speclock 4.5.7 → 5.0.1

package/README.md

@@ -8,13 +8,15 @@
   <a href="https://www.npmjs.com/package/speclock"><img src="https://img.shields.io/npm/v/speclock.svg?style=flat-square&color=4F46E5" alt="npm version" /></a>
   <a href="https://www.npmjs.com/package/speclock"><img src="https://img.shields.io/npm/dm/speclock.svg?style=flat-square&color=22C55E" alt="npm downloads" /></a>
   <a href="https://opensource.org/licenses/MIT"><img src="https://img.shields.io/badge/license-MIT-blue.svg?style=flat-square" alt="MIT License" /></a>
-  <a href="https://modelcontextprotocol.io"><img src="https://img.shields.io/badge/MCP-31_tools-green.svg?style=flat-square" alt="MCP 31 tools" /></a>
+  <a href="https://modelcontextprotocol.io"><img src="https://img.shields.io/badge/MCP-39_tools-green.svg?style=flat-square" alt="MCP 39 tools" /></a>
 </p>
 
 <p align="center">
   <a href="https://sgroy10.github.io/speclock/">Website</a> · <a href="https://www.npmjs.com/package/speclock">npm</a> · <a href="https://smithery.ai/servers/sgroy10/speclock">Smithery</a> · <a href="https://github.com/sgroy10/speclock">GitHub</a>
 </p>
 
+<p align="center"><strong>Developed by <a href="https://github.com/sgroy10">Sandeep Roy</a></strong> · Free &amp; Open Source (MIT License)</p>
+
 ---
 
 ```
@@ -30,7 +32,7 @@ AI:     ⚠️  BLOCKED — violates lock "Never touch the auth system"
         Should I find another approach?
 ```
 
-**557 tests. 98% pass rate. 0 false positives across 5 domains. Gemini Flash hybrid for universal domain coverage.**
+**940 tests. 99.4% pass rate. 0 false positives across 13 suites. Gemini Flash hybrid, Spec Compiler, Code Graph, Typed Constraints, Python SDK, ROS2 integration.**
 
 ---
 
@@ -235,7 +237,109 @@ Import and export policies between projects. Share constraint templates across y
 
 ---
 
-## 31 MCP Tools
+## Spec Compiler (v5.0)
+
+Paste a PRD, README, or architecture doc — SpecLock extracts all constraints automatically:
+
+```
+Input:  "We're building a fintech app. Use React and FastAPI.
+         Never touch the auth module. Response time must stay
+         under 200ms. Payments go through Stripe."
+
+Output: 2 text locks:
+          - "Never touch the auth module"
+          - "Payments go through Stripe — don't change provider"
+        1 typed lock:
+          - response_time_ms <= 200 (numerical)
+        2 decisions:
+          - "Use React for frontend"
+          - "Use FastAPI for backend"
+```
+
+Uses Gemini Flash by default ($0.01 per 1000 compilations). No API key needed for core SpecLock — only the compiler uses LLM. Falls back gracefully if no key is set.
+
+---
+
+## Code Graph (v5.0)
+
+Live dependency graph of your codebase. Parses JS/TS/Python imports.
+
+```
+$ speclock blast-radius src/core/memory.js
+
+Direct Dependents:  8 files
+Transitive Impact:  14 files (33% of codebase)
+Max Depth:          4 hops
+```
+
+**Lock-to-file mapping:** Lock "Never modify auth" → automatically maps to `src/api/auth.js`, `src/middleware/auth.js`, `src/utils/jwt.js`. No configuration needed.
+
+**Module detection:** Groups files into logical modules, tracks inter-module dependencies, identifies critical paths.
+
+---
+
+## Typed Constraints (v5.0)
+
+Real-time value and state checking for autonomous systems, IoT, robotics:
+
+```javascript
+// Numerical: speed must be <= 2.0 m/s
+{ constraintType: "numerical", metric: "speed_mps", operator: "<=", value: 2.0 }
+
+// Range: temperature must stay between 20-25°C
+{ constraintType: "range", metric: "temperature_c", min: 20, max: 25 }
+
+// State: never go from armed → disarmed without approval
+{ constraintType: "state", metric: "system_mode", forbidden: [{ from: "armed", to: "disarmed" }] }
+
+// Temporal: heartbeat must occur every 30 seconds
+{ constraintType: "temporal", metric: "heartbeat_s", operator: "<=", value: 30 }
+```
+
+---
+
+## Python SDK & ROS2 (v5.0)
+
+```bash
+pip install speclock-sdk
+```
+
+```python
+from speclock import ConstraintChecker
+checker = ConstraintChecker(constraints)
+result = checker.check({"metric": "speed_mps", "value": 3.5})
+# → violation: speed exceeds 2.0 m/s limit
+```
+
+**ROS2 Guardian Node:** Real-time constraint enforcement for robots. Subscribes to sensor topics, checks constraints at configurable rate, publishes violations, triggers emergency stop.
+
+---
+
+## REST API v2 (v5.0)
+
+Real-time constraint checking for autonomous systems:
+
+```bash
+# Single check
+POST /api/v2/check-typed    { metric, value, entity }
+
+# Batch check (up to 100)
+POST /api/v2/check-batch    { checks: [...] }
+
+# SSE streaming (real-time violations)
+GET  /api/v2/stream
+
+# Spec Compiler
+POST /api/v2/compiler/compile  { text, autoApply }
+
+# Code Graph
+GET  /api/v2/graph/blast-radius?file=src/core/memory.js
+GET  /api/v2/graph/lock-map
+```
+
+---
+
+## 39 MCP Tools
 
