peaks-cli 1.0.21 → 1.0.23

package/dist/src/services/mode/bypass-tracker.js

@@ -0,0 +1,31 @@
+import { existsSync, readFileSync, writeFileSync } from 'node:fs';
+import { join } from 'node:path';
+export const MAX_BYPASSES_PER_SESSION = 3;
+const BYPASS_FILE = '.bypass-count.json';
+function bypassFilePath(sessionRoot) {
+    return join(sessionRoot, BYPASS_FILE);
+}
+export function getBypassCount(sessionRoot) {
+    const filePath = bypassFilePath(sessionRoot);
+    if (!existsSync(filePath)) {
+        return 0;
+    }
+    try {
+        const raw = readFileSync(filePath, 'utf8');
+        const parsed = JSON.parse(raw);
+        return typeof parsed.count === 'number' ? parsed.count : 0;
+    }
+    catch {
+        return 0;
+    }
+}
+export function recordBypass(sessionRoot) {
+    const current = getBypassCount(sessionRoot);
+    const next = current + 1;
+    const filePath = bypassFilePath(sessionRoot);
+    writeFileSync(filePath, JSON.stringify({ count: next }, null, 2), 'utf8');
+    return next;
+}
+export function isBypassLimitReached(sessionRoot) {
+    return getBypassCount(sessionRoot) >= MAX_BYPASSES_PER_SESSION;
+}

package/dist/src/services/mode/mode-enforcement.d.ts

@@ -0,0 +1,14 @@
+import { type SkillPresenceMode } from '../skills/skill-presence-service.js';
+type TransitionKey = `${string}:${string}`;
+export declare function requiresConfirmation(mode: SkillPresenceMode, transitionKey: TransitionKey): boolean;
+export type ConfirmationOptions = {
+    projectRoot: string;
+    transitionKey: TransitionKey;
+    confirmed?: boolean | undefined;
+    forceConfirm?: boolean | undefined;
+};
+export declare class ConfirmationRequiredError extends Error {
+    constructor(transitionKey: TransitionKey);
+}
+export declare function requireUserConfirmation(options: ConfirmationOptions): Promise<void>;
+export {};

package/dist/src/services/mode/mode-enforcement.js

@@ -0,0 +1,81 @@
+import * as readline from 'node:readline';
+import { getSkillPresence } from '../skills/skill-presence-service.js';
+const ASSISTED_CONFIRM_TRANSITIONS = new Set([
+    'prd:confirmed-by-user',
+    'rd:qa-handoff',
+    'qa:verdict-issued'
+]);
+export function requiresConfirmation(mode, transitionKey) {
+    if (mode === 'full-auto' || mode === 'swarm') {
+        return false;
+    }
+    if (mode === 'strict') {
+        return true;
+    }
+    // assisted: only specific transitions
+    return ASSISTED_CONFIRM_TRANSITIONS.has(transitionKey);
+}
+function describeTransition(transitionKey) {
+    const parts = transitionKey.split(':');
+    const role = parts[0] ?? 'unknown';
+    const state = parts[1] ?? 'unknown';
+    return `Transition ${role.toUpperCase()} → ${state}`;
+}
+export class ConfirmationRequiredError extends Error {
+    constructor(transitionKey) {
+        const description = describeTransition(transitionKey);
+        super(`Confirmation required for: ${description}\n` +
+            'Add --confirm to proceed non-interactively, or run in an interactive terminal.\n' +
+            'In assisted/strict mode, major workflow boundaries require explicit user approval.');
+        this.name = 'ConfirmationRequiredError';
+    }
+}
+export async function requireUserConfirmation(options) {
+    const presence = getSkillPresence();
+    if (!presence?.mode) {
+        return;
+    }
+    const mode = presence.mode;
+    if (!requiresConfirmation(mode, options.transitionKey)) {
+        return;
+    }
+    // --confirm flag bypasses interactive prompt
+    if (options.confirmed) {
+        return;
+    }
+    // PEAKS_AUTO_CONFIRM=1 only works for full-auto/swarm (already returned above)
+    // For assisted/strict, env var is ignored unless --force-confirm is also set
+    if (process.env.PEAKS_AUTO_CONFIRM === '1') {
+        if (options.forceConfirm) {
+            console.error(`[WARNING] --force-confirm used in ${mode} mode. ` +
+                'This bypasses user confirmation. Use with caution.');
+            return;
+        }
+        throw new ConfirmationRequiredError(options.transitionKey);
+    }
+    // --force-confirm without env var
+    if (options.forceConfirm) {
+        console.error(`[WARNING] --force-confirm used in ${mode} mode. ` +
+            'This bypasses user confirmation. Use with caution.');
+        return;
+    }
+    // Interactive prompt
+    const rl = readline.createInterface({
+        input: process.stdin,
+        output: process.stderr
+    });
+    return new Promise((resolve, reject) => {
+        const description = describeTransition(options.transitionKey);
+        const prompt = `\n[CONFIRM] ${description}\nProceed? (y/N) `;
+        rl.question(prompt, (answer) => {
+            rl.close();
+            const normalized = answer.trim().toLowerCase();
+            if (normalized === 'y' || normalized === 'yes') {
+                resolve();
+            }
+            else {
+                reject(new ConfirmationRequiredError(options.transitionKey));
+            }
+        });
+    });
+}

