cerber-core 1.1.1 → 1.1.3

package/README.md

@@ -50,7 +50,7 @@ ROI: Break-even on Day 1
 **For CTOs & Engineering Managers:**
 - **Reduce production incidents** - 95% bugs caught pre-production (vs 60-70% manual reviews)
 - **Cut debugging costs** - 4.5 hours saved per developer per session
-- **Speed up onboarding** - BIBLE.md = instant project understanding for new hires
+- **Speed up onboarding** - CERBER.md = instant project understanding for new hires
 - **Enforce architecture** - Prevent technical debt before it enters codebase
 
 **Cost Comparison:**
@@ -91,7 +91,7 @@ Cerber guards → enforces your decisions
 
 **Cerber Core solution:**
 ```
-✅ Architect defines rules once (BIBLE.md + Guardian schema)
+✅ Architect defines rules once (CERBER.md contract)
 ✅ Cerber enforces automatically forever
 ✅ Every commit validates against your roadmap (<1 second)
 ✅ Architecture stays intact as team scales
@@ -141,7 +141,7 @@ export const BACKEND_SCHEMA = {
    - **Focus Mode** - Generate 500 LOC context (vs 10K LOC) ⭐
    - Module boundaries enforcement
    - Connection contracts between modules
-   - BIBLE.md project mapping
+   - CERBER.md project mapping
 
 ---
 
@@ -1143,88 +1143,6 @@ git commit                      # Guardian validates
 
 ---
 
-## 📖 BIBLE.md - Your Project's Single Source of Truth
-
-**BIBLE.md** is your project's master map - the ONE place where everything is documented.
-
-### Why BIBLE.md?
-
-With AI coding, teams can diverge quickly. Everyone works fast, but in different directions. BIBLE.md keeps everyone aligned:
-
-- **All modules documented** - What exists, who owns it, what it does
-- **All connections mapped** - How modules talk to each other
-- **Team responsibilities clear** - Who works on what
-- **Architecture decisions recorded** - Why things are built this way
-
-### How It Works
-
-```bash
-# 1. Copy template
-cp node_modules/cerber-core/team/templates/BIBLE_TEMPLATE.md .cerber/BIBLE.md
-
-# 2. Describe your architecture
-nano .cerber/BIBLE.md
-
-# 3. Keep it updated when adding modules
-# 4. Reference in code reviews
-```
-
-### What's Inside BIBLE.md?
-
-```markdown
-# PROJECT BIBLE - Master Map
-
-## Architecture Overview
-[Visual diagram of your system]
-
-## Modules Index
-1. **auth-service** - Authentication & JWT
-   - Owner: Alice
-   - Files: `src/modules/auth/`
-   
-2. **payment-service** - Stripe integration
-   - Owner: Bob
-   - Files: `src/modules/payment/`
-
-## Connections Map
-- `auth-service` → `user-service`: validateToken()
-- `payment-service` → `notification-service`: sendReceipt()
-
-## Team Responsibilities
-- Alice: auth, user management
-- Bob: payments, billing
-```
-
-### Integration with Cerber
-
-Cerber automatically reads BIBLE.md from `.cerber/BIBLE.md` when running health checks:
-
-```typescript
-// server.ts
-import { createHealthEndpoint } from 'cerber-core';
-
-const healthChecks = {
-  // Cerber automatically validates against .cerber/BIBLE.md
-  architecture: async () => {
-    // Checks if actual modules match BIBLE structure
-    return await validateArchitectureAgainstBible();
-  }
-};
-
-app.get('/api/health', createHealthEndpoint(healthChecks));
-```
-
-**What Cerber checks:**
-- **Guardian** validates modules match BIBLE structure (pre-commit)
-- **Focus Mode** uses BIBLE to isolate context (500 LOC vs 10K LOC)
-- **Module checks** ensure boundaries defined in BIBLE are respected
-- **Morning checks** verify BIBLE is up-to-date with codebase
-- **Runtime health** checks architecture drift from BIBLE
-
-**Result:** Your team stays aligned even when coding at AI speed! 🚀
-
----
-
 ## 🏆 Why Cerber Core?
 
 ### Unique Innovations

package/dev/templates/BACKEND_SCHEMA.ts.tpl

@@ -20,12 +20,14 @@ export const BACKEND_SCHEMA = {
   forbiddenPatterns: [
     // Uncomment and customize based on your tech stack:
     // {
-    //   pattern: /password\s*=\s*['"][^'"]+['"]/i,
+    //   pattern: "password\\s*=\\s*['\"][^'\"]+['\"]",
+    //   flags: "i",
     //   name: "Hardcoded passwords",
     //   severity: "error"
     // },
     // {
-    //   pattern: /api[_-]?key\s*=\s*['"][^'"]+['"]/i,
+    //   pattern: "api[_-]?key\\s*=\\s*['\"][^'\"]+['\"]",
+    //   flags: "i",
     //   name: "Hardcoded API keys",
     //   severity: "error"
     // }

package/dev/templates/cerber-guardian.mjs.tpl

