@tanagram/cli 0.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Tanagram
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,217 @@
+# Tanagram
+
+A lightweight Go CLI that enforces policies from `AGENTS.md` files on your local git changes.
+
+## Quick Start
+
+Run `tanagram` before committing to catch policy violations locally:
+
+```bash
+$ tanagram
+
+✗ Found 1 policy violation(s):
+
+webui/src/Button.tsx:42 - [No hardcoded colors] Don't use hard-coded color values; use theme colors instead
+  > background: "#FF5733"
+```
+
+## Installation
+
+### Via npm (Recommended)
+
+```bash
+npm install -g @tanagram/cli
+tanagram --help
+```
+
+**Requirements:**
+- Node.js >= 14.0.0
+- Go >= 1.21 (for building the binary during installation)
+- **Anthropic API Key** (required for LLM-based policy extraction)
+
+The CLI is written in Go but distributed via npm for easier installation and version management.
+
+### API Key Setup
+
+Tanagram uses Claude AI (via Anthropic API) to extract policies from your instruction files. You need to bring your own API key:
+
+```bash
+# Set your Anthropic API key
+export ANTHROPIC_API_KEY="sk-ant-..."
+
+# Or add to your shell profile (~/.bashrc, ~/.zshrc, etc.)
+echo 'export ANTHROPIC_API_KEY="sk-ant-..."' >> ~/.zshrc
+```
+
+**Get an API key:**
+1. Sign up at [https://console.anthropic.com](https://console.anthropic.com)
+2. Create an API key in the dashboard
+3. Set the `ANTHROPIC_API_KEY` environment variable
+
+### Local Development
+
+```bash
+cd cli
+npm install  # Builds the Go binary
+./bin/tanagram
+```
+
+### Install Locally for Testing
+
+Install globally from the local directory to test as if it were published:
+
+```bash
+cd /Users/molinar/tanagram/cli
+npm install -g .
+```
+
+Then run from anywhere:
+```bash
+tanagram
+```
+
+## Usage
+
+```bash
+# Check all changes (unstaged + staged) - automatically syncs if policies changed
+tanagram
+# or explicitly:
+tanagram run
+
+# Manually sync instruction files to cache
+tanagram sync
+
+# View all cached policies
+tanagram list
+
+# Show help
+tanagram help
+```
+
+**Smart Caching:** Policies are cached and automatically resynced when instruction files change (detected via MD5 hash).
+
+## Commands
+
+- **`run`** (default) - Check git changes against policies with auto-sync
+- **`sync`** - Manually sync all instruction files to cache
+- **`list`** - View all cached policies (shows enforceable vs unenforceable)
+- **`help`** - Show usage information
+
+## How It Works
+
+1. **Finds instruction files** - Searches for `AGENTS.md`, `POLICIES.md` in your git repository
+2. **Checks cache** - Loads cached policies and MD5 hashes from `.tanagram/`
+3. **Auto-syncs** - Detects file changes via MD5 and automatically resyncs if needed
+4. **LLM extraction** - Uses Claude AI to extract ALL policies from instruction files
+5. **Gets git diff** - Analyzes all your changes (unstaged + staged)
+6. **LLM detection** - Checks violations using intelligent semantic analysis
+7. **Reports results** - Terminal output with detailed reasoning for each violation
+
+### Cache Location
+
+Policies are cached in `.tanagram/cache.gob` at your git repository root. Add this to your `.gitignore`:
+
+```gitignore
+.tanagram/
+```
+
+## Fully LLM-Based Architecture
+
+Tanagram uses **100% LLM-powered** policy extraction and enforcement:
+
+### Extraction Phase
+Claude AI extracts **ALL** policies from instruction files:
+- No classification needed (no MUST_NOT_USE, MUST_USE, etc.)
+- No regex pattern generation
+- Simple: Just extract policy names and descriptions
+- Fast: Simpler prompts = faster responses
+
+### Detection Phase
+Claude AI analyzes code changes against all policies:
+- **Semantic understanding** - Not just pattern matching
+- **Context-aware** - Understands code intent and structure
+- **Language-agnostic** - Works with any programming language
+- **Detailed reasoning** - Explains why code violates each policy
+
+### What Can Be Enforced
+
+**Everything!** Because the LLM reads and understands code like a human:
+
+**Simple patterns:**
+- "Don't use hard-coded colors" → Detects `#FF5733`, `rgb()`, etc.
+- "Use ruff format, not black" → Detects `black` usage
+- "Always use === instead of ==" → Detects `==` operators
+
+**Complex guidelines:**
+- "Break down code into modular functions" → Analyzes function length and complexity
+- "Don't deeply layer code" → Detects excessive nesting
+- "Ensure no code smells" → Identifies common anti-patterns
+- "Use structured logging with request IDs" → Checks logging patterns
+- "Prefer async/await for I/O" → Understands async patterns
+
+**Language-specific idioms:**
+- Knows Go uses PascalCase for exports (not Python's snake_case)
+- Won't flag Go code for missing Python type hints
+- Understands JavaScript !== Python !== Go
+
+## Exit Codes
+
+- `0` - No violations found
+- `1` - Violations found (fails CI/CD if integrated)
+
+## Example
+
+Create an `AGENTS.md` in your repo with policies:
+
+```markdown
+# Development Policies
+
+- Don't use hard-coded color values; use theme colors instead
+- Use ruff format for Python formatting, not black
+- Always use async/await for database operations
+```
+
+Then run `tanagram` to enforce them locally!
+
+---
+
+## Contributing
+
+Contributions are welcome! Please feel free to submit a Pull Request.
+
+### Development Setup
+
+```bash
+# Clone the repository
+git clone https://github.com/tanagram/cli.git
+cd cli
+
+# Install dependencies and build
+npm install
+
+# Run tests
+npm test
+
+# Build manually
+go build -o bin/tanagram .
+```
+
+### Publishing to npm
+
+To publish a new version:
+
+```bash
+# Update version in package.json
+npm version patch  # or minor, or major
+
+# Publish to npm
+npm publish --access public
+
+# Create git tag
+git tag v$(node -p "require('./package.json').version")
+git push origin --tags
+```
+
+## License
+
+MIT

