npm - mindforge-cc - Versions diffs - 1.0.0 - Mend

mindforge-cc 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (324) hide show

package/.agent/CLAUDE.md +462 -0
package/.agent/forge/help.md +7 -0
package/.agent/forge/init-project.md +32 -0
package/.agent/forge/plan-phase.md +30 -0
package/.agent/mindforge/approve.md +18 -0
package/.agent/mindforge/audit.md +30 -0
package/.agent/mindforge/benchmark.md +33 -0
package/.agent/mindforge/complete-milestone.md +18 -0
package/.agent/mindforge/debug.md +126 -0
package/.agent/mindforge/discuss-phase.md +138 -0
package/.agent/mindforge/execute-phase.md +165 -0
package/.agent/mindforge/health.md +21 -0
package/.agent/mindforge/help.md +23 -0
package/.agent/mindforge/init-org.md +131 -0
package/.agent/mindforge/init-project.md +155 -0
package/.agent/mindforge/install-skill.md +15 -0
package/.agent/mindforge/map-codebase.md +298 -0
package/.agent/mindforge/metrics.md +22 -0
package/.agent/mindforge/migrate.md +40 -0
package/.agent/mindforge/milestone.md +12 -0
package/.agent/mindforge/next.md +105 -0
package/.agent/mindforge/plan-phase.md +125 -0
package/.agent/mindforge/plugins.md +40 -0
package/.agent/mindforge/pr-review.md +41 -0
package/.agent/mindforge/profile-team.md +23 -0
package/.agent/mindforge/publish-skill.md +19 -0
package/.agent/mindforge/quick.md +135 -0
package/.agent/mindforge/release.md +10 -0
package/.agent/mindforge/retrospective.md +26 -0
package/.agent/mindforge/review.md +157 -0
package/.agent/mindforge/security-scan.md +233 -0
package/.agent/mindforge/ship.md +100 -0
package/.agent/mindforge/skills.md +141 -0
package/.agent/mindforge/status.md +104 -0
package/.agent/mindforge/sync-confluence.md +11 -0
package/.agent/mindforge/sync-jira.md +12 -0
package/.agent/mindforge/tokens.md +8 -0
package/.agent/mindforge/update.md +42 -0
package/.agent/mindforge/verify-phase.md +62 -0
package/.agent/mindforge/workspace.md +29 -0
package/.claude/CLAUDE.md +462 -0
package/.claude/commands/forge/help.md +7 -0
package/.claude/commands/forge/init-project.md +32 -0
package/.claude/commands/forge/plan-phase.md +30 -0
package/.claude/commands/mindforge/approve.md +18 -0
package/.claude/commands/mindforge/audit.md +30 -0
package/.claude/commands/mindforge/benchmark.md +33 -0
package/.claude/commands/mindforge/complete-milestone.md +18 -0
package/.claude/commands/mindforge/debug.md +126 -0
package/.claude/commands/mindforge/discuss-phase.md +138 -0
package/.claude/commands/mindforge/execute-phase.md +165 -0
package/.claude/commands/mindforge/health.md +21 -0
package/.claude/commands/mindforge/help.md +23 -0
package/.claude/commands/mindforge/init-org.md +131 -0
package/.claude/commands/mindforge/init-project.md +155 -0
package/.claude/commands/mindforge/install-skill.md +15 -0
package/.claude/commands/mindforge/map-codebase.md +298 -0
package/.claude/commands/mindforge/metrics.md +22 -0
package/.claude/commands/mindforge/migrate.md +40 -0
package/.claude/commands/mindforge/milestone.md +12 -0
package/.claude/commands/mindforge/next.md +105 -0
package/.claude/commands/mindforge/plan-phase.md +125 -0
package/.claude/commands/mindforge/plugins.md +40 -0
package/.claude/commands/mindforge/pr-review.md +41 -0
package/.claude/commands/mindforge/profile-team.md +23 -0
package/.claude/commands/mindforge/publish-skill.md +19 -0
package/.claude/commands/mindforge/quick.md +135 -0
package/.claude/commands/mindforge/release.md +10 -0
package/.claude/commands/mindforge/retrospective.md +26 -0
package/.claude/commands/mindforge/review.md +157 -0
package/.claude/commands/mindforge/security-scan.md +233 -0
package/.claude/commands/mindforge/ship.md +100 -0
package/.claude/commands/mindforge/skills.md +141 -0
package/.claude/commands/mindforge/status.md +104 -0
package/.claude/commands/mindforge/sync-confluence.md +11 -0
package/.claude/commands/mindforge/sync-jira.md +12 -0
package/.claude/commands/mindforge/tokens.md +8 -0
package/.claude/commands/mindforge/update.md +42 -0
package/.claude/commands/mindforge/verify-phase.md +62 -0
package/.claude/commands/mindforge/workspace.md +29 -0
package/.forge/org/CONVENTIONS.md +0 -0
package/.forge/org/ORG.md +0 -0
package/.forge/org/SECURITY.md +0 -0
package/.forge/org/TOOLS.md +0 -0
package/.forge/personas/analyst.md +0 -0
package/.forge/personas/architect.md +0 -0
package/.forge/personas/debug-specialist.md +0 -0
package/.forge/personas/developer.md +26 -0
package/.forge/personas/qa-engineer.md +0 -0
