@greenarmor/ges 1.0.0 → 1.1.0

package/dist/cli.js

@@ -13,6 +13,10 @@ import { policyCommand } from "./commands/policy.js";
 import { updateCommand } from "./commands/update.js";
 import { mcpCommand } from "./commands/mcp.js";
 import { badgeCommand } from "./commands/badge.js";
+import { controlCommand } from "./commands/control.js";
+import { fixCommand } from "./commands/fix.js";
+import { hooksCommand } from "./commands/hooks.js";
+import { dashboardCommand } from "./commands/dashboard.js";
 import { GESF_VERSION } from "@greenarmor/ges-core";
 const program = new Command();
 program
@@ -32,4 +36,8 @@ program.addCommand(policyCommand);
 program.addCommand(updateCommand);
 program.addCommand(mcpCommand);
 program.addCommand(badgeCommand);
+program.addCommand(controlCommand);
+program.addCommand(fixCommand);
+program.addCommand(hooksCommand);
+program.addCommand(dashboardCommand);
 program.parse();

package/dist/commands/audit.js

@@ -2,7 +2,7 @@ import { Command } from "commander";
 import { ensureGESInitialized, readJsonFile, writeJsonFile } from "../utils/project.js";
 import { getPacksForProjectType, getAllPacks } from "@greenarmor/ges-policy-engine";
 import { generateScoreFile, formatScoreOutput } from "@greenarmor/ges-scoring-engine";
-import { runAudit, deduplicateFindings } from "@greenarmor/ges-audit-engine";
+import { runAudit, runAuditIncremental, deduplicateFindings } from "@greenarmor/ges-audit-engine";
 import { showNextStepsMenu } from "../utils/next-steps.js";
 import * as fs from "node:fs";
 import * as path from "node:path";
@@ -10,15 +10,32 @@ export const auditCommand = new Command("audit")
     .description("Run a compliance audit on the project")
     .option("--ci", "CI mode - exit with error code on failures")
     .option("--json", "Output findings as JSON")
+    .option("--incremental", "Only rescan changed files since last audit")
     .action(async (options) => {
     const root = ensureGESInitialized();
     const config = readJsonFile(path.join(root, ".ges", "config.json"));
     console.log("\n  GESF Compliance Audit");
     console.log("  ────────────────────\n");
     console.log("  Scanning project files...");
-    const { findings: rawFindings, scannedFiles } = runAudit(root);
+    let rawFindings;
+    let scannedFiles;
+    if (options.incremental) {
+        const cachePath = path.join(root, ".ges", "audit-cache.json");
+        const existingCache = readJsonFile(cachePath) || {};
+        const result = runAuditIncremental(root, existingCache);
+        writeJsonFile(cachePath, result.newCache);
+        rawFindings = result.findings;
+        scannedFiles = result.scannedFiles;
+        console.log(`  Scanned ${scannedFiles} files (${result.changedFiles} changed)`);
+    }
+    else {
+        const result = runAudit(root);
+        rawFindings = result.findings;
+        scannedFiles = result.scannedFiles;
+        console.log(`  Scanned ${scannedFiles} files`);
+    }
     const findings = deduplicateFindings(rawFindings);
-    console.log(`  Scanned ${scannedFiles} files\n`);
+    console.log("");
     const frameworks = (config?.frameworks || ["GDPR", "OWASP"]);
     const projectPacks = getPacksForProjectType(config?.project_type || "generic-web-application");
     const packIds = new Set(projectPacks.map(p => p.id));
@@ -105,13 +122,35 @@ function applyControlOverrides(controls, overrides) {
         };
     });
 }
+const SCANNABLE_CATEGORIES = new Set([
+    "encryption",
+    "authentication",
+    "audit",
+    "security",
+    "database",
+    "secrets",
+    "injection",
+    "xss",
+    "infrastructure",
+    "dependencies",
+]);
 function updateControlsFromFindings(controls, findings) {
+    const controlsWithFindings = new Set(findings.flatMap(f => f.controlIds));
     return controls.map(control => {
         if (control.status === "pass" || control.status === "not-applicable")
             return control;
         const relevantFindings = findings.filter(f => f.controlIds.includes(control.id));
-        if (relevantFindings.length === 0)
+        if (relevantFindings.length === 0) {
+            if (SCANNABLE_CATEGORIES.has(control.category) &&
+                !controlsWithFindings.has(control.id)) {
+                return {
+                    ...control,
+                    checks: control.checks.map(check => ({ ...check, status: "pass" })),
+                    status: "pass",
+                };
+            }
             return control;
+        }
         const hasCritical = relevantFindings.some(f => f.severity === "critical" || f.severity === "high");
         const updatedChecks = control.checks.map(check => {
             if (hasCritical) {

