@nforma.ai/nforma 0.2.1

package/package.json

@@ -0,0 +1,95 @@
+{
+  "name": "@nforma.ai/nforma",
+  "version": "0.2.1",
+  "description": "nForma — Quorum Gets Shit Done. Multi-model quorum enforcement for GSD planning commands via Claude Code hooks.",
+  "bin": {
+    "nforma": "bin/install.js",
+    "qgsd": "bin/install.js",
+    "get-shit-done-cc": "bin/install.js"
+  },
+  "files": [
+    "bin",
+    "!**/*.test.*",
+    "commands",
+    "get-shit-done",
+    "agents",
+    "hooks/dist",
+    "scripts",
+    "!scripts/generate-logo-svg.js",
+    "!scripts/generate-terminal-svg.js",
+    "!scripts/lint-isolation.js",
+    "!scripts/publish.sh",
+    "templates"
+  ],
+  "keywords": [
+    "claude",
+    "claude-code",
+    "ai",
+    "meta-prompting",
+    "context-engineering",
+    "spec-driven-development",
+    "gemini",
+    "gemini-cli"
+  ],
+  "author": "nForma AI",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/nForma-AI/nForma.git"
+  },
+  "homepage": "https://github.com/nForma-AI/nForma",
+  "bugs": {
+    "url": "https://github.com/nForma-AI/nForma/issues"
+  },
+  "engines": {
+    "node": ">=16.7.0"
+  },
+  "dependencies": {
+    "@xterm/headless": "^5.5.0",
+    "blessed": "^0.1.81",
+    "blessed-xterm": "^1.5.1",
+    "inquirer": "^8.2.7",
+    "keytar": "^7.9.0",
+    "node-pty": "^1.1.0"
+  },
+  "devDependencies": {
+    "@hpcc-js/wasm-graphviz": "^1.21.0",
+    "esbuild": "^0.27.3",
+    "husky": "^9.1.7",
+    "lint-staged": "^16.3.2",
+    "tsup": "^8.5.1",
+    "typescript": "^5.9.3",
+    "xstate": "^5.28.0"
+  },
+  "overrides": {
+    "blessed-xterm": {
+      "node-pty": "$node-pty"
+    }
+  },
+  "lint-staged": {},
+  "scripts": {
+    "postinstall": "node scripts/postinstall.js",
+    "build:hooks": "node scripts/build-hooks.js",
+    "build:machines": "npx tsup src/machines/qgsd-workflow.machine.ts --format cjs --out-dir dist/machines --no-splitting --tsconfig tsconfig.formal.json",
+    "generate-terminal": "node scripts/generate-terminal-svg.js",
+    "generate-logo": "node scripts/generate-logo-svg.js",
+    "generate-assets": "npm run generate-terminal && npm run generate-logo",
+    "publish:npm": "bash scripts/publish.sh",
+    "prepublishOnly": "npm run build:hooks",
+    "xstate-to-tla": "node bin/xstate-to-tla.cjs",
+    "formal-verify": "node bin/run-formal-verify.cjs",
+    "formal-verify:tla": "node bin/run-formal-verify.cjs --only=tla",
+    "formal-verify:alloy": "node bin/run-formal-verify.cjs --only=alloy",
+    "formal-verify:prism": "node bin/run-formal-verify.cjs --only=prism",
+    "formal-verify:petri": "node bin/run-formal-verify.cjs --only=petri",
+    "lint:isolation": "node scripts/lint-isolation.js",
+    "secrets:gitleaks": "gitleaks detect --no-banner --source . --config .gitleaks.toml --redact --verbose",
+    "secrets:scan": "detect-secrets scan --baseline .secrets.baseline",
+    "secrets:audit": "detect-secrets audit .secrets.baseline",
+    "secrets:history": "bash scripts/secret-audit.sh",
+    "test": "npm run test:ci && npm run test:formal",
+    "test:ci": "node scripts/lint-isolation.js && node --test hooks/qgsd-precompact.test.js hooks/gsd-context-monitor.test.js hooks/qgsd-session-start.test.js bin/conformance-schema.test.cjs bin/resolve-cli.test.cjs bin/secrets.test.cjs bin/verify-quorum-health.test.cjs hooks/qgsd-stop.test.js hooks/config-loader.test.js qgsd-core/bin/gsd-tools.test.cjs hooks/qgsd-circuit-breaker.test.js hooks/qgsd-prompt.test.js bin/update-scoreboard.test.cjs hooks/qgsd-statusline.test.js bin/review-mcp-logs.test.cjs bin/migrate-to-slots.test.cjs bin/validate-traces.test.cjs bin/write-check-result.test.cjs bin/check-results-exit.test.cjs bin/check-trace-redaction.test.cjs bin/check-trace-schema-drift.test.cjs bin/qgsd.test.cjs bin/set-secret.test.cjs bin/issue-classifier.test.cjs bin/generate-tla-cfg.test.cjs bin/ccr-secure-config.test.cjs bin/gsd-quorum-slot-worker-improvements.test.cjs bin/quorum-improvements-signal.test.cjs bin/claude-md-references.test.cjs hooks/qgsd-spec-regen.test.js bin/propose-debug-invariants.test.cjs bin/aggregate-requirements.test.cjs bin/validate-requirements-haiku.test.cjs bin/call-quorum-slot-retry.test.cjs bin/provider-mapping.test.cjs",
+    "test:formal": "node --test bin/run-tlc.test.cjs bin/run-alloy.test.cjs bin/export-prism-constants.test.cjs bin/generate-petri-net.test.cjs bin/run-breaker-tlc.test.cjs bin/run-oscillation-tlc.test.cjs bin/run-protocol-tlc.test.cjs bin/run-audit-alloy.test.cjs bin/run-transcript-alloy.test.cjs bin/run-installer-alloy.test.cjs bin/run-formal-verify.test.cjs bin/xstate-to-tla.test.cjs bin/run-account-manager-tlc.test.cjs bin/run-account-pool-alloy.test.cjs bin/run-oauth-rotation-prism.test.cjs bin/run-prism.test.cjs bin/check-spec-sync.test.cjs bin/sensitivity-sweep-feedback.test.cjs bin/roadmapper-formal-integration.test.cjs bin/test-formal-integration.test.cjs test/alloy-headless.test.cjs",
+    "prepare": "husky"
+  }
+}

