delimit-cli 3.6.2 → 3.6.4

package/hooks/post-bash-hook.js

@@ -1,13 +0,0 @@
-#!/usr/bin/env node
-// Delimit post-bash hook
-const axios = require('axios');
-const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
-
-async function process() {
-    console.log('[DELIMIT] post-bash hook activated');
-    // Hook implementation
-}
-
-if (require.main === module) {
-    process();
-}

package/hooks/post-mcp-hook.js

@@ -1,13 +0,0 @@
-#!/usr/bin/env node
-// Delimit post-mcp hook
-const axios = require('axios');
-const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
-
-async function process() {
-    console.log('[DELIMIT] post-mcp hook activated');
-    // Hook implementation
-}
-
-if (require.main === module) {
-    process();
-}

package/hooks/post-response-hook.js

@@ -1,4 +0,0 @@
-#!/usr/bin/env node
-// Processes AI responses
-console.log('[DELIMIT] Processing AI response');
-// Add processing logic here

package/hooks/post-tool-hook.js

@@ -1,126 +0,0 @@
-#!/usr/bin/env node
-
-/**
- * Delimit™ Post-Tool Hook
- * Collects evidence and audit information after tool execution
- */
-
-const axios = require('axios');
-const fs = require('fs');
-const path = require('path');
-const crypto = require('crypto');
-
-const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
-const EVIDENCE_DIR = path.join(process.env.HOME, '.delimit', 'evidence');
-
-async function collectEvidence(toolContext) {
-    try {
-        // Ensure evidence directory exists
-        fs.mkdirSync(EVIDENCE_DIR, { recursive: true });
-        
-        // Extract tool information
-        const { tool, params, result, cwd, user, exitCode } = toolContext;
-        
-        // Build evidence record
-        const evidence = {
-            id: crypto.randomBytes(16).toString('hex'),
-            timestamp: new Date().toISOString(),
-            tool: tool,
-            parameters: params,
-            result: result,
-            cwd: cwd,
-            user: user,
-            exitCode: exitCode,
-            environment: process.env.NODE_ENV || 'development'
-        };
-        
-        // Special handling for file operations - capture file state
-        if (['Edit', 'Write', 'MultiEdit'].includes(tool)) {
-            const filePath = params.file_path || params.path;
-            if (filePath && fs.existsSync(filePath)) {
-                const stats = fs.statSync(filePath);
-                evidence.fileState = {
-                    path: filePath,
-                    size: stats.size,
-                    modified: stats.mtime,
-                    permissions: stats.mode.toString(8),
-                    hash: crypto.createHash('sha256')
-                        .update(fs.readFileSync(filePath))
-                        .digest('hex')
-                };
-            }
-        }
-        
-        // Special handling for command execution - capture output
-        if (tool === 'Bash') {
-            evidence.commandOutput = {
-                command: params.command,
-                stdout: result?.stdout || '',
-                stderr: result?.stderr || '',
-                exitCode: exitCode
-            };
-        }
-        
-        // Store evidence locally
-        const evidenceFile = path.join(
-            EVIDENCE_DIR,
-            `${new Date().toISOString().split('T')[0]}_${evidence.id}.json`
-        );
-        fs.writeFileSync(evidenceFile, JSON.stringify(evidence, null, 2));
-        
-        // Send to governance agent for audit logging
-        try {
-            await axios.post(`${AGENT_URL}/audit`, {
-                action: 'tool_executed',
-                tool: tool,
-                evidence: evidence
-            });
-        } catch (err) {
-            // Agent might not be running, that's okay
-            console.debug('[DELIMIT EVIDENCE] Could not send to agent:', err.message);
-        }
-        
-        // Check for anomalies
-        if (exitCode !== 0) {
-            console.warn(`[DELIMIT EVIDENCE] ⚠️  Tool execution failed with exit code ${exitCode}`);
-        }
-        
-        // Special handling for sensitive operations
-        const sensitivePaths = ['/etc/', '/.ssh/', '/.aws/', '/credentials/'];
-        if (evidence.fileState && sensitivePaths.some(p => evidence.fileState.path.includes(p))) {
-            console.warn(`[DELIMIT EVIDENCE] ⚠️  Sensitive file modified: ${evidence.fileState.path}`);
-            
-            // Create high-priority evidence record
-            const alertFile = path.join(
-                EVIDENCE_DIR,
-                'alerts',
-                `ALERT_${evidence.id}.json`
-            );
-            fs.mkdirSync(path.dirname(alertFile), { recursive: true });
-            fs.writeFileSync(alertFile, JSON.stringify({
-                ...evidence,
-                alertLevel: 'high',
-                reason: 'Sensitive file modification'
-            }, null, 2));
-        }
-        
-    } catch (error) {
-        console.error('[DELIMIT EVIDENCE] Error collecting evidence:', error.message);
-    }
-}
-
-// Main execution
-if (require.main === module) {
-    const toolContext = {
-        tool: process.env.CLAUDE_TOOL_NAME || process.argv[2],
-        params: JSON.parse(process.env.CLAUDE_TOOL_PARAMS || process.argv[3] || '{}'),
-        result: JSON.parse(process.env.CLAUDE_TOOL_RESULT || process.argv[4] || '{}'),
-        exitCode: parseInt(process.env.CLAUDE_TOOL_EXIT_CODE || process.argv[5] || '0'),
-        cwd: process.cwd(),
-        user: process.env.USER
-    };
-    
-    collectEvidence(toolContext).catch(console.error);
-}
-
-module.exports = { collectEvidence };

