infynon 0.2.0-beta.9.0.9 → 0.2.1

package/LICENSE

@@ -0,0 +1 @@
+See the repository root LICENSE file for the proprietary binary license terms.

package/README.md

@@ -1,231 +1,137 @@
-# INFYNON
+# infynon
 
-INFYNON is a CLI for:
+INFYNON is a security-first CLI for package intelligence, API flow testing, and repository memory.
 
-- package security with `infynon pkg`
-- API flow testing with `infynon weave`
-- repo memory & provenance with `infynon trace`
+This npm package is the official installer wrapper for the INFYNON native binary. It does not contain the Rust source code. During installation, it downloads the matching prebuilt binary from the official GitHub Releases page.
 
-[![npm](https://img.shields.io/npm/v/infynon?style=flat-square&logo=npm)](https://www.npmjs.com/package/infynon)
-[![License: MIT](https://img.shields.io/badge/license-MIT-blue?style=flat-square)](https://github.com/d4rkNinja/infynon-cli/blob/main/LICENSE)
-[![GitHub](https://img.shields.io/badge/source-GitHub-black?style=flat-square&logo=github)](https://github.com/d4rkNinja/infynon-cli)
-[![Docs](https://img.shields.io/badge/docs-cli.infynon.com-14b8a6?style=flat-square)](https://cli.infynon.com/docs)
-[![Claude Code](https://img.shields.io/badge/Claude%20Code-code--guardian-7c3aed?style=flat-square)](https://github.com/d4rkNinja/code-guardian)
+## Why Install INFYNON
 
-Website: [cli.infynon.com](https://cli.infynon.com)
-Claude Code companion: [d4rkNinja/code-guardian](https://github.com/d4rkNinja/code-guardian)
+INFYNON is built for teams that need one terminal tool for three connected workflows:
 
-## Install
+| Workflow | Command Area | Purpose |
+|---|---|---|
+| Package intelligence | `infynon pkg` | Scan dependencies, inspect risk, audit package changes, and support safer install workflows. |
+| API flow testing | `infynon weave` | Run multi-step API flows with context passed between requests. |
+| Repository memory | `infynon trace` | Preserve structured handoff notes, branch context, package ownership, and repo memory. |
 
-### npm (recommended)
+## Install
 
 ```bash
 npm install -g infynon
 ```
 
-This package downloads the matching native binary for your OS and architecture.
+The installer downloads the binary for the current platform and makes `infynon` available through npm's global binary directory.
 
-### Other install methods
-
-```bash
-cargo install infynon                                          # Rust (crates.io)
-go install github.com/d4rkNinja/infynon-cli/go/cmd/infynon@latest # Go
-curl -fsSL https://raw.githubusercontent.com/d4rkNinja/infynon-cli/main/scripts/install.sh | bash  # Linux/macOS
-```
+## Supported Platforms
 
-## Good Fit For
+- Windows x64
+- Linux x64
+- Linux arm64
+- macOS x64
+- macOS arm64
 
-- teams doing AI-assisted or high-speed coding
-- backend teams testing stateful API workflows
-- repos where package ownership and handoff context matter
-- developers who want one CLI instead of three disconnected tools
+Unsupported platforms can still install the npm wrapper, but the wrapper will not be able to download a native binary until a matching release asset exists.
 
-## Why INFYNON Exists
+## Quick Start
 
-INFYNON was created because modern repos usually hit three problems at the same time:
-
-- dependencies move faster than teams can review them
-- API testing breaks when workflows span multiple requests
-- provenance gets lost between branches, PRs, and different machines
-
-Instead of solving only one of those, INFYNON groups them under one CLI.
-
-## What INFYNON Includes
+```bash
+infynon --help
+infynon pkg scan
+infynon pkg audit
+infynon weave flow run checkout
+infynon trace tui
+```
 
-| Area | Command | Best For | What It Solves |
-|---|---|---|---|
-| Package Security | `infynon pkg` | scanning, safe installs, remediation, monitoring | risky dependencies, invisible installs, version exposure |
-| API Flow Testing | `infynon weave` | multi-step API execution and validation | brittle request scripts, missing flow context, runtime probes |
-| Repo Memory & Provenance | `infynon trace` | handoffs, package ownership, branch/PR/file/package notes, TUI inspection | lost context across people, PRs, branches, and machines |
+## Package Intelligence
 
-## How the workflow fits together
+Use `infynon pkg` to inspect dependency risk and package state.
 
