@continum/cli 0.1.0

package/src/api/client.ts

@@ -0,0 +1,77 @@
+import fetch from 'node-fetch';
+import { Pattern, ApprovePatternDto } from '../types';
+
+export class ContinumApiClient {
+  private apiUrl: string;
+  private apiKey: string;
+
+  constructor(apiUrl: string, apiKey: string) {
+    this.apiUrl = apiUrl.replace(/\/$/, ''); // Remove trailing slash
+    this.apiKey = apiKey;
+  }
+
+  async approvePattern(dto: ApprovePatternDto): Promise<{ success: boolean; patternId: string }> {
+    const response = await fetch(`${this.apiUrl}/patterns/approve`, {
+      method: 'POST',
+      headers: {
+        'x-continum-key': this.apiKey,
+        'Content-Type': 'application/json'
+      },
+      body: JSON.stringify(dto)
+    });
+
+    if (!response.ok) {
+      const error = await response.text();
+      throw new Error(`Failed to approve pattern: ${error}`);
+    }
+
+    return response.json() as Promise<{ success: boolean; patternId: string }>;
+  }
+
+  async getPatternLibrary(): Promise<Pattern[]> {
+    const response = await fetch(`${this.apiUrl}/patterns/library`, {
+      method: 'GET',
+      headers: {
+        'x-continum-key': this.apiKey,
+        'Content-Type': 'application/json'
+      }
+    });
+
+    if (!response.ok) {
+      const error = await response.text();
+      throw new Error(`Failed to fetch patterns: ${error}`);
+    }
+
+    return response.json() as Promise<Pattern[]>;
+  }
+
+  async sendSandboxAudit(diff: string, sandbox: string): Promise<void> {
+    // Fire and forget - don't wait for response
+    fetch(`${this.apiUrl}/patterns/audit`, {
+      method: 'POST',
+      headers: {
+        'x-continum-key': this.apiKey,
+        'Content-Type': 'application/json'
+      },
+      body: JSON.stringify({ diff, sandbox })
+    }).catch(() => {
+      // Silent fail - this is background audit
+    });
+  }
+
+  async testConnection(): Promise<{ success: boolean; customer: string }> {
+    const response = await fetch(`${this.apiUrl}/patterns/status`, {
+      method: 'GET',
+      headers: {
+        'x-continum-key': this.apiKey,
+        'Content-Type': 'application/json'
+      }
+    });
+
+    if (!response.ok) {
+      throw new Error('Failed to connect to Continum API');
+    }
+
+    return response.json() as Promise<{ success: boolean; customer: string }>;
+  }
+}

