guardian-framework 0.1.15 → 0.1.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -1,10 +1,10 @@
1
1
  <div align="center">
2
2
  <picture>
3
- <source media="(prefers-color-scheme: dark)" srcset="https://img.shields.io/badge/Guardian-Architecture%20Enforcement-00bcd4?style=for-the-badge&labelColor=222">
4
- <img alt="Guardian" src="https://img.shields.io/badge/Guardian-Architecture%20Enforcement-00bcd4?style=for-the-badge&labelColor=fff">
3
+ <source media="(prefers-color-scheme: dark)" srcset="https://img.shields.io/badge/Guardian-SDLC%20Orchestrator-00bcd4?style=for-the-badge&labelColor=222">
4
+ <img alt="Guardian" src="https://img.shields.io/badge/Guardian-SDLC%20Orchestrator-00bcd4?style=for-the-badge&labelColor=fff">
5
5
  </picture>
6
6
 
7
- <h3>From idea to production code with architecture that's actually enforced.</h3>
7
+ <h3>Business intent enforced architecture production code.<br/>One flow, no drift.</h3>
8
8
 
9
9
  <br/>
10
10
 
@@ -12,38 +12,65 @@
12
12
  <a href="https://github.com/arman-jalili/guardian-framework/actions"><img src="https://img.shields.io/github/actions/workflow/status/arman-jalili/guardian-framework/ci.yml?style=flat&colorA=222&colorB=00bcd4" alt="CI"/></a>
13
13
  <a href="LICENSE"><img src="https://img.shields.io/github/license/arman-jalili/guardian-framework?style=flat&colorA=222&colorB=00bcd4" alt="license"/></a>
14
14
  <br/>
15
- <a href="https://github.com/arman-jalili/rigorix-oss"><img src="https://img.shields.io/badge/Built%20with%20Guardian-Rigorix%20(146K%20LOC%20Rust)-00bcd4?style=flat&colorA=222" alt="Rigorix"/></a>
15
+ <a href="https://github.com/arman-jalili/rigorix-oss"><img src="https://img.shields.io/badge/Proven%20on-Rigorix%20(146K%20LOC)%2000bcd4?style=flat&colorA=222" alt="Rigorix"/></a>
16
16
  </div>
17
17
 
18
18
  ---
19
19
 
20
- ### What if your architecture was more than a document?
20
+ Guardian is an SDLC orchestrator for AI-assisted development. It takes you from a business intent — *"I need to build audit logging for regulated financial transactions"* — to an enforcement pipeline that blocks merges if the implementation violates the architecture.
21
21
 
22
- Most projects start with great architecture ideas, then drift. Implementation strays. Dependencies sneak in the wrong direction. By the time anyone notices, the codebase is fighting the original design.
22
+ The entire lifecycle lives in a single `.pi/` directory. Every artifact (modules, ADRs, roadmap, issues, CI scripts, agent skills) is generated from that directory. Nothing is handwritten twice. Nothing drifts.
23
23
 
24
- **Guardian is the tool that prevents that drift — not by documentation, but by enforcement.**
24
+ ---
25
25
 
26
- It works with **pi** — the AI coding agent. You define your architecture once in simple markdown files. Guardian turns those files into executable constraints: CI scripts that validate every change, prompt templates that guide every implementation, and a verification pipeline that blocks merges when code violates architecture.
26
+ ## The Full SDLC
27
27
 
28
- Guardian also **scaffolds agent configurations** for Claude Code, Copilot, Cursor, and OpenCode — exporting skills, context files, and workflow definitions to their respective directories (`.claude/`, `.github/`, `.opencode/`).
28
+ ```
29
+ Business Intent
30
+
31
+
32
+ Domain Exploration ─── discovers bounded contexts, entities, ubiquitous language
33
+
34
+
35
+ Architecture Modules ─── components, dependencies, contracts per context
36
+
37
+
38
+ ADRs & Review ─── every decision captured, cross-referenced, versioned
39
+
40
+
41
+ Roadmap ─── phases with dependencies, migrations, acceptance criteria
42
+
43
+
44
+ Epic Execution ─── issues generated per component, agents implement in pipelines
45
+
46
+
47
+ Enforcement ─── CI validates structure, dependencies, DDD layers, every merge
48
+ ```
29
49
 
30
50
  ---
31
51
 
32
- ## How It Works A Complete Walkthrough
52
+ ## Walkthrough: From Intent to Enforcement
53
+
54
+ ### 1. You Have a Business Intent
33
55
 
