npm - forgeos - Versions diffs - 0.1.0-alpha.0 → 0.1.0-alpha.10 - Mend

forgeos 0.1.0-alpha.0 → 0.1.0-alpha.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (346) hide show

package/.npmignore +9 -1
package/AGENTS.md +43 -3
package/CHANGELOG.md +109 -0
package/CONTRIBUTING.md +22 -1
package/README.md +82 -11
package/adapters/go/README.md +23 -0
package/adapters/go/go.mod +3 -0
package/adapters/go/http.go +149 -0
package/adapters/go/registry.go +234 -0
package/adapters/go/types.go +136 -0
package/bin/forge.mjs +4 -3
package/docs/changelog.md +116 -0
package/docs/forge-protocol.md +156 -0
package/examples/go-billing/go.mod +7 -0
package/examples/go-billing/main.go +120 -0
package/package.json +18 -7
package/packages/eslint-plugin-forge/index.ts +15 -15
package/packages/eslint-plugin-forge/package.json +10 -10
package/packages/eslint-plugin-forge/src/check-source.ts +95 -95
package/packages/eslint-plugin-forge/src/load-artifacts.ts +24 -24
package/packages/eslint-plugin-forge/src/rule-no-forge-guard-violation.ts +93 -93
package/schemas/forge-manifest.schema.json +57 -0
package/src/forge/_generated/actionSubscriptions.json +1 -2
package/src/forge/_generated/actionSubscriptions.ts +3 -3
package/src/forge/_generated/agentAdapterManifest.json +1 -2
package/src/forge/_generated/agentAdapterManifest.ts +3 -3
package/src/forge/_generated/agentContract.json +1 -2
package/src/forge/_generated/agentContract.ts +6927 -7
package/src/forge/_generated/agentQuickstart.md +3 -1
package/src/forge/_generated/agentTools.json +1 -0
package/src/forge/_generated/agentTools.md +16 -0
package/src/forge/_generated/agentTools.ts +12 -0
package/src/forge/_generated/aiContext.ts +67 -1
package/src/forge/_generated/aiModels.json +1 -2
package/src/forge/_generated/aiModels.ts +17 -1
package/src/forge/_generated/aiProviders.json +0 -1
package/src/forge/_generated/aiProviders.ts +1 -1
package/src/forge/_generated/aiRegistry.json +1 -2
package/src/forge/_generated/aiRegistry.ts +7 -5
package/src/forge/_generated/api.json +1 -2
package/src/forge/_generated/api.ts +7 -2
package/src/forge/_generated/appGraph.json +1 -2
package/src/forge/_generated/appGraph.ts +2186 -1346
package/src/forge/_generated/appMap.md +21 -1
package/src/forge/_generated/artifactManifest.json +1 -2
package/src/forge/_generated/artifactManifest.ts +2 -2
package/src/forge/_generated/authClaims.json +0 -1
package/src/forge/_generated/authClaims.ts +1 -1
package/src/forge/_generated/authConfig.json +0 -1
package/src/forge/_generated/authConfig.ts +1 -1
package/src/forge/_generated/authContext.ts +1 -1
package/src/forge/_generated/authRegistry.json +0 -1
package/src/forge/_generated/authRegistry.ts +1 -1
package/src/forge/_generated/buildInfo.json +1 -2
package/src/forge/_generated/buildInfo.ts +4 -4
package/src/forge/_generated/capabilityMap.json +1 -2
package/src/forge/_generated/capabilityMap.md +1 -1
package/src/forge/_generated/capabilityMap.ts +2 -2
package/src/forge/_generated/client.ts +88 -1
package/src/forge/_generated/clientApi.ts +2 -1
package/src/forge/_generated/clientManifest.json +1 -2
package/src/forge/_generated/clientManifest.ts +6 -4
package/src/forge/_generated/clientTypes.ts +19 -1
package/src/forge/_generated/configRegistry.json +0 -1
package/src/forge/_generated/configRegistry.ts +1 -1
package/src/forge/_generated/dataGraph.json +1 -2
package/src/forge/_generated/dataGraph.ts +3 -3
package/src/forge/_generated/db.json +0 -1
package/src/forge/_generated/db.ts +1 -1
package/src/forge/_generated/dbSecurityManifest.json +0 -1
package/src/forge/_generated/dbSecurityManifest.ts +1 -1
package/src/forge/_generated/dbSessionContext.json +0 -1
package/src/forge/_generated/dbSessionContext.ts +1 -1
package/src/forge/_generated/deployManifest.json +1 -2
package/src/forge/_generated/deployManifest.ts +7 -7
package/src/forge/_generated/devManifest.json +1 -2
package/src/forge/_generated/devManifest.ts +18 -3
package/src/forge/_generated/envSchema.json +0 -1
package/src/forge/_generated/envSchema.ts +1 -1
package/src/forge/_generated/externalServices.json +1 -0
package/src/forge/_generated/externalServices.ts +9 -0
package/src/forge/_generated/frontendGraph.json +0 -1
package/src/forge/_generated/frontendGraph.ts +1 -1
package/src/forge/_generated/importGuards.json +1 -2
package/src/forge/_generated/importGuards.ts +35 -1
package/src/forge/_generated/index.ts +3 -1
package/src/forge/_generated/liveProductionManifest.json +0 -1
package/src/forge/_generated/liveProductionManifest.ts +1 -1
package/src/forge/_generated/liveProtocol.json +0 -1
package/src/forge/_generated/liveProtocol.ts +1 -1
package/src/forge/_generated/liveQueryRegistry.json +1 -2
package/src/forge/_generated/liveQueryRegistry.ts +3 -3
package/src/forge/_generated/liveTransportConfig.json +0 -1
package/src/forge/_generated/liveTransportConfig.ts +1 -1
package/src/forge/_generated/makeRegistry.json +1 -2
package/src/forge/_generated/makeRegistry.ts +16 -2
package/src/forge/_generated/makeTemplates.json +1 -2
package/src/forge/_generated/makeTemplates.ts +6 -1
