framework-mcp 2.5.6 → 2.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (54) hide show
  1. package/README.md +34 -9
  2. package/dist/core/safeguard-manager.js +4 -4
  3. package/dist/core/safeguard-manager.js.map +1 -1
  4. package/dist/index.d.ts +1 -0
  5. package/dist/index.d.ts.map +1 -1
  6. package/dist/index.js.map +1 -1
  7. package/dist/interfaces/http/http-server.js +3 -3
  8. package/dist/interfaces/mcp/mcp-server.js +3 -3
  9. package/dist/shared/types.d.ts +49 -25
  10. package/dist/shared/types.d.ts.map +1 -1
  11. package/dist/shared/types.js.map +1 -1
  12. package/package.json +8 -1
  13. package/swagger.json +9 -77
  14. package/.claude/agents/mcp-developer.md +0 -41
  15. package/.claude/agents/project-orchestrator.md +0 -43
  16. package/.claude/agents/version-consistency-reviewer.md +0 -50
  17. package/.claude/commands/speckit.analyze.md +0 -184
  18. package/.claude/commands/speckit.checklist.md +0 -294
  19. package/.claude/commands/speckit.clarify.md +0 -181
  20. package/.claude/commands/speckit.constitution.md +0 -82
  21. package/.claude/commands/speckit.implement.md +0 -135
  22. package/.claude/commands/speckit.plan.md +0 -89
  23. package/.claude/commands/speckit.specify.md +0 -258
  24. package/.claude/commands/speckit.tasks.md +0 -137
  25. package/.claude/commands/speckit.taskstoissues.md +0 -30
  26. package/.claude/config.json +0 -11
  27. package/.claude_config.json +0 -11
  28. package/.do/app.yaml +0 -78
  29. package/.github/dependabot.yml +0 -15
  30. package/.github/workflows/ci.yml +0 -90
  31. package/.github/workflows/release.yml +0 -30
  32. package/.mcp.json +0 -11
  33. package/.specify/memory/constitution.md +0 -50
  34. package/.specify/scripts/bash/check-prerequisites.sh +0 -166
  35. package/.specify/scripts/bash/common.sh +0 -156
  36. package/.specify/scripts/bash/create-new-feature.sh +0 -297
  37. package/.specify/scripts/bash/setup-plan.sh +0 -61
  38. package/.specify/scripts/bash/update-agent-context.sh +0 -799
  39. package/.specify/templates/agent-file-template.md +0 -28
  40. package/.specify/templates/checklist-template.md +0 -40
  41. package/.specify/templates/plan-template.md +0 -104
  42. package/.specify/templates/spec-template.md +0 -115
  43. package/.specify/templates/tasks-template.md +0 -251
  44. package/examples/example-usage.md +0 -293
  45. package/examples/llm-analysis-patterns.md +0 -553
  46. package/examples/vendors.csv +0 -9
  47. package/examples/vendors.json +0 -32
  48. package/scripts/validate-documentation.sh +0 -150
  49. package/src/core/safeguard-manager.ts +0 -4634
  50. package/src/index.ts +0 -17
  51. package/src/interfaces/http/http-server.ts +0 -262
  52. package/src/interfaces/mcp/mcp-server.ts +0 -165
  53. package/src/shared/types.ts +0 -300
  54. package/tsconfig.json +0 -23
@@ -1,300 +0,0 @@
1
- // Shared TypeScript types for dual architecture
2
-
3
- // Enhanced relationship type system
4
- export type RelationshipType =
5
- | 'dependency' // Must be implemented for this to work
6
- | 'prerequisite' // Should be implemented first
7
- | 'complement' // Work together synergistically
8
- | 'supports' // Enhanced by this safeguard
9
- | 'validates' // Provides evidence/validation
10
- | 'governance' // Provides oversight/policy
11
- | 'sequence'; // Part of logical implementation sequence
12
-
13
- export type RelationshipStrength =
14
- | 'critical' // Essential relationship
15
- | 'strong' // Important relationship
16
- | 'moderate' // Useful relationship
17
- | 'weak'; // Minor relationship
18
-
19
- export interface SafeguardRelationship {
20
- id: string; // Target safeguard ID
21
- type: RelationshipType; // Why they're related
22
- strength: RelationshipStrength; // How important the relationship is
23
- context: string; // Brief human-readable explanation
24
- bidirectional: boolean; // Whether reverse relationship exists
25
- controlGroup?: string; // Optional CIS Control grouping
26
- }
27
-
28
- export interface SafeguardElement {
29
- id: string;
30
- title: string;
31
- description: string;
32
- implementationGroup: 'IG1' | 'IG2' | 'IG3';
33
- assetType: string[];
34
- securityFunction: string[];
35
- // Color-coded elements from the CIS visualizations
36
- governanceElements: string[]; // Orange - MUST be met
37
- coreRequirements: string[]; // Green - The "what" of the safeguard
38
- subTaxonomicalElements: string[]; // Yellow - Sub-taxonomical elements
39
- implementationSuggestions: string[]; // Gray - Suggestions for implementation
40
-
41
- // Backward compatibility - existing consumers still get string[]
42
- relatedSafeguards: string[];
43
-
44
- // Enhanced relationships - new optional field for rich relationship data
45
- enhancedRelationships?: SafeguardRelationship[];
46
- }
47
-
48
- export interface VendorAnalysis {
49
- vendor: string;
50
- safeguardId: string;
51
- safeguardTitle: string;
52
- // Primary capability categorization - what role does this tool play?