package/scripts/build-hooks.js

@@ -0,0 +1,46 @@
+#!/usr/bin/env node
+/**
+ * Copy GSD hooks to dist for installation.
+ */
+
+const fs = require('fs');
+const path = require('path');
+
+const HOOKS_DIR = path.join(__dirname, '..', 'hooks');
+const DIST_DIR = path.join(HOOKS_DIR, 'dist');
+
+// Hooks to copy (pure Node.js, no bundling needed)
+const HOOKS_TO_COPY = [
+  'qgsd-check-update.js',
+  'qgsd-statusline.js',
+  'qgsd-prompt.js',      // QGSD: UserPromptSubmit quorum injection hook
+  'qgsd-stop.js',        // QGSD: Stop quorum verification gate
+  'config-loader.js',    // QGSD: shared config loader (required by qgsd-prompt.js and qgsd-stop.js)
+  'qgsd-circuit-breaker.js', // QGSD: PreToolUse oscillation detection and state persistence
+];
+
+function build() {
+  // Ensure dist directory exists
+  if (!fs.existsSync(DIST_DIR)) {
+    fs.mkdirSync(DIST_DIR, { recursive: true });
+  }
+
+  // Copy hooks to dist
+  for (const hook of HOOKS_TO_COPY) {
+    const src = path.join(HOOKS_DIR, hook);
+    const dest = path.join(DIST_DIR, hook);
+
+    if (!fs.existsSync(src)) {
+      console.warn(`Warning: ${hook} not found, skipping`);
+      continue;
+    }
+
+    console.log(`Copying ${hook}...`);
+    fs.copyFileSync(src, dest);
+    console.log(`  → ${dest}`);
+  }
+
+  console.log('\nBuild complete.');
+}
+
+build();

