@harness-engineering/cli 1.9.0 → 1.11.0

package/dist/chunk-TRAPF4IX.js

@@ -0,0 +1,185 @@
+// src/persona/trigger-detector.ts
+import * as fs from "fs";
+import * as path from "path";
+function detectTrigger(projectPath) {
+  const handoffPath = path.join(projectPath, ".harness", "handoff.json");
+  if (!fs.existsSync(handoffPath)) {
+    return { trigger: "manual" };
+  }
+  try {
+    const raw = fs.readFileSync(handoffPath, "utf-8");
+    const handoff = JSON.parse(raw);
+    if (handoff.fromSkill === "harness-planning" && Array.isArray(handoff.pending) && handoff.pending.length > 0) {
+      return {
+        trigger: "on_plan_approved",
+        handoff: {
+          fromSkill: handoff.fromSkill,
+          summary: handoff.summary ?? "",
+          pending: handoff.pending,
+          planPath: handoff.planPath
+        }
+      };
+    }
+    return { trigger: "manual" };
+  } catch {
+    return { trigger: "manual" };
+  }
+}
+
+// src/persona/runner.ts
+var TIMEOUT_ERROR_MESSAGE = "__PERSONA_RUNNER_TIMEOUT__";
+function stepName(step) {
+  return "command" in step ? step.command : step.skill;
+}
+function stepType(step) {
+  return "command" in step ? "command" : "skill";
+}
+function matchesTrigger(step, trigger) {
+  const when = step.when ?? "always";
+  return when === "always" || when === trigger;
+}
+function skipRemaining(activeSteps, fromIndex, report) {
+  for (let j = fromIndex; j < activeSteps.length; j++) {
+    const remaining = activeSteps[j];
+    report.steps.push({
+      name: stepName(remaining),
+      type: stepType(remaining),
+      status: "skipped",
+      durationMs: 0
+    });
+  }
+}
+async function runPersona(persona, context) {
+  const startTime = Date.now();
+  const timeout = persona.config.timeout;
+  const report = {
+    persona: persona.name.toLowerCase().replace(/\s+/g, "-"),
+    status: "pass",
+    steps: [],
+    totalDurationMs: 0
+  };
+  let resolvedTrigger;
+  let handoff = context.handoff;
+  if (context.trigger === "auto") {
+    const detection = detectTrigger(context.projectPath);
+    resolvedTrigger = detection.trigger;
+    handoff = detection.handoff ?? handoff;
+  } else {
+    resolvedTrigger = context.trigger;
+  }
+  const activeSteps = persona.steps.filter((s) => matchesTrigger(s, resolvedTrigger));
+  for (let i = 0; i < activeSteps.length; i++) {
+    const step = activeSteps[i];
+    if (Date.now() - startTime >= timeout) {
+      skipRemaining(activeSteps, i, report);
+      report.status = "partial";
+      break;
+    }
+    const stepStart = Date.now();
+    const remainingTime = timeout - (Date.now() - startTime);
+    if ("command" in step) {
+      const result = await Promise.race([
+        context.commandExecutor(step.command),
+        new Promise(
+          (resolve) => setTimeout(
+            () => resolve({
+              ok: false,
+              error: new Error(TIMEOUT_ERROR_MESSAGE)
+            }),
+            remainingTime
+          )
+        )
+      ]);
+      const durationMs = Date.now() - stepStart;
+      if (result.ok) {
+        report.steps.push({
+          name: step.command,
+          type: "command",
+          status: "pass",
+          result: result.value,
+          durationMs
+        });
+      } else if (result.error.message === TIMEOUT_ERROR_MESSAGE) {
+        report.steps.push({
+          name: step.command,
+          type: "command",
+          status: "skipped",
+          error: "timed out",
+          durationMs
+        });
+        report.status = "partial";
+        skipRemaining(activeSteps, i + 1, report);
+        break;
+      } else {
+        report.steps.push({
+          name: step.command,
+          type: "command",
+          status: "fail",
+          error: result.error.message,
+          durationMs
+        });
+        report.status = "fail";
+        skipRemaining(activeSteps, i + 1, report);
+        break;
+      }
+    } else {
+      const skillContext = {
+        trigger: resolvedTrigger,
+        projectPath: context.projectPath,
+        outputMode: step.output ?? "auto",
+        ...handoff ? { handoff } : {}
+      };
+      const SKILL_TIMEOUT_RESULT = {
+        status: "fail",
+        output: "timed out",
+        durationMs: 0
+      };
+      const result = await Promise.race([
+        context.skillExecutor(step.skill, skillContext),
+        new Promise(
+          (resolve) => setTimeout(() => resolve(SKILL_TIMEOUT_RESULT), remainingTime)
+        )
+      ]);
+      const durationMs = Date.now() - stepStart;
+      if (result === SKILL_TIMEOUT_RESULT) {
+        report.steps.push({
+          name: step.skill,
+          type: "skill",
+          status: "skipped",
+          error: "timed out",
+          durationMs
+        });
+        report.status = "partial";
+        skipRemaining(activeSteps, i + 1, report);
+        break;
+      } else if (result.status === "pass") {
+        report.steps.push({
+          name: step.skill,
+          type: "skill",
+          status: "pass",
+          result: result.output,
+          ...result.artifactPath ? { artifactPath: result.artifactPath } : {},
+          durationMs
+        });
+      } else {
+        report.steps.push({
+          name: step.skill,
+          type: "skill",
+          status: "fail",
+          error: result.output,
+          durationMs
+        });
+        report.status = "fail";
+        skipRemaining(activeSteps, i + 1, report);
+        break;
+      }
+    }
+  }
+  report.totalDurationMs = Date.now() - startTime;
+  return report;
+}
+
+export {
+  detectTrigger,
+  runPersona
+};

