@greenarmor/ges 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 greenarmor
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,74 @@
+# @greenarmor/ges
+
+Green Engineering Standard Framework - Compliance-as-Code CLI
+
+## Install
+
+```bash
+npm install -g @greenarmor/ges
+```
+
+Or use without installing:
+
+```bash
+npx @greenarmor/ges init
+```
+
+## Quick Start
+
+```bash
+# Navigate to any project
+cd my-project
+
+# Initialize compliance framework
+ges init
+
+# Run security and compliance audit
+ges audit
+
+# View compliance score
+ges score
+
+# Generate reports
+ges report
+
+# Diagnose configuration
+ges doctor
+```
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `ges init` | Initialize GESF in the current project |
+| `ges audit` | Scan source code for security and compliance issues |
+| `ges score` | Calculate and display compliance score |
+| `ges report` | Generate compliance reports (Markdown/HTML) |
+| `ges doctor` | Diagnose GESF configuration and health |
+| `ges scan` | Run external security scanners |
+| `ges compliance` | Show compliance status and installed packs |
+| `ges validate` | Validate GESF configuration |
+| `ges generate` | Regenerate documentation and workflows |
+| `ges policy list` | List available policy packs |
+| `ges policy install <pack>` | Install a policy pack |
+| `ges policy remove <pack>` | Remove a policy pack |
+| `ges update` | Check for updates |
+
+## What It Detects
+
+- **Secrets**: Hardcoded passwords, API keys, connection strings, private keys, tokens
+- **Weak Crypto**: MD5, SHA1, DES, AES-128, disabled TLS verification
+- **SQL Injection**: String concatenation in SQL queries with user input
+- **XSS**: innerHTML with user input, document.write, v-html, dangerouslySetInnerHTML
+- **Missing Auth**: Routes without authentication middleware
+- **Missing Security**: No helmet, no CORS config, no rate limiting, no MFA
+- **Config Issues**: Secrets in .env without .gitignore, Docker as root, missing logging
+- **Database Issues**: Missing audit columns, missing soft delete patterns
+
+## Supported Project Types
+
+SaaS, AI Application, MCP Server, Blockchain, Wallet, Government System, Healthcare System, Event Platform, Photo Storage Platform, Vulnerability Scanner, Generic Web Application, API Backend, Mobile Application
+
+## Compliance Frameworks
+
+GDPR, OWASP ASVS, CIS Controls, NIST CSF, ISO 27001, ISO 27701

package/dist/cli.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/cli.js

@@ -0,0 +1,34 @@
+#!/usr/bin/env node
+import { Command } from "commander";
+import { initCommand } from "./commands/init.js";
+import { auditCommand } from "./commands/audit.js";
+import { scoreCommand } from "./commands/score.js";
+import { reportCommand } from "./commands/report.js";
+import { doctorCommand } from "./commands/doctor.js";
+import { scanCommand } from "./commands/scan.js";
+import { complianceCommand } from "./commands/compliance.js";
+import { validateCommand } from "./commands/validate.js";
+import { generateCommand } from "./commands/generate.js";
+import { policyCommand } from "./commands/policy.js";
+import { updateCommand } from "./commands/update.js";
+import { mcpCommand } from "./commands/mcp.js";
+import { GESF_VERSION } from "@greenarmor/ges-core";
+const program = new Command();
+program
+    .name("ges")
+    .description("Green Engineering Standard Framework - Compliance-as-Code CLI")
+    .version(GESF_VERSION);
+program.addCommand(initCommand);
+program.addCommand(auditCommand);
+program.addCommand(scoreCommand);
+program.addCommand(reportCommand);
+program.addCommand(doctorCommand);
+program.addCommand(scanCommand);
+program.addCommand(complianceCommand);
+program.addCommand(validateCommand);
+program.addCommand(generateCommand);
+program.addCommand(policyCommand);
+program.addCommand(updateCommand);
+program.addCommand(mcpCommand);
+program.parse();
+//# sourceMappingURL=cli.js.map

package/dist/cli.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAEpD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,KAAK,CAAC;KACX,WAAW,CAAC,+DAA+D,CAAC;KAC5E,OAAO,CAAC,YAAY,CAAC,CAAC;AAEzB,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;AAChC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;AACjC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;AACjC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;AAChC,OAAO,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC;AACtC,OAAO,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;AACpC,OAAO,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC;AACpC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;AAE/B,OAAO,CAAC,KAAK,EAAE,CAAC"}

package/dist/commands/audit.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const auditCommand: Command;

