npm - @shepai/cli - Versions diffs - 1.170.0 → 1.171.0-pr527.e2ee839 - Mend

@shepai/cli 1.170.0 → 1.171.0-pr527.e2ee839

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (464) hide show

package/dist/packages/core/src/infrastructure/services/agents/feature-agent/feature-agent-worker.js CHANGED Viewed

@@ -16,7 +16,7 @@ import { initializeContainer, container } from '../../../di/container.js';
 import { createFeatureAgentGraph } from './feature-agent-graph.js';
 import { createFastFeatureAgentGraph } from './fast-feature-agent-graph.js';
 import { createCheckpointer } from '../common/checkpointer.js';
-import { AgentRunStatus, SdlcLifecycle } from '../../../../domain/generated/output.js';
+import { AgentRunStatus, SdlcLifecycle, SecurityMode, } from '../../../../domain/generated/output.js';
 import { initializeSettings } from '../../../services/settings.service.js';
 import { InitializeSettingsUseCase } from '../../../../application/use-cases/settings/initialize-settings.use-case.js';
 import { setHeartbeatContext } from './heartbeat.js';
@@ -76,6 +76,23 @@ export function parseWorkerArgs(args) {
     const resumeReason = resumeReasonIdx !== -1 && resumeReasonIdx + 1 < args.length
         ? args[resumeReasonIdx + 1]
         : undefined;
+    const securityModeIdx = args.indexOf('--security-mode');
+    const securityModeRaw = securityModeIdx !== -1 && securityModeIdx + 1 < args.length
+        ? args[securityModeIdx + 1]
+        : undefined;
+    const securityMode = securityModeRaw && Object.values(SecurityMode).includes(securityModeRaw)
+        ? securityModeRaw
+        : undefined;
+    const securityDispositionsIdx = args.indexOf('--security-dispositions');
+    let securityActionDispositions;
+    if (securityDispositionsIdx !== -1 && securityDispositionsIdx + 1 < args.length) {
+        try {
+            securityActionDispositions = JSON.parse(args[securityDispositionsIdx + 1]);
+        }
+        catch {
+            securityActionDispositions = undefined;
+        }
+    }
     return {
         featureId: getArg('feature-id'),
         runId: getArg('run-id'),
@@ -98,6 +115,8 @@ export function parseWorkerArgs(args) {
         fast,
         model,
         resumeReason,
+        securityMode,
+        securityActionDispositions,
     };
 }
 /** Simple worker logger — writes to stdout which is redirected to log file by the parent. */
@@ -159,6 +178,10 @@ export async function runWorker(args) {
         ...(args.agentType ? ['--agent-type', args.agentType] : []),
         ...(args.fast ? ['--fast'] : []),
         ...(args.model ? ['--model', args.model] : []),
+        ...(args.securityMode ? ['--security-mode', args.securityMode] : []),
+        ...(args.securityActionDispositions
+            ? ['--security-dispositions', JSON.stringify(args.securityActionDispositions)]
+            : []),
     ];
     log(`Starting worker — full command:`);
     log(`  ${cmdParts.join(' ')}`);
@@ -292,6 +315,10 @@ export async function runWorker(args) {
                 ciWatchEnabled: args.ciWatchEnabled ?? true,
                 enableEvidence: args.enableEvidence ?? false,
                 commitEvidence: args.commitEvidence ?? false,
+                ...(args.securityMode ? { securityMode: args.securityMode } : {}),
+                ...(args.securityActionDispositions
+                    ? { securityActionDispositions: args.securityActionDispositions }
+                    : {}),
             }, graphConfig);
         }
         else {
@@ -310,6 +337,10 @@ export async function runWorker(args) {
                 ciWatchEnabled: args.ciWatchEnabled ?? true,
                 enableEvidence: args.enableEvidence ?? false,
                 commitEvidence: args.commitEvidence ?? false,
+                ...(args.securityMode ? { securityMode: args.securityMode } : {}),
+                ...(args.securityActionDispositions
+                    ? { securityActionDispositions: args.securityActionDispositions }
+                    : {}),
             }, graphConfig);
         }
         log(`Graph invocation completed. Error: ${result.error ?? 'none'}`);