@@ -4,6 +4,7 @@
 
 import { execSync } from 'child_process';
 import fs from 'fs';
+import { join } from 'path';
 
 const SCHEMA_FILE = '{{SCHEMA_FILE}}';
 const APPROVALS_TAG = '{{APPROVALS_TAG}}';
@@ -13,10 +14,23 @@ async function main() {
 
   if (!fs.existsSync(SCHEMA_FILE)) {
     console.error(`❌ Schema file not found: ${SCHEMA_FILE}`);
-    console.error('Guardian MVP: schema missing. Add your rules to proceed.');
+    console.error('Create your schema file to enable validation.');
+    console.error(`Example: npx cerber init --print-schema-template > ${SCHEMA_FILE}`);
     process.exit(1);
   }
 
+  // Import schema
+  let schema;
+  try {
+    const schemaPath = join(process.cwd(), SCHEMA_FILE);
+    const schemaModule = await import(`file://${schemaPath}`);
+    schema = schemaModule.BACKEND_SCHEMA || schemaModule.default || schemaModule;
+  } catch (err) {
+    console.error(`❌ Failed to load schema from ${SCHEMA_FILE}:`, err.message);
+    process.exit(1);
+  }
+
+  // Get staged files
   let stagedFiles;
   try {
     stagedFiles = execSync('git diff --cached --name-only', { encoding: 'utf-8' })
@@ -34,7 +48,97 @@ async function main() {
   }
 
   console.log(`Checking ${stagedFiles.length} file(s)...`);
-  console.log('Guardian MVP: schema detected. Add validation rules to enforce imports/forbidden patterns.');
+
+  const violations = [];
+
+  // Validate each staged file
+  for (const file of stagedFiles) {
+    if (!fs.existsSync(file)) continue;
+
+    const content = fs.readFileSync(file, 'utf-8');
+
+    // Check forbidden patterns
+    if (schema.forbiddenPatterns && Array.isArray(schema.forbiddenPatterns)) {
+      for (const rule of schema.forbiddenPatterns) {
+        if (!rule.pattern) continue;
+
+        const pattern = typeof rule.pattern === 'string' 
+          ? new RegExp(rule.pattern, rule.flags || 'i') 
+          : rule.pattern;
+        
+        // Check if file is in exceptions
+        if (rule.exceptions && rule.exceptions.some(ex => file.includes(ex))) {
+          continue;
+        }
+
+        if (pattern.test(content)) {
+          // Check for architect approval
+          const hasApproval = content.includes(APPROVALS_TAG);
+          
+          if (!hasApproval) {
+            violations.push({
+              file,
+              rule: rule.name || 'Unnamed rule',
+              severity: rule.severity || 'error'
+            });
+          }
+        }
+      }
+    }
+
+    // Check required imports (rules)
+    if (schema.rules && Array.isArray(schema.rules)) {
+      for (const rule of schema.rules) {
+        if (!rule.pattern || !rule.requiredImports) continue;
+
+        const filePattern = typeof rule.pattern === 'string' ? new RegExp(rule.pattern) : rule.pattern;
+        
+        if (!filePattern.test(file)) continue;
+
+        // Check if file is in exceptions
+        if (rule.exceptions && rule.exceptions.some(ex => file.includes(ex))) {
+          continue;
+        }
+
+        // Check each required import
+        for (const requiredImport of rule.requiredImports) {
+          const importPattern = new RegExp(`import.*${requiredImport}`, 'i');
+          
+          if (!importPattern.test(content)) {
+            // Check for architect approval
+            const hasApproval = content.includes(APPROVALS_TAG);
+            
+            if (!hasApproval) {
+              violations.push({
+                file,
+                rule: `${rule.name || 'Unnamed rule'}: missing import '${requiredImport}'`,
+                severity: rule.severity || 'error'
+              });
+            }
+          }
+        }
+      }
+    }
+  }
+
+  // Report violations
+  if (violations.length > 0) {
+    console.error('\n❌ Architecture violations detected:\n');
+    
+    for (const v of violations) {
+      const icon = v.severity === 'error' ? '🔴' : '⚠️';
+      console.error(`${icon} [${v.severity.toUpperCase()}] ${v.file}`);
+      console.error(`   ${v.rule}`);
+      console.error(`   Add ${APPROVALS_TAG} comment to override\n`);
+    }
+    
+    const errorCount = violations.filter(v => v.severity === 'error').length;
+    if (errorCount > 0) {
+      console.error(`\n❌ Commit blocked: ${errorCount} error(s) found`);
+      process.exit(1);
+    }
+  }
+
   console.log('✅ All checks passed');
 }