Skip to content

Implement CG-018: CLI commands and daemon IPC (status/scan/report/allow/block/detonate/audit)#11

Open
ysqander wants to merge 1 commit intomainfrom
codex/implement-ticket-cg-018
Open

Implement CG-018: CLI commands and daemon IPC (status/scan/report/allow/block/detonate/audit)#11
ysqander wants to merge 1 commit intomainfrom
codex/implement-ticket-cg-018

Conversation

@ysqander
Copy link
Copy Markdown
Owner

@ysqander ysqander commented Mar 13, 2026

Motivation

  • Deliver the CG-018 scope by replacing the CLI scaffold with a usable command surface and wire it to a daemon-backed IPC API so operators can manage scans and decisions via clawguard CLI.
  • Provide actionable error handling for daemon-unavailable and detonation runtime-unavailable cases to improve operator UX.
  • Keep package boundaries intact by consuming discovery snapshot and lifecycle APIs rather than duplicating logic in the daemon.

Description

  • Implemented a CLI command parser and formatter in apps/cli/src/index.ts supporting status, scan, report, allow, block, detonate, and audit, plus --json and --detailed output modes and actionable daemon-unavailable errors.
  • Added a Unix-socket daemon server in apps/daemon/src/index.ts that validates request/response envelopes using the contracts, handles per-command logic, runs snapshot/scan/report synthesis, persists results, and invokes the lifecycle manager to quarantine on block recommendations.
  • Exported discovery snapshot and lifecycle APIs from packages/discovery/src/index.ts so the daemon consumes package APIs across boundaries.
  • Updated apps/cli/package.json to include @clawguard/storage for socket path resolution and storage helpers.
  • Left audit as a placeholder returning an empty scan list until broader persisted-scan listing is added, and detonation currently returns a helpful runtime-unavailable response when Podman/Docker is not present.

Testing

  • Ran workspace validation: pnpm install, pnpm build, pnpm typecheck, and pnpm lint, all of which completed successfully.
  • Smoke-tested CLI/daemon interactions end-to-end: started daemon with node apps/daemon/dist/index.js and executed the sequence node apps/cli/dist/index.js status, scan packages/fixtures/fixtures/benign-calendar-helper, report benign-calendar-helper --detailed, allow benign-calendar-helper "operator approved", block benign-calendar-helper "known bad", and audit; all commands returned expected responses.
  • Verified detonate returns a clear runtime-unavailable error in environments without Podman/Docker.
  • Typechecking and build passed for modified packages and apps after changes (@clawguard/discovery, @clawguard/daemon, @clawguard/cli).

Codex Task

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ysqander