package/dist/commands/control.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const controlCommand: Command;

package/dist/commands/control.js

@@ -0,0 +1,41 @@
+import { Command } from "commander";
+import { ensureGESInitialized, readJsonFile, writeJsonFile } from "../utils/project.js";
+import { getAllPacks } from "@greenarmor/ges-policy-engine";
+import * as path from "node:path";
+const VALID_STATUSES = ["pass", "fail", "warning", "not-applicable", "not-implemented"];
+export const controlCommand = new Command("control")
+    .description("Mark a compliance control status manually")
+    .argument("<controlId>", "Control ID (e.g. GDPR-ART32-001)")
+    .argument("<status>", "Status: pass, fail, warning, not-applicable, not-implemented")
+    .option("-r, --reason <reason>", "Reason for the override")
+    .action(async (controlId, status, options) => {
+    const normalizedStatus = status;
+    if (!VALID_STATUSES.includes(normalizedStatus)) {
+        console.error(`  Error: Invalid status "${status}". Valid values: ${VALID_STATUSES.join(", ")}`);
+        process.exit(1);
+    }
+    const allPacks = getAllPacks();
+    const allControls = allPacks.flatMap(p => p.controls);
+    const control = allControls.find(c => c.id === controlId);
+    if (!control) {
+        console.error(`  Error: Unknown control ID "${controlId}".`);
+        console.error(`  Available control IDs can be found in controls/ directory or via 'ges compliance'.`);
+        process.exit(1);
+    }
+    const root = ensureGESInitialized();
+    const overridePath = path.join(root, ".ges", "control-overrides.json");
+    const existing = readJsonFile(overridePath) || [];
+    const overrides = Array.isArray(existing) ? existing : [];
+    const filtered = overrides.filter(o => o.control_id !== controlId);
+    filtered.push({
+        control_id: controlId,
+        status: normalizedStatus,
+        reason: options.reason || `Manually set to ${normalizedStatus}`,
+    });
+    writeJsonFile(overridePath, filtered);
+    console.log(`\n  [✓] Control ${controlId} marked as: ${normalizedStatus}`);
+    console.log(`      ${control.name}`);
+    console.log(`      Reason: ${options.reason || `Manually set to ${normalizedStatus}`}`);
+    console.log(`\n  Override saved to: ${overridePath}`);
+    console.log(`  Run 'ges audit' to see the updated compliance score.\n`);
+});

package/dist/commands/dashboard.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const dashboardCommand: Command;

