@prajwolkc/stk 0.6.1 → 0.7.0

package/dist/commands/brain.js

@@ -1,11 +1,44 @@
 import { Command } from "commander";
 import chalk from "chalk";
 import ora from "ora";
-import { syncBrain, pushToCloud, pullFromCloud, loadBrainStore, getAllEntries } from "../services/brain.js";
+import { syncBrain, pushToCloud, pullFromCloud, loadBrainStore, getAllEntries, seedBrain } from "../services/brain.js";
+import { readFileSync } from "fs";
+import { fileURLToPath } from "url";
+import { dirname, join } from "path";
 export const brainCommand = new Command("brain")
     .description("Manage the stk knowledge brain — sync, push, pull across machines")
-    .argument("[action]", "push | pull | sync | stats (default: sync)")
-    .action(async (action = "sync") => {
+    .argument("[action]", "push | pull | sync | stats | seed (default: sync)")
+    .option("--force", "force re-seed (replace existing seed entries)")
+    .action(async (action = "sync", _extra, cmd) => {
+    const opts = cmd?.opts?.() ?? {};
+    if (action === "seed") {
+        const spinner = ora("  Loading seed patterns...").start();
+        try {
+            const __filename = fileURLToPath(import.meta.url);
+            const __dirname = dirname(__filename);
+            // Data lives in src/data (shipped with npm), not dist/data
+            const seedPath = join(__dirname, "..", "..", "src", "data", "seed-patterns.json");
+            const patterns = JSON.parse(readFileSync(seedPath, "utf-8"));
+            spinner.text = `  Seeding ${patterns.length} patterns...`;
+            const { added, skipped } = seedBrain(patterns, opts.force);
+            spinner.succeed(`  Seeded ${chalk.white(added)} patterns (${skipped} already existed)`);
+            console.log();
+            const categories = {};
+            for (const p of patterns)
+                categories[p.category] = (categories[p.category] || 0) + 1;
+            console.log(chalk.bold("  Patterns by category:"));
+            for (const [cat, count] of Object.entries(categories).sort(([, a], [, b]) => b - a)) {
+                console.log(`  ${chalk.dim("●")} ${cat}: ${count}`);
+            }
+            console.log();
+        }
+        catch (err) {
+            spinner.fail("  Seed failed");
+            console.log(`  ${chalk.red(err instanceof Error ? err.message : String(err))}`);
+            console.log();
+        }
+        return;
+    }
     if (action === "stats") {
         const store = loadBrainStore();
         const projects = Object.entries(store.projects);