package/.forge/personas/release-manager.md +0 -0
package/.forge/personas/security-reviewer.md +33 -0
package/.forge/personas/tech-writer.md +0 -0
package/.forge/skills/api-design/SKILL.md +0 -0
package/.forge/skills/code-quality/SKILL.md +0 -0
package/.forge/skills/documentation/SKILL.md +0 -0
package/.forge/skills/security-review/SKILL.md +23 -0
package/.forge/skills/testing-standards/SKILL.md +27 -0
package/.github/workflows/mindforge-ci.yml +224 -0
package/.gitlab-ci-mindforge.yml +18 -0
package/.mindforge/MINDFORGE-SCHEMA.json +165 -0
package/.mindforge/audit/AUDIT-SCHEMA.md +451 -0
package/.mindforge/ci/ci-config-schema.md +21 -0
package/.mindforge/ci/ci-mode.md +179 -0
package/.mindforge/ci/github-actions-adapter.md +224 -0
package/.mindforge/ci/gitlab-ci-adapter.md +31 -0
package/.mindforge/ci/jenkins-adapter.md +44 -0
package/.mindforge/distribution/registry-client.md +166 -0
package/.mindforge/distribution/registry-schema.md +96 -0
package/.mindforge/distribution/skill-publisher.md +44 -0
package/.mindforge/distribution/skill-validator.md +74 -0
package/.mindforge/engine/compaction-protocol.md +182 -0
package/.mindforge/engine/context-injector.md +128 -0
package/.mindforge/engine/dependency-parser.md +113 -0
package/.mindforge/engine/skills/conflict-resolver.md +69 -0
package/.mindforge/engine/skills/loader.md +184 -0
package/.mindforge/engine/skills/registry.md +98 -0
package/.mindforge/engine/skills/versioning.md +75 -0
package/.mindforge/engine/verification-pipeline.md +111 -0
package/.mindforge/engine/wave-executor.md +235 -0
package/.mindforge/governance/GOVERNANCE-CONFIG.md +17 -0
package/.mindforge/governance/approval-workflow.md +37 -0
package/.mindforge/governance/change-classifier.md +63 -0
package/.mindforge/governance/compliance-gates.md +31 -0
package/.mindforge/integrations/confluence.md +27 -0
package/.mindforge/integrations/connection-manager.md +163 -0
package/.mindforge/integrations/github.md +25 -0
package/.mindforge/integrations/gitlab.md +13 -0
package/.mindforge/integrations/jira.md +102 -0
package/.mindforge/integrations/slack.md +41 -0
package/.mindforge/intelligence/antipattern-detector.md +75 -0
package/.mindforge/intelligence/difficulty-scorer.md +55 -0
package/.mindforge/intelligence/health-engine.md +208 -0
package/.mindforge/intelligence/skill-gap-analyser.md +40 -0
package/.mindforge/intelligence/smart-compaction.md +71 -0
package/.mindforge/metrics/METRICS-SCHEMA.md +42 -0
package/.mindforge/metrics/quality-tracker.md +32 -0
package/.mindforge/monorepo/cross-package-planner.md +114 -0
package/.mindforge/monorepo/dependency-graph-builder.md +32 -0
package/.mindforge/monorepo/workspace-detector.md +129 -0
package/.mindforge/org/CONVENTIONS.md +62 -0
package/.mindforge/org/ORG.md +51 -0
package/.mindforge/org/SECURITY.md +50 -0
package/.mindforge/org/TOOLS.md +53 -0
package/.mindforge/org/integrations/INTEGRATIONS-CONFIG.md +58 -0
package/.mindforge/org/skills/MANIFEST.md +38 -0
package/.mindforge/personas/analyst.md +52 -0
package/.mindforge/personas/architect.md +75 -0
package/.mindforge/personas/debug-specialist.md +52 -0
package/.mindforge/personas/developer.md +85 -0
package/.mindforge/personas/overrides/README.md +85 -0
package/.mindforge/personas/qa-engineer.md +61 -0
package/.mindforge/personas/release-manager.md +76 -0
package/.mindforge/personas/security-reviewer.md +91 -0
package/.mindforge/personas/tech-writer.md +51 -0
package/.mindforge/plugins/PLUGINS-MANIFEST.md +23 -0
package/.mindforge/plugins/plugin-loader.md +93 -0
package/.mindforge/plugins/plugin-registry.md +44 -0
package/.mindforge/plugins/plugin-schema.md +68 -0
package/.mindforge/pr-review/ai-reviewer.md +266 -0
package/.mindforge/pr-review/finding-formatter.md +46 -0
package/.mindforge/pr-review/review-prompt-templates.md +44 -0
package/.mindforge/production/compatibility-layer.md +39 -0
package/.mindforge/production/migration-engine.md +52 -0
package/.mindforge/production/production-checklist.md +165 -0
package/.mindforge/production/token-optimiser.md +68 -0
package/.mindforge/skills/accessibility/SKILL.md +106 -0
package/.mindforge/skills/api-design/SKILL.md +98 -0
package/.mindforge/skills/code-quality/SKILL.md +88 -0
package/.mindforge/skills/data-privacy/SKILL.md +126 -0
package/.mindforge/skills/database-patterns/SKILL.md +192 -0
package/.mindforge/skills/documentation/SKILL.md +91 -0
package/.mindforge/skills/incident-response/SKILL.md +180 -0
