@build-astron-co/nimbus 0.4.1 → 0.4.3

package/src/commands/ask.ts

@@ -1,167 +0,0 @@
-/**
- * Ask Command
- *
- * Quick question and answer with AI
- *
- * Usage: nimbus ask "<question>" [options]
- */
-
-import { logger } from '../utils';
-import { ui } from '../wizard';
-import { llmClient } from '../clients';
-
-/**
- * Command options
- */
-export interface AskOptions {
-  context?: string;
-  contextFile?: string;
-  model?: string;
-  json?: boolean;
-}
-
-/**
- * Run the ask command
- */
-export async function askCommand(question: string, options: AskOptions = {}): Promise<void> {
-  logger.info('Running ask command', { question, options });
-
-  // Validate question
-  if (!question || question.trim() === '') {
-    ui.error('Please provide a question');
-    ui.newLine();
-    ui.print('Usage: nimbus ask "your question here"');
-    ui.newLine();
-    ui.print('Examples:');
-    ui.print('  nimbus ask "How do I create an S3 bucket with Terraform?"');
-    ui.print('  nimbus ask "What is the best practice for IAM roles?"');
-    ui.print('  nimbus ask "Explain kubernetes deployments" --context ./k8s/');
-    process.exit(1);
-  }
-
-  // Build context
-  let context = '';
-
-  // Add file context if provided
-  if (options.contextFile) {
-    try {
-      const fs = await import('fs/promises');
-      const fileContent = await fs.readFile(options.contextFile, 'utf-8');
-      context += `File: ${options.contextFile}\n\`\`\`\n${fileContent}\n\`\`\`\n\n`;
-      ui.info(`Including context from: ${options.contextFile}`);
-    } catch (error: any) {
-      ui.warning(`Could not read context file: ${error.message}`);
-    }
-  }
-
-  // Add directory context if provided
-  if (options.context) {
-    try {
-      const fs = await import('fs/promises');
-      const path = await import('path');
-      const stat = await fs.stat(options.context);
-
-      if (stat.isDirectory()) {
-        // Read relevant files from directory
-        const files = await fs.readdir(options.context);
-        const relevantExtensions = ['.tf', '.yaml', '.yml', '.json', '.ts', '.js', '.py', '.go'];
-        const relevantFiles = files
-          .filter(f => relevantExtensions.some(ext => f.endsWith(ext)))
-          .slice(0, 5); // Limit to 5 files
-
-        for (const file of relevantFiles) {
-          try {
-            const filePath = path.join(options.context, file);
-            const content = await fs.readFile(filePath, 'utf-8');
-            // Limit content size
-            const truncated =
-              content.length > 2000 ? `${content.slice(0, 2000)}\n... (truncated)` : content;
-            context += `File: ${file}\n\`\`\`\n${truncated}\n\`\`\`\n\n`;
-          } catch {
-            // Skip unreadable files
-          }
-        }
-
-        if (relevantFiles.length > 0) {
-          ui.info(`Including context from ${relevantFiles.length} file(s) in: ${options.context}`);
-        }
-      } else {
-        // Single file
-        const fileContent = await fs.readFile(options.context, 'utf-8');
-        context += `File: ${options.context}\n\`\`\`\n${fileContent}\n\`\`\`\n\n`;
-        ui.info(`Including context from: ${options.context}`);
-      }
-    } catch (error: any) {
-      ui.warning(`Could not read context: ${error.message}`);
-    }
-  }
-
-  // Build the full question with context
-  let fullQuestion = question;
-  if (context) {
-    fullQuestion = `Context:\n${context}\n\nQuestion: ${question}`;
-  }
-
-  // Check if LLM is available
-  const llmAvailable = await llmClient.isAvailable();
-
-  if (!llmAvailable) {
-    ui.error('LLM service is not available');
-    ui.info('Make sure you have configured an LLM provider with "nimbus login"');
-    ui.info('Or set the ANTHROPIC_API_KEY or OPENAI_API_KEY environment variable');
-    process.exit(1);
-  }
-
-  ui.newLine();
-  ui.startSpinner({ message: 'Thinking...' });
-
-  try {
-    // Stream the response
-    let response = '';
-    let firstChunk = true;
-
-    for await (const chunk of llmClient.chat(fullQuestion, [], { model: options.model })) {
-      if (chunk.type === 'content' && chunk.content) {
-        if (firstChunk) {
-          ui.stopSpinnerSuccess('');
