@greenarmor/ges 1.2.4 → 1.2.6

package/dist/commands/audit.js

@@ -1,5 +1,6 @@
 import { Command } from "commander";
 import { ensureGESInitialized, readJsonFile, writeJsonFile } from "../utils/project.js";
+import { recordActivity, loadControlsFromDisk } from "@greenarmor/ges-core";
 import { getPacksForProjectType, getAllPacks } from "@greenarmor/ges-policy-engine";
 import { generateScoreFile, formatScoreOutput } from "@greenarmor/ges-scoring-engine";
 import { runAudit, runAuditIncremental, deduplicateFindings } from "@greenarmor/ges-audit-engine";
@@ -36,16 +37,21 @@ export const auditCommand = new Command("audit")
     }
     const findings = deduplicateFindings(rawFindings);
     console.log("");
-    const frameworks = (config?.frameworks || ["GDPR", "OWASP"]);
+    const configFrameworks = (config?.frameworks || ["GDPR", "OWASP"]);
     const projectPacks = getPacksForProjectType(config?.project_type || "generic-web-application");
     const packIds = new Set(projectPacks.map(p => p.id));
-    const fwLower = new Set(frameworks.map(f => f.toLowerCase()));
+    const fwLower = new Set(configFrameworks.map(f => f.toLowerCase()));
     const allPacks = getAllPacks();
     for (const p of allPacks) {
         if (fwLower.has(p.id))
             packIds.add(p.id);
     }
-    const controls = allPacks.filter(p => packIds.has(p.id)).flatMap(p => p.controls);
+    const memoryControls = allPacks.filter(p => packIds.has(p.id)).flatMap(p => p.controls);
+    const diskControls = loadControlsFromDisk(root);
+    const seenIds = new Set(memoryControls.map(c => c.id));
+    const extraFromDisk = diskControls.filter(c => !seenIds.has(c.id));
+    const controls = [...memoryControls, ...extraFromDisk];
+    const frameworks = [...new Set(controls.map(c => c.framework).filter(Boolean))];
     const overrides = loadControlOverrides(root);
     const updatedControls = applyControlOverrides(controls, overrides);
     const auditedControls = updateControlsFromFindings(updatedControls, findings);
@@ -107,6 +113,14 @@ export const auditCommand = new Command("audit")
     if (critical.length > 0) {
         console.log("  !! Critical issues must be resolved before deployment. !!\n");
     }
+    recordActivity(root, {
+        source: "cli",
+        action: "audit",
+        title: `Compliance audit completed`,
+        description: `Scanned ${scannedFiles} files, found ${findings.length} findings (${critical.length} critical, ${high.length} high, ${medium.length} medium, ${low.length} low). Overall score: ${scoreData.overall}%.`,
+        status: critical.length > 0 ? "failed" : findings.length > 0 ? "partial" : "success",
+        details: { findings_count: findings.length, score: scoreData.overall, files_scanned: scannedFiles },
+    });
     if (options.ci && critical.length > 0) {
         process.exit(1);
     }

package/dist/commands/control.js

@@ -1,5 +1,6 @@
 import { Command } from "commander";
 import { ensureGESInitialized, readJsonFile, writeJsonFile } from "../utils/project.js";
+import { recordActivity } from "@greenarmor/ges-core";
 import { getAllPacks } from "@greenarmor/ges-policy-engine";
 import * as path from "node:path";
 const VALID_STATUSES = ["pass", "fail", "warning", "not-applicable", "not-implemented"];
@@ -38,4 +39,11 @@ export const controlCommand = new Command("control")
     console.log(`      Reason: ${options.reason || `Manually set to ${normalizedStatus}`}`);
     console.log(`\n  Override saved to: ${overridePath}`);
     console.log(`  Run 'ges audit' to see the updated compliance score.\n`);
+    recordActivity(root, {
+        source: "cli",
+        action: "control_override",
+        title: `Control ${controlId} → ${normalizedStatus}`,
+        description: `Manually set control ${control.name} (${controlId}) to ${normalizedStatus}. Reason: ${options.reason || `Manually set to ${normalizedStatus}`}`,
+        details: { controls_affected: [controlId] },
+    });
 });

