anchormd 0.4.0__tar.gz

anchormd-0.4.0/.dockerignore

@@ -0,0 +1,19 @@
+__pycache__
+*.pyc
+.pytest_cache
+*.db
+.env
+.venv
+.git
+tests
+docs
+output
+packs
+prompts
+src
+scripts
+.github
+*.md
+LICENSE
+action.yml
+pyproject.toml

anchormd-0.4.0/.github/dependabot.yml

@@ -0,0 +1,30 @@
+version: 2
+updates:
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+    open-pull-requests-limit: 5
+    labels:
+      - "dependencies"
+      - "python"
+    commit-message:
+      prefix: "deps"
+    groups:
+      python-minor:
+        update-types:
+          - "minor"
+          - "patch"
+
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 5
+    labels:
+      - "dependencies"
+      - "ci"
+    commit-message:
+      prefix: "ci"
+

anchormd-0.4.0/.github/workflows/ci.yml

@@ -0,0 +1,27 @@
+name: CI
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        python-version: ["3.11", "3.12", "3.13"]
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: pip install -e ".[dev]"
+      - name: Lint
+        run: ruff check src/ tests/
+      - name: Format check
+        run: ruff format --check src/ tests/
+      - name: Test
+        run: pytest tests/ -v --tb=short

anchormd-0.4.0/.github/workflows/codeql.yml

@@ -0,0 +1,33 @@
+name: CodeQL Security Scan
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: '0 6 * * 1'  # Weekly on Monday at 6 AM UTC
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v4
+        with:
+          languages: python
+          queries: security-and-quality
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v4
+        with:
+          category: "/language:python"

anchormd-0.4.0/.github/workflows/pages.yml

@@ -0,0 +1,31 @@
+name: Deploy Landing Page
+
+on:
+  push:
+    branches: [main]
+    paths: [docs/**]
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  pages: write
+  id-token: write
+
+concurrency:
+  group: pages
+  cancel-in-progress: true
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    environment:
+      name: github-pages
+      url: ${{ steps.deployment.outputs.page_url }}
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions/configure-pages@v5
+      - uses: actions/upload-pages-artifact@v4
+        with:
+          path: docs
+      - id: deployment
+        uses: actions/deploy-pages@v4

anchormd-0.4.0/.github/workflows/publish.yml

@@ -0,0 +1,23 @@
+name: Publish to PyPI
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    environment: pypi
+    permissions:
+      id-token: write
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+      - name: Install build tools
+        run: pip install build
+      - name: Build package
+        run: python -m build
+      - name: Publish to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1

anchormd-0.4.0/.github/workflows/secret-scan.yml

@@ -0,0 +1,33 @@
+# Secret Scanning with Gitleaks
+#
+# Scans for secrets in:
+# - All commits in PRs
+# - Push to main/master
+#
+name: Secret Scan
+
+on:
+  push:
+    branches: [main, master]
+  pull_request:
+    branches: [main, master]
+
+jobs:
+  gitleaks:
+    name: Scan for secrets
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
+
+      - name: Install Gitleaks
+        run: |
+          curl -sSfL https://github.com/gitleaks/gitleaks/releases/download/v8.24.3/gitleaks_8.24.3_linux_x64.tar.gz | tar xz
+          chmod +x gitleaks
+
+      - name: Run Gitleaks
+        run: |
+          ./gitleaks detect --source . --verbose --redact --exit-code 2
+

anchormd-0.4.0/.github/workflows/security.yml

@@ -0,0 +1,25 @@
+name: Security
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: '0 6 * * 1'
+
+jobs:
+  pip-audit:
+    name: Dependency Audit
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+      - name: Install dependencies
+        run: |
+          pip install -e ".[dev]" 2>/dev/null || pip install -e . 2>/dev/null || pip install -r requirements.txt
+          pip install pip-audit
+      - name: Run pip-audit
+        run: pip-audit

