@empline/preflight 1.1.4 → 1.1.6

package/dist/checks/auth/auth-error-handling.d.ts

@@ -0,0 +1,18 @@
+/**
+ * Auth Error Handling Preflight
+ *
+ * Detects client components that make authenticated API calls without proper
+ * auth error handling. This prevents confusing "Seller account required" or
+ * similar errors when the session has expired but the UI still shows as logged in.
+ *
+ * What it checks:
+ * 1. Client components using fetch() to /api/store/* endpoints
+ * 2. Whether they use authFetch or have explicit auth error handling
+ * 3. Flags components that may show confusing errors on stale sessions
+ *
+ * Fix:
+ * Replace `fetch("/api/store/...")` with `authFetch("/api/store/...")`
+ * from "@/lib/auth-fetch"
+ */
+export {};
+//# sourceMappingURL=auth-error-handling.d.ts.map

package/dist/checks/auth/auth-error-handling.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-error-handling.d.ts","sourceRoot":"","sources":["../../../src/checks/auth/auth-error-handling.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG"}

package/dist/checks/auth/auth-error-handling.js

@@ -0,0 +1,257 @@
+"use strict";
+/**
+ * Auth Error Handling Preflight
+ *
+ * Detects client components that make authenticated API calls without proper
+ * auth error handling. This prevents confusing "Seller account required" or
+ * similar errors when the session has expired but the UI still shows as logged in.
+ *
+ * What it checks:
+ * 1. Client components using fetch() to /api/store/* endpoints
+ * 2. Whether they use authFetch or have explicit auth error handling
+ * 3. Flags components that may show confusing errors on stale sessions
+ *
+ * Fix:
+ * Replace `fetch("/api/store/...")` with `authFetch("/api/store/...")`
+ * from "@/lib/auth-fetch"
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+// Direct execution - parse args manually
+const args = process.argv.slice(2);
+const jsonOutput = args.includes("--json");
+const showAll = args.includes("--all");
+/** Protected API prefixes that require authentication */
+const PROTECTED_API_PREFIXES = [
+    "/api/store/",
+    "/api/admin/",
+    "/api/seller/",
+    "/api/account/",
+    "/api/listings/bulk",
+    "/api/listings/save",
+    "/api/listings/submit",
+    "/api/listings/create",
+    "/api/listings/delete",
+    "/api/listings/load",
+];
+/** Files/patterns to skip */
+const SKIP_PATTERNS = [
+    "node_modules",
+    ".next",
+    "dist",
+    ".test.",
+    ".spec.",
+    "__tests__",
+    "__mocks__",
+];
+function shouldSkipFile(filePath) {
+    return SKIP_PATTERNS.some((pattern) => filePath.includes(pattern));
+}
+function isClientComponent(content) {
+    return content.trimStart().startsWith('"use client"') ||
+        content.trimStart().startsWith("'use client'");
+}
+function isProtectedEndpoint(endpoint) {
+    return PROTECTED_API_PREFIXES.some((prefix) => endpoint.includes(prefix));
+}
+function hasAuthFetchImport(content) {
+    return content.includes("from \"@/lib/auth-fetch\"") ||
+        content.includes("from '@/lib/auth-fetch'") ||
+        content.includes("authFetch");
+}
+function hasExplicitAuthHandling(content, lineIndex) {
+    // Check if there's auth error handling within ~30 lines after the fetch
+    const lines = content.split("\n");
+    const contextLines = lines.slice(lineIndex, lineIndex + 30).join("\n").toLowerCase();
+    // Patterns that indicate auth error handling
+    const authHandlingPatterns = [
+        "401",
+        "403",
+        "unauthorized",
+        "forbidden",
+        "session",
+        "signin",
+        "signout",
+        "login",
+        "logout",
+        "redirect",
+        "onunauthorized",
+        "onforbidden",
+        "handleapierror",
+    ];
+    return authHandlingPatterns.some((pattern) => contextLines.includes(pattern));
+}
+function extractEndpoint(line) {
+    // Match fetch("/api/...") or fetch('/api/...')