package/dist/commands/audit.js

@@ -0,0 +1,107 @@
+import { Command } from "commander";
+import { ensureGESInitialized, readJsonFile, writeJsonFile } from "../utils/project.js";
+import { getAllPacks } from "@greenarmor/ges-policy-engine";
+import { generateScoreFile, formatScoreOutput } from "@greenarmor/ges-scoring-engine";
+import { runAudit, deduplicateFindings } from "@greenarmor/ges-audit-engine";
+import * as path from "node:path";
+export const auditCommand = new Command("audit")
+    .description("Run a compliance audit on the project")
+    .option("--ci", "CI mode - exit with error code on failures")
+    .option("--json", "Output findings as JSON")
+    .action(async (options) => {
+    const root = ensureGESInitialized();
+    const config = readJsonFile(path.join(root, ".ges", "config.json"));
+    console.log("\n  GESF Compliance Audit");
+    console.log("  ────────────────────\n");
+    console.log("  Scanning project files...");
+    const { findings: rawFindings, scannedFiles } = runAudit(root);
+    const findings = deduplicateFindings(rawFindings);
+    console.log(`  Scanned ${scannedFiles} files\n`);
+    const frameworks = (config?.frameworks || ["GDPR", "OWASP"]);
+    const controls = getAllPacks().flatMap(p => p.controls);
+    const updatedControls = updateControlsFromFindings(controls, findings);
+    const scoreData = generateScoreFile(updatedControls, frameworks);
+    writeJsonFile(path.join(root, ".ges", "score.json"), scoreData);
+    const critical = findings.filter(f => f.severity === "critical");
+    const high = findings.filter(f => f.severity === "high");
+    const medium = findings.filter(f => f.severity === "medium");
+    const low = findings.filter(f => f.severity === "low");
+    if (options.json) {
+        console.log(JSON.stringify({ findings, score: scoreData }, null, 2));
+        if (options.ci && critical.length > 0)
+            process.exit(1);
+        return;
+    }
+    console.log("  ── Findings ─────────────────────\n");
+    console.log(`  Total findings: ${findings.length}`);
+    console.log(`  Critical: ${critical.length}  High: ${high.length}  Medium: ${medium.length}  Low: ${low.length}\n`);
+    if (findings.length > 0) {
+        const grouped = groupByCategory(findings);
+        for (const [category, categoryFindings] of Object.entries(grouped)) {
+            console.log(`  [${category.toUpperCase()}]`);
+            for (const f of categoryFindings.slice(0, 10)) {
+                const sev = f.severity === "critical" ? "CRIT" : f.severity === "high" ? "HIGH" : f.severity === "medium" ? "MED " : "LOW ";
+                const loc = f.file !== "project" ? ` (${f.file}${f.line ? ":" + f.line : ""})` : "";
+                console.log(`    [${sev}] ${f.title}${loc}`);
+                if (f.evidence && f.file !== "project") {
+                    console.log(`          ${f.evidence.slice(0, 100)}`);
+                }
+            }
+            if (categoryFindings.length > 10) {
+                console.log(`    ... and ${categoryFindings.length - 10} more`);
+            }
+            console.log("");
+        }
+    }
+    else {
+        console.log("  ✓ No security or compliance issues found in source code.\n");
+    }
+    console.log("  ── Compliance Score ──────────────");
+    console.log(formatScoreOutput(scoreData));
+    if (critical.length > 0) {
+        console.log("  !! Critical issues must be resolved before deployment. !!\n");
+    }
+    if (options.ci && critical.length > 0) {
+        process.exit(1);
+    }
+});
+function updateControlsFromFindings(controls, findings) {
+    return controls.map(control => {
+        const relevantFindings = findings.filter(f => f.controlIds.includes(control.id));
+        if (relevantFindings.length === 0)
+            return control;
+        const hasCritical = relevantFindings.some(f => f.severity === "critical" || f.severity === "high");
+        const updatedChecks = control.checks.map(check => {
+            if (hasCritical) {
+                return { ...check, status: "fail" };
+            }
+            return { ...check, status: "warning" };
+        });
+        return {
+            ...control,
+            checks: updatedChecks,
+            status: hasCritical ? "fail" : "warning",
+        };
+    });
+}
+function groupByCategory(findings) {
+    const groups = {};
+    for (const f of findings) {
+        const cat = f.category;
+        if (!groups[cat])
+            groups[cat] = [];
+        groups[cat].push(f);
+    }
+    const order = ["secrets", "authentication", "encryption", "injection", "xss", "security", "database", "config", "infrastructure", "dependencies"];
+    const sorted = {};
+    for (const cat of order) {
+        if (groups[cat])
+            sorted[cat] = groups[cat];
+    }
+    for (const [cat, items] of Object.entries(groups)) {
+        if (!sorted[cat])
+            sorted[cat] = items;
+    }
+    return sorted;
+}
+//# sourceMappingURL=audit.js.map

