@girardmedia/bootspring 1.2.0 → 2.0.3

package/cli/project.js

@@ -0,0 +1,436 @@
+/**
+ * Bootspring Project Command
+ *
+ * Manage projects from the CLI.
+ *
+ * @package bootspring
+ * @module cli/project
+ */
+
+const https = require('https');
+const http = require('http');
+const auth = require('../core/auth');
+const session = require('../core/session');
+const readline = require('readline');
+
+const API_BASE = process.env.BOOTSPRING_API_URL || 'https://www.bootspring.com';
+
+/**
+ * Make direct API request (without v1 prefix)
+ */
+async function apiRequest(method, path, data = null) {
+  const token = auth.getToken();
+  const apiKey = auth.getApiKey();
+  const url = new URL(`/api${path}`, API_BASE);
+  const isHttps = url.protocol === 'https:';
+  const httpModule = isHttps ? https : http;
+
+  const headers = {
+    'Content-Type': 'application/json',
+    'User-Agent': `bootspring-cli/${require('../package.json').version}`,
+  };
+
+  // Use API key if available, otherwise use JWT token
+  if (apiKey) {
+    headers['X-API-Key'] = apiKey;
+  } else if (token) {
+    headers['Authorization'] = `Bearer ${token}`;
+  }
+
+  return new Promise((resolve, reject) => {
+    const req = httpModule.request(url, {
+      method,
+      headers,
+      timeout: 30000
+    }, (res) => {
+      let body = '';
+      res.on('data', chunk => body += chunk);
+      res.on('end', () => {
+        try {
+          const json = JSON.parse(body);
+          if (res.statusCode >= 400) {
+            const error = new Error(json.message || json.error || 'API Error');
+            error.status = res.statusCode;
+            error.code = json.error || json.code;
+            reject(error);
+          } else {
+            resolve(json);
+          }
+        } catch {
+          if (res.statusCode >= 400) {
+            const error = new Error(body || 'API Error');
+            error.status = res.statusCode;
+            reject(error);
+          } else {
+            resolve(body);
+          }
+        }
+      });
+    });
+
+    req.on('error', reject);
+    req.on('timeout', () => {
+      req.destroy();
+      reject(new Error('Request timeout'));
+    });
+
+    if (data) {
+      req.write(JSON.stringify(data));
+    }
+    req.end();
+  });
+}
+
+const BRAND = {
+  name: 'Bootspring',
+  color: '\x1b[36m',
+  reset: '\x1b[0m',
+  bold: '\x1b[1m',
+  dim: '\x1b[2m',
+  green: '\x1b[32m',
+  yellow: '\x1b[33m',
+  red: '\x1b[31m'
+};
+
+/**
+ * Prompt for input
+ */
+function prompt(question) {
+  const rl = readline.createInterface({
+    input: process.stdin,
+    output: process.stdout
+  });
+
+  return new Promise((resolve) => {
+    rl.question(question, (answer) => {
+      rl.close();
+      resolve(answer.trim());
+    });
+  });
+}
+
+/**
+ * Print a single project
+ */
+function printProject(project, currentProject, showOwner = false) {
+  const isCurrent = currentProject && currentProject.id === project.id;
+  const marker = isCurrent ? `${BRAND.green}→${BRAND.reset} ` : '  ';
+  const activeTag = project.isActive ? '' : ` ${BRAND.dim}(inactive)${BRAND.reset}`;
+  const roleTag = project.role && project.role !== 'owner' ? ` ${BRAND.dim}(${project.role})${BRAND.reset}` : '';
+
+  console.log(`${marker}${BRAND.color}${project.name}${BRAND.reset}${roleTag}${activeTag}`);
+  console.log(`    ${BRAND.dim}ID: ${project.id}${BRAND.reset}`);
+  console.log(`    ${BRAND.dim}Slug: ${project.slug}${BRAND.reset}`);
+  if (showOwner && project.owner) {
+    console.log(`    ${BRAND.dim}Owner: ${project.owner.email}${BRAND.reset}`);
+  }
+  if (project.description) {
+    console.log(`    ${BRAND.dim}${project.description}${BRAND.reset}`);
+  }
+  console.log(`    ${BRAND.dim}API Keys: ${project.apiKeyCount}${BRAND.reset}`);
+  if (project.memberCount > 1) {
