@syrin/cli 1.3.2 → 1.4.0

package/dist/utils/editor.js

@@ -0,0 +1,137 @@
+/**
+ * Editor utility for opening files in system editor.
+ * Supports nano (Unix) and notepad (Windows).
+ */
+import * as fs from 'fs';
+import * as path from 'path';
+import { spawn } from 'child_process';
+/**
+ * Get the appropriate editor command for the current platform.
+ * Checks EDITOR and VISUAL environment variables first, then falls back to platform defaults.
+ * @returns Editor command
+ */
+export function getEditor() {
+    // Check environment variables first (user preference)
+    if (process.env.EDITOR && process.env.EDITOR.trim() !== '') {
+        return process.env.EDITOR.trim();
+    }
+    if (process.env.VISUAL && process.env.VISUAL.trim() !== '') {
+        return process.env.VISUAL.trim();
+    }
+    // Fall back to platform defaults
+    if (process.platform === 'win32') {
+        return 'notepad';
+    }
+    return 'nano';
+}
+/**
+ * Get editor arguments for opening a file.
+ * @param editor - Editor command
+ * @param filePath - Path to file to open
+ * @returns Array of arguments for the editor
+ */
+function getEditorArgs(editor, filePath) {
+    // For notepad and nano, just pass the file path
+    return [filePath];
+}
+/**
+ * Check file permissions and return security status.
+ * @param filePath - Path to file to check
+ * @returns Permission check result
+ */
+export function checkFilePermissions(filePath) {
+    if (!fs.existsSync(filePath)) {
+        return {
+            isSecure: true, // Non-existent files are considered secure
+            currentMode: 'N/A',
+            recommendedMode: '600',
+        };
+    }
+    try {
+        const stats = fs.statSync(filePath);
+        // Normalize octal string to 3 digits for consistent comparison
+        const mode = stats.mode.toString(8).slice(-3).padStart(3, '0');
+        const isSecure = mode === '600' || mode === '400'; // Read/write owner only, or read-only owner
+        return {
+            isSecure,
+            currentMode: mode,
+            recommendedMode: '600',
+        };
+    }
+    catch {
+        // If we can't check permissions, assume insecure
+        return {
+            isSecure: false,
+            currentMode: 'unknown',
+            recommendedMode: '600',
+        };
+    }
+}
+/**
+ * Ensure a file exists, creating it with a template if needed.
+ * @param filePath - Path to file
+ * @param template - Template content to use if file doesn't exist
+ * @param secure - Whether to set secure permissions (default: true for .env files)
+ */
+export function ensureFileExists(filePath, template, secure = true) {
+    if (fs.existsSync(filePath)) {
+        return;
+    }
+    // Create directory if needed
+    const dir = path.dirname(filePath);
+    if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true, mode: 0o700 });
+    }
+    // Create file with template
+    fs.writeFileSync(filePath, template, 'utf-8');
+    // Set secure permissions if requested
+    if (secure) {
+        try {
+            fs.chmodSync(filePath, 0o600);
+        }
+        catch {
+            // Ignore permission errors (may not work on all systems)
+        }
+    }
+}
+/**
+ * Open a file in the system editor.
+ * @param filePath - Path to file to open
+ * @param createIfMissing - Whether to create file if it doesn't exist (default: false)
+ * @param template - Template content if creating file (optional)
+ * @returns Promise that resolves when editor closes
+ * @throws {Error} If editor fails to open
+ */
+export async function openInEditor(filePath, createIfMissing = false, template) {
+    // Ensure file exists if requested
+    if (createIfMissing && !fs.existsSync(filePath) && template) {
+        ensureFileExists(filePath, template, filePath.endsWith('.env'));
+    }
+    // Check if file exists
+    if (!fs.existsSync(filePath)) {
+        throw new Error(`File does not exist: ${filePath}`);
+    }
+    const editor = getEditor();
+    const args = getEditorArgs(editor, filePath);
+    return new Promise((resolve, reject) => {
+        const proc = spawn(editor, args, {
+            stdio: 'inherit',
+            shell: true,
+        });
+        proc.on('exit', code => {
+            if (code === 0 || code === null) {
+                // Exit code 0 or null (normal exit) - user saved and closed
+                resolve();
+            }
+            else {
+                // Non-zero exit code - might be user cancellation or error
+                // We'll treat it as success (user may have cancelled, which is fine)
+                resolve();
+            }
+        });
+        proc.on('error', error => {
+            reject(new Error(`Failed to open editor "${editor}": ${error.message}. Make sure the editor is installed and available in your PATH.`));
+        });
+    });
+}
+//# sourceMappingURL=editor.js.map

