@llm-dev-ops/agentics-cli 1.4.4 → 1.4.7

package/dist/gates/execution-gate.d.ts

@@ -1,22 +1,18 @@
 /**
  * Execution Gate Module
  *
- * HARD EXECUTION KILL-SWITCH
- *
- * PURPOSE: Global execution gate that prevents all operational commands from running
- *          unless execution is explicitly enabled. This is a binary gate enforced
- *          BEFORE any entitlement, usage, or billing logic.
+ * PURPOSE: Global execution gate that controls command access based on
+ *          user entitlement (internal email or paid API key).
  *
  * ENTITLEMENTS:
  * - "internal" - Internal maintainers (allow-listed by email)
- * - Standard entitlements follow existing payment/execution logic
- *
- * FORBIDDEN:
- * - Consulting usage or billing for internal users
- * - Allowing partial execution
- * - Allowing "free tier" commands
+ * - "paid" - Users with a valid API key
+ * - "none" - No entitlement, blocked from operational commands
  *
- * This is a hard kill-switch, not a pricing feature.
+ * LOGIC:
+ * - Identity commands (login, logout, whoami, help, version) always allowed
+ * - Internal or paid users get full access to all commands
+ * - Users with no entitlement are blocked
  */
 /**
  * Entitlement types supported by the execution gate.
@@ -55,9 +51,8 @@ export interface ExecutionGateResult {
  * Execution flow:
  *   1. Always allow identity and help commands
  *   2. Resolve user entitlement
- *   3. If entitlement === "internal" → allow execution
- *   4. If EXECUTION_ENABLED === true → allow execution
- *   5. Otherwise → block execution
+ *   3. If entitlement === "internal" or "paid" → allow execution
+ *   4. Otherwise → block execution
  *
  * @param command - The command name (e.g., 'plan', 'simulate', 'login')
  * @returns ExecutionGateResult indicating if execution is allowed
@@ -70,9 +65,9 @@ export declare function checkExecutionGate(command: string): ExecutionGateResult
  */
 export declare function enforceExecutionGate(command: string): void;
 /**
- * Check if execution is globally enabled.
+ * Check if execution is enabled for the current user.
  *
- * @returns true if execution is enabled, false otherwise
+ * @returns true if the user has internal or paid entitlement
  */
 export declare function isExecutionEnabled(): boolean;
 /**

package/dist/gates/execution-gate.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"execution-gate.d.ts","sourceRoot":"","sources":["../../src/gates/execution-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAsCH;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG,UAAU,GAAG,MAAM,GAAG,MAAM,CAAC;AAqBvD;;;;;;;;;GASG;AACH,wBAAgB,kBAAkB,IAAI,WAAW,CAqBhD;AAgBD;;;GAGG;AACH,eAAO,MAAM,2BAA2B,IAA+B,CAAC;AAoBxE,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,mBAAmB,CAyBvE;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAO1D;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,IAAI,OAAO,CAE5C;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,IAAI,WAAW,CAAC,MAAM,CAAC,CAExD"}
+{"version":3,"file":"execution-gate.d.ts","sourceRoot":"","sources":["../../src/gates/execution-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AA6BH;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG,UAAU,GAAG,MAAM,GAAG,MAAM,CAAC;AAuDvD;;;;;;;;;GASG;AACH,wBAAgB,kBAAkB,IAAI,WAAW,CA8BhD;AAiBD;;;GAGG;AACH,eAAO,MAAM,2BAA2B,IAA+B,CAAC;AAoBxE,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,mBAAmB,CAyBvE;AAED;;;;GAIG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAO1D;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,IAAI,OAAO,CAG5C;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,IAAI,WAAW,CAAC,MAAM,CAAC,CAExD"}

