@ipation/specbridge 2.4.5 → 2.4.7

package/CHANGELOG.md

@@ -7,6 +7,40 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [2.4.7] - 2026-02-08
+
+### Added
+
+- Shared CLI command context helper for consistent initialization/config loading across commands.
+- Normalized verification request/result contracts under `src/core/types/verification-contracts.ts`.
+- Architecture boundary check script: `npm run architecture:check-boundaries`.
+- CI warning-mode `module-boundaries` job and health-summary integration for boundary status.
+- Debt baseline snapshot document: `docs/maintenance/debt-baseline-2026Q1.md`.
+
+### Changed
+
+- Refactored `verify`, `report`, and `infer` commands to use shared command context and module entrypoint imports.
+- Updated architecture and maintenance docs with dependency direction guardrails and boundary-check baseline command.
+
+### Fixed
+
+- Removed deprecated Husky bootstrap lines from `.husky/pre-commit` to avoid v10 incompatibility warning.
+
+## [2.4.6] - 2026-02-08
+
+### Changed
+
+- Cleaned and consolidated project documentation:
+  - Archived historical root/docs markdown files into `docs/archive/`.
+  - Removed stale top-level `PROJECT_ASSESSMENT.md`.
+  - Renamed `docs/PHASE4_QUICK_REFERENCE.md` to `docs/analytics-quick-reference.md`.
+  - Renamed `docs/demos/phase4-analytics-demo.md` to `docs/demos/analytics-demo.md`.
+- Updated docs links and metadata for consistency:
+  - `README.md` and `docs/MIGRATION-V2.md` now point to `CHANGELOG.md`.
+  - `CONTRIBUTING.md` Node baseline aligned to `20.19.0+`.
+  - `SECURITY.md` supported versions table updated for current major versions.
+  - Fixed stale/broken markdown links in active docs.
+
 ## [2.4.5] - 2026-02-08
 
 ### Added
@@ -373,7 +407,7 @@ This release focuses on critical infrastructure upgrades, security improvements,
 - `src/dashboard/public/index.html` - React dashboard UI
 - `src/cli/commands/analytics.ts` - Analytics CLI command
 - `src/cli/commands/dashboard.ts` - Dashboard CLI command
-- `docs/demos/phase4-analytics-demo.md` - Interactive demo guide (900+ lines)
+- `docs/demos/analytics-demo.md` - Interactive demo guide (900+ lines)
 - `docs/demos/QUICKSTART.md` - Quick start guide
 - `docs/demos/generate-sample-data.sh` - Sample data generator
 - `docs/features/analytics-and-insights.md` - Feature documentation (1200+ lines)
@@ -1078,7 +1112,9 @@ This release adopts a **pragmatic testing approach**:
 - Vitest for testing
 - tsup for building
 
-[Unreleased]: https://github.com/nouatzi/specbridge/compare/v2.4.5...HEAD
+[Unreleased]: https://github.com/nouatzi/specbridge/compare/v2.4.7...HEAD
+[2.4.7]: https://github.com/nouatzi/specbridge/compare/v2.4.6...v2.4.7
+[2.4.6]: https://github.com/nouatzi/specbridge/compare/v2.4.5...v2.4.6
 [2.4.5]: https://github.com/nouatzi/specbridge/compare/v2.4.4...v2.4.5
 [2.4.4]: https://github.com/nouatzi/specbridge/compare/v2.4.3...v2.4.4
 [2.4.3]: https://github.com/nouatzi/specbridge/compare/v2.4.2...v2.4.3

package/README.md

@@ -28,7 +28,7 @@ SpecBridge creates a living integration layer between design intent and implemen
 - 📊 **Sub-1s Dashboard** - In-memory caching for instant report loading
 - 🔄 **Migration Tool** - Automated v1 → v2 migration with comparison reports
 
-[📖 See full changelog](./CHANGELOG-v2.0.md) | [🔧 Migration Guide](./docs/MIGRATION-V2.md)
+[📖 See full changelog](./CHANGELOG.md) | [🔧 Migration Guide](./docs/MIGRATION-V2.md)
 
 Project vision: [French](./docs/VISION.md) | [English summary](./docs/VISION.en.md)
 

package/dist/cli.js

@@ -1300,6 +1300,29 @@ function createInferenceEngine() {
   return new InferenceEngine();
 }
 
