anymorph 0.5.0 → 0.7.0

package/README.md

@@ -30,7 +30,9 @@ anymorph workspaces
 anymorph init
 anymorph prepare ws_abc123
 anymorph validate 20260517T074200Z
-anymorph submit 20260517T074200Z
+git add agent/runs content
+git commit -m "chore(geo): publish run 20260517T074200Z"
+git push
 ```
 
 ## Commands
@@ -187,21 +189,9 @@ anymorph validate 20260517T074200Z
 ```
 
 Validation does not update the backend. Backend sync happens from the tenant
-submission command after local artifacts pass validation.
-
-### `anymorph submit <runId>`
-
-Submit validated local GEO run artifacts to Anymorph.
-
-```bash
-anymorph submit 20260517T074200Z
-anymorph submit 20260517T074200Z --json
-```
-
-The CLI reads `agent/runs/{runId}/manifest.json`, submits the manifest-declared
-artifact paths, and includes the current git commit SHA when available. Use
-`--workspace <workspaceId>` only when the workspace cannot be inferred from the
-run package.
+repo GitHub webhook after `agent/runs/{runId}/actions.json` is pushed to
+`main`. Any generated `content/*.mdx` files are materialized as CMS pages from
+the same webhook path.
 
 ## How It Works
 

package/dist/index.js

@@ -12216,6 +12216,88 @@ var require_src = __commonJS({
     var cmsFrontmatter = require_cms_frontmatter();
     var cmsThemeTokens = require_cms_theme_tokens();
     var HOSTNAME_LABEL_RE = /^[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?$/i;
+    var CMS_MDX_COMPONENT_CONTRACTS2 = Object.freeze({
+      Callout: Object.freeze({
+        props: Object.freeze({
+          tone: Object.freeze({
+            allowedValues: Object.freeze(["info", "success", "definition"]),
+            defaultValue: "info"
+          })
+        })
+      }),
+      CTA: Object.freeze({
+        requiredProps: Object.freeze(["title", "description"]),
+        reason: "CTA renders title + description side-by-side with the button; missing description leaves the column empty."
+      })
+    });
+    function validateCmsMdxComponentContracts2(mdx) {
+      const issues = [];
+      checkRequiredComponentProps(mdx, issues);
+      checkEnumComponentProps(mdx, issues);
+      return issues;
+    }
+    function checkRequiredComponentProps(mdx, issues) {
+      for (const [component, contract] of Object.entries(CMS_MDX_COMPONENT_CONTRACTS2)) {
+        if (!Array.isArray(contract.requiredProps) || contract.requiredProps.length === 0) continue;
+        for (const attrs of findComponentAttrs(mdx, component)) {
+          for (const prop of contract.requiredProps) {
+            if (!new RegExp(`\\b${escapeRegExp(prop)}\\s*=`).test(attrs)) {
+              const trailer = contract.reason ? ` ${contract.reason}` : "";
+              issues.push({
+                code: "missing_required_prop",
+                component,
+                prop,
+                message: `<${component}> is missing required prop "${prop}".${trailer}`
+              });
+            }
+          }
+        }
+      }
+    }
+    function checkEnumComponentProps(mdx, issues) {
+      for (const [component, contract] of Object.entries(CMS_MDX_COMPONENT_CONTRACTS2)) {
+        if (!contract.props) continue;
+        for (const attrs of findComponentAttrs(mdx, component)) {
+          for (const [prop, propContract] of Object.entries(contract.props)) {
+            if (!Array.isArray(propContract.allowedValues)) continue;
+            const value = readStaticJsxStringProp(attrs, prop);
+            if (value === null) continue;
+            if (!propContract.allowedValues.includes(value)) {
