npm - @paths.design/caws-cli - Versions diffs - 10.0.1 → 10.1.0 - Mend

@paths.design/caws-cli 10.0.1 → 10.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (54) hide show

package/README.md +13 -5
package/dist/budget-derivation.js +221 -74
package/dist/commands/evaluate.js +26 -12
package/dist/commands/gates.js +31 -4
package/dist/commands/init.js +7 -4
package/dist/commands/iterate.js +7 -3
package/dist/commands/scope.js +264 -0
package/dist/commands/sidecar.js +6 -3
package/dist/commands/specs.js +148 -1
package/dist/commands/status.js +8 -4
package/dist/commands/templates.js +0 -8
package/dist/commands/validate.js +34 -13
package/dist/commands/verify-acs.js +25 -10
package/dist/commands/waivers.js +147 -5
package/dist/commands/worktree.js +81 -1
package/dist/gates/budget-limit.js +6 -1
package/dist/gates/spec-completeness.js +8 -1
package/dist/index.js +27 -0
package/dist/policy/PolicyManager.js +9 -7
package/dist/session/session-manager.js +34 -0
package/dist/templates/.caws/schemas/policy.schema.json +96 -34
package/dist/templates/.caws/schemas/scope.schema.json +3 -3
package/dist/templates/.caws/schemas/waivers.schema.json +91 -21
package/dist/templates/.caws/schemas/working-spec.schema.json +253 -89
package/dist/templates/.caws/templates/working-spec.template.yml +3 -1
package/dist/templates/.caws/tools/scope-guard.js +66 -15
package/dist/templates/.claude/README.md +1 -1
package/dist/templates/.claude/hooks/protected-paths.sh +39 -0
package/dist/templates/.claude/hooks/scope-guard.sh +106 -27
package/dist/templates/.claude/hooks/worktree-write-guard.sh +96 -3
package/dist/templates/.claude/settings.json +5 -0
package/dist/templates/CLAUDE.md +34 -0
package/dist/templates/agents.md +21 -0
package/dist/utils/event-log.js +584 -0
package/dist/utils/event-renderer.js +521 -0
package/dist/utils/schema-validator.js +10 -2
package/dist/utils/working-state.js +25 -0
package/dist/validation/spec-validation.js +99 -9
package/dist/waivers-manager.js +84 -0
package/dist/worktree/worktree-manager.js +214 -8
package/package.json +5 -4
package/templates/.caws/schemas/policy.schema.json +96 -34
package/templates/.caws/schemas/scope.schema.json +3 -3
package/templates/.caws/schemas/waivers.schema.json +91 -21
package/templates/.caws/schemas/working-spec.schema.json +253 -89
package/templates/.caws/templates/working-spec.template.yml +3 -1
package/templates/.caws/tools/scope-guard.js +66 -15
package/templates/.claude/README.md +1 -1
package/templates/.claude/hooks/protected-paths.sh +39 -0
package/templates/.claude/hooks/scope-guard.sh +106 -27
package/templates/.claude/hooks/worktree-write-guard.sh +96 -3
package/templates/.claude/settings.json +5 -0
package/templates/CLAUDE.md +34 -0
package/templates/agents.md +21 -0