package/dist/commands/dashboard.js

@@ -0,0 +1,44 @@
+import { Command } from "commander";
+import { ensureGESInitialized } from "../utils/project.js";
+import { startDashboard } from "@greenarmor/ges-web-dashboard";
+export const dashboardCommand = new Command("dashboard")
+    .description("Start the GESF compliance web dashboard")
+    .option("-p, --port <port>", "Port number (default: 3001)")
+    .option("-h, --host <host>", "Host to bind to (default: localhost)")
+    .action(async (options) => {
+    const root = ensureGESInitialized();
+    const port = options.port ? parseInt(options.port, 10) : 3001;
+    const host = options.host || "localhost";
+    console.log("\n  GESF Web Dashboard");
+    console.log("  ──────────────────\n");
+    console.log(`  Starting dashboard server...`);
+    console.log(`  Project: ${root}\n`);
+    try {
+        const server = startDashboard({ port, host, projectPath: root });
+        server.on("listening", () => {
+            console.log(`  Dashboard running at: http://${host}:${port}`);
+            console.log(`  JSON API:             http://${host}:${port}/api/data`);
+            console.log(`  Health check:         http://${host}:${port}/health`);
+            console.log(`\n  Press Ctrl+C to stop.\n`);
+        });
+        server.on("error", (err) => {
+            if (err.code === "EADDRINUSE") {
+                console.error(`  Error: Port ${port} is already in use.`);
+                console.error(`  Try a different port: ges dashboard --port ${port + 1}`);
+            }
+            else {
+                console.error(`  Error: ${err.message}`);
+            }
+            process.exit(1);
+        });
+        process.on("SIGINT", () => {
+            console.log("\n  Dashboard stopped.");
+            server.close();
+            process.exit(0);
+        });
+    }
+    catch (err) {
+        console.error(`  Error starting dashboard: ${err instanceof Error ? err.message : String(err)}`);
+        process.exit(1);
+    }
+});

package/dist/commands/doctor.js

@@ -18,11 +18,11 @@ export const doctorCommand = new Command("doctor")
         checks.push({ name: "GESF initialized", status: "FAIL", detail: "Run 'ges init' first" });
     }
     if (root) {
-        const configPath = path.join(root, GES_DIR, "config.yaml");
+        const configPath = path.join(root, GES_DIR, "config.json");
         checks.push({
             name: "Config file",
             status: fs.existsSync(configPath) ? "OK" : "WARN",
-            detail: fs.existsSync(configPath) ? configPath : "config.yaml not found",
+            detail: fs.existsSync(configPath) ? configPath : "config.json not found",
         });
         const scorePath = path.join(root, GES_DIR, "score.json");
         const score = readJsonFile(scorePath);

package/dist/commands/fix.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const fixCommand: Command;

package/dist/commands/fix.js

@@ -0,0 +1,87 @@
+import { Command } from "commander";
+import { ensureGESInitialized } from "../utils/project.js";
+import { runAudit, deduplicateFindings } from "@greenarmor/ges-audit-engine";
+import { createAutoFixPlan, applyAutoFixAction, getNpmInstallsFromActions } from "@greenarmor/ges-mcp-server";
+export const fixCommand = new Command("fix")
+    .description("Automatically fix security and compliance findings")
+    .option("-d, --dry-run", "Show what would be fixed without making changes")
+    .option("-r, --rules <ruleIds>", "Only fix specific rule IDs (comma-separated, e.g. CONFIG-001,SECRETS-001)")
+    .option("--ci", "CI mode - exit with error code if findings remain after fix")
+    .action(async (options) => {
+    const root = ensureGESInitialized();
+    console.log("\n  GESF Auto-Fix Engine");
+    console.log("  ────────────────────\n");
+    console.log("  Scanning project files...");
+    const { findings: rawFindings, scannedFiles } = runAudit(root);
+    const findings = deduplicateFindings(rawFindings);
+    console.log(`  Scanned ${scannedFiles} files`);
+    console.log(`  Found ${findings.length} findings\n`);
+    if (findings.length === 0) {
+        console.log("  [✓] No issues found. Project is clean!\n");
+        return;
+    }
+    const ruleFilter = options.rules
+        ? new Set(options.rules.split(",").map((r) => r.trim()))
+        : undefined;
+    const { actions, warnings } = createAutoFixPlan(root, findings, ruleFilter);
+    if (actions.length === 0) {
+        console.log("  No auto-fixable issues found.\n");
+        console.log("  All findings require manual review:\n");
+        for (const w of warnings) {
+            console.log(`    ${w}`);
+        }
+        console.log("");
+        if (options.ci)
+            process.exit(1);
+        return;
+    }
+    const dryRun = options.dryRun === true;
+    const npmInstalls = getNpmInstallsFromActions(actions);
+    if (dryRun) {
+        console.log(`  DRY RUN — ${actions.length} fixes planned (no changes applied):\n`);
+    }
+    else {
+        console.log(`  Applying ${actions.length} fixes...\n`);
+    }
+    let applied = 0;
+    let failed = 0;
+    for (const action of actions) {
+        if (dryRun) {
+            console.log(`    [${action.type}] ${action.filePath}`);
+            console.log(`        ${action.description}  [${action.ruleId}]`);
+            applied++;
+        }
+        else {
+            const result = applyAutoFixAction(root, action);
+            if (result.applied) {
+                console.log(`    [✓] [${action.type}] ${action.filePath}  [${action.ruleId}]`);
+                applied++;
+            }
+            else {
+                console.log(`    [✗] [${action.type}] ${action.filePath}  [${action.ruleId}]`);
+                console.log(`        ${result.error}`);
+                failed++;
+            }
+        }
+    }
+    console.log("");
+    console.log(`  Fixes ${dryRun ? "planned" : "applied"}: ${applied}${failed > 0 ? ` (${failed} failed)` : ""}`);
+    if (npmInstalls.length > 0) {
+        console.log("\n  npm packages to install:");
+        console.log(`    npm install ${npmInstalls.join(" ")}`);
+    }
+    if (warnings.length > 0) {
+        console.log("\n  Manual review required:");
+        for (const w of warnings) {
+            console.log(`    ${w}`);
+        }
+    }
+    console.log("\n  Next steps:");
+    console.log("    1. Install npm packages listed above");
+    console.log("    2. Review changes: git diff");
+    console.log("    3. Re-run audit: ges audit");
+    console.log("");
+    if (options.ci && (findings.length > 0 && failed < findings.length) === false && findings.length > 0) {
+        process.exit(1);
+    }
+});

