@connexum/ai-governance 1.0.0-beta.25 → 1.0.0-beta.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/index.d.ts +21 -0
- package/dist/cli/index.d.ts.map +1 -1
- package/dist/cli/index.js +83 -21
- package/dist/cli/index.js.map +1 -1
- package/dist/esm/cli/index.js +81 -21
- package/dist/esm/cli/index.js.map +1 -1
- package/package.json +1 -1
package/dist/cli/index.d.ts
CHANGED
|
@@ -116,6 +116,18 @@ export interface GovernanceJsonConfig {
|
|
|
116
116
|
*/
|
|
117
117
|
export declare function readLicenseServerUrl(projectDir: string): string;
|
|
118
118
|
export declare function generateConfig(packs: string[], license: LicenseInfo, licenseServerUrl?: string, runtime?: GovernanceJsonConfig['runtime']): GovernanceJsonConfig;
|
|
119
|
+
/**
|
|
120
|
+
* Carry per-agent identity fields forward when `generateConfig`'s fresh object is
|
|
121
|
+
* about to overwrite an existing `.governance.json` (Thomas 2026-06-12).
|
|
122
|
+
*
|
|
123
|
+
* `generateConfig` does not know about `agents[]` (the per-agent identity entries:
|
|
124
|
+
* localId/agentId/passportId/serviceToken/filePath) or `runtime.agentDir`. Writing
|
|
125
|
+
* its output verbatim drops both, and `sync` then falls back to the single
|
|
126
|
+
* `runtime.agentId` — injecting governance into ONE agent's folder instead of the
|
|
127
|
+
* whole fleet. This read-modify guard copies those fields from the prior file into
|
|
128
|
+
* the new config so they survive the rewrite regardless of step ordering.
|
|
129
|
+
*/
|
|
130
|
+
export declare function carryForwardPerAgentIdentity(config: GovernanceJsonConfig, configPath: string): void;
|
|
119
131
|
/**
|
|
120
132
|
* P0 install-safety guard. Governance is a PROJECT-LOCAL install: hooks are
|
|
121
133
|
* written to `<projectDir>/.claude/settings.json`. If `init` runs from the
|
|
@@ -149,6 +161,15 @@ export declare function installHooks(projectDir: string, config: GovernanceJsonC
|
|
|
149
161
|
*
|
|
150
162
|
* Idempotent and non-throwing on a project with nothing installed.
|
|
151
163
|
*/
|
|
164
|
+
/**
|
|
165
|
+
* Recursively remove per-agent generated runtime — every `*.governed.json` shim
|
|
166
|
+
* and every `.connexum/` folder — under `rootDir`, at any depth, so fleets whose
|
|
167
|
+
* agents are nested multiple directory layers deep are fully cleaned. Bounded to
|
|
168
|
+
* `maxDepth` levels and prunes dot-directories (`.git`, `.governance`, `.claude`,
|
|
169
|
+
* …) and `node_modules` so it never walks an arbitrarily large tree. `.connexum`
|
|
170
|
+
* folders are removed (not descended into). Agent source files are untouched.
