delimit-cli 1.0.0 → 2.1.0

package/.github/workflows/api-governance.yml

@@ -0,0 +1,24 @@
+name: API Governance
+
+on:
+  pull_request:
+    paths:
+      - '**.json'
+      - '**.yaml'
+      - '**.yml'
+      - 'openapi/**'
+      - 'api/**'
+      - 'swagger/**'
+
+jobs:
+  api-check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          
+      - name: Detect API breaking changes
+        uses: delimit-ai/delimit-action@v1
+        with:
+          advisory_mode: true

package/README.md

@@ -1,157 +1,99 @@
-# delimit-cli
+# Delimit
 
-Official CLI tool for [Delimit API Governance Platform](https://delimit.ai) with built-in Privacy Shield™ technology.
+**API governance CLI for development teams.** Detect breaking API changes, enforce policies, and maintain audit trails across your services.
 
-## Features
+[![npm](https://img.shields.io/npm/v/delimit)](https://www.npmjs.com/package/delimit)
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
 
-- 🛡️ **Privacy Shield™**: Automatically masks sensitive data before sending to API
-- ✅ **OpenAPI Validation**: Validate specs against governance rules
-- 🎨 **Beautiful Output**: Color-coded terminal output for easy reading
-- 🚀 **Fast & Lightweight**: Built with TypeScript for performance
-- 🔒 **Secure by Design**: Your sensitive API data never leaves your machine
-
-## Installation
-
-```bash
-npm install -g delimit-cli
-```
-
-Or with yarn:
+## Install
 
 ```bash
-yarn global add delimit-cli
+npm install -g delimit
 ```
 
 ## Quick Start
 
-1. Get your API key from [RapidAPI](https://rapidapi.com/delimit/api/openapi-diff-api)
-
-2. Set your API key as an environment variable:
 ```bash
-export DELIMIT_API_KEY="your-api-key-here"
-```
+# Check current governance status
+delimit status
 
-3. Validate your OpenAPI specification:
-```bash
-delimit validate api-spec.yaml
-```
+# Set up governance for this repo (advisory mode by default)
+delimit install --mode advisory
 
-## Commands
+# Validate an API spec
+delimit validate api/openapi.yaml
+```
 
-### `validate`
+## Governance Modes
 
-Validate an OpenAPI specification against governance rules.
+Delimit supports three enforcement levels. You choose:
 
 ```bash
-delimit validate <filepath>
+delimit install --mode advisory   # Warnings only, no blocking
+delimit install --mode guarded    # Soft enforcement with overrides
+delimit install --mode enforce    # Strict policy enforcement
 ```
 
-**Options:**
-- `--verbose` - Show detailed validation output
-- `--output <format>` - Output format: `text` (default) or `json`
+### Scope Control
 
-**Example:**
 ```bash
-# Validate a YAML spec
-delimit validate openapi.yaml
-
-# Validate a JSON spec with verbose output
-delimit validate api.json --verbose
-
-# Get JSON output for CI/CD integration
-delimit validate spec.yaml --output json
+delimit install --scope repo      # Current repository only
+delimit install --scope global    # All repositories on this machine
 ```
 
-### Coming Soon
+## What It Does
 
-- `diff` - Compare two API versions for breaking changes
-- `analyze` - Analyze API changes for risks and soft breaks
-- `recommend` - Get version recommendations based on changes
-- `gate` - CI/CD release gate checks
+- **API Change Detection** — Identifies breaking changes in OpenAPI/Swagger specs
+- **Policy Enforcement** — Applies configurable governance rules to API changes
+- **Evidence Collection** — Records audit trail of all governance decisions
+- **MCP Integration** — Works with Claude, Gemini, and other AI coding tools via Model Context Protocol
 
-## Privacy Shield™
+## Usage with CI
 
-The CLI includes built-in Privacy Shield technology that automatically removes sensitive information from your OpenAPI specifications before sending them for validation:
+For CI/CD integration, use the GitHub Action instead:
 
-**What gets masked:**
-- API descriptions and summaries
-- Example values and responses
-- Server URLs
-- Contact information
-- License and terms of service
+```yaml
+- uses: delimit-ai/delimit-action@v1
+```
 
-**What stays intact:**
-- API structure and schemas
-- Endpoints and methods
-- Parameters and types
-- Required fields and validations
+See [delimit-action](https://github.com/delimit-ai/delimit-action) for full CI setup.
 
-This ensures your proprietary business logic and sensitive documentation never leave your local environment.
+## Commands
 
-## CI/CD Integration
+| Command | Description |
+|---------|-------------|
+| `delimit status` | Show current governance state |
+| `delimit install` | Set up governance hooks and config |
+| `delimit validate <spec>` | Validate an API specification |
+| `delimit doctor` | Diagnose configuration issues |
+| `delimit uninstall` | Clean removal of all hooks and config |
 
-### GitHub Actions
+## Uninstall
 
-```yaml
-- name: Validate API Spec
-  run: |
-    npm install -g delimit-cli
-    export DELIMIT_API_KEY=${{ secrets.DELIMIT_API_KEY }}
-    delimit validate openapi.yaml
+```bash
+delimit uninstall
 ```
 