34
- **The process is a flow, not a one-time setup. Here's the full loop:**
56
+ *"I need to build a system that collects audit records from CI/CD pipelines, verifies their integrity, stores them, and lets customers query them."*
35
57
 
36
- ### 1. Explore the Domain
37
- Start by understanding the problem space. Guardian guides you through domain exploration — identifying bounded contexts, entities, and the language your business speaks.
58
+ ### 2. Explore the Domain
38
59
 
39
60
  ```
40
61
  /domain --explore "Audit logging for regulated financial transactions"
41
62
  ```
42
63
 
43
- > Output: structured domain analysis with contexts, entities, and a shared glossary.
64
+ Guardian analyzes the intent and produces a structured domain model:
65
+ - **Bounded contexts:** Audit Ingestion, Audit Query, Compliance Engine, Policy Engine
66
+ - **Entities:** AuditRecord, Policy, ComplianceReport
67
+ - **Ubiquitous language:** signed records, evidence, compliance score
44
68
 
45
- ### 2. Define the Architecture
46
- From the exploration, Guardian scaffolds architecture modules. Each module describes one bounded context: its components, dependencies, and contract interfaces.
69
+ This isn't a brainstorming session. It's the first artifact in a chain that ends with enforced CI.
70
+
71
+ ### 3. Define Architecture Modules
72
+
73
+ From the exploration, Guardian scaffolds one module per bounded context:
47
74
 
48
75
  ```markdown
49
76
  # Audit Ingestion
@@ -52,62 +79,81 @@ From the exploration, Guardian scaffolds architecture modules. Each module descr
52
79
  status: planned
53
80
  description: Verifies HMAC-SHA256 signatures on incoming audit records.
54
81
  depends: none
82
+
83
+ ## Idempotency Handler
84
+ status: planned
85
+ description: Deduplicates records using Idempotency-Key header.
86
+ depends: HMAC Signature Verifier
87
+ ```
88
+
89
+ Each module defines components, their dependencies, and their contract interfaces. The structure is simple markdown — no DSL, no config language.
90
+
91
+ ### 4. Capture Decisions with ADRs
92
+
93
+ Every architectural choice gets an Architecture Decision Record — not as documentation, as a constraint.
94
+
95
+ ```
96
+ ADR-004: Use HMAC-SHA256 with JCS canonicalization
97
+ ADR-005: Idempotency via Idempotency-Key header (not dedup table)
98
+ ADR-006: Cursor-based pagination for audit listing
55
99
  ```
56
100
 
57
- ### 3. Review & Decide
58
- Architecture Decision Records (ADRs) capture every meaningful choice — why this approach, not that one. They're version-controlled, cross-referenced, and enforced.
101
+ ADRs are cross-referenced. Change an ADR? The modules that depend on it need updating. The canonical validator catches the gap.
59
102
 
60
- > **ADR-004:** "Use HMAC-SHA256 with JCS canonicalization for audit signatures."
61
- > Status: Accepted. Depends on: ADR-003 (JSON Canonicalization Scheme).
103
+ ### 5. Plan the Roadmap
62
104
 
63
- ### 4. Plan the Roadmap
64
- Group modules into delivery phases with dependencies, migrations, and acceptance criteria.
105
+ Group modules into delivery phases. Each phase has dependencies, database migrations, and acceptance criteria.
65
106
 
66
107
  ```
67
108
  /architect --roadmap
68
109
  ```
69
110
 
70
- > Shows: Phase 0: Foundation (5 modules, Days 1–5), Phase 1: Core Pipeline (3 modules, Days 612)...
111
+ > Phase 0: Foundation Scaffold & Shared Infrastructure (Days 15)
112
+ > Modules: Operations, Auth, Team Management, Rate Limiting, API Versioning
113
+ > Phase 1: Core Ingestion Pipeline (Days 6–12)
114
+ > Modules: Audit Ingestion, Audit Query, Usage Metering
115
+ > Depends on: Phase 0
71
116
 
72
- ### 5. Execute Phases or Epics
73
- Guardian generates issue files from your architecture — one issue per component, with full context, acceptance criteria, and auto-generated file changes.
117
+ ### 6. Execute
74
118
 
