npm - @greenarmor/ges - Versions diffs - 1.2.5 → 1.2.6 - Mend

@greenarmor/ges 1.2.5 → 1.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/commands/audit.js CHANGED Viewed

@@ -1,6 +1,6 @@
 import { Command } from "commander";
 import { ensureGESInitialized, readJsonFile, writeJsonFile } from "../utils/project.js";
-import { recordActivity } from "@greenarmor/ges-core";
+import { recordActivity, loadControlsFromDisk } from "@greenarmor/ges-core";
 import { getPacksForProjectType, getAllPacks } from "@greenarmor/ges-policy-engine";
 import { generateScoreFile, formatScoreOutput } from "@greenarmor/ges-scoring-engine";
 import { runAudit, runAuditIncremental, deduplicateFindings } from "@greenarmor/ges-audit-engine";
@@ -37,16 +37,21 @@ export const auditCommand = new Command("audit")
     }
     const findings = deduplicateFindings(rawFindings);
     console.log("");
-    const frameworks = (config?.frameworks || ["GDPR", "OWASP"]);
+    const configFrameworks = (config?.frameworks || ["GDPR", "OWASP"]);
     const projectPacks = getPacksForProjectType(config?.project_type || "generic-web-application");
     const packIds = new Set(projectPacks.map(p => p.id));
-    const fwLower = new Set(frameworks.map(f => f.toLowerCase()));
+    const fwLower = new Set(configFrameworks.map(f => f.toLowerCase()));
     const allPacks = getAllPacks();
     for (const p of allPacks) {
         if (fwLower.has(p.id))
             packIds.add(p.id);
     }
-    const controls = allPacks.filter(p => packIds.has(p.id)).flatMap(p => p.controls);
+    const memoryControls = allPacks.filter(p => packIds.has(p.id)).flatMap(p => p.controls);
+    const diskControls = loadControlsFromDisk(root);
+    const seenIds = new Set(memoryControls.map(c => c.id));
+    const extraFromDisk = diskControls.filter(c => !seenIds.has(c.id));
+    const controls = [...memoryControls, ...extraFromDisk];
+    const frameworks = [...new Set(controls.map(c => c.framework).filter(Boolean))];
     const overrides = loadControlOverrides(root);
     const updatedControls = applyControlOverrides(controls, overrides);
     const auditedControls = updateControlsFromFindings(updatedControls, findings);

package/dist/commands/init.js CHANGED Viewed

@@ -75,10 +75,22 @@ export const initCommand = new Command("init")
         created_at: now,
         version: CLI_VERSION,
     };
-    const dirs = [GES_DIR, COMPLIANCE_DIR, SECURITY_DIR, CONTROLS_DIR, POLICIES_DIR, CHECKLISTS_DIR, DOCS_DIR, REPORTS_DIR];
+    const dirs = [GES_DIR, COMPLIANCE_DIR, SECURITY_DIR, CONTROLS_DIR, POLICIES_DIR, CHECKLISTS_DIR, DOCS_DIR, REPORTS_DIR, ".dev-logs"];
     for (const dir of dirs) {
         fs.mkdirSync(path.join(process.cwd(), dir), { recursive: true });
     }
+    const gitignorePath = path.join(process.cwd(), ".gitignore");
+    const devLogsIgnore = ".dev-logs/\n";
+    if (fs.existsSync(gitignorePath)) {
+        const existing = fs.readFileSync(gitignorePath, "utf-8");
+        if (!existing.includes(".dev-logs/")) {
+            fs.appendFileSync(gitignorePath, `\n# GESF developer logs (not for remote)\n${devLogsIgnore}`);
+        }
+    }
+    else {
+        writeFileSync(gitignorePath, `# GESF developer logs (not for remote)\n${devLogsIgnore}\n`);
+    }
+    writeFileSync(path.join(process.cwd(), ".dev-logs", "README.md"), `# Developer Logs\n\nThis directory is for GESF development notes, session logs, AI recommendations, and release notes.\n\n**This directory is gitignored and intended for developers only. Do not submit to remote.**\n\n## Structure\n\n- \`session-*.md\` — Session logs\n- \`release-notes-*.md\` — Release notes\n- \`ai-recommendations/\` — Recommendations from AI assistants using the MCP server\n`);
     const configJson = generateConfigJson(config);
     writeFileSync(path.join(process.cwd(), configJson.filePath), configJson.content);
     const metadata = generateMetadataJson(config);
@@ -114,6 +126,7 @@ export const initCommand = new Command("init")
     console.log("  ✓ Security documents created");
     console.log("  ✓ Control packs installed:", packs.map(p => p.id).join(", "));
     console.log("  ✓ GitHub Actions workflows generated");
+    console.log("  ✓ Developer logs directory created (.dev-logs/)");
     console.log(`\n  GESF initialized for "${projectName}" (${projectType})`);
     console.log("  Next steps:");
     console.log("    1. Review generated compliance documents");

