Architecture and data flow
Package Ninja separates governance control from local command execution.
Control plane components
- dashboard web app (workspace operations UI)
- backend functions (auth bridge, policy APIs, billing/event handling)
- firestore data model (orgs, teams, policies, memberships, events, sessions)
Data plane components
- CLI/runtime (
package-ninjacanonical command name) - local runtime process and session manager
- shared workflow planner used by
package-ninja planand governed execution commands - first-class package-manager passthrough for npm-family tooling (
npm,pnpm,yarn,bun) - production runtime adapters for
PyPI,Cargo,Go modules,NuGet,Maven/Gradle, andComposer
Command data flow
- developer runs command in local terminal
- CLI resolves project root, detected ecosystem, and native command plan
- CLI resolves local auth session and active workspace identity
- CLI requests effective policy when execution requires enforcement
- CLI evaluates preflight and produces verdict
- audit event is emitted
- command executes or blocks based on verdict
package-ninja plan --json stops after step 2 and reports the planned command, risk class, freshness requirement, artifact inspection, and audit behavior for humans, CI, and agents.
Security design principles
- do not trust client-provided org/team identifiers
- derive effective org/team from verified auth context server-side
- enforce deny-first semantics for ambiguous policy conflicts
- rotate and revoke tokens aggressively for stolen-device resilience
How should you think about ecosystem support?
Package Ninja is not a single-registry npm filter anymore, but it also does not expose every adapter as an equal first-class workflow yet.
- The runtime proxy and policy layer are already multi-ecosystem.
- The main CLI workflow commands now auto-detect the current production adapter set for universal
restore, supportedadd/remove, andtest, while higher-level convenience verbs such aspublishand somedevflows still remain ecosystem-specific. Governedfixnow supports direct safe-version remediation for the ecosystems that already have safe upgrade semantics. - The hosted package intelligence surface already reaches into several registries beyond npm.
Use the full breakdown here: