@paths.design/caws-cli 4.1.0 → 5.0.1

package/dist/validation/spec-validation.d.ts

@@ -1,43 +0,0 @@
-/**
- * Basic validation of working spec
- * @param {Object} spec - Working spec object
- * @param {Object} options - Validation options
- * @returns {Object} Validation result
- */
-export function validateWorkingSpec(spec: any, _options?: {}): any;
-/**
- * Enhanced validation with suggestions and auto-fix
- * @param {Object} spec - Working spec object
- * @param {Object} options - Validation options
- * @returns {Object} Enhanced validation result
- */
-export function validateWorkingSpecWithSuggestions(spec: any, options?: any): any;
-/**
- * Get suggestion for a missing field
- * @param {string} field - Field name
- * @param {Object} _spec - Spec object (for context)
- * @returns {string} Suggestion text
- */
-export function getFieldSuggestion(field: string, _spec: any): string;
-/**
- * Check if a field can be auto-fixed
- * @param {string} field - Field name
- * @param {Object} _spec - Spec object (for context)
- * @returns {boolean} Whether field can be auto-fixed
- */
-export function canAutoFixField(field: string, _spec: any): boolean;
-/**
- * Calculate compliance score based on errors and warnings
- * Score ranges from 0 (many issues) to 1 (perfect)
- * @param {Array} errors - Validation errors
- * @param {Array} warnings - Validation warnings
- * @returns {number} Compliance score (0-1)
- */
-export function calculateComplianceScore(errors: any[], warnings: any[]): number;
-/**
- * Get compliance grade from score
- * @param {number} score - Compliance score (0-1)
- * @returns {string} Grade (A, B, C, D, F)
- */
-export function getComplianceGrade(score: number): string;
-//# sourceMappingURL=spec-validation.d.ts.map

package/dist/validation/spec-validation.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"spec-validation.d.ts","sourceRoot":"","sources":["../../src/validation/spec-validation.js"],"names":[],"mappings":"AAQA;;;;;GAKG;AACH,mEA8HC;AAED;;;;;GAKG;AACH,kFAyWC;AAoCD;;;;;GAKG;AACH,0CAJW,MAAM,eAEJ,MAAM,CAkBlB;AAED;;;;;GAKG;AACH,uCAJW,MAAM,eAEJ,OAAO,CAKnB;AAnED;;;;;;GAMG;AACH,0EAFa,MAAM,CAclB;AAED;;;;GAIG;AACH,0CAHW,MAAM,GACJ,MAAM,CAQlB"}

