@rafter-security/cli 0.6.6 → 0.7.1

package/dist/commands/skill/uninstall.js

@@ -0,0 +1,65 @@
+import { Command } from "commander";
+import fs from "fs";
+import { resolveSkill, listBundledSkills, skillDestPath, deleteSkillAt, recordSkillState, SKILL_PLATFORMS, } from "./registry.js";
+import { fmt } from "../../utils/formatter.js";
+/**
+ * `rafter skill uninstall <name>` — remove a rafter-authored skill from one or
+ * more platforms. Missing files are reported, not errored.
+ *
+ * Exit codes:
+ *   0 — uninstall succeeded (or skill was already absent)
+ *   1 — unknown skill or unknown platform
+ */
+export function createUninstallCommand() {
+    return new Command("uninstall")
+        .description("Uninstall a rafter-authored skill from one or more platforms")
+        .argument("<name>", "Skill name (e.g. rafter, rafter-secure-design)")
+        .option("--platform <platform...>", `Target platform(s). One or more of: ${SKILL_PLATFORMS.join(", ")}. Default: all installed.`)
+        .action((name, opts) => {
+        const skill = resolveSkill(name);
+        if (!skill) {
+            console.error(fmt.error(`Unknown skill: ${name}`));
+            console.error(fmt.info(`Available: ${listBundledSkills().map((s) => s.name).join(", ") || "(none)"}`));
+            process.exit(1);
+        }
+        let targets;
+        if (Array.isArray(opts.platform) && opts.platform.length > 0) {
+            targets = [];
+            for (const raw of opts.platform) {
+                const p = raw.trim();
+                if (!SKILL_PLATFORMS.includes(p)) {
+                    console.error(fmt.error(`Unknown platform: ${raw}. Known: ${SKILL_PLATFORMS.join(", ")}`));
+                    process.exit(1);
+                }
+                targets.push(p);
+            }
+        }
+        else {
+            // Default: remove from every platform where the file currently exists.
+            targets = SKILL_PLATFORMS.filter((p) => fs.existsSync(skillDestPath(p, skill.name)));
+            if (targets.length === 0) {
+                console.log(fmt.info(`${skill.name} is not installed on any known platform — no changes`));
+                process.exit(0);
+            }
+        }
+        let exitCode = 0;
+        for (const platform of targets) {
+            const destPath = skillDestPath(platform, skill.name);
+            try {
+                const existed = deleteSkillAt(destPath);
+                recordSkillState(platform, skill.name, false, null);
+                if (existed) {
+                    console.log(fmt.success(`Uninstalled ${skill.name} from ${platform} (${destPath})`));
+                }
+                else {
+                    console.log(fmt.info(`${skill.name} was not installed on ${platform} — no changes`));
+                }
+            }
+            catch (e) {
+                console.error(fmt.error(`Failed to uninstall ${skill.name} from ${platform}: ${e}`));
+                exitCode = 1;
+            }
+        }
+        process.exit(exitCode);
+    });
+}

package/dist/core/audit-logger.js

@@ -1,4 +1,4 @@
-import { randomBytes } from "crypto";
+import { createHash, randomBytes } from "crypto";
 import dns from "dns/promises";
 import fs from "fs";
 import net from "net";
@@ -6,6 +6,7 @@ import path from "path";
 import { getAuditLogPath } from "./config-defaults.js";
 import { ConfigManager } from "./config-manager.js";
 import { assessCommandRisk } from "./risk-rules.js";
+import { RegexScanner } from "../scanners/regex-scanner.js";
 /**
  * Validate a webhook URL to prevent SSRF attacks.
  * Rejects non-HTTP(S) schemes and URLs that resolve to private/internal IPs.
@@ -99,6 +100,97 @@ function isPrivateIp(ip) {
     }
     return false;
 }
+/**
+ * Return sha256 hex of the last non-empty line of the file (including its
+ * trailing newline), or null if the file is empty / does not exist.
+ * Reads only the tail of the file so this is cheap even for large logs.
+ */
+export function readLastLineHash(filePath) {
+    if (!fs.existsSync(filePath))
+        return null;
+    const stat = fs.statSync(filePath);
+    if (stat.size === 0)
+        return null;
+    // Read the last 64KB — an audit line tops out well under this.