+    console.log(`    ${BRAND.dim}Members: ${project.memberCount}${BRAND.reset}`);
+  }
+  console.log();
+}
+
+/**
+ * List all projects (owned and shared)
+ */
+async function listProjects() {
+  if (!auth.isAuthenticated()) {
+    console.log(`${BRAND.red}Not logged in.${BRAND.reset} Run: bootspring auth login`);
+    process.exit(1);
+  }
+
+  try {
+    const response = await apiRequest('GET', '/projects?grouped=true');
+    const owned = response.owned || [];
+    const shared = response.shared || [];
+
+    if (owned.length === 0 && shared.length === 0) {
+      console.log(`\n${BRAND.dim}No projects found.${BRAND.reset}`);
+      console.log(`Create one with: ${BRAND.color}bootspring project create${BRAND.reset}\n`);
+      return;
+    }
+
+    const currentProject = session.getEffectiveProject();
+
+    // Show owned projects
+    if (owned.length > 0) {
+      console.log(`\n${BRAND.bold}Your Projects${BRAND.reset}\n`);
+      for (const project of owned) {
+        printProject(project, currentProject, false);
+      }
+    }
+
+    // Show shared projects
+    if (shared.length > 0) {
+      console.log(`${BRAND.bold}Shared With You${BRAND.reset}\n`);
+      for (const project of shared) {
+        printProject(project, currentProject, true);
+      }
+    }
+
+    console.log(`${BRAND.dim}Limits: ${response.limits.current}/${response.limits.limit} projects${BRAND.reset}\n`);
+  } catch (error) {
+    console.log(`${BRAND.red}Error: ${error.message}${BRAND.reset}`);
+    process.exit(1);
+  }
+}
+
+/**
+ * Parse flags from args
+ */
+function parseFlags(args) {
+  const flags = {};
+  const positional = [];
+
+  for (let i = 0; i < args.length; i++) {
+    const arg = args[i];
+    if (arg.startsWith('--')) {
+      const [key, ...valueParts] = arg.slice(2).split('=');
+      flags[key] = valueParts.length > 0 ? valueParts.join('=') : (args[i + 1] && !args[i + 1].startsWith('-') ? args[++i] : true);
+    } else if (arg.startsWith('-')) {
+      flags[arg.slice(1)] = args[i + 1] && !args[i + 1].startsWith('-') ? args[++i] : true;
+    } else {
+      positional.push(arg);
+    }
+  }
+
+  return { flags, positional };
+}
+
+/**
+ * Check for similar projects (duplicate detection)
+ */
+async function checkSimilarProjects(name, repoUrl) {
+  try {
+    const params = new URLSearchParams();
+    if (name) params.set('name', name);
+    if (repoUrl) params.set('repo', repoUrl);
+
+    const response = await apiRequest('GET', `/projects/similar?${params.toString()}`);
+    return response.matches || [];
+  } catch (error) {
+    // Don't block creation if similar check fails
+    console.log(`${BRAND.dim}(Could not check for similar projects)${BRAND.reset}`);
+    return [];
+  }
+}
+
+/**
+ * Join an existing project as a member
+ */
+async function joinProject(projectId) {
+  try {
+    // Get current user's email to add themselves
+    // For now, we'll inform the user to request access
+    console.log(`\n${BRAND.yellow}To join this project, ask the owner to add you as a member.${BRAND.reset}`);
+    console.log(`${BRAND.dim}They can do this from the project settings in the dashboard.${BRAND.reset}\n`);
+    return false;
+  } catch (error) {
+    console.log(`${BRAND.red}Error joining project: ${error.message}${BRAND.reset}`);
+    return false;
+  }
+}
+
+/**
+ * Create a new project
+ */
+async function createProject(args) {
+  if (!auth.isAuthenticated()) {
+    console.log(`${BRAND.red}Not logged in.${BRAND.reset} Run: bootspring auth login`);
+    process.exit(1);
+  }
+
+  const { flags, positional } = parseFlags(args);
+  const isNonInteractive = flags.y || flags.yes || !process.stdin.isTTY;
+  const skipDuplicateCheck = flags['skip-duplicate-check'] || flags.force;
+
+  console.log(`\n${BRAND.bold}Create New Project${BRAND.reset}\n`);
+
+  // Get project name from args or prompt
