npm - great-cto - Versions diffs - 2.21.0 → 2.22.0 - Mend

great-cto 2.21.0 → 2.22.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/bootstrap.js CHANGED Viewed

@@ -68,18 +68,6 @@ jurisdiction: [${jurisdictionLine}]
 > Supported codes: eu · us · us-ca · uk · in · br · au · sg
 > See docs/jurisdiction-compliance.md for what each code activates.
-## Leash
-leash:
-  tenant_id: ${slugifyTenant(title)}
-  daily_cap_usd: 10
-  session_prefix: gcto
-> \`leash.tenant_id\` is sent as \`X-LLM-Leash-Tenant-Id\` on every LLM call
-> through the proxy. Board's Security tab scopes stats to the active project
-> via this id. Change here if multiple repos share the same logical project.
-> \`session_prefix\` is prepended to auto-generated session ids so logs are
-> easy to filter across machines.
 ## Memory & Query Rule

package/dist/main.js CHANGED Viewed

@@ -23,7 +23,6 @@ import { shouldUseLlmFallback, suggestArchetypeFromLlm } from "./llm-fallback.js
 import { readFileSync, copyFileSync, chmodSync, existsSync as fsExistsSync } from "node:fs";
 import { dirname, join } from "node:path";
 import { fileURLToPath } from "node:url";
-import { homedir } from "node:os";
 function getCliVersion() {
     try {
         const here = dirname(fileURLToPath(import.meta.url));
@@ -98,8 +97,6 @@ function parseArgs(argv) {
             args.command = "webhook";
         else if (a === "report")
             args.command = "report";
-        else if (a === "leash")
-            args.command = "leash";
         else if (a === "upgrade")
             args.command = "upgrade";
         // Slash-commands surfaced as CLI subcommands so users get a clear hint
@@ -119,9 +116,7 @@ function parseArgs(argv) {
         else if (a === "--dir")
             args.dir = argv[++i] ?? args.dir;
         else if (a === "init" || a === "install" || a === "help" || a === "version") {
-            // `install` is an alias for `init`. Both run the same flow; only
-            // difference: `install` upgrades llm-leash to latest on every run,
-            // while `init` is silent-skip when already installed.
+            // `install` is an alias for `init`. Both run the same flow.
             args.command = (a === "install" ? "init" : a);
             if (a === "install") {
                 args._fromInstall = true;
@@ -359,8 +354,8 @@ function printHelp() {
     log(`${bold("great-cto")} — one-command install for the great_cto Claude Code plugin
 ${bold("Usage:")}
-  npx great-cto install [options]    Same as init; also upgrades llm-leash
-  npx great-cto [init] [options]     Detect + bootstrap; installs llm-leash if absent
+  npx great-cto install [options]    Same as init
+  npx great-cto [init] [options]     Detect + bootstrap
   npx great-cto board [--port 3141] [--no-open]
   npx great-cto register [--dir PATH]
   npx great-cto scan [path] [--severity LVL] [--scanner NAME] [--sarif FILE]
@@ -800,12 +795,6 @@ async function runInit(args) {
     }
     // ── 6. install pre-push git hook ─────────────────────────
     installPrePushHook(args.dir);
-    // ── 7. install / update llm-leash (runtime governance) ───
-    // `init` is idempotent (silent skip when present). `install` always
-    // upgrades to the latest commit on llm-leash main. Both best-effort:
-    // missing git/python doesn't fail the flow.
-    const fromInstall = args._fromInstall === true;
-    await tryInstallLeash(fromInstall);
     // ── done ─────────────────────────────────────────────────
     log("");
     log(green(bold("✓ great_cto is ready.")));
@@ -851,41 +840,6 @@ function installPrePushHook(projectDir) {
         // Best-effort: hook failure must never block init
     }
 }
-/**
- * Best-effort llm-leash install — runs after bootstrap so every great-cto
- * init turns on runtime governance for free.
- *
- *   forceUpdate=false  (called from `init`)    — silent-skip if installed
- *   forceUpdate=true   (called from `install`) — git pull + reinstall
- *
- * Never throws. Opt out via env: GREAT_CTO_SKIP_LEASH=1
- */
-async function tryInstallLeash(forceUpdate = false) {
-    if (process.env.GREAT_CTO_SKIP_LEASH === "1") {
-        log(`  ${dim("skipped llm-leash install (GREAT_CTO_SKIP_LEASH=1)")}`);
-        return;
-    }
-    try {
-        const { runLeash } = await import("./leash.js");
-        const { existsSync } = await import("node:fs");
-        const installRoot = join(homedir(), ".great_cto", "llm-leash");
-        if (existsSync(installRoot)) {
-            if (forceUpdate) {
-                log(`  ${dim("updating llm-leash to latest …")}`);
-                await runLeash(["update"]);
-            }
-            else {
-                log(`  ${dim("llm-leash already installed — skipped")}`);
-            }
-            return;
-        }
-        log(`  ${dim("installing llm-leash (runtime governance) …")}`);
-        await runLeash(["install"]);
-    }
-    catch {
-        warn("llm-leash install failed — run `great-cto leash install` manually later");
-    }
-}
 async function runUpgrade(rawArgv) {
     const { upgradePlugin, upgradeAll } = await import("./upgrade.js");
     const { COMPANION_PLUGINS } = await import("./companion.js");
@@ -1043,19 +997,6 @@ async function main() {
             process.exit(2);
         }
     }
-    if (args.command === "leash") {
-        try {
-            const { runLeash } = await import("./leash.js");
-            // rawArgv[0] is "leash" — pass the rest as subcommand + flags
-            const leashArgs = rawArgv.slice(rawArgv.indexOf("leash") + 1);
-            const result = await runLeash(leashArgs);
-            process.exit(result.exitCode);
-        }
-        catch (e) {
-            error(e.message);
-            process.exit(2);
-        }
-    }
     if (args.command === "upgrade") {
         try {
             const code = await runUpgrade(rawArgv);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "great-cto",
-  "version": "2.21.0",
+  "version": "2.22.0",
   "description": "One command install for the great_cto Claude Code plugin. Auto-detects your stack, picks the right archetype, bootstraps PROJECT.md.",
   "keywords": [
     "claude-code",

