@aihq/harness 0.4.0 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -1
- package/dist/{chunk-2N5U3KQN.js → chunk-75FWB266.js} +200 -166
- package/dist/cli.js +1 -1
- package/dist/index.d.ts +13 -6
- package/dist/index.js +1 -1
- package/package.json +1 -1
package/dist/cli.js
CHANGED
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
|
-
import{ja as s}from"./chunk-
|
|
2
|
+
import{ja as s}from"./chunk-75FWB266.js";s().parseAsync(process.argv).catch(r=>{process.stderr.write(`fatal: ${r instanceof Error?r.message:String(r)}
|
|
3
3
|
`),process.exitCode=1});
|
package/dist/index.d.ts
CHANGED
|
@@ -186,7 +186,7 @@ type Verdict = "pass" | "fail" | "skip";
|
|
|
186
186
|
* sealed: a new failure mode means a new member here PLUS the `code` set at the
|
|
187
187
|
* emitter; never derive a code by matching `detail`.
|
|
188
188
|
*/
|
|
189
|
-
type CheckCode = "env.node-runtime" | "env.git-missing" | "env.dev-tool-missing" | "env.tool-install-blocked" | "cert.ca-missing" | "tls.verify-failed" | "npm.runtime-broken" | "path.missing" | "mcp.blocked" | "mcp.uv-missing" | "mcp.config-missing" | "mcp.unvendored-offline" | "mcp.policy-denied" | "mcp.hardcoded-secret" | "mcp.allowlist-drift" | "cli.not-detected" | "cli.config-only" | "cli.bootloader-missing" | "cli.bootloader-drift" | "cli.wont-load" | "canon.router-missing" | "canon.context-dir-missing" | "canon.lint-failed" | "canon.adoptable" | "canon.cli-native-unmigrated" | "secrets.plaintext-detected" | "guardrails.gitleaks-missing" | "usage.no-data" | "scale.code-review-graph-missing" | "contract.path-unportable" | "contract.stale" | "org-policy.drift" | "report.context-over-budget" | "report.low-adoption" | "report.contract-untrue" | "ready.blocked" | "trust.fetch-blocked" | "trust.detector-unavailable" | "trust.hidden-unicode" | "trust.prompt-injection" | "trust.source-changed" | "trust.auto-exec-hook" | "trust.dependency-confusion" | "trust.typosquat" | "trust.malicious-code" | "trust.source-drift" | "trust.unpinned-dependency" | "trust.untrusted-publisher" | "trust.unsigned-source" | "trust.license-missing";
|
|
189
|
+
type CheckCode = "env.node-runtime" | "env.git-missing" | "env.dev-tool-missing" | "env.tool-install-blocked" | "cert.ca-missing" | "tls.verify-failed" | "npm.runtime-broken" | "path.missing" | "mcp.blocked" | "mcp.uv-missing" | "mcp.config-missing" | "mcp.unvendored-offline" | "mcp.policy-denied" | "mcp.hardcoded-secret" | "mcp.allowlist-drift" | "cli.not-detected" | "cli.config-only" | "cli.bootloader-missing" | "cli.bootloader-drift" | "cli.wont-load" | "canon.router-missing" | "canon.context-dir-missing" | "canon.lint-failed" | "canon.adoptable" | "canon.cli-native-unmigrated" | "secrets.plaintext-detected" | "guardrails.gitleaks-missing" | "usage.no-data" | "scale.code-review-graph-missing" | "contract.path-unportable" | "contract.stale" | "org-policy.drift" | "report.context-over-budget" | "report.low-adoption" | "report.contract-untrue" | "ready.blocked" | "trust.fetch-blocked" | "trust.detector-unavailable" | "trust.hidden-unicode" | "trust.prompt-injection" | "trust.source-changed" | "trust.auto-exec-hook" | "trust.dependency-confusion" | "trust.typosquat" | "trust.malicious-code" | "trust.source-drift" | "trust.unpinned-dependency" | "trust.untrusted-publisher" | "trust.unsigned-source" | "trust.license-missing" | "trust.unapproved-skill" | "pack.duplicate-name" | "pack.pin-mismatch" | "pack.missing-approval" | "pack.unknown-manifest";
|
|
190
190
|
interface Check {
|
|
191
191
|
name: string;
|
|
192
192
|
verdict: Verdict;
|
|
@@ -352,14 +352,18 @@ interface DigestAction {
|
|
|
352
352
|
}
|
|
353
353
|
/**
|
|
354
354
|
* Remove a repo-LOCAL file or directory that aih exclusively owns — aih's only
|
|
355
|
-
* destructive action.
|
|
355
|
+
* destructive action. Three emitters: `aih prune` (artifacts its detection proved
|
|
356
356
|
* aih-owned — a per-CLI adapter note, a kiro steering/hook extra — once the CLI is
|
|
357
|
-
* dropped)
|
|
358
|
-
* directory + committed card)
|
|
357
|
+
* dropped), `aih skill remove` (a user-directed removal of an installed skill's
|
|
358
|
+
* directory + committed card), and `aih skill quarantine` (the same reversible move,
|
|
359
|
+
* but into `.aih/quarantine/` with the skill's approval kept). The executor fails
|
|
360
|
+
* closed: mandatory {@link assertContained} on the raw
|
|
359
361
|
* path (no `external` field exists, so a global `~/home` file is structurally
|
|
360
362
|
* unreachable), a symlink guard, and a backup before unlink. By default it MOVES the
|
|
361
363
|
* file to gitignored `.aih/legacy/<path>` (reversible; occupied destinations are never
|
|
362
|
-
* overwritten)
|
|
364
|
+
* overwritten); `archiveRoot` picks `.aih/quarantine/` instead, with the identical
|
|
365
|
+
* containment/symlink/never-overwrite machinery. Under `hardDelete` it instead renames
|
|
366
|
+
* to the sibling `<path>.aih.bak`
|
|
363
367
|
* — the same single-slot, latest-wins backup every aih write gets — for users who
|
|
364
368
|
* explicitly opt out of the archive.
