@archznn/xavva 1.6.5

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Donuts
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,75 @@
+# XAVVA 🚀 (Windows Only) `v1.6.5`
+
+Xavva é uma CLI de alto desempenho construída com **Bun** para automatizar o ciclo de desenvolvimento de aplicações Java (Maven/Gradle) rodando no Apache Tomcat. Ela foi desenhada especificamente para desenvolvedores que buscam a velocidade de ambientes modernos (como Node.js/Vite) dentro do ecossistema Java Enterprise.
+
+> [!IMPORTANT]
+> **Compatibilidade:** Atualmente, o Xavva é exclusivo para **Windows**, utilizando integrações nativas com PowerShell e CMD para automação de browser e gerenciamento de processos.
+
+## 🛠️ Funcionalidades de Elite
+
+- **⚡ Ultra-Fast Hot Swap**: Compilação incremental e injeção direta de arquivos `.class` e recursos (JSP, HTML, CSS, JS) no Tomcat em execução sem necessidade de restart.
+- **🛠️ Modo Dev Inteligente**: O comando `xavva dev` ativa hot-reload, logs limpos, debugger (JPDA) e monitoramento de memória em um único fluxo.
+- **🌐 Live Reload Automático**: Atualiza automaticamente as abas do Chrome ou Edge após o deploy ou sincronização de arquivos, mantendo o foco no código.
+- **🔍 API Documentation (Swagger-like)**: O comando `xavva docs` mapeia estaticamente sua API, exibindo endpoints, métodos HTTP e parâmetros (Query, Path, Body) diretamente no terminal.
+- **📊 Real-time Log Filtering**: Filtra ruídos excessivos do Tomcat/Jersey/SLF4J, destacando erros Java com dicas de solução e tempo de startup.
+- **📈 JVM & Memory Monitor**: Exibe o consumo de RAM (Working Set) do processo do Tomcat em tempo real.
+- **🩺 Doctor Mode**: Diagnostica o ambiente (Java, Tomcat, Maven, Gradle) e corrige automaticamente problemas de **Encoding (UTF-8 BOM)** que podem causar falhas silenciosas no Java.
+- **🛡️ JAR Audit**: O comando `xavva audit` analisa todas as dependências (`.jar`) da sua aplicação e verifica vulnerabilidades conhecidas (CVEs) usando o banco de dados **OSV.dev**.
+
+## 🚀 Instalação e Uso
+
+Você pode instalar o Xavva globalmente usando o NPM (requer [Bun](https://bun.sh/) instalado no sistema):
+
+```bash
+# Instalação global
+npm install -g @archznn/xavva
+
+# Ou rodar sem instalar via npx
+npx @archznn/xavva dev
+```
+
+## ⚙️ Zero Config & Auto-Detection
+
+O Xavva foi evoluído para um modelo **Zero Config**. Você não precisa mais de arquivos de configuração para começar.
+
+- **Auto-Detecção:** O Xavva identifica automaticamente se seu projeto usa **Maven** (`pom.xml`) ou **Gradle** (`build.gradle`) ao ser executado na raiz.
+- **Ambiente Inteligente:** Ele utiliza as variáveis de ambiente `TOMCAT_HOME` ou `CATALINA_HOME` para localizar o servidor.
+- **Prioridade CLI:** Qualquer parâmetro passado via linha de comando (como `--path` ou `--port`) tem precedência total sobre o ambiente.
+
+### Comandos Principais
+
+```bash
+# Inicia o modo de desenvolvimento completo (Auto-detecta Maven/Gradle)
+xavva dev
+
+# Define o Tomcat e o Profile manualmente via CLI
+xavva dev -p C:\tomcat-9 -P production
+
+# Exibe a documentação da API
+xavva docs
+
+# Audita vulnerabilidades nas dependências JAR do app
+xavva audit
+
+# Diagnostica o ambiente e limpa arquivos com BOM (UTF-8 signature)
+xavva doctor --fix
+```
+
+### Opções Úteis
+
+- `-p, --path <path>`: Caminho customizado do Tomcat (Sobrescreve TOMCAT_HOME).
+- `-P, --profile <nome>`: Define o profile do Maven/Gradle (ex: dev, prod).
+- `-t, --tool <maven|gradle>`: Força o uso de uma ferramenta específica.
+- `-n, --name <nome>`: Define o nome do contexto da aplicação.
+- `-w, --watch`: Ativa o monitoramento de arquivos para hot-reload.
+- `-d, --debug`: Habilita o Java Debugger na porta 5005.
+
+## 📦 Stack Tecnológica
+
+- **Runtime:** [Bun](https://bun.sh/) (Engine de alta performance)
+- **Linguagem:** [TypeScript](https://www.typescriptlang.org/)
+- **Automação:** PowerShell & CMD (Integração nativa Windows)
+- **CI/CD:** GitHub Actions para geração de binários multi-plataforma (via Bun Compile)
+
+---
+*Desenvolvido para transformar a experiência de desenvolvimento Java Legacy em algo ágil e produtivo.*

