npm - @byh3071/vhk - Versions diffs - 1.6.6 → 1.7.0 - Mend

@byh3071/vhk 1.6.6 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/{chunk-HLUFOT2T.js → chunk-GXFZ7JXX.js} +1 -0
package/dist/index.js +200 -21
package/dist/mcp/index.js +1 -1
package/package.json +1 -1

package/dist/{chunk-HLUFOT2T.js → chunk-GXFZ7JXX.js} RENAMED Viewed

@@ -2987,6 +2987,7 @@ export {
   ko,
   t,
   localDate,
+  ensureVhkIgnored,
   listBackups,
   restoreBackup,
   detectExistingRuleFiles,

package/dist/index.js CHANGED Viewed

@@ -13,6 +13,7 @@ import {
   deploy,
   detectExistingRuleFiles,
   ensureInteractive,
+  ensureVhkIgnored,
   env,
   envCheck,
   filterSevereFindings,
@@ -42,7 +43,7 @@ import {
   stripBom,
   sync,
   t
-} from "./chunk-HLUFOT2T.js";
+} from "./chunk-GXFZ7JXX.js";
 // src/index.ts
 import { Command, Help } from "commander";
@@ -5359,30 +5360,208 @@ async function mode(target) {
 }
 // src/commands/verify.ts
+import { execFileSync as execFileSync4 } from "child_process";
+import { existsSync as existsSync16, mkdirSync as mkdirSync11, writeFileSync as writeFileSync11 } from "fs";
+import { join as join10 } from "path";
 import chalk30 from "chalk";
-function verificationChecklist() {
-  return [
-    "\uD0C0\uC785 \uCCB4\uD06C \u2014 pnpm exec tsc --noEmit",
-    "\uD14C\uC2A4\uD2B8 \u2014 pnpm run test:run",
-    "\uBE4C\uB4DC \u2014 pnpm run build",
-    "\uBCF4\uC548 \uC2A4\uCE94 \u2014 vhk secure scan"
-  ];
+var REPORT_SCHEMA_VERSION = 1;
+var REPORT_DIR_REL = join10(".vhk", "reports");
+var REPORT_PATH_REL = join10(REPORT_DIR_REL, "latest.json");
+var SHIM = /* @__PURE__ */ new Set(["pnpm", "npm", "npx", "yarn"]);
+function detectPm(cwd) {
+  if (existsSync16(join10(cwd, "pnpm-lock.yaml"))) return "pnpm";
+  if (existsSync16(join10(cwd, "yarn.lock"))) return "yarn";
+  return "npm";
+}
+function execGate(cmd, args, cwd) {
+  let bin = cmd;
+  let argv = args;
+  if (process.platform === "win32" && SHIM.has(cmd)) {
+    bin = "cmd.exe";
+    argv = ["/d", "/s", "/c", `${cmd}.cmd`, ...args];
+  }
+  try {
+    execFileSync4(bin, argv, {
+      cwd,
+      stdio: ["pipe", "pipe", "pipe"],
+      encoding: "utf-8",
+      maxBuffer: 64 * 1024 * 1024,
+      timeout: 6e5,
+      killSignal: "SIGTERM"
+    });
+    return { exitCode: 0, out: "" };
+  } catch (e) {
+    const err = e;
+    const exitCode = typeof err.status === "number" ? err.status : 1;
+    const out = ((err.stdout?.toString?.() ?? "") + (err.stderr?.toString?.() ?? "")).trim();
+    return { exitCode, out };
+  }
+}
+function runScriptGate(id, label, cwd, pm, argvFor) {
+  const argv = argvFor(pm);
+  if (!argv) {
+    return { id, label, status: "skip", exitCode: null, skipped: true, detail: "\uD574\uB2F9 \uC2A4\uD06C\uB9BD\uD2B8/\uC124\uC815 \uC5C6\uC74C \u2014 skip(WARN)" };
+  }
