pumuki 6.3.26 → 6.3.28

package/integrations/telemetry/structuredTelemetry.ts

@@ -0,0 +1,197 @@
+import { appendFileSync, mkdirSync } from 'node:fs';
+import { dirname, isAbsolute, resolve } from 'node:path';
+
+export type StructuredTelemetryEvent = {
+  schema_version: '1';
+  timestamp: string;
+  source: 'pumuki';
+  channel: 'ai_gate' | 'hook_gate';
+  event: 'ai_gate.evaluated' | 'hook_gate.evaluated';
+  stage: 'PRE_WRITE' | 'PRE_COMMIT' | 'PRE_PUSH' | 'CI';
+  repo_root: string;
+  status: 'ALLOWED' | 'BLOCKED';
+  decision: 'ALLOW' | 'BLOCK';
+  policy: {
+    source: string;
+    bundle: string;
+    hash: string;
+    version: string;
+    signature: string;
+  };
+  evidence: {
+    kind: string;
+    age_seconds: number | null;
+    max_age_seconds: number | null;
+    source: string | null;
+    path: string | null;
+    digest: string | null;
+    generated_at: string | null;
+    integrity_status: string | null;
+    chain_hash: string | null;
+  };
+  metrics: {
+    violations_total: number;
+    violations_error: number;
+    violations_warn: number;
+  };
+  mcp_receipt?: {
+    required: boolean;
+    kind: string;
+    age_seconds: number | null;
+    max_age_seconds: number | null;
+  };
+  waivers?: {
+    status: string;
+    applied: number;
+    path: string | null;
+  };
+};
+
+export type StructuredTelemetryEmitResult = {
+  status: 'disabled' | 'written' | 'error';
+  jsonl_path: string;
+  otel_jsonl_path: string | null;
+  error: string | null;
+};
+
+const DEFAULT_STRUCTURED_TELEMETRY_JSONL_PATH = '.pumuki/telemetry/structured-events.jsonl';
+const DEFAULT_STRUCTURED_TELEMETRY_OTEL_JSONL_PATH = '.pumuki/telemetry/otel-log-records.jsonl';
+
+const isTruthyEnvValue = (value?: string): boolean => {
+  if (!value) {
+    return false;
+  }
+  const normalized = value.trim().toLowerCase();
+  return normalized === '1' || normalized === 'true' || normalized === 'yes';
+};
+
+const resolveOutputPath = (
+  repoRoot: string,
+  value: string | undefined,
+  fallbackRelativePath: string
+): string => {
+  const raw = value?.trim();
+  if (!raw) {
+    return resolve(repoRoot, fallbackRelativePath);
+  }
+  if (isAbsolute(raw)) {
+    return raw;
+  }
+  return resolve(repoRoot, raw);
+};
+
+const toOtelSeverityNumber = (
+  status: StructuredTelemetryEvent['status']
+): number => (status === 'BLOCKED' ? 17 : 9);
+
+const toOtelSeverityText = (
+  status: StructuredTelemetryEvent['status']
+): 'ERROR' | 'INFO' => (status === 'BLOCKED' ? 'ERROR' : 'INFO');
+
+const toOtelLogRecord = (
+  event: StructuredTelemetryEvent
+): Record<string, unknown> => ({
+  timeUnixNano: String(
+    Math.max(0, Math.floor(Date.parse(event.timestamp))) * 1_000_000
+  ),
+  observedTimeUnixNano: String(Date.now() * 1_000_000),
+  severityNumber: toOtelSeverityNumber(event.status),
+  severityText: toOtelSeverityText(event.status),
+  body: event.event,
+  attributes: {
+    'pumuki.schema_version': event.schema_version,
+    'pumuki.channel': event.channel,
+    'pumuki.event': event.event,
+    'pumuki.stage': event.stage,
+    'pumuki.status': event.status,
+    'pumuki.decision': event.decision,
+    'pumuki.repo_root': event.repo_root,
+    'pumuki.policy.source': event.policy.source,
+    'pumuki.policy.bundle': event.policy.bundle,
+    'pumuki.policy.hash': event.policy.hash,
+    'pumuki.policy.version': event.policy.version,
