aienvmp 0.1.21 → 0.1.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md CHANGED
@@ -1,5 +1,17 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.1.23
4
+
5
+ - Added compact `stepSummary` output to `context --json`.
6
+ - Reused the AI plan step model so preflight context can show remediation and environment drift summaries.
7
+ - Kept full step details in `aienvmp plan` while keeping context lightweight.
8
+
9
+ ## 0.1.22
10
+
11
+ - Reworked the README around Quick Start, AI Usage, CI Usage, and outputs.
12
+ - Made the project positioning clearer: AI-first environment maps for shared coding machines.
13
+ - Emphasized read-only planning and avoiding runtime/tool drift across agents.
14
+
3
15
  ## 0.1.21
4
16
 
5
17
  - Added a GitHub Actions artifact upload example for `AIENV.md`, plan outputs, manifest, and dashboard.
package/README.md CHANGED
@@ -6,29 +6,39 @@
6
6
 
7
7
  **AI Environment Map.**
8
8
 
9
- `aienvmp` is an AI environment coordination tool for shared coding machines.
9
+ `aienvmp` is an AI-first environment map for shared coding machines.
10
10
 
11
- It helps Codex, Claude, Gemini, and other agents avoid silently using or installing different runtime and tool versions.
11
+ It helps Codex, Claude, Gemini, and humans avoid silent Node, Python, package manager, Docker, and security drift.
12
12
 
13
- Core loop: scan the env, give AI a preflight context, and hand off safe next steps to the next agent.
13
+ Core loop: scan once, give AI a preflight context, write a read-only action plan, and hand off safe next steps.
14
14
 
15
- ## Use
15
+ ## Quick Start
16
16
 
17
17
  ```bash
18
18
  npx aienvmp sync
19
19
  npx aienvmp context
20
20
  npx aienvmp plan
21
21
  npx aienvmp handoff
22
- npx aienvmp handoff --record --actor agent:codex
23
22
  ```
24
23
 
25
- Optional read-only checks:
24
+ Optional deeper read-only checks:
26
25
 
27
26
  ```bash
28
27
  npx aienvmp sync --deep
29
28
  npx aienvmp sync --security
30
29
  ```
31
30
 
31
+ ## AI Usage
32
+
33
+ Tell each agent to read `aienvmp context --json` before environment changes.
34
+
35
+ ```bash
36
+ npx aienvmp context --json
37
+ npx aienvmp intent --actor agent:codex --action "upgrade node" --target node
38
+ npx aienvmp record --actor agent:codex --summary "updated .nvmrc" --target node
39
+ npx aienvmp handoff --record --actor agent:codex
40
+ ```
41
+
32
42
  ## Output
33
43
 
34
44
  ```text
@@ -45,7 +55,7 @@ Trust states are machine-readable: `observed`, `planned`, `changed`, `review`, `
45
55
 
46
56
  AI agents can observe, plan, and record. Only a human or CI should mark environment facts as verified.
47
57
 
48
- ## For AGENTS.md
58
+ ## Agent Files
49
59
 
50
60
  `aienvmp` does not replace AGENTS.md. It gives AGENTS.md a live environment source of truth.
51
61
 
@@ -53,16 +63,23 @@ AI agents can observe, plan, and record. Only a human or CI should mark environm
53
63
  npx aienvmp snippet agents
54
64
  ```
55
65
 
56
- ## CI
66
+ ## CI Usage
57
67
 
58
68
  Use the GitHub Action to write the env map, plan, dashboard, and optional strict checks. See [examples/github-action.yml](examples/github-action.yml).
59
69
 
70
+ ```yaml
71
+ - uses: soovwv/aienvmp@main
72
+ with:
73
+ write-plan: "true"
74
+ strict: "off" # security, policy, coordination, all, or off
75
+ ```
76
+
60
77
  ## Commands
61
78
 
62
79
  ```bash
63
80
  aienvmp sync # update env map, light SBOM, ledger, dashboard
64
81
  aienvmp context # AI preflight brief
65
- aienvmp context --json # machine-readable AI decision context + recommended actions
82
+ aienvmp context --json # AI decision context + actions + compact step summary
66
83
  aienvmp plan # read-only AI action plan for drift and remediation
67
84
  aienvmp handoff # next-agent handoff summary + recommended actions
68
85
  aienvmp intent # record a planned env change
@@ -76,6 +93,7 @@ aienvmp doctor --strict security # fail only scoped warnings
76
93
  - simple by default
77
94
  - AI-first
78
95
  - lightweight
96
+ - read-only planning, no automatic fixes
79
97
  - one advisory engine, optional enforcement with `doctor --ci`
80
98
  - scoped enforcement with `doctor --strict security|policy|coordination|all`
81
99
  - non-blocking unless strict mode is explicitly requested
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "aienvmp",
3
- "version": "0.1.21",
3
+ "version": "0.1.23",
4
4
  "description": "AI-first environment maps and lightweight runtime SBOMs for shared development machines.",
5
5
  "type": "module",
6
6
  "bin": {
@@ -5,6 +5,7 @@ import { intentsPath, manifestPath, timelinePath, workspaceDir } from "../paths.
5
5
  import { renderContext } from "../render.js";
6
6
  import { loadPolicy, policyWarnings } from "../policy.js";
7
7
  import { recommendedActions } from "../actions.js";
8
+ import { buildPlan, compactStepSummary } from "./plan.js";
8
9
 
9
10
  export async function contextWorkspace(args) {
10
11
  const dir = workspaceDir(args);
@@ -16,11 +17,13 @@ export async function contextWorkspace(args) {
16
17
  const warnings = [...diagnose(manifest, { timeline, intents }), ...policyWarnings(manifest, policy)];
17
18
  const decision = contextDecision(warnings, intents);
18
19
  const actions = recommendedActions(manifest, { warnings, intents });
20
+ const stepSummary = compactStepSummary(buildPlan(manifest, warnings, intents, policy));
19
21
  if (args.json) {
20
22
  console.log(JSON.stringify({
21
23
  status: warnings.length ? "review-required" : "clear",
22
24
  decision,
23
25
  recommendedActions: actions,
26
+ stepSummary,
24
27
  trust: manifest.trust || {},
25
28
  guidance: decision,
26
29
  workspace: manifest.workspace,
@@ -66,6 +66,22 @@ export function buildPlan(manifest, warnings = [], intents = [], policy = {}) {
66
66
  };
67
67
  }
68
68
 
69
+ export function compactStepSummary(plan = {}) {
70
+ return {
71
+ remediation: (plan.remediationSteps || []).slice(0, 3).map((item) => ({
72
+ package: item.package,
73
+ severity: item.severity,
74
+ fixVersions: (item.fixVersions || []).slice(0, 3),
75
+ advisoryIds: (item.advisories || []).map((advisory) => advisory.id || advisory.title).filter(Boolean).slice(0, 3)
76
+ })),
77
+ environment: (plan.environmentSteps || []).slice(0, 3).map((item) => ({
78
+ code: item.code,
79
+ category: item.category,
80
+ summary: item.summary
81
+ }))
82
+ };
83
+ }
84
+
69
85
  function environmentSteps(warnings = []) {
70
86
  return warnings
71
87
  .filter((warning) => warning.code !== "security-vulnerabilities")