@rafter-security/cli 0.1.0 → 0.4.1

package/dist/utils/skill-manager.js

@@ -0,0 +1,346 @@
+import fs from "fs";
+import path from "path";
+import os from "os";
+import { createHash } from "crypto";
+import { ConfigManager } from "../core/config-manager.js";
+import { fileURLToPath } from 'url';
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+export class SkillManager {
+    constructor() {
+        this.configManager = new ConfigManager();
+    }
+    /**
+     * Get path to OpenClaw skills directory
+     */
+    getOpenClawSkillsDir() {
+        return path.join(os.homedir(), ".openclaw", "skills");
+    }
+    /**
+     * Get path to Rafter Security skill in OpenClaw
+     */
+    getRafterSkillPath() {
+        return path.join(this.getOpenClawSkillsDir(), "rafter-security.md");
+    }
+    /**
+     * Get path to old skill-auditor (for migration)
+     */
+    getOldSkillAuditorPath() {
+        return path.join(this.getOpenClawSkillsDir(), "rafter-skill-auditor.md");
+    }
+    /**
+     * Get path to Rafter Security skill source in CLI resources
+     */
+    getRafterSkillSourcePath() {
+        // Go up from src/utils/ to node/ then into resources/
+        return path.join(__dirname, "..", "..", "resources", "rafter-security-skill.md");
+    }
+    /**
+     * Get path to backups directory
+     */
+    getBackupsDir() {
+        return path.join(this.getOpenClawSkillsDir(), ".backups");
+    }
+    /**
+     * Check if OpenClaw is installed (skills directory exists)
+     */
+    isOpenClawInstalled() {
+        return fs.existsSync(this.getOpenClawSkillsDir());
+    }
+    /**
+     * Check if Rafter Security skill is installed
+     */
+    isRafterSkillInstalled() {
+        return fs.existsSync(this.getRafterSkillPath());
+    }
+    /**
+     * Check if old skill-auditor is installed (for migration)
+     */
+    hasOldSkillAuditor() {
+        return fs.existsSync(this.getOldSkillAuditorPath());
+    }
+    /**
+     * Parse frontmatter metadata from skill file
+     */
+    parseSkillMetadata(content) {
+        const frontmatterMatch = content.match(/^---\n([\s\S]*?)\n---/);
+        if (!frontmatterMatch) {
+            return null;
+        }
+        const frontmatter = frontmatterMatch[1];
+        const metadata = {};
+        frontmatter.split('\n').forEach(line => {
+            const [key, ...valueParts] = line.split(':');
+            if (key && valueParts.length > 0) {
+                metadata[key.trim()] = valueParts.join(':').trim();
+            }
+        });
+        if (!metadata.name || !metadata.version) {
+            return null;
+        }
+        return metadata;
+    }
+    /**
+     * Get version of installed Rafter Security skill
+     */
+    getInstalledVersion() {
+        if (!this.isRafterSkillInstalled()) {
+            return null;
+        }
+        try {
+            const content = fs.readFileSync(this.getRafterSkillPath(), "utf-8");
+            const metadata = this.parseSkillMetadata(content);
+            return metadata?.version || null;
+        }
+        catch (e) {
+            return null;
+        }
+    }
+    /**
+     * Get version of Rafter Security skill in CLI resources
+     */
+    getSourceVersion() {
+        try {
+            const content = fs.readFileSync(this.getRafterSkillSourcePath(), "utf-8");
+            const metadata = this.parseSkillMetadata(content);
+            return metadata?.version || null;
+        }
+        catch (e) {
+            return null;
+        }
+    }
+    /**
+     * Calculate hash of file content (excluding frontmatter for version)
+     */
+    calculateContentHash(content) {
+        // Remove frontmatter for hash calculation
+        const withoutFrontmatter = content.replace(/^---\n[\s\S]*?\n---\n/, '');
+        return createHash('sha256').update(withoutFrontmatter).digest('hex').substring(0, 8);
+    }
+    /**
+     * Check if installed skill has been modified by user
+     */
+    isSkillModified() {
+        if (!this.isRafterSkillInstalled()) {
+            return false;
+        }
+        try {
+            const installedContent = fs.readFileSync(this.getRafterSkillPath(), "utf-8");
+            const sourceContent = fs.readFileSync(this.getRafterSkillSourcePath(), "utf-8");
+            const installedHash = this.calculateContentHash(installedContent);
+            const sourceHash = this.calculateContentHash(sourceContent);
+            return installedHash !== sourceHash;
+        }
+        catch (e) {
+            return false;
+        }
+    }
+    /**
+     * Migrate from old separate skill-auditor to combined Rafter Security skill
+     */
+    async migrateOldSkill() {
+        if (this.hasOldSkillAuditor()) {
+            try {
+                // Remove old skill-auditor file
+                fs.unlinkSync(this.getOldSkillAuditorPath());