package/.mindforge/skills/performance/SKILL.md +120 -0
package/.mindforge/skills/security-review/SKILL.md +83 -0
package/.mindforge/skills/testing-standards/SKILL.md +97 -0
package/.mindforge/team/TEAM-PROFILE.md +42 -0
package/.mindforge/team/multi-handoff.md +23 -0
package/.mindforge/team/profiles/README.md +13 -0
package/.mindforge/team/session-merger.md +18 -0
package/.planning/ARCHITECTURE.md +0 -0
package/.planning/AUDIT.jsonl +0 -0
package/.planning/HANDOFF.json +28 -0
package/.planning/PROJECT.md +33 -0
package/.planning/RELEASE-CHECKLIST.md +68 -0
package/.planning/REQUIREMENTS.md +0 -0
package/.planning/ROADMAP.md +0 -0
package/.planning/STATE.md +31 -0
package/.planning/approvals/.gitkeep +1 -0
package/.planning/archive/.gitkeep +1 -0
package/.planning/audit-archive/.gitkeep +1 -0
package/.planning/decisions/.gitkeep +0 -0
package/.planning/decisions/ADR-001-handoff-tracking.md +41 -0
package/.planning/decisions/ADR-002-markdown-commands.md +46 -0
package/.planning/decisions/ADR-003-skills-trigger-model.md +37 -0
package/.planning/decisions/ADR-004-wave-parallelism-model.md +45 -0
package/.planning/decisions/ADR-005-append-only-audit-log.md +51 -0
package/.planning/decisions/ADR-006-tiered-skills-system.md +22 -0
package/.planning/decisions/ADR-007-trigger-keyword-model.md +22 -0
package/.planning/decisions/ADR-008-just-in-time-skill-loading.md +29 -0
package/.planning/decisions/ADR-009-enterprise-integration-retry-policy.md +8 -0
package/.planning/decisions/ADR-010-governance-tier-escalation.md +8 -0
package/.planning/decisions/ADR-011-multi-developer-handoff-contract.md +8 -0
package/.planning/decisions/ADR-012-intelligence-feedback-loops.md +19 -0
package/.planning/decisions/ADR-013-mindforge-md-constitution.md +16 -0
package/.planning/decisions/ADR-014-metrics-as-signals-not-evaluation.md +15 -0
package/.planning/decisions/ADR-015-npm-based-skill-registry.md +26 -0
package/.planning/decisions/ADR-016-ci-exit-code-0-on-timeout.md +27 -0
package/.planning/decisions/ADR-017-sdk-localhost-only.md +28 -0
package/.planning/decisions/ADR-018-installer-self-install-detection.md +15 -0
package/.planning/decisions/ADR-019-self-update-scope-preservation.md +14 -0
package/.planning/decisions/ADR-020-v1.0.0-stable-interface-contract.md +23 -0
package/.planning/jira-sync.json +9 -0
package/.planning/milestones/.gitkeep +1 -0
package/.planning/phases/day1/REVIEW-DAY1.md +50 -0
package/.planning/phases/day1/SECURITY-REVIEW-DAY1.md +15 -0
package/.planning/phases/day2/REVIEW-DAY2.md +521 -0
package/.planning/phases/day3/REVIEW-DAY3.md +234 -0
package/.planning/slack-threads.json +6 -0
package/CHANGELOG.md +175 -0
package/LICENSE +21 -0
package/MINDFORGE.md +76 -0
package/README.md +182 -0
package/RELEASENOTES.md +41 -0
package/SECURITY.md +4 -0
package/bin/install.js +120 -0
package/bin/installer-core.js +292 -0
package/bin/migrations/0.1.0-to-0.5.0.js +37 -0
package/bin/migrations/0.5.0-to-0.6.0.js +17 -0
package/bin/migrations/0.6.0-to-1.0.0.js +100 -0
package/bin/migrations/migrate.js +151 -0
package/bin/migrations/schema-versions.js +64 -0
package/bin/updater/changelog-fetcher.js +62 -0
package/bin/updater/self-update.js +169 -0
package/bin/updater/version-comparator.js +68 -0
package/bin/validate-config.js +92 -0
package/bin/wizard/config-generator.js +112 -0
package/bin/wizard/environment-detector.js +76 -0
package/bin/wizard/setup-wizard.js +237 -0
package/docs/Context/Master-Context.md +701 -0
package/docs/architecture/README.md +35 -0
package/docs/architecture/decision-records-index.md +26 -0
package/docs/ci-cd-integration.md +30 -0
package/docs/ci-quickstart.md +78 -0
package/docs/commands-reference.md +11 -0
package/docs/contributing/CONTRIBUTING.md +38 -0
package/docs/contributing/plugin-authoring.md +50 -0
package/docs/contributing/skill-authoring.md +41 -0
package/docs/enterprise-setup.md +25 -0
package/docs/faq.md +38 -0
package/docs/getting-started.md +36 -0
package/docs/governance-guide.md +23 -0
package/docs/mindforge-md-reference.md +53 -0
package/docs/monorepo-guide.md +26 -0
package/docs/persona-customisation.md +56 -0
package/docs/quick-verify.md +33 -0
package/docs/reference/audit-events.md +53 -0
package/docs/reference/commands.md +82 -0
package/docs/reference/config-reference.md +64 -0
package/docs/reference/sdk-api.md +48 -0
package/docs/reference/skills-api.md +57 -0
package/docs/release-checklist-guide.md +37 -0
