buildwithnexus 0.8.10 → 0.10.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -3,113 +3,119 @@
3
3
  [![npm version](https://img.shields.io/npm/v/buildwithnexus?style=flat-square&color=blue)](https://www.npmjs.com/package/buildwithnexus)
4
4
  [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg?style=flat-square)](https://opensource.org/licenses/MIT)
5
5
 
6
- Launch an autonomous AI runtime with triple-nested VM isolation in one command.
6
+ A hilariously fast, **agentic AI CLI harness** written in Rust. Remote models
7
+ via API key, or local models on your machine. It plans, edits files, and runs
8
+ commands, asking before each change. One static binary, four dependencies, no
9
+ runtime to babysit.
7
10
 
8
- ## What It Does
11
+ ```bash
12
+ npm install -g buildwithnexus
13
+ buildwithnexus
14
+ ```
9
15
 
10
- One command bootstraps a complete NEXUS instance:
16
+ The first launch walks you through choosing a model. Then describe a task.
11
17
 
12
- - **QEMU VM** running Ubuntu 24.04 (auto-installed if missing)
13
- - **Docker** inside the VM for isolated CLI sessions
14
- - **KVM** inside the VM for inner virtual machines (triple nesting)
15
- - **NEXUS server** running on port 4200 with full agent orchestration
16
- - **Cloudflare tunnel** (optional) for remote access
18
+ ## Why
17
19
 
18
- All isolation is mandatory NEXUS refuses to start unless it detects proper nesting (VM + Docker + KVM).
20
+ The original `buildwithnexus` was a TypeScript CLI talking to a Python /
21
+ LangGraph backend over HTTP. This is a ground-up rewrite that keeps the *benefits*
22
+ of that engine — planning, a ReAct tool loop, approval gates, role-specialized
23
+ agents — as plain Rust control flow, with **none** of the framework weight. No
24
+ Python, no Docker, no tunnel. The orchestration that LangGraph did at runtime is
25
+ just code here, which is where the speed comes from.
19
26
 
20
- ## Quick Start
27
+ Design bias, in order: **performance**, then **fewer lines**, then **fewer
28
+ dependencies** — never at the cost of the UX. Enums and `match` over trait
29
+ objects; flat data tables over registries; one pooled HTTP connection reused
30
+ across every step of the agent loop.
21
31
 
22
- ```bash
23
- npx buildwithnexus init
24
- ```
32
+ ## Models
25
33
 
26
- This walks you through API key setup, VM resource allocation, and boots a fully provisioned NEXUS instance in ~10-25 minutes (first run). Subsequent starts take ~30 seconds.
34
+ Two wire protocols cover everything. Pick a provider during setup (or `bwn init`):
27
35
 
28
- ## Requirements
36
+ | Provider | Kind | Key |
37
+ |----------|------|-----|
38
+ | Anthropic (Claude) | remote | `ANTHROPIC_API_KEY` |
39
+ | OpenAI | remote | `OPENAI_API_KEY` |
40
+ | OpenRouter | remote | `OPENROUTER_API_KEY` |
41
+ | Groq | remote | `GROQ_API_KEY` |
42
+ | Hugging Face | remote | `HF_TOKEN` |
43
+ | Ollama | local | — |
44
+ | llama.cpp server | local | — |
45
+ | LM Studio | local | — |
29
46
 
30
- - **Node.js** >= 18
31
- - ~4GB RAM and ~20GB disk available for the VM
32
- - An Anthropic API key
47
+ Env vars override the stored key, so CI and one-offs Just Work. Keys live in
48
+ `~/.buildwithnexus/.env.keys` (0600).
33
49
 
34
- ### macOS (ARM or Intel)
50
+ ## Modes
35
51
 
36
- QEMU is installed automatically via Homebrew. If Homebrew isn't installed, get it at [brew.sh](https://brew.sh).
52
+ - **PLAN** decompose the task into steps you approve or edit, then execute.
53
+ - **BUILD** — the agentic ReAct loop: read/edit files, run commands, iterate.
54
+ - **BRAINSTORM** — free-form chat, no tools.
37
55
 