package/dist/waivers-manager.d.ts

@@ -1,167 +0,0 @@
-export = WaiversManager;
-/**
- * Waiver Manager Class
- * Handles waiver creation, validation, expiration, and audit logging
- */
-declare class WaiversManager {
-    constructor(options?: {});
-    projectRoot: any;
-    waiversDir: string;
-    waiversFile: string;
-    auditLogFile: string;
-    /**
-     * Waiver Schema Definition
-     */
-    getWaiverSchema(): {
-        type: string;
-        required: string[];
-        properties: {
-            id: {
-                type: string;
-                pattern: string;
-                description: string;
-            };
-            title: {
-                type: string;
-                minLength: number;
-                maxLength: number;
-                description: string;
-            };
-            reason: {
-                type: string;
-                enum: string[];
-                description: string;
-            };
-            description: {
-                type: string;
-                minLength: number;
-                maxLength: number;
-                description: string;
-            };
-            gates: {
-                type: string;
-                items: {
-                    type: string;
-                    enum: string[];
-                };
-                minItems: number;
-                description: string;
-            };
-            risk_assessment: {
-                type: string;
-                properties: {
-                    impact_level: {
-                        type: string;
-                        enum: string[];
-                    };
-                    mitigation_plan: {
-                        type: string;
-                        minLength: number;
-                    };
-                    review_required: {
-                        type: string;
-                    };
-                };
-                required: string[];
-            };
-            expires_at: {
-                type: string;
-                format: string;
-                description: string;
-            };
-            approved_by: {
-                type: string;
-                description: string;
-            };
-            created_at: {
-                type: string;
-                format: string;
-                description: string;
-            };
-            metadata: {
-                type: string;
-                properties: {
-                    related_pr: {
-                        type: string;
-                    };
-                    related_issue: {
-                        type: string;
-                    };
-                    environment: {
-                        type: string;
-                        enum: string[];
-                    };
-                    urgency: {
-                        type: string;
-                        enum: string[];
-                    };
-                };
-            };
-        };
-    };
-    /**
-     * Create a new waiver
-     */
-    createWaiver(waiverData: any): Promise<{
-        id: string;
-        title: any;
-        reason: any;
-        description: any;
-        gates: any;
-        risk_assessment: any;
-        expires_at: any;
-        approved_by: any;
-        created_at: string;
-        metadata: any;
-    }>;
-    /**
-     * Check if waiver applies to specific gates
-     */
-    checkWaiverCoverage(gatesToCheck: any, context?: {}): Promise<{
-        coveredGates: any[];
-        waiverDetails: {
-            gate: any;
-            waiver_id: any;
-            reason: any;
-            expires_at: any;
-            approved_by: any;
-        }[];
-        allCovered: boolean;
-    }>;
-    /**
-     * Get all active waivers
-     */
-    getActiveWaivers(): Promise<any>;
-    /**
-     * Revoke a waiver
-     */
-    revokeWaiver(waiverId: any, reason?: string): Promise<any>;
-    /**
-     * Extend waiver expiration
-     */
-    extendWaiver(waiverId: any, newExpiryDate: any, approvedBy: any): Promise<any>;
-    /**
-     * Get waiver statistics and health metrics
-     */
-    getWaiverStats(): Promise<{
-        total_active: any;
-        by_reason: {};
-        by_risk_level: {};
-        expiring_soon: any[];
-        high_risk: any[];
-        total_gates_waived: number;
-        average_lifespan_days: number;
-    }>;
-    generateWaiverId(): Promise<string>;
-    validateWaiver(waiver: any): {
-        valid: boolean;
-        errors: string[];
-    };
-    checkWaiverConflicts(newWaiver: any): Promise<string[]>;
-    waiverAppliesToContext(waiver: any, context: any): boolean;
-    loadActiveWaivers(): Promise<unknown>;
-    saveActiveWaivers(waivers: any): Promise<void>;
-    auditLog(action: any, waiverId: any, details: any): Promise<void>;
-    flagForReview(waiver: any): Promise<void>;
-}
-//# sourceMappingURL=waivers-manager.d.ts.map

package/dist/waivers-manager.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"waivers-manager.d.ts","sourceRoot":"","sources":["../src/waivers-manager.js"],"names":[],"mappings":";AAaA;;;GAGG;AACH;IACE,0BAUC;IATC,iBAAuD;IACvD,mBAAiE;IACjE,oBAAoE;IACpE,qBAAkE;IAQpE;;OAEG;IACH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAiGC;IAED;;OAEG;IACH;;;;;;;;;;;OA4DC;IAED;;OAEG;IACH;;;;;;;;;;OA+BC;IAED;;OAEG;IACH,iCAgBC;IAED;;OAEG;IACH,2DAeC;IAED;;OAEG;IACH,+EAuBC;IAED;;OAEG;IACH;;;;;;;;OA2DC;IAID,oCAUC;IAED;;;MAkDC;IAED,wDAkBC;IAED,2DAUC;IAED,sCAYC;IAED,+CAOC;IAED,kEAaC;IAED,0CA2CC;CACF"}