package/src/forge/_generated/mockMap.json +0 -1
package/src/forge/_generated/mockMap.ts +1 -1
package/src/forge/_generated/operationPlaybooks.md +40 -18
package/src/forge/_generated/packageGraph.json +1 -2
package/src/forge/_generated/packageGraph.ts +114376 -33611
package/src/forge/_generated/packageUpgradeRegistry.json +1 -2
package/src/forge/_generated/packageUpgradeRegistry.ts +2 -2
package/src/forge/_generated/permissionMatrix.json +1 -2
package/src/forge/_generated/permissionMatrix.ts +3 -3
package/src/forge/_generated/policyRegistry.json +1 -2
package/src/forge/_generated/policyRegistry.ts +3 -3
package/src/forge/_generated/queryRegistry.json +1 -2
package/src/forge/_generated/queryRegistry.ts +3 -3
package/src/forge/_generated/react.d.ts +1 -1
package/src/forge/_generated/react.ts +1 -1
package/src/forge/_generated/reactManifest.json +1 -2
package/src/forge/_generated/reactManifest.ts +3 -3
package/src/forge/_generated/releaseManifest.json +1 -2
package/src/forge/_generated/releaseManifest.ts +3 -3
package/src/forge/_generated/rlsPolicies.json +0 -1
package/src/forge/_generated/rlsPolicies.sql +1 -1
package/src/forge/_generated/rlsPolicies.ts +1 -1
package/src/forge/_generated/runtimeGraph.json +1 -2
package/src/forge/_generated/runtimeGraph.ts +3 -3
package/src/forge/_generated/runtimeMatrix.json +1 -2
package/src/forge/_generated/runtimeMatrix.ts +118936 -13931
package/src/forge/_generated/runtimeRegistry.ts +1 -1
package/src/forge/_generated/runtimeRules.md +13 -1
package/src/forge/_generated/secretRegistry.json +0 -1
package/src/forge/_generated/secretRegistry.ts +1 -1
package/src/forge/_generated/secretsContext.ts +1 -1
package/src/forge/_generated/serverApi.ts +2 -1
package/src/forge/_generated/sourceMapManifest.json +1 -2
package/src/forge/_generated/sourceMapManifest.ts +2 -2
package/src/forge/_generated/sqlPlan.json +0 -1
package/src/forge/_generated/sqlPlan.ts +1 -1
package/src/forge/_generated/subscriptionManifest.json +1 -2
package/src/forge/_generated/subscriptionManifest.ts +3 -3
package/src/forge/_generated/symbolicationManifest.json +1 -2
package/src/forge/_generated/symbolicationManifest.ts +2 -2
package/src/forge/_generated/telemetryRegistry.json +1 -2
package/src/forge/_generated/telemetryRegistry.ts +3 -3
package/src/forge/_generated/telemetrySinks.json +1 -2
package/src/forge/_generated/telemetrySinks.ts +2 -2
package/src/forge/_generated/tenantScope.json +1 -2
package/src/forge/_generated/tenantScope.ts +3 -3
package/src/forge/_generated/testGraph.json +1 -2
package/src/forge/_generated/testGraph.ts +565 -113
package/src/forge/_generated/testPlanRegistry.json +1 -2
package/src/forge/_generated/testPlanRegistry.ts +2 -2
package/src/forge/_generated/uiRoutes.json +0 -1
package/src/forge/_generated/uiRoutes.ts +1 -1
package/src/forge/_generated/uiScenarios.json +0 -1
package/src/forge/_generated/uiScenarios.ts +1 -1
package/src/forge/_generated/uiTestManifest.json +1 -2
package/src/forge/_generated/uiTestManifest.ts +2 -2
package/src/forge/_generated/workflowRegistry.json +1 -2
package/src/forge/_generated/workflowRegistry.ts +3 -3
package/src/forge/_generated/workflowSubscriptions.json +1 -2
package/src/forge/_generated/workflowSubscriptions.ts +3 -3
package/src/forge/bench.ts +248 -0
package/src/forge/cli/ai.ts +671 -3
package/src/forge/cli/auth.ts +36 -1
package/src/forge/cli/build.ts +1 -1
package/src/forge/cli/commands.ts +1013 -861
package/src/forge/cli/deps.ts +178 -11
package/src/forge/cli/dev.ts +32 -5
package/src/forge/cli/index.ts +7 -7
package/src/forge/cli/main.ts +57 -55
package/src/forge/cli/new.ts +29 -1
package/src/forge/cli/output.ts +97 -97
package/src/forge/cli/parse.ts +867 -677
package/src/forge/cli/query.ts +32 -0
package/src/forge/cli/rls.ts +568 -17
package/src/forge/cli/run.ts +41 -0
package/src/forge/cli/secrets.ts +46 -1
package/src/forge/cli/security.ts +381 -0
package/src/forge/cli/verify.ts +201 -24
package/src/forge/cli/version.ts +1 -1
package/src/forge/compiler/agent-contract/build.ts +435 -12
package/src/forge/compiler/agent-contract/types.ts +88 -0
package/src/forge/compiler/ai-registry/build.ts +62 -1
package/src/forge/compiler/ai-registry/constants.ts +1 -1
package/src/forge/compiler/ai-registry/parse.ts +98 -4
package/src/forge/compiler/api-surface/build.ts +47 -0
package/src/forge/compiler/app-graph/build.ts +141 -113
package/src/forge/compiler/app-graph/classify.ts +10 -10
package/src/forge/compiler/app-graph/dup-symbol.ts +29 -29
package/src/forge/compiler/app-graph/extract.ts +123 -123
package/src/forge/compiler/app-graph/forge-apis.ts +30 -29
package/src/forge/compiler/app-graph/index.ts +11 -11
package/src/forge/compiler/app-graph/module-graph.ts +312 -317
package/src/forge/compiler/app-graph/parser.ts +119 -119
package/src/forge/compiler/app-graph/profile.ts +26 -0
package/src/forge/compiler/app-graph/symbols.ts +48 -48
package/src/forge/compiler/app-graph/tsconfig-hash.ts +62 -62
package/src/forge/compiler/app-graph/types.ts +43 -43
package/src/forge/compiler/app-graph/versions.ts +14 -14
