@vee-stack/delta-cli 2.0.8 → 2.0.10

package/dist/apps/cli/src/analyzer/validators/maintainability.validator.js

@@ -1,40 +0,0 @@
-/**
- * Maintainability Validator
- * @description Validates Maintainability rules
- */
-export class MaintainabilityValidator {
-    static async validate(project, _options) {
-        const violations = [];
-        let score = 100;
-        // Check for tests
-        const testFiles = project.files.filter(f => f.includes('.test.') || f.includes('.spec.'));
-        const testRatio = testFiles.length / (project.fileCount || 1);
-        if (testRatio < 0.1) {
-            violations.push({
-                id: 'MAINT-TEST-001',
-                severity: 'warning',
-                message: `Low test coverage: ${(testRatio * 100).toFixed(1)}% of files are tests`,
-                rule: 'Testing Required',
-            });
-            score -= 20;
-        }
-        // Check for documentation
-        const hasReadme = project.files.some(f => f.toLowerCase() === 'readme.md' || f.toLowerCase().endsWith('/readme.md'));
-        if (!hasReadme) {
-            violations.push({
-                id: 'MAINT-DOC-001',
-                severity: 'warning',
-                message: 'No README.md found',
-                rule: 'Documentation Required',
-            });
-            score -= 10;
-        }
-        return {
-            score: Math.max(0, score),
-            maxScore: 100,
-            percentage: Math.max(0, score),
-            violations,
-        };
-    }
-}
-//# sourceMappingURL=maintainability.validator.js.map

package/dist/apps/cli/src/analyzer/validators/observability.validator.js

@@ -1,39 +0,0 @@
-/**
- * Observability Validator
- * @description Validates Observability rules
- */
-export class ObservabilityValidator {
-    static async validate(project, _options) {
-        const violations = [];
-        let score = 100;
-        // Check for health endpoint
-        const hasHealthEndpoint = project.files.some(f => f.includes('health') || f.includes('ready') || f.includes('live'));
-        if (!hasHealthEndpoint) {
-            violations.push({
-                id: 'OBS-HEALTH-001',
-                severity: 'warning',
-                message: 'No health check endpoint found',
-                rule: 'Health Checks Required',
-            });
-            score -= 20;
-        }
-        // Check for logging
-        const hasLogging = project.files.some(f => f.includes('logger') || f.includes('log'));
-        if (!hasLogging) {
-            violations.push({
-                id: 'OBS-LOG-001',
-                severity: 'warning',
-                message: 'No logging implementation found',
-                rule: 'Structured Logging Required',
-            });
-            score -= 20;
-        }
-        return {
-            score: Math.max(0, score),
-            maxScore: 100,
-            percentage: Math.max(0, score),
-            violations,
-        };
-    }
-}
-//# sourceMappingURL=observability.validator.js.map

package/dist/apps/cli/src/analyzer/validators/performance.validator.js

@@ -1,42 +0,0 @@
-/**
- * Performance Validator
- * @description Validates performance rules
- */
-export class PerformanceValidator {
-    static async validate(project, _options) {
-        const violations = [];
-        let score = 100;
-        // Check for lazy loading patterns
-        const hasDynamicImports = project.files.some(f => {
-            // Would check file content for dynamic imports
-            return f.includes('dynamic') || f.includes('lazy');
-        });
-        if (!hasDynamicImports && project.fileCount > 50) {
-            violations.push({
-                id: 'PERF-LAZY-001',
-                severity: 'warning',
-                message: 'No lazy loading patterns detected in large project',
-                rule: 'Lazy Loading Recommended',
-            });
-            score -= 10;
-        }
-        // Check for caching implementation
-        const hasCaching = project.files.some(f => f.includes('cache') || f.includes('redis') || f.includes('swr'));
-        if (!hasCaching) {
-            violations.push({
-                id: 'PERF-CACHE-001',
-                severity: 'warning',
-                message: 'No caching implementation found',
-                rule: 'Caching Layer Recommended',
-            });
-            score -= 15;
-        }
-        return {
-            score: Math.max(0, score),
-            maxScore: 100,
-            percentage: Math.max(0, score),
-            violations,
-        };
-    }
-}
-//# sourceMappingURL=performance.validator.js.map

