sentinelayer-cli 0.4.4 → 0.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (149) hide show
  1. package/README.md +996 -998
  2. package/bin/create-sentinelayer.js +5 -5
  3. package/bin/sentinelayer-cli.js +4 -4
  4. package/bin/sl.js +5 -5
  5. package/package.json +63 -63
  6. package/src/agents/jules/config/definition.js +160 -209
  7. package/src/agents/jules/config/system-prompt.js +182 -175
  8. package/src/agents/jules/error-intake.js +51 -51
  9. package/src/agents/jules/fix-cycle.js +17 -377
  10. package/src/agents/jules/loop.js +450 -367
  11. package/src/agents/jules/pulse.js +10 -327
  12. package/src/agents/jules/stream.js +186 -186
  13. package/src/agents/jules/swarm/file-scanner.js +74 -74
  14. package/src/agents/jules/swarm/index.js +11 -11
  15. package/src/agents/jules/swarm/orchestrator.js +362 -362
  16. package/src/agents/jules/swarm/pattern-hunter.js +123 -123
  17. package/src/agents/jules/swarm/sub-agent.js +309 -308
  18. package/src/agents/jules/tools/aidenid-email.js +189 -0
  19. package/src/agents/jules/tools/auth-audit.js +1691 -557
  20. package/src/agents/jules/tools/dispatch.js +335 -327
  21. package/src/agents/jules/tools/file-edit.js +2 -180
  22. package/src/agents/jules/tools/file-read.js +2 -100
  23. package/src/agents/jules/tools/frontend-analyze.js +570 -570
  24. package/src/agents/jules/tools/glob.js +2 -168
  25. package/src/agents/jules/tools/grep.js +2 -228
  26. package/src/agents/jules/tools/index.js +29 -29
  27. package/src/agents/jules/tools/path-guards.js +2 -161
  28. package/src/agents/jules/tools/runtime-audit.js +507 -503
  29. package/src/agents/jules/tools/shell.js +2 -383
  30. package/src/agents/jules/tools/url-policy.js +100 -100
  31. package/src/agents/persona-visuals.js +61 -0
  32. package/src/agents/shared-tools/dispatch-core.js +315 -0
  33. package/src/agents/shared-tools/file-edit.js +180 -0
  34. package/src/agents/shared-tools/file-read.js +100 -0
  35. package/src/agents/shared-tools/glob.js +168 -0
  36. package/src/agents/shared-tools/grep.js +228 -0
  37. package/src/agents/shared-tools/index.js +46 -0
  38. package/src/agents/shared-tools/path-guards.js +161 -0
  39. package/src/agents/shared-tools/shell.js +383 -0
  40. package/src/ai/aidenid.js +1009 -972
  41. package/src/ai/client.js +553 -508
  42. package/src/ai/domain-target-store.js +268 -268
  43. package/src/ai/identity-store.js +270 -270
  44. package/src/ai/proxy.js +137 -0
  45. package/src/ai/site-store.js +145 -145
  46. package/src/audit/agents/architecture.js +180 -180
  47. package/src/audit/agents/compliance.js +179 -179
  48. package/src/audit/agents/documentation.js +165 -165
  49. package/src/audit/agents/performance.js +145 -145
  50. package/src/audit/agents/security.js +215 -215
  51. package/src/audit/agents/testing.js +172 -172
  52. package/src/audit/orchestrator.js +557 -557
  53. package/src/audit/package.js +204 -204
  54. package/src/audit/registry.js +284 -284
  55. package/src/audit/replay.js +103 -103
  56. package/src/auth/gate.js +371 -126
  57. package/src/auth/http.js +611 -270
  58. package/src/auth/service.js +1106 -891
  59. package/src/auth/session-store.js +813 -359
  60. package/src/cli.js +252 -252
  61. package/src/commands/ai/identity-lifecycle.js +1338 -1338
  62. package/src/commands/ai/provision-governance.js +1272 -1272
  63. package/src/commands/ai/shared.js +147 -147
  64. package/src/commands/ai.js +11 -11
  65. package/src/commands/apply.js +12 -12
  66. package/src/commands/audit.js +1166 -1166
  67. package/src/commands/auth.js +419 -375
  68. package/src/commands/chat.js +191 -191
  69. package/src/commands/config.js +184 -184
  70. package/src/commands/cost.js +311 -311
  71. package/src/commands/daemon/core.js +850 -850
  72. package/src/commands/daemon/extended.js +1048 -1048
