@nerviq/cli 1.18.0 → 1.20.0

package/src/benchmark.js

@@ -2,12 +2,12 @@ const fs = require('fs');
 const os = require('os');
 const path = require('path');
 
-const { version } = require('../package.json');
-const { audit } = require('./audit');
-const { setup } = require('./setup');
-const { analyzeProject } = require('./analyze');
-const { getGovernanceSummary } = require('./governance');
-const { formatTerminologyLines } = require('./terminology');
+const { version } = require('../package.json');
+const { audit } = require('./audit');
+const { setup } = require('./setup');
+const { analyzeProject } = require('./analyze');
+const { getGovernanceSummary } = require('./governance');
+const { formatTerminologyLines } = require('./terminology');
 
 function copyProject(sourceDir, targetDir) {
   fs.mkdirSync(targetDir, { recursive: true });
@@ -202,36 +202,36 @@ function buildCaseStudy(before, after, applyResult) {
   };
 }
 
-function renderBenchmarkMarkdown(report) {
-  return [
-    '# NERVIQ CLI Benchmark Report',
-    '',
-    `- Generated by: ${report.generatedBy}`,
-    `- Created at: ${report.createdAt}`,
-    `- Source repo: ${report.directory}`,
-    '',
-    '## Score Semantics',
-    `- Baseline live audit score: ${report.scoreSemantics.baseline}`,
-    `- Projected benchmark score: ${report.scoreSemantics.projected}`,
-    `- Organic score: ${report.scoreSemantics.organic}`,
-    '',
-    '## Methodology',
-    ...report.methodology.map(item => `- ${item}`),
-    '',
-    '## Baseline (Live Repo)',
-    `- Live audit score: ${report.before.score}/100`,
-    `- Organic live score: ${report.before.organicScore}/100`,
-    `- Passing checks: ${report.before.passed}/${report.before.checkCount}`,
-    '',
-    '## Projected (Isolated Benchmark Copy)',
-    `- Projected benchmark score: ${report.after.score}/100`,
-    `- Projected organic score: ${report.after.organicScore}/100`,
-    `- Passing checks: ${report.after.passed}/${report.after.checkCount}`,
-    '',
-    '## Delta',
-    `- Projected score delta: ${report.delta.score}`,
-    `- Projected organic score delta: ${report.delta.organicScore}`,
-    `- Passed checks delta: ${report.delta.passed}`,
+function renderBenchmarkMarkdown(report) {
+  return [
+    '# NERVIQ CLI Benchmark Report',
+    '',
+    `- Generated by: ${report.generatedBy}`,
+    `- Created at: ${report.createdAt}`,
+    `- Source repo: ${report.directory}`,
+    '',
+    '## Score Semantics',
+    `- Baseline live audit score: ${report.scoreSemantics.baseline}`,
+    `- Projected benchmark score: ${report.scoreSemantics.projected}`,
+    `- Organic score: ${report.scoreSemantics.organic}`,
+    '',
+    '## Methodology',
+    ...report.methodology.map(item => `- ${item}`),
+    '',
+    '## Baseline (Live Repo)',
+    `- Live audit score: ${report.before.score}/100`,
+    `- Organic live score: ${report.before.organicScore}/100`,
+    `- Passing checks: ${report.before.passed}/${report.before.checkCount}`,
+    '',
+    '## Projected (Isolated Benchmark Copy)',
+    `- Projected benchmark score: ${report.after.score}/100`,
+    `- Projected organic score: ${report.after.organicScore}/100`,
+    `- Passing checks: ${report.after.passed}/${report.after.checkCount}`,
+    '',
+    '## Delta',
+    `- Projected score delta: ${report.delta.score}`,
+    `- Projected organic score delta: ${report.delta.organicScore}`,
+    `- Passed checks delta: ${report.delta.passed}`,
     '',
     '## Executive Summary',
     `- ${report.executiveSummary.headline}`,
@@ -291,14 +291,14 @@ async function runBenchmark(options) {
       schemaVersion: 1,
       generatedBy: `nerviq@${version}`,
       createdAt: new Date().toISOString(),
-      directory: sourceDir,
-      platform,
-      scoreSemantics: {
-        baseline: 'current repo state before benchmark runs',
-        projected: 'starter-safe post-setup score measured on an isolated temp copy',
-        organic: 'repo-owned config quality excluding starter-generated Nerviq assets',
-      },
-      methodology: [
+      directory: sourceDir,
+      platform,
+      scoreSemantics: {
+        baseline: 'current repo state before benchmark runs',
+        projected: 'starter-safe post-setup score measured on an isolated temp copy',
+        organic: 'repo-owned config quality excluding starter-generated Nerviq assets',
+      },
+      methodology: [
         'Run a baseline audit on the source repo.',
         'Copy the repo into a temporary isolated workspace.',
         `Apply starter-safe ${platform === 'codex' ? 'Codex' : 'Claude'} artifacts only on the isolated copy.`,
@@ -327,29 +327,29 @@ function printBenchmark(report, options = {}) {
     return;
   }
 