+  let name = positional[0] || flags.name;
+  if (!name && !isNonInteractive) {
+    name = await prompt(`${BRAND.color}Project name:${BRAND.reset} `);
+  }
+
+  if (!name || name.trim().length === 0) {
+    console.log(`${BRAND.red}Project name is required.${BRAND.reset}`);
+    console.log(`\n${BRAND.dim}Usage: bootspring project create <name> [--description "..."] [--framework nodejs] [-y]${BRAND.reset}\n`);
+    process.exit(1);
+  }
+
+  // Get repository URL from flag
+  const repoUrl = flags.repo || flags.repository;
+
+  // Check for similar projects (duplicate detection)
+  if (!skipDuplicateCheck && !isNonInteractive) {
+    console.log(`${BRAND.dim}Checking for similar projects...${BRAND.reset}`);
+    const similar = await checkSimilarProjects(name.trim(), repoUrl);
+
+    if (similar.length > 0) {
+      console.log(`\n${BRAND.yellow}Similar project(s) found:${BRAND.reset}\n`);
+
+      for (const match of similar) {
+        const reasonMap = {
+          github_repo: 'GitHub repo match',
+          slug_match: 'Same slug',
+          name_similar: 'Similar name'
+        };
+        const reason = reasonMap[match.matchReason] || match.matchReason;
+        const ownerInfo = match.owner ? ` (owned by ${match.owner.email})` : '';
+        console.log(`  ${BRAND.color}${match.name}${BRAND.reset}${ownerInfo}`);
+        console.log(`  ${BRAND.dim}[${reason}]${BRAND.reset}\n`);
+      }
+
+      const proceed = await prompt(`${BRAND.color}Create a new project anyway? (y/N):${BRAND.reset} `);
+      if (proceed.toLowerCase() !== 'y') {
+        console.log(`\n${BRAND.dim}To join an existing project, ask the owner to add you.${BRAND.reset}\n`);
+        return;
+      }
+      console.log();
+    }
+  }
+
+  // Get description from flag or prompt
+  let description = flags.description || flags.d;
+  if (!description && !isNonInteractive) {
+    description = await prompt(`${BRAND.dim}Description (optional):${BRAND.reset} `);
+  }
+
+  // Get framework from flag or prompt
+  let framework = flags.framework || flags.f;
+  if (!framework && !isNonInteractive) {
+    framework = await prompt(`${BRAND.dim}Framework (e.g., nextjs, react, nodejs):${BRAND.reset} `);
+  }
+
+  console.log(`\n${BRAND.dim}Creating project...${BRAND.reset}`);
+
+  try {
+    const project = await apiRequest('POST', '/projects', {
+      name: name.trim(),
+      description: description || undefined,
+      framework: framework || undefined,
+      repositoryUrl: repoUrl || undefined
+    });
+
+    console.log(`\n${BRAND.green}✓${BRAND.reset} Project created successfully!\n`);
+    console.log(`  ${BRAND.bold}Name:${BRAND.reset} ${project.name}`);
+    console.log(`  ${BRAND.bold}ID:${BRAND.reset} ${project.id}`);
+    console.log(`  ${BRAND.bold}Slug:${BRAND.reset} ${project.slug}`);
+
+    // Ask if user wants to switch to this project (auto-yes in non-interactive mode)
+    let switchTo = 'y';
+    if (!isNonInteractive) {
+      switchTo = await prompt(`\n${BRAND.color}Switch to this project now? (Y/n):${BRAND.reset} `);
+    }
+
+    if (switchTo.toLowerCase() !== 'n') {
+      session.setCurrentProject({
+        id: project.id,
+        name: project.name,
+        slug: project.slug
+      });
+      console.log(`\n${BRAND.green}✓${BRAND.reset} Switched to ${BRAND.color}${project.name}${BRAND.reset}\n`);
+    } else {
+      console.log(`\n${BRAND.dim}Run 'bootspring switch ${project.slug}' to switch to this project.${BRAND.reset}\n`);
+    }
+  } catch (error) {
+    if (error.status === 403 && error.message.includes('limit')) {
+      console.log(`\n${BRAND.yellow}Project limit reached.${BRAND.reset}`);
+      console.log(`${BRAND.dim}Upgrade your plan at: https://bootspring.com/dashboard/billing${BRAND.reset}\n`);
+    } else {
+      console.log(`\n${BRAND.red}Error: ${error.message}${BRAND.reset}`);