+    const match = line.match(/fetch\s*\(\s*["'`](\/api[^"'`]+)["'`]/);
+    if (match) {
+        return match[1] || null;
+    }
+    // Match fetch(url) where url contains /api/
+    if (line.includes("fetch") && line.includes("/api/")) {
+        const apiMatch = line.match(/["'`](\/api[^"'`]+)["'`]/);
+        return apiMatch?.[1] || "/api/... (dynamic)";
+    }
+    return null;
+}
+function scanFile(filePath) {
+    const issues = [];
+    try {
+        const content = fs.readFileSync(filePath, "utf-8");
+        // Only check client components
+        if (!isClientComponent(content)) {
+            return issues;
+        }
+        // If the file already uses authFetch, it's good
+        if (hasAuthFetchImport(content)) {
+            return issues;
+        }
+        const lines = content.split("\n");
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i] || "";
+            // Skip comments
+            if (line.trim().startsWith("//") || line.trim().startsWith("*")) {
+                continue;
+            }
+            // Check for fetch calls
+            if (line.includes("fetch(") || line.includes("fetch (")) {
+                const endpoint = extractEndpoint(line);
+                if (endpoint && isProtectedEndpoint(endpoint)) {
+                    // Check if there's explicit auth handling nearby
+                    if (!hasExplicitAuthHandling(content, i)) {
+                        issues.push({
+                            file: filePath,
+                            line: i + 1,
+                            endpoint,
+                            severity: "warning",
+                            message: `Unprotected fetch to authenticated endpoint. Use authFetch from "@/lib/auth-fetch" to handle stale session errors.`,
+                        });
+                    }
+                }
+            }
+        }
+    }
+    catch (error) {
+        // Skip files that can't be read
+    }
+    return issues;
+}
+function findClientComponents(dir) {
+    const files = [];
+    function walk(directory) {
+        try {
+            const entries = fs.readdirSync(directory, { withFileTypes: true });
+            for (const entry of entries) {
+                const fullPath = path.join(directory, entry.name);
+                if (shouldSkipFile(fullPath)) {
+                    continue;
+                }
+                if (entry.isDirectory()) {
+                    walk(fullPath);
+                }
+                else if (entry.isFile() && /\.(tsx?|jsx?)$/.test(entry.name)) {
+                    files.push(fullPath);
+                }
+            }
+        }
+        catch {
+            // Skip directories that can't be read
+        }
+    }
+    walk(dir);
+    return files;
+}
+function main() {
+    const projectRoot = process.cwd();
+    const scanDirs = ["app", "components", "lib"].map((d) => path.join(projectRoot, d));
+    let allFiles = [];
+    for (const dir of scanDirs) {
+        if (fs.existsSync(dir)) {
+            allFiles = allFiles.concat(findClientComponents(dir));
+        }
+    }
+    const allIssues = [];
+    for (const file of allFiles) {
+        const issues = scanFile(file);
+        allIssues.push(...issues);
+    }
+    // Output results
+    if (jsonOutput) {
+        console.log(JSON.stringify(allIssues, null, 2));
+        process.exit(allIssues.length > 0 ? 1 : 0);
+    }
+    // Human-readable output
+    console.log("");
+    console.log("🔐 Auth Error Handling Preflight");
+    console.log("━".repeat(50));
+    if (allIssues.length === 0) {
+        console.log("✅ No issues found. All authenticated endpoints are properly protected.");
+        process.exit(0);
+    }
+    console.log(`⚠️  Found ${allIssues.length} unprotected authenticated API calls\n`);
+    // Group by file
+    const byFile = new Map();
+    for (const issue of allIssues) {
+        const relativePath = path.relative(projectRoot, issue.file);
+        if (!byFile.has(relativePath)) {
+            byFile.set(relativePath, []);
+        }
+        byFile.get(relativePath).push(issue);
+    }
+    // Display (limit to 10 files unless --all)
+    const entries = [...byFile.entries()];
+    const displayEntries = showAll ? entries : entries.slice(0, 10);
+    for (const [file, issues] of displayEntries) {
+        console.log(`📁 ${file}`);
+        for (const issue of issues) {
+            console.log(`   Line ${issue.line}: ${issue.endpoint}`);
