@rigstate/mcp 0.4.2

package/src/tools/check-agent-bridge.ts

@@ -0,0 +1,169 @@
+
+import { SupabaseClient } from '@supabase/supabase-js';
+import { AgentBridgeTask, CheckAgentBridgeResponse } from '../lib/types.js';
+import { getProjectMorals } from '../resources/project-morals.js';
+
+export async function checkAgentBridge(
+    supabase: SupabaseClient,
+    projectId: string,
+    action: 'check' | 'update' | 'submit_for_review' = 'check',
+    bridgeId?: string,
+    status?: string,
+    summary?: string, // legacy alias for general notes
+    execution_summary?: string, // NEW: required for completion
+    proposal?: string
+): Promise<CheckAgentBridgeResponse> {
+
+    // 4. SUBMIT FOR REVIEW MODE
+    if (action === 'submit_for_review') {
+        if (!bridgeId) throw new Error('bridgeId is required for submit_for_review action');
+        if (!proposal) throw new Error('proposal (with suggestedChanges and reasoning) is required for submission');
+
+        // Pre-Flight Check: Active Validation
+        const morals = getProjectMorals(); // Reads local .cursorrules if available
+        const rulesText = morals.formatted.toLowerCase();
+        const proposalLower = proposal.toLowerCase();
+
+        // 1. Check for RIGSTATE compliance if rules exist
+        if (rulesText.includes('rigstate_start')) {
+            // Heuristic: If rules dictate RLS, proposal must mention it
+            if (rulesText.includes('rls') && !proposalLower.includes('rls') && !proposalLower.includes('security')) {
+                throw new Error('Validation Failed: Rule "RLS/Security" was violated. Your proposal does not explicitly mention Row Level Security. Please update your proposal to confirm RLS is handled.');
+            }
+
+            // Heuristic: If rules dictate Strict Types, proposal must mention it
+            if (rulesText.includes('strict types') && !proposalLower.includes('type') && !proposalLower.includes('interface')) {
+                throw new Error('Validation Failed: Rule "Strict Types" was violated. Your proposal seems to lack TypeScript definitions. Please explicitly plan your types.');
+            }
+        }
+
+        // Update status to NEEDS_REVIEW
+        const { data, error } = await supabase
+            .from('agent_bridge')
+            .update({
+                status: 'NEEDS_REVIEW',
+                proposal: proposal,
+                updated_at: new Date().toISOString()
+            })
+            .eq('id', bridgeId)
+            .eq('project_id', projectId)
+            .select()
+            .single();
+
+        if (error) throw new Error(`Failed to submit for review: ${error.message}`);
+
+        return {
+            success: true,
+            message: `Task ${bridgeId} submitted for review.`,
+            task: data as AgentBridgeTask
+        };
+    }
+
+    // 1. UPDATE MODE
+    if (action === 'update') {
+        if (!bridgeId) throw new Error('bridgeId is required for update action');
+
+        // Security Check: If trying to set COMPLETED, verify it was APPROVED
+        if (status === 'COMPLETED' || status === 'EXECUTING') {
+            const { data: currentTask } = await supabase
+                .from('agent_bridge')
+                .select('status')
+                .eq('id', bridgeId)
+                .single();
+
+            if (currentTask && (currentTask.status !== 'APPROVED' && currentTask.status !== 'EXECUTING')) {
+                throw new Error(`Security Violation: Cannot execute or complete task ${bridgeId} because it is in status '${currentTask.status}'. Wait for APPROVED status.`);
+            }
+        }
+
+        if (!status && !summary && !proposal) throw new Error('At least one of status, summary, or proposal is required for update');
+
+
+        const updateData: any = {};
+
+        if (status === 'COMPLETED') {
+            if (!execution_summary) {
+                throw new Error('execution_summary is REQUIRED when setting status to COMPLETED.');
+            }
+            updateData.completed_at = new Date().toISOString();
+        }
+
+        if (status) updateData.status = status;
+        if (summary) updateData.summary = summary;
+        if (execution_summary) updateData.execution_summary = execution_summary;
+        if (proposal) updateData.proposal = proposal;
+        updateData.updated_at = new Date().toISOString();
+
+        const { data, error } = await supabase
+            .from('agent_bridge')
+            .update(updateData)
+            .eq('id', bridgeId)
+            .eq('project_id', projectId)
+            .select()
+            .single();
+
+        if (error) throw new Error(`Failed to update agent bridge: ${error.message}`);
+
+        return {
+            success: true,
+            message: `Updated agent bridge task ${bridgeId} to status ${data.status}`,
+            task: data as AgentBridgeTask
+        };
+    }
+
+    // 2. CHECK MODE (Default)
+    // Find the oldest PENDING or APPROVED task (prioritize approved to execute, then pending to plan)
+    // Actually, usually we want to find work. 
