@datasynx/agentic-ai-cartography 2.6.0 → 2.8.0

package/dist/cli.js

@@ -11,12 +11,12 @@ import {
   runDrift,
   runLocalDiscovery,
   startMcp
-} from "./chunk-X3UWUX3G.js";
+} from "./chunk-5D5ZZEZM.js";
 import {
   entitiesToYaml,
   startApi,
   toBackstageEntities
-} from "./chunk-PQ7Q6MI5.js";
+} from "./chunk-TBPGFEMQ.js";
 import {
   CartographyDB,
   buildCartographyToolHandlers,
@@ -28,7 +28,7 @@ import {
   redactValue,
   stableStringify,
   stripSensitive
-} from "./chunk-GA4427LB.js";
+} from "./chunk-YVV6NIT2.js";
 import {
   ConfigFileSchema,
   CostEntrySchema,
@@ -4685,7 +4685,7 @@ ${infraSummary.substring(0, 12e3)}`;
       process.exitCode = 1;
     }
   });
-  program.command("prune").description("Delete old sessions and their data").option("--older-than <days>", "Delete sessions older than N days", "30").option("--db <path>", "DB path").option("--dry-run", "Show what would be deleted without actually deleting", false).action((opts) => {
+  program.command("prune").description("Delete old sessions and their data").option("--older-than <days>", "Delete sessions older than N days", "30").option("--events-older-than <days>", "Compact the audit trail: delete activity events older than N days (4.7 retention)").option("--db <path>", "DB path").option("--dry-run", "Show what would be deleted without actually deleting", false).action((opts) => {
     const days = parseInt(opts.olderThan, 10);
     if (Number.isNaN(days) || days < 1) {
       process.stderr.write(`Invalid --older-than: "${opts.olderThan}" (must be >= 1)
@@ -4696,6 +4696,26 @@ ${infraSummary.substring(0, 12e3)}`;
     const config = defaultConfig({ ...opts.db ? { dbPath: opts.db } : {} });
     const db = new CartographyDB(config.dbPath);
     const cutoff = new Date(Date.now() - days * 24 * 60 * 60 * 1e3).toISOString();
+    if (opts.eventsOlderThan !== void 0) {
+      const eventDays = parseInt(opts.eventsOlderThan, 10);
+      if (Number.isNaN(eventDays) || eventDays < 1) {
+        process.stderr.write(`Invalid --events-older-than: "${opts.eventsOlderThan}" (must be >= 1)
+`);
+        process.exitCode = 2;
+        db.close();
+        return;
+      }
+      const eventCutoff = new Date(Date.now() - eventDays * 24 * 60 * 60 * 1e3).toISOString();
+      if (opts.dryRun) {
+        process.stderr.write(`Would compact the audit trail (delete events older than ${eventDays} days).
+`);
+      } else {
+        const removed = db.pruneEventsOlderThan(eventCutoff);
+        logInfo("Audit events pruned", { removed, olderThanDays: eventDays });
+        process.stderr.write(`Deleted ${removed} audit event(s) older than ${eventDays} days.
+`);
+      }
+    }
     const sessions = db.getSessions().filter((s) => s.startedAt < cutoff);
     if (sessions.length === 0) {
       process.stderr.write(`No sessions older than ${days} days.