package/package.json

@@ -0,0 +1,44 @@
+{
+	"name": "@archznn/xavva",
+	"version": "1.6.5",
+	"description": "Ultra-fast CLI tool for Java/Tomcat development on Windows with Hot-Reload and Zero Config.",
+	"module": "src/index.ts",
+	"type": "module",
+	"bin": {
+		"xavva": "src/index.ts"
+	},
+	"files": [
+		"src",
+		"README.md",
+		"LICENSE"
+	],
+	"keywords": [
+		"java",
+		"tomcat",
+		"maven",
+		"gradle",
+		"hot-reload",
+		"windows",
+		"cli",
+		"bun"
+	],
+	"author": "Leonardo Sousa",
+	"license": "MIT",
+	"repository": {
+		"type": "git",
+		"url": "https://github.com/leorsousa05/Xavva.git"
+	},
+	"scripts": {
+		"build": "bun build --compile --minify --sourcemap ./src/index.ts --outfile xavva",
+		"compile": "bun build --compile --minify ./src/index.ts --target bun-windows-x64 --outfile bin/xavva-windows.exe && bun build --compile --minify ./src/index.ts --target bun-linux-x64 --outfile bin/xavva-linux && bun build --compile --minify ./src/index.ts --target bun-macos-x64 --outfile bin/xavva-macos"
+	},
+	"devDependencies": {
+		"@types/bun": "latest"
+	},
+	"peerDependencies": {
+		"typescript": "^5"
+	},
+	"dependencies": {
+		"glob": "^13.0.6"
+	}
+}