package/dist/packages/core/src/infrastructure/services/agents/feature-agent/nodes/node-helpers.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"node-helpers.d.ts","sourceRoot":"","sources":["../../../../../../../../../packages/core/src/infrastructure/services/agents/feature-agent/nodes/node-helpers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAOH,OAAO,KAAK,EACV,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACrB,MAAM,+DAA+D,CAAC;AACvE,OAAO,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAC;~~AAE5E~~,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAUrD;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM;IAE7C,4DAA4D;gBAChD,IAAI;kBAGF,MAAM,GAAG,IAAI;mBAIZ,MAAM,GAAG,IAAI;EAK/B;AAED,MAAM,MAAM,UAAU,GAAG,UAAU,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAE7D;;GAEG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,CAMtE;AAoBD;;;;GAIG;AACH,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAO1D;AAED;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,iBAAiB,EACxB,SAAS,CAAC,EAAE,OAAO,CAAC,IAAI,CAAC,qBAAqB,EAAE,SAAS,CAAC,CAAC,EAC3D,QAAQ,CAAC,EAAE,MAAM,GAChB,qBAAqB,CAUvB;AAeD;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAQrD;AAgBD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,OAAO,GAAG,MAAM,CAElD;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa,GAAG,SAAS,GAAG,OAAO,CAQ3F;AAMD,MAAM,MAAM,aAAa,GAAG,eAAe,GAAG,mBAAmB,GAAG,eAAe,GAAG,SAAS,CAAC;AAMhG;;;;;;;GAOG;AACH,wBAAgB,aAAa,CAAC,YAAY,EAAE,MAAM,GAAG,aAAa,CAKjE;AAED,MAAM,WAAW,YAAY;IAC3B,wDAAwD;IACxD,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,kFAAkF;IAClF,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,0CAA0C;IAC1C,MAAM,CAAC,EAAE,UAAU,CAAC;CACrB;AAED;;;;;;GAMG;AACH,wBAAsB,YAAY,CAChC,QAAQ,EAAE,cAAc,EACxB,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,qBAAqB,EAC9B,SAAS,CAAC,EAAE,YAAY,GACvB,OAAO,CAAC,oBAAoB,CAAC,CA6B/B;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAW5D;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,UAAU,GAAG,IAAI,CAiB5F;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI;IAAE,QAAQ,EAAE,IAAI,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,CAOhG;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,UAAU,GAAG,IAAI,CAoB1F;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI,CAa5F;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE;IACzC,IAAI,EAAE,OAAO,CAAC;IACd,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,6FAA6F;IAC7F,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B,GAAG,MAAM,CAiCT;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,SAAS,GAAG,MAAM,CAa3E;AAKD;;;;;;GAMG;AACH,wBAAgB,yBAAyB,CACvC,KAAK,EAAE,iBAAiB,EACxB,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,UAAU,GACd,IAAI,CA6BN;AAED;;;;;;;GAOG;AACH,wBAAgB,WAAW,CACzB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,cAAc,EACxB,WAAW,EAAE,CAAC,KAAK,EAAE,iBAAiB,EAAE,GAAG,EAAE,UAAU,KAAK,MAAM,GACjE,CAAC,KAAK,EAAE,iBAAiB,KAAK,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC,~~CAwInE~~;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,iBAAiB,EACxB,QAAQ,EAAE,QAAQ,EAAE,EACpB,GAAG,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,GACvC,IAAI,CAaN"}
1	+ {"version":3,"file":"node-helpers.d.ts","sourceRoot":"","sources":["../../../../../../../../../packages/core/src/infrastructure/services/agents/feature-agent/nodes/node-helpers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAOH,OAAO,KAAK,EACV,cAAc,EACd,qBAAqB,EACrB,oBAAoB,EACrB,MAAM,+DAA+D,CAAC;AACvE,OAAO,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAC;AAK5E,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAUrD;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM;IAE7C,4DAA4D;gBAChD,IAAI;kBAGF,MAAM,GAAG,IAAI;mBAIZ,MAAM,GAAG,IAAI;EAK/B;AAED,MAAM,MAAM,UAAU,GAAG,UAAU,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAE7D;;GAEG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,CAMtE;AAoBD;;;;GAIG;AACH,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAO1D;AAED;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,iBAAiB,EACxB,SAAS,CAAC,EAAE,OAAO,CAAC,IAAI,CAAC,qBAAqB,EAAE,SAAS,CAAC,CAAC,EAC3D,QAAQ,CAAC,EAAE,MAAM,GAChB,qBAAqB,CAUvB;AAeD;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAQrD;AAgBD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,OAAO,GAAG,MAAM,CAElD;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa,GAAG,SAAS,GAAG,OAAO,CAQ3F;AAMD,MAAM,MAAM,aAAa,GAAG,eAAe,GAAG,mBAAmB,GAAG,eAAe,GAAG,SAAS,CAAC;AAMhG;;;;;;;GAOG;AACH,wBAAgB,aAAa,CAAC,YAAY,EAAE,MAAM,GAAG,aAAa,CAKjE;AAED,MAAM,WAAW,YAAY;IAC3B,wDAAwD;IACxD,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,kFAAkF;IAClF,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,0CAA0C;IAC1C,MAAM,CAAC,EAAE,UAAU,CAAC;CACrB;AAED;;;;;;GAMG;AACH,wBAAsB,YAAY,CAChC,QAAQ,EAAE,cAAc,EACxB,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,qBAAqB,EAC9B,SAAS,CAAC,EAAE,YAAY,GACvB,OAAO,CAAC,oBAAoB,CAAC,CA6B/B;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAW5D;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,UAAU,GAAG,IAAI,CAiB5F;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI;IAAE,QAAQ,EAAE,IAAI,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,CAOhG;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,UAAU,GAAG,IAAI,CAoB1F;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,IAAI,CAa5F;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE;IACzC,IAAI,EAAE,OAAO,CAAC;IACd,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,6FAA6F;IAC7F,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B,GAAG,MAAM,CAiCT;AAED;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,SAAS,GAAG,MAAM,CAa3E;AAKD;;;;;;GAMG;AACH,wBAAgB,yBAAyB,CACvC,KAAK,EAAE,iBAAiB,EACxB,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,UAAU,GACd,IAAI,CA6BN;AAED;;;;;;;GAOG;AACH,wBAAgB,WAAW,CACzB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,cAAc,EACxB,WAAW,EAAE,CAAC,KAAK,EAAE,iBAAiB,EAAE,GAAG,EAAE,UAAU,KAAK,MAAM,GACjE,CAAC,KAAK,EAAE,iBAAiB,KAAK,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC,CAqKnE;AAED;;;GAGG;AACH,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,iBAAiB,EACxB,QAAQ,EAAE,QAAQ,EAAE,EACpB,GAAG,EAAE,UAAU,CAAC,OAAO,gBAAgB,CAAC,GACvC,IAAI,CAaN"}