package/dist/gates/execution-gate.js

@@ -1,22 +1,18 @@
 /**
  * Execution Gate Module
  *
- * HARD EXECUTION KILL-SWITCH
- *
- * PURPOSE: Global execution gate that prevents all operational commands from running
- *          unless execution is explicitly enabled. This is a binary gate enforced
- *          BEFORE any entitlement, usage, or billing logic.
+ * PURPOSE: Global execution gate that controls command access based on
+ *          user entitlement (internal email or paid API key).
  *
  * ENTITLEMENTS:
  * - "internal" - Internal maintainers (allow-listed by email)
- * - Standard entitlements follow existing payment/execution logic
- *
- * FORBIDDEN:
- * - Consulting usage or billing for internal users
- * - Allowing partial execution
- * - Allowing "free tier" commands
+ * - "paid" - Users with a valid API key
+ * - "none" - No entitlement, blocked from operational commands
  *
- * This is a hard kill-switch, not a pricing feature.
+ * LOGIC:
+ * - Identity commands (login, logout, whoami, help, version) always allowed
+ * - Internal or paid users get full access to all commands
+ * - Users with no entitlement are blocked
  */
 import * as fs from 'node:fs';
 import * as path from 'node:path';
@@ -27,16 +23,7 @@ import { getActiveAccount } from '../auth/gcp-identity.js';
 // Execution Gate Configuration
 // ============================================================================
 /**
- * HARD KILL-SWITCH: Execution is DISABLED by default.
- *
- * To enable execution, set environment variable:
- *   AGENTICS_EXECUTION_ENABLED=true
- *
- * This gate decides IF execution is possible at all.
- */
-const EXECUTION_ENABLED = process.env.AGENTICS_EXECUTION_ENABLED === 'true';
-/**
- * Commands that are ALWAYS allowed, regardless of execution gate status.
+ * Commands that are ALWAYS allowed, regardless of entitlement.
  * These are identity and help commands only.
  */
 const ALLOWED_COMMANDS = new Set([
@@ -47,14 +34,9 @@ const ALLOWED_COMMANDS = new Set([
     'version',
 ]);
 /**
- * INTERNAL_EMAILS: Authoritative allow-list for internal maintainers.
- *
- * Users with emails in this list are granted the "internal" entitlement,
- * which allows full CLI execution without payment verification.
- *
- * This is a first-class entitlement, not a bypass or debug shortcut.
+ * Default internal emails (fallback if config file doesn't exist).
  */
-const INTERNAL_EMAILS = new Set([
+const DEFAULT_INTERNAL_EMAILS = [
     'nick@nicholasruest.com',
     'sales@globalbusinessadvisors.co',
     'nicholasruest1@gmail.com',
@@ -63,7 +45,44 @@ const INTERNAL_EMAILS = new Set([
     'ruv@agentics.org',
     'cvsrohit@gmail.com',
     'rishubcheddlla@gmail.com',
-]);
+];
+/**
+ * Load internal emails from config file or use defaults.
+ * Config file: ~/.agentics/internal-users.json
+ * Format: { "emails": ["email1@example.com", "email2@example.com"] }
+ */
+function loadInternalEmails() {
+    try {
+        const configPath = path.join(os.homedir(), '.agentics', 'internal-users.json');
+        if (fs.existsSync(configPath)) {
+            const content = fs.readFileSync(configPath, 'utf-8');
+            const config = JSON.parse(content);
+            if (Array.isArray(config.emails)) {
+                return new Set(config.emails.map((e) => e.toLowerCase()));
+            }
+        }
+    }
+    catch {
+        // Config file doesn't exist or is invalid, use defaults
+    }
+    // Create default config file if it doesn't exist
+    try {
+        const configDir = path.join(os.homedir(), '.agentics');
+        const configPath = path.join(configDir, 'internal-users.json');
+        if (!fs.existsSync(configPath)) {
+            if (!fs.existsSync(configDir)) {
+                fs.mkdirSync(configDir, { recursive: true });
+            }
+            fs.writeFileSync(configPath, JSON.stringify({ emails: DEFAULT_INTERNAL_EMAILS }, null, 2));
+        }
+    }
+    catch {
+        // Failed to create config file, continue with defaults
+    }
+    return new Set(DEFAULT_INTERNAL_EMAILS.map(e => e.toLowerCase()));
+}
+// Load internal emails once at startup
+const INTERNAL_EMAILS = loadInternalEmails();
 /**
  * Resolve the entitlement for the currently authenticated user.
  *
@@ -80,28 +99,37 @@ export function resolveEntitlement() {
     if (envEmail && INTERNAL_EMAILS.has(envEmail.toLowerCase())) {
         return 'internal';
     }
-    // Check stored credentials for email
-    const storedEmail = getStoredEmail();
-    if (storedEmail && INTERNAL_EMAILS.has(storedEmail.toLowerCase())) {
+    // Check stored credentials for email and payment status
+    const storedCreds = getStoredCredentials();
+    if (storedCreds?.email && INTERNAL_EMAILS.has(storedCreds.email.toLowerCase())) {
         return 'internal';
     }
+    // Check if API key holder has paid status
+    if (storedCreds?.api_key && storedCreds.payment_status === 'paid') {
+        return 'paid';
+    }
     // Fall back to gcloud account
     const account = getActiveAccount();
     if (account && INTERNAL_EMAILS.has(account.toLowerCase())) {
         return 'internal';
     }
-    // Future: Check for paid entitlements via payment service
+    // If user has a valid API key, treat as paid (API keys are issued to paying users)
+    if (storedCreds?.api_key) {
+        return 'paid';
+    }
     return 'none';
 }
 /**
- * Read email from stored credentials (sync).
+ * Read stored credentials (sync).
  */
-function getStoredEmail() {
+function getStoredCredentials() {
     try {
         const credPath = path.join(os.homedir(), '.agentics', 'credentials.json');
         const content = fs.readFileSync(credPath, 'utf-8');
         const creds = JSON.parse(content);
-        return creds.email ?? null;
+        if (!creds.api_key)
+            return null;
+        return creds;
     }
     catch {
         return null;
@@ -136,9 +164,8 @@ Contact the Agentics team to enable execution.
  * Execution flow:
  *   1. Always allow identity and help commands
  *   2. Resolve user entitlement
- *   3. If entitlement === "internal" → allow execution
- *   4. If EXECUTION_ENABLED === true → allow execution
- *   5. Otherwise → block execution
+ *   3. If entitlement === "internal" or "paid" → allow execution
+ *   4. Otherwise → block execution
  *
  * @param command - The command name (e.g., 'plan', 'simulate', 'login')
  * @returns ExecutionGateResult indicating if execution is allowed
@@ -150,12 +177,12 @@ export function checkExecutionGate(command) {
     }
     // Resolve entitlement before applying execution gate
     const entitlement = resolveEntitlement();
-    // Internal users have full access - this is a first-class entitlement
+    // Internal users have full access
     if (entitlement === 'internal') {
         return { allowed: true };
     }
-    // If execution is enabled, allow all commands
-    if (EXECUTION_ENABLED) {
+    // Paid users have full access
+    if (entitlement === 'paid') {
         return { allowed: true };
     }
     // Block all other commands
@@ -178,12 +205,13 @@ export function enforceExecutionGate(command) {
     }
 }
 /**
- * Check if execution is globally enabled.
+ * Check if execution is enabled for the current user.
  *
- * @returns true if execution is enabled, false otherwise
+ * @returns true if the user has internal or paid entitlement
  */
 export function isExecutionEnabled() {
-    return EXECUTION_ENABLED;
+    const entitlement = resolveEntitlement();
+    return entitlement === 'internal' || entitlement === 'paid';
 }
 /**
  * Get the list of commands that are always allowed.