75
119
  ```
76
120
  /architect --phase "Phase 0"
77
121
  ```
78
122
 
79
- > Creates 5 epics × N component issues each, organized in a pipeline.
80
- > Each issue includes: `Follow: .pi/skills/agents/rust-codegen.md` the implementing agent gets the right DDD patterns automatically.
123
+ Guardian generates one epic per module, one issue per component. Each issue carries:
124
+ - The component's architecture context and dependencies
125
+ - A language-specific codegen skill reference (e.g., `Follow: .pi/skills/agents/rust-codegen.md`)
126
+ - Auto-generated file changes with the correct DDD layer structure
127
+ - Acceptance criteria
128
+
129
+ The implementing agent reads the skill, loads the relevant DDD patterns on-demand, and builds the component. When done, it calls `pipeline_advance`. Guardian auto-advances through:
81
130
 
82
- The agent implements each component. When done, it calls `pipeline_advance`. Guardian auto-advances through:
83
131
  ```
84
132
  implement → validate → create-mr → merge
85
133
  ```
86
134
 
87
- If CI fails (architecture violation, security issue, broken test), the pipeline blocks until fixed.
135
+ ### 7. Enforce
88
136
 
89
- ---
137
+ This is where the loop closes. Guardian generates CI scripts from the architecture:
90
138
 
91
- ## What Makes Guardian Different
139
+ | Script | What it enforces |
140
+ |--------|-----------------|
141
+ | `check_ddd_structure.sh` | Every module has `domain/ application/ infrastructure/ interfaces/` — no `contracts/` wrapper |
142
+ | `check_architecture_conformance.sh` | Domain doesn't import infrastructure. Application doesn't import interfaces. Per-module 4-layer structure. |
143
+ | `check_{module}_contracts.sh` | Every frozen interface has a concrete implementation |
144
+ | `validate-canonical.sh` | Every code file references its architecture source |
92
145
 
93
- | Instead of... | Guardian does this |
94
- |---------------|-------------------|
95
- | Drawing diagrams that go stale | Generates CI scripts that check structure on every commit |
96
- | Writing "domain must not depend on infrastructure" in a doc | Creates a `check_ddd_structure.sh` that literally greps for illegal imports and fails if found |
97
- | Trusting code review to catch drift | Blocks merges when architecture is violated — no human oversight needed |
98
- | Onboarding new devs with 30-page docs | Every issue carries its full context: architecture reference, codegen patterns, acceptance criteria |
99
- | One-size-fits-all prompts | Generates language-specific codegen skills (Rust, Go, Python, TypeScript, Java/Spring Boot) with DDD + Clean Architecture patterns |
146
+ If a developer (or AI agent) adds a dependency from the domain layer to infrastructure, `check_ddd_structure.sh` catches it and CI fails. The merge is blocked.
100
147
 
101
148
  ---
102
149
 
103
- ## Built with Guardian
150
+ ## What This Means
151
+
152
+ **Architecture drift becomes a compile-time error.**
153
+
154
+ Not a documentation comment. Not a code review note that gets lost. A CI failure that blocks the merge until fixed.
104
155
 
105
- **[Rigorix](https://github.com/arman-jalili/rigorix-oss)** a deterministic coding-agent runtime built using Guardian's own workflow:
106
- - 146,312 lines of Rust
107
- - 30 modules across 3 crates
108
- - 18 ADRs, 38 module specs, 44 issue drafts
109
- - 580 commits over 11 active days
110
- - Built by a single developer — Guardian handled orchestration and enforcement
156
+ Guardian was proven on [Rigorix](https://github.com/arman-jalili/rigorix-oss): 146,312 lines of Rust, 30 modules, 580 commits, built by a single developer over 11 active days. The architecture defined in `.pi/` was continuously validated against implementation. When drift happened, it was caught before reaching main.
111
157
 
112
158
  ---
113
159
 
@@ -117,41 +163,21 @@ If CI fails (architecture violation, security issue, broken test), the pipeline
117
163
  npx guardian-framework init
118
164
  ```
119
165
 
120
- Answer 4 prompts (project name, language, AI tools, validators). You get:
121
- - A `.pi/` directory with full architecture scaffolding
122
- - 20 TypeScript extensions (orchestration, pipeline, kanban, validation, etc.)
123
- - 21 workflow prompt templates
124
- - 74 CI scripts with language-specific validators
125
- - Agent export files for Claude Code, pi, Copilot, Cursor, and more
126
-
127
166
  Then:
128
- ```
167
+ ```bash
129
168
  cd your-project && pi
130
- /domain --explore "your business domain"
169
+ /domain --explore "your business intent"
131
170
  /architect --roadmap
132
171
  /architect --phase "Phase 0"
133
172
  ```
134
173
 