+    'pumuki.policy.signature': event.policy.signature,
+    'pumuki.evidence.kind': event.evidence.kind,
+    'pumuki.evidence.age_seconds': event.evidence.age_seconds,
+    'pumuki.evidence.max_age_seconds': event.evidence.max_age_seconds,
+    'pumuki.evidence.source': event.evidence.source,
+    'pumuki.evidence.path': event.evidence.path,
+    'pumuki.evidence.digest': event.evidence.digest,
+    'pumuki.evidence.generated_at': event.evidence.generated_at,
+    'pumuki.evidence.integrity_status': event.evidence.integrity_status,
+    'pumuki.evidence.chain_hash': event.evidence.chain_hash,
+    'pumuki.metrics.violations_total': event.metrics.violations_total,
+    'pumuki.metrics.violations_error': event.metrics.violations_error,
+    'pumuki.metrics.violations_warn': event.metrics.violations_warn,
+    'pumuki.mcp.required': event.mcp_receipt?.required ?? null,
+    'pumuki.mcp.kind': event.mcp_receipt?.kind ?? null,
+    'pumuki.mcp.age_seconds': event.mcp_receipt?.age_seconds ?? null,
+    'pumuki.mcp.max_age_seconds': event.mcp_receipt?.max_age_seconds ?? null,
+    'pumuki.waivers.status': event.waivers?.status ?? null,
+    'pumuki.waivers.applied': event.waivers?.applied ?? null,
+    'pumuki.waivers.path': event.waivers?.path ?? null,
+  },
+  resource: {
+    attributes: {
+      'service.name': 'pumuki',
+      'service.namespace': 'ast-intelligence-hooks',
+      'service.version': event.policy.version || 'unknown',
+    },
+  },
+});
+
+export const emitStructuredTelemetry = (params: {
+  repoRoot: string;
+  event: StructuredTelemetryEvent;
+  env?: NodeJS.ProcessEnv;
+}): StructuredTelemetryEmitResult => {
+  const env = params.env ?? process.env;
+  const jsonlPath = resolveOutputPath(
+    params.repoRoot,
+    env.PUMUKI_TELEMETRY_JSONL_PATH,
+    DEFAULT_STRUCTURED_TELEMETRY_JSONL_PATH
+  );
+  const otelEnabled = isTruthyEnvValue(env.PUMUKI_TELEMETRY_EXPORT_OTEL);
+  const otelPath = otelEnabled
+    ? resolveOutputPath(
+      params.repoRoot,
+      env.PUMUKI_TELEMETRY_OTEL_JSONL_PATH,
+      DEFAULT_STRUCTURED_TELEMETRY_OTEL_JSONL_PATH
+    )
+    : null;
+
+  if (!isTruthyEnvValue(env.PUMUKI_TELEMETRY_EXPORT)) {
+    return {
+      status: 'disabled',
+      jsonl_path: jsonlPath,
+      otel_jsonl_path: otelPath,
+      error: null,
+    };
+  }
+
+  try {
+    mkdirSync(dirname(jsonlPath), { recursive: true });
+    appendFileSync(jsonlPath, `${JSON.stringify(params.event)}\n`, 'utf8');
+    if (otelPath) {
+      mkdirSync(dirname(otelPath), { recursive: true });
+      appendFileSync(
+        otelPath,
+        `${JSON.stringify(toOtelLogRecord(params.event))}\n`,
+        'utf8'
+      );
+    }
+    return {
+      status: 'written',
+      jsonl_path: jsonlPath,
+      otel_jsonl_path: otelPath,
+      error: null,
+    };
+  } catch (error) {
+    return {
+      status: 'error',
+      jsonl_path: jsonlPath,
+      otel_jsonl_path: otelPath,
+      error: error instanceof Error ? error.message : String(error),
+    };
+  }
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "pumuki",
-  "version": "6.3.26",
+  "version": "6.3.28",
   "description": "Enterprise-grade AST Intelligence System with multi-platform support (iOS, Android, Backend, Frontend) and Feature-First + DDD + Clean Architecture enforcement. Includes dynamic violations API for intelligent querying.",
   "main": "index.js",