package/dist/gates/execution-gate.js.map

@@ -1 +1 @@
-{"version":3,"file":"execution-gate.js","sourceRoot":"","sources":["../../src/gates/execution-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAC/C,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAE3D,+EAA+E;AAC/E,+BAA+B;AAC/B,+EAA+E;AAE/E;;;;;;;GAOG;AACH,MAAM,iBAAiB,GAAG,OAAO,CAAC,GAAG,CAAC,0BAA0B,KAAK,MAAM,CAAC;AAE5E;;;GAGG;AACH,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC;IAC/B,OAAO;IACP,QAAQ;IACR,QAAQ;IACR,MAAM;IACN,SAAS;CACV,CAAC,CAAC;AAWH;;;;;;;GAOG;AACH,MAAM,eAAe,GAAwB,IAAI,GAAG,CAAC;IACnD,wBAAwB;IACxB,iCAAiC;IACjC,0BAA0B;IAC1B,yBAAyB;IACzB,aAAa;IACb,kBAAkB;IAClB,oBAAoB;IACpB,0BAA0B;CAC3B,CAAC,CAAC;AAEH;;;;;;;;;GASG;AACH,MAAM,UAAU,kBAAkB;IAChC,sEAAsE;IACtE,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IACpD,IAAI,QAAQ,IAAI,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QAC5D,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,qCAAqC;IACrC,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IACrC,IAAI,WAAW,IAAI,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QAClE,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,8BAA8B;IAC9B,MAAM,OAAO,GAAG,gBAAgB,EAAE,CAAC;IACnC,IAAI,OAAO,IAAI,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QAC1D,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,0DAA0D;IAC1D,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,cAAc;IACrB,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;QAC1E,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACnD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAClC,OAAO,KAAK,CAAC,KAAK,IAAI,IAAI,CAAC;IAC7B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAG,UAAU,CAAC,iBAAiB,CAAC;AAExE,+EAA+E;AAC/E,+BAA+B;AAC/B,+EAA+E;AAE/E,MAAM,eAAe,GAAG;;;;;;;;CAQvB,CAAC,IAAI,EAAE,CAAC;AAYT;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,0CAA0C;IAC1C,IAAI,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QAClC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,qDAAqD;IACrD,MAAM,WAAW,GAAG,kBAAkB,EAAE,CAAC;IAEzC,sEAAsE;IACtE,IAAI,WAAW,KAAK,UAAU,EAAE,CAAC;QAC/B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,8CAA8C;IAC9C,IAAI,iBAAiB,EAAE,CAAC;QACtB,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,2BAA2B;IAC3B,OAAO;QACL,OAAO,EAAE,KAAK;QACd,QAAQ,EAAE,2BAA2B;QACrC,OAAO,EAAE,eAAe;KACzB,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAAe;IAClD,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAE3C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB;IAChC,OAAO,iBAAiB,CAAC;AAC3B,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB;IAChC,OAAO,gBAAgB,CAAC;AAC1B,CAAC"}
+{"version":3,"file":"execution-gate.js","sourceRoot":"","sources":["../../src/gates/execution-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE/C,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAE3D,+EAA+E;AAC/E,+BAA+B;AAC/B,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC;IAC/B,OAAO;IACP,QAAQ;IACR,QAAQ;IACR,MAAM;IACN,SAAS;CACV,CAAC,CAAC;AAWH;;GAEG;AACH,MAAM,uBAAuB,GAAG;IAC9B,wBAAwB;IACxB,iCAAiC;IACjC,0BAA0B;IAC1B,yBAAyB;IACzB,aAAa;IACb,kBAAkB;IAClB,oBAAoB;IACpB,0BAA0B;CAC3B,CAAC;AAEF;;;;GAIG;AACH,SAAS,kBAAkB;IACzB,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,qBAAqB,CAAC,CAAC;QAC/E,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC9B,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YACrD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACnC,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjC,OAAO,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;YACpE,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,wDAAwD;IAC1D,CAAC;IAED,iDAAiD;IACjD,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,CAAC,CAAC;QACvD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,qBAAqB,CAAC,CAAC;QAC/D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC9B,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC/C,CAAC;YACD,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,uBAAuB,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7F,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,uDAAuD;IACzD,CAAC;IAED,OAAO,IAAI,GAAG,CAAC,uBAAuB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;AACpE,CAAC;AAED,uCAAuC;AACvC,MAAM,eAAe,GAAG,kBAAkB,EAAE,CAAC;AAE7C;;;;;;;;;GASG;AACH,MAAM,UAAU,kBAAkB;IAChC,sEAAsE;IACtE,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IACpD,IAAI,QAAQ,IAAI,eAAe,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QAC5D,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,wDAAwD;IACxD,MAAM,WAAW,GAAG,oBAAoB,EAAE,CAAC;IAC3C,IAAI,WAAW,EAAE,KAAK,IAAI,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QAC/E,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,0CAA0C;IAC1C,IAAI,WAAW,EAAE,OAAO,IAAI,WAAW,CAAC,cAAc,KAAK,MAAM,EAAE,CAAC;QAClE,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,8BAA8B;IAC9B,MAAM,OAAO,GAAG,gBAAgB,EAAE,CAAC;IACnC,IAAI,OAAO,IAAI,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;QAC1D,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,mFAAmF;IACnF,IAAI,WAAW,EAAE,OAAO,EAAE,CAAC;QACzB,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB;IAC3B,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,kBAAkB,CAAC,CAAC;QAC1E,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACnD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAoB,CAAC;QACrD,IAAI,CAAC,KAAK,CAAC,OAAO;YAAE,OAAO,IAAI,CAAC;QAChC,OAAO,KAAK,CAAC;IACf,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAG,UAAU,CAAC,iBAAiB,CAAC;AAExE,+EAA+E;AAC/E,+BAA+B;AAC/B,+EAA+E;AAE/E,MAAM,eAAe,GAAG;;;;;;;;CAQvB,CAAC,IAAI,EAAE,CAAC;AAYT;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,0CAA0C;IAC1C,IAAI,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QAClC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,qDAAqD;IACrD,MAAM,WAAW,GAAG,kBAAkB,EAAE,CAAC;IAEzC,kCAAkC;IAClC,IAAI,WAAW,KAAK,UAAU,EAAE,CAAC;QAC/B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,8BAA8B;IAC9B,IAAI,WAAW,KAAK,MAAM,EAAE,CAAC;QAC3B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,2BAA2B;IAC3B,OAAO;QACL,OAAO,EAAE,KAAK;QACd,QAAQ,EAAE,2BAA2B;QACrC,OAAO,EAAE,eAAe;KACzB,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAAe;IAClD,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAE3C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAC9B,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;AACH,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB;IAChC,MAAM,WAAW,GAAG,kBAAkB,EAAE,CAAC;IACzC,OAAO,WAAW,KAAK,UAAU,IAAI,WAAW,KAAK,MAAM,CAAC;AAC9D,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,kBAAkB;IAChC,OAAO,gBAAgB,CAAC;AAC1B,CAAC"}