package/docs/requirements.md +29 -0
package/docs/sdk-reference.md +27 -0
package/docs/security/SECURITY.md +42 -0
package/docs/security/penetration-test-results.md +31 -0
package/docs/security/threat-model.md +142 -0
package/docs/skills-authoring-guide.md +119 -0
package/docs/skills-publishing-guide.md +21 -0
package/docs/team-setup-guide.md +21 -0
package/docs/troubleshooting.md +119 -0
package/docs/tutorial.md +195 -0
package/docs/upgrade.md +44 -0
package/docs/user-guide.md +131 -0
package/docs/usp-features.md +214 -0
package/eslint.config.mjs +31 -0
package/examples/starter-project/.planning/AUDIT.jsonl +1 -0
package/examples/starter-project/.planning/HANDOFF.json +23 -0
package/examples/starter-project/.planning/PROJECT.md +27 -0
package/examples/starter-project/.planning/STATE.md +10 -0
package/examples/starter-project/MINDFORGE.md +40 -0
package/examples/starter-project/README.md +14 -0
package/implementation-roadmap/day-1-imp/DAY1-HARDEN.md +823 -0
package/implementation-roadmap/day-1-imp/DAY1-IMPLEMENT.md +2459 -0
package/implementation-roadmap/day-1-imp/DAY1-REVIEW.md +288 -0
package/implementation-roadmap/day-2-imp/DAY2-HARDEN.md +954 -0
package/implementation-roadmap/day-2-imp/DAY2-IMPLEMENT.md +2347 -0
package/implementation-roadmap/day-2-imp/DAY2-REVIEW.md +422 -0
package/implementation-roadmap/day-3-imp/DAY3-HARDEN.md +870 -0
package/implementation-roadmap/day-3-imp/DAY3-IMPLEMENT.md +2798 -0
package/implementation-roadmap/day-3-imp/DAY3-REVIEW.md +484 -0
package/implementation-roadmap/day-4-imp/DAY4-HARDEN.md +1087 -0
package/implementation-roadmap/day-4-imp/DAY4-IMPLEMENT.md +2874 -0
package/implementation-roadmap/day-4-imp/DAY4-REVIEW.md +386 -0
package/implementation-roadmap/day-5-imp/DAY5-HARDEN.md +1078 -0
package/implementation-roadmap/day-5-imp/DAY5-IMPLEMENT.md +3151 -0
package/implementation-roadmap/day-5-imp/DAY5-REVIEW.md +345 -0
package/implementation-roadmap/day-6-imp/DAY6-COMPLETE.md +3919 -0
package/implementation-roadmap/day-7-imp-prod/DAY7-PRODUCTION-FINAL.md +4513 -0
package/package.json +31 -0
package/sdk/README.md +69 -0
package/sdk/eslint.config.mjs +34 -0
package/sdk/package-lock.json +1507 -0
package/sdk/package.json +30 -0
package/sdk/src/client.ts +133 -0
package/sdk/src/commands.ts +63 -0
package/sdk/src/events.ts +166 -0
package/sdk/src/index.ts +22 -0
package/sdk/src/types.ts +87 -0
package/sdk/tsconfig.json +13 -0
package/tests/audit.test.js +206 -0
package/tests/ci-mode.test.js +162 -0
package/tests/compaction.test.js +161 -0
package/tests/distribution.test.js +205 -0
package/tests/e2e.test.js +618 -0
package/tests/governance.test.js +130 -0
package/tests/install.test.js +209 -0
package/tests/integrations.test.js +128 -0
package/tests/intelligence.test.js +117 -0
package/tests/metrics.test.js +96 -0
package/tests/migration.test.js +309 -0
package/tests/production.test.js +416 -0
package/tests/sdk.test.js +200 -0
package/tests/skills-platform.test.js +403 -0
package/tests/wave-engine.test.js +338 -0

package/tests/audit.test.js ADDED Viewed

@@ -0,0 +1,206 @@
+/**
+ * MindForge Audit System Tests
+ * Run: node tests/audit.test.js
+ */
+const fs = require('fs');
+const path = require('path');
+const assert = require('assert');
+let passed = 0;
+let failed = 0;
+function test(name, fn) {
+  try {
+    fn();
+    console.log(`  ✅ ${name}`);
+    passed++;
+  } catch (err) {
+    console.error(`  ❌ ${name}`);
+    console.error(`     ${err.message}`);
+    failed++;
+  }
+}
+// ── Audit utility functions to test ──────────────────────────────────────────
+function validateAuditEntry(entry) {
+  const required = ['id', 'timestamp', 'event', 'agent', 'session_id'];
+  const missing = required.filter(f => !entry[f]);
+  if (missing.length > 0) {
+    throw new Error(`Missing required fields: ${missing.join(', ')}`);
+  }
+  const ts = new Date(entry.timestamp);
+  if (isNaN(ts.getTime())) throw new Error(`Invalid timestamp: ${entry.timestamp}`);
+  if (!/^[0-9a-f-]{36}$/.test(entry.id)) throw new Error(`Invalid UUID format: ${entry.id}`);
+}
+function parseAuditLog(content) {
+  return content.trim().split('\n')
+    .filter(line => line.trim())
+    .map((line, index) => {
+      try {
+        return JSON.parse(line);
+      } catch (e) {
+        throw new Error(`Line ${index + 1} is not valid JSON: ${line.slice(0, 50)}...`);
+      }
+    });
+}
+// ── Tests ─────────────────────────────────────────────────────────────────────