package/dist/commands/generate.js

@@ -11,7 +11,7 @@ export const generateCommand = new Command("generate")
     .option("--all", "Regenerate everything")
     .action(async (options) => {
     const root = ensureGESInitialized();
-    const config = readJsonFile(path.join(".ges", "config.json"));
+    const config = readJsonFile(path.join(root, ".ges", "config.json"));
     if (!config) {
         console.error("  Error: Could not read configuration.");
         process.exit(1);

package/dist/commands/hooks.d.ts

@@ -0,0 +1,2 @@
+import { Command } from "commander";
+export declare const hooksCommand: Command;

package/dist/commands/hooks.js

@@ -0,0 +1,40 @@
+import { Command } from "commander";
+import { ensureGESInitialized } from "../utils/project.js";
+import { installHooks, uninstallHooks } from "@greenarmor/ges-git-hooks";
+export const hooksCommand = new Command("hooks")
+    .description("Manage GESF git hooks (pre-commit compliance enforcement)")
+    .addCommand(new Command("install")
+    .description("Install the pre-commit hook that runs ges audit before each commit")
+    .action(async () => {
+    const root = ensureGESInitialized();
+    const result = installHooks(root, ["pre-commit"]);
+    if (result.errors.length > 0) {
+        for (const err of result.errors) {
+            console.error(`  Error: ${err}`);
+        }
+        process.exit(1);
+    }
+    for (const h of result.installed) {
+        console.log(`  [✓] Installed hook: ${h}`);
+    }
+    for (const s of result.skipped) {
+        console.log(`  [!] Skipped: ${s}`);
+    }
+    console.log("\n  Pre-commit hook installed at: .git/hooks/pre-commit");
+    console.log("  The hook will run 'ges audit' before allowing commits.");
+    console.log("  To bypass: git commit --no-verify");
+    console.log("  To remove: ges hooks uninstall\n");
+}))
+    .addCommand(new Command("uninstall")
+    .description("Remove the GESF pre-commit hook")
+    .action(async () => {
+    const root = ensureGESInitialized();
+    const result = uninstallHooks(root, ["pre-commit"]);
+    for (const h of result.installed) {
+        console.log(`  [✓] ${h}`);
+    }
+    for (const s of result.skipped) {
+        console.log(`  [!] ${s}`);
+    }
+    console.log("\n  Pre-commit hook removed.\n");
+}));