  73. package/src/commands/daemon/shared.js +213 -213
  74. package/src/commands/daemon.js +11 -11
  75. package/src/commands/guide.js +174 -174
  76. package/src/commands/ingest.js +58 -58
  77. package/src/commands/init.js +55 -55
  78. package/src/commands/legacy-args.js +10 -10
  79. package/src/commands/mcp.js +461 -461
  80. package/src/commands/omargate.js +29 -21
  81. package/src/commands/persona.js +20 -20
  82. package/src/commands/plugin.js +260 -260
  83. package/src/commands/policy.js +132 -132
  84. package/src/commands/prompt.js +238 -238
  85. package/src/commands/review.js +704 -704
  86. package/src/commands/scan.js +872 -866
  87. package/src/commands/spec.js +716 -716
  88. package/src/commands/swarm.js +651 -651
  89. package/src/commands/telemetry.js +202 -202
  90. package/src/commands/watch.js +511 -510
  91. package/src/config/agent-dictionary.js +182 -182
  92. package/src/config/io.js +56 -56
  93. package/src/config/paths.js +18 -18
  94. package/src/config/schema.js +55 -55
  95. package/src/config/service.js +184 -184
  96. package/src/cost/budget.js +235 -235
  97. package/src/cost/history.js +188 -188
  98. package/src/cost/tracker.js +171 -171
  99. package/src/daemon/artifact-lineage.js +534 -534
  100. package/src/daemon/assignment-ledger.js +770 -770
  101. package/src/daemon/ast-parser-layer.js +258 -258
  102. package/src/daemon/budget-governor.js +633 -633
  103. package/src/daemon/callgraph-overlay.js +646 -646
  104. package/src/daemon/error-worker.js +626 -626
  105. package/src/daemon/fix-cycle.js +377 -0
  106. package/src/daemon/hybrid-mapper.js +929 -929
  107. package/src/daemon/jira-lifecycle.js +632 -632
  108. package/src/daemon/operator-control.js +657 -657
  109. package/src/daemon/pulse.js +327 -0
  110. package/src/daemon/reliability-lane.js +471 -471
  111. package/src/daemon/watchdog.js +971 -971
  112. package/src/guide/generator.js +316 -316
  113. package/src/ingest/engine.js +918 -918
  114. package/src/interactive/index.js +97 -95
  115. package/src/legacy-cli.js +2994 -2592
  116. package/src/mcp/registry.js +695 -695
  117. package/src/memory/blackboard.js +301 -301
  118. package/src/memory/retrieval.js +581 -581
  119. package/src/plugin/manifest.js +553 -553
  120. package/src/policy/packs.js +144 -144
  121. package/src/prompt/generator.js +118 -118
  122. package/src/review/ai-review.js +679 -669
  123. package/src/review/local-review.js +1305 -1295
  124. package/src/review/omargate-interactive.js +68 -0
  125. package/src/review/omargate-orchestrator.js +300 -0
  126. package/src/review/persona-prompts.js +296 -0
  127. package/src/review/replay.js +235 -235
  128. package/src/review/report.js +664 -664
  129. package/src/review/scan-modes.js +42 -0
  130. package/src/review/spec-binding.js +487 -487
  131. package/src/scaffold/generator.js +67 -67
  132. package/src/scaffold/templates.js +150 -150
  133. package/src/scan/generator.js +418 -418
  134. package/src/scan/gh-secrets.js +107 -107
  135. package/src/spec/generator.js +519 -519
  136. package/src/spec/regenerate.js +237 -237
  137. package/src/spec/templates.js +91 -91
  138. package/src/swarm/dashboard.js +247 -247
  139. package/src/swarm/factory.js +363 -363
  140. package/src/swarm/pentest.js +934 -934
  141. package/src/swarm/registry.js +419 -419
  142. package/src/swarm/report.js +158 -158
  143. package/src/swarm/runtime.js +576 -576
  144. package/src/swarm/scenario-dsl.js +272 -272
  145. package/src/telemetry/ledger.js +302 -302
  146. package/src/telemetry/session-tracker.js +234 -118
  147. package/src/telemetry/sync.js +203 -199
  148. package/src/ui/command-hints.js +13 -0
  149. package/src/ui/markdown.js +220 -220
package/src/scaffold/generator.js CHANGED
@@ -1,67 +1,67 @@
1
- /**
2
- * Scaffold generator — writes template files into a project directory.
