aiox-core 5.0.0 → 5.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (91) hide show
  1. package/.aiox-core/data/entity-registry.yaml +5297 -1814
  2. package/.aiox-core/data/registry-update-log.jsonl +2 -0
  3. package/.aiox-core/development/templates/service-template/README.md.hbs +158 -158
  4. package/.aiox-core/development/templates/service-template/__tests__/index.test.ts.hbs +237 -237
  5. package/.aiox-core/development/templates/service-template/client.ts.hbs +403 -403
  6. package/.aiox-core/development/templates/service-template/errors.ts.hbs +182 -182
  7. package/.aiox-core/development/templates/service-template/index.ts.hbs +120 -120
  8. package/.aiox-core/development/templates/service-template/package.json.hbs +87 -87
  9. package/.aiox-core/development/templates/service-template/types.ts.hbs +145 -145
  10. package/.aiox-core/development/templates/squad-template/LICENSE +21 -21
  11. package/.aiox-core/infrastructure/scripts/tool-resolver.js +4 -4
  12. package/.aiox-core/infrastructure/templates/aiox-sync.yaml.template +182 -182
  13. package/.aiox-core/infrastructure/templates/coderabbit.yaml.template +279 -279
  14. package/.aiox-core/infrastructure/templates/github-workflows/ci.yml.template +169 -169
  15. package/.aiox-core/infrastructure/templates/github-workflows/pr-automation.yml.template +330 -330
  16. package/.aiox-core/infrastructure/templates/github-workflows/release.yml.template +196 -196
  17. package/.aiox-core/infrastructure/templates/gitignore/gitignore-aiox-base.tmpl +63 -63
  18. package/.aiox-core/infrastructure/templates/gitignore/gitignore-brownfield-merge.tmpl +18 -18
  19. package/.aiox-core/infrastructure/templates/gitignore/gitignore-node.tmpl +85 -85
  20. package/.aiox-core/infrastructure/templates/gitignore/gitignore-python.tmpl +145 -145
  21. package/.aiox-core/install-manifest.yaml +58 -58
  22. package/.aiox-core/local-config.yaml.template +71 -71
  23. package/.aiox-core/monitor/hooks/lib/__init__.py +1 -1
  24. package/.aiox-core/monitor/hooks/lib/enrich.py +58 -58
  25. package/.aiox-core/monitor/hooks/lib/send_event.py +47 -47
  26. package/.aiox-core/monitor/hooks/notification.py +29 -29
  27. package/.aiox-core/monitor/hooks/post_tool_use.py +45 -45
  28. package/.aiox-core/monitor/hooks/pre_compact.py +29 -29
  29. package/.aiox-core/monitor/hooks/pre_tool_use.py +40 -40
  30. package/.aiox-core/monitor/hooks/stop.py +29 -29
  31. package/.aiox-core/monitor/hooks/subagent_stop.py +29 -29
  32. package/.aiox-core/monitor/hooks/user_prompt_submit.py +38 -38
  33. package/.aiox-core/product/templates/adr.hbs +125 -125
  34. package/.aiox-core/product/templates/dbdr.hbs +241 -241
  35. package/.aiox-core/product/templates/engine/elicitation.js +2 -3
  36. package/.aiox-core/product/templates/epic.hbs +212 -212
  37. package/.aiox-core/product/templates/pmdr.hbs +186 -186
  38. package/.aiox-core/product/templates/prd-v2.0.hbs +216 -216
  39. package/.aiox-core/product/templates/prd.hbs +201 -201
  40. package/.aiox-core/product/templates/story.hbs +263 -263
  41. package/.aiox-core/product/templates/task.hbs +170 -170
  42. package/.aiox-core/product/templates/tmpl-comment-on-examples.sql +158 -158
