npm - nexarch - Versions diffs - 0.6.1 → 0.6.3 - Mend

nexarch 0.6.1 → 0.6.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/commands/check-in.js +0 -2
package/dist/commands/policy-audit-submit.js +138 -0
package/dist/commands/policy-controls.js +52 -0
package/dist/index.js +16 -0
package/package.json +1 -1

package/dist/commands/check-in.js CHANGED Viewed

@@ -138,8 +138,6 @@ export async function checkIn(args) {
     console.log(`Type       : ${cmd.command_type}`);
     console.log(`Target     : ${cmd.target_entity_key ?? "(any)"}`);
     console.log(`Priority   : ${cmd.priority}`);
-    if (cmd.resolved_execution_mode)
-        console.log(`Mode       : ${cmd.resolved_execution_mode}`);
     if (cmd.resolved_runtime_handler)
         console.log(`Runtime    : ${cmd.resolved_runtime_handler}`);
     if (cmd.command_type_version != null)

package/dist/commands/policy-audit-submit.js ADDED Viewed

@@ -0,0 +1,138 @@
+import process from "process";
+import { existsSync, readFileSync } from "fs";
+import { join } from "path";
+import { homedir } from "os";
+import { requireCredentials } from "../lib/credentials.js";
+import { callMcpTool } from "../lib/mcp.js";
+function parseFlag(args, flag) {
+    return args.includes(flag);
+}
+function parseOptionValue(args, option) {
+    const idx = args.indexOf(option);
+    if (idx === -1)
+        return null;
+    const v = args[idx + 1];
+    if (!v || v.startsWith("--"))
+        return null;
+    return v;
+}
+function parseMultiOptionValues(args, option) {
+    const values = [];
+    for (let i = 0; i < args.length; i += 1) {
+        if (args[i] !== option)
+            continue;
+        const v = args[i + 1];
+        if (!v || v.startsWith("--"))
+            continue;
+        values.push(v);
+    }
+    return values;
+}
+function parseToolText(result) {
+    const text = result.content?.[0]?.text ?? "{}";
+    return JSON.parse(text);
+}
+function loadIdentityAgentKey() {
+    const identityPath = join(homedir(), ".nexarch", "identity.json");
+    if (!existsSync(identityPath))
+        return null;
+    try {
+        const data = JSON.parse(readFileSync(identityPath, "utf8"));
+        return data.agentKey ?? null;
+    }
+    catch {
+        return null;
+    }
+}
+function parseFindingToken(token) {
+    const [policyControlId, policyRuleId, resultRaw, rationaleRaw, missingRaw] = token.split("|");
+    const result = (resultRaw ?? "").trim().toLowerCase();
+    if (!policyControlId?.trim() || !policyRuleId?.trim() || !result) {
+        throw new Error("Each --finding must be: <policyControlId>|<policyRuleId>|<pass|partial|fail>|<rationale>|<missing1;missing2>");
+    }
+    if (result !== "pass" && result !== "partial" && result !== "fail") {
+        throw new Error(`Invalid finding result '${resultRaw}'. Use pass|partial|fail.`);
+    }
+    return {
+        policyControlId: policyControlId.trim(),
+        policyRuleId: policyRuleId.trim(),
+        result,
+        ...(rationaleRaw?.trim() ? { rationale: rationaleRaw.trim() } : {}),
+        ...(missingRaw?.trim() ? { missingRequirements: missingRaw.split(";").map((m) => m.trim()).filter(Boolean) } : {}),
+    };
+}
+function parseFindings(args) {
+    const findingsJson = parseOptionValue(args, "--findings-json");
+    if (findingsJson) {
+        let parsed;
+        try {
+            parsed = JSON.parse(findingsJson);
+        }
+        catch {
+            throw new Error("--findings-json must be valid JSON array");
+        }
+        if (!Array.isArray(parsed) || parsed.length === 0) {
+            throw new Error("--findings-json must be a non-empty JSON array");
+        }
+        return parsed.map((item) => {
+            const value = item;
+            const result = String(value.result ?? "").toLowerCase();
+            if (!value.policyControlId || !value.policyRuleId || !result) {
+                throw new Error("Each finding must include policyControlId, policyRuleId, result");
+            }
+            if (result !== "pass" && result !== "partial" && result !== "fail") {
+                throw new Error(`Invalid finding result '${String(value.result)}'. Use pass|partial|fail.`);
+            }
+            return {
+                policyControlId: String(value.policyControlId),
+                policyRuleId: String(value.policyRuleId),
+                result,
+                ...(value.rationale ? { rationale: String(value.rationale) } : {}),
+                ...(Array.isArray(value.missingRequirements) ? { missingRequirements: value.missingRequirements.map(String) } : {}),
+            };
+        });
+    }
+    const tokens = parseMultiOptionValues(args, "--finding");
+    if (tokens.length === 0) {
+        throw new Error("Provide findings via --finding (repeatable) or --findings-json '<json-array>'");
+    }
+    return tokens.map(parseFindingToken);
+}
+export async function policyAuditSubmit(args) {
+    const asJson = parseFlag(args, "--json");
+    const commandId = parseOptionValue(args, "--command-id") ?? parseOptionValue(args, "--id");
+    const applicationEntityKey = parseOptionValue(args, "--application-key") ?? parseOptionValue(args, "--entity");
+    const agentKey = parseOptionValue(args, "--agent-key") ?? loadIdentityAgentKey();
+    if (!commandId) {
+        console.error("error: --command-id <uuid> is required");
+        process.exit(1);
+    }
+    if (!applicationEntityKey) {
+        console.error("error: --application-key <externalKey> is required (e.g. application:bad-driving)");
+        process.exit(1);
+    }
+    const findings = parseFindings(args);
+    const creds = requireCredentials();
+    const raw = await callMcpTool("nexarch_submit_policy_audit", {
+        commandId,
+        applicationEntityKey,
+        ...(agentKey ? { agentKey } : {}),
+        findings,
+        companyId: creds.companyId,
+    }, { companyId: creds.companyId });
+    const result = parseToolText(raw);
+    if (asJson) {
+        process.stdout.write(JSON.stringify(result) + "\n");
+        return;
+    }
+    if (!result.ok) {
+        console.error(`Policy audit submit failed${result.error ? `: ${result.error}` : ""}`);
+        process.exit(1);
+    }
+    console.log(`Policy audit submitted for ${applicationEntityKey}.`);
+    if (result.runId)
+        console.log(`Run ID: ${result.runId}`);
+    if (result.summary) {
+        console.log(`Summary: ${result.summary.passCount ?? 0} pass, ${result.summary.partialCount ?? 0} partial, ${result.summary.failCount ?? 0} fail`);
+    }
+}