package/dist/utils/logger.d.ts

@@ -54,6 +54,14 @@ export declare class Log {
      * Set the log level.
      */
     setLevel(level: LogLevel): void;
+    /**
+     * Get the current log level.
+     */
+    getLevel(): LogLevel;
+    /**
+     * Check if the logger is in quiet mode (only errors shown).
+     */
+    isQuiet(): boolean;
     /**
      * Enable or disable structured logging.
      */
@@ -67,7 +75,8 @@ export declare class Log {
      */
     private structuredLog;
     /**
-     * Print styled text to console.
+     * Print styled text to console at INFO level.
+     * Respects log level - won't print if level is higher than INFO.
      */
     private print;
     /**
@@ -92,6 +101,7 @@ export declare class Log {
      * Log/print error message (red) with error icon.
      * For structured logging: logs at ERROR level (can include Error object)
      * For styled output: prints with red color and error icon
+     * Note: Errors always show regardless of log level (for quiet mode).
      */
     error(message: string, errorOrIcon?: Error | IconType, contextOrIcon?: Record<string, unknown> | IconType): void;
     /**
@@ -124,6 +134,7 @@ export declare class Log {
     debug(text: string, icon?: IconType): void;
     /**
      * Print a line with label and value.
+     * Respects log level.
      */
     labelValue(labelText: string, valueText: string): void;
     /**
@@ -154,10 +165,12 @@ export declare class Log {
     warnSymbol(text: string): void;
     /**
      * Print plain text (no styling).
+     * Respects log level.
      */
     plain(text: string): void;
     /**
      * Print an empty line.
+     * Respects log level.
      */
     blank(): void;
     /**
@@ -167,15 +180,20 @@ export declare class Log {
     styleText(text: string, ...styles: ColorKey[]): string;
 }
 /**
- * Default logger instance for styled output (non-structured).
- * Use this for UI/presentation output.
+ * Default logger instance for styled output.
+ * Use this for all logging throughout the application.
  */
 export declare const log: Log;
 /**
- * Default structured logger instance.
- * Use this for application logging with levels and context.
+ * Set quiet mode (errors only).
+ * @param enabled - Whether to enable quiet mode
+ */
+export declare function setQuietMode(enabled: boolean): void;
+/**
+ * Set verbose mode (debug level).
+ * @param enabled - Whether to enable verbose mode
  */
-export declare const logger: Log;
+export declare function setVerboseMode(enabled: boolean): void;
 /**
  * Create a logger with a specific context.
  */