 <details>
 <summary><b>Memory</b> — goal, locks, decisions, notes, deploy facts</summary>
@@ -308,6 +412,30 @@ Import and export policies between projects. Share constraint templates across y
 
 </details>
 
+<details>
+<summary><b>Typed Constraints</b> — numerical, range, state, temporal (v5.0)</summary>
+
+| Tool | What it does |
+|------|-------------|
+| `speclock_add_typed_lock` | Add typed constraint (numerical/range/state/temporal) |
+| `speclock_check_typed` | Check proposed values against typed constraints |
+| `speclock_list_typed_locks` | List all typed constraints |
+| `speclock_update_threshold` | Update typed lock thresholds |
+
+</details>
+
+<details>
+<summary><b>Spec Compiler & Code Graph</b> — NL→constraints, dependency analysis (v5.0)</summary>
+
+| Tool | What it does |
+|------|-------------|
+| `speclock_compile_spec` | Compile natural language into structured constraints |
+| `speclock_build_graph` | Build/refresh code dependency graph |
+| `speclock_blast_radius` | Calculate blast radius of file changes |
+| `speclock_map_locks` | Map locks to actual code files |
+
+</details>
+
 ---
 
 ## CLI
@@ -380,7 +508,7 @@ The AI opens the file and sees:
 │     AI Tool (Claude Code, Cursor, Bolt.new...)    │
 └────────────┬──────────────────┬──────────────────┘
              │                  │
-   MCP Protocol (31 tools)    npm File-Based
+   MCP Protocol (39 tools)    npm File-Based
              │              (SPECLOCK.md + CLI)
              │                  │
 ┌────────────▼──────────────────▼──────────────────┐
@@ -429,15 +557,23 @@ The AI opens the file and sees:
 | Suite | Tests | Pass Rate | What it covers |
 |-------|------:|----------:|----------------|
 | Adversarial Conflict | 61 | 100% | Euphemisms, temporal evasion, compound sentences |
+| Typed Constraints | 61 | 100% | Numerical, range, state, temporal validation |
 | Phase 4 (Multi-domain) | 91 | 100% | Fintech, e-commerce, IoT, healthcare, SaaS |
 | John (Indie Dev Journey) | 86 | 100% | 8-session Bolt.new build with 5 locks |
 | Sam (Enterprise HIPAA) | 124 | 100% | HIPAA locks, PHI, encryption, RBAC |
+| Auth & Crypto | 114 | 100% | API keys, RBAC, AES-256 encryption |
+| Audit Chain | 35 | 100% | HMAC-SHA256 chain integrity |
+| Enforcement | 40 | 100% | Hard/advisory mode, overrides |
+| Compliance Export | 50 | 100% | SOC 2, HIPAA, CSV formats |
+| REST API v2 | 28 | 100% | Typed constraint endpoints, SSE |
+| Spec Compiler | 24 | 100% | NL→constraints parsing, auto-apply |
+| Code Graph | 33 | 100% | Import parsing, blast radius, lock mapping |
+| Python SDK | 62 | 100% | pip install, constraint checking |
+| ROS2 Guardian | 26 | 100% | Robot safety constraint enforcement |
 | Real-World Testers | 105 | 95% | 5 developers, 30+ locks, diverse domains |
-| Payment/Salary/PII | 35 | 100% | Cross-vocabulary: payroll, salary, compensation |
-| Claude Tester (G-Suite) | 55 | 95% | Independent AI tester, adversarial probing |
-| **Total** | **557** | **98%** | |
+| **Total** | **940** | **99.4%** | **13 suites, 15 domains** |
 