package/bin/tanagram.js

@@ -0,0 +1,18 @@
+#!/usr/bin/env node
+
+const { spawn } = require('child_process');
+const path = require('path');
+const os = require('os');
+
+const platform = os.platform();
+const binaryName = platform === 'win32' ? 'tanagram.exe' : 'tanagram';
+const binaryPath = path.join(__dirname, binaryName);
+
+// Spawn the Go binary with all arguments
+const child = spawn(binaryPath, process.argv.slice(2), {
+  stdio: 'inherit'
+});
+
+child.on('exit', (code) => {
+  process.exit(code || 0);
+});

package/checker/llm_integration.go

@@ -0,0 +1,119 @@
+package checker
+
+import (
+	"context"
+	"fmt"
+	"strings"
+
+	"github.com/tanagram/monorepo/cli/git"
+	"github.com/tanagram/monorepo/cli/parser"
+)
+
+// CheckChangesWithLLM checks code changes against ALL policies using LLM
+func CheckChangesWithLLM(ctx context.Context, changes []git.ChangedLine, policies []parser.Policy) []Violation {
+	if len(policies) == 0 {
+		return []Violation{}
+	}
+
+	// Convert policies slice to map for O(1) lookup
+	policyMap := buildPolicyMap(policies)
+
+	// Group changes by file for efficient checking
+	changesByFile := groupChangesByFile(changes)
+
+	var allViolations []Violation
+	for file, fileChanges := range changesByFile {
+		violations := checkFileWithLLM(ctx, file, fileChanges, policies, policyMap)
+		allViolations = append(allViolations, violations...)
+	}
+
+	return allViolations
+}
+
+// buildPolicyMap converts a slice of policies to a map keyed by policy name for O(1) lookup
+func buildPolicyMap(policies []parser.Policy) map[string]parser.Policy {
+	policyMap := make(map[string]parser.Policy, len(policies))
+	for _, policy := range policies {
+		policyMap[policy.Name] = policy
+	}
+	return policyMap
+}
+
+// groupChangesByFile organizes changed lines by their file path
+func groupChangesByFile(changes []git.ChangedLine) map[string][]git.ChangedLine {
+	grouped := make(map[string][]git.ChangedLine)
+	for _, change := range changes {
+		grouped[change.File] = append(grouped[change.File], change)
+	}
+	return grouped
+}
+
+// checkFileWithLLM checks a single file's changes using the LLM
+func checkFileWithLLM(ctx context.Context, file string, changes []git.ChangedLine, policies []parser.Policy, policyMap map[string]parser.Policy) []Violation {
+	// Format changes for LLM
+	codeChanges := formatChangesForLLM(changes)
+
+	// Call LLM to check violations
+	checks, err := CheckViolations(ctx, file, codeChanges, policies)
+	if err != nil {
+		// Log error but don't fail the whole check
+		fmt.Printf("Warning: LLM check failed for %s: %v\n", file, err)
+		return []Violation{}
+	}
+
+	// Convert LLM checks to Violations
+	var violations []Violation
+	for _, check := range checks {
+		if !check.Violated {
+			continue
+		}
+
+		// Find the policy details using O(1) map lookup
+		policy, found := policyMap[check.PolicyName]
+		if !found {
+			continue
+		}
+
+		// Use first changed line as the location (LLM doesn't provide specific line numbers yet)
+		firstLine := changes[0]
+
+		violations = append(violations, Violation{
+			File:       file,
+			LineNumber: firstLine.LineNumber,
+			PolicyName: policy.Name,
+			Message:    fmt.Sprintf("%s\n\nLLM Analysis: %s", policy.Message, check.Reason),
+			Code:       formatChangesForDisplay(changes),
+		})
+	}
+
+	return violations
+}
+
+// formatChangesForLLM creates a readable representation of code changes for the LLM
+func formatChangesForLLM(changes []git.ChangedLine) string {
+	var builder strings.Builder
+	for _, change := range changes {
+		builder.WriteString(fmt.Sprintf("Line %d: %s\n", change.LineNumber, change.Content))
+	}
+	return builder.String()
+}
+
+// formatChangesForDisplay creates a compact display of changed lines
+func formatChangesForDisplay(changes []git.ChangedLine) string {
+	if len(changes) == 1 {
+		return strings.TrimSpace(changes[0].Content)
+	}
+
+	var builder strings.Builder
+	for i, change := range changes {
+		if i > 0 {
+			builder.WriteString("\n")
+		}
+		builder.WriteString(fmt.Sprintf("L%d: %s", change.LineNumber, strings.TrimSpace(change.Content)))
+		if i >= 2 { // Limit to first 3 lines
+			builder.WriteString("\n...")
+			break
+		}
+	}
+	return builder.String()
+}

