refactor: update package names from @enclavejs to @enclave-vm across the codebase

.github/workflows/publish-release.yml

@@ -209,13 +209,13 @@ jobs:
 
               The Enclave ecosystem includes:
               - ast-guard: AST security guard with CVE protection
-              - enclave-vm: Secure AgentScript execution environment
-              - @enclavejs/types: Protocol types and Zod schemas
-              - @enclavejs/stream: NDJSON streaming with encryption
-              - @enclavejs/broker: Tool broker with session management
-              - @enclavejs/client: Browser and Node.js client SDK
-              - @enclavejs/react: React hooks and components
-              - @enclavejs/runtime: Standalone deployable runtime
+              - @enclave-vm/core: Secure AgentScript execution environment
+              - @enclave-vm/types: Protocol types and Zod schemas
+              - @enclave-vm/stream: NDJSON streaming with encryption
+              - @enclave-vm/broker: Tool broker with session management
+              - @enclave-vm/client: Browser and Node.js client SDK
+              - @enclave-vm/react: React hooks and components
+              - @enclave-vm/runtime: Standalone deployable runtime
 
               Version: ${version}
               Release Date: ${releaseDate}

README-ARCHITECTURE.md

@@ -12,15 +12,15 @@ The design intentionally supports:
 
 ## Implementation Status
 
-| Package              | Status  | Description                             |
-| -------------------- | ------- | --------------------------------------- |
-| `enclave-vm`         | ✅ Done | Core sandbox VM engine                  |
-| `@enclavejs/types`   | ✅ Done | Shared TypeScript types and Zod schemas |
-| `@enclavejs/stream`  | ✅ Done | NDJSON streaming protocol               |
-| `@enclavejs/broker`  | ✅ Done | Middleware/tool broker with HTTP API    |
-| `@enclavejs/client`  | ✅ Done | Browser + Node client SDK               |
-| `@enclavejs/runtime` | ✅ Done | Extracted runtime worker                |
-| `@enclavejs/react`   | ✅ Done | React hooks & components                |
+| Package               | Status  | Description                             |
+| --------------------- | ------- | --------------------------------------- |
+| `@enclave-vm/core`    | ✅ Done | Core sandbox VM engine                  |
+| `@enclave-vm/types`   | ✅ Done | Shared TypeScript types and Zod schemas |
+| `@enclave-vm/stream`  | ✅ Done | NDJSON streaming protocol               |
+| `@enclave-vm/broker`  | ✅ Done | Middleware/tool broker with HTTP API    |
+| `@enclave-vm/client`  | ✅ Done | Browser + Node client SDK               |
+| `@enclave-vm/runtime` | ✅ Done | Extracted runtime worker                |
+| `@enclave-vm/react`   | ✅ Done | React hooks & components                |
 
 ## Table of contents
 
@@ -67,7 +67,7 @@ The design intentionally supports:
 | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------- |
 | **Runtime**             | The component that runs AgentScript continuously (built on `enclave-vm`).                                                             |
 | **Client**              | JS SDK used from browser/server to start a session with the middleware and consume the streamed events/results.                       |
-| **Middleware / Broker** | Node.js service (often inside a VPC) that owns secrets and executes tool calls. Implemented in `@enclavejs/broker`.                   |
+| **Middleware / Broker** | Node.js service (often inside a VPC) that owns secrets and executes tool calls. Implemented in `@enclave-vm/broker`.                  |
 | **Session**             | A long-lived, continuous execution context for a single piece of code (plus its stream + tool roundtrips).                            |
 | **Tool**                | An external action callable from AgentScript via `callTool(name, args)`.                                                              |
 | **Reference Sidecar**   | Per-session in-memory store of large/sensitive values addressed by `refId`.                                                           |
@@ -85,8 +85,8 @@ The design intentionally supports:
 ├─────────────────────────────────────────────────────────────────────────────┤
 │                                                                              │
 │   ┌──────────────────┐     ┌──────────────────┐     ┌──────────────────┐   │
-│   │  @enclavejs/     │     │  @enclavejs/     │     │   enclave-vm     │   │
-│   │    client        │────▶│    broker        │────▶│   (runtime)      │   │
+│   │  @enclave-vm/    │     │  @enclave-vm/    │     │  @enclave-vm/    │   │
+│   │    client        │────▶│    broker        │────▶│   core (runtime) │   │
 │   │  (browser/node)  │     │  (middleware)    │     │   (sandboxed)    │   │
 │   └──────────────────┘     └──────────────────┘     └──────────────────┘   │
 │          │                        │                         │               │
@@ -103,15 +103,15 @@ The design intentionally supports:
 