package/scripts/postinstall.js

@@ -0,0 +1,48 @@
+#!/usr/bin/env node
+'use strict';
+const fs = require('fs');
+const path = require('path');
+
+// 1. Remove nested node-pty@1.0.0 so blessed-xterm uses top-level 1.1.0
+try {
+  fs.rmSync('node_modules/blessed-xterm/node_modules/node-pty', { recursive: true, force: true });
+} catch (_) {}
+
+// 2. Fix spawn-helper permissions (npm strips +x from prebuilt binaries)
+try {
+  const helper = path.join('node_modules', 'node-pty', 'prebuilds',
+    `${process.platform}-${process.arch}`, 'spawn-helper');
+  if (fs.existsSync(helper)) fs.chmodSync(helper, 0o755);
+} catch (_) {}
+
+// 3. Patch blessed-xterm clone() to skip screen/parent (they contain tty handles
+//    with read-only properties that crash the clone library on modern Node)
+try {
+  const file = 'node_modules/blessed-xterm/blessed-xterm.js';
+  let src = fs.readFileSync(file, 'utf8');
+  if (!src.includes('_screen')) {
+    src = src.replace(
+      'options = clone(options)',
+      [
+        'const _screen = options.screen; delete options.screen',
+        '        const _parent = options.parent; delete options.parent',
+        '        options = clone(options)',
+        '        if (_screen) options.screen = _screen',
+        '        if (_parent) options.parent = _parent',
+      ].join('\n')
+    );
+    fs.writeFileSync(file, src);
+  }
+} catch (_) {}
+
+// 4. Auto-migrate .planning/ from flat layout to v0.27+ hierarchy
+try {
+  const { migrate } = require('../bin/migrate-planning.cjs');
+  const root = path.resolve(__dirname, '..');
+  if (fs.existsSync(path.join(root, '.planning'))) {
+    const stats = migrate(root, false);
+    if (stats.moved > 0) {
+      console.log(`[postinstall] Migrated .planning/ hierarchy: ${stats.moved} files moved`);
+    }
+  }
+} catch (_) {}

package/scripts/secret-audit.sh

@@ -0,0 +1,45 @@
+#!/usr/bin/env bash
+# secret-audit.sh — Full-history secret audit using gitleaks and trufflehog
+# Usage: bash scripts/secret-audit.sh
+# Runs locally; install gitleaks and trufflehog first.
+
+set -euo pipefail
+
+echo "=== QGSD Full-History Secret Audit ==="
+echo ""
+
+# --- Gitleaks full-history scan ---
+echo "[1/2] Running gitleaks full-history scan..."
+if command -v gitleaks &>/dev/null; then
+  gitleaks detect \
+    --source . \
+    --config .gitleaks.toml \
+    --redact \
+    --verbose \
+    --report-format json \
+    --report-path .gitleaks-report.json \
+    || echo "  -> gitleaks found potential secrets (see .gitleaks-report.json)"
+  echo "  -> gitleaks report: .gitleaks-report.json"
+else
+  echo "  -> SKIPPED: gitleaks not installed (brew install gitleaks)"
+fi
+
+echo ""
+
+# --- TruffleHog full-history scan ---
+echo "[2/2] Running trufflehog full-history scan..."
+if command -v trufflehog &>/dev/null; then
+  trufflehog git \
+    file://. \
+    --only-verified \
+    --json \
+    > .trufflehog-report.json 2>&1 \
+    || echo "  -> trufflehog found potential secrets (see .trufflehog-report.json)"
+  echo "  -> trufflehog report: .trufflehog-report.json"
+else
+  echo "  -> SKIPPED: trufflehog not installed (brew install trufflehog)"
+fi
+
+echo ""
+echo "=== Audit complete ==="
+echo "Report files (.gitleaks-report.json, .trufflehog-report.json) are gitignored."

