guardian-framework 0.1.16 → 0.1.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +64 -53
- package/dist/cli.js +1 -1
- package/dist/exports.js +1 -1
- package/package.json +1 -1
- package/templates/pi/preflight_report.json +3 -3
package/README.md
CHANGED
|
@@ -26,25 +26,25 @@ The entire lifecycle lives in a single `.pi/` directory. Every artifact (modules
|
|
|
26
26
|
## The Full SDLC
|
|
27
27
|
|
|
28
28
|
```
|
|
29
|
-
|
|
29
|
+
You have a business intent
|
|
30
30
|
│
|
|
31
31
|
▼
|
|
32
|
-
Domain Exploration
|
|
32
|
+
Domain Exploration ←─ you and the agent explore, iterate, refine
|
|
33
33
|
│
|
|
34
34
|
▼
|
|
35
|
-
Architecture Modules
|
|
35
|
+
Architecture Modules ←─ you review, adjust, approve
|
|
36
36
|
│
|
|
37
37
|
▼
|
|
38
|
-
ADRs
|
|
38
|
+
ADRs, Diagrams, Specs ←─ you challenge decisions, finalize
|
|
39
39
|
│
|
|
40
40
|
▼
|
|
41
|
-
Roadmap
|
|
41
|
+
Roadmap Plan ←─ you adopt phases, set priorities
|
|
42
42
|
│
|
|
43
43
|
▼
|
|
44
|
-
Epic Execution
|
|
44
|
+
Epic Execution ─── agents implement, you review PRs
|
|
45
45
|
│
|
|
46
46
|
▼
|
|
47
|
-
Enforcement
|
|
47
|
+
Enforcement Pipeline ─── CI blocks merges on violation
|
|
48
48
|
```
|
|
49
49
|
|
|
50
50
|
---
|
|
@@ -55,22 +55,27 @@ Enforcement ─── CI validates structure, dependencies, DDD layers
|
|
|
55
55
|
|
|
56
56
|
*"I need to build a system that collects audit records from CI/CD pipelines, verifies their integrity, stores them, and lets customers query them."*
|
|
57
57
|
|
|
58
|
-
### 2. Explore the Domain
|
|
58
|
+
### 2. Explore the Domain (Human + Agent, Iterative)
|
|
59
59
|
|
|
60
60
|
```
|
|
61
61
|
/domain --explore "Audit logging for regulated financial transactions"
|
|
62
62
|
```
|
|
63
63
|
|
|
64
|
-
Guardian analyzes
|
|
65
|
-
- **Bounded contexts:** Audit Ingestion, Audit Query, Compliance Engine, Policy Engine
|
|
66
|
-
- **Entities:** AuditRecord, Policy, ComplianceReport
|
|
67
|
-
- **Ubiquitous language:** signed records, evidence, compliance score
|
|
64
|
+
Guardian analyzes your intent and produces a structured domain model. But this isn't a one-shot output — it's the start of a conversation. You review, challenge, and refine:
|
|
68
65
|
|
|
69
|
-
|
|
66
|
+
- *"These aren't the right bounded contexts. Merge Ingestion and Query into one."*
|
|
67
|
+
- *"Add a Compliance Engine context. Regulated finance needs it."*
|
|
68
|
+
- *"The ubiquitous language is wrong — we call them 'evidence records', not 'audit records'."*
|
|
70
69
|
|
|
71
|
-
|
|
70
|
+
You go back and forth until the model reflects your actual business. Only then do you proceed.
|
|
72
71
|
|
|
73
|
-
|
|
72
|
+
### 3. Scaffold Architecture Modules
|
|
73
|
+
|
|
74
|
+
```
|
|
75
|
+
/domain --architect-scaffold <session-id>
|
|
76
|
+
```
|
|
77
|
+
|
|
78
|
+
Guardian generates one architecture module per bounded context, with components, dependencies, and contract interfaces:
|
|
74
79
|
|
|
75
80
|
```markdown
|
|
76
81
|
# Audit Ingestion
|
|
@@ -86,11 +91,17 @@ description: Deduplicates records using Idempotency-Key header.
|
|
|
86
91
|
depends: HMAC Signature Verifier
|
|
87
92
|
```
|
|
88
93
|
|
|
89
|
-
|
|
94
|
+
### 4. Review Architecture (Human in the Loop)
|
|
95
|
+
|
|
96
|
+
Now you review the generated architecture. This is where the real design happens:
|
|
90
97
|
|
|
91
|
-
|
|
98
|
+
- *"The Idempotency Handler shouldn't depend on Signature Verifier — they're parallel."*
|
|
99
|
+
- *"We need an ADR explaining why we chose HMAC-SHA256 over ECDSA."*
|
|
100
|
+
- *"Add a system-overview diagram showing how records flow from ingestion to query."*
|
|
92
101
|
|
|
93
|
-
|
|
102
|
+
You tell the agent to add ADRs, update module docs, generate diagrams. You challenge decisions until the architecture is solid.