-          ui.newLine();
-          firstChunk = false;
-        }
-
-        response += chunk.content;
-        process.stdout.write(chunk.content);
-      } else if (chunk.type === 'error') {
-        ui.stopSpinnerFail('Error');
-        ui.error(chunk.message || chunk.error || 'Unknown error');
-        process.exit(1);
-      }
-    }
-
-    // Ensure newline at end
-    if (!response.endsWith('\n')) {
-      ui.newLine();
-    }
-
-    // JSON output mode
-    if (options.json) {
-      console.log(
-        JSON.stringify(
-          {
-            question,
-            answer: response,
-            context: context ? true : false,
-          },
-          null,
-          2
-        )
-      );
-    }
-  } catch (error: any) {
-    ui.stopSpinnerFail('Failed');
-    ui.error(error.message);
-    process.exit(1);
-  }
-}
-
-// Export as default
-export default askCommand;

package/src/commands/audit/index.ts

@@ -1,357 +0,0 @@
-/**
- * Audit Commands
- * Audit log viewer and export CLI commands
- */
-
-import { ui } from '../../wizard/ui';
-import { auditClient } from '../../clients/enterprise-client';
-import * as fs from 'node:fs';
-import type { AuditListOptions, AuditExportCommandOptions } from '../../types';
-
-/**
- * Get current team ID from config or environment
- */
-function getCurrentTeamId(): string | null {
-  return process.env.NIMBUS_TEAM_ID || null;
-}
-
-/**
- * Parse relative time string (e.g., "7d", "24h") to ISO date
- */
-function parseRelativeTime(timeStr: string): string {
-  const now = Date.now();
-  const match = timeStr.match(/^(\d+)([dhwm])$/);
-
-  if (!match) {
-    return timeStr; // Assume it's already a valid date string
-  }
-
-  const value = parseInt(match[1], 10);
-  const unit = match[2];
-
-  let ms: number;
-  switch (unit) {
-    case 'h':
-      ms = value * 60 * 60 * 1000;
-      break;
-    case 'd':
-      ms = value * 24 * 60 * 60 * 1000;
-      break;
-    case 'w':
-      ms = value * 7 * 24 * 60 * 60 * 1000;
-      break;
-    case 'm':
-      ms = value * 30 * 24 * 60 * 60 * 1000;
-      break;
-    default:
-      return timeStr;
-  }
-
-  return new Date(now - ms).toISOString();
-}
-
-/**
- * Parse audit list options
- */
-export function parseAuditListOptions(args: string[]): AuditListOptions {
-  const options: AuditListOptions = {};
-
-  for (let i = 0; i < args.length; i++) {
-    const arg = args[i];
-    if (arg === '--since' && args[i + 1]) {
-      options.since = parseRelativeTime(args[++i]);
-    } else if (arg === '--until' && args[i + 1]) {
-      options.until = parseRelativeTime(args[++i]);
-    } else if (arg === '--action' && args[i + 1]) {
-      options.action = args[++i];
-    } else if (arg === '--user' && args[i + 1]) {
-      options.userId = args[++i];
-    } else if ((arg === '--limit' || arg === '-n') && args[i + 1]) {
-      options.limit = parseInt(args[++i], 10);
-    } else if (arg === '--json') {
-      options.json = true;
-    } else if (arg === '--non-interactive') {
-      options.nonInteractive = true;
-    }
-  }
-
-  return options;
-}
-
-/**
- * Parse audit export options
- */
-export function parseAuditExportOptions(args: string[]): AuditExportCommandOptions {
-  const options: AuditExportCommandOptions = {};
-
-  for (let i = 0; i < args.length; i++) {
-    const arg = args[i];
-    if (arg === '--format' && args[i + 1]) {
-      options.format = args[++i] as 'csv' | 'json';
-    } else if ((arg === '--output' || arg === '-o') && args[i + 1]) {
-      options.output = args[++i];
-    } else if (arg === '--since' && args[i + 1]) {
-      options.since = parseRelativeTime(args[++i]);
-    } else if (arg === '--until' && args[i + 1]) {
-      options.until = parseRelativeTime(args[++i]);
-    } else if (arg === '--non-interactive') {
-      options.nonInteractive = true;
-    }
-  }
-
-  return options;
-}
-
-/**
- * Format timestamp for display
- */
-function formatTimestamp(ts: string): string {
-  const date = new Date(ts);
-  return `${date.toLocaleDateString()} ${date.toLocaleTimeString()}`;
-}
-
-/**
- * Audit list command
- */
-export async function auditListCommand(options: AuditListOptions): Promise<void> {
-  try {