package/dist/commands/audit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit.js","sourceRoot":"","sources":["../../src/commands/audit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAExF,OAAO,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AACtF,OAAO,EAAE,QAAQ,EAAE,mBAAmB,EAAE,MAAM,8BAA8B,CAAC;AAE7E,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,MAAM,CAAC,MAAM,YAAY,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC;KAC7C,WAAW,CAAC,uCAAuC,CAAC;KACpD,MAAM,CAAC,MAAM,EAAE,4CAA4C,CAAC;KAC5D,MAAM,CAAC,QAAQ,EAAE,yBAAyB,CAAC;KAC3C,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACxB,MAAM,IAAI,GAAG,oBAAoB,EAAE,CAAC;IACpC,MAAM,MAAM,GAAG,YAAY,CAAgB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC;IAEnF,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;IACzC,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IAExC,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;IAC3C,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;IAC/D,MAAM,QAAQ,GAAG,mBAAmB,CAAC,WAAW,CAAC,CAAC;IAElD,OAAO,CAAC,GAAG,CAAC,aAAa,YAAY,UAAU,CAAC,CAAC;IAEjD,MAAM,UAAU,GAAG,CAAC,MAAM,EAAE,UAAU,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAoB,CAAC;IAChF,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IAExD,MAAM,eAAe,GAAG,0BAA0B,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IACvE,MAAM,SAAS,GAAG,iBAAiB,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;IAEjE,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,SAAS,CAAC,CAAC;IAEhE,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;IACjE,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;IACzD,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;IAC7D,MAAM,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC;IAEvD,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACrE,IAAI,OAAO,CAAC,EAAE,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvD,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,qBAAqB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;IACpD,OAAO,CAAC,GAAG,CAAC,eAAe,QAAQ,CAAC,MAAM,WAAW,IAAI,CAAC,MAAM,aAAa,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC;IAEpH,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,OAAO,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;QAC1C,KAAK,MAAM,CAAC,QAAQ,EAAE,gBAAgB,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YACnE,OAAO,CAAC,GAAG,CAAC,MAAM,QAAQ,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;YAC7C,KAAK,MAAM,CAAC,IAAI,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;gBAC9C,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;gBAC5H,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACpF,OAAO,CAAC,GAAG,CAAC,QAAQ,GAAG,KAAK,CAAC,CAAC,KAAK,GAAG,GAAG,EAAE,CAAC,CAAC;gBAC7C,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;oBACvC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;gBACvD,CAAC;YACH,CAAC;YACD,IAAI,gBAAgB,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;gBACjC,OAAO,CAAC,GAAG,CAAC,eAAe,gBAAgB,CAAC,MAAM,GAAG,EAAE,OAAO,CAAC,CAAC;YAClE,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,8DAA8D,CAAC,CAAC;IAC9E,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IACpD,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC,CAAC;IAE1C,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;IAC/E,CAAC;IAED,IAAI,OAAO,CAAC,EAAE,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,SAAS,0BAA0B,CAAC,QAAmB,EAAE,QAAmB;IAC1E,OAAO,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE;QAC5B,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC;QACjF,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,OAAO,CAAC;QAElD,MAAM,WAAW,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAEnG,MAAM,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE;YAC/C,IAAI,WAAW,EAAE,CAAC;gBAChB,OAAO,EAAE,GAAG,KAAK,EAAE,MAAM,EAAE,MAAe,EAAE,CAAC;YAC/C,CAAC;YACD,OAAO,EAAE,GAAG,KAAK,EAAE,MAAM,EAAE,SAAkB,EAAE,CAAC;QAClD,CAAC,CAAC,CAAC;QAEH,OAAO;YACL,GAAG,OAAO;YACV,MAAM,EAAE,aAAa;YACrB,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC,MAAe,CAAC,CAAC,CAAC,SAAkB;SAC3D,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,eAAe,CAAC,QAAmB;IAC1C,MAAM,MAAM,GAA8B,EAAE,CAAC;IAC7C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC;QACvB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;YAAE,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;QACnC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACtB,CAAC;IAED,MAAM,KAAK,GAAG,CAAC,SAAS,EAAE,gBAAgB,EAAE,YAAY,EAAE,WAAW,EAAE,KAAK,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,gBAAgB,EAAE,cAAc,CAAC,CAAC;IAClJ,MAAM,MAAM,GAA8B,EAAE,CAAC;IAC7C,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;QACxB,IAAI,MAAM,CAAC,GAAG,CAAC;YAAE,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IAC7C,CAAC;IACD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;YAAE,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;IACxC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/commands/compliance.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const complianceCommand: Command;