+              issues.push({
+                code: "invalid_prop_value",
+                component,
+                prop,
+                value,
+                allowedValues: propContract.allowedValues,
+                message: `<${component}> prop "${prop}" must be one of ${propContract.allowedValues.map((v) => `"${v}"`).join(", ")}; received "${value}".`
+              });
+            }
+          }
+        }
+      }
+    }
+    function findComponentAttrs(mdx, component) {
+      const tagPattern = new RegExp(`<${escapeRegExp(component)}\\b([^>]*?)\\s*/?>`, "gs");
+      const attrs = [];
+      let match = tagPattern.exec(mdx);
+      while (match !== null) {
+        attrs.push(match[1] ?? "");
+        match = tagPattern.exec(mdx);
+      }
+      return attrs;
+    }
+    function readStaticJsxStringProp(attrs, prop) {
+      const propPattern = new RegExp(
+        `\\b${escapeRegExp(prop)}\\s*=\\s*(?:"([^"]*)"|'([^']*)'|\\{\\s*["']([^"']*)["']\\s*\\})`,
+        "s"
+      );
+      const match = propPattern.exec(attrs);
+      if (!match) return null;
+      return match[1] ?? match[2] ?? match[3] ?? null;
+    }
+    function escapeRegExp(value) {
+      return value.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+    }
     function normalizePromptGenDomain2(value) {
       const domain = value.trim().toLowerCase();
       if (domain.length === 0 || domain.length > 253 || domain.includes("/") || domain.includes("\\") || domain.includes("?") || domain.includes("#") || domain.includes(":") || domain.includes("@") || domain.startsWith(".") || domain.endsWith(".") || domain.includes("..")) {
@@ -12254,6 +12336,7 @@ var require_src = __commonJS({
       generationMode: z.enum(["full", "lite"]).optional(),
       tierMix: PromptGenTierMixSchema.optional(),
       realizationMode: z.enum(["auto", "llm", "deterministic"]).optional(),
+      brandProfile: z.record(z.string(), z.unknown()).optional(),
       additionalContext: z.string().trim().min(1).max(2e4).optional(),
       userRequest: z.string().trim().min(1).max(2e4).optional(),
       async: z.boolean().optional(),
@@ -13342,7 +13425,9 @@ var require_src = __commonJS({
       CMS_THEME_CONTRACT_TOKEN_KEYS: cmsThemeTokens.CMS_THEME_CONTRACT_TOKEN_KEYS,
       CMS_THEME_STATUS_DEFAULTS: cmsThemeTokens.CMS_THEME_STATUS_DEFAULTS,
       normalizeCmsThemeTokens: cmsThemeTokens.normalizeCmsThemeTokens,
-      validateCmsThemeTokens: cmsThemeTokens.validateCmsThemeTokens
+      validateCmsThemeTokens: cmsThemeTokens.validateCmsThemeTokens,
+      CMS_MDX_COMPONENT_CONTRACTS: CMS_MDX_COMPONENT_CONTRACTS2,
+      validateCmsMdxComponentContracts: validateCmsMdxComponentContracts2
     };
   }
 });
@@ -13797,14 +13882,14 @@ var baseOpen = async (options) => {
   }
   const subprocess = childProcess.spawn(command, cliArguments, childProcessOptions);
   if (options.wait) {
-    return new Promise((resolve3, reject) => {
+    return new Promise((resolve4, reject) => {
       subprocess.once("error", reject);
       subprocess.once("close", (exitCode) => {
         if (!options.allowNonzeroExitCode && exitCode > 0) {
           reject(new Error(`Exited with code ${exitCode}`));
           return;
         }
-        resolve3(subprocess);
+        resolve4(subprocess);
       });
     });
   }
@@ -15418,7 +15503,7 @@ async function loginCommand() {
   process.exit(1);
 }
 function sleep(ms) {
-  return new Promise((resolve3) => setTimeout(resolve3, ms));
+  return new Promise((resolve4) => setTimeout(resolve4, ms));
 }
 
