sinapse-ai 1.11.3 → 1.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude/hooks/enforce-architecture-first.cjs +2 -2
- package/.claude/hooks/enforce-delegation.cjs +2 -2
- package/.claude/hooks/enforce-permission-mode.cjs +12 -12
- package/.claude/hooks/enforce-story-gate.cjs +5 -5
- package/.claude/hooks/precompact-session-digest.cjs +2 -2
- package/.claude/hooks/secret-scanning.cjs +6 -6
- package/.claude/hooks/telemetry-post-tool.cjs +0 -1
- package/.claude/hooks/write-path-validation.cjs +2 -2
- package/.sinapse-ai/core/code-intel/helpers/dev-helper.js +1 -1
- package/.sinapse-ai/core/code-intel/helpers/devops-helper.js +0 -1
- package/.sinapse-ai/core/code-intel/helpers/planning-helper.js +1 -1
- package/.sinapse-ai/core/code-intel/helpers/qa-helper.js +2 -2
- package/.sinapse-ai/core/config/template-overrides.js +1 -1
- package/.sinapse-ai/core/doctor/checks/git-hooks.js +6 -3
- package/.sinapse-ai/core/doctor/checks/npm-packages.js +1 -1
- package/.sinapse-ai/core/doctor/checks/rules-files.js +0 -1
- package/.sinapse-ai/core/doctor/index.js +0 -1
- package/.sinapse-ai/core/graph-dashboard/cli.js +1 -1
- package/.sinapse-ai/core/graph-dashboard/data-sources/code-intel-source.js +1 -1
- package/.sinapse-ai/core/health-check/checks/project/constitution-consistency.js +0 -1
- package/.sinapse-ai/core/ideation/ideation-engine.js +0 -2
- package/.sinapse-ai/core/ids/layer-classifier.js +1 -1
- package/.sinapse-ai/core/registry/build-registry.js +12 -2
- package/.sinapse-ai/core/registry/service-registry.json +178 -55
- package/.sinapse-ai/core/registry/squad-agent-resolver.js +6 -0
- package/.sinapse-ai/core/synapse/layers/layer-processor.js +1 -1
- package/.sinapse-ai/data/capability-detection.js +15 -15
- package/.sinapse-ai/data/tok3-token-comparison.js +0 -3
- package/.sinapse-ai/data/tool-search-validation.js +1 -1
- package/.sinapse-ai/development/agents/snps-orqx.md +109 -0
- package/.sinapse-ai/development/scripts/agent-config-loader.js +8 -2
- package/.sinapse-ai/development/templates/sinapse-doc-template.md +6 -6
- package/.sinapse-ai/git-hooks/lib/framework-guard.js +1 -0
- package/.sinapse-ai/git-hooks/lib/staged-protected-files-guard.js +63 -0
- package/.sinapse-ai/git-hooks/pre-commit +3 -1
- package/.sinapse-ai/index.d.ts +19 -0
- package/.sinapse-ai/install-manifest.yaml +59 -55
- package/.sinapse-ai/package.json +0 -1
- package/.sinapse-ai/utils/filters/index.js +2 -1
- package/CHANGELOG.md +31 -2
- package/bin/commands/doctor.js +1 -1
- package/bin/commands/help.js +3 -4
- package/bin/commands/install.js +7 -7
- package/bin/commands/status.js +3 -3
- package/bin/modules/chrome-brain-installer.js +3 -3
- package/bin/postinstall.js +1 -1
- package/bin/sinapse-init.js +11 -9
- package/bin/sinapse.js +1 -1
- package/bin/utils/framework-guard.js +1 -0
- package/bin/utils/staged-protected-files-guard.js +63 -0
- package/package.json +19 -2
- package/packages/installer/src/index.js +1 -1
- package/packages/installer/src/installer/brownfield-upgrader.js +1 -1
- package/packages/installer/src/installer/git-hooks-installer.js +10 -3
- package/packages/installer/src/pro/pro-scaffolder.js +3 -3
- package/packages/installer/src/wizard/ide-config-generator.js +1 -1
- package/packages/installer/src/wizard/index.js +4 -41
- package/scripts/audit-tasks.cjs +1 -1
- package/scripts/package-synapse.js +1 -1
- package/scripts/sinapse-patch.js +31 -31
- package/scripts/sync-squad-yaml-components.js +3 -3
- package/scripts/validate-agents-md.js +1 -1
- package/scripts/validate-no-personal-leaks.js +1 -1
- package/scripts/validate-orqx-discipline.js +0 -2
- package/scripts/validate-package-completeness.js +7 -7
- package/scripts/validate-squad-yaml.js +6 -6
- package/sinapse/agents/sinapse-orqx.md +1 -1
- package/sinapse/agents/snps-orqx.md +110 -1
- package/squads/claude-code-mastery/agents/swarm-orqx.md +12 -11
- package/squads/claude-code-mastery/scripts/validate-setup.js +2 -2
- package/squads/squad-brand/agents/brand-orqx.md +16 -1
- package/squads/squad-cloning/agents/cloning-orqx.md +2 -0
- package/squads/squad-commercial/agents/commercial-orqx.md +7 -4
- package/squads/squad-council/squad.yaml +67 -11
- package/squads/squad-design/agents/design-orqx.md +20 -0
- package/squads/squad-finance/agents/finance-orqx.md +6 -0
- package/squads/squad-paidmedia/agents/paidmedia-orqx.md +3 -1
|
@@ -44,9 +44,102 @@ After the greeting, check if the user already provided briefing/context with the
|
|
|
44
44
|
|
|
45
45
|
If the user asks about SINAPSE, how it works, or how to use it, execute the `*onboard` task from `tasks/onboard-user.md` to provide a guided walkthrough of the ecosystem, available squads, commands, and workflows.
|
|
46
46
|
|
|
47
|
+
## NON-NEGOTIABLE: INITIAL STATE AUDIT (RUNS FIRST OF ALL)
|
|
48
|
+
|
|
49
|
+
> **This step runs BEFORE bootstrap classification, BEFORE routing, BEFORE anything.**
|
|
50
|
+
> Without it, Imperator treats every directory as greenfield and ignores existing partial work (brand assets, half-written PRD, components, abandoned epics, brownfield code without `package.json`).