  43. package/.aiox-core/product/templates/tmpl-migration-script.sql +91 -91
  44. package/.aiox-core/product/templates/tmpl-rls-granular-policies.sql +104 -104
  45. package/.aiox-core/product/templates/tmpl-rls-kiss-policy.sql +10 -10
  46. package/.aiox-core/product/templates/tmpl-rls-roles.sql +135 -135
  47. package/.aiox-core/product/templates/tmpl-rls-simple.sql +77 -77
  48. package/.aiox-core/product/templates/tmpl-rls-tenant.sql +152 -152
  49. package/.aiox-core/product/templates/tmpl-rollback-script.sql +77 -77
  50. package/.aiox-core/product/templates/tmpl-seed-data.sql +140 -140
  51. package/.aiox-core/product/templates/tmpl-smoke-test.sql +16 -16
  52. package/.aiox-core/product/templates/tmpl-staging-copy-merge.sql +139 -139
  53. package/.aiox-core/product/templates/tmpl-stored-proc.sql +140 -140
  54. package/.aiox-core/product/templates/tmpl-trigger.sql +152 -152
  55. package/.aiox-core/product/templates/tmpl-view-materialized.sql +133 -133
  56. package/.aiox-core/product/templates/tmpl-view.sql +177 -177
  57. package/.aiox-core/scripts/pm.sh +0 -0
  58. package/.claude/hooks/code-intel-pretool.cjs +107 -0
  59. package/.claude/hooks/enforce-architecture-first.py +196 -196
  60. package/.claude/hooks/mind-clone-governance.py +192 -192
  61. package/.claude/hooks/read-protection.py +151 -151
  62. package/.claude/hooks/slug-validation.py +176 -176
  63. package/.claude/hooks/sql-governance.py +182 -182
  64. package/.claude/hooks/write-path-validation.py +194 -194
  65. package/LICENSE +33 -33
  66. package/bin/aiox-graph.js +0 -0
  67. package/bin/aiox-minimal.js +0 -0
  68. package/bin/aiox.js +0 -0
  69. package/docs/guides/aios-workflows/README.md +247 -0
  70. package/docs/guides/aios-workflows/bob-orchestrator-workflow.md +1536 -0
  71. package/package.json +1 -1
  72. package/packages/aiox-install/bin/aiox-install.js +0 -0
  73. package/packages/aiox-install/bin/edmcp.js +0 -0
  74. package/packages/aiox-pro-cli/bin/aiox-pro.js +0 -0
  75. package/packages/installer/src/wizard/pro-setup.js +210 -123
  76. package/pro/README.md +66 -0
  77. package/pro/license/degradation.js +220 -0
  78. package/pro/license/errors.js +450 -0
  79. package/pro/license/feature-gate.js +354 -0
  80. package/pro/license/index.js +181 -0
  81. package/pro/license/license-api.js +679 -0
  82. package/pro/license/license-cache.js +523 -0
  83. package/pro/license/license-crypto.js +303 -0
  84. package/scripts/check-markdown-links.py +352 -352
  85. package/scripts/dashboard-parallel-dev.sh +0 -0
  86. package/scripts/dashboard-parallel-phase3.sh +0 -0
  87. package/scripts/dashboard-parallel-phase4.sh +0 -0
  88. package/scripts/glue/README.md +355 -0
  89. package/scripts/glue/compose-agent-prompt.cjs +362 -0
  90. package/scripts/install-monitor-hooks.sh +0 -0
  91. package/.aiox-core/lib/build.json +0 -1
package/.claude/hooks/sql-governance.py CHANGED
@@ -1,182 +1,182 @@
1
- #!/usr/bin/env python3
2
- """
3
- Hook: SQL Governance
4
-
5
- REGRA: Comandos SQL que criam/alteram/deletam objetos de banco DEVEM ser aprovados.
6
-
7
- Este hook intercepta comandos Bash que contêm SQL perigoso e bloqueia
8
- operações não autorizadas em banco de dados.