package/dist/chunk-VRFZWGMS.js

@@ -0,0 +1,68 @@
+// src/skill/schema.ts
+import { z } from "zod";
+var SkillPhaseSchema = z.object({
+  name: z.string(),
+  description: z.string(),
+  required: z.boolean().default(true)
+});
+var SkillCliSchema = z.object({
+  command: z.string(),
+  args: z.array(
+    z.object({
+      name: z.string(),
+      description: z.string(),
+      required: z.boolean().default(false)
+    })
+  ).default([])
+});
+var SkillMcpSchema = z.object({
+  tool: z.string(),
+  input: z.record(z.string())
+});
+var SkillStateSchema = z.object({
+  persistent: z.boolean().default(false),
+  files: z.array(z.string()).default([])
+});
+var ALLOWED_TRIGGERS = [
+  "manual",
+  "on_pr",
+  "on_commit",
+  "on_new_feature",
+  "on_bug_fix",
+  "on_refactor",
+  "on_project_init",
+  "on_review",
+  "on_milestone",
+  "on_task_complete",
+  "on_doc_check"
+];
+var ALLOWED_PLATFORMS = ["claude-code", "gemini-cli"];
+var ALLOWED_COGNITIVE_MODES = [
+  "adversarial-reviewer",
+  "constructive-architect",
+  "meticulous-implementer",
+  "diagnostic-investigator",
+  "advisory-guide",
+  "meticulous-verifier"
+];
+var SkillMetadataSchema = z.object({
+  name: z.string().regex(/^[a-z][a-z0-9-]*$/, "Name must be lowercase with hyphens"),
+  version: z.string().regex(/^\d+\.\d+\.\d+$/, "Version must be semver format"),
+  description: z.string(),
+  cognitive_mode: z.string().regex(/^[a-z][a-z0-9]*(-[a-z0-9]+)*$/, "Cognitive mode must be kebab-case").optional(),
+  triggers: z.array(z.enum(ALLOWED_TRIGGERS)),
+  platforms: z.array(z.enum(ALLOWED_PLATFORMS)),
+  tools: z.array(z.string()),
+  cli: SkillCliSchema.optional(),
+  mcp: SkillMcpSchema.optional(),
+  type: z.enum(["rigid", "flexible"]),
+  phases: z.array(SkillPhaseSchema).optional(),
+  state: SkillStateSchema.default({}),
+  depends_on: z.array(z.string()).default([]),
+  repository: z.string().url().optional()
+});
+
+export {
+  ALLOWED_COGNITIVE_MODES,
+  SkillMetadataSchema
+};