+        }
+        console.log("");
+    }
+    if (!showAll && entries.length > 10) {
+        console.log(`   ... and ${entries.length - 10} more files`);
+        console.log(`   Use --all to see all issues`);
+        console.log("");
+    }
+    console.log("━".repeat(50));
+    console.log(`\n🔧 Fix: Replace fetch("/api/store/...") with authFetch("/api/store/...")`);
+    console.log(`   Import: import { authFetch } from "@/lib/auth-fetch";`);
+    console.log("");
+    process.exit(1);
+}
+main();
+//# sourceMappingURL=auth-error-handling.js.map

package/dist/checks/auth/auth-error-handling.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-error-handling.js","sourceRoot":"","sources":["../../../src/checks/auth/auth-error-handling.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;GAeG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAE7B,yCAAyC;AACzC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnC,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAC3C,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AAUvC,yDAAyD;AACzD,MAAM,sBAAsB,GAAG;IAC7B,aAAa;IACb,aAAa;IACb,cAAc;IACd,eAAe;IACf,oBAAoB;IACpB,oBAAoB;IACpB,sBAAsB;IACtB,sBAAsB;IACtB,sBAAsB;IACtB,oBAAoB;CACrB,CAAC;AAEF,6BAA6B;AAC7B,MAAM,aAAa,GAAG;IACpB,cAAc;IACd,OAAO;IACP,MAAM;IACN,QAAQ;IACR,QAAQ;IACR,WAAW;IACX,WAAW;CACZ,CAAC;AAEF,SAAS,cAAc,CAAC,QAAgB;IACtC,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;AACrE,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAe;IACxC,OAAO,OAAO,CAAC,SAAS,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC;QAC9C,OAAO,CAAC,SAAS,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,mBAAmB,CAAC,QAAgB;IAC3C,OAAO,sBAAsB,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;AAC5E,CAAC;AAED,SAAS,kBAAkB,CAAC,OAAe;IACzC,OAAO,OAAO,CAAC,QAAQ,CAAC,2BAA2B,CAAC;QAC7C,OAAO,CAAC,QAAQ,CAAC,yBAAyB,CAAC;QAC3C,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AACvC,CAAC;AAED,SAAS,uBAAuB,CAAC,OAAe,EAAE,SAAiB;IACjE,wEAAwE;IACxE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,SAAS,EAAE,SAAS,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;IAErF,6CAA6C;IAC7C,MAAM,oBAAoB,GAAG;QAC3B,KAAK;QACL,KAAK;QACL,cAAc;QACd,WAAW;QACX,SAAS;QACT,QAAQ;QACR,SAAS;QACT,OAAO;QACP,QAAQ;QACR,UAAU;QACV,gBAAgB;QAChB,aAAa;QACb,gBAAgB;KACjB,CAAC;IAEF,OAAO,oBAAoB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;AAChF,CAAC;AAED,SAAS,eAAe,CAAC,IAAY;IACnC,+CAA+C;IAC/C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,uCAAuC,CAAC,CAAC;IAClE,IAAI,KAAK,EAAE,CAAC;QACV,OAAO,KAAK,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;IAC1B,CAAC;IAED,4CAA4C;IAC5C,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QACrD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;QACxD,OAAO,QAAQ,EAAE,CAAC,CAAC,CAAC,IAAI,oBAAoB,CAAC;IAC/C,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,QAAQ,CAAC,QAAgB;IAChC,MAAM,MAAM,GAAY,EAAE,CAAC;IAE3B,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAEnD,+BAA+B;QAC/B,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,EAAE,CAAC;YAChC,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,gDAAgD;QAChD,IAAI,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;YAChC,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAE5B,gBAAgB;YAChB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBAChE,SAAS;YACX,CAAC;YAED,wBAAwB;YACxB,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBACxD,MAAM,QAAQ,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;gBAEvC,IAAI,QAAQ,IAAI,mBAAmB,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC9C,iDAAiD;oBACjD,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC;wBACzC,MAAM,CAAC,IAAI,CAAC;4BACV,IAAI,EAAE,QAAQ;4BACd,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,QAAQ;4BACR,QAAQ,EAAE,SAAS;4BACnB,OAAO,EAAE,oHAAoH;yBAC9H,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,gCAAgC;IAClC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,oBAAoB,CAAC,GAAW;IACvC,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,SAAS,IAAI,CAAC,SAAiB;QAC7B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,SAAS,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;YAEnE,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;gBAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElD,IAAI,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC7B,SAAS;gBACX,CAAC;gBAED,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;oBACxB,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACjB,CAAC;qBAAM,IAAI,KAAK,CAAC,MAAM,EAAE,IAAI,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC/D,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,sCAAsC;QACxC,CAAC;IACH,CAAC;IAED,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,IAAI;IACX,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAClC,MAAM,QAAQ,GAAG,CAAC,KAAK,EAAE,YAAY,EAAE,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAC;IAEpF,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC3B,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACvB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAED,MAAM,SAAS,GAAY,EAAE,CAAC;IAE9B,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC9B,SAAS,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC;IAC5B,CAAC;IAED,iBAAiB;IACjB,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAChD,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC;IAED,wBAAwB;IACxB,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5B,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,wEAAwE,CAAC,CAAC;QACtF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,aAAa,SAAS,CAAC,MAAM,wCAAwC,CAAC,CAAC;IAEnF,gBAAgB;IAChB,MAAM,MAAM,GAAG,IAAI,GAAG,EAAmB,CAAC;IAC1C,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;QAC9B,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;QAC5D,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;YAC9B,MAAM,CAAC,GAAG,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QAC/B,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,YAAY,CAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACxC,CAAC;IAED,2CAA2C;IAC3C,MAAM,OAAO,GAAG,CAAC,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IACtC,MAAM,cAAc,GAAG,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEhE,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,cAAc,EAAE,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC;QAC1B,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,cAAc,OAAO,CAAC,MAAM,GAAG,EAAE,aAAa,CAAC,CAAC;QAC5D,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5B,OAAO,CAAC,GAAG,CAAC,4EAA4E,CAAC,CAAC;IAC1F,OAAO,CAAC,GAAG,CAAC,0DAA0D,CAAC,CAAC;IACxE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEhB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,IAAI,EAAE,CAAC"}

package/dist/checks/tailwind/undefined-tailwind-utilities.d.ts

@@ -0,0 +1,29 @@
+#!/usr/bin/env tsx
+/**
+ * Undefined Tailwind Utilities Preflight (BLOCKING)
+ *
+ * Detects Tailwind utility classes that reference undefined CSS variables.
+ * This prevents invisible UI elements caused by missing theme tokens.
+ *
+ * Common issue detected:
+ * - `bg-background` used when theme defines `--bg-primary` instead of `--background`
+ * - Other utility classes that expect shadcn-style CSS variables
+ *
+ * Why this matters:
+ * - Using undefined CSS variables results in invisible elements
+ * - Components may appear broken (e.g., toggle thumbs not visible)
+ * - These issues are hard to detect visually until specific states are reached
+ *
+ * Usage:
+ *   pnpm preflight:undefined-tailwind-utilities
+ *   pnpm preflight:undefined-tailwind-utilities --verbose
+ */
+export declare const id = "tailwind/undefined-tailwind-utilities";
+export declare const name = "Undefined Tailwind Utilities";
+export declare const category = "tailwind";
+export declare const blocking = true;
+export declare const description = "Detects Tailwind classes using undefined CSS variables (BLOCKING)";
+export declare const tags: string[];
+export declare const requires: string[];
+export declare function run(): Promise<void>;
+//# sourceMappingURL=undefined-tailwind-utilities.d.ts.map

package/dist/checks/tailwind/undefined-tailwind-utilities.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"undefined-tailwind-utilities.d.ts","sourceRoot":"","sources":["../../../src/checks/tailwind/undefined-tailwind-utilities.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;;;GAkBG;AASH,eAAO,MAAM,EAAE,0CAA0C,CAAC;AAC1D,eAAO,MAAM,IAAI,iCAAiC,CAAC;AACnD,eAAO,MAAM,QAAQ,aAAa,CAAC;AACnC,eAAO,MAAM,QAAQ,OAAO,CAAC;AAC7B,eAAO,MAAM,WAAW,sEAAsE,CAAC;AAC/F,eAAO,MAAM,IAAI,UAAiD,CAAC;AACnE,eAAO,MAAM,QAAQ,UAAkB,CAAC;AAoLxC,wBAAsB,GAAG,IAAI,OAAO,CAAC,IAAI,CAAC,CAuHzC"}

package/dist/checks/tailwind/undefined-tailwind-utilities.js

@@ -0,0 +1,337 @@
+#!/usr/bin/env tsx
+"use strict";
+/**
+ * Undefined Tailwind Utilities Preflight (BLOCKING)
+ *
+ * Detects Tailwind utility classes that reference undefined CSS variables.
+ * This prevents invisible UI elements caused by missing theme tokens.
