npm - sinapse-ai - Versions diffs - 7.7.3 → 7.7.5 - Mend

sinapse-ai 7.7.3 → 7.7.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (55) hide show

package/.codex/catalog.json +157 -0
package/.codex/command-registry.json +441 -0
package/.codex/delegation-matrix.json +512 -0
package/.codex/handoff-packet.schema.json +148 -0
package/.codex/scripts/generate-codex-greeting.js +101 -0
package/.codex/scripts/resolve-codex-command.js +147 -0
package/.codex/scripts/resolve-codex-delegation.js +205 -0
package/.codex/skills/sinapse-analyst/SKILL.md +5 -4
package/.codex/skills/sinapse-architect/SKILL.md +5 -4
package/.codex/skills/sinapse-data-engineer/SKILL.md +5 -4
package/.codex/skills/sinapse-dev/SKILL.md +5 -4
package/.codex/skills/sinapse-devops/SKILL.md +5 -4
package/.codex/skills/sinapse-orqx/SKILL.md +10 -15
package/.codex/skills/sinapse-pm/SKILL.md +5 -4
package/.codex/skills/sinapse-po/SKILL.md +4 -3
package/.codex/skills/sinapse-qa/SKILL.md +12 -11
package/.codex/skills/sinapse-sm/SKILL.md +5 -4
package/.codex/skills/sinapse-squad-creator/SKILL.md +5 -4
package/.codex/skills/sinapse-ux-design-expert/SKILL.md +5 -4
package/.codex/tasks/convene-sinapse-council.md +28 -0
package/.codex/tasks/create-sinapse-strategic-brief.md +29 -0
package/.codex/tasks/onboard-sinapse-codex.md +34 -0
package/.codex/tasks/plan-sinapse-initiative.md +33 -0
package/.codex/tasks/resolve-sinapse-conflict.md +28 -0
package/.codex/tasks/route-sinapse-request.md +35 -0
package/.codex/tasks/status-sinapse-capabilities.md +28 -0
package/.sinapse-ai/core-config.yaml +1 -1
package/.sinapse-ai/data/entity-registry.yaml +874 -749
package/.sinapse-ai/data/registry-update-log.jsonl +13 -0
package/.sinapse-ai/infrastructure/scripts/codex-parity/catalog.js +123 -0
package/.sinapse-ai/infrastructure/scripts/codex-skills-sync/index.js +60 -11
package/.sinapse-ai/infrastructure/scripts/codex-skills-sync/validate.js +44 -16
package/.sinapse-ai/infrastructure/scripts/sync-codex-local-first.js +156 -0
package/.sinapse-ai/infrastructure/scripts/validate-codex-command-registry.js +264 -0
package/.sinapse-ai/infrastructure/scripts/validate-codex-delegation.js +292 -0
package/.sinapse-ai/infrastructure/scripts/validate-codex-integration.js +15 -6
package/.sinapse-ai/infrastructure/scripts/validate-codex-sync.js +159 -0
package/.sinapse-ai/infrastructure/scripts/validate-parity.js +3 -1
package/.sinapse-ai/infrastructure/scripts/validate-paths.js +8 -10
package/.sinapse-ai/infrastructure/templates/safe-collab/README.md +8 -0
package/.sinapse-ai/install-manifest.yaml +39 -19
package/.sinapse-ai/project-config.yaml +1 -1
package/bin/utils/collab-start.js +267 -0
package/bin/utils/git-branch-guard.js +76 -0
package/bin/utils/pre-push-safety.js +110 -0
package/bin/utils/staged-secret-scan.js +108 -0
package/docs/codex-parity-program.md +670 -0
package/docs/codex-total-parity-orchestration-plan.md +301 -0
package/docs/codex-workflow-task-parity.md +87 -0
package/docs/collaboration-autonomy-plan.md +243 -0
package/docs/guides/framework-contributor-mode.md +310 -0
package/docs/guides/parallel-collaboration-source-of-truth.md +481 -0
package/package.json +14 -3
package/packages/installer/tests/unit/artifact-copy-pipeline/artifact-copy-pipeline.test.js +7 -2
package/packages/installer/tests/unit/entity-registry-bootstrap.test.js +2 -2