package/templates/apps/tools/caws/prompt-lint.js.backup

@@ -1,274 +0,0 @@
-#!/usr/bin/env node
-
-/**
- * @fileoverview CAWS Prompt Linter
- * Validates prompts for secrets and ensures tool allowlist compliance
- * @author @darianrosebrook
- */
-
-const fs = require("fs");
-
-/**
- * Common secret patterns to detect
- */
-const SECRET_PATTERNS = [
-  // API Keys
-  /api[_-]?key[_-]?token\s*[=:]\s*['"]?([a-zA-Z0-9_-]{20,})['"]?/gi,
-  /x-api-key\s*[=:]\s*['"]?([a-zA-Z0-9_-]{20,})['"]?/gi,
-  /authorization\s*[=:]\s*['"]?(Bearer\s+)?([a-zA-Z0-9_-]{20,})['"]?/gi,
-
-  // Tokens
-  /token\s*[=:]\s*['"]?([a-zA-Z0-9_-]{20,})['"]?/gi,
-  /access[_-]?token\s*[=:]\s*['"]?([a-zA-Z0-9_-]{20,})['"]?/gi,
-  /refresh[_-]?token\s*[=:]\s*['"]?([a-zA-Z0-9_-]{20,})['"]?/gi,
-  /auth[_-]?token\s*[=:]\s*['"]?([a-zA-Z0-9_-]{20,})['"]?/gi,
-
-  // Passwords
-  /password\s*[=:]\s*['"]?([a-zA-Z0-9_-]{8,})['"]?/gi,
-  /passwd\s*[=:]\s*['"]?([a-zA-Z0-9_-]{8,})['"]?/gi,
-  /pwd\s*[=:]\s*['"]?([a-zA-Z0-9_-]{8,})['"]?/gi,
-
-  // Secrets
-  /secret\s*[=:]\s*['"]?([a-zA-Z0-9_-]{16,})['"]?/gi,
-  /private[_-]?key\s*[=:]\s*['"]?([a-zA-Z0-9_-]{20,})['"]?/gi,
-
-  // Environment variables that might contain secrets
-  /process\.env\.[A-Z_]+_KEY/gi,
-  /process\.env\.[A-Z_]+_TOKEN/gi,
-  /process\.env\.[A-Z_]+_SECRET/gi,
-  /process\.env\.[A-Z_]+_PASSWORD/gi,
-
-  // URLs with potential secrets
-  /https?:\/\/[^/]*@[^/]+/gi,
-
-  // Base64 encoded strings that might be secrets
-  /[A-Za-z0-9+/=]{40,}/g,
-
-  // AWS keys
-  /AKIA[A-Z0-9]{16}/gi,
-
-  // GitHub tokens
-  /ghp_[A-Za-z0-9]{36}/gi,
-  /github_pat_[A-Za-z0-9]{22}/gi,
-
-  // Slack tokens
-  /xoxb-[0-9]+-[0-9]+-[0-9]+-[a-zA-Z0-9]+/gi,
-
-  // Database connection strings
-  /mongodb(\+srv)?:\/\/[^:]+:[^@]+@[^/]+/gi,
-  /postgres:\/\/[^:]+:[^@]+@[^/]+/gi,
-  /mysql:\/\/[^:]+:[^@]+@[^/]+/gi,
-];
-
-/**
- * Scan file for potential secrets
- * @param {string} filePath - Path to file to scan
- * @returns {Array} Array of potential secret matches
- */
-function scanForSecrets(filePath) {
-  try {
-    const content = fs.readFileSync(filePath, "utf8");
-    const matches = [];
-
-    for (const pattern of SECRET_PATTERNS) {
-      const patternMatches = [...content.matchAll(pattern)];
-      for (const match of patternMatches) {
-        matches.push({
-          file: filePath,
-          line: content.substring(0, match.index).split("\n").length,
-          pattern: pattern.toString(),
-          match: match[0],
-          severity: "high",
-        });
-      }
-    }
-
-    return matches;
-  } catch (error) {
-    console.error(`❌ Error scanning ${filePath}:`, error.message);
-    return [];
-  }
-}
-
-/**
- * Validate tools against allowlist
- * @param {Array} tools - Tools used in prompts
- * @param {Array} allowlist - Allowed tools
- * @returns {Array} Array of violations
- */
-function validateToolAllowlist(tools, allowlist) {
-  const violations = [];
-
-  for (const tool of tools) {
-    if (!allowlist.includes(tool)) {
-      violations.push({
-        tool,
-        severity: "high",
-        message: `Tool "${tool}" not in allowlist`,
-      });
-    }
-  }
-
-  return violations;
-}
-
-/**
- * Extract tools from prompt content
- * @param {string} content - Prompt content
- * @returns {Array} Array of tools mentioned
- */
-function extractTools(content) {
-  const tools = [];
-
-  // Common tool patterns
-  const toolPatterns = [
-    /using\s+(node|npm|yarn|pnpm|git|docker|kubectl|aws|azure|gcloud)/gi,
-    /(node|npm|yarn|pnpm|git|docker|kubectl|aws|azure|gcloud)\s+command/gi,
-    /execute\s+(node|npm|yarn|pnpm|git|docker|kubectl|aws|azure|gcloud)/gi,
-    /run\s+(node|npm|yarn|pnpm|git|docker|kubectl|aws|azure|gcloud)/gi,
-  ];
-
-  for (const pattern of toolPatterns) {
-    const matches = [...content.matchAll(pattern)];
-    for (const match of matches) {
-      const tool = match[1] || match[0];
-      if (!tools.includes(tool)) {