package/dist/apps/cli/src/analyzer/validators/security.validator.js

@@ -1,66 +0,0 @@
-/**
- * Security Validator
- * @description Validates security rules against project
- */
-export class SecurityValidator {
-    static async validate(project, options) {
-        const violations = [];
-        let score = 100;
-        // Check 1: Policy Registry exists
-        const hasPolicyRegistry = project.directories.some(d => d.includes('modules') && d.includes('policies'));
-        if (!hasPolicyRegistry) {
-            violations.push({
-                id: 'SEC-POL-002',
-                severity: 'error',
-                message: 'Missing policies/ directory in modules',
-                rule: 'Policy Registry Required',
-            });
-            score -= 15;
-        }
-        // Check 2: Audit logging
-        const hasAuditFile = project.files.some(f => f.includes('audit') || f.includes('logger'));
-        if (!hasAuditFile) {
-            violations.push({
-                id: 'SEC-AUDIT-001',
-                severity: 'warning',
-                message: 'No audit logging implementation found',
-                rule: 'Audit Logging Required',
-            });
-            score -= 10;
-        }
-        // Check 3: Rate limiting
-        const hasRateLimit = project.files.some(f => f.includes('rate') || f.includes('limit'));
-        if (!hasRateLimit) {
-            violations.push({
-                id: 'SEC-RATE-001',
-                severity: 'warning',
-                message: 'No rate limiting implementation found',
-                rule: 'Rate Limiting Required',
-            });
-            score -= 10;
-        }
-        // Check 4: Security directory
-        const hasSecurityDir = project.directories.some(d => d.includes('security'));
-        if (!hasSecurityDir) {
-            violations.push({
-                id: 'SEC-DIR-001',
-                severity: 'error',
-                message: 'Missing security/ directory',
-                rule: 'Security Layer Required',
-            });
-            score -= 15;
-        }
-        // Deep scan for Fail-Open patterns (if requested)
-        if (options.depth === 'deep') {
-            // This would scan file contents for fail-open patterns
-            // For now, just check structure
-        }
-        return {
-            score: Math.max(0, score),
-            maxScore: 100,
-            percentage: Math.max(0, score),
-            violations,
-        };
-    }
-}
-//# sourceMappingURL=security.validator.js.map

package/dist/apps/cli/src/analyzer/validators/soc.validator.js

@@ -1,75 +0,0 @@
-/**
- * SoC Validator
- * @description Validates Separation of Concerns rules
- */
-export class SocValidator {
-    static async validate(project, _options) {
-        const violations = [];
-        let score = 100;
-        // Check for proper layer structure
-        const hasFeatures = project.directories.some(d => d.includes('features'));
-        const hasModules = project.directories.some(d => d.includes('modules'));
-        const hasCore = project.directories.some(d => d.includes('core'));
-        const hasContracts = project.directories.some(d => d.includes('contracts'));
-        if (!hasFeatures) {
-            violations.push({
-                id: 'SOC-LAYER-001',
-                severity: 'error',
-                message: 'Missing features/ layer',
-                rule: '7-Layer Architecture',
-            });
-            score -= 20;
-        }
-        if (!hasModules) {
-            violations.push({
-                id: 'SOC-LAYER-002',
-                severity: 'error',
-                message: 'Missing modules/ layer',
-                rule: '7-Layer Architecture',
-            });
-            score -= 20;
-        }
-        if (!hasCore) {
-            violations.push({
-                id: 'SOC-LAYER-003',
-                severity: 'error',
-                message: 'Missing core/ layer',
-                rule: '7-Layer Architecture',
-            });
-            score -= 20;
-        }
-        if (!hasContracts) {
-            violations.push({
-                id: 'SOC-LAYER-004',
-                severity: 'warning',
-                message: 'Missing contracts/ layer',
-                rule: '7-Layer Architecture',
-            });
-            score -= 10;
-        }
-        // Check feature structure
-        if (hasFeatures) {
-            const featureDirs = project.directories.filter(d => d.startsWith('features/'));
-            for (const featureDir of featureDirs) {
-                const hasComponents = project.directories.some(d => d.startsWith(`${featureDir}/components`));
-                const hasHooks = project.directories.some(d => d.startsWith(`${featureDir}/hooks`));
-                if (!hasComponents || !hasHooks) {
-                    violations.push({
-                        id: 'SOC-FEAT-001',
-                        severity: 'warning',
-                        message: `Feature ${featureDir} missing components/ or hooks/`,
-                        rule: 'Feature Structure',
-                    });
-                    score -= 5;
-                }
-            }
-        }
-        return {
-            score: Math.max(0, score),
-            maxScore: 100,
-            percentage: Math.max(0, score),
-            violations,
-        };
-    }
-}
-//# sourceMappingURL=soc.validator.js.map

