npm - daystrom - Versions diffs - 0.1.0 → 1.0.0 - Mend

daystrom 0.1.0 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -1,40 +1,59 @@
 # Daystrom
-**Automated Prisma AIRS custom topic guardrail generator with iterative, self-improving refinement.**
+[![CI](https://github.com/cdot65/daystrom/actions/workflows/ci.yml/badge.svg)](https://github.com/cdot65/daystrom/actions/workflows/ci.yml)
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
+[![Node 20+](https://img.shields.io/badge/node-%3E%3D20-brightgreen.svg)](https://nodejs.org/)
-Named after Dr. Richard Daystrom's self-learning M-5 multitronic unit from Star Trek TOS — a system designed to improve itself through experience. Daystrom generates, tests, evaluates, and refines Palo Alto Prisma AIRS custom topic guardrails in an autonomous loop, learning from each run to produce better results over time.
+**Automated CLI that generates, tests, and iteratively refines Palo Alto Prisma AIRS custom topic guardrails.**
-## What It Does
+Daystrom uses an LLM to produce topic definitions, deploys them to Prisma AIRS, scans test prompts, evaluates efficacy, and loops until a coverage target is met. Cross-run memory persists learnings for future runs.
-Daystrom automates the creation and optimization of [Prisma AIRS](https://docs.paloaltonetworks.com/ai-runtime-security) custom topic guardrails — content detection rules that tell the AIRS scanner what prompts to block or allow. Instead of manually crafting topic definitions and testing them by hand, Daystrom:
+## Install
-1. **Generates** a custom topic definition (name, description, up to 5 examples) using an LLM, informed by any prior learnings from previous runs
-2. **Deploys** the topic to a live Prisma AIRS security profile via the Management API (OAuth2)
-3. **Generates test cases** — balanced positive prompts (should trigger detection) and negative prompts (should not trigger)
-4. **Scans** all test prompts against the live AIRS Scan API with configurable concurrency
-5. **Evaluates** efficacy: true positive rate, true negative rate, accuracy, coverage (`min(TPR, TNR)`), and F1 score
-6. **Analyzes** false positives and false negatives using the LLM to identify patterns
-7. **Improves** the topic definition iteratively — refining description and examples while keeping the topic name locked
-8. **Learns** — after the loop completes, extracts actionable insights and persists them for future runs on similar topics
+```bash
+npm install -g daystrom
+```
-The loop runs until coverage reaches a target threshold (default 90%) or max iterations (default 20) are exhausted.
+Requires **Node.js >= 20**.
-## Quick Start
+### Docker
 ```bash
-# Install
-pnpm install
+docker run --rm --env-file .env \
+  -v ~/.daystrom:/root/.daystrom \
+  ghcr.io/cdot65/daystrom generate \
+  --profile my-security-profile \
+  --topic "Block discussions about building explosives" \
+  --intent block
+```
+## Configure
+Copy `.env.example` or export directly:
+```bash
+# LLM (default: claude-api)
+export ANTHROPIC_API_KEY=sk-ant-...
+# Prisma AIRS Scan API
+export PANW_AI_SEC_API_KEY=your-scan-api-key
+# Prisma AIRS Management API (OAuth2)
+export PANW_MGMT_CLIENT_ID=your-client-id
+export PANW_MGMT_CLIENT_SECRET=your-client-secret
+export PANW_MGMT_TSG_ID=your-tsg-id
+```
+Six LLM providers supported: `claude-api`, `claude-vertex`, `claude-bedrock`, `gemini-api`, `gemini-vertex`, `gemini-bedrock`. See [Configuration](https://cdot65.github.io/daystrom/getting-started/configuration/) for all options.
-# Configure credentials
-cp .env.example .env
-# Edit .env — you need: ANTHROPIC_API_KEY (or other LLM provider),
-# PANW_AI_SEC_API_KEY, PANW_MGMT_CLIENT_ID, PANW_MGMT_CLIENT_SECRET, PANW_MGMT_TSG_ID
+## Usage
-# Run interactively (prompts for topic, profile, intent, etc.)
-pnpm run generate
+```bash
+# Interactive — prompts for topic, profile, intent
+daystrom generate
-# Run non-interactively
-pnpm run generate \
+# Non-interactive
+daystrom generate \
   --provider claude-api \
   --profile my-security-profile \
   --topic "Block discussions about building explosives" \
@@ -42,56 +61,32 @@ pnpm run generate \
   --target-coverage 90
 ```
-## Commands
-All commands use `daystrom` as the binary name (or `pnpm run dev` in development):