package/dist/commands/policy.js CHANGED Viewed

@@ -35,18 +35,23 @@ policyCmd
     const packDir = path.join(root, "controls", pack.id);
     fs.mkdirSync(packDir, { recursive: true });
     writeFileSync(path.join(packDir, "controls.json"), JSON.stringify(pack.controls, null, 2));
-    const addedToConfig = addFrameworkToConfig(root, pack.id.toUpperCase());
+    const frameworksAdded = [];
+    for (const fw of pack.frameworks) {
+        if (addFrameworkToConfig(root, fw)) {
+            frameworksAdded.push(fw);
+        }
+    }
     console.log(`\n  ✓ Installed policy pack: ${pack.id} (${pack.controls.length} controls)`);
-    if (addedToConfig) {
-        console.log(`  ✓ Added ${pack.id.toUpperCase()} to project frameworks in .ges/config.json`);
+    if (frameworksAdded.length > 0) {
+        console.log(`  ✓ Added ${frameworksAdded.join(", ")} to project frameworks in .ges/config.json`);
     }
     console.log("  ✓ Dashboard will now reflect this pack's controls\n");
     recordActivity(root, {
         source: "cli",
         action: "policy_install",
         title: `Installed pack: ${pack.name}`,
-        description: `Installed ${pack.controls.length} controls from ${pack.id} pack.${addedToConfig ? ` Added ${pack.id.toUpperCase()} to config frameworks.` : ""}`,
-        details: { packs_affected: [pack.id], frameworks_added: addedToConfig ? [pack.id.toUpperCase()] : [] },
+        description: `Installed ${pack.controls.length} controls from ${pack.id} pack.${frameworksAdded.length > 0 ? ` Added ${frameworksAdded.join(", ")} to config frameworks.` : ""}`,
+        details: { packs_affected: [pack.id], frameworks_added: frameworksAdded },
     });
     await showNextStepsMenu("policy-install");
 });
@@ -61,7 +66,16 @@ policyCmd
         process.exit(1);
     }
     fs.rmSync(packDir, { recursive: true, force: true });
-    removeFrameworkFromConfig(root, packId.toUpperCase());
+    const packs = getAllPacks();
+    const pack = packs.find(p => p.id === packId);
+    if (pack) {
+        for (const fw of pack.frameworks) {
+            removeFrameworkFromConfig(root, fw);
+        }
+    }
+    else {
+        removeFrameworkFromConfig(root, packId.toUpperCase());
+    }
     console.log(`\n  ✓ Removed policy pack: ${packId}\n`);
     recordActivity(root, {
         source: "cli",

package/package.json CHANGED Viewed

@@ -3,19 +3,19 @@
     "ges": "./dist/cli.js"
   },
   "dependencies": {
-    "@greenarmor/ges-audit-engine": "1.2.5",
-    "@greenarmor/ges-cicd-generator": "1.2.5",
-    "@greenarmor/ges-compliance-engine": "1.2.5",
-    "@greenarmor/ges-core": "1.2.5",
-    "@greenarmor/ges-doc-generator": "1.2.5",
-    "@greenarmor/ges-git-hooks": "1.2.5",
-    "@greenarmor/ges-mcp-server": "1.2.5",
-    "@greenarmor/ges-policy-engine": "1.2.5",
-    "@greenarmor/ges-report-generator": "1.2.5",
-    "@greenarmor/ges-rules-engine": "1.2.5",
-    "@greenarmor/ges-scanner-integration": "1.2.5",
-    "@greenarmor/ges-scoring-engine": "1.2.5",
-    "@greenarmor/ges-web-dashboard": "1.2.5",
+    "@greenarmor/ges-audit-engine": "1.2.6",
+    "@greenarmor/ges-cicd-generator": "1.2.6",
+    "@greenarmor/ges-compliance-engine": "1.2.6",
+    "@greenarmor/ges-core": "1.2.6",
+    "@greenarmor/ges-doc-generator": "1.2.6",
+    "@greenarmor/ges-git-hooks": "1.2.6",
+    "@greenarmor/ges-mcp-server": "1.2.6",
+    "@greenarmor/ges-policy-engine": "1.2.6",
+    "@greenarmor/ges-report-generator": "1.2.6",
+    "@greenarmor/ges-rules-engine": "1.2.6",
+    "@greenarmor/ges-scanner-integration": "1.2.6",
+    "@greenarmor/ges-scoring-engine": "1.2.6",
+    "@greenarmor/ges-web-dashboard": "1.2.6",
     "commander": "^13.0.0"
   },
   "description": "Green Engineering Standard Framework - Compliance-as-Code CLI",
@@ -53,7 +53,7 @@
   },
   "type": "module",
   "types": "./dist/index.d.ts",
-  "version": "1.2.5",
+  "version": "1.2.6",
   "scripts": {
     "build": "tsc",
     "clean": "rm -rf dist tsconfig.tsbuildinfo",