@rigstate/cli 0.6.0

package/install.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+# Build the CLI
+echo "🔨 Building @rigstate/cli..."
+npm run build
+
+# Install globally
+echo "📦 Installing globally..."
+echo "Note: This may require sudo/administrator permissions"
+npm install -g .
+
+echo "✅ Installation complete!"
+echo ""
+echo "Try running:"
+echo "  rigstate --help"

package/package.json

@@ -0,0 +1,53 @@
+{
+    "name": "@rigstate/cli",
+    "version": "0.6.0",
+    "description": "Rigstate CLI - Code audit, sync and supervision tool",
+    "type": "module",
+    "main": "./dist/index.js",
+    "bin": {
+        "rigstate": "./dist/index.js"
+    },
+    "scripts": {
+        "dev": "tsup --watch",
+        "build": "tsup",
+        "lint": "tsc --noEmit",
+        "start": "node dist/index.js",
+        "test": "node dist/index.js --help"
+    },
+    "dependencies": {
+        "@rigstate/rules-engine": "*",
+        "@rigstate/shared": "*",
+        "uuid": "^9.0.1",
+        "@types/diff": "^7.0.2",
+        "@types/inquirer": "^9.0.9",
+        "axios": "^1.6.5",
+        "chalk": "^5.3.0",
+        "chokidar": "^3.6.0",
+        "commander": "^12.0.0",
+        "conf": "^12.0.0",
+        "diff": "^4.0.2",
+        "dotenv": "^16.4.1",
+        "glob": "^10.3.10",
+        "inquirer": "^9.3.8",
+        "ora": "^8.0.1"
+    },
+    "devDependencies": {
+        "@types/node": "^20.11.5",
+        "@types/uuid": "^10.0.0",
+        "tsup": "^8.0.1",
+        "typescript": "^5.3.3"
+    },
+    "engines": {
+        "node": ">=18.0.0"
+    },
+    "keywords": [
+        "rigstate",
+        "cli",
+        "audit",
+        "security",
+        "code-quality",
+        "supervisor"
+    ],
+    "author": "Rigstate",
+    "license": "MIT"
+}