|
|
51
|
+
|
|
52
|
+
On every briefing that mentions creating, building, or working on a project, run the **Initial State Audit** (full spec in `~/.claude/rules/project-intelligence.md` § Initial State Audit):
|
|
53
|
+
|
|
54
|
+
1. Silently check the 8 dimensions (Docs, Brand, Design system, Components, Code, Tests, Infra, Git history)
|
|
55
|
+
2. Compute maturity level: `EMPTY` / `BOOTSTRAPPED` / `PARTIAL` / `MATURE` / `SINAPSE_MANAGED`
|
|
56
|
+
3. **Present a structured report to the user (PT-BR) BEFORE proposing any plan:**
|
|
57
|
+
```
|
|
58
|
+
Estado detectado: {maturity_level}
|
|
59
|
+
Já existe: {list of artifacts found}
|
|
60
|
+
Faltando: {list of gaps relative to user's goal}
|
|
61
|
+
Recomendação: {workflow + first step}
|
|
62
|
+
```
|
|
63
|
+
4. Only after this report (and any user correction) proceed to bootstrap classification
|
|
64
|
+
|
|
65
|
+
### Why this exists
|
|
66
|
+
|
|
67
|
+
Caio's runtime test (2026-05-07) showed the framework treating fresh installs as "create from scratch" without ever checking what already lived in the directory. A user often has brand assets, an old PRD, half-finished components, or an abandoned epic — and the framework was overwriting / duplicating that work instead of continuing from it.
|
|
68
|
+
|
|
69
|
+
### Anti-patterns (FORBIDDEN)
|
|
70
|
+
|
|
71
|
+
- Skipping the audit "because it looks empty"
|
|
72
|
+
- Routing to greenfield workflows without first reporting what already exists
|
|
73
|
+
- Overwriting partial work (brand assets, components, docs) without listing it to the user
|
|
74
|
+
- Ignoring `docs/epics/` or `docs/stories/` from a previous session
|
|
75
|
+
- Treating a directory with brand assets but no code as `EMPTY`
|
|
76
|
+
- Treating a directory with `package.json` as `MATURE` when it's actually just bootstrapped infra
|
|
77
|
+
|
|
78
|
+
## NON-NEGOTIABLE: PROJECT BOOTSTRAP CLASSIFICATION (RUNS AFTER AUDIT, BEFORE ROUTING)
|
|
79
|
+
|
|
80
|
+
> **This step runs AFTER the Initial State Audit, BEFORE the routing decision. No exceptions.**
|
|
81
|
+
> Without it, Imperator routes large-project requests directly to a domain orchestrator and skips the doc-first pipeline (Article III violation).
|
|
82
|
+
|
|
83
|
+
After the audit reports the maturity level, classify the request **before** consulting the routing table:
|
|
84
|
+
|
|
85
|
+
### Step 1 — Detect intent
|
|
86
|
+
|
|
87
|
+
| Intent | Trigger keywords (PT/EN) |
|
|
88
|
+
|---|---|
|
|
89
|
+
| `new_project_bootstrap` | criar / novo / build / montar / fazer um(a) [site, plataforma, app, API, ...] |
|
|
90
|
+
| `feature_in_existing_project` | implementa / adiciona / add (with `docs/epics/` already present) |
|
|
91
|
+
| `fix` | corrige / conserta / ajusta / fix / bug |
|
|
92
|
+
| `tweak` | troca / muda / altera (small surface, single file) |
|
|
93
|
+
| `domain_consult` | qualquer pergunta de branding, copy, growth, etc. (no code change implied) |
|
|
94
|
+
|
|
95
|
+
### Step 2 — If `new_project_bootstrap`, sub-classify project_type
|
|
96
|
+
|
|
97
|
+
| project_type | Triggers | Required workflow |
|
|
98
|
+
|---|---|---|
|
|
99
|
+
| `site` | site, website, institutional, página | `greenfield-ui.yaml` |
|
|
100
|
+
| `lp` | landing page, LP, captura, sales page | `greenfield-ui.yaml` |
|
|
101
|
+
| `app` | app mobile, app nativo, ios, android, react native | `greenfield-ui.yaml` |
|
|
102
|
+
| `platform` | plataforma, dashboard, admin, portal interno | `greenfield-fullstack.yaml` |
|
|
103
|
+
| `saas` | SaaS, software as a service, app web com login | `greenfield-fullstack.yaml` |
|
|
104
|
+
| `api` | API, backend, microservice, serviço REST/GraphQL | `greenfield-service.yaml` |
|
|
105
|
+
| `service` | worker, integration, automation, ETL, cron job | `greenfield-service.yaml` |
|
|
106
|
+
|
|
107
|
+
### Step 3 — Apply the gate (NON-NEGOTIABLE)
|
|
108
|
+
|
|
109
|
+
```
|
|
110
|
+
IF intent == new_project_bootstrap
|
|
111
|
+
AND project_type ∈ [site, lp, app, platform, saas, api, service]
|
|
112
|
+
AND no epic exists in docs/epics/
|
|
113
|
+
THEN
|
|
114
|
+
BLOCK any direct routing to domain orchestrators
|
|
115
|
+
INVOKE the required greenfield workflow (see table)
|
|
116
|
+
PRODUCE upstream artifacts FIRST: project-brief.md → prd.md → architecture.md (and front-end-spec.md for UI)
|
|
117
|
+
ONLY AFTER artifacts validated → shard → stories → route to domain orqx for execution
|
|
118
|
+
```
|
|
119
|
+
|
|
120
|
+
### Step 4 — Complexity gate
|
|
121
|
+
|
|
122
|
+
If the briefing scores ≥ 16 on the 5 complexity dimensions (scope, integration, infrastructure, knowledge, risk), run the **Spec Pipeline** (`spec-pipeline.yaml`) BEFORE the greenfield workflow:
|
|
123
|
+
|
|
124
|
+
```
|
|
125
|
+
@project-lead gather → @architect assess → @analyst research →
|
|
126
|
+
@project-lead spec → @quality-gate critique → @architect plan
|
|
127
|
+
```
|
|
128
|
+
|
|
129
|
+
Only after spec is APPROVED, the greenfield workflow runs.