package/src/forge/compiler/cache/index.ts +17 -17
package/src/forge/compiler/cache/key.ts +46 -46
package/src/forge/compiler/cache/scheduler.ts +72 -72
package/src/forge/compiler/cache/store.ts +78 -78
package/src/forge/compiler/classifier/capabilities.ts +79 -78
package/src/forge/compiler/classifier/classify.ts +137 -113
package/src/forge/compiler/classifier/contexts.ts +188 -188
package/src/forge/compiler/classifier/index.ts +18 -18
package/src/forge/compiler/classifier/runtime-matrix.ts +45 -45
package/src/forge/compiler/classifier/secrets.ts +42 -41
package/src/forge/compiler/classifier/signals.ts +219 -129
package/src/forge/compiler/client-sdk/build-manifest.ts +4 -0
package/src/forge/compiler/client-sdk/render-client.ts +105 -0
package/src/forge/compiler/dev-manifest/build.ts +3 -0
package/src/forge/compiler/diagnostics/codes.ts +152 -120
package/src/forge/compiler/diagnostics/create.ts +88 -88
package/src/forge/compiler/diagnostics/index.ts +41 -41
package/src/forge/compiler/emitter/artifact-kind.ts +14 -14
package/src/forge/compiler/emitter/barrel.ts +38 -38
package/src/forge/compiler/emitter/constants.ts +7 -7
package/src/forge/compiler/emitter/emit.ts +234 -237
package/src/forge/compiler/emitter/index.ts +24 -24
package/src/forge/compiler/emitter/lock.ts +61 -61
package/src/forge/compiler/emitter/render.ts +78 -73
package/src/forge/compiler/external-manifest/registry.ts +204 -0
package/src/forge/compiler/external-manifest/types.ts +89 -0
package/src/forge/compiler/external-manifest/validate.ts +335 -0
package/src/forge/compiler/guards/artifacts.ts +96 -96
package/src/forge/compiler/guards/check-import-guards.ts +106 -106
package/src/forge/compiler/guards/index.ts +11 -11
package/src/forge/compiler/guards/propagate-contexts.ts +57 -57
package/src/forge/compiler/index.ts +17 -17
package/src/forge/compiler/integration/add.ts +493 -493
package/src/forge/compiler/integration/index.ts +17 -17
package/src/forge/compiler/integration/plan.ts +279 -279
package/src/forge/compiler/integration/render.ts +189 -189
package/src/forge/compiler/integration/snapshot.ts +52 -52
package/src/forge/compiler/make-registry/build.ts +13 -0
package/src/forge/compiler/orchestrator/discover.ts +214 -214
package/src/forge/compiler/orchestrator/guards.ts +5 -5
package/src/forge/compiler/orchestrator/index.ts +27 -27
package/src/forge/compiler/orchestrator/manifest.ts +69 -69
package/src/forge/compiler/orchestrator/orphans.ts +51 -51
package/src/forge/compiler/orchestrator/plan-profile.ts +23 -0
package/src/forge/compiler/orchestrator/plan.ts +857 -805
package/src/forge/compiler/orchestrator/profile.ts +65 -0
package/src/forge/compiler/orchestrator/run.ts +244 -178
package/src/forge/compiler/orchestrator/serialize.ts +934 -859
package/src/forge/compiler/orchestrator/types.ts +23 -23
package/src/forge/compiler/orchestrator/verify.ts +35 -35
package/src/forge/compiler/package-graph/capabilities-stub.ts +33 -33
package/src/forge/compiler/package-graph/checksum.ts +107 -97
package/src/forge/compiler/package-graph/compiler.ts +454 -363
package/src/forge/compiler/package-graph/constants.ts +4 -4
package/src/forge/compiler/package-graph/exports-discovery.ts +91 -84
package/src/forge/compiler/package-graph/extract-dts.ts +32 -32
package/src/forge/compiler/package-graph/index.ts +24 -24
package/src/forge/compiler/package-graph/jsdoc.ts +50 -50
package/src/forge/compiler/package-graph/oracle.ts +326 -0
package/src/forge/compiler/package-graph/read-file.ts +21 -21
package/src/forge/compiler/package-graph/resolve.ts +131 -127
package/src/forge/compiler/package-manager/adapter.ts +232 -232
package/src/forge/compiler/package-manager/commands.ts +47 -47
package/src/forge/compiler/package-manager/detect.ts +65 -65
package/src/forge/compiler/package-manager/executor.ts +29 -29
package/src/forge/compiler/package-manager/index.ts +22 -22
package/src/forge/compiler/package-manager/parse-spec.ts +16 -16
package/src/forge/compiler/package-manager/version.ts +20 -20
package/src/forge/compiler/policy-registry/build.ts +44 -1
package/src/forge/compiler/primitives/compare.ts +26 -26
package/src/forge/compiler/primitives/hash.ts +42 -33
package/src/forge/compiler/primitives/header.ts +43 -43
package/src/forge/compiler/primitives/index.ts +45 -45
package/src/forge/compiler/primitives/paths.ts +24 -24
package/src/forge/compiler/primitives/serialize.ts +66 -66
package/src/forge/compiler/primitives/sort.ts +87 -87
package/src/forge/compiler/recipes/definitions.ts +269 -269
package/src/forge/compiler/recipes/helpers.ts +37 -37
package/src/forge/compiler/recipes/index.ts +21 -21
package/src/forge/compiler/recipes/registry.ts +87 -87
package/src/forge/compiler/sandbox/artifact-sanitize.ts +26 -26
package/src/forge/compiler/sandbox/backends/child.ts +123 -123
package/src/forge/compiler/sandbox/backends/docker.ts +173 -173
package/src/forge/compiler/sandbox/index.ts +51 -51
package/src/forge/compiler/sandbox/inspect.ts +143 -143
package/src/forge/compiler/sandbox/inspector-entry.ts +115 -115
package/src/forge/compiler/sandbox/limits.ts +31 -31