package/checker/matcher.go

@@ -0,0 +1,56 @@
+package checker
+
+import (
+	"context"
+	"fmt"
+	"strings"
+
+	"github.com/tanagram/monorepo/cli/git"
+	"github.com/tanagram/monorepo/cli/parser"
+)
+
+// Violation represents a policy violation found in code
+type Violation struct {
+	File       string
+	LineNumber int
+	PolicyName string
+	Message    string
+	Code       string
+}
+
+// CheckResult contains all violations found
+type CheckResult struct {
+	Violations []Violation
+	TotalChecked int
+}
+
+// CheckChanges checks all changed lines against policies using LLM-based detection
+func CheckChanges(ctx context.Context, changes []git.ChangedLine, policies []parser.Policy) *CheckResult {
+	result := &CheckResult{
+		Violations:   []Violation{},
+		TotalChecked: len(changes),
+	}
+
+	// Use LLM-based checking for all policies
+	llmViolations := CheckChangesWithLLM(ctx, changes, policies)
+	result.Violations = append(result.Violations, llmViolations...)
+
+	return result
+}
+
+// FormatViolations formats violations for terminal output
+func FormatViolations(result *CheckResult) string {
+	if len(result.Violations) == 0 {
+		return "✓ No policy violations found"
+	}
+
+	var output strings.Builder
+	output.WriteString(fmt.Sprintf("✗ Found %d policy violation(s):\n\n", len(result.Violations)))
+
+	for _, v := range result.Violations {
+		output.WriteString(fmt.Sprintf("%s:%d - [%s] %s\n", v.File, v.LineNumber, v.PolicyName, v.Message))
+		output.WriteString(fmt.Sprintf("  > %s\n\n", v.Code))
+	}
+
+	return output.String()
+}

package/checker/violation_checker.go

@@ -0,0 +1,109 @@
+package checker
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"strings"
+
+	"github.com/tanagram/monorepo/cli/llm"
+	"github.com/tanagram/monorepo/cli/parser"
+)
+
+// ViolationCheck represents a single policy violation check result from the LLM
+type ViolationCheck struct {
+	PolicyName string `json:"policy_name"`
+	Violated   bool   `json:"violated"`
+	Reason     string `json:"reason"`
+}
+
+// ViolationCheckResponse represents the LLM's response to a violation check request
+type ViolationCheckResponse struct {
+	Violations []ViolationCheck `json:"violations"`
+}
+
+// CheckViolations uses LLM to check if code changes violate any policies
+// Returns a list of violation checks with policy names and reasons
+func CheckViolations(ctx context.Context, file string, codeChanges string, policies []parser.Policy) ([]ViolationCheck, error) {
+	if len(policies) == 0 {
+		return []ViolationCheck{}, nil
+	}
+
+	client, err := llm.NewClient()
+	if err != nil {
+		return nil, err
+	}
+
+	prompt := buildViolationCheckPrompt(file, codeChanges, policies)
+
+	response, err := client.SendMessage(ctx, prompt)
+	if err != nil {
+		return nil, fmt.Errorf("failed to check violations: %w", err)
+	}
+
+	// Parse response
+	cleanedResponse := llm.StripMarkdownCodeBlocks(response)
+
+	var checkResponse ViolationCheckResponse
+	if err := json.Unmarshal([]byte(cleanedResponse), &checkResponse); err != nil {
+		return nil, fmt.Errorf("failed to parse LLM response: %w\nResponse: %s", err, response)
+	}
+
+	return checkResponse.Violations, nil
+}
+
+// buildViolationCheckPrompt creates a focused prompt for LLM violation checking
+func buildViolationCheckPrompt(file string, codeChanges string, policies []parser.Policy) string {
+	policiesText := formatPoliciesForPrompt(policies)
+
+	return fmt.Sprintf(`You are a code policy enforcement system. Check if code changes violate coding policies.
+
+File: %s
+
+Code Changes:
+%s
+
+Policies to Check:
+%s
+
+For each policy, determine if the code changes violate it. Consider:
+- The intent and spirit of the policy, not just literal interpretation
+- Whether the changes introduce new violations
+- Best practices and code quality standards
+- Language-specific conventions (e.g., Go uses PascalCase for exports, not Python type hints)
+
+IMPORTANT: Only flag violations that make sense for this programming language.
+- Don't apply Python-specific policies (like type hints) to Go code
+- Don't apply JavaScript-specific policies to Python code
+- Consider the language's idioms and conventions
+
+Return ONLY valid JSON (no markdown, no backticks, no extra commentary):
+{
+  "violations": [
+    {
+      "policy_name": "Exact policy name from 'Policy Name:' field above",
+      "violated": true,
+      "reason": "Brief explanation of why it violates the policy"
+    }
+  ]
+}
+
+IMPORTANT: The "policy_name" field must be the EXACT text from the "Policy Name:" field above.
+Do not include numbers, asterisks, or any other formatting - just the plain policy name.
+
+Only include policies that are ACTUALLY violated. If no violations, return empty violations array.
+Be precise - only flag clear violations, not potential issues.`,
+		file,
+		codeChanges,
+		policiesText)
+}
+
+// formatPoliciesForPrompt formats policies into a readable list for the LLM prompt
+// Uses plain policy names without formatting to ensure exact matching in responses
+func formatPoliciesForPrompt(policies []parser.Policy) string {
+	var builder strings.Builder
+	for _, policy := range policies {
+		builder.WriteString(fmt.Sprintf("- Policy Name: %s\n  Description: %s\n\n", policy.Name, policy.Message))
+	}
+	return builder.String()
+}