package/dist/apps/cli/src/auth/secure-auth.js

@@ -1,312 +0,0 @@
-/**
- * Secure Authentication System with OAuth2 + Keychain Integration
- * Features:
- * - OAuth2 PKCE flow
- * - Secure token storage in OS keychain
- * - Automatic token refresh
- * - Session management
- * - PAT (Personal Access Token) support for CI/CD
- */
-import keytar from 'keytar';
-import fetch from 'node-fetch';
-import open from 'open';
-import { createServer } from 'http';
-import { URL } from 'url';
-import crypto from 'crypto';
-import chalk from 'chalk';
-import { printSuccess, printError, printInfo, startSpinner, stopSpinner } from '../ui.js';
-const SERVICE_NAME = 'delta-cli';
-const ACCOUNT_NAME = 'user-token';
-const REFRESH_ACCOUNT = 'refresh-token';
-// PKCE Code Generator
-function generatePKCE() {
-    const verifier = crypto.randomBytes(32).toString('base64url');
-    const challenge = crypto
-        .createHash('sha256')
-        .update(verifier)
-        .digest('base64url');
-    return { verifier, challenge };
-}
-// Secure Token Storage
-export class SecureTokenStore {
-    static async saveAccessToken(token) {
-        await keytar.setPassword(SERVICE_NAME, ACCOUNT_NAME, token);
-    }
-    static async getAccessToken() {
-        return await keytar.getPassword(SERVICE_NAME, ACCOUNT_NAME);
-    }
-    static async saveRefreshToken(token) {
-        await keytar.setPassword(SERVICE_NAME, REFRESH_ACCOUNT, token);
-    }
-    static async getRefreshToken() {
-        return await keytar.getPassword(SERVICE_NAME, REFRESH_ACCOUNT);
-    }
-    static async clearTokens() {
-        await keytar.deletePassword(SERVICE_NAME, ACCOUNT_NAME);
-        await keytar.deletePassword(SERVICE_NAME, REFRESH_ACCOUNT);
-    }
-    static async hasTokens() {
-        const token = await this.getAccessToken();
-        return !!token;
-    }
-}
-// OAuth2 Flow Handler
-export async function startOAuthFlow(method = 'oauth') {
-    startSpinner('Starting OAuth2 authentication flow...');
-    try {
-        const { verifier, challenge } = generatePKCE();
-        const redirectUri = 'http://localhost:3456/callback';
-        const state = crypto.randomBytes(16).toString('hex');
-        // Build OAuth URL
-        const oauthUrl = new URL('https://api.delta.dev/auth/authorize');
-        oauthUrl.searchParams.set('response_type', 'code');
-        oauthUrl.searchParams.set('client_id', 'delta-cli');
-        oauthUrl.searchParams.set('redirect_uri', redirectUri);
-        oauthUrl.searchParams.set('code_challenge', challenge);
-        oauthUrl.searchParams.set('code_challenge_method', 'S256');
-        oauthUrl.searchParams.set('state', state);
-        oauthUrl.searchParams.set('scope', 'read write analyze');
-        if (method === 'github') {
-            oauthUrl.searchParams.set('provider', 'github');
-        }
-        else if (method === 'google') {
-            oauthUrl.searchParams.set('provider', 'google');
-        }
-        stopSpinner(true, 'OAuth server ready');
-        // Open browser
-        printInfo('Opening browser for authentication...');
-        await open(oauthUrl.toString());
-        // Start local server to capture callback
-        const authCode = await new Promise((resolve, reject) => {
-            const server = createServer(async (req, res) => {
-                const url = new URL(req.url || '/', `http://localhost:3456`);
-                if (url.pathname === '/callback') {
-                    const code = url.searchParams.get('code');
-                    const returnedState = url.searchParams.get('state');
-                    const error = url.searchParams.get('error');
-                    if (error) {
-                        res.writeHead(400, { 'Content-Type': 'text/html' });
-                        res.end(`
-              <html>
-                <body style="font-family: system-ui; text-align: center; padding: 50px;">
-                  <h1 style="color: #e74c3c;">❌ Authentication Failed</h1>