package/dist/commands/fix.js

@@ -2,20 +2,27 @@ import { Command } from "commander";
 import { ensureGESInitialized } from "../utils/project.js";
 import { runAudit, deduplicateFindings } from "@greenarmor/ges-audit-engine";
 import { createAutoFixPlan, applyAutoFixAction, getNpmInstallsFromActions } from "@greenarmor/ges-mcp-server";
-import { appendFixHistory, createFixHistoryEntry } from "@greenarmor/ges-core";
+import { appendFixHistory, createFixHistoryEntry, recordActivity, loadControlsFromDisk, loadControlOverrides, applyOverridesToControls } from "@greenarmor/ges-core";
 import { getAllPacks } from "@greenarmor/ges-policy-engine";
 import * as fs from "node:fs";
 import * as path from "node:path";
 function loadProjectControls(root) {
     try {
         const configPath = path.join(root, ".ges", "config.json");
-        if (!fs.existsSync(configPath))
-            return [];
-        const config = JSON.parse(fs.readFileSync(configPath, "utf-8"));
-        const fwLower = new Set(config.frameworks.map((f) => f.toLowerCase()));
-        const allPacks = getAllPacks();
-        const filtered = allPacks.filter(pack => fwLower.has(pack.id.toLowerCase()));
-        return filtered.flatMap((p) => p.controls);
+        let inMemoryControls = [];
+        if (fs.existsSync(configPath)) {
+            const config = JSON.parse(fs.readFileSync(configPath, "utf-8"));
+            const fwLower = new Set(config.frameworks.map((f) => f.toLowerCase()));
+            const allPacks = getAllPacks();
+            const filtered = allPacks.filter(pack => fwLower.has(pack.id.toLowerCase()));
+            inMemoryControls = filtered.flatMap((p) => p.controls);
+        }
+        const diskControls = loadControlsFromDisk(root);
+        const seenIds = new Set(inMemoryControls.map(c => c.id));
+        const extraFromDisk = diskControls.filter(c => !seenIds.has(c.id));
+        const controls = [...inMemoryControls, ...extraFromDisk];
+        const overrides = loadControlOverrides(root);
+        return applyOverridesToControls(controls, overrides);
     }
     catch {
         return [];
@@ -154,6 +161,14 @@ export const fixCommand = new Command("fix")
     console.log("    2. Review changes: git diff");
     console.log("    3. Re-run audit: ges audit");
     console.log("");
+    recordActivity(root, {
+        source: "cli",
+        action: "fix",
+        title: `Auto-fix ${dryRun ? "planned" : "applied"}: ${applied} fixes`,
+        description: `${dryRun ? "Planned" : "Applied"} ${applied} fix(es) across ${actions.length} action(s)${failed > 0 ? ` (${failed} failed)` : ""}. Scanned ${scannedFiles} files, ${findings.length} findings found.`,
+        status: failed > 0 ? "partial" : "success",
+        details: { fixes_applied: applied, findings_count: findings.length, files_scanned: scannedFiles },
+    });
     if (options.ci && (findings.length > 0 && failed < findings.length) === false && findings.length > 0) {
         process.exit(1);
     }