3
- * Skips files that already exist unless force is true.
4
- */
5
- import fs from "node:fs";
6
- import fsp from "node:fs/promises";
7
- import path from "node:path";
8
-
9
- async function ensureDir(dirPath) {
10
- await fsp.mkdir(dirPath, { recursive: true });
11
- }
12
-
13
- export async function generateScaffold({ projectDir, templateFiles, packageJsonTemplate, readmeContent, force }) {
14
- const written = [];
15
- const skipped = [];
16
-
17
- // Write template files (src/, tests/, .gitignore, etc.)
18
- for (const [relativePath, content] of Object.entries(templateFiles)) {
19
- const fullPath = path.join(projectDir, relativePath);
20
- if (!force && fs.existsSync(fullPath)) {
21
- skipped.push({ path: relativePath, reason: "already exists" });
22
- continue;
23
- }
24
- await ensureDir(path.dirname(fullPath));
25
- await fsp.writeFile(fullPath, content, "utf-8");
26
- written.push(relativePath);
27
- }
28
-
29
- // Merge or create package.json
30
- const pkgPath = path.join(projectDir, "package.json");
31
- if (fs.existsSync(pkgPath)) {
32
- const existing = JSON.parse(await fsp.readFile(pkgPath, "utf-8"));
33
- // Merge dependencies and scripts without overwriting existing keys
34
- if (packageJsonTemplate.dependencies) {
35
- existing.dependencies = { ...packageJsonTemplate.dependencies, ...(existing.dependencies || {}) };
36
- }
37
- if (packageJsonTemplate.devDependencies) {
38
- existing.devDependencies = { ...packageJsonTemplate.devDependencies, ...(existing.devDependencies || {}) };
39
- }
40
- if (packageJsonTemplate.scripts) {
41
- existing.scripts = { ...packageJsonTemplate.scripts, ...(existing.scripts || {}) };
42
- }
43
- if (!existing.type) {
44
- existing.type = packageJsonTemplate.type || "module";
45
- }
46
- await fsp.writeFile(pkgPath, JSON.stringify(existing, null, 2) + "\n", "utf-8");
47
- written.push("package.json (merged)");
48
- } else {
49
- await ensureDir(path.dirname(pkgPath));
50
- await fsp.writeFile(pkgPath, JSON.stringify(packageJsonTemplate, null, 2) + "\n", "utf-8");
51
- written.push("package.json");
52
- }
53
-
54
- // Write README.md
55
- if (readmeContent) {
56
- const readmePath = path.join(projectDir, "README.md");
57
- if (!force && fs.existsSync(readmePath)) {
58
- skipped.push({ path: "README.md", reason: "already exists" });
59
- } else {
60
- await ensureDir(path.dirname(readmePath));
61
- await fsp.writeFile(readmePath, readmeContent, "utf-8");
62
- written.push("README.md");
63
- }
64
- }
65
-
66
- return { written, skipped };
67
- }
1
+ /**
2
+ * Scaffold generator — writes template files into a project directory.
3
+ * Skips files that already exist unless force is true.
4
+ */
5
+ import fs from "node:fs";
6
+ import fsp from "node:fs/promises";
7
+ import path from "node:path";
8
+
9
+ async function ensureDir(dirPath) {
10
+ await fsp.mkdir(dirPath, { recursive: true });
11
+ }
12
+
13
+ export async function generateScaffold({ projectDir, templateFiles, packageJsonTemplate, readmeContent, force }) {
14
+ const written = [];
15
+ const skipped = [];
16
+
17
+ // Write template files (src/, tests/, .gitignore, etc.)