package/dist/commands/compliance.js

@@ -0,0 +1,32 @@
+import { Command } from "commander";
+import { ensureGESInitialized, readJsonFile } from "../utils/project.js";
+import { getPacksForProjectType } from "@greenarmor/ges-policy-engine";
+import { formatScoreOutput } from "@greenarmor/ges-scoring-engine";
+import * as path from "node:path";
+export const complianceCommand = new Command("compliance")
+    .description("Show compliance status")
+    .action(async () => {
+    const root = ensureGESInitialized();
+    const scorePath = path.join(root, ".ges", "score.json");
+    const score = readJsonFile(scorePath);
+    if (score && score.frameworks && Object.keys(score.frameworks).length > 0) {
+        console.log(formatScoreOutput(score));
+    }
+    else {
+        console.log("\n  No compliance score available. Run 'ges audit' first.\n");
+    }
+    const config = readJsonFile(path.join(root, ".ges", "config.json"));
+    if (config) {
+        console.log("  Installed Policy Packs:");
+        const packs = getPacksForProjectType(config.project_type);
+        for (const pack of packs) {
+            const controlsFile = path.join(root, "controls", pack.id, "controls.json");
+            const controls = readJsonFile(controlsFile);
+            const total = controls?.length || 0;
+            const passed = controls?.filter(c => c.status === "pass").length || 0;
+            console.log(`    ${pack.id.padEnd(15)} ${passed}/${total} controls passed`);
+        }
+    }
+    console.log("");
+});
+//# sourceMappingURL=compliance.js.map

package/dist/commands/compliance.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"compliance.js","sourceRoot":"","sources":["../../src/commands/compliance.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAEzE,OAAO,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AACvE,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AAGnE,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,MAAM,CAAC,MAAM,iBAAiB,GAAG,IAAI,OAAO,CAAC,YAAY,CAAC;KACvD,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAI,GAAG,oBAAoB,EAAE,CAAC;IAEpC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,YAAY,CAAC,CAAC;IACxD,MAAM,KAAK,GAAG,YAAY,CAAY,SAAS,CAAC,CAAC;IAEjD,IAAI,KAAK,IAAI,KAAK,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC;IACxC,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,6DAA6D,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,MAAM,GAAG,YAAY,CAAgB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC;IACnF,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QACzC,MAAM,KAAK,GAAG,sBAAsB,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC1D,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,EAAE,EAAE,eAAe,CAAC,CAAC;YAC3E,MAAM,QAAQ,GAAG,YAAY,CAAY,YAAY,CAAC,CAAC;YACvD,MAAM,KAAK,GAAG,QAAQ,EAAE,MAAM,IAAI,CAAC,CAAC;YACpC,MAAM,MAAM,GAAG,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC;YACtE,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,MAAM,IAAI,KAAK,kBAAkB,CAAC,CAAC;QAC9E,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/commands/doctor.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const doctorCommand: Command;

package/dist/commands/doctor.js

@@ -0,0 +1,60 @@
+import { Command } from "commander";
+import { findProjectRoot, readJsonFile } from "../utils/project.js";
+import { GESF_VERSION, GES_DIR } from "@greenarmor/ges-core";
+import * as fs from "node:fs";
+import * as path from "node:path";
+export const doctorCommand = new Command("doctor")
+    .description("Diagnose GESF configuration and health")
+    .action(async () => {
+    console.log("\n  GESF Doctor - Diagnostic Check");
+    console.log("  ─────────────────────────────\n");
+    const checks = [];
+    const root = findProjectRoot();
+    if (root) {
+        checks.push({ name: "GESF initialized", status: "OK", detail: root });
+    }
+    else {
+        checks.push({ name: "GESF initialized", status: "FAIL", detail: "Run 'ges init' first" });
+    }
+    if (root) {
+        const configPath = path.join(root, GES_DIR, "config.yaml");
+        checks.push({
+            name: "Config file",
+            status: fs.existsSync(configPath) ? "OK" : "WARN",
+            detail: fs.existsSync(configPath) ? configPath : "config.yaml not found",
+        });
+        const scorePath = path.join(root, GES_DIR, "score.json");
+        const score = readJsonFile(scorePath);
+        checks.push({
+            name: "Score file",
+            status: score ? "OK" : "WARN",
+            detail: score ? `Overall: ${score.overall}%` : "Run 'ges score'",
+        });
+        const dirs = ["compliance", "security", "controls", "policies", "checklists", "docs", "reports"];
+        for (const dir of dirs) {
+            const exists = fs.existsSync(path.join(root, dir));
+            checks.push({ name: `${dir}/ directory`, status: exists ? "OK" : "MISSING" });
+        }
+        const ghWorkflows = path.join(root, ".github", "workflows");
+        if (fs.existsSync(ghWorkflows)) {
+            const workflows = fs.readdirSync(ghWorkflows).filter(f => f.endsWith(".yml"));
+            checks.push({ name: "GitHub Actions", status: "OK", detail: `${workflows.length} workflow(s)` });
+        }
+        else {
+            checks.push({ name: "GitHub Actions", status: "WARN", detail: "No .github/workflows found" });
+        }
+        const config = readJsonFile(path.join(root, GES_DIR, "config.json"));
+        if (config) {
+            checks.push({ name: "Project", status: "OK", detail: `${config.project_name} (${config.project_type})` });
+            checks.push({ name: "Frameworks", status: "OK", detail: config.frameworks.join(", ") });
+        }
+    }
+    checks.push({ name: "GESF Version", status: "OK", detail: GESF_VERSION });
+    for (const check of checks) {
+        const icon = check.status === "OK" ? "✓" : check.status === "WARN" ? "!" : "✗";
+        const line = `  [${icon}] ${check.name}`;
+        console.log(line + (check.detail ? ` - ${check.detail}` : ""));
+    }
+    console.log("");
+});
+//# sourceMappingURL=doctor.js.map