+  const { exitCode } = execGate(pm, argv, cwd);
+  return {
+    id,
+    label,
+    status: exitCode === 0 ? "pass" : "fail",
+    exitCode,
+    skipped: false,
+    detail: exitCode === 0 ? void 0 : `\uC885\uB8CC\uCF54\uB4DC ${exitCode}`
+  };
+}
+function readPackageScripts(cwd) {
+  const pkgPath = join10(cwd, "package.json");
+  if (!existsSync16(pkgPath)) return {};
+  try {
+    const pkg = readJsonFile(pkgPath);
+    return pkg.scripts ?? {};
+  } catch {
+    return {};
+  }
+}
+function runGates(cwd) {
+  const scripts = readPackageScripts(cwd);
+  const pm = detectPm(cwd);
+  const gates = [];
+  gates.push(
+    runScriptGate("typecheck", "tsc --noEmit", cwd, pm, () => {
+      if (scripts.typecheck) return ["run", "typecheck"];
+      if (existsSync16(join10(cwd, "tsconfig.json"))) return pm === "npm" ? ["exec", "--", "tsc", "--noEmit"] : ["exec", "tsc", "--noEmit"];
+      return null;
+    })
+  );
+  gates.push(
+    runScriptGate("test", "test:run", cwd, pm, () => {
+      if (scripts["test:run"]) return ["run", "test:run"];
+      if (scripts.test && /vitest/.test(scripts.test)) return ["run", "test", "--", "--run"];
+      if (scripts.test) return ["run", "test"];
+      return null;
+    })
+  );
+  gates.push(
+    runScriptGate("build", "build", cwd, pm, () => scripts.build ? ["run", "build"] : null)
+  );
+  gates.push(runSecureGate(cwd));
+  return gates;
+}
+function runSecureGate(cwd) {
+  try {
+    const severe = filterSevereFindings(scanProjectForSecrets(cwd).findings);
+    const n = severe.length;
+    return {
+      id: "secure",
+      label: "secure scan",
+      status: n === 0 ? "pass" : "fail",
+      exitCode: n === 0 ? 0 : 1,
+      skipped: false,
+      detail: n === 0 ? void 0 : `severe \uC2DC\uD06C\uB9BF ${n}\uAC74 (\uAC12 \uBBF8\uAE30\uB85D \u2014 vhk secure scan \uC73C\uB85C \uD655\uC778)`
+    };
+  } catch (e) {
+    return {
+      id: "secure",
+      label: "secure scan",
+      status: "fail",
+      exitCode: 1,
+      skipped: false,
+      detail: `\uC2A4\uCE94 \uC2E4\uD589 \uC2E4\uD328: ${e instanceof Error ? e.message : String(e)}`
+    };
+  }
+}
+function aggregateStatus(gates) {
+  if (gates.some((g) => g.status === "fail")) return "FAIL";
+  if (gates.some((g) => g.status === "skip")) return "WARN";
+  return "PASS";
 }
-async function verify() {
-  console.log(chalk30.bold("\n\u{1F50E} \uAC80\uC99D \uBB36\uC74C (verify \u2014 lite)"));
+function buildNextActions(gates) {
+  const actions = [];
+  for (const g of gates) {
+    if (g.status === "fail") {
+      if (g.id === "secure") actions.push("\uC2DC\uD06C\uB9BF \uC81C\uAC70 \uD6C4 \uC7AC\uAC80\uC99D \u2014 vhk secure scan \uC73C\uB85C \uC704\uCE58 \uD655\uC778");
+      else actions.push(`${g.label} \uC2E4\uD328(\uC885\uB8CC\uCF54\uB4DC ${g.exitCode}) \u2014 \uB85C\uADF8 \uD655\uC778 \uD6C4 \uC218\uC815`);