38
56
  ```bash
39
- npx buildwithnexus init
57
+ buildwithnexus # full-screen interactive session
58
+ buildwithnexus run <task> # execute a task (agentic, headless)
59
+ buildwithnexus plan <task> # decompose, approve, then execute
60
+ buildwithnexus brainstorm <q> # free-form chat
61
+ buildwithnexus init # (re)configure provider / model / key
62
+ buildwithnexus providers # list built-in providers
40
63
  ```
41
64
 
42
- ### Linux (x64)
43
-
44
- QEMU is installed automatically via apt. Requires `sudo` access for package installation.
45
-
46
- ```bash
47
- npx buildwithnexus init
65
+ ## Permissions
66
+
67
+ Every mutating tool (`write_file`, `edit_file`, `run_command`) passes a gate:
68
+ `ask` (default), `auto` (yolo), or `readonly`. Set it during setup.
69
+
70
+ ## Hooks
71
+
72
+ Run your own commands at the same lifecycle points as Claude Code, configured in
73
+ `~/.buildwithnexus/settings.json` (user) and/or `.buildwithnexus/settings.json`
74
+ (project). User hooks are always active; **project hooks run only after you trust
75
+ that folder** (you're prompted once, and a project hook may *deny* a tool but
76
+ never *grant* one — so cloning a hostile repo can't run or unlock anything).
77
+ Events: `SessionStart`, `UserPromptSubmit`, `PreToolUse`, `PostToolUse`, `Stop`,
78
+ `SessionEnd`. Each hook command receives the event as JSON on stdin.
79
+
80
+ `PreToolUse` can gate a tool: exit code **2** (or a JSON
81
+ `permissionDecision: "deny"`) blocks it — even under `auto`. `"allow"` skips the
82
+ prompt; otherwise the normal gate applies. Matchers are `*`, an exact tool name,
83
+ or a `|`-separated list. See [`examples/settings.json`](./examples/settings.json).
84
+
85
+ ```json
86
+ {
87
+ "hooks": {
88
+ "PreToolUse": [
89
+ { "matcher": "run_command",
90
+ "hooks": [{ "type": "command", "command": "echo 'no shell on main' >&2; exit 2" }] }
91
+ ]
92
+ }
93
+ }
48
94
  ```
49
95
 
50
- ### Windows (via WSL2)
51
-
52
- buildwithnexus requires WSL2 with an Ubuntu distribution. Native Windows is not supported.
53
-
54
- 1. Install WSL2: `wsl --install -d Ubuntu`
55
- 2. Open Ubuntu terminal
56
- 3. Install Node.js: `curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash - && sudo apt install -y nodejs`
57
- 4. Run: `npx buildwithnexus init`
58
-
59
- KVM nested virtualization must be enabled in your BIOS/UEFI settings.
96
+ ## Build from source
60
97
 
61
- ## Commands
62
-
63
- | Command | Description |
64
- |---------|-------------|
65
- | `buildwithnexus init` | Full scaffolding + VM boot (10 phases) |
66
- | `buildwithnexus start` | Start an existing VM + server |
67
- | `buildwithnexus stop` | Graceful shutdown |
68
- | `buildwithnexus status` | VM / Docker / server / tunnel health |
69
- | `buildwithnexus doctor` | Diagnose QEMU, ports, SSH, disk |
70
- | `buildwithnexus logs [-f]` | Stream server logs |
71
- | `buildwithnexus update` | Upload latest release, rebuild, restart |
72
- | `buildwithnexus destroy [--force]` | Remove VM + all data |
73
- | `buildwithnexus keys set\|list` | Manage API keys |
74
- | `buildwithnexus ssh` | Direct SSH into the VM |
75
- | `buildwithnexus brainstorm [idea]` | Brainstorm an idea with the Chief of Staff |
76
-
77
- ## Architecture
78
-
79
- ```
80
- Host (your machine)
81
- └─ QEMU VM (Ubuntu 24.04)
82
- ├─ Docker (nexus-cli-sandbox)
83
- ├─ KVM / libvirt (inner VMs)
84
- └─ NEXUS server (:4200)
98
+ ```bash
99
+ cargo build --release --manifest-path harness/Cargo.toml # → harness/target/release/buildwithnexus
100
+ bash scripts/vendor.sh # vendor deps for offline / reproducible builds
85
101
  ```
86
102
 
