@shipsafe/cli 0.1.0

package/dist/src/mcp/tools/status.js

@@ -0,0 +1,18 @@
+import { getProjectName, loadConfig } from '../../config/manager.js';
+import { checkHooksInstalled } from '../../hooks/installer.js';
+import { getAvailableScanners } from '../../engines/pattern/index.js';
+export async function handleStatus() {
+    const projectDir = process.cwd();
+    const projectName = getProjectName(projectDir);
+    const hooksInstalled = await checkHooksInstalled(projectDir);
+    const scanners = await getAvailableScanners();
+    const config = await loadConfig(projectDir);
+    const license = config.licenseKey ? 'pro' : 'free';
+    return {
+        project: projectName,
+        hooks_installed: hooksInstalled,
+        scanners,
+        license,
+    };
+}
+//# sourceMappingURL=status.js.map

package/dist/src/mcp/tools/status.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.js","sourceRoot":"","sources":["../../../../src/mcp/tools/status.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AACrE,OAAO,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AAC/D,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AAStE,MAAM,CAAC,KAAK,UAAU,YAAY;IAChC,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IACjC,MAAM,WAAW,GAAG,cAAc,CAAC,UAAU,CAAC,CAAC;IAC/C,MAAM,cAAc,GAAG,MAAM,mBAAmB,CAAC,UAAU,CAAC,CAAC;IAC7D,MAAM,QAAQ,GAAG,MAAM,oBAAoB,EAAE,CAAC;IAC9C,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,UAAU,CAAC,CAAC;IAE5C,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC;IAEnD,OAAO;QACL,OAAO,EAAE,WAAW;QACpB,eAAe,EAAE,cAAc;QAC/B,QAAQ;QACR,OAAO;KACR,CAAC;AACJ,CAAC"}

package/dist/src/mcp/tools/verify-resolution.d.ts

@@ -0,0 +1,12 @@
+export interface VerifyResolutionParams {
+    error_id: string;
+}
+export interface VerifyResolutionResult {
+    error_id: string;
+    status: 'resolved' | 'recurring' | 'unknown';
+    last_occurrence?: string;
+    hours_since_last?: number;
+    confidence: number;
+}
+export declare function handleVerifyResolution(params: VerifyResolutionParams): Promise<VerifyResolutionResult>;
+//# sourceMappingURL=verify-resolution.d.ts.map

package/dist/src/mcp/tools/verify-resolution.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify-resolution.d.ts","sourceRoot":"","sources":["../../../../src/mcp/tools/verify-resolution.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,UAAU,GAAG,WAAW,GAAG,SAAS,CAAC;IAC7C,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,wBAAsB,sBAAsB,CAC1C,MAAM,EAAE,sBAAsB,GAC7B,OAAO,CAAC,sBAAsB,CAAC,CAuDjC"}

package/dist/src/mcp/tools/verify-resolution.js

@@ -0,0 +1,45 @@
+import { loadConfig, getApiEndpoint } from '../../config/manager.js';
+export async function handleVerifyResolution(params) {
+    const { error_id } = params;
+    const projectDir = process.cwd();
+    const config = await loadConfig(projectDir);
+    if (!config.projectId) {
+        return {
+            error_id,
+            status: 'unknown',
+            confidence: 0,
+        };
+    }
+    const apiEndpoint = getApiEndpoint(config);
+    const url = new URL(`/v1/errors/${config.projectId}/${error_id}/status`, apiEndpoint);
+    try {
+        const response = await fetch(url.toString(), {
+            headers: {
+                ...(config.licenseKey ? { Authorization: `Bearer ${config.licenseKey}` } : {}),
+            },
+        });
+        if (!response.ok) {
+            return {
+                error_id,
+                status: 'unknown',
+                confidence: 0,
+            };
+        }
+        const data = (await response.json());
+        return {
+            error_id,
+            status: data.status,
+            last_occurrence: data.last_occurrence,
+            hours_since_last: data.hours_since_last,
+            confidence: data.confidence,
+        };
+    }
+    catch {
+        return {
+            error_id,
+            status: 'unknown',
+            confidence: 0,
+        };
+    }
+}
+//# sourceMappingURL=verify-resolution.js.map