 // src/lib/display.ts
@@ -15548,7 +15633,7 @@ async function checkCommand(domain, opts) {
   process.exit(1);
 }
 function sleep2(ms) {
-  return new Promise((resolve3) => setTimeout(resolve3, ms));
+  return new Promise((resolve4) => setTimeout(resolve4, ms));
 }
 
 // src/commands/status.ts
@@ -15674,6 +15759,8 @@ var CMS_THEME_CONTRACT_TOKEN_KEYS = import_index2.default.CMS_THEME_CONTRACT_TOK
 var CMS_THEME_STATUS_DEFAULTS = import_index2.default.CMS_THEME_STATUS_DEFAULTS;
 var normalizeCmsThemeTokens = import_index2.default.normalizeCmsThemeTokens;
 var validateCmsThemeTokens = import_index2.default.validateCmsThemeTokens;
+var CMS_MDX_COMPONENT_CONTRACTS = import_index2.default.CMS_MDX_COMPONENT_CONTRACTS;
+var validateCmsMdxComponentContracts = import_index2.default.validateCmsMdxComponentContracts;
 var reasonTagSchema = import_index2.default.reasonTagSchema;
 var reasonClassSchema = import_index2.default.reasonClassSchema;
 var REASON_TAG_CLASS = import_index2.default.REASON_TAG_CLASS;
@@ -15683,8 +15770,8 @@ var priorDecisionSchema = import_index2.default.priorDecisionSchema;
 var geoStrategyDecisionInputSchema = import_index2.default.geoStrategyDecisionInputSchema;
 
 // src/commands/geo.ts
-import { readFile as readFile3 } from "node:fs/promises";
-import { join as join6 } from "node:path";
+import { readFile as readFile3, readdir as readdir3, stat as stat4 } from "node:fs/promises";
+import { join as join6, relative as relative2, resolve as resolve3 } from "node:path";
 
 // src/geo/package-writer.ts
 import { mkdir, writeFile } from "node:fs/promises";
@@ -16377,15 +16464,6 @@ async function validateGeoRunArtifacts(input) {
     runDir
   };
 }
-function normalizeSubmitArtifactPaths(runId, paths) {
-  const required = [
-    `agent/runs/${runId}/actions.json`,
-    `agent/runs/${runId}/rationale.md`,
-    `agent/runs/${runId}/status.json`
-  ];
-  const clean = Array.isArray(paths) ? paths.filter((path2) => hasText(path2)) : [];
-  return Array.from(/* @__PURE__ */ new Set([...clean, ...required]));
-}
 function validateManifest(value, runId, errors) {
   if (value.schemaVersion !== 1) errors.push("manifest.json schemaVersion must be 1");
   if (value.runId !== runId) errors.push(`manifest.json runId must match ${runId}`);
@@ -16731,30 +16809,47 @@ Run from the tenant repo root. Writes agent/runs/{runId}/ with manifest,
 context, policy, intents, product catalog, crawl logs, and status files.`
     ).action(geoPrepareCommand)
   );
-  commands.push(
-    new Command("validate").argument("<runId>").description("Validate local GEO strategy run artifacts before pushing").option("--json", "Output as JSON").addHelpText(
-      "after",
-      `
+  const validateCommand = new Command("validate").argument("[runId]").description("Validate local GEO strategy artifacts or CMS MDX").option("--json", "Output as JSON").addHelpText(
+    "after",
+    `
 Examples:
   $ anymorph validate 20260517T074200Z
+  $ anymorph validate run 20260517T074200Z
+  $ anymorph validate actions 20260517T074200Z
+  $ anymorph validate mdx content/guide/page.mdx
+  $ anymorph validate mdx "content/**/*.mdx"
   $ anymorph validate 20260517T074200Z --json
 