package/src/forge/compiler/sandbox/scrub-env.ts +60 -60
package/src/forge/compiler/sandbox/secret-scan.ts +54 -54
package/src/forge/compiler/sandbox/serialize.ts +106 -106
package/src/forge/compiler/sandbox/types.ts +7 -7
package/src/forge/compiler/test-graph/build.ts +11 -3
package/src/forge/compiler/types/ai-registry.ts +25 -1
package/src/forge/compiler/types/app-graph.ts +72 -71
package/src/forge/compiler/types/capability.ts +29 -29
package/src/forge/compiler/types/classification.ts +9 -9
package/src/forge/compiler/types/cli.ts +89 -85
package/src/forge/compiler/types/dev-manifest.ts +3 -0
package/src/forge/compiler/types/diagnostic.ts +2 -2
package/src/forge/compiler/types/emit.ts +25 -25
package/src/forge/compiler/types/import-guards.ts +19 -19
package/src/forge/compiler/types/index.ts +98 -98
package/src/forge/compiler/types/integration.ts +25 -25
package/src/forge/compiler/types/json.ts +3 -3
package/src/forge/compiler/types/lock.ts +37 -37
package/src/forge/compiler/types/package-graph.ts +122 -77
package/src/forge/compiler/types/runtime-matrix.ts +16 -16
package/src/forge/compiler/types/runtime.ts +30 -30
package/src/forge/compiler/types/sandbox.ts +24 -24
package/src/forge/dev/server.ts +592 -3
package/src/forge/make/index.ts +126 -3
package/src/forge/make/templates.ts +190 -2
package/src/forge/make/types.ts +1 -0
package/src/forge/refactor/index.ts +10 -2
package/src/forge/refactor/runtime-rename.ts +598 -0
package/src/forge/runtime/ai/context.ts +210 -5
package/src/forge/runtime/ai/types.ts +70 -0
package/src/forge/runtime/auth/claims.ts +32 -0
package/src/forge/runtime/auth/errors.ts +2 -0
package/src/forge/runtime/context/create-context.ts +30 -6
package/src/forge/runtime/db/memory-adapter.ts +2 -2
package/src/forge/runtime/db/postgres-adapter.ts +6 -3
package/src/forge/runtime/executor.ts +3 -2
package/src/forge/runtime/external/bridge.ts +553 -0
package/src/forge/runtime/live/live-query-runner.ts +2 -1
package/src/forge/runtime/outbox/process.ts +2 -1
package/src/forge/runtime/query/run-query.ts +2 -1
package/src/forge/runtime/runner/run-entry.ts +2 -1
package/src/forge/runtime/telemetry/scrubber.ts +56 -5
package/src/forge/runtime/telemetry/sinks/posthog.ts +4 -5
package/src/forge/runtime/telemetry/sinks/sentry.ts +4 -5
package/src/forge/runtime/webhooks/security.ts +184 -0
package/src/forge/runtime/workflows/resolve-step.ts +2 -1
package/src/forge/server.ts +93 -0
package/src/forge/version.ts +3 -0
package/templates/b2b-support-web/package.json +2 -0
package/templates/b2b-support-web/src/actions/captureTicketCreated.ts +7 -2
package/templates/b2b-support-web/src/commands/closeTicket.ts +6 -1
package/templates/b2b-support-web/src/commands/createTicket.ts +8 -2
package/templates/b2b-support-web/src/queries/getTicket.ts +8 -1
package/templates/b2b-support-web/tsconfig.json +4 -1
package/templates/b2b-support-web/web/components/CreateTicketForm.tsx +1 -2
package/templates/b2b-support-web/web/components/PolicyDeniedDemo.tsx +1 -2
package/templates/b2b-support-web/web/components/TicketList.tsx +1 -2
package/templates/b2b-support-web/web/components/TraceDetails.tsx +1 -1
package/templates/b2b-support-web/web/lib/forge.ts +1 -0
package/templates/b2b-support-web/web/package.json +1 -1
package/templates/minimal-web/package.json +2 -1
package/templates/minimal-web/tsconfig.json +3 -1
package/templates/minimal-web/web/package.json +2 -2

package/adapters/go/registry.go ADDED Viewed

@@ -0,0 +1,234 @@
+package forge
+import (
+	"encoding/json"
+	"io"
+)
+type Registry struct {
+	service   Service
+	framework string
+	schemas   map[string]any
+	entries   []registeredEntry
+	lookup    map[string]registeredEntry
+}
+type registeredEntry struct {
+	entry   Entry
+	handler HandlerFunc
+}
+type RegistryOption func(*Registry)
+type EntryOption func(*Entry)
+func New(serviceName string, options ...RegistryOption) *Registry {
+	registry := &Registry{
+		service: Service{
+			Name:      serviceName,
+			Transport: "http",
+			Health:    "/health",
+		},
+		framework: "net/http",
+		schemas:   map[string]any{},
+		lookup:    map[string]registeredEntry{},
+	}
+	for _, option := range options {
+		option(registry)
+	}
+	return registry
+}
+func Framework(value string) RegistryOption {
+	return func(registry *Registry) {
+		registry.framework = value
+	}
+}
+func BaseURL(value string) RegistryOption {
+	return func(registry *Registry) {
+		registry.service.BaseURL = value
+	}
+}
+func Health(path string) RegistryOption {
+	return func(registry *Registry) {
+		registry.service.Health = path
+	}
+}
+func SchemaRef(name string, schema any) RegistryOption {
+	return func(registry *Registry) {
+		registry.schemas[name] = schema
+	}
+}
+func (registry *Registry) Command(name string, handler HandlerFunc, options ...EntryOption) {
+	entry := Entry{
+		Name:        name,
+		Kind:        KindCommand,
+		Path:        "/commands/" + name,
+		Method:      "POST",
+		Transaction: TransactionExternalManaged,
+		Risk:        RiskWrite,
+	}
+	registry.add(entry, handler, options...)