package/src/commands/AuditCommand.ts

@@ -0,0 +1,118 @@
+import path from "path";
+import fs from "fs";
+import type { Command } from "./Command";
+import type { AppConfig } from "../types/config";
+import { AuditService, type JarAuditResult } from "../services/AuditService";
+import { Logger } from "../utils/ui";
+
+export class AuditCommand implements Command {
+    async execute(config: AppConfig): Promise<void> {
+        Logger.section("Vulnerability & JAR Audit");
+
+        let appName = config.project.appName;
+        
+        // 1. Tentar inferir do diretório atual se não foi passado via config
+        if (!appName) {
+            appName = this.inferFromArtifacts();
+        }
+
+        // 2. Se ainda não tem nome, tenta inferir do Tomcat
+        if (!appName) {
+            const webappsPath = path.join(config.tomcat.path, "webapps");
+            if (fs.existsSync(webappsPath)) {
+                const folders = fs.readdirSync(webappsPath, { withFileTypes: true })
+                    .filter(dirent => dirent.isDirectory() && !["ROOT", "manager", "host-manager", "docs", "examples"].includes(dirent.name));
+                
+                if (folders.length === 1) {
+                    appName = folders[0].name;
+                } else if (folders.length > 1) {
+                    Logger.error("Vários apps encontrados no Tomcat:");
+                    folders.forEach(f => console.log(`    ${"\x1b[90m"}➜${"\x1b[0m"} ${f.name}`));
+                    console.log(`\n  Use ${"\x1b[33m"}xavva audit -n <nome>${"\x1b[0m"} para especificar.`);
+                    return;
+                }
+            }
+        }
+
+        if (!appName) {
+            Logger.error("Não foi possível identificar o app automaticamente.");
+            Logger.warn("Certifique-se de que o projeto foi buildado ou use -n <nome>.");
+            return;
+        }
+
+        const auditService = new AuditService(config.tomcat);
+        
+        try {
+            const results = await auditService.runAudit(appName);
+            const vulnerable = results.filter(r => r.vulnerabilities.length > 0);
+
+            if (vulnerable.length === 0) {
+                Logger.success(`Nenhuma vulnerabilidade conhecida encontrada em ${results.length} JARs.`);
+                return;
+            }
+
+            Logger.warn(`Encontradas vulnerabilidades em ${vulnerable.length} de ${results.length} dependências.`);
+            console.log("");
+
+            for (const res of vulnerable) {
+                this.renderResult(res);
+            }
+
+            const totalVulns = vulnerable.reduce((acc, r) => acc + r.vulnerabilities.length, 0);
+            Logger.info("Total de Falhas", totalVulns);
+            Logger.info("Relatório gerado via", "OSV.dev (Open Source Vulnerability Database)");
+
+        } catch (e: any) {
+            Logger.error(e.message);
+        }
+    }
+
+    private inferFromArtifacts(): string | undefined {
+        // Busca .war no target (Maven) ou build/libs (Gradle)
+        const paths = ["target", "build/libs"];
+        for (const p of paths) {
+            const fullPath = path.join(process.cwd(), p);
+            if (fs.existsSync(fullPath)) {
+                const wars = fs.readdirSync(fullPath).filter(f => f.endsWith(".war"));
+                if (wars.length > 0) {
+                    // Retorna o nome do .war mais recente sem a extensão
+                    const latest = wars.map(name => ({
+                        name,
+                        time: fs.statSync(path.join(fullPath, name)).mtimeMs
+                    })).sort((a, b) => b.time - a.time)[0];
+                    
+                    return latest.name.replace(".war", "");
+                }
+            }
+        }
+        return undefined;
+    }
+
+    private renderResult(res: JarAuditResult) {
+        const C = {
+            reset: "\x1b[0m",
+            bold: "\x1b[1m",
+            dim: "\x1b[90m",
+            red: "\x1b[31m",
+            yellow: "\x1b[33m",
+            cyan: "\x1b[36m",
+            blue: "\x1b[34m"
+        };
+
+        const depName = res.groupId ? `${res.groupId}:${res.artifactId}` : res.artifactId;
+        console.log(`  ${C.bold}${C.cyan}${depName}${C.reset} ${C.dim}@ ${res.version}${C.reset}`);
+        console.log(`  ${C.dim}➜ ${res.jarName}${C.reset}`);
+
+        for (const v of res.vulnerabilities) {
+            let sevColor = C.reset;
+            if (v.severity === "CRITICAL" || v.severity === "HIGH") sevColor = C.red;
+            else if (v.severity === "MEDIUM") sevColor = C.yellow;
+
+            console.log(`    ${sevColor}[${v.severity}]${C.reset} ${C.bold}${v.id}${C.reset}: ${v.summary}`);
+            if (v.fixedIn) {
+                console.log(`      ${C.blue}💡 Fixed in:${C.reset} ${C.bold}${v.fixedIn}${C.reset}`);
+            }
+        }
+        console.log("");
+    }
+}

package/src/commands/BuildCommand.ts

@@ -0,0 +1,22 @@
+import type { Command } from "./Command";
+import type { AppConfig } from "../types/config";
+import { BuildService } from "../services/BuildService";
+import { Logger } from "../utils/ui";
+
+export class BuildCommand implements Command {
+    async execute(config: AppConfig): Promise<void> {
+        const builder = new BuildService(config.project, config.tomcat);
+        
+        Logger.section("Build Only");
+        Logger.info("Tool", config.project.buildTool.toUpperCase());
+        if (config.project.profile) Logger.info("Profile", config.project.profile);
+        
+        try {
+            await builder.runBuild();
+            Logger.success("Build completed successfully!");
+        } catch (error: any) {
+            Logger.error(error.message);
+            process.exit(1);
+        }
+    }
+}

package/src/commands/Command.ts

@@ -0,0 +1,5 @@
+import type { AppConfig } from "../types/config";
+
+export interface Command {
+    execute(config: AppConfig): Promise<void>;
+}