+console.log('\nMindForge Day 2 — Audit System Tests\n');
+console.log('AUDIT.jsonl file:');
+test('AUDIT.jsonl exists', () => {
+  assert.ok(fs.existsSync('.planning/AUDIT.jsonl'), 'AUDIT.jsonl not found');
+});
+test('AUDIT.jsonl is valid (empty or valid JSONL)', () => {
+  const content = fs.readFileSync('.planning/AUDIT.jsonl', 'utf8');
+  if (content.trim().length === 0) return;
+  parseAuditLog(content);
+});
+console.log('\nAudit entry validation:');
+test('valid task_completed entry passes validation', () => {
+  const entry = {
+    id: '550e8400-e29b-41d4-a716-446655440000',
+    timestamp: new Date().toISOString(),
+    event: 'task_completed',
+    agent: 'mindforge-subagent-01',
+    phase: 1,
+    plan: '01',
+    session_id: 'sess_test',
+    task_name: 'Create user model',
+    commit_sha: 'abc1234',
+    verify_result: 'pass'
+  };
+  assert.doesNotThrow(() => validateAuditEntry(entry));
+});
+test('entry missing required field fails validation', () => {
+  const entry = {
+    timestamp: new Date().toISOString(),
+    event: 'task_completed',
+    agent: 'mindforge-subagent-01',
+  };
+  assert.throws(() => validateAuditEntry(entry), /Missing required fields/);
+});
+test('entry with invalid timestamp fails validation', () => {
+  const entry = {
+    id: '550e8400-e29b-41d4-a716-446655440000',
+    timestamp: 'not-a-date',
+    event: 'task_completed',
+    agent: 'mindforge-subagent-01',
+    session_id: 'sess_test',
+  };
+  assert.throws(() => validateAuditEntry(entry), /Invalid timestamp/);
+});
+test('JSONL parser handles multi-line audit log', () => {
+  const multiLine = [
+    '{"id":"550e8400-e29b-41d4-a716-446655440000","timestamp":"2026-03-20T10:00:00.000Z","event":"task_started","agent":"test","session_id":"s1"}',
+    '{"id":"550e8400-e29b-41d4-a716-446655440001","timestamp":"2026-03-20T10:05:00.000Z","event":"task_completed","agent":"test","session_id":"s1"}',
+  ].join('\n');
+  const entries = parseAuditLog(multiLine);
+  assert.strictEqual(entries.length, 2);
+  assert.strictEqual(entries[0].event, 'task_started');
+  assert.strictEqual(entries[1].event, 'task_completed');
+});
+test('JSONL parser rejects malformed JSON', () => {
+  const badLine = '{"id":"abc","timestamp": bad json}';
+  assert.throws(() => parseAuditLog(badLine), /not valid JSON/);
+});
+console.log('\nAudit schema files:');
+test('AUDIT-SCHEMA.md exists and has content', () => {
+  const schemaPath = '.mindforge/audit/AUDIT-SCHEMA.md';
+  assert.ok(fs.existsSync(schemaPath), 'AUDIT-SCHEMA.md not found');
+  const content = fs.readFileSync(schemaPath, 'utf8');
+  assert.ok(content.length > 500, 'AUDIT-SCHEMA.md seems too short');
+  assert.ok(content.includes('task_completed'), 'Missing task_completed event type');
+  assert.ok(content.includes('security_finding'), 'Missing security_finding event type');
+  assert.ok(content.includes('context_compaction'), 'Missing context_compaction event type');
+});
+test('HANDOFF.json has _warning anti-secret field', () => {
+  const handoff = JSON.parse(fs.readFileSync('.planning/HANDOFF.json', 'utf8'));
+  assert.ok(handoff._warning, 'Missing _warning anti-secret field in HANDOFF.json');
+  assert.ok(handoff._warning.toLowerCase().includes('secret'), 'Warning should mention secrets');
+});
+console.log('\nAdditional audit tests:');
+test('validates security_finding event type', () => {
+  const entry = {
+    id: '550e8400-e29b-41d4-a716-446655440002',
+    timestamp: new Date().toISOString(),
+    event: 'security_finding',
+    agent: 'mindforge-security-reviewer',
+    phase: 1,
+    session_id: 'sess_test',
+    severity: 'HIGH',
+    owasp_category: 'A03:Injection',
+    finding: 'SQL query built by string concatenation',
+    file: 'src/api/search.ts',
+    line: 42,
+    remediated: false
+  };
+  assert.doesNotThrow(() => validateAuditEntry(entry));
+  assert.strictEqual(entry.event, 'security_finding');
+});
+test('validates context_compaction event type', () => {
+  const entry = {
+    id: '550e8400-e29b-41d4-a716-446655440003',
+    timestamp: new Date().toISOString(),
+    event: 'context_compaction',
+    agent: 'mindforge-orchestrator',
+    phase: 2,
+    plan: '03',
+    session_id: 'sess_test',
+    context_usage_pct: 72,
+    handoff_written: true
+  };
+  assert.doesNotThrow(() => validateAuditEntry(entry));
+});
+test('rejects entry with malformed UUID', () => {
+  const entry = {