+    const readBytes = Math.min(stat.size, 65536);
+    const fd = fs.openSync(filePath, "r");
+    try {
+        const buf = Buffer.alloc(readBytes);
+        fs.readSync(fd, buf, 0, readBytes, stat.size - readBytes);
+        const text = buf.toString("utf-8");
+        // Find last non-empty line
+        const lines = text.split("\n");
+        for (let i = lines.length - 1; i >= 0; i--) {
+            if (lines[i].trim()) {
+                return createHash("sha256").update(lines[i] + "\n").digest("hex");
+            }
+        }
+        return null;
+    }
+    finally {
+        fs.closeSync(fd);
+    }
+}
+/**
+ * Best-effort exclusive file lock via O_EXCL sibling lock file. Retries briefly
+ * then gives up (better to log without chain integrity than to drop the event).
+ */
+export function acquireLock(targetPath, maxAttempts = 20, delayMs = 25) {
+    const lockPath = targetPath + ".lock";
+    for (let attempt = 0; attempt < maxAttempts; attempt++) {
+        try {
+            const fd = fs.openSync(lockPath, "wx", 0o600);
+            fs.writeSync(fd, String(process.pid));
+            fs.closeSync(fd);
+            return () => {
+                try {
+                    fs.unlinkSync(lockPath);
+                }
+                catch { /* already gone */ }
+            };
+        }
+        catch (e) {
+            if (e.code !== "EEXIST")
+                throw e;
+            // Stale lock detection: if older than 5s, steal it
+            try {
+                const st = fs.statSync(lockPath);
+                if (Date.now() - st.mtimeMs > 5000) {
+                    fs.unlinkSync(lockPath);
+                    continue;
+                }
+            }
+            catch { /* race with another releaser — retry */ }
+            const until = Date.now() + delayMs;
+            while (Date.now() < until) { /* busy wait */ }
+        }
+    }
+    // Degrade gracefully: caller proceeds without the lock.
+    return () => { };
+}
+/**
+ * Walk up from startDir looking for a .git directory. Returns the repo root
+ * (the directory containing .git), or undefined if none found within maxDepth.
+ * Single-filesystem-hop lookup — no subprocess, no git binary required.
+ */
+export function findGitRepoRoot(startDir, maxDepth = 20) {
+    let dir = startDir;
+    for (let i = 0; i < maxDepth; i++) {
+        try {
+            if (fs.existsSync(path.join(dir, ".git"))) {
+                return dir;
+            }
+        }
+        catch {
+            return undefined;
+        }
+        const parent = path.dirname(dir);
+        if (parent === dir)
+            return undefined;
+        dir = parent;
+    }
+    return undefined;
+}
 export const RISK_SEVERITY = {
     low: 0,
     medium: 1,
@@ -107,9 +199,25 @@ export const RISK_SEVERITY = {
 };
 export class AuditLogger {
     constructor(logPath) {
-        this.logPath = logPath || getAuditLogPath();
-        this.sessionId = this.generateSessionId();
         this.configManager = new ConfigManager();
+        this.scanner = new RegexScanner();
+        this.sessionId = this.generateSessionId();
+        if (logPath) {
+            this.logPath = logPath;
+        }
+        else {
+            // Project-local override from .rafter.yml (via loadWithPolicy) beats global
+            let policyPath;
+            try {
+                policyPath = this.configManager.loadWithPolicy()?.agent?.audit?.logPath;
+            }
+            catch {
+                // fall through to global
+            }
+            this.logPath = policyPath
+                ? path.resolve(policyPath)
+                : getAuditLogPath();
+        }
         // Ensure log directory exists
         const dir = path.dirname(this.logPath);
         if (!fs.existsSync(dir)) {
@@ -125,16 +233,73 @@ export class AuditLogger {
         if (!config.agent?.audit.logAllActions) {
             return;
         }
-        const fullEntry = {
-            ...entry,
-            timestamp: new Date().toISOString(),
-            sessionId: this.sessionId
-        };
-        // Append to log file
-        const line = JSON.stringify(fullEntry) + "\n";
-        fs.appendFileSync(this.logPath, line, { encoding: "utf-8", mode: 0o600 });
-        // Send webhook notification if configured and risk meets threshold
-        this.sendNotification(fullEntry, config);
+        const cwd = entry.cwd ?? process.cwd();
+        const gitRepo = entry.gitRepo ?? findGitRepoRoot(cwd);
+        // Atomic read-last-line + append under a file lock so concurrent writers
+        // don't race and produce entries with duplicate prevHash values.