53
- capability: 'full' | 'partial' | 'facilitates' | 'governance' | 'validates';
54
- // Detailed capability breakdown
55
- capabilities: {
56
- full: boolean; // Directly implements the core safeguard functionality
57
- partial: boolean; // Implements limited aspects of the safeguard
58
- facilitates: boolean; // Enhances or enables safeguard implementation by others
59
- governance: boolean; // Provides policy, process, and oversight capabilities
60
- validates: boolean; // Provides evidence, audit, and validation reporting
61
- };
62
- confidence: number;
63
- reasoning: string;
64
- evidence: string[];
65
- // Capability-focused descriptions (replaces element coverage scoring)
66
- toolCapabilityDescription: string; // What type of tool this is and its role
67
- recommendedUse: string; // How practitioners should use this tool
68
- }
69
-
70
-
71
- export interface PerformanceMetrics {
72
- uptime: number;
73
- totalRequests: number;
74
- errorCount: number;
75
- requestCounts: Map<string, number>;
76
- executionTimes: Map<string, number[]>;
77
- lastStatsLog: number;
78
- }
79
-
80
- export interface CacheEntry<T> {
81
- data: T;
82
- timestamp: number;
83
- }
84
-
85
- export interface QualityAssessment {
86
- quality: 'excellent' | 'good' | 'fair' | 'poor';
87
- confidence: number;
88
- evidence: string[];
89
- gaps: string[];
90
- }
91
-
92
- export type CapabilityType = 'full' | 'partial' | 'facilitates' | 'governance' | 'validates';
93
-
94
- // Utility functions for enhanced relationship system
95
-
96
- /**
97
- * Converts SafeguardRelationship[] to string[] for backward compatibility
98
- */
99
- export function relationshipsToStringArray(relationships: SafeguardRelationship[]): string[] {
100
- return relationships.map(rel => rel.id);
101
- }
102
-
103
- /**
104
- * Converts string[] to basic SafeguardRelationship[] (when migrating legacy data)
105
- */
106
- export function stringArrayToRelationships(
107
- ids: string[],
108
- defaultType: RelationshipType = 'supports',
109
- defaultStrength: RelationshipStrength = 'moderate'
110
- ): SafeguardRelationship[] {
111
- return ids.map(id => ({
112
- id,
113
- type: defaultType,
114
- strength: defaultStrength,
115
- context: `Legacy relationship to ${id}`,
116
- bidirectional: false
117
- }));
118
- }
119
-
120
- /**
121
- * Validates that all referenced safeguard IDs exist in the provided set
122
- */
123
- export function validateSafeguardReferences(
124
- relationships: SafeguardRelationship[],
125
- validSafeguardIds: Set<string>
126
- ): ValidationResult {
127
- const invalidIds: string[] = [];
128
-
129
- for (const rel of relationships) {
130
- if (!validSafeguardIds.has(rel.id)) {
131
- invalidIds.push(rel.id);
132
- }
133
- }
134
-
135
- return {
136
- isValid: invalidIds.length === 0,
137
- errors: invalidIds.map(id => `Invalid safeguard ID reference: ${id}`)
138
- };
139
- }
140
-
141
- /**
142
- * Validates bidirectional relationship consistency
143
- * Returns relationships that claim to be bidirectional but lack reverse relationships
144
- */
145
- export function validateBidirectionalConsistency(
146
- safeguardId: string,
147
- relationships: SafeguardRelationship[],
148
- allSafeguards: Map<string, SafeguardElement>
149
- ): ValidationResult {
150
- const errors: string[] = [];
151
-
152
- for (const rel of relationships) {
153
- if (rel.bidirectional) {
154
- const targetSafeguard = allSafeguards.get(rel.id);
155
- if (!targetSafeguard?.enhancedRelationships) {
156
- errors.push(`Bidirectional relationship with ${rel.id} but target has no enhanced relationships`);
157
- continue;
158
- }
159
-
160
- const reverseRelExists = targetSafeguard.enhancedRelationships.some(
161
- reverseRel => reverseRel.id === safeguardId && reverseRel.bidirectional
162
- );
163
-
164
- if (!reverseRelExists) {
165
- errors.push(`Bidirectional relationship with ${rel.id} but no reverse relationship found`);
166
- }
167
- }
168
- }
169
-
170
- return {
171
- isValid: errors.length === 0,
172
- errors
173
- };
174
- }
175
-
176
- /**
177
- * Validates relationship data integrity for a single safeguard
178
- */
179
- export function validateSafeguardRelationships(
180
- safeguard: SafeguardElement,
181
- allSafeguards: Map<string, SafeguardElement>
182
