sdd-cli 0.1.0 → 0.1.3

package/dist/ui/prompt.js

@@ -4,6 +4,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ask = ask;
+exports.askProjectName = askProjectName;
 exports.confirm = confirm;
 const fs_1 = __importDefault(require("fs"));
 const readline_1 = __importDefault(require("readline"));
@@ -38,6 +39,13 @@ function ask(question) {
         });
     });
 }
+async function askProjectName(prompt = "Project name: ") {
+    const flags = (0, flags_1.getFlags)();
+    if (flags.project && flags.project.trim().length > 0) {
+        return flags.project.trim();
+    }
+    return ask(prompt);
+}
 async function confirm(question) {
     const flags = (0, flags_1.getFlags)();
     if (flags.approve) {

package/dist/validation/gates.d.ts

@@ -0,0 +1,19 @@
+type RequirementPayload = {
+    objective?: string;
+    scope?: {
+        in?: string[];
+        out?: string[];
+    };
+    acceptanceCriteria?: string[];
+    nfrs?: {
+        security?: string;
+        performance?: string;
+        availability?: string;
+    };
+};
+export type GateResult = {
+    ok: boolean;
+    missing: string[];
+};
+export declare function checkRequirementGates(payload: RequirementPayload): GateResult;
+export {};

package/dist/validation/gates.js

@@ -0,0 +1,41 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkRequirementGates = checkRequirementGates;
+function isMissingText(value) {
+    if (!value) {
+        return true;
+    }
+    const trimmed = value.trim();
+    return trimmed.length === 0 || trimmed.toUpperCase() === "N/A";
+}
+function isMissingList(values) {
+    if (!values || values.length === 0) {
+        return true;
+    }
+    return values.every((value) => isMissingText(value));
+}
+function checkRequirementGates(payload) {
+    const missing = [];
+    if (isMissingText(payload.objective)) {
+        missing.push("objective");
+    }
+    if (isMissingList(payload.scope?.in)) {
+        missing.push("scope.in");
+    }
+    if (isMissingList(payload.scope?.out)) {
+        missing.push("scope.out");
+    }
+    if (isMissingList(payload.acceptanceCriteria)) {
+        missing.push("acceptanceCriteria");
+    }
+    if (isMissingText(payload.nfrs?.security)) {
+        missing.push("nfrs.security");
+    }
+    if (isMissingText(payload.nfrs?.performance)) {
+        missing.push("nfrs.performance");
+    }
+    if (isMissingText(payload.nfrs?.availability)) {
+        missing.push("nfrs.availability");
+    }
+    return { ok: missing.length === 0, missing };
+}

package/dist/validation/validate.js

@@ -8,12 +8,32 @@ const fs_1 = __importDefault(require("fs"));
 const path_1 = __importDefault(require("path"));
 const _2020_1 = __importDefault(require("ajv/dist/2020"));
 const paths_1 = require("../paths");
+function loadSchemas(root) {
+    const schemaDir = path_1.default.join(root, "schemas");
+    const schemaFiles = fs_1.default.readdirSync(schemaDir).filter((file) => file.endsWith(".schema.json"));
+    const schemas = new Map();
+    for (const file of schemaFiles) {
+        const schemaPath = path_1.default.join(schemaDir, file);
+        const schema = JSON.parse(fs_1.default.readFileSync(schemaPath, "utf-8"));
+        if (!schema.$id) {
+            schema.$id = file;
+        }
+        schemas.set(file, schema);
+    }
+    return schemas;
+}
 function validateJson(schemaFile, data) {
     const root = (0, paths_1.getRepoRoot)();
-    const schemaPath = path_1.default.join(root, "schemas", schemaFile);
-    const schema = JSON.parse(fs_1.default.readFileSync(schemaPath, "utf-8"));
-    const ajv = new _2020_1.default();
-    const validate = ajv.compile(schema);
+    const schemas = loadSchemas(root);
+    const ajv = new _2020_1.default({ allErrors: true });
+    for (const schema of schemas.values()) {
+        const candidate = schema;
+        ajv.addSchema(candidate, candidate.$id);
+    }
+    const validate = ajv.getSchema(schemaFile);
+    if (!validate) {
+        return { valid: false, errors: [`Schema not found: ${schemaFile}`] };
+    }
     const valid = validate(data);
     const errors = (validate.errors ?? []).map((error) => `${error.instancePath} ${error.message}`.trim());
     return { valid: Boolean(valid), errors };

