@aihq/harness 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +7 -0
- package/dist/chunk-2N5U3KQN.js +3012 -0
- package/dist/cli.js +2 -11
- package/dist/index.d.ts +27 -14
- package/dist/index.js +1 -133
- package/package.json +1 -1
- package/dist/chunk-7GVBGS5N.js +0 -26662
- package/dist/chunk-7GVBGS5N.js.map +0 -1
- package/dist/cli.js.map +0 -1
- package/dist/index.js.map +0 -1
package/dist/cli.js
CHANGED
|
@@ -1,12 +1,3 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
|
-
import {
|
|
3
|
-
|
|
4
|
-
} from "./chunk-7GVBGS5N.js";
|
|
5
|
-
|
|
6
|
-
// src/cli.ts
|
|
7
|
-
buildProgram().parseAsync(process.argv).catch((err) => {
|
|
8
|
-
process.stderr.write(`fatal: ${err instanceof Error ? err.message : String(err)}
|
|
9
|
-
`);
|
|
10
|
-
process.exitCode = 1;
|
|
11
|
-
});
|
|
12
|
-
//# sourceMappingURL=cli.js.map
|
|
2
|
+
import{ja as s}from"./chunk-2N5U3KQN.js";s().parseAsync(process.argv).catch(r=>{process.stderr.write(`fatal: ${r instanceof Error?r.message:String(r)}
|
|
3
|
+
`),process.exitCode=1});
|
package/dist/index.d.ts
CHANGED
|
@@ -186,7 +186,7 @@ type Verdict = "pass" | "fail" | "skip";
|
|
|
186
186
|
* sealed: a new failure mode means a new member here PLUS the `code` set at the
|
|
187
187
|
* emitter; never derive a code by matching `detail`.
|
|
188
188
|
*/
|
|
189
|
-
type CheckCode = "env.node-runtime" | "env.git-missing" | "env.dev-tool-missing" | "env.tool-install-blocked" | "cert.ca-missing" | "tls.verify-failed" | "npm.runtime-broken" | "path.missing" | "mcp.blocked" | "mcp.uv-missing" | "mcp.config-missing" | "mcp.unvendored-offline" | "mcp.policy-denied" | "mcp.hardcoded-secret" | "mcp.allowlist-drift" | "cli.not-detected" | "cli.config-only" | "cli.bootloader-missing" | "cli.bootloader-drift" | "cli.wont-load" | "canon.router-missing" | "canon.context-dir-missing" | "canon.lint-failed" | "canon.adoptable" | "canon.cli-native-unmigrated" | "secrets.plaintext-detected" | "guardrails.gitleaks-missing" | "usage.no-data" | "scale.code-review-graph-missing" | "contract.path-unportable" | "contract.stale" | "org-policy.drift" | "report.context-over-budget" | "report.low-adoption" | "report.contract-untrue" | "ready.blocked" | "trust.fetch-blocked" | "trust.detector-unavailable" | "trust.hidden-unicode" | "trust.prompt-injection" | "trust.source-changed" | "trust.auto-exec-hook" | "trust.dependency-confusion" | "trust.typosquat" | "trust.malicious-code" | "trust.source-drift" | "trust.unpinned-dependency" | "trust.untrusted-publisher" | "trust.unsigned-source";
|
|
189
|
+
type CheckCode = "env.node-runtime" | "env.git-missing" | "env.dev-tool-missing" | "env.tool-install-blocked" | "cert.ca-missing" | "tls.verify-failed" | "npm.runtime-broken" | "path.missing" | "mcp.blocked" | "mcp.uv-missing" | "mcp.config-missing" | "mcp.unvendored-offline" | "mcp.policy-denied" | "mcp.hardcoded-secret" | "mcp.allowlist-drift" | "cli.not-detected" | "cli.config-only" | "cli.bootloader-missing" | "cli.bootloader-drift" | "cli.wont-load" | "canon.router-missing" | "canon.context-dir-missing" | "canon.lint-failed" | "canon.adoptable" | "canon.cli-native-unmigrated" | "secrets.plaintext-detected" | "guardrails.gitleaks-missing" | "usage.no-data" | "scale.code-review-graph-missing" | "contract.path-unportable" | "contract.stale" | "org-policy.drift" | "report.context-over-budget" | "report.low-adoption" | "report.contract-untrue" | "ready.blocked" | "trust.fetch-blocked" | "trust.detector-unavailable" | "trust.hidden-unicode" | "trust.prompt-injection" | "trust.source-changed" | "trust.auto-exec-hook" | "trust.dependency-confusion" | "trust.typosquat" | "trust.malicious-code" | "trust.source-drift" | "trust.unpinned-dependency" | "trust.untrusted-publisher" | "trust.unsigned-source" | "trust.license-missing";
|
|
190
190
|
interface Check {
|
|
191
191
|
name: string;
|
|
192
192
|
verdict: Verdict;
|
|
@@ -351,20 +351,25 @@ interface DigestAction {
|
|
|
351
351
|
};
|
|
352
352
|
}
|
|
353
353
|
/**
|
|
354
|
-
* Remove a repo-LOCAL file that aih exclusively owns — aih's only
|
|
355
|
-
* action.
