scene-capability-engine 3.1.0 → 3.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/CHANGELOG.md +24 -0
  2. package/docs/command-reference.md +63 -12
  3. package/docs/interactive-customization/README.md +62 -4
  4. package/docs/interactive-customization/approval-role-policy-baseline.json +36 -0
  5. package/docs/interactive-customization/authorization-dialogue-policy-baseline.json +47 -0
  6. package/docs/interactive-customization/authorization-tier-policy-baseline.json +46 -0
  7. package/docs/interactive-customization/dialogue-governance-policy-baseline.json +38 -1
  8. package/docs/interactive-customization/dual-ui-mode-integration-guide.md +92 -0
  9. package/docs/interactive-customization/embedded-assistant-authorization-dialogue-rules.md +78 -0
  10. package/docs/interactive-customization/governance-threshold-baseline.json +8 -1
  11. package/docs/interactive-customization/runtime-mode-policy-baseline.json +26 -0
  12. package/docs/release-checklist.md +3 -0
  13. package/docs/security-governance-default-baseline.md +7 -0
  14. package/lib/commands/auto.js +2311 -62
  15. package/lib/commands/scene.js +84 -0
  16. package/package.json +1 -1
package/lib/commands/scene.js CHANGED
@@ -569,11 +569,15 @@ function registerSceneCommands(program) {
569
569
  .option('--policy <path>', 'Guardrail policy override path')
570
570
  .option('--catalog <path>', 'High-risk catalog override path')
571
571
  .option('--dialogue-policy <path>', 'Dialogue governance policy override path')
572
+ .option('--dialogue-profile <name>', 'Dialogue governance profile (business-user|system-maintainer)', 'business-user')
573
+ .option('--ui-mode <name>', 'Interaction surface mode (user-app|ops-console)')
572
574
  .option('--dialogue-out <path>', 'Dialogue governance report output path')
573
575
  .option('--runtime-mode <name>', 'Runtime mode (user-assist|ops-fix|feature-dev)', 'ops-fix')
574
576
  .option('--runtime-environment <name>', 'Runtime environment (dev|staging|prod)', 'staging')
575
577
  .option('--runtime-policy <path>', 'Runtime mode/environment policy override path')
576
578
  .option('--runtime-out <path>', 'Runtime policy evaluation output path')
579
+ .option('--authorization-tier-policy <path>', 'Authorization tier policy override path')
580
+ .option('--authorization-tier-out <path>', 'Authorization tier evaluation output path')
577
581
  .option('--context-contract <path>', 'Context contract override path for interactive intent build')
578
582
  .option('--no-strict-contract', 'Do not fail when context contract validation has issues')
579
583
  .option('--moqui-config <path>', 'Moqui adapter runtime config path')
@@ -582,7 +586,10 @@ function registerSceneCommands(program) {
582
586
  .option('--work-order-out <path>', 'Work-order JSON output file path')
583
587
  .option('--work-order-markdown-out <path>', 'Work-order markdown output file path')
584
588
  .option('--approval-actor <id>', 'Approval workflow actor')
589
+ .option('--approval-actor-role <name>', 'Approval workflow actor role')
585
590
  .option('--approver-actor <id>', 'Auto-approve actor')
591
+ .option('--approver-actor-role <name>', 'Auto-approve actor role')
592
+ .option('--approval-role-policy <path>', 'Approval role policy JSON path')
586
593
  .option('--skip-submit', 'Skip approval submit step')
587
594
  .option('--auto-approve-low-risk', 'Auto-approve low-risk allow plans')
588
595
  .option('--auto-execute-low-risk', 'Auto-run low-risk apply for allow+low plans')
@@ -633,11 +640,15 @@ function registerSceneCommands(program) {
633
640
  .option('--policy <path>', 'Guardrail policy override path')
634
641
  .option('--catalog <path>', 'High-risk catalog override path')
635
642
  .option('--dialogue-policy <path>', 'Dialogue governance policy override path')
643
+ .option('--dialogue-profile <name>', 'Dialogue governance profile (business-user|system-maintainer)', 'business-user')
644
+ .option('--ui-mode <name>', 'Interaction surface mode (user-app|ops-console)')
636
645
  .option('--dialogue-out <path>', 'Dialogue governance report output path')
637
646
  .option('--runtime-mode <name>', 'Runtime mode (user-assist|ops-fix|feature-dev)', 'ops-fix')
638
647
  .option('--runtime-environment <name>', 'Runtime environment (dev|staging|prod)', 'staging')
639
648
  .option('--runtime-policy <path>', 'Runtime mode/environment policy override path')