package/dist/commands/doctor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"doctor.js","sourceRoot":"","sources":["../../src/commands/doctor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAEpE,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,MAAM,CAAC,MAAM,aAAa,GAAG,IAAI,OAAO,CAAC,QAAQ,CAAC;KAC/C,WAAW,CAAC,wCAAwC,CAAC;KACrD,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;IAEjD,MAAM,MAAM,GAAwD,EAAE,CAAC;IAEvE,MAAM,IAAI,GAAG,eAAe,EAAE,CAAC;IAC/B,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,kBAAkB,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IACxE,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,kBAAkB,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,sBAAsB,EAAE,CAAC,CAAC;IAC5F,CAAC;IAED,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC;QAC3D,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,aAAa;YACnB,MAAM,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM;YACjD,MAAM,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,uBAAuB;SACzE,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;QACzD,MAAM,KAAK,GAAG,YAAY,CAA0B,SAAS,CAAC,CAAC;QAC/D,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,YAAY;YAClB,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM;YAC7B,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,YAAY,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,iBAAiB;SACjE,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,CAAC,YAAY,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QACjG,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,MAAM,GAAG,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC;YACnD,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,GAAG,aAAa,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;QAChF,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;QAC5D,IAAI,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YAC/B,MAAM,SAAS,GAAG,EAAE,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;YAC9E,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,SAAS,CAAC,MAAM,cAAc,EAAE,CAAC,CAAC;QACnG,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,4BAA4B,EAAE,CAAC,CAAC;QAChG,CAAC;QAED,MAAM,MAAM,GAAG,YAAY,CAAgB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;QACpF,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC,YAAY,KAAK,MAAM,CAAC,YAAY,GAAG,EAAE,CAAC,CAAC;YAC1G,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1F,CAAC;IACH,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC,CAAC;IAE1E,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,IAAI,GAAG,KAAK,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;QAC/E,MAAM,IAAI,GAAG,MAAM,IAAI,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC;QACzC,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACjE,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/commands/generate.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const generateCommand: Command;

package/dist/commands/generate.js

@@ -0,0 +1,47 @@
+import { Command } from "commander";
+import { ensureGESInitialized, readJsonFile, writeFileSync } from "../utils/project.js";
+import { generateComplianceDocs, generateSecurityDocs } from "@greenarmor/ges-doc-generator";
+import { generateAllWorkflows } from "@greenarmor/ges-cicd-generator";
+import * as path from "node:path";
+export const generateCommand = new Command("generate")
+    .description("Regenerate documentation and workflows")
+    .option("--docs", "Regenerate documentation")
+    .option("--workflows", "Regenerate GitHub Actions workflows")
+    .option("--all", "Regenerate everything")
+    .action(async (options) => {
+    const root = ensureGESInitialized();
+    const config = readJsonFile(path.join(".ges", "config.json"));
+    if (!config) {
+        console.error("  Error: Could not read configuration.");
+        process.exit(1);
+    }
+    const doDocs = options.docs || options.all;
+    const doWorkflows = options.workflows || options.all;
+    if (!doDocs && !doWorkflows) {
+        console.log("  Specify --docs, --workflows, or --all");
+        return;
+    }
+    if (doDocs) {
+        console.log("  Generating compliance documents...");
+        const complianceDocs = generateComplianceDocs(config.project_name, config.project_type);
+        for (const doc of complianceDocs) {
+            writeFileSync(path.join(root, doc.filePath), doc.content);
+        }
+        console.log("  Generating security documents...");
+        const securityDocs = generateSecurityDocs(config.project_name, config.project_type);
+        for (const doc of securityDocs) {
+            writeFileSync(path.join(root, doc.filePath), doc.content);
+        }
+        console.log("  ✓ Documents generated");
+    }
+    if (doWorkflows) {
+        console.log("  Generating GitHub Actions workflows...");
+        const workflows = generateAllWorkflows(config);
+        for (const wf of workflows) {
+            writeFileSync(path.join(root, wf.filePath), wf.content);
+        }
+        console.log("  ✓ Workflows generated");
+    }
+    console.log("");
+});
+//# sourceMappingURL=generate.js.map

