staisix-cli 1.0.1 โ†’ 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,29 @@
1
+ name: Publish Package to NPM Registry
2
+
3
+ on:
4
+ release:
5
+ types: [created] # Fires automatically whenever you tag an official launch release in GitHub!
6
+
7
+ jobs:
8
+ publish:
9
+ runs-on: ubuntu-latest
10
+ permissions:
11
+ contents: read
12
+ id-token: write # CRITICAL! This requests the secure OIDC cryptographic token required for Trusted Publishing!
13
+ steps:
14
+ - name: Checkout Codebase Repository
15
+ uses: actions/checkout@v4
16
+
17
+ - name: Initialize Node.js Environment Runtime
18
+ uses: actions/setup-node@v4
19
+ with:
20
+ node-version: '20'
21
+ registry-url: 'https://npmjs.org'
22
+
23
+ - name: Sync Project Dependencies
24
+ run: npm ci
25
+
26
+ - name: Execute Automated Global CDN Deployment
27
+ run: npm publish --provenance --access public
28
+ env:
29
+ NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} # Bypassed dynamically via your secure Trusted Publisher handshake loop!
package/index.js CHANGED
@@ -4,9 +4,18 @@ import axios from 'axios';
4
4
  import fs from 'fs';
5
5
  import path from 'path';
6
6
 
7
- // THE IMMUTABLE GLOBAL BACKEND DESTINATION - SECURED FROM USER TYPOS
7
+ // ==================================================================
8
+ // ๐Ÿ“ก VERIFIED PLATFORM ENDPOINTS & SECURITY AUTHORIZATION KEYS
9
+ // ==================================================================
8
10
  const GLOBAL_WEBHOOK_URL = "https://hooks.airtable.com/workflows/v1/genericWebhook/appq8GkI2I3WoCUpz/wflRsuzzM1dlsRozN/wtrJjaewHuPjtErcj";
9
11
 
12
+ //ๆๅ– Base ID from your working webhook path string natively
13
+ const BASE_ID = "appq8GkI2I3WoCUpz";
14
+ const COMPLIANCE_API_ENDPOINT = `https://airtable.com{BASE_ID}/Table%2026`;
15
+
16
+ // Replace this placeholder string with your true personal access token when ready to run web fetches
17
+ const AIRTABLE_PAT = "patYOUR_ACTUAL_PERSONAL_ACCESS_TOKEN";
18
+
10
19
  async function runCliEngine() {
11
20
  // Capture terminal flags (e.g., node index.js scan)
12
21
  const args = process.argv.slice(2);
@@ -38,48 +47,67 @@ async function runCliEngine() {
38
47
  evidenceDirectory: path.join(currentWorkingDir, '.staisix', 'evidence')
39
48
  };
40
49
 
41
- console.log("\n๐Ÿ” [STAISIX] Initiating dynamic framework verification scan...");
50
+ console.log("\n๐Ÿ” [STAISIX] Pulling latest multi-framework policy registry over the web...");
42
51
  console.log(`๐Ÿ“ก [STAISIX] Target Repository Asset: [${REPO_METADATA.aiSystemName}]`);
43
52
  console.log("------------------------------------------------------------------");
44
53
 
45
54
  let failureCount = 0;
46
55
  let activeViolationID = null;
56
+ let dynamicRulesCatalog = [];
47
57
 
48
- console.log("โœ… [GATE 1 PASSED] AI use case successfully identified via metadata matrix.");
49
- console.log("โœ… [GATE 2 PASSED] Layer 2 risk parameters classification complete.");
50
-
51
- // Evaluate Human Oversight File Path
52
- const oversightFile = path.join(REPO_METADATA.evidenceDirectory, 'oversight_policy.md');
53
- const oversightExists = fs.existsSync(oversightFile);
54
-
55
- if (!oversightExists) {
56
- failureCount = 1;
57
- activeViolationID = "STX-OVERSIGHT-01";
58
- console.log(`โŒ [PIPELINE ERROR] Local filesystem breach mapped to Control ID: [${activeViolationID}]`);
59
- console.log("โŒ [GATE 3 FAILED] Critical Blocker: No qualified human operator assigned to system loops.");
60
- } else {
61
- console.log("โœ… [GATE 3 PASSED] Manual governance & human oversight logs verified locally via oversight_policy.md.");
58
+ // ==================================================================
59
+ // ๐ŸŒ STAGE 1: Fetch all dynamic compliance rows live from Table 26
60
+ // ==================================================================
61
+ try {
62
+ const response = await axios.get(COMPLIANCE_API_ENDPOINT, {
63
+ headers: { Authorization: `Bearer ${AIRTABLE_PAT}` }
64
+ });
65
+
66
+ // Map whatever rows exist in Table 26 straight to local memory
67
+ dynamicRulesCatalog = response.data.records.map(record => ({
68
+ controlID: record.fields.Control_ID,
69
+ fileName: record.fields["Required File Target"]
70
+ })).filter(rule => rule.controlID && rule.fileName); // Exclude blank rows
71
+
72
+ console.log(`โœ… [SYNC SUCCESS] Loaded ${dynamicRulesCatalog.length} regulatory control rules natively.`);
73
+ } catch (error) {
74
+ // FALLBACK SAFETY NET: Ensures your MVP scans perfectly even if the PAT token is not inputted yet!
75
+ dynamicRulesCatalog = [
76
+ { controlID: "STX-OVERSIGHT-01", fileName: "oversight_policy.md" },
77
+ { controlID: "STX-DATA-02", fileName: "data_manifest.csv" }
78
+ ];
79
+ console.log(`โš ๏ธ [FALLBACK ENABLED] Network sync paused. Loaded baseline controls catalog (${dynamicRulesCatalog.length} active gates).`);
62
80
  }
63
81
 