   "bin": {
@@ -13,7 +13,9 @@
     "pumuki-pre-push": "bin/pumuki-pre-push.js",
     "pumuki-ci": "bin/pumuki-ci.js",
     "pumuki-mcp-evidence": "bin/pumuki-mcp-evidence.js",
-    "pumuki-mcp-enterprise": "bin/pumuki-mcp-enterprise.js"
+    "pumuki-mcp-evidence-stdio": "bin/pumuki-mcp-evidence-stdio.js",
+    "pumuki-mcp-enterprise": "bin/pumuki-mcp-enterprise.js",
+    "pumuki-mcp-enterprise-stdio": "bin/pumuki-mcp-enterprise-stdio.js"
   },
   "scripts": {
     "install-hooks": "node bin/pumuki.js install",
@@ -95,6 +97,14 @@
     "validation:phase8:ready-handoff": "bash scripts/build-phase8-ready-handoff-summary.sh",
     "validation:phase8:close-ready": "bash scripts/run-phase8-close-ready.sh",
     "validation:progress-single-active": "bash scripts/check-refactor-progress-single-active.sh",
+    "validation:tracking-single-active": "bash scripts/check-tracking-single-active.sh",
+    "validation:p9:ruralgo-branch-ready": "node --import tsx scripts/check-p9-ruralgo-branch-ready.ts",
+    "validation:p9:ruralgo-branch-ready:api": "npm run -s validation:p9:ruralgo-branch-ready -- --expected-branch=feature/p9-api-contact-contract --base-ref=origin/develop",
+    "validation:p9:ruralgo-branch-ready:ux": "npm run -s validation:p9:ruralgo-branch-ready -- --expected-branch=feature/p9-ux-contact-states --base-ref=origin/develop",
+    "validation:p9:ruralgo-runtime-ready": "node --import tsx scripts/check-p9-ruralgo-runtime-ready.ts",
+    "validation:p9:ruralgo-baseline-clean": "node --import tsx scripts/check-p9-ruralgo-baseline-clean.ts",
+    "validation:p9:ruralgo-install-health": "node --import tsx scripts/check-p9-ruralgo-install-health.ts",
+    "validation:p9:ruralgo-baseline-versioned": "node --import tsx scripts/check-p9-ruralgo-baseline-versioned.ts",
     "validation:phase5-escalation:ready-to-submit": "bash scripts/check-phase5-escalation-ready-to-submit.sh",
     "validation:phase5-escalation:prepare": "bash scripts/prepare-phase5-escalation-submission.sh",
     "validation:phase5-escalation:close-submission": "bash scripts/close-phase5-escalation-submission.sh",
@@ -106,12 +116,15 @@
     "validation:package-smoke:minimal": "node --import tsx scripts/package-install-smoke.ts --mode=minimal",
     "validation:lifecycle-smoke": "node --import tsx scripts/package-install-smoke.ts --mode=minimal",
     "validation:c020-benchmark": "node --import tsx scripts/run-c020-benchmark.ts",
+    "validation:p9:manifests": "node --import tsx scripts/build-p9-validation-manifests.ts",
     "validation:clean-artifacts": "npx --yes tsx@4.21.0 scripts/clean-validation-artifacts.ts",
     "skills:compile": "npx --yes tsx@4.21.0 scripts/compile-skills-lock.ts",
     "skills:lock:check": "npx --yes tsx@4.21.0 scripts/compile-skills-lock.ts --check",
     "skills:import:custom": "npx --yes tsx@4.21.0 scripts/import-custom-skills.ts",
     "mcp:evidence": "node bin/pumuki-mcp-evidence.js",
+    "mcp:evidence:stdio": "node bin/pumuki-mcp-evidence-stdio.js",
     "mcp:enterprise": "node bin/pumuki-mcp-enterprise.js",
+    "mcp:enterprise:stdio": "node bin/pumuki-mcp-enterprise-stdio.js",
     "validate:adapter-hooks-local": "echo 'Migrated to modern TS scripts — use validation:adapter-readiness instead'",
     "verify:adapter-hooks-runtime": "echo 'Migrated to modern TS scripts — use validation:adapter-readiness instead'"
   },