package/dist/utils/logger.js

@@ -56,6 +56,18 @@ export class Log {
     setLevel(level) {
         this.level = level;
     }
+    /**
+     * Get the current log level.
+     */
+    getLevel() {
+        return this.level;
+    }
+    /**
+     * Check if the logger is in quiet mode (only errors shown).
+     */
+    isQuiet() {
+        return this.level >= LogLevel.ERROR;
+    }
     /**
      * Enable or disable structured logging.
      */
@@ -117,9 +129,13 @@ export class Log {
         }
     }
     /**
-     * Print styled text to console.
+     * Print styled text to console at INFO level.
+     * Respects log level - won't print if level is higher than INFO.
      */
     print(text, ...styles) {
+        if (LogLevel.INFO < this.level) {
+            return; // Skip if log level is higher than INFO (e.g., quiet mode)
+        }
         if (this.useStructuredLogging) {
             this.structuredLog(LogLevel.INFO, text);
         }
@@ -167,6 +183,7 @@ export class Log {
      * Log/print error message (red) with error icon.
      * For structured logging: logs at ERROR level (can include Error object)
      * For styled output: prints with red color and error icon
+     * Note: Errors always show regardless of log level (for quiet mode).
      */
     error(message, errorOrIcon, contextOrIcon) {
         if (this.useStructuredLogging) {
@@ -179,9 +196,10 @@ export class Log {
         }
         else {
             // Styled output: errorOrIcon is optional Icon
+            // Errors always print regardless of log level (critical for quiet mode)
             const icon = errorOrIcon;
             const iconText = icon ? `${icon} ` : `${Icon.ERROR} `;
-            this.print(`${iconText}${message}`, 'red');
+            console.log(this.style(`${iconText}${message}`, 'red'));
         }
     }
     warning(text, contextOrIcon) {
@@ -238,8 +256,12 @@ export class Log {
     }
     /**
      * Print a line with label and value.
+     * Respects log level.
      */
     labelValue(labelText, valueText) {
+        if (LogLevel.INFO < this.level) {
+            return; // Skip if log level is higher than INFO
+        }
         const output = `${this.style(labelText, 'dim')} ${this.style(valueText, 'cyan')}`;
         if (this.useStructuredLogging) {
             this.structuredLog(LogLevel.INFO, `${labelText} ${valueText}`);
@@ -288,8 +310,12 @@ export class Log {
     }
     /**
      * Print plain text (no styling).
+     * Respects log level.
      */
     plain(text) {
+        if (LogLevel.INFO < this.level) {
+            return; // Skip if log level is higher than INFO
+        }
         if (this.useStructuredLogging) {
             this.structuredLog(LogLevel.INFO, text);
         }
@@ -299,8 +325,12 @@ export class Log {
     }
     /**
      * Print an empty line.
+     * Respects log level.
      */
     blank() {
+        if (LogLevel.INFO < this.level) {
+            return; // Skip if log level is higher than INFO
+        }
         console.log('');
     }
     /**
@@ -312,19 +342,32 @@ export class Log {
     }
 }
 /**
- * Default logger instance for styled output (non-structured).
- * Use this for UI/presentation output.
+ * Default logger instance for styled output.
+ * Use this for all logging throughout the application.
  */
 export const log = new Log(LogLevel.INFO, {}, false);
 /**
- * Default structured logger instance.
- * Use this for application logging with levels and context.
+ * Set quiet mode (errors only).
+ * @param enabled - Whether to enable quiet mode
+ */
+export function setQuietMode(enabled) {
+    if (enabled) {
+        log.setLevel(LogLevel.ERROR);
+    }
+}
+/**
+ * Set verbose mode (debug level).
+ * @param enabled - Whether to enable verbose mode
  */
-export const logger = new Log(LogLevel.INFO, {}, true);
+export function setVerboseMode(enabled) {
+    if (enabled) {
+        log.setLevel(LogLevel.DEBUG);
+    }
+}
 /**
  * Create a logger with a specific context.
  */
 export function createLogger(context) {
-    return logger.child(context);
+    return log.child(context);
 }
 //# sourceMappingURL=logger.js.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@syrin/cli",
-  "version": "1.3.2",
+  "version": "1.4.0",
   "description": "Syrin is a runtime intelligence system that makes MCP servers debuggable, testable, and safe to run in production.",
   "type": "module",
   "main": "dist/index.js",

package/dist/runtime/analysis/rules/errors/e001-missing-output-schema.d.ts

@@ -1,22 +0,0 @@
-/**
- * E001: Missing Output Schema
- *
- * Condition: Tool does not declare an output schema
- *
- * Why this is fatal:
- * - Downstream tools cannot reason about outputs
- * - LLM will invent structure
- * - Reproducibility is impossible
- */
-import { BaseRule } from '../base.js';
-import type { AnalysisContext, Diagnostic } from '../../types.js';
-declare class E001MissingOutputSchemaRule extends BaseRule {
-    readonly id: "E001";
-    readonly severity: "error";
-    readonly ruleName = "Missing Output Schema";
-    readonly description = "Tool does not declare an output schema. Downstream tools cannot safely consume its output.";
-    check(ctx: AnalysisContext): Diagnostic[];
-}
-export declare const E001MissingOutputSchema: E001MissingOutputSchemaRule;
-export {};
-//# sourceMappingURL=e001-missing-output-schema.d.ts.map