package/dist/chunk-VUCPTQ6G.js

@@ -0,0 +1,67 @@
+import {
+  Err,
+  Ok
+} from "./chunk-MHBMTPW7.js";
+
+// src/persona/generators/ci-workflow.ts
+import YAML from "yaml";
+function buildGitHubTriggers(triggers) {
+  const on = {};
+  for (const trigger of triggers) {
+    switch (trigger.event) {
+      case "on_pr": {
+        const prConfig = {};
+        if (trigger.conditions?.paths) prConfig.paths = trigger.conditions.paths;
+        on.pull_request = prConfig;
+        break;
+      }
+      case "on_commit": {
+        const pushConfig = {};
+        if (trigger.conditions?.branches) pushConfig.branches = trigger.conditions.branches;
+        on.push = pushConfig;
+        break;
+      }
+      case "scheduled":
+        on.schedule = [{ cron: trigger.cron }];
+        break;
+    }
+  }
+  return on;
+}
+function generateCIWorkflow(persona, platform) {
+  try {
+    if (platform === "gitlab") return Err(new Error("GitLab CI generation is not yet supported"));
+    const severity = persona.config.severity;
+    const steps = [
+      { uses: "actions/checkout@v4" },
+      { uses: "actions/setup-node@v4", with: { "node-version": "20" } },
+      { uses: "pnpm/action-setup@v4", with: { run_install: "frozen" } }
+    ];
+    const commandSteps = persona.steps.filter((s) => "command" in s);
+    for (const step of commandSteps) {
+      const severityFlag = severity ? ` --severity ${severity}` : "";
+      steps.push({ run: `npx harness ${step.command}${severityFlag}` });
+    }
+    const workflow = {
+      name: persona.name,
+      on: buildGitHubTriggers(persona.triggers),
+      jobs: {
+        enforce: {
+          "runs-on": "ubuntu-latest",
+          steps
+        }
+      }
+    };
+    return Ok(YAML.stringify(workflow, { lineWidth: 0 }));
+  } catch (error) {
+    return Err(
+      new Error(
+        `Failed to generate CI workflow: ${error instanceof Error ? error.message : String(error)}`
+      )
+    );
+  }
+}
+
+export {
+  generateCIWorkflow
+};

package/dist/chunk-W6Y7ZW3Y.js

@@ -0,0 +1,13 @@
+// src/mcp/utils/sanitize-path.ts
+import * as path from "path";
+function sanitizePath(inputPath) {
+  const resolved = path.resolve(inputPath);
+  if (resolved === "/" || resolved === path.parse(resolved).root) {
+    throw new Error("Invalid project path: cannot use filesystem root");
+  }
+  return resolved;
+}
+
+export {
+  sanitizePath
+};