@@ -4966,12 +4986,20 @@ ${infraSummary.substring(0, 12e3)}`;
       db.close();
     }
   });
-  program.command("mcp").description("Run the Model Context Protocol server (stdio by default) \u2014 the primary interface for AI agents").option("--http", "Use Streamable HTTP transport instead of stdio", false).option("--port <n>", "HTTP port", "3737").option("--host <h>", "HTTP host", "127.0.0.1").option("--allowed-hosts <list>", "Comma-separated Host allowlist (required for non-loopback --host)").option("--token <secret>", "Bearer token required on HTTP requests (or CARTOGRAPHY_HTTP_TOKEN); mandatory for non-loopback --host").option("--db <path>", "DB path").option("--session <id>", 'Session to serve (id or "latest")', "latest").option("--tenant <id>", "Tenant/organization whose topology to serve (alias: --org; default: local)").option("--org <id>", "Alias for --tenant").option("--no-semantic", "Disable semantic (vector) search").option("--plugins <list>", "Comma-separated scanner plugin package names to load (opt-in; or CARTOGRAPHY_PLUGINS)").option("--server-mode", "Run as a central collector: enable the authenticated POST /ingest write route + org-wide summary (implies --http; opt-in)", false).option("--anon-mode <mode>", "On ingest, reject|strip un-anonymized identifying fragments (server-mode)", "reject").option("--auth-required", "Reject unauthenticated requests even on loopback (RBAC required mode)", false).action(async (opts) => {
+  program.command("mcp").description("Run the Model Context Protocol server (stdio by default) \u2014 the primary interface for AI agents").option("--http", "Use Streamable HTTP transport instead of stdio", false).option("--port <n>", "HTTP port", "3737").option("--host <h>", "HTTP host", "127.0.0.1").option("--allowed-hosts <list>", "Comma-separated Host allowlist (required for non-loopback --host)").option("--token <secret>", "Bearer token required on HTTP requests (or CARTOGRAPHY_HTTP_TOKEN); mandatory for non-loopback --host").option("--db <path>", "DB path").option("--session <id>", 'Session to serve (id or "latest")', "latest").option("--tenant <id>", "Tenant/organization whose topology to serve (alias: --org; default: local)").option("--org <id>", "Alias for --tenant").option("--no-semantic", "Disable semantic (vector) search").option("--plugins <list>", "Comma-separated scanner plugin package names to load (opt-in; or CARTOGRAPHY_PLUGINS)").option("--server-mode", "Run as a central collector: enable the authenticated POST /ingest write route + org-wide summary (implies --http; opt-in)", false).option("--anon-mode <mode>", "On ingest, reject|strip un-anonymized identifying fragments (server-mode)", "reject").option("--auth-required", "Reject unauthenticated requests even on loopback (RBAC required mode)", false).option("--store-backend <kind>", "Central store backend: sqlite (default) | graph (Neo4j/Memgraph, opt-in, 4.3)").option("--graph-url <url>", "Bolt URL for --store-backend graph (or CARTOGRAPHY_GRAPH_URL)").option("--graph-user <user>", "Graph DB user (or CARTOGRAPHY_GRAPH_USER)").option("--graph-password <pw>", "Graph DB password (or CARTOGRAPHY_GRAPH_PASSWORD)").action(async (opts) => {
     try {
       const anonMode = opts.anonMode;
       if (anonMode !== "reject" && anonMode !== "strip") {
         process.stderr.write(`
 error: --anon-mode must be 'reject' or 'strip' (got '${anonMode}')
+`);
+        process.exitCode = 1;
+        return;
+      }
+      const storeBackend = opts.storeBackend;
+      if (storeBackend !== void 0 && storeBackend !== "sqlite" && storeBackend !== "graph") {
+        process.stderr.write(`
+error: --store-backend must be 'sqlite' or 'graph' (got '${storeBackend}')
 `);
         process.exitCode = 1;
         return;
@@ -4989,7 +5017,11 @@ error: --anon-mode must be 'reject' or 'strip' (got '${anonMode}')
         plugins: opts.plugins ? String(opts.plugins).split(",").map((p) => p.trim()).filter(Boolean) : void 0,
         serverMode: opts.serverMode === true,
         anonMode,
-        authRequired: opts.authRequired === true
+        authRequired: opts.authRequired === true,
+        ...storeBackend ? { storeBackend } : {},
+        ...opts.graphUrl ? { graphUrl: opts.graphUrl } : {},
+        ...opts.graphUser ? { graphUser: opts.graphUser } : {},
+        ...opts.graphPassword ? { graphPassword: opts.graphPassword } : {}
       });
     } catch (err) {
       process.stderr.write(`