npm - bridgepreflight - Versions diffs - 1.0.0 → 1.0.1 - Mend

bridgepreflight 1.0.0 → 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/LICENSE ADDED Viewed

@@ -0,0 +1,7 @@
+MIT License
+Copyright (c) 2026 Godsfavour Jesse
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction...

package/README.md CHANGED Viewed

@@ -6,118 +6,242 @@
 <!------------------------------  ------------------------------------>
 BridgePreflight
-AI-native infrastructure readiness scanner for Node & TypeScript projects.
+The Deployment Risk Intelligence Platform
-BridgePreflight analyzes your repository before code merges and assigns a Preflight Readiness Score (0–100) — automatically blocking pull requests that introduce risk.
+BridgePreflight is a production-readiness scanner that analyzes your codebase before deployment and generates a structured Deployment Risk Score.
 <!------------------------------  ------------------------------------>
 <!------------------------------  ------------------------------------>
-The Problem
-Teams merge code that:
-    • Has no tests
-    • Breaks the build
-    • Lacks documentation
-    • Has weak repository hygiene
+It identifies critical infrastructure weakness such as:
+    • Broken or missing builds
+    • Unsafe environment variable usage
+    • Runtime incompatibility risks
+    • Localhost leakage
+    • Missing lockfiles or Node version enforcement
 Issues are discovered too late — during staging or production.
-BridgePreflight moves detection earlier — directly into CI.
+BridgePreflight runs locally or in CI to prevent high-risk deployments before they happen.
 <!------------------------------  ------------------------------------>
 <!------------------------------  ------------------------------------>
-What BridgePreflight Does
-BridgePreflight scans your repository and:
-    • Generates an Infrastructure Readiness Score
-    • Classifies readiness (Ready / Caution / Critical)
-    • Identifies top risk factors
-    • Automatically fails PRs if score < 70
-    • Posts a structured risk summary comment on pull requests
-It integrates directly into GitHub Actions for seamless enforcement.
-<!------------------------------  ------------------------------------>
+The Problem
+Modern teams ship fast.
+But deployments often fail because:
+    • Runtime versions are inconsistent
+    • Enviroment variables are misconfigured
+    • Builds silently pass with warnings
+    • Localhost endpoints leak into production
+    • Dependency locking is missing
+These issues are rarely caught early.
+They surface in staging - or worse - in production
+<!------------------------------  ------------------------------------>
 <!------------------------------  ------------------------------------>
-How It Works
-BridgePreflight evaluates:
-    • Test presence and structure
-    • Build configuration
-    • CI workflow setup
-    • Documentation presence
-    • Repository hygiene
-Each category contributes weighted points to the final score.
+The Solution
+Bridgepreflight introduces Deployment Risk Intelligence directly into your development workflow.
-If the score falls below the threshold:
-    • The CI pipeline fails
-    • The merge button is blocked
-    • A risk summary is posted on the PR
+instead of guessing whether a repository is safe to deploy, you get:
+    • A quantified Deployment Risk Sore
+    • Structured analyzer breakdown
+    • Severity classification (Healthy/ Low/ Medium/ High/ Critical)
+    • Clear remediation signals
+You move from reactive debugging to proactive risk prevention.
 <!------------------------------  ------------------------------------>
 <!------------------------------  ------------------------------------>
-Installation (Local Usage)
-    npm install
-    npm run build
-    node dist/cli.js scan
+What BridgePreflight Analyzes (v1.0.0)
+Current analyzers include:
+1. Build Check
+    • Verifies package.json
+    • Ensures build script exists
+    • Detects TypeScript without proper build configuration
+    • Captures build-time warnings
-For machine-readable output:
-    node dist/cli.js scan --json
+2. Environment Variables Check
+    • Detects unsafe process.env usage
+    • Flags missing configuration hygiene
+    • Identifies potential production misconfiguration risks
+3. Runtime Compatibility Check
+    • Verifies Node engine specification
+    • Detects missing .nvmrc or .node-version
+    • Ensures lockfile presence
+4. Localhost Leak Check
+    • Scans for localhost and 127.0.0.1 usage
+    • Prevents accidental production endpoint leakage
 <!------------------------------  ------------------------------------>
 <!------------------------------  ------------------------------------>
-GitHub Actions Integration
-Place this file in:
-    .github/workflows/bridgepreflight.yml
+Installation
+Global Installation (Recommended)
+    • npm install -g bridgepreflight
+Run:
+    • bridgepreflight scan
-BridgePreflight will:
-    • Run on every push to main
-    • Run on every pull request
-    • Automatically fail if readiness < 70
-    • Comment with risk breakdown
+Or without global install:
+    • npx bridgepreflight scan
 <!------------------------------  ------------------------------------>
 <!------------------------------  ------------------------------------>
 Example Output
-    {
-        "totalScore": 82,
-        "readiness": "Ready",
-        "results": [
-            { "name": "Test Check", "severity": "healthy" },