87
- Port forwarding: SSH `localhost:2222`, NEXUS `localhost:4200`, HTTPS `localhost:8443`.
88
-
89
- ## Security
90
-
91
- Built-in DLP (Data Loss Prevention) layer protects every data path — zero dependencies, zero configuration:
92
-
93
- - **Input Sanitization** — YAML escaping and `shellCommand` tagged templates prevent injection
94
- - **Output Redaction** — API keys auto-redacted from logs, errors, and stdout
95
- - **Secret Validation** format + injection character checks on all API keys at input
96
- - **File Integrity** HMAC-SHA256 tamper detection on `.env.keys`
97
- - **Audit Trail** every sensitive operation logged to `~/.buildwithnexus/audit.log`
98
- - **Environment Scrubbing** child processes (QEMU, Docker, SSH) never inherit secrets
99
- - **SSH TOFU** host key pinned on first connect, verified on every subsequent connection
100
- - SSH key-only auth (ed25519, no passwords)
101
- - UFW firewall (deny all, allow 22/80/443/4200)
102
- - auditd enabled (SOC 2 compliance)
103
- - Docker hardened (no-new-privileges, log rotation, cap-drop ALL)
104
- - API keys stored in `~/.buildwithnexus/.env.keys` with `0600` permissions
105
- - All directories created with `0700` permissions
106
- - Nesting enforcement guard prevents running outside VM isolation
107
-
108
- ## Links
109
-
110
- - **npm:** [npmjs.com/package/buildwithnexus](https://www.npmjs.com/package/buildwithnexus)
111
- - **Docs:** [buildwithnexus.dev](https://buildwithnexus.dev)
112
- - **GitHub:** [github.com/Garretts-Apps/buildwithnexus](https://github.com/Garretts-Apps/buildwithnexus)
103
+ The npm package is a thin wrapper: `postinstall` downloads the prebuilt binary
104
+ for your platform from the GitHub Release and **verifies its SHA-256** before
105
+ use, falling back to a `cargo` build (using vendored deps when present). Releases
106
+ also carry build-provenance attestations (`gh attestation verify`).
107
+
108
+ ## Safety
109
+
110
+ - Default permission is **ask**every file write, edit, and command is
111
+ confirmed. `auto` ("yolo") and `readonly` are opt-in.
112
+ - File tools are confined to the working directory; reads outside it, and of
113
+ sensitive paths (the key store, `~/.ssh`, `.env`, `*.pem`), require
114
+ confirmation even in `auto`. Catastrophic commands (`rm -rf /`, `mkfs`, …) too.
115
+ - API keys are never sent to a non-HTTPS endpoint, and key-like tokens are
116
+ redacted from surfaced errors.
117
+ - In non-interactive / `--json` runs, anything that would prompt is denied
118
+ rather than blocking.
113
119
 
