rapidkit 0.37.0 → 0.38.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (65) hide show
  1. package/README.md +166 -147
  2. package/contracts/create-planner-capabilities.v1.json +251 -0
  3. package/contracts/runtime-command-surface.v1.json +52 -0
  4. package/dist/autopilot-release-SBPGNGAB.js +1 -0
  5. package/dist/chunk-2ED6SPXP.js +1 -0
  6. package/dist/chunk-3R7UJAX5.js +1 -0
  7. package/dist/{chunk-RUUDLAKJ.js → chunk-5NBYSXOZ.js} +1 -1
  8. package/dist/chunk-7XW2I6MP.js +13 -0
  9. package/dist/{chunk-U6QUN6V2.js → chunk-ABPDGFVD.js} +1 -1
  10. package/dist/chunk-IW3KLQXE.js +2 -0
  11. package/dist/{chunk-7VSYTOOG.js → chunk-NKNMGWAZ.js} +1 -1
  12. package/dist/{chunk-IOIWVHRO.js → chunk-TVIOAZ6E.js} +13 -13
  13. package/dist/chunk-XESEBTPE.js +1 -0
  14. package/dist/{create-HN5HOGQ4.js → create-Y3XJOKL5.js} +1 -1
  15. package/dist/index.js +150 -144
  16. package/dist/{pipeline-BOU4KETN.js → pipeline-C4UCLETO.js} +1 -1
  17. package/dist/{workspace-2AL5C3QZ.js → workspace-WBKFXH4Z.js} +1 -1
  18. package/dist/{workspace-agent-sync-V2H6NTGD.js → workspace-agent-sync-3FFFJYKF.js} +1 -1
  19. package/dist/{workspace-context-KCKNV5VQ.js → workspace-context-V4UGIHSC.js} +1 -1
  20. package/dist/{workspace-foundation-L6ZBGMVE.js → workspace-foundation-T45HAWKL.js} +1 -1
  21. package/dist/{workspace-intelligence-3TWXJQ7Y.js → workspace-intelligence-MGL3Z25K.js} +1 -1
  22. package/dist/{workspace-model-NQVZN5W4.js → workspace-model-IKMGY2BX.js} +1 -1
  23. package/dist/workspace-run-HOR56FON.js +1 -0
  24. package/dist/workspace-verify-A3J6D7T2.js +1 -0
  25. package/docs/AI_DYNAMIC_INTEGRATION.md +440 -0
  26. package/docs/AI_EXAMPLES.md +419 -0
  27. package/docs/AI_FEATURES.md +460 -0
  28. package/docs/AI_QUICKSTART.md +245 -0
  29. package/docs/DEVELOPMENT.md +88 -0
  30. package/docs/From Code to Shared Understanding.png +0 -0
  31. package/docs/OPEN_SOURCE_USER_SCENARIOS.md +170 -0
  32. package/docs/OPTIMIZATION_GUIDE.md +504 -0
  33. package/docs/PACKAGE_MANAGER_POLICY.md +25 -0
  34. package/docs/README.md +121 -0
  35. package/docs/SECURITY.md +63 -0
  36. package/docs/SETUP.md +107 -0
  37. package/docs/UTILITIES.md +221 -0
  38. package/docs/WORKSPACE_MARKER_SPEC.md +276 -0
  39. package/docs/ci-workflows.md +56 -0
  40. package/docs/commands-reference.md +136 -0
  41. package/docs/config-file-guide.md +295 -0
  42. package/docs/contracts/ARTIFACT_CATALOG.md +111 -0
  43. package/docs/contracts/COMMAND_OWNERSHIP_MATRIX.md +138 -0
  44. package/docs/contracts/README.md +71 -0
  45. package/docs/contracts/RUNTIME_ACCEPTANCE_MATRIX.md +98 -0
  46. package/docs/contracts/RUNTIME_SUPPORT_MATRIX.md +74 -0
  47. package/docs/contracts/rapidkit-cli-contracts.json +239 -0
  48. package/docs/create-planner-capabilities.md +81 -0
  49. package/docs/doctor-command.md +263 -0
  50. package/docs/examples/ci-agent-grounding.yml +62 -0