 ### Packages
 
-| Package              | npm                  | Description                                                               |
-| -------------------- | -------------------- | ------------------------------------------------------------------------- |
-| `enclave-vm`         | `enclave-vm`         | Core sandbox VM engine. Executes untrusted code safely.                   |
-| `@enclavejs/types`   | `@enclavejs/types`   | Shared TypeScript types, Zod schemas, protocol constants.                 |
-| `@enclavejs/stream`  | `@enclavejs/stream`  | NDJSON streaming protocol, event parsing, reconnection logic.             |
-| `@enclavejs/broker`  | `@enclavejs/broker`  | Middleware: tool registry, secret management, session API, HTTP handlers. |
-| `@enclavejs/client`  | `@enclavejs/client`  | Browser + Node SDK for connecting to middleware. (Planned)                |
-| `@enclavejs/runtime` | `@enclavejs/runtime` | Extracted runtime worker for Lambda/DO/containers. (Planned)              |
-| `@enclavejs/react`   | `@enclavejs/react`   | React hooks for session management. (Planned)                             |
+| Package               | npm                   | Description                                                               |
+| --------------------- | --------------------- | ------------------------------------------------------------------------- |
+| `@enclave-vm/core`    | `@enclave-vm/core`    | Core sandbox VM engine. Executes untrusted code safely.                   |
+| `@enclave-vm/types`   | `@enclave-vm/types`   | Shared TypeScript types, Zod schemas, protocol constants.                 |
+| `@enclave-vm/stream`  | `@enclave-vm/stream`  | NDJSON streaming protocol, event parsing, reconnection logic.             |
+| `@enclave-vm/broker`  | `@enclave-vm/broker`  | Middleware: tool registry, secret management, session API, HTTP handlers. |
+| `@enclave-vm/client`  | `@enclave-vm/client`  | Browser + Node SDK for connecting to middleware. (Planned)                |
+| `@enclave-vm/runtime` | `@enclave-vm/runtime` | Extracted runtime worker for Lambda/DO/containers. (Planned)              |
+| `@enclave-vm/react`   | `@enclave-vm/react`   | React hooks for session management. (Planned)                             |
 
 ---
 
@@ -126,7 +126,7 @@ Browser connects to your VPC where middleware runs the runtime in-process. **Sim
 │   Browser   │ ◄────────────────────────► │       VPC / Your Server      │
 │  (Client)   │    POST /sessions          │                              │
 │             │    Stream events           │  ┌─────────────────────────┐ │
-└─────────────┘                            │  │     @enclavejs/broker   │ │
+└─────────────┘                            │  │     @enclave-vm/broker   │ │
                                            │  │  • Tool Registry        │ │
                                            │  │  • Secrets (API keys)   │ │
                                            │  │  • Session Manager      │ │
@@ -143,7 +143,7 @@ Browser connects to your VPC where middleware runs the runtime in-process. **Sim
 
 ```typescript
 import express from 'express';
-import { createBroker, createSessionHandler, registerExpressRoutes } from '@enclavejs/broker';
+import { createBroker, createSessionHandler, registerExpressRoutes } from '@enclave-vm/broker';
 import { z } from 'zod';
 
 const broker = createBroker()
@@ -202,7 +202,7 @@ Browser connects to middleware, but code execution happens on a separate Lambda/
 ```
 ┌─────────────┐    HTTPS/NDJSON    ┌─────────────────────┐    WebSocket    ┌─────────────────┐
 │   Browser   │ ◄────────────────► │   VPC Middleware    │ ◄─────────────► │  Lambda/Vercel  │
-│  (Client)   │  POST /sessions    │   @enclavejs/broker │  session channel │    Runtime      │
+│  (Client)   │  POST /sessions    │   @enclave-vm/broker │  session channel │    Runtime      │
 │             │  Stream events     │                     │                  │                 │
 └─────────────┘                    │  • Tool Registry    │                  │  • enclave-vm   │
                                    │  • Secrets          │                  │  • NO secrets   │
@@ -260,7 +260,7 @@ Your backend server (Node.js) executes code directly. No HTTP/browser involved.
 │                          │                              │
 │                          ▼                              │
 │  ┌─────────────────────────────────────────────────┐   │
-│  │              @enclavejs/broker                   │   │
+│  │              @enclave-vm/broker                   │   │
 │  │   • Tool Registry    • Secrets                  │   │
 │  │   • enclave-vm (sandboxed execution)            │   │
 │  └─────────────────────────────────────────────────┘   │
@@ -270,7 +270,7 @@ Your backend server (Node.js) executes code directly. No HTTP/browser involved.
 **Example:**
 
 ```typescript
-import { createBroker } from '@enclavejs/broker';
+import { createBroker } from '@enclave-vm/broker';
 import { z } from 'zod';
 
 const broker = createBroker()
@@ -332,7 +332,7 @@ Your server orchestrates but offloads code execution to Lambda/Vercel. **Best fo
 ```
 ┌──────────────────────────┐         WebSocket/HTTP        ┌─────────────────────┐
 │    Your Server (Node)    │ ◄───────────────────────────► │   Lambda Runtime    │
-│    @enclavejs/broker     │                               │   @enclavejs/runtime│
+│    @enclave-vm/broker     │                               │   @enclave-vm/runtime│
 │                          │    session channel            │                     │
 │  • Tool Registry         │    (tool_call/tool_result)    │  • enclave-vm       │
 │  • Secrets               │                               │  • NO secrets       │
@@ -468,10 +468,10 @@ Every message includes:
 | `heartbeat`           | Keep-alive signal                           |
 | `error`               | Non-fatal error during execution            |
 