package/dist/chunk-WJZDO6OY.js

@@ -0,0 +1,103 @@
+import {
+  resolveProjectConfig
+} from "./chunk-K6XAPGML.js";
+import {
+  sanitizePath
+} from "./chunk-W6Y7ZW3Y.js";
+
+// src/mcp/tools/validate.ts
+import * as path from "path";
+var validateToolDefinition = {
+  name: "validate_project",
+  description: "Run all validation checks on a harness engineering project",
+  inputSchema: {
+    type: "object",
+    properties: {
+      path: { type: "string", description: "Path to project root directory" }
+    },
+    required: ["path"]
+  }
+};
+async function handleValidateProject(input) {
+  let projectPath;
+  try {
+    projectPath = sanitizePath(input.path);
+  } catch (error) {
+    return {
+      content: [
+        {
+          type: "text",
+          text: `Error: ${error instanceof Error ? error.message : String(error)}`
+        }
+      ],
+      isError: true
+    };
+  }
+  const errors = [];
+  const checks = {
+    config: "fail",
+    structure: "skipped",
+    agentsMap: "skipped"
+  };
+  const configResult = resolveProjectConfig(projectPath);
+  if (!configResult.ok) {
+    errors.push(`Config: ${configResult.error.message}`);
+    return {
+      content: [{ type: "text", text: JSON.stringify({ valid: false, checks, errors }) }]
+    };
+  }
+  checks.config = "pass";
+  const config = configResult.value;
+  try {
+    const core = await import("./dist-JVZ2MKBC.js");
+    if (typeof core.validateFileStructure === "function" && Array.isArray(config.conventions)) {
+      const conventions = config.conventions;
+      const structureResult = await core.validateFileStructure(projectPath, conventions);
+      if (structureResult.ok) {
+        checks.structure = structureResult.value.valid ? "pass" : "fail";
+        if (!structureResult.value.valid) {
+          for (const missing of structureResult.value.missing) {
+            errors.push(`Missing required file: ${missing}`);
+          }
+        }
+      } else {
+        checks.structure = "fail";
+        errors.push(`Structure validation error: ${structureResult.error.message}`);
+      }
+    }
+  } catch {
+  }
+  try {
+    const core = await import("./dist-JVZ2MKBC.js");
+    if (typeof core.validateAgentsMap === "function") {
+      const agentsMapPath = path.join(projectPath, "AGENTS.md");
+      const agentsResult = await core.validateAgentsMap(agentsMapPath);
+      if (agentsResult.ok) {
+        checks.agentsMap = agentsResult.value.valid ? "pass" : "fail";
+        if (!agentsResult.value.valid) {
+          if (agentsResult.value.missingSections.length > 0) {
+            errors.push(
+              `AGENTS.md missing sections: ${agentsResult.value.missingSections.join(", ")}`
+            );
+          }
+          if (agentsResult.value.brokenLinks.length > 0) {
+            errors.push(`AGENTS.md has ${agentsResult.value.brokenLinks.length} broken link(s)`);
+          }
+        }
+      } else {
+        checks.agentsMap = "fail";
+        errors.push(`AGENTS.md validation error: ${agentsResult.error.message}`);
+      }
+    }
+  } catch {
+  }
+  const valid = errors.length === 0;
+  return {
+    content: [{ type: "text", text: JSON.stringify({ valid, checks, errors }) }]
+  };
+}
+
+export {
+  validateToolDefinition,
+  handleValidateProject
+};

package/dist/chunk-WUJTCNOU.js

@@ -0,0 +1,122 @@
+import {
+  sanitizePath
+} from "./chunk-W6Y7ZW3Y.js";
+
+// src/mcp/tools/review-pipeline.ts
+var runCodeReviewDefinition = {
+  name: "run_code_review",
+  description: "Run the unified 7-phase code review pipeline: gate, mechanical checks, context scoping, parallel agents, validation, deduplication, and output.",
+  inputSchema: {
+    type: "object",
+    properties: {
+      path: { type: "string", description: "Path to project root" },
+      diff: { type: "string", description: "Git diff string to review" },
+      commitMessage: {
+        type: "string",
+        description: "Most recent commit message (for change-type detection)"
+      },
+      comment: {
+        type: "boolean",
+        description: "Post inline comments to GitHub PR (requires prNumber and repo)"
+      },
+      ci: {
+        type: "boolean",
+        description: "Enable eligibility gate and non-interactive output"
+      },
+      deep: {
+        type: "boolean",
+        description: "Add threat modeling pass to security agent"
+      },
+      noMechanical: {
+        type: "boolean",
+        description: "Skip mechanical checks (useful if already run)"
+      },
+      prNumber: {
+        type: "number",
+        description: "PR number (required for --comment and CI gate)"
+      },
+      repo: {
+        type: "string",
+        description: "Repository in owner/repo format (required for --comment)"
+      }
+    },
+    required: ["path", "diff"]
+  }
+};
+async function handleRunCodeReview(input) {
+  try {
+    const { parseDiff, runReviewPipeline } = await import("./dist-JVZ2MKBC.js");
+    const parseResult = parseDiff(input.diff);
+    if (!parseResult.ok) {
+      return {
+        content: [
+          {
+            type: "text",
+            text: `Error parsing diff: ${parseResult.error.message}`
+          }
+        ],
+        isError: true
+      };
+    }
+    const codeChanges = parseResult.value;
+    const projectRoot = sanitizePath(input.path);
+    const diffInfo = {
+      changedFiles: codeChanges.files.map((f) => f.path),
+      newFiles: codeChanges.files.filter((f) => f.status === "added").map((f) => f.path),
+      deletedFiles: codeChanges.files.filter((f) => f.status === "deleted").map((f) => f.path),
+      totalDiffLines: input.diff.split("\n").length,
+      fileDiffs: new Map(
+        codeChanges.files.map((f) => [f.path, f.diff ?? ""])
+      )
+    };
+    const result = await runReviewPipeline({
+      projectRoot,
+      diff: diffInfo,
+      commitMessage: input.commitMessage ?? "",
+      flags: {
+        comment: input.comment ?? false,
+        ci: input.ci ?? false,
+        deep: input.deep ?? false,
+        noMechanical: input.noMechanical ?? false
+      },
+      ...input.repo != null ? { repo: input.repo } : {}
+    });
+    return {
+      content: [
+        {
+          type: "text",
+          text: JSON.stringify(
+            {
+              skipped: result.skipped,
+              skipReason: result.skipReason,
+              stoppedByMechanical: result.stoppedByMechanical,
+              assessment: result.assessment,
+              findingCount: result.findings.length,
+              terminalOutput: result.terminalOutput,
+              githubCommentCount: result.githubComments.length,
+              exitCode: result.exitCode
+            },
+            null,
+            2
+          )
+        }
+      ],
+      isError: false
+    };
+  } catch (error) {
+    return {
+      content: [
+        {
+          type: "text",
+          text: `Error: ${error instanceof Error ? error.message : String(error)}`
+        }
+      ],
+      isError: true
+    };
+  }
+}
+
+export {
+  runCodeReviewDefinition,
+  handleRunCodeReview
+};