package/bin/utils/git-branch-guard.js ADDED Viewed

@@ -0,0 +1,76 @@
+'use strict';
+const { execSync } = require('child_process');
+function execGit(command, options = {}) {
+  return execSync(command, {
+    encoding: 'utf8',
+    stdio: ['ignore', 'pipe', 'pipe'],
+    ...options,
+  }).trim();
+}
+function resolveDefaultBranch() {
+  try {
+    const remoteHead = execGit('git symbolic-ref --short refs/remotes/origin/HEAD');
+    return remoteHead.replace(/^origin\//, '');
+  } catch {
+    return 'main';
+  }
+}
+function getCurrentBranch() {
+  return execGit('git rev-parse --abbrev-ref HEAD');
+}
+function getStagedFiles() {
+  try {
+    const output = execGit('git diff --cached --name-only');
+    return output ? output.split('\n').filter(Boolean) : [];
+  } catch {
+    return [];
+  }
+}
+function shouldBlockCommit({ branchName, defaultBranch, stagedFiles }) {
+  const protectedBranches = new Set([defaultBranch, 'master']);
+  return Boolean(stagedFiles.length) && (protectedBranches.has(branchName) || branchName === 'HEAD');
+}
+function main() {
+  const defaultBranch = resolveDefaultBranch();
+  const branchName = getCurrentBranch();
+  const stagedFiles = getStagedFiles();
+  if (!shouldBlockCommit({ branchName, defaultBranch, stagedFiles })) {
+    process.exit(0);
+  }
+  console.error('');
+  console.error('Git Branch Guard: commit blocked.');
+  console.error('');
+  if (branchName === 'HEAD') {
+    console.error('You are in detached HEAD state. Create an isolated branch or worktree first.');
+  } else {
+    console.error(`Commits are blocked on the protected branch '${branchName}'.`);
+  }
+  console.error('');
+  console.error('Start a safe maintainer workspace first:');
+  console.error('  npm run collab:start -- <story-id> <slug>');
+  console.error('');
+  console.error('Example:');
+  console.error('  npm run collab:start -- 7.7.4 codex-collab-hardening');
+  console.error('');
+  process.exit(1);
+}
+module.exports = {
+  getCurrentBranch,
+  getStagedFiles,
+  resolveDefaultBranch,
+  shouldBlockCommit,
+};
+if (require.main === module) {
+  main();
+}

package/bin/utils/pre-push-safety.js ADDED Viewed

@@ -0,0 +1,110 @@
+'use strict';
+const { execFileSync, execSync, spawnSync } = require('child_process');
+const fs = require('fs');
+function execGit(command) {
+  return execSync(command, {
+    encoding: 'utf8',
+    stdio: ['ignore', 'pipe', 'pipe'],
+  }).trim();
+}
+function resolveDefaultBranch() {
+  try {
+    const remoteHead = execGit('git symbolic-ref --short refs/remotes/origin/HEAD');
+    return remoteHead.replace(/^origin\//, '');
+  } catch {
+    return 'main';
+  }
+}
+function getCurrentBranch() {
+  return execGit('git rev-parse --abbrev-ref HEAD');
+}
+function parsePushRefs(stdinBuffer) {
+  const payload = stdinBuffer.toString('utf8').trim();
+  if (!payload) {
+    return [];
+  }
+  return payload
+    .split('\n')
+    .filter(Boolean)
+    .map((line) => {
+      const [localRef, localSha, remoteRef, remoteSha] = line.trim().split(/\s+/);
+      return { localRef, localSha, remoteRef, remoteSha };
+    });
+}
+function isProtectedPushTarget(remoteRef, defaultBranch) {
+  return remoteRef === `refs/heads/${defaultBranch}` || remoteRef === 'refs/heads/master';
+}
+function branchContainsRemoteDefault(defaultBranch) {
+  const result = spawnSync('git', ['merge-base', '--is-ancestor', `origin/${defaultBranch}`, 'HEAD'], {
+    stdio: 'ignore',
+  });
+  return result.status === 0;
+}
+function fetchRemoteDefault(defaultBranch) {
+  execFileSync('git', ['fetch', 'origin', defaultBranch, '--quiet'], {
+    stdio: ['ignore', 'ignore', 'pipe'],
+  });
+}
+function main() {
+  const defaultBranch = resolveDefaultBranch();
+  const branchName = getCurrentBranch();
+  const refs = parsePushRefs(fs.readFileSync(0));
+  if (branchName === defaultBranch || branchName === 'master') {
+    console.error('');
+    console.error(`Pre-push Safety: push blocked on protected branch '${branchName}'.`);
+    console.error('Open a feature branch or worktree first.');
+    console.error('');
+    process.exit(1);
+  }
+  if (refs.some((ref) => isProtectedPushTarget(ref.remoteRef, defaultBranch))) {
+    console.error('');
+    console.error(`Pre-push Safety: direct push to '${defaultBranch}' is blocked.`);
+    console.error('Open a pull request instead.');
+    console.error('');
+    process.exit(1);
+  }
+  try {
+    fetchRemoteDefault(defaultBranch);
+  } catch {
+    console.error('');
+    console.error(`Pre-push Safety: could not fetch origin/${defaultBranch}.`);
+    console.error('Sync with the remote before pushing.');
+    console.error('');
+    process.exit(1);
+  }
+  if (!branchContainsRemoteDefault(defaultBranch)) {
+    console.error('');
+    console.error(`Pre-push Safety: your branch is missing commits from origin/${defaultBranch}.`);
+    console.error(`Merge or rebase origin/${defaultBranch} before pushing.`);
+    console.error('');
+    process.exit(1);
+  }
+  process.exit(0);
+}
+module.exports = {
+  branchContainsRemoteDefault,
+  getCurrentBranch,
+  isProtectedPushTarget,
+  parsePushRefs,
+  resolveDefaultBranch,
+};
+if (require.main === module) {
+  main();
+}