anchormd-0.4.0/.gitignore

@@ -0,0 +1,25 @@
+__pycache__/
+*.py[cod]
+*$py.class
+*.egg-info/
+dist/
+build/
+.eggs/
+*.egg
+.venv/
+venv/
+.mypy_cache/
+.ruff_cache/
+.pytest_cache/
+.tox/
+*.so
+.DS_Store
+Thumbs.db
+*.swp
+*.swo
+*~
+.idea/
+.vscode/
+*.iml
+.env*
+output/

anchormd-0.4.0/.gitleaks.toml

@@ -0,0 +1,4 @@
+[allowlist]
+  description = "Allowlisted false positives"
+  regexTarget = "match"
+  regexes = ['''anchormd-v1''']

anchormd-0.4.0/BUILD_GUIDE.md

@@ -0,0 +1,85 @@
+# AnchorMD — Build Execution Guide
+
+## How to Use These Prompts
+
+Each prompt in `/prompts/` is designed to be fed to Claude Code as a single session.
+Run them **in order** — each builds on the previous.
+
+### Setup
+
+```bash
+# Create repo
+mkdir anchormd && cd anchormd
+git init
+
+# Copy this entire scaffold into the repo
+# (CLAUDE.md, prompts/, docs/ should all be at root)
+
+git add -A
+git commit -m "feat: initial scaffold with CLAUDE.md and build prompts"
+```
+
+### Execution Sequence
+
+| Prompt | Time Estimate | What It Builds | Commit After |
+|--------|---------------|----------------|--------------|
+| 01_foundation | 15-20 min | pyproject.toml, models, config, exceptions | `feat: project foundation and data models` |
+| 02_scanner | 20-30 min | Filesystem scanner with tests | `feat: codebase scanner` |
+| 03_analyzers | 30-45 min | 4 analyzers (language, patterns, commands, domain) | `feat: codebase analyzers` |
+| 04_generators | 20-30 min | Section generator + document composer | `feat: CLAUDE.md generators` |
+| 05_cli | 20-30 min | Typer CLI with rich output | `feat: CLI interface` |
+| 06_auditor | 20-30 min | CLAUDE.md quality auditor | `feat: audit command` |
+| 07_templates | 30-40 min | Framework presets + Jinja2 templates | `feat: framework presets and templates` |
+| 08_publish | 15-20 min | README, CI/CD, PyPI prep | `feat: publish pipeline` |
+
+**Total estimated: 3-4 hours of Claude Code sessions**
+
+### Per-Prompt Workflow
+
+```bash
+# 1. Open Claude Code in the project root
+cd anchormd
+claude
+
+# 2. Feed the prompt
+# Copy contents of prompts/01_foundation.md into Claude Code
+
+# 3. Let it build. Review output.
+
+# 4. Run tests
+pytest tests/ -v
+
+# 5. Run lint
+ruff check src/ tests/
+
+# 6. If tests pass, commit
+git add -A
+git commit -m "feat: project foundation and data models"
+
+# 7. Move to next prompt
+```
+
+### Tips
+
+- **Always run tests before committing.** If tests fail, paste the failure into Claude Code and ask it to fix.
+- **Dogfood early.** After prompt 05, run `anchormd generate .` on the project itself. Fix issues immediately.
+- **Don't skip the auditor.** Prompt 06 is what makes this tool premium — it's the reason someone would pay for it.
+- **The templates in prompt 07 are your monetization lever.** Curated, opinionated presets are the value-add over hand-rolling.
+
+### Post-Build Checklist
+
+- [ ] `anchormd generate .` works on itself
+- [ ] `anchormd audit CLAUDE.md` scores > 60 on its own CLAUDE.md
+- [ ] `anchormd generate /path/to/some/react/project` produces good output
+- [ ] `anchormd generate /path/to/some/python/project` produces good output
+- [ ] All tests pass across Python 3.11+
+- [ ] Published to PyPI
+- [ ] GitHub repo has: pinned, README with badges, release tagged
+
+### Monetization Next Steps (After v0.1.0 ships)
+
+1. **Free CLI on PyPI** — builds adoption, gets stars
+2. **Gumroad template packs** ($5-10 each): "Enterprise Python", "Full-Stack TypeScript", "Rust Systems"
+3. **GitHub Action** (free tier + paid): auto-audit on PR, comment with score
+4. **Pro CLI** ($5/mo via license key): team templates, custom rules, CI integration
+5. **Landing page**: benchmarks showing quality improvement with Forge-generated CLAUDE.md vs hand-written