 Checks required run files, the shared actions.json contract, policy hash,
-per-asset target rules, and commerce targetProductIds.`
-    ).action(geoValidateCommand)
+per-asset target rules, commerce targetProductIds, or CMS MDX component contracts.`
+  ).action(async (runId, opts) => {
+    if (!runId) {
+      console.error(source_default.red("Missing runId. Use anymorph validate <runId> or anymorph validate mdx <file>."));
+      process.exit(1);
+    }
+    await geoValidateCommand(runId, opts);
+  });
+  validateCommand.addCommand(
+    new Command("run").argument("<runId>").description("Validate a local GEO run package").option("--json", "Output as JSON").action(geoValidateCommand)
   );
-  commands.push(
-    new Command("submit").argument("<runId>").description("Submit validated local GEO strategy artifacts to Anymorph").option("--workspace <workspaceId>", "Override workspace id for this submission").option("--json", "Output as JSON").addHelpText(
+  validateCommand.addCommand(
+    new Command("actions").argument("<runId>").description("Validate actions.json and related local GEO run artifacts").option("--json", "Output as JSON").action(geoValidateCommand)
+  );
+  validateCommand.addCommand(
+    new Command("mdx").argument("<paths...>").description("Validate CMS MDX component contracts").option("--json", "Output as JSON").addHelpText(
       "after",
       `
 Examples:
-  $ anymorph submit 20260517T074200Z
-  $ anymorph submit 20260517T074200Z --workspace ws_abc123
-
-Submit after committing and pushing tenant repo artifacts. Backend reads the
-pushed actions.json from the tenant repo and materializes the run.`
-    ).action(geoSubmitCommand)
+  $ anymorph validate mdx content/guide/page.mdx
+  $ anymorph validate mdx "content/**/*.mdx"
+  $ anymorph validate mdx content --json`
+    ).action(
+      (paths, opts, command) => geoValidateMdxCommand(paths, {
+        json: opts.json || Boolean(command.parent?.opts().json)
+      })
+    )
   );
+  commands.push(validateCommand);
   commands.push(
     new Command("intents").argument("<runId>").description("Show the pre-fetched intents for a local GEO strategy run").option("--json", "Output as JSON").addHelpText(
       "after",
@@ -16881,7 +16976,9 @@ async function geoPrepareCommand(workspaceId, opts) {
   console.log(source_default.bold("  Next:"));
   console.log(source_default.dim("    codex"));
   console.log(source_default.dim(`    anymorph validate ${pkg.runId}`));
-  console.log(source_default.dim(`    anymorph submit ${pkg.runId}`));
+  console.log(source_default.dim("    git add agent/runs content"));
+  console.log(source_default.dim(`    git commit -m "chore(geo): publish run ${pkg.runId}"`));
+  console.log(source_default.dim("    git push"));
   console.log();
 }
 async function geoValidateCommand(runId, opts) {
@@ -16908,80 +17005,96 @@ async function geoValidateCommand(runId, opts) {
   console.error();
   process.exit(1);
 }
-async function geoSubmitCommand(runId, opts) {
+async function geoValidateMdxCommand(paths, opts) {
+  const json = opts.json || paths.includes("--json");
+  const cleanPaths = paths.filter((path2) => path2 !== "--json");
   const repoPath = await resolveCurrentRepoRoot();
-  const validation = await validateGeoRunArtifacts({ repoPath, runId });
-  if (!validation.ok) {
-    if (opts.json) {
-      console.log(JSON.stringify({ ...validation, repoPath }, null, 2));
-      process.exit(1);
-    }
-    console.error(source_default.red(`
-  GEO run ${runId} is not valid
+  const files = await resolveMdxInputFiles(repoPath, cleanPaths);
+  const results = await Promise.all(
+    files.map(async (file) => {
+      const mdx = await readFile3(file, "utf8");
+      const issues = validateCmsMdxComponentContracts(mdx);
+      return {
+        file: relative2(repoPath, file),
+        ok: issues.length === 0,
+        issues
+      };
+    })
+  );
+  const ok = results.every((result) => result.ok);
+  if (json) {
+    console.log(JSON.stringify({ ok, repoPath, files: results }, null, 2));
+    process.exit(ok ? 0 : 1);
+  }
+  if (ok) {
+    console.log(source_default.green(`
+  ${results.length} CMS MDX file${results.length === 1 ? "" : "s"} valid.
 `));
-    for (const error of validation.errors) console.error(`  - ${error}`);
-    console.error();
-    process.exit(1);
+    return;
   }
-  const runDir = join6(repoPath, "agent", "runs", runId);
-  const [context, manifest] = await Promise.all([
-    readJsonRecord(join6(runDir, "context.json")),
-    readJsonRecord(join6(runDir, "manifest.json"))
-  ]);
-  const workspace = opts.workspace ?? stringValue(context.workspaceId) ?? stringValue(manifest.workspaceId) ?? stringValue(context.workspaceDomain) ?? stringValue(manifest.workspaceDomain);
