@vertaaux/cli 0.2.0

package/dist/commands/init.js

@@ -0,0 +1,212 @@
+/**
+ * Init command for VertaaUX CLI.
+ *
+ * Creates project configuration with guided wizard or defaults.
+ * Generates CI templates for popular platforms.
+ */
+import fs from "fs";
+import path from "path";
+import chalk from "chalk";
+import yaml from "yaml";
+import { runInitWizard } from "../interactive/init-wizard.js";
+import { isInteractive } from "../interactive/prompts.js";
+import { ExitCode } from "../utils/exit-codes.js";
+import { parseThreshold, parseFailOn } from "../utils/validators.js";
+import { generateTemplate } from "../templates/index.js";
+/**
+ * Config file path.
+ */
+const CONFIG_FILE = ".vertaaux.yml";
+/**
+ * Baseline directory.
+ */
+const BASELINE_DIR = ".vertaaux";
+// CI templates are now generated via templates/index.ts
+/**
+ * Convert InitConfig to VertaauxConfig YAML format.
+ */
+function configToYaml(config) {
+    const yamlConfig = {
+        // Header comment
+        $schema: "https://vertaaux.ai/schemas/config.json",
+    };
+    // Default URL
+    if (config.defaultUrl) {
+        yamlConfig.defaultUrl = config.defaultUrl;
+    }
+    // Audit mode
+    yamlConfig.mode = config.mode;
+    // Baseline rules section
+    if (config.failOn !== "none") {
+        yamlConfig.failOn = config.failOn;
+    }
+    if (config.threshold > 0) {
+        yamlConfig.threshold = config.threshold;
+    }
+    // Baseline config
+    yamlConfig.baseline = {
+        path: ".vertaaux/baseline.json",
+        autoUpdate: config.autoUpdateBaseline,
+    };
+    // Output config
+    yamlConfig.output = {
+        format: "auto",
+        groupBy: "severity",
+    };
+    // CI config
+    if (config.ciProvider !== "none") {
+        yamlConfig.ci = {
+            template: config.ciProvider,
+        };
+    }
+    // Generate YAML with comments
+    const header = `# VertaaUX Configuration
+# https://vertaaux.ai/docs/cli/configuration
+#
+# Run \`vertaa audit\` to start auditing your site.
+# Run \`vertaa init\` to regenerate this file.
+
+`;
+    return header + yaml.stringify(yamlConfig);
+}
+/**
+ * Generate CI template file using unified template generator.
+ *
+ * @param provider - CI provider type
+ * @param config - Init configuration for workflow customization
+ * @returns Generated template with path, content, and optional instructions
+ */
+function getCITemplate(provider, config) {
+    // Convert CITemplate to CIProvider (same type but import from templates)
+    const ciProvider = provider;
+    return generateTemplate(ciProvider, {
+        auditUrl: config?.defaultUrl,
+        failOn: config?.failOn === "none" ? "none" : (config?.failOn ?? "error"),
+        threshold: config?.threshold ?? 0,
+        uploadSarif: true,
+        uploadArtifacts: true,
+        postComment: true,
+    });
+}
+/**
+ * Write file, creating directories as needed.
+ */
+function writeFile(filePath, content) {
+    const resolvedPath = path.resolve(process.cwd(), filePath);
+    const dir = path.dirname(resolvedPath);
+    if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true });
+    }
+    fs.writeFileSync(resolvedPath, content, "utf-8");
+}
+/**
+ * Check if a file already exists and prompt for overwrite.
+ */
+function checkExisting(filePath) {
+    const resolvedPath = path.resolve(process.cwd(), filePath);
+    return fs.existsSync(resolvedPath);
+}
+/**
+ * Handle the init command.
+ */
+async function handleInit(options) {
+    // Check for existing config
+    if (checkExisting(CONFIG_FILE) && !options.force) {
+        console.error(chalk.yellow(`Configuration file ${CONFIG_FILE} already exists.`));