-- `pkg` checks what is entering the system
-- `weave` tests how the real API path behaves
-- `trace` preserves who changed what, why it changed, and what the team knew at the time
+```bash
+infynon pkg scan
+infynon pkg audit
+infynon pkg explain serde_json
+```
 
-## Best With Claude Code
+Good fit:
 
-Trace works best with `code-guardian` when you want Claude Code to pull the latest handoff context before work and update it again after the task.
+- reviewing dependency changes
+- scanning a project before merging
+- understanding why a package exists
+- adding package security checks to local workflows
 
-- Claude Code companion: [d4rkNinja/code-guardian](https://github.com/d4rkNinja/code-guardian)
-- good fit for Claude Code hook-based Trace workflows
-- gives Trace a practical agent-side bridge instead of leaving context updates fully manual
+## API Flow Testing
 
-## Comparison Table
+Use `infynon weave` when API behavior depends on multiple connected requests.
 
-| Workflow Need | Typical Pain | INFYNON Answer |
-|---|---|---|
-| dependency safety | install first, understand later | `pkg` scans, audits, and supports stricter install workflows |
-| API flow confidence | one request works, the full workflow fails | `weave` models and runs the whole flow |
-| repo provenance | context is scattered and stale | `trace` keeps it structured, queryable, and inspectable |
+```bash
+infynon weave env set BASE_URL http://localhost:8001
+infynon weave flow run checkout
+```
 
-## Command Areas
+Good fit:
 
-### `infynon pkg`
+- login-then-action API workflows
+- stateful API validation
+- terminal-first flow execution
+- CI-friendly API checks
 
-Use this when the problem is packages.
+## Repository Memory
 
-- scan lockfiles for vulnerable packages
-- secure install wrapper for multiple ecosystems
-- audit, why, outdated, diff, doctor, fix, clean, migrate
-- Eagle Eye scheduled package monitoring
+Use `infynon trace` to preserve context that usually disappears into chat, PR comments, or local notes.
 
 ```bash
-infynon pkg scan
-infynon pkg audit
-infynon pkg npm install express --strict high
+infynon trace init
+infynon trace note add repo-handoff --title "Auth changed" --body "Refresh moved into middleware"
+infynon trace tui
 ```
 
-### `infynon weave`
+Good fit:
 
-Use this when the problem is API behavior across multiple steps.
+- branch handoffs
+- package ownership context
+- team notes
+- AI-assisted coding sessions that need durable memory
 
-- create API nodes and flows
-- run connected request chains
-- import OpenAPI
-- prompt for runtime values
-- run AI-assisted security probes
+## Alternative Install Methods
 
-```bash
-infynon weave env set BASE_URL http://localhost:8001
-infynon weave flow create "checkout" --ai "login then create order"
-infynon weave flow run checkout
-```
+GitHub Releases:
 
-### `infynon trace`
-
-Use this when the problem is repo memory, handoff context, and package provenance.
+```text
+https://github.com/d4rkNinja/infynon-cli/releases
+```
 