package/dist/commands/generate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"generate.js","sourceRoot":"","sources":["../../src/commands/generate.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAExF,OAAO,EAAE,sBAAsB,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAC;AAC7F,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,MAAM,CAAC,MAAM,eAAe,GAAG,IAAI,OAAO,CAAC,UAAU,CAAC;KACnD,WAAW,CAAC,wCAAwC,CAAC;KACrD,MAAM,CAAC,QAAQ,EAAE,0BAA0B,CAAC;KAC5C,MAAM,CAAC,aAAa,EAAE,qCAAqC,CAAC;KAC5D,MAAM,CAAC,OAAO,EAAE,uBAAuB,CAAC;KACxC,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACxB,MAAM,IAAI,GAAG,oBAAoB,EAAE,CAAC;IACpC,MAAM,MAAM,GAAG,YAAY,CAAgB,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC;IAE7E,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;QACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC;IAC3C,MAAM,WAAW,GAAG,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,GAAG,CAAC;IAErD,IAAI,CAAC,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;QACvD,OAAO;IACT,CAAC;IAED,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;QACpD,MAAM,cAAc,GAAG,sBAAsB,CAAC,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;QACxF,KAAK,MAAM,GAAG,IAAI,cAAc,EAAE,CAAC;YACjC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,QAAQ,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;QAC5D,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;QAClD,MAAM,YAAY,GAAG,oBAAoB,CAAC,MAAM,CAAC,YAAY,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;QACpF,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;YAC/B,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,QAAQ,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;QAC5D,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;IACzC,CAAC;IAED,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;QACxD,MAAM,SAAS,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAC;QAC/C,KAAK,MAAM,EAAE,IAAI,SAAS,EAAE,CAAC;YAC3B,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;IACzC,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/commands/init.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const initCommand: Command;