package/git/diff.go

@@ -0,0 +1,127 @@
+package git
+
+import (
+	"bufio"
+	"fmt"
+	"os/exec"
+	"regexp"
+	"strconv"
+	"strings"
+)
+
+// ChangedLine represents a single line change from git diff
+type ChangedLine struct {
+	File       string
+	LineNumber int
+	Content    string
+	ChangeType string // "+" for addition, "~" for modification
+}
+
+// DiffResult contains all changed lines from a git diff
+type DiffResult struct {
+	Changes []ChangedLine
+}
+
+// GetUnstagedDiff gets the git diff for unstaged changes
+func GetUnstagedDiff() (*DiffResult, error) {
+	cmd := exec.Command("git", "diff", "--unified=0")
+	output, err := cmd.Output()
+	if err != nil {
+		return nil, fmt.Errorf("failed to run git diff: %w", err)
+	}
+
+	return parseDiff(string(output))
+}
+
+// GetStagedDiff gets the git diff for staged changes
+func GetStagedDiff() (*DiffResult, error) {
+	cmd := exec.Command("git", "diff", "--cached", "--unified=0")
+	output, err := cmd.Output()
+	if err != nil {
+		return nil, fmt.Errorf("failed to run git diff --cached: %w", err)
+	}
+
+	return parseDiff(string(output))
+}
+
+// GetAllChanges gets all changes (both unstaged and staged)
+func GetAllChanges() (*DiffResult, error) {
+	// Get unstaged changes
+	unstaged, err := GetUnstagedDiff()
+	if err != nil {
+		return nil, fmt.Errorf("failed to get unstaged changes: %w", err)
+	}
+
+	// Get staged changes
+	staged, err := GetStagedDiff()
+	if err != nil {
+		return nil, fmt.Errorf("failed to get staged changes: %w", err)
+	}
+
+	// Combine both results
+	result := &DiffResult{
+		Changes: append(unstaged.Changes, staged.Changes...),
+	}
+
+	return result, nil
+}
+
+// parseDiff parses unified diff format and extracts changed lines
+func parseDiff(diffText string) (*DiffResult, error) {
+	result := &DiffResult{
+		Changes: []ChangedLine{},
+	}
+
+	scanner := bufio.NewScanner(strings.NewReader(diffText))
+	var currentFile string
+	var currentLineNum int
+
+	// Regex patterns for diff parsing
+	filePattern := regexp.MustCompile(`^\+\+\+ b/(.+)$`)
+	hunkPattern := regexp.MustCompile(`^@@ -\d+(?:,\d+)? \+(\d+)(?:,\d+)? @@`)
+
+	for scanner.Scan() {
+		line := scanner.Text()
+
+		// Check for file marker
+		if matches := filePattern.FindStringSubmatch(line); matches != nil {
+			currentFile = matches[1]
+			continue
+		}
+
+		// Check for hunk header (gives us line number)
+		if matches := hunkPattern.FindStringSubmatch(line); matches != nil {
+			lineNum, err := strconv.Atoi(matches[1])
+			if err != nil {
+				continue
+			}
+			currentLineNum = lineNum
+			continue
+		}
+
+		// Process added/modified lines
+		if strings.HasPrefix(line, "+") && !strings.HasPrefix(line, "+++") {
+			// Added line
+			content := strings.TrimPrefix(line, "+")
+			result.Changes = append(result.Changes, ChangedLine{
+				File:       currentFile,
+				LineNumber: currentLineNum,
+				Content:    content,
+				ChangeType: "+",
+			})
+			currentLineNum++
+		} else if strings.HasPrefix(line, "-") && !strings.HasPrefix(line, "---") {
+			// Removed line - we don't check these for new violations
+			continue
+		} else if !strings.HasPrefix(line, "@") && !strings.HasPrefix(line, "\\") {
+			// Context line (no +/-)
+			currentLineNum++
+		}
+	}
+
+	if err := scanner.Err(); err != nil {
+		return nil, fmt.Errorf("error parsing diff: %w", err)
+	}
+
+	return result, nil
+}