640
649
  .option('--runtime-out <path>', 'Runtime policy evaluation output path')
650
+ .option('--authorization-tier-policy <path>', 'Authorization tier policy override path')
651
+ .option('--authorization-tier-out <path>', 'Authorization tier evaluation output path')
641
652
  .option('--context-contract <path>', 'Context contract override path')
642
653
  .option('--no-strict-contract', 'Do not fail when context contract validation has issues')
643
654
  .option('--moqui-config <path>', 'Moqui adapter runtime config path')
@@ -649,7 +660,10 @@ function registerSceneCommands(program) {
649
660
  .option('--work-order-markdown-out <path>', 'Work-order markdown output file path')
650
661
  .option('--out <path>', 'Flow summary output file path')
651
662
  .option('--approval-actor <id>', 'Approval workflow actor')
663
+ .option('--approval-actor-role <name>', 'Approval workflow actor role')
652
664
  .option('--approver-actor <id>', 'Auto-approve actor')
665
+ .option('--approver-actor-role <name>', 'Auto-approve actor role')
666
+ .option('--approval-role-policy <path>', 'Approval role policy JSON path')
653
667
  .option('--skip-submit', 'Skip approval submit step')
654
668
  .option('--auto-approve-low-risk', 'Auto-approve low-risk allow plans')
655
669
  .option('--auto-execute-low-risk', 'Auto-run low-risk apply for allow+low plans')
@@ -11150,11 +11164,15 @@ function normalizeSceneInteractiveFlowOptions(options = {}) {
11150
11164
  policy: options.policy ? String(options.policy).trim() : undefined,
11151
11165
  catalog: options.catalog ? String(options.catalog).trim() : undefined,
11152
11166
  dialoguePolicy: options.dialoguePolicy ? String(options.dialoguePolicy).trim() : undefined,
11167
+ dialogueProfile: options.dialogueProfile ? String(options.dialogueProfile).trim().toLowerCase() : 'business-user',
11168
+ uiMode: options.uiMode ? String(options.uiMode).trim().toLowerCase() : undefined,
11153
11169
  dialogueOut: options.dialogueOut ? String(options.dialogueOut).trim() : undefined,
11154
11170
  runtimeMode: options.runtimeMode ? String(options.runtimeMode).trim().toLowerCase() : 'ops-fix',
11155
11171
  runtimeEnvironment: options.runtimeEnvironment ? String(options.runtimeEnvironment).trim().toLowerCase() : 'staging',
11156
11172
  runtimePolicy: options.runtimePolicy ? String(options.runtimePolicy).trim() : undefined,
11157
11173
  runtimeOut: options.runtimeOut ? String(options.runtimeOut).trim() : undefined,
11174
+ authorizationTierPolicy: options.authorizationTierPolicy ? String(options.authorizationTierPolicy).trim() : undefined,
11175
+ authorizationTierOut: options.authorizationTierOut ? String(options.authorizationTierOut).trim() : undefined,
11158
11176
  contextContract: options.contextContract ? String(options.contextContract).trim() : undefined,
11159
11177
  strictContract: options.strictContract !== false,
11160
11178
  moquiConfig: options.moquiConfig ? String(options.moquiConfig).trim() : undefined,
@@ -11166,7 +11184,10 @@ function normalizeSceneInteractiveFlowOptions(options = {}) {
11166
11184
  bridgeOutContext: options.bridgeOutContext ? String(options.bridgeOutContext).trim() : undefined,
11167
11185
  bridgeOutReport: options.bridgeOutReport ? String(options.bridgeOutReport).trim() : undefined,
11168
11186
  approvalActor: options.approvalActor ? String(options.approvalActor).trim() : undefined,
11187
+ approvalActorRole: options.approvalActorRole ? String(options.approvalActorRole).trim().toLowerCase() : undefined,
11169
11188
  approverActor: options.approverActor ? String(options.approverActor).trim() : undefined,
11189
+ approverActorRole: options.approverActorRole ? String(options.approverActorRole).trim().toLowerCase() : undefined,
11190
+ approvalRolePolicy: options.approvalRolePolicy ? String(options.approvalRolePolicy).trim() : undefined,
11170
11191
  skipSubmit: options.skipSubmit === true,
11171
11192
  autoApproveLowRisk: options.autoApproveLowRisk === true,
11172
11193
  autoExecuteLowRisk: options.autoExecuteLowRisk === true,
@@ -11215,6 +11236,13 @@ function validateSceneInteractiveFlowOptions(options) {
11215
11236
  if (!['suggestion', 'apply'].includes(String(options.executionMode || '').trim())) {
11216
11237
  return '--execution-mode must be suggestion or apply';
11217
11238
  }
11239