+        console.error("Use --force to overwrite.");
+        process.exit(ExitCode.ERROR);
+    }
+    let config;
+    // Determine configuration source
+    if (options.yes || !isInteractive()) {
+        // Use defaults
+        config = {
+            mode: "standard",
+            failOn: options.failOn || "error",
+            threshold: options.threshold ?? 0,
+            autoUpdateBaseline: false,
+            ciProvider: options.ci || "none",
+        };
+    }
+    else {
+        // Run interactive wizard
+        try {
+            config = await runInitWizard();
+        }
+        catch (error) {
+            if (error instanceof Error && error.message.includes("cancelled")) {
+                console.error("Initialization cancelled.");
+                process.exit(0);
+            }
+            throw error;
+        }
+    }
+    // Override with explicit flags
+    if (options.ci) {
+        config.ciProvider = options.ci;
+    }
+    if (options.failOn) {
+        config.failOn = options.failOn;
+    }
+    if (options.threshold !== undefined) {
+        config.threshold = options.threshold;
+    }
+    // Create .vertaaux directory
+    const baselineDir = path.resolve(process.cwd(), BASELINE_DIR);
+    if (!fs.existsSync(baselineDir)) {
+        fs.mkdirSync(baselineDir, { recursive: true });
+    }
+    // Write config file
+    const yamlContent = configToYaml(config);
+    writeFile(CONFIG_FILE, yamlContent);
+    console.error(chalk.green(`Created ${CONFIG_FILE}`));
+    // Generate CI template if selected
+    if (config.ciProvider !== "none") {
+        const template = getCITemplate(config.ciProvider, config);
+        if (template) {
+            writeFile(template.path, template.content);
+            console.error(chalk.green(`Created ${template.path}`));
+            // Show instructions if provided by template generator
+            if (template.instructions) {
+                console.error("");
+                console.error(chalk.cyan(`Note: ${template.instructions}`));
+            }
+        }
+    }
+    // Success message
+    console.error("");
+    console.error(chalk.green("VertaaUX initialized successfully!"));
+    console.error("");
+    console.error("Next steps:");
+    console.error(`  1. ${chalk.cyan("vertaa audit")} - Run your first audit`);
+    if (config.ciProvider === "github") {
+        console.error(`  2. Add ${chalk.cyan("VERTAAUX_API_KEY")} to GitHub Secrets`);
+    }
+    else if (config.ciProvider !== "none") {
+        console.error(`  2. Add ${chalk.cyan("VERTAAUX_API_KEY")} to your CI environment`);
+    }
+    console.error(`  3. ${chalk.cyan("vertaa baseline create")} - Create baseline for existing issues`);
+    console.error("");
+}
+/**
+ * Register the init command with the Commander program.
+ */
+export function registerInitCommand(program) {
+    program
+        .command("init")
+        .description("Initialize VertaaUX configuration for your project")
+        .option("-y, --yes", "Skip prompts, use defaults")
+        .option("--ci <provider>", "CI provider: github|gitlab|circleci|azure|jenkins|none")
+        .option("--fail-on <severity>", "Fail CI on severity: error|warning|info (default: error)", parseFailOn)
+        .option("--threshold <score>", "Minimum score threshold (0-100)", parseThreshold)
+        .option("-f, --force", "Overwrite existing configuration")
+        .action(async (options) => {
+        try {
+            await handleInit(options);
+        }
+        catch (error) {
+            console.error(chalk.red("Error:"), error instanceof Error ? error.message : String(error));
+            process.exit(ExitCode.ERROR);
+        }
+    });
+}