+        const release = acquireLock(this.logPath);
+        try {
+            const prevHash = readLastLineHash(this.logPath);
+            const fullEntry = {
+                ...entry,
+                cwd,
+                gitRepo,
+                prevHash,
+                timestamp: new Date().toISOString(),
+                sessionId: this.sessionId
+            };
+            const line = JSON.stringify(fullEntry) + "\n";
+            fs.appendFileSync(this.logPath, line, { encoding: "utf-8", mode: 0o600 });
+            // Send webhook notification if configured and risk meets threshold
+            this.sendNotification(fullEntry, config);
+        }
+        finally {
+            release();
+        }
+    }
+    /**
+     * Verify the hash chain integrity of the audit log.
+     * Returns break locations (1-indexed line numbers where prevHash didn't
+     * match the sha256 of the actual prior line). Empty array means the chain
+     * is intact. A non-empty result means the log has been tampered with,
+     * truncated, or rewritten (including by the legacy cleanup() path).
+     */
+    verify() {
+        if (!fs.existsSync(this.logPath)) {
+            return [];
+        }
+        const content = fs.readFileSync(this.logPath, "utf-8");
+        const rawLines = content.split("\n");
+        const breaks = [];
+        let lastRawLine = null;
+        for (let i = 0; i < rawLines.length; i++) {
+            const raw = rawLines[i];
+            if (!raw.trim())
+                continue;
+            let entry;
+            try {
+                entry = JSON.parse(raw);
+            }
+            catch {
+                breaks.push({ line: i + 1, reason: "malformed JSON" });
+                lastRawLine = raw;
+                continue;
+            }
+            const expected = lastRawLine === null
+                ? null
+                : createHash("sha256").update(lastRawLine + "\n").digest("hex");
+            const actual = entry.prevHash ?? null;
+            if (actual !== expected) {
+                breaks.push({
+                    line: i + 1,
+                    reason: expected === null
+                        ? `first entry has prevHash ${actual} but expected null`
+                        : `prevHash ${actual ?? "null"} does not match expected ${expected}`,
+                });
+            }
+            lastRawLine = raw;
+        }
+        return breaks;
     }
     /**
      * Send webhook notification for high-risk events
@@ -180,7 +345,7 @@ export class AuditLogger {
             eventType: "command_intercepted",
             agentType,
             action: {
-                command,
+                command: this.scanner.redact(command),
                 riskLevel: this.assessCommandRisk(command)
             },
             securityCheck: {
@@ -236,7 +401,7 @@ export class AuditLogger {
             eventType: "policy_override",
             agentType,
             action: {
-                command,
+                command: command ? this.scanner.redact(command) : command,
                 riskLevel: "high"
             },
             securityCheck: {
@@ -281,6 +446,14 @@ export class AuditLogger {
             if (filter.since) {
                 entries = entries.filter(e => new Date(e.timestamp) >= filter.since);
             }
+            if (filter.cwd) {
+                const needle = filter.cwd;
+                entries = entries.filter(e => (e.cwd ?? "").includes(needle));
+            }
+            if (filter.gitRepo) {
+                const needle = filter.gitRepo;
+                entries = entries.filter(e => (e.gitRepo ?? "").includes(needle));
+            }
             if (filter.limit) {
                 entries = entries.slice(-filter.limit);
             }
@@ -288,18 +461,86 @@ export class AuditLogger {
         return entries;
     }
     /**
-     * Clean up old log entries based on retention policy
+     * Clean up old log entries based on retention policy.
+     *
+     * Retention rewrites break the on-disk hash chain by design (some entries
+     * disappear). To keep verify() meaningful post-cleanup we re-seal the
+     * chain across surviving entries and record a sidecar `audit.retention.log`
+     * line capturing the pre-cleanup tip hash and pruned count, so a verifier
+     * can cross-check that retention — not tampering — is what broke the
+     * old chain.