+    } else if (g.status === "skip") {
+      actions.push(`${g.label} \uAC8C\uC774\uD2B8 \uC5C6\uC74C \u2014 package.json scripts \uC5D0 \uCD94\uAC00\uD558\uBA74 \uAC80\uC99D \uCEE4\uBC84\uB9AC\uC9C0 \u2191`);
+    }
+  }
+  if (actions.length === 0) actions.push("\uAC80\uC99D \uD1B5\uACFC \u2014 vhk save \uB85C \uC800\uC7A5\uD558\uC138\uC694.");
+  return actions;
+}
+function buildReport(gates, generatedAt, date) {
+  const summary = {
+    total: gates.length,
+    pass: gates.filter((g) => g.status === "pass").length,
+    fail: gates.filter((g) => g.status === "fail").length,
+    skip: gates.filter((g) => g.status === "skip").length
+  };
+  return {
+    schemaVersion: REPORT_SCHEMA_VERSION,
+    generatedAt,
+    date,
+    status: aggregateStatus(gates),
+    summary,
+    gates,
+    nextActions: buildNextActions(gates)
+  };
+}
+function verifyEvidence(cwd = process.cwd()) {
+  const gates = runGates(cwd);
+  const report = buildReport(gates, (/* @__PURE__ */ new Date()).toISOString(), localDate());
+  const dir = join10(cwd, REPORT_DIR_REL);
+  mkdirSync11(dir, { recursive: true });
+  const path14 = join10(cwd, REPORT_PATH_REL);
+  writeFileSync11(path14, JSON.stringify(report, null, 2) + "\n", "utf-8");
+  try {
+    ensureVhkIgnored(cwd, "reports/");
+  } catch {
+  }
+  return { report, path: REPORT_PATH_REL };
+}
+var STATUS_BADGE = {
+  PASS: chalk30.green.bold("PASS"),
+  WARN: chalk30.yellow.bold("WARN"),
+  FAIL: chalk30.red.bold("FAIL")
+};
+async function verify(opts = {}) {
+  if (!ensureNotHardStopped("verify")) return;
+  const cwd = process.cwd();
+  const { report, path: path14 } = verifyEvidence(cwd);
+  if (opts.json) {
+    console.log(JSON.stringify(report, null, 2));
+    process.exitCode = report.status === "FAIL" ? 1 : 0;
+    return;
+  }
+  console.log(chalk30.bold("\n\u{1F50E} \uAC80\uC99D \uBB36\uC74C (verify)"));
   console.log(chalk30.gray("\u2500".repeat(40)));
   const mode2 = readConfig().safetyMode;
   console.log(chalk30.dim(`  \uD604\uC7AC Safety Mode: ${mode2} \u2014 ${SAFETY_MODE_DESC[mode2]}`));
-  console.log(chalk30.cyan("\n  \uC704\uD5D8 \uC791\uC5C5/\uC800\uC7A5 \uC804 \uAD8C\uC7A5 \uAC80\uC99D:"));
-  for (const item of verificationChecklist()) {
-    console.log(`   \u2610 ${item}`);
+  const icon = (s2) => s2 === "pass" ? chalk30.green("\u2713") : s2 === "fail" ? chalk30.red("\u2717") : chalk30.yellow("\u2298");
+  for (const g of report.gates) {
+    const tail = g.detail ? chalk30.dim(` \u2014 ${g.detail}`) : "";
+    console.log(`   ${icon(g.status)} ${g.label}${tail}`);
+  }
+  const s = report.summary;
+  console.log(
+    `
+  \uACB0\uACFC: ${STATUS_BADGE[report.status]}  ` + chalk30.dim(`(pass ${s.pass} / fail ${s.fail} / skip ${s.skip}, \uCD1D ${s.total})`)
+  );