+// src/utils/logger.ts
+import pino from "pino";
+var defaultOptions = {
+  level: process.env.SPECBRIDGE_LOG_LEVEL || "info",
+  timestamp: pino.stdTimeFunctions.isoTime,
+  base: {
+    service: "specbridge"
+  }
+};
+var destination = pino.destination({
+  fd: 2,
+  // stderr
+  sync: false
+});
+var rootLogger = pino(defaultOptions, destination);
+function getLogger(bindings) {
+  if (!bindings) {
+    return rootLogger;
+  }
+  return rootLogger.child(bindings);
+}
+var logger = getLogger();
+
 // src/config/loader.ts
 async function loadConfig(basePath = process.cwd()) {
   const specbridgeDir = getSpecBridgeDir(basePath);
@@ -1320,17 +1343,41 @@ async function loadConfig(basePath = process.cwd()) {
   return result.data;
 }
 
-// src/cli/commands/infer.ts
-var inferCommand = new Command2("infer").description("Analyze codebase and detect patterns").option("-o, --output <file>", "Output file path").option("-c, --min-confidence <number>", "Minimum confidence threshold (0-100)", "50").option("-a, --analyzers <list>", "Comma-separated list of analyzers to run").option("--json", "Output as JSON").option("--save", "Save results to .specbridge/inferred/").action(async (options) => {
-  const cwd = process.cwd();
-  if (!await pathExists(getSpecBridgeDir(cwd))) {
+// src/cli/command-context.ts
+async function createConfiguredCommandContext(options = {}) {
+  const cwd = options.cwd ?? process.cwd();
+  const outputFormat = options.outputFormat ?? "console";
+  const requireInitialized = options.requireInitialized ?? true;
+  if (requireInitialized && !await pathExists(getSpecBridgeDir(cwd))) {
     throw new NotInitializedError();
   }
+  const config = await loadConfig(cwd);
+  return {
+    context: {
+      cwd,
+      outputFormat
+    },
+    config
+  };
+}
+function parseCsvOption(value) {
+  if (!value) {
+    return void 0;
+  }
+  const parsed = value.split(",").map((part) => part.trim()).filter((part) => part.length > 0);
+  return parsed.length > 0 ? parsed : void 0;
+}
+
+// src/cli/commands/infer.ts
+var inferCommand = new Command2("infer").description("Analyze codebase and detect patterns").option("-o, --output <file>", "Output file path").option("-c, --min-confidence <number>", "Minimum confidence threshold (0-100)", "50").option("-a, --analyzers <list>", "Comma-separated list of analyzers to run").option("--json", "Output as JSON").option("--save", "Save results to .specbridge/inferred/").action(async (options) => {
   const spinner = ora2("Loading configuration...").start();
   try {
-    const config = await loadConfig(cwd);
-    const minConfidence = parseInt(options.minConfidence || "50", 10);
-    const analyzerList = options.analyzers ? options.analyzers.split(",").map((a) => a.trim()) : config.inference?.analyzers || getAnalyzerIds();
+    const { context, config } = await createConfiguredCommandContext({
+      outputFormat: options.json ? "json" : "console"
+    });
+    const { cwd } = context;
+    const minConfidence = Number.parseInt(options.minConfidence || "50", 10);
+    const analyzerList = parseCsvOption(options.analyzers) || config.inference?.analyzers || getAnalyzerIds();
     spinner.text = `Scanning codebase (analyzers: ${analyzerList.join(", ")})...`;
     const engine = createInferenceEngine();
     const result = await engine.infer({
@@ -2798,31 +2845,6 @@ import { existsSync } from "fs";
 import { join as join5 } from "path";
 import { pathToFileURL } from "url";
 import fg2 from "fast-glob";
-
-// src/utils/logger.ts
-import pino from "pino";
-var defaultOptions = {
-  level: process.env.SPECBRIDGE_LOG_LEVEL || "info",
-  timestamp: pino.stdTimeFunctions.isoTime,
-  base: {
-    service: "specbridge"
-  }
-};
-var destination = pino.destination({
-  fd: 2,
-  // stderr
-  sync: false
-});
-var rootLogger = pino(defaultOptions, destination);
-function getLogger(bindings) {
-  if (!bindings) {
-    return rootLogger;
-  }
-  return rootLogger.child(bindings);
-}
-var logger = getLogger();
-
-// src/verification/plugins/loader.ts
 var PluginLoader = class {
   plugins = /* @__PURE__ */ new Map();
   loaded = false;
@@ -3600,95 +3622,6 @@ function createVerificationEngine(registry) {
   return new VerificationEngine(registry);
 }
 