package/git/diff_test.go

@@ -0,0 +1,175 @@
+package git
+
+import (
+	"os"
+	"testing"
+)
+
+func TestParseDiff_SimpleAddition(t *testing.T) {
+	// Read the example diff file
+	content, err := os.ReadFile("testdata/diff1.txt")
+	if err != nil {
+		t.Fatalf("Failed to read test file: %v", err)
+	}
+
+	result, err := parseDiff(string(content))
+	if err != nil {
+		t.Fatalf("parseDiff failed: %v", err)
+	}
+
+	// diff1.txt has one addition: print("hello") at line 71
+	if len(result.Changes) != 1 {
+		t.Fatalf("Expected 1 change, got %d", len(result.Changes))
+	}
+
+	change := result.Changes[0]
+	if change.File != "airflow/www/app.py" {
+		t.Errorf("Expected file 'airflow/www/app.py', got %q", change.File)
+	}
+	if change.LineNumber != 71 {
+		t.Errorf("Expected line number 71, got %d", change.LineNumber)
+	}
+	if change.Content != "    print(\"hello\")" {
+		t.Errorf("Expected content '    print(\"hello\")', got %q", change.Content)
+	}
+	if change.ChangeType != "+" {
+		t.Errorf("Expected change type '+', got %q", change.ChangeType)
+	}
+}
+
+func TestParseDiff_ModificationWithContext(t *testing.T) {
+	// Read the example diff file
+	content, err := os.ReadFile("testdata/diff-with-context.txt")
+	if err != nil {
+		t.Fatalf("Failed to read test file: %v", err)
+	}
+
+	result, err := parseDiff(string(content))
+	if err != nil {
+		t.Fatalf("parseDiff failed: %v", err)
+	}
+
+	// diff-with-context.txt has one line changed (old_line -> new_line)
+	// We only track additions, not deletions
+	if len(result.Changes) != 1 {
+		t.Fatalf("Expected 1 change (the addition), got %d", len(result.Changes))
+	}
+
+	change := result.Changes[0]
+	if change.File != "example/app.py" {
+		t.Errorf("Expected file 'example/app.py', got %q", change.File)
+	}
+	if change.Content != "    new_line = \"new_value\"" {
+		t.Errorf("Expected 'new_line' content, got %q", change.Content)
+	}
+	if change.ChangeType != "+" {
+		t.Errorf("Expected change type '+', got %q", change.ChangeType)
+	}
+}
+
+func TestParseDiff_AdditionWithContext(t *testing.T) {
+	// Read the example diff file
+	content, err := os.ReadFile("testdata/diff-addition-with-context.txt")
+	if err != nil {
+		t.Fatalf("Failed to read test file: %v", err)
+	}
+
+	result, err := parseDiff(string(content))
+	if err != nil {
+		t.Fatalf("parseDiff failed: %v", err)
+	}
+
+	// diff-addition-with-context.txt has one line added
+	if len(result.Changes) != 1 {
+		t.Fatalf("Expected 1 change, got %d", len(result.Changes))
+	}
+
+	change := result.Changes[0]
+	if change.File != "example/addition.py" {
+		t.Errorf("Expected file 'example/addition.py', got %q", change.File)
+	}
+	if change.Content != "    new_functionality = True" {
+		t.Errorf("Expected 'new_functionality = True', got %q", change.Content)
+	}
+	if change.ChangeType != "+" {
+		t.Errorf("Expected change type '+', got %q", change.ChangeType)
+	}
+}
+
+func TestParseDiff_EmptyDiff(t *testing.T) {
+	result, err := parseDiff("")
+	if err != nil {
+		t.Fatalf("parseDiff failed: %v", err)
+	}
+
+	if len(result.Changes) != 0 {
+		t.Errorf("Expected 0 changes for empty diff, got %d", len(result.Changes))
+	}
+}
+
+func TestParseDiff_MultipleFiles(t *testing.T) {
+	diffText := `diff --git a/file1.py b/file1.py
+index 1234567..abcdefg 100644
+--- a/file1.py
++++ b/file1.py
+@@ -10,0 +11 @@ def main():
++    print("file1")
+diff --git a/file2.py b/file2.py
+index 7654321..gfedcba 100644
+--- a/file2.py
++++ b/file2.py
+@@ -20,0 +21 @@ def test():
++    print("file2")
+`
+
+	result, err := parseDiff(diffText)
+	if err != nil {
+		t.Fatalf("parseDiff failed: %v", err)
+	}
+
+	if len(result.Changes) != 2 {
+		t.Fatalf("Expected 2 changes, got %d", len(result.Changes))
+	}
+
+	// Check first file
+	if result.Changes[0].File != "file1.py" {
+		t.Errorf("Expected file 'file1.py', got %q", result.Changes[0].File)
+	}
+	if result.Changes[0].LineNumber != 11 {
+		t.Errorf("Expected line 11, got %d", result.Changes[0].LineNumber)
+	}
+
+	// Check second file
+	if result.Changes[1].File != "file2.py" {
+		t.Errorf("Expected file 'file2.py', got %q", result.Changes[1].File)
+	}
+	if result.Changes[1].LineNumber != 21 {
+		t.Errorf("Expected line 21, got %d", result.Changes[1].LineNumber)
+	}
+}
+
+func TestParseDiff_IgnoresDeletions(t *testing.T) {
+	diffText := `diff --git a/test.py b/test.py
+index 1234567..abcdefg 100644
+--- a/test.py
++++ b/test.py
+@@ -5,2 +5,1 @@ def func():
+-    old_line_1 = "removed"
+-    old_line_2 = "also removed"
++    new_line = "added"
+`
+
+	result, err := parseDiff(diffText)
+	if err != nil {
+		t.Fatalf("parseDiff failed: %v", err)
+	}
+
+	// Should only track the addition, not the 2 deletions
+	if len(result.Changes) != 1 {
+		t.Fatalf("Expected 1 change (addition only), got %d", len(result.Changes))
+	}
+
+	if result.Changes[0].Content != "    new_line = \"added\"" {
+		t.Errorf("Expected addition content, got %q", result.Changes[0].Content)
+	}
+}

