@sigmashake/ssg 0.12.11 → 0.12.13

package/README.md

@@ -43,6 +43,11 @@ ssg init
 echo '{"tool":"Bash","input":{"command":"rm -rf /"}}' | ssg eval
 # → {"decision":"block", "rule_id":"no-destructive-ops", ...}
 
+# Start persistent daemon for sub-2ms eval (recommended)
+ssg daemon &
+echo '{"tool":"Bash","input":{"command":"ls"}}' | nc -U ~/.sigmashake/evald.sock
+# → {"decision":"allow", "duration_ns":150000, ...}
+
 # Start approval dashboard
 ssg serve
 ```
@@ -58,16 +63,22 @@ sigmashake-gov provides **runtime safety for AI agents** by:
 ## Architecture
 
 ```
-CLI → Engine (Parser/Evaluate/DB) → Decision
-          ↓
-     Dashboard (if ASK)
-          ↓
-     Audit Log
+Agent Tool Call
+    ↓
+Hook → ┌─ Daemon (Unix socket, ~0.1-2ms) ← recommended
+       └─ ssg eval (subprocess, ~73ms+)
+    ↓
+Engine: Native (Zig/Rust, ~5-30µs) → TS Rule Index → TS evaluate
+    ↓
+Decision → Audit Log → Dashboard (if ASK)
 ```
 
-- **CLI Layer**: `ssg` binary — commands for eval, check, serve, sync
+- **Daemon**: Persistent process (`ssg daemon`) — keeps rules, DB, and native engine hot in memory
+- **Native Engine**: Zig + Rust FFI with SIMD-accelerated matching and zero-alloc eval
 - **Engine Core**: Rules parser, evaluation logic, SQLite database
-- **Server**: Local dashboard with in-memory pending approvals
+- **Server**: Local dashboard (server-rendered HTML + HTMX + SSE for real-time updates)
+
+See `ARCHITECTURE.md` for full system diagrams and performance budget.
 
 ## Commands
 
@@ -91,9 +102,9 @@ CLI → Engine (Parser/Evaluate/DB) → Decision
 | `ssg blocked` | Show blocked/forced commands from this session |
 | `ssg usage` | Show eval usage, storage, and plan limits |
 | `ssg dedupe` | Detect duplicate rules (exact/structural/semantic) |
+| `ssg daemon` | Persistent eval daemon (Unix socket, sub-2ms eval) |
+| `ssg profile` | Eval latency profiling (flight logs + live daemon metrics) |
 | `ssg flight` | Flight recorder stats (latency, memory, CPU) |
-| `ssg profile` | Eval latency profiling |
-| `ssg daemon` | Persistent eval daemon (Unix socket, ~5ms eval) |
 | `ssg install` | Install ssg binary to `~/.local/bin` |
 | `ssg publish` | Publish local `.rules` to GitHub and hub |
 | `ssg certify` | Run scenario files and produce certification report |
@@ -153,7 +164,7 @@ Rules from `.sigmashake/rules/*.rules` are loaded fresh on every `ssg eval` invo
 
 ssg enforces governance for multiple AI coding agents from a single rule set:
 
-- **Claude Code**: PreToolUse hook in `ssg hook eval` — pipes tool calls to `./ssg eval`
+- **Claude Code**: `ssg hook eval` registered as PreToolUse hook — evaluates tool calls via daemon or subprocess
 
 Both agents share the same rules from `.sigmashake/rules/` and log to the same SQLite audit database.
 
@@ -161,7 +172,9 @@ Both agents share the same rules from `.sigmashake/rules/` and log to the same S
 
 - **Loop guard**: Blocks identical Bash commands repeated 3 times consecutively (prevents agent loops)
 - **Circuit breaker**: After 5 consecutive denies in Claude Code hook, auto-allows to prevent lockout. Reset by deleting `/tmp/ssg-deny-count`.
+- **Rate limiter**: Per-PID token bucket in daemon (1000 burst, 500/s refill) with permanent trip on exhaustion
 - **Fail-open**: If the ssg binary is missing or crashes, tool calls are allowed through — governance never blocks the agent entirely.
+- **Native engine fail-secure**: Invalid regex patterns in native Zig engine default to `match=true` (block) with ReDoS protection
 
 ## Build
 
@@ -174,13 +187,13 @@ bun build:macos                                   # macOS ARM
 ## Tests
 
 ```bash
-bun test                         # All 63 tests
+bun test                         # All 931 tests
 bun test test/engine.test.ts     # Engine only
 npx gts fix                      # Format + lint
 ```
 
-Tests: `engine`, `parser`, `evaluate_operators`, `db`, `server`, `html`, `integration`.
+Tests: `engine`, `parser`, `evaluate_operators`, `db`, `server`, `html`, `integration`, `e2e-daemon`, `daemon-metrics`, `flight-recorder`, `certify`.
 
 ---
 
-**License**: Proprietary — Copyright (c) 2024 Sigma Shake. All rights reserved.
+**License**: Proprietary — Copyright (c) 2026 Sigma Shake. All rights reserved.

package/bin/ssg.cjs

@@ -12,14 +12,22 @@ const ext = process.platform === 'win32' ? '.exe' : '';
 const platformPkg = `@sigmashake/ssg-${process.platform}-${process.arch}`;
 let binaryPath;
 
-// 1. Try platform-specific optional dependency (npm install path)
-try {
-  const pkgRoot = path.dirname(require.resolve(`${platformPkg}/package.json`));
-  const candidate = path.join(pkgRoot, 'bin', `ssg${ext}`);
-  if (fs.existsSync(candidate)) binaryPath = candidate;
-} catch {}
+// 1. Check if binary was bundled in the root (via local npm pack or manual build)
+const rootBin = path.resolve(__dirname, '..', `ssg${ext}`);
+if (fs.existsSync(rootBin)) {
+  binaryPath = rootBin;
+}
+
+// 2. Try platform-specific optional dependency (npm install path)
+if (!binaryPath) {
+  try {
+    const pkgRoot = path.dirname(require.resolve(`${platformPkg}/package.json`));
+    const candidate = path.join(pkgRoot, 'bin', `ssg${ext}`);
+    if (fs.existsSync(candidate)) binaryPath = candidate;
+  } catch {}
+}
 
-// 2. Fall back to local dist/ (dev build / bun build --compile)
+// 3. Fall back to local dist/ (dev build / bun build --compile)
 if (!binaryPath) {
   const devBin = path.resolve(
     __dirname, '..', 'dist',

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sigmashake/ssg",
-  "version": "0.12.11",
+  "version": "0.12.13",
   "description": "AI Agent Governance CLI — evaluate tool calls against rules, block dangerous operations, and surface blocked commands",
   "type": "module",
   "bin": {
@@ -9,6 +9,7 @@
   "files": [
     "bin/",
     "public/",
+    "ssg",
     "LICENSE",
     "README.md"
   ],