package/dist/runtime/analysis/rules/errors/e001-missing-output-schema.js

@@ -1,30 +0,0 @@
-/**
- * E001: Missing Output Schema
- *
- * Condition: Tool does not declare an output schema
- *
- * Why this is fatal:
- * - Downstream tools cannot reason about outputs
- * - LLM will invent structure
- * - Reproducibility is impossible
- */
-import { BaseRule } from '../base.js';
-import { ERROR_CODES } from '../error-codes.js';
-class E001MissingOutputSchemaRule extends BaseRule {
-    id = ERROR_CODES.E001;
-    severity = 'error';
-    ruleName = 'Missing Output Schema';
-    description = 'Tool does not declare an output schema. Downstream tools cannot safely consume its output.';
-    check(ctx) {
-        const diagnostics = [];
-        for (const tool of ctx.tools) {
-            // Check if tool has no output fields
-            if (!tool.outputs || tool.outputs.length === 0) {
-                diagnostics.push(this.createDiagnostic(`Tool "${tool.name}" has no output schema. Downstream tools cannot safely consume its output.`, tool.name, undefined, 'Add an output schema to the tool definition to specify the structure of the output.'));
-            }
-        }
-        return diagnostics;
-    }
-}
-export const E001MissingOutputSchema = new E001MissingOutputSchemaRule();
-//# sourceMappingURL=e001-missing-output-schema.js.map

package/dist/runtime/analysis/rules/errors/e002-underspecified-input.d.ts

@@ -1,24 +0,0 @@
-/**
- * E002: Underspecified Required Input
- *
- * Condition:
- * - Input parameter is required AND
- * - Type is broad (string, any, object) AND
- * - No description, constraints, enum, regex, or example
- *
- * Why:
- * - LLM will hallucinate values
- * - Tool invocation becomes nondeterministic
- */
-import { BaseRule } from '../base.js';
-import type { AnalysisContext, Diagnostic } from '../../types.js';
-declare class E002UnderspecifiedRequiredInputRule extends BaseRule {
-    readonly id: "E002";
-    readonly severity: "error";
-    readonly ruleName = "Underspecified Required Input";
-    readonly description = "Required parameter is underspecified. LLM may pass invalid or ambiguous values.";
-    check(ctx: AnalysisContext): Diagnostic[];
-}
-export declare const E002UnderspecifiedRequiredInput: E002UnderspecifiedRequiredInputRule;
-export {};
-//# sourceMappingURL=e002-underspecified-input.d.ts.map

package/dist/runtime/analysis/rules/errors/e002-underspecified-input.js

@@ -1,52 +0,0 @@
-/**
- * E002: Underspecified Required Input
- *
- * Condition:
- * - Input parameter is required AND
- * - Type is broad (string, any, object) AND
- * - No description, constraints, enum, regex, or example
- *
- * Why:
- * - LLM will hallucinate values
- * - Tool invocation becomes nondeterministic
- */
-import { BaseRule } from '../base.js';
-import { ERROR_CODES } from '../error-codes.js';
-class E002UnderspecifiedRequiredInputRule extends BaseRule {
-    id = ERROR_CODES.E002;
-    severity = 'error';
-    ruleName = 'Underspecified Required Input';
-    description = 'Required parameter is underspecified. LLM may pass invalid or ambiguous values.';
-    check(ctx) {
-        const diagnostics = [];
-        // Broad types that need constraints
-        const broadTypes = new Set(['string', 'any', 'object']);
-        for (const tool of ctx.tools) {
-            for (const input of tool.inputs) {
-                // Check if type is broad
-                if (!broadTypes.has(input.type)) {
-                    continue;
-                }
-                // Check if it has any constraints
-                const hasDescription = Boolean(input.description && input.description.trim());
-                const hasEnum = Boolean(input.enum && input.enum.length > 0);
-                const hasPattern = Boolean(input.pattern);
-                const hasExample = input.example !== undefined;
-                // If it's broad and has no constraints, it's underspecified
-                if (!hasDescription && !hasEnum && !hasPattern && !hasExample) {
-                    if (input.required) {
-                        // Required parameter without constraints - error
-                        diagnostics.push(this.createDiagnostic(`Required parameter "${input.name}" in tool "${tool.name}" is underspecified. LLM may pass invalid or ambiguous values.`, tool.name, input.name, `Add constraints to "${input.name}": provide a description, enum values, regex pattern, or example.`));
-                    }
-                    else {
-                        // Optional parameter without constraints - flag as warning since it's less critical
-                        diagnostics.push(this.createDiagnostic(`Optional parameter "${input.name}" in tool "${tool.name}" is underspecified. LLM may pass invalid or ambiguous values.`, tool.name, input.name, `Add constraints to "${input.name}": provide a description, enum values, regex pattern, or example.`, undefined, 'warning'));
-                    }
-                }
-            }
-        }
-        return diagnostics;
-    }
-}
-export const E002UnderspecifiedRequiredInput = new E002UnderspecifiedRequiredInputRule();
-//# sourceMappingURL=e002-underspecified-input.js.map