      */
     cleanup() {
         const config = this.configManager.load();
         const retentionDays = config.agent?.audit.retentionDays || 30;
         const cutoffDate = new Date();
         cutoffDate.setDate(cutoffDate.getDate() - retentionDays);
-        const entries = this.read();
-        const filtered = entries.filter(e => new Date(e.timestamp) >= cutoffDate);
-        // Rewrite log file with only retained entries
-        const content = filtered.map(e => JSON.stringify(e)).join("\n") + "\n";
-        fs.writeFileSync(this.logPath, content, { encoding: "utf-8", mode: 0o600 });
+        const release = acquireLock(this.logPath);
+        try {
+            if (!fs.existsSync(this.logPath))
+                return;
+            const preTipHash = readLastLineHash(this.logPath);
+            const raw = fs.readFileSync(this.logPath, "utf-8");
+            const rawLines = raw.split("\n").filter(l => l.trim());
+            const kept = [];
+            let prunedCount = 0;
+            for (const line of rawLines) {
+                try {
+                    const entry = JSON.parse(line);
+                    if (!entry.timestamp) {
+                        prunedCount++;
+                        continue;
+                    }
+                    if (new Date(entry.timestamp) >= cutoffDate) {
+                        kept.push(entry);
+                    }
+                    else {
+                        prunedCount++;
+                    }
+                }
+                catch {
+                    prunedCount++;
+                }
+            }
+            // Re-seal the chain across surviving entries.
+            const output = [];
+            let prevLine = null;
+            for (const entry of kept) {
+                const resealed = {
+                    ...entry,
+                    prevHash: prevLine === null
+                        ? null
+                        : createHash("sha256").update(prevLine + "\n").digest("hex"),
+                };
+                const serialized = JSON.stringify(resealed);
+                output.push(serialized);
+                prevLine = serialized;
+            }
+            const content = output.length > 0 ? output.join("\n") + "\n" : "";
+            // Atomic replace so readers never see a truncated file.
+            const tmpPath = this.logPath + ".tmp-" + randomBytes(4).toString("hex");
+            fs.writeFileSync(tmpPath, content, { encoding: "utf-8", mode: 0o600 });
+            fs.renameSync(tmpPath, this.logPath);
+            if (prunedCount > 0) {
+                const sidecar = this.logPath + ".retention.log";
+                const note = {
+                    timestamp: new Date().toISOString(),
+                    prunedCount,
+                    retainedCount: kept.length,
+                    retentionDays,
+                    preCleanupTipHash: preTipHash,
+                };
+                try {
+                    fs.appendFileSync(sidecar, JSON.stringify(note) + "\n", { encoding: "utf-8", mode: 0o600 });
+                }
+                catch {
+                    // sidecar is best-effort — don't fail cleanup if we can't write it
+                }
+            }
+        }
+        finally {
+            release();
+        }
     }
     /**
      * Generate a unique session ID

package/dist/core/config-manager.js

@@ -262,6 +262,9 @@ export class ConfigManager {
             if (policy.audit.logLevel) {
                 config.agent.audit.logLevel = policy.audit.logLevel;
             }
+            if (policy.audit.logPath) {
+                config.agent.audit.logPath = policy.audit.logPath;
+            }
         }
         return config;
     }

package/dist/core/docs-loader.js