package/dist/commands/generate.js

@@ -1,5 +1,6 @@
 import { Command } from "commander";
 import { ensureGESInitialized, readJsonFile, writeFileSync } from "../utils/project.js";
+import { recordActivity } from "@greenarmor/ges-core";
 import { generateComplianceDocs, generateSecurityDocs } from "@greenarmor/ges-doc-generator";
 import { generateAllWorkflows } from "@greenarmor/ges-cicd-generator";
 import { showNextStepsMenu } from "../utils/next-steps.js";
@@ -22,6 +23,8 @@ export const generateCommand = new Command("generate")
         console.log("  Specify --docs, --workflows, or --all");
         return;
     }
+    let docCount = 0;
+    let wfCount = 0;
     if (doDocs) {
         console.log("  Generating compliance documents...");
         const complianceDocs = generateComplianceDocs(config.project_name, config.project_type);
@@ -33,6 +36,7 @@ export const generateCommand = new Command("generate")
         for (const doc of securityDocs) {
             writeFileSync(path.join(root, doc.filePath), doc.content);
         }
+        docCount = complianceDocs.length + securityDocs.length;
         console.log("  ✓ Documents generated");
     }
     if (doWorkflows) {
@@ -41,8 +45,16 @@ export const generateCommand = new Command("generate")
         for (const wf of workflows) {
             writeFileSync(path.join(root, wf.filePath), wf.content);
         }
+        wfCount = workflows.length;
         console.log("  ✓ Workflows generated");
     }
     console.log("");
+    recordActivity(root, {
+        source: "cli",
+        action: "generate",
+        title: `Generated ${docCount} docs, ${wfCount} workflows`,
+        description: `Regenerated ${doDocs ? `${docCount} documents` : ""}${doDocs && doWorkflows ? " and " : ""}${doWorkflows ? `${wfCount} CI/CD workflows` : ""} for ${config.project_name}.`,
+        details: { files_count: docCount + wfCount },
+    });
     await showNextStepsMenu("generate");
 });

package/dist/commands/hooks.js

@@ -1,6 +1,7 @@
 import { Command } from "commander";
 import { ensureGESInitialized } from "../utils/project.js";
 import { installHooks, uninstallHooks } from "@greenarmor/ges-git-hooks";
+import { recordActivity } from "@greenarmor/ges-core";
 export const hooksCommand = new Command("hooks")
     .description("Manage GESF git hooks (pre-commit compliance enforcement)")
     .addCommand(new Command("install")
@@ -24,6 +25,12 @@ export const hooksCommand = new Command("hooks")
     console.log("  The hook will run 'ges audit' before allowing commits.");
     console.log("  To bypass: git commit --no-verify");
     console.log("  To remove: ges hooks uninstall\n");
+    recordActivity(root, {
+        source: "cli",
+        action: "hooks_install",
+        title: `Git hooks installed (${result.installed.length})`,
+        description: `Installed pre-commit hook that runs 'ges audit' before each commit.`,
+    });
 }))
     .addCommand(new Command("uninstall")
     .description("Remove the GESF pre-commit hook")
@@ -37,4 +44,10 @@ export const hooksCommand = new Command("hooks")
         console.log(`  [!] ${s}`);
     }
     console.log("\n  Pre-commit hook removed.\n");
+    recordActivity(root, {
+        source: "cli",
+        action: "hooks_uninstall",
+        title: `Git hooks removed`,
+        description: `Removed pre-commit hook.`,
+    });
 }));