|
|
130
|
+
|
|
131
|
+
### Anti-patterns (FORBIDDEN — these violate Article III)
|
|
132
|
+
|
|
133
|
+
- Routing "criar um site" directly to `@design-orqx` / `@brand-orqx` without first running greenfield-ui.yaml
|
|
134
|
+
- Routing "monta uma plataforma SaaS" to a domain orqx without Spec Pipeline + greenfield-fullstack.yaml
|
|
135
|
+
- Skipping Phase 1 Discovery (5-agent: analyst → project-lead → ux-design-expert → architect → product-lead) on a new UI project
|
|
136
|
+
- Treating "rapidinho" / "simples" as a license to skip doc-first when the project type requires it
|
|
137
|
+
- Generating UI without DS grounding (see `~/.claude/rules/design-system-grounding.md`)
|
|
138
|
+
|
|
47
139
|
## NON-NEGOTIABLE: ORCHESTRATION PLAN ON EVERY BRIEFING
|
|
48
140
|
|
|
49
141
|
> **This is an absolute, non-negotiable rule. No exceptions. No waiting to be asked.**
|
|
142
|
+
> **It runs AFTER the bootstrap classification above.** If the gate routed to a greenfield workflow, the orchestration plan describes that workflow (its phases, agents, handoffs) — not a domain-orqx routing.
|
|
50
143
|
|
|
51
144
|
When the user provides ANY briefing, request, or initiative (regardless of complexity), Imperator MUST **immediately and autonomously**:
|
|
52
145
|
|
|
@@ -610,6 +703,22 @@ framework_compatibility:
|
|
|
610
703
|
|
|
611
704
|
## How Imperator Operates
|
|
612
705
|
|
|
706
|
+
### -1. Initial State Audit (ABSOLUTE FIRST)
|
|
707
|
+
Before anything else, Imperator runs the Initial State Audit described above:
|
|
708
|
+
- Silently checks 8 dimensions (Docs, Brand, DS, Components, Code, Tests, Infra, Git)
|
|
709
|
+
- Computes maturity level: `EMPTY` / `BOOTSTRAPPED` / `PARTIAL` / `MATURE` / `SINAPSE_MANAGED`
|
|
710
|
+
- Presents structured PT-BR report to user listing what exists, what's missing, what's recommended
|
|
711
|
+
- Only proceeds when the user has seen what's already there
|
|
712
|
+
|
|
713
|
+
### 0. Bootstrap Classification (after audit)
|
|
714
|
+
Imperator runs the Project Bootstrap Classification described above:
|
|
715
|
+
- Detects intent: `new_project_bootstrap` / `feature` / `fix` / `tweak` / `domain_consult`
|
|
716
|
+
- Sub-classifies project_type if bootstrap: `site` / `lp` / `app` / `platform` / `saas` / `api` / `service`
|
|
717
|
+
- Applies the gate: large-project bootstrap with no epic → invokes the required greenfield workflow
|
|
718
|
+
- Triggers the Spec Pipeline if complexity score ≥ 16
|
|
719
|
+
- Routes to Continuation Behavior when audit detected `PARTIAL` maturity (never overwrite existing work)
|
|
720
|
+
- Only proceeds to step 1 (routing) when this gate is satisfied
|
|
721
|
+
|
|
613
722
|
### 1. Diagnose First
|
|
614
723
|
Every request gets classified before routing. Imperator identifies:
|
|
615
724
|
- **Domain(s):** Which squad(s) own this work?
|
|
@@ -12,6 +12,10 @@ const path = require('path');
|
|
|
12
12
|
const yaml = require('js-yaml');
|
|
13
13
|
const { globalConfigCache } = require('../../core/config/config-cache');
|
|
14
14
|
const { trackConfigLoad } = require('../../infrastructure/scripts/performance-tracker');
|
|
15
|
+
// Canonical short-form → file-id alias map (single source of truth). Without this,
|
|
16
|
+
// short ids like 'dev'/'qa'/'sinapse-orqx' resolve to '<id>.md' which does not exist
|
|
17
|
+
// (files are developer.md / quality-gate.md / snps-orqx.md), degrading the greeting.
|
|
18
|
+
const { ALIASES: AGENT_ID_ALIASES } = require('../../core/registry/squad-agent-resolver');
|
|
15
19
|
|
|
16
20
|
/**
|
|
17
21
|
* Agent configuration requirements cache
|
|
@@ -317,8 +321,10 @@ class AgentConfigLoader {
|
|
|
317
321
|
}
|
|
318
322
|
}
|
|
319
323
|
|
|
320
|
-
// Load from file
|
|
321
|
-
|
|
324
|
+
// Load from file. Resolve short-form aliases (dev→developer, qa→quality-gate,
|
|
325
|
+
// sinapse-orqx→snps-orqx, ...) to the canonical file id before building the path.