package/dist/src/services/sc/sc-service.js

@@ -2,7 +2,7 @@ import { existsSync, lstatSync, readFileSync, realpathSync } from 'node:fs';
 import { execFileSync } from 'node:child_process';
 import { basename, relative, resolve } from 'node:path';
 import { isInsidePath } from '../../shared/path-utils.js';
-import { getCurrentWorkspaceConfig } from '../config/config-service.js';
+import { getWorkspaceConfigForPath } from '../config/config-service.js';
 import { getArtifactRemoteRepo, getArtifactWorkspaceStatus, getLocalArtifactPath } from '../artifacts/workspace-service.js';
 const REQUIRED_ARTIFACTS = [
     { name: 'retention-boundary.md', path: ['sc', 'retention-boundary.md'] },
@@ -109,7 +109,7 @@ function isRetainedArtifactFile(filePath, artifactWorkspacePath, changesRoot, ch
     }
 }
 export function getChangeTraceabilityStatus() {
-    const workspace = getCurrentWorkspaceConfig();
+    const workspace = getWorkspaceConfigForPath(process.cwd());
     const artifactStatus = getArtifactWorkspaceStatus(workspace?.workspaceId);
     if (!workspace) {
         return {
@@ -155,7 +155,7 @@ export function getChangeTraceabilityStatus() {
     };
 }
 export function createChangeImpact(options) {
-    const workspace = getCurrentWorkspaceConfig();
+    const workspace = getWorkspaceConfigForPath(process.cwd());
     const artifactRepo = workspace ? getArtifactRemoteRepo(workspace) : null;
     return {
         changeId: options.changeId,
@@ -193,7 +193,7 @@ export function createArtifactRetentionReport(options) {
     };
 }
 export function recordCommitBoundary(options) {
-    const workspace = getCurrentWorkspaceConfig();
+    const workspace = getWorkspaceConfigForPath(process.cwd());
     const artifactStatus = getArtifactWorkspaceStatus(workspace?.workspaceId);
     const commitHash = getCurrentCommitHash(workspace?.rootPath);
     return {
@@ -207,7 +207,7 @@ export function recordCommitBoundary(options) {
     };
 }
 export function validateArtifactRetention(sliceId) {
-    const workspace = getCurrentWorkspaceConfig();
+    const workspace = getWorkspaceConfigForPath(process.cwd());
     if (!workspace) {
         return {
             valid: false,

package/dist/src/services/scan/acceptance-coverage-service.js

@@ -9,16 +9,13 @@ function extractAcceptanceItems(prdBody) {
         return [];
     }
     // Find the line where the header starts.
-    let headerLine = -1;
+    let headerLine = 0;
     for (let i = 0; i < lines.length; i += 1) {
         if (ACCEPTANCE_SECTION_PATTERN.test((lines[i] ?? '') + '\n')) {
             headerLine = i;
             break;
         }
     }
-    if (headerLine === -1) {
-        return [];
-    }
     const items = [];
     let counter = 0;
     for (let i = headerLine + 1; i < lines.length; i += 1) {