-// src/verification/autofix/engine.ts
-import { readFile as readFile4, writeFile as writeFile2 } from "fs/promises";
-import readline from "readline/promises";
-import { stdin, stdout } from "process";
-function applyEdits(content, edits) {
-  const sorted = [...edits].sort((a, b) => b.start - a.start);
-  let next = content;
-  const patches = [];
-  let skippedEdits = 0;
-  let lastStart = Number.POSITIVE_INFINITY;
-  for (const edit of sorted) {
-    if (edit.start < 0 || edit.end < edit.start || edit.end > next.length) {
-      skippedEdits++;
-      continue;
-    }
-    if (edit.end > lastStart) {
-      skippedEdits++;
-      continue;
-    }
-    lastStart = edit.start;
-    const originalText = next.slice(edit.start, edit.end);
-    next = next.slice(0, edit.start) + edit.text + next.slice(edit.end);
-    patches.push({
-      filePath: "",
-      description: edit.description,
-      start: edit.start,
-      end: edit.end,
-      originalText,
-      fixedText: edit.text
-    });
-  }
-  return { next, patches, skippedEdits };
-}
-async function confirmFix(prompt) {
-  const rl = readline.createInterface({ input: stdin, output: stdout });
-  try {
-    const answer = await rl.question(`${prompt} (y/N) `);
-    return answer.trim().toLowerCase() === "y";
-  } finally {
-    rl.close();
-  }
-}
-var AutofixEngine = class {
-  async applyFixes(violations, options = {}) {
-    const fixable = violations.filter((v) => v.autofix && v.autofix.edits.length > 0);
-    const byFile = /* @__PURE__ */ new Map();
-    for (const v of fixable) {
-      const list = byFile.get(v.file) ?? [];
-      list.push(v);
-      byFile.set(v.file, list);
-    }
-    const applied = [];
-    let skippedViolations = 0;
-    for (const [filePath, fileViolations] of byFile) {
-      const original = await readFile4(filePath, "utf-8");
-      const edits = [];
-      for (const violation of fileViolations) {
-        const fix = violation.autofix;
-        if (!fix) {
-          skippedViolations++;
-          continue;
-        }
-        if (options.interactive) {
-          const ok = await confirmFix(
-            `Apply fix: ${fix.description} (${filePath}:${violation.line ?? 1})?`
-          );
-          if (!ok) {
-            skippedViolations++;
-            continue;
-          }
-        }
-        for (const edit of fix.edits) {
-          edits.push({ ...edit, description: fix.description });
-        }
-      }
-      if (edits.length === 0) continue;
-      const { next, patches, skippedEdits } = applyEdits(original, edits);
-      skippedViolations += skippedEdits;
-      if (!options.dryRun) {
-        await writeFile2(filePath, next, "utf-8");
-      }
-      for (const patch of patches) {
-        applied.push({ ...patch, filePath });
-      }
-    }
-    return { applied, skipped: skippedViolations };
-  }
-};
-
 // src/verification/incremental.ts
 import { execFile } from "child_process";
 import { promisify } from "util";
@@ -3782,22 +3715,110 @@ var ExplainReporter = class {
   }
 };
 