18
+ for (const [relativePath, content] of Object.entries(templateFiles)) {
19
+ const fullPath = path.join(projectDir, relativePath);
20
+ if (!force && fs.existsSync(fullPath)) {
21
+ skipped.push({ path: relativePath, reason: "already exists" });
22
+ continue;
23
+ }
24
+ await ensureDir(path.dirname(fullPath));
25
+ await fsp.writeFile(fullPath, content, "utf-8");
26
+ written.push(relativePath);
27
+ }
28
+
29
+ // Merge or create package.json
30
+ const pkgPath = path.join(projectDir, "package.json");
31
+ if (fs.existsSync(pkgPath)) {
32
+ const existing = JSON.parse(await fsp.readFile(pkgPath, "utf-8"));
33
+ // Merge dependencies and scripts without overwriting existing keys
34
+ if (packageJsonTemplate.dependencies) {
35
+ existing.dependencies = { ...packageJsonTemplate.dependencies, ...(existing.dependencies || {}) };
36
+ }
37
+ if (packageJsonTemplate.devDependencies) {
38
+ existing.devDependencies = { ...packageJsonTemplate.devDependencies, ...(existing.devDependencies || {}) };
39
+ }
40
+ if (packageJsonTemplate.scripts) {
41
+ existing.scripts = { ...packageJsonTemplate.scripts, ...(existing.scripts || {}) };
42
+ }
43
+ if (!existing.type) {
44
+ existing.type = packageJsonTemplate.type || "module";
45
+ }
46
+ await fsp.writeFile(pkgPath, JSON.stringify(existing, null, 2) + "\n", "utf-8");
47
+ written.push("package.json (merged)");
48
+ } else {
49
+ await ensureDir(path.dirname(pkgPath));
50
+ await fsp.writeFile(pkgPath, JSON.stringify(packageJsonTemplate, null, 2) + "\n", "utf-8");
51
+ written.push("package.json");
52
+ }
53
+
54
+ // Write README.md
55
+ if (readmeContent) {
56
+ const readmePath = path.join(projectDir, "README.md");
57
+ if (!force && fs.existsSync(readmePath)) {
58
+ skipped.push({ path: "README.md", reason: "already exists" });
59
+ } else {
60
+ await ensureDir(path.dirname(readmePath));
61
+ await fsp.writeFile(readmePath, readmeContent, "utf-8");
62
+ written.push("README.md");
63
+ }
64
+ }
65
+
66
+ return { written, skipped };
67
+ }
package/src/scaffold/templates.js CHANGED
@@ -1,150 +1,150 @@
1
- /**
2
- * Project code scaffold templates.
3
- *
4
- * Each template returns a map of { relativePath: fileContent } that the
5
- * generator writes into the target project directory, skipping files
6
- * that already exist unless --force is set.
7
- */
8
-
9
- export function getExpressTemplate({ projectName, description }) {
10
- const safeName = String(projectName || "my-app").replace(/[^a-zA-Z0-9_-]/g, "-").toLowerCase();
11
- const safeDesc = String(description || `${safeName} API`);
12
-
13
- return {
14
- "src/index.js": `import express from "express";
15
- import dotenv from "dotenv";
16
- import { healthRouter } from "./routes/health.js";
17
-
18
- dotenv.config();
19
-
20
- const app = express();
21
- app.use(express.json());
22
-
23
- app.use("/api/health", healthRouter);
24
-
25
- const PORT = process.env.PORT || 3000;
26
- app.listen(PORT, () => {
27
- console.log(\`${safeName} listening on port \${PORT}\`);
28
- });
29
-
30
- export default app;
31
- `,
32
-
33
- "src/routes/health.js": `import { Router } from "express";
34
-
35
- export const healthRouter = Router();
36
-
37
- healthRouter.get("/", (_req, res) => {