package/dist/commands/policy-controls.js ADDED Viewed

@@ -0,0 +1,52 @@
+import process from "process";
+import { requireCredentials } from "../lib/credentials.js";
+import { callMcpTool } from "../lib/mcp.js";
+function parseFlag(args, flag) {
+    return args.includes(flag);
+}
+function parseOptionValue(args, option) {
+    const idx = args.indexOf(option);
+    if (idx === -1)
+        return null;
+    const v = args[idx + 1];
+    if (!v || v.startsWith("--"))
+        return null;
+    return v;
+}
+function parseToolText(result) {
+    const text = result.content?.[0]?.text ?? "{}";
+    return JSON.parse(text);
+}
+export async function policyControls(args) {
+    const asJson = parseFlag(args, "--json");
+    const entity = parseOptionValue(args, "--entity") ?? parseOptionValue(args, "--application-key");
+    if (!entity) {
+        console.error("error: --entity <externalKey> is required (e.g. application:bad-driving)");
+        process.exit(1);
+    }
+    const creds = requireCredentials();
+    const raw = await callMcpTool("nexarch_get_entity_policy_controls", { entityExternalKey: entity, companyId: creds.companyId }, { companyId: creds.companyId });
+    const result = parseToolText(raw);
+    if (asJson) {
+        process.stdout.write(JSON.stringify(result) + "\n");
+        return;
+    }
+    if (!result.found) {
+        console.log(`Entity not found: ${entity}`);
+        return;
+    }
+    console.log(`Policy controls for ${result.entityExternalKey ?? entity}`);
+    console.log(`Controls: ${result.controlCount ?? 0}`);
+    for (const control of result.controls ?? []) {
+        const rules = control.rules ?? [];
+        console.log(`\n- ${control.name} (${control.id})`);
+        if (rules.length === 0) {
+            console.log("  (no rules)");
+            continue;
+        }
+        for (const rule of rules) {
+            const level = rule.requirementLevel ? ` [${rule.requirementLevel}]` : "";
+            console.log(`  • ${rule.name} (${rule.id})${level}`);
+        }
+    }
+}

package/dist/index.js CHANGED Viewed

@@ -15,6 +15,8 @@ import { resolveNames } from "./commands/resolve-names.js";
 import { checkIn } from "./commands/check-in.js";
 import { commandDone } from "./commands/command-done.js";
 import { commandFail } from "./commands/command-fail.js";
+import { policyControls } from "./commands/policy-controls.js";
+import { policyAuditSubmit } from "./commands/policy-audit-submit.js";
 const [, , command, ...args] = process.argv;
 const commands = {
     login,
@@ -33,6 +35,8 @@ const commands = {
     "check-in": checkIn,
     "command-done": commandDone,
     "command-fail": commandFail,
+    "policy-controls": policyControls,
+    "policy-audit-submit": policyAuditSubmit,
 };
 async function main() {
     if (command === "agent") {
@@ -129,6 +133,18 @@ Usage:
                       Options: --id <commandId>    (required)
                                --error <message>   (required)
                                --json
+  nexarch policy-controls
+                      Fetch policy controls/rules assigned to an entity (for policy audits).
+                      Options: --entity <externalKey>  (required, e.g. application:bad-driving)
+                               --json
+  nexarch policy-audit-submit
+                      Submit structured policy findings (writes policy_audit_finding rows).
+                      Options: --command-id <id>        (required)
+                               --application-key <key>  (required)
+                               --agent-key <key>        (optional; defaults from identity)
+                               --finding <controlId|ruleId|result|rationale|missing1;missing2> (repeatable)
+                               --findings-json <json-array>
+                               --json
     `);
         process.exit(command ? 1 : 0);
     }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "nexarch",
-  "version": "0.6.1",
+  "version": "0.6.3",
   "description": "Your architecture workspace for AI delivery.",
   "keywords": [
     "nexarch",