package/dist/mcp/server.js

@@ -11,7 +11,9 @@ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"
 import { z } from "zod";
 import { loadConfig, enabledServices } from "../lib/config.js";
 import { getChecker, allCheckerNames, loadPluginCheckers } from "../services/registry.js";
-import { getLocalBrainClient, ingestProject, loadBrainStore, saveBrainStore, syncBrain, pushToCloud, pullFromCloud, brainCheck, brainDiagnose } from "../services/brain.js";
+import { getLocalBrainClient, ingestProject, loadBrainStore, saveBrainStore, syncBrain, pushToCloud, pullFromCloud, brainCheck, brainDiagnose, reviewDiff } from "../services/brain.js";
+import { recordMetric, getMetrics, compareToBaseline, getDeployFrequency, getErrorRate, getUptime } from "../services/metrics.js";
+import { runAllChecks } from "../services/security.js";
 import { execSync } from "child_process";
 const server = new McpServer({
     name: "stk",
@@ -1563,6 +1565,246 @@ function detectGitHubRepo() {
         return null;
     }
 }
+// ──────────────────────────────────────────
+// Tool: stk_autofix
+// ──────────────────────────────────────────
+server.tool("stk_autofix", "Auto-diagnose errors from production logs. Fetches recent logs, extracts errors, and searches the brain for matching solutions. Returns errors with matched fix patterns and confidence scores.", {
+    provider: z.enum(["railway", "vercel"]).optional(),
+    lines: z.number().optional().default(50),
+}, async ({ provider, lines }) => {
+    // Determine provider
+    const config = loadConfig();
+    const detected = provider ?? (enabledServices(config).includes("railway") ? "railway" : "vercel");
+    // Fetch logs using existing stk_logs logic (inline)
+    let logs = [];
+    try {
+        if (detected === "railway") {
+            const token = process.env.RAILWAY_API_TOKEN;
+            const projectId = process.env.RAILWAY_PROJECT_ID;
+            const serviceId = process.env.RAILWAY_SERVICE_ID;
+            if (token && projectId && serviceId) {
+                const envId = process.env.RAILWAY_ENVIRONMENT_ID;
+                const gql = `query { deployments(first:1, input:{projectId:"${projectId}",serviceId:"${serviceId}"${envId ? `,environmentId:"${envId}"` : ""}}) { edges { node { id } } } }`;
+                const depRes = await fetch("https://backboard.railway.app/graphql/v2", {
+                    method: "POST",
+                    headers: { Authorization: `Bearer ${token}`, "Content-Type": "application/json" },
+                    body: JSON.stringify({ query: gql }),
+                });
+                const depData = await depRes.json();
+                const depId = (depData?.data?.deployments?.edges?.[0]?.node?.id) ?? null;
+                if (depId) {
+                    const logGql = `query { deploymentLogs(deploymentId:"${depId}",limit:${lines}) { timestamp message severity } }`;
+                    const logRes = await fetch("https://backboard.railway.app/graphql/v2", {
+                        method: "POST",
+                        headers: { Authorization: `Bearer ${token}`, "Content-Type": "application/json" },
+                        body: JSON.stringify({ query: logGql }),
+                    });
+                    const logData = await logRes.json();
+                    logs = (logData?.data?.deploymentLogs ?? []);
+                }
+            }
+        }
+    }
+    catch { /* log fetch failed */ }
+    // Filter for errors
+    const errorPattern = /error|exception|fail|crash|ECONNREFUSED|timeout|TypeError|ReferenceError|rejected|FATAL/i;
+    const errorLogs = logs.filter(l => l.severity === "error" || (l.message && errorPattern.test(l.message)));
+    // Deduplicate by first 100 chars
+    const grouped = new Map();
+    for (const log of errorLogs) {
+        const key = log.message.slice(0, 100);
+        const existing = grouped.get(key);
+        if (existing) {
+            existing.count++;
+            existing.lastSeen = log.timestamp;
+        }
+        else {
+            grouped.set(key, { message: log.message, count: 1, firstSeen: log.timestamp, lastSeen: log.timestamp });
+        }