|
|
356
|
-
* aih-owned
|
|
357
|
-
* dropped
|
|
354
|
+
* Remove a repo-LOCAL file or directory that aih exclusively owns — aih's only
|
|
355
|
+
* destructive action. Two emitters: `aih prune` (artifacts its detection proved
|
|
356
|
+
* aih-owned — a per-CLI adapter note, a kiro steering/hook extra — once the CLI is
|
|
357
|
+
* dropped) and `aih skill remove` (a user-directed removal of an installed skill's
|
|
358
|
+
* directory + committed card). The executor fails closed: mandatory {@link assertContained} on the raw
|
|
358
359
|
* path (no `external` field exists, so a global `~/home` file is structurally
|
|
359
|
-
* unreachable), a symlink guard, and a backup before unlink.
|
|
360
|
-
* gitignored `.aih/legacy/<path>` (reversible
|
|
361
|
-
*
|
|
360
|
+
* unreachable), a symlink guard, and a backup before unlink. By default it MOVES the
|
|
361
|
+
* file to gitignored `.aih/legacy/<path>` (reversible; occupied destinations are never
|
|
362
|
+
* overwritten). Under `hardDelete` it instead renames to the sibling `<path>.aih.bak`
|
|
363
|
+
* — the same single-slot, latest-wins backup every aih write gets — for users who
|
|
364
|
+
* explicitly opt out of the archive.
|
|
362
365
|
*/
|
|
363
366
|
interface RemoveAction {
|
|
364
367
|
kind: "remove";
|
|
365
368
|
/** Repo-relative path of the file to remove. */
|
|
366
369
|
path: string;
|
|
367
370
|
describe: string;
|
|
371
|
+
/** Opt-in: single-slot `<path>.aih.bak` rename instead of the `.aih/legacy/` archive. */
|
|
372
|
+
hardDelete?: boolean;
|
|
368
373
|
}
|
|
369
374
|
type Action = WriteAction | DocAction | ProbeAction | ExecAction | EnvBlockAction | DigestAction | RemoveAction;
|
|
370
375
|
interface Plan {
|
|
@@ -471,7 +476,9 @@ declare function exec(describe: string, argv: string[], opts?: {
|
|
|
471
476
|
blockProbesOnFailure?: boolean;
|
|
472
477
|
}): ExecAction;
|
|
473
478
|
declare function envBlock(path: string, scope: string, shell: EnvShell, vars: EnvVar[], describe: string): EnvBlockAction;
|
|
474
|
-
declare function remove(path: string, describe: string
|
|
479
|
+
declare function remove(path: string, describe: string, opts?: {
|
|
480
|
+
hardDelete?: boolean;
|
|
481
|
+
}): RemoveAction;
|
|
475
482
|
declare function plan(capability: string, ...actions: Action[]): Plan;
|
|
476
483
|
|
|
477
484
|
/** Capability commands (repo/workstation mutators), dry-run by default. */
|
|
@@ -558,9 +565,10 @@ interface WriteSummary {
|
|
|
558
565
|
interface RemoveSummary {
|
|
559
566
|
path: string;
|
|
560
567
|
describe: string;
|
|
561
|
-
/** `remove` =
|
|
562
|
-
|
|
563
|
-
|
|
568
|
+
/** `remove` = move to `.aih/legacy/`; `delete` = hard-delete (single-slot `.aih.bak`
|
|
569
|
+
* backup); `absent` = nothing on disk. */
|
|
570
|
+
effect: "remove" | "delete" | "absent";
|
|
571
|
+
/** Repo-relative destination (`.aih/legacy/…` or `<path>.aih.bak`), when present. */
|
|
564
572
|
to?: string;
|
|
565
573
|
}
|
|
566
574
|
interface PlanResult {
|
|
@@ -672,8 +680,13 @@ declare class FsTransaction {
|
|
|
672
680
|
* `.aih/legacy/`). The move IS the backup: rollback (and the user) restore by
|
|
673
681
|
* moving it back. Symlinks are refused at commit (moving a link then restoring it
|
|
674
682
|
* would recreate a regular file). No-op if the source is already gone.