+    id: 'not-a-uuid',
+    timestamp: new Date().toISOString(),
+    event: 'task_completed',
+    agent: 'test',
+    session_id: 'sess_test'
+  };
+  assert.throws(() => validateAuditEntry(entry), /Invalid UUID/);
+});
+test('AUDIT.jsonl contains no secrets', () => {
+  const content = fs.readFileSync('.planning/AUDIT.jsonl', 'utf8');
+  const secretPatterns = [
+    /password\\s*["']?\\s*:\\s*["'][^"']{6,}/i,
+    /sk-[a-zA-Z0-9]{20,}/,
+    /-----BEGIN.*KEY-----/,
+  ];
+  secretPatterns.forEach(pattern => {
+    assert.ok(!pattern.test(content), `Potential secret found in AUDIT.jsonl`);
+  });
+});
+// ── Results ───────────────────────────────────────────────────────────────────
+console.log(`\n${'─'.repeat(50)}`);
+console.log(`Results: ${passed} passed, ${failed} failed`);
+if (failed > 0) {
+  console.error(`\n❌ ${failed} test(s) failed.\n`);
+  process.exit(1);
+} else {
+  console.log(`\n✅ All audit tests passed.\n`);
+}

package/tests/ci-mode.test.js ADDED Viewed

@@ -0,0 +1,162 @@
+/**
+ * MindForge Day 6 — CI Mode Tests
+ * Run: node tests/ci-mode.test.js
+ */
+'use strict';
+const fs = require('fs'), assert = require('assert');
+let passed = 0, failed = 0;
+function test(name, fn) {
+  try { fn(); console.log(`  ✅ ${name}`); passed++; }
+  catch(e) { console.error(`  ❌ ${name}\n     ${e.message}`); failed++; }
+}
+const read = p => fs.existsSync(p) ? fs.readFileSync(p, 'utf8') : '';
+// ── CI mode detection simulation ──────────────────────────────────────────────
+function isCiMode() {
+  return process.env.CI === 'true' ||
+         process.env.MINDFORGE_CI === 'true' ||
+         process.stdin.isTTY === false;
+}
+// ── GitHub annotations format ─────────────────────────────────────────────────
+function formatGitHubAnnotation(level, message, file, line) {
+  const loc = file ? ` file=${file}${line ? `,line=${line}` : ''}` : '';
+  return `::${level}${loc}::${message}`;
+}
+// ── Tier3 CI block simulation ─────────────────────────────────────────────────
+function checkCiTierPolicy(tier, ciAutoApproveTier2 = false) {
+  if (tier === 1) return 'auto-approved';
+  if (tier === 2) return ciAutoApproveTier2 ? 'auto-approved' : 'blocked';
+  if (tier === 3) return 'blocked'; // Always blocked in CI
+  return 'unknown';
+}
+console.log('\nMindForge Day 6 — CI Mode Tests\n');
+console.log('CI engine files:');
+['ci-mode.md','github-actions-adapter.md','gitlab-ci-adapter.md'].forEach(f => {
+  test(`${f} exists`, () => {
+    assert.ok(fs.existsSync(`.mindforge/ci/${f}`), `Missing: .mindforge/ci/${f}`);
+  });
+});
+console.log('\nCI mode detection:');
+test('isCiMode returns false in normal test environment', () => {
+  const origCI = process.env.CI;
+  delete process.env.CI;
+  delete process.env.MINDFORGE_CI;
+  // In test environment, stdin.isTTY may be false — we test the env var logic only
+  const ciFromEnv = process.env.CI === 'true' || process.env.MINDFORGE_CI === 'true';
+  assert.strictEqual(ciFromEnv, false, 'Should not be CI mode from env vars');
+  if (origCI) process.env.CI = origCI;
+});
+test('CI=true activates CI mode', () => {
+  process.env.MINDFORGE_CI = 'true';
+  assert.strictEqual(process.env.MINDFORGE_CI, 'true');
+  delete process.env.MINDFORGE_CI;
+});
+console.log('\nCI tier policy:');
+test('Tier 1 is always auto-approved in CI', () => {
+  assert.strictEqual(checkCiTierPolicy(1), 'auto-approved');
+});
+test('Tier 2 blocked by default in CI (safety-first)', () => {
+  assert.strictEqual(checkCiTierPolicy(2, false), 'blocked');
+});
+test('Tier 2 can be auto-approved in CI when configured', () => {
+  assert.strictEqual(checkCiTierPolicy(2, true), 'auto-approved');
+});
+test('Tier 3 is ALWAYS blocked in CI regardless of config', () => {
+  assert.strictEqual(checkCiTierPolicy(3, true), 'blocked');  // even with true
+  assert.strictEqual(checkCiTierPolicy(3, false), 'blocked');
+});
+console.log('\nGitHub annotations format:');
+test('notice annotation format is correct', () => {
+  const ann = formatGitHubAnnotation('notice', 'Task 3-01 completed', null, null);
+  assert.strictEqual(ann, '::notice::Task 3-01 completed');
+});
+test('error annotation with file and line is correct', () => {
+  const ann = formatGitHubAnnotation('error', 'TypeScript error', 'src/auth.ts', 47);
+  assert.strictEqual(ann, '::error file=src/auth.ts,line=47::TypeScript error');
+});
+test('warning annotation with file only (no line)', () => {