-  console.log('');
-  console.log('  nerviq benchmark');
-  console.log('  ═══════════════════════════════════════');
-  console.log('  Runs in an isolated temp copy. Your current repo is not modified.');
-  console.log('  Score type: baseline = live repo audit, projected = isolated post-setup benchmark.');
-  console.log('');
-  const orgDeltaSign = report.delta.organicScore >= 0 ? '+' : '';
-  const totalDeltaSign = report.delta.score >= 0 ? '+' : '';
-  console.log(`  Projected organic delta: \x1b[1m${orgDeltaSign}${report.delta.organicScore} points\x1b[0m (repo-owned config quality)`);
-  console.log(`  Projected total delta with nerviq setup: ${totalDeltaSign}${report.delta.score} points`);
-  console.log('');
-  console.log(`  Baseline live audit:      organic ${report.before.organicScore}/100, total ${report.before.score}/100`);
-  console.log(`  Projected after setup:    organic ${report.after.organicScore}/100, total ${report.after.score}/100`);
-  console.log('');
-  console.log(`  ${report.executiveSummary.headline}`);
-  console.log(`  Recommendation: ${report.executiveSummary.decisionGuidance}`);
-  console.log(`  Workflow evidence: ${report.workflowEvidence.summary.passed}/${report.workflowEvidence.summary.total} tasks (${report.workflowEvidence.summary.coverageScore}%)`);
-  console.log('');
-  for (const line of formatTerminologyLines(['governance', 'hooks', 'mcp'])) {
-    console.log(line);
-  }
-  console.log('');
-}
+  console.log('');
+  console.log('  nerviq benchmark');
+  console.log('  ═══════════════════════════════════════');
+  console.log('  Runs in an isolated temp copy. Your current repo is not modified.');
+  console.log('  Score type: baseline = live repo audit, projected = isolated post-setup benchmark.');
+  console.log('');
+  const orgDeltaSign = report.delta.organicScore >= 0 ? '+' : '';
+  const totalDeltaSign = report.delta.score >= 0 ? '+' : '';
+  console.log(`  Projected organic delta: \x1b[1m${orgDeltaSign}${report.delta.organicScore} points\x1b[0m (repo-owned config quality)`);
+  console.log(`  Projected total delta with nerviq setup: ${totalDeltaSign}${report.delta.score} points`);
+  console.log('');
+  console.log(`  Baseline live audit:      organic ${report.before.organicScore}/100, total ${report.before.score}/100`);
+  console.log(`  Projected after setup:    organic ${report.after.organicScore}/100, total ${report.after.score}/100`);
+  console.log('');
+  console.log(`  ${report.executiveSummary.headline}`);
+  console.log(`  Recommendation: ${report.executiveSummary.decisionGuidance}`);
+  console.log(`  Workflow evidence: ${report.workflowEvidence.summary.passed}/${report.workflowEvidence.summary.total} tasks (${report.workflowEvidence.summary.coverageScore}%)`);
+  console.log('');
+  for (const line of formatTerminologyLines(['governance', 'hooks', 'mcp'])) {
+    console.log(line);
+  }
+  console.log('');
+}
 
 function writeBenchmarkReport(report, outFile) {
   fs.mkdirSync(path.dirname(outFile), { recursive: true });