package/dist/packages/core/src/infrastructure/services/agents/feature-agent/nodes/node-helpers.js CHANGED Viewed

@@ -9,7 +9,10 @@ import { mkdirSync, readFileSync, writeFileSync, renameSync, unlinkSync } from '
 import { execSync } from 'node:child_process';
 import { join, dirname, relative } from 'node:path';
 import { interrupt, isGraphBubbleUp } from '@langchain/langgraph';
+import { SecurityMode } from '../../../../../domain/generated/output.js';
 import { hasSettings, getSettings } from '../../../../services/settings.service.js';
+import { SecurityViolationError } from '../../../../../domain/errors/security-violation.error.js';
+import { checkSecurityDisposition } from './security-pre-check.js';
 import { reportNodeStart } from '../heartbeat.js';
 import { recordPhaseStart, recordPhaseEnd, recordApprovalWaitStart, } from '../phase-timing-context.js';
 import { updateNodeLifecycle } from '../lifecycle-context.js';
@@ -489,6 +492,22 @@ export function executeNode(nodeName, executor, buildPrompt) {
                 };
             }
         }
+        // Security pre-check: evaluate policy before executing the agent
+        const securityCheck = checkSecurityDisposition(nodeName, state.securityMode ?? SecurityMode.Disabled, state.securityActionDispositions ?? {});
+        if (securityCheck.action === 'deny') {
+            throw new SecurityViolationError(`Node "${nodeName}" denied by security policy (category: ${securityCheck.category})`, securityCheck.category, `Action category "${securityCheck.category}" is denied. Update security policy to allow this action.`);
+        }
+        if (securityCheck.action === 'approval_required') {
+            log.info(`Security policy requires approval for "${nodeName}" (category: ${securityCheck.category})`);
+            interrupt({
+                node: nodeName,
+                message: `Security policy requires approval for "${securityCheck.category}" before "${nodeName}" can execute.`,
+                securityCategory: securityCheck.category,
+            });
+        }
+        if (securityCheck.action === 'warn') {
+            log.info(`Security advisory: "${nodeName}" would be restricted (category: ${securityCheck.category})`);
+        }
         const startTime = Date.now();
         const resumePrefix = buildResumeContext(state.resumeReason);
         const prompt = resumePrefix + buildPrompt(state, log);

package/dist/packages/core/src/infrastructure/services/agents/feature-agent/nodes/security-pre-check.d.ts ADDED Viewed