+    }
+    process.exit(1);
+  }
+}
+
+/**
+ * Show current project info
+ */
+async function showProjectInfo() {
+  const project = session.getEffectiveProject();
+
+  if (!project) {
+    console.log(`\n${BRAND.yellow}No project context set.${BRAND.reset}`);
+    console.log(`${BRAND.dim}Run 'bootspring switch' to select a project.${BRAND.reset}\n`);
+    return;
+  }
+
+  console.log(`\n${BRAND.bold}Current Project${BRAND.reset}\n`);
+  console.log(`  ${BRAND.bold}Name:${BRAND.reset} ${BRAND.color}${project.name}${BRAND.reset}`);
+  console.log(`  ${BRAND.bold}ID:${BRAND.reset} ${project.id}`);
+  if (project.slug) {
+    console.log(`  ${BRAND.bold}Slug:${BRAND.reset} ${project.slug}`);
+  }
+  console.log(`  ${BRAND.bold}Source:${BRAND.reset} ${project.source || 'session'}`);
+  console.log();
+}
+
+/**
+ * Show usage for this command
+ */
+function showUsage() {
+  console.log(`
+${BRAND.bold}Usage:${BRAND.reset} bootspring project <command> [args]
+
+${BRAND.bold}Commands:${BRAND.reset}
+  list              List all projects (owned and shared)
+  create [name]     Create a new project
+  info              Show current project info
+
+${BRAND.bold}Options for create:${BRAND.reset}
+  --description, -d   Project description
+  --framework, -f     Project framework (e.g., nextjs, nodejs)
+  --repo              Repository URL
+  --force             Skip duplicate project check
+  -y, --yes           Non-interactive mode
+
+${BRAND.bold}Examples:${BRAND.reset}
+  bootspring project list
+  bootspring project create "My App"
+  bootspring project create "My App" --framework nextjs --repo https://github.com/user/repo
+  bootspring project info
+`);
+}
+
+/**
+ * Main entry point
+ */
+async function run(args) {
+  const subcommand = args[0];
+
+  switch (subcommand) {
+    case 'list':
+    case 'ls':
+      await listProjects();
+      break;
+
+    case 'create':
+    case 'new':
+      await createProject(args.slice(1));
+      break;
+
+    case 'info':
+    case 'current':
+      await showProjectInfo();
+      break;
+
+    case undefined:
+    case 'help':
+    case '--help':
+    case '-h':
+      showUsage();
+      break;
+
+    default:
+      console.log(`${BRAND.red}Unknown subcommand: ${subcommand}${BRAND.reset}`);
+      showUsage();
+      process.exit(1);
+  }
+}
+
+module.exports = { run };

package/cli/quality.js

@@ -12,6 +12,15 @@ const path = require('path');
 const config = require('../core/config');
 const utils = require('../core/utils');
 
+// Lazy load audit workflow
+let AuditWorkflowEngine = null;
+function getAuditEngine() {
+  if (!AuditWorkflowEngine) {
+    AuditWorkflowEngine = require('../core/audit-workflow').AuditWorkflowEngine;
+  }
+  return AuditWorkflowEngine;
+}
+
 /**
  * Detect project type and available tooling
  * @param {string} projectRoot - Project root path
@@ -422,6 +431,217 @@ ${utils.COLORS.bold}Available Gates${utils.COLORS.reset}
   console.log(`  ${utils.COLORS.dim}npx husky add .husky/pre-commit "bootspring quality pre-commit"${utils.COLORS.reset}`);
 }
 
+/**
+ * Run full quality pipeline (quality gates + audit)
+ */
+async function runFullPipeline(options = {}) {
+  const cfg = config.load();
+  const projectRoot = cfg._projectRoot;
+
+  console.log(`
+${utils.COLORS.cyan}${utils.COLORS.bold}⚡ Full Quality Pipeline${utils.COLORS.reset}
+${utils.COLORS.dim}Quality gates + codebase audit${utils.COLORS.reset}
+`);
+
+  const results = {
+    qualityGate: null,
+    audit: null,
+    timestamp: new Date().toISOString(),
+    passed: false
+  };
+
+  // Phase 1: Pre-deploy quality gate
+  utils.print.header('Phase 1: Quality Gates');
+  results.qualityGate = await runGate('pre-deploy', {
+    strict: false,
+    skip: options.skip ? [options.skip] : []
+  });
+
+  if (results.qualityGate.failed > 0 && options.strict) {