+ *
+ * Common issue detected:
+ * - `bg-background` used when theme defines `--bg-primary` instead of `--background`
+ * - Other utility classes that expect shadcn-style CSS variables
+ *
+ * Why this matters:
+ * - Using undefined CSS variables results in invisible elements
+ * - Components may appear broken (e.g., toggle thumbs not visible)
+ * - These issues are hard to detect visually until specific states are reached
+ *
+ * Usage:
+ *   pnpm preflight:undefined-tailwind-utilities
+ *   pnpm preflight:undefined-tailwind-utilities --verbose
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.requires = exports.tags = exports.description = exports.blocking = exports.category = exports.name = exports.id = void 0;
+exports.run = run;
+const fs = __importStar(require("fs"));
+const file_cache_1 = require("../../shared/file-cache");
+const glob_patterns_1 = require("../../shared/glob-patterns");
+const console_chars_1 = require("../../utils/console-chars");
+const universal_progress_reporter_1 = require("../system/universal-progress-reporter");
+// Check metadata
+exports.id = "tailwind/undefined-tailwind-utilities";
+exports.name = "Undefined Tailwind Utilities";
+exports.category = "tailwind";
+exports.blocking = true;
+exports.description = "Detects Tailwind classes using undefined CSS variables (BLOCKING)";
+exports.tags = ["tailwind", "css-variables", "theming", "ui"];
+exports.requires = ["tailwindcss"];
+const EXCLUDED = (0, glob_patterns_1.extendExcludes)(glob_patterns_1.STANDARD_EXCLUDES, [
+    "**/test-results/**",
+    "**/*.test.tsx",
+    "**/*.spec.tsx",
+    "**/*.stories.tsx",
+]);
+/**
+ * Tailwind utility classes that rely on CSS variables not defined in our theme.
+ * These often come from copying shadcn/ui components that expect different variable names.
+ *
+ * Patterns use (?:\/\d+)? to optionally match opacity modifiers like /20, /50, etc.
+ *
+ * Format: { pattern, name, message, suggestion, severity }
+ */
+const UNDEFINED_UTILITIES = [
+    {
+        // shadcn expects --background, we use --bg-primary
+        pattern: /\bbg-background(?:\/\d+)?\b/g,
+        name: "bg-background",
+        message: "bg-background uses undefined --background CSS variable",
+        suggestion: "Use bg-white, bg-[var(--bg-primary)], or appropriate color class",
+        severity: "error",
+    },
+    {
+        // shadcn expects --foreground, we use --text-primary
+        pattern: /\btext-foreground(?:\/\d+)?\b/g,
+        name: "text-foreground",
+        message: "text-foreground uses undefined --foreground CSS variable",
+        suggestion: "Use text-[var(--text-primary)] or appropriate color class",
+        severity: "error",
+    },
+    {
+        // shadcn expects --muted, we use --text-secondary or --bg-tertiary
+        // Matches: bg-muted, bg-muted/20, bg-muted/50, etc.
+        pattern: /\bbg-muted(?:\/\d+)?\b/g,
+        name: "bg-muted",
+        message: "bg-muted uses undefined --muted CSS variable",
+        suggestion: "Use bg-[var(--bg-tertiary)] or bg-[var(--bg-tertiary)]/20 for opacity",
+        severity: "error",
+    },
+    {
+        // Matches: text-muted-foreground, text-muted-foreground/70, etc.