@@ -0,0 +1,45 @@
+/**
+ * Security Pre-Check for Feature Agent Nodes
+ *
+ * Classifies node actions by SecurityActionCategory and evaluates
+ * the effective disposition based on the security policy mode and
+ * per-category overrides from FeatureAgentState.
+ *
+ * Used by executeNode() to enforce or warn about security policy
+ * before executing agent prompts.
+ */
+import { SecurityActionCategory, SecurityActionDisposition, SecurityMode } from '../../../../../domain/generated/output.js';
+/**
+ * Classify a node name into its SecurityActionCategory.
+ * Returns null for read-only nodes (requirements, research, plan, analyze)
+ * that have no security-sensitive actions.
+ */
+export declare function classifyNodeAction(nodeName: string): SecurityActionCategory | null;
+/** Result of a security disposition check. */
+export type SecurityCheckResult = {
+    action: 'skip';
+} | {
+    action: 'allow';
+} | {
+    action: 'warn';
+    category: SecurityActionCategory;
+    nodeName: string;
+} | {
+    action: 'deny';
+    category: SecurityActionCategory;
+    nodeName: string;
+} | {
+    action: 'approval_required';
+    category: SecurityActionCategory;
+    nodeName: string;
+};
+/**
+ * Check the security disposition for a node based on the effective policy.
+ *
+ * @param nodeName - The graph node name (e.g. 'implement', 'merge')
+ * @param securityMode - Effective security mode from state
+ * @param actionDispositions - Per-category disposition overrides from state
+ * @returns The action to take: skip, allow, warn, deny, or approval_required
+ */
+export declare function checkSecurityDisposition(nodeName: string, securityMode: SecurityMode, actionDispositions: Partial<Record<SecurityActionCategory, SecurityActionDisposition>>): SecurityCheckResult;
+//# sourceMappingURL=security-pre-check.d.ts.map

package/dist/packages/core/src/infrastructure/services/agents/feature-agent/nodes/security-pre-check.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"security-pre-check.d.ts","sourceRoot":"","sources":["../../../../../../../../../packages/core/src/infrastructure/services/agents/feature-agent/nodes/security-pre-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EACL,sBAAsB,EACtB,yBAAyB,EACzB,YAAY,EACb,MAAM,8BAA8B,CAAC;AAWtC;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,sBAAsB,GAAG,IAAI,CAElF;AAED,8CAA8C;AAC9C,MAAM,MAAM,mBAAmB,GAC3B;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,GAClB;IAAE,MAAM,EAAE,OAAO,CAAA;CAAE,GACnB;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,sBAAsB,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GACtE;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,sBAAsB,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GACtE;IAAE,MAAM,EAAE,mBAAmB,CAAC;IAAC,QAAQ,EAAE,sBAAsB,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,CAAC;AAExF;;;;;;;GAOG;AACH,wBAAgB,wBAAwB,CACtC,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,YAAY,EAC1B,kBAAkB,EAAE,OAAO,CAAC,MAAM,CAAC,sBAAsB,EAAE,yBAAyB,CAAC,CAAC,GACrF,mBAAmB,CAyCrB"}

package/dist/packages/core/src/infrastructure/services/agents/feature-agent/nodes/security-pre-check.js ADDED Viewed