package/dist/workspace/index.d.ts

@@ -13,8 +13,14 @@ export type WorkspaceInfo = {
     root: string;
     indexPath: string;
 };
+export type ProjectInfo = {
+    name: string;
+    root: string;
+};
 export declare function getWorkspaceInfo(): WorkspaceInfo;
 export declare function ensureWorkspace(workspace: WorkspaceInfo): void;
+export declare function normalizeProjectName(name: string): string;
+export declare function getProjectInfo(workspace: WorkspaceInfo, name: string): ProjectInfo;
 export declare function listProjects(workspace: WorkspaceInfo): ProjectSummary[];
 export declare function ensureProject(workspace: WorkspaceInfo, name: string, domain: string): ProjectMetadata;
 export declare function createProject(workspace: WorkspaceInfo, name: string, domain: string): ProjectMetadata;

package/dist/workspace/index.js

@@ -5,6 +5,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getWorkspaceInfo = getWorkspaceInfo;
 exports.ensureWorkspace = ensureWorkspace;
+exports.normalizeProjectName = normalizeProjectName;
+exports.getProjectInfo = getProjectInfo;
 exports.listProjects = listProjects;
 exports.ensureProject = ensureProject;
 exports.createProject = createProject;
@@ -12,10 +14,14 @@ exports.updateProjectStatus = updateProjectStatus;
 const fs_1 = __importDefault(require("fs"));
 const path_1 = __importDefault(require("path"));
 const os_1 = __importDefault(require("os"));
+const flags_1 = require("../context/flags");
 function getWorkspaceInfo() {
-    const root = process.env.APPDATA
-        ? path_1.default.join(process.env.APPDATA, "sdd-tool", "workspaces")
-        : path_1.default.join(os_1.default.homedir(), ".config", "sdd-tool", "workspaces");
+    const flags = (0, flags_1.getFlags)();
+    const root = flags.output
+        ? path_1.default.resolve(flags.output)
+        : process.env.APPDATA
+            ? path_1.default.join(process.env.APPDATA, "sdd-cli", "workspaces")
+            : path_1.default.join(os_1.default.homedir(), ".config", "sdd-cli", "workspaces");
     const indexPath = path_1.default.join(root, "workspaces.json");
     return { root, indexPath };
 }
@@ -28,6 +34,29 @@ function ensureWorkspace(workspace) {
         fs_1.default.writeFileSync(workspace.indexPath, JSON.stringify(emptyIndex, null, 2), "utf-8");
     }
 }
+function normalizeProjectName(name) {
+    const trimmed = name.trim();
+    if (!trimmed) {
+        throw new Error("Project name is required.");
+    }
+    if (trimmed.includes("..") || trimmed.includes("/") || trimmed.includes("\\")) {
+        throw new Error("Project name cannot contain path separators.");
+    }
+    if (!/^[A-Za-z0-9][A-Za-z0-9 _-]*$/.test(trimmed)) {
+        throw new Error("Project name must use letters, numbers, spaces, '-' or '_' only.");
+    }
+    return trimmed;
+}
+function getProjectInfo(workspace, name) {
+    const normalized = normalizeProjectName(name);
+    const resolvedRoot = path_1.default.resolve(workspace.root);
+    const projectRoot = path_1.default.resolve(workspace.root, normalized);
