npm - nexarch - Versions diffs - 0.8.15 → 0.8.16 - Mend

nexarch 0.8.15 → 0.8.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/commands/init-agent.js +36 -11
package/dist/lib/trust.js +8 -6
package/package.json +1 -1

package/dist/commands/init-agent.js CHANGED Viewed

@@ -8,7 +8,7 @@ import { fetchAgentRegistryOrThrow } from "../lib/agent-registry.js";
 import { callMcpTool, mcpInitialize, mcpListTools } from "../lib/mcp.js";
 import { buildVersionAttributes } from "../lib/version-normalization.js";
 import { requestTrustAttestation } from "../lib/trust.js";
-const CLI_VERSION = "0.8.12";
+const CLI_VERSION = "0.8.16";
 const AGENT_ENTITY_TYPE = "agent";
 const TECH_COMPONENT_ENTITY_TYPE = "technology_component";
 function parseFlag(args, flag) {
@@ -288,12 +288,15 @@ After running, confirm \`"ok": true\` in the JSON output. No further action is n
     return filePath;
 }
 function replaceInjectedSection(existing, sectionHeading, sectionBody) {
-    const headingRegex = new RegExp(`^${sectionHeading.replace(/[.*+?^${}()|[\]\\]/g, "\\$&")}[\\s\\S]*?(?=^##\\s|\\Z)`, "m");
-    if (headingRegex.test(existing)) {
-        const replaced = existing.replace(headingRegex, sectionBody.trim());
-        return replaced.endsWith("\n") ? replaced : `${replaced}\n`;
-    }
-    return existing;
+    const escapedHeading = sectionHeading.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+    const blockRegex = new RegExp(`^${escapedHeading}[\\t ]*\\n[\\s\\S]*?(?=^##\\s|$)`, "gm");
+    const matches = existing.match(blockRegex);
+    if (!matches || matches.length === 0)
+        return existing;
+    const canonicalBlock = `${sectionBody.trim()}\n`;
+    let replaced = existing.replace(blockRegex, "");
+    replaced = replaced.replace(/\n{3,}/g, "\n\n").trimEnd();
+    return `${replaced}${replaced ? "\n\n" : ""}${canonicalBlock}`;
 }
 function injectAgentConfigs(registry) {
     const templateByCode = new Map(registry.instructionTemplates.map((t) => [t.code, t]));
@@ -323,6 +326,9 @@ function injectAgentConfigs(registry) {
                 writeFileSync(filePath, replaced, "utf8");
                 results.push({ path: filePath, status: "updated" });
             }
+            else if (existing.includes(sectionBody)) {
+                results.push({ path: filePath, status: "already_present" });
+            }
             else {
                 const separator = existing.endsWith("\n") ? "" : "\n";
                 writeFileSync(filePath, existing + separator + sectionBody + "\n", "utf8");
@@ -330,12 +336,12 @@ function injectAgentConfigs(registry) {
             }
             continue;
         }
-        const separator = existing.endsWith("\n") ? "" : "\n";
-        const next = existing + separator + sectionBody + "\n";
-        if (next === existing) {
+        if (existing.includes(sectionBody)) {
             results.push({ path: filePath, status: "already_present" });
         }
         else {
+            const separator = existing.endsWith("\n") ? "" : "\n";
+            const next = existing + separator + sectionBody + "\n";
             writeFileSync(filePath, next, "utf8");
             results.push({ path: filePath, status: "injected" });
         }
@@ -360,6 +366,7 @@ function injectTrustAttestationBlock(path, attestation) {
         `agent_id: ${attestation.payload.agent_id}`,
         `expires_at: ${expiresAt}`,
         `verify_url: ${verifyUrl}`,
+        `token: ${attestation.token}`,
         "",
     ].join("\n");
     const existing = existsSync(path) ? readFileSync(path, "utf8") : "";
@@ -973,6 +980,7 @@ export async function initAgent(args) {
     let agentConfigResults = [];
     let instructionsWriteAllowed = false;
     let trustAttestation = null;
+    let trustAttestationAttempted = false;
     if (registration.ok) {
         try {
             // Save identity so check-in can find the agent key
@@ -998,8 +1006,9 @@ export async function initAgent(args) {
                 agentConfigResults = injectGenericAgentConfig(registry);
             }
             if (agentConfigResults.length > 0) {
+                trustAttestationAttempted = true;
                 trustAttestation = await requestTrustAttestation(agentId);
-                if (trustAttestation?.ok) {
+                if (trustAttestation.ok) {
                     for (const r of agentConfigResults) {
                         try {
                             injectTrustAttestationBlock(r.path, trustAttestation);
@@ -1038,6 +1047,19 @@ export async function initAgent(args) {
                     ? `updated ${agentConfigResults.length} instruction target file(s)`
                     : "no runtime instruction target matched this repository (non-fatal; create AGENTS.md/CLAUDE.md or configure a generic target)",
     });
+    checks.push({
+        name: "agent.trust.attestation",
+        ok: !registration.ok || !instructionsWriteAllowed || !trustAttestationAttempted || Boolean(trustAttestation?.ok),
+        detail: !registration.ok
+            ? "skipped (registration failed)"
+            : !instructionsWriteAllowed
+                ? "skipped (consent not granted)"
+                : !trustAttestationAttempted
+                    ? "skipped (no instruction target written)"
+                    : trustAttestation?.ok
+                        ? "minted and injected into instruction file(s)"
+                        : `unavailable (${trustAttestation?.reason ?? "unknown"})`,
+    });
     checks.push({
         name: "technology.components",
         ok: techComponents.ok,
@@ -1152,6 +1174,9 @@ export async function initAgent(args) {
                     : `https://mcp.nexarch.ai${trustAttestation.verifyUrl}`;
                 console.log(`   Trust attestation verify URL: ${verifyUrl}`);
             }
+            else if (trustAttestationAttempted) {
+                console.log(`   Trust attestation unavailable (${trustAttestation?.reason ?? "unknown"}).`);
+            }
         }
         if (needsIdentityInput) {
             console.log("\nℹ Additional identity details are still needed to complete agent profile enrichment.");

package/dist/lib/trust.js CHANGED Viewed

@@ -26,20 +26,22 @@ export async function requestTrustAttestation(agentId) {
             res.on("data", (c) => chunks.push(c));
             res.on("end", () => {
                 try {
-                    const parsed = JSON.parse(Buffer.concat(chunks).toString("utf8"));
-                    if (!res.statusCode || res.statusCode >= 400)
-                        return resolve(null);
+                    const raw = Buffer.concat(chunks).toString("utf8");
+                    const parsed = JSON.parse(raw);
+                    if (!res.statusCode || res.statusCode >= 400) {
+                        return resolve({ ok: false, reason: parsed.error?.code ?? parsed.error?.message ?? `http_${res.statusCode ?? 0}` });
+                    }
                     resolve(parsed);
                 }
                 catch {
-                    resolve(null);
+                    resolve({ ok: false, reason: "parse_error" });
                 }
             });
         });
-        req.on("error", () => resolve(null));
+        req.on("error", () => resolve({ ok: false, reason: "network_error" }));
         req.on("timeout", () => {
             req.destroy();
-            resolve(null);
+            resolve({ ok: false, reason: "timeout" });
         });
         req.write(body);
         req.end();

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "nexarch",
-  "version": "0.8.15",
+  "version": "0.8.16",
   "description": "Your architecture workspace for AI delivery.",
   "keywords": [
     "nexarch",