+                console.log("✓ Migrated from separate skill-auditor to combined Rafter Security skill");
+            }
+            catch (e) {
+                // Ignore migration errors
+            }
+        }
+    }
+    /**
+     * Install Rafter Security skill to OpenClaw
+     */
+    async installRafterSkill(force = false) {
+        if (!this.isOpenClawInstalled()) {
+            return false;
+        }
+        const skillPath = this.getRafterSkillPath();
+        const sourcePath = this.getRafterSkillSourcePath();
+        // Check if already installed and not forcing
+        if (!force && this.isRafterSkillInstalled()) {
+            return true;
+        }
+        try {
+            // Ensure skills directory exists
+            const skillsDir = this.getOpenClawSkillsDir();
+            if (!fs.existsSync(skillsDir)) {
+                fs.mkdirSync(skillsDir, { recursive: true });
+            }
+            // Copy skill file
+            const sourceContent = fs.readFileSync(sourcePath, "utf-8");
+            fs.writeFileSync(skillPath, sourceContent, "utf-8");
+            // Update config
+            const version = this.getSourceVersion();
+            if (version) {
+                this.configManager.set("agent.skills.installedVersion", version);
+                this.configManager.set("agent.skills.lastChecked", new Date().toISOString());
+            }
+            // Migrate old skill-auditor if present
+            await this.migrateOldSkill();
+            return true;
+        }
+        catch (e) {
+            console.error(`Failed to install Rafter Security skill: ${e}`);
+            return false;
+        }
+    }
+    /**
+     * Backup current skill before updating
+     */
+    backupSkill() {
+        if (!this.isRafterSkillInstalled()) {
+            return false;
+        }
+        try {
+            const backupsDir = this.getBackupsDir();
+            if (!fs.existsSync(backupsDir)) {
+                fs.mkdirSync(backupsDir, { recursive: true });
+            }
+            const version = this.getInstalledVersion() || "unknown";
+            const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
+            const backupPath = path.join(backupsDir, `rafter-security.md.v${version}.${timestamp}`);
+            const content = fs.readFileSync(this.getRafterSkillPath(), "utf-8");
+            fs.writeFileSync(backupPath, content, "utf-8");
+            // Keep only last 3 backups
+            this.cleanupOldBackups(3);
+            return true;
+        }
+        catch (e) {
+            console.error(`Failed to backup skill: ${e}`);
+            return false;
+        }
+    }
+    /**
+     * Remove old backups, keeping only the most recent N
+     */
+    cleanupOldBackups(keep) {
+        const backupsDir = this.getBackupsDir();
+        if (!fs.existsSync(backupsDir)) {
+            return;
+        }
+        try {
+            const files = fs.readdirSync(backupsDir)
+                .filter(f => f.startsWith("rafter-security.md.v") || f.startsWith("rafter-skill-auditor.md.v"))
+                .map(f => ({
+                name: f,
+                path: path.join(backupsDir, f),
+                mtime: fs.statSync(path.join(backupsDir, f)).mtime
+            }))
+                .sort((a, b) => b.mtime.getTime() - a.mtime.getTime());
+            // Remove old backups
+            files.slice(keep).forEach(file => {
+                fs.unlinkSync(file.path);
+            });
+        }
+        catch (e) {
+            // Ignore cleanup errors
+        }
+    }
+    /**
+     * Update Rafter Security skill to latest version
+     */
+    async updateRafterSkill(options = {}) {
+        if (!this.isOpenClawInstalled()) {
+            return { updated: false, message: "OpenClaw not installed" };
+        }
+        if (!this.isRafterSkillInstalled()) {
+            // Install if not present
+            const installed = await this.installRafterSkill();
+            return {
+                updated: installed,
+                message: installed ? "Rafter Security skill installed" : "Failed to install Rafter Security skill"
+            };
+        }
+        const installedVersion = this.getInstalledVersion();
+        const sourceVersion = this.getSourceVersion();
+        if (!sourceVersion) {
+            return { updated: false, message: "Could not determine source version" };
+        }
+        // Check if update needed
+        if (!options.force && installedVersion === sourceVersion) {
+            return { updated: false, message: "Rafter Security skill is up to date" };
+        }
+        // Check if modified
+        if (!options.force && this.isSkillModified()) {
+            return {
+                updated: false,
+                message: "Skill has been modified. Use --force to overwrite."