package/bin/utils/staged-secret-scan.js ADDED Viewed

@@ -0,0 +1,108 @@
+'use strict';
+const { execFileSync, execSync } = require('child_process');
+const BLOCKED_ENV_FILE_PATTERN = /(^|\/)\.env(\..+)?$/i;
+const SAFE_ENV_FILE_PATTERN = /(^|\/)\.env\.(example|sample|template)$/i;
+const SECRET_PATTERNS = [
+  { label: 'private key', pattern: /BEGIN (RSA|DSA|EC|OPENSSH|PGP) PRIVATE KEY/ },
+  { label: 'generic private key', pattern: /BEGIN PRIVATE KEY/ },
+  { label: 'GitHub personal token', pattern: /\bgh[pousr]_[A-Za-z0-9]{20,}\b/ },
+  { label: 'GitHub fine-grained token', pattern: /\bgithub_pat_[A-Za-z0-9_]{20,}\b/ },
+  { label: 'OpenAI key', pattern: /\bsk-(proj-)?[A-Za-z0-9_-]{20,}\b/ },
+  { label: 'AWS access key', pattern: /\bAKIA[0-9A-Z]{16}\b/ },
+  { label: 'Google API key', pattern: /\bAIza[0-9A-Za-z\-_]{35}\b/ },
+  { label: 'Slack token', pattern: /\bxox[baprs]-[A-Za-z0-9-]{10,}\b/ },
+];
+function getStagedFiles() {
+  try {
+    const output = execSync('git diff --cached --name-only --diff-filter=ACMR', {
+      encoding: 'utf8',
+      stdio: ['ignore', 'pipe', 'pipe'],
+    }).trim();
+    return output ? output.split('\n').filter(Boolean) : [];
+  } catch {
+    return [];
+  }
+}
+function isBlockedEnvFile(filePath) {
+  return BLOCKED_ENV_FILE_PATTERN.test(filePath) && !SAFE_ENV_FILE_PATTERN.test(filePath);
+}
+function readStagedFile(filePath) {
+  try {
+    return execFileSync('git', ['show', `:${filePath}`], {
+      encoding: 'utf8',
+      stdio: ['ignore', 'pipe', 'pipe'],
+      maxBuffer: 5 * 1024 * 1024,
+    });
+  } catch {
+    return '';
+  }
+}
+function findSecretMatches(content) {
+  const matches = [];
+  for (const descriptor of SECRET_PATTERNS) {
+    if (descriptor.pattern.test(content)) {
+      matches.push(descriptor.label);
+    }
+  }
+  return matches;
+}
+function scanStagedFiles(files) {
+  const findings = [];
+  for (const filePath of files) {
+    if (isBlockedEnvFile(filePath)) {
+      findings.push({ filePath, reason: 'environment file' });
+      continue;
+    }
+    const content = readStagedFile(filePath);
+    const matches = findSecretMatches(content);
+    for (const match of matches) {
+      findings.push({ filePath, reason: match });
+    }
+  }
+  return findings;
+}
+function main() {
+  const stagedFiles = getStagedFiles();
+  if (stagedFiles.length === 0) {
+    process.exit(0);
+  }
+  const findings = scanStagedFiles(stagedFiles);
+  if (findings.length === 0) {
+    process.exit(0);
+  }
+  console.error('');
+  console.error('Staged Secret Scan: commit blocked.');
+  console.error('');
+  for (const finding of findings) {
+    console.error(`- ${finding.filePath}: ${finding.reason}`);
+  }
+  console.error('');
+  console.error('Remove the sensitive content before committing.');
+  console.error('');
+  process.exit(1);
+}
+module.exports = {
+  SECRET_PATTERNS,
+  findSecretMatches,
+  getStagedFiles,
+  isBlockedEnvFile,
+  scanStagedFiles,
+};
+if (require.main === module) {
+  main();
+}