-  if (!workspace) {
-    console.error(source_default.red("Could not infer workspace. Pass --workspace <workspaceId>."));
-    process.exit(1);
+  console.error(source_default.red("\n  MDX validation failed\n"));
+  for (const result of results.filter((item) => !item.ok)) {
+    console.error(`  ${source_default.bold(result.file)}`);
+    for (const issue of result.issues) console.error(`  - ${issue.message}`);
   }
-  const git = await gitInfo(repoPath);
-  const artifactPaths = normalizeSubmitArtifactPaths(
-    runId,
-    manifest.allowedArtifactPaths
-  );
-  const body = parseCliRequest(
-    CliGeoSubmitRequestSchema,
-    {
-      workspace,
-      commitSha: git.headSha,
-      artifactPaths,
-      mode: context.mode ?? manifest.mode,
-      signalsSnapshot: {
-        runId,
-        source: "local-skillpack",
-        mode: context.mode ?? manifest.mode ?? null,
-        signals: context.signals ?? null
-      },
-      systemContext: context.systemContext ?? null
-    },
-    "Invalid GEO submit request"
-  );
-  const res = await apiRequest(
-    "POST",
-    `/api/cli/geo-strategy/runs/${encodeURIComponent(runId)}/submit`,
-    body
-  );
-  if (!res.ok) {
-    await printApiFailure(res, "Couldn't submit GEO strategy run", {
-      method: "POST",
-      path: `/api/cli/geo-strategy/runs/${encodeURIComponent(runId)}/submit`
-    });
-    process.exit(1);
+  console.error();
+  process.exit(1);
+}
+async function resolveMdxInputFiles(repoPath, inputs) {
+  const files = /* @__PURE__ */ new Set();
+  for (const input of inputs) {
+    const matches = await expandMdxInput(repoPath, input);
+    for (const file of matches) files.add(file);
   }
-  const payload = parseCliResponse(
-    CliGeoSubmitResponseSchema,
-    await res.json(),
-    "Invalid GEO submit response from backend"
-  );
-  if (opts.json) {
-    console.log(JSON.stringify({ ...payload, repoPath }, null, 2));
-    return;
+  if (files.size === 0) {
+    throw new Error("No MDX files matched.");
   }
-  console.log();
-  console.log(source_default.green.bold(`  Submitted GEO run ${runId}`));
-  console.log(`  ${source_default.bold("Workspace:")} ${workspace}`);
-  console.log(`  ${source_default.bold("Status:")}    ${payload.status}`);
-  if (payload.commitSha) console.log(`  ${source_default.bold("Commit:")}    ${payload.commitSha}`);
-  console.log();
+  return [...files].sort();
+}
+async function expandMdxInput(repoPath, input) {
+  if (input.includes("*")) return expandSimpleMdxGlob(repoPath, input);
+  const absolute = resolve3(repoPath, input);
+  const info = await stat4(absolute);
+  if (info.isDirectory()) return walkMdxFiles(absolute);
+  if (info.isFile() && absolute.endsWith(".mdx")) return [absolute];
+  return [];
+}
+async function expandSimpleMdxGlob(repoPath, pattern) {
+  const normalized = pattern.replaceAll("\\", "/");
+  const prefix = normalized.split("*", 1)[0].replace(/[^/]*$/, "");
+  const base = resolve3(repoPath, prefix || ".");
+  const candidates = await walkMdxFiles(base);
+  const regex2 = globToRegExp(normalized);
+  return candidates.filter((file) => regex2.test(relative2(repoPath, file).replaceAll("\\", "/")));
+}
+async function walkMdxFiles(dir) {
+  const entries = await readdir3(dir, { withFileTypes: true });
+  const files = [];
+  for (const entry of entries) {
+    const path2 = join6(dir, entry.name);
+    if (entry.isDirectory()) {
+      files.push(...await walkMdxFiles(path2));
+    } else if (entry.isFile() && entry.name.endsWith(".mdx")) {
+      files.push(path2);
+    }
+  }
+  return files;
+}
+function globToRegExp(pattern) {
+  let source = "";
+  for (let i = 0; i < pattern.length; i += 1) {
+    const char = pattern[i];
+    const next = pattern[i + 1];
+    if (char === "*" && next === "*") {
+      source += ".*";
+      i += 1;
+    } else if (char === "*") {
+      source += "[^/]*";
+    } else {
+      source += char.replace(/[.+?^${}()|[\]\\]/g, "\\$&");
+    }
+  }
+  return new RegExp(`^${source}$`);
 }
 async function geoIntentsCommand(runId, opts) {
   const repoPath = await resolveCurrentRepoRoot();
@@ -17080,14 +17193,6 @@ async function readGeoIntentList(runDir) {
     };
   }
 }
-async function readJsonRecord(path2) {
-  const raw = await readFile3(path2, "utf8");
-  const parsed = JSON.parse(raw);
-  if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
-    throw new Error(`${path2} must contain a JSON object`);
-  }
-  return parsed;
-}
 function stringValue(value) {
   return typeof value === "string" && value.length > 0 ? value : null;
 }
@@ -17148,14 +17253,14 @@ function printScaffoldError(prefix, err) {
 