package/src/catalog.js

@@ -1,103 +1,103 @@
-/**
- * Public Check Catalog Generator
- * Reads ALL technique files from all 8 platforms and generates a unified JSON catalog.
- */
-
-const fs = require('fs');
-const path = require('path');
-const { version } = require('../package.json');
-
-const { TECHNIQUES: CLAUDE_TECHNIQUES } = require('./techniques');
-const { CODEX_TECHNIQUES } = require('./codex/techniques');
-const { GEMINI_TECHNIQUES } = require('./gemini/techniques');
-const { COPILOT_TECHNIQUES } = require('./copilot/techniques');
-const { CURSOR_TECHNIQUES } = require('./cursor/techniques');
-const { WINDSURF_TECHNIQUES } = require('./windsurf/techniques');
-const { AIDER_TECHNIQUES } = require('./aider/techniques');
-const { OPENCODE_TECHNIQUES } = require('./opencode/techniques');
-const { attachSourceUrls } = require('./source-urls');
-
-const PLATFORM_MAP = {
-  claude:   CLAUDE_TECHNIQUES,
-  codex:    CODEX_TECHNIQUES,
-  gemini:   GEMINI_TECHNIQUES,
-  copilot:  COPILOT_TECHNIQUES,
-  cursor:   CURSOR_TECHNIQUES,
-  windsurf: WINDSURF_TECHNIQUES,
-  aider:    AIDER_TECHNIQUES,
-  opencode: OPENCODE_TECHNIQUES,
-};
-
-/**
- * Generate a unified catalog array from all platform technique files.
- * Each entry contains:
- *   platform, id, key, name, category, impact, rating, fix, sourceUrl,
- *   confidence, lastVerified, template, deprecated
- */
-function generateCatalog() {
-  const catalog = [];
-
-  for (const [platform, techniques] of Object.entries(PLATFORM_MAP)) {
-    // Clone techniques so we don't mutate the originals
-    const cloned = {};
-    for (const [key, tech] of Object.entries(techniques)) {
-      cloned[key] = { ...tech };
-    }
-
-    // Attach source URLs
-    try {
-      attachSourceUrls(platform, cloned);
-    } catch (_) {
-      // If source URLs fail for a platform, continue without them
-    }
-
-    for (const [key, tech] of Object.entries(cloned)) {
-      catalog.push({
-        platform,
-        id: tech.id ?? null,
-        key,
-        name: tech.name ?? null,
-        category: tech.category ?? null,
-        impact: tech.impact ?? null,
-        rating: tech.rating ?? null,
-        fix: tech.fix ?? null,
-        sourceUrl: tech.sourceUrl ?? null,
-        confidence: tech.confidence ?? null,
-        lastVerified: tech.lastVerified ?? null,
-        template: tech.template ?? null,
-        deprecated: tech.deprecated ?? false,
-      });
-    }
-  }
-
-  return catalog;
-}
-
-/**
- * Generate a catalog envelope with version metadata.
- * @returns {{ catalogVersion: string, generatedAt: string, totalChecks: number, checks: Object[] }}
- */
-function generateCatalogWithVersion() {
-  const checks = generateCatalog();
-  return {
-    catalogVersion: version,
-    generatedAt: new Date().toISOString(),
-    totalChecks: checks.length,
-    checks,
-  };
-}
-
-/**
- * Write the catalog as formatted JSON to the given output path.
- * @param {string} outputPath - Absolute or relative path for the JSON file
- * @returns {{ path: string, count: number }} Written path and entry count
- */
-function writeCatalogJson(outputPath) {
-  const catalog = generateCatalog();
-  const resolved = path.resolve(outputPath);
-  fs.mkdirSync(path.dirname(resolved), { recursive: true });
-  fs.writeFileSync(resolved, JSON.stringify(catalog, null, 2) + '\n', 'utf8');
-  return { path: resolved, count: catalog.length };
-}
-
-module.exports = { generateCatalog, generateCatalogWithVersion, writeCatalogJson };