+    const rootPrefix = `${resolvedRoot}${path_1.default.sep}`;
+    if (projectRoot !== resolvedRoot && !projectRoot.startsWith(rootPrefix)) {
+        throw new Error("Project name resolves outside the workspace.");
+    }
+    return { name: normalized, root: projectRoot };
+}
 function listProjects(workspace) {
     if (!fs_1.default.existsSync(workspace.indexPath)) {
         return [];
@@ -41,7 +70,8 @@ function listProjects(workspace) {
 }
 function ensureProject(workspace, name, domain) {
     ensureWorkspace(workspace);
-    const projectRoot = path_1.default.join(workspace.root, name);
+    const project = getProjectInfo(workspace, name);
+    const projectRoot = project.root;
     if (!fs_1.default.existsSync(projectRoot)) {
         fs_1.default.mkdirSync(projectRoot, { recursive: true });
     }
@@ -55,7 +85,7 @@ function ensureProject(workspace, name, domain) {
     else {
         const now = new Date().toISOString();
         metadata = {
-            name,
+            name: project.name,
             status: "backlog",
             domain,
             createdAt: now,
@@ -66,12 +96,12 @@ function ensureProject(workspace, name, domain) {
     const indexRaw = fs_1.default.readFileSync(workspace.indexPath, "utf-8");
     const index = JSON.parse(indexRaw);
     index.projects = index.projects ?? [];
-    const existing = index.projects.find((project) => project.name === name);
+    const existing = index.projects.find((entry) => entry.name === project.name);
     if (existing) {
         existing.status = metadata.status;
     }
     else {
-        index.projects.push({ name, status: metadata.status });
+        index.projects.push({ name: metadata.name, status: metadata.status });
     }
     fs_1.default.writeFileSync(workspace.indexPath, JSON.stringify(index, null, 2), "utf-8");
     return metadata;
@@ -81,18 +111,19 @@ function createProject(workspace, name, domain) {
 }
 function updateProjectStatus(workspace, name, status) {
     ensureWorkspace(workspace);
+    const project = getProjectInfo(workspace, name);
     const indexRaw = fs_1.default.readFileSync(workspace.indexPath, "utf-8");
     const index = JSON.parse(indexRaw);
     index.projects = index.projects ?? [];
-    const existing = index.projects.find((project) => project.name === name);
+    const existing = index.projects.find((entry) => entry.name === project.name);
     if (existing) {
         existing.status = status;
     }
     else {
-        index.projects.push({ name, status });
+        index.projects.push({ name: project.name, status });
     }
     fs_1.default.writeFileSync(workspace.indexPath, JSON.stringify(index, null, 2), "utf-8");
-    const projectRoot = path_1.default.join(workspace.root, name);
+    const projectRoot = project.root;
     const metadataPath = path_1.default.join(projectRoot, "metadata.json");
     if (fs_1.default.existsSync(metadataPath)) {
         const metadata = JSON.parse(fs_1.default.readFileSync(metadataPath, "utf-8"));