package/dist/gates/index.d.ts

@@ -1,8 +1,31 @@
 /**
- * Gates Module
+ * Control Plane Hardening Gates Index
  *
  * Centralized execution control for the Agentics CLI.
  * This module contains all gate logic for controlling command execution.
+ *
+ * GATE ENFORCEMENT ORDER:
+ * 1. Execution Gate - Kill-switch (entitlement check)
+ * 2. Auth Session Gate - Requires authenticated session
+ * 3. Service Health Gate - Validates Ruvector-backed service availability
+ * 4. Output Format Gate - Enforces strict JSON output
+ * 5. Argument Guard Gate - Validates argument types per ADR-001
+ * 6. Lineage Gate - Enforces simulation traceability per ADR-004
+ *
+ * CRITICAL REQUIREMENTS MET:
+ * - CLI requires Ruvector-backed services (Service Health Gate)
+ * - CLI never executes agents locally (Localhost Safeguard in endpoints.ts)
+ * - CLI fails loudly if services misconfigured (All gates fail-fast)
+ * - Requires authenticated session (Auth Session Gate)
+ * - Validates target service availability (Service Health Gate)
+ * - Enforces strict JSON outputs (Output Format Gate)
+ * - Never allows narrative output (Output Format Gate)
+ * - Enterprise artifacts trace to governed simulations (Lineage Gate)
  */
-export { checkExecutionGate, enforceExecutionGate, isExecutionEnabled, getAllowedCommands, EXECUTION_BLOCKED_EXIT_CODE, type ExecutionGateResult, } from './execution-gate.js';
+export { checkExecutionGate, enforceExecutionGate, isExecutionEnabled, getAllowedCommands, resolveEntitlement, EXECUTION_BLOCKED_EXIT_CODE, type ExecutionGateResult, type Entitlement, } from './execution-gate.js';
+export { enforceAuthSessionGate, checkAuthSessionGate, requiresAuthentication, AUTH_REQUIRED_EXIT_CODE, AuthSessionRequiredError, type AuthSessionGateResult, } from './auth-session-gate.js';
+export { enforceServiceHealthGate, checkServiceHealthGate, requiresHealthCheck, SERVICE_UNAVAILABLE_EXIT_CODE, ServiceHealthError, type ServiceHealthResult, type ServiceHealthGateResult, } from './service-health-gate.js';
+export { enforceOutputFormatGate, checkOutputFormatGate, requiresStructuredOutput, getDefaultFormat, INVALID_FORMAT_EXIT_CODE, InvalidOutputFormatError, type OutputFormatGateResult, } from './output-format-gate.js';
+export { checkArgumentGuard, enforceArgumentGuard, requiresArgumentValidation, type ArgumentGuardResult, } from './argument-guard.js';
+export { checkLineageGate, enforceLineageGate, requiresLineageValidation, LINEAGE_VIOLATION_EXIT_CODE, type LineageGateResult, } from './lineage-gate.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/gates/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/gates/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EACL,kBAAkB,EAClB,oBAAoB,EACpB,kBAAkB,EAClB,kBAAkB,EAClB,2BAA2B,EAC3B,KAAK,mBAAmB,GACzB,MAAM,qBAAqB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/gates/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAGH,OAAO,EACL,kBAAkB,EAClB,oBAAoB,EACpB,kBAAkB,EAClB,kBAAkB,EAClB,kBAAkB,EAClB,2BAA2B,EAC3B,KAAK,mBAAmB,EACxB,KAAK,WAAW,GACjB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,sBAAsB,EACtB,oBAAoB,EACpB,sBAAsB,EACtB,uBAAuB,EACvB,wBAAwB,EACxB,KAAK,qBAAqB,GAC3B,MAAM,wBAAwB,CAAC;AAGhC,OAAO,EACL,wBAAwB,EACxB,sBAAsB,EACtB,mBAAmB,EACnB,6BAA6B,EAC7B,kBAAkB,EAClB,KAAK,mBAAmB,EACxB,KAAK,uBAAuB,GAC7B,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EACL,uBAAuB,EACvB,qBAAqB,EACrB,wBAAwB,EACxB,gBAAgB,EAChB,wBAAwB,EACxB,wBAAwB,EACxB,KAAK,sBAAsB,GAC5B,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EACL,kBAAkB,EAClB,oBAAoB,EACpB,0BAA0B,EAC1B,KAAK,mBAAmB,GACzB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,gBAAgB,EAChB,kBAAkB,EAClB,yBAAyB,EACzB,2BAA2B,EAC3B,KAAK,iBAAiB,GACvB,MAAM,mBAAmB,CAAC"}

