sentinelayer-cli 0.1.2 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (127) hide show
  1. package/README.md +996 -996
  2. package/bin/create-sentinelayer.js +5 -5
  3. package/bin/sentinelayer-cli.js +4 -4
  4. package/bin/sl.js +5 -5
  5. package/package.json +62 -54
  6. package/src/agents/jules/config/definition.js +209 -209
  7. package/src/agents/jules/config/system-prompt.js +175 -175
  8. package/src/agents/jules/error-intake.js +51 -51
  9. package/src/agents/jules/fix-cycle.js +377 -377
  10. package/src/agents/jules/loop.js +367 -367
  11. package/src/agents/jules/pulse.js +319 -319
  12. package/src/agents/jules/stream.js +186 -186
  13. package/src/agents/jules/swarm/file-scanner.js +74 -74
  14. package/src/agents/jules/swarm/index.js +11 -11
  15. package/src/agents/jules/swarm/orchestrator.js +362 -362
  16. package/src/agents/jules/swarm/pattern-hunter.js +123 -123
  17. package/src/agents/jules/swarm/sub-agent.js +308 -308
  18. package/src/agents/jules/tools/auth-audit.js +226 -222
  19. package/src/agents/jules/tools/dispatch.js +327 -327
  20. package/src/agents/jules/tools/file-edit.js +180 -180
  21. package/src/agents/jules/tools/file-read.js +100 -100
  22. package/src/agents/jules/tools/frontend-analyze.js +570 -570
  23. package/src/agents/jules/tools/glob.js +168 -168
  24. package/src/agents/jules/tools/grep.js +228 -228
  25. package/src/agents/jules/tools/index.js +29 -29
  26. package/src/agents/jules/tools/path-guards.js +161 -161
  27. package/src/agents/jules/tools/runtime-audit.js +493 -493
  28. package/src/agents/jules/tools/shell.js +383 -383
  29. package/src/ai/aidenid.js +972 -945
  30. package/src/ai/client.js +508 -508
  31. package/src/ai/domain-target-store.js +268 -268
  32. package/src/ai/identity-store.js +270 -270
  33. package/src/ai/site-store.js +145 -145
  34. package/src/audit/agents/architecture.js +180 -180
  35. package/src/audit/agents/compliance.js +179 -179
  36. package/src/audit/agents/documentation.js +165 -165
  37. package/src/audit/agents/performance.js +145 -145
  38. package/src/audit/agents/security.js +215 -215
  39. package/src/audit/agents/testing.js +172 -172
  40. package/src/audit/orchestrator.js +557 -557
  41. package/src/audit/package.js +204 -204
  42. package/src/audit/registry.js +284 -284
  43. package/src/audit/replay.js +103 -103
  44. package/src/auth/http.js +113 -113
  45. package/src/auth/service.js +891 -848
  46. package/src/auth/session-store.js +359 -345
  47. package/src/cli.js +252 -252
  48. package/src/commands/ai/identity-lifecycle.js +1338 -1337
  49. package/src/commands/ai/provision-governance.js +1272 -1246
  50. package/src/commands/ai/shared.js +147 -147
  51. package/src/commands/ai.js +11 -11
  52. package/src/commands/apply.js +12 -12
  53. package/src/commands/audit.js +1166 -1166
  54. package/src/commands/auth.js +375 -366
  55. package/src/commands/chat.js +191 -191
  56. package/src/commands/config.js +184 -184
  57. package/src/commands/cost.js +311 -311
  58. package/src/commands/daemon/core.js +850 -850
  59. package/src/commands/daemon/extended.js +1048 -1048
  60. package/src/commands/daemon/shared.js +213 -213
  61. package/src/commands/daemon.js +11 -11
  62. package/src/commands/guide.js +174 -174
  63. package/src/commands/ingest.js +58 -58
  64. package/src/commands/init.js +55 -55
  65. package/src/commands/legacy-args.js +10 -10
  66. package/src/commands/mcp.js +461 -404
  67. package/src/commands/omargate.js +15 -15