package/src/commands/init.ts

@@ -0,0 +1,113 @@
+import chalk from 'chalk';
+import prompts from 'prompts';
+import { loadConfig, saveConfig, saveCredentials, loadCredentials } from '../config/loader';
+import { installPreCommitHook, isGitRepository, hasPreCommitHook } from '../git/git-utils';
+import { ContinumApiClient } from '../api/client';
+import { DEFAULT_CONFIG } from '../config/default-config';
+
+export async function initCommand(options: { silent?: boolean }): Promise<void> {
+  if (!options.silent) {
+    console.log(chalk.blue.bold('\n🛡️  Continum CLI Setup\n'));
+  }
+
+  // Check if in git repository
+  if (!isGitRepository()) {
+    console.log(chalk.red('✗ Not a git repository'));
+    console.log(chalk.gray('  Run this command in a git repository'));
+    process.exit(1);
+  }
+
+  // Check if already initialized
+  const existingConfig = loadConfig();
+  const hasHook = hasPreCommitHook();
+
+  if (existingConfig && hasHook && !options.silent) {
+    console.log(chalk.yellow('⚠️  Continum is already initialized in this repository'));
+    const { reinit } = await prompts({
+      type: 'confirm',
+      name: 'reinit',
+      message: 'Reinitialize?',
+      initial: false
+    });
+
+    if (!reinit) {
+      process.exit(0);
+    }
+  }
+
+  // Check for credentials - must be logged in first
+  const credentials = loadCredentials();
+  
+  if (!credentials.apiUrl || !credentials.apiKey) {
+    console.log(chalk.red('✗ Not logged in to Continum\n'));
+    console.log(chalk.gray('Please run `continum login` first to authenticate.\n'));
+    console.log(chalk.blue('  $ continum login\n'));
+    process.exit(1);
+  }
+
+  // Test connection
+  if (!options.silent) {
+    console.log(chalk.gray('\nTesting connection...'));
+  }
+
+  try {
+    const client = new ContinumApiClient(credentials.apiUrl!, credentials.apiKey!);
+    const status = await client.testConnection();
+    
+    if (!options.silent) {
+      console.log(chalk.green(`✓ Connected to Continum (${status.customer})`));
+    }
+  } catch (error) {
+    console.log(chalk.red('✗ Failed to connect to Continum API'));
+    console.log(chalk.gray(`  ${error instanceof Error ? error.message : 'Unknown error'}`));
+    process.exit(1);
+  }
+
+  // Get sandbox configuration
+  let sandbox = existingConfig?.sandbox || 'default';
+  
+  if (!options.silent) {
+    const sandboxResponse = await prompts({
+      type: 'text',
+      name: 'sandbox',
+      message: 'Sandbox name:',
+      initial: sandbox
+    });
+
+    if (sandboxResponse.sandbox) {
+      sandbox = sandboxResponse.sandbox;
+    }
+  }
+
+  // Create config file
+  const config = {
+    ...DEFAULT_CONFIG,
+    sandbox,
+    apiUrl: credentials.apiUrl,
+    apiKey: credentials.apiKey
+  };
+
+  saveConfig(config);
+
+  if (!options.silent) {
+    console.log(chalk.green('✓ .continum.json created'));
+  }
+
+  // Install git hook
+  try {
+    installPreCommitHook();
+    if (!options.silent) {
+      console.log(chalk.green('✓ Pre-commit hook installed'));
+    }
+  } catch (error) {
+    console.log(chalk.red('✗ Failed to install pre-commit hook'));
+    console.log(chalk.gray(`  ${error instanceof Error ? error.message : 'Unknown error'}`));
+    process.exit(1);
+  }
+
+  if (!options.silent) {
+    console.log(chalk.blue.bold('\n✓ Continum is ready!\n'));
+    console.log(chalk.gray('Every commit will now be scanned locally.'));
+    console.log(chalk.gray('Violations are also audited by the Continum sandbox.\n'));
+  }
+}