+}
+func (registry *Registry) Query(name string, handler HandlerFunc, options ...EntryOption) {
+	entry := Entry{
+		Name:        name,
+		Kind:        KindQuery,
+		Path:        "/queries/" + name,
+		Method:      "POST",
+		Transaction: TransactionReadOnly,
+		Risk:        RiskRead,
+	}
+	registry.add(entry, handler, options...)
+}
+func (registry *Registry) add(entry Entry, handler HandlerFunc, options ...EntryOption) {
+	for _, option := range options {
+		option(&entry)
+	}
+	registered := registeredEntry{entry: entry, handler: handler}
+	registry.entries = append(registry.entries, registered)
+	registry.lookup[lookupKey(entry.Kind, entry.Name)] = registered
+}
+func Description(value string) EntryOption {
+	return func(entry *Entry) {
+		entry.Description = value
+	}
+}
+func Path(value string) EntryOption {
+	return func(entry *Entry) {
+		entry.Path = value
+	}
+}
+func Method(value string) EntryOption {
+	return func(entry *Entry) {
+		entry.Method = value
+	}
+}
+func InputSchema(schema any) EntryOption {
+	return func(entry *Entry) {
+		entry.InputSchema = schema
+	}
+}
+func OutputSchema(schema any) EntryOption {
+	return func(entry *Entry) {
+		entry.OutputSchema = schema
+	}
+}
+func Policy(value string) EntryOption {
+	return func(entry *Entry) {
+		entry.Policy = value
+	}
+}
+func TenantScoped(value bool) EntryOption {
+	return func(entry *Entry) {
+		entry.TenantScoped = value
+	}
+}
+func TransactionMode(value Transaction) EntryOption {
+	return func(entry *Entry) {
+		entry.Transaction = value
+	}
+}
+func EntryRisk(value Risk) EntryOption {
+	return func(entry *Entry) {
+		entry.Risk = value
+	}
+}
+func NeedsApproval(value bool) EntryOption {
+	return func(entry *Entry) {
+		entry.NeedsApproval = &value
+	}
+}
+func Effects(values ...string) EntryOption {
+	return func(entry *Entry) {
+		entry.Effects = append([]string{}, values...)
+	}
+}
+func ReadOnly() EntryOption {
+	return func(entry *Entry) {
+		entry.Transaction = TransactionReadOnly
+		entry.Risk = RiskRead
+	}
+}
+func (registry *Registry) Manifest(baseURL string) Manifest {
+	service := registry.service
+	if baseURL != "" {
+		service.BaseURL = baseURL
+	}
+	entries := make([]Entry, 0, len(registry.entries))
+	for _, registered := range registry.entries {
+		entries = append(entries, registered.entry)
+	}
+	manifest := Manifest{
+		ForgeProtocol: ProtocolVersion,
+		Language:      "go",
+		Framework:     registry.framework,
+		Service:       service,
+		Entries:       entries,
+	}
+	if len(registry.schemas) > 0 {
+		manifest.Schemas = registry.schemas
+	}
+	return manifest
+}
+func (registry *Registry) MarshalManifest(baseURL string) ([]byte, error) {
+	return json.MarshalIndent(registry.Manifest(baseURL), "", "  ")
+}
+func (registry *Registry) WriteManifest(writer io.Writer, baseURL string) error {
+	encoded, err := registry.MarshalManifest(baseURL)
+	if err != nil {
+		return err
+	}
+	if _, err := writer.Write(encoded); err != nil {
+		return err
+	}
+	_, err = writer.Write([]byte("\n"))
+	return err
+}
+func Object(properties map[string]any, required ...string) Schema {
+	schema := Schema{
+		"type":       "object",
+		"properties": properties,
+	}
+	if len(required) > 0 {
+		schema["required"] = required
+	}
+	return schema
+}
+func String() Schema {
+	return Schema{"type": "string"}
+}
+func Boolean() Schema {
+	return Schema{"type": "boolean"}
+}
+func Array(items any) Schema {
+	return Schema{"type": "array", "items": items}
+}
+func lookupKey(kind EntryKind, name string) string {
+	return string(kind) + ":" + name
+}

package/adapters/go/types.go ADDED Viewed

@@ -0,0 +1,136 @@
+package forge
+import (
+	"context"
+	"encoding/json"
+	"net/http"
+)
+const ProtocolVersion = "1.0"
+type EntryKind string
+type Risk string
+type Transaction string
+const (
+	KindCommand EntryKind = "command"
+	KindQuery   EntryKind = "query"
+	RiskRead        Risk = "read"
+	RiskWrite       Risk = "write"
+	RiskDestructive Risk = "destructive"
+	RiskExternal    Risk = "external"
+	TransactionReadOnly        Transaction = "read-only"
+	TransactionExternalManaged Transaction = "external-managed"
+	TransactionForgeManaged    Transaction = "forge-managed"
+	TransactionSaga            Transaction = "saga"
+)
+type Schema map[string]any
+type Manifest struct {
+	ForgeProtocol string         `json:"forgeProtocol"`