9
-
10
- Exit Codes:
11
- - 0: Permitido
12
- - 2: Bloqueado (SQL perigoso detectado)
13
- """
14
-
15
- import json
16
- import sys
17
- import os
18
- import re
19
-
20
- # =============================================================================
21
- # CONFIGURAÇÃO: Patterns SQL que requerem aprovação
22
- # =============================================================================
23
-
24
- DANGEROUS_PATTERNS = [
25
- # DDL - Criação
26
- (r"\bCREATE\s+TABLE\b", "CREATE TABLE"),
27
- (r"\bCREATE\s+VIEW\b", "CREATE VIEW"),
28
- (r"\bCREATE\s+MATERIALIZED\s+VIEW\b", "CREATE MATERIALIZED VIEW"),
29
- (r"\bCREATE\s+FUNCTION\b", "CREATE FUNCTION"),
30
- (r"\bCREATE\s+TRIGGER\b", "CREATE TRIGGER"),
31
- (r"\bCREATE\s+INDEX\b", "CREATE INDEX"),
32
- (r"\bCREATE\s+TYPE\b", "CREATE TYPE"),
33
- (r"\bCREATE\s+SCHEMA\b", "CREATE SCHEMA"),
34
- (r"\bCREATE\s+EXTENSION\b", "CREATE EXTENSION"),
35
- (r"\bCREATE\s+POLICY\b", "CREATE POLICY"),
36
-
37
- # DDL - Alteração
38
- (r"\bALTER\s+TABLE\b", "ALTER TABLE"),
39
- (r"\bALTER\s+VIEW\b", "ALTER VIEW"),
40
- (r"\bALTER\s+FUNCTION\b", "ALTER FUNCTION"),
41
-
42
- # DDL - Deleção
43
- (r"\bDROP\s+TABLE\b", "DROP TABLE"),
44
- (r"\bDROP\s+VIEW\b", "DROP VIEW"),
45
- (r"\bDROP\s+FUNCTION\b", "DROP FUNCTION"),
46
- (r"\bDROP\s+TRIGGER\b", "DROP TRIGGER"),
47
- (r"\bDROP\s+INDEX\b", "DROP INDEX"),
48
- (r"\bDROP\s+SCHEMA\b", "DROP SCHEMA"),
49
- (r"\bDROP\s+POLICY\b", "DROP POLICY"),
50
-
51
- # DML Perigoso
52
- (r"\bTRUNCATE\b", "TRUNCATE"),
53
- (r"\bDELETE\s+FROM\b(?!.*\bWHERE\b)", "DELETE without WHERE"),
54
-
55
- # Backup proibido (criar tabela como cópia)
56
- (r"\bCREATE\s+TABLE\b.*\bAS\s+SELECT\b", "CREATE TABLE AS SELECT (backup proibido)"),
57
-
58
- # Storage
59
- (r"\bINSERT\s+INTO\s+storage\.buckets\b", "INSERT INTO storage.buckets"),
60
- ]
61
-
62
- # Patterns que indicam contexto seguro (não bloquear)
63
- SAFE_CONTEXTS = [
64
- r"--.*$", # Comentário SQL
65
- r"SELECT\s+.*\bFROM\b", # Query de leitura
66
- r"information_schema", # Query de metadata
67
- r"pg_catalog", # Query de sistema
68
- r"\bEXPLAIN\b", # Explain plan
69
- ]
70
-
71
- # Comandos que são sempre permitidos
72
- ALLOWED_COMMANDS = [
73
- "supabase migration", # CLI de migration
74
- "supabase db push", # Push de migrations
75
- "supabase db pull", # Pull de schema
76
- "pg_dump", # Backup (exportar)
77
- "psql.*-f.*migrations", # Aplicar migration file
78
- ]
79
-
80
- # =============================================================================
81
- # LÓGICA DO HOOK
82
- # =============================================================================
83
-
84
- def extract_sql_from_command(command: str) -> str:
85
- """Extrai possível SQL de um comando bash."""
86
- # Remover aspas externas se houver
87
- sql = command
88
-
89
- # Detectar SQL inline em psql -c
90
- psql_match = re.search(r'psql.*-c\s+["\'](.+?)["\']', command, re.DOTALL)
91
- if psql_match:
92
- sql = psql_match.group(1)
93
-
94
- # Detectar heredoc
95
- heredoc_match = re.search(r'<<["\']?(\w+)["\']?\s*\n(.+?)\n\1', command, re.DOTALL)
96
- if heredoc_match:
97
- sql = heredoc_match.group(2)
98
-
99
- return sql.upper()
100
-
101
- def is_safe_context(command: str) -> bool:
102
- """Verifica se o comando está em contexto seguro."""