package/templates/qgsd.json

@@ -0,0 +1,49 @@
+{
+  "_comment": [
+    "QGSD Quorum Config — generated by QGSD installer. Safe to edit.",
+    "",
+    "quorum_commands: GSD planning commands that require quorum before Claude delivers output.",
+    "  Add or remove command names to control which /gsd: commands are gated.",
+    "",
+    "required_models: Dict of quorum model entries. Key = logical name, value = { tool_prefix, required }.",
+    "  tool_prefix: MCP tool name prefix — matched with startsWith(). E.g. 'mcp__codex-cli-1__'",
+    "    matches both mcp__codex-cli-1__review and mcp__codex-cli-1__codex.",
+    "  required: If true, model must be called (or be unavailable per ~/.claude.json) for quorum.",
+    "  NOTE: This field was called 'quorum_models' in early requirements. 'required_models' is canonical.",
+    "",
+    "fail_mode: 'open' (default) — unavailable models are skipped, quorum passes with available models.",
+    "  'closed' is reserved for future use.",
+    "",
+    "Config layering: ~/.claude/qgsd.json (global) is loaded first.",
+    "  .claude/qgsd.json in the project directory overrides global values (project takes precedence).",
+    "  Merge is SHALLOW: if a project config sets required_models, it entirely replaces global required_models.",
+    "  To add a model to the global list, copy the full required_models from global and add your entry.",
+    "  Create .claude/qgsd.json in a project to restrict quorum to fewer models or different commands.",
+    "",
+    "circuit_breaker config uses the SAME shallow merge: a project config with only oscillation_depth set",
+    "  entirely replaces the global circuit_breaker object. commit_window falls back to DEFAULT (6), NOT the global value.",
+    "  To override only one sub-key, set BOTH sub-keys in your project circuit_breaker block.",
+    "  Example: { \"circuit_breaker\": { \"oscillation_depth\": 2, \"commit_window\": 6 } }",
+    "",
+    "MCP prefixes are auto-detected from ~/.claude.json mcpServers on first install.",
+    "  Edit required_models here to override detected values.",
+    "",
+    "quorum_active: Array of slot names that participate in quorum. E.g. [\"codex-cli-1\", \"gemini-cli-1\", \"opencode-1\", \"copilot-1\", \"claude-1\"]. Empty array (default) = all discovered slots participate. Populated automatically on install. Override to include/exclude specific slots."
+  ],
+  "quorum_commands": [
+    "plan-phase", "new-project", "new-milestone",
+    "discuss-phase", "verify-work", "research-phase"
+  ],
+  "fail_mode": "open",
+  "required_models": {
+    "codex":    { "tool_prefix": "mcp__codex-cli-1__",  "required": true },
+    "gemini":   { "tool_prefix": "mcp__gemini-cli-1__", "required": true },
+    "opencode": { "tool_prefix": "mcp__opencode-1__",   "required": true }
+  },
+  "quorum_instructions": "QUORUM REQUIRED (structural enforcement — Stop hook will verify)\n\nBefore presenting any planning output to the user, you MUST:\n  1. Call mcp__codex-cli-1__review with the full plan content\n  2. Call mcp__gemini-cli-1__gemini with the full plan content\n  3. Call mcp__opencode-1__opencode with the full plan content\n  4. Present all model responses, resolve any concerns, then deliver your final output\n  5. Include the token <!-- GSD_DECISION --> somewhere in your FINAL output (not in intermediate messages or status updates — only when you are delivering the completed plan, research, verification report, or filtered question list to the user)\n\nFail-open: if a model is UNAVAILABLE (quota/error), note it and proceed with available models.\nThe Stop hook reads the transcript — skipping quorum will block your response.",
+  "circuit_breaker": {
+    "oscillation_depth": 3,
+    "commit_window": 6
+  },
+  "quorum_active": ["codex-cli-1", "gemini-cli-1", "opencode-1", "copilot-1", "claude-1"]
+}