sentinelayer-cli 0.1.2 → 0.4.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (129) hide show
  1. package/README.md +998 -996
  2. package/bin/create-sentinelayer.js +5 -5
  3. package/bin/sentinelayer-cli.js +4 -4
  4. package/bin/sl.js +5 -5
  5. package/package.json +63 -54
  6. package/src/agents/jules/config/definition.js +209 -209
  7. package/src/agents/jules/config/system-prompt.js +175 -175
  8. package/src/agents/jules/error-intake.js +51 -51
  9. package/src/agents/jules/fix-cycle.js +377 -377
  10. package/src/agents/jules/loop.js +367 -367
  11. package/src/agents/jules/pulse.js +327 -319
  12. package/src/agents/jules/stream.js +186 -186
  13. package/src/agents/jules/swarm/file-scanner.js +74 -74
  14. package/src/agents/jules/swarm/index.js +11 -11
  15. package/src/agents/jules/swarm/orchestrator.js +362 -362
  16. package/src/agents/jules/swarm/pattern-hunter.js +123 -123
  17. package/src/agents/jules/swarm/sub-agent.js +308 -308
  18. package/src/agents/jules/tools/auth-audit.js +557 -222
  19. package/src/agents/jules/tools/dispatch.js +327 -327
  20. package/src/agents/jules/tools/file-edit.js +180 -180
  21. package/src/agents/jules/tools/file-read.js +100 -100
  22. package/src/agents/jules/tools/frontend-analyze.js +570 -570
  23. package/src/agents/jules/tools/glob.js +168 -168
  24. package/src/agents/jules/tools/grep.js +228 -228
  25. package/src/agents/jules/tools/index.js +29 -29
  26. package/src/agents/jules/tools/path-guards.js +161 -161
  27. package/src/agents/jules/tools/runtime-audit.js +503 -493
  28. package/src/agents/jules/tools/shell.js +383 -383
  29. package/src/agents/jules/tools/url-policy.js +100 -0
  30. package/src/ai/aidenid.js +972 -945
  31. package/src/ai/client.js +508 -508
  32. package/src/ai/domain-target-store.js +268 -268
  33. package/src/ai/identity-store.js +270 -270
  34. package/src/ai/site-store.js +145 -145
  35. package/src/audit/agents/architecture.js +180 -180
  36. package/src/audit/agents/compliance.js +179 -179
  37. package/src/audit/agents/documentation.js +165 -165
  38. package/src/audit/agents/performance.js +145 -145
  39. package/src/audit/agents/security.js +215 -215
  40. package/src/audit/agents/testing.js +172 -172
  41. package/src/audit/orchestrator.js +557 -557
  42. package/src/audit/package.js +204 -204
  43. package/src/audit/registry.js +284 -284
  44. package/src/audit/replay.js +103 -103
  45. package/src/auth/gate.js +45 -11
  46. package/src/auth/http.js +270 -113
  47. package/src/auth/service.js +891 -848
  48. package/src/auth/session-store.js +359 -345
  49. package/src/cli.js +252 -252
  50. package/src/commands/ai/identity-lifecycle.js +1338 -1337
  51. package/src/commands/ai/provision-governance.js +1272 -1246
  52. package/src/commands/ai/shared.js +147 -147
  53. package/src/commands/ai.js +11 -11
  54. package/src/commands/apply.js +12 -12
  55. package/src/commands/audit.js +1166 -1166
  56. package/src/commands/auth.js +375 -366
  57. package/src/commands/chat.js +191 -191
  58. package/src/commands/config.js +184 -184
  59. package/src/commands/cost.js +311 -311
  60. package/src/commands/daemon/core.js +850 -850
  61. package/src/commands/daemon/extended.js +1048 -1048
  62. package/src/commands/daemon/shared.js +213 -213
  63. package/src/commands/daemon.js +11 -11