package/dist/commands/login.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Authentication commands for VertaaUX CLI.
+ *
+ * Commands:
+ * - vertaa login: Authenticate via device code flow or CI token
+ * - vertaa logout: Clear stored credentials
+ * - vertaa whoami: Show current authentication status
+ */
+import type { Command } from "commander";
+/**
+ * Register authentication commands with the Commander program.
+ */
+export declare function registerLoginCommand(program: Command): void;
+//# sourceMappingURL=login.d.ts.map

package/dist/commands/login.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../src/commands/login.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AA6OzC;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CA+B3D"}

package/dist/commands/login.js

@@ -0,0 +1,222 @@
+/**
+ * Authentication commands for VertaaUX CLI.
+ *
+ * Commands:
+ * - vertaa login: Authenticate via device code flow or CI token
+ * - vertaa logout: Clear stored credentials
+ * - vertaa whoami: Show current authentication status
+ */
+import chalk from "chalk";
+import { saveToken, loadToken, clearToken, isTokenExpired, } from "../auth/token-store.js";
+import { startDeviceFlow } from "../auth/device-flow.js";
+import { validateCIToken, getCIToken, getTokenInfo } from "../auth/ci-token.js";
+import { isInteractive } from "../interactive/prompts.js";
+import { ExitCode } from "../utils/exit-codes.js";
+/**
+ * OAuth client ID for the CLI.
+ * This is a public client ID, not a secret.
+ */
+const CLI_CLIENT_ID = "vertaaux-cli";
+/**
+ * Default API base URL.
+ */
+const DEFAULT_API_BASE = "https://vertaaux.ai/v1";
+/**
+ * Default auth base URL.
+ */
+const DEFAULT_AUTH_BASE = "https://vertaaux.ai";
+/**
+ * Get the auth base URL from environment or default.
+ */
+function getAuthBase() {
+    return process.env.VERTAAUX_AUTH_BASE || DEFAULT_AUTH_BASE;
+}
+/**
+ * Get the API base URL from environment or default.
+ */
+function getApiBase() {
+    return (process.env.VERTAAUX_API_BASE?.replace(/\/$/, "") || DEFAULT_API_BASE);
+}
+/**
+ * Handle the login command.
+ */
+async function handleLogin(options) {
+    // Check for SSO placeholder
+    if (options.sso) {
+        console.error("SSO login is not yet implemented.");
+        console.error("Use --token for CI/API token authentication or omit flags for device code flow.");
+        process.exit(ExitCode.ERROR);
+    }
+    // Option 1: Direct token authentication (CI mode)
+    if (options.token) {
+        console.error("Validating token...");
+        const apiBase = options.base || getApiBase();
+        const isValid = await validateCIToken(options.token, apiBase);
+        if (!isValid) {
+            console.error(chalk.red("Error: Invalid token. Please check your token and try again."));
+            process.exit(ExitCode.ERROR);
+        }
+        // Save the CI token
+        const tokenData = {
+            accessToken: options.token,
+            type: "ci",
+            savedAt: new Date().toISOString(),
+        };
+        await saveToken(tokenData);
+        console.error(chalk.green("Authentication successful!"));
+        console.error("Token saved to ~/.vertaaux/credentials.json");
+        return;
+    }
+    // Option 2: Check for CI token in environment
+    const envToken = getCIToken();
+    if (envToken && !isInteractive()) {
+        console.error("Found token in environment, validating...");
+        const apiBase = options.base || getApiBase();
+        const isValid = await validateCIToken(envToken, apiBase);
+        if (!isValid) {
+            console.error(chalk.red("Error: Environment token is invalid."));
+            process.exit(ExitCode.ERROR);
+        }
+        const tokenData = {
+            accessToken: envToken,
+            type: "ci",
+            savedAt: new Date().toISOString(),
+        };
+        await saveToken(tokenData);
+        console.error(chalk.green("Authentication successful!"));
+        console.error("Token from environment saved to ~/.vertaaux/credentials.json");
+        return;
+    }
+    // Option 3: Interactive device code flow (requires TTY)
+    if (!isInteractive()) {
+        console.error(chalk.red("Error: Interactive login requires a terminal."));
+        console.error("Use --token <token> for non-interactive authentication,");
+        console.error("or set VERTAAUX_TOKEN environment variable.");
+        process.exit(ExitCode.ERROR);
+    }
+    // Start device code flow
+    console.error("Starting authentication...");
+    try {
+        const authBase = options.base ? options.base.replace("/v1", "") : getAuthBase();
+        const result = await startDeviceFlow(CLI_CLIENT_ID, authBase);
+        // Calculate expiration time
+        const expiresAt = new Date(Date.now() + result.expiresIn * 1000).toISOString();
+        // Save token
+        const tokenData = {
+            accessToken: result.accessToken,