|
|
171
|
+
*/
|
|
172
|
+
export declare function removePerAgentRuntime(rootDir: string, rm: (p: string) => void, maxDepth?: number): void;
|
|
152
173
|
export declare function uninstallGovernance(projectDir: string, opts?: {
|
|
153
174
|
purge?: boolean;
|
|
154
175
|
}): {
|
package/dist/cli/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;GAYG;AAMH,OAAO,KAAK,QAAQ,MAAM,UAAU,CAAC;AAIrC,OAAO,EAAsB,KAAK,aAAa,EAAE,MAAM,qBAAqB,CAAC;AA4D7E,MAAM,WAAW,wBAAwB;IACvC,EAAE,EAAE,OAAO,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAE7D;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,UAAU,EAAE,MAAM,EAClB,gBAAgB,SAA6B,GAC5C,OAAO,CAAC,wBAAwB,CAAC,CAwEnC;AAWD;;;GAGG;AACH,wBAAsB,iBAAiB,CACrC,UAAU,EAAE,MAAM,EAClB,IAAI,GAAE;IACJ,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,EAAE,CAAC,EAAE,QAAQ,CAAC,SAAS,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CACtB,GACL,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,QAAQ,CAAA;CAAE,GAAG,IAAI,CAAC,CA2EhF;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,mBAAmB,UAAQ,GAAG,IAAI,CAsBjH;AAmDD,MAAM,MAAM,WAAW,GACnB,aAAa,GACb,QAAQ,GACR,UAAU,GACV,MAAM,GACN,OAAO,GACP,QAAQ,GACR,SAAS,GACT,OAAO,GACP,SAAS,CAAC;AAEd,wBAAgB,SAAS,CAAC,UAAU,EAAE,MAAM,GAAG,WAAW,CA2BzD;AAkBD,UAAU,WAAW;IACnB,IAAI,EAAE,MAAM,GAAG,SAAS,GAAG,cAAc,GAAG,YAAY,CAAC;IACzD,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAyDD;;;;;;GAMG;AACH,wBAAgB,qBAAqB,CAAC,GAAG,EAAE,MAAM,GAAG,WAAW,GAAG,IAAI,CAyCrE;AAsBD,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,SAAS,EAAE;QACT,OAAO,EAAE,MAAM,EAAE,CAAC;QAClB,OAAO,EAAE,MAAM,EAAE,CAAC;KACnB,CAAC;IACF,KAAK,EAAE;QACL,UAAU,EAAE,MAAM,EAAE,CAAC;QACrB,WAAW,EAAE,MAAM,EAAE,CAAC;KACvB,CAAC;IACF,KAAK,EAAE;QACL,OAAO,EAAE,OAAO,CAAC;QACjB,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC;IACF,UAAU,EAAE;QACV,OAAO,EAAE,OAAO,CAAC;QACjB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,kFAAkF;IAClF,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B;;;;;;;;OAQG;IACH,OAAO,CAAC,EAAE;QACR,YAAY,EAAE,MAAM,CAAC;QACrB,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,yEAAyE;QACzE,YAAY,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAS/D;AAED,wBAAgB,cAAc,CAC5B,KAAK,EAAE,MAAM,EAAE,EACf,OAAO,EAAE,WAAW,EACpB,gBAAgB,CAAC,EAAE,MAAM,EACzB,OAAO,CAAC,EAAE,oBAAoB,CAAC,SAAS,CAAC,GACxC,oBAAoB,CA8BtB;AAID;;;;;;;;;;;;GAYG;AACH,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAgC7D;AAED,wBAAgB,YAAY,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,oBAAoB,GAAG;IAAE,SAAS,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,CA2EtH;AAsFD;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,mBAAmB,CACjC,UAAU,EAAE,MAAM,EAClB,IAAI,GAAE;IAAE,KAAK,CAAC,EAAE,OAAO,CAAA;CAAO,GAC7B;IAAE,YAAY,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,EAAE,CAAC;IAAC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;CAAE,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;GAYG;AAMH,OAAO,KAAK,QAAQ,MAAM,UAAU,CAAC;AAIrC,OAAO,EAAsB,KAAK,aAAa,EAAE,MAAM,qBAAqB,CAAC;AA4D7E,MAAM,WAAW,wBAAwB;IACvC,EAAE,EAAE,OAAO,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAE7D;AAED;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,UAAU,EAAE,MAAM,EAClB,gBAAgB,SAA6B,GAC5C,OAAO,CAAC,wBAAwB,CAAC,CAwEnC;AAWD;;;GAGG;AACH,wBAAsB,iBAAiB,CACrC,UAAU,