  68. package/src/commands/persona.js +20 -20
  69. package/src/commands/plugin.js +260 -260
  70. package/src/commands/policy.js +132 -132
  71. package/src/commands/prompt.js +238 -238
  72. package/src/commands/review.js +704 -704
  73. package/src/commands/scan.js +866 -788
  74. package/src/commands/spec.js +716 -716
  75. package/src/commands/swarm.js +651 -651
  76. package/src/commands/telemetry.js +202 -202
  77. package/src/commands/watch.js +510 -510
  78. package/src/config/agent-dictionary.js +182 -182
  79. package/src/config/io.js +56 -56
  80. package/src/config/paths.js +18 -18
  81. package/src/config/schema.js +55 -55
  82. package/src/config/service.js +184 -184
  83. package/src/cost/budget.js +235 -235
  84. package/src/cost/history.js +188 -188
  85. package/src/cost/tracker.js +171 -171
  86. package/src/daemon/artifact-lineage.js +534 -534
  87. package/src/daemon/assignment-ledger.js +770 -770
  88. package/src/daemon/ast-parser-layer.js +258 -258
  89. package/src/daemon/budget-governor.js +633 -633
  90. package/src/daemon/callgraph-overlay.js +646 -646
  91. package/src/daemon/error-worker.js +626 -626
  92. package/src/daemon/hybrid-mapper.js +929 -929
  93. package/src/daemon/jira-lifecycle.js +632 -632
  94. package/src/daemon/operator-control.js +657 -657
  95. package/src/daemon/reliability-lane.js +471 -471
  96. package/src/daemon/watchdog.js +971 -971
  97. package/src/guide/generator.js +316 -316
  98. package/src/ingest/engine.js +918 -918
  99. package/src/legacy-cli.js +2548 -2435
  100. package/src/mcp/registry.js +695 -695
  101. package/src/memory/blackboard.js +301 -301
  102. package/src/memory/retrieval.js +581 -581
  103. package/src/plugin/manifest.js +553 -553
  104. package/src/policy/packs.js +144 -144
  105. package/src/prompt/generator.js +118 -106
  106. package/src/review/ai-review.js +669 -669
  107. package/src/review/local-review.js +1284 -1284
  108. package/src/review/replay.js +235 -235
  109. package/src/review/report.js +664 -664
  110. package/src/review/spec-binding.js +487 -487
  111. package/src/scaffold/generator.js +67 -0
  112. package/src/scaffold/templates.js +150 -0
  113. package/src/scan/generator.js +418 -351
  114. package/src/scan/gh-secrets.js +107 -0
  115. package/src/spec/generator.js +519 -519
  116. package/src/spec/regenerate.js +237 -237
  117. package/src/spec/templates.js +91 -91
  118. package/src/swarm/dashboard.js +247 -247
  119. package/src/swarm/factory.js +363 -363
  120. package/src/swarm/pentest.js +934 -934
  121. package/src/swarm/registry.js +419 -419
  122. package/src/swarm/report.js +158 -158
  123. package/src/swarm/runtime.js +576 -576
  124. package/src/swarm/scenario-dsl.js +272 -272
  125. package/src/telemetry/ledger.js +302 -302
  126. package/src/telemetry/sync.js +96 -59
  127. package/src/ui/markdown.js +220 -220
package/src/scaffold/generator.js ADDED
@@ -0,0 +1,67 @@
1
+ /**
2
+ * Scaffold generator — writes template files into a project directory.
3
+ * Skips files that already exist unless force is true.
4
+ */
5
+ import fs from "node:fs";
6
+ import fsp from "node:fs/promises";
7
+ import path from "node:path";
8
+
9
+ async function ensureDir(dirPath) {
10
+ await fsp.mkdir(dirPath, { recursive: true });
11
+ }
12
+
13
+ export async function generateScaffold({ projectDir, templateFiles, packageJsonTemplate, readmeContent, force }) {
14
+ const written = [];
15
+ const skipped = [];
16
+
17
+ // Write template files (src/, tests/, .gitignore, etc.)