103
- command_lower = command.lower()
104
-
105
- for allowed in ALLOWED_COMMANDS:
106
- if re.search(allowed, command_lower):
107
- return True
108
-
109
- return False
110
-
111
- def detect_dangerous_sql(command: str) -> list[tuple[str, str]]:
112
- """Detecta patterns SQL perigosos no comando."""
113
- sql = extract_sql_from_command(command)
114
- detected = []
115
-
116
- for pattern, description in DANGEROUS_PATTERNS:
117
- if re.search(pattern, sql, re.IGNORECASE):
118
- detected.append((pattern, description))
119
-
120
- return detected
121
-
122
- def main():
123
- # Ler input do stdin
124
- try:
125
- input_data = json.load(sys.stdin)
126
- except json.JSONDecodeError:
127
- # Se não conseguir parsear, permitir (fail-open)
128
- sys.exit(0)
129
-
130
- tool_name = input_data.get("tool_name", "")
131
- tool_input = input_data.get("tool_input", {})
132
-
133
- # Só processar Bash
134
- if tool_name != "Bash":
135
- sys.exit(0)
136
-
137
- command = tool_input.get("command", "")
138
- if not command:
139
- sys.exit(0)
140
-
141
- # Verificar se é contexto seguro
142
- if is_safe_context(command):
143
- sys.exit(0)
144
-
145
- # Detectar SQL perigoso
146
- dangerous = detect_dangerous_sql(command)
147
-
148
- if not dangerous:
149
- sys.exit(0)
150
-
151
- # BLOQUEAR: SQL perigoso detectado
152
- detected_list = "\n".join([f"║ • {desc:<64} ║" for _, desc in dangerous[:5]])
153
-
154
- error_message = f"""
155
- ╔══════════════════════════════════════════════════════════════════════════════╗
156
- ║ 🛑 SQL GOVERNANCE: Operação de banco requer aprovação ║
157
- ╠══════════════════════════════════════════════════════════════════════════════╣
158
- ║ ║
159
- ║ Operações detectadas: ║
160
- {detected_list}
161
- ║ ║
162
- ║ REGRA: Comandos que criam/alteram/deletam objetos de banco DEVEM: ║
163
- ║ ║
164
- ║ 1. Ser propostos ao usuário ANTES de executar ║
165
- ║ 2. Incluir justificativa e análise de impacto ║
166
- ║ 3. Aguardar aprovação explícita ║
167
- ║ ║
168
- ║ EXCEÇÕES PERMITIDAS: ║
169
- ║ • supabase migration (CLI oficial) ║
170
- ║ • pg_dump (backup/export) ║
171
- ║ • Aplicar migrations existentes em supabase/migrations/ ║
172
- ║ ║
173
- ║ AÇÃO: Proponha as mudanças ao usuário e aguarde aprovação. ║
174
- ║ Use o formato: Schema/SQL + Justificativa + Impacto ║
175
- ║ ║
176
- ╚══════════════════════════════════════════════════════════════════════════════╝
177
- """
178
- print(error_message, file=sys.stderr)
179
- sys.exit(2)
180
-
181
- if __name__ == "__main__":
182
- main()
1
+ #!/usr/bin/env python3
2
+ """
3
+ Hook: SQL Governance
4
+
5
+ REGRA: Comandos SQL que criam/alteram/deletam objetos de banco DEVEM ser aprovados.
6
+
7
+ Este hook intercepta comandos Bash que contêm SQL perigoso e bloqueia
8
+ operações não autorizadas em banco de dados.