- ): ValidationResult {
183
- const errors: string[] = [];
184
-
185
- if (!safeguard.enhancedRelationships) {
186
- // Only validate basic string array consistency
187
- if (safeguard.relatedSafeguards.length === 0) {
188
- return { isValid: true, errors: [] };
189
- }
190
-
191
- const validIds = new Set(allSafeguards.keys());
192
- const invalidBasicRefs = safeguard.relatedSafeguards.filter(id => !validIds.has(id));
193
- if (invalidBasicRefs.length > 0) {
194
- errors.push(...invalidBasicRefs.map(id => `Invalid basic reference: ${id}`));
195
- }
196
- } else {
197
- // Validate enhanced relationships
198
- const validIds = new Set(allSafeguards.keys());
199
- const refValidation = validateSafeguardReferences(safeguard.enhancedRelationships, validIds);
200
- errors.push(...refValidation.errors);
201
-
202
- const bidirValidation = validateBidirectionalConsistency(
203
- safeguard.id,
204
- safeguard.enhancedRelationships,
205
- allSafeguards
206
- );
207
- errors.push(...bidirValidation.errors);
208
-
209
- // Validate consistency between legacy and enhanced relationships
210
- const enhancedIds = new Set(relationshipsToStringArray(safeguard.enhancedRelationships));
211
- const legacyIds = new Set(safeguard.relatedSafeguards);
212
-
213
- // Check if legacy array matches enhanced relationships
214
- if (enhancedIds.size !== legacyIds.size ||
215
- !Array.from(enhancedIds).every(id => legacyIds.has(id))) {
216
- errors.push('Mismatch between relatedSafeguards and enhancedRelationships arrays');
217
- }
218
- }
219
-
220
- return {
221
- isValid: errors.length === 0,
222
- errors
223
- };
224
- }
225
-
226
- /**
227
- * Finds potential circular dependencies in relationships
228
- */
229
- export function detectCircularDependencies(
230
- allSafeguards: Map<string, SafeguardElement>
231
- ): ValidationResult {
232
- const errors: string[] = [];
233
- const visited = new Set<string>();
234
- const recursionStack = new Set<string>();
235
-
236
- function dfs(safeguardId: string, path: string[]): void {
237
- if (recursionStack.has(safeguardId)) {
238
- errors.push(`Circular dependency detected: ${[...path, safeguardId].join(' -> ')}`);
239
- return;
240
- }
241
-
242
- if (visited.has(safeguardId)) {
243
- return;
244
- }
245
-
246
- visited.add(safeguardId);
247
- recursionStack.add(safeguardId);
248
-
249
- const safeguard = allSafeguards.get(safeguardId);
250
- if (safeguard?.enhancedRelationships) {
251
- const dependencies = safeguard.enhancedRelationships.filter(
252
- rel => rel.type === 'dependency' || rel.type === 'prerequisite'
253
- );
254
-
255
- for (const dep of dependencies) {
256
- dfs(dep.id, [...path, safeguardId]);
257
- }
258
- }
259
-
260
- recursionStack.delete(safeguardId);
261
- }
262
-
263
- // Check all safeguards for circular dependencies
264
- for (const safeguardId of allSafeguards.keys()) {
265
- if (!visited.has(safeguardId)) {
266
- dfs(safeguardId, []);
267
- }
268
- }
269
-
270
- return {
271
- isValid: errors.length === 0,
272
- errors
273
- };
274
- }
275
-
276
- export interface ValidationResult {
277
- isValid: boolean;
278
- errors: string[];
279
- }
280
-
281
- // Rate Limiting Types
282
-
283
- /**
284
- * Configuration for rate limiting middleware
285
- */
286
- export interface RateLimitConfig {
287
- windowMs: number; // Time window in milliseconds
288
- max: number; // Maximum requests per window
289
- skipIps?: string[]; // IP addresses to exempt from rate limiting
290
- }
291
-
292
- /**
293
- * Error response returned when rate limit is exceeded
294
- */
295
- export interface RateLimitErrorResponse {
296
- error: string; // Error message
297
- retryAfter?: number; // Seconds until rate limit resets
298
- timestamp: string; // ISO 8601 timestamp
299
- }
300
-
package/tsconfig.json DELETED
@@ -1,23 +0,0 @@
1
- {
2
- "compilerOptions": {
3
- "target": "ES2020",
4
- "module": "ES2020",
5
- "moduleResolution": "node",
6
- "outDir": "./dist",
7
- "rootDir": "./src",
8
- "strict": true,
9
- "esModuleInterop": true,
10
- "skipLibCheck": true,
11
- "forceConsistentCasingInFileNames": true,
12
- "declaration": true,
13
- "declarationMap": true,
14
- "sourceMap": true
15
- },
16
- "include": [
17
- "src/**/*"
18
- ],
19
- "exclude": [
20
- "node_modules",
21
- "dist"
22
- ]
23
- }