npm - pumuki - Versions diffs - 6.3.117 → 6.3.119 - Mend

pumuki 6.3.117 → 6.3.119

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/CHANGELOG.md +13 -0
package/VERSION +1 -1
package/integrations/lifecycle/cli.ts +20 -0
package/integrations/mcp/enterpriseServer.ts +40 -5
package/package.json +1 -1

package/CHANGELOG.md CHANGED Viewed

@@ -6,6 +6,19 @@ This project follows [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 ## [Unreleased]
+## [6.3.119] - 2026-04-28
+### Fixed
+- **Contrato CLI estable para menú:** `pumuki menu --help` deja de fallar como comando desconocido y `pumuki menu` delega en el runtime de menú existente (`pumuki-framework`), cerrando `PUMUKI-INC-111` para consumers como RuralGo.
+## [6.3.118] - 2026-04-28
+### Fixed
+- **Guard PRE_WRITE para editores/agentes vía MCP:** el catálogo enterprise expone `pre_write_guard`, una tool no mutante que ejecuta `audit --stage=PRE_WRITE --json` y devuelve `findings` accionables antes de permitir continuar una edición/restauración de ficheros.
+- **Cierre operativo de `PUMUKI-INC-109`:** RuralGo ya tiene una ruta MCP explícita para bloquear antes de escribir, no sólo en commit/gate posterior.
 ## [6.3.117] - 2026-04-28
 ### Fixed

package/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- v6.3.~~117~~
1	+ v6.3.119

package/integrations/lifecycle/cli.ts CHANGED Viewed

@@ -1,4 +1,5 @@
 import { mkdirSync, writeFileSync } from 'node:fs';
+import { spawnSync } from 'node:child_process';
 import { dirname, isAbsolute, relative, resolve } from 'node:path';
 import type { GatePolicy } from '../../core/gate/GatePolicy';
 import { runPlatformGate } from '../git/runPlatformGate';
@@ -84,6 +85,7 @@ type LifecycleCommand =
   | 'update'
   | 'doctor'
   | 'status'
+  | 'menu'
   | 'watch'
   | 'loop'
   | 'sdd'
@@ -190,6 +192,7 @@ Pumuki lifecycle commands:
   pumuki doctor [--remote-checks] [--deep] [--parity] [--json]
   pumuki audit [--stage=PRE_WRITE|PRE_COMMIT|PRE_PUSH|CI] [--engine] [--json]
   pumuki status [--json] [--remote-checks]
+  pumuki menu
   pumuki watch [--stage=PRE_COMMIT|PRE_PUSH|CI] [--scope=workingTree|staged|repoAndStaged|repo] [--severity=critical|high|medium|low] [--interval-ms=<n>] [--notify-cooldown-ms=<n>] [--no-notify] [--once|--iterations=<n>] [--json]
   pumuki loop run --objective=<text> [--max-attempts=<n>] [--json]
   pumuki loop status --session=<session-id> [--json]
@@ -229,6 +232,7 @@ const isLifecycleCommand = (value: string): value is LifecycleCommand =>
   value === 'update' ||
   value === 'doctor' ||
   value === 'status' ||
+  value === 'menu' ||
   value === 'watch' ||
   value === 'loop' ||
   value === 'sdd' ||
@@ -559,6 +563,19 @@ const printHotspotsPublishDiagnostics = (diagnostics: HotspotsPublishDiagnostics
   }
 };
+const runFrameworkMenuShim = (argv: ReadonlyArray<string>): number => {
+  const frameworkMenuBin = resolve(__dirname, '../../bin/pumuki-framework.js');
+  const result = spawnSync(process.execPath, [frameworkMenuBin, ...argv], {
+    stdio: 'inherit',
+    env: process.env,
+  });
+  if (result.error) {
+    writeError(`[pumuki] menu failed to start: ${result.error.message}`);
+    return 1;
+  }
+  return typeof result.status === 'number' ? result.status : 1;
+};
 export const parseLifecycleCliArgs = (argv: ReadonlyArray<string>): ParsedArgs => {
   const commandRaw = argv[0];
   if (!commandRaw || commandRaw === '--help' || commandRaw === '-h') {
@@ -2463,6 +2480,9 @@ export const runLifecycleCli = async (
         }
         return 0;
       }
+      case 'menu': {
+        return runFrameworkMenuShim(argv.slice(1));
+      }
       case 'watch': {
         const watchResult = await activeDependencies.runLifecycleWatch(
           {