+    // - PENDING means "Need Plan"
+    // - APPROVED means "Need Execution"
+    // So we should look for both.
+
+    const { data: tasks, error } = await supabase
+        .from('agent_bridge')
+        .select(`
+            *,
+            roadmap_chunks (
+                title,
+                description,
+                prompt_content
+            )
+        `)
+        .eq('project_id', projectId)
+        // Find tasks that need plan (PENDING) OR need execution (APPROVED)
+        // Ignoring NEEDS_REVIEW as that's user's court
+        .in('status', ['PENDING', 'APPROVED', 'REJECTED'])
+        .order('created_at', { ascending: true })
+        .limit(1);
+
+    if (error) throw new Error(`Failed to check agent bridge: ${error.message}`);
+
+    if (!tasks || tasks.length === 0) {
+        return {
+            success: true,
+            message: 'No pending or approved tasks found.',
+        };
+    }
+
+    const taskData = tasks[0];
+    const task: AgentBridgeTask = {
+        id: taskData.id,
+        project_id: taskData.project_id,
+        task_id: taskData.task_id,
+        status: taskData.status,
+        summary: taskData.summary,
+        execution_summary: taskData.execution_summary,
+        proposal: taskData.proposal,
+        created_at: taskData.created_at,
+        completed_at: taskData.completed_at,
+        // Map joined data flattener
+        task_title: taskData.roadmap_chunks?.title,
+        task_description: taskData.roadmap_chunks?.description,
+        task_content: taskData.roadmap_chunks?.prompt_content
+    };
+
+    return {
+        success: true,
+        message: `Found task needing attention: ${task.status}`,
+        task
+    };
+}

package/src/tools/check-rules-sync.ts

@@ -0,0 +1,85 @@
+
+import { SupabaseClient } from '@supabase/supabase-js';
+import { CheckRulesSyncResponse } from '../lib/types.js';
+
+const RIGSTATE_START = "RIGSTATE_START";
+const RIGSTATE_END = "RIGSTATE_END";
+
+// Minimal Safety Cache (Guardian Rules)
+const SAFETY_CACHE_RULES = `
+### 🛡️ RIGSTATE SAFETY CACHE (OFFLINE MODE)
+1. **Strict Types**: No 'any'. Define interfaces for all data structures.
+2. **Row Level Security**: All database queries MUST be scoped to 'user_id' or 'org_id'.
+3. **Validation**: Use Zod for all input validation.
+4. **Error Handling**: Use try/catch blocks for all external API calls.
+5. **No Blind Deletes**: Never delete data without explicit confirmation or soft-deletes.
+`;
+
+export async function checkRulesSync(
+    supabase: SupabaseClient,
+    projectId: string,
+    currentRulesContent?: string
+): Promise<CheckRulesSyncResponse> {
+
+    // If no content provided, we can't really verify local files from MCP directly 
+    // without reading the file system, but MCP is often sandboxed or remote.
+    // Ideally, the Agent provides the content of .cursorrules it sees.