@@ -0,0 +1,70 @@
+/**
+ * Security Pre-Check for Feature Agent Nodes
+ *
+ * Classifies node actions by SecurityActionCategory and evaluates
+ * the effective disposition based on the security policy mode and
+ * per-category overrides from FeatureAgentState.
+ *
+ * Used by executeNode() to enforce or warn about security policy
+ * before executing agent prompts.
+ */
+import { SecurityActionCategory, SecurityActionDisposition, SecurityMode, } from '../../../../../domain/generated/output.js';
+/** Map node names to the security action category they represent. */
+const NODE_ACTION_MAP = {
+    implement: SecurityActionCategory.PackageScriptExec,
+    'fast-implement': SecurityActionCategory.PackageScriptExec,
+    evidence: SecurityActionCategory.PackageScriptExec,
+    merge: SecurityActionCategory.CiWorkflowModify,
+    'ci-fix': SecurityActionCategory.CiWorkflowModify,
+};
+/**
+ * Classify a node name into its SecurityActionCategory.
+ * Returns null for read-only nodes (requirements, research, plan, analyze)
+ * that have no security-sensitive actions.
+ */
+export function classifyNodeAction(nodeName) {
+    return NODE_ACTION_MAP[nodeName] ?? null;
+}
+/**
+ * Check the security disposition for a node based on the effective policy.
+ *
+ * @param nodeName - The graph node name (e.g. 'implement', 'merge')
+ * @param securityMode - Effective security mode from state
+ * @param actionDispositions - Per-category disposition overrides from state
+ * @returns The action to take: skip, allow, warn, deny, or approval_required
+ */
+export function checkSecurityDisposition(nodeName, securityMode, actionDispositions) {
+    // Disabled mode — no checks
+    if (securityMode === SecurityMode.Disabled) {
+        return { action: 'skip' };
+    }
+    // Read-only nodes have no security-sensitive actions
+    const category = classifyNodeAction(nodeName);
+    if (!category) {
+        return { action: 'skip' };
+    }
+    // Look up the disposition for this category
+    const disposition = actionDispositions[category];
+    // No disposition configured — default to allow
+    if (!disposition) {
+        return { action: 'allow' };
+    }
+    if (disposition === SecurityActionDisposition.Allowed) {
+        return { action: 'allow' };
+    }
+    if (disposition === SecurityActionDisposition.Denied) {
+        // In Enforce mode, deny the action; in Advisory mode, just warn
+        if (securityMode === SecurityMode.Enforce) {
+            return { action: 'deny', category, nodeName };
+        }
+        return { action: 'warn', category, nodeName };
+    }
+    if (disposition === SecurityActionDisposition.ApprovalRequired) {
+        // In Enforce mode, require approval; in Advisory mode, just warn
+        if (securityMode === SecurityMode.Enforce) {
+            return { action: 'approval_required', category, nodeName };
+        }
+        return { action: 'warn', category, nodeName };
+    }
+    return { action: 'allow' };
+}

package/dist/packages/core/src/infrastructure/services/agents/feature-agent/state.d.ts CHANGED Viewed

@@ -1,4 +1,5 @@
-import type { ApprovalGates, CiFixRecord, Evidence } from '../../../../domain/generated/output.js';
+import type { ApprovalGates, CiFixRecord, Evidence, SecurityActionCategory, SecurityActionDisposition } from '../../../../domain/generated/output.js';
+import { SecurityMode } from '../../../../domain/generated/output.js';
 /**
  * State annotation for the feature-agent graph.
  *
@@ -59,6 +60,8 @@ export declare const FeatureAgentAnnotation: import("@langchain/langgraph").Anno
     ciFixAttempts: import("@langchain/langgraph").BinaryOperatorAggregate<number, number>;
     ciFixHistory: import("@langchain/langgraph").BinaryOperatorAggregate<CiFixRecord[], CiFixRecord[]>;
     ciFixStatus: import("@langchain/langgraph").BinaryOperatorAggregate<"success" | "timeout" | "idle" | "watching" | "fixing" | "exhausted", "success" | "timeout" | "idle" | "watching" | "fixing" | "exhausted">;
+    securityMode: import("@langchain/langgraph").BinaryOperatorAggregate<SecurityMode, SecurityMode>;
+    securityActionDispositions: import("@langchain/langgraph").BinaryOperatorAggregate<Partial<Record<SecurityActionCategory, SecurityActionDisposition>>, Partial<Record<SecurityActionCategory, SecurityActionDisposition>>>;
 }>;
 export type FeatureAgentState = typeof FeatureAgentAnnotation.State;
 //# sourceMappingURL=state.d.ts.map

package/dist/packages/core/src/infrastructure/services/agents/feature-agent/state.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"state.d.ts","sourceRoot":"","sources":["../../../../../../../../packages/core/src/infrastructure/services/agents/feature-agent/state.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,~~EAAE~~,aAAa,~~EAAE~~,WAAW,~~EAAE~~,QAAQ,EAAE,MAAM,8BAA8B,CAAC;~~AAEzF~~;;;;;;GAMG;AACH,eAAO,MAAM,sBAAsB~~;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAwHjC~~,CAAC;AAEH,MAAM,MAAM,iBAAiB,GAAG,OAAO,sBAAsB,CAAC,KAAK,CAAC"}
1	+ {"version":3,"file":"state.d.ts","sourceRoot":"","sources":["../../../../../../../../packages/core/src/infrastructure/services/agents/feature-agent/state.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,aAAa,EACb,WAAW,EACX,QAAQ,EACR,sBAAsB,EACtB,yBAAyB,EAC1B,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAE5D;;;;;;GAMG;AACH,eAAO,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAmIjC,CAAC;AAEH,MAAM,MAAM,iBAAiB,GAAG,OAAO,sBAAsB,CAAC,KAAK,CAAC"}

package/dist/packages/core/src/infrastructure/services/agents/feature-agent/state.js CHANGED Viewed