package/postinstall.mjs CHANGED Viewed

@@ -1,86 +1,5 @@
 #!/usr/bin/env node
 /**
- * great-cto postinstall — best-effort one-time setup that runs when the npm
- * package is installed globally or as a dependency.
- *
- * Currently does one thing: install llm-leash (https://github.com/avelikiy/llm-leash)
- * for runtime governance — budget caps, audit log, kill switch, HITL gates.
- *
- * Design rules:
- *   - NEVER fail the npm install. All errors swallowed.
- *   - Idempotent — skips if ~/.great_cto/llm-leash already cloned.
- *   - Honors GREAT_CTO_SKIP_LEASH=1 to opt out (CI envs, restricted machines).
- *   - Skips on CI by default unless GREAT_CTO_FORCE_LEASH=1 — npm install in
- *     CI shouldn't trigger 30s of git clone + pip install per build.
- *   - Skips if `npm install` was invoked with --ignore-scripts (npm sets
- *     `npm_config_ignore_scripts=true` — actually no, it just doesn't run
- *     scripts; we can't detect it from inside).
- *   - Detached output — postinstall noise is intentional and short.
- *
- * The "real" install path remains `great-cto leash install`. This hook just
- * makes the common case (one-shot `npm install -g great-cto`) feel zero-config.
+ * great-cto postinstall — no-op placeholder.
+ * Reserved for future setup steps; currently does nothing.
  */
-import { existsSync } from 'node:fs';
-import { spawnSync } from 'node:child_process';
-import { homedir } from 'node:os';
-import path from 'node:path';
-const INSTALL_ROOT = path.join(homedir(), '.great_cto', 'llm-leash');
-function main() {
-  // ── opt-outs ─────────────────────────────────────────────────────────────
-  if (process.env.GREAT_CTO_SKIP_LEASH === '1') {
-    return; // silent
-  }
-  // Skip in CI unless explicitly forced — CI builds get no benefit from
-  // having leash installed in the runner's home dir, and the latency hurts.
-  const inCI = process.env.CI === 'true' || process.env.CI === '1';
-  if (inCI && process.env.GREAT_CTO_FORCE_LEASH !== '1') {
-    return;
-  }
-  // Already installed — fast exit
-  if (existsSync(INSTALL_ROOT)) {
-    return;
-  }
-  // Need git + python3 — bail silently if either is missing
-  if (!hasCommand('git') || !hasCommand('python3')) {
-    console.log('[great-cto] llm-leash skipped — git or python3 not on PATH');
-    console.log('[great-cto] run `great-cto leash install` later to enable runtime governance');
-    return;
-  }
-  // Locate the bundled dist/main.js — postinstall runs with cwd=package root
-  const here = path.dirname(new URL(import.meta.url).pathname);
-  const cli = path.join(here, 'dist', 'main.js');
-  if (!existsSync(cli)) {
-    return; // package built incorrectly — fail-safe
-  }
-  console.log('[great-cto] installing llm-leash for runtime governance (~30s) …');
-  console.log('[great-cto] opt out next time: GREAT_CTO_SKIP_LEASH=1 npm install -g great-cto');
-  const result = spawnSync(process.execPath, [cli, 'leash', 'install'], {
-    stdio: 'inherit',
-    timeout: 300_000,
-    env: { ...process.env, NO_COLOR: process.env.NO_COLOR || '1' },
-  });
-  if (result.status !== 0) {
-    console.log('[great-cto] llm-leash install hit an issue — run `great-cto leash install` later');
-  }
-}
-function hasCommand(cmd) {
-  try {
-    const r = spawnSync(cmd, ['--version'], { stdio: 'ignore', timeout: 3000 });
-    return r.status === 0;
-  } catch {
-    return false;
-  }
-}
-try { main(); } catch { /* never fail npm install */ }