|
|
326
|
+
const fileId = AGENT_ID_ALIASES[this.agentId] || this.agentId;
|
|
327
|
+
const agentPath = path.join(process.cwd(), '.sinapse-ai', 'development', 'agents', `${fileId}.md`);
|
|
322
328
|
|
|
323
329
|
try {
|
|
324
330
|
const content = await fs.readFile(agentPath, 'utf8');
|
|
@@ -65,7 +65,7 @@ _Last Updated: {{DATE}} | SINAPSE Framework Team_
|
|
|
65
65
|
```markdown
|
|
66
66
|
# {{TITLE}}
|
|
67
67
|
|
|
68
|
-
> **EN** | [PT](../pt/path/{{FILENAME}})
|
|
68
|
+
> **EN** | [PT](../pt/path/{{FILENAME}})
|
|
69
69
|
|
|
70
70
|
---
|
|
71
71
|
|
|
@@ -169,7 +169,7 @@ _Last Updated: {{DATE}} | SINAPSE Framework Team_
|
|
|
169
169
|
```markdown
|
|
170
170
|
# ADR-{{NUMBER}}: {{TITLE}}
|
|
171
171
|
|
|
172
|
-
> **EN** | [PT](../../pt/architecture/adr/{{FILENAME}})
|
|
172
|
+
> **EN** | [PT](../../pt/architecture/adr/{{FILENAME}})
|
|
173
173
|
|
|
174
174
|
---
|
|
175
175
|
|
|
@@ -224,7 +224,7 @@ _Decision made as part of {{STORY_ID}}._
|
|
|
224
224
|
```markdown
|
|
225
225
|
# {{TITLE}} Guide
|
|
226
226
|
|
|
227
|
-
> **EN** | [PT](../pt/guides/{{FILENAME}})
|
|
227
|
+
> **EN** | [PT](../pt/guides/{{FILENAME}})
|
|
228
228
|
|
|
229
229
|
---
|
|
230
230
|
|
|
@@ -311,7 +311,7 @@ _Last Updated: {{DATE}} | SINAPSE Framework Team_
|
|
|
311
311
|
```markdown
|
|
312
312
|
# {{COMPONENT}} Reference
|
|
313
313
|
|
|
314
|
-
> **EN** | [PT](../pt/reference/{{FILENAME}})
|
|
314
|
+
> **EN** | [PT](../pt/reference/{{FILENAME}})
|
|
315
315
|
|
|
316
316
|
---
|
|
317
317
|
|
|
@@ -396,7 +396,7 @@ docs/
|
|
|
396
396
|
Always include the language navigation header:
|
|
397
397
|
|
|
398
398
|
```markdown
|
|
399
|
-
> **EN** | [PT](../pt/path/file.md)
|
|
399
|
+
> **EN** | [PT](../pt/path/file.md)
|
|
400
400
|
```
|
|
401
401
|
|
|
402
402
|
### Translation Notes
|
|
@@ -445,7 +445,7 @@ Always include the language navigation header:
|
|
|
445
445
|
```markdown
|
|
446
446
|
# Creating Custom Agents
|
|
447
447
|
|
|
448
|
-
> **EN** | [PT](../pt/guides/creating-agents.md)
|
|
448
|
+
> **EN** | [PT](../pt/guides/creating-agents.md)
|
|
449
449
|
|
|
450
450
|
---
|
|
451
451
|
|
|
@@ -54,6 +54,7 @@ function globToRegex(glob) {
|
|
|
54
54
|
pattern = pattern.replace(/\*/g, '[^/]+');
|
|
55
55
|
|
|
56
56
|
// 4. Restore ** placeholder to any-depth matcher
|
|
57
|
+
// eslint-disable-next-line no-control-regex -- internal placeholder char (set above), never user input
|
|
57
58
|
pattern = pattern.replace(/\u0000/g, '.+');
|
|
58
59
|
|
|
59
60
|
// If pattern ends with .+ (was **), match prefix
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
'use strict';
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* staged-protected-files-guard — blocks a commit that DELETES (or untracks) a
|
|
6
|
+
* protected, committed-but-critical framework file.
|
|
7
|
+
*
|
|
8
|
+
* Why: on 2026-06-20 a "snapshot migracao notebook" sweep (`git add -A`) untracked
|
|
9
|
+
* `.sinapse-ai/core/registry/service-registry.json` (the committed registry drift
|
|
10
|
+
* detector, ~12k lines), bundled it with unrelated work, and pushed it. The
|
|
11
|
+
* framework-boundary guard is a no-op in contributor mode
|
|
12
|
+
* (boundary.frameworkProtection=false), so nothing stopped the deletion. This guard
|
|
13
|
+
* is ALWAYS on and narrowly targets that class of damage — it never touches normal
|
|
14
|
+
* edits, only the removal of a curated set of protected paths.
|
|
15
|
+
*
|
|
16
|
+
* Intentional removal (done in a story) bypasses with: git commit --no-verify
|
|
17
|
+
*
|
|
18
|
+
* Self-contained: Node built-ins + `git` only (matches the other lib guards so it
|
|
19
|
+
* bundles into <hooksDir>/lib/ with no extra deps).
|
|
20
|
+
*/
|
|
21
|
+
|
|
22
|
+
const { spawnSync } = require('child_process');
|
|
23
|
+
|
|
24
|
+
// Curated, high-signal list. Keep small to guarantee zero false positives on
|
|
25
|
+
// normal work. These files are committed on purpose and must never be removed by
|
|
26
|
+
// an automated sweep without an explicit story.
|
|
27
|
+
const PROTECTED = ['.sinapse-ai/core/registry/service-registry.json'];
|
|
28
|
+
|
|
29
|
+
function stagedDeletions() {
|
|
30
|
+
// --no-renames forces a rename-away of a protected file to surface as a real
|
|
31
|
+
// deletion (D) of the old path, so moving the file out also trips the guard.
|
|
32
|
+
const res = spawnSync('git', ['diff', '--cached', '--name-status', '--no-renames'], {
|
|
33
|
+
encoding: 'utf8',
|
|
34
|
+
});
|
|
35
|
+
if (!res || res.status !== 0 || typeof res.stdout !== 'string') return [];
|
|
36
|
+
const deleted = [];
|
|
37
|
+
for (const line of res.stdout.split('\n')) {
|
|
38
|
+
if (!line) continue;
|
|
39
|
+
const parts = line.split('\t');
|
|
40
|
+
const status = parts[0];
|
|
41
|
+
const file = (parts[parts.length - 1] || '').replace(/\\/g, '/');
|
|
42
|
+
if (status === 'D') deleted.push(file);
|
|
43
|
+
}
|
|
44
|
+
return deleted;
|
|
45
|
+
}
|
|
46
|
+
|
|
47
|
+
const offenders = stagedDeletions().filter((f) => PROTECTED.includes(f));
|
|
48
|
+
|
|
49
|
+
if (offenders.length > 0) {
|
|
50
|
+
process.stderr.write(
|
|
51
|
+
'SINAPSE Protected Files: blocking commit — it deletes/untracks a protected file:\n',
|
|
52
|
+
);
|
|
53
|
+
for (const f of offenders) process.stderr.write(' - ' + f + '\n');
|
|
54
|
+
process.stderr.write(
|
|
55
|
+
'\nThese files are committed on purpose (e.g. service-registry.json is the registry\n' +
|
|
56
|
+
'drift detector). They must not be removed by an automated sweep (git add -A) or a\n' +
|
|
57
|
+
'machine-migration snapshot. If this removal is intentional, do it in a story and\n' +
|
|
58
|
+
'bypass once with: git commit --no-verify\n',
|
|
59
|
+
);
|
|
60
|
+
process.exit(1);
|
|
61
|
+
}
|
|
62
|
+
|
|
63
|
+
process.exit(0);
|
|
@@ -11,12 +11,14 @@ const projectRoot = process.cwd();
|
|
|
11
11
|
const libDir = path.join(__dirname, 'lib');
|
|
12
12
|
|
|
13
13
|
// --- 1-3. SINAPSE staged guards (each fail-CLOSED) ---------------------------
|
|
14
|
-
// Order: secret scan,
|
|
14
|
+
// Order: secret scan, destructive-SQL guard, framework-boundary guard, then
|
|
15
|
+
// protected-files guard (always-on anti-sweep; does NOT respect frameworkProtection).