package/src/commands/check.ts

@@ -0,0 +1,329 @@
+/**
+ * rigstate check - Validate code against Guardian rules
+ * 
+ * Usage:
+ *   rigstate check              # Check current directory
+ *   rigstate check ./src        # Check specific path
+ *   rigstate check --strict     # Exit 1 on any violation
+ *   rigstate check --strict=critical  # Exit 1 only on critical
+ *   rigstate check --staged     # Only check staged files (for pre-commit)
+ *   rigstate check --json       # Output as JSON
+ */
+
+import { Command } from 'commander';
+import chalk from 'chalk';
+import ora from 'ora';
+import axios from 'axios';
+import { glob } from 'glob';
+import fs from 'fs/promises';
+import path from 'path';
+import { execSync } from 'child_process';
+import { getApiKey, getApiUrl, getProjectId } from '../utils/config.js';
+import { loadManifest } from '../utils/manifest.js';
+import {
+    checkFile,
+    formatViolations,
+    summarizeResults,
+    type EffectiveRule,
+    type CheckResult,
+    type Violation
+} from '../utils/rule-engine.js';
+
+// Cache settings
+const CACHE_FILE = '.rigstate/rules-cache.json';
+const CACHE_TTL_MS = 5 * 60 * 1000; // 5 minutes
+const CACHE_MAX_AGE_MS = 24 * 60 * 60 * 1000; // 24 hours (offline limit)
+
+interface CachedRules {
+    timestamp: string;
+    projectId: string;
+    rules: EffectiveRule[];
+    settings: { lmax: number; lmax_warning: number };
+}
+
+export function createCheckCommand(): Command {
+    return new Command('check')
+        .description('Validate code against Guardian architectural rules')
+        .argument('[path]', 'Directory or file to check', '.')
+        .option('--project <id>', 'Project ID (or use .rigstate manifest)')
+        .option('--strict [level]', 'Exit 1 on violations. Level: "all" (default) or "critical"')
+        .option('--staged', 'Only check git staged files (for pre-commit hooks)')
+        .option('--json', 'Output results as JSON')
+        .option('--no-cache', 'Skip rule cache and fetch fresh from API')
+        .action(async (targetPath: string, options: {
+            project?: string;
+            strict?: boolean | string;
+            staged?: boolean;
+            json?: boolean;
+            cache?: boolean;
+        }) => {
+            const spinner = ora();
+
+            try {
+                // 1. Resolve project context
+                let projectId = options.project;
+                let apiUrl = getApiUrl();
+
+                if (!projectId) {
+                    const manifest = await loadManifest();
+                    if (manifest) {
+                        projectId = manifest.project_id;
+                        if (manifest.api_url) apiUrl = manifest.api_url;
+                    }
+                }
+
+                if (!projectId) {
+                    projectId = getProjectId();
+                }
+
+                if (!projectId) {
+                    console.log(chalk.red('❌ No project context found.'));
+                    console.log(chalk.dim('   Run "rigstate link" or pass --project <id>'));
+                    process.exit(2);
+                }
+
+                // 2. Get API key
+                let apiKey: string;
+                try {
+                    apiKey = getApiKey();
+                } catch {
+                    console.log(chalk.red('❌ Not authenticated. Run "rigstate login" first.'));
+                    process.exit(2);
+                }
+
+                // 3. Fetch rules (with caching)
+                spinner.start('Fetching Guardian rules...');
+                let rules: EffectiveRule[];
+                let settings: { lmax: number; lmax_warning: number };
+
+                try {
+                    const cached = options.cache !== false ? await loadCachedRules(projectId) : null;
+
+                    if (cached && !isStale(cached.timestamp, CACHE_TTL_MS)) {
+                        rules = cached.rules;
+                        settings = cached.settings;
+                        spinner.text = 'Using cached rules...';
+                    } else {
+                        // Fetch from API
+                        const response = await axios.get(`${apiUrl}/api/v1/guardian/rules`, {
+                            params: { project_id: projectId },
+                            headers: { Authorization: `Bearer ${apiKey}` },
+                            timeout: 10000
+                        });
+
+                        if (!response.data.success) {
+                            throw new Error(response.data.error || 'Unknown API error');
+                        }
+
+                        rules = response.data.data.rules;
+                        settings = response.data.data.settings;
+
+                        // Save to cache
+                        await saveCachedRules(projectId, rules, settings);
+                    }
+                } catch (apiError: any) {
+                    // Fallback to cache if API fails
+                    const cached = await loadCachedRules(projectId);
+
+                    if (cached && !isStale(cached.timestamp, CACHE_MAX_AGE_MS)) {
+                        spinner.warn(chalk.yellow('Using cached rules (API unavailable)'));
+                        rules = cached.rules;
+                        settings = cached.settings;
+                    } else {
+                        spinner.fail(chalk.red('Failed to fetch rules and no valid cache'));
+                        console.log(chalk.dim(`   Error: ${apiError.message}`));
+                        process.exit(2);
+                    }
+                }
+
+                spinner.succeed(`Loaded ${rules.length} Guardian rules`);
+
+                // 4. Get files to check
+                const scanPath = path.resolve(process.cwd(), targetPath);
+                let filesToCheck: string[];
+
+                if (options.staged) {
+                    // Only staged files
+                    spinner.start('Getting staged files...');
+                    try {
+                        const stagedOutput = execSync('git diff --cached --name-only --diff-filter=ACMR', {
+                            encoding: 'utf-8',
+                            cwd: process.cwd()
+                        });
+                        filesToCheck = stagedOutput
+                            .split('\n')