-        tools.push(tool);
-      }
-    }
-  }
-
-  return tools;
-}
-
-/**
- * Lint prompts for security and compliance
- * @param {Array} promptFiles - Array of prompt file paths
- * @param {Array} allowlist - Allowed tools
- * @returns {Object} Lint results
- */
-function lintPrompts(promptFiles, allowlist) {
-  const results = {
-    secrets: [],
-    violations: [],
-    cleanFiles: 0,
-    totalFiles: promptFiles.length,
-  };
-
-  for (const file of promptFiles) {
-    if (!fs.existsSync(file)) {
-      console.warn(`⚠️  Prompt file not found: ${file}`);
-      continue;
-    }
-
-    // Scan for secrets
-    const secretMatches = scanForSecrets(file);
-    results.secrets.push(...secretMatches);
-
-    // Extract and validate tools
-    const content = fs.readFileSync(file, "utf8");
-    const tools = extractTools(content);
-    const toolViolations = validateToolAllowlist(tools, allowlist);
-    results.violations.push(...toolViolations.map((v) => ({ ...v, file })));
-
-    // Check if file is clean
-    if (secretMatches.length === 0 && toolViolations.length === 0) {
-      results.cleanFiles++;
-    }
-  }
-
-  return results;
-}
-
-/**
- * Load tool allowlist from file
- * @param {string} allowlistPath - Path to allowlist file
- * @returns {Array} Array of allowed tools
- */
-function loadAllowlist(allowlistPath) {
-  try {
-    if (!fs.existsSync(allowlistPath)) {
-      console.warn(`⚠️  Allowlist file not found: ${allowlistPath}`);
-      return [];
-    }
-
-    const content = fs.readFileSync(allowlistPath, "utf8");
-    return JSON.parse(content);
-  } catch (error) {
-    console.error(`❌ Error loading allowlist:`, error.message);
-    return [];
-  }
-}
-
-// CLI interface
-if (require.main === module) {
-  const promptFiles = process.argv.slice(2);
-  const allowlistArg = process.argv
-    .find((arg) => arg.startsWith("--allowlist="))
-    ?.split("=")[1];
-  const allowlistPath = allowlistArg || ".agent/tools-allow.json";
-
-  if (promptFiles.length === 0) {
-    console.log("CAWS Prompt Linter");
-    console.log(
-      "Usage: node prompt-lint.js <prompt-file1> [prompt-file2] ... [options]"
-    );
-    console.log("Options:");
-    console.log(
-      "  --allowlist=<path>  Path to tools allowlist file (default: .agent/tools-allow.json)"
-    );
-    process.exit(1);
-  }
-
-  // Load allowlist
-  const allowlist = loadAllowlist(allowlistPath);
-
-  console.log("🔍 Linting prompts for security and compliance...");
-  console.log(`📁 Allowlist loaded: ${allowlist.length} tools`);
-  console.log(`📄 Scanning ${promptFiles.length} files...`);
-
-  // Lint prompts
-  const results = lintPrompts(promptFiles, allowlist);
-
-  // Report results
-  if (results.secrets.length > 0) {
-    console.log("\n🚨 POTENTIAL SECRETS DETECTED:");
-    results.secrets.forEach((secret, index) => {
-      console.log(
-        `  ${index + 1}. ${secret.file}:${
-          secret.line
-        } - ${secret.match.substring(0, 50)}...`
-      );
-    });
-  }
-
-  if (results.violations.length > 0) {
-    console.log("\n⚠️  TOOL VIOLATIONS:");
-    results.violations.forEach((violation, index) => {
-      console.log(`  ${index + 1}. ${violation.file} - ${violation.message}`);
-    });
-  }
-
-  console.log("\n📊 SUMMARY:");
-  console.log(`   - Files scanned: ${results.totalFiles}`);
-  console.log(`   - Clean files: ${results.cleanFiles}`);
-  console.log(`   - Secrets found: ${results.secrets.length}`);
-  console.log(`   - Violations: ${results.violations.length}`);
-
-  // Exit with error if issues found
-  if (results.secrets.length > 0 || results.violations.length > 0) {
-    console.log("\n❌ Linting failed - security issues detected");
-    process.exit(1);
-  }
-
-  console.log("✅ All prompts passed security checks");
-  process.exit(0);
-}
-
-module.exports = {
-  scanForSecrets,
-  validateToolAllowlist,
-  extractTools,
-  lintPrompts,
-  loadAllowlist,
-};