package/dist/src/mcp/tools/verify-resolution.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify-resolution.js","sourceRoot":"","sources":["../../../../src/mcp/tools/verify-resolution.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAcrE,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,MAA8B;IAE9B,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;IAC5B,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IACjC,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,UAAU,CAAC,CAAC;IAE5C,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACtB,OAAO;YACL,QAAQ;YACR,MAAM,EAAE,SAAS;YACjB,UAAU,EAAE,CAAC;SACd,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;IAC3C,MAAM,GAAG,GAAG,IAAI,GAAG,CACjB,cAAc,MAAM,CAAC,SAAS,IAAI,QAAQ,SAAS,EACnD,WAAW,CACZ,CAAC;IAEF,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,OAAO,EAAE;gBACP,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,UAAU,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC/E;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO;gBACL,QAAQ;gBACR,MAAM,EAAE,SAAS;gBACjB,UAAU,EAAE,CAAC;aACd,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAKlC,CAAC;QAEF,OAAO;YACL,QAAQ;YACR,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;YACvC,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,QAAQ;YACR,MAAM,EAAE,SAAS;YACjB,UAAU,EAAE,CAAC;SACd,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/src/types.d.ts

@@ -0,0 +1,136 @@
+export type Severity = 'critical' | 'high' | 'medium' | 'low' | 'info';
+export type ScanScope = 'staged' | 'all' | `file:${string}`;
+export type Engine = 'pattern' | 'knowledge_graph';
+export type ScanStatus = 'pass' | 'fail';
+export type SecurityScore = 'A' | 'B' | 'C' | 'D' | 'F';
+export interface Finding {
+    id: string;
+    engine: Engine;
+    severity: Severity;
+    type: string;
+    file: string;
+    line: number;
+    description: string;
+    fix_suggestion: string;
+    auto_fixable: boolean;
+}
+export interface ScanResult {
+    status: ScanStatus;
+    score: SecurityScore;
+    findings: Finding[];
+    scan_duration_ms: number;
+}
+export interface ShipSafeConfig {
+    licenseKey?: string;
+    licenseValidatedAt?: string;
+    licenseTier?: string;
+    projectId?: string;
+    apiEndpoint?: string;
+    monitoring?: {
+        enabled: boolean;
+        error_sample_rate: number;
+        performance_sample_rate: number;
+    };
+    scan?: {
+        ignore_paths: string[];
+        ignore_rules: string[];
+        severity_threshold: Severity;
+    };
+}
+export interface ProjectStatus {
+    project: string;
+    security_score: SecurityScore;
+    open_issues: number;
+    hooks_installed: boolean;
+    last_scan?: string;
+}
+export interface ScannerAvailability {
+    semgrep: boolean;
+    gitleaks: boolean;
+    trivy: boolean;
+}
+export type SupportedLanguage = 'typescript' | 'javascript' | 'python';
+export interface ParsedFile {
+    filePath: string;
+    language: SupportedLanguage;
+    functions: FunctionNode[];
+    classes: ClassNode[];
+    imports: ImportNode[];
+    exports: ExportNode[];
+    callSites: CallSite[];
+}
+export interface FunctionNode {
+    name: string;
+    filePath: string;
+    startLine: number;
+    endLine: number;
+    params: string[];
+    isAsync: boolean;
+    isExported: boolean;
+    className?: string;
+}
+export interface ClassNode {
+    name: string;
+    filePath: string;
+    startLine: number;
+    endLine: number;
+    methods: string[];
+    isExported: boolean;
+}
+export interface ImportNode {
+    source: string;
+    specifiers: string[];
+    filePath: string;
+    line: number;
+}
+export interface ExportNode {
+    name: string;
+    filePath: string;
+    line: number;
+    type: 'function' | 'class' | 'variable' | 'default';
+}
+export interface CallSite {
+    callerName: string;
+    calleeName: string;
+    filePath: string;
+    line: number;
+    receiver?: string;
+}
+export interface AttackPath {
+    entryPoint: {
+        name: string;
+        filePath: string;
+        line: number;
+    };
+    sink: {
+        name: string;
+        filePath: string;
+        line: number;
+        type: string;
+    };
+    path: string[];
+    hasValidation: boolean;
+}
+export interface BlastRadiusResult {
+    targetFunction: string;
+    affectedFunctions: Array<{
+        name: string;
+        filePath: string;
+        line: number;
+    }>;
+    affectedEndpoints: Array<{
+        name: string;
+        filePath: string;
+        line: number;
+    }>;
+    totalAffected: number;
+}
+export interface MissingAuthResult {
+    endpoint: {
+        name: string;
+        filePath: string;
+        line: number;
+    };
+    reason: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/src/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AACvE,MAAM,MAAM,SAAS,GAAG,QAAQ,GAAG,KAAK,GAAG,QAAQ,MAAM,EAAE,CAAC;AAC5D,MAAM,MAAM,MAAM,GAAG,SAAS,GAAG,iBAAiB,CAAC;AACnD,MAAM,MAAM,UAAU,GAAG,MAAM,GAAG,MAAM,CAAC;AACzC,MAAM,MAAM,aAAa,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,CAAC;AAExD,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,QAAQ,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,UAAU,CAAC;IACnB,KAAK,EAAE,aAAa,CAAC;IACrB,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,gBAAgB,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,cAAc;IAC7B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE;QACX,OAAO,EAAE,OAAO,CAAC;QACjB,iBAAiB,EAAE,MAAM,CAAC;QAC1B,uBAAuB,EAAE,MAAM,CAAC;KACjC,CAAC;IACF,IAAI,CAAC,EAAE;QACL,YAAY,EAAE,MAAM,EAAE,CAAC;QACvB,YAAY,EAAE,MAAM,EAAE,CAAC;QACvB,kBAAkB,EAAE,QAAQ,CAAC;KAC9B,CAAC;CACH;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,aAAa,CAAC;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,OAAO,CAAC;IACzB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,OAAO,CAAC;IAClB,KAAK,EAAE,OAAO,CAAC;CAChB;AAID,MAAM,MAAM,iBAAiB,GAAG,YAAY,GAAG,YAAY,GAAG,QAAQ,CAAC;AAEvE,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,iBAAiB,CAAC;IAC5B,SAAS,EAAE,YAAY,EAAE,CAAC;IAC1B,OAAO,EAAE,SAAS,EAAE,CAAC;IACrB,OAAO,EAAE,UAAU,EAAE,CAAC;IACtB,OAAO,EAAE,UAAU,EAAE,CAAC;IACtB,SAAS,EAAE,QAAQ,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,OAAO,CAAC;IAEpB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,UAAU,EAAE,OAAO,CAAC;CACrB;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,UAAU,GAAG,OAAO,GAAG,UAAU,GAAG,SAAS,CAAC;CACrD;AAED,MAAM,WAAW,QAAQ;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IAEb,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAID,MAAM,WAAW,UAAU;IACzB,UAAU,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IAC7D,IAAI,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IACrE,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,aAAa,EAAE,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,iBAAiB;IAChC,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC3E,iBAAiB,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC3E,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IAC3D,MAAM,EAAE,MAAM,CAAC;CAChB"}