+	Language      string         `json:"language"`
+	Framework     string         `json:"framework,omitempty"`
+	Service       Service        `json:"service"`
+	Entries       []Entry        `json:"entries"`
+	Schemas       map[string]any `json:"schemas,omitempty"`
+}
+type Service struct {
+	Name      string `json:"name"`
+	Transport string `json:"transport"`
+	BaseURL   string `json:"baseUrl,omitempty"`
+	Command   string `json:"command,omitempty"`
+	Health    string `json:"health,omitempty"`
+}
+type Entry struct {
+	Name          string      `json:"name"`
+	Kind          EntryKind   `json:"kind"`
+	Description   string      `json:"description,omitempty"`
+	Path          string      `json:"path,omitempty"`
+	Method        string      `json:"method,omitempty"`
+	InputSchema   any         `json:"inputSchema,omitempty"`
+	OutputSchema  any         `json:"outputSchema,omitempty"`
+	Policy        string      `json:"policy,omitempty"`
+	TenantScoped  bool        `json:"tenantScoped,omitempty"`
+	Transaction   Transaction `json:"transaction,omitempty"`
+	Risk          Risk        `json:"risk,omitempty"`
+	NeedsApproval *bool       `json:"needsApproval,omitempty"`
+	Effects       []string    `json:"effects,omitempty"`
+}
+type Auth struct {
+	Kind        string         `json:"kind"`
+	UserID      string         `json:"userId,omitempty"`
+	TenantID    string         `json:"tenantId,omitempty"`
+	Role        string         `json:"role,omitempty"`
+	Roles       []string       `json:"roles,omitempty"`
+	Permissions []string       `json:"permissions,omitempty"`
+	Email       string         `json:"email,omitempty"`
+	Name        string         `json:"name,omitempty"`
+	Claims      map[string]any `json:"claims,omitempty"`
+}
+type ForgeCall struct {
+	Service string `json:"service"`
+	Entry   string `json:"entry"`
+	Kind    string `json:"kind"`
+	TraceID string `json:"traceId"`
+}
+type Context struct {
+	Auth    Auth
+	Forge   ForgeCall
+	Headers http.Header
+}
+type HandlerFunc func(context.Context, *Context, json.RawMessage) (any, error)
+type RequestEnvelope struct {
+	Args  json.RawMessage `json:"args"`
+	Auth  Auth            `json:"auth"`
+	Forge ForgeCall       `json:"forge"`
+}
+type ResponseEnvelope struct {
+	OK          bool         `json:"ok"`
+	Result      any          `json:"result,omitempty"`
+	Diagnostics []Diagnostic `json:"diagnostics,omitempty"`
+	Error       *ErrorInfo   `json:"error,omitempty"`
+	TraceID     string       `json:"traceId,omitempty"`
+}
+type Diagnostic struct {
+	Severity string   `json:"severity"`
+	Code     string   `json:"code"`
+	Message  string   `json:"message"`
+	File     string   `json:"file,omitempty"`
+	FixHint  string   `json:"fixHint,omitempty"`
+	Docs     []string `json:"docs,omitempty"`
+}
+type ErrorInfo struct {
+	Code    string `json:"code"`
+	Message string `json:"message"`
+}
+func Decode(raw json.RawMessage, target any) error {
+	if len(raw) == 0 || string(raw) == "null" {
+		raw = json.RawMessage("{}")
+	}
+	return json.Unmarshal(raw, target)
+}
+func Handle[In any, Out any](handler func(context.Context, *Context, In) (Out, error)) HandlerFunc {
+	return func(ctx context.Context, call *Context, raw json.RawMessage) (any, error) {
+		var input In
+		if err := Decode(raw, &input); err != nil {
+			var zero Out
+			return zero, err
+		}
+		return handler(ctx, call, input)
+	}
+}

package/bin/forge.mjs CHANGED Viewed

@@ -5,15 +5,16 @@ import { fileURLToPath, pathToFileURL } from "node:url";
 const root = dirname(dirname(fileURLToPath(import.meta.url)));
 const entrypoint = join(root, "src", "forge", "cli", "main.ts");
-let tsImport;
+let register;
 try {
-  ({ tsImport } = await import("tsx/esm/api"));
+  ({ register } = await import("tsx/esm/api"));
 } catch {
   console.error("error: Forge requires the 'tsx' package to run under Node.");
   console.error("Install dependencies with your package manager, then retry.");
   process.exit(1);
 }
-const module = await tsImport(pathToFileURL(entrypoint).href, import.meta.url);
+register();
+const module = await import(pathToFileURL(entrypoint).href);
 const exitCode = await module.main(process.argv.slice(2));
 process.exit(exitCode);

package/docs/changelog.md ADDED Viewed

@@ -0,0 +1,116 @@
+# Changelog
+Release history for the `forgeos` npm package (`alpha` dist-tag).