+// src/verification/autofix/engine.ts
+import { readFile as readFile4, writeFile as writeFile2 } from "fs/promises";
+import readline from "readline/promises";
+import { stdin, stdout } from "process";
+function applyEdits(content, edits) {
+  const sorted = [...edits].sort((a, b) => b.start - a.start);
+  let next = content;
+  const patches = [];
+  let skippedEdits = 0;
+  let lastStart = Number.POSITIVE_INFINITY;
+  for (const edit of sorted) {
+    if (edit.start < 0 || edit.end < edit.start || edit.end > next.length) {
+      skippedEdits++;
+      continue;
+    }
+    if (edit.end > lastStart) {
+      skippedEdits++;
+      continue;
+    }
+    lastStart = edit.start;
+    const originalText = next.slice(edit.start, edit.end);
+    next = next.slice(0, edit.start) + edit.text + next.slice(edit.end);
+    patches.push({
+      filePath: "",
+      description: edit.description,
+      start: edit.start,
+      end: edit.end,
+      originalText,
+      fixedText: edit.text
+    });
+  }
+  return { next, patches, skippedEdits };
+}
+async function confirmFix(prompt) {
+  const rl = readline.createInterface({ input: stdin, output: stdout });
+  try {
+    const answer = await rl.question(`${prompt} (y/N) `);
+    return answer.trim().toLowerCase() === "y";
+  } finally {
+    rl.close();
+  }
+}
+var AutofixEngine = class {
+  async applyFixes(violations, options = {}) {
+    const fixable = violations.filter((v) => v.autofix && v.autofix.edits.length > 0);
+    const byFile = /* @__PURE__ */ new Map();
+    for (const v of fixable) {
+      const list = byFile.get(v.file) ?? [];
+      list.push(v);
+      byFile.set(v.file, list);
+    }
+    const applied = [];
+    let skippedViolations = 0;
+    for (const [filePath, fileViolations] of byFile) {
+      const original = await readFile4(filePath, "utf-8");
+      const edits = [];
+      for (const violation of fileViolations) {
+        const fix = violation.autofix;
+        if (!fix) {
+          skippedViolations++;
+          continue;
+        }
+        if (options.interactive) {
+          const ok = await confirmFix(
+            `Apply fix: ${fix.description} (${filePath}:${violation.line ?? 1})?`
+          );
+          if (!ok) {
+            skippedViolations++;
+            continue;
+          }
+        }
+        for (const edit of fix.edits) {
+          edits.push({ ...edit, description: fix.description });
+        }
+      }
+      if (edits.length === 0) continue;
+      const { next, patches, skippedEdits } = applyEdits(original, edits);
+      skippedViolations += skippedEdits;
+      if (!options.dryRun) {
+        await writeFile2(filePath, next, "utf-8");
+      }
+      for (const patch of patches) {
+        applied.push({ ...patch, filePath });
+      }
+    }
+    return { applied, skipped: skippedViolations };
+  }
+};
+
 // src/cli/commands/verify.ts
 var verifyCommand = new Command3("verify").description("Verify code compliance against decisions").option("-l, --level <level>", "Verification level (commit, pr, full)", "full").option("-f, --files <patterns>", "Comma-separated file patterns to check").option("-d, --decisions <ids>", "Comma-separated decision IDs to check").option(
   "-s, --severity <levels>",
   "Comma-separated severity levels (critical, high, medium, low)"
 ).option("--json", "Output as JSON").option("--incremental", "Only verify changed files (git diff --name-only --diff-filter=AM HEAD)").option("--explain", "Show detailed explanation of verification process").option("--fix", "Apply auto-fixes for supported violations").option("--dry-run", "Show what would be fixed without applying (requires --fix)").option("--interactive", "Confirm each fix interactively (requires --fix)").action(async (options) => {
-  const cwd = process.cwd();
-  if (!await pathExists(getSpecBridgeDir(cwd))) {
-    throw new NotInitializedError();
-  }
   const spinner = ora3("Loading configuration...").start();
   try {
-    const config = await loadConfig(cwd);
+    const { context, config } = await createConfiguredCommandContext({
+      outputFormat: options.json ? "json" : "console"
+    });
+    const { cwd } = context;
     const level = options.level || "full";
-    let files = options.files?.split(",").map((f) => f.trim());
-    const decisions = options.decisions?.split(",").map((d) => d.trim());
-    const severity = options.severity?.split(",").map((s) => s.trim());
+    let files = parseCsvOption(options.files);
+    const decisions = parseCsvOption(options.decisions);
+    const severity = parseCsvOption(options.severity)?.map((value) => value);
     if (options.incremental) {
       const changed = await getChangedFiles(cwd);
       files = changed.length > 0 ? changed : [];
@@ -5071,13 +5092,13 @@ async function analyzeTrend(reports) {
 
 // src/cli/commands/report.ts
 var reportCommand = new Command10("report").description("Generate compliance report").option("-f, --format <format>", "Output format (console, json, markdown)", "console").option("-o, --output <file>", "Output file path").option("--save", "Save to .specbridge/reports/").option("-a, --all", "Include all decisions (not just active)").option("--trend", "Show compliance trend over time").option("--drift", "Analyze drift since last report").option("--days <n>", "Number of days for trend analysis", "30").option("--legacy-compliance", "Use v1.3 compliance formula (for comparison)").action(async (options) => {
-  const cwd = process.cwd();
-  if (!await pathExists(getSpecBridgeDir(cwd))) {
-    throw new NotInitializedError();
-  }
   const spinner = ora6("Generating compliance report...").start();
   try {
-    const config = await loadConfig(cwd);
+    const outputFormat = options.format === "json" ? "json" : options.format === "markdown" || options.format === "md" ? "markdown" : "console";
+    const { context, config } = await createConfiguredCommandContext({
+      outputFormat
+    });
+    const { cwd } = context;
     const report = await generateReport(config, {
       includeAll: options.all,
       cwd,
@@ -5088,7 +5109,7 @@ var reportCommand = new Command10("report").description("Generate compliance rep
     await storage.save(report);
     if (options.trend) {
       console.log("\n" + chalk11.blue.bold("=== Compliance Trend Analysis ===\n"));
-      const days = parseInt(options.days || "30", 10);
+      const days = Number.parseInt(options.days || "30", 10);
       const history = await storage.loadHistory(days);
       if (history.length < 2) {
         console.log(