package/dist/chunk-X3MN5UQJ.js

@@ -0,0 +1,89 @@
+import {
+  sanitizePath
+} from "./chunk-W6Y7ZW3Y.js";
+
+// src/mcp/tools/security.ts
+import * as path from "path";
+var runSecurityScanDefinition = {
+  name: "run_security_scan",
+  description: "Run the built-in security scanner on a project or specific files. Detects secrets, injection, XSS, weak crypto, and other vulnerabilities.",
+  inputSchema: {
+    type: "object",
+    properties: {
+      path: { type: "string", description: "Path to project root" },
+      files: {
+        type: "array",
+        items: { type: "string" },
+        description: "Optional list of specific files to scan. If omitted, scans all source files."
+      },
+      strict: {
+        type: "boolean",
+        description: "Override strict mode \u2014 promotes all warnings to errors"
+      }
+    },
+    required: ["path"]
+  }
+};
+async function handleRunSecurityScan(input) {
+  try {
+    const core = await import("./dist-JVZ2MKBC.js");
+    const projectRoot = sanitizePath(input.path);
+    let configData = {};
+    try {
+      const fs = await import("fs");
+      const configPath = path.join(projectRoot, "harness.config.json");
+      if (fs.existsSync(configPath)) {
+        const raw = fs.readFileSync(configPath, "utf-8");
+        const parsed = JSON.parse(raw);
+        configData = parsed.security ?? {};
+      }
+    } catch {
+    }
+    if (input.strict !== void 0) {
+      configData.strict = input.strict;
+    }
+    const securityConfig = core.parseSecurityConfig(configData);
+    const scanner = new core.SecurityScanner(securityConfig);
+    scanner.configureForProject(projectRoot);
+    let filesToScan;
+    if (input.files && input.files.length > 0) {
+      filesToScan = input.files.map((f) => path.resolve(projectRoot, f));
+    } else {
+      const { globFiles } = await import("./glob-helper-5OHBUQAI.js");
+      filesToScan = await globFiles(projectRoot, securityConfig.exclude);
+    }
+    const result = await scanner.scanFiles(filesToScan);
+    return {
+      content: [
+        {
+          type: "text",
+          text: JSON.stringify({
+            ...result,
+            summary: {
+              errors: result.findings.filter((f) => f.severity === "error").length,
+              warnings: result.findings.filter(
+                (f) => f.severity === "warning"
+              ).length,
+              info: result.findings.filter((f) => f.severity === "info").length
+            }
+          })
+        }
+      ]
+    };
+  } catch (error) {
+    return {
+      content: [
+        {
+          type: "text",
+          text: `Error: ${error instanceof Error ? error.message : String(error)}`
+        }
+      ],
+      isError: true
+    };
+  }
+}
+
+export {
+  runSecurityScanDefinition,
+  handleRunSecurityScan
+};