@@ -1,4 +1,5 @@
 import { Annotation } from '@langchain/langgraph';
+import { SecurityMode } from '../../../../domain/generated/output.js';
 /**
  * State annotation for the feature-agent graph.
  *
@@ -126,4 +127,13 @@ export const FeatureAgentAnnotation = Annotation.Root({
         reducer: (_prev, next) => next,
         default: () => 'idle',
     }),
+    // --- Security policy state (set once at spawn, read by nodes) ---
+    securityMode: Annotation({
+        reducer: (_prev, next) => next,
+        default: () => SecurityMode.Disabled,
+    }),
+    securityActionDispositions: Annotation({
+        reducer: (_prev, next) => next,
+        default: () => ({}),
+    }),
 });

package/dist/packages/core/src/infrastructure/services/external/github-repository.service.d.ts CHANGED Viewed

@@ -5,7 +5,7 @@
  * checks, repository listing, cloning (with progress streaming), and URL parsing.
  */
 import type { ExecFunction } from '../git/worktree.service.js';
-import type { IGitHubRepositoryService, GitHubRepo, GitHubOrganization, ListUserRepositoriesOptions, CloneOptions, ParsedGitHubUrl } from '../../../application/ports/output/services/github-repository-service.interface.js';
+import type { IGitHubRepositoryService, GitHubRepo, GitHubOrganization, ListUserRepositoriesOptions, CloneOptions, ParsedGitHubUrl, GovernanceFinding } from '../../../application/ports/output/services/github-repository-service.interface.js';
 export declare class GitHubRepositoryService implements IGitHubRepositoryService {
     private readonly execFile;
     constructor(execFile: ExecFunction);
@@ -15,6 +15,15 @@ export declare class GitHubRepositoryService implements IGitHubRepositoryService
     cloneRepository(nameWithOwner: string, destination: string, options?: CloneOptions): Promise<void>;
     parseGitHubUrl(url: string): ParsedGitHubUrl;
     getViewerPermission(repoPath: string): Promise<string>;
+    auditRepositoryGovernance(owner: string, repo: string, defaultBranch?: string): Promise<GovernanceFinding[]>;
+    private checkBranchProtection;
+    private checkCodeowners;
+    /**
+     * Handle errors from governance API calls gracefully.
+     * 404 errors are treated as findings (missing config).
+     * Auth/permission errors are treated as Unknown severity findings.
+     */
+    private handleGovernanceCheckError;
     private cleanupPartialClone;
 }
 //# sourceMappingURL=github-repository.service.d.ts.map

package/dist/packages/core/src/infrastructure/services/external/github-repository.service.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"github-repository.service.d.ts","sourceRoot":"","sources":["../../../../../../../packages/core/src/infrastructure/services/external/github-repository.service.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC/D,OAAO,KAAK,EACV,wBAAwB,EACxB,UAAU,EACV,kBAAkB,EAClB,2BAA2B,EAC3B,YAAY,EACZ,eAAe,~~EAChB~~,MAAM,mFAAmF,CAAC;~~AAyB3F~~,qBACa,uBAAwB,YAAW,wBAAwB;IAClC,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBAAR,QAAQ,EAAE,YAAY;IAErE,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;IAyB1B,oBAAoB,CAAC,OAAO,CAAC,EAAE,2BAA2B,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAuClF,iBAAiB,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;IA2BlD,eAAe,CACnB,aAAa,EAAE,MAAM,EACrB,WAAW,EAAE,MAAM,EACnB,OAAO,CAAC,EAAE,YAAY,GACrB,OAAO,CAAC,IAAI,CAAC;IAgDhB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe;IA2CtC,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;~~YAyB9C~~,mBAAmB;CAOlC"}
1	+ {"version":3,"file":"github-repository.service.d.ts","sourceRoot":"","sources":["../../../../../../../packages/core/src/infrastructure/services/external/github-repository.service.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC/D,OAAO,KAAK,EACV,wBAAwB,EACxB,UAAU,EACV,kBAAkB,EAClB,2BAA2B,EAC3B,YAAY,EACZ,eAAe,EACf,iBAAiB,EAClB,MAAM,mFAAmF,CAAC;AA0B3F,qBACa,uBAAwB,YAAW,wBAAwB;IAClC,OAAO,CAAC,QAAQ,CAAC,QAAQ;gBAAR,QAAQ,EAAE,YAAY;IAErE,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;IAyB1B,oBAAoB,CAAC,OAAO,CAAC,EAAE,2BAA2B,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAuClF,iBAAiB,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;IA2BlD,eAAe,CACnB,aAAa,EAAE,MAAM,EACrB,WAAW,EAAE,MAAM,EACnB,OAAO,CAAC,EAAE,YAAY,GACrB,OAAO,CAAC,IAAI,CAAC;IAgDhB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe;IA2CtC,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAyBtD,yBAAyB,CAC7B,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,aAAa,SAAS,GACrB,OAAO,CAAC,iBAAiB,EAAE,CAAC;YAcjB,qBAAqB;YAmCrB,eAAe;IA6B7B;;;;OAIG;IACH,OAAO,CAAC,0BAA0B;YA6CpB,mBAAmB;CAOlC"}

