allowed while `/plan` mode is active. The default set
+# (read_file, list_directory, glob, search_file_content,
+#  google_web_search, web_fetch) keeps research workflows fluid while
+# blocking writes. Override here if you want, e.g., to allow
+# `apply_patch` for review-style edits.
+# allowed_tools = ["read_file", "search_file_content", "list_directory"]
+
+[modes.build]
+# Empty = unrestricted (default). Useful if you want to forbid certain
+# tools globally (e.g. in a CI sandbox).
+# allowed_tools = []
+
+[codedigest]
+# When true, the REPL launches a chokidar watcher that auto-reindexes
+# the codedigest store on source-file changes. Burst saves are
+# coalesced into one rebuild via debounce_ms; cooldown_ms is the hard
+# floor between successive rebuilds. Default is false to preserve
+# pre-B3 behaviour (explicit `/codedigest index`).
+auto_reindex = false
+debounce_ms  = 2000
+cooldown_ms  = 30000
+
+# ─── mempalace — semantic memory retrieval (opt-in) ────────────────────────
+# Hybrid retrieval over `memory/projects/<project>/{context,decisions,
+# requirements}.md`. Markdown stays the source of truth; mempalace is the
+# optional accelerator. When `enabled = false` (default), `/req` and `/arch`
+# stages run identically to today and `/mempalace` prints a one-liner pointing
+# at doc/integrations/mempalace.md. Install with `pip install mempalace`.
+#
+# Override the master switch at runtime with the AGENIT_MEMPALACE env var
+# ("1"/"true" → on; "0"/"false" → off; anything else falls through to this
+# config).
+[mempalace]
+enabled            = false
+# Binary name or absolute path. Resolved against PATH when bare.
+binary             = "mempalace"
+# Palace root. The orchestrator reads this verbatim; users who want
+# project-scoped palaces can use a path like "memory/mempalace/<project>"
+# and run `mempalace init` per project.
+palace_dir         = "memory/mempalace"
+# Hits returned per `mempalace search` invocation. The retrieved snippets
+# are injected verbatim into the model's context, so keep this small.
+top_k              = 5
+# Hard cap on a single mempalace invocation in seconds.
+query_timeout_secs = 5
+
+# ─── Memory backend (Phase 3 of ruflo gap-closure) ──────────────────────────
+# Pluggable memory + search drivers. Default "bm25" preserves today's
+# behaviour exactly. Dense backends are lazy-loaded, so picking
+# anything other than bm25 only pays the install cost on first use.
+#
+#   "bm25"      — keyword + name-boost (default; zero deps).
+#   "xenova"    — @xenova/transformers MiniLM-L6-v2 embeddings;
+#                 ~80MB install on first load. Pure Node.
+#   "python"    — shells out to .flow/tools/embed_search.py
+#                 (sentence-transformers + faiss); requires Python venv.
+#   "mempalace" — reuses the [mempalace] integration above.
+#   "hybrid"    — combines BM25 with the configured dense driver.
+[memory]
+backend = "bm25"
+
+# When backend = "hybrid", which dense driver to combine with BM25.
+# Values: "xenova" | "python" | "mempalace".
+hybrid_dense = "xenova"
+
+# Weight on the BM25 side of the hybrid score (0..1). 0 = pure dense,
+# 1 = pure BM25. Default 0.5.
+hybrid_alpha = 0.5
+
+# Python sidecar path + timeout (only used when backend = "python" or
+# hybrid + hybrid_dense = "python").
+python_tool_path = ".flow/tools/embed_search.py"
+python_timeout_ms = 60000
+
+# Soul-keeper background worker — distils repeated bullets in
+# `memory/projects/<p>/context.md` into the User Profile section of
+# `.flow/soul.md`. Wired into session start in cli.tsx; runs forever
+# at `soul_keeper_gap_ms` cadence. Set `soul_keeper_enabled = false`
+# on noisy projects where you don't want auto-promotion.
+soul_keeper_enabled = true
+soul_keeper_gap_ms  = 300000   # 5 minutes (300_000 ms)
+
+# ReasoningBank — append-only "task pattern → outcome" tuples written
+# at goal completion and surfaced to future squads.
+reasoning_dir = "memory/reasoning"
+reasoning_on_goal_complete = true
+
+# RVF — cross-session goal snapshots so other sessions / machines can
+# retrieve a goal's outcome without re-running it.
+rvf_dir = "memory/rvf"
+rvf_on_goal_complete = true
+
+# ─── Routing & cost (Phase 4 of ruflo gap-closure) ──────────────────────────
+# Per-task-tier model preference and a per-turn cost ceiling. Each rule
+# maps a tier ("fast" / "smart" / "cheap") to a (provider, model) pair.
