jumpstart-mode 1.1.12 → 1.1.13

package/bin/lib/tool-schemas.js

@@ -247,6 +247,7 @@ const ALL_TOOLS = [
               'approval', 'rejection',
               'subagent_invoked', 'subagent_completed',
               'llm_turn_start', 'llm_turn_end',
+              'prompt_logged',
               'research_query', 'checkpoint_created', 'rewind',
               'handoff', 'usage_logged', 'custom'
             ],
@@ -281,6 +282,174 @@ const ALL_TOOLS = [
       }
     }
   },
+  // ─── Usage Logging ──────────────────────────────────────────────────────────
+  {
+    type: 'function',
+    function: {
+      name: 'log_usage',
+      description: 'Log token usage and estimated cost for the current agent session to the usage log (.jumpstart/usage-log.json). Call this at the end of each phase or significant agent interaction to maintain an audit trail of LLM consumption.',
+      parameters: {
+        type: 'object',
+        properties: {
+          phase: {
+            type: 'string',
+            description: 'Phase identifier (e.g., "phase-0", "scout", "phase-3").'
+          },
+          agent: {
+            type: 'string',
+            description: 'Agent name (e.g., "Challenger", "Architect", "Developer").'
+          },
+          action: {
+            type: 'string',
+            description: 'Action description (e.g., "generation", "review", "consultation").'
+          },
+          estimated_tokens: {
+            type: 'number',
+            description: 'Estimated total token count for this interaction.'
+          },
+          estimated_cost_usd: {
+            type: 'number',
+            description: 'Estimated cost in USD (optional — computed from tokens if omitted).'
+          },
+          model: {
+            type: 'string',
+            description: 'Model name/ID used for this interaction.'
+          },
+          metadata: {
+            type: 'object',
+            description: 'Additional metadata (e.g., { "turns": 12, "artifact": "specs/prd.md" }).'
+          }
+        },
+        required: ['phase', 'agent', 'action', 'estimated_tokens']
+      }
+    }
+  },
+  // ─── Item-Tagged Feature Tools ─────────────────────────────────────────
+  {
+    type: 'function',
+    function: {
+      name: 'run_revert',
+      description: 'Archive a rejected artifact draft and restore the last approved version from git. (Item 40)',
+      parameters: {
+        type: 'object',
+        properties: {
+          artifact: { type: 'string', description: 'Path to the artifact file to revert.' },
+          reason: { type: 'string', description: 'Reason for reverting.' },
+          archive_dir: { type: 'string', description: 'Archive directory (default: .jumpstart/archive).' }
+        },
+        required: ['artifact']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'run_adr_index',
+      description: 'Build or search an index of Architecture Decision Records. (Item 51)',
+      parameters: {
+        type: 'object',
+        properties: {
+          action: { type: 'string', enum: ['build', 'search'], description: 'Action to perform.' },
+          root: { type: 'string', description: 'Project root directory.' },
+          query: { type: 'string', description: 'Search query (for search action).' },
+          tag: { type: 'string', description: 'Filter by tag (for search action).' }
+        },
+        required: ['action']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'run_complexity',
+      description: 'Calculate adaptive planning depth (quick/standard/deep) from project signals. (Item 33)',
+      parameters: {
+        type: 'object',
+        properties: {
+          description: { type: 'string', description: 'Free-text problem statement.' },
+          root: { type: 'string', description: 'Project root directory.' }
+        }
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'run_crossref',