+    }
+    // Diagnose each unique error
+    const errors = [];
+    let matchedErrors = 0;
+    for (const error of grouped.values()) {
+        const matches = brainDiagnose(error.message);
+        const solutions = matches.slice(0, 3).map(m => ({
+            title: m.entry.title,
+            content: m.entry.content.slice(0, 400),
+            confidence: Math.min(1, m.score / 10),
+            source: m.entry.source,
+        }));
+        if (solutions.length > 0)
+            matchedErrors++;
+        errors.push({ ...error, solutions });
+    }
+    return {
+        content: [{
+                type: "text",
+                text: JSON.stringify({
+                    provider: detected,
+                    errors,
+                    summary: {
+                        totalErrors: errorLogs.length,
+                        uniqueErrors: grouped.size,
+                        matchedErrors,
+                        unmatchedErrors: grouped.size - matchedErrors,
+                    },
+                }, null, 2),
+            }],
+    };
+});
+// ──────────────────────────────────────────
+// Tool: stk_brain_review
+// ──────────────────────────────────────────
+server.tool("stk_brain_review", "Review code changes against the brain's knowledge base. Checks a git diff or PR for known gotchas per file. Use before merging PRs or after making changes.", {
+    diff: z.string().optional().describe("Raw git diff output"),
+    pr: z.number().optional().describe("GitHub PR number to review"),
+}, async ({ diff, pr }) => {
+    let diffContent = diff ?? "";
+    // If PR number, fetch diff from GitHub
+    if (pr && !diff) {
+        const token = process.env.GITHUB_TOKEN;
+        let repo = process.env.GITHUB_REPO ?? "";
+        if (!repo) {
+            try {
+                repo = execSync("git remote get-url origin", { encoding: "utf-8", stdio: ["pipe", "pipe", "pipe"] }).trim().replace(/.*github\.com[:/]/, "").replace(/\.git$/, "");
+            }
+            catch { /* */ }
+        }
+        if (repo && token) {
+            try {
+                const res = await fetch(`https://api.github.com/repos/${repo}/pulls/${pr}`, {
+                    headers: { Authorization: `Bearer ${token}`, Accept: "application/vnd.github.diff" },
+                });
+                if (res.ok)
+                    diffContent = await res.text();
+            }
+            catch { /* */ }
+        }
+    }
+    // If no diff provided, get latest commit diff
+    if (!diffContent) {
+        try {
+            diffContent = execSync("git diff HEAD~1", { encoding: "utf-8", stdio: ["pipe", "pipe", "pipe"], maxBuffer: 1024 * 1024 * 5 });
+        }
+        catch { /* */ }
+    }
+    if (!diffContent) {
+        return { content: [{ type: "text", text: JSON.stringify({ error: "No diff available. Provide diff text, PR number, or ensure you're in a git repo." }) }] };
+    }
+    const results = reviewDiff(diffContent);
+    const filesWithWarnings = results.filter(r => r.warnings.length > 0);
+    return {
+        content: [{
+                type: "text",
+                text: JSON.stringify({
+                    files: results,
+                    summary: {
+                        filesReviewed: results.length,
+                        filesWithWarnings: filesWithWarnings.length,
+                        totalWarnings: filesWithWarnings.reduce((s, r) => s + r.warnings.length, 0),
+                    },
+                }, null, 2),
+            }],
+    };
+});
+// ──────────────────────────────────────────
+// Tool: stk_metrics
+// ──────────────────────────────────────────
+server.tool("stk_metrics", "Track and analyze infrastructure metrics over time — deploy frequency, error rates, response times, uptime. Compare current performance against historical baselines to detect regressions.", {
+    action: z.enum(["view", "record", "compare"]).optional().default("view"),
+    type: z.enum(["deploy", "health_check", "error", "response_time"]).optional(),
+    value: z.number().optional(),
+    metadata: z.record(z.string(), z.string()).optional(),
+    days: z.number().optional().default(7),