package/dist/commands/init.js

@@ -2,6 +2,7 @@ import { Command } from "commander";
 import { input, select, checkbox } from "../utils/prompts.js";
 import { PROJECT_TYPES, FRAMEWORKS, DEFAULT_FRAMEWORKS, GES_DIR, COMPLIANCE_DIR, SECURITY_DIR, CONTROLS_DIR, POLICIES_DIR, CHECKLISTS_DIR, DOCS_DIR, REPORTS_DIR, } from "@greenarmor/ges-core";
 import { CLI_VERSION } from "../utils/version.js";
+import { recordActivity } from "@greenarmor/ges-core";
 import { getPacksForProjectType } from "@greenarmor/ges-policy-engine";
 import { generateComplianceDocs, generateSecurityDocs, generateConfigJson, generateMetadataJson, generateFrameworkVersionJson, generateScoreJson, } from "@greenarmor/ges-doc-generator";
 import { generateAllWorkflows } from "@greenarmor/ges-cicd-generator";
@@ -74,10 +75,22 @@ export const initCommand = new Command("init")
         created_at: now,
         version: CLI_VERSION,
     };
-    const dirs = [GES_DIR, COMPLIANCE_DIR, SECURITY_DIR, CONTROLS_DIR, POLICIES_DIR, CHECKLISTS_DIR, DOCS_DIR, REPORTS_DIR];
+    const dirs = [GES_DIR, COMPLIANCE_DIR, SECURITY_DIR, CONTROLS_DIR, POLICIES_DIR, CHECKLISTS_DIR, DOCS_DIR, REPORTS_DIR, ".dev-logs"];
     for (const dir of dirs) {
         fs.mkdirSync(path.join(process.cwd(), dir), { recursive: true });
     }
+    const gitignorePath = path.join(process.cwd(), ".gitignore");
+    const devLogsIgnore = ".dev-logs/\n";
+    if (fs.existsSync(gitignorePath)) {
+        const existing = fs.readFileSync(gitignorePath, "utf-8");
+        if (!existing.includes(".dev-logs/")) {
+            fs.appendFileSync(gitignorePath, `\n# GESF developer logs (not for remote)\n${devLogsIgnore}`);
+        }
+    }
+    else {
+        writeFileSync(gitignorePath, `# GESF developer logs (not for remote)\n${devLogsIgnore}\n`);
+    }
+    writeFileSync(path.join(process.cwd(), ".dev-logs", "README.md"), `# Developer Logs\n\nThis directory is for GESF development notes, session logs, AI recommendations, and release notes.\n\n**This directory is gitignored and intended for developers only. Do not submit to remote.**\n\n## Structure\n\n- \`session-*.md\` — Session logs\n- \`release-notes-*.md\` — Release notes\n- \`ai-recommendations/\` — Recommendations from AI assistants using the MCP server\n`);
     const configJson = generateConfigJson(config);
     writeFileSync(path.join(process.cwd(), configJson.filePath), configJson.content);
     const metadata = generateMetadataJson(config);
@@ -113,10 +126,18 @@ export const initCommand = new Command("init")
     console.log("  ✓ Security documents created");
     console.log("  ✓ Control packs installed:", packs.map(p => p.id).join(", "));
     console.log("  ✓ GitHub Actions workflows generated");
+    console.log("  ✓ Developer logs directory created (.dev-logs/)");
     console.log(`\n  GESF initialized for "${projectName}" (${projectType})`);
     console.log("  Next steps:");
     console.log("    1. Review generated compliance documents");
     console.log("    2. Run 'ges audit' to evaluate your project");
     console.log("    3. Run 'ges score' to see your compliance score\n");
+    recordActivity(process.cwd(), {
+        source: "cli",
+        action: "init",
+        title: `Project initialized: ${projectName}`,
+        description: `Initialized GESF for ${projectType} project with frameworks: ${selectedFrameworks.join(", ")}. Installed ${packs.length} policy packs: ${packs.map(p => p.id).join(", ")}.`,
+        details: { packs_affected: packs.map(p => p.id), frameworks_added: selectedFrameworks.map((f) => String(f)) },
+    });
     await showNextStepsMenu("init");
 });