38
- res.json({ status: "ok", timestamp: new Date().toISOString() });
39
- });
40
- `,
41
-
42
- "tests/health.test.js": `import assert from "node:assert/strict";
43
- import { test } from "node:test";
44
-
45
- test("health endpoint returns ok status", async () => {
46
- // Dynamically import to avoid port binding during test
47
- const { default: app } = await import("../src/index.js");
48
- // Verify app is an express instance
49
- assert.ok(app, "Express app should be exported");
50
- assert.equal(typeof app.listen, "function", "App should have listen method");
51
- });
52
- `,
53
-
54
- ".gitignore": `node_modules/
55
- .env
56
- dist/
57
- coverage/
58
- .sentinelayer/
59
- *.log
60
- `,
61
-
62
- ".env.example": `PORT=3000
63
- # Add your environment variables here
64
- `,
65
- };
66
- }
67
-
68
- export function getPackageJsonTemplate({ projectName, description }) {
69
- const safeName = String(projectName || "my-app").replace(/[^a-zA-Z0-9_-]/g, "-").toLowerCase();
70
- return {
71
- name: safeName,
72
- version: "0.1.0",
73
- description: String(description || `${safeName} API`),
74
- type: "module",
75
- main: "src/index.js",
76
- scripts: {
77
- start: "node src/index.js",
78
- dev: "node --watch src/index.js",
79
- test: "node --test tests/**/*.test.js",
80
- },
81
- dependencies: {
82
- express: "^5.1.0",
83
- dotenv: "^16.4.7",
84
- jsonwebtoken: "^9.0.2",
85
- bcrypt: "^5.1.1",
86
- },
87
- devDependencies: {},
88
- engines: {
89
- node: ">=20.0.0",
90
- },
91
- };
92
- }
93
-
94
- export function buildReadmeContent({ projectName, description, techStack }) {
95
- const name = String(projectName || "my-app");
96
- const desc = String(description || `${name} project`);
97
- const stack = String(techStack || "Node.js + Express");
98
-
99
- return `# ${name}
100
-
101
- ${desc}
102
-
103
- ## Tech Stack
104
-
105
- ${stack}
106
-
107
- ## Getting Started
108
-
109
- \`\`\`bash
110
- npm install
111
- cp .env.example .env
112
- npm run dev
113
- \`\`\`
114
-
115
- ## Testing
116
-
117
- \`\`\`bash
118
- npm test
119
- \`\`\`
120
-
121
- ## Project Structure
122
-
123
- \`\`\`
124
- ${name}/
125
- ├── src/
126
- │ ├── index.js # Application entry point
127
- │ └── routes/ # API route handlers
128
- ├── tests/ # Test files
129
- ├── docs/ # SentinelLayer spec & build guide
130
- ├── prompts/ # Agent execution prompts
131
- ├── .github/workflows/ # CI/CD (Omar Gate)
132
- └── tasks/ # Build checklist
133
- \`\`\`
134
-
135
- ## Security
136
-
137
- This project uses [SentinelLayer](https://sentinelayer.com) Omar Gate for automated security review on every PR.
138
-
139
- ---
140
- Generated with [create-sentinelayer](https://www.npmjs.com/package/sentinelayer-cli)
141
- `;
142
- }
143
-
144
- export const TEMPLATE_REGISTRY = {
145
- "rest-api-express": {
146
- name: "REST API (Express.js)",
147
- getFiles: getExpressTemplate,
148
- getPackageJson: getPackageJsonTemplate,
149
- },
150
- };
1
+ /**
2
+ * Project code scaffold templates.
3
+ *
4
+ * Each template returns a map of { relativePath: fileContent } that the
5
+ * generator writes into the target project directory, skipping files
6
+ * that already exist unless --force is set.