package/dist/gates/index.js

@@ -1,8 +1,37 @@
 /**
- * Gates Module
+ * Control Plane Hardening Gates Index
  *
  * Centralized execution control for the Agentics CLI.
  * This module contains all gate logic for controlling command execution.
+ *
+ * GATE ENFORCEMENT ORDER:
+ * 1. Execution Gate - Kill-switch (entitlement check)
+ * 2. Auth Session Gate - Requires authenticated session
+ * 3. Service Health Gate - Validates Ruvector-backed service availability
+ * 4. Output Format Gate - Enforces strict JSON output
+ * 5. Argument Guard Gate - Validates argument types per ADR-001
+ * 6. Lineage Gate - Enforces simulation traceability per ADR-004
+ *
+ * CRITICAL REQUIREMENTS MET:
+ * - CLI requires Ruvector-backed services (Service Health Gate)
+ * - CLI never executes agents locally (Localhost Safeguard in endpoints.ts)
+ * - CLI fails loudly if services misconfigured (All gates fail-fast)
+ * - Requires authenticated session (Auth Session Gate)
+ * - Validates target service availability (Service Health Gate)
+ * - Enforces strict JSON outputs (Output Format Gate)
+ * - Never allows narrative output (Output Format Gate)
+ * - Enterprise artifacts trace to governed simulations (Lineage Gate)
  */
-export { checkExecutionGate, enforceExecutionGate, isExecutionEnabled, getAllowedCommands, EXECUTION_BLOCKED_EXIT_CODE, } from './execution-gate.js';
+// Execution Gate - Hard kill-switch
+export { checkExecutionGate, enforceExecutionGate, isExecutionEnabled, getAllowedCommands, resolveEntitlement, EXECUTION_BLOCKED_EXIT_CODE, } from './execution-gate.js';
+// Auth Session Gate - Requires authenticated session
+export { enforceAuthSessionGate, checkAuthSessionGate, requiresAuthentication, AUTH_REQUIRED_EXIT_CODE, AuthSessionRequiredError, } from './auth-session-gate.js';
+// Service Health Gate - Validates Ruvector-backed services
+export { enforceServiceHealthGate, checkServiceHealthGate, requiresHealthCheck, SERVICE_UNAVAILABLE_EXIT_CODE, ServiceHealthError, } from './service-health-gate.js';
+// Output Format Gate - Enforces strict JSON output
+export { enforceOutputFormatGate, checkOutputFormatGate, requiresStructuredOutput, getDefaultFormat, INVALID_FORMAT_EXIT_CODE, InvalidOutputFormatError, } from './output-format-gate.js';
+// Argument Guard Gate - Validates argument types per ADR-001
+export { checkArgumentGuard, enforceArgumentGuard, requiresArgumentValidation, } from './argument-guard.js';
+// Lineage Gate - Enforces simulation traceability per ADR-004
+export { checkLineageGate, enforceLineageGate, requiresLineageValidation, LINEAGE_VIOLATION_EXIT_CODE, } from './lineage-gate.js';
 //# sourceMappingURL=index.js.map

package/dist/gates/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/gates/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EACL,kBAAkB,EAClB,oBAAoB,EACpB,kBAAkB,EAClB,kBAAkB,EAClB,2BAA2B,GAE5B,MAAM,qBAAqB,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/gates/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,oCAAoC;AACpC,OAAO,EACL,kBAAkB,EAClB,oBAAoB,EACpB,kBAAkB,EAClB,kBAAkB,EAClB,kBAAkB,EAClB,2BAA2B,GAG5B,MAAM,qBAAqB,CAAC;AAE7B,qDAAqD;AACrD,OAAO,EACL,sBAAsB,EACtB,oBAAoB,EACpB,sBAAsB,EACtB,uBAAuB,EACvB,wBAAwB,GAEzB,MAAM,wBAAwB,CAAC;AAEhC,2DAA2D;AAC3D,OAAO,EACL,wBAAwB,EACxB,sBAAsB,EACtB,mBAAmB,EACnB,6BAA6B,EAC7B,kBAAkB,GAGnB,MAAM,0BAA0B,CAAC;AAElC,mDAAmD;AACnD,OAAO,EACL,uBAAuB,EACvB,qBAAqB,EACrB,wBAAwB,EACxB,gBAAgB,EAChB,wBAAwB,EACxB,wBAAwB,GAEzB,MAAM,yBAAyB,CAAC;AAEjC,6DAA6D;AAC7D,OAAO,EACL,kBAAkB,EAClB,oBAAoB,EACpB,0BAA0B,GAE3B,MAAM,qBAAqB,CAAC;AAE7B,8DAA8D;AAC9D,OAAO,EACL,gBAAgB,EAChB,kBAAkB,EAClB,yBAAyB,EACzB,2BAA2B,GAE5B,MAAM,mBAAmB,CAAC"}