+ const dialogueProfile = String(options.dialogueProfile || 'business-user').trim().toLowerCase();
11240
+ if (!['business-user', 'system-maintainer'].includes(dialogueProfile)) {
11241
+ return '--dialogue-profile must be one of: business-user, system-maintainer';
11242
+ }
11243
+ if (options.uiMode !== undefined && !['user-app', 'ops-console'].includes(String(options.uiMode).trim().toLowerCase())) {
11244
+ return '--ui-mode must be one of: user-app, ops-console';
11245
+ }
11218
11246
  if (!['user-assist', 'ops-fix', 'feature-dev'].includes(String(options.runtimeMode || '').trim().toLowerCase())) {
11219
11247
  return '--runtime-mode must be one of: user-assist, ops-fix, feature-dev';
11220
11248
  }
@@ -11264,11 +11292,15 @@ function normalizeSceneInteractiveLoopOptions(options = {}) {
11264
11292
  policy: options.policy ? String(options.policy).trim() : undefined,
11265
11293
  catalog: options.catalog ? String(options.catalog).trim() : undefined,
11266
11294
  dialoguePolicy: options.dialoguePolicy ? String(options.dialoguePolicy).trim() : undefined,
11295
+ dialogueProfile: options.dialogueProfile ? String(options.dialogueProfile).trim().toLowerCase() : 'business-user',
11296
+ uiMode: options.uiMode ? String(options.uiMode).trim().toLowerCase() : undefined,
11267
11297
  dialogueOut: options.dialogueOut ? String(options.dialogueOut).trim() : undefined,
11268
11298
  runtimeMode: options.runtimeMode ? String(options.runtimeMode).trim().toLowerCase() : 'ops-fix',
11269
11299
  runtimeEnvironment: options.runtimeEnvironment ? String(options.runtimeEnvironment).trim().toLowerCase() : 'staging',
11270
11300
  runtimePolicy: options.runtimePolicy ? String(options.runtimePolicy).trim() : undefined,
11271
11301
  runtimeOut: options.runtimeOut ? String(options.runtimeOut).trim() : undefined,
11302
+ authorizationTierPolicy: options.authorizationTierPolicy ? String(options.authorizationTierPolicy).trim() : undefined,
11303
+ authorizationTierOut: options.authorizationTierOut ? String(options.authorizationTierOut).trim() : undefined,
11272
11304
  contextContract: options.contextContract ? String(options.contextContract).trim() : undefined,
11273
11305
  strictContract: options.strictContract !== false,
11274
11306
  moquiConfig: options.moquiConfig ? String(options.moquiConfig).trim() : undefined,
@@ -11277,7 +11309,10 @@ function normalizeSceneInteractiveLoopOptions(options = {}) {
11277
11309
  workOrderOut: options.workOrderOut ? String(options.workOrderOut).trim() : undefined,
11278
11310
  workOrderMarkdownOut: options.workOrderMarkdownOut ? String(options.workOrderMarkdownOut).trim() : undefined,
11279
11311
  approvalActor: options.approvalActor ? String(options.approvalActor).trim() : undefined,
11312
+ approvalActorRole: options.approvalActorRole ? String(options.approvalActorRole).trim().toLowerCase() : undefined,
11280
11313
  approverActor: options.approverActor ? String(options.approverActor).trim() : undefined,
11314
+ approverActorRole: options.approverActorRole ? String(options.approverActorRole).trim().toLowerCase() : undefined,
11315
+ approvalRolePolicy: options.approvalRolePolicy ? String(options.approvalRolePolicy).trim() : undefined,
11281
11316
  skipSubmit: options.skipSubmit === true,
11282
11317
  autoApproveLowRisk: options.autoApproveLowRisk === true,
11283
11318
  autoExecuteLowRisk: options.autoExecuteLowRisk === true,
@@ -11310,6 +11345,13 @@ function validateSceneInteractiveLoopOptions(options) {
11310
11345
  if (!['suggestion', 'apply'].includes(String(options.executionMode || '').trim())) {
11311
11346
  return '--execution-mode must be suggestion or apply';
11312
11347
  }
11348
+ const dialogueProfile = String(options.dialogueProfile || 'business-user').trim().toLowerCase();
11349
+ if (!['business-user', 'system-maintainer'].includes(dialogueProfile)) {
11350
+ return '--dialogue-profile must be one of: business-user, system-maintainer';
11351
+ }
11352
+ if (options.uiMode !== undefined && !['user-app', 'ops-console'].includes(String(options.uiMode).trim().toLowerCase())) {
11353
+ return '--ui-mode must be one of: user-app, ops-console';
11354
+ }
11313
11355
  if (!['user-assist', 'ops-fix', 'feature-dev'].includes(String(options.runtimeMode || '').trim().toLowerCase())) {
11314
11356
  return '--runtime-mode must be one of: user-assist, ops-fix, feature-dev';