-### TypeScript Types (from `@enclavejs/types`)
+### TypeScript Types (from `@enclave-vm/types`)
 
 ```typescript
-import type { StreamEvent, SessionId, CallId } from '@enclavejs/types';
+import type { StreamEvent, SessionId, CallId } from '@enclave-vm/types';
 
 // Event union type
 type StreamEvent =
@@ -514,7 +514,7 @@ const result = await callTool('toolName', { arg1: 'value' });
 ### Tool Registration
 
 ```typescript
-import { createBroker } from '@enclavejs/broker';
+import { createBroker } from '@enclave-vm/broker';
 import { z } from 'zod';
 
 const broker = createBroker()
@@ -649,7 +649,7 @@ Per-hop encryption using:
 
 ### Recommendations
 
-- **Server/container**: Best for most deployments. Run Node.js with `@enclavejs/broker`.
+- **Server/container**: Best for most deployments. Run Node.js with `@enclave-vm/broker`.
 - **Cloudflare DO**: Best for edge deployment with global distribution.
 - **Lambda**: Use for short-lived sessions or as extracted runtime with middleware coordination.
 - **Vercel Edge**: Use only as gateway/proxy to stateful runtime.

README.md

@@ -13,11 +13,11 @@
 **Secure sandbox runtime for AI agents**
 
 [![npm ast-guard](https://img.shields.io/npm/v/ast-guard.svg?label=ast-guard&color=e8a045)](https://www.npmjs.com/package/ast-guard)
-[![npm enclave-vm](https://img.shields.io/npm/v/enclave-vm.svg?label=enclave-vm&color=e8a045)](https://www.npmjs.com/package/enclave-vm)
+[![npm @enclave-vm/core](https://img.shields.io/npm/v/@enclave-vm/core.svg?label=@enclave-vm/core&color=e8a045)](https://www.npmjs.com/package/@enclave-vm/core)
 <br>
-[![npm @enclavejs/broker](https://img.shields.io/npm/v/@enclavejs/broker.svg?label=@enclavejs/broker&color=e8a045)](https://www.npmjs.com/package/@enclavejs/broker)
-[![npm @enclavejs/client](https://img.shields.io/npm/v/@enclavejs/client.svg?label=@enclavejs/client&color=e8a045)](https://www.npmjs.com/package/@enclavejs/client)
-[![npm @enclavejs/react](https://img.shields.io/npm/v/@enclavejs/react.svg?label=@enclavejs/react&color=e8a045)](https://www.npmjs.com/package/@enclavejs/react)
+[![npm @enclave-vm/broker](https://img.shields.io/npm/v/@enclave-vm/broker.svg?label=@enclave-vm/broker&color=e8a045)](https://www.npmjs.com/package/@enclave-vm/broker)
+[![npm @enclave-vm/client](https://img.shields.io/npm/v/@enclave-vm/client.svg?label=@enclave-vm/client&color=e8a045)](https://www.npmjs.com/package/@enclave-vm/client)
+[![npm @enclave-vm/react](https://img.shields.io/npm/v/@enclave-vm/react.svg?label=@enclave-vm/react&color=e8a045)](https://www.npmjs.com/package/@enclave-vm/react)
 <br>
 [![Node](https://img.shields.io/badge/node-%3E%3D22-339933)](https://nodejs.org)
 [![License](https://img.shields.io/badge/license-Apache--2.0-blue)](./LICENSE)
@@ -41,35 +41,35 @@
 ### Core Packages
 
 ```bash
-npm install enclave-vm    # Secure JS sandbox
-npm install ast-guard     # AST security validation
+npm install @enclave-vm/core    # Secure JS sandbox
+npm install ast-guard           # AST security validation
 ```
 
 ### Streaming Runtime
 
 ```bash
-npm install @enclavejs/broker   # Tool broker & session management
-npm install @enclavejs/client   # Browser/Node client SDK
-npm install @enclavejs/react    # React hooks & components
+npm install @enclave-vm/broker   # Tool broker & session management
+npm install @enclave-vm/client   # Browser/Node client SDK
+npm install @enclave-vm/react    # React hooks & components
 ```
 