package/templates/.caws/schemas/policy.schema.json CHANGED Viewed

@@ -1,50 +1,112 @@
 {
-  "$schema": "https://json-schema.org/draft/2020-12/schema",
-  "title": "CAWS Policy",
+  "$schema": "http://json-schema.org/draft-07/schema#",
   "type": "object",
-  "required": ["version", "risk_tiers"],
+  "required": [
+    "version",
+    "risk_tiers",
+    "edit_rules"
+  ],
   "properties": {
-    "version": { "type": "integer", "const": 1 },
+    "version": {
+      "type": "integer",
+      "enum": [
+        1
+      ],
+      "description": "Policy schema version"
+    },
     "risk_tiers": {
       "type": "object",
-      "properties": {
-        "1": { "$ref": "#/$defs/tier" },
-        "2": { "$ref": "#/$defs/tier" },
-        "3": { "$ref": "#/$defs/tier" }
+      "patternProperties": {
+        "^[1-3]$": {
+          "type": "object",
+          "required": [
+            "max_files",
+            "max_loc"
+          ],
+          "properties": {
+            "max_files": {
+              "type": "integer",
+              "minimum": 1,
+              "description": "Maximum files allowed for this risk tier"
+            },
+            "max_loc": {
+              "type": "integer",
+              "minimum": 1,
+              "description": "Maximum lines of code allowed for this risk tier"
+            },
+            "description": {
+              "type": "string",
+              "description": "Human-readable description of the tier"
+            }
+          },
+          "additionalProperties": false
+        }
       },
-      "required": ["1", "2", "3"]
+      "additionalProperties": false,
+      "description": "Risk tier definitions with budget limits"
     },
     "edit_rules": {
       "type": "object",
+      "required": [
+        "policy_and_code_same_pr",
+        "min_approvers_for_budget_raise"
+      ],
       "properties": {
-        "policy_and_code_same_pr": { "type": "boolean" },
-        "min_approvers_for_budget_raise": { "type": "integer", "minimum": 1 },
-        "require_signed_commits": { "type": "boolean" }
-      }
+        "policy_and_code_same_pr": {
+          "type": "boolean",
+          "description": "Whether policy and code changes can be in the same PR"
+        },
+        "min_approvers_for_budget_raise": {
+          "type": "integer",
+          "minimum": 1,
+          "description": "Minimum approvers required for budget increases"
+        },
+        "require_signed_commits": {
+          "type": "boolean",
+          "description": "Whether signed commits are required for policy changes"
+        }
+      },
+      "additionalProperties": false,
+      "description": "Rules governing policy file edits"
     },
     "gates": {
       "type": "object",
-      "additionalProperties": {
-        "type": "object",
-        "properties": {
-          "enabled": { "type": "boolean" },
-          "description": { "type": "string" },
-          "mode": { "type": "string", "enum": ["block", "warn", "skip"] },
-          "thresholds": { "type": "object" }
-        },
-        "required": ["enabled"]
-      }
+      "patternProperties": {
+        "^.*$": {
+          "type": "object",
+          "required": [
+            "enabled"
+          ],
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Whether this gate is active"
+            },
+            "mode": {
+              "type": "string",
+              "enum": [
+                "warn",
+                "block",
+                "skip"
+              ],
+              "description": "How the gate reports failures: warn, block, or skip entirely"
+            },
+            "description": {
+              "type": "string",
+              "description": "Human-readable description of the gate"
+            },
+            "thresholds": {
+              "type": "object",
+              "description": "Gate-specific thresholds (e.g. warning/critical limits)"
+            }
+          },
+          "additionalProperties": false
+        }
+      },
+      "additionalProperties": false,
+      "description": "Quality gate configurations"
     }
   },
-  "$defs": {
-    "tier": {
-      "type": "object",
-      "required": ["max_files", "max_loc"],
-      "properties": {
-        "max_files": { "type": "integer", "minimum": 1 },
-        "max_loc": { "type": "integer", "minimum": 1 },
-        "description": { "type": "string" }
-      }
-    }
-  }
+  "additionalProperties": false,
+  "title": "CAWS Policy"
 }

package/templates/.caws/schemas/scope.schema.json CHANGED Viewed

@@ -1,14 +1,14 @@
 {
   "$schema": "https://json-schema.org/draft/2020-12/schema",
   "title": "CAWS Lite Scope Configuration",
-  "description": "Scope configuration for CAWS lite mode — guardrails without YAML specs",
+  "description": "Scope configuration for CAWS lite mode — guardrails without YAML specs. This schema governs the standalone .caws/scope.json file ONLY; inline scope: blocks inside working-spec.yaml or feature specs are governed by the working-spec schema's scope sub-schema and do NOT invoke this schema. See CAWSFIX-11.",
   "type": "object",
-  "required": ["version", "allowedDirectories"],
+  "required": ["allowedDirectories"],
   "properties": {
     "version": {
       "type": "integer",
       "const": 1,
-      "description": "Schema version"
+      "description": "Schema version. Optional for back-compat with scope.json files that predate versioning; the runtime (src/config/lite-scope.js) defaults to 1 when missing. If present, must be exactly 1. CAWSFIX-11 lifted `version` from the required list because no code path enforces a version mismatch — only the schema did, producing spurious warnings for pre-versioning scope.json files."
     },
     "allowedDirectories": {
       "type": "array",