  64. package/src/commands/guide.js +174 -174
  65. package/src/commands/ingest.js +58 -58
  66. package/src/commands/init.js +55 -55
  67. package/src/commands/legacy-args.js +10 -10
  68. package/src/commands/mcp.js +461 -404
  69. package/src/commands/omargate.js +15 -15
  70. package/src/commands/persona.js +20 -20
  71. package/src/commands/plugin.js +260 -260
  72. package/src/commands/policy.js +132 -132
  73. package/src/commands/prompt.js +238 -238
  74. package/src/commands/review.js +704 -704
  75. package/src/commands/scan.js +866 -788
  76. package/src/commands/spec.js +716 -716
  77. package/src/commands/swarm.js +651 -651
  78. package/src/commands/telemetry.js +202 -202
  79. package/src/commands/watch.js +510 -510
  80. package/src/config/agent-dictionary.js +182 -182
  81. package/src/config/io.js +56 -56
  82. package/src/config/paths.js +18 -18
  83. package/src/config/schema.js +55 -55
  84. package/src/config/service.js +184 -184
  85. package/src/cost/budget.js +235 -235
  86. package/src/cost/history.js +188 -188
  87. package/src/cost/tracker.js +171 -171
  88. package/src/daemon/artifact-lineage.js +534 -534
  89. package/src/daemon/assignment-ledger.js +770 -770
  90. package/src/daemon/ast-parser-layer.js +258 -258
  91. package/src/daemon/budget-governor.js +633 -633
  92. package/src/daemon/callgraph-overlay.js +646 -646
  93. package/src/daemon/error-worker.js +626 -626
  94. package/src/daemon/hybrid-mapper.js +929 -929
  95. package/src/daemon/jira-lifecycle.js +632 -632
  96. package/src/daemon/operator-control.js +657 -657
  97. package/src/daemon/reliability-lane.js +471 -471
  98. package/src/daemon/watchdog.js +971 -971
  99. package/src/guide/generator.js +316 -316
  100. package/src/ingest/engine.js +918 -918
  101. package/src/legacy-cli.js +2592 -2435
  102. package/src/mcp/registry.js +695 -695
  103. package/src/memory/blackboard.js +301 -301
  104. package/src/memory/retrieval.js +581 -581
  105. package/src/plugin/manifest.js +553 -553
  106. package/src/policy/packs.js +144 -144
  107. package/src/prompt/generator.js +118 -106
  108. package/src/review/ai-review.js +669 -669
  109. package/src/review/local-review.js +1295 -1284
  110. package/src/review/replay.js +235 -235
  111. package/src/review/report.js +664 -664
  112. package/src/review/spec-binding.js +487 -487
  113. package/src/scaffold/generator.js +67 -0
  114. package/src/scaffold/templates.js +150 -0
  115. package/src/scan/generator.js +418 -351
  116. package/src/scan/gh-secrets.js +107 -0
  117. package/src/spec/generator.js +519 -519
  118. package/src/spec/regenerate.js +237 -237
  119. package/src/spec/templates.js +91 -91
  120. package/src/swarm/dashboard.js +247 -247
  121. package/src/swarm/factory.js +363 -363
  122. package/src/swarm/pentest.js +934 -934
  123. package/src/swarm/registry.js +419 -419
  124. package/src/swarm/report.js +158 -158
  125. package/src/swarm/runtime.js +576 -576
  126. package/src/swarm/scenario-dsl.js +272 -272
  127. package/src/telemetry/ledger.js +302 -302
  128. package/src/telemetry/sync.js +107 -61
  129. package/src/ui/markdown.js +220 -220
package/src/scaffold/generator.js ADDED
@@ -0,0 +1,67 @@
1
+ /**
2
+ * Scaffold generator — writes template files into a project directory.
3
+ * Skips files that already exist unless force is true.