package/flows/ADMISSIONS_ADMIN.md

@@ -1,33 +1,34 @@
-# Flow: Admissions admin
-
-## Goal
-Manage applications, documents, approvals, and communication with clear audit trails.
-
-## Discovery prompts
-- What application stages exist (submitted, reviewed, approved, waitlist)?
-- What documents are required and how are they verified?
-- Who has approval authority and what rules apply?
-- Are there quotas or priority rules?
-- What integrations exist (email, CRM, identity verification)?
-
-## Required artifacts
-- `requirement.md` with eligibility and decision rules
-- `functional-spec.md` for intake, review, and decision workflows
-- `technical-spec.md` for document verification and notifications
-- `architecture.md` including workflow engine and queueing
-- `test-plan.md` for fairness and correctness checks
-
-## Risk and compliance
-- Data privacy and retention
-- Bias and fairness risks
-- Auditability for decisions
-
-## Acceptance criteria examples
-- Every decision is traceable to a reviewer and criteria.
-- Documents cannot be edited without history tracking.
-- Applicants get status updates within defined time windows.
-
-## Recommended outputs
-- Application pipeline dashboard
-- Document verification checklist
-- Decision audit report
+# Flow: Admissions admin
+
+## Goal
+Manage applications, documents, approvals, and communication with clear audit trails.
+
+## Discovery prompts
+- What application stages exist (submitted, reviewed, approved, waitlist)?
+- What documents are required and how are they verified?
+- Who has approval authority and what rules apply?
+- Are there quotas or priority rules?
+- What integrations exist (email, CRM, identity verification)?
+
+## Required artifacts
+- `requirement.md` with eligibility and decision rules
+- `functional-spec.md` for intake, review, and decision workflows
+- `technical-spec.md` for document verification and notifications
+- `docs/ARCHITECTURE.md` including workflow engine and queueing
+- `test-plan.md` for fairness and correctness checks
+
+## Risk and compliance
+- Data privacy and retention
+- Bias and fairness risks
+- Auditability for decisions
+
+## Acceptance criteria examples
+- Every decision is traceable to a reviewer and criteria.
+- Documents cannot be edited without history tracking.
+- Applicants get status updates within defined time windows.
+
+## Recommended outputs
+- Application pipeline dashboard
+- Document verification checklist
+- Decision audit report
+

package/flows/ART.md

@@ -1,33 +1,34 @@
-# Flow: Art project
-
-## Goal
-Create an art piece or series with a clear concept, process, and critique cycle.
-
-## Discovery prompts
-- What is the concept or theme?
-- What medium and format are required?
-- What is the audience or exhibition context?
-- What is the timeline and budget?
-- What references or inspirations apply?
-
-## Required artifacts
-- `requirement.md` with concept and constraints
-- `functional-spec.md` for narrative or interaction flow
-- `technical-spec.md` for materials and production steps
-- `architecture.md` for series structure or installation layout
-- `test-plan.md` for critique and iteration checkpoints
-
-## Risk and compliance
-- Material constraints and safety
-- Copyright and reference usage
-- Delivery and installation risks
-
-## Acceptance criteria examples
-- Concept is clear and articulated.
-- Production steps are feasible in the timeline.
-- Final piece aligns with exhibition constraints.
-
-## Recommended outputs
-- Concept brief
-- Production plan
-- Critique log
+# Flow: Art project
+
+## Goal
+Create an art piece or series with a clear concept, process, and critique cycle.
+
+## Discovery prompts
+- What is the concept or theme?
+- What medium and format are required?
+- What is the audience or exhibition context?
+- What is the timeline and budget?
+- What references or inspirations apply?
+
+## Required artifacts
+- `requirement.md` with concept and constraints
+- `functional-spec.md` for narrative or interaction flow
+- `technical-spec.md` for materials and production steps
+- `docs/ARCHITECTURE.md` for series structure or installation layout
+- `test-plan.md` for critique and iteration checkpoints
+
+## Risk and compliance
+- Material constraints and safety
+- Copyright and reference usage
+- Delivery and installation risks
+
+## Acceptance criteria examples
+- Concept is clear and articulated.
+- Production steps are feasible in the timeline.
+- Final piece aligns with exhibition constraints.
+
+## Recommended outputs
+- Concept brief
+- Production plan
+- Critique log
+

