Trinetra — Architectural Guardrail
Local architecture governance for TypeScript, JavaScript, and Python — no cloud, no LLM, no external APIs.
Trinetra deep-resolves import graphs (including barrel re-exports up to 8 hops), evaluates changes against declared architecture rules, and produces explainable proof packets with evidence chains. Everything runs on your machine or in CI.
Features
- Declared architecture — layers, forbidden edges, mandatory gateway paths via
.trinetra/architecture.json
- Deep barrel resolution — catches violations hidden behind
export * from chains
- Policy engine — scoring, block decisions, proof packets, and repair suggestions
- VS Code sidebar — Workspace Inspector with score, signals, and evidence click-through
- Headless CLI —
trinetra evaluate, pre-commit, merge-check, plan-merge, MCP server
- Signed receipts — optional Ed25519
architecture-proof/v1 receipts for CI audit trails
- 100% local — deterministic, zero egress
What's new in 1.3.0
- Python architecture checks — full import graph analysis for
.py files, including __init__.py barrels
- Polyglot repos — catches violations across Python ↔ TypeScript/JavaScript chains in one scan
- Workspace-wide scan — analyzes all TS/JS/Python files in your project (footer shows file + violation counts)
- File extension fallback — works even when the editor mis-detects language (uses
.py/.ts/.js extension)
Quick start
1. Install the extension
Install from the VS Code Marketplace, or from a .vsix:
code --install-extension trinetra-1.2.0.vsix
2. Add architecture config
Create .trinetra/architecture.json in your repo root:
{
"version": 1,
"mode": "declared",
"defaultLayer": "generic",
"layers": [
{ "name": "controller", "match": ["**/controllers/**", "**/pages/**"] },
{ "name": "service", "match": ["**/services/**"] },
{ "name": "repository", "match": ["**/repositories/**"] },
{ "name": "database", "match": ["**/orm/**", "**/database/**"] }
],
"forbidden": [
{ "from": "controller", "to": ["database", "repository"] }
]
}
Click the Trinetra icon in the activity bar → Workspace Inspector shows verdicts, signals, and evidence for the current file.
4. Run from CLI (optional)
From the extension folder (or after npm install -g when published to npm):
npm run compile
node bin/trinetra.js evaluate --file src/controllers/Checkout.ts
node bin/trinetra.js pre-commit
MCP for AI agents
Expose Trinetra to Cursor or other MCP clients:
npm run mcp
Agents get deterministic pre-check / post-verify tools (~50ms per file) with full evidence chains for repair loops.
Pre-commit hook
node bin/trinetra.js pre-commit
Exit code 1 blocks the commit when architecture violations are found.
Stress-tested on synthetic monorepos:
| Scale |
Cold batch |
Throughput |
| 20k files |
~9s |
~2,100 files/sec |
| 100k files |
~30s |
~3,400 files/sec |
Run locally: npm run stress or npm run stress:100k
License
Apache-2.0 — see LICENSE and OPEN_CORE.md for the open-core split.