18
+ for (const [relativePath, content] of Object.entries(templateFiles)) {
19
+ const fullPath = path.join(projectDir, relativePath);
20
+ if (!force && fs.existsSync(fullPath)) {
21
+ skipped.push({ path: relativePath, reason: "already exists" });
22
+ continue;
23
+ }
24
+ await ensureDir(path.dirname(fullPath));
25
+ await fsp.writeFile(fullPath, content, "utf-8");
26
+ written.push(relativePath);
27
+ }
28
+
29
+ // Merge or create package.json
30
+ const pkgPath = path.join(projectDir, "package.json");
31
+ if (fs.existsSync(pkgPath)) {
32
+ const existing = JSON.parse(await fsp.readFile(pkgPath, "utf-8"));
33
+ // Merge dependencies and scripts without overwriting existing keys
34
+ if (packageJsonTemplate.dependencies) {
35
+ existing.dependencies = { ...packageJsonTemplate.dependencies, ...(existing.dependencies || {}) };
36
+ }
37
+ if (packageJsonTemplate.devDependencies) {
38
+ existing.devDependencies = { ...packageJsonTemplate.devDependencies, ...(existing.devDependencies || {}) };
39
+ }
40
+ if (packageJsonTemplate.scripts) {
41
+ existing.scripts = { ...packageJsonTemplate.scripts, ...(existing.scripts || {}) };
42
+ }
43
+ if (!existing.type) {
44
+ existing.type = packageJsonTemplate.type || "module";
45
+ }
46
+ await fsp.writeFile(pkgPath, JSON.stringify(existing, null, 2) + "\n", "utf-8");
47
+ written.push("package.json (merged)");
48
+ } else {
49
+ await ensureDir(path.dirname(pkgPath));
50
+ await fsp.writeFile(pkgPath, JSON.stringify(packageJsonTemplate, null, 2) + "\n", "utf-8");
51
+ written.push("package.json");
52
+ }
53
+
54
+ // Write README.md
55
+ if (readmeContent) {
56
+ const readmePath = path.join(projectDir, "README.md");
57
+ if (!force && fs.existsSync(readmePath)) {
58
+ skipped.push({ path: "README.md", reason: "already exists" });
59
+ } else {
60
+ await ensureDir(path.dirname(readmePath));
61
+ await fsp.writeFile(readmePath, readmeContent, "utf-8");
62
+ written.push("README.md");
63
+ }
64
+ }
65
+
66
+ return { written, skipped };
67
+ }
package/src/scaffold/templates.js ADDED
@@ -0,0 +1,150 @@
1
+ /**
2
+ * Project code scaffold templates.
3
+ *
4
+ * Each template returns a map of { relativePath: fileContent } that the
5
+ * generator writes into the target project directory, skipping files
6
+ * that already exist unless --force is set.