EAAE,MAAM,EAClB,IAAI,GAAE;IACJ,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,EAAE,CAAC,EAAE,QAAQ,CAAC,SAAS,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CACtB,GACL,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,QAAQ,CAAA;CAAE,GAAG,IAAI,CAAC,CA2EhF;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,mBAAmB,UAAQ,GAAG,IAAI,CAsBjH;AAmDD,MAAM,MAAM,WAAW,GACnB,aAAa,GACb,QAAQ,GACR,UAAU,GACV,MAAM,GACN,OAAO,GACP,QAAQ,GACR,SAAS,GACT,OAAO,GACP,SAAS,CAAC;AAEd,wBAAgB,SAAS,CAAC,UAAU,EAAE,MAAM,GAAG,WAAW,CA2BzD;AAkBD,UAAU,WAAW;IACnB,IAAI,EAAE,MAAM,GAAG,SAAS,GAAG,cAAc,GAAG,YAAY,CAAC;IACzD,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAyDD;;;;;;GAMG;AACH,wBAAgB,qBAAqB,CAAC,GAAG,EAAE,MAAM,GAAG,WAAW,GAAG,IAAI,CAyCrE;AAsBD,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,SAAS,EAAE;QACT,OAAO,EAAE,MAAM,EAAE,CAAC;QAClB,OAAO,EAAE,MAAM,EAAE,CAAC;KACnB,CAAC;IACF,KAAK,EAAE;QACL,UAAU,EAAE,MAAM,EAAE,CAAC;QACrB,WAAW,EAAE,MAAM,EAAE,CAAC;KACvB,CAAC;IACF,KAAK,EAAE;QACL,OAAO,EAAE,OAAO,CAAC;QACjB,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC;IACF,UAAU,EAAE;QACV,OAAO,EAAE,OAAO,CAAC;QACjB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,kFAAkF;IAClF,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B;;;;;;;;OAQG;IACH,OAAO,CAAC,EAAE;QACR,YAAY,EAAE,MAAM,CAAC;QACrB,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,yEAAyE;QACzE,YAAY,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAS/D;AAED,wBAAgB,cAAc,CAC5B,KAAK,EAAE,MAAM,EAAE,EACf,OAAO,EAAE,WAAW,EACpB,gBAAgB,CAAC,EAAE,MAAM,EACzB,OAAO,CAAC,EAAE,oBAAoB,CAAC,SAAS,CAAC,GACxC,oBAAoB,CA8BtB;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,4BAA4B,CAC1C,MAAM,EAAE,oBAAoB,EAC5B,UAAU,EAAE,MAAM,GACjB,IAAI,CAgBN;AAID;;;;;;;;;;;;GAYG;AACH,wBAAgB,oBAAoB,CAAC,UAAU,EAAE,MAAM,GAAG,IAAI,CAgC7D;AAED,wBAAgB,YAAY,CAAC,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,oBAAoB,GAAG;IAAE,SAAS,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,EAAE,CAAA;CAAE,CA2EtH;AAsFD;;;;;;;;;;;;;;GAcG;AAEH;;;;;;;GAOG;AACH,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,MAAM,EACf,EAAE,EAAE,CAAC,CAAC,EAAE,MAAM,KAAK,IAAI,EACvB,QAAQ,SAAI,GACX,IAAI,CAuBN;AAED,wBAAgB,mBAAmB,CACjC,UAAU,EAAE,MAAM,EAClB,IAAI,GAAE;IAAE,KAAK,CAAC,EAAE,OAAO,CAAA;CAAO,GAC7B;IAAE,YAAY,EAAE,MAAM,CAAC;IAAC,YAAY,EAAE,MAAM,EAAE,CAAC;IAAC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAA;CAAE,CAiLjF;AAmmBD,6EAA6E;AAC7E,MAAM,WAAW,oBAAoB;IACnC,UAAU,EAAE;QACV,aAAa,EAAE,MAAM,EAAE,CAAC;QACxB,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC;IACF,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IAC1B,QAAQ,EAAE;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,oFAAoF;AACpF,wBAAgB,wBAAwB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,EAAE,CAwFrE;AAED,8FAA8F;AAC9F,wBAAgB,2BAA2B,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAmEtE;AAED;;;GAGG;AACH,wBAAgB,0BAA0B,CAAC,UAAU,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,MAAM,CA4CtF;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CAqC9D;AAED,0EAA0E;AAC1E,wBAAgB,yBAAyB,CAAC,UAAU,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,IAAI,CA0DnF;AAED;;;GAGG;AACH,wBAAgB,yBAAyB,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,CAkCvF;AAMD;;;;GAIG;AACH,MAAM,WAAW,qBAAqB;IACpC,oEAAoE;IACpE,OAAO,EAAE,MAAM,CAAC;IAChB,kCAAkC;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,mFAAmF;IACnF,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B;;;OAGG;IACH,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,mEAAmE;IACnE,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,4BAA4B;IAC3C,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;CAC7B;AAED;;;GAGG;AACH,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AACH,wBAAgB,uBAAuB,CACrC,UAAU,EAAE,MAAM,EAClB,UAAU,EAAE,4BAA4B,EAAE,EAC1C,WAAW,EAAE,aAAa,EAAE,EAC5B,IAAI,GAAE;IACJ;;;;;;;OAOG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;CACd,GACL,IAAI,CAmEN;AAGD,wBAAsB,kBAAkB,CACtC,UAAU,EAAE,MAAM,EAClB,IAAI,EAAE;IACJ,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,OAAO,CAAC,EAAE,oBAAoB,CAAC,SAAS,CAAC,CAAC;IAC1C,+EAA+E;IAC/E,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,GACA,OAAO,CAAC,IAAI,CAAC,CAmEf;AAuED;;;;;;;;;;;GAWG;AACH;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,MAAM,EAAE,OAAO,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,SAAS,GAAG,UAAU,GAAG,cAAc,CAAA;KAAE,CAAC,CAAC;IACzG,MAAM,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CAChD;AAED,wBAAgB,cAAc,CAAC,IAAI,EAAE;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,MAAM,EAAE,OAAO,CAAC;IAChB,GAAG,CAAC,EAAE,IAAI,CAAC;CACZ,GAAG,oBAAoB,CA0DvB;AAED,wBAAgB,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,GAAG,IAAI,CA6QrE;AA6JD;;;;;;;;;;GAUG;AACH,wBAAgB,yBAAyB,CACvC,QAAQ,EAAE,MAAM,EAChB,cAAc,EAAE,aAAa,EAAE,EAC/B,UAAU,EAAE,MAAM,GACjB,IAAI,CA0GN"}
|
package/dist/cli/index.js
CHANGED
|
@@ -55,8 +55,10 @@ exports.detectIde = detectIde;
|
|
|
55
55
|
exports.validateLegacyLicense = validateLegacyLicense;
|
|
56
56
|
exports.readLicenseServerUrl = readLicenseServerUrl;
|
|
57
57
|
exports.generateConfig = generateConfig;
|
|
58
|
+
exports.carryForwardPerAgentIdentity = carryForwardPerAgentIdentity;
|
|
58
59
|
exports.assertSafeInstallDir = assertSafeInstallDir;
|
|
59
60
|
exports.installHooks = installHooks;
|
|
61
|
+
exports.removePerAgentRuntime = removePerAgentRuntime;
|
|
60
62
|
exports.uninstallGovernance = uninstallGovernance;
|
|
61
63
|
exports.writeClaudeSlashCommands = writeClaudeSlashCommands;
|
|
62
64
|
exports.writeGovernanceScannerAgent = writeGovernanceScannerAgent;
|
|
@@ -546,6 +548,36 @@ function generateConfig(packs, license, licenseServerUrl, runtime) {
|
|
|
546
548
|
createdAt: new Date().toISOString(),
|
|
547
549
|
};
|
|
548
550
|
}
|
|
551
|
+
/**
|
|
552
|
+
* Carry per-agent identity fields forward when `generateConfig`'s fresh object is
|
|
553
|
+
* about to overwrite an existing `.governance.json` (Thomas 2026-06-12).
|
|
554
|
+
*
|
|
555
|
+
* `generateConfig` does not know about `agents[]` (the per-agent identity entries:
|
|
556
|
+
* localId/agentId/passportId/serviceToken/filePath) or `runtime.agentDir`. Writing
|
|
557
|
+
* its output verbatim drops both, and `sync` then falls back to the single
|
|
558
|
+
* `runtime.agentId` — injecting governance into ONE agent's folder instead of the
|
|
559
|
+
* whole fleet. This read-modify guard copies those fields from the prior file into
|
|
560
|
+
* the new config so they survive the rewrite regardless of step ordering.