+                            .filter(f => f.trim())
+                            .filter(f => isCodeFile(f))
+                            .map(f => path.resolve(process.cwd(), f));
+                    } catch {
+                        spinner.fail('Not a git repository or no staged files');
+                        process.exit(2);
+                    }
+                } else {
+                    // All code files in path
+                    spinner.start(`Scanning ${chalk.cyan(targetPath)}...`);
+                    const pattern = path.join(scanPath, '**/*');
+                    const allFiles = await glob(pattern, {
+                        nodir: true,
+                        dot: false,
+                        ignore: [
+                            '**/node_modules/**',
+                            '**/.git/**',
+                            '**/dist/**',
+                            '**/build/**',
+                            '**/.next/**',
+                            '**/coverage/**'
+                        ]
+                    });
+                    filesToCheck = allFiles.filter(f => isCodeFile(f));
+                }
+
+                if (filesToCheck.length === 0) {
+                    spinner.warn(chalk.yellow('No code files found to check.'));
+                    outputResults([], !!options.json);
+                    process.exit(0);
+                }
+
+                spinner.succeed(`Found ${filesToCheck.length} files to check`);
+
+                // 5. Run checks
+                spinner.start('Running Guardian checks...');
+                const results: CheckResult[] = [];
+
+                for (let i = 0; i < filesToCheck.length; i++) {
+                    const file = filesToCheck[i];
+                    spinner.text = `Checking ${i + 1}/${filesToCheck.length}: ${path.basename(file)}`;
+                    const result = await checkFile(file, rules, process.cwd());
+                    results.push(result);
+                }
+
+                spinner.stop();
+
+                // 6. Output results
+                const summary = summarizeResults(results);
+
+                if (options.json) {
+                    outputResults(results, true);
+                } else {
+                    outputResults(results, false);
+
+                    // Summary
+                    console.log('\n' + chalk.bold('📊 Summary'));
+                    console.log(chalk.dim('─'.repeat(50)));
+                    console.log(`Files checked: ${chalk.cyan(summary.totalFiles)}`);
+                    console.log(`Total violations: ${summary.totalViolations > 0 ? chalk.red(summary.totalViolations) : chalk.green(0)}`);
+
+                    if (summary.totalViolations > 0) {
+                        console.log(`  ${chalk.red('Critical:')} ${summary.criticalCount}`);
+                        console.log(`  ${chalk.yellow('Warning:')} ${summary.warningCount}`);
+                        console.log(`  ${chalk.blue('Info:')} ${summary.infoCount}`);
+                    }
+
+                    console.log(chalk.dim('─'.repeat(50)));
+                }
+
+                // 7. Exit code logic
+                if (options.strict !== undefined) {
+                    const strictLevel = typeof options.strict === 'string' ? options.strict : 'all';
+
+                    if (strictLevel === 'critical' && summary.criticalCount > 0) {
+                        console.log(chalk.red('\n❌ Check failed: Critical violations found'));
+                        process.exit(1);
+                    } else if (strictLevel === 'all' && summary.totalViolations > 0) {
+                        console.log(chalk.red('\n❌ Check failed: Violations found'));
+                        process.exit(1);
+                    }
+                }
+
+                if (summary.totalViolations === 0) {
+                    console.log(chalk.green('\n✅ All checks passed!'));
+                }
+
+                process.exit(0);
+
+            } catch (error: any) {
+                spinner.fail(chalk.red('Check failed'));
+                console.error(chalk.red('Error:'), error.message);
+                process.exit(2);
+            }
+        });
+}
+
+// Helper functions
+
+function isCodeFile(filePath: string): boolean {
+    const codeExtensions = ['.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs'];
+    const ext = path.extname(filePath).toLowerCase();
+    return codeExtensions.includes(ext);
+}
+
+async function loadCachedRules(projectId: string): Promise<CachedRules | null> {
+    try {
+        const cachePath = path.join(process.cwd(), CACHE_FILE);
+        const content = await fs.readFile(cachePath, 'utf-8');
+        const cached: CachedRules = JSON.parse(content);
+
+        if (cached.projectId !== projectId) {
+            return null;
+        }
+
+        return cached;
+    } catch {
+        return null;
+    }
+}
+
+async function saveCachedRules(
+    projectId: string,
+    rules: EffectiveRule[],
+    settings: { lmax: number; lmax_warning: number }
+): Promise<void> {
+    try {
+        const cacheDir = path.join(process.cwd(), '.rigstate');
+        await fs.mkdir(cacheDir, { recursive: true });
+
+        const cached: CachedRules = {
+            timestamp: new Date().toISOString(),
+            projectId,
+            rules,
+            settings
+        };
+
+        await fs.writeFile(
+            path.join(cacheDir, 'rules-cache.json'),
+            JSON.stringify(cached, null, 2)
+        );
+    } catch {
+        // Silently fail cache write
+    }
+}
+
+function isStale(timestamp: string, maxAge: number): boolean {
+    const age = Date.now() - new Date(timestamp).getTime();
+    return age > maxAge;
+}
+
+function outputResults(results: CheckResult[], json: boolean): void {
+    if (json) {
+        console.log(JSON.stringify({
+            results,
+            summary: summarizeResults(results)
+        }, null, 2));
+        return;
+    }
+
+    const hasViolations = results.some(r => r.violations.length > 0);
+
+    if (!hasViolations) {
+        return;
+    }
+
+    console.log('\n' + chalk.bold('🔍 Violations Found'));
+    console.log(chalk.dim('─'.repeat(50)));
+
+    for (const result of results) {
+        if (result.violations.length > 0) {
+            formatViolations(result.violations);
+        }
+    }
+}

