@aihq/harness 0.3.1 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +6 -0
- package/dist/{chunk-EAFL7TH3.js → chunk-Z2VMMIMJ.js} +172 -155
- package/dist/cli.js +1 -1
- package/dist/index.d.ts +15 -7
- package/dist/index.js +1 -1
- package/package.json +1 -1
package/dist/cli.js
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
|
-
import{ja as s}from"./chunk-
|
|
2
|
+
import{ja as s}from"./chunk-Z2VMMIMJ.js";s().parseAsync(process.argv).catch(r=>{process.stderr.write(`fatal: ${r instanceof Error?r.message:String(r)}
|
|
3
3
|
`),process.exitCode=1});
|
package/dist/index.d.ts
CHANGED
|
@@ -186,7 +186,7 @@ type Verdict = "pass" | "fail" | "skip";
|
|
|
186
186
|
* sealed: a new failure mode means a new member here PLUS the `code` set at the
|
|
187
187
|
* emitter; never derive a code by matching `detail`.
|
|
188
188
|
*/
|
|
189
|
-
type CheckCode = "env.node-runtime" | "env.git-missing" | "env.dev-tool-missing" | "env.tool-install-blocked" | "cert.ca-missing" | "tls.verify-failed" | "npm.runtime-broken" | "path.missing" | "mcp.blocked" | "mcp.uv-missing" | "mcp.config-missing" | "mcp.unvendored-offline" | "mcp.policy-denied" | "mcp.hardcoded-secret" | "mcp.allowlist-drift" | "cli.not-detected" | "cli.config-only" | "cli.bootloader-missing" | "cli.bootloader-drift" | "cli.wont-load" | "canon.router-missing" | "canon.context-dir-missing" | "canon.lint-failed" | "canon.adoptable" | "canon.cli-native-unmigrated" | "secrets.plaintext-detected" | "guardrails.gitleaks-missing" | "usage.no-data" | "scale.code-review-graph-missing" | "contract.path-unportable" | "contract.stale" | "org-policy.drift" | "report.context-over-budget" | "report.low-adoption" | "report.contract-untrue" | "ready.blocked" | "trust.fetch-blocked" | "trust.detector-unavailable" | "trust.hidden-unicode" | "trust.prompt-injection" | "trust.source-changed" | "trust.auto-exec-hook" | "trust.dependency-confusion" | "trust.typosquat" | "trust.malicious-code" | "trust.source-drift" | "trust.unpinned-dependency" | "trust.untrusted-publisher" | "trust.unsigned-source" | "trust.license-missing";
|
|
189
|
+
type CheckCode = "env.node-runtime" | "env.git-missing" | "env.dev-tool-missing" | "env.tool-install-blocked" | "cert.ca-missing" | "tls.verify-failed" | "npm.runtime-broken" | "path.missing" | "mcp.blocked" | "mcp.uv-missing" | "mcp.config-missing" | "mcp.unvendored-offline" | "mcp.policy-denied" | "mcp.hardcoded-secret" | "mcp.allowlist-drift" | "cli.not-detected" | "cli.config-only" | "cli.bootloader-missing" | "cli.bootloader-drift" | "cli.wont-load" | "canon.router-missing" | "canon.context-dir-missing" | "canon.lint-failed" | "canon.adoptable" | "canon.cli-native-unmigrated" | "secrets.plaintext-detected" | "guardrails.gitleaks-missing" | "usage.no-data" | "scale.code-review-graph-missing" | "contract.path-unportable" | "contract.stale" | "org-policy.drift" | "report.context-over-budget" | "report.low-adoption" | "report.contract-untrue" | "ready.blocked" | "trust.fetch-blocked" | "trust.detector-unavailable" | "trust.hidden-unicode" | "trust.prompt-injection" | "trust.source-changed" | "trust.auto-exec-hook" | "trust.dependency-confusion" | "trust.typosquat" | "trust.malicious-code" | "trust.source-drift" | "trust.unpinned-dependency" | "trust.untrusted-publisher" | "trust.unsigned-source" | "trust.license-missing" | "trust.unapproved-skill";
|
|
190
190
|
interface Check {
|
|
191
191
|
name: string;
|
|
192
192
|
verdict: Verdict;
|
|
@@ -351,14 +351,19 @@ interface DigestAction {
|
|
|
351
351
|
};
|
|
352
352
|
}
|
|
353
353
|
/**
|
|
354
|
-
* Remove a repo-LOCAL file that aih exclusively owns — aih's only
|
|
355
|
-
* action.
|
|
356
|
-
* aih-owned
|
|
357
|
-
* dropped
|
|
354
|
+
* Remove a repo-LOCAL file or directory that aih exclusively owns — aih's only
|
|
355
|
+
* destructive action. Three emitters: `aih prune` (artifacts its detection proved
|
|
356
|
+
* aih-owned — a per-CLI adapter note, a kiro steering/hook extra — once the CLI is
|
|
357
|
+
* dropped), `aih skill remove` (a user-directed removal of an installed skill's
|
|
358
|
+
* directory + committed card), and `aih skill quarantine` (the same reversible move,
|
|
359
|
+
* but into `.aih/quarantine/` with the skill's approval kept). The executor fails
|
|
360
|
+
* closed: mandatory {@link assertContained} on the raw
|
|
358
361
|
* path (no `external` field exists, so a global `~/home` file is structurally
|
|
359
362
|
* unreachable), a symlink guard, and a backup before unlink. By default it MOVES the
|
|
360
363
|
* file to gitignored `.aih/legacy/<path>` (reversible; occupied destinations are never
|
|
361
|
-
* overwritten)
|
|
364
|
+
* overwritten); `archiveRoot` picks `.aih/quarantine/` instead, with the identical
|
|
365
|
+
* containment/symlink/never-overwrite machinery. Under `hardDelete` it instead renames
|
|
366
|
+
* to the sibling `<path>.aih.bak`
|
|
362
367
|
* — the same single-slot, latest-wins backup every aih write gets — for users who
|
|
363
368
|
* explicitly opt out of the archive.