package/dist/src/services/scan/archetype-service.js

@@ -101,13 +101,7 @@ async function countSrcFiles(projectRoot, max = 500) {
         const current = queue.shift();
         if (current === undefined)
             break;
-        let entries;
-        try {
-            entries = await readdir(current, { withFileTypes: true });
-        }
-        catch {
-            continue;
-        }
+        const entries = await readdir(current, { withFileTypes: true });
         for (const entry of entries) {
             if (entry.name.startsWith('.') || entry.name === 'node_modules')
                 continue;
@@ -129,14 +123,9 @@ async function lockfileAgeDays(projectRoot) {
     for (const candidate of candidates) {
         const full = join(projectRoot, candidate);
         if (await pathExists(full)) {
-            try {
-                const stats = await stat(full);
-                const ageMs = Date.now() - stats.mtimeMs;
-                return Math.floor(ageMs / (1000 * 60 * 60 * 24));
-            }
-            catch {
-                return null;
-            }
+            const stats = await stat(full);
+            const ageMs = Date.now() - stats.mtimeMs;
+            return Math.floor(ageMs / (1000 * 60 * 60 * 24));
         }
     }
     return null;

package/dist/src/services/scan/diff-scope-service.js

@@ -57,9 +57,9 @@ export function globToRegex(pattern) {
     }
     // If the pattern ends with no trailing slash and no extension wildcard, also allow it to match files under the path (treat as dir prefix)
     // E.g. `src/services/login` should match `src/services/login/handler.ts`.
-    if (!trimmed.includes('*') && !trimmed.includes('?') && !trimmed.includes('.')) {
-        body = `${body}(?:/.*)?`;
-    }
+    body = (!trimmed.includes("*") && !trimmed.includes("?") && !trimmed.includes("."))
+        ? `${body}(?:/.*)?`
+        : body;
     return new RegExp(`^${body}$`);
 }
 function classifyPatternLine(raw) {

package/dist/src/services/scan/file-size-scan.d.ts

@@ -0,0 +1,19 @@
+export declare const DEFAULT_FILE_SIZE_THRESHOLD = 800;
+export type FileSizeViolation = {
+    file: string;
+    lines: number;
+};
+export type FileSizeScanResult = {
+    ok: boolean;
+    threshold: number;
+    checkedFiles: number;
+    violations: FileSizeViolation[];
+};
+export type FileSizeScanOptions = {
+    projectRoot: string;
+    /** Compare working tree against this ref. Default 'HEAD'. */
+    baseRef?: string;
+    /** Line count threshold. Default 800. */
+    threshold?: number;
+};
+export declare function scanFileSize(options: FileSizeScanOptions): FileSizeScanResult;

package/dist/src/services/scan/file-size-scan.js

@@ -0,0 +1,39 @@
+import { execFileSync } from 'node:child_process';
+import { readFileSync } from 'node:fs';
+import { join } from 'node:path';
+export const DEFAULT_FILE_SIZE_THRESHOLD = 800;
+function getChangedFiles(projectRoot, baseRef) {
+    try {
+        const trackedRaw = execFileSync('git', ['-C', projectRoot, 'diff', '--name-only', baseRef], { encoding: 'utf8' });
+        const tracked = trackedRaw.split(/\r?\n/).map((line) => line.trim()).filter(Boolean);
+        const untrackedRaw = execFileSync('git', ['-C', projectRoot, 'ls-files', '--others', '--exclude-standard'], { encoding: 'utf8' });
+        const untracked = untrackedRaw.split(/\r?\n/).map((line) => line.trim()).filter(Boolean);
+        return Array.from(new Set([...tracked, ...untracked]));
+    }
+    catch {
+        return [];
+    }
+}
+function countLines(filePath) {
+    const content = readFileSync(filePath, 'utf8');
+    return content.split(/\r?\n/).length;
+}
+export function scanFileSize(options) {
+    const baseRef = options.baseRef ?? 'HEAD';
+    const threshold = options.threshold ?? DEFAULT_FILE_SIZE_THRESHOLD;
+    const files = getChangedFiles(options.projectRoot, baseRef);
+    const violations = [];
+    for (const file of files) {
+        const absolute = join(options.projectRoot, file);
+        const lines = countLines(absolute);
+        if (lines > threshold) {
+            violations.push({ file, lines });
+        }
+    }
+    return {
+        ok: violations.length === 0,
+        threshold,
+        checkedFiles: files.length,
+        violations
+    };
+}