package/src/commands/config.ts

@@ -0,0 +1,81 @@
+import { Command } from 'commander';
+import chalk from 'chalk';
+import { getApiKey, setApiKey, getProjectId, setProjectId, getApiUrl } from '../utils/config.js';
+
+export function createConfigCommand() {
+    const config = new Command('config');
+
+    config
+        .description('View or modify Rigstate configuration')
+        .argument('[key]', 'Configuration key to view/set (api_key, project_id, api_url)')
+        .argument('[value]', 'Value to set')
+        .action(async (key?: string, value?: string) => {
+            // No arguments - show all config
+            if (!key) {
+                console.log(chalk.bold('Rigstate Configuration'));
+                console.log(chalk.dim('─'.repeat(40)));
+
+                try {
+                    const apiKey = getApiKey();
+                    console.log(`${chalk.cyan('api_key')}: ${apiKey.substring(0, 20)}...`);
+                } catch (e) {
+                    console.log(`${chalk.cyan('api_key')}: ${chalk.dim('(not set)')}`);
+                }
+
+                const projectId = getProjectId();
+                console.log(`${chalk.cyan('project_id')}: ${projectId || chalk.dim('(not set)')}`);
+
+                const apiUrl = getApiUrl();
+                console.log(`${chalk.cyan('api_url')}: ${apiUrl}`);
+
+                console.log('');
+                console.log(chalk.dim('Use "rigstate config <key> <value>" to set a value.'));
+                return;
+            }
+
+            // Get specific key
+            if (!value) {
+                switch (key) {
+                    case 'api_key':
+                        try {
+                            const apiKey = getApiKey();
+                            console.log(apiKey);
+                        } catch (e) {
+                            console.log(chalk.dim('(not set)'));
+                        }
+                        break;
+                    case 'project_id':
+                        console.log(getProjectId() || chalk.dim('(not set)'));
+                        break;
+                    case 'api_url':
+                        console.log(getApiUrl());
+                        break;
+                    default:
+                        console.log(chalk.red(`Unknown config key: ${key}`));
+                        console.log(chalk.dim('Valid keys: api_key, project_id, api_url'));
+                }
+                return;
+            }
+
+            // Set value
+            switch (key) {
+                case 'api_key':
+                    setApiKey(value);
+                    console.log(chalk.green(`✅ api_key updated`));
+                    break;
+                case 'project_id':
+                    setProjectId(value);
+                    console.log(chalk.green(`✅ project_id updated`));
+                    break;
+                case 'api_url':
+                    // api_url is not settable via this command for now
+                    console.log(chalk.yellow('api_url is set via RIGSTATE_API_URL environment variable'));
+                    break;
+                default:
+                    console.log(chalk.red(`Unknown config key: ${key}`));
+                    console.log(chalk.dim('Valid keys: api_key, project_id'));
+            }
+        });
+
+    return config;
+}