package/dist/commands/init.js

@@ -2,7 +2,7 @@ import { Command } from "commander";
 import { input, select, checkbox } from "../utils/prompts.js";
 import { PROJECT_TYPES, FRAMEWORKS, DEFAULT_FRAMEWORKS, GESF_VERSION, GES_DIR, COMPLIANCE_DIR, SECURITY_DIR, CONTROLS_DIR, POLICIES_DIR, CHECKLISTS_DIR, DOCS_DIR, REPORTS_DIR, } from "@greenarmor/ges-core";
 import { getPacksForProjectType } from "@greenarmor/ges-policy-engine";
-import { generateComplianceDocs, generateSecurityDocs, generateConfigYaml, generateConfigJson, generateMetadataJson, generateFrameworkVersionJson, generateScoreJson, } from "@greenarmor/ges-doc-generator";
+import { generateComplianceDocs, generateSecurityDocs, generateConfigJson, generateMetadataJson, generateFrameworkVersionJson, generateScoreJson, } from "@greenarmor/ges-doc-generator";
 import { generateAllWorkflows } from "@greenarmor/ges-cicd-generator";
 import { writeFileSync } from "../utils/project.js";
 import { showNextStepsMenu } from "../utils/next-steps.js";
@@ -77,8 +77,6 @@ export const initCommand = new Command("init")
     for (const dir of dirs) {
         fs.mkdirSync(path.join(process.cwd(), dir), { recursive: true });
     }
-    const configYaml = generateConfigYaml(config);
-    writeFileSync(path.join(process.cwd(), configYaml.filePath), configYaml.content);
     const configJson = generateConfigJson(config);
     writeFileSync(path.join(process.cwd(), configJson.filePath), configJson.content);
     const metadata = generateMetadataJson(config);
@@ -95,7 +93,10 @@ export const initCommand = new Command("init")
     for (const doc of securityDocs) {
         writeFileSync(path.join(process.cwd(), doc.filePath), doc.content);
     }
-    const packs = getPacksForProjectType(projectType);
+    const allProjectPacks = getPacksForProjectType(projectType);
+    const fwLower = new Set(selectedFrameworks.map((f) => f.toLowerCase()));
+    const DOMAIN_PACKS = new Set(["ai", "blockchain", "government"]);
+    const packs = allProjectPacks.filter(pack => DOMAIN_PACKS.has(pack.id.toLowerCase()) || fwLower.has(pack.id.toLowerCase()));
     for (const pack of packs) {
         const packDir = path.join(process.cwd(), CONTROLS_DIR, pack.id);
         fs.mkdirSync(packDir, { recursive: true });

package/dist/commands/report.js

@@ -1,7 +1,7 @@
 import { Command } from "commander";
 import { ensureGESInitialized, readJsonFile, writeFileSync } from "../utils/project.js";
 import { getAllPacks } from "@greenarmor/ges-policy-engine";
-import { generateMarkdownReport, generateHtmlReport } from "@greenarmor/ges-report-generator";
+import { generateMarkdownReport, generateHtmlReport, generatePdfReport } from "@greenarmor/ges-report-generator";
 import { runAudit, deduplicateFindings } from "@greenarmor/ges-audit-engine";
 import { showNextStepsMenu } from "../utils/next-steps.js";
 import * as path from "node:path";
@@ -35,6 +35,10 @@ export const reportCommand = new Command("report")
         content = generateHtmlReport(reportOptions, score, controls, findings);
         ext = "html";
     }
+    else if (options.format === "pdf") {
+        content = generatePdfReport(reportOptions, score, controls, findings);
+        ext = "pdf";
+    }
     else {
         content = generateMarkdownReport(reportOptions, score, controls, findings);
         ext = "md";
@@ -44,9 +48,5 @@ export const reportCommand = new Command("report")
     writeFileSync(outputPath, content);
     console.log(`  Report generated: ${outputPath}`);
     console.log(`  ${findings.length} security findings included\n`);
-    if (options.format === "pdf") {
-        console.log("  Note: PDF generation requires pandoc:");
-        console.log(`    pandoc ${outputPath} -o ${outputPath.replace(".md", ".pdf")}\n`);
-    }
     await showNextStepsMenu("report");
 });