+The canonical source file in the repository is `CHANGELOG.md`.
+## 0.1.0-alpha.10
+Launch polish:
+- Fixed `forge run <external-command> --args ...` so CLI arguments reach the external runtime bridge.
+- Added direct external query CLI support through `forge query <service.query> --args ...`.
+- Emit generated `.json` artifacts as pure JSON while keeping deterministic headers on code/text artifacts.
+- Relaxed the `minimal-web` template verify script to `forge verify --smoke` and added the missing `check` script to `b2b-support-web`.
+- Updated public protocol/changelog docs for the external runtime and Go adapter alpha line.
+- Bumped the create-app wrapper package line to `create-forgeos-app@0.1.0-alpha.4`.
+## 0.1.0-alpha.9
+Compiler, external runtime, and Go adapter:
+- Added the Forge external runtime protocol bridge for manifest-backed commands and queries.
+- Added the Go adapter MVP with a real `go-billing` conformance example.
+- Emitted external service metadata into inspect/API/agent artifacts, including `needsApproval` for agent tools.
+- Reuse compiler classifier package signals across export classification, dropping repeated package signal scans.
+- Reuse serialized graph JSON when rendering the largest generated TypeScript graph artifacts.
+- Keep generated Forge artifacts aligned with the `0.1.0-alpha.9` compiler/runtime version.
+## 0.1.0-alpha.8
+Publishing:
+- Publish prerelease packages through the ForgeOS alpha publisher so npm dist-tags stay aligned.
+## 0.1.0-alpha.7
+Publishing:
+- Keep npm prerelease publishing on the public alpha dist-tag.
+## 0.1.0-alpha.6
+Release and packaging hardening:
+- Added `forge --version` / `forge --version --json`.
+- Updated `create-forgeos-app` help to read the wrapper package version instead of a hardcoded string and bumped the wrapper to `0.1.0-alpha.2`.
+- Added dependency vulnerability evidence with an explicit waiver file and CI release gate.
+- Updated generated web template dependencies to current Vite/plugin-react and Next majors.
+## 0.1.0-alpha.5
+Release alignment for the public alpha channel:
+- Added `forge ai redteam --model-level --json` with deterministic prompt-injection, secret-exfiltration, approval-bypass, cross-tenant, and indirect tool-injection probes.
+- Added `forge security prove --full --json` support for source checkouts, with graceful structural-proof fallback when packaged apps do not include ForgeOS test fixtures.
+- Strengthened npm publish workflows to run `security prove --db postgres --full --json`.
+- Added public registry smoke coverage for `forgeos@alpha` and `create-forgeos-app@alpha`.
+- Bumped the create-app wrapper package line to `create-forgeos-app@0.1.0-alpha.1`.
+## 0.1.0-alpha.4
+Security assurance and release evidence hardening:
+- Added value-aware telemetry redaction for known secret values in safe-looking fields, messages, details, outputs, and stack traces.
+- Added webhook signature, timestamp, and replay protection helpers with Stripe/GitHub/generic HMAC coverage.
+- Added HTTP tenant-isolation tests that exercise the dev server/API boundary, not only the internal runtime executor.
+- Added `forge rls mutate-test --json` to kill dangerous generated RLS mutations such as missing FORCE RLS, missing policies, unconditional predicates, and `BYPASSRLS`.
+- Extended `forge security prove --json` with RLS mutation proof and invariant-level evidence metadata.
+- Added scripts to split security evidence by invariant and emit basic release supply-chain evidence plus CycloneDX SBOM.
+- Strengthened publish/security workflows so release gates use Postgres-backed security proof, RLS mutation proof, release evidence, and SBOM generation.
+## 0.1.0-alpha.3
+Native Forge AI agents on top of Vercel AI SDK v6:
+- Added `aiTool` and `agent` primitives with generated `agentTools.json` / `agentTools.md`.
+- Added `ctx.agent.run` and `ctx.ai.runAgent` using AI SDK `ToolLoopAgent`.
+- Added auto-tools for commands, queries, and liveQueries with read-only vs approval-required writes.
+- Added dev agent endpoints: `POST /ai/agents/run` and `POST /ai/agents/chat`.
+- Extended `forge ai` CLI with `tools`, `agents`, and `trace` subcommands.
+- Added `forge inspect agent-tools` and agent tool metadata in `agentContract.json`.
+- Upgraded runtime dependency to AI SDK v6 for tool calling, streaming UI, and MCP compatibility.
+Documentation:
+- Added public [AI](ai.md) page and AST-aware `rename command` codemod docs.
+- Full RTD expansion: [Agent Workflow](agent-workflow.md), [Frontend](frontend.md), [Security & Data](security-and-data.md), [Authoring](authoring.md), [Testing & Repair](testing-and-repair.md), [Self-Host](self-host.md), [Templates](templates.md), Material theme, search, and Mermaid diagrams.
+## 0.1.0-alpha.2
+Windows and generated-app hardening:
+- Fixed Node ESM handler loading on Windows by importing generated app modules through `file://` URLs across commands, queries, liveQueries, outbox actions, workflow steps, mocks, and telemetry adapters.
+- Fixed `forge dev` SSE streaming on the Node HTTP fallback so liveQuery snapshots are flushed immediately instead of buffering forever.
+- Hardened generated app scaffolding and web dev spawning on Windows.
+- Updated the B2B support template to route frontend imports through `web/lib/forge.ts` and use safer handler input validation.
+- Added focused tests for Node compatibility, template scaffolding, runtime imports, and streaming responses.
+- Added `create-forgeos-app@alpha` for `npm create forgeos-app@alpha`.