+/**
+ * Public Check Catalog Generator
+ * Reads ALL technique files from all 8 platforms and generates a unified JSON catalog.
+ */
+
+const fs = require('fs');
+const path = require('path');
+const { version } = require('../package.json');
+
+const { TECHNIQUES: CLAUDE_TECHNIQUES } = require('./techniques');
+const { CODEX_TECHNIQUES } = require('./codex/techniques');
+const { GEMINI_TECHNIQUES } = require('./gemini/techniques');
+const { COPILOT_TECHNIQUES } = require('./copilot/techniques');
+const { CURSOR_TECHNIQUES } = require('./cursor/techniques');
+const { WINDSURF_TECHNIQUES } = require('./windsurf/techniques');
+const { AIDER_TECHNIQUES } = require('./aider/techniques');
+const { OPENCODE_TECHNIQUES } = require('./opencode/techniques');
+const { attachSourceUrls } = require('./source-urls');
+
+const PLATFORM_MAP = {
+  claude:   CLAUDE_TECHNIQUES,
+  codex:    CODEX_TECHNIQUES,
+  gemini:   GEMINI_TECHNIQUES,
+  copilot:  COPILOT_TECHNIQUES,
+  cursor:   CURSOR_TECHNIQUES,
+  windsurf: WINDSURF_TECHNIQUES,
+  aider:    AIDER_TECHNIQUES,
+  opencode: OPENCODE_TECHNIQUES,
+};
+
+/**
+ * Generate a unified catalog array from all platform technique files.
+ * Each entry contains:
+ *   platform, id, key, name, category, impact, rating, fix, sourceUrl,
+ *   confidence, lastVerified, template, deprecated
+ */
+function generateCatalog() {
+  const catalog = [];
+
+  for (const [platform, techniques] of Object.entries(PLATFORM_MAP)) {
+    // Clone techniques so we don't mutate the originals
+    const cloned = {};
+    for (const [key, tech] of Object.entries(techniques)) {
+      cloned[key] = { ...tech };
+    }
+
+    // Attach source URLs
+    try {
+      attachSourceUrls(platform, cloned);
+    } catch (_) {
+      // If source URLs fail for a platform, continue without them
+    }
+
+    for (const [key, tech] of Object.entries(cloned)) {
+      catalog.push({
+        platform,
+        id: tech.id ?? null,
+        key,
+        name: tech.name ?? null,
+        category: tech.category ?? null,
+        impact: tech.impact ?? null,
+        rating: tech.rating ?? null,
+        fix: tech.fix ?? null,
+        sourceUrl: tech.sourceUrl ?? null,
+        confidence: tech.confidence ?? null,
+        lastVerified: tech.lastVerified ?? null,
+        template: tech.template ?? null,
+        deprecated: tech.deprecated ?? false,
+      });
+    }
+  }
+
+  return catalog;
+}
+
+/**
+ * Generate a catalog envelope with version metadata.
+ * @returns {{ catalogVersion: string, generatedAt: string, totalChecks: number, checks: Object[] }}
+ */
+function generateCatalogWithVersion() {
+  const checks = generateCatalog();
+  return {
+    catalogVersion: version,
+    generatedAt: new Date().toISOString(),
+    totalChecks: checks.length,
+    checks,
+  };
+}
+
+/**
+ * Write the catalog as formatted JSON to the given output path.
+ * @param {string} outputPath - Absolute or relative path for the JSON file
+ * @returns {{ path: string, count: number }} Written path and entry count
+ */
+function writeCatalogJson(outputPath) {
+  const catalog = generateCatalog();
+  const resolved = path.resolve(outputPath);
+  fs.mkdirSync(path.dirname(resolved), { recursive: true });
+  fs.writeFileSync(resolved, JSON.stringify(catalog, null, 2) + '\n', 'utf8');
+  return { path: resolved, count: catalog.length };
+}
+
+module.exports = { generateCatalog, generateCatalogWithVersion, writeCatalogJson };