package/src/commands/daemon.ts

@@ -0,0 +1,197 @@
+/**
+ * rigstate daemon - Unified Guardian Daemon
+ * 
+ * Usage:
+ *   rigstate daemon              # Start daemon in foreground
+ *   rigstate daemon status       # Check if daemon is running
+ *   rigstate daemon --no-bridge  # Disable Agent Bridge
+ *   rigstate daemon --verbose    # Enable verbose output
+ */
+
+import { Command } from 'commander';
+import chalk from 'chalk';
+import ora from 'ora';
+import fs from 'fs/promises';
+import path from 'path';
+import { createDaemon } from '../daemon/factory.js';
+
+const PID_FILE = '.rigstate/daemon.pid';
+const STATE_FILE = '.rigstate/daemon.state.json';
+
+export function createDaemonCommand(): Command {
+    const daemon = new Command('daemon')
+        .description('Start the Guardian daemon for continuous monitoring');
+
+    // Main daemon command (start in foreground)
+    daemon
+        .argument('[action]', 'Action: start (default) or status', 'start')
+        .option('--project <id>', 'Project ID (or use .rigstate manifest)')
+        .option('--path <path>', 'Path to watch', '.')
+        .option('--no-bridge', 'Disable Agent Bridge connection')
+        .option('--verbose', 'Enable verbose output')
+        .action(async (action: string, options: {
+            project?: string;
+            path?: string;
+            bridge?: boolean;
+            verbose?: boolean;
+        }) => {
+            if (action === 'status') {
+                await showStatus();
+                return;
+            }
+
+            const spinner = ora();
+
+            try {
+                // Check if already running
+                if (await isRunning()) {
+                    console.log(chalk.yellow('⚠ Another daemon instance may be running.'));
+                    console.log(chalk.dim(`   Check ${PID_FILE} or run "rigstate daemon status"`));
+                    console.log(chalk.dim('   Use Ctrl+C to stop the running daemon first.\n'));
+                }
+
+                // Create daemon
+                spinner.start('Initializing Guardian Daemon...');
+                const daemonInstance = await createDaemon({
+                    project: options.project,
+                    path: options.path,
+                    noBridge: options.bridge === false,
+                    verbose: options.verbose
+                });
+                spinner.stop();
+
+                // Write PID file
+                await writePidFile();
+
+                // Handle shutdown gracefully
+                process.on('SIGINT', async () => {
+                    console.log(chalk.dim('\n\nShutting down...'));
+                    await daemonInstance.stop();
+                    await cleanupPidFile();
+                    process.exit(0);
+                });
+
+                process.on('SIGTERM', async () => {
+                    await daemonInstance.stop();
+                    await cleanupPidFile();
+                    process.exit(0);
+                });
+
+                // Update state file periodically
+                const stateInterval = setInterval(async () => {
+                    await writeStateFile(daemonInstance.getState());
+                }, 5000);
+
+                daemonInstance.on('stopped', () => {
+                    clearInterval(stateInterval);
+                });
+
+                // Start the daemon
+                await daemonInstance.start();
+
+                // Keep the process alive
+                await new Promise(() => { });
+
+            } catch (error: any) {
+                spinner.fail(chalk.red('Failed to start daemon'));
+                console.error(chalk.red('Error:'), error.message);
+                process.exit(1);
+            }
+        });
+
+    return daemon;
+}
+
+async function isRunning(): Promise<boolean> {
+    try {
+        const pidPath = path.join(process.cwd(), PID_FILE);
+        const content = await fs.readFile(pidPath, 'utf-8');
+        const pid = parseInt(content.trim(), 10);
+
+        // Check if process exists
+        try {
+            process.kill(pid, 0);
+            return true;
+        } catch {
+            // Process doesn't exist, clean up stale PID file
+            await fs.unlink(pidPath);
+            return false;
+        }
+    } catch {
+        return false;
+    }
+}
+
+async function writePidFile(): Promise<void> {
+    try {
+        const dir = path.join(process.cwd(), '.rigstate');
+        await fs.mkdir(dir, { recursive: true });
+        await fs.writeFile(path.join(dir, 'daemon.pid'), process.pid.toString());
+    } catch {
+        // Silently fail
+    }
+}
+
+async function cleanupPidFile(): Promise<void> {
+    try {
+        await fs.unlink(path.join(process.cwd(), PID_FILE));
+        await fs.unlink(path.join(process.cwd(), STATE_FILE));
+    } catch {
+        // Silently fail
+    }
+}
+
+async function writeStateFile(state: any): Promise<void> {
+    try {
+        const dir = path.join(process.cwd(), '.rigstate');
+        await fs.mkdir(dir, { recursive: true });
+        await fs.writeFile(
+            path.join(dir, 'daemon.state.json'),
+            JSON.stringify(state, null, 2)
+        );
+    } catch {
+        // Silently fail
+    }
+}
+
+async function showStatus(): Promise<void> {
+    console.log(chalk.bold('\n🛡️  Guardian Daemon Status\n'));
+
+    const running = await isRunning();
+
+    if (!running) {
+        console.log(chalk.yellow('Status: Not running'));
+        console.log(chalk.dim('Use "rigstate daemon" to start.\n'));
+        return;
+    }
+
+    console.log(chalk.green('Status: Running'));
+
+    // Read state file
+    try {
+        const statePath = path.join(process.cwd(), STATE_FILE);
+        const content = await fs.readFile(statePath, 'utf-8');
+        const state = JSON.parse(content);
+
+        console.log(chalk.dim('─'.repeat(40)));
+        console.log(`Started at:      ${state.startedAt || 'Unknown'}`);
+        console.log(`Files checked:   ${state.filesChecked || 0}`);
+        console.log(`Violations:      ${state.violationsFound || 0}`);
+        console.log(`Tasks processed: ${state.tasksProcessed || 0}`);
+        console.log(`Last activity:   ${state.lastActivity || 'None'}`);
+        console.log(chalk.dim('─'.repeat(40)));
+    } catch {
+        console.log(chalk.dim('(State file not found)'));
+    }
+
+    // Read PID
+    try {
+        const pidPath = path.join(process.cwd(), PID_FILE);
+        const pid = await fs.readFile(pidPath, 'utf-8');
+        console.log(chalk.dim(`PID: ${pid.trim()}`));
+    } catch {
+        // No PID file
+    }
+
+    console.log('');
+}