7
+ */
8
+
9
+ export function getExpressTemplate({ projectName, description }) {
10
+ const safeName = String(projectName || "my-app").replace(/[^a-zA-Z0-9_-]/g, "-").toLowerCase();
11
+ const safeDesc = String(description || `${safeName} API`);
12
+
13
+ return {
14
+ "src/index.js": `import express from "express";
15
+ import dotenv from "dotenv";
16
+ import { healthRouter } from "./routes/health.js";
17
+
18
+ dotenv.config();
19
+
20
+ const app = express();
21
+ app.use(express.json());
22
+
23
+ app.use("/api/health", healthRouter);
24
+
25
+ const PORT = process.env.PORT || 3000;
26
+ app.listen(PORT, () => {
27
+ console.log(\`${safeName} listening on port \${PORT}\`);
28
+ });
29
+
30
+ export default app;
31
+ `,
32
+
33
+ "src/routes/health.js": `import { Router } from "express";
34
+
35
+ export const healthRouter = Router();
36
+
37
+ healthRouter.get("/", (_req, res) => {
38
+ res.json({ status: "ok", timestamp: new Date().toISOString() });
39
+ });
40
+ `,
41
+
42
+ "tests/health.test.js": `import assert from "node:assert/strict";
43
+ import { test } from "node:test";
44
+
45
+ test("health endpoint returns ok status", async () => {
46
+ // Dynamically import to avoid port binding during test
47
+ const { default: app } = await import("../src/index.js");
48
+ // Verify app is an express instance
49
+ assert.ok(app, "Express app should be exported");
50
+ assert.equal(typeof app.listen, "function", "App should have listen method");
51
+ });
52
+ `,
53
+
54
+ ".gitignore": `node_modules/
55
+ .env
56
+ dist/
57
+ coverage/
58
+ .sentinelayer/
59
+ *.log
60
+ `,
61
+
62
+ ".env.example": `PORT=3000
63
+ # Add your environment variables here
64
+ `,
65
+ };
66
+ }
67
+
68
+ export function getPackageJsonTemplate({ projectName, description }) {
69
+ const safeName = String(projectName || "my-app").replace(/[^a-zA-Z0-9_-]/g, "-").toLowerCase();
70
+ return {
71
+ name: safeName,
72
+ version: "0.1.0",
73
+ description: String(description || `${safeName} API`),
74
+ type: "module",
75
+ main: "src/index.js",
76
+ scripts: {
77
+ start: "node src/index.js",
78
+ dev: "node --watch src/index.js",
79
+ test: "node --test tests/**/*.test.js",
80
+ },
81
+ dependencies: {
82
+ express: "^5.1.0",
83
+ dotenv: "^16.4.7",
84
+ jsonwebtoken: "^9.0.2",
85
+ bcrypt: "^5.1.1",
86
+ },
87
+ devDependencies: {},
88
+ engines: {
89
+ node: ">=18.17.0",
90
+ },
91
+ };
92
+ }
93
+
94
+ export function buildReadmeContent({ projectName, description, techStack }) {
95
+ const name = String(projectName || "my-app");
96
+ const desc = String(description || `${name} project`);
97
+ const stack = String(techStack || "Node.js + Express");
98
+
99
+ return `# ${name}
100
+
101
+ ${desc}
102
+
103
+ ## Tech Stack
104
+
105
+ ${stack}
106
+
107
+ ## Getting Started
108
+
109
+ \`\`\`bash
110
+ npm install
111
+ cp .env.example .env
112
+ npm run dev
113
+ \`\`\`
114
+
115
+ ## Testing
116
+
117
+ \`\`\`bash
118
+ npm test
119
+ \`\`\`
120
+
121
+ ## Project Structure
122
+
123
+ \`\`\`
124
+ ${name}/
125
+ ├── src/
126
+ │ ├── index.js # Application entry point
127
+ │ └── routes/ # API route handlers
128
+ ├── tests/ # Test files
129
+ ├── docs/ # SentinelLayer spec & build guide
130
+ ├── prompts/ # Agent execution prompts
131
+ ├── .github/workflows/ # CI/CD (Omar Gate)
132
+ └── tasks/ # Build checklist
133
+ \`\`\`
134
+
135
+ ## Security
136
+
137
+ This project uses [SentinelLayer](https://sentinelayer.com) Omar Gate for automated security review on every PR.
138
+
139
+ ---
140
+ Generated with [create-sentinelayer](https://www.npmjs.com/package/sentinelayer-cli)
141
+ `;
142
+ }
143
+
144
+ export const TEMPLATE_REGISTRY = {
145
+ "rest-api-express": {
146
+ name: "REST API (Express.js)",
147
+ getFiles: getExpressTemplate,
148
+ getPackageJson: getPackageJsonTemplate,
149
+ },
150
+ };