anchormd-0.4.0/CLAUDE.md

@@ -0,0 +1,167 @@
+# CLAUDE.md — anchormd
+
+## Project Overview
+
+Generate and audit CLAUDE.md files for AI coding agents. Freemium CLI with Pro license server and Stripe-automated fulfillment.
+
+## Current State
+
+- **Version**: 0.3.0
+- **Language**: Python
+- **Tests**: 134 (license server) + client-side tests
+- **License Server**: `https://anmd-license.fly.dev` (Fly.io, SQLite + WAL)
+- **Stripe**: Live — automated checkout → key generation → email delivery
+
+## Monetization
+
+- **Free**: `generate`, `audit`, 11 community presets
+- **Pro ($8/mo or $69/yr)**: `init`, `diff`, CI integration, 6 premium presets, team templates
+- **Template Packs**: Gumroad ($5-10 each)
+- **Payment Links**: Stripe Payment Links → webhook → auto key + email
+- **Do NOT modify pricing without explicit approval**
+
+## Architecture
+
+```
+anchormd/
+├── .github/workflows/
+├── docs/
+├── license_server/           # FastAPI license server (separate deployable)
+│   ├── migrations/           # SQLite schema migrations
+│   ├── routes/
+│   │   ├── activate.py       # POST /v1/activate (admin)
+│   │   ├── validate.py       # POST /v1/validate
+│   │   ├── revoke.py         # POST /v1/revoke (admin)
+│   │   └── webhook.py        # POST /v1/webhooks/stripe
+│   ├── stripe_webhooks.py    # Event handlers (checkout, cancel, payment_failed)
+│   ├── email_delivery.py     # SMTP license key delivery
+│   ├── key_gen.py            # ANMD-XXXX-XXXX-XXXX generation + hashing
+│   ├── config.py             # Env var configuration
+│   ├── database.py           # SQLite connection + migration runner
+│   ├── models.py             # Pydantic request/response models
+│   ├── rate_limit.py         # slowapi rate limiter
+│   ├── Dockerfile            # Multi-stage build for Fly.io
+│   ├── fly.toml              # Fly.io deployment config
+│   └── requirements.txt      # Server dependencies
+├── output/
+├── packs/                    # Gumroad template packs
+├── prompts/
+├── scripts/
+│   ├── stripe_setup.py       # Create Stripe products/prices/payment links
+│   └── keygen.py             # Manual key generation (legacy)
+├── src/anchormd/       # CLI package (PyPI: anchormd)
+│   ├── licensing.py          # Client-side key detection, validation, caching
+│   ├── machine_id.py         # Hostname+username hash
+│   ├── gates.py              # @require_pro feature gating
+│   └── cli.py                # Typer CLI
+├── tests/
+│   ├── drift/
+│   └── license_server/
+├── .dockerignore
+├── pyproject.toml
+```
+
+## Tech Stack
+
+- **Language**: Python, HTML, SQL
+- **Package Manager**: pip
+- **Linters**: ruff
+- **Formatters**: ruff
+- **Type Checkers**: mypy
+- **Test Frameworks**: pytest
+- **CI/CD**: GitHub Actions
+- **Hosting**: Fly.io (license server), PyPI (CLI)
+- **Payments**: Stripe (webhooks + payment links)
+- **Email**: SMTP (Gmail app password)
+
+## API Endpoints (License Server)
+
+| Endpoint | Auth | Rate Limit | Purpose |
+|----------|------|------------|---------|
+| `GET /v1/health` | None | 120/min | Health check + license counts |