  51. package/docs/from-code-to-shared-understanding.md +46 -0
  52. package/docs/governance-policy.enterprise.example.json +40 -0
  53. package/docs/mirror-config.enterprise.example.json +60 -0
  54. package/docs/policies.workspace.example.yml +23 -0
  55. package/docs/workspace-operations.md +160 -0
  56. package/docs/workspace-run.md +80 -0
  57. package/package.json +3 -2
  58. package/dist/autopilot-release-AUXP2ZIF.js +0 -1
  59. package/dist/chunk-C7OVQQXT.js +0 -1
  60. package/dist/chunk-EJGKBFV4.js +0 -2
  61. package/dist/chunk-UXKB4KGZ.js +0 -13
  62. package/dist/chunk-YJ24EV3P.js +0 -1
  63. package/dist/workspace-run-DEXI52KO.js +0 -1
  64. package/dist/workspace-verify-HBCQNNGU.js +0 -1
  65. /package/dist/{chunk-D23L2GFT.js → chunk-6E5TBB2C.js} +0 -0
@@ -0,0 +1,88 @@
1
+ # Development Guide
2
+
3
+ Maintainer reference for the RapidKit npm CLI (Node/TypeScript bridge to Python Core).
4
+
5
+ **End users:** [../README.md](../README.md) · [README.md](./README.md) · [OPEN_SOURCE_USER_SCENARIOS.md](./OPEN_SOURCE_USER_SCENARIOS.md)
6
+
7
+ ## Prerequisites
8
+
9
+ - Node.js `>= 20`
10
+ - npm — see [PACKAGE_MANAGER_POLICY.md](./PACKAGE_MANAGER_POLICY.md)
11
+
12
+ ```bash
13
+ npm ci
14
+ npm run build
15
+ ```
16
+
17
+ ## Quality checks
18
+
19
+ ```bash
20
+ npm run validate
21
+ npm run validate:contracts
22
+ npm run test:drift
23
+ ```
24
+
25
+ Focused suites: [ci-workflows.md](./ci-workflows.md) · [SETUP.md](./SETUP.md)
26
+
27
+ ## Configuration
28
+
29
+ User defaults: [config-file-guide.md](./config-file-guide.md) (`$HOME/.rapidkitrc.json`, `rapidkit.config.*`).
30
+
31
+ Priority: CLI flags > environment variables > config file > defaults.
32
+
33
+ ### Test mode (local Core)
34
+
35
+ ```bash
36
+ export RAPIDKIT_DEV_PATH=/path/to/local/rapidkit-core
37
+ npx rapidkit my-workspace --test-mode
38
+ ```
39
+
40
+ ## CLI workflows
41
+
42
+ ```bash
43
+ # Direct project creation
44
+ npx rapidkit create project fastapi.standard my-api --output .
45
+ npx rapidkit create frontend nextjs my-web --yes
46
+
47
+ # Workspace mode
48
+ npx rapidkit create workspace my-workspace --yes --profile polyglot
49
+ cd my-workspace
50
+ npx rapidkit bootstrap --profile polyglot
51
+ npx rapidkit create project
52
+ ```
53
+
54
+ Full syntax: [commands-reference.md](./commands-reference.md)
55
+
56
+ ## Testing
57
+
58
+ ```bash
59
+ npm test
60
+ npm run test:e2e
61
+ npm run test:scenarios:full
62
+ npm run test:runtime-matrix:full
63
+ ```
64
+
65
+ ## Manual smoke
66
+
67
+ ```bash
68
+ npm run build
69
+ node dist/index.js --help
70
+ node dist/index.js create project fastapi.standard test-fastapi --output . --yes --skip-install
71
+ ```
72
+
73
+ ## Debugging
74
+
75
+ ```bash
76
+ npx rapidkit my-workspace --debug
77
+ ```
78
+
79
+ ## Environment variables
80
+
81
+ See [SETUP.md](./SETUP.md#environment-variables) for bridge, scenario, and cache variables.