package/dist/utils/project.js

@@ -4,7 +4,8 @@ export const GES_DIR = ".ges";
 export function findProjectRoot(startDir = process.cwd()) {
     let dir = startDir;
     while (dir !== path.dirname(dir)) {
-        if (fs.existsSync(path.join(dir, GES_DIR, "config.yaml"))) {
+        if (fs.existsSync(path.join(dir, GES_DIR, "config.json")) ||
+            fs.existsSync(path.join(dir, GES_DIR, "config.yaml"))) {
             return dir;
         }
         dir = path.dirname(dir);

package/dist/utils/project.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/utils/project.test.js

@@ -0,0 +1,88 @@
+import { describe, it, expect, beforeEach, afterEach } from "vitest";
+import * as fs from "node:fs";
+import * as path from "node:path";
+import * as os from "node:os";
+import { findProjectRoot, readJsonFile, writeJsonFile, writeFileSync, GES_DIR, } from "./project.js";
+let tmpDir;
+let origCwd;
+beforeEach(() => {
+    tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), "gesf-cli-test-"));
+    origCwd = process.cwd();
+});
+afterEach(() => {
+    process.chdir(origCwd);
+    fs.rmSync(tmpDir, { recursive: true, force: true });
+});
+describe("findProjectRoot", () => {
+    it("finds root with config.json", () => {
+        fs.mkdirSync(path.join(tmpDir, GES_DIR));
+        fs.writeFileSync(path.join(tmpDir, GES_DIR, "config.json"), "{}");
+        expect(findProjectRoot(tmpDir)).toBe(tmpDir);
+    });
+    it("finds root with config.yaml (backwards compat)", () => {
+        fs.mkdirSync(path.join(tmpDir, GES_DIR));
+        fs.writeFileSync(path.join(tmpDir, GES_DIR, "config.yaml"), "name: test");
+        expect(findProjectRoot(tmpDir)).toBe(tmpDir);
+    });
+    it("returns null when no config found", () => {
+        expect(findProjectRoot(tmpDir)).toBeNull();
+    });
+    it("finds root from nested subdirectory", () => {
+        fs.mkdirSync(path.join(tmpDir, GES_DIR));
+        fs.writeFileSync(path.join(tmpDir, GES_DIR, "config.json"), "{}");
+        const nested = path.join(tmpDir, "src", "deep", "path");
+        fs.mkdirSync(nested, { recursive: true });
+        expect(findProjectRoot(nested)).toBe(tmpDir);
+    });
+});
+describe("readJsonFile", () => {
+    it("reads valid JSON", () => {
+        const filePath = path.join(tmpDir, "test.json");
+        fs.writeFileSync(filePath, '{"name":"test","value":42}');
+        const result = readJsonFile(filePath);
+        expect(result).not.toBeNull();
+        expect(result.name).toBe("test");
+        expect(result.value).toBe(42);
+    });
+    it("returns null for missing file", () => {
+        expect(readJsonFile(path.join(tmpDir, "nonexistent.json"))).toBeNull();
+    });
+    it("returns null for invalid JSON", () => {
+        const filePath = path.join(tmpDir, "bad.json");
+        fs.writeFileSync(filePath, "{not valid json}");
+        expect(readJsonFile(filePath)).toBeNull();
+    });
+});
+describe("writeJsonFile", () => {
+    it("writes JSON to file", () => {
+        const filePath = path.join(tmpDir, "output.json");
+        writeJsonFile(filePath, { name: "test", items: [1, 2, 3] });
+        const content = fs.readFileSync(filePath, "utf-8");
+        const parsed = JSON.parse(content);
+        expect(parsed.name).toBe("test");
+        expect(parsed.items).toEqual([1, 2, 3]);
+    });
+    it("creates parent directories", () => {