+            };
+        }
+        // Backup if requested
+        const config = this.configManager.load();
+        if (options.backup !== false && config.agent?.skills.backupBeforeUpdate) {
+            this.backupSkill();
+        }
+        // Install new version
+        const installed = await this.installRafterSkill(true);
+        if (installed) {
+            return {
+                updated: true,
+                message: `Updated Rafter Security skill: ${installedVersion || 'unknown'} → ${sourceVersion}`
+            };
+        }
+        else {
+            return {
+                updated: false,
+                message: "Failed to update Rafter Security skill"
+            };
+        }
+    }
+    /**
+     * Remove Rafter Security skill
+     */
+    removeRafterSkill() {
+        if (!this.isRafterSkillInstalled()) {
+            return false;
+        }
+        try {
+            fs.unlinkSync(this.getRafterSkillPath());
+            // Clear config
+            this.configManager.set("agent.skills.installedVersion", undefined);
+            return true;
+        }
+        catch (e) {
+            console.error(`Failed to remove Rafter Security skill: ${e}`);
+            return false;
+        }
+    }
+    /**
+     * Check if skill update is available
+     */
+    isUpdateAvailable() {
+        if (!this.isRafterSkillInstalled()) {
+            return false;
+        }
+        const installedVersion = this.getInstalledVersion();
+        const sourceVersion = this.getSourceVersion();
+        if (!installedVersion || !sourceVersion) {
+            return false;
+        }
+        return installedVersion !== sourceVersion;
+    }
+    /**
+     * Check for updates and auto-update if configured
+     */
+    async checkAndUpdate(silent = true) {
+        const config = this.configManager.load();
+        // Skip if auto-update disabled
+        if (!config.agent?.skills.autoUpdate) {
+            return;
+        }
+        // Check if update available
+        if (!this.isUpdateAvailable()) {
+            return;
+        }
+        // Update silently
+        const result = await this.updateRafterSkill({ backup: true });
+        if (!silent && result.updated) {
+            console.log(`✓ ${result.message}`);
+        }
+        // Update last checked timestamp
+        this.configManager.set("agent.skills.lastChecked", new Date().toISOString());
+    }
+}

package/dist/utils/update-checker.js

@@ -0,0 +1,93 @@
+import fs from "fs";
+import path from "path";
+import os from "os";
+import axios from "axios";
+const UPDATE_CHECK_FILE = path.join(os.homedir(), ".rafter", "update-check.json");
+const NPM_REGISTRY_URL = "https://registry.npmjs.org/@rafter-security/cli/latest";
+const CHECK_INTERVAL_MS = 24 * 60 * 60 * 1000; // 24 hours
+function readCache() {
+    try {
+        if (!fs.existsSync(UPDATE_CHECK_FILE))
+            return null;
+        return JSON.parse(fs.readFileSync(UPDATE_CHECK_FILE, "utf-8"));
+    }
+    catch {
+        return null;
+    }
+}
+function writeCache(cache) {
+    try {
+        const dir = path.dirname(UPDATE_CHECK_FILE);
+        if (!fs.existsSync(dir))
+            fs.mkdirSync(dir, { recursive: true });
+        fs.writeFileSync(UPDATE_CHECK_FILE, JSON.stringify(cache), "utf-8");
+    }
+    catch {
+        // Silent fail — update check is best-effort
+    }
+}
+function shouldCheck(cache) {
+    if (process.env.CI || process.env.CONTINUOUS_INTEGRATION)
+        return false;
+    if (!cache)
+        return true;
+    const elapsed = Date.now() - new Date(cache.lastChecked).getTime();
+    return elapsed > CHECK_INTERVAL_MS;
+}
+function isNewer(current, latest) {
+    const c = current.split(".").map(Number);
+    const l = latest.split(".").map(Number);
+    for (let i = 0; i < 3; i++) {
+        if ((l[i] || 0) > (c[i] || 0))
+            return true;
+        if ((l[i] || 0) < (c[i] || 0))
+            return false;
+    }
+    return false;
+}
+/**
+ * Check npm registry for latest version. Non-blocking, cached, silent on failure.