package/dist/packages/core/src/infrastructure/services/external/github-repository.service.js CHANGED Viewed

@@ -20,7 +20,7 @@ import { injectable, inject } from 'tsyringe';
 import { resolve, normalize } from 'node:path';
 import { rm } from 'node:fs/promises';
 import { spawn } from 'node:child_process';
-import { GitHubAuthError, GitHubCloneError, GitHubPermissionError, GitHubRepoListError, GitHubUrlParseError, } from '../../../application/ports/output/services/github-repository-service.interface.js';
+import { GitHubAuthError, GitHubCloneError, GitHubPermissionError, GitHubRepoListError, GitHubUrlParseError, GovernanceFindingCategory, } from '../../../application/ports/output/services/github-repository-service.interface.js';
 // ---------------------------------------------------------------------------
 // URL regex patterns
 // ---------------------------------------------------------------------------
@@ -191,6 +191,106 @@ let GitHubRepositoryService = class GitHubRepositoryService {
             throw new GitHubPermissionError(`Failed to check repository permission: ${cause?.message ?? String(error)}`, cause);
         }
     }
+    async auditRepositoryGovernance(owner, repo, defaultBranch = 'main') {
+        const findings = [];
+        // Check branch protection
+        const branchFindings = await this.checkBranchProtection(owner, repo, defaultBranch);
+        findings.push(...branchFindings);
+        // Check CODEOWNERS presence
+        const codeownersFindings = await this.checkCodeowners(owner, repo);
+        findings.push(...codeownersFindings);
+        return findings;
+    }
+    async checkBranchProtection(owner, repo, branch) {
+        try {
+            const { stdout } = await this.execFile('gh', [
+                'api',
+                `/repos/${owner}/${repo}/branches/${branch}/protection`,
+            ]);
+            const protection = JSON.parse(stdout);
+            // Protection exists — check for PR review requirements
+            if (!protection.required_pull_request_reviews) {
+                return [
+                    {
+                        category: GovernanceFindingCategory.BranchProtection,
+                        severity: 'Medium',
+                        message: `Branch "${branch}" has protection enabled but does not require pull request reviews.`,
+                        remediation: `Enable "Require a pull request before merging" in branch protection settings for "${branch}".`,
+                    },
+                ];
+            }
+            return [];
+        }
+        catch (error) {
+            return this.handleGovernanceCheckError(error, GovernanceFindingCategory.BranchProtection, `Branch "${branch}" has no branch protection rules configured.`, `Enable branch protection for "${branch}" in repository settings. Require pull request reviews and status checks.`);
+        }
+    }
+    async checkCodeowners(owner, repo) {
+        // CODEOWNERS can live in repo root or .github/ directory
+        const paths = [
+            `/repos/${owner}/${repo}/contents/CODEOWNERS`,
+            `/repos/${owner}/${repo}/contents/.github/CODEOWNERS`,
+        ];
+        for (const path of paths) {
+            try {
+                await this.execFile('gh', ['api', path]);
+                // Found CODEOWNERS — no finding needed
+                return [];
+            }
+            catch {
+                // Not found at this path — try next
+            }
+        }
+        // Neither location found
+        return [
+            {
+                category: GovernanceFindingCategory.Codeowners,
+                severity: 'Medium',
+                message: 'No CODEOWNERS file found in the repository.',
+                remediation: 'Add a CODEOWNERS file to the repository root or .github/ directory to enforce code review ownership.',
+            },
+        ];
+    }
+    /**
+     * Handle errors from governance API calls gracefully.
+     * 404 errors are treated as findings (missing config).
+     * Auth/permission errors are treated as Unknown severity findings.
+     */
+    handleGovernanceCheckError(error, category, notFoundMessage, notFoundRemediation) {
+        const errMessage = error instanceof Error ? error.message : String(error);
+        const errnoCode = error?.code;
+        // gh not installed
+        if (errnoCode === 'ENOENT') {
+            return [
+                {
+                    category,
+                    severity: 'Unknown',
+                    message: 'GitHub CLI (gh) is not installed. Cannot audit repository governance.',
+                    remediation: 'Install the GitHub CLI from https://cli.github.com/',
+                },
+            ];
+        }
+        // 404 = resource not configured (branch protection, file missing, etc.)
+        if (errMessage.includes('404')) {
+            return [
+                {
+                    category,
+                    severity: 'High',
+                    message: notFoundMessage,
+                    remediation: notFoundRemediation,
+                },
+            ];
+        }
+        // Auth/permission errors or other unexpected failures — return Unknown finding
+        return [
+            {
+                category,
+                severity: 'Unknown',
+                message: `Unable to audit ${category}: ${errMessage}`,
+                remediation: 'Verify that the GitHub CLI is authenticated with sufficient permissions. Run `gh auth login`.',
+            },
+        ];
+    }
     async cleanupPartialClone(destination) {
         try {
             await rm(destination, { recursive: true, force: true });