 ## Packages
 
-| Package                                          | Description                                         |
-| ------------------------------------------------ | --------------------------------------------------- |
-| [`enclave-vm`](./libs/enclave-vm)                | Secure JavaScript sandbox with 6 security layers    |
-| [`@enclavejs/broker`](./libs/enclavejs-broker)   | Tool registry, secrets management, session API      |
-| [`@enclavejs/client`](./libs/enclavejs-client)   | Browser & Node.js client for streaming sessions     |
-| [`@enclavejs/react`](./libs/enclavejs-react)     | React hooks: `useEnclaveSession`, `EnclaveProvider` |
-| [`@enclavejs/runtime`](./libs/enclavejs-runtime) | Deployable runtime worker (Lambda, Vercel, etc.)    |
-| [`@enclavejs/types`](./libs/enclavejs-types)     | TypeScript types & Zod schemas                      |
-| [`@enclavejs/stream`](./libs/enclavejs-stream)   | NDJSON streaming, encryption, reconnection          |
-| [`ast-guard`](./libs/ast-guard)                  | AST-based security validator                        |
+| Package                                           | Description                                         |
+| ------------------------------------------------- | --------------------------------------------------- |
+| [`@enclave-vm/core`](./libs/enclave-vm)           | Secure JavaScript sandbox with 6 security layers    |
+| [`@enclave-vm/broker`](./libs/enclavejs-broker)   | Tool registry, secrets management, session API      |
+| [`@enclave-vm/client`](./libs/enclavejs-client)   | Browser & Node.js client for streaming sessions     |
+| [`@enclave-vm/react`](./libs/enclavejs-react)     | React hooks: `useEnclaveSession`, `EnclaveProvider` |
+| [`@enclave-vm/runtime`](./libs/enclavejs-runtime) | Deployable runtime worker (Lambda, Vercel, etc.)    |
+| [`@enclave-vm/types`](./libs/enclavejs-types)     | TypeScript types & Zod schemas                      |
+| [`@enclave-vm/stream`](./libs/enclavejs-stream)   | NDJSON streaming, encryption, reconnection          |
+| [`ast-guard`](./libs/ast-guard)                   | AST-based security validator                        |
 
 ## Quick Start
 
 ```typescript
-import { Enclave } from 'enclave-vm';
+import { Enclave } from '@enclave-vm/core';
 
 const enclave = new Enclave({
   securityLevel: 'SECURE',
@@ -94,7 +94,7 @@ enclave.dispose();
 ## React Integration
 
 ```tsx
-import { EnclaveProvider, useEnclaveSession } from '@enclavejs/react';
+import { EnclaveProvider, useEnclaveSession } from '@enclave-vm/react';
 
 function App() {
   return (

apps/enclave-demo/src/main.ts

@@ -4,7 +4,7 @@
  * Demonstrates secure JavaScript execution with defense-in-depth
  */
 
-import { Enclave, ToolHandler } from 'enclave-vm';
+import { Enclave, ToolHandler } from '@enclave-vm/core';
 
 async function main() {
   console.log('=== enclave Demo ===\n');

apps/streaming-demo/package.json

@@ -11,10 +11,10 @@
     "runtime": "ts-node src/runtime-server.ts"
   },
   "dependencies": {
-    "@enclavejs/broker": "0.1.0",
-    "@enclavejs/client": "0.1.0",
-    "@enclavejs/types": "0.1.0",
-    "enclave-vm": "2.7.0",
+    "@enclave-vm/broker": "0.1.0",
+    "@enclave-vm/client": "0.1.0",
+    "@enclave-vm/types": "0.1.0",
+    "@enclave-vm/core": "2.8.0",
     "express": "^4.21.0",
     "zod": "^3.24.0"
   },

apps/streaming-demo/src/__tests__/broker-server.spec.ts

@@ -14,13 +14,12 @@
 import express, { Express } from 'express';
 import { Server } from 'http';
 import request from 'supertest';
-import { WebSocket, WebSocketServer } from 'ws';
 import type { AddressInfo } from 'net';
-import type { SessionId, CallId, StreamEvent } from '@enclavejs/types';
-import { generateSessionId, PROTOCOL_VERSION } from '@enclavejs/types';
+import type { CallId } from '@enclave-vm/types';
+import { generateSessionId, PROTOCOL_VERSION } from '@enclave-vm/types';
 import { z } from 'zod';
-import { Enclave } from 'enclave-vm';
-import { parseNdjson, delay, testCode } from './test-utils';
+import { Enclave } from '@enclave-vm/core';
+import { parseNdjson, testCode } from './test-utils';
 
 // Tool handlers for testing
 const testToolHandlers: Record<string, (args: Record<string, unknown>) => Promise<unknown>> = {