+        const filePath = path.join(tmpDir, "nested", "dir", "output.json");
+        writeJsonFile(filePath, { ok: true });
+        expect(fs.existsSync(filePath)).toBe(true);
+    });
+});
+describe("writeFileSync", () => {
+    it("writes content to file", () => {
+        const filePath = path.join(tmpDir, "test.txt");
+        writeFileSync(filePath, "hello world");
+        expect(fs.readFileSync(filePath, "utf-8")).toBe("hello world");
+    });
+    it("creates parent directories if needed", () => {
+        const filePath = path.join(tmpDir, "a", "b", "c", "file.txt");
+        writeFileSync(filePath, "nested");
+        expect(fs.existsSync(filePath)).toBe(true);
+    });
+    it("overwrites existing file", () => {
+        const filePath = path.join(tmpDir, "overwrite.txt");
+        writeFileSync(filePath, "first");
+        writeFileSync(filePath, "second");
+        expect(fs.readFileSync(filePath, "utf-8")).toBe("second");
+    });
+});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@greenarmor/ges",
-  "version": "1.0.0",
+  "version": "1.1.0",
   "description": "Green Engineering Standard Framework - Compliance-as-Code CLI",
   "type": "module",
   "main": "./dist/index.js",
@@ -11,23 +11,32 @@
   "files": [
     "dist"
   ],
+  "scripts": {
+    "build": "tsc",
+    "clean": "rm -rf dist tsconfig.tsbuildinfo",
+    "prepublishOnly": "pnpm -r run build",
+    "test": "vitest run"
+  },
   "dependencies": {
-    "commander": "^13.0.0",
-    "@greenarmor/ges-audit-engine": "1.0.0",
-    "@greenarmor/ges-compliance-engine": "1.0.0",
-    "@greenarmor/ges-cicd-generator": "1.0.0",
-    "@greenarmor/ges-core": "1.0.0",
-    "@greenarmor/ges-doc-generator": "1.0.0",
-    "@greenarmor/ges-policy-engine": "1.0.0",
-    "@greenarmor/ges-rules-engine": "1.0.0",
-    "@greenarmor/ges-scanner-integration": "1.0.0",
-    "@greenarmor/ges-mcp-server": "1.0.0",
-    "@greenarmor/ges-scoring-engine": "1.0.0",
-    "@greenarmor/ges-report-generator": "1.0.0"
+    "@greenarmor/ges-audit-engine": "workspace:*",
+    "@greenarmor/ges-cicd-generator": "workspace:*",
+    "@greenarmor/ges-compliance-engine": "workspace:*",
+    "@greenarmor/ges-core": "workspace:*",
+    "@greenarmor/ges-doc-generator": "workspace:*",
+    "@greenarmor/ges-policy-engine": "workspace:*",
+    "@greenarmor/ges-report-generator": "workspace:*",
+    "@greenarmor/ges-rules-engine": "workspace:*",
+    "@greenarmor/ges-scanner-integration": "workspace:*",
+    "@greenarmor/ges-scoring-engine": "workspace:*",
+    "@greenarmor/ges-mcp-server": "workspace:*",
+    "@greenarmor/ges-git-hooks": "workspace:*",
+    "@greenarmor/ges-web-dashboard": "workspace:*",
+    "commander": "^13.0.0"
   },
   "devDependencies": {
     "@types/node": "^22.0.0",
-    "typescript": "^6.0.0"
+    "typescript": "^6.0.0",
+    "vitest": "^4.1.8"
   },
   "engines": {
     "node": ">=20.0.0"
@@ -48,10 +57,5 @@
     "type": "git",
     "url": "https://github.com/greenarmor/gesf"
   },
-  "homepage": "https://github.com/greenarmor/gesf",
-  "scripts": {
-    "build": "tsc",
-    "clean": "rm -rf dist tsconfig.tsbuildinfo",
-    "test": "echo \"no tests yet\""
-  }
-}
+  "homepage": "https://github.com/greenarmor/gesf"
+}

package/LICENSE

@@ -1,21 +0,0 @@
-MIT License
-
-Copyright (c) 2025–2026 greenarmor
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.