135
174
  ---
136
175
 
137
- ## One File, One Constraint
138
-
139
- At the heart of every file is a canonical reference:
140
-
141
- ```typescript
142
- //! @canonical .pi/architecture/modules/auth-system.md#token-validation
143
- //! Issue: #42
144
- ```
145
-
146
- When code and architecture diverge, the reference breaks. CI catches it. The merge is blocked. Architecture drift becomes a compile-time error, not a documentation comment.
147
-
148
- ---
149
-
150
176
  ## Links
151
177
 
152
178
  | | |
153
179
  |---|---|
154
- | **Full User Manual** | [docs/USER_MANUAL.md](docs/USER_MANUAL.md) — every workflow, every command, validated against source |
155
- | **Reference Implementation** | [Rigorix](https://github.com/arman-jalili/rigorix-oss) — 146K LOC Rust, 30 modules, built with Guardian |
180
+ | **User Manual** | [docs/USER_MANUAL.md](docs/USER_MANUAL.md) — every workflow, command, and extension |
181
+ | **Proven on** | [Rigorix](https://github.com/arman-jalili/rigorix-oss) — 146K LOC Rust, 30 modules |
156
182
  | **Source** | [github.com/arman-jalili/guardian-framework](https://github.com/arman-jalili/guardian-framework) |
157
183
  | **License** | MIT |
package/dist/cli.js CHANGED
@@ -1335,7 +1335,7 @@ __export(exports_package, {
1335
1335
  bin: () => bin,
1336
1336
  author: () => author
1337
1337
  });
1338
- var name = "guardian-framework", version = "0.1.15", description = "Token-optimized agentic framework scaffolder with pi-first architecture", type = "module", main = "dist/exports.js", exports, types = "dist/exports.d.ts", bin, files, engines, scripts, publishConfig, pi, repository, homepage = "https://github.com/arman-jalili/guardian-framework#readme", bugs, dependencies, devDependencies, keywords, author = "Arman Wolkensteiner-Jalili", license = "MIT", package_default;
1338
+ var name = "guardian-framework", version = "0.1.16", description = "Token-optimized agentic framework scaffolder with pi-first architecture", type = "module", main = "dist/exports.js", exports, types = "dist/exports.d.ts", bin, files, engines, scripts, publishConfig, pi, repository, homepage = "https://github.com/arman-jalili/guardian-framework#readme", bugs, dependencies, devDependencies, keywords, author = "Arman Wolkensteiner-Jalili", license = "MIT", package_default;
1339
1339
  var init_package = __esm(() => {
1340
1340
  exports = {
1341
1341
  ".": {
package/dist/exports.js CHANGED
@@ -995,7 +995,7 @@ __export(exports_package, {
995
995
  bin: () => bin,
996
996
  author: () => author
997
997
  });
998
- var name = "guardian-framework", version = "0.1.15", description = "Token-optimized agentic framework scaffolder with pi-first architecture", type = "module", main = "dist/exports.js", exports, types = "dist/exports.d.ts", bin, files, engines, scripts, publishConfig, pi, repository, homepage = "https://github.com/arman-jalili/guardian-framework#readme", bugs, dependencies, devDependencies, keywords, author = "Arman Wolkensteiner-Jalili", license = "MIT", package_default;
998
+ var name = "guardian-framework", version = "0.1.16", description = "Token-optimized agentic framework scaffolder with pi-first architecture", type = "module", main = "dist/exports.js", exports, types = "dist/exports.d.ts", bin, files, engines, scripts, publishConfig, pi, repository, homepage = "https://github.com/arman-jalili/guardian-framework#readme", bugs, dependencies, devDependencies, keywords, author = "Arman Wolkensteiner-Jalili", license = "MIT", package_default;
999
999
  var init_package = __esm(() => {
1000
1000
  exports = {
1001
1001
  ".": {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "guardian-framework",
3
- "version": "0.1.15",
3
+ "version": "0.1.16",
4
4
  "description": "Token-optimized agentic framework scaffolder with pi-first architecture",
5
5
  "type": "module",
6
6
  "main": "dist/exports.js",
@@ -1,5 +1,5 @@
1
1
  {
2
- "timestamp": "2026-07-03T05:48:30Z",
2
+ "timestamp": "2026-07-03T05:52:11Z",
3
3
  "mode": "all",
4
4
  "stages_run": [],
5
5
  "summary": {