+
+    if (!currentRulesContent) {
+        return {
+            synced: false,
+            message: "No rules content provided for verification.",
+            shouldTriggerSync: true,
+            missingBlock: true
+        };
+    }
+
+    const hasStart = currentRulesContent.includes(RIGSTATE_START);
+    const hasEnd = currentRulesContent.includes(RIGSTATE_END);
+
+    if (!hasStart || !hasEnd) {
+        return {
+            synced: false,
+            message: "Rigstate rules block is missing or corrupted.",
+            shouldTriggerSync: true,
+            missingBlock: true
+        };
+    }
+
+    // Resilience: Wrap DB check in try/catch to handle network failures
+    try {
+        const { data: project, error } = await supabase
+            .from('projects')
+            .select('name')
+            .eq('id', projectId)
+            .single();
+
+        if (error) throw error;
+
+        if (project) {
+            if (!currentRulesContent.includes(`Project Rules: ${project.name}`)) {
+                return {
+                    synced: false,
+                    message: `Rules file appears to belong to a different project (Expected: ${project.name}).`,
+                    shouldTriggerSync: true
+                };
+            }
+        }
+    } catch (e) {
+        // Network or DB Error -> Fallback to Offline Mode
+        console.error("Rigstate Sync Verification Failed:", e);
+
+        return {
+            synced: true, // Assume synced to allow work to continue
+            shouldTriggerSync: false,
+            offlineMode: true,
+            message: `⚠️ Rigstate Sync utilgjengelig – bruker lokale sikkerhetsregler.\n${SAFETY_CACHE_RULES}`
+        };
+    }
+
+    return {
+        synced: true,
+        message: "Rules are valid and present.",
+        shouldTriggerSync: false
+    };
+}

package/src/tools/complete-roadmap-task.ts

@@ -0,0 +1,96 @@
+import { SupabaseClient } from '@supabase/supabase-js';
+
+export interface CompleteRoadmapTaskResponse {
+    success: boolean;
+    taskId: string;
+    message: string;
+}
+
+export async function completeRoadmapTask(
+    supabase: SupabaseClient,
+    projectId: string,
+    summary: string,
+    taskId?: string,
+    gitDiff?: string
+): Promise<CompleteRoadmapTaskResponse> {
+
+    // 1. Identify the task
+    let targetTaskId = taskId;
+
+    if (!targetTaskId) {
+        // Infer: Find the first IN_PROGRESS or ACTIVE task
+        const { data: activeTask } = await supabase
+            .from('roadmap_chunks')
+            .select('id, title')
+            .eq('project_id', projectId)
+            .in('status', ['IN_PROGRESS', 'ACTIVE'])
+            .order('step_number', { ascending: true })
+            .limit(1)
+            .single();
+
+        if (activeTask) {
+            targetTaskId = activeTask.id;
+        } else {
+            throw new Error('No active task found to complete. Please provide a specific taskId.');
+        }
+    }
+
+    // 2. Update the Task Status
+    const { error: updateError } = await supabase
+        .from('roadmap_chunks')
+        .update({
+            status: 'COMPLETED',
+            completed_at: new Date().toISOString(),
+            // We could store the summary directly on the chunk if there's a column, 
+            // but mission_reports is the proper place for detailed logs.
+            // Let's check if we can update metadata or similar.
+            // For now, let's assume mission_reports is the way.
+        })
+        .eq('id', targetTaskId);
+
+    if (updateError) {
+        throw new Error(`Failed to update task status: ${updateError.message}`);
+    }
+
+    // 3. Create a Mission Report entry
+    // Check if 'mission_reports' table exists and has the schema we expect.
+    // Based on previous code in index.ts (Frank Watcher):
+    /*
+        await supabase.from('mission_reports').insert({
+            bridge_id: task.id, // We might not have a bridge_id if this is direct from IDE
+            project_id: task.project_id,
+            task_id: task.task_id,
+            human_summary: humanSummary,
+            technical_summary: technicalSummary,
+            ...
+        });
+    */
+
+    // We'll insert a report. Since we don't have a bridge_id (this didn't come from the agent bridge queue),
+    // we'll leave it null if allowed, or we might need to create a dummy bridge entry?
+    // Let's assume bridge_id is nullable or we just skip it.
+    // If bridge_id is required, we might need to fake one or just log to a 'notes' field on roadmap_chunk if available.