+      description: 'Validate cross-reference links in spec artifacts and detect broken links and orphan sections. (Item 47)',
+      parameters: {
+        type: 'object',
+        properties: {
+          specs_dir: { type: 'string', description: 'Path to specs directory (default: specs).' },
+          root: { type: 'string', description: 'Project root directory.' }
+        }
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'run_init',
+      description: 'Generate initialization configuration based on skill level and project type. (Item 76)',
+      parameters: {
+        type: 'object',
+        properties: {
+          skill_level: { type: 'string', enum: ['beginner', 'intermediate', 'expert'], description: 'User skill level.' },
+          project_type: { type: 'string', enum: ['greenfield', 'brownfield'], description: 'Project type.' }
+        }
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'run_lock',
+      description: 'Manage artifact file locks for concurrent agent access. (Item 45)',
+      parameters: {
+        type: 'object',
+        properties: {
+          action: { type: 'string', enum: ['acquire', 'release', 'status', 'list'], description: 'Lock action.' },
+          file: { type: 'string', description: 'File path to lock/unlock (required for acquire/release/status).' },
+          agent: { type: 'string', description: 'Agent name acquiring/releasing the lock.' }
+        },
+        required: ['action']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'run_timestamp',
+      description: 'Generate, validate, or audit UTC timestamps in ISO 8601 format. (Item 60)',
+      parameters: {
+        type: 'object',
+        properties: {
+          action: { type: 'string', enum: ['now', 'validate', 'audit'], description: 'Timestamp action.' },
+          value: { type: 'string', description: 'Timestamp string to validate (for validate action).' },
+          file: { type: 'string', description: 'File path to audit timestamps in (for audit action).' }
+        },
+        required: ['action']
+      }
+    }
+  },
+  {
+    type: 'function',
+    function: {
+      name: 'run_scan',
+      description: 'Scan project directory to detect tech stack, dependencies, patterns, and risks. (Item 49)',
+      parameters: {
+        type: 'object',
+        properties: {
+          root: { type: 'string', description: 'Project root directory.' },
+          ignore: {
+            type: 'array',
+            items: { type: 'string' },
+            description: 'Directories to ignore.'
+          }
+        }
+      }
+    }
+  },
   // ─── Quality Gate Tools ────────────────────────────────────────────────────
   {
     type: 'function',
@@ -398,7 +567,7 @@ const ALL_TOOLS = [
 const BASE_TOOLS = [
   'read_file', 'create_file', 'replace_string_in_file', 'list_dir',
   'file_search', 'grep_search', 'semantic_search',
-  'ask_questions', 'manage_todo_list', 'record_timeline_event'
+  'ask_questions', 'manage_todo_list', 'record_timeline_event', 'log_usage'
 ];
 
 /** Additional tools unlocked per phase */
@@ -407,8 +576,8 @@ const PHASE_TOOL_ADDITIONS = {
   challenger: [],
   analyst:    [],
   pm:         [],
-  architect:  ['marketplace_install'],
-  developer:  ['run_in_terminal', 'marketplace_install', 'run_secret_scan', 'run_type_check', 'run_smoke_test', 'run_uat_coverage']
+  architect:  ['marketplace_install', 'run_adr_index', 'run_complexity', 'run_crossref', 'run_lock', 'run_scan', 'run_init'],
+  developer:  ['run_in_terminal', 'marketplace_install', 'run_secret_scan', 'run_type_check', 'run_smoke_test', 'run_uat_coverage', 'run_revert', 'run_adr_index', 'run_complexity', 'run_crossref', 'run_lock', 'run_timestamp', 'run_scan', 'run_init']
 };
 
 /**

package/bin/lib/transcript-ingestion.js

@@ -0,0 +1,150 @@
+/**
+ * transcript-ingestion.js — Meeting Transcript Ingestion (Item 74)
+ *
+ * Convert notes and transcripts into artifact updates,
+ * decision proposals, and action items.