-Tested across: fintech, e-commerce, IoT, healthcare, SaaS, gaming, biotech, aerospace, payments, payroll. All 11 Indian payment gateways detected (Razorpay, PayU, Cashfree, PhonePe, Paytm, CCAvenue, BillDesk, Instamojo, Juspay, Stripe, PayPal). Zero false positives on UI/cosmetic actions.
+Tested across: fintech, e-commerce, IoT, healthcare, SaaS, gaming, biotech, aerospace, payments, payroll, robotics, autonomous systems. All 11 Indian payment gateways detected. Zero false positives on UI/cosmetic actions.
 
 ---
 
@@ -475,4 +611,4 @@ Built by **[Sandeep Roy](https://github.com/sgroy10)**
 
 ---
 
-<p align="center"><i>v4.5.7 — 557 tests, 98% pass rate, 31 MCP tools, Gemini hybrid. Because remembering isn't enough.</i></p>
+<p align="center"><i>v5.0.0 — 940 tests, 99.4% pass rate, 39 MCP tools, Spec Compiler, Code Graph, Typed Constraints, Python SDK, ROS2, REST API v2. Because remembering isn't enough.</i></p>

package/package.json

@@ -2,9 +2,9 @@
 
   "name": "speclock",
 
-  "version": "4.5.7",
+  "version": "5.0.1",
 
-  "description": "AI constraint engine — stops AI from breaking what you locked. Semantic detection, Gemini LLM hybrid, 31 MCP tools, HMAC audit chain, RBAC, encryption, SOC 2/HIPAA compliance. Works with Claude Code, Cursor, Bolt.new, Lovable.",
+  "description": "AI Constraint Engine for autonomous systems governance. Spec Compiler (NL→constraints), Code Graph (blast radius, lock-to-file mapping), Typed constraints (numerical, range, state, temporal), REST API v2, Python SDK, ROS2 integration. 39 MCP tools, Gemini LLM hybrid, HMAC audit chain, RBAC, encryption, SOC 2/HIPAA compliance.",
 
   "type": "module",
 
@@ -12,130 +12,91 @@
 
   "bin": {
 
-  
-  "speclock": "./bin/speclock.js"
+    "speclock": "./bin/speclock.js"
 
   },
 
   "scripts": {
 
-  
-  "start": "node src/mcp/server.js",
+    "start": "node src/mcp/server.js",
 
-  
-  "serve": "node src/mcp/server.js",
+    "serve": "node src/mcp/server.js",
 
-  
-  "test": "node --experimental-vm-modules node_modules/.bin/jest"
+    "test": "node --experimental-vm-modules node_modules/.bin/jest"
 