package/dist/packages/core/src/infrastructure/services/security/dependency-risk-evaluator.d.ts ADDED Viewed

@@ -0,0 +1,53 @@
+/**
+ * Dependency Risk Evaluator
+ *
+ * Evaluates repository-local dependency risk signals without
+ * external services. Checks:
+ * - Manifest-lockfile consistency (package.json vs lockfile)
+ * - Dependency source types (registry vs git vs file)
+ * - Risky lifecycle scripts (preinstall, postinstall, prepare)
+ * - Allowlist/denylist enforcement
+ * - Version-range strictness
+ *
+ * Returns an array of DependencyFinding objects with severity and remediation.
+ */
+import type { DependencyFinding, DependencyRules } from '../../../domain/generated/output.js';
+export declare class DependencyRiskEvaluator {
+    /**
+     * Evaluate dependency risk for a repository.
+     *
+     * @param repositoryPath - Absolute path to the repository root
+     * @param rules - Dependency risk policy rules
+     * @returns Array of dependency findings
+     */
+    evaluate(repositoryPath: string, rules: DependencyRules): DependencyFinding[];
+    /**
+     * Collect all dependencies from package.json (dependencies + devDependencies).
+     */
+    private collectDependencies;
+    /**
+     * Check that a lockfile exists when there are dependencies.
+     */
+    private checkLockfileConsistency;
+    /**
+     * Check for dependencies installed from non-registry sources.
+     */
+    private checkNonRegistrySources;
+    /**
+     * Check installed packages for risky lifecycle scripts.
+     */
+    private checkLifecycleScripts;
+    /**
+     * Check dependencies against the denylist.
+     */
+    private checkDenylist;
+    /**
+     * Check dependencies against the allowlist (non-empty allowlist = only listed packages allowed).
+     */
+    private checkAllowlist;
+    /**
+     * Check version ranges for strictness (no ^, ~, *, >= patterns).
+     */
+    private checkVersionRangeStrictness;
+}
+//# sourceMappingURL=dependency-risk-evaluator.d.ts.map

package/dist/packages/core/src/infrastructure/services/security/dependency-risk-evaluator.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"dependency-risk-evaluator.d.ts","sourceRoot":"","sources":["../../../../../../../packages/core/src/infrastructure/services/security/dependency-risk-evaluator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAKH,OAAO,KAAK,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,qCAAqC,CAAC;AAsB9F,qBAAa,uBAAuB;IAClC;;;;;;OAMG;IACH,QAAQ,CAAC,cAAc,EAAE,MAAM,EAAE,KAAK,EAAE,eAAe,GAAG,iBAAiB,EAAE;IAmD7E;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAgB3B;;OAEG;IACH,OAAO,CAAC,wBAAwB;IA0BhC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAqB/B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IA8C7B;;OAEG;IACH,OAAO,CAAC,aAAa;IAoBrB;;OAEG;IACH,OAAO,CAAC,cAAc;IAoBtB;;OAEG;IACH,OAAO,CAAC,2BAA2B;CAwBpC"}