+            refreshToken: result.refreshToken,
+            expiresAt,
+            type: "device",
+            savedAt: new Date().toISOString(),
+        };
+        await saveToken(tokenData);
+        console.error(chalk.green("\nAuthentication successful!"));
+        console.error("Token saved to ~/.vertaaux/credentials.json");
+    }
+    catch (error) {
+        console.error(chalk.red("\nError:"), error instanceof Error ? error.message : String(error));
+        process.exit(ExitCode.ERROR);
+    }
+}
+/**
+ * Handle the logout command.
+ */
+async function handleLogout() {
+    const existingToken = await loadToken();
+    if (!existingToken) {
+        console.error("No stored credentials found.");
+        return;
+    }
+    await clearToken();
+    console.error(chalk.green("Logged out successfully."));
+    console.error("Credentials removed from ~/.vertaaux/credentials.json");
+}
+/**
+ * Handle the whoami command.
+ */
+async function handleWhoami(options) {
+    // Check for token in credentials file
+    const storedToken = await loadToken();
+    // Check for token in environment
+    const envToken = getCIToken();
+    if (!storedToken && !envToken) {
+        console.error(chalk.yellow("Not authenticated."));
+        console.error("\nRun `vertaa login` to authenticate.");
+        return;
+    }
+    // Use stored token or env token
+    const token = storedToken?.accessToken || envToken;
+    const tokenSource = storedToken ? "stored" : "environment";
+    if (!token) {
+        console.error(chalk.yellow("Not authenticated."));
+        console.error("\nRun `vertaa login` to authenticate.");
+        return;
+    }
+    // Check expiration for stored device tokens
+    if (storedToken && storedToken.type === "device" && isTokenExpired(storedToken)) {
+        console.error(chalk.yellow("Token expired."));
+        console.error("\nRun `vertaa login` to re-authenticate.");
+        return;
+    }
+    // Get token info from API
+    const apiBase = options.base || getApiBase();
+    const info = await getTokenInfo(token, apiBase);
+    if (!info || !info.valid) {
+        console.error(chalk.yellow("Token invalid or expired."));
+        console.error("\nRun `vertaa login` to re-authenticate.");
+        return;
+    }
+    // Display auth status
+    console.error(chalk.green("Authenticated"));
+    console.error("");
+    console.error(`  Source: ${tokenSource}`);
+    console.error(`  Type: ${storedToken?.type || "ci"}`);
+    if (info.organization) {
+        console.error(`  Organization: ${info.organization}`);
+    }
+    if (info.user_id) {
+        console.error(`  User ID: ${info.user_id}`);
+    }
+    if (info.scopes && info.scopes.length > 0) {
+        console.error(`  Scopes: ${info.scopes.join(", ")}`);
+    }
+    if (storedToken?.expiresAt) {
+        const expiresAt = new Date(storedToken.expiresAt);
+        const now = new Date();
+        const diffMs = expiresAt.getTime() - now.getTime();
+        const diffHours = Math.round(diffMs / (1000 * 60 * 60));
+        if (diffHours > 0) {
+            console.error(`  Expires: in ${diffHours} hour${diffHours === 1 ? "" : "s"}`);
+        }
+    }
+}
+/**
+ * Register authentication commands with the Commander program.
+ */
+export function registerLoginCommand(program) {
+    // Login command
+    program
+        .command("login")
+        .description("Authenticate with VertaaUX")
+        .option("--token <token>", "Use API token directly (for CI/non-interactive use)")
+        .option("--sso", "Use SSO login (not yet implemented)")
+        .option("-b, --base <url>", "API base URL")
+        .action(async (options) => {
+        await handleLogin(options);
+    });
+    // Logout command
+    program
+        .command("logout")
+        .description("Clear stored credentials")
+        .action(async () => {
+        await handleLogout();
+    });
+    // Whoami command
+    program
+        .command("whoami")
+        .description("Show current authentication status")
+        .option("-b, --base <url>", "API base URL")
+        .action(async (options) => {
+        await handleWhoami(options);
+    });
+}

package/dist/commands/policy.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Policy management commands for VertaaUX CLI.
+ *
+ * Provides commands to initialize, validate, and display policy files.
+ *
+ * Implements CICD-17: Policy-as-code support.
+ */
+import { Command } from "commander";
+/**
+ * Register the policy command with the Commander program.
+ */
+export declare function registerPolicyCommand(program: Command): void;
+//# sourceMappingURL=policy.d.ts.map

package/dist/commands/policy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy.d.ts","sourceRoot":"","sources":["../../src/commands/policy.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAuWpC;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CA8E5D"}