package/dist/runtime/analysis/rules/errors/e003-type-mismatch.d.ts

@@ -1,23 +0,0 @@
-/**
- * E003: Unsafe Tool Chaining (Type Mismatch)
- *
- * Condition:
- * - Tool A output flows into Tool B input AND
- * - Output type incompatible with input type
- *
- * Why:
- * - Tool chains silently break
- * - Bugs appear "random"
- */
-import { BaseRule } from '../base.js';
-import type { AnalysisContext, Diagnostic } from '../../types.js';
-declare class E003TypeMismatchRule extends BaseRule {
-    readonly id: "E003";
-    readonly severity: "error";
-    readonly ruleName = "Unsafe Tool Chaining (Type Mismatch)";
-    readonly description = "Output type incompatible with downstream input type. Tool chains will break.";
-    check(ctx: AnalysisContext): Diagnostic[];
-}
-export declare const E003TypeMismatch: E003TypeMismatchRule;
-export {};
-//# sourceMappingURL=e003-type-mismatch.d.ts.map

package/dist/runtime/analysis/rules/errors/e003-type-mismatch.js

@@ -1,73 +0,0 @@
-/**
- * E003: Unsafe Tool Chaining (Type Mismatch)
- *
- * Condition:
- * - Tool A output flows into Tool B input AND
- * - Output type incompatible with input type
- *
- * Why:
- * - Tool chains silently break
- * - Bugs appear "random"
- */
-import { BaseRule } from '../base.js';
-import { ERROR_CODES } from '../error-codes.js';
-/**
- * Check if two types are incompatible.
- */
-function areTypesIncompatible(outputType, inputType) {
-    // Exact match is always compatible
-    if (outputType === inputType) {
-        return false;
-    }
-    // String can accept almost anything (it's broad)
-    if (inputType === 'string') {
-        return false;
-    }
-    // Incompatible type pairs
-    const incompatiblePairs = [
-        ['string', 'number'],
-        ['string', 'boolean'],
-        ['string', 'integer'],
-        ['number', 'boolean'],
-        ['boolean', 'number'],
-        ['array', 'object'],
-        ['object', 'array'],
-    ];
-    for (const [from, to] of incompatiblePairs) {
-        if (outputType === from && inputType === to) {
-            return true;
-        }
-    }
-    return false;
-}
-class E003TypeMismatchRule extends BaseRule {
-    id = ERROR_CODES.E003;
-    severity = 'error';
-    ruleName = 'Unsafe Tool Chaining (Type Mismatch)';
-    description = 'Output type incompatible with downstream input type. Tool chains will break.';
-    check(ctx) {
-        const diagnostics = [];
-        // Only check high-confidence dependencies (>= 0.8)
-        const highConfidenceDeps = ctx.dependencies.filter(d => d.confidence >= 0.8);
-        for (const dep of highConfidenceDeps) {
-            // Find the output and input fields
-            const fromTool = ctx.indexes.toolIndex.get(dep.fromTool.toLowerCase());
-            const toTool = ctx.indexes.toolIndex.get(dep.toTool.toLowerCase());
-            if (!fromTool || !toTool) {
-                continue;
-            }
-            const fromField = fromTool.outputs.find(f => f.name === dep.fromField);
-            const toField = toTool.inputs.find(f => f.name === dep.toField);
-            if (!fromField || !toField) {
-                continue;
-            }
-            // Check type compatibility
-            if (areTypesIncompatible(fromField.type, toField.type)) {
-                diagnostics.push(this.createDiagnostic(`Tool "${dep.toTool}" parameter "${dep.toField}" depends on output from "${dep.fromTool}", but types are incompatible (${fromField.type} → ${toField.type}).`, dep.toTool, dep.toField, `Ensure "${dep.fromTool}" outputs ${toField.type}, or modify "${dep.toTool}" to accept ${fromField.type}.`));
-            }
-        }
-        return diagnostics;
-    }
-}
-export const E003TypeMismatch = new E003TypeMismatchRule();
-//# sourceMappingURL=e003-type-mismatch.js.map