9
+
10
+ Exit Codes:
11
+ - 0: Permitido
12
+ - 2: Bloqueado (SQL perigoso detectado)
13
+ """
14
+
15
+ import json
16
+ import sys
17
+ import os
18
+ import re
19
+
20
+ # =============================================================================
21
+ # CONFIGURAÇÃO: Patterns SQL que requerem aprovação
22
+ # =============================================================================
23
+
24
+ DANGEROUS_PATTERNS = [
25
+ # DDL - Criação
26
+ (r"\bCREATE\s+TABLE\b", "CREATE TABLE"),
27
+ (r"\bCREATE\s+VIEW\b", "CREATE VIEW"),
28
+ (r"\bCREATE\s+MATERIALIZED\s+VIEW\b", "CREATE MATERIALIZED VIEW"),
29
+ (r"\bCREATE\s+FUNCTION\b", "CREATE FUNCTION"),
30
+ (r"\bCREATE\s+TRIGGER\b", "CREATE TRIGGER"),
31
+ (r"\bCREATE\s+INDEX\b", "CREATE INDEX"),
32
+ (r"\bCREATE\s+TYPE\b", "CREATE TYPE"),
33
+ (r"\bCREATE\s+SCHEMA\b", "CREATE SCHEMA"),
34
+ (r"\bCREATE\s+EXTENSION\b", "CREATE EXTENSION"),
35
+ (r"\bCREATE\s+POLICY\b", "CREATE POLICY"),
36
+
37
+ # DDL - Alteração
38
+ (r"\bALTER\s+TABLE\b", "ALTER TABLE"),
39
+ (r"\bALTER\s+VIEW\b", "ALTER VIEW"),
40
+ (r"\bALTER\s+FUNCTION\b", "ALTER FUNCTION"),
41
+
42
+ # DDL - Deleção
43
+ (r"\bDROP\s+TABLE\b", "DROP TABLE"),
44
+ (r"\bDROP\s+VIEW\b", "DROP VIEW"),
45
+ (r"\bDROP\s+FUNCTION\b", "DROP FUNCTION"),
46
+ (r"\bDROP\s+TRIGGER\b", "DROP TRIGGER"),
47
+ (r"\bDROP\s+INDEX\b", "DROP INDEX"),
48
+ (r"\bDROP\s+SCHEMA\b", "DROP SCHEMA"),
49
+ (r"\bDROP\s+POLICY\b", "DROP POLICY"),
50
+
51
+ # DML Perigoso
52
+ (r"\bTRUNCATE\b", "TRUNCATE"),
53
+ (r"\bDELETE\s+FROM\b(?!.*\bWHERE\b)", "DELETE without WHERE"),
54
+
55
+ # Backup proibido (criar tabela como cópia)
56
+ (r"\bCREATE\s+TABLE\b.*\bAS\s+SELECT\b", "CREATE TABLE AS SELECT (backup proibido)"),
57
+
58
+ # Storage
59
+ (r"\bINSERT\s+INTO\s+storage\.buckets\b", "INSERT INTO storage.buckets"),
60
+ ]
61
+
62
+ # Patterns que indicam contexto seguro (não bloquear)
63
+ SAFE_CONTEXTS = [
64
+ r"--.*$", # Comentário SQL
65
+ r"SELECT\s+.*\bFROM\b", # Query de leitura
66
+ r"information_schema", # Query de metadata
67
+ r"pg_catalog", # Query de sistema
68
+ r"\bEXPLAIN\b", # Explain plan
69
+ ]
70
+
71
+ # Comandos que são sempre permitidos
72
+ ALLOWED_COMMANDS = [
73
+ "supabase migration", # CLI de migration
74
+ "supabase db push", # Push de migrations
75
+ "supabase db pull", # Pull de schema
76
+ "pg_dump", # Backup (exportar)
77
+ "psql.*-f.*migrations", # Aplicar migration file
78
+ ]
79
+
80
+ # =============================================================================
81
+ # LÓGICA DO HOOK
82
+ # =============================================================================
83
+
84
+ def extract_sql_from_command(command: str) -> str:
85
+ """Extrai possível SQL de um comando bash."""