-            { "name": "Build Check", "severity": "warning" }
-        ]
-    }
+    Running BridgePreflight scan...
+    ✅ Build Check: HEALTHY (50/50)
+    ❌ Environment Variables Check: HIGH (10/30)
+    ⚠ Localhost Leak Check: LOW (16/20)
+    ❌ Runtime Compatibility Check: HIGH (6/20)
+    -----------------------------
+    Total Score: 79/120 (65.8%)
+    Readiness: High Risk
+    -----------------------------
+    Top Risk Factors:
+    • Environment Variables Check
+    • Runtime Compatibility Check
+<!------------------------------  ------------------------------------>
+<!------------------------------  ------------------------------------>
+JSON Output
+For machine-readable output:
+    bridgepreflight scan --json
+This enables CI integration and automated risk gating.
 <!------------------------------  ------------------------------------>
 <!------------------------------  ------------------------------------>
-Why BridgePreflight Matters
-BridgePreflight transforms infrastructure quality into a measurable metric.
+Scoring Model
+BridgePreflight uses a weighted scoring model.
+Each analyzer contributes to a maximum composite score (currently 120 points).
-It acts as:
-    • A DevOps gatekeeper
-    • A pre-merge risk detection layer
-    • A credibility signal for repositories
-Instead of hoping code is safe — you measure it.
+Severity is calculated proportionally:
+    • Healthy
+    • Low
+    • Medium
+    • High
+    • Critical
+The scoring model is deterministic and transparent.
+<!------------------------------  ------------------------------------>
+<!------------------------------  ------------------------------------>
+CI Integration (Coming Next Phase)
+BridgePreflight is designed to be CI-ready.
+Upcoming native integrations:
+    • Pull request gating
+    • GitHub Actions workflow templates
+    • Exit-code enforcement
+    • Team policy thresholds
 <!------------------------------  ------------------------------------>
 <!------------------------------  ------------------------------------>
 Roadmap
+BridgePreflight is evolving into a full Deployment Risk Intelligence Platform.
+Phase 1 (Current)
+    • Local CLI scanning
+    • Weighted risk scoring
+    • Deterministic analyzer engine
+Phase 2
     • Configurable scoring weights
-    • Plugin-based analyzer system
-    • Historical score tracking
-    • SaaS dashboard
-    • AI-based remediation suggestions
+    • Plugin-based analyzer architecture
+    • CI enforcement modes (--strict, --ci)
+Phase 3
+    • Historical risk tracking
+    • GitHub integration
+    • PR blocking with threshold enforcement
+Phase 4
+    • Cloud dashboard
+    • Team-level risk insights
+    • Policy enforcement
+    • Enterprise compliance modules
+<!------------------------------  ------------------------------------>
+<!------------------------------  ------------------------------------>
+Contributing
+BridgePreflight is currently in early-stage evolution.
+Contributions are welcome in the following areas:
+    • Analyzer improvements
+    • Performance optimization
+    • Additional infrastructure checks
+    • Documentation refinement
+    • CI templates
+To contribute:
+    1. Fork the repository
+    2. Create a feature branch
+    3.Submit a pull request with clear reasoning
+All contributions should preserve deterministic scoring logic and architecture stability.
+<!------------------------------  ------------------------------------>
+<!------------------------------  ------------------------------------>
+Versioning
+BridgePreflight follows semantic versioning:
+MAJOR.MINOR.PATCH
+    • MAJOR - Breaking changes
+    • MINOR - New analyzers or features
+    • PATCH - Bug fixes and improvements
+GitHub releases are tagged accordingly
+    • git tag v1.0.0
+    • git push --tags
+This aligns repository versions with npm releases.
+<!------------------------------  ------------------------------------>
 <!------------------------------  ------------------------------------>
+License
+MIT License
+Bridgepreflight is open-core infrastructure software.
+Future cloud components may be distributed under seperate licensing.
 <!------------------------------  ------------------------------------>
-📄 License
-MIT
+<!------------------------------  ------------------------------------>
+Vision
+BridgePreflight is not just a CLI tool.
+It is the foundation of a Deployment Risk Intelligence Platform — designed to help teams measure, manage, and reduce infrastructure risk before code reaches production.
+Infrastructure reliability should be measurable.
+BridgePreflight makes it measurable.
 <!------------------------------  ------------------------------------>

package/package.json CHANGED Viewed

@@ -1,9 +1,9 @@
 {
     "name": "bridgepreflight",
-    "version": "1.0.0",
-    "description": "AI-native production readiness scanner for developers",
+    "version": "1.0.1",
+    "description": "Deployment Risk Intelligence CLI for Node.js projects. Detect build, runtime, and configuration risks before production.",
     "bin": {
-        "bridgepreflight": "./dist/cli.js"
+        "bridgepreflight": "dist/cli.js"
     },
     "files": [
         "dist"
@@ -15,6 +15,11 @@
     },
     "keywords": [
         "devtools",
+        "risk",
+        "infrastructure",
+        "nodejs",
+        "preflight",
+        "runtime",
         "ci",
         "production",
         "deployment",