@securityreviewai/securityreview-kit 0.1.47 → 0.1.49

package/src/utils/srai.js

@@ -1,252 +0,0 @@
-import { existsSync } from 'node:fs';
-import { join } from 'node:path';
-import { MCP_SERVER_NAME, TARGET_NAMES, TARGETS } from './constants.js';
-import { readJson, readText } from './fs-helpers.js';
-
-const PROJECT_LIST_PATH = '/api/projects/';
-
-/**
- * Normalize API URL from raw input.
- */
-export function normalizeApiUrl(value) {
-    const trimmed = String(value || '').trim();
-    if (!trimmed) return '';
-
-    if (trimmed.startsWith('http://') || trimmed.startsWith('https://')) {
-        return trimmed;
-    }
-
-    return `https://${trimmed}`;
-}
-
-function parseTomlEnvValue(content, key) {
-    const match = content.match(new RegExp(`${key}\\s*=\\s*"(.*?)"`));
-    return match ? match[1].trim() : '';
-}
-
-function extractCredentialsFromJsonConfig(content) {
-    const servers = content?.mcpServers || content?.servers;
-    if (!servers || typeof servers !== 'object') return null;
-
-    const server = servers[MCP_SERVER_NAME];
-    if (!server || typeof server !== 'object') return null;
-
-    const apiUrl = normalizeApiUrl(server?.env?.SECURITY_REVIEW_API_URL || '');
-    const apiToken = String(server?.env?.SECURITY_REVIEW_API_TOKEN || '').trim();
-    if (!apiUrl || !apiToken) return null;
-
-    return { apiUrl, apiToken };
-}
-
-/**
- * Read previously saved API credentials from any configured MCP file.
- */
-export function getStoredCredentials(cwd) {
-    for (const targetName of TARGET_NAMES) {
-        const target = TARGETS[targetName];
-        const mcpPath = join(cwd, target.mcpConfigPath);
-        if (!existsSync(mcpPath)) continue;
-
-        if (mcpPath.endsWith('.toml')) {
-            const content = readText(mcpPath);
-            if (!content) continue;
-
-            const apiUrl = normalizeApiUrl(parseTomlEnvValue(content, 'SECURITY_REVIEW_API_URL'));
-            const apiToken = parseTomlEnvValue(content, 'SECURITY_REVIEW_API_TOKEN');
-            if (apiUrl && apiToken) {
-                return { apiUrl, apiToken };
-            }
-            continue;
-        }
-
-        const json = readJson(mcpPath);
-        const extracted = extractCredentialsFromJsonConfig(json);
-        if (extracted) {
-            return extracted;
-        }
-    }
-
-    return { apiUrl: '', apiToken: '' };
-}
-
-function resolveProjectsEndpoint(apiUrl) {
-    const parsed = new URL(apiUrl);
-    const pathname = parsed.pathname.replace(/\/+$/, '');
-
-    if (pathname.endsWith('/api/projects')) {
-        parsed.pathname = `${pathname}/`;
-    } else if (pathname.endsWith('/api')) {
-        parsed.pathname = `${pathname}/projects/`;
-    } else if (!pathname || pathname === '/') {
-        parsed.pathname = PROJECT_LIST_PATH;
-    } else {
-        parsed.pathname = `${pathname}${PROJECT_LIST_PATH}`;
-    }
-
-    parsed.search = '';
-    parsed.hash = '';
-    return parsed.toString();
-}
-
-function toProjectName(entry) {
-    if (typeof entry === 'string') return entry.trim();
-    if (!entry || typeof entry !== 'object') return '';
-
-    const nameFields = [
-        'name',
-        'projectName',
-        'project_name',
-        'displayName',
-        'display_name',
-        'title',
-    ];
-
-    for (const key of nameFields) {
-        const value = entry[key];
-        if (typeof value === 'string' && value.trim()) {
-            return value.trim();
-        }
-    }
-
-    if (entry.project && typeof entry.project === 'object') {
-        return toProjectName(entry.project);
-    }
-
-    return '';
-}
-
-function collectProjectLists(payload) {
-    const collections = [];
-
-    if (Array.isArray(payload)) {
-        collections.push(payload);
-    }
-
-    if (payload && typeof payload === 'object') {
-        const keys = ['projects', 'data', 'results', 'items'];
-        for (const key of keys) {
-            if (Array.isArray(payload[key])) {
-                collections.push(payload[key]);
-            }
-        }
-    }
-
-    return collections;
-}
-
-function extractProjectNames(payload) {
-    const names = new Set();
-    for (const list of collectProjectLists(payload)) {
-        for (const entry of list) {
-            const name = toProjectName(entry);
-            if (name) names.add(name);
-        }
-    }
-
-    return [...names].sort((a, b) => a.localeCompare(b));
-}
-
-/**
- * Whether a project object is marked for AI / vibe review kit selection.