package/hooks/post-write-hook.js

@@ -1,13 +0,0 @@
-#!/usr/bin/env node
-// Delimit post-write hook
-const axios = require('axios');
-const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
-
-async function process() {
-    console.log('[DELIMIT] post-write hook activated');
-    // Hook implementation
-}
-
-if (require.main === module) {
-    process();
-}

package/hooks/pre-bash-hook.js

@@ -1,30 +0,0 @@
-#!/usr/bin/env node
-const axios = require('axios');
-const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
-
-async function validateBash(params) {
-    const riskyCommands = ['rm -rf', 'chmod 777', 'sudo', '> /dev/sda'];
-    const command = params.command || '';
-    
-    if (riskyCommands.some(cmd => command.includes(cmd))) {
-        console.error('[DELIMIT] ⚠️  Risky command detected');
-        try {
-            const { data } = await axios.post(`${AGENT_URL}/evaluate`, {
-                action: 'bash_command',
-                command: command,
-                riskLevel: 'high'
-            });
-            if (data.action === 'block') {
-                console.error('[DELIMIT] ❌ Command blocked by governance policy');
-                process.exit(1);
-            }
-        } catch (e) {
-            console.warn('[DELIMIT] Governance agent not available');
-        }
-    }
-}
-
-if (require.main === module) {
-    const params = JSON.parse(process.argv[2] || '{}');
-    validateBash(params);
-}

package/hooks/pre-mcp-hook.js

@@ -1,13 +0,0 @@
-#!/usr/bin/env node
-// Delimit pre-mcp hook
-const axios = require('axios');
-const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
-
-async function process() {
-    console.log('[DELIMIT] pre-mcp hook activated');
-    // Hook implementation
-}
-
-if (require.main === module) {
-    process();
-}

package/hooks/pre-read-hook.js

@@ -1,13 +0,0 @@
-#!/usr/bin/env node
-// Delimit pre-read hook
-const axios = require('axios');
-const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
-
-async function process() {
-    console.log('[DELIMIT] pre-read hook activated');
-    // Hook implementation
-}
-
-if (require.main === module) {
-    process();
-}

package/hooks/pre-search-hook.js

@@ -1,13 +0,0 @@
-#!/usr/bin/env node
-// Delimit pre-search hook
-const axios = require('axios');
-const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
-
-async function process() {
-    console.log('[DELIMIT] pre-search hook activated');
-    // Hook implementation
-}
-
-if (require.main === module) {
-    process();
-}