@@ -179,6 +192,7 @@
   },
   "files": [
     "bin/*.js",
+    "core/gate/*.js",
     "core/utils/*.ts",
     "core/facts/*.ts",
     "core/facts/detectors/**/*.ts",
@@ -189,14 +203,19 @@
     "integrations/config/*.ts",
     "integrations/evidence/*.ts",
     "integrations/gate/*.ts",
+    "integrations/git/*.js",
     "integrations/git/*.ts",
     "integrations/tdd/*.ts",
+    "integrations/lifecycle/*.js",
     "integrations/lifecycle/*.ts",
     "integrations/lifecycle/*.json",
+    "integrations/sdd/*.js",
     "integrations/sdd/*.ts",
+    "integrations/mcp/*.js",
     "integrations/mcp/*.ts",
     "integrations/notifications/*.ts",
     "integrations/platform/*.ts",
+    "integrations/telemetry/*.ts",
     "scripts/*.ts",
     "scripts/adapters/*.ts",
     "scripts/adapters/*.md",
@@ -220,12 +239,12 @@
   "exports": {
     ".": "./index.js",
     "./package.json": "./package.json",
-    "./integrations/git": "./integrations/git/index.ts",
-    "./integrations/lifecycle": "./integrations/lifecycle/index.ts",
-    "./integrations/sdd": "./integrations/sdd/index.ts",
-    "./integrations/mcp": "./integrations/mcp/index.ts",
-    "./core/gate/evaluateGate": "./core/gate/evaluateGate.ts",
-    "./core/gate/evaluateRules": "./core/gate/evaluateRules.ts"
+    "./integrations/git": "./integrations/git/index.js",
+    "./integrations/lifecycle": "./integrations/lifecycle/index.js",
+    "./integrations/sdd": "./integrations/sdd/index.js",
+    "./integrations/mcp": "./integrations/mcp/index.js",
+    "./core/gate/evaluateGate": "./core/gate/evaluateGate.js",
+    "./core/gate/evaluateRules": "./core/gate/evaluateRules.js"
   },
   "peerDependencies": {
     "ts-morph": ">=27.0.2"

package/scripts/build-p9-validation-manifests.ts

@@ -0,0 +1,53 @@
+import { resolve } from 'node:path';
+import { writeP9ValidationManifests } from './p9-validation-manifests-lib';
+
+type CliOptions = {
+  repoRoot: string;
+  outDir: string;
+};
+
+const parseArgs = (argv: ReadonlyArray<string>): CliOptions => {
+  const options: CliOptions = {
+    repoRoot: process.cwd(),
+    outDir: 'docs/validation/evidence',
+  };
+  for (const arg of argv) {
+    if (arg.startsWith('--repo-root=')) {
+      options.repoRoot = arg.slice('--repo-root='.length).trim() || options.repoRoot;
+      continue;
+    }
+    if (arg.startsWith('--out-dir=')) {
+      options.outDir = arg.slice('--out-dir='.length).trim() || options.outDir;
+      continue;
+    }
+    throw new Error(`Unsupported argument "${arg}". Use --repo-root=<path> or --out-dir=<path>.`);
+  }
+  return options;
+};
+
+const run = (): number => {
+  const options = parseArgs(process.argv.slice(2));
+  const repoRoot = resolve(options.repoRoot);
+  const outDir = resolve(repoRoot, options.outDir);
+  const result = writeP9ValidationManifests(repoRoot, outDir);
+  process.stdout.write(
+    JSON.stringify(
+      {
+        repoRoot,
+        outDir,
+        functionalityPath: result.functionalityPath,
+        rulesPath: result.rulesPath,
+        totals: {
+          functionality: result.functionality.totals,
+          rules: result.rules.totals,
+        },
+      },
+      null,
+      2
+    ) + '\n'
+  );
+  return 0;
+};
+
+process.exit(run());
+

package/scripts/check-p9-ruralgo-baseline-clean.ts

@@ -0,0 +1,200 @@
+import { execFileSync } from 'node:child_process';
+import { existsSync, readFileSync } from 'node:fs';