-- canonical, team, and user memory layers
-- Redis or SQL backends
-- package notes that identify who introduced a compromised dependency
-- sync, retrieve, compact, and TUI inspection
-- designed to pair with the `code-guardian` Claude Code companion
-- branch-wise knowledge graph with auto-build from git history
-- graph queries: path finding, impact analysis, orphan detection, branch diff
-- export to JSON and Graphviz DOT
-- interactive graph TUI with entity/edge editing and branch switching
+macOS and Linux:
 
 ```bash
-infynon trace init --owner team --user alien
-infynon trace source add-sql team-db --engine sqlite --url sqlite://.infynon/trace/trace.db --user alien --default
-infynon trace note add repo-handoff --title "Auth changed" --body "Refresh moved into middleware"
-infynon trace sync --direction both
-infynon trace tui
-infynon trace graph build
-infynon trace graph show --branch main
-infynon trace graph tui
+curl -fsSL https://raw.githubusercontent.com/d4rkNinja/infynon-cli/main/install.sh | bash
 ```
 
-Claude Code companion:
-[d4rkNinja/code-guardian](https://github.com/d4rkNinja/code-guardian)
-
-## Head-to-Head Comparison
-
-### `infynon pkg` vs Alternatives
-
-| Feature | infynon pkg | npm audit | Snyk CLI | Socket CLI | OSV-scanner |
-|---|:---:|:---:|:---:|:---:|:---:|
-| Secure install wrapper | ✓ | — | — | ~ npm only | — |
-| 14 ecosystems in one scan | ✓ | — | ~ | ~ | ~ |
-| Block installs via strict mode | ✓ | — | — | ~ npm only | — |
-| Scheduled CLI monitoring | ✓ | — | ~ server-side | — | — |
-| PDF + Markdown report export | ✓ | — | — | — | — |
-| Package version diff | ✓ | — | — | — | — |
-| Per-package install decisions | ✓ | — | — | — | — |
-| Auto-fix / remediation | ✓ | ~ basic | ✓ | ✓ | — |
-| No SaaS account required | ✓ | ✓ | — | ~ | ✓ |
-
-### `infynon weave` vs Alternatives
-
-| Feature | infynon weave | Postman | Hoppscotch | Bruno | Insomnia |
-|---|:---:|:---:|:---:|:---:|:---:|
-| Terminal TUI | ✓ | — | — | — | — |
-| Runtime prompts (OTP / 2FA) | ✓ | — | ~ | — | — |
-| Built-in AI security probes | ✓ | — | — | — | — |
-| AI-assisted flow creation (CLI) | ✓ | ~ GUI only | ~ GUI / alpha | — | — |
-| Visual flow graph in terminal | ✓ | — | — | — | — |
-| Run diff (side-by-side) | ✓ | — | — | ~ paid | — |
-| Context threading between nodes | ✓ | ✓ | ✓ | ✓ | ✓ |
-| OpenAPI / Swagger import | ✓ | ✓ | ✓ | ✓ | ✓ |
-| Offline, no account required | ✓ | — | ✓ | ✓ | ~ |
-
-### `infynon trace` vs Alternatives
-
-| Feature | infynon trace | GitHub Wiki | Notion | Confluence | Obsidian |
-|---|:---:|:---:|:---:|:---:|:---:|
-| Native CLI | ✓ | — | ~ 3rd party | ~ ACLI | ✓ |
-| Branch / file / package scoping | ✓ | — | — | — | — |
-| Package ownership tracking | ✓ | — | — | — | — |
-| Redis + SQL backend choice | ✓ | — | — | — | — |
-| Multi-layer memory (team / user / canonical) | ✓ | — | — | — | — |
-| Terminal TUI inspection | ✓ | — | — | — | — |
-| Claude Code native integration | ✓ | — | ~ MCP | — | ~ |
-| Structured retrieval by scope | ✓ | — | — | — | — |
-| Bidirectional sync via CLI | ✓ | — | ~ | ~ | ✓ |
-| Branch-wise knowledge graph | ✓ | — | — | — | — |
-
-`✓` = supported · `~` = partial or limited · `—` = not supported
-
-## Backend Choice For Trace
-
-| Backend | Better For |
-|---|---|
-| Redis | fast live retrieval, active session state, lower-latency coordination |
-| SQL | durable structured history, stronger filtering, canonical memory |
+Windows:
 