+        pattern: /\btext-muted-foreground(?:\/\d+)?\b/g,
+        name: "text-muted-foreground",
+        message: "text-muted-foreground uses undefined --muted-foreground CSS variable",
+        suggestion: "Use text-[var(--text-secondary)] or text-[var(--text-secondary)]/70 for opacity",
+        severity: "error",
+    },
+    {
+        // shadcn expects --card, we use --bg-primary
+        pattern: /\bbg-card(?:\/\d+)?\b/g,
+        name: "bg-card",
+        message: "bg-card uses undefined --card CSS variable",
+        suggestion: "Use bg-[var(--bg-primary)] or appropriate color class",
+        severity: "error",
+    },
+    {
+        // shadcn expects --popover
+        pattern: /\bbg-popover(?:\/\d+)?\b/g,
+        name: "bg-popover",
+        message: "bg-popover uses undefined --popover CSS variable",
+        suggestion: "Use bg-[var(--bg-primary)] or bg-white for popover backgrounds",
+        severity: "error",
+    },
+    {
+        // shadcn expects --accent
+        pattern: /\bbg-accent(?:\/\d+)?\b/g,
+        name: "bg-accent",
+        message: "bg-accent uses undefined --accent CSS variable",
+        suggestion: "Use bg-[var(--color-primary-light)] or appropriate accent color",
+        severity: "warning",
+    },
+    {
+        pattern: /\btext-accent-foreground(?:\/\d+)?\b/g,
+        name: "text-accent-foreground",
+        message: "text-accent-foreground uses undefined --accent-foreground CSS variable",
+        suggestion: "Use text-[var(--color-primary)] or appropriate color class",
+        severity: "warning",
+    },
+    {
+        // shadcn expects --border, we use --border-color
+        pattern: /\bborder-border(?:\/\d+)?\b/g,
+        name: "border-border",
+        message: "border-border uses undefined --border CSS variable",
+        suggestion: "Use border-[var(--border-color)] instead",
+        severity: "error",
+    },
+    {
+        // shadcn expects --input
+        pattern: /\bbg-input(?:\/\d+)?\b/g,
+        name: "bg-input",
+        message: "bg-input uses undefined --input CSS variable",
+        suggestion: "Use bg-[var(--bg-secondary)] or bg-white for input backgrounds",
+        severity: "warning",
+    },
+    {
+        // shadcn expects --ring
+        pattern: /\bring-ring(?:\/\d+)?\b/g,
+        name: "ring-ring",
+        message: "ring-ring uses undefined --ring CSS variable",
+        suggestion: "Use ring-[var(--color-primary)] for focus rings",
+        severity: "warning",
+    },
+    {
+        // shadcn expects --destructive
+        pattern: /\bbg-destructive(?:\/\d+)?\b/g,
+        name: "bg-destructive",
+        message: "bg-destructive uses undefined --destructive CSS variable",
+        suggestion: "Use bg-[var(--error-main)] for destructive/error backgrounds",
+        severity: "warning",
+    },
+    {
+        pattern: /\btext-destructive(?:\/\d+)?\b/g,
+        name: "text-destructive",
+        message: "text-destructive uses undefined --destructive CSS variable",
+        suggestion: "Use text-[var(--error-main)] for error text",
+        severity: "warning",
+    },
+];
+function checkFile(filePath, content) {
+    const issues = [];
+    const lines = content.split("\n");
+    for (const utility of UNDEFINED_UTILITIES) {
+        let match;
+        // Reset lastIndex for global regex
+        utility.pattern.lastIndex = 0;
+        while ((match = utility.pattern.exec(content)) !== null) {
+            // Find line number
+            let lineNumber = 1;
+            let charCount = 0;
+            for (let i = 0; i < lines.length; i++) {
+                charCount += lines[i].length + 1;
+                if (charCount > match.index) {
+                    lineNumber = i + 1;
+                    break;
+                }
+            }
+            issues.push({
+                file: filePath,
+                line: lineNumber,
+                type: utility.name,
+                severity: utility.severity,
+                message: utility.message,
+                suggestion: utility.suggestion,
+                snippet: lines[lineNumber - 1]?.trim().substring(0, 100),
+                match: match[0],
+            });
+        }
+    }
+    return issues;
+}
+// CACHED FILE LISTS
+let _cachedComponentFiles = null;
+async function getComponentFiles() {
+    if (!_cachedComponentFiles) {
+        _cachedComponentFiles = await file_cache_1.fileCache.getComponentFiles();
+    }
+    return _cachedComponentFiles;
+}
+async function run() {
+    const reporter = (0, universal_progress_reporter_1.createUniversalProgressReporter)(exports.name);
+    const args = process.argv.slice(2);
+    const verbose = args.includes("--verbose") || args.includes("-v");
+    const warnOnly = args.includes("--warn") || args.includes("-w");