package/hooks/pre-submit-hook.js

@@ -1,4 +0,0 @@
-#!/usr/bin/env node
-// Validates before user prompt submission
-console.log('[DELIMIT] Pre-submission validation');
-// Add validation logic here

package/hooks/pre-task-hook.js

@@ -1,13 +0,0 @@
-#!/usr/bin/env node
-// Delimit pre-task hook
-const axios = require('axios');
-const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
-
-async function process() {
-    console.log('[DELIMIT] pre-task hook activated');
-    // Hook implementation
-}
-
-if (require.main === module) {
-    process();
-}

package/hooks/pre-tool-hook.js

@@ -1,121 +0,0 @@
-#!/usr/bin/env node
-
-/**
- * Delimit™ Pre-Tool Hook
- * Validates tool usage against governance policies before execution
- */
-
-const axios = require('axios');
-const fs = require('fs');
-const path = require('path');
-
-const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
-
-async function checkGovernance(toolContext) {
-    try {
-        // Extract tool information
-        const { tool, params, cwd, user } = toolContext;
-        
-        // Build governance context
-        const context = {
-            action: 'tool_execution',
-            tool: tool,
-            parameters: params,
-            cwd: cwd,
-            user: user,
-            timestamp: new Date().toISOString(),
-            environment: process.env.NODE_ENV || 'development'
-        };
-        
-        // Special handling for file operations
-        if (['Edit', 'Write', 'MultiEdit', 'Delete'].includes(tool)) {
-            context.fileOperation = true;
-            context.targetPath = params.file_path || params.path;
-            
-            // Check if targeting sensitive paths
-            const sensitivePaths = [
-                '/etc/',
-                '/usr/bin/',
-                '/boot/',
-                '/.ssh/',
-                '/root/.ssh/',
-                '/.aws/',
-                '/.config/gcloud/',
-                '/credentials/',
-                '/secrets/'
-            ];
-            
-            if (context.targetPath && sensitivePaths.some(p => context.targetPath.includes(p))) {
-                context.riskLevel = 'high';
-                context.sensitiveOperation = true;
-            }
-        }
-        
-        // Special handling for command execution
-        if (tool === 'Bash') {
-            context.commandExecution = true;
-            context.command = params.command;
-            
-            // Check for risky commands
-            const riskyCommands = [
-                'rm -rf',
-                'chmod 777',
-                'curl | sh',
-                'wget | sh',
-                'sudo',
-                'pkill',
-                'kill -9',
-                '>',  // redirect overwrite
-                'truncate'
-            ];
-            
-            if (context.command && riskyCommands.some(cmd => context.command.includes(cmd))) {
-                context.riskLevel = 'critical';
-                context.riskyCommand = true;
-            }
-        }
-        
-        // Query governance agent
-        const response = await axios.post(`${AGENT_URL}/evaluate`, context);
-        
-        // Handle the decision
-        const decision = response.data;
-        
-        if (decision.action === 'block') {
-            console.error(`[DELIMIT GOVERNANCE] ❌ Tool execution blocked: ${decision.reason}`);
-            if (decision.rule) {
-                console.error(`[DELIMIT GOVERNANCE] Rule: ${decision.rule}`);
-            }
-            process.exit(1);
-        }
-        
-        if (decision.action === 'prompt') {
-            console.warn(`[DELIMIT GOVERNANCE] ⚠️  Warning: ${decision.message}`);
-            // In non-interactive mode, we allow with warning
-            // In interactive mode, this would prompt the user
-        }
-        
-        if (decision.action === 'allow') {
-            console.log(`[DELIMIT GOVERNANCE] ✅ Tool execution allowed`);
-        }
-        
-    } catch (error) {
-        // If governance agent is not available, log and continue
-        console.warn('[DELIMIT GOVERNANCE] Governance agent not available, proceeding with caution');
-        console.debug(error.message);
-    }
-}
-
-// Main execution
-if (require.main === module) {
-    const toolContext = {
-        tool: process.env.CLAUDE_TOOL_NAME || process.argv[2],
-        params: JSON.parse(process.env.CLAUDE_TOOL_PARAMS || process.argv[3] || '{}'),
-        cwd: process.cwd(),
-        user: process.env.USER
-    };
-    
-    checkGovernance(toolContext).catch(console.error);
-}
-
-module.exports = { checkGovernance };

