@claude-flow/cli 3.0.0-alpha.13 → 3.0.0-alpha.15

package/src/commands/providers.ts

@@ -1,259 +0,0 @@
-/**
- * V3 CLI Providers Command
- * Manage AI providers, models, and configurations
- *
- * Created with ❤️ by ruv.io
- */
-
-import type { Command, CommandContext, CommandResult } from '../types.js';
-import { output } from '../output.js';
-
-// List subcommand
-const listCommand: Command = {
-  name: 'list',
-  description: 'List available AI providers and models',
-  options: [
-    { name: 'type', short: 't', type: 'string', description: 'Filter by type: llm, embedding, image', default: 'all' },
-    { name: 'active', short: 'a', type: 'boolean', description: 'Show only active providers' },
-  ],
-  examples: [
-    { command: 'claude-flow providers list', description: 'List all providers' },
-    { command: 'claude-flow providers list -t embedding', description: 'List embedding providers' },
-  ],
-  action: async (ctx: CommandContext): Promise<CommandResult> => {
-    const type = ctx.flags.type as string || 'all';
-
-    output.writeln();
-    output.writeln(output.bold('Available Providers'));
-    output.writeln(output.dim('─'.repeat(60)));
-
-    output.printTable({
-      columns: [
-        { key: 'provider', header: 'Provider', width: 18 },
-        { key: 'type', header: 'Type', width: 12 },
-        { key: 'models', header: 'Models', width: 25 },
-        { key: 'status', header: 'Status', width: 12 },
-      ],
-      data: [
-        { provider: 'Anthropic', type: 'LLM', models: 'claude-3.5-sonnet, opus', status: output.success('Active') },
-        { provider: 'OpenAI', type: 'LLM', models: 'gpt-4o, gpt-4-turbo', status: output.success('Active') },
-        { provider: 'OpenAI', type: 'Embedding', models: 'text-embedding-3-small/large', status: output.success('Active') },
-        { provider: 'Transformers.js', type: 'Embedding', models: 'all-MiniLM-L6-v2', status: output.success('Active') },
-        { provider: 'Agentic Flow', type: 'Embedding', models: 'ONNX optimized', status: output.success('Active') },
-        { provider: 'Mock', type: 'All', models: 'mock-*', status: output.dim('Dev only') },
-      ],
-    });
-
-    return { success: true };
-  },
-};
-
-// Configure subcommand
-const configureCommand: Command = {
-  name: 'configure',
-  description: 'Configure provider settings and API keys',
-  options: [
-    { name: 'provider', short: 'p', type: 'string', description: 'Provider name', required: true },
-    { name: 'key', short: 'k', type: 'string', description: 'API key' },
-    { name: 'model', short: 'm', type: 'string', description: 'Default model' },
-    { name: 'endpoint', short: 'e', type: 'string', description: 'Custom endpoint URL' },
-  ],
-  examples: [
-    { command: 'claude-flow providers configure -p openai -k sk-...', description: 'Set OpenAI key' },
-    { command: 'claude-flow providers configure -p anthropic -m claude-3.5-sonnet', description: 'Set default model' },
-  ],
-  action: async (ctx: CommandContext): Promise<CommandResult> => {
-    const provider = ctx.flags.provider as string;
-    const hasKey = ctx.flags.key as string;
-    const model = ctx.flags.model as string;
-
-    if (!provider) {
-      output.printError('Provider name is required');
-      return { success: false, exitCode: 1 };
-    }
-
-    output.writeln();
-    output.writeln(output.bold(`Configure: ${provider}`));
-    output.writeln(output.dim('─'.repeat(40)));
-
-    const spinner = output.createSpinner({ text: 'Updating configuration...', spinner: 'dots' });
-    spinner.start();
-    await new Promise(r => setTimeout(r, 500));
-    spinner.succeed('Configuration updated');
-
-    output.writeln();
-    output.printBox([
-      `Provider: ${provider}`,
-      `API Key: ${hasKey ? '••••••••' + (hasKey as string).slice(-4) : 'Not set'}`,
-      `Model: ${model || 'Default'}`,
-      `Status: Active`,
-    ].join('\n'), 'Configuration');
-
-    return { success: true };