|
|
364
369
|
*/
|
|
@@ -369,6 +374,8 @@ interface RemoveAction {
|
|
|
369
374
|
describe: string;
|
|
370
375
|
/** Opt-in: single-slot `<path>.aih.bak` rename instead of the `.aih/legacy/` archive. */
|
|
371
376
|
hardDelete?: boolean;
|
|
377
|
+
/** Archive root for the reversible move. Closed union — never an arbitrary path. */
|
|
378
|
+
archiveRoot?: ".aih/legacy" | ".aih/quarantine";
|
|
372
379
|
}
|
|
373
380
|
type Action = WriteAction | DocAction | ProbeAction | ExecAction | EnvBlockAction | DigestAction | RemoveAction;
|
|
374
381
|
interface Plan {
|
|
@@ -477,6 +484,7 @@ declare function exec(describe: string, argv: string[], opts?: {
|
|
|
477
484
|
declare function envBlock(path: string, scope: string, shell: EnvShell, vars: EnvVar[], describe: string): EnvBlockAction;
|
|
478
485
|
declare function remove(path: string, describe: string, opts?: {
|
|
479
486
|
hardDelete?: boolean;
|
|
487
|
+
archiveRoot?: RemoveAction["archiveRoot"];
|
|
480
488
|
}): RemoveAction;
|
|
481
489
|
declare function plan(capability: string, ...actions: Action[]): Plan;
|
|
482
490
|
|
|
@@ -770,7 +778,7 @@ declare function parseCertLines(stdout: string): CertEntry[];
|
|
|
770
778
|
*/
|
|
771
779
|
declare function parsePemBlocks(stdout: string, subject?: string): CertEntry[];
|
|
772
780
|
|
|
773
|
-
declare const VERSION = "0.
|
|
781
|
+
declare const VERSION = "0.4.1";
|
|
774
782
|
/** Build the configured commander program. Imported by both the CLI entry and tests. */
|
|
775
783
|
declare function buildProgram(): Command;
|
|
776
784
|
|
package/dist/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{$ as fr,A as Y,B as _,C as c,D as h,E as j,F as k,G as q,H as v,I as w,J as y,K as z,L as F,M as G,N as H,O as J,P as K,Q,R as U,S as W,T as X,U as Z,V as $,W as rr,X as or,Y as mr,Z as er,_ as tr,a as p,aa as pr,b as x,ba as xr,c as A,ca as Ar,d as I,da as Ir,e as L,ea as r,f as C,fa as o,g as E,ga as m,h as N,ha as e,i as O,ia as t,j as S,ja as f,k as a,l as d,m as g,n as i,o as s,p as D,q as M,r as P,s as R,t as b,u as l,v as n,w as u,x as B,y as T,z as V}from"./chunk-
|
|
1
|
+
import{$ as fr,A as Y,B as _,C as c,D as h,E as j,F as k,G as q,H as v,I as w,J as y,K as z,L as F,M as G,N as H,O as J,P as K,Q,R as U,S as W,T as X,U as Z,V as $,W as rr,X as or,Y as mr,Z as er,_ as tr,a as p,aa as pr,b as x,ba as xr,c as A,ca as Ar,d as I,da as Ir,e as L,ea as r,f as C,fa as o,g as E,ga as m,h as N,ha as e,i as O,ia as t,j as S,ja as f,k as a,l as d,m as g,n as i,o as s,p as D,q as M,r as P,s as R,t as b,u as l,v as n,w as u,x as B,y as T,z as V}from"./chunk-Z2VMMIMJ.js";export{m as ALL_COMMANDS,p as AihError,r as CAPABILITIES,g as ContextDir,O as DirtyWorktreeError,a as FsTransaction,I as FsTxnError,E as MergeError,C as NotImplementedError,N as PathContainmentError,A as PlatformError,o as READONLY,x as SettingsError,t as VERSION,L as VerificationError,K as VerificationReport,k as beginMarker,f as buildProgram,J as deepMerge,Z as defaultRunner,or as derBase64ToPem,P as digest,M as doc,R as dynamicDigest,q as endMarker,j as ensureTrailingNewline,u as envBlock,n as exec,W as executePlan,$ as fakeRunner,w as formatExport,c as frontmatter,_ as indent,H as isPlainObject,h as jsonFile,Y as lines,i as loadSettings,Ir as makeHostAdapter,v as managedBlock,rr as missingToolRunner,pr as parseCertLines,tr as parseFirstInt,G as parseJsoncText,fr as parseNvidiaSmi,xr as parsePemBlocks,T as plan,b as probe,l as probeMany,d as readIfExists,e as registerCommands,B as remove,F as removeManagedBlock,U as resolveContents,Ar as resolvePlatform,S as retryTransient,mr as safeCaPattern,V as stripTrailingNewlines,X as summarizeResult,y as upsertManagedBlock,z as upsertTextBlock,er as vdiFromEnv,Q as writeArtifact,D as writeJson,s as writeText};
|