+}, async ({ action, type, value, metadata, days }) => {
+    if (action === "record" && type && value !== undefined) {
+        recordMetric(type, value, metadata ?? {});
+        return { content: [{ type: "text", text: JSON.stringify({ recorded: true, type, value }) }] };
+    }
+    if (action === "compare") {
+        const types = ["deploy", "health_check", "error", "response_time"];
+        const comparisons = types.map(t => ({ type: t, ...compareToBaseline(t) }));
+        const degraded = comparisons.filter(c => c.status === "degraded");
+        return {
+            content: [{
+                    type: "text",
+                    text: JSON.stringify({
+                        comparisons,
+                        degraded: degraded.length > 0 ? degraded : "none",
+                        summary: `${degraded.length} metric(s) degraded`,
+                    }, null, 2),
+                }],
+        };
+    }
+    // Default: view
+    return {
+        content: [{
+                type: "text",
+                text: JSON.stringify({
+                    period: `${days} days`,
+                    deploys: getDeployFrequency(days),
+                    errors: getErrorRate(days),
+                    uptime: getUptime(days),
+                    recentMetrics: getMetrics(type ?? undefined, days, 20),
+                }, null, 2),
+            }],
+    };
+});
+// ──────────────────────────────────────────
+// Tool: stk_secure
+// ──────────────────────────────────────────
+server.tool("stk_secure", "Security scan — check for exposed secrets, vulnerable dependencies, missing rate limiting, open CORS, and unprotected routes. Returns findings with severity levels and fix suggestions.", {
+    checks: z.array(z.enum(["secrets", "deps", "rate_limit", "cors", "auth"])).optional().describe("Specific checks to run (default: all)"),
+}, async ({ checks }) => {
+    const findings = runAllChecks(checks);
+    const critical = findings.filter(f => f.level === "critical").length;
+    const warning = findings.filter(f => f.level === "warning").length;
+    const info = findings.filter(f => f.level === "info").length;
+    return {
+        content: [{
+                type: "text",
+                text: JSON.stringify({
+                    findings,
+                    summary: { critical, warning, info, total: findings.length },
+                    status: critical > 0 ? "CRITICAL" : warning > 0 ? "WARNING" : "CLEAN",
+                }, null, 2),
+            }],
+    };
+});
+// ──────────────────────────────────────────
+// Tool: stk_brain_team
+// ──────────────────────────────────────────
+server.tool("stk_brain_team", "Show team brain contributions — who learned what, from which projects, and when. Tracks knowledge sharing across team members.", {}, async () => {
+    const store = loadBrainStore();
+    const allEntries = [...store.global];
+    for (const proj of Object.values(store.projects))
+        allEntries.push(...proj.entries);
+    const contributors = {};
+    for (const entry of allEntries) {
+        const contributor = entry.contributor ?? "auto";
+        if (!contributors[contributor]) {
+            contributors[contributor] = { count: 0, lastActive: entry.created_at, categories: {} };
+        }
+        contributors[contributor].count++;
+        if (entry.created_at > contributors[contributor].lastActive) {
+            contributors[contributor].lastActive = entry.created_at;
+        }
+        contributors[contributor].categories[entry.category] = (contributors[contributor].categories[entry.category] || 0) + 1;
+    }
+    return {
+        content: [{
+                type: "text",
+                text: JSON.stringify({
+                    totalEntries: allEntries.length,
+                    contributors,
+                    projects: Object.entries(store.projects).map(([name, p]) => ({
+                        name, entries: p.entries.length, ingestedAt: p.ingestedAt,
+                    })),
+                }, null, 2),
+            }],
+    };
+});
 // Start
 async function main() {
     const transport = new StdioServerTransport();