+    utils.print.error('Quality gates failed. Stopping pipeline.');
+    return results;
+  }
+
+  console.log('');
+
+  // Phase 2: Bootspring audit
+  utils.print.header('Phase 2: Codebase Audit');
+
+  try {
+    const Engine = getAuditEngine();
+    const workflow = new Engine(projectRoot, { ciMode: true });
+
+    if (workflow.hasWorkflow()) {
+      workflow.loadState();
+      const progress = workflow.getProgress();
+      if (progress.isComplete) {
+        console.log(`${utils.COLORS.dim}Using existing audit results${utils.COLORS.reset}`);
+        results.audit = {
+          findings: progress.findings,
+          passed: progress.findings.critical === 0 && progress.findings.high === 0
+        };
+      } else {
+        // Reset and run fresh
+        workflow.resetWorkflow();
+        workflow.initializeWorkflow();
+        results.audit = await runAuditPhases(workflow);
+      }
+    } else {
+      workflow.initializeWorkflow();
+      results.audit = await runAuditPhases(workflow);
+    }
+  } catch (error) {
+    console.log(`${utils.COLORS.yellow}⚠${utils.COLORS.reset} Audit skipped: ${error.message}`);
+    results.audit = { skipped: true, error: error.message };
+  }
+
+  console.log('');
+
+  // Phase 3: Generate combined report
+  utils.print.header('Combined Quality Report');
+  results.passed = generateCombinedReport(results, projectRoot);
+
+  return results;
+}
+
+/**
+ * Run audit phases
+ */
+async function runAuditPhases(workflow) {
+  const phases = ['quality', 'security', 'practices'];
+  const findings = { critical: 0, high: 0, medium: 0, low: 0, total: 0 };
+
+  for (const phaseId of phases) {
+    workflow.startPhase(phaseId);
+    const spinner = utils.createSpinner(`Auditing: ${phaseId}`).start();
+
+    try {
+      let result;
+      switch (phaseId) {
+        case 'quality':
+          result = await workflow.runQualityMetrics();
+          spinner.succeed(`Quality: Score ${result.score}/100`);
+          break;
+        case 'security':
+          result = await workflow.runSecurityScan();
+          if (result.critical > 0) {
+            spinner.fail(`Security: ${result.critical} critical issues`);
+            findings.critical += result.critical;
+          } else if (result.high > 0) {
+            spinner.warn(`Security: ${result.high} high issues`);
+            findings.high += result.high;
+          } else {
+            spinner.succeed('Security: Passed');
+          }
+          findings.medium += result.medium || 0;
+          findings.low += result.low || 0;
+          break;
+        case 'practices':
+          result = await workflow.runBestPractices();
+          spinner.succeed(`Best practices: ${result.passed}/${result.total} passed`);
+          break;
+      }
+      workflow.completePhase(phaseId, result);
+    } catch (error) {
+      spinner.fail(`${phaseId}: ${error.message}`);
+      workflow.failPhase(phaseId, error.message);
+    }
+  }
+
+  findings.total = findings.critical + findings.high + findings.medium + findings.low;
+
+  return {
+    findings,
+    passed: findings.critical === 0 && findings.high === 0
+  };
+}
+
+/**
+ * Generate combined quality report
+ */
+function generateCombinedReport(results, projectRoot) {
+  const reportDir = path.join(projectRoot, '.bootspring', 'quality');
+  if (!fs.existsSync(reportDir)) {
+    fs.mkdirSync(reportDir, { recursive: true });
+  }
+
+  // Calculate overall status
+  const qualityPassed = results.qualityGate?.failed === 0;
+  const auditPassed = results.audit?.passed !== false;
+  const overallPassed = qualityPassed && auditPassed;
+
+  // Display summary
+  console.log('');
+  console.log(`${utils.COLORS.bold}Summary${utils.COLORS.reset}`);
+  console.log('');
+
+  // Quality gates
+  if (results.qualityGate) {
+    const qIcon = qualityPassed ?