package/dist/commands/init.js

@@ -0,0 +1,112 @@
+import { Command } from "commander";
+import { input, select, checkbox } from "@inquirer/prompts";
+import { PROJECT_TYPES, FRAMEWORKS, DEFAULT_FRAMEWORKS, GESF_VERSION, GES_DIR, COMPLIANCE_DIR, SECURITY_DIR, CONTROLS_DIR, POLICIES_DIR, CHECKLISTS_DIR, DOCS_DIR, REPORTS_DIR, } from "@greenarmor/ges-core";
+import { getPacksForProjectType } from "@greenarmor/ges-policy-engine";
+import { generateComplianceDocs, generateSecurityDocs, generateConfigYaml, generateConfigJson, generateMetadataJson, generateFrameworkVersionJson, generateScoreJson, } from "@greenarmor/ges-doc-generator";
+import { generateAllWorkflows } from "@greenarmor/ges-cicd-generator";
+import { writeFileSync } from "../utils/project.js";
+import * as fs from "node:fs";
+import * as path from "node:path";
+export const initCommand = new Command("init")
+    .description("Initialize GESF in the current project")
+    .option("-n, --name <name>", "Project name")
+    .option("-t, --type <type>", "Project type")
+    .option("-f, --frameworks <frameworks>", "Comma-separated frameworks")
+    .action(async (options) => {
+    console.log("\n  Green Engineering Standard Framework (GESF) v" + GESF_VERSION);
+    console.log("  ─────────────────────────────────────────────\n");
+    if (fs.existsSync(path.join(process.cwd(), GES_DIR))) {
+        console.error("  Error: GESF is already initialized in this project.");
+        process.exit(1);
+    }
+    const projectName = options.name || await input({ message: "Project name:", default: path.basename(process.cwd()) });
+    const projectType = options.type
+        ? options.type
+        : await select({
+            message: "Select project type:",
+            choices: PROJECT_TYPES.map(t => ({ value: t.value, name: t.label })),
+        });
+    const selectedFrameworks = options.frameworks
+        ? options.frameworks.split(",").map((f) => f.trim())
+        : await checkbox({
+            message: "Select compliance frameworks:",
+            choices: FRAMEWORKS.map(f => ({
+                value: f.value,
+                name: f.label,
+                checked: DEFAULT_FRAMEWORKS.includes(f.value),
+            })),
+        });
+    if (selectedFrameworks.length === 0) {
+        console.error("  Error: At least one framework must be selected.");
+        process.exit(1);
+    }
+    const now = new Date().toISOString();
+    const config = {
+        project_name: projectName,
+        project_type: projectType,
+        frameworks: selectedFrameworks,
+        requirements: {
+            encryption: { required: true, level: "mandatory" },
+            mfa: { required: true, level: "mandatory" },
+            audit_logs: { required: true, level: "mandatory" },
+            backups: { required: true, level: "mandatory" },
+            retention_policy: { required: true, level: "mandatory" },
+            vulnerability_scanning: { required: true, level: "mandatory" },
+            authentication: { required: true, level: "mandatory" },
+            authorization: { required: true, level: "mandatory" },
+            secrets_management: { required: true, level: "mandatory" },
+            logging: { required: true, level: "mandatory" },
+            monitoring: { required: true, level: "recommended" },
+            data_classification: { required: true, level: "mandatory" },
+            disaster_recovery: { required: true, level: "mandatory" },
+            incident_response: { required: true, level: "mandatory" },
+            privacy_controls: { required: true, level: "mandatory" },
+        },
+        created_at: now,
+        version: GESF_VERSION,
+    };
+    const dirs = [GES_DIR, COMPLIANCE_DIR, SECURITY_DIR, CONTROLS_DIR, POLICIES_DIR, CHECKLISTS_DIR, DOCS_DIR, REPORTS_DIR];
+    for (const dir of dirs) {
+        fs.mkdirSync(path.join(process.cwd(), dir), { recursive: true });
+    }
+    const configYaml = generateConfigYaml(config);
+    writeFileSync(path.join(process.cwd(), configYaml.filePath), configYaml.content);
+    const configJson = generateConfigJson(config);
+    writeFileSync(path.join(process.cwd(), configJson.filePath), configJson.content);
+    const metadata = generateMetadataJson(config);
+    writeFileSync(path.join(process.cwd(), metadata.filePath), metadata.content);
+    const fwVersion = generateFrameworkVersionJson();
+    writeFileSync(path.join(process.cwd(), fwVersion.filePath), fwVersion.content);
+    const scoreFile = generateScoreJson();
+    writeFileSync(path.join(process.cwd(), scoreFile.filePath), scoreFile.content);
+    const complianceDocs = generateComplianceDocs(projectName, projectType);
+    for (const doc of complianceDocs) {
+        writeFileSync(path.join(process.cwd(), doc.filePath), doc.content);
+    }
+    const securityDocs = generateSecurityDocs(projectName, projectType);
+    for (const doc of securityDocs) {
+        writeFileSync(path.join(process.cwd(), doc.filePath), doc.content);
+    }
+    const packs = getPacksForProjectType(projectType);
+    for (const pack of packs) {
+        const packDir = path.join(process.cwd(), CONTROLS_DIR, pack.id);
+        fs.mkdirSync(packDir, { recursive: true });
+        writeFileSync(path.join(packDir, "controls.json"), JSON.stringify(pack.controls, null, 2));
+    }
+    const workflows = generateAllWorkflows(config);
+    for (const wf of workflows) {
+        writeFileSync(path.join(process.cwd(), wf.filePath), wf.content);
+    }
+    console.log("  ✓ Project structure created");
+    console.log("  ✓ Configuration files generated");
+    console.log("  ✓ Compliance documents created");
+    console.log("  ✓ Security documents created");
+    console.log("  ✓ Control packs installed:", packs.map(p => p.id).join(", "));
+    console.log("  ✓ GitHub Actions workflows generated");
+    console.log(`\n  GESF initialized for "${projectName}" (${projectType})`);
+    console.log("\n  Next steps:");
+    console.log("    1. Review generated compliance documents");
+    console.log("    2. Run 'ges audit' to evaluate your project");
+    console.log("    3. Run 'ges score' to see your compliance score\n");
+});
+//# sourceMappingURL=init.js.map