package/dist/commands/policy.js

@@ -1,6 +1,7 @@
 import { Command } from "commander";
 import { getAllPacks, listPackIds } from "@greenarmor/ges-policy-engine";
 import { ensureGESInitialized, writeFileSync } from "../utils/project.js";
+import { addFrameworkToConfig, removeFrameworkFromConfig, recordActivity } from "@greenarmor/ges-core";
 import { showNextStepsMenu } from "../utils/next-steps.js";
 import * as fs from "node:fs";
 import * as path from "node:path";
@@ -34,7 +35,24 @@ policyCmd
     const packDir = path.join(root, "controls", pack.id);
     fs.mkdirSync(packDir, { recursive: true });
     writeFileSync(path.join(packDir, "controls.json"), JSON.stringify(pack.controls, null, 2));
-    console.log(`\n  ✓ Installed policy pack: ${pack.id} (${pack.controls.length} controls)\n`);
+    const frameworksAdded = [];
+    for (const fw of pack.frameworks) {
+        if (addFrameworkToConfig(root, fw)) {
+            frameworksAdded.push(fw);
+        }
+    }
+    console.log(`\n  ✓ Installed policy pack: ${pack.id} (${pack.controls.length} controls)`);
+    if (frameworksAdded.length > 0) {
+        console.log(`  ✓ Added ${frameworksAdded.join(", ")} to project frameworks in .ges/config.json`);
+    }
+    console.log("  ✓ Dashboard will now reflect this pack's controls\n");
+    recordActivity(root, {
+        source: "cli",
+        action: "policy_install",
+        title: `Installed pack: ${pack.name}`,
+        description: `Installed ${pack.controls.length} controls from ${pack.id} pack.${frameworksAdded.length > 0 ? ` Added ${frameworksAdded.join(", ")} to config frameworks.` : ""}`,
+        details: { packs_affected: [pack.id], frameworks_added: frameworksAdded },
+    });
     await showNextStepsMenu("policy-install");
 });
 policyCmd
@@ -48,7 +66,24 @@ policyCmd
         process.exit(1);
     }
     fs.rmSync(packDir, { recursive: true, force: true });
+    const packs = getAllPacks();
+    const pack = packs.find(p => p.id === packId);
+    if (pack) {
+        for (const fw of pack.frameworks) {
+            removeFrameworkFromConfig(root, fw);
+        }
+    }
+    else {
+        removeFrameworkFromConfig(root, packId.toUpperCase());
+    }
     console.log(`\n  ✓ Removed policy pack: ${packId}\n`);
+    recordActivity(root, {
+        source: "cli",
+        action: "policy_remove",
+        title: `Removed pack: ${packId}`,
+        description: `Removed ${packId} pack and its controls from the project.`,
+        details: { packs_affected: [packId] },
+    });
     await showNextStepsMenu("policy-remove");
 });
 export const policyCommand = policyCmd;

package/dist/commands/scan.js

@@ -1,6 +1,7 @@
 import { Command } from "commander";
 import { ensureGESInitialized } from "../utils/project.js";
 import { runAllScansWithSbom, formatScanResults, formatSbomResults, detectProject } from "@greenarmor/ges-scanner-integration";
+import { recordActivity } from "@greenarmor/ges-core";
 import { showNextStepsMenu } from "../utils/next-steps.js";
 export const scanCommand = new Command("scan")
     .description("Run security scans")
@@ -18,6 +19,13 @@ export const scanCommand = new Command("scan")
     const results = runAllScansWithSbom(detection);
     console.log(formatScanResults(results));
     console.log(formatSbomResults(results));
+    recordActivity(root, {
+        source: "cli",
+        action: "scan",
+        title: `Security scans completed (${results.length} tools)`,
+        description: `Ran ${results.length} scanner(s) for ${detail} ecosystem. ${results.filter(r => r.status === "pass").length} passed, ${results.filter(r => r.status === "fail").length} failed.`,
+        status: results.some(r => r.status === "fail") ? "partial" : "success",
+    });
     if (options.ci) {
         const failed = results.filter(r => r.status === "fail");
         if (failed.length > 0) {

package/dist/commands/score.js

@@ -1,5 +1,6 @@
 import { Command } from "commander";
 import { ensureGESInitialized, readJsonFile } from "../utils/project.js";
+import { recordActivity } from "@greenarmor/ges-core";
 import { formatScoreOutput } from "@greenarmor/ges-scoring-engine";
 import { showNextStepsMenu } from "../utils/next-steps.js";
 import * as path from "node:path";
@@ -22,5 +23,12 @@ export const scoreCommand = new Command("score")
         console.log(formatScoreOutput(score));
         console.log(`  Last evaluated: ${score.evaluated_at}\n`);
     }
+    recordActivity(root, {
+        source: "cli",
+        action: "score",
+        title: `Score displayed: ${score.overall}% (${score.overall_grade})`,
+        description: `Compliance score: ${score.overall}% (Grade ${score.overall_grade}) across ${Object.keys(score.frameworks).length} frameworks.`,
+        details: { score: score.overall },
+    });
     await showNextStepsMenu("score");
 });