+ *
+ * Usage:
+ *   node bin/lib/transcript-ingestion.js ingest|extract|list [options]
+ *
+ * State file: .jumpstart/state/transcripts.json
+ */
+
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+
+const DEFAULT_STATE_FILE = path.join('.jumpstart', 'state', 'transcripts.json');
+
+const ACTION_PATTERNS = [
+  /\baction(?:\s+item)?:\s*(.+)/gi,
+  /\bTODO:\s*(.+)/gi,
+  /\b(?:will|should|needs? to)\s+(.+?)(?:\.|$)/gi
+];
+
+const DECISION_PATTERNS = [
+  /\bdecided?\s+(?:to\s+)?(.+?)(?:\.|$)/gi,
+  /\bdecision:\s*(.+)/gi,
+  /\bagreed\s+(?:to\s+)?(.+?)(?:\.|$)/gi
+];
+
+function defaultState() {
+  return { version: '1.0.0', transcripts: [], last_updated: null };
+}
+
+function loadState(stateFile) {
+  const fp = stateFile || DEFAULT_STATE_FILE;
+  if (!fs.existsSync(fp)) return defaultState();
+  try { return JSON.parse(fs.readFileSync(fp, 'utf8')); }
+  catch { return defaultState(); }
+}
+
+function saveState(state, stateFile) {
+  const fp = stateFile || DEFAULT_STATE_FILE;
+  const dir = path.dirname(fp);
+  if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+  state.last_updated = new Date().toISOString();
+  fs.writeFileSync(fp, JSON.stringify(state, null, 2) + '\n', 'utf8');
+}
+
+/**
+ * Ingest a transcript text.
+ */
+function ingestTranscript(text, options = {}) {
+  if (!text) return { success: false, error: 'Transcript text is required' };
+
+  const stateFile = options.stateFile || DEFAULT_STATE_FILE;
+  const state = loadState(stateFile);
+
+  const transcript = {
+    id: `TR-${Date.now()}`,
+    title: options.title || 'Untitled Meeting',
+    source: options.source || 'manual',
+    text_length: text.length,
+    ingested_at: new Date().toISOString(),
+    actions: [],
+    decisions: [],
+    key_topics: []
+  };
+
+  // Extract action items
+  for (const pattern of ACTION_PATTERNS) {
+    let match;
+    pattern.lastIndex = 0;
+    while ((match = pattern.exec(text)) !== null) {
+      transcript.actions.push({ text: match[1].trim(), source_pattern: pattern.source.substring(0, 30) });
+    }
+  }
+
+  // Extract decisions
+  for (const pattern of DECISION_PATTERNS) {
+    let match;
+    pattern.lastIndex = 0;
+    while ((match = pattern.exec(text)) !== null) {
+      transcript.decisions.push({ text: match[1].trim() });
+    }
+  }
+
+  // Extract key topics (headings or emphasized text)
+  const headings = text.match(/^#+\s+(.+)$/gm);
+  if (headings) {
+    transcript.key_topics = headings.map(h => h.replace(/^#+\s+/, '').trim());
+  }
+
+  state.transcripts.push(transcript);
+  saveState(state, stateFile);
+
+  return { success: true, transcript };
+}
+
+/**
+ * Extract structured data from a transcript.
+ */
+function extractFromTranscript(transcriptId, options = {}) {
+  const stateFile = options.stateFile || DEFAULT_STATE_FILE;
+  const state = loadState(stateFile);
+
+  const transcript = state.transcripts.find(t => t.id === transcriptId);
+  if (!transcript) return { success: false, error: `Transcript ${transcriptId} not found` };
+
+  return {
+    success: true,
+    id: transcript.id,
+    title: transcript.title,
+    actions: transcript.actions,
+    decisions: transcript.decisions,
+    key_topics: transcript.key_topics,
+    summary: {
+      action_count: transcript.actions.length,
+      decision_count: transcript.decisions.length,
+      topic_count: transcript.key_topics.length
+    }
+  };
+}
+
+/**
+ * List ingested transcripts.
+ */
+function listTranscripts(options = {}) {
+  const stateFile = options.stateFile || DEFAULT_STATE_FILE;
+  const state = loadState(stateFile);
+
+  return {
+    success: true,
+    total: state.transcripts.length,
+    transcripts: state.transcripts.map(t => ({
+      id: t.id,
+      title: t.title,
+      actions: t.actions.length,
+      decisions: t.decisions.length,
+      ingested_at: t.ingested_at
+    }))
+  };
+}
+
+module.exports = {
+  ingestTranscript, extractFromTranscript, listTranscripts,
+  loadState, saveState, defaultState,
+  ACTION_PATTERNS, DECISION_PATTERNS
+};

package/bin/lib/vendor-risk.js

@@ -0,0 +1,173 @@
+/**
+ * vendor-risk.js — Vendor & Dependency Risk Scoring (Item 36)
+ *
+ * Evaluate OSS and SaaS dependencies for maintenance health,
+ * license risk, and supply chain concerns.