-  },
-};
-
-// Test subcommand
-const testCommand: Command = {
-  name: 'test',
-  description: 'Test provider connectivity and API access',
-  options: [
-    { name: 'provider', short: 'p', type: 'string', description: 'Provider to test' },
-    { name: 'all', short: 'a', type: 'boolean', description: 'Test all configured providers' },
-  ],
-  examples: [
-    { command: 'claude-flow providers test -p openai', description: 'Test OpenAI connection' },
-    { command: 'claude-flow providers test --all', description: 'Test all providers' },
-  ],
-  action: async (ctx: CommandContext): Promise<CommandResult> => {
-    const provider = ctx.flags.provider as string;
-    const testAll = ctx.flags.all as boolean;
-
-    output.writeln();
-    output.writeln(output.bold('Provider Connectivity Test'));
-    output.writeln(output.dim('─'.repeat(50)));
-
-    const providers = testAll || !provider
-      ? ['Anthropic', 'OpenAI (LLM)', 'OpenAI (Embedding)', 'Transformers.js', 'Agentic Flow']
-      : [provider];
-
-    for (const p of providers) {
-      const spinner = output.createSpinner({ text: `Testing ${p}...`, spinner: 'dots' });
-      spinner.start();
-      await new Promise(r => setTimeout(r, 300));
-      spinner.succeed(`${p}: Connected`);
-    }
-
-    output.writeln();
-    output.printSuccess(`All ${providers.length} providers connected successfully`);
-
-    return { success: true };
-  },
-};
-
-// Models subcommand
-const modelsCommand: Command = {
-  name: 'models',
-  description: 'List and manage available models',
-  options: [
-    { name: 'provider', short: 'p', type: 'string', description: 'Filter by provider' },
-    { name: 'capability', short: 'c', type: 'string', description: 'Filter by capability: chat, completion, embedding' },
-  ],
-  examples: [
-    { command: 'claude-flow providers models', description: 'List all models' },
-    { command: 'claude-flow providers models -p anthropic', description: 'List Anthropic models' },
-  ],
-  action: async (ctx: CommandContext): Promise<CommandResult> => {
-    output.writeln();
-    output.writeln(output.bold('Available Models'));
-    output.writeln(output.dim('─'.repeat(70)));
-
-    output.printTable({
-      columns: [
-        { key: 'model', header: 'Model', width: 28 },
-        { key: 'provider', header: 'Provider', width: 14 },
-        { key: 'capability', header: 'Capability', width: 12 },
-        { key: 'context', header: 'Context', width: 10 },
-        { key: 'cost', header: 'Cost/1K', width: 12 },
-      ],
-      data: [
-        { model: 'claude-3.5-sonnet-20241022', provider: 'Anthropic', capability: 'Chat', context: '200K', cost: '$0.003/$0.015' },
-        { model: 'claude-3-opus-20240229', provider: 'Anthropic', capability: 'Chat', context: '200K', cost: '$0.015/$0.075' },
-        { model: 'gpt-4o', provider: 'OpenAI', capability: 'Chat', context: '128K', cost: '$0.005/$0.015' },
-        { model: 'gpt-4-turbo', provider: 'OpenAI', capability: 'Chat', context: '128K', cost: '$0.01/$0.03' },
-        { model: 'text-embedding-3-small', provider: 'OpenAI', capability: 'Embedding', context: '8K', cost: '$0.00002' },
-        { model: 'text-embedding-3-large', provider: 'OpenAI', capability: 'Embedding', context: '8K', cost: '$0.00013' },
-        { model: 'all-MiniLM-L6-v2', provider: 'Transformers', capability: 'Embedding', context: '512', cost: output.success('Free') },
-      ],
-    });
-
-    return { success: true };
-  },
-};
-
-// Usage subcommand
-const usageCommand: Command = {
-  name: 'usage',
-  description: 'View provider usage and costs',
-  options: [
-    { name: 'provider', short: 'p', type: 'string', description: 'Filter by provider' },
-    { name: 'timeframe', short: 't', type: 'string', description: 'Timeframe: 24h, 7d, 30d', default: '7d' },
-  ],
-  examples: [
-    { command: 'claude-flow providers usage', description: 'View all usage' },
-    { command: 'claude-flow providers usage -t 30d', description: 'View 30-day usage' },