-    const teamId = getCurrentTeamId();
-    if (!teamId) {
-      ui.error('No team selected. Run `nimbus team switch <team-id>` first.');
-      return;
-    }
-
-    ui.startSpinner({ message: 'Fetching audit logs...' });
-    const result = await auditClient.queryLogs({
-      teamId,
-      userId: options.userId,
-      action: options.action as any,
-      since: options.since,
-      until: options.until,
-      limit: options.limit || 50,
-    });
-    ui.stopSpinnerSuccess(`Found ${result.total} logs (showing ${result.logs.length})`);
-
-    if (options.json) {
-      console.log(JSON.stringify(result, null, 2));
-      return;
-    }
-
-    if (result.logs.length === 0) {
-      ui.info('No audit logs found');
-      return;
-    }
-
-    ui.newLine();
-    ui.table({
-      columns: [
-        { key: 'timestamp', header: 'Time', width: 20 },
-        { key: 'action', header: 'Action', width: 20 },
-        { key: 'user', header: 'User', width: 15 },
-        { key: 'status', header: 'Status', width: 10 },
-        { key: 'resource', header: 'Resource' },
-      ],
-      data: result.logs.map(log => ({
-        timestamp: formatTimestamp(log.timestamp),
-        action: log.action,
-        user: log.userId || '-',
-        status: log.status,
-        resource: log.resourceType ? `${log.resourceType}/${log.resourceId || ''}` : '-',
-      })),
-    });
-
-    if (result.total > result.logs.length) {
-      ui.newLine();
-      ui.dim(`Showing ${result.logs.length} of ${result.total} logs. Use --limit to show more.`);
-    }
-  } catch (error: any) {
-    ui.stopSpinnerFail('Failed to fetch audit logs');
-    ui.error(error.message);
-  }
-}
-
-/**
- * Audit export command
- */
-export async function auditExportCommand(options: AuditExportCommandOptions): Promise<void> {
-  try {
-    const teamId = getCurrentTeamId();
-    if (!teamId) {
-      ui.error('No team selected. Run `nimbus team switch <team-id>` first.');
-      return;
-    }
-
-    const format = options.format || 'json';
-    const output =
-      options.output || `audit-logs-${new Date().toISOString().split('T')[0]}.${format}`;
-
-    ui.startSpinner({ message: `Exporting audit logs to ${output}...` });
-    const content = await auditClient.exportLogs(format, {
-      teamId,
-      since: options.since,
-      until: options.until,
-    });
-
-    fs.writeFileSync(output, content);
-    ui.stopSpinnerSuccess(`Exported to ${output}`);
-
-    const stats = fs.statSync(output);
-    ui.info(`File size: ${(stats.size / 1024).toFixed(1)} KB`);
-  } catch (error: any) {
-    ui.stopSpinnerFail('Failed to export audit logs');
-    ui.error(error.message);
-  }
-}
-
-/** Options for the audit scan subcommand */
-export interface AuditScanOptions {
-  /** Compliance framework filter */
-  framework?: 'soc2' | 'hipaa' | 'pci' | 'iso27001';
-  /** Write JSON report to this file */
-  output?: string;
-  /** Directory to scan (default: cwd) */
-  dir?: string;
-  /** Exit code 1 if findings exceed this count */
-  threshold?: number;
-}
-
-/**
- * Parse audit scan options from CLI args
- */
-export function parseAuditScanOptions(args: string[]): AuditScanOptions {
-  const options: AuditScanOptions = {};
-
-  for (let i = 0; i < args.length; i++) {
-    const arg = args[i];
-    if (arg === '--framework' && args[i + 1]) {
-      options.framework = args[++i] as AuditScanOptions['framework'];
-    } else if ((arg === '--output' || arg === '-o') && args[i + 1]) {
-      options.output = args[++i];
-    } else if ((arg === '--dir' || arg === '-d') && args[i + 1]) {
-      options.dir = args[++i];
-    } else if (arg === '--threshold' && args[i + 1]) {
-      options.threshold = parseInt(args[++i], 10);
-    }
-  }
-
-  return options;
-}
-
-/**
- * Audit scan subcommand — runs the local security scanner
- */
-export async function auditScanCommand(options: AuditScanOptions): Promise<void> {
-  const { scanSecurity } = await import('../../audit/security-scanner');
-  const dir = options.dir ?? process.cwd();
-
-  ui.startSpinner({ message: `Scanning ${dir} for security issues...` });
-
-  let result;
-  try {
-    result = await scanSecurity({ dir });
-  } catch (e: any) {