package/hooks/pre-web-hook.js

@@ -1,13 +0,0 @@
-#!/usr/bin/env node
-// Delimit pre-web hook
-const axios = require('axios');
-const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
-
-async function process() {
-    console.log('[DELIMIT] pre-web hook activated');
-    // Hook implementation
-}
-
-if (require.main === module) {
-    process();
-}

package/hooks/pre-write-hook.js

@@ -1,31 +0,0 @@
-#!/usr/bin/env node
-const axios = require('axios');
-const path = require('path');
-const AGENT_URL = `http://127.0.0.1:${process.env.DELIMIT_AGENT_PORT || 7823}`;
-
-async function validateWrite(params) {
-    const filePath = params.file_path || params.path || '';
-    const sensitivePaths = ['/etc/', '/.ssh/', '/.aws/', '/credentials/'];
-    
-    if (sensitivePaths.some(p => filePath.includes(p))) {
-        console.warn('[DELIMIT] ⚠️  Sensitive file operation detected');
-        try {
-            const { data } = await axios.post(`${AGENT_URL}/evaluate`, {
-                action: 'file_write',
-                path: filePath,
-                riskLevel: 'critical'
-            });
-            if (data.action === 'block') {
-                console.error('[DELIMIT] ❌ File operation blocked by governance policy');
-                process.exit(1);
-            }
-        } catch (e) {
-            console.warn('[DELIMIT] Governance agent not available');
-        }
-    }
-}
-
-if (require.main === module) {
-    const params = JSON.parse(process.argv[2] || '{}');
-    validateWrite(params);
-}

package/hooks/test-hooks.sh

@@ -1,12 +0,0 @@
-#!/bin/bash
-echo "Testing Delimit hooks..."
-
-# Test pre-bash hook
-echo "Testing bash hook..."
-node /home/delimit/npm-delimit/hooks/pre-bash-hook.js '{"command":"ls"}'
-
-# Test pre-write hook
-echo "Testing write hook..."
-node /home/delimit/npm-delimit/hooks/pre-write-hook.js '{"file_path":"/tmp/test.txt"}'
-
-echo "✓ Hook tests complete"

package/hooks/update-delimit.sh

@@ -1,6 +0,0 @@
-#!/bin/bash
-echo "Updating Delimit..."
-cd /home/delimit/npm-delimit
-git pull
-npm install
-echo "✓ Delimit updated"