-  ],
-  action: async (ctx: CommandContext): Promise<CommandResult> => {
-    const timeframe = ctx.flags.timeframe as string || '7d';
-
-    output.writeln();
-    output.writeln(output.bold(`Provider Usage (${timeframe})`));
-    output.writeln(output.dim('─'.repeat(60)));
-
-    output.printTable({
-      columns: [
-        { key: 'provider', header: 'Provider', width: 15 },
-        { key: 'requests', header: 'Requests', width: 12 },
-        { key: 'tokens', header: 'Tokens', width: 15 },
-        { key: 'cost', header: 'Est. Cost', width: 12 },
-        { key: 'trend', header: 'Trend', width: 12 },
-      ],
-      data: [
-        { provider: 'Anthropic', requests: '12,847', tokens: '4.2M', cost: '$12.60', trend: output.warning('↑ 15%') },
-        { provider: 'OpenAI (LLM)', requests: '3,421', tokens: '1.1M', cost: '$5.50', trend: output.success('↓ 8%') },
-        { provider: 'OpenAI (Embed)', requests: '89,234', tokens: '12.4M', cost: '$0.25', trend: output.success('↓ 12%') },
-        { provider: 'Transformers.js', requests: '234,567', tokens: '45.2M', cost: output.success('$0.00'), trend: '→' },
-      ],
-    });
-
-    output.writeln();
-    output.printBox([
-      `Total Requests: 340,069`,
-      `Total Tokens: 62.9M`,
-      `Total Cost: $18.35`,
-      ``,
-      `Savings from local embeddings: $890.12`,
-    ].join('\n'), 'Summary');
-
-    return { success: true };
-  },
-};
-
-// Main providers command
-export const providersCommand: Command = {
-  name: 'providers',
-  description: 'Manage AI providers, models, and configurations',
-  subcommands: [listCommand, configureCommand, testCommand, modelsCommand, usageCommand],
-  examples: [
-    { command: 'claude-flow providers list', description: 'List all providers' },
-    { command: 'claude-flow providers configure -p openai', description: 'Configure OpenAI' },
-    { command: 'claude-flow providers test --all', description: 'Test all providers' },
-  ],
-  action: async (): Promise<CommandResult> => {
-    output.writeln();
-    output.writeln(output.bold('Claude Flow Provider Management'));
-    output.writeln(output.dim('Multi-provider AI orchestration'));
-    output.writeln();
-    output.writeln('Subcommands:');
-    output.printList([
-      'list      - List available providers and their status',
-      'configure - Configure provider settings and API keys',
-      'test      - Test provider connectivity',
-      'models    - List and manage available models',
-      'usage     - View usage statistics and costs',
-    ]);
-    output.writeln();
-    output.writeln('Supported Providers:');
-    output.printList([
-      'Anthropic (Claude models)',
-      'OpenAI (GPT + embeddings)',
-      'Transformers.js (local ONNX)',
-      'Agentic Flow (optimized ONNX with SIMD)',
-    ]);
-    output.writeln();
-    output.writeln(output.dim('Created with ❤️ by ruv.io'));
-    return { success: true };
-  },
-};
-
-export default providersCommand;

package/src/commands/security.ts

@@ -1,288 +0,0 @@
-/**
- * V3 CLI Security Command
- * Security scanning, CVE detection, threat modeling, vulnerability management
- *
- * Created with ❤️ by ruv.io
- */
-
-import type { Command, CommandContext, CommandResult } from '../types.js';
-import { output } from '../output.js';
-
-// Scan subcommand
-const scanCommand: Command = {
-  name: 'scan',
-  description: 'Run security scan on target (code, dependencies, containers)',
-  options: [
-    { name: 'target', short: 't', type: 'string', description: 'Target path or URL to scan', default: '.' },
-    { name: 'depth', short: 'd', type: 'string', description: 'Scan depth: quick, standard, deep', default: 'standard' },
-    { name: 'type', type: 'string', description: 'Scan type: code, deps, container, all', default: 'all' },
-    { name: 'output', short: 'o', type: 'string', description: 'Output format: text, json, sarif', default: 'text' },