 // src/index.ts
 var program2 = new Command();
-program2.name("anymorph").description("Check AI visibility and run local GEO strategy workflows").version("0.5.0");
+program2.name("anymorph").description("Check AI visibility and run local GEO strategy workflows").version("0.7.0");
 program2.command("login").description("Sign in to your Anymorph account").addHelpText(
   "after",
   `
 Examples:
   $ anymorph login
 
-Use this before authenticated commands such as workspaces, prepare, and submit.`
+Use this before authenticated commands such as workspaces and prepare.`
 ).action(loginCommand);
 program2.command("check <domain>").description("Run an AI visibility check for a domain").option("--json", "Output as JSON").addHelpText(
   "after",
@@ -17225,15 +17330,15 @@ Command usage:
     Must be run from the tenant repo root.
 
   anymorph validate <runId> [--json]
-    Validate local run files and actions.json before submit.
+    Validate local run files and actions.json before pushing.
     Must be run from the tenant repo root.
 
-  anymorph submit <runId> [--workspace <workspaceId>] [--json]
-    Submit a validated, pushed local GEO run to Anymorph.
+  anymorph validate mdx <paths...> [--json]
+    Validate CMS MDX component contracts such as Callout tone values.
     Must be run from the tenant repo root.
 
   anymorph run-status <runId> [--json]
-    Show backend status for a submitted GEO run.
+    Show backend sync status for a pushed GEO run.
 
 Use "anymorph <command> --help" for examples and option details.`
 );

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "anymorph",
-	"version": "0.5.0",
+	"version": "0.7.0",
 	"description": "Check your brand's AI visibility across ChatGPT, Perplexity, Gemini, and more",
 	"type": "module",
 	"private": false,