+    console.log(`\n${console_chars_1.emoji.palette} Undefined Tailwind Utilities Preflight`);
+    console.log((0, console_chars_1.createDivider)(80, "heavy"));
+    if (warnOnly) {
+        console.log(`${console_chars_1.emoji.warning}  Running in warning mode - not blocking.\n`);
+    }
+    const startTime = Date.now();
+    const allIssues = [];
+    // Find all component files
+    const files = await getComponentFiles();
+    let filesScanned = 0;
+    for (const file of files) {
+        try {
+            const content = fs.readFileSync(file, "utf-8");
+            filesScanned++;
+            allIssues.push(...checkFile(file, content));
+        }
+        catch (error) {
+            if (verbose) {
+                console.error(`${console_chars_1.emoji.warning}  Error reading ${file}: ${error.message}`);
+            }
+        }
+    }
+    const duration = Date.now() - startTime;
+    // Report results
+    console.log(`\n${console_chars_1.emoji.chart} Scan Summary:`);
+    console.log(`   Files scanned: ${filesScanned}`);
+    console.log(`   Duration: ${duration}ms`);
+    const errors = allIssues.filter((i) => i.severity === "error");
+    const warnings = allIssues.filter((i) => i.severity === "warning");
+    const infos = allIssues.filter((i) => i.severity === "info");
+    if (allIssues.length === 0) {
+        console.log(`\n${console_chars_1.emoji.success} No undefined Tailwind utility classes found`);
+        console.log(`   All CSS variable references are valid.`);
+        process.exit(0);
+    }
+    // Group by type
+    const byType = new Map();
+    for (const issue of allIssues) {
+        const existing = byType.get(issue.type) || [];
+        existing.push(issue);
+        byType.set(issue.type, existing);
+    }
+    console.log(`\n${console_chars_1.emoji.clipboard} Issues Found:`);
+    console.log(`   ${console_chars_1.emoji.error} Errors: ${errors.length}`);
+    console.log(`   ${console_chars_1.emoji.warning}  Warnings: ${warnings.length}`);
+    console.log(`   ${console_chars_1.emoji.info}  Info: ${infos.length}`);
+    // Print issues by type
+    for (const [type, issues] of byType) {
+        const icon = issues[0].severity === "error"
+            ? `${console_chars_1.emoji.error}`
+            : issues[0].severity === "warning"
+                ? `${console_chars_1.emoji.warning}`
+                : `${console_chars_1.emoji.info}`;
+        console.log(`\n${icon} ${type} (${issues.length} occurrences)`);
+        if (verbose) {
+            for (const issue of issues.slice(0, 5)) {
+                console.log(`   ${issue.file}:${issue.line}`);
+                console.log(`   ${issue.message}`);
+                console.log(`   ${console_chars_1.emoji.hint} ${issue.suggestion}`);
+                if (issue.snippet) {
+                    console.log(`   ${console_chars_1.emoji.memo} ${issue.snippet}`);
+                }
+                console.log("");
+            }
+            if (issues.length > 5) {
+                console.log(`   ... and ${issues.length - 5} more`);
+            }
+        }
+        else {
+            console.log(`   ${issues[0].message}`);
+            console.log(`   ${console_chars_1.emoji.hint} ${issues[0].suggestion}`);
+        }
+    }
+    // Print background info
+    console.log(`\n${console_chars_1.emoji.docs} Background:`);
+    console.log(`   This project uses custom CSS variable names (--bg-primary,`);
+    console.log(`   --text-primary, etc.) instead of shadcn defaults (--background,`);
+    console.log(`   --foreground, etc.). Using shadcn-style classes results in`);
+    console.log(`   undefined colors and invisible UI elements.`);
+    console.log("");
+    console.log(`${console_chars_1.emoji.hint} Common fixes:`);
+    console.log(`   • bg-background   → bg-white or bg-[var(--bg-primary)]`);
+    console.log(`   • text-foreground → text-[var(--text-primary)]`);
+    console.log(`   • bg-muted        → bg-[var(--bg-tertiary)]`);
+    console.log(`   • border-border   → border-[var(--border-color)]`);
+    // Exit code
+    if (warnOnly) {
+        console.log(`\n${console_chars_1.emoji.warning}  Running in warning mode - not blocking`);
+        process.exit(0);
+    }
+    if (errors.length > 0) {
+        console.log(`\n⛔ ${errors.length} blocking issue(s) found. Fix before deploying.`);
+        console.log(`   These will cause invisible or broken UI elements.`);
+        process.exit(1);
+    }
+    console.log(`\n${console_chars_1.emoji.success} No blocking issues (warnings/info only)`);
+    process.exit(0);
+}
+// Allow direct execution
+if (require.main === module) {
+    run().catch(console.error);
+}
+//# sourceMappingURL=undefined-tailwind-utilities.js.map