+# Tagged call sites (profile-recommend → fast, plan-generation → smart,
+# agent-generate → smart, REPL chat → fast) and the goal driver consult
+# this map to pick the right model. The runtime probe at first run will
+# adjust the model strings if the canonical names below aren't available
+# on your install — see `agenit --reprobe` to bust the cache.
+[routing]
+rules = [
+  { tier = "fast",  provider = "gemini-cli", model = "gemini-2.5-flash" },
+  { tier = "smart", provider = "gemini-cli", model = "gemini-2.5-pro"   },
+  { tier = "cheap", provider = "gemini-cli", model = "gemini-2.5-flash" },
+]
+# Multi-provider example (mix vendors per tier):
+# rules = [
+#   { tier = "cheap", provider = "openai",     model = "gpt-4o-mini" },
+#   { tier = "fast",  provider = "gemini-cli", model = "gemini-2.5-flash" },
+#   { tier = "smart", provider = "claude",     model = "claude-opus-4-7" },
+# ]
+
+# Hard cap on USD per turn. 0 disables. When a turn's cost exceeds
+# this, the goal short-circuits with budget_exhausted.
+max_cost_per_turn_usd = 0
+
+# Per-model rate overrides ($/1k tokens). Falls through to the
+# defaults in @flow/goal's DEFAULT_RATE_USD_PER_1K_TOKENS table.
+# rate_overrides_usd_per_1k_tokens = { "gemini-2.5-pro" = 0.0035 }
+
+# ─── Advisor ────────────────────────────────────────────────────────────────
+# Marker-driven advisor side-call. When the goal driver's main model
+# emits `[[ADVISOR: <question>]]` in its tick response, the orchestrator
+# pauses, runs a side-call to a smarter model with full context, and
+# injects the reply into the next turn's prompt under "## Advisor reply".
+# Designed for setups where the main loop runs on flash (cheap, fast)
+# and only consults pro when it actually needs deeper reasoning.
+[advisor]
+enabled = true
+# Tier the advisor consult runs at. "smart" → pro; drop to "fast"
+# on free-tier setups.
+tier = "smart"
+# Hard cap on consults per goal. Prevents an over-eager flash run
+# from 10×-ing token cost via repeated consults.
+max_consults_per_goal = 5
+# Replace absolute paths in audit-note context with `<path>` before
+# sending to the advisor. Mitigates accidental filesystem disclosure.
+redact_paths = true
+
+# ─── Session summary ────────────────────────────────────────────────────────
+# End-of-session LLM summarizer. Reads back the session's turns and
+# extracts: durable project context, architecture decisions,
+# requirements, and user-preference patterns. Outputs land in
+# `memory/projects/<p>/{context,decisions,requirements}.md` (per
+# project) and `<flow_home>/.flow/soul.md` (global). Without this
+# step, soul-keeper has nothing to distill — context.md stays empty.
+[session]
+summarize_on_end = true
+# Tier the summarizer runs at. "smart" → pro, tighter structured
+# output; "fast" → flash, faster exit, slightly looser structure.
+tier = "smart"
+# Don't summarize sessions shorter than this — trivial sessions
+# (lookup, /exit) don't yield durable signal.
+min_turns = 3

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agenit/cli",
-  "version": "1.1.0",
+  "version": "1.3.4",
   "description": "agenIT — Profile-driven AI dev co-pilot CLI (TypeScript / Ink). ASPICE-aligned V-Model workflow on top of Gemini CLI for embedded engineering teams.",
   "keywords": [
     "agenit",
@@ -18,14 +18,14 @@
     "typescript"
   ],
   "author": "Mohamed Eldabaa <mohamed.eldabaa@yahoo.com>",
-  "homepage": "https://github.com/muhammed-eldabea/flow#readme",
+  "homepage": "https://github.com/muhammed-eldabea/AgenIT#readme",
   "bugs": {
-    "url": "https://github.com/muhammed-eldabea/flow/issues"
+    "url": "https://github.com/muhammed-eldabea/AgenIT/issues"
   },
   "license": "MIT",
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/muhammed-eldabea/flow.git",
+    "url": "git+https://github.com/muhammed-eldabea/AgenIT.git",
     "directory": "packages/orchestrator"
   },
   "type": "module",
@@ -36,6 +36,7 @@
   "files": [
     "cli.js",
     "bin",
+    "config",
     "README.md",
     "CHANGELOG.md",
     "LICENSE"
@@ -47,6 +48,7 @@
     "access": "public"
   },
   "dependencies": {
+    "@google/gemini-cli": ">=0.37.0",
     "@iarna/toml": "^2.2.5",
     "@opentelemetry/api": "^1.9.0",
     "@opentelemetry/exporter-metrics-otlp-http": "^0.57.0",