-                  <p>${error}</p>
-                  <p>You can close this window.</p>
-                </body>
-              </html>
-            `);
-                        reject(new Error(error));
-                        server.close();
-                        return;
-                    }
-                    if (!code || returnedState !== state) {
-                        res.writeHead(400, { 'Content-Type': 'text/html' });
-                        res.end(`
-              <html>
-                <body style="font-family: system-ui; text-align: center; padding: 50px;">
-                  <h1 style="color: #e74c3c;">❌ Invalid Response</h1>
-                  <p>You can close this window.</p>
-                </body>
-              </html>
-            `);
-                        reject(new Error('Invalid OAuth response'));
-                        server.close();
-                        return;
-                    }
-                    res.writeHead(200, { 'Content-Type': 'text/html' });
-                    res.end(`
-            <html>
-              <head>
-                <style>
-                  body { 
-                    font-family: system-ui, -apple-system, sans-serif; 
-                    text-align: center; 
-                    padding: 50px;
-                    background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
-                    color: white;
-                    min-height: 100vh;
-                    display: flex;
-                    align-items: center;
-                    justify-content: center;
-                  }
-                  .container {
-                    background: rgba(255,255,255,0.1);
-                    backdrop-filter: blur(10px);
-                    padding: 40px;
-                    border-radius: 20px;
-                    box-shadow: 0 20px 60px rgba(0,0,0,0.3);
-                  }
-                  h1 { margin: 0 0 20px; font-size: 48px; }
-                  .check { font-size: 64px; margin-bottom: 20px; }
-                  p { font-size: 18px; opacity: 0.9; }
-                </style>
-              </head>
-              <body>
-                <div class="container">
-                  <div class="check">✓</div>
-                  <h1>Successfully Signed In!</h1>
-                  <p>You can close this window and return to the terminal.</p>
-                </div>
-              </body>
-            </html>
-          `);
-                    resolve(code);
-                    server.close();
-                }
-            });
-            server.listen(3456, () => {
-                console.log(chalk.dim('  Waiting for authentication...'));
-            });
-            // Timeout after 5 minutes
-            setTimeout(() => {
-                server.close();
-                reject(new Error('Authentication timeout'));
-            }, 5 * 60 * 1000);
-        });
-        // Exchange code for tokens
-        startSpinner('Exchanging authorization code...');
-        const tokenResponse = await fetch('https://api.delta.dev/auth/token', {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({
-                grant_type: 'authorization_code',
-                code: authCode,
-                redirect_uri: redirectUri,
-                client_id: 'delta-cli',
-                code_verifier: verifier,
-            }),
-        });
-        if (!tokenResponse.ok) {
-            throw new Error('Failed to exchange authorization code');
-        }
-        const tokens = await tokenResponse.json();
-        // Store tokens securely
-        await SecureTokenStore.saveAccessToken(tokens.access_token);
-        await SecureTokenStore.saveRefreshToken(tokens.refresh_token);
-        stopSpinner(true, 'Authentication successful!');
-        printSuccess('Successfully authenticated with Delta Cloud');
-        printInfo(`Token expires in ${tokens.expires_in} seconds`);
-        return true;
-    }
-    catch (error) {