package/scripts/infect.js

@@ -1,128 +0,0 @@
-#!/usr/bin/env node
-
-const fs = require('fs');
-const path = require('path');
-const os = require('os');
-const { execSync } = require('child_process');
-
-const HOME_DIR = os.homedir();
-const DELIMIT_HOME = path.join(HOME_DIR, '.delimit');
-const SHIM_DIR = path.join(DELIMIT_HOME, 'shims');
-const HOOKS_DIR = path.join(DELIMIT_HOME, 'hooks');
-const BIN_DIR = path.join(DELIMIT_HOME, 'bin');
-
-console.log('\n🔵 Installing Delimit Governance Layer...');
-console.log('⚠️  WARNING: This will modify your system permanently.\n');
-
-try {
-    // 1. Create directory structure
-    [DELIMIT_HOME, SHIM_DIR, HOOKS_DIR, BIN_DIR].forEach(dir => {
-        fs.mkdirSync(dir, { recursive: true });
-    });
-    console.log('✓ Created ~/.delimit directory structure');
-
-    // 2. Copy the main Delimit CLI
-    const cliSource = path.join(__dirname, '..', 'bin', 'delimit.js');
-    const cliDest = path.join(BIN_DIR, 'delimit');
-    fs.copyFileSync(cliSource, cliDest);
-    fs.chmodSync(cliDest, '755');
-    console.log('✓ Installed Delimit CLI');
-
-    // 3. Install global Git hooks
-    const preCommitHook = `#!/bin/sh
-# Delimit Governance Hook - Pre-commit
-${cliDest} pre-commit-check`;
-
-    const prePushHook = `#!/bin/sh
-# Delimit Governance Hook - Pre-push  
-${cliDest} pre-push-check`;
-
-    fs.writeFileSync(path.join(HOOKS_DIR, 'pre-commit'), preCommitHook);
-    fs.writeFileSync(path.join(HOOKS_DIR, 'pre-push'), prePushHook);
-    fs.chmodSync(path.join(HOOKS_DIR, 'pre-commit'), '755');
-    fs.chmodSync(path.join(HOOKS_DIR, 'pre-push'), '755');
-    
-    execSync(`git config --global core.hooksPath ${HOOKS_DIR}`);
-    console.log('✓ Installed global Git hooks');
-
-    // 4. Create AI tool shims
-    const aiTools = ['claude', 'gemini', 'codex', 'copilot', 'gh', 'openai', 'anthropic'];
-    aiTools.forEach(tool => {
-        const shimContent = `#!/bin/sh
-# Delimit Governance Shim for ${tool}
-exec ${cliDest} proxy --tool=${tool} -- "$@"`;
-        
-        const shimPath = path.join(SHIM_DIR, tool);
-        fs.writeFileSync(shimPath, shimContent);
-        fs.chmodSync(shimPath, '755');
-    });
-    console.log(`✓ Created ${aiTools.length} AI tool shims`);
-
-    // 5. Inject into shell profiles
-    const shellProfiles = [
-        '.bashrc',
-        '.zshrc', 
-        '.profile',
-        '.bash_profile'
-    ].map(f => path.join(HOME_DIR, f));
-
-    const pathInjection = `
-# Delimit Governance Layer - DO NOT REMOVE
-export PATH="${SHIM_DIR}:$PATH"
-export DELIMIT_ACTIVE=true
-
-# Show governance status on shell start
-if [ -t 1 ]; then
-  echo -e "\\033[34m\\033[1m[Delimit]\\033[0m Governance active. All AI tools and Git operations are monitored."
-fi
-`;
-
-    let injected = false;
-    shellProfiles.forEach(profilePath => {
-        if (fs.existsSync(profilePath)) {
-            const content = fs.readFileSync(profilePath, 'utf8');
-            if (!content.includes('Delimit Governance Layer')) {
-                fs.appendFileSync(profilePath, pathInjection);
-                console.log(`✓ Injected into ${path.basename(profilePath)}`);
-                injected = true;
-            }
-        }
-    });
-
-    if (!injected) {
-        // Create a .profile if nothing exists
-        const profilePath = path.join(HOME_DIR, '.profile');
-        fs.writeFileSync(profilePath, pathInjection);
-        console.log('✓ Created .profile with governance');
-    }
-
-    // 6. Create global command link
-    try {
-        const globalBin = '/usr/local/bin/delimit';
-        if (fs.existsSync('/usr/local/bin')) {
-            if (fs.existsSync(globalBin)) {
-                fs.unlinkSync(globalBin);
-            }
-            fs.symlinkSync(cliDest, globalBin);
-            console.log('✓ Created global delimit command');
-        }
-    } catch (e) {
-        // Ignore if can't create global link
-    }
-
-    console.log('\n' + '═'.repeat(60));
-    console.log('🟢 DELIMIT GOVERNANCE LAYER INSTALLED SUCCESSFULLY');
-    console.log('═'.repeat(60));
-    console.log('\n⚡ IMPORTANT: Restart your terminal or run:');
-    console.log('   source ~/.bashrc (or ~/.zshrc)\n');
-    console.log('📊 Check status with: delimit status');
-    console.log('📖 Documentation: https://delimit.ai\n');
-    console.log('⚠️  WARNING: Governance is now mandatory.');
-    console.log('   All AI tools and Git operations are monitored.\n');
-
-} catch (error) {
-    console.error('\n❌ Installation failed:', error.message);
-    console.error('\nTry installing globally with sudo:');
-    console.error('   sudo npm install -g delimit\n');
-    process.exit(1);
-}