package/dist/gates/lineage-gate.d.ts

@@ -0,0 +1,55 @@
+/**
+ * Lineage Gate — Gate 6 (ADR-004 Enforcement)
+ *
+ * PURPOSE: Enforce that artifact-producing commands reference a valid
+ * simulation parent. No integration proposal or ERP mapping may
+ * exist without traceability to a governed simulation.
+ *
+ * INVARIANTS ENFORCED:
+ * - ADR-004 Invariant 2: Every integration/ERP mapping derives from a simulation
+ * - ADR-004 Invariant 3: No integration proposal without traceability
+ * - ADR-004 Invariant 7: CLI is only path for artifact creation
+ *
+ * EXIT CODE: 110 (LINEAGE_VIOLATION)
+ *
+ * BEHAVIOR:
+ * - Commands that produce enterprise artifacts (erp surface, erp map,
+ *   erp export) must pass a simulation_id in their positional args
+ *   or flags when the lineage gate is enabled.
+ * - Commands that do not produce artifacts (list, inspect, help)
+ *   are exempt from lineage validation.
+ * - The gate validates that simulation_id is present and non-empty.
+ *   Whether the simulation exists in Ruvector is validated at the
+ *   command level, not at the gate level (gate is synchronous).
+ */
+import type { CommandObject } from '../types/index.js';
+export declare const LINEAGE_VIOLATION_EXIT_CODE = 110;
+export interface LineageGateResult {
+    /** Whether the command passed lineage validation */
+    allowed: boolean;
+    /** Error message if validation failed */
+    message: string;
+    /** Exit code if validation failed */
+    exitCode: number;
+    /** Whether this command requires lineage */
+    lineageRequired: boolean;
+}
+/**
+ * Check whether a command passes lineage validation.
+ * Returns a result indicating whether the command is allowed.
+ *
+ * Lineage is required when:
+ * 1. The command is in LINEAGE_REQUIRED_COMMANDS
+ * 2. The command is not in LINEAGE_EXEMPT_COMMANDS
+ * 3. The command produces enterprise artifacts
+ */
+export declare function checkLineageGate(cmd: CommandObject): LineageGateResult;
+/**
+ * Enforce lineage gate — exits the process if validation fails.
+ */
+export declare function enforceLineageGate(cmd: CommandObject): void;
+/**
+ * Check if a command requires lineage validation.
+ */
+export declare function requiresLineageValidation(primary: string, sub?: string): boolean;
+//# sourceMappingURL=lineage-gate.d.ts.map

package/dist/gates/lineage-gate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"lineage-gate.d.ts","sourceRoot":"","sources":["../../src/gates/lineage-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAOvD,eAAO,MAAM,2BAA2B,MAAM,CAAC;AA2B/C,MAAM,WAAW,iBAAiB;IAChC,oDAAoD;IACpD,OAAO,EAAE,OAAO,CAAC;IACjB,yCAAyC;IACzC,OAAO,EAAE,MAAM,CAAC;IAChB,qCAAqC;IACrC,QAAQ,EAAE,MAAM,CAAC;IACjB,4CAA4C;IAC5C,eAAe,EAAE,OAAO,CAAC;CAC1B;AAMD;;;;;;;;GAQG;AACH,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,aAAa,GAAG,iBAAiB,CAyCtE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,aAAa,GAAG,IAAI,CAc3D;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAMhF"}