|
|
15
16
|
// framework-guard self-disables when boundary.frameworkProtection is false.
|
|
16
17
|
const GUARDS = [
|
|
17
18
|
{ file: 'staged-secret-scan.js', label: 'Secret Scan' },
|
|
18
19
|
{ file: 'staged-sql-guard.js', label: 'SQL Guard' },
|
|
19
20
|
{ file: 'framework-guard.js', label: 'Framework Boundary' },
|
|
21
|
+
{ file: 'staged-protected-files-guard.js', label: 'Protected Files' },
|
|
20
22
|
];
|
|
21
23
|
|
|
22
24
|
for (const guard of GUARDS) {
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Type declarations for the SINAPSE programmatic API (CommonJS + ESM entry points).
|
|
3
|
+
*
|
|
4
|
+
* The underlying modules are authored in JavaScript, so these declarations expose
|
|
5
|
+
* the public constructors only — enough for `import { MetaAgent } from 'sinapse-ai'`
|
|
6
|
+
* to resolve. Member signatures are intentionally permissive (the JS implementation
|
|
7
|
+
* is the source of truth); this file does NOT fabricate detailed types it cannot
|
|
8
|
+
* guarantee. The framework is CLI-first; the programmatic API is a secondary surface.
|
|
9
|
+
*/
|
|
10
|
+
|
|
11
|
+
/** A JS class/constructor exposed by the framework, with an unconstrained surface. */
|
|
12
|
+
type FrameworkConstructor = new (...args: unknown[]) => unknown;
|
|
13
|
+
|
|
14
|
+
export const MetaAgent: FrameworkConstructor;
|
|
15
|
+
export const TaskManager: FrameworkConstructor;
|
|
16
|
+
export const ElicitationEngine: FrameworkConstructor;
|
|
17
|
+
export const TemplateEngine: FrameworkConstructor;
|
|
18
|
+
export const ComponentSearch: FrameworkConstructor;
|
|
19
|
+
export const DependencyAnalyzer: FrameworkConstructor;
|
|
@@ -7,9 +7,9 @@
|
|
|
7
7
|
# - SHA256 hashes for change detection
|
|
8
8
|
# - File types for categorization
|
|
9
9
|
#
|
|
10
|
-
version: 1.
|
|
10
|
+
version: 1.12.0
|
|
11
11
|
generator: scripts/generate-install-manifest.js
|
|
12
|
-
file_count:
|
|
12
|
+
file_count: 1181
|
|
13
13
|
files:
|
|
14
14
|
- path: cli/commands/config/index.js
|
|
15
15
|
hash: sha256:bfa83cb1dc111b0b30dd298dc0abc2150b73f939b6cd4458effa8e6d407bc9e2
|
|
@@ -208,21 +208,21 @@ files:
|
|
|
208
208
|
type: core
|
|
209
209
|
size: 5638
|
|
210
210
|
- path: core/code-intel/helpers/dev-helper.js
|
|
211
|
-
hash: sha256:
|
|
211
|
+
hash: sha256:c7464066f3862b251e266c28ebd2945dc2d958997c020f5ce4121fb7cc2ca423
|
|
212
212
|
type: core
|
|
213
|
-
size:
|
|
213
|
+
size: 5758
|
|
214
214
|
- path: core/code-intel/helpers/devops-helper.js
|
|
215
|
-
hash: sha256:
|
|
215
|
+
hash: sha256:e8017237fb2db8b49ebd02a9114a93549fbf0683044d7ad1a8632106188495a9
|
|
216
216
|
type: core
|
|
217
|
-
size:
|
|
217
|
+
size: 5044
|
|
218
218
|
- path: core/code-intel/helpers/planning-helper.js
|
|
219
|
-
hash: sha256:
|
|
219
|
+
hash: sha256:9b37aa02b3b0a3cabb53e2c0e53f05e1db65490d1ac403088aefec977fd025f8
|
|
220
220
|
type: core
|
|
221
|
-
size:
|
|
221
|
+
size: 6845
|
|
222
222
|
- path: core/code-intel/helpers/qa-helper.js
|
|
223
|
-
hash: sha256:
|
|
223
|
+
hash: sha256:852fa5c36260f7e89fd15dd5e4702f6e2eaae88bb4d8615f6a82b30ffdc88310
|
|
224
224
|
type: core
|
|
225
|
-
size:
|
|
225
|
+
size: 5157
|
|
226
226
|
- path: core/code-intel/helpers/story-helper.js
|
|
227
227
|
hash: sha256:7768a479630ba8976403222abe57a2795b939cce5cc0b251342547da47997f04
|
|
228
228
|
type: core
|
|
@@ -292,9 +292,9 @@ files:
|
|
|
292
292
|
type: core
|
|
293
293
|
size: 943
|
|
294
294
|
- path: core/config/template-overrides.js
|
|
295
|
-
hash: sha256:
|
|
295
|
+
hash: sha256:bf453cb8203e0752bd41a25449b3883bb548e746edfb015c7969951a16b1f62a
|
|
296
296
|
type: core
|
|
297
|
-
size:
|
|
297
|
+
size: 2225
|
|
298
298
|
- path: core/config/templates/user-config.yaml
|
|
299
299
|
hash: sha256:4da0e29fa2aad5d2dcc83c25f3dbecb00ed2de932166d39f1311b19ae862710d
|
|
300
300
|
type: template
|
|