+import { join } from 'node:path';
+import process from 'node:process';
+import { hasPumukiManagedBlock } from '../integrations/lifecycle/hookBlock';
+import {
+  evaluateP9RuralgoBaselineClean,
+  type P9RuralgoBaselinePolicy,
+} from './p9-ruralgo-baseline-clean-lib';
+
+type CliOptions = {
+  repoPath: string;
+  json: boolean;
+  policy: P9RuralgoBaselinePolicy;
+};
+
+const DEFAULT_REPO_PATH =
+  '/Users/juancarlosmerlosalbarracin/Developer/Projects/ruralgo-fork';
+
+const printHelp = (): void => {
+  process.stdout.write(
+    [
+      'Uso:',
+      '  node --import tsx scripts/check-p9-ruralgo-baseline-clean.ts [opciones]',
+      '',
+      'Opciones:',
+      '  --repo=<path>                 Ruta del repo ruralgo-fork (default: ~/Developer/Projects/ruralgo-fork)',
+      '  --allow-managed-hooks         Permite hooks gestionados por Pumuki',
+      '  --allow-ai-evidence           Permite .ai_evidence.json',
+      '  --allow-artifacts             Permite artifacts/',
+      '  --allow-pumuki-dir            Permite .pumuki/',
+      '  --allow-node-modules          Permite node_modules/',
+      '  --allow-package-lock          Permite package-lock.json',
+      '  --json                        Salida JSON',
+      '  --help                        Muestra ayuda',
+      '',
+      'Exit code:',
+      '  0 => baseline limpio para F1.T2',
+      '  1 => baseline no limpio',
+      '',
+    ].join('\n'),
+  );
+};
+
+const parseArgs = (argv: ReadonlyArray<string>): CliOptions => {
+  const options: CliOptions = {
+    repoPath: DEFAULT_REPO_PATH,
+    json: false,
+    policy: {
+      requireNoManagedHooks: true,
+      requireNoAiEvidence: true,
+      requireNoArtifacts: true,
+      requireNoPumukiDir: true,
+      requireNoNodeModules: true,
+      requireNoPackageLock: true,
+    },
+  };
+
+  for (const arg of argv) {
+    if (arg === '--json') {
+      options.json = true;
+      continue;
+    }
+    if (arg === '--allow-managed-hooks') {
+      options.policy.requireNoManagedHooks = false;
+      continue;
+    }
+    if (arg === '--allow-ai-evidence') {
+      options.policy.requireNoAiEvidence = false;
+      continue;
+    }
+    if (arg === '--allow-artifacts') {
+      options.policy.requireNoArtifacts = false;
+      continue;
+    }
+    if (arg === '--allow-pumuki-dir') {
+      options.policy.requireNoPumukiDir = false;
+      continue;
+    }
+    if (arg === '--allow-node-modules') {
+      options.policy.requireNoNodeModules = false;
+      continue;
+    }
+    if (arg === '--allow-package-lock') {
+      options.policy.requireNoPackageLock = false;
+      continue;
+    }
+    if (arg.startsWith('--repo=')) {
+      options.repoPath = arg.slice('--repo='.length);
+      continue;
+    }
+    throw new Error(`Argumento no soportado: ${arg}`);
+  }
+
+  return options;
+};
+
+const runGit = (repoPath: string, args: ReadonlyArray<string>): string | null => {
+  try {
+    return execFileSync('git', ['-C', repoPath, ...args], {
+      encoding: 'utf8',
+      stdio: ['ignore', 'pipe', 'pipe'],
+    }).trim();
+  } catch {
+    return null;
+  }
+};
+
+const readHookManagedStatus = (hooksPath: string, hookName: string): boolean => {
+  const filePath = join(hooksPath, hookName);
+  if (!existsSync(filePath)) {
+    return false;
+  }
+  const contents = readFileSync(filePath, 'utf8');