-## Documentation
+```powershell
+iwr https://raw.githubusercontent.com/d4rkNinja/infynon-cli/main/install.ps1 -useb | iex
+```
 
-- docs home: [cli.infynon.com/docs](https://cli.infynon.com/docs)
-- root README: `README.md`
-- command reference: `docs/commands.md`
-- Trace guide: `docs/trace.md`
-- Weave guide: `docs/weave.md`
-- Claude Code companion: [d4rkNinja/code-guardian](https://github.com/d4rkNinja/code-guardian)
+Go wrapper:
 
-## Comparison Blogs
+```bash
+go install github.com/d4rkNinja/infynon-cli/go/cmd/infynon@latest
+```
 
-- [One CLI vs fragmented tooling](https://cli.infynon.com/blog/why-infynon-over-fragmented-tooling)
-- [`pkg` vs `npm audit`](https://cli.infynon.com/blog/infynon-vs-npm-audit)
-- [`pkg` vs Snyk CLI](https://cli.infynon.com/blog/infynon-vs-snyk-cli)
-- [`pkg` vs Socket.dev](https://cli.infynon.com/blog/infynon-vs-socket-dev)
-- [Why Trace exists](https://cli.infynon.com/blog/why-i-built-trace)
-- [Why repo memory matters](https://cli.infynon.com/blog/agentic-coding-context-problem)
+## Verification
 
-## Recommended Stack
+GitHub Releases include `checksums.txt` for SHA-256 verification.
 
 ```text
-INFYNON CLI + Trace + code-guardian
+https://github.com/d4rkNinja/infynon-cli/releases
 ```
 
-Use that stack when you want:
+## Documentation
 
-- package risk scanning with `pkg`
-- workflow-level API testing with `weave`
-- structured repo context with `trace`
-- Claude Code automation around Trace retrieval and updates through `code-guardian`
+- Public docs: https://github.com/d4rkNinja/infynon-cli/tree/main/docs
+- Releases: https://github.com/d4rkNinja/infynon-cli/releases
+- Issues: https://github.com/d4rkNinja/infynon-cli/issues
 
-## License
+## Source Availability
 
-MIT
+This npm package distributes the INFYNON binary and installer wrapper only. The Rust source code is proprietary and is not bundled in this package.

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "infynon",
-  "version": "0.2.0-beta.9.0.9",
-  "description": "Package intelligence, API flow testing, and repo memory for AI-assisted backend teams.",
+  "version": "0.2.1",
+  "description": "Thin npm installer for the proprietary INFYNON CLI binary releases.",
   "bin": {
     "infynon": "run.js",
     "infynon-pkg": "run.js"
@@ -11,6 +11,7 @@
     "preuninstall": "node preuninstall.js"
   },
   "files": [
+    "LICENSE",
     "run.js",
     "postinstall.js",
     "preuninstall.js"
@@ -18,35 +19,8 @@
   "engines": {
     "node": ">=14.14"
   },
-  "keywords": [
-    "security",
-    "cli",
-    "vulnerability-scanner",
-    "cve",
-    "package-security",
-    "supply-chain-security",
-    "waf",
-    "web-application-firewall",
-    "reverse-proxy",
-    "firewall",
-    "api-testing",
-    "devsecops",
-    "dependency-scanner",
-    "npm-security",
-    "pip-security",
-    "cargo-security",
-    "osv",
-    "audit",
-    "security-scanner",
-    "integration-testing",
-    "rate-limiter",
-    "ip-filter",
-    "security-proxy",
-    "package-manager",
-    "developer-tools"
-  ],
   "author": "d4rkNinja",
-  "license": "MIT",
+  "license": "SEE LICENSE IN LICENSE",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/d4rkNinja/infynon-cli.git"
@@ -54,9 +28,9 @@
   "bugs": {
     "url": "https://github.com/d4rkNinja/infynon-cli/issues"
   },
-  "homepage": "https://cli.infynon.com/docs",
+  "homepage": "https://github.com/d4rkNinja/infynon-cli#readme",
   "publishConfig": {
-    "access": "public",
-    "tag": "beta"
+    "access": "public"
   }
 }
+