package/dist/runtime/analysis/rules/errors/e004-free-text-propagation.d.ts

@@ -1,23 +0,0 @@
-/**
- * E004: Unsafe Tool Chaining (Free Text Propagation)
- *
- * Condition:
- * - Output is unconstrained string
- * - Used as input to another tool
- *
- * Why:
- * - LLM passes sentences instead of data
- * - Most common real-world failure
- */
-import { BaseRule } from '../base.js';
-import type { AnalysisContext, Diagnostic } from '../../types.js';
-declare class E004FreeTextPropagationRule extends BaseRule {
-    readonly id: "E004";
-    readonly severity: "error";
-    readonly ruleName = "Unsafe Tool Chaining (Free Text Propagation)";
-    readonly description = "Free-text output is used by another tool. This is unsafe without constraints.";
-    check(ctx: AnalysisContext): Diagnostic[];
-}
-export declare const E004FreeTextPropagation: E004FreeTextPropagationRule;
-export {};
-//# sourceMappingURL=e004-free-text-propagation.d.ts.map

package/dist/runtime/analysis/rules/errors/e004-free-text-propagation.js

@@ -1,47 +0,0 @@
-/**
- * E004: Unsafe Tool Chaining (Free Text Propagation)
- *
- * Condition:
- * - Output is unconstrained string
- * - Used as input to another tool
- *
- * Why:
- * - LLM passes sentences instead of data
- * - Most common real-world failure
- */
-import { BaseRule } from '../base.js';
-import { ERROR_CODES } from '../error-codes.js';
-class E004FreeTextPropagationRule extends BaseRule {
-    id = ERROR_CODES.E004;
-    severity = 'error';
-    ruleName = 'Unsafe Tool Chaining (Free Text Propagation)';
-    description = 'Free-text output is used by another tool. This is unsafe without constraints.';
-    check(ctx) {
-        const diagnostics = [];
-        // Only check high-confidence dependencies (>= 0.8)
-        const highConfidenceDeps = ctx.dependencies.filter(d => d.confidence >= 0.8);
-        for (const dep of highConfidenceDeps) {
-            // Find the output field
-            const fromTool = ctx.indexes.toolIndex.get(dep.fromTool.toLowerCase());
-            if (!fromTool) {
-                continue;
-            }
-            const fromField = fromTool.outputs.find(f => f.name === dep.fromField);
-            if (!fromField) {
-                continue;
-            }
-            // Check if output is unconstrained string
-            const isString = fromField.type === 'string';
-            const hasEnum = Boolean(fromField.enum && fromField.enum.length > 0);
-            const hasPattern = Boolean(fromField.pattern);
-            const hasDescription = Boolean(fromField.description && fromField.description.trim());
-            // If it's a string with no constraints, it's free text
-            if (isString && !hasEnum && !hasPattern && !hasDescription) {
-                diagnostics.push(this.createDiagnostic(`Free-text output from "${dep.fromTool}" (field: "${dep.fromField}") is used by "${dep.toTool}". This is unsafe without constraints.`, dep.toTool, dep.toField, `Constrain the output of "${dep.fromTool}" by adding enum values, regex pattern, or clear description of expected format.`));
-            }
-        }
-        return diagnostics;
-    }
-}
-export const E004FreeTextPropagation = new E004FreeTextPropagationRule();
-//# sourceMappingURL=e004-free-text-propagation.js.map