package/src/commands/DeployCommand.ts

@@ -0,0 +1,162 @@
+import path from "path";
+import fs from "fs";
+import type { Command } from "./Command";
+import type { AppConfig } from "../types/config";
+import { BuildService } from "../services/BuildService";
+import { TomcatService } from "../services/TomcatService";
+import { Logger } from "../utils/ui";
+import { EndpointService } from "../services/EndpointService";
+
+export class DeployCommand implements Command {
+    constructor(private tomcat?: TomcatService, private builder?: BuildService) {}
+
+    private async reloadBrowser(url: string) {
+        if (process.platform !== 'win32') return;
+        
+        await new Promise(r => setTimeout(r, 800));
+
+        const psCommand = `
+            $shell = New-Object -ComObject WScript.Shell
+            $process = Get-Process | Where-Object { $_.MainWindowTitle -match "Chrome" -or $_.MainWindowTitle -match "Edge" } | Select-Object -First 1
+            if ($process) {
+                $shell.AppActivate($process.Id)
+                Sleep -m 100
+                $shell.SendKeys("{F5}")
+            }
+        `;
+        Bun.spawn(["powershell", "-command", psCommand]);
+    }
+
+    async execute(config: AppConfig, incremental = false, isWatching = false): Promise<void> {
+        const tomcat = this.tomcat || new TomcatService(config.tomcat);
+        const builder = this.builder || new BuildService(config.project, config.tomcat);
+
+        if (!incremental) {
+            Logger.section("Deploy Configuration");
+            if (config.project.quiet) {
+                Logger.info("App", `${config.project.appName} (${config.project.buildTool.toUpperCase()}${config.project.profile ? ` - ${config.project.profile}` : ""})`);
+                Logger.info("Status", `Watch: ${isWatching ? "ON" : "OFF"} | Debug: ${config.project.debug ? "ON" : "OFF"}`);
+            } else {
+                Logger.info("Tool", config.project.buildTool.toUpperCase());
+                Logger.info("App Name", config.project.appName);
+                if (config.project.profile) Logger.info("Profile", config.project.profile);
+                Logger.info("Watch Mode", isWatching ? "Active" : "Inactive");
+                Logger.info("Debug Mode", config.project.debug ? "Active" : "Inactive");
+            }
+
+            const srcPath = path.join(process.cwd(), "src");
+            if (fs.existsSync(srcPath)) {
+                const contextPath = (config.project.appName || "").replace(".war", "");
+                const endpoints = EndpointService.scan(srcPath, contextPath);
+                if (endpoints.length > 0) {
+                    Logger.info("Endpoints", endpoints.length);
+                }
+            }
+        } else {
+            console.log("");
+            Logger.warn("Re-deploying detected changes...");
+        }
+        
+        try {
+            const contextPath = (config.project.appName || "").replace(".war", "");
+
+            if (!incremental) {
+                await tomcat.killConflict();
+            }
+
+            if (!config.project.skipBuild) {
+                await builder.runBuild(incremental);
+            }
+
+            if (incremental) {
+                const appFolder = await builder.syncClasses();
+                const actualContextPath = contextPath || appFolder || "";
+                if (actualContextPath) {
+                    const actualAppUrl = `http://localhost:${config.tomcat.port}/${actualContextPath}`;
+                    await this.reloadBrowser(actualAppUrl);
+                }
+                return;
+            }
+
+            Logger.step("Cleaning webapps and cache");
+            tomcat.clearWebapps();
+
+            Logger.step("Moving artifacts to webapps");
+            const artifact = await builder.deployToWebapps();
+            
+            const finalContextPath = contextPath || artifact.replace(".war", "");
+            const finalAppUrl = `http://localhost:${config.tomcat.port}/${finalContextPath}`;
+            
+            tomcat.onReady = async () => {
+                Logger.step(`Checking health at ${finalAppUrl}`);
+                
+                try {
+                    await new Promise(r => setTimeout(r, 1500));
+                    
+                    const response = await fetch(finalAppUrl);
+                    if (response.status < 500) {
+                        const memory = await tomcat.getMemoryUsage();
+                        Logger.success(`App is UP! (Status: ${response.status} | RAM: ${memory})`);
+
+                        if (!config.project.quiet) {
+                            const endpoints = EndpointService.scan(path.join(process.cwd(), "src"), finalContextPath);
+                            if (endpoints.length > 0) {
+                                console.log(`\n  ${"\x1b[36m"}◈ ENDPOINT MAP:${"\x1b[0m"}`);
+                                endpoints.forEach(e => console.log(`    ${"\x1b[90m"}➜${"\x1b[0m"} http://localhost:${config.tomcat.port}${e.fullPath}`));
+                                console.log("");
+                            }
+                        }
+                        
+                        if (incremental) {
+                            await this.reloadBrowser(finalAppUrl);
+                        } else {
+                            if (process.platform === 'win32') {
+                                Bun.spawn(["cmd", "/c", "start", finalAppUrl]);
+                            } else {
+                                const start = process.platform === 'darwin' ? 'open' : 'xdg-open';
+                                Bun.spawn([start, finalAppUrl]);
+                            }
+                        }
+                    } else {
+                        Logger.warn(`App is starting, but returned status ${response.status}. Check your logs.`);
+                    }
+                } catch (e) {
+                    Logger.error(`Health check failed: Could not connect to ${finalAppUrl}`);
+                }
+            };
+
+            tomcat.start(config.project.cleanLogs, config.project.debug, config.project.skipScan, config.project.quiet);
+        } catch (error: any) {
+            Logger.error(error.message);
+            throw error;
+        }
+    }
+
+    async syncResource(config: AppConfig, filename: string): Promise<void> {
+        const appName = config.project.appName || "";
+        const explodedPath = path.join(config.tomcat.path, "webapps", appName);
+        
+        if (!fs.existsSync(explodedPath)) {
+            return;
+        }
+
+        const parts = filename.split(/[/\\]/);
+        const webappIndex = parts.indexOf("webapp");
+        
+        if (webappIndex !== -1) {
+            const relPath = parts.slice(webappIndex + 1).join(path.sep);
+            const targetPath = path.join(explodedPath, relPath);
+            
+            try {
+                fs.copyFileSync(filename, targetPath);
+                if (!config.project.quiet) Logger.success(`Synced ${path.basename(filename)} directly to Tomcat!`);
+                
+                const contextPath = config.project.appName || "";
+                const appUrl = `http://localhost:${config.tomcat.port}/${contextPath}`;
+                await this.reloadBrowser(appUrl);
+            } catch (e) {
+                Logger.error(`Failed to sync resource: ${filename}`);
+            }
+        }
+    }
+}