package/dist/commands/validate.js

@@ -2,6 +2,7 @@ import { Command } from "commander";
 import { ensureGESInitialized, readJsonFile } from "../utils/project.js";
 import { ProjectConfigSchema } from "@greenarmor/ges-core";
 import { GES_DIR } from "@greenarmor/ges-core";
+import { recordActivity } from "@greenarmor/ges-core";
 import { showNextStepsMenu } from "../utils/next-steps.js";
 import * as fs from "node:fs";
 import * as path from "node:path";
@@ -59,6 +60,13 @@ export const validateCommand = new Command("validate")
         }
     }
     console.log(hasErrors ? "\n  Validation failed.\n" : "\n  All validations passed.\n");
+    recordActivity(root, {
+        source: "cli",
+        action: "validate",
+        title: `Validation ${hasErrors ? "failed" : "passed"}`,
+        description: hasErrors ? "Configuration or directory structure has issues." : "All configuration, controls, and directories validated successfully.",
+        status: hasErrors ? "failed" : "success",
+    });
     if (hasErrors)
         process.exit(1);
     await showNextStepsMenu("validate");

package/package.json

@@ -3,19 +3,19 @@
     "ges": "./dist/cli.js"
   },
   "dependencies": {
-    "@greenarmor/ges-audit-engine": "1.2.4",
-    "@greenarmor/ges-cicd-generator": "1.2.4",
-    "@greenarmor/ges-compliance-engine": "1.2.4",
-    "@greenarmor/ges-core": "1.2.4",
-    "@greenarmor/ges-doc-generator": "1.2.4",
-    "@greenarmor/ges-git-hooks": "1.2.4",
-    "@greenarmor/ges-mcp-server": "1.2.4",
-    "@greenarmor/ges-policy-engine": "1.2.4",
-    "@greenarmor/ges-report-generator": "1.2.4",
-    "@greenarmor/ges-rules-engine": "1.2.4",
-    "@greenarmor/ges-scanner-integration": "1.2.4",
-    "@greenarmor/ges-scoring-engine": "1.2.4",
-    "@greenarmor/ges-web-dashboard": "1.2.4",
+    "@greenarmor/ges-audit-engine": "1.2.6",
+    "@greenarmor/ges-cicd-generator": "1.2.6",
+    "@greenarmor/ges-compliance-engine": "1.2.6",
+    "@greenarmor/ges-core": "1.2.6",
+    "@greenarmor/ges-doc-generator": "1.2.6",
+    "@greenarmor/ges-git-hooks": "1.2.6",
+    "@greenarmor/ges-mcp-server": "1.2.6",
+    "@greenarmor/ges-policy-engine": "1.2.6",
+    "@greenarmor/ges-report-generator": "1.2.6",
+    "@greenarmor/ges-rules-engine": "1.2.6",
+    "@greenarmor/ges-scanner-integration": "1.2.6",
+    "@greenarmor/ges-scoring-engine": "1.2.6",
+    "@greenarmor/ges-web-dashboard": "1.2.6",
     "commander": "^13.0.0"
   },
   "description": "Green Engineering Standard Framework - Compliance-as-Code CLI",
@@ -53,7 +53,7 @@
   },
   "type": "module",
   "types": "./dist/index.d.ts",
-  "version": "1.2.4",
+  "version": "1.2.6",
   "scripts": {
     "build": "tsc",
     "clean": "rm -rf dist tsconfig.tsbuildinfo",