npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@nugehs/gate

v0.3.0

Published

gate — one ship/no-ship verdict from aiglare, bouncer, tieline & repoctx. The unified merge gate for the nugehs toolchain: run four deterministic checks, get one normalized verdict.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

davidoludavidolu

Keywords

cimerge-gategovernancecomplianceai-governancecontract-driftstatic-analysismonorepomcpmodel-context-protocol

Readme

gate

One ship/no-ship verdict from your whole nugehs toolchain.

npm license: MIT node

gate demo

gate runs aiglare, bouncer, tieline and repoctx against a repo and merges their four dialects into one normalized verdict. Each tool already answers a different "can this ship?" question — gate is the place they finally agree on the answer.

npx @nugehs/gate                      # audit the current repo
npx @nugehs/gate ./service --ci       # fail the build on a blocking verdict
npx @nugehs/gate --json               # the unified verdict, machine-readable
        ┌──────────────────────────────────────────────┐
        │                   gate                         │
        │   one config · one verdict · one report        │
        └──────────────────────────────────────────────┘
            │            │            │            │
        aiglare       bouncer      tieline      repoctx
       red/amber/    pass/fail/   matched/     PASS/WARN/
         green        unknown      drift         FAIL
            │            │            │            │
            └──── normalize to pass · warn · fail ─────┘
                          │
                  ✗ FAIL   ⚠ WARN   ✓ PASS

What it reports

  gate · /path/to/repo

  ✗  AI governance    fail      2 red · 1 amber · 13 green · 1 blocking side-effect
  ·  Compliance       skipped   not configured (run `bouncer init`)
  ·  Contract drift   skipped   not configured (run `tieline init`)
  ⚠  Merge readiness  warn      1 of 8 checks need attention

  verdict: FAIL — 1 blocking · 1 warn · 2 skipped

Each tool's native result is normalized onto one status vocabulary:

| Status | Meaning | | --- | --- | | pass | the check ran and is clean | | warn | ran, found something worth a look — not blocking | | fail | ran, found a blocking problem | | unknown | ran, but couldn't determine — explicitly not a pass | | skipped | not applicable / not configured for this repo | | error | the tool couldn't be run, or returned garbage |

The top-level verdict is the worst across the domains that actually ran (skipped never counts). unknown and error roll up to warn so nothing slips through as a silent pass.

How each dialect maps

| Tool | Native signal | → gate | | --- | --- | --- | | aiglare | a red surface on a side-effectful sink | fail; any red/amber → warn | | bouncer | a fail finding (missing required control) | fail; any unknown control → unknown | | tieline | drift > 0 (FE call with no BE route) | fail; unverifiable > 0 → warn | | repoctx | FAIL/BLOCK merge verdict | fail; WARNwarn |

gate runs aiglare without --ci and derives the blocking verdict itself, so a tool that process.exit()s before flushing its pipe can't truncate the report it feeds us.

A run that checked nothing is not a pass. If every domain is skipped or deselected (e.g. --skip them all, or a typo'd --only), gate reports NO CHECKS RAN (ok:false) and fails under --ci — a misconfiguration can't silently turn the gate green.

On repoctx + local mode. repoctx's merge-readiness gate can only verify review state (approvals, CODEOWNERS, required checks) against a host like GitHub. Run locally it reports those as a WARN, so on a clean local repo gate will often show merge readiness: warn. That's repoctx being honest about what it can't see locally — not a problem with your change.

CLI

gate [path] [options]

  --json            Emit the unified verdict as JSON
  --ci              Exit non-zero when the gate fails (blocking by default)
  --strict          Treat WARN/UNKNOWN as blocking too
  --only <list>     Run only these tools (aiglare,bouncer,tieline,repoctx)
  --skip <list>     Skip these tools
  -h, --help        Show this help

gate mcp            Start the MCP server (stdio)

By default only a fail verdict blocks under --ci — safe to adopt without drowning a team in warnings. Add --strict when you want warnings to gate too.

Tool resolution

gate doesn't bundle the four tools; it finds each one at runtime. Per tool, first hit wins:

  1. GATE_<TOOL>_BIN environment variable (explicit override)
  2. the installed @nugehs/<tool> package (from node_modules)
  3. a sibling checkout at ../<tool> (local development)

A tool that can't be resolved is reported as skipped, never a hard failure — so gate is safe to run in a repo that only uses some of the toolchain.

In CI

- run: npx @nugehs/gate . --ci

For a machine-readable record, --json emits the full verdict (schema version, per-domain results, counts, and the blocking reasons) for dashboards or audit evidence.

MCP

gate is also an MCP server, so an agent can ask "can this ship?" in one call — the unified verdict, not four separate tools.

gate mcp                 # stdio JSON-RPC server
npx @nugehs/gate mcp

Tools:

| Tool | Returns | | --- | --- | | gate_check | the unified verdict for a repo (path, optional only/skip/ci/strict) | | list_checks | the four checks gate runs, each with its domain and what it answers |

Registry manifest: server.json (io.github.nugehs/gate).

Editor extension

The same normalized verdict drives a VS Code / Cursor extension (clients/vscode) — the gates, shifted left from CI into the editor:

  • a verdict cockpit and a checks tree in gate's own Activity Bar container;
  • inline diagnostics, hovers, Quick Fixes (mute / open docs) and CodeLens on located findings;
  • AI-native gating — an @gate chat participant, a gate_check tool agent mode can call before it says "done", and an MCP server provider — so the assistant writing the code is checked by the same gate as CI;
  • debounced run-on-save with in-flight cancellation, and multi-root support.

Roadmap

gate is the shared spine. The same JSON already drives the CLI, the --ci gate, the MCP server, and the editor extension above. Next client on the same JSON:

  • Web cockpit — a repo/PR verdict board over the JSON, unifying the four *-web sites.

License

MIT © Oluwasegun Olumbe