- * Only entries with an explicit true-like `is_vibe_review` (or common API aliases) qualify.
- */
-export function isVibeReviewProject(entry) {
-    if (!entry || typeof entry !== 'object') return false;
-
-    const keys = ['is_vibe_review', 'isVibeReview', 'vibe_review', 'vibeReview'];
-    for (const key of keys) {
-        if (!Object.prototype.hasOwnProperty.call(entry, key)) continue;
-        const value = entry[key];
-        if (value === true || value === 1) return true;
-        if (typeof value === 'string') {
-            const v = value.toLowerCase().trim();
-            if (v === 'true' || v === '1' || v === 'yes') return true;
-        }
-        return false;
-    }
-
-    return false;
-}
-
-/**
- * Extract { name, entry } pairs from a projects API payload.
- */
-export function extractProjectEntries(payload) {
-    const out = [];
-    const seen = new Set();
-
-    for (const list of collectProjectLists(payload)) {
-        for (const entry of list) {
-            const name = toProjectName(entry);
-            if (!name || seen.has(name)) continue;
-            seen.add(name);
-            out.push({ name, entry });
-        }
-    }
-
-    out.sort((a, b) => a.name.localeCompare(b.name));
-    return out;
-}
-
-async function fetchProjectsPayload(apiUrl, apiToken) {
-    const endpoint = resolveProjectsEndpoint(apiUrl);
-
-    let response;
-    try {
-        response = await fetch(endpoint, {
-            method: 'GET',
-            headers: {
-                Authorization: `Bearer ${apiToken}`,
-                Accept: 'application/json',
-            },
-        });
-    } catch (err) {
-        throw new Error(`Could not reach SRAI API at ${endpoint}: ${err.message}`);
-    }
-
-    if (!response.ok) {
-        throw new Error(
-            `Project fetch failed (${response.status} ${response.statusText}) at ${endpoint}`,
-        );
-    }
-
-    let payload;
-    try {
-        payload = await response.json();
-    } catch {
-        throw new Error(`Project fetch returned non-JSON content at ${endpoint}`);
-    }
-
-    return { payload, endpoint };
-}
-
-/**
- * Fetch all project names from SRAI (no filtering).
- */
-export async function fetchProjectNames(apiUrl, apiToken) {
-    const { payload, endpoint } = await fetchProjectsPayload(apiUrl, apiToken);
-    const names = extractProjectNames(payload);
-    if (names.length === 0) {
-        throw new Error(`No project names found in API response from ${endpoint}`);
-    }
-
-    return names;
-}
-
-/**
- * Fetch project names that have `is_vibe_review` (or API alias) set true — used for kit init / project switch.
- */
-export async function fetchVibeReviewProjectNames(apiUrl, apiToken) {
-    const { payload, endpoint } = await fetchProjectsPayload(apiUrl, apiToken);
-    const entries = extractProjectEntries(payload);
-    const names = entries.filter(({ entry }) => isVibeReviewProject(entry)).map(({ name }) => name);
-
-    if (names.length === 0) {
-        throw new Error(
-            `No projects with vibe review enabled (is_vibe_review=true) were returned from ${endpoint}. ` +
-                'Enable vibe review on at least one SRAI project, or check your API token and URL.',
-        );
-    }
-
-    return names;
-}