-    { name: 'fix', short: 'f', type: 'boolean', description: 'Auto-fix vulnerabilities where possible' },
-  ],
-  examples: [
-    { command: 'claude-flow security scan -t ./src', description: 'Scan source directory' },
-    { command: 'claude-flow security scan --depth deep --fix', description: 'Deep scan with auto-fix' },
-  ],
-  action: async (ctx: CommandContext): Promise<CommandResult> => {
-    const target = ctx.flags.target as string || '.';
-    const depth = ctx.flags.depth as string || 'standard';
-    const scanType = ctx.flags.type as string || 'all';
-
-    output.writeln();
-    output.writeln(output.bold('Security Scan'));
-    output.writeln(output.dim('─'.repeat(50)));
-
-    const spinner = output.createSpinner({ text: `Scanning ${target}...`, spinner: 'dots' });
-    spinner.start();
-
-    // Simulate scan phases
-    const phases = ['Analyzing code patterns', 'Checking dependencies', 'CVE database lookup', 'Generating report'];
-    for (const phase of phases) {
-      spinner.setText(phase + '...');
-      await new Promise(r => setTimeout(r, 400));
-    }
-
-    spinner.succeed('Scan complete');
-
-    output.writeln();
-    output.printTable({
-      columns: [
-        { key: 'severity', header: 'Severity', width: 12 },
-        { key: 'type', header: 'Type', width: 18 },
-        { key: 'location', header: 'Location', width: 25 },
-        { key: 'description', header: 'Description', width: 35 },
-      ],
-      data: [
-        { severity: output.error('CRITICAL'), type: 'CVE-2024-1234', location: 'package.json:45', description: 'Prototype pollution in lodash' },
-        { severity: output.warning('HIGH'), type: 'Hardcoded Secret', location: 'src/config.ts:12', description: 'API key exposed in source' },
-        { severity: output.warning('MEDIUM'), type: 'SQL Injection', location: 'src/db/query.ts:78', description: 'Unsanitized user input' },
-        { severity: output.info('LOW'), type: 'Outdated Dep', location: 'package.json:23', description: 'axios@0.21.0 has known issues' },
-      ],
-    });
-
-    output.writeln();
-    output.printBox([
-      `Target: ${target}`,
-      `Depth: ${depth}`,
-      `Type: ${scanType}`,
-      ``,
-      `Critical: 1  High: 1  Medium: 1  Low: 1`,
-      `Total Issues: 4`,
-    ].join('\n'), 'Scan Summary');
-
-    return { success: true };
-  },
-};
-
-// CVE subcommand
-const cveCommand: Command = {
-  name: 'cve',
-  description: 'Check and manage CVE vulnerabilities',
-  options: [
-    { name: 'check', short: 'c', type: 'string', description: 'Check specific CVE ID' },
-    { name: 'list', short: 'l', type: 'boolean', description: 'List all known CVEs' },
-    { name: 'severity', short: 's', type: 'string', description: 'Filter by severity: critical, high, medium, low' },
-  ],
-  examples: [
-    { command: 'claude-flow security cve --list', description: 'List all CVEs' },
-    { command: 'claude-flow security cve -c CVE-2024-1234', description: 'Check specific CVE' },
-  ],
-  action: async (ctx: CommandContext): Promise<CommandResult> => {
-    const checkCve = ctx.flags.check as string;
-
-    output.writeln();
-    output.writeln(output.bold('CVE Database'));
-    output.writeln(output.dim('─'.repeat(50)));
-
-    if (checkCve) {
-      output.printBox([
-        `CVE ID: ${checkCve}`,
-        `Severity: CRITICAL (9.8)`,
-        `Status: Active`,
-        ``,
-        `Description: Remote code execution vulnerability`,
-        `Affected: lodash < 4.17.21`,
-        `Fix: Upgrade to lodash >= 4.17.21`,
-        ``,
-        `References:`,
-        `  - https://nvd.nist.gov/vuln/detail/${checkCve}`,
-        `  - https://github.com/advisories`,
-      ].join('\n'), 'CVE Details');
-    } else {
-      output.printTable({
-        columns: [
-          { key: 'id', header: 'CVE ID', width: 18 },
-          { key: 'severity', header: 'Severity', width: 12 },
-          { key: 'package', header: 'Package', width: 20 },