package/postinstall.js

@@ -10,17 +10,12 @@ const VERSION = require("./package.json").version;
 const BIN_DIR = path.join(__dirname, "bin");
 const BIN_PATH = path.join(BIN_DIR, process.platform === "win32" ? "infynon.exe" : "infynon");
 
-// Map Node.js platform/arch to the GitHub release target triple
 function getTarget() {
-  const platform = process.platform;
-  const arch = process.arch;
-
-  if (platform === "win32" && arch === "x64") return { target: "x86_64-pc-windows-msvc", ext: ".exe" };
-  if (platform === "linux" && arch === "x64")  return { target: "x86_64-unknown-linux-musl", ext: "" };
-  if (platform === "linux" && arch === "arm64") return { target: "aarch64-unknown-linux-musl", ext: "" };
-  if (platform === "darwin" && arch === "x64") return { target: "x86_64-apple-darwin", ext: "" };
-  if (platform === "darwin" && arch === "arm64") return { target: "aarch64-apple-darwin", ext: "" };
-
+  if (process.platform === "win32" && process.arch === "x64") return { target: "x86_64-pc-windows-msvc", ext: ".exe" };
+  if (process.platform === "linux" && process.arch === "x64") return { target: "x86_64-unknown-linux-musl", ext: "" };
+  if (process.platform === "linux" && process.arch === "arm64") return { target: "aarch64-unknown-linux-musl", ext: "" };
+  if (process.platform === "darwin" && process.arch === "x64") return { target: "x86_64-apple-darwin", ext: "" };
+  if (process.platform === "darwin" && process.arch === "arm64") return { target: "aarch64-apple-darwin", ext: "" };
   return null;
 }
 
@@ -67,12 +62,11 @@ async function main() {
   if (!info) {
     console.warn(
       "[infynon] Unsupported platform: " + process.platform + " " + process.arch + ".\n" +
-      "         Build from source: cargo install --git https://github.com/" + REPO
+      "         Download a release manually: https://github.com/" + REPO + "/releases"
     );
-    process.exit(0); // non-fatal — let the install succeed
+    process.exit(0);
   }
 
-  // Strip npm prerelease suffix for the GitHub tag (beta.6 → beta.6 stays; just prefix with v)
   const tag = "v" + VERSION;
   const assetName = "infynon-" + info.target + info.ext;
   const url = "https://github.com/" + REPO + "/releases/download/" + tag + "/" + assetName;
@@ -87,11 +81,10 @@ async function main() {
     await downloadFile(url, BIN_PATH);
   } catch (err) {
     console.error("[infynon] Download failed: " + err.message);
-    console.error("[infynon] You can install manually: https://github.com/" + REPO + "/releases/tag/" + tag);
+    console.error("[infynon] Manual install: https://github.com/" + REPO + "/releases/tag/" + tag);
     process.exit(1);
   }
 
-  // Make executable on Unix
   if (process.platform !== "win32") {
     fs.chmodSync(BIN_PATH, 0o755);
   }

package/run.js

@@ -15,7 +15,7 @@ if (!fs.existsSync(BIN_PATH)) {
   console.error(
     "[infynon] Binary not found at: " + BIN_PATH + "\n" +
     "         Try reinstalling: npm install -g infynon\n" +
-    "         Or build from source: cargo install --git https://github.com/d4rkNinja/infynon-cli"
+    "         Or download a release manually: https://github.com/d4rkNinja/infynon-cli/releases"
   );
   process.exit(1);
 }