package/dist/src/types.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=types.js.map

package/dist/src/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":""}

package/package.json

@@ -0,0 +1,53 @@
+{
+  "name": "@shipsafe/cli",
+  "version": "0.1.0",
+  "description": "Full-lifecycle security and reliability platform for vibe coders",
+  "type": "module",
+  "bin": {
+    "shipsafe": "./dist/bin/shipsafe.js"
+  },
+  "files": [
+    "dist/"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json && chmod +x dist/bin/shipsafe.js",
+    "dev": "tsx bin/shipsafe.ts",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "lint": "tsc --noEmit"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/jakewlittle-cs/shipsafe.git"
+  },
+  "homepage": "https://shipsafe.org",
+  "keywords": [
+    "security",
+    "scanning",
+    "mcp",
+    "vibe-coding",
+    "semgrep",
+    "gitleaks"
+  ],
+  "author": "Connect Holdings LLC",
+  "license": "UNLICENSED",
+  "engines": {
+    "node": ">=20"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.0.0",
+    "chalk": "^5.4.0",
+    "commander": "^13.0.0",
+    "kuzu": "^0.11.3",
+    "tree-sitter-wasms": "^0.1.13",
+    "web-tree-sitter": "^0.24.7",
+    "zod": "^3.24.0"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "@vitest/coverage-v8": "^4.1.0",
+    "tsx": "^4.19.0",
+    "typescript": "^5.7.0",
+    "vitest": "^3.0.0"
+  }
+}