package/git/testdata/diff-addition-with-context.txt

@@ -0,0 +1,10 @@
+diff --git a/example/addition.py b/example/addition.py
+index 1234567..abcdefg 100644
+--- a/example/addition.py
++++ b/example/addition.py
+@@ -8,4 +8,5 @@ def setup():
+     config = load_config()
+     print("Starting setup")
+     
++    new_functionality = True
+     return config

package/git/testdata/diff-with-context.txt

@@ -0,0 +1,9 @@
+diff --git a/example/app.py b/example/app.py
+index 1234567..abcdefg 100644
+--- a/example/app.py
++++ b/example/app.py
+@@ -10,3 +10,3 @@ def main():
+     print("before")
+-    old_line = "old_value"
++    new_line = "new_value"
+     print("after")

package/git/testdata/diff1.txt

@@ -0,0 +1,6 @@
+diff --git a/airflow/www/app.py b/airflow/www/app.py
+index 06a0e14de0..0649747401 100644
+--- a/airflow/www/app.py
++++ b/airflow/www/app.py
+@@ -70,0 +71 @@ def create_app(config=None, testing=False):
++    print("hello")

package/go.mod

@@ -0,0 +1,12 @@
+module github.com/tanagram/monorepo/cli
+
+go 1.23.0
+
+require github.com/anthropics/anthropic-sdk-go v1.17.0
+
+require (
+	github.com/tidwall/gjson v1.18.0 // indirect
+	github.com/tidwall/match v1.1.1 // indirect
+	github.com/tidwall/pretty v1.2.1 // indirect
+	github.com/tidwall/sjson v1.2.5 // indirect
+)

package/go.sum

@@ -0,0 +1,20 @@
+github.com/anthropics/anthropic-sdk-go v1.17.0 h1:BwK8ApcmaAUkvZTiQE0yi3R9XneEFskDIjLTmOAFZxQ=
+github.com/anthropics/anthropic-sdk-go v1.17.0/go.mod h1:WTz31rIUHUHqai2UslPpw5CwXrQP3geYBioRV4WOLvE=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/tidwall/gjson v1.14.2/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
+github.com/tidwall/gjson v1.18.0 h1:FIDeeyB800efLX89e5a8Y0BNH+LOngJyGrIWxG2FKQY=
+github.com/tidwall/gjson v1.18.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
+github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
+github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
+github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
+github.com/tidwall/pretty v1.2.1 h1:qjsOFOWWQl+N3RsoF5/ssm1pHmJJwhjlSbZ51I6wMl4=
+github.com/tidwall/pretty v1.2.1/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
+github.com/tidwall/sjson v1.2.5 h1:kLy8mja+1c9jlljvWTlSazM7cKDRfJuR/bOJhcY5NcY=
+github.com/tidwall/sjson v1.2.5/go.mod h1:Fvgq9kS/6ociJEDnK0Fk1cpYF4FIW6ZF7LAe+6jwd28=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