+  const ann = formatGitHubAnnotation('warning', 'Security finding', 'src/utils.ts', null);
+  assert.strictEqual(ann, '::warning file=src/utils.ts::Security finding');
+});
+console.log('\nGitHub Actions workflow:');
+test('github-actions-adapter.md defines mindforge-ci.yml structure', () => {
+  const c = read('.mindforge/ci/github-actions-adapter.md');
+  assert.ok(c.includes('mindforge-ci.yml') || c.includes('on:'), 'Should define GitHub Actions workflow');
+  assert.ok(c.includes('mindforge-health'), 'Should include health check job');
+  assert.ok(c.includes('mindforge-security'), 'Should include security scan job');
+});
+test('ci-mode.md defines Tier 3 block policy', () => {
+  const c = read('.mindforge/ci/ci-mode.md');
+  assert.ok(
+    (c.includes('Tier 3') && c.includes('block')) || c.includes('ALWAYS fails'),
+    'CI mode should block Tier 3 changes'
+  );
+});
+test('ci-mode.md has timeout configuration', () => {
+  const c = read('.mindforge/ci/ci-mode.md');
+  assert.ok(c.includes('timeout') || c.includes('TIMEOUT'), 'CI mode should have timeout config');
+});
+console.log('\nMonorepo support:');
+['workspace-detector.md','cross-package-planner.md','dependency-graph-builder.md'].forEach(f => {
+  test(`${f} exists`, () => {
+    assert.ok(fs.existsSync(`.mindforge/monorepo/${f}`), `Missing: .mindforge/monorepo/${f}`);
+  });
+});
+test('workspace-detector supports major monorepo types', () => {
+  const c = read('.mindforge/monorepo/workspace-detector.md');
+  ['nx', 'turborepo', 'lerna', 'pnpm'].forEach(type => {
+    assert.ok(c.includes(type), `Should support ${type} monorepo type`);
+  });
+});
+test('cross-package-planner has topological sort', () => {
+  const c = read('.mindforge/monorepo/cross-package-planner.md');
+  assert.ok(
+    c.includes('topological') || c.includes('dependency order') || c.includes('Execution order'),
+    'Should use topological sort for package order'
+  );
+});
+console.log('\nHardening-prompted CI tests:');
+test('ci-mode uses exit code 0 for timeout (not 2)', () => {
+  const c = read('.mindforge/ci/ci-mode.md');
+  assert.ok(
+    c.includes('exit 0') && (c.includes('timeout') || c.includes('Timeout')),
+    'Timeout should exit with code 0'
+  );
+  // Should NOT say exit 2 for timeout
+  const exit2ForTimeout = c.match(/timeout.*exit 2|exit 2.*timeout/is);
+  assert.ok(!exit2ForTimeout, 'Should not use exit 2 for timeout');
+});
+test('github-actions adapter has Tier 3 governance block with clear message', () => {
+  const c = read('.mindforge/ci/github-actions-adapter.md');
+  assert.ok(
+    c.includes('Tier 3') && c.includes('block'),
+    'Should explain Tier 3 CI block clearly'
+  );
+});
+console.log(`\n${'─'.repeat(50)}`);
+console.log(`Results: ${passed} passed, ${failed} failed`);
+if (failed > 0) { console.error(`\n❌ ${failed} test(s) failed.\n`); process.exit(1); }
+else { console.log(`\n✅ All CI mode tests passed.\n`); }

package/tests/compaction.test.js ADDED Viewed

@@ -0,0 +1,161 @@
+/**
+ * MindForge Context Compaction Tests
+ * Run: node tests/compaction.test.js
+ */
+const fs = require('fs');
+const assert = require('assert');
+let passed = 0;
+let failed = 0;
+function test(name, fn) {
+  try {
+    fn();
+    console.log(`  ✅ ${name}`);
+    passed++;
+  } catch (err) {
+    console.error(`  ❌ ${name}`);
+    console.error(`     ${err.message}`);
+    failed++;
+  }
+}
+// ── Compaction state validator ─────────────────────────────────────────────────
+function validateHandoffJson(obj) {
+  const required = ['schema_version', 'next_task', '_warning', 'context_refs'];
+  const missing = required.filter(f => obj[f] === undefined);
+  if (missing.length > 0) throw new Error(`Missing: ${missing.join(', ')}`);
+  if (!Array.isArray(obj.context_refs)) throw new Error('context_refs must be an array');
+  if (!Array.isArray(obj.blockers)) throw new Error('blockers must be an array');
+  if (obj._warning.toLowerCase().includes('password') === false &&
+      obj._warning.toLowerCase().includes('secret') === false) {
+    throw new Error('_warning must mention secrets/passwords');
+  }
+}
+function validateStateHasCompactionCheckpoint(content) {
+  return content.includes('Compaction checkpoint') || content.includes('compaction');
+}
+// ── Tests ─────────────────────────────────────────────────────────────────────
+console.log('\nMindForge Day 2 — Context Compaction Tests\n');