package/dist/commands/init.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"init.js","sourceRoot":"","sources":["../../src/commands/init.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAC5D,OAAO,EACL,aAAa,EACb,UAAU,EACV,kBAAkB,EAClB,YAAY,EACZ,OAAO,EACP,cAAc,EACd,YAAY,EACZ,YAAY,EACZ,YAAY,EACZ,cAAc,EACd,QAAQ,EACR,WAAW,GACZ,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AACvE,OAAO,EACL,sBAAsB,EACtB,oBAAoB,EACpB,kBAAkB,EAClB,kBAAkB,EAClB,oBAAoB,EACpB,4BAA4B,EAC5B,iBAAiB,GAClB,MAAM,+BAA+B,CAAC;AACvC,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,MAAM,CAAC,MAAM,WAAW,GAAG,IAAI,OAAO,CAAC,MAAM,CAAC;KAC3C,WAAW,CAAC,wCAAwC,CAAC;KACrD,MAAM,CAAC,mBAAmB,EAAE,cAAc,CAAC;KAC3C,MAAM,CAAC,mBAAmB,EAAE,cAAc,CAAC;KAC3C,MAAM,CAAC,+BAA+B,EAAE,4BAA4B,CAAC;KACrE,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACxB,OAAO,CAAC,GAAG,CAAC,mDAAmD,GAAG,YAAY,CAAC,CAAC;IAChF,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;IAEjE,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,CAAC,CAAC,EAAE,CAAC;QACrD,OAAO,CAAC,KAAK,CAAC,uDAAuD,CAAC,CAAC;QACvE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,IAAI,MAAM,KAAK,CAAC,EAAE,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;IAErH,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI;QAC9B,CAAC,CAAE,OAAO,CAAC,IAAoB;QAC/B,CAAC,CAAC,MAAM,MAAM,CAAC;YACX,OAAO,EAAE,sBAAsB;YAC/B,OAAO,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;SACrE,CAAgB,CAAC;IAEtB,MAAM,kBAAkB,GAAG,OAAO,CAAC,UAAU;QAC3C,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAmB,CAAC;QAC7E,CAAC,CAAC,MAAM,QAAQ,CAAC;YACb,OAAO,EAAE,+BAA+B;YACxC,OAAO,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC5B,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,IAAI,EAAE,CAAC,CAAC,KAAK;gBACb,OAAO,EAAE,kBAAkB,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC;aAC9C,CAAC,CAAC;SACJ,CAAoB,CAAC;IAE1B,IAAI,kBAAkB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpC,OAAO,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACnE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACrC,MAAM,MAAM,GAAkB;QAC5B,YAAY,EAAE,WAAW;QACzB,YAAY,EAAE,WAAW;QACzB,UAAU,EAAE,kBAAkB;QAC9B,YAAY,EAAE;YACZ,UAAU,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YAClD,GAAG,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YAC3C,UAAU,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YAClD,OAAO,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YAC/C,gBAAgB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YACxD,sBAAsB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YAC9D,cAAc,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YACtD,aAAa,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YACrD,kBAAkB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YAC1D,OAAO,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YAC/C,UAAU,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,aAAa,EAAE;YACpD,mBAAmB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YAC3D,iBAAiB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YACzD,iBAAiB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;YACzD,gBAAgB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE;SACzD;QACD,UAAU,EAAE,GAAG;QACf,OAAO,EAAE,YAAY;KACtB,CAAC;IAEF,MAAM,IAAI,GAAG,CAAC,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,cAAc,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC;IACxH,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,UAAU,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;IAC9C,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,QAAQ,CAAC,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;IAEjF,MAAM,UAAU,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;IAC9C,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,QAAQ,CAAC,EAAE,UAAU,CAAC,OAAO,CAAC,CAAC;IAEjF,MAAM,QAAQ,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAC9C,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;IAE7E,MAAM,SAAS,GAAG,4BAA4B,EAAE,CAAC;IACjD,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,SAAS,CAAC,QAAQ,CAAC,EAAE,SAAS,CAAC,OAAO,CAAC,CAAC;IAE/E,MAAM,SAAS,GAAG,iBAAiB,EAAE,CAAC;IACtC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,SAAS,CAAC,QAAQ,CAAC,EAAE,SAAS,CAAC,OAAO,CAAC,CAAC;IAE/E,MAAM,cAAc,GAAG,sBAAsB,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACxE,KAAK,MAAM,GAAG,IAAI,cAAc,EAAE,CAAC;QACjC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,CAAC,QAAQ,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;IACrE,CAAC;IAED,MAAM,YAAY,GAAG,oBAAoB,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IACpE,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;QAC/B,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,GAAG,CAAC,QAAQ,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;IACrE,CAAC;IAED,MAAM,KAAK,GAAG,sBAAsB,CAAC,WAAW,CAAC,CAAC;IAClD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAChE,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC3C,aAAa,CACX,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,eAAe,CAAC,EACnC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CACvC,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAC/C,KAAK,MAAM,EAAE,IAAI,SAAS,EAAE,CAAC;QAC3B,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC;IACnE,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;IAC7C,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;IACjD,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;IAC9C,OAAO,CAAC,GAAG,CAAC,8BAA8B,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC7E,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,6BAA6B,WAAW,MAAM,WAAW,GAAG,CAAC,CAAC;IAC1E,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;IAC/B,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;IAC5D,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAC;AACvE,CAAC,CAAC,CAAC"}

package/dist/commands/mcp-setup.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const mcpSetupCommand: Command;