package/templates/apps/tools/caws/provenance.js.backup

@@ -1,73 +0,0 @@
-#!/usr/bin/env node
-
-/**
- * @fileoverview CAWS Provenance Tracker - Real Implementation
- * @author @darianrosebrook
- */
-
-const fs = require('fs');
-const path = require('path');
-const crypto = require('crypto');
-const { execSync } = require('child_process');
-
-/**
- * Generate comprehensive provenance data for CAWS operations
- * @param {Object} options - Configuration options
- * @returns {Object} Complete provenance record
- */
-function generateProvenance(options = {}) {
-  const projectRoot = options.projectRoot || process.cwd();
-
-  return {
-    // Agent and model information
-    agent: options.agent || 'caws-cli',
-    model: options.model || 'cli-interactive',
-    model_hash: options.modelHash || generateModelHash(),
-
-    // Tool and security information
-    tool_allowlist: options.toolAllowlist || generateToolAllowlist(projectRoot),
-    prompts: options.prompts || [],
-
-    // Git and version control information
-    commit: getCurrentCommit(projectRoot),
-    branch: getCurrentBranch(projectRoot),
-    repository: getRepositoryInfo(projectRoot),
-
-    // File and artifact information
-    artifacts: generateArtifactList(projectRoot),
-    dependencies: generateDependencyInfo(projectRoot),
-
-    // Execution results and metadata
-    results: options.results || {},
-    approvals: options.approvals || [],
-    execution_context: generateExecutionContext(),
-
-    // Security and integrity
-    integrity: generateIntegrityInfo(),
-
-    // Timestamps and versioning
-    timestamp: new Date().toISOString(),
-    version: require(path.join(projectRoot, 'package.json')).version || '1.0.0',
-    provenance_hash: generateProvenanceHash(),
-
-    // Build and deployment information
-    build_info: generateBuildInfo(projectRoot),
-
-    // Change tracking
-    change_summary: generateChangeSummary(projectRoot),
-  };
-}
-
-// Mock provenance saving
-function saveProvenance(provenance, filepath) {
-  const dir = path.dirname(filepath);
-  if (!fs.existsSync(dir)) {
-    fs.mkdirSync(dir, { recursive: true });
-  }
-  fs.writeFileSync(filepath, JSON.stringify(provenance, null, 2));
-}
-
-module.exports = {
-  generateProvenance,
-  saveProvenance,
-};