@@ -0,0 +1,148 @@
+import fs from "fs";
+import path from "path";
+import crypto from "crypto";
+import { execSync } from "child_process";
+import { loadPolicy } from "./policy-loader.js";
+import { getRafterDir } from "./config-defaults.js";
+const DEFAULT_TTL_SECONDS = 86400;
+function getCacheDir() {
+    return path.join(getRafterDir(), "docs-cache");
+}
+function cacheKey(url) {
+    return crypto.createHash("sha256").update(url).digest("hex").slice(0, 32);
+}
+function cachePaths(url) {
+    const dir = getCacheDir();
+    const key = cacheKey(url);
+    return {
+        content: path.join(dir, `${key}.txt`),
+        meta: path.join(dir, `${key}.meta.json`),
+    };
+}
+function readCache(url) {
+    const { content, meta } = cachePaths(url);
+    if (!fs.existsSync(content) || !fs.existsSync(meta))
+        return null;
+    try {
+        const metaData = JSON.parse(fs.readFileSync(meta, "utf-8"));
+        const body = fs.readFileSync(content, "utf-8");
+        const fetchedAt = Date.parse(metaData.fetched_at);
+        if (isNaN(fetchedAt))
+            return null;
+        return { content: body, fetchedAt };
+    }
+    catch {
+        return null;
+    }
+}
+function writeCache(url, body, contentType) {
+    const dir = getCacheDir();
+    if (!fs.existsSync(dir))
+        fs.mkdirSync(dir, { recursive: true });
+    const { content, meta } = cachePaths(url);
+    fs.writeFileSync(content, body, "utf-8");
+    fs.writeFileSync(meta, JSON.stringify({
+        fetched_at: new Date().toISOString(),
+        url,
+        content_type: contentType,
+    }, null, 2) + "\n", "utf-8");
+}
+function isExpired(fetchedAt, ttlSeconds) {
+    return Date.now() - fetchedAt > ttlSeconds * 1000;
+}
+function resolvePolicyPath(relative) {
+    if (path.isAbsolute(relative))
+        return relative;
+    let root;
+    try {
+        root = execSync("git rev-parse --show-toplevel", {
+            encoding: "utf-8",
+            stdio: ["pipe", "pipe", "ignore"],
+        }).trim();
+    }
+    catch {
+        root = process.cwd();
+    }
+    return path.resolve(root, relative);
+}
+/**
+ * List docs from the active policy with resolution metadata.
+ * Never performs network I/O.
+ */
+export function listDocs(entries) {
+    const policy = entries ? { docs: entries } : loadPolicy();
+    const docs = policy?.docs || [];
+    return docs.map(entry => {
+        if (entry.path) {
+            return {
+                ...entry,
+                source: entry.path,
+                sourceKind: "path",
+                cacheStatus: "local",
+            };
+        }
+        const url = entry.url;
+        const ttl = entry.cache?.ttlSeconds ?? DEFAULT_TTL_SECONDS;
+        const cached = readCache(url);
+        const { content: cachedPath } = cachePaths(url);
+        let cacheStatus = "not-cached";
+        if (cached) {
+            cacheStatus = isExpired(cached.fetchedAt, ttl) ? "stale" : "cached";
+        }
+        return {
+            ...entry,
+            source: url,
+            sourceKind: "url",
+            cacheStatus,
+            cachedPath: cached ? cachedPath : undefined,
+        };
+    });
+}
+/**
+ * Resolve docs matching an id or tag. Exact id first, then any entry with that tag.
+ */
+export function resolveDocSelector(selector, entries) {
+    const policy = entries ? { docs: entries } : loadPolicy();
+    const docs = policy?.docs || [];
+    const byId = docs.find(d => d.id === selector);
+    if (byId)
+        return [byId];
+    return docs.filter(d => Array.isArray(d.tags) && d.tags.includes(selector));
+}
+/**
+ * Return content for a doc entry, fetching URL docs on miss/expired/refresh.
+ * On network failure with stale cache, returns stale content with stale=true.