package/dist/gates/lineage-gate.js

@@ -0,0 +1,127 @@
+/**
+ * Lineage Gate — Gate 6 (ADR-004 Enforcement)
+ *
+ * PURPOSE: Enforce that artifact-producing commands reference a valid
+ * simulation parent. No integration proposal or ERP mapping may
+ * exist without traceability to a governed simulation.
+ *
+ * INVARIANTS ENFORCED:
+ * - ADR-004 Invariant 2: Every integration/ERP mapping derives from a simulation
+ * - ADR-004 Invariant 3: No integration proposal without traceability
+ * - ADR-004 Invariant 7: CLI is only path for artifact creation
+ *
+ * EXIT CODE: 110 (LINEAGE_VIOLATION)
+ *
+ * BEHAVIOR:
+ * - Commands that produce enterprise artifacts (erp surface, erp map,
+ *   erp export) must pass a simulation_id in their positional args
+ *   or flags when the lineage gate is enabled.
+ * - Commands that do not produce artifacts (list, inspect, help)
+ *   are exempt from lineage validation.
+ * - The gate validates that simulation_id is present and non-empty.
+ *   Whether the simulation exists in Ruvector is validated at the
+ *   command level, not at the gate level (gate is synchronous).
+ */
+import { validateTraceability } from '../enterprise/lineage.js';
+// ============================================================================
+// Constants
+// ============================================================================
+export const LINEAGE_VIOLATION_EXIT_CODE = 110;
+/**
+ * Commands that produce enterprise artifacts requiring lineage.
+ * These commands must reference a simulation_id.
+ */
+const LINEAGE_REQUIRED_COMMANDS = new Map([
+    ['erp', new Set(['surface', 'map', 'export'])],
+]);
+/**
+ * Commands exempt from lineage validation.
+ * These commands are read-only or do not produce artifacts.
+ */
+const LINEAGE_EXEMPT_COMMANDS = new Set([
+    'help',
+    'version',
+    'login',
+    'logout',
+    'whoami',
+    'usage',
+]);
+// ============================================================================
+// Gate Implementation
+// ============================================================================
+/**
+ * Check whether a command passes lineage validation.
+ * Returns a result indicating whether the command is allowed.
+ *
+ * Lineage is required when:
+ * 1. The command is in LINEAGE_REQUIRED_COMMANDS
+ * 2. The command is not in LINEAGE_EXEMPT_COMMANDS
+ * 3. The command produces enterprise artifacts
+ */
+export function checkLineageGate(cmd) {
+    const primary = cmd.command;
+    const sub = cmd.subcommand;
+    // Exempt commands skip lineage validation
+    if (LINEAGE_EXEMPT_COMMANDS.has(primary)) {
+        return { allowed: true, message: '', exitCode: 0, lineageRequired: false };
+    }
+    // Check if this command+subcommand requires lineage
+    const requiredSubs = LINEAGE_REQUIRED_COMMANDS.get(primary);
+    if (!requiredSubs || !sub || !requiredSubs.has(sub)) {
+        return { allowed: true, message: '', exitCode: 0, lineageRequired: false };
+    }
+    // This command requires lineage — check for simulation_id
+    // simulation_id can be provided as:
+    // 1. A flag: --simulation-id <id>
+    // 2. An option: simulation_id in options
+    // 3. The first positional arg (for commands that take simulation_id as primary arg)
+    const simulationId = cmd.options['simulation-id'] ??
+        cmd.options['simulation_id'] ??
+        cmd.flags['simulation-id'] ??
+        undefined;
+    const validation = validateTraceability(simulationId, `${primary} ${sub}`);
+    if (!validation.valid) {
+        return {
+            allowed: false,
+            message: `Lineage violation: ${validation.message}\n` +
+                `Usage: agentics ${primary} ${sub} --simulation-id <simulation_id>\n` +
+                `\n` +
+                `Enterprise artifacts must trace to a governed simulation (ADR-004).`,
+            exitCode: LINEAGE_VIOLATION_EXIT_CODE,
+            lineageRequired: true,
+        };
+    }
+    return { allowed: true, message: '', exitCode: 0, lineageRequired: true };
+}
+/**
+ * Enforce lineage gate — exits the process if validation fails.
+ */
+export function enforceLineageGate(cmd) {
+    const result = checkLineageGate(cmd);
+    if (!result.allowed) {
+        console.error(JSON.stringify({
+            error: {
+                code: 'LINEAGE_VIOLATION',
+                message: result.message,
+                command: `${cmd.command} ${cmd.subcommand ?? ''}`.trim(),
+                exit_code: result.exitCode,
+                adr: 'ADR-004',
+            },
+        }));
+        process.exit(result.exitCode);
+    }
+}
+/**
+ * Check if a command requires lineage validation.
+ */
+export function requiresLineageValidation(primary, sub) {
+    if (LINEAGE_EXEMPT_COMMANDS.has(primary))
+        return false;
+    const requiredSubs = LINEAGE_REQUIRED_COMMANDS.get(primary);
+    if (!requiredSubs)
+        return false;
+    if (!sub)
+        return false;
+    return requiredSubs.has(sub);
+}
+//# sourceMappingURL=lineage-gate.js.map