|
|
103
|
+
|
|
104
|
+
Every ADR captures a decision:
|
|
94
105
|
|
|
95
106
|
```
|
|
96
107
|
ADR-004: Use HMAC-SHA256 with JCS canonicalization
|
|
@@ -98,81 +109,81 @@ ADR-005: Idempotency via Idempotency-Key header (not dedup table)
|
|
|
98
109
|
ADR-006: Cursor-based pagination for audit listing
|
|
99
110
|
```
|
|
100
111
|
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
### 5. Plan the Roadmap
|
|
112
|
+
### 5. Adopt the Roadmap
|
|
104
113
|
|
|
105
|
-
|
|
114
|
+
When the architecture is finalized, you lock it in with a roadmap. Each phase has dependencies, migrations, and acceptance criteria.
|
|
106
115
|
|
|
107
116
|
```
|
|
108
117
|
/architect --roadmap
|
|
118
|
+
/architect --adopt-roadmap
|
|
109
119
|
```
|
|
110
120
|
|
|
111
|
-
> Phase 0: Foundation
|
|
112
|
-
>
|
|
113
|
-
> Phase 1: Core Ingestion Pipeline (Days 6–12)
|
|
114
|
-
> Modules: Audit Ingestion, Audit Query, Usage Metering
|
|
115
|
-
> Depends on: Phase 0
|
|
121
|
+
> Phase 0: Foundation (5 modules, Days 1–5)
|
|
122
|
+
> Phase 1: Core Ingestion Pipeline (3 modules, Days 6–12, depends on Phase 0)
|
|
116
123
|
|
|
117
|
-
### 6. Execute
|
|
124
|
+
### 6. Execute via Phases
|
|
118
125
|
|
|
119
126
|
```
|
|
120
127
|
/architect --phase "Phase 0"
|
|
121
128
|
```
|
|
122
129
|
|
|
123
|
-
Guardian generates one epic per module, one issue per component. Each issue carries
|
|
124
|
-
- The component's architecture context and dependencies
|
|
125
|
-
- A language-specific codegen skill reference (e.g., `Follow: .pi/skills/agents/rust-codegen.md`)
|
|
126
|
-
- Auto-generated file changes with the correct DDD layer structure
|
|
127
|
-
- Acceptance criteria
|
|
130
|
+
Guardian generates one epic per module, one issue per component. Each issue carries the component's architecture context, language-specific DDD patterns, and acceptance criteria.
|
|
128
131
|
|
|
129
|
-
The
|
|
132
|
+
The agent implements. You review PRs. Guardian auto-advances through the pipeline:
|
|
130
133
|
|
|
131
134
|
```
|
|
132
135
|
implement → validate → create-mr → merge
|
|
133
136
|
```
|
|
134
137
|
|
|
135
|
-
### 7.
|
|
138
|
+
### 7. Enforcement Closes the Loop
|
|
136
139
|
|
|
137
|
-
|
|
140
|
+
Every change is validated against the architecture:
|
|
138
141
|
|
|
139
142
|
| Script | What it enforces |
|
|
140
143
|
|--------|-----------------|
|
|
141
144
|
| `check_ddd_structure.sh` | Every module has `domain/ application/ infrastructure/ interfaces/` — no `contracts/` wrapper |
|
|
142
|
-
| `check_architecture_conformance.sh` | Domain doesn't import infrastructure.
|
|
143
|
-
| `check_{module}_contracts.sh` | Every frozen interface has a concrete implementation |
|
|
145
|
+
| `check_architecture_conformance.sh` | Domain doesn't import infrastructure. Per-module 4-layer structure. |
|
|
144
146
|
| `validate-canonical.sh` | Every code file references its architecture source |
|
|
145
147
|
|
|
146
|
-
If
|
|
147
|
-
|
|
148
|
-
---
|
|
149
|
-
|
|
150
|
-
## What This Means
|
|
151
|
-
|
|
152
|
-
**Architecture drift becomes a compile-time error.**
|
|
153
|
-
|
|
154
|
-
Not a documentation comment. Not a code review note that gets lost. A CI failure that blocks the merge until fixed.
|
|
155
|
-
|
|
156
|
-
Guardian was proven on [Rigorix](https://github.com/arman-jalili/rigorix-oss): 146,312 lines of Rust, 30 modules, 580 commits, built by a single developer over 11 active days. The architecture defined in `.pi/` was continuously validated against implementation. When drift happened, it was caught before reaching main.
|
|
148
|
+
If someone (or an AI) adds a dependency from the domain layer to infrastructure, `check_ddd_structure.sh` catches it. CI fails. The merge is blocked.