package/flows/COURT_SYSTEM.md

@@ -1,33 +1,34 @@
-# Flow: Court system
-
-## Goal
-Manage case intake, hearings, rulings, and records with strict auditability and compliance.
-
-## Discovery prompts
-- What case types and jurisdictions are included?
-- What rules govern access and privacy?
-- What is the expected SLA for filings and responses?
-- What are the archival and retention requirements?
-- What integrations exist with external justice systems?
-
-## Required artifacts
-- `requirement.md` with legal constraints and actors
-- `functional-spec.md` for filing, scheduling, and ruling flows
-- `technical-spec.md` for access control and audit logs
-- `architecture.md` for resiliency and record management
-- `test-plan.md` for permissions and compliance verification
-
-## Risk and compliance
-- Evidence integrity and chain of custody
-- Unauthorized access risks
-- Retention and public records compliance
-
-## Acceptance criteria examples
-- All case actions are logged and immutable.
-- Access is enforced by role and jurisdiction.
-- Records can be produced for audit in minutes.
-
-## Recommended outputs
-- Court docket workflow
-- Evidence chain-of-custody log
-- Compliance audit pack
+# Flow: Court system
+
+## Goal
+Manage case intake, hearings, rulings, and records with strict auditability and compliance.
+
+## Discovery prompts
+- What case types and jurisdictions are included?
+- What rules govern access and privacy?
+- What is the expected SLA for filings and responses?
+- What are the archival and retention requirements?
+- What integrations exist with external justice systems?
+
+## Required artifacts
+- `requirement.md` with legal constraints and actors
+- `functional-spec.md` for filing, scheduling, and ruling flows
+- `technical-spec.md` for access control and audit logs
+- `docs/ARCHITECTURE.md` for resiliency and record management
+- `test-plan.md` for permissions and compliance verification
+
+## Risk and compliance
+- Evidence integrity and chain of custody
+- Unauthorized access risks
+- Retention and public records compliance
+
+## Acceptance criteria examples
+- All case actions are logged and immutable.
+- Access is enforced by role and jurisdiction.
+- Records can be produced for audit in minutes.
+
+## Recommended outputs
+- Court docket workflow
+- Evidence chain-of-custody log
+- Compliance audit pack
+

package/flows/DATA_SCIENTIST.md

@@ -1,33 +1,34 @@
-# Flow: Data scientist
-
-## Goal
-Deliver a data product or model with reproducible experiments and measurable impact.
-
-## Discovery prompts
-- What business or research question are we answering?
-- What data sources exist and what is their quality?
-- What are the target metrics (accuracy, recall, ROI)?
-- What constraints exist (latency, cost, fairness)?
-- How will the model be monitored post-release?
-
-## Required artifacts
-- `requirement.md` with objective and success metrics
-- `functional-spec.md` for data flows and user interactions
-- `technical-spec.md` for pipelines, features, and infra
-- `architecture.md` for data storage and serving
-- `test-plan.md` for data validation and model evaluation
-
-## Risk and compliance
-- Data bias and fairness
-- Privacy and consent
-- Model drift and monitoring gaps
-
-## Acceptance criteria examples
-- Model meets minimum metric thresholds.
-- Data validation passes for all critical datasets.
-- Monitoring alerts exist for drift and anomalies.
-
-## Recommended outputs
-- Feature catalog
-- Experiment tracking plan
-- Model card summary
+# Flow: Data scientist
+
+## Goal
+Deliver a data product or model with reproducible experiments and measurable impact.
+
+## Discovery prompts
+- What business or research question are we answering?
+- What data sources exist and what is their quality?
+- What are the target metrics (accuracy, recall, ROI)?
+- What constraints exist (latency, cost, fairness)?
+- How will the model be monitored post-release?
+
+## Required artifacts
+- `requirement.md` with objective and success metrics
+- `functional-spec.md` for data flows and user interactions
+- `technical-spec.md` for pipelines, features, and infra
+- `docs/ARCHITECTURE.md` for data storage and serving
+- `test-plan.md` for data validation and model evaluation
+
+## Risk and compliance
+- Data bias and fairness
+- Privacy and consent
+- Model drift and monitoring gaps
+
+## Acceptance criteria examples
+- Model meets minimum metric thresholds.
+- Data validation passes for all critical datasets.
+- Monitoring alerts exist for drift and anomalies.
+
+## Recommended outputs
+- Feature catalog
+- Experiment tracking plan
+- Model card summary
+