package/dist/src/services/scan/type-sanity-service.js

@@ -78,9 +78,7 @@ function isConsistent(declared, suggested) {
     return suggested.includes(declared);
 }
 function buildRationale(declared, breakdown, suggested, consistent) {
-    const summary = breakdown.length === 0
-        ? 'no changed files detected'
-        : breakdown.map((entry) => `${entry.category}=${entry.count}`).join(', ');
+    const summary = breakdown.map((entry) => `${entry.category}=${entry.count}`).join(', ');
     if (consistent) {
         return `declared --type=${declared} is consistent with the changed files (${summary})`;
     }

package/dist/src/services/session/index.d.ts

@@ -0,0 +1 @@
+export { ensureSession, getSessionId, getCurrentSessionDir, listSessions, getProjectScanPath, hasProjectScan, type SessionInfo } from './session-manager.js';

package/dist/src/services/session/index.js

@@ -0,0 +1 @@
+export { ensureSession, getSessionId, getCurrentSessionDir, listSessions, getProjectScanPath, hasProjectScan } from './session-manager.js';

package/dist/src/services/session/session-manager.d.ts

@@ -0,0 +1,60 @@
+/**
+ * Session management service for Peaks artifact storage.
+ * Manages session lifecycle: creation, retrieval, and directory initialization.
+ *
+ * Sessions are automatically created when any skill is invoked.
+ * Each session gets a unique directory under .peaks/ with incrementing numbered files.
+ */
+export type SessionInfo = {
+    sessionId: string;
+    createdAt: string;
+    projectRoot: string;
+};
+/**
+ * Get or create the current session for a project.
+ * If a valid session already exists, returns it.
+ * Otherwise, creates a new session with auto-generated ID.
+ *
+ * @param projectRoot - Root directory of the project
+ * @returns Session ID (e.g., "2026-05-26-session-a3f8b1")
+ */
+export declare function ensureSession(projectRoot: string): Promise<string>;
+/**
+ * Get the current session ID without creating a new one.
+ * Returns null if no session exists.
+ *
+ * @param projectRoot - Root directory of the project
+ * @returns Session ID or null
+ */
+export declare function getSessionId(projectRoot: string): string | null;
+/**
+ * Get the absolute path to the current session directory.
+ * Creates the session if it doesn't exist.
+ *
+ * @param projectRoot - Root directory of the project
+ * @returns Absolute path to session directory (e.g., "/path/to/project/.peaks/2026-05-26-session-a3f8b1")
+ */
+export declare function getCurrentSessionDir(projectRoot: string): Promise<string>;
+/**
+ * List all session directories in the .peaks folder.
+ * Returns session IDs (directory names) sorted by date.
+ *
+ * @param projectRoot - Root directory of the project
+ * @returns Array of session IDs
+ */
+export declare function listSessions(projectRoot: string): string[];
+/**
+ * Get the path to project-scan.md for the current session.
+ * Creates the session if it doesn't exist.
+ *
+ * @param projectRoot - Root directory of the project
+ * @returns Absolute path to project-scan.md
+ */
+export declare function getProjectScanPath(projectRoot: string): Promise<string>;
+/**
+ * Check if project-scan.md exists for the current session.
+ *
+ * @param projectRoot - Root directory of the project
+ * @returns true if project-scan.md exists
+ */
+export declare function hasProjectScan(projectRoot: string): boolean;