+    // Let's try to insert into mission_reports first.
+
+    const { error: reportError } = await supabase
+        .from('mission_reports')
+        .insert({
+            project_id: projectId,
+            task_id: targetTaskId,
+            human_summary: summary,
+            technical_summary: gitDiff || 'Completed via IDE Direct Connection.',
+            // bridge_id: null // Assuming nullable
+        });
+
+    if (reportError) {
+        console.warn('Failed to save mission report:', reportError.message);
+        // Fallback: Add a comment/note to the chunk?
+        // We'll just return a warning in the message.
+    }
+
+    return {
+        success: true,
+        taskId: targetTaskId!,
+        message: `Task completed successfully! Summary saved.`
+    };
+}

package/src/tools/generate-professional-pdf.ts

@@ -0,0 +1,232 @@
+
+import { SupabaseClient } from '@supabase/supabase-js';
+import { getScribePersona, interpolateScribePrompt, calculateScribeMetrics } from '../agents/the-scribe.js';
+
+export async function generateProfessionalPdf(
+    supabase: SupabaseClient,
+    userId: string,
+    projectId: string,
+    reportType: 'SYSTEM_MANIFEST' | 'INVESTOR_REPORT'
+) {
+    console.error(`🖋️ The Scribe is preparing a ${reportType} briefing for project ${projectId}...`);
+
+    // 1. Fetch persona from Prompt CMS (via Scribe Adapter)
+    const persona = await getScribePersona(supabase);
+
+    // 2. Fetch Project Metadata (expanded)
+    const { data: project } = await supabase
+        .from('projects')
+        .select('name, description, project_type, detected_stack')
+        .eq('id', projectId)
+        .single();
+
+    const projectName = project?.name || 'Rigstate Project';
+    const projectDescription = project?.description || 'A cutting-edge software project built with modern architecture.';
+    const projectType = project?.project_type || 'Web Application';
+    const detectedStack = project?.detected_stack || {};
+
+    // 3. Fetch COMPREHENSIVE Real Context & Metrics
+    const [
+        metrics,
+        dnaStatsResponse,
+        recentDecisions,
+        roadmapData,
+        councilSessions,
+        tableList
+    ] = await Promise.all([
+        calculateScribeMetrics(supabase, projectId),
+        supabase.rpc('get_project_dna_stats', { p_project_id: projectId }),
+        supabase.from('project_memories')
+            .select('summary, category, created_at')
+            .eq('project_id', projectId)
+            .eq('category', 'decision')
+            .order('created_at', { ascending: false })
+            .limit(5),
+        supabase.from('roadmap_chunks')
+            .select('title, status, priority')
+            .eq('project_id', projectId)
+            .order('priority', { ascending: true }),
+        supabase.from('council_sessions')
+            .select('executive_summary, created_at')
+            .eq('project_id', projectId)
+            .order('created_at', { ascending: false })
+            .limit(2),
+        supabase.rpc('get_public_tables_list')
+    ]);
+
+    const dnaStats = dnaStatsResponse.data || { total_tables: 0, rls_tables: 0, rls_policies: 0 };
+    const tables = tableList.data || [];
+
+    // 4. Process Roadmap Data - Separate legacy from active
+    const roadmapSteps = roadmapData.data || [];
+    const allCompletedSteps = roadmapSteps.filter(s => s.status === 'COMPLETED');