package/flows/ECOMMERCE.md

@@ -1,33 +1,34 @@
-# Flow: Ecommerce
-
-## Goal
-Build or extend an ecommerce platform with reliable checkout and inventory integrity.
-
-## Discovery prompts
-- What products and catalog rules exist?
-- What payment providers are used?
-- What are peak traffic expectations?
-- What are return/refund rules?
-- What are compliance requirements (PCI, taxes)?
-
-## Required artifacts
-- `requirement.md` with revenue and conversion goals
-- `functional-spec.md` for browse, cart, checkout, returns
-- `technical-spec.md` for payment and order integrations
-- `architecture.md` for scaling and availability
-- `test-plan.md` for checkout and payment validation
-
-## Risk and compliance
-- Payment failures and data leakage
-- Inventory inconsistencies
-- Peak traffic and downtime
-
-## Acceptance criteria examples
-- Checkout success rate above threshold.
-- Inventory updates are consistent across channels.
-- Payment data never stored in plaintext.
-
-## Recommended outputs
-- Checkout flow diagram
-- Fraud prevention checklist
-- Post-purchase email templates
+# Flow: Ecommerce
+
+## Goal
+Build or extend an ecommerce platform with reliable checkout and inventory integrity.
+
+## Discovery prompts
+- What products and catalog rules exist?
+- What payment providers are used?
+- What are peak traffic expectations?
+- What are return/refund rules?
+- What are compliance requirements (PCI, taxes)?
+
+## Required artifacts
+- `requirement.md` with revenue and conversion goals
+- `functional-spec.md` for browse, cart, checkout, returns
+- `technical-spec.md` for payment and order integrations
+- `docs/ARCHITECTURE.md` for scaling and availability
+- `test-plan.md` for checkout and payment validation
+
+## Risk and compliance
+- Payment failures and data leakage
+- Inventory inconsistencies
+- Peak traffic and downtime
+
+## Acceptance criteria examples
+- Checkout success rate above threshold.
+- Inventory updates are consistent across channels.
+- Payment data never stored in plaintext.
+
+## Recommended outputs
+- Checkout flow diagram
+- Fraud prevention checklist
+- Post-purchase email templates
+

package/flows/ECONOMICS.md

@@ -1,33 +1,34 @@
-# Flow: Economics / policy analysis
-
-## Goal
-Analyze economic scenarios or policy impacts with clear assumptions and models.
-
-## Discovery prompts
-- What policy or market question is being analyzed?
-- What scope and geography are covered?
-- What time horizon is relevant?
-- What data sources or models are required?
-- What stakeholders need the results?
-
-## Required artifacts
-- `requirement.md` with objectives and constraints
-- `functional-spec.md` for analysis flow and outputs
-- `technical-spec.md` for models and datasets
-- `architecture.md` for data pipeline and reporting
-- `test-plan.md` for sensitivity and robustness checks
-
-## Risk and compliance
-- Model assumptions and bias
-- Data quality issues
-- Overconfidence in forecasts
-
-## Acceptance criteria examples
-- Assumptions are explicit and defensible.
-- Sensitivity analysis is included.
-- Results are reproducible.
-
-## Recommended outputs
-- Assumptions log
-- Scenario matrix
-- Executive summary
+# Flow: Economics / policy analysis
+
+## Goal
+Analyze economic scenarios or policy impacts with clear assumptions and models.
+
+## Discovery prompts
+- What policy or market question is being analyzed?
+- What scope and geography are covered?
+- What time horizon is relevant?
+- What data sources or models are required?
+- What stakeholders need the results?
+
+## Required artifacts
+- `requirement.md` with objectives and constraints
+- `functional-spec.md` for analysis flow and outputs
+- `technical-spec.md` for models and datasets
+- `docs/ARCHITECTURE.md` for data pipeline and reporting
+- `test-plan.md` for sensitivity and robustness checks
+
+## Risk and compliance
+- Model assumptions and bias
+- Data quality issues
+- Overconfidence in forecasts
+
+## Acceptance criteria examples
+- Assumptions are explicit and defensible.
+- Sensitivity analysis is included.
+- Results are reproducible.
+
+## Recommended outputs
+- Assumptions log
+- Scenario matrix
+- Executive summary
+