11315
11357
  }
@@ -11608,6 +11650,12 @@ async function runSceneInteractiveFlowCommand(rawOptions = {}, dependencies = {}
11608
11650
  if (options.dialoguePolicy) {
11609
11651
  args.push('--dialogue-policy', options.dialoguePolicy);
11610
11652
  }
11653
+ if (options.dialogueProfile) {
11654
+ args.push('--dialogue-profile', options.dialogueProfile);
11655
+ }
11656
+ if (options.uiMode) {
11657
+ args.push('--ui-mode', options.uiMode);
11658
+ }
11611
11659
  if (options.dialogueOut) {
11612
11660
  args.push('--dialogue-out', options.dialogueOut);
11613
11661
  }
@@ -11623,6 +11671,12 @@ async function runSceneInteractiveFlowCommand(rawOptions = {}, dependencies = {}
11623
11671
  if (options.runtimeOut) {
11624
11672
  args.push('--runtime-out', options.runtimeOut);
11625
11673
  }
11674
+ if (options.authorizationTierPolicy) {
11675
+ args.push('--authorization-tier-policy', options.authorizationTierPolicy);
11676
+ }
11677
+ if (options.authorizationTierOut) {
11678
+ args.push('--authorization-tier-out', options.authorizationTierOut);
11679
+ }
11626
11680
  if (options.contextContract) {
11627
11681
  args.push('--context-contract', options.contextContract);
11628
11682
  }
@@ -11656,9 +11710,18 @@ async function runSceneInteractiveFlowCommand(rawOptions = {}, dependencies = {}
11656
11710
  if (options.approvalActor) {
11657
11711
  args.push('--approval-actor', options.approvalActor);
11658
11712
  }
11713
+ if (options.approvalActorRole) {
11714
+ args.push('--approval-actor-role', options.approvalActorRole);
11715
+ }
11659
11716
  if (options.approverActor) {
11660
11717
  args.push('--approver-actor', options.approverActor);
11661
11718
  }
11719
+ if (options.approverActorRole) {
11720
+ args.push('--approver-actor-role', options.approverActorRole);
11721
+ }
11722
+ if (options.approvalRolePolicy) {
11723
+ args.push('--approval-role-policy', options.approvalRolePolicy);
11724
+ }
11662
11725
  if (options.skipSubmit) {
11663
11726
  args.push('--skip-submit');
11664
11727
  }
@@ -11833,6 +11896,12 @@ async function runSceneInteractiveLoopCommand(rawOptions = {}, dependencies = {}
11833
11896
  if (options.dialoguePolicy) {
11834
11897
  args.push('--dialogue-policy', options.dialoguePolicy);
11835
11898
  }
11899
+ if (options.dialogueProfile) {
11900
+ args.push('--dialogue-profile', options.dialogueProfile);
11901
+ }
11902
+ if (options.uiMode) {
11903
+ args.push('--ui-mode', options.uiMode);
11904
+ }
11836
11905
  if (options.dialogueOut) {
11837
11906
  args.push('--dialogue-out', options.dialogueOut);
11838
11907
  }
@@ -11848,6 +11917,12 @@ async function runSceneInteractiveLoopCommand(rawOptions = {}, dependencies = {}
11848
11917
  if (options.runtimeOut) {
11849
11918
  args.push('--runtime-out', options.runtimeOut);
11850
11919
  }
11920
+ if (options.authorizationTierPolicy) {
11921
+ args.push('--authorization-tier-policy', options.authorizationTierPolicy);
11922
+ }
11923
+ if (options.authorizationTierOut) {
11924
+ args.push('--authorization-tier-out', options.authorizationTierOut);
11925
+ }
11851
11926
  if (options.contextContract) {
11852
11927
  args.push('--context-contract', options.contextContract);
11853
11928
  }
@@ -11872,9 +11947,18 @@ async function runSceneInteractiveLoopCommand(rawOptions = {}, dependencies = {}
11872
11947
  if (options.approvalActor) {
11873
11948
  args.push('--approval-actor', options.approvalActor);
11874
11949
  }
11950
+ if (options.approvalActorRole) {
11951
+ args.push('--approval-actor-role', options.approvalActorRole);
11952
+ }
11875
11953
  if (options.approverActor) {
11876
11954
  args.push('--approver-actor', options.approverActor);
11877
11955
  }
11956
+ if (options.approverActorRole) {
11957
+ args.push('--approver-actor-role', options.approverActorRole);
11958
+ }
11959
+ if (options.approvalRolePolicy) {
11960
+ args.push('--approval-role-policy', options.approvalRolePolicy);
11961
+ }
11878
11962
  if (options.skipSubmit) {
11879
11963
  args.push('--skip-submit');
11880
11964
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "scene-capability-engine",
3
- "version": "3.1.0",
3
+ "version": "3.3.1",
4
4
  "description": "SCE (Scene Capability Engine) - A CLI tool and npm package for spec-driven development with AI coding assistants.",
5
5
  "main": "index.js",
6
6
  "bin": {