+    const legacySteps = roadmapSteps.filter((s: any) => s.is_legacy === true);
+    const activeCompletedSteps = allCompletedSteps.filter((s: any) => s.is_legacy !== true);
+    const activeStep = roadmapSteps.find(s => s.status === 'ACTIVE');
+    const lockedSteps = roadmapSteps.filter(s => s.status === 'LOCKED');
+
+    // Progress based on ALL steps (legacy count towards completion but are clearly marked)
+    const totalNonLegacy = roadmapSteps.filter((s: any) => s.is_legacy !== true).length;
+    const progress = totalNonLegacy > 0 ? Math.round((activeCompletedSteps.length / totalNonLegacy) * 100) : 0;
+
+    // 5. Build Tech Stack Summary
+    const deps = detectedStack.dependencies || {};
+    const devDeps = detectedStack.devDependencies || {};
+    const allDeps = { ...deps, ...devDeps };
+    const techStackItems: string[] = [];
+
+    if (allDeps['next']) techStackItems.push(`Next.js ${allDeps['next']}`);
+    if (allDeps['react']) techStackItems.push(`React ${allDeps['react']}`);
+    if (allDeps['@supabase/supabase-js']) techStackItems.push('Supabase');
+    if (allDeps['tailwindcss']) techStackItems.push('Tailwind CSS');
+    if (allDeps['typescript']) techStackItems.push('TypeScript');
+    if (allDeps['zod']) techStackItems.push('Zod Validation');
+    if (allDeps['@react-pdf/renderer']) techStackItems.push('React-PDF');
+    if (allDeps['sonner']) techStackItems.push('Sonner Toasts');
+
+    const techStackSummary = techStackItems.length > 0
+        ? techStackItems.join(' • ')
+        : 'Stack detection pending. Run repository indexing to populate.';
+
+    // 6. Build ADRs Summary
+    const adrList = recentDecisions.data?.map(d => `• ${d.summary}`) || [];
+    const adrContent = adrList.length > 0
+        ? adrList.join('\n')
+        : '• No architectural decisions recorded yet. Use the Council or save decisions via chat.';
+
+    // 7. Build Roadmap Details - Separate legacy from active
+    const legacyTitles = legacySteps.length > 0
+        ? `Established Foundations (${legacySteps.length}):\n${legacySteps.map((s: any) => `📚 ${s.title}`).join('\n')}`
+        : '';
+    const activeTitles = activeCompletedSteps.map((s: any) => `✓ ${s.title}`).join('\n');
+    const activeTitle = activeStep ? `→ IN PROGRESS: ${activeStep.title}` : '';
+    const nextUpTitles = lockedSteps.slice(0, 3).map((s: any) => `○ ${s.title}`).join('\n');
+
+    const roadmapDetails = [
+        legacyTitles,
+        activeTitles ? `\nRecent Completions:\n${activeTitles}` : '',
+        activeTitle,
+        nextUpTitles ? `\nNext Up:\n${nextUpTitles}` : ''
+    ].filter(Boolean).join('\n');
+
+
+    // 8. Build Council Insights
+    const councilInsights = councilSessions.data?.map(s => s.executive_summary).filter(Boolean).slice(0, 2) || [];
+    const councilSummary = councilInsights.length > 0
+        ? councilInsights.map(i => `• ${i}`).join('\n')
+        : 'No council sessions recorded yet.';
+
+    // 9. Build Security Analysis (Comprehensive)
+    const securedTables = dnaStats.rls_tables || 0;
+    const totalTables = dnaStats.total_tables || tables.length || 0;
+    const rlsPolicies = dnaStats.rls_policies || 0;
+    const securityScore = totalTables > 0 ? Math.round((securedTables / totalTables) * 100) : 0;
+
+    const securityAnalysis = `
+Security Score: ${securityScore}% of public tables secured with RLS.