|
|
157
149
|
|
|
158
150
|
---
|
|
159
151
|
|
|
160
152
|
## Quick Start
|
|
161
153
|
|
|
162
154
|
```bash
|
|
155
|
+
# 1. Scaffold
|
|
156
|
+
cd your-project
|
|
163
157
|
npx guardian-framework init
|
|
164
|
-
```
|
|
165
158
|
|
|
166
|
-
|
|
167
|
-
```bash
|
|
168
|
-
cd your-project && pi
|
|
159
|
+
# 2. Explore (iterative — review, refine, repeat)
|
|
169
160
|
/domain --explore "your business intent"
|
|
161
|
+
|
|
162
|
+
# 3. Generate architecture from exploration
|
|
163
|
+
/domain --architect-scaffold <session-id>
|
|
164
|
+
|
|
165
|
+
# 4. Review and refine (ADRs, diagrams, modules — human-in-the-loop)
|
|
166
|
+
|
|
167
|
+
# 5. Adopt the roadmap
|
|
170
168
|
/architect --roadmap
|
|
169
|
+
/architect --adopt-roadmap
|
|
170
|
+
|
|
171
|
+
# 6. Execute
|
|
171
172
|
/architect --phase "Phase 0"
|
|
172
173
|
```
|
|
173
174
|
|
|
174
175
|
---
|
|
175
176
|
|
|
177
|
+
## What This Means
|
|
178
|
+
|
|
179
|
+
**Architecture drift becomes a compile-time error.**
|
|
180
|
+
|
|
181
|
+
Not a documentation comment. Not a code review note that gets lost. A CI failure that blocks the merge until fixed.
|
|
182
|
+
|
|
183
|
+
Guardian was proven on [Rigorix](https://github.com/arman-jalili/rigorix-oss): 146,312 lines of Rust, 30 modules, 580 commits, built by a single developer over 11 active days. The architecture defined in `.pi/` was continuously validated against implementation. When drift happened, it was caught before reaching main.
|
|
184
|
+
|
|
185
|
+
---
|
|
186
|
+
|
|
176
187
|
## Links
|
|
177
188
|
|
|
178
189
|
| | |
|
package/dist/cli.js
CHANGED
|
@@ -1335,7 +1335,7 @@ __export(exports_package, {
|
|
|
1335
1335
|
bin: () => bin,
|
|
1336
1336
|
author: () => author
|
|
1337
1337
|
});
|
|
1338
|
-
var name = "guardian-framework", version = "0.1.
|
|
1338
|
+
var name = "guardian-framework", version = "0.1.17", description = "Token-optimized agentic framework scaffolder with pi-first architecture", type = "module", main = "dist/exports.js", exports, types = "dist/exports.d.ts", bin, files, engines, scripts, publishConfig, pi, repository, homepage = "https://github.com/arman-jalili/guardian-framework#readme", bugs, dependencies, devDependencies, keywords, author = "Arman Wolkensteiner-Jalili", license = "MIT", package_default;
|
|
1339
1339
|
var init_package = __esm(() => {
|
|
1340
1340
|
exports = {
|
|
1341
1341
|
".": {
|
package/dist/exports.js
CHANGED
|
@@ -995,7 +995,7 @@ __export(exports_package, {
|
|
|
995
995
|
bin: () => bin,
|
|
996
996
|
author: () => author
|
|
997
997
|
});
|
|
998
|
-
var name = "guardian-framework", version = "0.1.
|
|
998
|
+
var name = "guardian-framework", version = "0.1.17", description = "Token-optimized agentic framework scaffolder with pi-first architecture", type = "module", main = "dist/exports.js", exports, types = "dist/exports.d.ts", bin, files, engines, scripts, publishConfig, pi, repository, homepage = "https://github.com/arman-jalili/guardian-framework#readme", bugs, dependencies, devDependencies, keywords, author = "Arman Wolkensteiner-Jalili", license = "MIT", package_default;
|
|
999
999
|
var init_package = __esm(() => {
|
|
1000
1000
|
exports = {
|
|
1001
1001
|
".": {
|
package/package.json
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
{
|
|
2
|
-
"timestamp": "2026-07-03T05:
|
|
2
|
+
"timestamp": "2026-07-03T05:56:51Z",
|
|
3
3
|
"mode": "all",
|
|
4
4
|
"stages_run": [],
|
|
5
5
|
"summary": {
|
|
@@ -8,7 +8,7 @@
|
|
|
8
8
|
"failed": 1,
|
|
9
9
|
"skipped": 12
|
|
10
10
|
},
|
|
11
|
-
"duration_seconds":
|
|
11
|
+
"duration_seconds": 1,
|
|
12
12
|
"results": [
|
|
13
13
|
{
|
|
14
14
|
"name": "check_mr_traceability.sh",
|
|
@@ -68,7 +68,7 @@
|
|
|
68
68
|
"name": "secret_scan",
|
|
69
69
|
"status": "pass",
|
|
70
70
|
"message": "",
|
|
71
|
-
"duration":
|
|
71
|
+
"duration": 1
|
|
72
72
|
},
|
|
73
73
|
{
|
|
74
74
|
"name": "dependency_audit",
|