+ *
+ * Behavior:
+ * - Hits the registry at most once per 24h
+ * - Shows the update notice exactly once per new version discovered
+ * - After the user sees the notice, stays silent until a newer version appears
+ * - Skips entirely in CI environments
+ */
+export async function checkForUpdate(currentVersion) {
+    const cache = readCache();
+    if (!shouldCheck(cache)) {
+        // Within 24h window — no registry hit, no notice
+        return null;
+    }
+    try {
+        const res = await axios.get(NPM_REGISTRY_URL, { timeout: 3000 });
+        const latestVersion = res.data.version;
+        const updateAvailable = isNewer(currentVersion, latestVersion);
+        const alreadyNotified = cache?.notifiedVersion === latestVersion;
+        if (updateAvailable && !alreadyNotified) {
+            // New version we haven't told the user about yet
+            writeCache({
+                lastChecked: new Date().toISOString(),
+                latestVersion,
+                currentVersion,
+                notifiedVersion: latestVersion,
+            });
+            return formatNotice(currentVersion, latestVersion);
+        }
+        // Either up-to-date or already notified for this version
+        writeCache({
+            lastChecked: new Date().toISOString(),
+            latestVersion,
+            currentVersion,
+            notifiedVersion: cache?.notifiedVersion,
+        });
+    }
+    catch {
+        // Silent fail — network issues, registry down, etc.
+    }
+    return null;
+}
+function formatNotice(current, latest) {
+    return `\n  Update available: ${current} → ${latest}\n  Run: npm install -g @rafter-security/cli@latest\n   Or: pip install --upgrade rafter-cli\n`;
+}

package/package.json

@@ -1,29 +1,34 @@
 {
   "name": "@rafter-security/cli",
-  "version": "0.1.0",
+  "version": "0.4.1",
   "type": "module",
   "bin": {
     "rafter": "./dist/index.js"
   },
-  "files": ["dist"],
+  "files": [
+    "dist"
+  ],
   "scripts": {
     "build": "tsc -p tsconfig.json",
     "prepublishOnly": "pnpm run build",
     "test": "vitest"
   },
-  "engines": { "node": ">=18" },
+  "engines": {
+    "node": ">=18"
+  },
   "license": "MIT",
   "dependencies": {
-    "commander": "^11.1.0",
     "axios": "^1.6.8",
-    "dotenv": "^16.4.5",
     "chalk": "^5.3.0",
-    "ora": "^7.0.1"
+    "commander": "^11.1.0",
+    "dotenv": "^16.4.5",
+    "ora": "^7.0.1",
+    "tar": "^7.5.7"
   },
   "devDependencies": {
+    "@types/node": "^20.11.30",
     "tsx": "^4.7.0",
     "typescript": "^5.4.5",
-    "@types/node": "^20.11.30",
     "vitest": "^1.5.0"
   }
-} 
+}