4
+ */
5
+ import fs from "node:fs";
6
+ import fsp from "node:fs/promises";
7
+ import path from "node:path";
8
+
9
+ async function ensureDir(dirPath) {
10
+ await fsp.mkdir(dirPath, { recursive: true });
11
+ }
12
+
13
+ export async function generateScaffold({ projectDir, templateFiles, packageJsonTemplate, readmeContent, force }) {
14
+ const written = [];
15
+ const skipped = [];
16
+
17
+ // Write template files (src/, tests/, .gitignore, etc.)
18
+ for (const [relativePath, content] of Object.entries(templateFiles)) {
19
+ const fullPath = path.join(projectDir, relativePath);
20
+ if (!force && fs.existsSync(fullPath)) {
21
+ skipped.push({ path: relativePath, reason: "already exists" });
22
+ continue;
23
+ }
24
+ await ensureDir(path.dirname(fullPath));
25
+ await fsp.writeFile(fullPath, content, "utf-8");
26
+ written.push(relativePath);
27
+ }
28
+
29
+ // Merge or create package.json
30
+ const pkgPath = path.join(projectDir, "package.json");
31
+ if (fs.existsSync(pkgPath)) {
32
+ const existing = JSON.parse(await fsp.readFile(pkgPath, "utf-8"));
33
+ // Merge dependencies and scripts without overwriting existing keys
34
+ if (packageJsonTemplate.dependencies) {
35
+ existing.dependencies = { ...packageJsonTemplate.dependencies, ...(existing.dependencies || {}) };
36
+ }
37
+ if (packageJsonTemplate.devDependencies) {
38
+ existing.devDependencies = { ...packageJsonTemplate.devDependencies, ...(existing.devDependencies || {}) };
39
+ }
40
+ if (packageJsonTemplate.scripts) {
41
+ existing.scripts = { ...packageJsonTemplate.scripts, ...(existing.scripts || {}) };
42
+ }
43
+ if (!existing.type) {
44
+ existing.type = packageJsonTemplate.type || "module";
45
+ }
46
+ await fsp.writeFile(pkgPath, JSON.stringify(existing, null, 2) + "\n", "utf-8");
47
+ written.push("package.json (merged)");
48
+ } else {
49
+ await ensureDir(path.dirname(pkgPath));
50
+ await fsp.writeFile(pkgPath, JSON.stringify(packageJsonTemplate, null, 2) + "\n", "utf-8");
51
+ written.push("package.json");
52
+ }
53
+
54
+ // Write README.md
55
+ if (readmeContent) {
56
+ const readmePath = path.join(projectDir, "README.md");
57
+ if (!force && fs.existsSync(readmePath)) {
58
+ skipped.push({ path: "README.md", reason: "already exists" });
59
+ } else {
60
+ await ensureDir(path.dirname(readmePath));
61
+ await fsp.writeFile(readmePath, readmeContent, "utf-8");
62
+ written.push("README.md");
63
+ }
64
+ }
65
+
66
+ return { written, skipped };
67
+ }
package/src/scaffold/templates.js ADDED
@@ -0,0 +1,150 @@
1
+ /**
2
+ * Project code scaffold templates.
3
+ *
4
+ * Each template returns a map of { relativePath: fileContent } that the
5
+ * generator writes into the target project directory, skipping files
6
+ * that already exist unless --force is set.