package/src/commands/login.ts

@@ -0,0 +1,205 @@
+import chalk from 'chalk';
+import ora from 'ora';
+import { createServer } from 'http';
+import { parse } from 'url';
+import { saveCredentials } from '../config/loader';
+import { ContinumApiClient } from '../api/client';
+
+const CALLBACK_PORT = 8765;
+const CALLBACK_PATH = '/cli/callback';
+
+interface AuthResponse {
+  apiKey: string;
+  apiUrl: string;
+  customer: string;
+}
+
+export async function loginCommand(): Promise<void> {
+  console.log(chalk.blue.bold('\n🛡️  Continum CLI Login\n'));
+
+  const apiUrl = process.env.CONTINUM_API_URL || 'https://api.continum.dev';
+  const consoleUrl = process.env.CONTINUM_CONSOLE_URL || 'https://console.continum.dev';
+
+  // Generate a random state for security
+  const state = generateRandomState();
+
+  // Start local server to receive callback
+  const authPromise = startCallbackServer(state);
+
+  // Build auth URL
+  const authUrl = `${consoleUrl}/cli/auth?state=${state}&port=${CALLBACK_PORT}`;
+
+  console.log(chalk.gray('Opening browser for authentication...\n'));
+  console.log(chalk.gray(`If browser doesn't open, visit:\n${authUrl}\n`));
+
+  // Open browser
+  const open = await import('open');
+  await open.default(authUrl);
+
+  const spinner = ora('Waiting for authentication...').start();
+
+  try {
+    // Wait for callback
+    const authResponse = await authPromise;
+    spinner.succeed('Authentication successful!');
+
+    // Save credentials
+    saveCredentials(authResponse.apiUrl || apiUrl, authResponse.apiKey);
+
+    // Test connection
+    console.log(chalk.gray('\nTesting connection...'));
+    const client = new ContinumApiClient(authResponse.apiUrl || apiUrl, authResponse.apiKey);
+    const status = await client.testConnection();
+
+    console.log(chalk.green(`✓ Connected to Continum (${status.customer})`));
+    console.log(chalk.blue.bold('\n✓ Login complete!\n'));
+    console.log(chalk.gray('You can now run `continum init` in your project.\n'));
+
+    process.exit(0);
+  } catch (error) {
+    spinner.fail('Authentication failed');
+    console.log(chalk.red(`\n✗ ${error instanceof Error ? error.message : 'Unknown error'}\n`));
+    process.exit(1);
+  }
+}
+
+function generateRandomState(): string {
+  return Math.random().toString(36).substring(2, 15) + 
+         Math.random().toString(36).substring(2, 15);
+}
+
+function startCallbackServer(expectedState: string): Promise<AuthResponse> {
+  return new Promise((resolve, reject) => {
+    const timeout = setTimeout(() => {
+      server.close();
+      reject(new Error('Authentication timeout (5 minutes)'));
+    }, 5 * 60 * 1000); // 5 minutes
+
+    const server = createServer((req, res) => {
+      const parsedUrl = parse(req.url || '', true);
+
+      if (parsedUrl.pathname === CALLBACK_PATH) {
+        const { state, apiKey, apiUrl, customer, error } = parsedUrl.query;
+
+        // Check for errors
+        if (error) {
+          res.writeHead(400, { 'Content-Type': 'text/html' });
+          res.end(`
+            <!DOCTYPE html>
+            <html>
+              <head>
+                <title>Authentication Failed</title>
+                <style>
+                  body { font-family: system-ui; max-width: 600px; margin: 100px auto; text-align: center; }
+                  .error { color: #dc2626; font-size: 24px; margin-bottom: 20px; }
+                  .message { color: #6b7280; }
+                </style>
+              </head>
+              <body>
+                <div class="error">❌ Authentication Failed</div>
+                <div class="message">${error}</div>
+                <p>You can close this window and try again.</p>
+              </body>
+            </html>
+          `);
+          clearTimeout(timeout);
+          server.close();
+          reject(new Error(error as string));
+          return;
+        }
+
+        // Verify state
+        if (state !== expectedState) {
+          res.writeHead(400, { 'Content-Type': 'text/html' });
+          res.end(`
+            <!DOCTYPE html>
+            <html>
+              <head>
+                <title>Authentication Failed</title>
+                <style>
+                  body { font-family: system-ui; max-width: 600px; margin: 100px auto; text-align: center; }
+                  .error { color: #dc2626; font-size: 24px; margin-bottom: 20px; }
+                </style>
+              </head>
+              <body>
+                <div class="error">❌ Invalid State</div>
+                <p>Security verification failed. Please try again.</p>
+              </body>
+            </html>
+          `);
+          clearTimeout(timeout);
+          server.close();
+          reject(new Error('Invalid state parameter'));
+          return;
+        }
+
+        // Success
+        res.writeHead(200, { 'Content-Type': 'text/html' });
+        res.end(`
+          <!DOCTYPE html>
+          <html>
+            <head>
+              <title>Authentication Successful</title>
+              <style>
+                body { 
+                  font-family: system-ui; 
+                  max-width: 600px; 
+                  margin: 100px auto; 
+                  text-align: center;
+                  background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+                  color: white;
+                  padding: 40px;
+                }
+                .success { font-size: 48px; margin-bottom: 20px; }
+                .title { font-size: 32px; font-weight: bold; margin-bottom: 10px; }
+                .message { font-size: 18px; opacity: 0.9; }
+                .close { 
+                  margin-top: 30px; 
+                  padding: 12px 24px; 
+                  background: white; 
+                  color: #667eea; 
+                  border: none; 
+                  border-radius: 6px; 
+                  font-size: 16px; 
+                  cursor: pointer;
+                  font-weight: 600;
+                }
+                .close:hover { background: #f3f4f6; }
+              </style>
+            </head>
+            <body>
+              <div class="success">✓</div>
+              <div class="title">Authentication Successful!</div>
+              <div class="message">You can now close this window and return to your terminal.</div>
+              <button class="close" onclick="window.close()">Close Window</button>
+              <script>
+                // Auto-close after 3 seconds
+                setTimeout(() => window.close(), 3000);
+              </script>
+            </body>
+          </html>
+        `);
+
+        clearTimeout(timeout);
+        server.close();
+        resolve({
+          apiKey: apiKey as string,
+          apiUrl: apiUrl as string,
+          customer: customer as string,
+        });
+      } else {
+        res.writeHead(404);
+        res.end('Not found');
+      }
+    });
+
+    server.listen(CALLBACK_PORT, () => {
+      // Server started
+    });
+
+    server.on('error', (err) => {
+      clearTimeout(timeout);
+      reject(new Error(`Failed to start callback server: ${err.message}`));
+    });
+  });
+}

