@brickhouse-tech/sync-agents 1.0.1 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +47 -0
  2. package/package.json +6 -6
package/README.md CHANGED
@@ -106,6 +106,16 @@ AGENTS.md is also symlinked to CLAUDE.md so that Claude reads the index natively
106
106
  | `sync` | Create symlinks from `.agents/` into all target directories, and symlink `AGENTS.md` to `CLAUDE.md` |
107
107
  | `watch` | Watch `.agents/` for changes and auto-regenerate `AGENTS.md` |
108
108
  | `import <url>` | Import a rule/skill/workflow from a URL |
109
+ | `pull [--dry-run\|--offline\|--force\|--only NAME\|--global]` | Fetch every `sources.yaml` entry, verify integrity, install into the matching buckets |
110
+ | `update [NAME]` | Re-resolve refs and re-pull entries whose upstream moved; SHA-pinned entries are skipped |
111
+ | `source add <entry>` | Append an entry to `sources.yaml` and pull it |
112
+ | `source remove <name> [--keep]` | Remove the manifest entry and delete the artifact (`--keep` converts it to manual) |
113
+ | `source list [--json]` | Show each entry's local state: `ok` / `outdated` / `modified` / `missing` |
114
+ | `source bundle` | Rebuild `sources.yaml` from installed artifacts' origin metadata |
115
+ | `source detach <name>` | Un-manage an artifact: flip its origin to manual and drop the manifest entry |
116
+ | `quarantine` | List remotely-fetched artifacts awaiting review, with their scan findings |
117
+ | `approve <name>\|--all [--force]` | Promote a quarantined artifact into `.agents/` (`--force` accepts critical findings, recorded in the lock) |
118
+ | `reject <name>\|--all` | Delete a quarantined artifact without installing it |
109
119
  | `git-hook` | Install a pre-commit git hook for auto-sync (`hook` remains as a deprecated alias) |
110
120
  | `inherit <label> <path>` | Add an inheritance link to AGENTS.md |
111
121
  | `inherit --list` | List current inheritance links |
@@ -136,6 +146,7 @@ AGENTS.md is also symlinked to CLAUDE.md so that Claude reads the index natively
136
146
  | `--no-clobber` | (fix only) Skip items that already exist in `.agents/` instead of merging |
137
147
  | `--fix` | (lint only) Amend fixable frontmatter findings in place |
138
148
  | `--no-fix` | (index only) Skip the skill frontmatter backfill |
149
+ | `--trust` | (pull/update only) Bypass the quarantine gate; the scan still runs and prints findings |
139
150
 
140
151
  ## Configuration
141
152
 
@@ -193,6 +204,42 @@ sync-agents lint
193
204
  sync-agents lint --fix
194
205
  ```
195
206
 
207
+ ## Source manifest (pull, lockfile & provenance)
208
+
209
+ Declare upstream rules, skills, workflows — or whole `.agents/` trees — in `.agents/sources.yaml` and install them reproducibly:
210
+
211
+ ```yaml
212
+ version: 1
213
+ sources:
214
+ - skill:anthropic/skill-pack@v1.2.0/skills/code-review
215
+ - rule:my-org/agent-norms@main/rules/security.md
216
+ - tree:my-org/team-agents@v2.0.0 # fans out to every bucket in the upstream .agents/
217
+ ```
218
+
219
+ `sync-agents pull` resolves each ref to a commit SHA via the GitHub API, fetches the repo tarball (cached by SHA under `$XDG_CACHE_HOME/sync-agents/`, no `git` binary needed), verifies a deterministic sha256 content hash against `.agents/sources.lock`, and only then installs — a tampered tarball or corrupted cache aborts before anything is written. Every installed artifact carries provenance (`_origin.json` inside skill dirs, `<name>.origin.json` beside flat files) recording owner/repo/ref/SHA/hash; commit these so clones keep their provenance.
220
+
221
+ Safety rules: locally-edited artifacts are never overwritten without `--force`; a destination without origin metadata is treated as a manual conflict. Private repos use your token (`SYNC_AGENTS_GITHUB_TOKEN` > `GITHUB_TOKEN` > `GH_TOKEN` > `gh auth token`). All commands accept `--global` to operate on `~/.agents/` instead of the project.
222
+
223
+ ```bash
224
+ sync-agents source add skill:anthropic/skill-pack@v1.2.0/skills/code-review
225
+ sync-agents source list # ok / outdated / modified / missing per entry
226
+ sync-agents update # bump tag-tracked entries when upstream moves
227
+ sync-agents pull --offline # cache-only, for CI or airplanes
228
+ ```
229
+
230
+ ## Quarantine (remote content review)
231
+
232
+ Remote installs are treated like a hostile supply chain. By default, everything `pull`/`update` fetches lands in `.agents/.quarantine/` — invisible to `sync` and the index — after a static scan for network-then-execute patterns (`curl | bash`), credential access combined with network calls, obfuscation (long base64, zero-width Unicode), and prompt-injection phrasing aimed at your agent.
233
+
234
+ ```bash
235
+ sync-agents pull # → 1 quarantined (run `sync-agents quarantine`)
236
+ sync-agents quarantine # review findings per artifact
237
+ sync-agents approve code-review # promote into .agents/ (blocked on CRITICAL unless --force)
238
+ sync-agents reject sketchy-rule # delete without installing
239
+ ```
240
+
241
+ Critical findings block `approve`; overriding with `--force` is recorded in `sources.lock` as `approved_with_findings` so the decision is auditable. `--trust` on `pull`/`update` skips the gate for one invocation (findings still print), and `quarantine = off` in `.agents/config` disables it for teams that review via pinned SHAs in PRs instead.
242
+
196
243
  ## ADRs (Architecture Decision Records)
197
244
 
198
245
  ADRs live in `.agents/adrs/` with **status encoded by subdirectory**: `proposed/`, `accepted/`, `denied/`. `add adr <name>` scaffolds into `proposed/`; `sync-agents adr accept|deny|propose <name>` moves a record between statuses (nested grouping subdirs are preserved) and regenerates the index.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@brickhouse-tech/sync-agents",
3
- "version": "1.0.1",
3
+ "version": "1.2.0",
4
4
  "description": "Simple scripts to DRY up common agent interactions across multiple LLM providers.",
5
5
  "keywords": [
6
6
  "agents",
@@ -26,11 +26,11 @@
26
26
  "bin/sync-agents.js"
27
27
  ],
28
28
  "optionalDependencies": {
29
- "@brickhouse-tech/sync-agents-darwin-arm64": "1.0.1",
30
- "@brickhouse-tech/sync-agents-darwin-x64": "1.0.1",
31
- "@brickhouse-tech/sync-agents-linux-arm64": "1.0.1",
32
- "@brickhouse-tech/sync-agents-linux-x64": "1.0.1",
33
- "@brickhouse-tech/sync-agents-win32-x64": "1.0.1"
29
+ "@brickhouse-tech/sync-agents-darwin-arm64": "1.2.0",
30
+ "@brickhouse-tech/sync-agents-darwin-x64": "1.2.0",
31
+ "@brickhouse-tech/sync-agents-linux-arm64": "1.2.0",
32
+ "@brickhouse-tech/sync-agents-linux-x64": "1.2.0",
33
+ "@brickhouse-tech/sync-agents-win32-x64": "1.2.0"
34
34
  },
35
35
  "overrides": {
36
36
  "file-type": ">=22",