82
+
83
+ ## See also
84
+
85
+ - [Documentation index](./README.md)
86
+ - [contracts/README.md](./contracts/README.md)
87
+ - [OPTIMIZATION_GUIDE.md](./OPTIMIZATION_GUIDE.md)
88
+ - [UTILITIES.md](./UTILITIES.md)
@@ -0,0 +1,170 @@
1
+ # RapidKit Practical User Scenarios (Open Source Edition)
2
+
3
+ Practical workflows for OSS teams using the npm CLI. Command syntax: [commands-reference.md](./commands-reference.md). Import/adopt details: [workspace-operations.md](./workspace-operations.md).
4
+
5
+ ## Scenario 0 — Existing project (adopt or import)
6
+
7
+ Goal: connect code you already have without reshuffling repositories.
8
+
9
+ ### Adopt in place (keep source where it is)
10
+
11
+ ```bash
12
+ npx rapidkit adopt /path/to/existing-app --workspace /path/to/workspace --json
13
+ npx rapidkit workspace model --json
14
+ npx rapidkit doctor project --json
15
+ ```
16
+
17
+ Works for Next.js, Vite, NestJS, FastAPI, Go, Spring Boot, and other detected stacks. See [workspace-operations.md#import-and-adoption](./workspace-operations.md#import-and-adoption).
18
+
19
+ ### Import (copy or clone into workspace)
20
+
21
+ ```bash
22
+ npx rapidkit import ../orders-api --workspace ./platform
23
+ npx rapidkit import https://github.com/acme/orders-api.git --git --workspace ./platform
24
+ ```
25
+
26
+ ### New frontend in workspace
27
+
28
+ ```bash
29
+ cd my-workspace
30
+ npx rapidkit create frontend nextjs marketing-web --yes
31
+ ```
32
+
33
+ ## What changed from the old flow?
34
+
35
+ Old flow (typical):
36
+ - Create workspace/project
37
+ - Run `init` / `dev`
38
+ - Minimal governance and supply-chain controls
39
+
40
+ Current flow (new baseline):
41
+ - Same developer-friendly start
42
+ - Plus optional mirror/offline controls, checksum/attestation verification, Sigstore governance, and auditable reports
43
+ - Works for both small teams and enterprise adoption paths
44
+
45
+ ## Scenario 1 — Junior Developer
46
+
47
+ Goal: get productive quickly with minimal complexity.
48
+
49
+ ### Steps
50
+
51
+ ```bash
52
+ npx rapidkit my-workspace
53
+ cd my-workspace
54
+ npx rapidkit bootstrap --profile polyglot
55
+ npx rapidkit setup python
56
+ npx rapidkit setup node --warm-deps
57
+ npx rapidkit create project fastapi.standard api --output .
58
+ cd api
59
+ npx rapidkit init
60
+ npx rapidkit dev
61
+ ```
62
+
63
+ ### When manual vs automatic?
64
+
65
+ - Manual: run commands directly in local dev.
66
+ - Automatic: not required at this level.
67
+
68
+ ## Scenario 2 — Mid-level Developer / Team
69
+
70
+ Goal: improve stability and repeatability using mirror artifacts.
71
+
72
+ ### Steps
73
+
74
+ 1) Define minimal mirror config (`.rapidkit/mirror-config.json`) with artifact sources and checksums.