114
120
  ## License
115
121
 
package/SECURITY.md ADDED
@@ -0,0 +1,85 @@
1
+ # Security Policy
2
+
3
+ ## Supported Versions
4
+
5
+ `buildwithnexus` is published to npm under semantic versioning. Only the latest
6
+ released minor line receives security fixes.
7
+
8
+ | Version | Supported |
9
+ |------------|--------------------|
10
+ | 0.8.x | :white_check_mark: |
11
+ | < 0.8 | :x: |
12
+
13
+ ## Reporting a Vulnerability
14
+
15
+ **Do not open a public GitHub issue for security problems.**
16
+
17
+ Report vulnerabilities privately via GitHub's coordinated-disclosure flow:
18
+
19
+ https://github.com/Garretts-Apps/buildwithnexus/security/advisories/new
20
+
21
+ Or by email to `security@buildwithnexus.dev`.
22
+
23
+ We aim to acknowledge new reports within **3 business days** and to ship a fix
24
+ or mitigation within **30 days** of acknowledgement, depending on severity. We
25
+ will credit reporters in the advisory unless they ask to remain anonymous.
26
+
27
+ ## Scope
28
+
29
+ In scope:
30
+
31
+ - The `buildwithnexus` npm package (CLI, bundled NEXUS source tarball,
32
+ installer scripts).
33
+ - The publish pipeline in `.github/workflows/publish.yml`.
34
+ - The bundled NEXUS Python source (`dist/nexus-release.tar.gz`).
35
+ - Any release artifacts attached to GitHub Releases (SBOM, checksums).
36
+
37
+ Out of scope:
38
+
39
+ - Vulnerabilities in upstream dependencies — please report those upstream first;
40
+ if exploitable through `buildwithnexus`, also notify us.
41
+ - Self-XSS or social-engineering against your own developer machine.
42
+ - Issues that require an attacker to already control your CI secrets, npm
43
+ account, or developer machine.
44
+
45
+ ## Verifying a Release
46
+
47
+ Every release on npm from `v0.9.0` onward ships with **npm provenance** — a
48
+ SLSA-Build-L3-style attestation cryptographically tying the tarball back to the
49
+ specific GitHub Actions workflow run that built it.
50
+
51
+ To verify:
52
+
53
+ ```sh
54
+ npm view buildwithnexus@<version> --json | jq .dist.attestations
55
+ ```
56
+
57
+ Or interactively in the terminal:
58
+
59
+ ```sh
60
+ npx -y npm-audit-resolver buildwithnexus
61
+ ```
62
+
63
+ The publish workflow also attaches a CycloneDX SBOM (`sbom.cdx.json`) and a
64
+ `SHA256SUMS.txt` to each GitHub Release. You can reproduce the tarball locally
65
+ by checking out the corresponding tag and running:
66
+
67
+ ```sh
68
+ git clone --branch v<version> https://github.com/Garretts-Apps/buildwithnexus
69
+ cd buildwithnexus
70
+ NEXUS_SRC=/path/to/nexus npm run build && npm run bundle
71
+ sha256sum dist/nexus-release.tar.gz
72
+ ```
73
+
74
+ ## Hardening Inside the Package
75
+
76
+ - `prepublishOnly` refuses to publish unless `NEXUS_SRC` is explicitly set to a
77
+ valid nexus checkout. No silent fall-through to a stale `/tmp/` copy.
78
+ - `postinstall` was removed. `npm install buildwithnexus` no longer executes
79
+ any project-defined lifecycle script on the user's machine.
80
+ - All GitHub Actions in our workflows are pinned to specific minor versions
81
+ (Dependabot proposes SHA-pinned bumps weekly).
82
+ - The publish workflow runs with the minimum permissions required, plus
83
+ `id-token: write` only for OIDC provenance signing.
84
+ - `npm ci --ignore-scripts` is used in CI to neutralise transitive postinstall
85
+ scripts during builds and audits.
@@ -0,0 +1,23 @@
1
+ #!/usr/bin/env node
2
+ 'use strict';
3
+ // Thin launcher: hand off to the native Rust binary with stdio inherited so the
4
+ // alternate-screen TUI works exactly as if it were invoked directly.
5
+ const { spawnSync } = require('child_process');
6
+ const { existing } = require('../scripts/resolve-binary.js');
7
+
8
+ const bin = existing();
9
+ if (!bin) {
10
+ process.stderr.write(
11
+ 'buildwithnexus: native binary not found.\n' +
12
+ ' Reinstall the package, or build it locally with Rust (https://rustup.rs):\n' +
13
+ ' npm explore buildwithnexus -- npm run build\n'
14
+ );
15
+ process.exit(1);
16
+ }
17
+
18
+ const result = spawnSync(bin, process.argv.slice(2), { stdio: 'inherit' });
19
+ if (result.error) {
20
+ process.stderr.write(`buildwithnexus: ${result.error.message}\n`);
21
+ process.exit(1);
22
+ }
23
+ process.exit(result.status === null ? 1 : result.status);