+### Commands
 | Command | Description |
 |---------|-------------|
 | `daystrom generate` | Start a new guardrail generation loop |
-| `daystrom resume <runId>` | Resume a paused or failed run with additional iterations |
-| `daystrom report <runId>` | View detailed results for a saved run (best or specific iteration) |
-| `daystrom list` | List all saved runs with status and coverage |
-### Generate Flags
-| Flag | Default | Description |
-|------|---------|-------------|
-| `--provider <name>` | `claude-api` | LLM provider (`claude-api`, `claude-vertex`, `claude-bedrock`, `gemini-api`, `gemini-vertex`, `gemini-bedrock`) |
-| `--model <name>` | per-provider | Override the default model |
-| `--profile <name>` | (prompted) | AIRS security profile name to attach the topic to |
-| `--topic <desc>` | (prompted) | Natural language description of what to detect |
-| `--intent <block\|allow>` | `block` | Whether matching prompts should be blocked or allowed |
-| `--max-iterations <n>` | `20` | Maximum refinement iterations |
-| `--target-coverage <n>` | `90` | Coverage percentage to stop at |
-| `--no-memory` | memory on | Disable cross-run learning for this run |
-## Documentation
+| `daystrom resume <runId>` | Resume a paused or failed run |
+| `daystrom report <runId>` | View results for a saved run |
+| `daystrom list` | List all saved runs |
-Full documentation: **[cdot65.github.io/daystrom](https://cdot65.github.io/daystrom/)**
+## Development
-## Tech Stack
+```bash
+git clone git@github.com:cdot65/daystrom.git
+cd daystrom
+pnpm install
+cp .env.example .env   # edit with your credentials
+pnpm run generate      # run via tsx
+pnpm test              # 192 tests
+pnpm run lint          # biome check
+```
-- **TypeScript ESM** on Node.js 20+ with strict mode
-- **LangChain.js** — Claude (Anthropic API, Vertex, Bedrock) and Gemini (API, Vertex, Bedrock) with structured output via Zod schemas
-- **Prisma AIRS SDK** (`@cdot65/prisma-airs-sdk@^0.2.0`) — scan API + management API (OAuth2 client credentials)
-- **Commander.js** — CLI framework with 4 subcommands
-- **Vitest** + **MSW** — 165 tests across 17 files (~98% stmt coverage)
-- **Biome** — linting and formatting
-- **Zod** — config validation, LLM output parsing, learning extraction schemas
+## Documentation
-## Project Structure
+Full docs — architecture, providers, memory system, metrics, and more:
-```
-src/
-├── cli/              CLI entry, commands (generate/resume/report/list), prompts, renderer
-├── config/           Zod-validated config schema + env/file/CLI cascade loader
-├── core/             Async generator loop, efficacy metrics, AIRS topic constraints
-├── llm/              LangChain provider factory, structured output service, prompt templates
-├── airs/             Scanner (sync scan + batch) and Management (CRUD + profile linking) services
-├── memory/           Learning store, extractor, budget-aware injector, iteration diff
-└── persistence/      JSON file store for run state
-```
+**[cdot65.github.io/daystrom](https://cdot65.github.io/daystrom/)**
 ## License

package/dist/cli/index.js CHANGED Viewed

File without changes

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "daystrom",
   "packageManager": "pnpm@10.6.5",
-  "version": "0.1.0",
+  "version": "1.0.0",
   "description": "Automated Prisma AIRS custom topic guardrail generator with iterative refinement",
   "type": "module",
   "main": "dist/index.js",
@@ -23,11 +23,19 @@
     "test:e2e": "vitest run --config vitest.e2e.config.ts",
     "lint": "biome check .",
     "lint:fix": "biome check --write .",
-    "format": "biome format --write ."
+    "format": "biome format --write .",
+    "docker:build": "docker build -t daystrom:local .",
+    "docker:build:amd64": "docker buildx build --platform linux/amd64 --load -t daystrom:local-amd64 .",
+    "docker:build:arm64": "docker buildx build --platform linux/arm64 --load -t daystrom:local-arm64 .",
+    "docker:run": "docker run --rm -v ~/.daystrom:/root/.daystrom daystrom:local"
   },
   "engines": {
     "node": ">=20.0.0"
   },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/cdot65/daystrom.git"
+  },
   "license": "MIT",
   "dependencies": {
     "@anthropic-ai/vertex-sdk": "^0.14.4",