|
|
683
|
+
* `backupSibling` marks a hard-delete destination (`<path>.aih.bak`): still
|
|
684
|
+
* never-overwrite, but a taken slot falls back to `<path>.N.aih.bak` (matches the
|
|
685
|
+
* gitignored `*.aih.bak` glob) instead of the archive's `<path>.N`.
|
|
675
686
|
*/
|
|
676
|
-
stageRemoval(path: string, legacyPath: string
|
|
687
|
+
stageRemoval(path: string, legacyPath: string, opts?: {
|
|
688
|
+
backupSibling?: boolean;
|
|
689
|
+
}): void;
|
|
677
690
|
preview(): ReadonlyArray<StagedWrite>;
|
|
678
691
|
commit(): FsTxnResult;
|
|
679
692
|
}
|
|
@@ -758,7 +771,7 @@ declare function parseCertLines(stdout: string): CertEntry[];
|
|
|
758
771
|
*/
|
|
759
772
|
declare function parsePemBlocks(stdout: string, subject?: string): CertEntry[];
|
|
760
773
|
|
|
761
|
-
declare const VERSION = "0.
|
|
774
|
+
declare const VERSION = "0.4.0";
|
|
762
775
|
/** Build the configured commander program. Imported by both the CLI entry and tests. */
|
|
763
776
|
declare function buildProgram(): Command;
|
|
764
777
|
|
package/dist/index.js
CHANGED
|
@@ -1,133 +1 @@
|
|
|
1
|
-
import {
|
|
2
|
-
ALL_COMMANDS,
|
|
3
|
-
AihError,
|
|
4
|
-
CAPABILITIES,
|
|
5
|
-
ContextDir,
|
|
6
|
-
DirtyWorktreeError,
|
|
7
|
-
FsTransaction,
|
|
8
|
-
FsTxnError,
|
|
9
|
-
MergeError,
|
|
10
|
-
NotImplementedError,
|
|
11
|
-
PathContainmentError,
|
|
12
|
-
PlatformError,
|
|
13
|
-
READONLY,
|
|
14
|
-
SettingsError,
|
|
15
|
-
VERSION,
|
|
16
|
-
VerificationError,
|
|
17
|
-
VerificationReport,
|
|
18
|
-
beginMarker,
|
|
19
|
-
buildProgram,
|
|
20
|
-
deepMerge,
|
|
21
|
-
defaultRunner,
|
|
22
|
-
derBase64ToPem,
|
|
23
|
-
digest,
|
|
24
|
-
doc,
|
|
25
|
-
dynamicDigest,
|
|
26
|
-
endMarker,
|
|
27
|
-
ensureTrailingNewline,
|
|
28
|
-
envBlock,
|
|
29
|
-
exec,
|
|
30
|
-
executePlan,
|
|
31
|
-
fakeRunner,
|
|
32
|
-
formatExport,
|
|
33
|
-
frontmatter,
|
|
34
|
-
indent,
|
|
35
|
-
isPlainObject,
|
|
36
|
-
jsonFile,
|
|
37
|
-
lines,
|
|
38
|
-
loadSettings,
|
|
39
|
-
makeHostAdapter,
|
|
40
|
-
managedBlock,
|
|
41
|
-
missingToolRunner,
|
|
42
|
-
parseCertLines,
|
|
43
|
-
parseFirstInt,
|
|
44
|
-
parseJsoncText,
|
|
45
|
-
parseNvidiaSmi,
|
|
46
|
-
parsePemBlocks,
|
|
47
|
-
plan,
|
|
48
|
-
probe,
|
|
49
|
-
probeMany,
|
|
50
|
-
readIfExists,
|
|
51
|
-
registerCommands,
|
|
52
|
-
remove,
|
|
53
|
-
removeManagedBlock,
|
|
54
|
-
resolveContents,
|
|
55
|
-
resolvePlatform,
|
|
56
|
-
retryTransient,
|
|
57
|
-
safeCaPattern,
|
|
58
|
-
stripTrailingNewlines,
|
|
59
|
-
summarizeResult,
|
|
60
|
-
upsertManagedBlock,
|
|
61
|
-
upsertTextBlock,
|
|
62
|
-
vdiFromEnv,
|
|
63
|
-
writeArtifact,
|
|
64
|
-
writeJson,
|
|
65
|
-
writeText
|
|
66
|
-
} from "./chunk-7GVBGS5N.js";
|
|
67
|
-
export {
|
|
68
|
-
ALL_COMMANDS,
|
|
69
|
-
AihError,
|
|
70
|
-
CAPABILITIES,
|
|
71
|
-
ContextDir,
|
|
72
|
-
DirtyWorktreeError,
|
|
73
|
-
FsTransaction,
|
|
74
|
-
FsTxnError,
|
|
75
|
-
MergeError,
|
|
76
|
-
NotImplementedError,
|
|
77
|
-
PathContainmentError,
|
|
78
|
-
PlatformError,
|
|
79
|
-