+- Added GitHub Packages mirror workflow for scoped package publishing.
+## 0.1.0-alpha.1
+Republish alpha with the dependency/API oracle improvements:
+- Added dependency API inspection commands for agents: `forge deps api`, `forge deps trace`, and `forge deps runtime-compat`.
+- Added dependency API summaries to `agentContract.json`.
+- Added package resolution traces, runtime compatibility metadata, and runtime/type mismatch diagnostics to `packageGraph`.
+- Reduced package graph warning noise for `package.json` metadata exports, declaration-file subpaths, and pattern exports.
+## 0.1.0-alpha.0
+Initial alpha packaging baseline for ForgeOS.
+This release line validates npm installation, the `forge` CLI binary, template creation, generated contracts, and the agent-native local development loop.
+Added Read the Docs-ready public documentation, generator/package version alignment checks, and a broad generated-app field-test harness for release hardening.

package/docs/forge-protocol.md ADDED Viewed

@@ -0,0 +1,156 @@
+# Forge External Runtime Protocol
+Forge apps can import and call services written outside TypeScript through a
+`forge.manifest.json` compatible manifest. The manifest is the source of truth
+for external commands and queries:
+- validate and import external service metadata;
+- expose external services in generated inspect/API/agent artifacts;
+- execute external commands and queries through the Forge runtime bridge.
+This lets Java/Spring, Go, Rust, C#, Python, and other runtimes join the Forge
+contract without requiring the Forge compiler to parse every language AST.
+## Manifest
+External services publish JSON that matches
+`schemas/forge-manifest.schema.json`.
+```json
+{
+  "forgeProtocol": "1.0",
+  "language": "java",
+  "framework": "spring-boot",
+  "service": {
+    "name": "billing",
+    "transport": "http",
+    "baseUrl": "http://localhost:8080",
+    "health": "/actuator/health"
+  },
+  "entries": [
+    {
+      "name": "createInvoice",
+      "kind": "command",
+      "path": "/invoices",
+      "policy": "billing.write",
+      "transaction": "external-managed",
+      "risk": "write",
+      "needsApproval": true,
+      "effects": ["invoice.created"]
+    },
+    {
+      "name": "listInvoices",
+      "kind": "query",
+      "path": "/invoices",
+      "policy": "billing.read",
+      "transaction": "read-only",
+      "risk": "read",
+      "tenantScoped": true
+    }
+  ]
+}
+```
+Queries must stay read-only. Commands can declare write, destructive, or
+external risk. Policies are metadata until the runtime bridge enforces them for
+the external transport.
+## CLI
+Validate a manifest:
+```bash
+forge manifest validate ./forge.manifest.json --json
+```
+Import or update a service in the app registry:
+```bash
+forge manifest import ./forge.manifest.json --json
+```
+Imports are stored in `.forge/external-manifests.json`. A root
+`forge.manifest.json` is also discovered automatically for single-service
+experiments.
+## Generated Artifacts
+After `forge generate`, external services are emitted to:
+- `src/forge/_generated/externalServices.json`
+- `src/forge/_generated/api.json` under `external`
+- `src/forge/_generated/agentContract.json`
+- `src/forge/_generated/agentTools.json`
+- `src/forge/_generated/capabilityMap.json`
+External auto-tools use `execution: "external-runtime-endpoint"`. Forge exposes
+runtime bridge endpoints for these tools:
+```text
+POST /external/:service/commands/:name
+POST /external/:service/queries/:name
+```
+The generated client exposes the same bridge through:
+```ts
+await client.externalCommand("billing.createInvoice", args);
+await client.externalQuery(api.external.queries["billing.listInvoices"], args);
+```
+Command entries can also be invoked from the CLI with a qualified external
+name:
+```bash
+forge run billing.createInvoice --args '{"title":"Invoice"}'
+forge query billing.listInvoices --args '{}'
+forge run query billing.listInvoices --args '{}'
+```
+## Runtime Bridge
+Forge accepts the normal JSON body:
+```json
+{ "args": {} }
+```
+For HTTP services, Forge forwards a JSON envelope:
+```json
+{
+  "args": {},
+  "auth": { "kind": "user", "userId": "u1", "tenantId": "t1", "role": "member" },
+  "forge": {
+    "service": "billing",
+    "entry": "createInvoice",
+    "kind": "command",
+    "traceId": "trace_..."
+  }
+}
+```
+Forge also forwards runtime headers such as `x-forge-trace-id`,
+`x-forge-auth-kind`, `x-forge-user-id`, `x-forge-tenant-id`, `x-forge-role`,
+and the inbound `Authorization` header when present.
+External services can return either a Forge envelope:
+```json
+{ "ok": true, "result": { "id": "inv_1" } }
+```
+or a raw JSON value, which Forge treats as the result for successful HTTP
+responses. Error envelopes should include `ok: false`, `diagnostics`, or
+`error`.
+Supported runtime transports:
+- `http`: calls `service.baseUrl + entry.path`.
+- `stdio`: starts `service.command`, writes the JSON envelope to stdin, and
+  reads a JSON envelope or raw JSON result from stdout.
+- `grpc`: accepted in manifests for forward compatibility, but not executable
+  by the built-in runtime bridge yet.
+Manifest `policy` values are added to Forge policy bindings during generation.
+Use a named Forge policy, or `public`, `user`, or `system`.

package/examples/go-billing/go.mod ADDED Viewed

@@ -0,0 +1,7 @@
+module github.com/Stahldavid/forge/examples/go-billing
+go 1.22
+require github.com/Stahldavid/forge/adapters/go v0.0.0
+replace github.com/Stahldavid/forge/adapters/go => ../../adapters/go