-### Jenkins
-
-```groovy
-stage('API Validation') {
-    steps {
-        sh '''
-            npm install -g delimit-cli
-            export DELIMIT_API_KEY=${DELIMIT_API_KEY}
-            delimit validate openapi.yaml
-        '''
-    }
-}
-```
+Cleanly removes all hooks, PATH modifications, and configuration files.
 
-### GitLab CI
+## Configuration
+
+Create `.delimit/policies.yml` in your repository:
 
 ```yaml
-validate-api:
-  script:
-    - npm install -g delimit-cli
-    - export DELIMIT_API_KEY=$DELIMIT_API_KEY
-    - delimit validate openapi.yaml
+rules:
+  - id: no_endpoint_removal
+    change_types: [endpoint_removed]
+    severity: error
+    message: "Endpoints cannot be removed without deprecation"
 ```
 
-## Exit Codes
-
-- `0` - Validation passed
-- `1` - Validation failed or error occurred
-
-## Environment Variables
-
-- `DELIMIT_API_KEY` - Your RapidAPI key (required)
-- `DELIMIT_API_URL` - Override API URL (optional, for testing)
+## Links
 
-## Support
-
-- **Documentation**: https://api.delimit.ai/docs
-- **Issues**: https://github.com/delimit-ai/delimit-cli/issues
-- **Email**: support@delimit.ai
+- [GitHub Action](https://github.com/delimit-ai/delimit-action) — CI/CD integration
+- [Website](https://delimit.ai) — Documentation and platform
+- [Issues](https://github.com/delimit-ai/delimit/issues) — Bug reports and feature requests
 
 ## License
 
-MIT © Delimit.ai
-
-## Contributing
-
-We welcome contributions! Please see our [Contributing Guide](CONTRIBUTING.md) for details.
-
-## Security
-
-Found a security issue? Please email security@delimit.ai directly.
-
----
-
-Built with ❤️ by the Delimit team
+MIT

package/adapters/codex-skill.js

@@ -0,0 +1,87 @@
+#!/usr/bin/env node
+/**
+ * Delimit™ Codex Skill Adapter
+ * Implements GitHub Codex "Skills" interface
+ */
+
+const axios = require('axios');
+const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
+
+class DelimitCodexSkill {
+    constructor() {
+        this.name = 'delimit-governance';
+        this.version = '2.0.0';
+    }
+    
+    /**
+     * Codex Skills use onBeforeSuggestion and onAfterAccept events
+     */
+    async onBeforeSuggestion(context) {
+        console.log('[DELIMIT CODEX] Validating code suggestion...');
+        
+        try {
+            const { code, language, file } = context;
+            
+            // Check governance rules
+            const response = await axios.post(`${AGENT_URL}/evaluate`, {
+                action: 'codex_suggestion',
+                code: code,
+                language: language,
+                file: file,
+                tool: 'codex'
+            });
+            
+            if (response.data.action === 'block') {
+                return {
+                    allow: false,
+                    message: `[DELIMIT] Code blocked: ${response.data.reason}`
+                };
+            }
+            
+            if (response.data.action === 'prompt') {
+                return {
+                    allow: true,
+                    warning: response.data.message
+                };
+            }
+            
+            return { allow: true };
+        } catch (error) {
+            console.warn('[DELIMIT CODEX] Governance check failed:', error.message);
+            return { allow: true }; // Fail open
+        }
+    }
+    
+    async onAfterAccept(context) {
+        console.log('[DELIMIT CODEX] Recording accepted suggestion...');
+        
+        try {
+            // Collect evidence
+            await axios.post(`${AGENT_URL}/audit`, {
+                action: 'codex_accept',
+                context: context,
+                timestamp: new Date().toISOString()
+            });
+        } catch (error) {
+            // Silent fail for audit
+        }
+    }
+    
+    // Codex-specific command handler
+    async handleCommand(command, args) {
+        if (command === 'governance') {
+            const { execSync } = require('child_process');
+            return execSync('delimit status --verbose').toString();
+        }
+    }
+}
+
+// Export for Codex
+if (typeof module !== 'undefined' && module.exports) {
+    module.exports = new DelimitCodexSkill();
+}
+
+// Codex registration
+if (typeof registerSkill === 'function') {
+    registerSkill(new DelimitCodexSkill());
+}