package/install.js

@@ -0,0 +1,69 @@
+#!/usr/bin/env node
+
+const { execSync } = require('child_process');
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+// Check if Go is installed
+function checkGo() {
+  try {
+    execSync('go version', { stdio: 'ignore' });
+    return true;
+  } catch (error) {
+    return false;
+  }
+}
+
+// Build the Go binary
+function buildBinary() {
+  console.log('🔍 Building Tanagram CLI...');
+
+  const platform = os.platform();
+  const arch = os.arch();
+
+  // Map Node.js platform/arch to Go GOOS/GOARCH
+  const goos = platform === 'win32' ? 'windows' : platform;
+  const goarch = arch === 'x64' ? 'amd64' : arch === 'arm64' ? 'arm64' : arch;
+
+  const binaryName = platform === 'win32' ? 'tanagram.exe' : 'tanagram';
+  const binaryPath = path.join(__dirname, 'bin', binaryName);
+
+  // Ensure bin directory exists
+  const binDir = path.join(__dirname, 'bin');
+  if (!fs.existsSync(binDir)) {
+    fs.mkdirSync(binDir, { recursive: true });
+  }
+
+  try {
+    // Build the binary
+    execSync(`go build -o "${binaryPath}" .`, {
+      cwd: __dirname,
+      stdio: 'inherit',
+      env: {
+        ...process.env,
+        GOOS: goos,
+        GOARCH: goarch,
+      }
+    });
+
+    // Make it executable on Unix-like systems
+    if (platform !== 'win32') {
+      fs.chmodSync(binaryPath, '755');
+    }
+
+    console.log(`✓ Tanagram CLI built successfully at ${binaryPath}`);
+  } catch (error) {
+    console.error('Failed to build Tanagram CLI:', error.message);
+    process.exit(1);
+  }
+}
+
+// Main
+if (!checkGo()) {
+  console.error('Error: Go is not installed or not in PATH');
+  console.error('Please install Go from https://golang.org/dl/');
+  process.exit(1);
+}
+
+buildBinary();

package/main.go

@@ -0,0 +1,64 @@
+package main
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/tanagram/monorepo/cli/commands"
+)
+
+func main() {
+	// Get subcommand (default to "run" if none provided)
+	subcommand := "run"
+	if len(os.Args) > 1 {
+		subcommand = os.Args[1]
+	}
+
+	var err error
+	switch subcommand {
+	case "run":
+		err = commands.Run()
+	case "sync":
+		err = commands.Sync()
+	case "list":
+		err = commands.List()
+	case "help", "-h", "--help":
+		printHelp()
+		return
+	default:
+		fmt.Fprintf(os.Stderr, "Unknown command: %s\n\n", subcommand)
+		printHelp()
+		os.Exit(1)
+	}
+
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "Error: %v\n", err)
+		os.Exit(1)
+	}
+}
+
+func printHelp() {
+	help := `Tanagram - Policy enforcement for git changes
+
+USAGE:
+  tanagram [command]
+
+COMMANDS:
+  run      Check git changes against policies (default)
+  sync     Manually sync instruction files to cache
+  list     Show all cached policies
+  help     Show this help message
+
+EXAMPLES:
+  tanagram              # Check changes (auto-syncs if files changed)
+  tanagram run          # Same as above
+  tanagram sync         # Manually sync policies
+  tanagram list         # View all cached policies
+
+INSTRUCTION FILES:
+  Tanagram looks for instruction files like AGENTS.md or POLICIES.md
+  in your git repository. Policies are cached and automatically resynced
+  when files change.
+`
+	fmt.Print(help)
+}

package/package.json

@@ -0,0 +1,41 @@
+{
+  "name": "@tanagram/cli",
+  "version": "0.1.0",
+  "description": "Tanagram - Catch sloppy code before it ships",
+  "main": "index.js",
+  "bin": {
+    "tanagram": "./bin/tanagram.js"
+  },
+  "scripts": {
+    "postinstall": "node install.js",
+    "test": "go test ./..."
+  },
+  "keywords": [
+    "tanagram",
+    "policy",
+    "enforcement",
+    "cli",
+    "linter",
+    "code-quality"
+  ],
+  "author": "Tanagram",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/tanagram/cli.git"
+  },
+  "engines": {
+    "node": ">=14.0.0"
+  },
+  "files": [
+    "bin/",
+    "checker/",
+    "git/",
+    "parser/",
+    "main.go",
+    "go.mod",
+    "go.sum",
+    "install.js",
+    "README.md"
+  ]
+}

package/parser/agents.go

@@ -0,0 +1,66 @@
+package parser
+
+import (
+	"bufio"
+	"os"
+	"regexp"
+	"strings"
+)
+
+// Policy represents a policy rule from instruction files
+// Simplified: No types or patterns, all detection is LLM-based
+type Policy struct {
+	Name         string
+	Message      string
+	OriginalText string
+}
+
+// ParseAgents parses AGENTS.md content and extracts enforceable policies
+func ParseAgents(content string) ([]Policy, error) {
+	var policies []Policy
+	scanner := bufio.NewScanner(strings.NewReader(content))
+
+	for scanner.Scan() {
+		line := strings.TrimSpace(scanner.Text())
+
+		// Skip empty lines and headers
+		if line == "" || strings.HasPrefix(line, "#") {
+			continue
+		}
+
+		// Look for bullet points or numbered lists
+		if strings.HasPrefix(line, "-") || strings.HasPrefix(line, "*") || regexp.MustCompile(`^\d+\.`).MatchString(line) {
+			// Remove list markers
+			line = regexp.MustCompile(`^[-*\d.]\s*`).ReplaceAllString(line, "")
+
+			if policy := parsePolicy(line); policy != nil {
+				policies = append(policies, *policy)
+			}
+		}
+	}
+
+	return policies, scanner.Err()
+}
+
+// ParseAgentsFile reads an AGENTS.md file and extracts enforceable policies
+// NOTE: This uses the old regex-based extraction. Use extractor.ExtractPoliciesFromFile for LLM-based extraction.
+func ParseAgentsFile(filepath string) ([]Policy, error) {
+	content, err := os.ReadFile(filepath)
+	if err != nil {
+		return nil, err
+	}
+
+	return ParseAgents(string(content))
+}
+
+// parsePolicy attempts to convert a policy statement into a policy
+// Legacy regex-based parsing - kept for backwards compatibility
+// Prefer using extractor.ExtractPoliciesFromFile for better accuracy
+func parsePolicy(text string) *Policy {
+	return &Policy{
+		Name:         text, // Use the policy text as the name
+		Message:      text,
+		OriginalText: text,
+	}
+}
+