+ *
+ * Usage:
+ *   node bin/lib/vendor-risk.js scan|assess|report [options]
+ *
+ * State file: .jumpstart/state/vendor-risk.json
+ */
+
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+
+const DEFAULT_STATE_FILE = path.join('.jumpstart', 'state', 'vendor-risk.json');
+
+const RISK_FACTORS = ['maintenance', 'license', 'security', 'popularity', 'supply-chain'];
+
+const LICENSE_RISK = {
+  'MIT': 'low', 'ISC': 'low', 'BSD-2-Clause': 'low', 'BSD-3-Clause': 'low', 'Apache-2.0': 'low',
+  'LGPL-2.1': 'medium', 'LGPL-3.0': 'medium', 'MPL-2.0': 'medium',
+  'GPL-2.0': 'high', 'GPL-3.0': 'high', 'AGPL-3.0': 'high',
+  'SSPL-1.0': 'critical', 'BSL-1.1': 'high', 'UNLICENSED': 'critical', 'unknown': 'high'
+};
+
+function defaultState() {
+  return {
+    version: '1.0.0',
+    created_at: new Date().toISOString(),
+    last_updated: null,
+    assessments: [],
+    vendor_catalog: []
+  };
+}
+
+function loadState(stateFile) {
+  const filePath = stateFile || DEFAULT_STATE_FILE;
+  if (!fs.existsSync(filePath)) return defaultState();
+  try { return JSON.parse(fs.readFileSync(filePath, 'utf8')); }
+  catch { return defaultState(); }
+}
+
+function saveState(state, stateFile) {
+  const filePath = stateFile || DEFAULT_STATE_FILE;
+  const dir = path.dirname(filePath);
+  if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+  state.last_updated = new Date().toISOString();
+  fs.writeFileSync(filePath, JSON.stringify(state, null, 2) + '\n', 'utf8');
+}
+
+/**
+ * Scan project dependencies.
+ *
+ * @param {string} root - Project root.
+ * @param {object} [options]
+ * @returns {object}
+ */
+function scanDependencies(root, options = {}) {
+  const packageFile = path.join(root, 'package.json');
+  const dependencies = [];
+
+  if (fs.existsSync(packageFile)) {
+    try {
+      const pkg = JSON.parse(fs.readFileSync(packageFile, 'utf8'));
+      const deps = { ...pkg.dependencies };
+      const devDeps = options.includeDevDeps ? pkg.devDependencies || {} : {};
+
+      for (const [name, version] of Object.entries(deps)) {
+        dependencies.push({ name, version, type: 'production', ecosystem: 'npm' });
+      }
+      for (const [name, version] of Object.entries(devDeps)) {
+        dependencies.push({ name, version, type: 'development', ecosystem: 'npm' });
+      }
+    } catch { /* ignore */ }
+  }
+
+  return { success: true, dependencies, total: dependencies.length };
+}
+
+/**
+ * Assess risk for a dependency.