   },
 
   "keywords": [
 
-  
-  "mcp",
+    "mcp",
 
-  
-  "mcp-server",
+    "mcp-server",
 
-  
-  "ai",
+    "ai",
 
-  
-  "ai-memory",
+    "ai-memory",
 
-  
-  "ai-continuity",
+    "ai-continuity",
 
-  
-  "context",
+    "context",
 
-  
-  "memory",
+    "memory",
 
-  
-  "claude",
+    "claude",
 
-  
-  "claude-code",
+    "claude-code",
 
-  
-  "cursor",
+    "cursor",
 
-  
-  "codex",
+    "codex",
 
-  
-  "windsurf",
+    "windsurf",
 
-  
-  "cline",
+    "cline",
 
-  
-  "speclock",
+    "speclock",
 
-  
-  "ai-amnesia",
+    "ai-amnesia",
 
-  
-  "model-context-protocol",
+    "model-context-protocol",
 
-  
-  "drift-detection",
+    "drift-detection",
 
-  
-  "constraint-enforcement",
+    "constraint-enforcement",
 
-  
-  "enterprise",
+    "enterprise",
 
-  
-  "soc2",
+    "soc2",
 
-  
-  "hipaa",
+    "hipaa",
 
-  
-  "compliance",
+    "compliance",
 
-  
-  "audit-trail",
+    "audit-trail",
 
-  
-  "hmac",
+    "hmac",
 
-  
-  "encryption",
+    "encryption",
 
-  
-  "aes-256",
+    "aes-256",
 
-  
-  "api-key",
+    "api-key",
 
-  
-  "authentication",
+    "authentication",
 
-  
-  "rbac",
+    "rbac",
 
-  
-  "policy-as-code",
+    "policy-as-code",
 
-  
-  "sso",
+    "sso",
 
-  
-  "oauth",
+    "oauth",
 
-  
-  "oidc",
+    "oidc",
 
-  
-  "dashboard",
+    "dashboard",
 
-  
-  "telemetry"
+    "telemetry"
 
   ],
 
@@ -147,104 +108,79 @@
 
   "bugs": {
 
-  
-  "url": "https://github.com/sgroy10/speclock/issues"
+    "url": "https://github.com/sgroy10/speclock/issues"
 
   },
 
   "repository": {
 
-  
-  "type": "git",
+    "type": "git",
 
-  
-  "url": "git+https://github.com/sgroy10/speclock.git"
+    "url": "git+https://github.com/sgroy10/speclock.git"
 
   },
 
   "engines": {
 
-  
-  "node": ">=18"
+    "node": ">=18"
 
   },
 
   "dependencies": {
 
-  
-  "@modelcontextprotocol/sdk": "^1.26.0",
+    "@modelcontextprotocol/sdk": "^1.26.0",
 
-  
-  "chokidar": "^3.6.0",
+    "chokidar": "^3.6.0",
 
-  
-  "zod": "^3.25.0"
+    "zod": "^3.25.0"
 
   },
 
   "files": [
 
-  
-  "bin/",
+    "bin/",
 
-  
-  "src/",
+    "src/",
 
-  
-  "src/dashboard/",
+    "src/dashboard/",
 
-  
-  "README.md",
+    "README.md",
 
-  
-  "SPECLOCK-INSTRUCTIONS.md",
+    "SPECLOCK-INSTRUCTIONS.md",
 
-  
-  "LICENSE"
+    "LICENSE"
 
   ],
 
   "devDependencies": {
 
-  
-  "esbuild": "^0.27.3",
+    "esbuild": "^0.27.3",
 
-  
-  "jest": "^30.2.0"
+    "jest": "^30.2.0"
 
   },
 
   "speclock": {
 
-  
-  "active": true,
+    "active": true,
 
-  
-  "message": "STOP — This project has SpecLock constraints. Read SPECLOCK.md and .speclock/context/latest.md BEFORE making ANY changes. Run 'npx speclock check' before ALL code changes. If a lock below is violated, STOP and ask user to unlock.",
+    "message": "STOP — This project has SpecLock constraints. Read SPECLOCK.md and .speclock/context/latest.md BEFORE making ANY changes. Run 'npx speclock check' before ALL code changes. If a lock below is violated, STOP and ask user to unlock.",
 
-  
-  "locks": [
+    "locks": [
 
-  
-  
-  "Game balance configuration must not be changed",
+      "Game balance configuration must not be changed",
 
-  
-  
-  "Patient records must never be deleted",
+      "Patient records must never be deleted",
 
-  
-  
-  "No breaking changes to public API"
+      "No breaking changes to public API"
 
-  
-  ],
+    ],
 
-  
-  "context": ".speclock/context/latest.md",
+    "context": ".speclock/context/latest.md",
 
-  
-  "rules": "SPECLOCK.md"
+    "rules": "SPECLOCK.md"
 
   }
+
 }
+

package/src/cli/index.js

@@ -117,7 +117,7 @@ function refreshContext(root) {
 
 function printHelp() {
   console.log(`
-SpecLock v4.5.7 — AI Constraint Engine (Gemini LLM + Policy-as-Code + SSO + Dashboard + Telemetry + Auth + RBAC + Encryption)
+SpecLock v5.0.0 — AI Constraint Engine (Spec Compiler + Code Graph + Typed Constraints + Python SDK + ROS2 + REST API v2 + Gemini LLM + Policy-as-Code + Auth + RBAC + Encryption)
 Developed by Sandeep Roy (github.com/sgroy10)
 
 Usage: speclock <command> [options]