package/templates/.caws/schemas/waivers.schema.json CHANGED Viewed

@@ -1,36 +1,106 @@
 {
-  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$schema": "http://json-schema.org/draft-07/schema#",
   "title": "CAWS Waiver",
   "description": "Individual waiver file created by caws waivers create",
   "type": "object",
-  "required": ["id", "title", "reason", "gates", "created_at", "expires_at", "approved_by", "status"],
+  "required": ["id", "applies_to", "gates", "delta", "reason_code", "expires_at", "risk_owner", "approvers", "status"],
   "properties": {
-    "id": { "type": "string", "pattern": "^WV-\\d{4}$" },
-    "title": { "type": "string", "minLength": 1 },
-    "reason": { "type": "string", "minLength": 10 },
-    "description": { "type": "string" },
+    "id": {
+      "type": "string",
+      "pattern": "^WV-\\d{4}$",
+      "description": "Waiver ID in format WV-XXXX"
+    },
+    "applies_to": {
+      "type": "string",
+      "description": "Spec ID or PR number this waiver applies to"
+    },
     "gates": {
       "type": "array",
-      "items": { "type": "string" },
+      "items": {
+        "type": "string",
+        "enum": ["budget_limit", "spec_completeness", "contract_compliance", "coverage_threshold", "mutation_threshold", "security_scan", "accessibility_check", "performance_budget", "scope_boundary"]
+      },
+      "minItems": 1,
+      "description": "Quality gates to waive"
+    },
+    "delta": {
+      "type": "object",
+      "description": "Additive budget deltas (only positive values allowed)",
+      "properties": {
+        "max_files": {
+          "type": "integer",
+          "minimum": 0,
+          "description": "Additional files allowed"
+        },
+        "max_loc": {
+          "type": "integer",
+          "minimum": 0,
+          "description": "Additional lines of code allowed"
+        }
+      },
+      "additionalProperties": false
+    },
+    "reason_code": {
+      "type": "string",
+      "enum": ["emergency_hotfix", "legacy_integration", "experimental_feature", "third_party_constraint", "performance_critical", "security_patch", "infrastructure_limitation", "architectural_refactor", "other"],
+      "description": "Controlled vocabulary for waiver reasons"
+    },
+    "description": {
+      "type": "string",
+      "minLength": 50,
+      "maxLength": 1000,
+      "description": "Detailed explanation of why waiver is needed"
+    },
+    "mitigation": {
+      "type": "string",
+      "minLength": 50,
+      "description": "Plan to address the underlying issue"
+    },
+    "expires_at": {
+      "type": "string",
+      "format": "date-time",
+      "description": "ISO 8601 datetime when waiver expires"
+    },
+    "risk_owner": {
+      "type": "string",
+      "description": "Person/entity responsible for managing this risk"
+    },
+    "approvers": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "required": ["handle"],
+        "properties": {
+          "handle": {
+            "type": "string",
+            "description": "GitHub handle or email of approver"
+          },
+          "approved_at": {
+            "type": "string",
+            "format": "date-time",
+            "description": "When this approval was given"
+          }
+        },
+        "additionalProperties": false
+      },
       "minItems": 1,
-      "description": "Gate names this waiver applies to"
+      "description": "List of people who approved this waiver"
     },
-    "created_at": { "type": "string" },
-    "expires_at": { "type": "string" },
-    "approved_by": { "type": "string" },
-    "impact_level": { "type": "string" },
-    "mitigation_plan": { "type": "string" },
     "status": {
       "type": "string",
-      "enum": ["active", "expired", "revoked"],
-      "default": "active"
+      "enum": ["proposed", "active", "expired", "revoked"],
+      "description": "Current status of the waiver"
     },
-    "created_by_session": { "type": ["string", "null"] },
-    "compensating_control": { "type": "string" },
-    "ticket_url": { "type": "string", "format": "uri" },
-    "revoked_at": { "type": "string" },
-    "revoked_by": { "type": "string" },
-    "revocation_reason": { "type": "string" }
+    "metadata": {
+      "type": "object",
+      "properties": {
+        "related_pr": { "type": "string" },
+        "related_issue": { "type": "string" },
+        "environment": { "type": "string", "enum": ["development", "staging", "production"] },
+        "urgency": { "type": "string", "enum": ["low", "normal", "high", "critical"] }
+      },
+      "additionalProperties": false
+    }
   },
   "additionalProperties": false
 }