|
|
561
|
+
*/
|
|
562
|
+
function carryForwardPerAgentIdentity(config, configPath) {
|
|
563
|
+
if (!fs.existsSync(configPath))
|
|
564
|
+
return;
|
|
565
|
+
let prior;
|
|
566
|
+
try {
|
|
567
|
+
prior = JSON.parse(fs.readFileSync(configPath, 'utf-8'));
|
|
568
|
+
}
|
|
569
|
+
catch {
|
|
570
|
+
return; // unreadable prior config — keep the fresh one
|
|
571
|
+
}
|
|
572
|
+
const cfgRec = config;
|
|
573
|
+
if (Array.isArray(prior.agents) && prior.agents.length > 0) {
|
|
574
|
+
cfgRec['agents'] = prior.agents;
|
|
575
|
+
}
|
|
576
|
+
const priorAgentDir = prior.runtime?.agentDir;
|
|
577
|
+
if (typeof priorAgentDir === 'string' && config.runtime) {
|
|
578
|
+
config.runtime['agentDir'] = priorAgentDir;
|
|
579
|
+
}
|
|
580
|
+
}
|
|
549
581
|
// --- Hook installation ---
|
|
550
582
|
/**
|
|
551
583
|
* P0 install-safety guard. Governance is a PROJECT-LOCAL install: hooks are
|
|
@@ -744,6 +776,42 @@ function installClaudeCodeSettings(projectDir, config, hooksDestDir) {
|
|
|
744
776
|
*
|
|
745
777
|
* Idempotent and non-throwing on a project with nothing installed.
|
|
746
778
|
*/
|
|
779
|
+
/**
|
|
780
|
+
* Recursively remove per-agent generated runtime — every `*.governed.json` shim
|
|
781
|
+
* and every `.connexum/` folder — under `rootDir`, at any depth, so fleets whose
|
|
782
|
+
* agents are nested multiple directory layers deep are fully cleaned. Bounded to
|
|
783
|
+
* `maxDepth` levels and prunes dot-directories (`.git`, `.governance`, `.claude`,
|
|
784
|
+
* …) and `node_modules` so it never walks an arbitrarily large tree. `.connexum`
|
|
785
|
+
* folders are removed (not descended into). Agent source files are untouched.
|
|
786
|
+
*/
|
|
787
|
+
function removePerAgentRuntime(rootDir, rm, maxDepth = 8) {
|
|
788
|
+
const walk = (dir, depth) => {
|
|
789
|
+
let entries;
|
|
790
|
+
try {
|
|
791
|
+
entries = fs.readdirSync(dir, { withFileTypes: true });
|
|
792
|
+
}
|
|
793
|
+
catch {
|
|
794
|
+
return; // unreadable dir — skip, never fail the uninstall
|
|
795
|
+
}
|
|
796
|
+
for (const e of entries) {
|
|
797
|
+
const full = path.join(dir, e.name);
|
|
798
|
+
if (e.isDirectory()) {
|
|
799
|
+
if (e.name === '.connexum') {
|
|
800
|
+
rm(full); // remove the per-agent runtime folder; do not descend
|
|
801
|
+
continue;
|
|
802
|
+
}
|
|
803
|
+
if (e.name.startsWith('.') || e.name === 'node_modules')
|
|
804
|
+
continue;
|
|
805
|
+
if (depth < maxDepth)
|
|
806
|
+
walk(full, depth + 1);
|
|
807
|
+
}
|
|
808
|
+
else if (e.name.endsWith('.governed.json')) {
|
|
809
|
+
rm(full);
|
|
810
|
+
}
|
|
811
|
+
}
|
|
812
|
+
};
|
|
813
|
+
walk(rootDir, 0);
|
|
814
|
+
}
|
|
747
815
|
function uninstallGovernance(projectDir, opts = {}) {
|
|
748
816
|
const removedPaths = [];
|
|
749
817
|
let hooksRemoved = 0;
|
|
@@ -832,27 +900,15 @@ function uninstallGovernance(projectDir, opts = {}) {
|
|
|
832
900
|
rmIfExists(path.join(projectDir, '.claude', 'commands', cmd));
|
|
833
901
|
}
|
|
834
902
|
rmIfExists(path.join(projectDir, '.claude', 'agents', 'governance-scanner.md'));
|
|
835
|
-
// Per-agent generated runtime: a bounded
|
|
836
|
-
//
|
|
837
|
-
//
|
|
838
|
-
//
|
|
839
|
-
//
|
|
840
|
-
//
|
|
841
|
-
//
|
|
842
|
-
//
|
|
843
|
-
|
|
844
|
-
for (const entry of fs.readdirSync(projectDir, { withFileTypes: true })) {
|
|
845
|
-
if (!entry.isDirectory() || entry.name.startsWith('.'))