+  return hasPumukiManagedBlock(contents);
+};
+
+const main = (): number => {
+  const argv = process.argv.slice(2);
+  if (argv.includes('--help')) {
+    printHelp();
+    return 0;
+  }
+
+  let options: CliOptions;
+  try {
+    options = parseArgs(argv);
+  } catch (error) {
+    process.stderr.write(`[p9][baseline-clean] ${(error as Error).message}\n`);
+    process.stderr.write('Usa --help para ver opciones.\n');
+    return 1;
+  }
+
+  const isGitRepo = runGit(options.repoPath, ['rev-parse', '--is-inside-work-tree']) === 'true';
+  const hooksPath =
+    runGit(options.repoPath, ['rev-parse', '--git-path', 'hooks']) ?? join(options.repoPath, '.git/hooks');
+  const preCommitManaged = isGitRepo ? readHookManagedStatus(hooksPath, 'pre-commit') : false;
+  const prePushManaged = isGitRepo ? readHookManagedStatus(hooksPath, 'pre-push') : false;
+
+  const result = evaluateP9RuralgoBaselineClean(
+    {
+      isGitRepo,
+      hasManagedPreCommitHook: preCommitManaged,
+      hasManagedPrePushHook: prePushManaged,
+      hasAiEvidenceFile: existsSync(join(options.repoPath, '.ai_evidence.json')),
+      hasArtifactsDir: existsSync(join(options.repoPath, 'artifacts')),
+      hasPumukiDir: existsSync(join(options.repoPath, '.pumuki')),
+      hasNodeModulesDir: existsSync(join(options.repoPath, 'node_modules')),
+      hasPackageLockFile: existsSync(join(options.repoPath, 'package-lock.json')),
+    },
+    options.policy,
+  );
+
+  const payload = {
+    ready: result.ready,
+    repoPath: options.repoPath,
+    policy: options.policy,
+    snapshot: {
+      isGitRepo,
+      hooksPath,
+      preCommitManaged,
+      prePushManaged,
+      hasAiEvidenceFile: existsSync(join(options.repoPath, '.ai_evidence.json')),
+      hasArtifactsDir: existsSync(join(options.repoPath, 'artifacts')),
+      hasPumukiDir: existsSync(join(options.repoPath, '.pumuki')),
+      hasNodeModulesDir: existsSync(join(options.repoPath, 'node_modules')),
+      hasPackageLockFile: existsSync(join(options.repoPath, 'package-lock.json')),
+    },
+    issues: result.issues,
+  };
+
+  if (options.json) {
+    process.stdout.write(`${JSON.stringify(payload, null, 2)}\n`);
+  } else {
+    process.stdout.write('[p9][baseline-clean] PRECHECK\n');
+    process.stdout.write(`[p9][baseline-clean] repo=${payload.repoPath}\n`);
+    process.stdout.write(`[p9][baseline-clean] hooks_path=${payload.snapshot.hooksPath}\n`);
+    process.stdout.write(
+      `[p9][baseline-clean] managed_hooks(pre-commit/pre-push)=${payload.snapshot.preCommitManaged}/${payload.snapshot.prePushManaged}\n`,
+    );
+    process.stdout.write(
+      `[p9][baseline-clean] ai_evidence=${payload.snapshot.hasAiEvidenceFile} artifacts=${payload.snapshot.hasArtifactsDir} .pumuki=${payload.snapshot.hasPumukiDir}\n`,
+    );
+    process.stdout.write(
+      `[p9][baseline-clean] node_modules=${payload.snapshot.hasNodeModulesDir} package_lock=${payload.snapshot.hasPackageLockFile}\n`,
+    );
+    process.stdout.write(
+      `[p9][baseline-clean] status=${payload.ready ? 'READY' : 'NOT_READY'} issues=${payload.issues.length}\n`,
+    );
+    for (const issue of payload.issues) {
+      process.stdout.write(
+        `[p9][baseline-clean][${issue.severity}] ${issue.code}: ${issue.message}\n`,
+      );
+    }
+  }
+
+  return payload.ready ? 0 : 1;
+};
+
+process.exitCode = main();