package/integrations/mcp/enterpriseServer.ts CHANGED Viewed

@@ -4,7 +4,7 @@ import type { Server } from 'node:http';
 import { execFileSync as runBinarySync } from 'node:child_process';
 import { existsSync } from 'node:fs';
 import { join } from 'node:path';
-import { readLifecycleStatus } from '../lifecycle';
+import { readLifecycleStatus, runLifecycleAudit } from '../lifecycle';
 import { resolveMcpEnterpriseExperimentalFeature } from '../policy/experimentalFeatures';
 import { evaluateSddPolicy, readSddStatus } from '../sdd';
 import type { SddStage } from '../sdd';
@@ -75,6 +75,7 @@ const ENTERPRISE_RESOURCE_DESCRIPTORS: ReadonlyArray<{
 ];
 const ENTERPRISE_TOOLS = [
+  'pre_write_guard',
   'ai_gate_check',
   'pre_flight_check',
   'auto_execute_ai_start',
@@ -91,6 +92,12 @@ const ENTERPRISE_TOOL_DESCRIPTORS: ReadonlyArray<{
   mutating: boolean;
   safeByDefault: boolean;
 }> = [
+  {
+    name: 'pre_write_guard',
+    description: 'Runs the PRE_WRITE audit gate and returns actionable findings before an editor/agent writes code.',
+    mutating: false,
+    safeByDefault: true,
+  },
   {
     name: 'ai_gate_check',
     description: 'Reads .ai_evidence.json and reports AI gate compatibility status.',
@@ -382,13 +389,41 @@ const evaluateCriticalToolGuard = (
   }
 };
-const executeEnterpriseTool = (
+const executeEnterpriseTool = async (
   repoRoot: string,
   toolName: EnterpriseToolName,
   args: Record<string, string | number | boolean | bigint | symbol | null | Date | object>,
   dryRun: boolean
-): EnterpriseToolExecution => {
+): Promise<EnterpriseToolExecution> => {
   switch (toolName) {
+    case 'pre_write_guard': {
+      const audit = await runLifecycleAudit({
+        repoRoot,
+        stage: 'PRE_WRITE',
+        auditMode: 'gate',
+      });
+      return {
+        name: toolName,
+        success: audit.gate_exit_code === 0 && audit.blocking_findings_count === 0,
+        dryRun: true,
+        executed: true,
+        warnings: audit.blocking_findings_count > 0
+          ? ['PRE_WRITE guard blocked before editor write; inspect result.findings.']
+          : [],
+        data: {
+          ...audit,
+          next_action: audit.blocking_findings_count > 0
+            ? {
+                kind: 'inspect_findings',
+                message: 'Corrige los findings bloqueantes antes de escribir o restaurar ficheros.',
+              }
+            : {
+                kind: 'continue',
+                message: 'PRE_WRITE guard passed.',
+              },
+        },
+      };
+    }
     case 'ai_gate_check': {
       const stage = toSddStage(args.stage, 'PRE_COMMIT');
       const execution = runEnterpriseAiGateCheck({
@@ -741,7 +776,7 @@ export const startEnterpriseMcpServer = (
         return;
       }
       void readJsonBody(req)
-        .then((body) => {
+        .then(async (body) => {
           if (typeof body !== 'object' || body === null) {
             sendJson(res, 400, {
               error: 'Invalid request body.',
@@ -814,7 +849,7 @@ export const startEnterpriseMcpServer = (
           }
           let result: EnterpriseToolExecution;
           try {
-            result = executeEnterpriseTool(
+            result = await executeEnterpriseTool(
               repoRoot,
               toolName,
               args,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "pumuki",
-  "version": "6.3.117",
+  "version": "6.3.119",
   "description": "Enterprise-grade AST Intelligence System with multi-platform support (iOS, Android, Backend, Frontend) and Feature-First + DDD + Clean Architecture enforcement. Includes dynamic violations API for intelligent querying.",
   "main": "index.js",
   "bin": {