+      `${utils.COLORS.green}✓${utils.COLORS.reset}` :
+      `${utils.COLORS.red}✗${utils.COLORS.reset}`;
+    console.log(`  ${qIcon} Quality Gates: ${results.qualityGate.passed} passed, ${results.qualityGate.failed} failed`);
+  }
+
+  // Audit
+  if (results.audit && !results.audit.skipped) {
+    const aIcon = auditPassed ?
+      `${utils.COLORS.green}✓${utils.COLORS.reset}` :
+      `${utils.COLORS.red}✗${utils.COLORS.reset}`;
+    const f = results.audit.findings;
+    console.log(`  ${aIcon} Codebase Audit: ${f.critical} critical, ${f.high} high, ${f.medium} medium, ${f.low} low`);
+  } else if (results.audit?.skipped) {
+    console.log(`  ${utils.COLORS.yellow}○${utils.COLORS.reset} Codebase Audit: Skipped`);
+  }
+
+  console.log('');
+
+  // Overall result
+  if (overallPassed) {
+    utils.print.success('Quality pipeline PASSED');
+  } else {
+    utils.print.error('Quality pipeline FAILED');
+    if (!qualityPassed) {
+      console.log(`  ${utils.COLORS.dim}Fix quality gate issues before proceeding${utils.COLORS.reset}`);
+    }
+    if (!auditPassed && results.audit?.findings) {
+      if (results.audit.findings.critical > 0) {
+        console.log(`  ${utils.COLORS.red}● ${results.audit.findings.critical} critical issues require immediate attention${utils.COLORS.reset}`);
+      }
+      if (results.audit.findings.high > 0) {
+        console.log(`  ${utils.COLORS.yellow}● ${results.audit.findings.high} high priority issues found${utils.COLORS.reset}`);
+      }
+    }
+  }
+
+  // Generate report file
+  const report = {
+    timestamp: results.timestamp,
+    passed: overallPassed,
+    qualityGates: {
+      passed: qualityPassed,
+      checks: results.qualityGate?.results || []
+    },
+    audit: results.audit?.skipped ? { skipped: true } : {
+      passed: auditPassed,
+      findings: results.audit?.findings || {}
+    }
+  };
+
+  const reportPath = path.join(reportDir, 'pipeline-report.json');
+  fs.writeFileSync(reportPath, JSON.stringify(report, null, 2));
+
+  console.log('');
+  console.log(`${utils.COLORS.dim}Report saved: ${reportPath}${utils.COLORS.reset}`);
+
+  // Set exit code for CI
+  if (!overallPassed) {
+    process.exitCode = 1;
+  }
+
+  return overallPassed;
+}
+
 /**
  * Show quality help
  */
@@ -437,10 +657,12 @@ ${utils.COLORS.bold}Gates:${utils.COLORS.reset}
   ${utils.COLORS.cyan}pre-commit${utils.COLORS.reset}        Quick checks (types, lint, format)
   ${utils.COLORS.cyan}pre-push${utils.COLORS.reset}          Thorough checks (tests, build)
   ${utils.COLORS.cyan}pre-deploy${utils.COLORS.reset}        Full audit (security, everything)
+  ${utils.COLORS.cyan}full${utils.COLORS.reset}              Combined: quality gates + codebase audit
 
 ${utils.COLORS.bold}Options:${utils.COLORS.reset}
   --strict          Stop on first failure
   --skip <check>    Skip specific check
+  --ci              CI mode with exit codes
 
 ${utils.COLORS.bold}Commands:${utils.COLORS.reset}
   ${utils.COLORS.cyan}quick${utils.COLORS.reset}             Run quick type check only
@@ -450,6 +672,8 @@ ${utils.COLORS.bold}Examples:${utils.COLORS.reset}
   bootspring quality pre-commit
   bootspring quality pre-push --strict
   bootspring quality pre-deploy --skip security
+  bootspring quality full
+  bootspring quality full --ci
   bootspring quality quick
   bootspring quality status
 `);
@@ -477,6 +701,15 @@ async function run(args) {
       });
       break;
 
+    case 'full':
+    case 'pipeline':
+      await runFullPipeline({
+        strict: parsedArgs.strict,
+        skip: parsedArgs.skip,
+        ci: parsedArgs.ci
+      });
+      break;
+
     case 'quick':
     case 'check':
       runQuickCheck();