+ *
+ * @param {object} dep - { name, version, license?, last_publish?, weekly_downloads? }
+ * @param {object} [options]
+ * @returns {object}
+ */
+function assessDependency(dep, options = {}) {
+  if (!dep || !dep.name) return { success: false, error: 'dep.name is required' };
+
+  const scores = {};
+
+  // License risk
+  const license = dep.license || 'unknown';
+  const licenseRisk = LICENSE_RISK[license] || 'high';
+  scores.license = licenseRisk === 'low' ? 90 : licenseRisk === 'medium' ? 60 : licenseRisk === 'high' ? 30 : 10;
+
+  // Maintenance (based on last publish date if available)
+  if (dep.last_publish) {
+    const daysSince = Math.floor((Date.now() - new Date(dep.last_publish).getTime()) / (1000 * 60 * 60 * 24));
+    scores.maintenance = daysSince < 90 ? 90 : daysSince < 365 ? 60 : daysSince < 730 ? 30 : 10;
+  } else {
+    scores.maintenance = 50; // unknown
+  }
+
+  // Popularity
+  const downloads = dep.weekly_downloads || 0;
+  scores.popularity = downloads > 1000000 ? 90 : downloads > 100000 ? 70 : downloads > 10000 ? 50 : 30;
+
+  // Security (default: no known issues)
+  scores.security = dep.known_vulnerabilities ? 20 : 80;
+
+  // Supply chain
+  scores['supply-chain'] = dep.has_lockfile ? 80 : 50;
+
+  const overall = Math.round(Object.values(scores).reduce((a, b) => a + b, 0) / Object.keys(scores).length);
+
+  const stateFile = options.stateFile || DEFAULT_STATE_FILE;
+  const state = loadState(stateFile);
+
+  const assessment = {
+    name: dep.name,
+    version: dep.version,
+    license,
+    scores,
+    overall,
+    risk_level: overall >= 70 ? 'low' : overall >= 50 ? 'medium' : overall >= 30 ? 'high' : 'critical',
+    assessed_at: new Date().toISOString()
+  };
+
+  state.assessments.push(assessment);
+  saveState(state, stateFile);
+
+  return { success: true, assessment };
+}
+
+/**
+ * Generate vendor risk report.
+ *
+ * @param {object} [options]
+ * @returns {object}
+ */
+function generateReport(options = {}) {
+  const stateFile = options.stateFile || DEFAULT_STATE_FILE;
+  const state = loadState(stateFile);
+
+  const byRisk = { low: 0, medium: 0, high: 0, critical: 0 };
+  for (const a of state.assessments) byRisk[a.risk_level]++;
+
+  return {
+    success: true,
+    total_assessed: state.assessments.length,
+    by_risk: byRisk,
+    high_risk: state.assessments.filter(a => a.risk_level === 'high' || a.risk_level === 'critical'),
+    average_score: state.assessments.length > 0
+      ? Math.round(state.assessments.reduce((s, a) => s + a.overall, 0) / state.assessments.length)
+      : 0,
+    assessments: state.assessments
+  };
+}
+
+module.exports = {
+  defaultState,
+  loadState,
+  saveState,
+  scanDependencies,
+  assessDependency,
+  generateReport,
+  RISK_FACTORS,
+  LICENSE_RISK
+};

package/bin/lib/waiver-workflow.js

@@ -0,0 +1,174 @@
+/**
+ * waiver-workflow.js — Exception & Waiver Workflow (Item 27)
+ *
+ * Allow formal approval of justified deviations from standards
+ * with expiration and owner.
+ *
+ * Usage:
+ *   node bin/lib/waiver-workflow.js request|approve|list|expire [options]
+ *
+ * State file: .jumpstart/state/waivers.json
+ */
+
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+
+const DEFAULT_STATE_FILE = path.join('.jumpstart', 'state', 'waivers.json');
+
+const WAIVER_STATUSES = ['pending', 'approved', 'rejected', 'expired', 'revoked'];
+const WAIVER_CATEGORIES = ['security', 'architecture', 'compliance', 'performance', 'testing', 'documentation', 'other'];
+
+function defaultState() {
+  return {
+    version: '1.0.0',
+    created_at: new Date().toISOString(),
+    last_updated: null,
+    waivers: []
+  };
+}
+
+function loadState(stateFile) {
+  const filePath = stateFile || DEFAULT_STATE_FILE;
+  if (!fs.existsSync(filePath)) return defaultState();
+  try { return JSON.parse(fs.readFileSync(filePath, 'utf8')); }
+  catch { return defaultState(); }
+}
+
+function saveState(state, stateFile) {
+  const filePath = stateFile || DEFAULT_STATE_FILE;
+  const dir = path.dirname(filePath);
+  if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+  state.last_updated = new Date().toISOString();
+  fs.writeFileSync(filePath, JSON.stringify(state, null, 2) + '\n', 'utf8');
+}
+
+/**
+ * Request a new waiver.