package/src/commands/DocsCommand.ts

@@ -0,0 +1,90 @@
+import path from "path";
+import fs from "fs";
+import type { Command } from "./Command";
+import type { AppConfig } from "../types/config";
+import { EndpointService } from "../services/EndpointService";
+import { Logger } from "../utils/ui";
+import type { ApiEndpoint, ApiParam } from "../types/endpoint";
+
+export class DocsCommand implements Command {
+    async execute(config: AppConfig): Promise<void> {
+        const srcPath = path.join(process.cwd(), "src");
+        if (!fs.existsSync(srcPath)) {
+            Logger.error("Pasta 'src' não encontrada. Certifique-se de estar na raiz do projeto Java.");
+            return;
+        }
+
+        const contextPath = (config.project.appName || "").replace(".war", "");
+        const endpoints = EndpointService.scan(srcPath, contextPath);
+
+        if (endpoints.length === 0) {
+            Logger.warn("Nenhum endpoint encontrado.");
+            return;
+        }
+
+        Logger.section("API Documentation (Swagger-like)");
+        console.log("");
+
+        const grouped = this.groupByController(endpoints);
+
+        for (const [controller, controllerEndpoints] of Object.entries(grouped)) {
+            console.log(`  ${"\x1b[36m"}${controller}${"\x1b[0m"}`);
+            console.log(`  ${"\x1b[90m"}──────────────────────────────────────────────────${"\x1b[0m"}`);
+
+            for (const ep of controllerEndpoints) {
+                this.renderEndpoint(ep, config.tomcat.port);
+            }
+            console.log("");
+        }
+    }
+
+    private groupByController(endpoints: ApiEndpoint[]): Record<string, ApiEndpoint[]> {
+        return endpoints.reduce((acc, ep) => {
+            const controller = ep.className;
+            if (!acc[controller]) acc[controller] = [];
+            acc[controller].push(ep);
+            return acc;
+        }, {} as Record<string, ApiEndpoint[]>);
+    }
+
+    private renderEndpoint(ep: ApiEndpoint, port: number) {
+        const methodColors: Record<string, string> = {
+            GET: "\x1b[32m",    // Green
+            POST: "\x1b[33m",   // Yellow
+            PUT: "\x1b[34m",    // Blue
+            DELETE: "\x1b[31m", // Red
+            PATCH: "\x1b[35m",  // Magenta
+            ALL: "\x1b[37m"     // White
+        };
+
+        const color = methodColors[ep.method] || "\x1b[37m";
+        const methodLabel = ep.method.padEnd(7);
+        const fullUrl = `http://localhost:${port}${ep.fullPath}`;
+
+        console.log(`    ${color}${methodLabel}${"\x1b[0m"} ${"\x1b[1m"}${ep.fullPath}${"\x1b[0m"}`);
+        console.log(`            ${"\x1b[90m"}${ep.methodName}()${"\x1b[0m"}`);
+
+        if (ep.parameters.length > 0) {
+            console.log(`            ${"\x1b[90m"}Parameters:${"\x1b[0m"}`);
+            for (const param of ep.parameters) {
+                this.renderParameter(param);
+            }
+        }
+        console.log("");
+    }
+
+    private renderParameter(param: ApiParam) {
+        const sourceColors: Record<string, string> = {
+            PATH: "\x1b[35m",   // Magenta
+            QUERY: "\x1b[36m",  // Cyan
+            BODY: "\x1b[33m",   // Yellow
+            HEADER: "\x1b[32m", // Green
+            FORM: "\x1b[34m"    // Blue
+        };
+
+        const color = sourceColors[param.source] || "\x1b[37m";
+        const required = param.required ? "\x1b[31m*\x1b[0m" : "";
+        
+        console.log(`              ${color}[${param.source}]${"\x1b[0m"} ${param.name}${required} : ${"\x1b[90m"}${param.type}${"\x1b[0m"}`);
+    }
+}