+| `POST /v1/activate` | Admin Bearer | 10/min | Create license key |
+| `POST /v1/validate` | None | 60/min | Validate license key |
+| `POST /v1/revoke` | Admin Bearer | 10/min | Revoke license key |
+| `POST /v1/webhooks/stripe` | Stripe signature | 30/min | Automated fulfillment |
+
+## License Key System
+
+- **Format**: `ANMD-XXXX-XXXX-XXXX` (uppercase alphanumeric)
+- **Checksum**: Segment 3 = first 4 hex chars of `SHA256("anchormd-v1:{seg1}-{seg2}")`
+- **Storage**: SHA-256 hash only — plaintext never stored
+- **Masking**: `ANMD-****-****-{last4}` for display
+- **Client detection**: `ANCHORMD_LICENSE` env var → `.anchormd-license` → `~/.config/anchormd/license`
+- **Validation**: Local checksum → server call (5s timeout) → 24h cache → fail-open to local-only
+
+## Environment Variables
+
+### License Server (Fly.io secrets)
+- `ANMD_ADMIN_SECRET` — Bearer token for admin endpoints
+- `ANMD_DB_PATH` — SQLite path (default: `/data/license_server.db`)
+- `STRIPE_SECRET_KEY` — Stripe API key
+- `STRIPE_WEBHOOK_SECRET` — Stripe webhook signing secret
+- `ANMD_SMTP_USER` — Gmail address
+- `ANMD_SMTP_PASSWORD` — Gmail app password
+- `ANMD_SMTP_FROM` — From address for emails
+
+### Client (user-side)
+- `ANCHORMD_LICENSE` — License key
+- `ANCHORMD_LICENSE_SERVER` — Server URL (optional)
+
+## Common Commands
+
+```bash
+# test (all)
+.venv/bin/python -m pytest tests/ -v
+# test (license server only)
+.venv/bin/python -m pytest tests/license_server/ -v
+# lint
+ruff check src/ tests/ license_server/
+# format
+ruff format src/ tests/ license_server/
+# type check
+mypy src/
+# deploy license server
+fly deploy --dockerfile license_server/Dockerfile -a anmd-license --config license_server/fly.toml
+# health check
+curl https://anmd-license.fly.dev/v1/health
+```
+
+## Coding Standards
+
+- **Naming**: snake_case
+- **Quote Style**: double quotes
+- **Type Hints**: present
+- **Imports**: absolute
+- **Path Handling**: pathlib
+- **Line Length**: 100 characters
+- **Error Handling**: Custom exception classes, `from exc` in re-raises
+
+## Anti-Patterns (Do NOT Do)
+
+- Do NOT commit secrets, API keys, or credentials
+- Do NOT skip writing tests for new code
+- Do NOT use `os.path` — use `pathlib.Path` everywhere
+- Do NOT use bare `except:` — catch specific exceptions
+- Do NOT use mutable default arguments
+- Do NOT use `print()` for logging — use the `logging` module
+- Do NOT store plaintext license keys in the database
+- Do NOT modify pricing tiers without approval
+
+## Dependencies
+
+### CLI (PyPI)
+- typer, rich, pydantic, tomli, pyyaml, jinja2
+- httpx (optional, for server validation)
+
+### License Server (Fly.io)
+- fastapi, uvicorn, pydantic, slowapi, stripe
+
+### Dev
+- pytest, mypy, ruff, httpx
+
+## Git Conventions
+
+- Commit messages: Conventional commits (`feat:`, `fix:`, `docs:`, `test:`, `refactor:`)
+- Branch naming: `feat/description`, `fix/description`
+- Run tests before committing

anchormd-0.4.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 AreteDriver
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.