@@ -348,9 +348,9 @@ files:
|
|
|
348
348
|
type: core
|
|
349
349
|
size: 1581
|
|
350
350
|
- path: core/doctor/checks/git-hooks.js
|
|
351
|
-
hash: sha256:
|
|
351
|
+
hash: sha256:1d20455c435ccb0d9eefb3ad8fbe0edf4bfa8e9ba4e1b7c10e837ac9063c3479
|
|
352
352
|
type: core
|
|
353
|
-
size:
|
|
353
|
+
size: 8320
|
|
354
354
|
- path: core/doctor/checks/graph-dashboard.js
|
|
355
355
|
hash: sha256:6996b47faf1945ed27a24db2a0061c46f9fd0069b0c73a8af0f4b68d68142047
|
|
356
356
|
type: core
|
|
@@ -376,13 +376,13 @@ files:
|
|
|
376
376
|
type: core
|
|
377
377
|
size: 785
|
|
378
378
|
- path: core/doctor/checks/npm-packages.js
|
|
379
|
-
hash: sha256:
|
|
379
|
+
hash: sha256:c523e6917373ae0080f98d81c52512c34ca11904339dd09656375bfff4a9075b
|
|
380
380
|
type: core
|
|
381
|
-
size:
|
|
381
|
+
size: 3816
|
|
382
382
|
- path: core/doctor/checks/rules-files.js
|
|
383
|
-
hash: sha256:
|
|
383
|
+
hash: sha256:773572637ba2758e6ea60910d86e9973bd261020b33b44da93f946f852715e91
|
|
384
384
|
type: core
|
|
385
|
-
size:
|
|
385
|
+
size: 1494
|
|
386
386
|
- path: core/doctor/checks/settings-json.js
|
|
387
387
|
hash: sha256:7ed4e501be86f1e306c6eeac97641bfc3efedb1d541bd5883ed10f8d3204fb19
|
|
388
388
|
type: core
|
|
@@ -404,9 +404,9 @@ files:
|
|
|
404
404
|
type: core
|
|
405
405
|
size: 1807
|
|
406
406
|
- path: core/doctor/index.js
|
|
407
|
-
hash: sha256:
|
|
407
|
+
hash: sha256:bf248cbf31e8411d91bc19a342f0e18263e701d738325cb9d619201292c7554c
|
|
408
408
|
type: core
|
|
409
|
-
size:
|
|
409
|
+
size: 8559
|
|
410
410
|
- path: core/elicitation/agent-elicitation.js
|
|
411
411
|
hash: sha256:92abc291cecff9b8bb9153d5fbac84ad5217cff4d0d01e0495785a939334cd81
|
|
412
412
|
type: elicitation
|
|
@@ -516,13 +516,13 @@ files:
|
|
|
516
516
|
type: core
|
|
517
517
|
size: 484
|
|
518
518
|
- path: core/graph-dashboard/cli.js
|
|
519
|
-
hash: sha256:
|
|
519
|
+
hash: sha256:491d199284d20ac61457632b2cd6890eaa2d18dab2f6d1577674f0854219f8bd
|
|
520
520
|
type: core
|
|
521
|
-
size:
|
|
521
|
+
size: 10302
|
|
522
522
|
- path: core/graph-dashboard/data-sources/code-intel-source.js
|
|
523
|
-
hash: sha256:
|
|
523
|
+
hash: sha256:90957f10067d26a41538574f4cf7397cef7bcf87c080fe27b96d91c244306f0c
|
|
524
524
|
type: core
|
|
525
|
-
size:
|
|
525
|
+
size: 6801
|
|
526
526
|
- path: core/graph-dashboard/data-sources/metrics-source.js
|
|
527
527
|
hash: sha256:35aceb954f07d4a23cd6aeffd2da1275fed6952a3e98d7524448457ffad0cf6e
|
|
528
528
|
type: core
|
|
@@ -660,9 +660,9 @@ files:
|
|
|
660
660
|
type: core
|
|
661
661
|
size: 4734
|
|
662
662
|
- path: core/health-check/checks/project/constitution-consistency.js
|
|
663
|
-
hash: sha256:
|
|
663
|
+
hash: sha256:e5cf057d336421a3dbb46e8c7341915a638a4507c95a178f2484b7fb0129a32e
|
|
664
664
|
type: core
|
|
665
|
-
size:
|
|
665
|
+
size: 5956
|
|
666
666
|
- path: core/health-check/checks/project/dependencies.js
|
|
667
667
|
hash: sha256:f11f88666cfde93196d3ec81c59ba4956c75a097591d4a5cf0b2effd88db523d
|
|
668
668
|
type: core
|
|
@@ -788,9 +788,9 @@ files:
|
|
|
788
788
|
type: core
|
|
789
789
|
size: 7763
|
|
790
790
|
- path: core/ideation/ideation-engine.js
|
|
791
|
-
hash: sha256:
|
|
791
|
+
hash: sha256:a8f1efdf143c5bb91e8d2e983d820ddb0367b1404c86bbc2927fb136c9afd4f3
|
|
792
792
|
type: core
|
|
793
|
-
size:
|
|
793
|
+
size: 27381
|
|
794
794
|
- path: core/ids/circuit-breaker.js
|
|
795
795
|
hash: sha256:d9ff8c6e540902457b17aba668ff67c04d40564ed479993ad3c4807fb8c09c3f
|
|
796
796
|
type: core
|
|
@@ -836,7 +836,7 @@ files:
|
|
|
836
836
|
type: core
|
|
837
837
|
size: 4382
|
|
838
838
|
- path: core/ids/layer-classifier.js
|
|
839
|
-
hash: sha256:
|
|
839
|
+
hash: sha256:0c8916f70a410a6aa08f789c58cf84dd4ba60845964a8454b074d367c03770a4
|
|
840
840
|
type: core
|
|
841
841
|
size: 2392
|
|
842
842
|
- path: core/ids/README.md
|
|
@@ -1136,9 +1136,9 @@ files:
|
|
|
1136
1136
|
type: core
|
|
1137
1137
|
size: 8176
|
|
1138
1138
|
- path: core/registry/build-registry.js
|
|
1139
|
-
hash: sha256:
|
|
1139
|
+
hash: sha256:b0e65b85380265d1db589d7e48e98e30b96f3da9af1a082f04aa794d9d412838
|
|
1140
1140
|
type: core
|
|
1141
|
-
size:
|
|
1141
|
+
size: 13749
|
|
1142
1142
|
- path: core/registry/README.md
|
|
1143
1143
|
hash: sha256:98219837cb84b58eaf9cea2acf95837c5860c3369ac35bb226b61a7137fa14b8
|
|
1144
1144
|
type: core
|
|
@@ -1152,13 +1152,13 @@ files:
|
|
|
1152
1152
|
type: core
|
|
1153
1153
|
size: 5290
|
|
1154
1154
|
- path: core/registry/service-registry.json
|
|
1155
|
-
hash: sha256:
|
|
1155
|
+
hash: sha256:c5bdefcd333a9d9ffffb6cb810864fb986e45436120f53b8fc74fd52ab4448ed
|
|
1156
1156
|
type: core
|
|
1157
|
-
size:
|
|
1157
|
+
size: 292202
|
|
1158
1158
|
- path: core/registry/squad-agent-resolver.js
|
|
1159
|
-
hash: sha256:
|
|
1159
|
+
hash: sha256:74c4a1fafd2f60eb9db38e9fd82a03b74d47d4e563ccb754fe00824f519c84f8
|
|
1160
1160
|
type: core
|
|
1161
|
-
size:
|
|
1161
|
+
size: 8424
|
|
1162
1162
|
- path: core/registry/validate-registry.js
|
|
1163
1163
|
hash: sha256:8612f683f1b7ecd043a0342d05fbe434721b19568b6ff76a483a6de7aa830d5c
|
|
1164
1164
|
type: core
|
|
@@ -1280,9 +1280,9 @@ files:
|
|
|
1280
1280
|
type: core
|
|
1281
1281
|
size: 4673
|
|
1282
1282
|
- path: core/synapse/layers/layer-processor.js
|
|
1283
|
-
hash: sha256:
|
|
1283
|
+
hash: sha256:57a514c7e03913d466d2058400229a8ffb4589e6ad7dcc03cbacd93a12df2ac6
|
|
1284
1284
|
type: core
|
|
1285
|
-
size:
|
|
1285
|
+
size: 2883
|
|
1286
1286
|
- path: core/synapse/memory/memory-bridge.js
|
|
1287
1287
|
hash: sha256:de1a42d258b4d23cca9ae9fcf53eb9b71df9dbf851741add3320deaf9d12abec
|
|
1288
1288
|
type: core
|
|
@@ -1360,9 +1360,9 @@ files:
|
|
|
1360
1360
|
type: data
|
|
1361
1361
|
size: 10998
|
|
1362
1362
|
- path: data/capability-detection.js
|
|
1363
|
-
hash: sha256:
|
|
1363
|
+
hash: sha256:e07f290c14bde93e62ac5397299467e6bd254074273f3fa0e66781ddcacabbe9
|
|
1364
1364
|
type: data
|
|
1365
|
-
size:
|
|
1365
|
+
size: 9602
|
|
1366
1366
|
- path: data/entity-registry.yaml
|
|
1367
1367
|
hash: sha256:2287de6ef9ec9e862f5d69ba1a4c2e91d483e2b2181557d571e69899db6fd0cd
|
|
1368
1368
|
type: data
|
|
@@ -1424,17 +1424,17 @@ files:
|
|
|
1424
1424
|
type: data
|
|
1425
1425
|
size: 7049
|
|
1426
1426
|
- path: data/tok3-token-comparison.js
|
|
1427
|
-
hash: sha256:
|
|
1427
|
+
hash: sha256:87ab8a68bf6cd7e3fc54dbba60cbc56e3a490dde1dd805fd294a04c57f5dea1b
|
|
1428
1428
|
type: data
|
|
1429
|
-
size:
|
|
1429
|
+
size: 4488
|
|
1430
1430
|
- path: data/tool-registry.yaml
|
|
1431
1431
|
hash: sha256:929ee46a0020f6a87f3ce39294f76c14d7b05980e85ba7d1e548adce8a271213
|
|
1432
1432
|
type: data
|
|
1433
1433
|
size: 15187
|
|
1434
1434
|
- path: data/tool-search-validation.js
|
|
1435
|
-
hash: sha256:
|
|
1435
|
+
hash: sha256:0ad0396cfb695fda9a966973877ade1475e0b637a10f8bb5ce3d0a76e66fdf39
|
|
1436
1436
|
type: data
|
|
1437
|
-
size:
|
|
1437
|
+
size: 5756
|
|
1438
1438
|
- path: data/workflow-chains.yaml
|
|
1439
1439
|
hash: sha256:f945a8614df52f1a6c0297a65eb46de9ab94d7fdb6540317ee77fa22228d8ec8
|
|
1440
1440
|
type: data
|
|
@@ -1532,9 +1532,9 @@ files:
|
|
|
1532
1532
|
type: agent
|
|
1533
1533
|
size: 1369
|
|
1534
1534
|
- path: development/agents/snps-orqx.md
|
|
1535
|
-
hash: sha256:
|
|
1535
|
+
hash: sha256:37e4287f70d72f77155895149de9c87e8bcdcad0e48c7cf2fbca5990e120536f
|
|
1536
1536
|
type: agent
|
|
1537
|
-
size:
|
|
1537
|
+
size: 41032
|
|
1538
1538
|
- path: development/agents/sprint-lead.md
|
|
1539
1539
|
hash: sha256:572289b770cdbb0cff9ae2de4b2d19c38ce814fe978df397aa2794297f562c91
|
|
1540
1540
|
type: agent
|
|
@@ -1652,9 +1652,9 @@ files:
|
|
|
1652
1652
|
type: script
|
|
1653
1653
|
size: 7535
|
|
1654
1654
|
- path: development/scripts/agent-config-loader.js