+ *
+ * @param {object} request - { title, category, justification, owner, expires_in_days? }
+ * @param {object} [options]
+ * @returns {object}
+ */
+function requestWaiver(request, options = {}) {
+  if (!request || !request.title || !request.justification || !request.owner) {
+    return { success: false, error: 'title, justification, and owner are required' };
+  }
+
+  const category = (request.category || 'other').toLowerCase();
+  if (!WAIVER_CATEGORIES.includes(category)) {
+    return { success: false, error: `Invalid category. Must be one of: ${WAIVER_CATEGORIES.join(', ')}` };
+  }
+
+  const stateFile = options.stateFile || DEFAULT_STATE_FILE;
+  const state = loadState(stateFile);
+
+  const expiresInDays = request.expires_in_days || 90;
+  const expiresAt = new Date();
+  expiresAt.setDate(expiresAt.getDate() + expiresInDays);
+
+  const waiver = {
+    id: `WVR-${Date.now().toString(36).toUpperCase()}`,
+    title: request.title,
+    category,
+    justification: request.justification,
+    owner: request.owner,
+    status: 'pending',
+    requested_at: new Date().toISOString(),
+    expires_at: expiresAt.toISOString(),
+    approved_by: null,
+    approved_at: null,
+    conditions: request.conditions || [],
+    affected_artifacts: request.affected_artifacts || []
+  };
+
+  state.waivers.push(waiver);
+  saveState(state, stateFile);
+
+  return { success: true, waiver };
+}
+
+/**
+ * Approve or reject a waiver.
+ *
+ * @param {string} waiverId
+ * @param {string} action - 'approve' or 'reject'
+ * @param {object} [options]
+ * @returns {object}
+ */
+function resolveWaiver(waiverId, action, options = {}) {
+  if (!['approve', 'reject'].includes(action)) {
+    return { success: false, error: 'action must be "approve" or "reject"' };
+  }
+
+  const stateFile = options.stateFile || DEFAULT_STATE_FILE;
+  const state = loadState(stateFile);
+
+  const waiver = state.waivers.find(w => w.id === waiverId);
+  if (!waiver) return { success: false, error: `Waiver not found: ${waiverId}` };
+  if (waiver.status !== 'pending') {
+    return { success: false, error: `Waiver is already ${waiver.status}` };
+  }
+
+  waiver.status = action === 'approve' ? 'approved' : 'rejected';
+  waiver.approved_by = options.approver || null;
+  waiver.approved_at = new Date().toISOString();
+
+  saveState(state, stateFile);
+  return { success: true, waiver };
+}
+
+/**
+ * Expire outdated waivers.
+ *
+ * @param {object} [options]
+ * @returns {object}
+ */
+function expireWaivers(options = {}) {
+  const stateFile = options.stateFile || DEFAULT_STATE_FILE;
+  const state = loadState(stateFile);
+  const now = new Date();
+  let expired = 0;
+
+  for (const waiver of state.waivers) {
+    if (waiver.status === 'approved' && new Date(waiver.expires_at) < now) {
+      waiver.status = 'expired';
+      expired++;
+    }
+  }
+
+  saveState(state, stateFile);
+  return { success: true, expired, total_waivers: state.waivers.length };
+}
+
+/**
+ * List waivers with optional filter.
+ *
+ * @param {object} [filter] - { status?, category?, owner? }
+ * @param {object} [options]
+ * @returns {object}
+ */
+function listWaivers(filter = {}, options = {}) {
+  const stateFile = options.stateFile || DEFAULT_STATE_FILE;
+  const state = loadState(stateFile);
+  let waivers = state.waivers;
+
+  if (filter.status) waivers = waivers.filter(w => w.status === filter.status);
+  if (filter.category) waivers = waivers.filter(w => w.category === filter.category);
+  if (filter.owner) waivers = waivers.filter(w => w.owner === filter.owner);
+
+  return { success: true, waivers, total: waivers.length };
+}
+
+module.exports = {
+  defaultState,
+  loadState,
+  saveState,
+  requestWaiver,
+  resolveWaiver,
+  expireWaivers,
+  listWaivers,
+  WAIVER_STATUSES,
+  WAIVER_CATEGORIES
+};