|
|
846
|
-
continue;
|
|
847
|
-
const sub = path.join(projectDir, entry.name);
|
|
848
|
-
for (const f of fs.readdirSync(sub)) {
|
|
849
|
-
if (f.endsWith('.governed.json'))
|
|
850
|
-
rmIfExists(path.join(sub, f));
|
|
851
|
-
}
|
|
852
|
-
rmIfExists(path.join(sub, '.connexum'));
|
|
853
|
-
}
|
|
854
|
-
}
|
|
855
|
-
catch { /* unreadable dir — skip, never fail the uninstall */ }
|
|
903
|
+
// Per-agent generated runtime: a bounded RECURSIVE walk (Thomas 2026-06-12).
|
|
904
|
+
// Removes the legacy `*.governed.json` shims AND the per-agent `.connexum/`
|
|
905
|
+
// folder (identity.json — a 0600 service-token secret — plus governance.json +
|
|
906
|
+
// GOVERNANCE.md) at ANY depth, so fleets whose agents are nested several
|
|
907
|
+
// directory layers deep are fully cleaned (the scan recurses, so uninstall
|
|
908
|
+
// must too — a one-level walk left nested agents' runtime behind). All are
|
|
909
|
+
// regenerated by `init`, so removal is safe; agent source is untouched.
|
|
910
|
+
// Depth-bounded + dot-dir/node_modules-pruned to avoid a pathological walk.
|
|
911
|
+
removePerAgentRuntime(projectDir, rmIfExists);
|
|
856
912
|
// 5. `--purge` ALSO removes the AI-tool governance integration files that `init`
|
|
857
913
|
// generated and that the default uninstall intentionally preserves (Thomas
|
|
858
914
|
// 2026-06-07: "completely remove the runtime locally"). Only governance-
|
|
@@ -1263,6 +1319,12 @@ async function interactiveInit(projectDir, opts = {}) {
|
|
|
1263
1319
|
// Persist licenseServerUrl if it was provided (allows on-prem customers to override the default)
|
|
1264
1320
|
const config = generateConfig(selectedPacks, license, opts.licenseServerUrl, opts.runtime);
|
|
1265
1321
|
const configPath = path.join(projectDir, '.governance.json');
|
|
1322
|
+
// PRESERVE per-agent identity data on rewrite (Thomas 2026-06-12): generateConfig
|
|
1323
|
+
// builds a FRESH object with no agents[] and a runtime that lacks agentDir. If it
|
|
1324
|
+
// runs after the per-agent identity step, it clobbers `agents[]` + `runtime.agentDir`
|
|
1325
|
+
// — leaving sync --apply with only the single runtime.agentId, so it injects ONLY
|
|
1326
|
+
// ONE agent instead of the whole fleet.
|
|
1327
|
+
carryForwardPerAgentIdentity(config, configPath);
|
|
1266
1328
|
fs.writeFileSync(configPath, JSON.stringify(config, null, 2), { mode: 0o600 });
|
|
1267
1329
|
process.stdout.write(`\nConfiguration written to ${configPath}\n`);
|
|
1268
1330
|
// Write vendor code into config (file mode 0600 enforced in writeVendorCodeToConfig)
|