package/dist/services/brain.d.ts

@@ -76,4 +76,23 @@ export declare function extractTerms(description: string): string[];
 export declare function brainCheck(taskDescription: string): ScoredEntry[];
 /** Diagnose an error — find matching patterns from past issues */
 export declare function brainDiagnose(error: string): ScoredEntry[];
+/** Seed brain with curated patterns (idempotent) */
+export declare function seedBrain(patterns: KnowledgeEntry[], force?: boolean): {
+    added: number;
+    skipped: number;
+};
+/** Review a diff against brain knowledge — find gotchas per file */
+export interface ReviewWarning {
+    file: string;
+    linesChanged: number;
+    warnings: Array<{
+        title: string;
+        content: string;
+        relevance: number;
+        source: string;
+    }>;
+}
+export declare function reviewDiff(diff: string): ReviewWarning[];
+/** Get contributor name from git config */
+export declare function getContributor(): string;
 export {};

package/dist/services/brain.js

@@ -2,6 +2,7 @@ import { readFileSync, writeFileSync, existsSync, mkdirSync, readdirSync } from
 import { join, resolve, basename } from "path";
 import { homedir } from "os";
 import { randomUUID } from "crypto";
+import { execSync } from "child_process";
 import { loadConfig } from "../lib/config.js";
 // ──────────────────────────────────────────
 // Storage
@@ -611,3 +612,78 @@ export function brainDiagnose(error) {
     const allTerms = [...new Set([...terms, ...errorTerms])];
     return smartSearch(allTerms);
 }
+/** Seed brain with curated patterns (idempotent) */
+export function seedBrain(patterns, force = false) {
+    const store = loadBrainStore();
+    if (force) {
+        // Remove existing seed entries
+        store.global = store.global.filter(e => !e.source.startsWith("seed:"));
+    }
+    const existingIds = new Set(getAllEntries(store).map(e => e.id));
+    let added = 0;
+    let skipped = 0;
+    for (const entry of patterns) {
+        if (existingIds.has(entry.id)) {
+            skipped++;
+            continue;
+        }
+        store.global.push(entry);
+        added++;
+    }
+    if (added > 0)
+        saveBrainStore(store);
+    return { added, skipped };
+}
+export function reviewDiff(diff) {
+    const results = [];
+    // Split diff into per-file chunks
+    const fileChunks = diff.split(/^diff --git /m).slice(1);
+    for (const chunk of fileChunks) {
+        const pathMatch = chunk.match(/b\/(.+?)[\s\n]/);
+        if (!pathMatch)
+            continue;
+        const filePath = pathMatch[1];
+        // Count changed lines
+        const addedLines = (chunk.match(/^\+[^+]/gm) ?? []).length;
+        const removedLines = (chunk.match(/^-[^-]/gm) ?? []).length;
+        const linesChanged = addedLines + removedLines;
+        // Extract terms from filename and changed content
+        const addedContent = (chunk.match(/^\+(.+)$/gm) ?? []).map(l => l.slice(1)).join(" ");
+        const searchText = `${filePath} ${addedContent}`;
+        const terms = extractTerms(searchText);
+        // Also add file-extension-based terms
+        if (filePath.endsWith(".prisma"))
+            terms.push("prisma", "schema", "database");
+        if (filePath.includes("auth"))
+            terms.push("auth", "authentication");
+        if (filePath.includes("route"))
+            terms.push("route", "api", "endpoint");
+        if (filePath.includes("middleware"))
+            terms.push("middleware");
+        if (filePath.includes("docker") || filePath.includes("Dockerfile"))
+            terms.push("docker", "container");
+        const matches = smartSearch([...new Set(terms)]);
+        if (matches.length > 0) {
+            results.push({
+                file: filePath,
+                linesChanged,
+                warnings: matches.slice(0, 3).map(m => ({
+                    title: m.entry.title,
+                    content: m.entry.content.slice(0, 300),
+                    relevance: m.score,
+                    source: m.entry.source,
+                })),
+            });
+        }
+    }
+    return results;
+}
+/** Get contributor name from git config */
+export function getContributor() {
+    try {
+        return execSync("git config user.name", { encoding: "utf-8", stdio: ["pipe", "pipe", "pipe"] }).trim();
+    }
+    catch {
+        return "unknown";
+    }
+}

package/dist/services/metrics.d.ts

@@ -0,0 +1,35 @@
+export interface MetricEntry {
+    timestamp: string;
+    type: "deploy" | "health_check" | "error" | "response_time";
+    value: number;
+    metadata: Record<string, string>;
+}
+interface MetricsStore {
+    version: 1;
+    entries: MetricEntry[];
+}
+export declare function loadMetrics(): MetricsStore;
+export declare function saveMetrics(store: MetricsStore): void;
+export declare function recordMetric(type: MetricEntry["type"], value: number, metadata?: Record<string, string>): void;
+export declare function getMetrics(type?: MetricEntry["type"], days?: number, limit?: number): MetricEntry[];
+export declare function getBaseline(type: MetricEntry["type"]): number;
+export declare function compareToBaseline(type: MetricEntry["type"]): {
+    current: number;
+    baseline: number;
+    changePct: number;
+    status: "degraded" | "stable" | "improved";
+};
+export declare function getDeployFrequency(days?: number): {
+    total: number;
+    perDay: number;
+};
+export declare function getErrorRate(days?: number): {
+    total: number;
+    perDay: number;
+};
+export declare function getUptime(days?: number): {
+    checks: number;
+    healthy: number;
+    pct: number;
+};
+export {};