+  console.log(chalk30.dim(`  \u{1F4C4} \uC99D\uAC70: ${path14}`));
+  process.exitCode = report.status === "FAIL" ? 1 : 0;
+  if (report.status === "FAIL") {
+    printNextStep({
+      message: "\uAC80\uC99D \uC2E4\uD328 \u2014 \uC544\uB798\uB97C \uBA3C\uC800 \uACE0\uCE58\uC138\uC694:",
+      command: "vhk verify",
+      cursorHint: "\uAC80\uC99D \uB2E4\uC2DC \uB3CC\uB824\uC918",
+      alternative: report.nextActions[0]
+    });
+  } else {
+    printNextStep({
+      message: report.status === "WARN" ? "\uAC80\uC99D \uD1B5\uACFC(\uC77C\uBD80 \uAC8C\uC774\uD2B8 skip). \uC800\uC7A5\uD558\uB824\uBA74:" : "\uAC80\uC99D \uD1B5\uACFC! \uC800\uC7A5\uD558\uB824\uBA74:",
+      command: "vhk save",
+      cursorHint: "\uC800\uC7A5\uD574\uC918"
+    });
   }
-  console.log(chalk30.dim("\n  \u203B \uBA54\uD0C0\uB7EC\uB108(\uC790\uB3D9 \uC2E4\uD589) \uC790\uB9AC \u2014 \uD604\uC7AC\uB294 \uBB36\uC74C \uC548\uB0B4\uB9CC(lite)."));
-  printNextStep({
-    message: "\uAC80\uC99D \uD1B5\uACFC \uD6C4 \uC800\uC7A5\uD558\uC138\uC694:",
-    command: "vhk save",
-    cursorHint: "\uC800\uC7A5\uD574\uC918"
-  });
 }
 // src/lib/risk-policy.ts
@@ -5861,8 +6040,8 @@ program.command("context").alias("\uB9E5\uB77D").option("--compact", "\uD1A0\uD0
 program.command("mode [target]").alias("\uBAA8\uB4DC").description("Safety Mode \uC870\uD68C/\uBCC0\uACBD (lite|standard|strict) \u2014 \uC704\uD5D8 \uC791\uC5C5 \uAC00\uB4DC \uAC15\uB3C4").action(async (target) => {
   await mode(target);
 });
-program.command("verify").alias("\uC0AC\uC804\uC810\uAC80").description("\uC800\uC7A5/\uC704\uD5D8 \uC791\uC5C5 \uC804 \uAC80\uC99D \uBB36\uC74C \uC548\uB0B4 (lite)").action(async () => {
-  await verify();
+program.command("verify").alias("\uC0AC\uC804\uC810\uAC80").option("--json", "\uB9AC\uD3EC\uD2B8 JSON \uC744 stdout \uC73C\uB85C \uCD9C\uB825 (CI\uC6A9 \u2014 \uACBD\uB85C \uB300\uC2E0)").description("\uAC80\uC99D \uAC8C\uC774\uD2B8(tsc/test/build/secure) \uC2E4\uC81C \uC2E4\uD589 + \uC99D\uAC70 \uAE30\uB85D (.vhk/reports/latest.json)").action(async (opts) => {
+  await verify(opts);
 });
 program.command("context-show").alias("\uB9E5\uB77D\uBCF4\uAE30").description("\uD604\uC7AC \uCEE8\uD14D\uC2A4\uD2B8 \uD30C\uC77C \uB0B4\uC6A9 \uCD9C\uB825").action(async () => {
   await contextShow();

package/dist/mcp/index.js CHANGED Viewed

@@ -2,7 +2,7 @@
 import {
   resolveVhkCliInvocation,
   startMcpServer
-} from "../chunk-HLUFOT2T.js";
+} from "../chunk-GXFZ7JXX.js";
 // src/mcp/index.ts
 var cli = resolveVhkCliInvocation();

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@byh3071/vhk",
-  "version": "1.6.6",
+  "version": "1.7.0",
   "description": "Vibe Harness Kit — AI 코딩 도구·기기를 바꿔도 규칙·맥락이 따라가는 포터빌리티 CLI (sync: Cursor·Claude·Windsurf·Copilot·Antigravity / cloud 백업)",
   "bin": {
     "vhk": "dist/index.js",