package/src/commands/patterns.ts

@@ -0,0 +1,68 @@
+import chalk from 'chalk';
+import { loadCredentials } from '../config/loader';
+import { ContinumApiClient } from '../api/client';
+import { PatternUpdater } from '../scanner/pattern-updater';
+
+export async function patternsUpdateCommand(): Promise<void> {
+  const credentials = loadCredentials();
+
+  if (!credentials.apiUrl || !credentials.apiKey) {
+    console.log(chalk.red('✗ No API credentials configured'));
+    console.log(chalk.gray('  Run `continum init` to set up credentials'));
+    process.exit(1);
+  }
+
+  console.log(chalk.blue('Updating patterns...'));
+
+  try {
+    const client = new ContinumApiClient(credentials.apiUrl, credentials.apiKey);
+    const updater = new PatternUpdater(client);
+    await updater.updatePatterns(true);
+
+    const patterns = updater.loadPatterns();
+    console.log(chalk.green(`✓ Updated ${patterns.length} patterns`));
+  } catch (error) {
+    console.log(chalk.red('✗ Failed to update patterns'));
+    console.log(chalk.gray(`  ${error instanceof Error ? error.message : 'Unknown error'}`));
+    process.exit(1);
+  }
+}
+
+export async function patternsListCommand(): Promise<void> {
+  const credentials = loadCredentials();
+
+  if (!credentials.apiUrl || !credentials.apiKey) {
+    console.log(chalk.red('✗ No API credentials configured'));
+    console.log(chalk.gray('  Run `continum init` to set up credentials'));
+    process.exit(1);
+  }
+
+  try {
+    const client = new ContinumApiClient(credentials.apiUrl, credentials.apiKey);
+    const updater = new PatternUpdater(client);
+    const patterns = updater.loadPatterns();
+
+    console.log(chalk.blue.bold('\n🛡️  Pattern Library\n'));
+
+    const byType: { [key: string]: typeof patterns } = {};
+    patterns.forEach(p => {
+      if (!byType[p.patternType]) {
+        byType[p.patternType] = [];
+      }
+      byType[p.patternType].push(p);
+    });
+
+    for (const [type, typePatterns] of Object.entries(byType)) {
+      console.log(chalk.bold(`\n${type} (${typePatterns.length})`));
+      typePatterns.forEach(p => {
+        console.log(chalk.gray(`  ${p.description}`));
+        console.log(chalk.gray(`  Pattern: ${p.pattern}`));
+        console.log(chalk.gray(`  Severity: ${p.severity}\n`));
+      });
+    }
+  } catch (error) {
+    console.log(chalk.red('✗ Failed to load patterns'));
+    console.log(chalk.gray(`  ${error instanceof Error ? error.message : 'Unknown error'}`));
+    process.exit(1);
+  }
+}