|
|
1655
|
-
hash: sha256:
|
|
1655
|
+
hash: sha256:e27095c228ce32d8b5a6f45c937a02242de97dd6ea42a0e8a52651d15962e31c
|
|
1656
1656
|
type: script
|
|
1657
|
-
size:
|
|
1657
|
+
size: 18933
|
|
1658
1658
|
- path: development/scripts/agent-exit-hooks.js
|
|
1659
1659
|
hash: sha256:e5b809fa700dad287341c318ef44b945dc24261445eba4bd20f97ac4e21b9480
|
|
1660
1660
|
type: script
|
|
@@ -2984,9 +2984,9 @@ files:
|
|
|
2984
2984
|
type: template
|
|
2985
2985
|
size: 2520
|
|
2986
2986
|
- path: development/templates/sinapse-doc-template.md
|
|
2987
|
-
hash: sha256:
|
|
2987
|
+
hash: sha256:867388ff8683a2b943b84411fd32cd546fd03f3265e33083a87a16bfb719606b
|
|
2988
2988
|
type: template
|
|
2989
|
-
size:
|
|
2989
|
+
size: 8060
|
|
2990
2990
|
- path: development/templates/squad-template/agents/example-agent.yaml
|
|
2991
2991
|
hash: sha256:b5dd44e677c1936797d19e53a9241798e148847310c02f2c26182a91a6183d42
|
|
2992
2992
|
type: agent
|
|
@@ -3171,6 +3171,10 @@ files:
|
|
|
3171
3171
|
hash: sha256:54ab156d0149da43698c0b439e196a228c794441b20c78d26b9433a17a6e20f6
|
|
3172
3172
|
type: elicitation
|
|
3173
3173
|
size: 9678
|
|
3174
|
+
- path: index.d.ts
|
|
3175
|
+
hash: sha256:6257a6ba37bd5ec0ebbfe6b76f97f1926a504635988943d79a85ef6175629542
|
|
3176
|
+
type: code
|
|
3177
|
+
size: 981
|
|
3174
3178
|
- path: index.esm.js
|
|
3175
3179
|
hash: sha256:13e1784627956a59acfc3ca1cb2d0f74cbfbb38d3a7b77bf7615b74963366d11
|
|
3176
3180
|
type: code
|
|
@@ -3928,9 +3932,9 @@ files:
|
|
|
3928
3932
|
type: manifest
|
|
3929
3933
|
size: 5298
|
|
3930
3934
|
- path: package.json
|
|
3931
|
-
hash: sha256:
|
|
3935
|
+
hash: sha256:298bbd04fb4f7d5ca499ba79d617130049b7bbe54a93ab57233e5c49258dd2ff
|
|
3932
3936
|
type: other
|
|
3933
|
-
size:
|
|
3937
|
+
size: 2478
|
|
3934
3938
|
- path: product/checklists/accessibility-wcag-checklist.md
|
|
3935
3939
|
hash: sha256:11f340683187a9683c173b6f11b292eb1e49cca8844297a6bdb2631e46b8513a
|
|
3936
3940
|
type: checklist
|
|
@@ -4656,9 +4660,9 @@ files:
|
|
|
4656
4660
|
type: workflow-intelligence
|
|
4657
4661
|
size: 10680
|
|
4658
4662
|
- path: workflow-intelligence/__tests__/integration.test.js
|
|
4659
|
-
hash: sha256:
|
|
4663
|
+
hash: sha256:34421819f60f450e830508cebd16a25e72cbe225eade29abac8188e8a0ced6b2
|
|
4660
4664
|
type: workflow-intelligence
|
|
4661
|
-
size:
|
|
4665
|
+
size: 11695
|
|
4662
4666
|
- path: workflow-intelligence/__tests__/suggestion-engine.test.js
|
|
4663
4667
|
hash: sha256:4dd26f611a58c0bcd54dc69e1804efe103406ee0c0bda0880a4b39aecf540045
|
|
4664
4668
|
type: workflow-intelligence
|
|
@@ -4668,9 +4672,9 @@ files:
|
|
|
4668
4672
|
type: workflow-intelligence
|
|
4669
4673
|
size: 15056
|
|
4670
4674
|
- path: workflow-intelligence/__tests__/workflow-registry.test.js
|
|
4671
|
-
hash: sha256:
|
|
4675
|
+
hash: sha256:d9488e420f584474de920e090068809a220db1bd1d49e96769f6fc3ed7a47dba
|
|
4672
4676
|
type: workflow-intelligence
|
|
4673
|
-
size:
|
|
4677
|
+
size: 10709
|
|
4674
4678
|
- path: workflow-intelligence/engine/confidence-scorer.js
|
|
4675
4679
|
hash: sha256:6312ad6707909d3177d8d96500dbb782be5662853cb73e52bb4da68b8cb0d883
|
|
4676
4680
|
type: workflow-intelligence
|
package/.sinapse-ai/package.json
CHANGED
|
@@ -112,7 +112,7 @@ function applyFilter(toolName, input, overrideConfig, registryPath) {
|
|
|
112
112
|
filter_type: 'field',
|
|
113
113
|
};
|
|
114
114
|
|
|
115
|
-
default:
|
|
115
|
+
default: {
|
|
116
116
|
// Unknown filter type — pass through
|
|
117
117
|
const serialized = typeof input === 'string' ? input : JSON.stringify(input, null, 2);
|
|
118
118
|
return {
|
|
@@ -122,6 +122,7 @@ function applyFilter(toolName, input, overrideConfig, registryPath) {
|
|
|
122
122
|
reduction_pct: 0,
|
|
123
123
|
filter_type: 'unknown',
|
|
124
124
|
};
|
|
125
|
+
}
|
|
125
126
|
}
|
|
126
127
|
}
|
|
127
128
|
|