7
+ */
8
+
9
+ export function getExpressTemplate({ projectName, description }) {
10
+ const safeName = String(projectName || "my-app").replace(/[^a-zA-Z0-9_-]/g, "-").toLowerCase();
11
+ const safeDesc = String(description || `${safeName} API`);
12
+
13
+ return {
14
+ "src/index.js": `import express from "express";
15
+ import dotenv from "dotenv";
16
+ import { healthRouter } from "./routes/health.js";
17
+
18
+ dotenv.config();
19
+
20
+ const app = express();
21
+ app.use(express.json());
22
+
23
+ app.use("/api/health", healthRouter);
24
+
25
+ const PORT = process.env.PORT || 3000;
26
+ app.listen(PORT, () => {
27
+ console.log(\`${safeName} listening on port \${PORT}\`);
28
+ });
29
+
30
+ export default app;
31
+ `,
32
+
33
+ "src/routes/health.js": `import { Router } from "express";
34
+
35
+ export const healthRouter = Router();
36
+
37
+ healthRouter.get("/", (_req, res) => {
38
+ res.json({ status: "ok", timestamp: new Date().toISOString() });
39
+ });
40
+ `,
41
+
42
+ "tests/health.test.js": `import assert from "node:assert/strict";
43
+ import { test } from "node:test";
44
+
45
+ test("health endpoint returns ok status", async () => {
46
+ // Dynamically import to avoid port binding during test
47
+ const { default: app } = await import("../src/index.js");
48
+ // Verify app is an express instance
49
+ assert.ok(app, "Express app should be exported");
50
+ assert.equal(typeof app.listen, "function", "App should have listen method");
51
+ });
52
+ `,
53
+
54
+ ".gitignore": `node_modules/
55
+ .env
56
+ dist/
57
+ coverage/
58
+ .sentinelayer/
59
+ *.log
60
+ `,
61
+
62
+ ".env.example": `PORT=3000
63
+ # Add your environment variables here
64
+ `,
65
+ };
66
+ }
67
+
68
+ export function getPackageJsonTemplate({ projectName, description }) {
69
+ const safeName = String(projectName || "my-app").replace(/[^a-zA-Z0-9_-]/g, "-").toLowerCase();
70
+ return {
71
+ name: safeName,
72
+ version: "0.1.0",
73
+ description: String(description || `${safeName} API`),
74
+ type: "module",
75
+ main: "src/index.js",
76
+ scripts: {
77
+ start: "node src/index.js",
78
+ dev: "node --watch src/index.js",
79
+ test: "node --test tests/**/*.test.js",
80
+ },
81
+ dependencies: {
82
+ express: "^5.1.0",
83
+ dotenv: "^16.4.7",
84
+ jsonwebtoken: "^9.0.2",
85
+ bcrypt: "^5.1.1",
86
+ },
87
+ devDependencies: {},
88
+ engines: {
89
+ node: ">=20.0.0",
90
+ },
91
+ };
92
+ }
93
+
94
+ export function buildReadmeContent({ projectName, description, techStack }) {
95
+ const name = String(projectName || "my-app");
96
+ const desc = String(description || `${name} project`);
97
+ const stack = String(techStack || "Node.js + Express");
98
+
99
+ return `# ${name}
100
+
101
+ ${desc}
102
+
103
+ ## Tech Stack
104
+
105
+ ${stack}
106
+
107
+ ## Getting Started
108
+
109
+ \`\`\`bash
110
+ npm install
111
+ cp .env.example .env
112
+ npm run dev
113
+ \`\`\`
114
+
115
+ ## Testing
116
+
117
+ \`\`\`bash
118
+ npm test
119
+ \`\`\`
120
+
121
+ ## Project Structure
122
+
123
+ \`\`\`
124
+ ${name}/
125
+ ├── src/
126
+ │ ├── index.js # Application entry point
127
+ │ └── routes/ # API route handlers
128
+ ├── tests/ # Test files
129
+ ├── docs/ # SentinelLayer spec & build guide
130
+ ├── prompts/ # Agent execution prompts
131
+ ├── .github/workflows/ # CI/CD (Omar Gate)
132
+ └── tasks/ # Build checklist
133
+ \`\`\`
134
+
135
+ ## Security
136
+
137
+ This project uses [SentinelLayer](https://sentinelayer.com) Omar Gate for automated security review on every PR.
138
+
139
+ ---
140
+ Generated with [create-sentinelayer](https://www.npmjs.com/package/sentinelayer-cli)
141
+ `;
142
+ }
143
+
144
+ export const TEMPLATE_REGISTRY = {
145
+ "rest-api-express": {
146
+ name: "REST API (Express.js)",
147
+ getFiles: getExpressTemplate,
148
+ getPackageJson: getPackageJsonTemplate,
149
+ },
150
+ };