+ */
+export async function fetchDoc(entry, opts = {}) {
+    if (entry.path) {
+        const abs = resolvePolicyPath(entry.path);
+        const content = fs.readFileSync(abs, "utf-8");
+        return { content, cached: false, stale: false, source: entry.path, sourceKind: "path" };
+    }
+    const url = entry.url;
+    const ttl = entry.cache?.ttlSeconds ?? DEFAULT_TTL_SECONDS;
+    const cached = readCache(url);
+    const fresh = cached && !isExpired(cached.fetchedAt, ttl);
+    if (!opts.refresh && fresh) {
+        return { content: cached.content, cached: true, stale: false, source: url, sourceKind: "url" };
+    }
+    try {
+        const response = await fetch(url, {
+            redirect: "follow",
+            signal: AbortSignal.timeout(15000),
+        });
+        if (!response.ok) {
+            throw new Error(`HTTP ${response.status}`);
+        }
+        const body = await response.text();
+        const contentType = response.headers.get("content-type") || "text/plain";
+        writeCache(url, body, contentType);
+        return { content: body, cached: false, stale: false, source: url, sourceKind: "url" };
+    }
+    catch (err) {
+        if (cached) {
+            return { content: cached.content, cached: true, stale: true, source: url, sourceKind: "url" };
+        }
+        throw err;
+    }
+}

package/dist/core/policy-loader.js

@@ -83,10 +83,77 @@ function mapPolicy(raw) {
         }
         if (raw.audit.log_level)
             policy.audit.logLevel = raw.audit.log_level;
+        if (raw.audit.log_path)
+            policy.audit.logPath = String(raw.audit.log_path);
+    }
+    if (Array.isArray(raw.docs)) {
+        policy.docs = [];
+        const seenIds = new Set();
+        for (const entry of raw.docs) {
+            if (!entry || typeof entry !== "object") {
+                console.error(`Warning: skipping malformed docs entry — must be an object.`);
+                continue;
+            }
+            const hasPath = typeof entry.path === "string" && entry.path.length > 0;
+            const hasUrl = typeof entry.url === "string" && entry.url.length > 0;
+            if (hasPath === hasUrl) {
+                console.error(`Warning: skipping docs entry — must have exactly one of "path" or "url".`);
+                continue;
+            }
+            const id = typeof entry.id === "string" && entry.id.length > 0
+                ? entry.id
+                : deriveDocId(hasPath ? entry.path : entry.url, hasPath ? "path" : "url");
+            if (seenIds.has(id)) {
+                console.error(`Warning: skipping docs entry with duplicate id "${id}".`);
+                continue;
+            }
+            seenIds.add(id);
+            const doc = { id };
+            if (hasPath)
+                doc.path = entry.path;
+            if (hasUrl)
+                doc.url = entry.url;
+            if (typeof entry.description === "string")
+                doc.description = entry.description;
+            if (Array.isArray(entry.tags) && entry.tags.every((t) => typeof t === "string")) {
+                doc.tags = entry.tags;
+            }
+            else if (entry.tags !== undefined) {
+                console.error(`Warning: docs entry "${id}" — tags must be a list of strings, ignoring.`);
+            }
+            if (entry.cache && typeof entry.cache === "object") {
+                const ttl = entry.cache.ttl_seconds;
+                if (!hasUrl) {
+                    console.error(`Warning: docs entry "${id}" — cache is only valid with url, ignoring.`);
+                }
+                else if (typeof ttl === "number" && ttl > 0 && Number.isFinite(ttl)) {
+                    doc.cache = { ttlSeconds: Math.floor(ttl) };
+                }
+                else {
+                    console.error(`Warning: docs entry "${id}" — cache.ttl_seconds must be a positive number, ignoring.`);
+                }
+            }
+            const known = new Set(["id", "path", "url", "description", "tags", "cache"]);
+            for (const key of Object.keys(entry)) {
+                if (!known.has(key)) {
+                    console.error(`Warning: docs entry "${id}" — unknown key "${key}", ignoring.`);
+                }
+            }
+            policy.docs.push(doc);
+        }
     }
     return policy;
 }
-const VALID_TOP_LEVEL_KEYS = new Set(["version", "risk_level", "command_policy", "scan", "audit"]);
+function deriveDocId(source, kind) {
+    if (kind === "path") {
+        const base = path.basename(source);
+        const withoutExt = base.replace(/\.[^./]+$/, "");
+        return withoutExt || base;
+    }
+    const crypto = require("crypto");
+    return crypto.createHash("sha256").update(source).digest("hex").slice(0, 8);
+}
+const VALID_TOP_LEVEL_KEYS = new Set(["version", "risk_level", "command_policy", "scan", "audit", "docs"]);
 const VALID_RISK_LEVELS = new Set(["minimal", "moderate", "aggressive"]);
 const VALID_COMMAND_MODES = new Set(["allow-all", "approve-dangerous", "deny-list"]);
 const VALID_LOG_LEVELS = new Set(["debug", "info", "warn", "error"]);
@@ -174,6 +241,10 @@ function validatePolicy(policy, raw) {
             console.error(`Warning: "audit.log_level" must be one of: debug, info, warn, error — ignoring.`);
             delete policy.audit.logLevel;
         }
+        if (policy.audit.logPath !== undefined && typeof policy.audit.logPath !== "string") {
+            console.error(`Warning: "audit.log_path" must be a string — ignoring.`);
+            delete policy.audit.logPath;
+        }
     }
     return policy;
 }