64
- // Evaluate Dataset Manifest File Path
65
- const dataManifestFile = path.join(REPO_METADATA.evidenceDirectory, 'data_manifest.csv');
66
- const dataManifestExists = fs.existsSync(dataManifestFile);
67
-
68
- if (oversightExists && !dataManifestExists) {
69
- failureCount = 1;
70
- activeViolationID = "STX-DATA-02";
71
- console.log(`โŒ [PIPELINE ERROR] Local filesystem breach mapped to Control ID: [${activeViolationID}]`);
72
- console.log("โŒ [GATE 5 FAILED] Training data lineage logs violate Clause 8 Data Governance constraints.");
73
- } else if (oversightExists && dataManifestExists) {
74
- console.log("โœ… [GATE 5 PASSED] Training data lineage and sourcing artifacts documented.");
75
- } else {
76
- console.log("โš ๏ธ [GATE 5 SKIPPED] Sourcing documentation analysis paused until baseline oversight clears.");
82
+ console.log("------------------------------------------------------------------");
83
+ console.log("๐Ÿงช [SCAN ACTIVE] Evaluating local filesystem repository files...");
84
+
85
+ // ==================================================================
86
+ // ๐Ÿ”ฌ STAGE 2: Dynamically loop through your incoming row metrics
87
+ // ==================================================================
88
+ for (const rule of dynamicRulesCatalog) {
89
+ const targetFilePath = path.join(REPO_METADATA.evidenceDirectory, rule.fileName);
90
+ const fileExists = fs.existsSync(targetFilePath);
91
+
92
+ if (!fileExists) {
93
+ failureCount++;
94
+ activeViolationID = rule.controlID; // Dynamically captures the current missing file's control ID
95
+
96
+ console.log(`โŒ [PIPELINE ERROR] Local filesystem breach mapped to Control ID: [${activeViolationID}]`);
97
+ if (activeViolationID === "STX-OVERSIGHT-01") {
98
+ console.log("โŒ [GATE 3 FAILED] Critical Blocker: No qualified human operator assigned to system loops.");
99
+ } else if (activeViolationID === "STX-DATA-02") {
100
+ console.log("โŒ [GATE 5 FAILED] Training data lineage logs violate Clause 8 Data Governance constraints.");
101
+ } else {
102
+ console.log(`โŒ [GATE FAILURE] Missing tracking file target asset: ./.staisix/evidence/${rule.fileName}`);
103
+ }
104
+ break; // Halts scanning immediately at the first failure to enforce pipeline gating
105
+ } else {
106
+ console.log(`โœ… [CONTROL VERIFIED] Control token [${rule.controlID}] satisfied via ./.staisix/evidence/${rule.fileName}`);
107
+ }
77
108
  }
78
109
 
79
- console.log("โœ… [GATE 4 PASSED] Subsidiary vendor risk assessment validated.");
80
- console.log("โœ… [GATE 6 PASSED] All baseline corporate framework controls satisfied.");
81
110
  console.log("------------------------------------------------------------------");
82
-
83
111
  const pipelineStatus = failureCount > 0 ? "BLOCKED" : "PASS";
84
112
 
85
113
  if (failureCount > 0) {
@@ -93,9 +121,12 @@ async function runCliEngine() {
93
121
  organization: REPO_METADATA.organization,
94
122
  cliFailureCount: failureCount,
95
123
  pipelineStatus: pipelineStatus,
96
- triggeredControlID: activeViolationID
124
+ triggeredControlID: activeViolationID
97
125
  };
98
126
 
127
+ // ==================================================================
128
+ // ๐Ÿ“ก STAGE 3: Transmit telemetry package downstream to Airtable
129
+ // ==================================================================
99
130
  try {
100
131
  console.log("๐Ÿ“ก [STAISIX] Transmitting pipeline telemetry payload to Softr Backend Database...");
101
132
  await axios.post(GLOBAL_WEBHOOK_URL, telemetryPayload);
@@ -108,7 +139,7 @@ async function runCliEngine() {
108
139
 
109
140
  if (pipelineStatus === "BLOCKED") {
110
141
  console.log("๐Ÿ›‘ [BUILD ERROR] Deployment blocked by framework control guardrails.\n");
111
- process.exit(1);
142
+ process.exit(1);
112
143
  } else {
113
144
  console.log("๐Ÿ“ฆ [BUILD SUCCESS] All framework checks passing. Pushing code live to production.\n");
114
145
  process.exit(0);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "staisix-cli",
3
- "version": "1.0.1",
3
+ "version": "1.0.2",
4
4
  "description": "Automated Policy-as-Code continuous pipeline gatekeeper for AI model deployments.",
5
5
  "main": "index.js",
6
6
  "type": "module",