READONLY,
|
|
80
|
-
SettingsError,
|
|
81
|
-
VERSION,
|
|
82
|
-
VerificationError,
|
|
83
|
-
VerificationReport,
|
|
84
|
-
beginMarker,
|
|
85
|
-
buildProgram,
|
|
86
|
-
deepMerge,
|
|
87
|
-
defaultRunner,
|
|
88
|
-
derBase64ToPem,
|
|
89
|
-
digest,
|
|
90
|
-
doc,
|
|
91
|
-
dynamicDigest,
|
|
92
|
-
endMarker,
|
|
93
|
-
ensureTrailingNewline,
|
|
94
|
-
envBlock,
|
|
95
|
-
exec,
|
|
96
|
-
executePlan,
|
|
97
|
-
fakeRunner,
|
|
98
|
-
formatExport,
|
|
99
|
-
frontmatter,
|
|
100
|
-
indent,
|
|
101
|
-
isPlainObject,
|
|
102
|
-
jsonFile,
|
|
103
|
-
lines,
|
|
104
|
-
loadSettings,
|
|
105
|
-
makeHostAdapter,
|
|
106
|
-
managedBlock,
|
|
107
|
-
missingToolRunner,
|
|
108
|
-
parseCertLines,
|
|
109
|
-
parseFirstInt,
|
|
110
|
-
parseJsoncText,
|
|
111
|
-
parseNvidiaSmi,
|
|
112
|
-
parsePemBlocks,
|
|
113
|
-
plan,
|
|
114
|
-
probe,
|
|
115
|
-
probeMany,
|
|
116
|
-
readIfExists,
|
|
117
|
-
registerCommands,
|
|
118
|
-
remove,
|
|
119
|
-
removeManagedBlock,
|
|
120
|
-
resolveContents,
|
|
121
|
-
resolvePlatform,
|
|
122
|
-
retryTransient,
|
|
123
|
-
safeCaPattern,
|
|
124
|
-
stripTrailingNewlines,
|
|
125
|
-
summarizeResult,
|
|
126
|
-
upsertManagedBlock,
|
|
127
|
-
upsertTextBlock,
|
|
128
|
-
vdiFromEnv,
|
|
129
|
-
writeArtifact,
|
|
130
|
-
writeJson,
|
|
131
|
-
writeText
|
|
132
|
-
};
|
|
133
|
-
//# sourceMappingURL=index.js.map
|
|
1
|
+
import{$ as fr,A as Y,B as _,C as c,D as h,E as j,F as k,G as q,H as v,I as w,J as y,K as z,L as F,M as G,N as H,O as J,P as K,Q,R as U,S as W,T as X,U as Z,V as $,W as rr,X as or,Y as mr,Z as er,_ as tr,a as p,aa as pr,b as x,ba as xr,c as A,ca as Ar,d as I,da as Ir,e as L,ea as r,f as C,fa as o,g as E,ga as m,h as N,ha as e,i as O,ia as t,j as S,ja as f,k as a,l as d,m as g,n as i,o as s,p as D,q as M,r as P,s as R,t as b,u as l,v as n,w as u,x as B,y as T,z as V}from"./chunk-2N5U3KQN.js";export{m as ALL_COMMANDS,p as AihError,r as CAPABILITIES,g as ContextDir,O as DirtyWorktreeError,a as FsTransaction,I as FsTxnError,E as MergeError,C as NotImplementedError,N as PathContainmentError,A as PlatformError,o as READONLY,x as SettingsError,t as VERSION,L as VerificationError,K as VerificationReport,k as beginMarker,f as buildProgram,J as deepMerge,Z as defaultRunner,or as derBase64ToPem,P as digest,M as doc,R as dynamicDigest,q as endMarker,j as ensureTrailingNewline,u as envBlock,n as exec,W as executePlan,$ as fakeRunner,w as formatExport,c as frontmatter,_ as indent,H as isPlainObject,h as jsonFile,Y as lines,i as loadSettings,Ir as makeHostAdapter,v as managedBlock,rr as missingToolRunner,pr as parseCertLines,tr as parseFirstInt,G as parseJsoncText,fr as parseNvidiaSmi,xr as parsePemBlocks,T as plan,b as probe,l as probeMany,d as readIfExists,e as registerCommands,B as remove,F as removeManagedBlock,U as resolveContents,Ar as resolvePlatform,S as retryTransient,mr as safeCaPattern,V as stripTrailingNewlines,X as summarizeResult,y as upsertManagedBlock,z as upsertTextBlock,er as vdiFromEnv,Q as writeArtifact,D as writeJson,s as writeText};
|