package/dist/gates/lineage-gate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"lineage-gate.js","sourceRoot":"","sources":["../../src/gates/lineage-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAGH,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAEhE,+EAA+E;AAC/E,YAAY;AACZ,+EAA+E;AAE/E,MAAM,CAAC,MAAM,2BAA2B,GAAG,GAAG,CAAC;AAE/C;;;GAGG;AACH,MAAM,yBAAyB,GAA6C,IAAI,GAAG,CAAC;IAClF,CAAC,KAAK,EAAE,IAAI,GAAG,CAAC,CAAC,SAAS,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC;CAC/C,CAAC,CAAC;AAEH;;;GAGG;AACH,MAAM,uBAAuB,GAAwB,IAAI,GAAG,CAAC;IAC3D,MAAM;IACN,SAAS;IACT,OAAO;IACP,QAAQ;IACR,QAAQ;IACR,OAAO;CACR,CAAC,CAAC;AAiBH,+EAA+E;AAC/E,sBAAsB;AACtB,+EAA+E;AAE/E;;;;;;;;GAQG;AACH,MAAM,UAAU,gBAAgB,CAAC,GAAkB;IACjD,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC;IAC5B,MAAM,GAAG,GAAG,GAAG,CAAC,UAAU,CAAC;IAE3B,0CAA0C;IAC1C,IAAI,uBAAuB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC;IAC7E,CAAC;IAED,oDAAoD;IACpD,MAAM,YAAY,GAAG,yBAAyB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAC5D,IAAI,CAAC,YAAY,IAAI,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;QACpD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC;IAC7E,CAAC;IAED,0DAA0D;IAC1D,oCAAoC;IACpC,kCAAkC;IAClC,yCAAyC;IACzC,oFAAoF;IACpF,MAAM,YAAY,GACf,GAAG,CAAC,OAAO,CAAC,eAAe,CAAwB;QACnD,GAAG,CAAC,OAAO,CAAC,eAAe,CAAwB;QACnD,GAAG,CAAC,KAAK,CAAC,eAAe,CAAwB;QAClD,SAAS,CAAC;IAEZ,MAAM,UAAU,GAAG,oBAAoB,CAAC,YAAY,EAAE,GAAG,OAAO,IAAI,GAAG,EAAE,CAAC,CAAC;IAE3E,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;QACtB,OAAO;YACL,OAAO,EAAE,KAAK;YACd,OAAO,EAAE,sBAAsB,UAAU,CAAC,OAAO,IAAI;gBACnD,mBAAmB,OAAO,IAAI,GAAG,oCAAoC;gBACrE,IAAI;gBACJ,qEAAqE;YACvE,QAAQ,EAAE,2BAA2B;YACrC,eAAe,EAAE,IAAI;SACtB,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,eAAe,EAAE,IAAI,EAAE,CAAC;AAC5E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,GAAkB;IACnD,MAAM,MAAM,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;IACrC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;YAC3B,KAAK,EAAE;gBACL,IAAI,EAAE,mBAAmB;gBACzB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,IAAI,GAAG,CAAC,UAAU,IAAI,EAAE,EAAE,CAAC,IAAI,EAAE;gBACxD,SAAS,EAAE,MAAM,CAAC,QAAQ;gBAC1B,GAAG,EAAE,SAAS;aACf;SACF,CAAC,CAAC,CAAC;QACJ,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB,CAAC,OAAe,EAAE,GAAY;IACrE,IAAI,uBAAuB,CAAC,GAAG,CAAC,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IACvD,MAAM,YAAY,GAAG,yBAAyB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAC5D,IAAI,CAAC,YAAY;QAAE,OAAO,KAAK,CAAC;IAChC,IAAI,CAAC,GAAG;QAAE,OAAO,KAAK,CAAC;IACvB,OAAO,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;AAC/B,CAAC"}

package/dist/gates/output-format-gate.d.ts

@@ -0,0 +1,54 @@
+/**
+ * Output Format Gate Module
+ *
+ * CONTROL PLANE HARDENING
+ *
+ * PURPOSE: Enforce strict JSON-only output for CLI operations.
+ *          CLI MUST NOT produce narrative output for operational commands.
+ *
+ * CRITICAL REQUIREMENTS:
+ * - Enforce strict JSON outputs
+ * - Never allow narrative output
+ * - Validate output format before rendering
+ *
+ * FORBIDDEN:
+ * - Narrative/prose output
+ * - Unstructured text responses
+ * - Human-readable summaries (for operational commands)
+ */
+import { type OutputFormat } from '../types/index.js';
+/**
+ * Exit code for invalid output format.
+ */
+export declare const INVALID_FORMAT_EXIT_CODE: 65;
+export declare class InvalidOutputFormatError extends Error {
+    readonly requestedFormat: string;
+    readonly allowedFormats: string[];
+    constructor(requestedFormat: string, allowedFormats: string[]);
+}
+export interface OutputFormatGateResult {
+    valid: boolean;
+    format: OutputFormat;
+    exitCode?: number;
+    message?: string;
+}
+/**
+ * Validate the requested output format.
+ * Only structured formats (json, yaml) are allowed for operational commands.
+ */
+export declare function checkOutputFormatGate(requestedFormat: OutputFormat | undefined, command: string): OutputFormatGateResult;
+/**
+ * Enforce the output format gate.
+ * Exits the process if an invalid format is requested.
+ */
+export declare function enforceOutputFormatGate(requestedFormat: OutputFormat | undefined, command: string): OutputFormat;
+/**
+ * Check if a command requires structured output.
+ */
+export declare function requiresStructuredOutput(command: string): boolean;
+/**
+ * Get the default output format for a command.
+ * Always returns 'json' for operational commands.
+ */
+export declare function getDefaultFormat(command: string): OutputFormat;
+//# sourceMappingURL=output-format-gate.d.ts.map

package/dist/gates/output-format-gate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"output-format-gate.d.ts","sourceRoot":"","sources":["../../src/gates/output-format-gate.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAc,KAAK,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAelE;;GAEG;AACH,eAAO,MAAM,wBAAwB,IAA+B,CAAC;AAMrE,qBAAa,wBAAyB,SAAQ,KAAK;IACjD,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,cAAc,EAAE,MAAM,EAAE,CAAC;gBAEtB,eAAe,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,EAAE;CA0B9D;AAMD,MAAM,WAAW,sBAAsB;IACrC,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,YAAY,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAMD;;;GAGG;AACH,wBAAgB,qBAAqB,CACnC,eAAe,EAAE,YAAY,GAAG,SAAS,EACzC,OAAO,EAAE,MAAM,GACd,sBAAsB,CAmBxB;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CACrC,eAAe,EAAE,YAAY,GAAG,SAAS,EACzC,OAAO,EAAE,MAAM,GACd,YAAY,CASd;AAoBD;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAEjE;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,YAAY,CAK9D"}