package/dist/services/metrics.js

@@ -0,0 +1,78 @@
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
+import { join } from "path";
+import { homedir } from "os";
+const STK_DIR = join(homedir(), ".stk");
+const METRICS_PATH = join(STK_DIR, "metrics.json");
+const MAX_ENTRIES = 1000;
+function ensureDir() {
+    if (!existsSync(STK_DIR))
+        mkdirSync(STK_DIR, { recursive: true });
+}
+export function loadMetrics() {
+    ensureDir();
+    if (!existsSync(METRICS_PATH))
+        return { version: 1, entries: [] };
+    try {
+        return JSON.parse(readFileSync(METRICS_PATH, "utf-8"));
+    }
+    catch {
+        return { version: 1, entries: [] };
+    }
+}
+export function saveMetrics(store) {
+    ensureDir();
+    writeFileSync(METRICS_PATH, JSON.stringify(store, null, 2));
+}
+export function recordMetric(type, value, metadata = {}) {
+    const store = loadMetrics();
+    store.entries.push({ timestamp: new Date().toISOString(), type, value, metadata });
+    // Evict oldest if over limit
+    if (store.entries.length > MAX_ENTRIES) {
+        store.entries = store.entries.slice(-MAX_ENTRIES);
+    }
+    saveMetrics(store);
+}
+export function getMetrics(type, days = 7, limit = 100) {
+    const store = loadMetrics();
+    const since = new Date(Date.now() - days * 86400000).toISOString();
+    let entries = store.entries.filter(e => e.timestamp >= since);
+    if (type)
+        entries = entries.filter(e => e.type === type);
+    return entries.slice(-limit);
+}
+export function getBaseline(type) {
+    const store = loadMetrics();
+    const ofType = store.entries.filter(e => e.type === type).slice(-10);
+    if (ofType.length === 0)
+        return 0;
+    return ofType.reduce((sum, e) => sum + e.value, 0) / ofType.length;
+}
+export function compareToBaseline(type) {
+    const store = loadMetrics();
+    const ofType = store.entries.filter(e => e.type === type);
+    if (ofType.length < 2)
+        return { current: 0, baseline: 0, changePct: 0, status: "stable" };
+    const recent = ofType.slice(-3);
+    const older = ofType.slice(-13, -3);
+    const current = recent.reduce((s, e) => s + e.value, 0) / recent.length;
+    const baseline = older.length > 0 ? older.reduce((s, e) => s + e.value, 0) / older.length : current;
+    const changePct = baseline === 0 ? 0 : Math.round(((current - baseline) / baseline) * 100);
+    const status = changePct > 20 ? "degraded" : changePct < -20 ? "improved" : "stable";
+    return { current: Math.round(current * 100) / 100, baseline: Math.round(baseline * 100) / 100, changePct, status };
+}
+export function getDeployFrequency(days = 7) {
+    const entries = getMetrics("deploy", days, 1000);
+    const perDay = days > 0 ? Math.round((entries.length / days) * 10) / 10 : 0;
+    return { total: entries.length, perDay };
+}
+export function getErrorRate(days = 7) {
+    const entries = getMetrics("error", days, 1000);
+    const perDay = days > 0 ? Math.round((entries.length / days) * 10) / 10 : 0;
+    return { total: entries.length, perDay };
+}
+export function getUptime(days = 7) {
+    const entries = getMetrics("health_check", days, 1000);
+    const healthy = entries.filter(e => e.value > 0).length;
+    const pct = entries.length > 0 ? Math.round((healthy / entries.length) * 1000) / 10 : 100;
+    return { checks: entries.length, healthy, pct };
+}

package/dist/services/security.d.ts

@@ -0,0 +1,19 @@
+export interface SecurityFinding {
+    check: string;
+    level: "critical" | "warning" | "info";
+    message: string;
+    file?: string;
+    fix?: string;
+}
+/** Check for exposed secrets in .env files */
+export declare function checkSecrets(): SecurityFinding[];
+/** Check for outdated/vulnerable dependencies */
+export declare function checkDeps(): SecurityFinding[];
+/** Check for missing rate limiting */
+export declare function checkRateLimit(): SecurityFinding[];
+/** Check for open CORS */
+export declare function checkCors(): SecurityFinding[];
+/** Check for routes without auth middleware */
+export declare function checkAuth(): SecurityFinding[];
+/** Run all security checks */
+export declare function runAllChecks(checks?: string[]): SecurityFinding[];