|
|
365
369
|
*/
|
|
@@ -370,6 +374,8 @@ interface RemoveAction {
|
|
|
370
374
|
describe: string;
|
|
371
375
|
/** Opt-in: single-slot `<path>.aih.bak` rename instead of the `.aih/legacy/` archive. */
|
|
372
376
|
hardDelete?: boolean;
|
|
377
|
+
/** Archive root for the reversible move. Closed union — never an arbitrary path. */
|
|
378
|
+
archiveRoot?: ".aih/legacy" | ".aih/quarantine";
|
|
373
379
|
}
|
|
374
380
|
type Action = WriteAction | DocAction | ProbeAction | ExecAction | EnvBlockAction | DigestAction | RemoveAction;
|
|
375
381
|
interface Plan {
|
|
@@ -478,6 +484,7 @@ declare function exec(describe: string, argv: string[], opts?: {
|
|
|
478
484
|
declare function envBlock(path: string, scope: string, shell: EnvShell, vars: EnvVar[], describe: string): EnvBlockAction;
|
|
479
485
|
declare function remove(path: string, describe: string, opts?: {
|
|
480
486
|
hardDelete?: boolean;
|
|
487
|
+
archiveRoot?: RemoveAction["archiveRoot"];
|
|
481
488
|
}): RemoveAction;
|
|
482
489
|
declare function plan(capability: string, ...actions: Action[]): Plan;
|
|
483
490
|
|
|
@@ -771,7 +778,7 @@ declare function parseCertLines(stdout: string): CertEntry[];
|
|
|
771
778
|
*/
|
|
772
779
|
declare function parsePemBlocks(stdout: string, subject?: string): CertEntry[];
|
|
773
780
|
|
|
774
|
-
declare const VERSION = "0.
|
|
781
|
+
declare const VERSION = "0.5.0";
|
|
775
782
|
/** Build the configured commander program. Imported by both the CLI entry and tests. */
|
|
776
783
|
declare function buildProgram(): Command;
|
|
777
784
|
|
package/dist/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
import{$ as fr,A as Y,B as _,C as c,D as h,E as j,F as k,G as q,H as v,I as w,J as y,K as z,L as F,M as G,N as H,O as J,P as K,Q,R as U,S as W,T as X,U as Z,V as $,W as rr,X as or,Y as mr,Z as er,_ as tr,a as p,aa as pr,b as x,ba as xr,c as A,ca as Ar,d as I,da as Ir,e as L,ea as r,f as C,fa as o,g as E,ga as m,h as N,ha as e,i as O,ia as t,j as S,ja as f,k as a,l as d,m as g,n as i,o as s,p as D,q as M,r as P,s as R,t as b,u as l,v as n,w as u,x as B,y as T,z as V}from"./chunk-
|
|
1
|
+
import{$ as fr,A as Y,B as _,C as c,D as h,E as j,F as k,G as q,H as v,I as w,J as y,K as z,L as F,M as G,N as H,O as J,P as K,Q,R as U,S as W,T as X,U as Z,V as $,W as rr,X as or,Y as mr,Z as er,_ as tr,a as p,aa as pr,b as x,ba as xr,c as A,ca as Ar,d as I,da as Ir,e as L,ea as r,f as C,fa as o,g as E,ga as m,h as N,ha as e,i as O,ia as t,j as S,ja as f,k as a,l as d,m as g,n as i,o as s,p as D,q as M,r as P,s as R,t as b,u as l,v as n,w as u,x as B,y as T,z as V}from"./chunk-75FWB266.js";export{m as ALL_COMMANDS,p as AihError,r as CAPABILITIES,g as ContextDir,O as DirtyWorktreeError,a as FsTransaction,I as FsTxnError,E as MergeError,C as NotImplementedError,N as PathContainmentError,A as PlatformError,o as READONLY,x as SettingsError,t as VERSION,L as VerificationError,K as VerificationReport,k as beginMarker,f as buildProgram,J as deepMerge,Z as defaultRunner,or as derBase64ToPem,P as digest,M as doc,R as dynamicDigest,q as endMarker,j as ensureTrailingNewline,u as envBlock,n as exec,W as executePlan,$ as fakeRunner,w as formatExport,c as frontmatter,_ as indent,H as isPlainObject,h as jsonFile,Y as lines,i as loadSettings,Ir as makeHostAdapter,v as managedBlock,rr as missingToolRunner,pr as parseCertLines,tr as parseFirstInt,G as parseJsoncText,fr as parseNvidiaSmi,xr as parsePemBlocks,T as plan,b as probe,l as probeMany,d as readIfExists,e as registerCommands,B as remove,F as removeManagedBlock,U as resolveContents,Ar as resolvePlatform,S as retryTransient,mr as safeCaPattern,V as stripTrailingNewlines,X as summarizeResult,y as upsertManagedBlock,z as upsertTextBlock,er as vdiFromEnv,Q as writeArtifact,D as writeJson,s as writeText};
|