package/dist/src/services/session/session-manager.js

@@ -0,0 +1,150 @@
+/**
+ * Session management service for Peaks artifact storage.
+ * Manages session lifecycle: creation, retrieval, and directory initialization.
+ *
+ * Sessions are automatically created when any skill is invoked.
+ * Each session gets a unique directory under .peaks/ with incrementing numbered files.
+ */
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { join } from 'node:path';
+import { randomBytes } from 'node:crypto';
+import { initWorkspace } from '../workspace/workspace-service.js';
+const SESSION_FILE = '.session.json';
+/**
+ * Generate a new session ID.
+ * Format: YYYY-MM-DD-session-<6位hex>
+ * Example: 2026-05-26-session-a3f8b1
+ */
+function generateSessionId() {
+    const now = new Date();
+    const year = now.getFullYear();
+    const month = String(now.getMonth() + 1).padStart(2, '0');
+    const day = String(now.getDate()).padStart(2, '0');
+    const date = `${year}-${month}-${day}`;
+    const random = randomBytes(3).toString('hex'); // 6位hex
+    return `${date}-session-${random}`;
+}
+/**
+ * Get the path to the session file for a project.
+ */
+function getSessionFilePath(projectRoot) {
+    return join(projectRoot, '.peaks', SESSION_FILE);
+}
+/**
+ * Read existing session info from disk.
+ * Returns null if no session file exists or if it's invalid.
+ */
+function readSessionFile(projectRoot) {
+    const sessionFile = getSessionFilePath(projectRoot);
+    if (!existsSync(sessionFile))
+        return null;
+    try {
+        const data = JSON.parse(readFileSync(sessionFile, 'utf8'));
+        if (data.sessionId && data.projectRoot === projectRoot) {
+            return data;
+        }
+        return null;
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Write session info to disk.
+ */
+function writeSessionFile(projectRoot, info) {
+    const sessionFile = getSessionFilePath(projectRoot);
+    const dir = join(projectRoot, '.peaks');
+    if (!existsSync(dir)) {
+        mkdirSync(dir, { recursive: true });
+    }
+    writeFileSync(sessionFile, JSON.stringify(info, null, 2), 'utf8');
+}
+/**
+ * Get or create the current session for a project.
+ * If a valid session already exists, returns it.
+ * Otherwise, creates a new session with auto-generated ID.
+ *
+ * @param projectRoot - Root directory of the project
+ * @returns Session ID (e.g., "2026-05-26-session-a3f8b1")
+ */
+export async function ensureSession(projectRoot) {
+    const existing = readSessionFile(projectRoot);
+    if (existing) {
+        return existing.sessionId;
+    }
+    const sessionId = generateSessionId();
+    const info = {
+        sessionId,
+        createdAt: new Date().toISOString(),
+        projectRoot
+    };
+    writeSessionFile(projectRoot, info);
+    await initWorkspace({ projectRoot, sessionId });
+    return sessionId;
+}
+/**
+ * Get the current session ID without creating a new one.
+ * Returns null if no session exists.
+ *
+ * @param projectRoot - Root directory of the project
+ * @returns Session ID or null
+ */
+export function getSessionId(projectRoot) {
+    const info = readSessionFile(projectRoot);
+    return info?.sessionId ?? null;
+}
+/**
+ * Get the absolute path to the current session directory.
+ * Creates the session if it doesn't exist.
+ *
+ * @param projectRoot - Root directory of the project
+ * @returns Absolute path to session directory (e.g., "/path/to/project/.peaks/2026-05-26-session-a3f8b1")
+ */
+export async function getCurrentSessionDir(projectRoot) {
+    const sessionId = await ensureSession(projectRoot);
+    return join(projectRoot, '.peaks', sessionId);
+}
+/**
+ * List all session directories in the .peaks folder.
+ * Returns session IDs (directory names) sorted by date.
+ *
+ * @param projectRoot - Root directory of the project
+ * @returns Array of session IDs
+ */
+export function listSessions(projectRoot) {
+    const peaksRoot = join(projectRoot, '.peaks');
+    if (!existsSync(peaksRoot))
+        return [];
+    const { readdirSync } = require('node:fs');
+    const entries = readdirSync(peaksRoot, { withFileTypes: true });
+    return entries
+        .filter((entry) => entry.isDirectory() && /^\d{4}-\d{2}-\d{2}-session-[a-f0-9]+$/.test(entry.name))
+        .map((entry) => entry.name)
+        .sort()
+        .reverse(); // Most recent first
+}
+/**
+ * Get the path to project-scan.md for the current session.
+ * Creates the session if it doesn't exist.
+ *
+ * @param projectRoot - Root directory of the project
+ * @returns Absolute path to project-scan.md
+ */
+export async function getProjectScanPath(projectRoot) {
+    const sessionId = await ensureSession(projectRoot);
+    return join(projectRoot, '.peaks', sessionId, 'rd', 'project-scan.md');
+}
+/**
+ * Check if project-scan.md exists for the current session.
+ *
+ * @param projectRoot - Root directory of the project
+ * @returns true if project-scan.md exists
+ */
+export function hasProjectScan(projectRoot) {
+    const info = readSessionFile(projectRoot);
+    if (!info)
+        return false;
+    const scanPath = join(projectRoot, '.peaks', info.sessionId, 'rd', 'project-scan.md');
+    return existsSync(scanPath);
+}