package/parser/agents_test.go

@@ -0,0 +1,157 @@
+package parser
+
+import (
+	"testing"
+)
+
+func TestParseAgents_BasicPolicies(t *testing.T) {
+	content := `# Policies
+- Don't use hard-coded color values
+- Always use theme colors
+`
+	policies, err := ParseAgents(content)
+	if err != nil {
+		t.Fatalf("ParseAgents failed: %v", err)
+	}
+
+	if len(policies) != 2 {
+		t.Fatalf("Expected 2 policies, got %d", len(policies))
+	}
+
+	// Check first policy was extracted
+	firstPolicy := policies[0]
+	if firstPolicy.Message == "" {
+		t.Error("Expected policy message to be non-empty")
+	}
+	if firstPolicy.OriginalText == "" {
+		t.Error("Expected original text to be non-empty")
+	}
+}
+
+func TestParseAgents_ExtractsMessages(t *testing.T) {
+	content := `# Rules
+- Don't use eval
+- Don't use document.write
+`
+	policies, err := ParseAgents(content)
+	if err != nil {
+		t.Fatalf("ParseAgents failed: %v", err)
+	}
+
+	if len(policies) != 2 {
+		t.Fatalf("Expected 2 policies, got %d", len(policies))
+	}
+
+	// Verify policies have content
+	for i, policy := range policies {
+		if policy.Message == "" {
+			t.Errorf("Policy %d has empty message", i)
+		}
+		if policy.Name == "" {
+			t.Errorf("Policy %d has empty name", i)
+		}
+	}
+}
+
+func TestParseAgents_EmptyContent(t *testing.T) {
+	content := ``
+	policies, err := ParseAgents(content)
+	if err != nil {
+		t.Fatalf("ParseAgents failed: %v", err)
+	}
+
+	if len(policies) != 0 {
+		t.Fatalf("Expected 0 policies, got %d", len(policies))
+	}
+}
+
+func TestParseAgents_BulletPoints(t *testing.T) {
+	content := `# Policies
+* Don't use hardcoded colors
+- Don't use eval
+1. Don't use document.write
+`
+	policies, err := ParseAgents(content)
+	if err != nil {
+		t.Fatalf("ParseAgents failed: %v", err)
+	}
+
+	if len(policies) != 3 {
+		t.Fatalf("Expected 3 policies, got %d", len(policies))
+	}
+
+	// All policies should have content
+	for _, policy := range policies {
+		if policy.Message == "" || policy.Name == "" {
+			t.Errorf("Policy missing required fields: %+v", policy)
+		}
+	}
+}
+
+func TestParseAgents_SkipsHeaders(t *testing.T) {
+	content := `# Main Policies
+## Subsection
+### Details
+- Don't use eval
+`
+	policies, err := ParseAgents(content)
+	if err != nil {
+		t.Fatalf("ParseAgents failed: %v", err)
+	}
+
+	if len(policies) != 1 {
+		t.Fatalf("Expected 1 policy, got %d", len(policies))
+	}
+}
+
+func TestParseAgents_PreservesOriginalText(t *testing.T) {
+	content := `# Python Policies
+- Use ruff format instead of black
+`
+	policies, err := ParseAgents(content)
+	if err != nil {
+		t.Fatalf("ParseAgents failed: %v", err)
+	}
+
+	if len(policies) != 1 {
+		t.Fatalf("Expected 1 policy, got %d", len(policies))
+	}
+
+	policy := policies[0]
+	if policy.OriginalText == "" {
+		t.Error("Expected OriginalText to be preserved")
+	}
+	if policy.Message == "" {
+		t.Error("Expected Message to be set")
+	}
+	if policy.Name == "" {
+		t.Error("Expected Name to be set")
+	}
+}
+
+func TestParseAgents_MultilinePolicies(t *testing.T) {
+	content := `# Database Policies
+- Always use async when database operations
+- Use connection pooling for better performance
+`
+	policies, err := ParseAgents(content)
+	if err != nil {
+		t.Fatalf("ParseAgents failed: %v", err)
+	}
+
+	if len(policies) != 2 {
+		t.Fatalf("Expected 2 policies, got %d", len(policies))
+	}
+
+	for i, policy := range policies {
+		if policy.Name == "" {
+			t.Errorf("Policy %d missing name", i)
+		}
+		if policy.Message == "" {
+			t.Errorf("Policy %d missing message", i)
+		}
+		if policy.OriginalText == "" {
+			t.Errorf("Policy %d missing original text", i)
+		}
+	}
+}