-    ui.stopSpinnerFail('Scan failed');
-    ui.error(e.message);
-    return;
-  }
-
-  ui.stopSpinnerSuccess(
-    `Scan complete: ${result.findings.length} finding(s) in ${result.scannedFiles} file(s)`
-  );
-
-  // Filter by framework if provided (maps framework to relevant finding IDs)
-  let findings = result.findings;
-  if (options.framework) {
-    // Each framework maps loosely to severity thresholds
-    const frameworkSeverityMap: Record<string, string[]> = {
-      soc2: ['CRITICAL', 'HIGH', 'MEDIUM'],
-      hipaa: ['CRITICAL', 'HIGH', 'MEDIUM'],
-      pci: ['CRITICAL', 'HIGH'],
-      iso27001: ['CRITICAL', 'HIGH', 'MEDIUM', 'LOW'],
-    };
-    const allowedSeverities = frameworkSeverityMap[options.framework] ?? [];
-    findings = findings.filter((f: { severity: string }) => allowedSeverities.includes(f.severity));
-    ui.dim(`Framework filter (${options.framework}): showing ${findings.length} relevant finding(s)`);
-  }
-
-  if (findings.length === 0) {
-    ui.info('No findings. Scan clean.');
-  } else {
-    ui.newLine();
-    for (const finding of findings) {
-      const severityColor = finding.severity === 'CRITICAL' || finding.severity === 'HIGH'
-        ? 'red'
-        : finding.severity === 'MEDIUM'
-        ? 'yellow'
-        : 'white';
-      ui.print(`[${ui.color(finding.severity, severityColor)}] ${finding.id}: ${finding.title}`);
-      if (finding.file) ui.dim(`  File: ${finding.file}${finding.line ? `:${finding.line}` : ''}`);
-      ui.dim(`  ${finding.recommendation}`);
-      ui.newLine();
-    }
-  }
-
-  // Write JSON report to file if requested
-  if (options.output) {
-    const report = {
-      timestamp: result.timestamp.toISOString(),
-      scannedFiles: result.scannedFiles,
-      scanDuration: result.scanDuration,
-      framework: options.framework ?? null,
-      findingsCount: findings.length,
-      findings,
-    };
-    fs.writeFileSync(options.output, JSON.stringify(report, null, 2), 'utf-8');
-    ui.print(`Report written to ${options.output}`);
-  }
-
-  // Threshold check — exit code 1 if too many findings
-  if (options.threshold !== undefined && findings.length > options.threshold) {
-    ui.error(`Findings (${findings.length}) exceeded threshold (${options.threshold}). Exiting with code 1.`);
-    process.exit(1);
-  }
-}
-
-/**
- * Main audit command dispatcher
- */
-export async function auditCommand(subcommand: string, args: string[]): Promise<void> {
-  switch (subcommand) {
-    case 'list':
-    case '':
-      await auditListCommand(parseAuditListOptions(args));
-      break;
-    case 'export':
-      await auditExportCommand(parseAuditExportOptions(args));
-      break;
-    case 'scan':
-      await auditScanCommand(parseAuditScanOptions(args));
-      break;
-    default:
-      ui.error(`Unknown audit command: ${subcommand}`);
-      ui.newLine();
-      ui.info('Available audit commands:');
-      ui.print('  nimbus audit                      - List audit logs');
-      ui.print('  nimbus audit list                 - List audit logs');
-      ui.print('  nimbus audit export               - Export audit logs');
-      ui.print('  nimbus audit scan                 - Scan directory for security issues');
-      ui.newLine();
-      ui.info('Options (list):');
-      ui.print('  --since <time>   Filter logs since (e.g., 7d, 24h, 2024-01-01)');
-      ui.print('  --until <time>   Filter logs until');
-      ui.print('  --action <type>  Filter by action type');
-      ui.print('  --user <id>      Filter by user');
-      ui.print('  --limit <n>      Number of logs to show');
-      ui.print('  --json           Output as JSON');
-      ui.newLine();
-      ui.info('Options (scan):');
-      ui.print('  --framework <f>  Compliance framework: soc2|hipaa|pci|iso27001');
-      ui.print('  --output <file>  Write JSON report to file');
-      ui.print('  --dir <path>     Directory to scan (default: cwd)');
-      ui.print('  --threshold <n>  Exit code 1 if findings exceed this count');
-      ui.newLine();
-      ui.info('Export options:');
-      ui.print('  --format <type>  Export format (csv|json)');
-      ui.print('  --output <file>  Output file path');
-  }
-}