package/dist/src/services/skills/skill-presence-service.d.ts

@@ -1,6 +1,9 @@
+export type SkillPresenceMode = 'full-auto' | 'assisted' | 'swarm' | 'strict';
+export declare const VALID_SKILL_PRESENCE_MODES: ReadonlyArray<SkillPresenceMode>;
+export declare function isSkillPresenceMode(value: string): value is SkillPresenceMode;
 export type SkillPresence = {
     skill: string;
-    mode?: string;
+    mode?: SkillPresenceMode;
     gate?: string;
     setAt: string;
 };

package/dist/src/services/skills/skill-presence-service.js

@@ -1,5 +1,14 @@
 import { existsSync, mkdirSync, readFileSync, unlinkSync, writeFileSync } from 'node:fs';
 import { dirname, resolve } from 'node:path';
+export const VALID_SKILL_PRESENCE_MODES = [
+    'full-auto',
+    'assisted',
+    'swarm',
+    'strict'
+];
+export function isSkillPresenceMode(value) {
+    return VALID_SKILL_PRESENCE_MODES.includes(value);
+}
 const PRESENCE_FILE = '.peaks/.active-skill.json';
 function resolvePresencePath() {
     return resolve(process.cwd(), PRESENCE_FILE);
@@ -8,9 +17,10 @@ export function exportSkillPresence() {
     return resolvePresencePath();
 }
 export function setSkillPresence(skill, mode, gate) {
+    const validatedMode = mode && isSkillPresenceMode(mode) ? mode : undefined;
     const presence = {
         skill,
-        ...(mode ? { mode } : {}),
+        ...(validatedMode ? { mode: validatedMode } : {}),
         ...(gate ? { gate } : {}),
         setAt: new Date().toISOString()
     };

package/dist/src/services/workflow/pipeline-verify-service.d.ts

@@ -0,0 +1,31 @@
+import type { RequestType } from '../artifacts/artifact-prerequisites.js';
+export type PipelineGate = {
+    name: string;
+    description: string;
+    passed: boolean;
+    detail: string;
+};
+export type PipelineVerification = {
+    rid: string;
+    sessionId: string;
+    requestType: RequestType;
+    complete: boolean;
+    rdPhase: {
+        invoked: boolean;
+        state: string;
+        gates: PipelineGate[];
+    };
+    qaPhase: {
+        invoked: boolean;
+        state: string;
+        gates: PipelineGate[];
+    };
+    violations: string[];
+    nextActions: string[];
+};
+export declare function verifyPipeline(options: {
+    projectRoot: string;
+    rid: string;
+    sessionId: string;
+    requestType?: string;
+}): Promise<PipelineVerification>;