package/src/certification.js

@@ -1,128 +1,128 @@
-/**
- * Certification system for Nerviq.
- * Evaluates a project against all active platforms and assigns a certification level.
- */
-
-const path = require('path');
-const { audit } = require('./audit');
-const { harmonyAudit } = require('./harmony/audit');
-const { detectPlatforms } = require('./public-api');
-
-const LEVELS = {
-  GOLD: 'Nerviq Certified Gold',
-  SILVER: 'Nerviq Certified Silver',
-  BRONZE: 'Nerviq Certified Bronze',
-  NONE: 'Not Certified',
-};
-
-const BADGE_COLORS = {
-  [LEVELS.GOLD]: 'gold',
-  [LEVELS.SILVER]: 'silver',
-  [LEVELS.BRONZE]: 'cd7f32',
-  [LEVELS.NONE]: 'lightgrey',
-};
-
-/**
- * Certify a project directory.
- * Runs harmony audit and per-platform audits, then determines certification level.
- *
- * @param {string} dir - Project directory path
- * @returns {Promise<{ level: string, harmonyScore: number, platformScores: Object, badge: string }>}
- */
-async function certifyProject(dir) {
-  const resolvedDir = path.resolve(dir || '.');
-
-  // Detect active platforms
-  const platforms = detectPlatforms(resolvedDir);
-
-  // Run per-platform audits
-  const platformScores = {};
-  const allAuditResults = [];
-  for (const platform of platforms) {
-    try {
-      const result = await audit({ dir: resolvedDir, platform, silent: true });
-      platformScores[platform] = result.score;
-      if (Array.isArray(result.results)) {
-        allAuditResults.push(...result.results);
-      }
-    } catch {
-      platformScores[platform] = 0;
-    }
-  }
-
-  // Run harmony audit
-  let harmonyScore = 0;
-  try {
-    const harmonyResult = await harmonyAudit({ dir: resolvedDir, silent: true });
-    harmonyScore = harmonyResult.harmonyScore || 0;
-  } catch {
-    harmonyScore = 0;
-  }
-
-  // Determine certification level with security gates
-  const scores = Object.values(platformScores);
-  const allAbove70 = scores.length > 0 && scores.every(s => s >= 70);
-  const allAbove50 = scores.length > 0 && scores.every(s => s >= 50);
-  const anyAbove40 = scores.some(s => s >= 40);
-
-  // Security gate helpers — check whether specific audit checks passed
-  const checkPassed = (key) => {
-    const match = allAuditResults.find(r => r.key === key);
-    return match ? match.passed === true : false;
-  };
-
-  const gitIgnoreOk = checkPassed('gitIgnoreEnv');
-  const secretsOk = checkPassed('secretsProtection');
-  const criticalAntiPatterns = allAuditResults.filter(
-    r => r.passed === false && r.impact === 'critical'
-  );
-  const noCriticalAntiPatterns = criticalAntiPatterns.length === 0;
-
-  // Bronze gate: score >= 40 AND basic security (gitignore + secrets protection)
-  const bronzeSecurityGate = gitIgnoreOk && secretsOk;
-  // Silver gate: Bronze requirements AND no critical anti-patterns
-  const silverSecurityGate = bronzeSecurityGate && noCriticalAntiPatterns;
-
-  let level;
-  if (harmonyScore >= 80 && allAbove70 && silverSecurityGate) {
-    level = LEVELS.GOLD;
-  } else if (harmonyScore >= 60 && allAbove50 && silverSecurityGate) {
-    level = LEVELS.SILVER;
-  } else if (anyAbove40 && bronzeSecurityGate) {
-    level = LEVELS.BRONZE;
-  } else {
-    level = LEVELS.NONE;
-  }
-
-  const badge = generateCertBadge(level);
-
-  return {
-    level,
-    harmonyScore,
-    platformScores,
-    platforms,
-    badge,
-    securityGates: {
-      gitIgnoreEnv: gitIgnoreOk,
-      secretsProtection: secretsOk,
-      noCriticalAntiPatterns,
-      criticalAntiPatternCount: criticalAntiPatterns.length,
-    },
-  };
-}
-
-/**
- * Generate a shields.io badge markdown string for a certification level.
- *
- * @param {string} level - One of the LEVELS values
- * @returns {string} Markdown badge string
- */
-function generateCertBadge(level) {
-  const color = BADGE_COLORS[level] || 'lightgrey';
-  const label = encodeURIComponent('Nerviq');
-  const message = encodeURIComponent(level);
-  const url = `https://img.shields.io/badge/${label}-${message}-${color}`;
-  return `[![${level}](${url})](https://nerviq.net)`;
-}
-
-module.exports = { certifyProject, generateCertBadge, LEVELS };