package/adapters/cursor-extension.js

@@ -0,0 +1,190 @@
+#!/usr/bin/env node
+/**
+ * Delimit™ Cursor Extension Adapter
+ * Implements VSCode-style extension for Cursor
+ */
+
+const vscode = typeof acquireVsCodeApi !== 'undefined' ? acquireVsCodeApi() : null;
+const axios = require('axios');
+const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
+
+class DelimitCursorExtension {
+    constructor() {
+        this.extensionId = 'delimit.governance';
+        this.version = '2.0.0';
+    }
+    
+    /**
+     * Extension activation
+     */
+    async activate(context) {
+        console.log('[DELIMIT CURSOR] Extension activated');
+        
+        // Register commands
+        this.registerCommands(context);
+        
+        // Register code action provider
+        this.registerCodeActions(context);
+        
+        // Register diagnostics
+        this.registerDiagnostics(context);
+        
+        return {
+            extendMarkdownIt: (md) => this.extendMarkdown(md)
+        };
+    }
+    
+    registerCommands(context) {
+        const commands = {
+            'delimit.checkGovernance': async () => {
+                const { execSync } = require('child_process');
+                const result = execSync('delimit status --verbose').toString();
+                this.showMessage(result);
+            },
+            'delimit.switchMode': async () => {
+                const mode = await this.showQuickPick(['advisory', 'guarded', 'enforce']);
+                if (mode) {
+                    const { execSync } = require('child_process');
+                    execSync(`delimit mode ${mode}`);
+                    this.showMessage(`Switched to ${mode} mode`);
+                }
+            },
+            'delimit.viewAudit': async () => {
+                const { execSync } = require('child_process');
+                const audit = execSync('delimit audit --tail 20').toString();
+                this.showMessage(audit, 'Audit Log');
+            }
+        };
+        
+        Object.entries(commands).forEach(([cmd, handler]) => {
+            if (vscode) {
+                context.subscriptions.push(
+                    vscode.commands.registerCommand(cmd, handler)
+                );
+            }
+        });
+    }
+    
+    registerCodeActions(context) {
+        // Register code action provider for all languages
+        const provider = {
+            provideCodeActions: async (document, range, context) => {
+                const actions = [];
+                
+                // Check if there are any governance issues
+                const text = document.getText(range);
+                const issues = await this.checkGovernance(text, document.languageId);
+                
+                if (issues.length > 0) {
+                    actions.push({
+                        title: '🛡️ Fix Governance Issues',
+                        command: 'delimit.fixIssues',
+                        arguments: [issues]
+                    });
+                }
+                
+                return actions;
+            }
+        };
+        
+        if (vscode) {
+            context.subscriptions.push(
+                vscode.languages.registerCodeActionsProvider('*', provider)
+            );
+        }
+    }
+    
+    registerDiagnostics(context) {
+        const diagnosticCollection = vscode ? 
+            vscode.languages.createDiagnosticCollection('delimit') : null;
+        
+        // Watch for document changes
+        if (vscode) {
+            vscode.workspace.onDidChangeTextDocument(async (event) => {
+                const document = event.document;
+                const diagnostics = [];
+                
+                // Check governance
+                const text = document.getText();
+                const issues = await this.checkGovernance(text, document.languageId);
+                
+                issues.forEach(issue => {
+                    diagnostics.push({
+                        range: new vscode.Range(
+                            issue.line || 0, 
+                            issue.column || 0,
+                            issue.line || 0,
+                            issue.columnEnd || 100
+                        ),
+                        message: issue.message,
+                        severity: issue.severity === 'error' ? 
+                            vscode.DiagnosticSeverity.Error :
+                            vscode.DiagnosticSeverity.Warning
+                    });
+                });
+                
+                diagnosticCollection.set(document.uri, diagnostics);
+            });
+        }
+        
+        context.subscriptions.push(diagnosticCollection);
+    }
+    
+    async checkGovernance(code, language) {
+        try {
+            const response = await axios.post(`${AGENT_URL}/evaluate`, {
+                action: 'cursor_validation',
+                code: code,
+                language: language,
+                tool: 'cursor'
+            });
+            
+            if (response.data.issues) {
+                return response.data.issues;
+            }
+            
+            return [];
+        } catch (error) {
+            return [];
+        }
+    }
+    
+    showMessage(message, title = 'Delimit') {
+        if (vscode) {
+            vscode.window.showInformationMessage(`${title}: ${message}`);
+        } else {
+            console.log(`[${title}] ${message}`);
+        }
+    }
+    
+    async showQuickPick(items) {
+        if (vscode) {
+            return await vscode.window.showQuickPick(items);
+        }
+        return items[0];
+    }
+    
+    extendMarkdown(md) {
+        // Add custom markdown rendering for governance info
+        return md.use((md) => {
+            md.renderer.rules.delimit_governance = (tokens, idx) => {
+                return `<div class="delimit-governance">${tokens[idx].content}</div>`;
+            };
+        });
+    }
+    
+    deactivate() {
+        console.log('[DELIMIT CURSOR] Extension deactivated');
+    }
+}
+
+// Export for Cursor/VSCode
+if (typeof module !== 'undefined' && module.exports) {
+    module.exports = new DelimitCursorExtension();
+}
+
+// VSCode activation
+if (vscode) {
+    exports.activate = (context) => new DelimitCursorExtension().activate(context);
+    exports.deactivate = () => new DelimitCursorExtension().deactivate();
+}