7
+ */
8
+
9
+ export function getExpressTemplate({ projectName, description }) {
10
+ const safeName = String(projectName || "my-app").replace(/[^a-zA-Z0-9_-]/g, "-").toLowerCase();
11
+ const safeDesc = String(description || `${safeName} API`);
12
+
13
+ return {
14
+ "src/index.js": `import express from "express";
15
+ import dotenv from "dotenv";
16
+ import { healthRouter } from "./routes/health.js";
17
+
18
+ dotenv.config();
19
+
20
+ const app = express();
21
+ app.use(express.json());
22
+
23
+ app.use("/api/health", healthRouter);
24
+
25
+ const PORT = process.env.PORT || 3000;
26
+ app.listen(PORT, () => {
27
+ console.log(\`${safeName} listening on port \${PORT}\`);
28
+ });
29
+
30
+ export default app;
31
+ `,
32
+
33
+ "src/routes/health.js": `import { Router } from "express";
34
+
35
+ export const healthRouter = Router();
36
+
37
+ healthRouter.get("/", (_req, res) => {
38
+ res.json({ status: "ok", timestamp: new Date().toISOString() });
39
+ });
40
+ `,
41
+
42
+ "tests/health.test.js": `import assert from "node:assert/strict";
43
+ import { test } from "node:test";
44
+
45
+ test("health endpoint returns ok status", async () => {
46
+ // Dynamically import to avoid port binding during test
47
+ const { default: app } = await import("../src/index.js");
48
+ // Verify app is an express instance
49
+ assert.ok(app, "Express app should be exported");
50
+ assert.equal(typeof app.listen, "function", "App should have listen method");
51
+ });
52
+ `,
53
+
54
+ ".gitignore": `node_modules/
55
+ .env
56
+ dist/
57
+ coverage/
58
+ .sentinelayer/
59
+ *.log
60
+ `,
61
+
62
+ ".env.example": `PORT=3000
63
+ # Add your environment variables here
64
+ `,
65
+ };
66
+ }
67
+
68
+ export function getPackageJsonTemplate({ projectName, description }) {
69
+ const safeName = String(projectName || "my-app").replace(/[^a-zA-Z0-9_-]/g, "-").toLowerCase();
70
+ return {
71
+ name: safeName,
72
+ version: "0.1.0",
73
+ description: String(description || `${safeName} API`),
74
+ type: "module",
75
+ main: "src/index.js",
76
+ scripts: {
77
+ start: "node src/index.js",
78
+ dev: "node --watch src/index.js",
79
+ test: "node --test tests/**/*.test.js",
80
+ },
81
+ dependencies: {
82
+ express: "^5.1.0",
83
+ dotenv: "^16.4.7",
84
+ jsonwebtoken: "^9.0.2",
85
+ bcrypt: "^5.1.1",
86
+ },
87
+ devDependencies: {},
88
+ engines: {
89
+ node: ">=20.0.0",
90
+ },
91
+ };
92
+ }
93
+
94
+ export function buildReadmeContent({ projectName, description, techStack }) {
95
+ const name = String(projectName || "my-app");
96
+ const desc = String(description || `${name} project`);
97
+ const stack = String(techStack || "Node.js + Express");
98
+
99
+ return `# ${name}
100
+
101
+ ${desc}
102
+
103
+ ## Tech Stack
104
+
105
+ ${stack}
106
+
107
+ ## Getting Started
108
+
109
+ \`\`\`bash
110
+ npm install
111
+ cp .env.example .env
112
+ npm run dev
113
+ \`\`\`
114
+
115
+ ## Testing
116
+
117
+ \`\`\`bash
118
+ npm test
119
+ \`\`\`
120
+
121
+ ## Project Structure
122
+
123
+ \`\`\`
124
+ ${name}/
125
+ ├── src/
126
+ │ ├── index.js # Application entry point
127
+ │ └── routes/ # API route handlers
128
+ ├── tests/ # Test files
129
+ ├── docs/ # SentinelLayer spec & build guide
130
+ ├── prompts/ # Agent execution prompts
131
+ ├── .github/workflows/ # CI/CD (Omar Gate)
132
+ └── tasks/ # Build checklist
133
+ \`\`\`
134
+
135
+ ## Security
136
+
137
+ This project uses [SentinelLayer](https://sentinelayer.com) Omar Gate for automated security review on every PR.
138
+
139
+ ---
140
+ Generated with [create-sentinelayer](https://www.npmjs.com/package/sentinelayer-cli)
141
+ `;
142
+ }
143
+
144
+ export const TEMPLATE_REGISTRY = {
145
+ "rest-api-express": {
146
+ name: "REST API (Express.js)",
147
+ getFiles: getExpressTemplate,
148
+ getPackageJson: getPackageJsonTemplate,
149
+ },
150
+ };