-          { key: 'status', header: 'Status', width: 15 },
-        ],
-        data: [
-          { id: 'CVE-2024-1234', severity: output.error('CRITICAL'), package: 'lodash@4.17.20', status: output.warning('Unfixed') },
-          { id: 'CVE-2024-5678', severity: output.warning('HIGH'), package: 'axios@0.21.0', status: output.success('Fixed') },
-          { id: 'CVE-2024-9012', severity: output.info('MEDIUM'), package: 'express@4.17.0', status: output.success('Fixed') },
-        ],
-      });
-    }
-
-    return { success: true };
-  },
-};
-
-// Threats subcommand
-const threatsCommand: Command = {
-  name: 'threats',
-  description: 'Threat modeling and analysis',
-  options: [
-    { name: 'model', short: 'm', type: 'string', description: 'Threat model: stride, dread, pasta', default: 'stride' },
-    { name: 'scope', short: 's', type: 'string', description: 'Analysis scope', default: '.' },
-    { name: 'export', short: 'e', type: 'string', description: 'Export format: json, md, html' },
-  ],
-  examples: [
-    { command: 'claude-flow security threats --model stride', description: 'Run STRIDE analysis' },
-    { command: 'claude-flow security threats -e md', description: 'Export as markdown' },
-  ],
-  action: async (ctx: CommandContext): Promise<CommandResult> => {
-    const model = ctx.flags.model as string || 'stride';
-
-    output.writeln();
-    output.writeln(output.bold(`Threat Model: ${model.toUpperCase()}`));
-    output.writeln(output.dim('─'.repeat(50)));
-
-    output.printTable({
-      columns: [
-        { key: 'category', header: 'Category', width: 20 },
-        { key: 'threat', header: 'Threat', width: 30 },
-        { key: 'risk', header: 'Risk', width: 10 },
-        { key: 'mitigation', header: 'Mitigation', width: 30 },
-      ],
-      data: [
-        { category: 'Spoofing', threat: 'API key theft', risk: output.error('High'), mitigation: 'Use secure key storage' },
-        { category: 'Tampering', threat: 'Data manipulation', risk: output.warning('Medium'), mitigation: 'Input validation' },
-        { category: 'Repudiation', threat: 'Action denial', risk: output.info('Low'), mitigation: 'Audit logging' },
-        { category: 'Info Disclosure', threat: 'Data leakage', risk: output.error('High'), mitigation: 'Encryption at rest' },
-        { category: 'DoS', threat: 'Resource exhaustion', risk: output.warning('Medium'), mitigation: 'Rate limiting' },
-        { category: 'Elevation', threat: 'Privilege escalation', risk: output.error('High'), mitigation: 'RBAC implementation' },
-      ],
-    });
-
-    return { success: true };
-  },
-};
-
-// Audit subcommand
-const auditCommand: Command = {
-  name: 'audit',
-  description: 'Security audit logging and compliance',
-  options: [
-    { name: 'action', short: 'a', type: 'string', description: 'Action: log, list, export, clear', default: 'list' },
-    { name: 'limit', short: 'l', type: 'number', description: 'Number of entries to show', default: '20' },
-    { name: 'filter', short: 'f', type: 'string', description: 'Filter by event type' },
-  ],
-  examples: [
-    { command: 'claude-flow security audit --action list', description: 'List audit logs' },
-    { command: 'claude-flow security audit -a export', description: 'Export audit trail' },
-  ],
-  action: async (ctx: CommandContext): Promise<CommandResult> => {
-    const action = ctx.flags.action as string || 'list';
-
-    output.writeln();
-    output.writeln(output.bold('Security Audit Log'));
-    output.writeln(output.dim('─'.repeat(60)));
-
-    output.printTable({
-      columns: [
-        { key: 'timestamp', header: 'Timestamp', width: 22 },
-        { key: 'event', header: 'Event', width: 20 },
-        { key: 'user', header: 'User', width: 15 },
-        { key: 'status', header: 'Status', width: 12 },
-      ],
-      data: [
-        { timestamp: '2024-01-15 14:32:01', event: 'AUTH_LOGIN', user: 'admin', status: output.success('Success') },