package/adapters/gemini-action.js

@@ -0,0 +1,93 @@
+#!/usr/bin/env node
+/**
+ * Delimit™ Gemini Action Adapter
+ * Implements Google Gemini Extensions interface
+ */
+
+const axios = require('axios');
+const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
+
+class DelimitGeminiAction {
+    constructor() {
+        this.id = 'delimit-governance';
+        this.version = '2.0.0';
+    }
+    
+    /**
+     * Gemini uses action handlers for extension points
+     */
+    async beforeCodeGeneration(request) {
+        console.log('[DELIMIT GEMINI] Pre-generation validation...');
+        
+        try {
+            const { prompt, context, model } = request;
+            
+            // Check if the request involves sensitive operations
+            const response = await axios.post(`${AGENT_URL}/evaluate`, {
+                action: 'gemini_generation',
+                prompt: prompt,
+                context: context,
+                model: model || 'gemini-pro',
+                tool: 'gemini'
+            });
+            
+            if (response.data.action === 'block') {
+                throw new Error(`[DELIMIT] Generation blocked: ${response.data.reason}`);
+            }
+            
+            if (response.data.action === 'prompt') {
+                console.warn(`[DELIMIT] Warning: ${response.data.message}`);
+            }
+            
+            return request; // Pass through
+        } catch (error) {
+            if (error.message.includes('[DELIMIT]')) {
+                throw error; // Re-throw governance blocks
+            }
+            console.warn('[DELIMIT GEMINI] Governance check failed:', error.message);
+            return request; // Fail open
+        }
+    }
+    
+    async afterResponse(response) {
+        console.log('[DELIMIT GEMINI] Processing response...');
+        
+        try {
+            // Collect evidence
+            await axios.post(`${AGENT_URL}/audit`, {
+                action: 'gemini_response',
+                response: {
+                    model: response.model,
+                    tokens: response.usage,
+                    timestamp: new Date().toISOString()
+                }
+            });
+        } catch (error) {
+            // Silent fail for audit
+        }
+        
+        return response;
+    }
+    
+    // Gemini command handler (uses @ prefix)
+    async handleCommand(command, args) {
+        const commands = {
+            '@governance': 'delimit status',
+            '@audit': 'delimit audit',
+            '@mode': 'delimit mode'
+        };
+        
+        if (commands[command]) {
+            const { execSync } = require('child_process');
+            return execSync(commands[command]).toString();
+        }
+    }
+}
+
+// Export for Gemini
+module.exports = new DelimitGeminiAction();
+
+// Gemini registration (if available)
+if (typeof registerExtension === 'function') {
+    registerExtension(new DelimitGeminiAction());
+}