+console.log('HANDOFF.json schema validation:');
+test('HANDOFF.json exists', () => {
+  assert.ok(fs.existsSync('.planning/HANDOFF.json'));
+});
+test('HANDOFF.json is valid JSON', () => {
+  const content = fs.readFileSync('.planning/HANDOFF.json', 'utf8');
+  assert.doesNotThrow(() => JSON.parse(content));
+});
+test('HANDOFF.json has all required fields', () => {
+  const obj = JSON.parse(fs.readFileSync('.planning/HANDOFF.json', 'utf8'));
+  validateHandoffJson(obj);
+});
+test('HANDOFF.json schema_version is 1.0.0', () => {
+  const obj = JSON.parse(fs.readFileSync('.planning/HANDOFF.json', 'utf8'));
+  assert.strictEqual(obj.schema_version, '1.0.0');
+});
+test('HANDOFF.json context_refs is an array', () => {
+  const obj = JSON.parse(fs.readFileSync('.planning/HANDOFF.json', 'utf8'));
+  assert.ok(Array.isArray(obj.context_refs));
+});
+test('HANDOFF.json blockers is an array', () => {
+  const obj = JSON.parse(fs.readFileSync('.planning/HANDOFF.json', 'utf8'));
+  assert.ok(Array.isArray(obj.blockers));
+});
+test('HANDOFF.json decisions_needed is an array', () => {
+  const obj = JSON.parse(fs.readFileSync('.planning/HANDOFF.json', 'utf8'));
+  assert.ok(Array.isArray(obj.decisions_needed));
+});
+console.log('\nCompaction protocol file:');
+test('compaction-protocol.md exists', () => {
+  assert.ok(
+    fs.existsSync('.mindforge/engine/compaction-protocol.md'),
+    'compaction-protocol.md not found'
+  );
+});
+test('compaction-protocol.md mentions 70% threshold', () => {
+  const content = fs.readFileSync('.mindforge/engine/compaction-protocol.md', 'utf8');
+  assert.ok(content.includes('70%'), 'Should specify 70% compaction threshold');
+});
+test('compaction-protocol.md has all 6 steps', () => {
+  const content = fs.readFileSync('.mindforge/engine/compaction-protocol.md', 'utf8');
+  assert.ok(content.includes('Step 1'), 'Missing Step 1');
+  assert.ok(content.includes('Step 2'), 'Missing Step 2');
+  assert.ok(content.includes('Step 3'), 'Missing Step 3');
+  assert.ok(content.includes('Step 4'), 'Missing Step 4');
+  assert.ok(content.includes('Step 5'), 'Missing Step 5');
+  assert.ok(content.includes('Step 6'), 'Missing Step 6');
+});
+test('compaction-protocol.md covers session restart procedure', () => {
+  const content = fs.readFileSync('.mindforge/engine/compaction-protocol.md', 'utf8');
+  assert.ok(
+    content.includes('Session restart') || content.includes('restart from HANDOFF'),
+    'Should cover session restart from HANDOFF.json'
+  );
+});
+console.log('\nAdditional compaction tests:');
+test('HANDOFF.json has recent_commits field', () => {
+  const obj = JSON.parse(fs.readFileSync('.planning/HANDOFF.json', 'utf8'));
+  assert.ok('recent_commits' in obj, 'Missing recent_commits field');
+  assert.ok(Array.isArray(obj.recent_commits), 'recent_commits must be an array');
+});
+test('HANDOFF.json has recent_files field', () => {
+  const obj = JSON.parse(fs.readFileSync('.planning/HANDOFF.json', 'utf8'));
+  assert.ok('recent_files' in obj, 'Missing recent_files field');
+  assert.ok(Array.isArray(obj.recent_files), 'recent_files must be an array');
+});
+test('compaction-protocol.md covers WIP commit with --no-verify', () => {
+  const content = fs.readFileSync('.mindforge/engine/compaction-protocol.md', 'utf8');
+  assert.ok(
+    content.includes('--no-verify') || content.includes('no-verify'),
+    'Should mention --no-verify for WIP commits that bypass hooks'
+  );
+});
+test('compaction-protocol.md covers staleness detection', () => {
+  const content = fs.readFileSync('.mindforge/engine/compaction-protocol.md', 'utf8');
+  assert.ok(
+    content.includes('48 hours') || content.includes('staleness') || content.includes('stale'),
+    'Should cover HANDOFF.json staleness detection'
+  );
+});
+test('compaction-protocol.md mentions 85% emergency compaction', () => {
+  const content = fs.readFileSync('.mindforge/engine/compaction-protocol.md', 'utf8');
+  assert.ok(
+    content.includes('85%') || content.includes('emergency'),
+    'Should cover emergency compaction when 85%+ context is reached'
+  );
+});
+// ── Results ───────────────────────────────────────────────────────────────────
+console.log(`\n${'─'.repeat(50)}`);
+console.log(`Results: ${passed} passed, ${failed} failed`);
+if (failed > 0) {
+  console.error(`\n❌ ${failed} test(s) failed.\n`);
+  process.exit(1);
+} else {
+  console.log(`\n✅ All compaction tests passed.\n`);
+}