-        { timestamp: '2024-01-15 14:30:45', event: 'CONFIG_CHANGE', user: 'system', status: output.success('Success') },
-        { timestamp: '2024-01-15 14:28:12', event: 'AUTH_FAILED', user: 'unknown', status: output.error('Failed') },
-        { timestamp: '2024-01-15 14:25:33', event: 'SCAN_COMPLETE', user: 'ci-bot', status: output.success('Success') },
-        { timestamp: '2024-01-15 14:20:00', event: 'KEY_ROTATE', user: 'admin', status: output.success('Success') },
-      ],
-    });
-
-    return { success: true };
-  },
-};
-
-// Secrets subcommand
-const secretsCommand: Command = {
-  name: 'secrets',
-  description: 'Detect and manage secrets in codebase',
-  options: [
-    { name: 'action', short: 'a', type: 'string', description: 'Action: scan, list, rotate', default: 'scan' },
-    { name: 'path', short: 'p', type: 'string', description: 'Path to scan', default: '.' },
-    { name: 'ignore', short: 'i', type: 'string', description: 'Patterns to ignore' },
-  ],
-  examples: [
-    { command: 'claude-flow security secrets --action scan', description: 'Scan for secrets' },
-    { command: 'claude-flow security secrets -a rotate', description: 'Rotate compromised secrets' },
-  ],
-  action: async (ctx: CommandContext): Promise<CommandResult> => {
-    const path = ctx.flags.path as string || '.';
-
-    output.writeln();
-    output.writeln(output.bold('Secret Detection'));
-    output.writeln(output.dim('─'.repeat(50)));
-
-    const spinner = output.createSpinner({ text: 'Scanning for secrets...', spinner: 'dots' });
-    spinner.start();
-    await new Promise(r => setTimeout(r, 800));
-    spinner.succeed('Scan complete');
-
-    output.writeln();
-    output.printTable({
-      columns: [
-        { key: 'type', header: 'Secret Type', width: 20 },
-        { key: 'location', header: 'Location', width: 30 },
-        { key: 'risk', header: 'Risk', width: 12 },
-        { key: 'action', header: 'Recommended', width: 20 },
-      ],
-      data: [
-        { type: 'AWS Access Key', location: 'src/config.ts:15', risk: output.error('Critical'), action: 'Rotate immediately' },
-        { type: 'GitHub Token', location: '.env.example:8', risk: output.warning('High'), action: 'Remove from repo' },
-        { type: 'JWT Secret', location: 'src/auth.ts:42', risk: output.warning('High'), action: 'Use env variable' },
-        { type: 'DB Password', location: 'docker-compose.yml:23', risk: output.warning('Medium'), action: 'Use secrets mgmt' },
-      ],
-    });
-
-    return { success: true };
-  },
-};
-
-// Main security command
-export const securityCommand: Command = {
-  name: 'security',
-  description: 'Security scanning, CVE detection, threat modeling, vulnerability management',
-  subcommands: [scanCommand, cveCommand, threatsCommand, auditCommand, secretsCommand],
-  examples: [
-    { command: 'claude-flow security scan', description: 'Run security scan' },
-    { command: 'claude-flow security cve --list', description: 'List known CVEs' },
-    { command: 'claude-flow security threats', description: 'Run threat analysis' },
-  ],
-  action: async (): Promise<CommandResult> => {
-    output.writeln();
-    output.writeln(output.bold('Claude Flow Security Suite'));
-    output.writeln(output.dim('Comprehensive security scanning and vulnerability management'));
-    output.writeln();
-    output.writeln('Subcommands:');
-    output.printList([
-      'scan     - Run security scans on code, deps, containers',
-      'cve      - Check and manage CVE vulnerabilities',
-      'threats  - Threat modeling (STRIDE, DREAD, PASTA)',
-      'audit    - Security audit logging and compliance',
-      'secrets  - Detect and manage secrets in codebase',
-    ]);
-    output.writeln();
-    output.writeln('Use --help with subcommands for more info');
-    output.writeln();
-    output.writeln(output.dim('Created with ❤️ by ruv.io'));
-    return { success: true };
-  },
-};
-
-export default securityCommand;