+/**
+ * Certification system for Nerviq.
+ * Evaluates a project against all active platforms and assigns a certification level.
+ */
+
+const path = require('path');
+const { audit } = require('./audit');
+const { harmonyAudit } = require('./harmony/audit');
+const { detectPlatforms } = require('./public-api');
+
+const LEVELS = {
+  GOLD: 'Nerviq Certified Gold',
+  SILVER: 'Nerviq Certified Silver',
+  BRONZE: 'Nerviq Certified Bronze',
+  NONE: 'Not Certified',
+};
+
+const BADGE_COLORS = {
+  [LEVELS.GOLD]: 'gold',
+  [LEVELS.SILVER]: 'silver',
+  [LEVELS.BRONZE]: 'cd7f32',
+  [LEVELS.NONE]: 'lightgrey',
+};
+
+/**
+ * Certify a project directory.
+ * Runs harmony audit and per-platform audits, then determines certification level.
+ *
+ * @param {string} dir - Project directory path
+ * @returns {Promise<{ level: string, harmonyScore: number, platformScores: Object, badge: string }>}
+ */
+async function certifyProject(dir) {
+  const resolvedDir = path.resolve(dir || '.');
+
+  // Detect active platforms
+  const platforms = detectPlatforms(resolvedDir);
+
+  // Run per-platform audits
+  const platformScores = {};
+  const allAuditResults = [];
+  for (const platform of platforms) {
+    try {
+      const result = await audit({ dir: resolvedDir, platform, silent: true });
+      platformScores[platform] = result.score;
+      if (Array.isArray(result.results)) {
+        allAuditResults.push(...result.results);
+      }
+    } catch {
+      platformScores[platform] = 0;
+    }
+  }
+
+  // Run harmony audit
+  let harmonyScore = 0;
+  try {
+    const harmonyResult = await harmonyAudit({ dir: resolvedDir, silent: true });
+    harmonyScore = harmonyResult.harmonyScore || 0;
+  } catch {
+    harmonyScore = 0;
+  }
+
+  // Determine certification level with security gates
+  const scores = Object.values(platformScores);
+  const allAbove70 = scores.length > 0 && scores.every(s => s >= 70);
+  const allAbove50 = scores.length > 0 && scores.every(s => s >= 50);
+  const anyAbove40 = scores.some(s => s >= 40);
+
+  // Security gate helpers — check whether specific audit checks passed
+  const checkPassed = (key) => {
+    const match = allAuditResults.find(r => r.key === key);
+    return match ? match.passed === true : false;
+  };
+
+  const gitIgnoreOk = checkPassed('gitIgnoreEnv');
+  const secretsOk = checkPassed('secretsProtection');
+  const criticalAntiPatterns = allAuditResults.filter(
+    r => r.passed === false && r.impact === 'critical'
+  );
+  const noCriticalAntiPatterns = criticalAntiPatterns.length === 0;
+
+  // Bronze gate: score >= 40 AND basic security (gitignore + secrets protection)
+  const bronzeSecurityGate = gitIgnoreOk && secretsOk;
+  // Silver gate: Bronze requirements AND no critical anti-patterns
+  const silverSecurityGate = bronzeSecurityGate && noCriticalAntiPatterns;
+
+  let level;
+  if (harmonyScore >= 80 && allAbove70 && silverSecurityGate) {
+    level = LEVELS.GOLD;
+  } else if (harmonyScore >= 60 && allAbove50 && silverSecurityGate) {
+    level = LEVELS.SILVER;
+  } else if (anyAbove40 && bronzeSecurityGate) {
+    level = LEVELS.BRONZE;
+  } else {
+    level = LEVELS.NONE;
+  }
+
+  const badge = generateCertBadge(level);
+
+  return {
+    level,
+    harmonyScore,
+    platformScores,
+    platforms,
+    badge,
+    securityGates: {
+      gitIgnoreEnv: gitIgnoreOk,
+      secretsProtection: secretsOk,
+      noCriticalAntiPatterns,
+      criticalAntiPatternCount: criticalAntiPatterns.length,
+    },
+  };
+}
+
+/**
+ * Generate a shields.io badge markdown string for a certification level.
+ *
+ * @param {string} level - One of the LEVELS values
+ * @returns {string} Markdown badge string
+ */
+function generateCertBadge(level) {
+  const color = BADGE_COLORS[level] || 'lightgrey';
+  const label = encodeURIComponent('Nerviq');
+  const message = encodeURIComponent(level);
+  const url = `https://img.shields.io/badge/${label}-${message}-${color}`;
+  return `[![${level}](${url})](https://nerviq.net)`;
+}
+
+module.exports = { certifyProject, generateCertBadge, LEVELS };