package/src/commands/DoctorCommand.ts

@@ -0,0 +1,89 @@
+import type { Command } from "./Command";
+import type { AppConfig } from "../types/config";
+import { Logger } from "../utils/ui";
+import fs from "fs";
+import path from "path";
+
+export class DoctorCommand implements Command {
+    async execute(config: AppConfig, values: any = {}): Promise<void> {
+        Logger.section("Xavva Doctor - Ambiente");
+
+        this.check("JAVA_HOME", !!process.env.JAVA_HOME, process.env.JAVA_HOME || "Não definido");
+        
+        const tomcatOk = fs.existsSync(config.tomcat.path);
+        this.check("Tomcat Path", tomcatOk, config.tomcat.path);
+        
+        if (tomcatOk) {
+            const binOk = fs.existsSync(path.join(config.tomcat.path, "bin", "catalina.bat"));
+            this.check("Tomcat Bin", binOk, binOk ? "OK" : "catalina.bat não encontrado");
+        }
+
+        const mvnOk = this.checkBinary("mvn");
+        this.check("Maven", mvnOk, mvnOk ? "Disponível" : "Não encontrado no PATH");
+
+        const gradleOk = this.checkBinary("gradle") || this.checkBinary("gradlew");
+        this.check("Gradle", gradleOk, gradleOk ? "Disponível" : "Não encontrado no PATH");
+
+        const gitOk = this.checkBinary("git");
+        this.check("Git", gitOk, gitOk ? "Disponível" : "Não encontrado no PATH");
+
+        Logger.section("Xavva Doctor - Integridade de Arquivos");
+        await this.checkBOM(values.fix);
+
+        console.log("");
+    }
+
+    private async checkBOM(fix: boolean) {
+        const srcPath = path.join(process.cwd(), "src");
+        if (!fs.existsSync(srcPath)) return;
+
+        const filesWithBOM: string[] = [];
+        const scan = (dir: string) => {
+            const list = fs.readdirSync(dir, { withFileTypes: true });
+            for (const item of list) {
+                const res = path.resolve(dir, item.name);
+                if (item.isDirectory()) {
+                    scan(res);
+                } else if (item.name.endsWith(".java")) {
+                    const buffer = fs.readFileSync(res);
+                    if (buffer[0] === 0xEF && buffer[1] === 0xBB && buffer[2] === 0xBF) {
+                        filesWithBOM.push(res);
+                    }
+                }
+            }
+        };
+
+        scan(srcPath);
+
+        if (filesWithBOM.length > 0) {
+            this.check("Encoding BOM", false, `${filesWithBOM.length} arquivos com BOM (UTF-8 com assinatura)`);
+            if (fix) {
+                for (const file of filesWithBOM) {
+                    const buffer = fs.readFileSync(file);
+                    const cleanBuffer = buffer.subarray(3);
+                    fs.writeFileSync(file, cleanBuffer);
+                    console.log(`    \x1b[32m✔\x1b[0m Corrigido: ${path.basename(file)}`);
+                }
+                Logger.success("BOM removido de todos os arquivos!");
+            } else {
+                Logger.warn("Use 'xavva doctor --fix' para remover o BOM automaticamente.");
+            }
+        } else {
+            this.check("Encoding BOM", true, "Nenhum arquivo com BOM detectado.");
+        }
+    }
+
+    private check(label: string, ok: boolean, detail: string) {
+        const icon = ok ? "\x1b[32m✔\x1b[0m" : "\x1b[31m✘\x1b[0m";
+        console.log(`  ${icon} ${label.padEnd(15)} ${detail}`);
+    }
+
+    private checkBinary(name: string): boolean {
+        try {
+            const proc = Bun.spawnSync([process.platform === 'win32' ? "where" : "which", name]);
+            return proc.exitCode === 0;
+        } catch {
+            return false;
+        }
+    }
+}