-        stopSpinner(false, 'Authentication failed');
-        printError('OAuth2 authentication failed', error.message);
-        return false;
-    }
-}
-// PAT Authentication for CI/CD
-export async function authenticateWithPAT(token) {
-    startSpinner('Validating Personal Access Token...');
-    try {
-        // Validate token
-        const response = await fetch('https://api.delta.dev/auth/verify', {
-            headers: {
-                'Authorization': `Bearer ${token}`,
-            },
-        });
-        if (!response.ok) {
-            throw new Error('Invalid token');
-        }
-        const data = await response.json();
-        // Store token
-        await SecureTokenStore.saveAccessToken(token);
-        stopSpinner(true, 'Token validated');
-        printSuccess(`Authenticated as ${data.user.email}`);
-        return true;
-    }
-    catch (error) {
-        stopSpinner(false, 'Token validation failed');
-        printError('PAT authentication failed', error.message);
-        return false;
-    }
-}
-// Token Refresh
-export async function refreshAccessToken() {
-    const refreshToken = await SecureTokenStore.getRefreshToken();
-    if (!refreshToken) {
-        printError('No refresh token available');
-        return false;
-    }
-    try {
-        const response = await fetch('https://api.delta.dev/auth/refresh', {
-            method: 'POST',
-            headers: { 'Content-Type': 'application/json' },
-            body: JSON.stringify({
-                grant_type: 'refresh_token',
-                refresh_token: refreshToken,
-                client_id: 'delta-cli',
-            }),
-        });
-        if (!response.ok) {
-            throw new Error('Token refresh failed');
-        }
-        const tokens = await response.json();
-        await SecureTokenStore.saveAccessToken(tokens.access_token);
-        if (tokens.refresh_token) {
-            await SecureTokenStore.saveRefreshToken(tokens.refresh_token);
-        }
-        return true;
-    }
-    catch (error) {
-        printError('Failed to refresh token', error.message);
-        return false;
-    }
-}
-// Logout
-export async function logout() {
-    startSpinner('Clearing credentials...');
-    try {
-        await SecureTokenStore.clearTokens();
-        stopSpinner(true, 'Logged out');
-        printSuccess('Successfully logged out');
-    }
-    catch (error) {
-        stopSpinner(false, 'Logout failed');
-        printError('Failed to clear credentials', error.message);
-    }
-}
-// Auth Status
-export async function getAuthStatus() {
-    const token = await SecureTokenStore.getAccessToken();
-    if (!token) {
-        return { authenticated: false };
-    }
-    try {
-        const response = await fetch('https://api.delta.dev/auth/me', {
-            headers: {
-                'Authorization': `Bearer ${token}`,
-            },
-        });
-        if (!response.ok) {
-            // Try to refresh token
-            const refreshed = await refreshAccessToken();
-            if (!refreshed) {
-                return { authenticated: false };
-            }
-            // Retry with new token
-            const newToken = await SecureTokenStore.getAccessToken();
-            const retryResponse = await fetch('https://api.delta.dev/auth/me', {
-                headers: {
-                    'Authorization': `Bearer ${newToken}`,
-                },
-            });
-            if (!retryResponse.ok) {
-                return { authenticated: false };
-            }
-            const userData = await retryResponse.json();
-            return {
-                authenticated: true,
-                user: userData,
-            };
-        }
-        const userData = await response.json();
-        return {
-            authenticated: true,
-            user: userData,
-        };
-    }
-    catch {
-        return { authenticated: false };
-    }
-}
-//# sourceMappingURL=secure-auth.js.map