+• Total Public Tables: ${totalTables}
+• Tables with RLS Enabled: ${securedTables}
+• Active RLS Policies: ${rlsPolicies}
+• Guardian Pings (Monitoring): ${metrics.riskScore} detected
+
+${securityScore >= 90 ? '✓ EXCELLENT: All critical tables are protected.' :
+            securityScore >= 70 ? '⚠ STABLE: Most tables protected. Review remaining exposures.' :
+                '⛔ AT RISK: Immediate RLS audit recommended.'}
+`.trim();
+
+    // 10. Interpolate variables
+    const interpolatedPrompt = interpolateScribePrompt(persona.content, {
+        projectName,
+        velocity: metrics.velocity,
+        quality: metrics.qualityTrend,
+        riskMitigation: metrics.riskMitigation
+    });
+
+    // 11. Structure MANIFEST report data
+    const manifestData = {
+        type: 'MANIFEST',
+        projectName: projectName,
+        sections: [
+            {
+                title: 'Project Overview',
+                content: `${projectDescription}\n\nProject Type: ${projectType}\nTech Stack: ${techStackSummary}`
+            },
+            {
+                title: 'Codebase DNA (Real-time Scan)',
+                content: `System consists of ${totalTables} tables with ${rlsPolicies} active RLS security policies.\n\nDatabase integrity is rated as ${securityScore >= 90 ? 'EXCELLENT' : securityScore >= 70 ? 'STABLE' : 'NEEDS ATTENTION'}.\n\nKey Tables Detected:\n${tables.slice(0, 10).map((t: any) => `• ${t.table_name}`).join('\n') || '• Run database scan to populate'}`
+            },
+            {
+                title: 'Architectural Decisions (ADRs)',
+                content: adrContent
+            },
+            {
+                title: 'Roadmap Execution',
+                content: `Development Progress: ${progress}% (${activeCompletedSteps.length} active / ${legacySteps.length} legacy foundations)\n\nVelocity: ${metrics.velocity}\n\n${roadmapDetails || 'No roadmap steps configured yet.'}`
+            },
+            {
+                title: 'Council Insights',
+                content: councilSummary
+            },
+            {
+                title: 'Security & Risk Assessment',
+                content: securityAnalysis
+            },
+            {
+                title: 'Quality & Compliance',
+                content: `Quality Trend: ${metrics.qualityTrend}\n\nGuard Clauses:\n• Strict Type Checks (No Any)\n• Mandatory Supabase RLS Enforcement\n• Line Limit Enforcement: TS (400) / TSX (250)\n• All API routes require authentication\n• CORS policies enforced on public endpoints`
+            }
+        ],
+        agent: persona.display_name,
+        job_title: persona.job_title,
+        metrics: {
+            velocity: metrics.velocity,
+            qualityTrend: metrics.qualityTrend,
+            progress: `${progress}%`,
+            securityScore: `${securityScore}%`,
+            totalTables: totalTables,
+            rlsPolicies: rlsPolicies
+        }
+    };
+
+    // 12. Structure INVESTOR report data
+    const investorData = {
+        type: 'INVESTOR',
+        projectName: projectName,
+        data: {
+            velocity: metrics.velocity,
+            healthScore: Math.min(100, 70 + (activeCompletedSteps.length * 3) + (legacySteps.length * 2) + (progress / 5) + (securityScore / 10)),
+            qualityTrend: metrics.qualityTrend,
+            roadmapProgress: `${progress}% (${activeCompletedSteps.length} completed, ${legacySteps.length} established foundations)`,
+            projectType: projectType,
+            techStack: techStackSummary,
+            keyAchievements: [
+                ...activeCompletedSteps.slice(0, 3).map((s: any) => `Completed: ${s.title}`),
+                ...(legacySteps.length > 0 ? [`Built on ${legacySteps.length} established foundations`] : []),
+                ...(recentDecisions.data?.slice(0, 2).map((d: any) => d.summary) || [])
+            ].slice(0, 5),
+            currentFocus: activeStep?.title || 'Planning next phase',
+            upcomingMilestones: lockedSteps.slice(0, 3).map(s => s.title),
+            riskMitigation: metrics.riskMitigation,
+            securityPosture: {
+                score: `${securityScore}%`,
+                status: securityScore >= 90 ? 'Excellent' : securityScore >= 70 ? 'Stable' : 'Needs Attention',
+                rlsPolicies: rlsPolicies,
+                protectedTables: securedTables,
+                totalTables: totalTables
+            },
+            councilInsights: councilInsights.slice(0, 2)
+        },
+        agent: persona.display_name,
+        job_title: persona.job_title
+    };
+
+    const reportData = reportType === 'SYSTEM_MANIFEST' ? manifestData : investorData;
+
+    // 13. Return data to caller
+    return {
+        success: true,
+        message: `${reportType} briefing is ready.`,
+        data: reportData,
+        debug_prompt_snippet: interpolatedPrompt.substring(0, 500)
+    };
+}