75
+ 2) Run:
76
+
77
+ ```bash
78
+ cd my-workspace
79
+ npx rapidkit doctor workspace
80
+ npx rapidkit workspace list
81
+ npx rapidkit mirror status
82
+ npx rapidkit cache status
83
+ npx rapidkit mirror sync
84
+ npx rapidkit mirror verify
85
+ npx rapidkit init
86
+ npx rapidkit dev
87
+ ```
88
+
89
+ ### When manual vs automatic?
90
+
91
+ - Manual: initial mirror setup and local validation.
92
+ - Automatic: in CI pipelines, run `mirror sync/verify` before build/test.
93
+
94
+ ## Scenario 3 — Senior Developer / Platform Engineer
95
+
96
+ Goal: enforce stronger security controls (attestation + Sigstore governance) in stage/prod-like environments.
97
+
98
+ ### Steps
99
+
100
+ 1) Configure `mirror-config.json` with:
101
+ - `security.requireAttestation: true`
102
+ - `security.requireSigstore: true`
103
+ - `security.requireTransparencyLog: true`
104
+ - environment policy allowlists (`identity`, `issuer`, `rekorUrl`)
105
+
106
+ 2) Run:
107
+
108
+ ```bash
109
+ RAPIDKIT_ENV=stage npx rapidkit mirror sync --json
110
+ RAPIDKIT_ENV=stage npx rapidkit mirror verify --json
111
+ npx rapidkit bootstrap --profile=enterprise --ci --offline --json
112
+ ```
113
+
114
+ ### When manual vs automatic?
115
+
116
+ - Manual: initial policy authoring and first dry run.
117
+ - Automatic: fully automated in CI/CD after policy is validated.
118
+
119
+ ## Scenario 4 — Enterprise Operator / SecOps
120
+
121
+ Goal: enforce signed governance policy bundle, generate and export audit evidence.
122
+
123
+ ### Steps
124
+
125
+ 1) Add signed governance bundle:
126
+ - `.rapidkit/governance-policy.json`
127
+ - `.rapidkit/governance-policy.sig`
128
+ - `.rapidkit/governance-public.pem`
129
+
130
+ 2) Configure in `mirror-config.json`:
131
+ - `security.requireSignedGovernance: true`
132
+ - `security.governanceBundle: { ... }`
133
+ - `security.evidenceExport: { target: "file" | "http", ... }`
134
+
135
+ 3) Run:
136
+
137
+ ```bash
138
+ RAPIDKIT_ENV=prod npx rapidkit mirror sync --json
139
+ RAPIDKIT_ENV=prod npx rapidkit mirror verify --json
140
+ RAPIDKIT_ENV=prod npx rapidkit bootstrap --profile=enterprise --ci --offline --json
141
+ ```
142
+
143
+ ### When manual vs automatic?
144
+
145
+ - Manual: key management, policy signing, endpoint provisioning.
146
+ - Automatic: all command execution in CI/CD and release pipelines.
147
+
148
+ ## Operational outputs (for automation and auditing)
149
+
150
+ Generated reports:
151
+ - `.rapidkit/reports/bootstrap-compliance.latest.json`
152
+ - `.rapidkit/reports/mirror-ops.latest.json`
153
+ - `.rapidkit/reports/transparency-evidence.latest.json`
154
+
155
+ Optional exported evidence sinks:
156
+ - file sink (NDJSON/JSON append strategy)
157
+ - HTTP webhook sink (SIEM/GRC intake)
158
+
159
+ ## Practical recommendation
160
+
161
+ - Individuals/small teams: start with Scenario 0 → 1 → 2.
162
+ - Product teams/platform teams: adopt Scenario 3.
163
+ - Regulated/high-compliance environments: run Scenario 4 by default.
164
+
165
+ ## See also
166
+
167
+ - [Documentation index](./README.md)
168
+ - [workspace-operations.md](./workspace-operations.md)
169
+ - [doctor-command.md](./doctor-command.md)
170
+ - [ci-workflows.md](./ci-workflows.md) (`pipeline --json --strict`)