86
+ # Remover aspas externas se houver
87
+ sql = command
88
+
89
+ # Detectar SQL inline em psql -c
90
+ psql_match = re.search(r'psql.*-c\s+["\'](.+?)["\']', command, re.DOTALL)
91
+ if psql_match:
92
+ sql = psql_match.group(1)
93
+
94
+ # Detectar heredoc
95
+ heredoc_match = re.search(r'<<["\']?(\w+)["\']?\s*\n(.+?)\n\1', command, re.DOTALL)
96
+ if heredoc_match:
97
+ sql = heredoc_match.group(2)
98
+
99
+ return sql.upper()
100
+
101
+ def is_safe_context(command: str) -> bool:
102
+ """Verifica se o comando está em contexto seguro."""
103
+ command_lower = command.lower()
104
+
105
+ for allowed in ALLOWED_COMMANDS:
106
+ if re.search(allowed, command_lower):
107
+ return True
108
+
109
+ return False
110
+
111
+ def detect_dangerous_sql(command: str) -> list[tuple[str, str]]:
112
+ """Detecta patterns SQL perigosos no comando."""
113
+ sql = extract_sql_from_command(command)
114
+ detected = []
115
+
116
+ for pattern, description in DANGEROUS_PATTERNS:
117
+ if re.search(pattern, sql, re.IGNORECASE):
118
+ detected.append((pattern, description))
119
+
120
+ return detected
121
+
122
+ def main():
123
+ # Ler input do stdin
124
+ try:
125
+ input_data = json.load(sys.stdin)
126
+ except json.JSONDecodeError:
127
+ # Se não conseguir parsear, permitir (fail-open)
128
+ sys.exit(0)
129
+
130
+ tool_name = input_data.get("tool_name", "")
131
+ tool_input = input_data.get("tool_input", {})
132
+
133
+ # Só processar Bash
134
+ if tool_name != "Bash":
135
+ sys.exit(0)
136
+
137
+ command = tool_input.get("command", "")
138
+ if not command:
139
+ sys.exit(0)
140
+
141
+ # Verificar se é contexto seguro
142
+ if is_safe_context(command):
143
+ sys.exit(0)
144
+
145
+ # Detectar SQL perigoso
146
+ dangerous = detect_dangerous_sql(command)
147
+
148
+ if not dangerous:
149
+ sys.exit(0)
150
+
151
+ # BLOQUEAR: SQL perigoso detectado
152
+ detected_list = "\n".join([f"║ • {desc:<64} ║" for _, desc in dangerous[:5]])
153
+
154
+ error_message = f"""
155
+ ╔══════════════════════════════════════════════════════════════════════════════╗
156
+ ║ 🛑 SQL GOVERNANCE: Operação de banco requer aprovação ║
157
+ ╠══════════════════════════════════════════════════════════════════════════════╣
158
+ ║ ║
159
+ ║ Operações detectadas: ║
160
+ {detected_list}
161
+ ║ ║
162
+ ║ REGRA: Comandos que criam/alteram/deletam objetos de banco DEVEM: ║
163
+ ║ ║
164
+ ║ 1. Ser propostos ao usuário ANTES de executar ║
165
+ ║ 2. Incluir justificativa e análise de impacto ║
166
+ ║ 3. Aguardar aprovação explícita ║
167
+ ║ ║
168
+ ║ EXCEÇÕES PERMITIDAS: ║
169
+ ║ • supabase migration (CLI oficial) ║
170
+ ║ • pg_dump (backup/export) ║
171
+ ║ • Aplicar migrations existentes em supabase/migrations/ ║
172
+ ║ ║
173
+ ║ AÇÃO: Proponha as mudanças ao usuário e aguarde aprovação. ║
174
+ ║ Use o formato: Schema/SQL + Justificativa + Impacto ║
175
+ ║ ║
176
+ ╚══════════════════════════════════════════════════════════════════════════════╝
177
+ """
178
+ print(error_message, file=sys.stderr)
179
+ sys.exit(2)
180
+
181
+ if __name__ == "__main__":
182
+ main()