npm - @vertaaux/cli - Versions diffs - 0.3.3 → 0.5.0 - Mend

@vertaaux/cli 0.3.3 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (227) hide show

package/CHANGELOG.md +97 -0
package/MIGRATION.md +239 -0
package/README.md +34 -16
package/dist/app/interactive-app.d.ts +101 -0
package/dist/app/interactive-app.d.ts.map +1 -0
package/dist/app/interactive-app.js +309 -0
package/dist/app/layout/canvas.d.ts +23 -0
package/dist/app/layout/canvas.d.ts.map +1 -0
package/dist/app/layout/canvas.js +36 -0
package/dist/app/layout/footer.d.ts +31 -0
package/dist/app/layout/footer.d.ts.map +1 -0
package/dist/app/layout/footer.js +41 -0
package/dist/app/layout/header.d.ts +20 -0
package/dist/app/layout/header.d.ts.map +1 -0
package/dist/app/layout/header.js +27 -0
package/dist/app/menu/categories.d.ts +20 -0
package/dist/app/menu/categories.d.ts.map +1 -0
package/dist/app/menu/categories.js +181 -0
package/dist/app/menu/filter.d.ts +17 -0
package/dist/app/menu/filter.d.ts.map +1 -0
package/dist/app/menu/filter.js +33 -0
package/dist/app/menu/menu-view.d.ts +35 -0
package/dist/app/menu/menu-view.d.ts.map +1 -0
package/dist/app/menu/menu-view.js +230 -0
package/dist/app/menu/recent.d.ts +24 -0
package/dist/app/menu/recent.d.ts.map +1 -0
package/dist/app/menu/recent.js +49 -0
package/dist/app/types.d.ts +43 -0
package/dist/app/types.d.ts.map +1 -0
package/dist/app/types.js +7 -0
package/dist/app/views/command-runner.d.ts +36 -0
package/dist/app/views/command-runner.d.ts.map +1 -0
package/dist/app/views/command-runner.js +372 -0
package/dist/app/views/help-overlay.d.ts +21 -0
package/dist/app/views/help-overlay.d.ts.map +1 -0
package/dist/app/views/help-overlay.js +45 -0
package/dist/auth/ci-token.d.ts +14 -2
package/dist/auth/ci-token.d.ts.map +1 -1
package/dist/auth/ci-token.js +15 -30
package/dist/auth/device-flow.d.ts +2 -1
package/dist/auth/device-flow.d.ts.map +1 -1
package/dist/auth/device-flow.js +13 -10
package/dist/auth/token-store.d.ts.map +1 -1
package/dist/auth/token-store.js +12 -2
package/dist/baseline/diff.d.ts +2 -2
package/dist/baseline/diff.d.ts.map +1 -1
package/dist/baseline/diff.js +15 -34
package/dist/commands/a11y.d.ts +9 -0
package/dist/commands/a11y.d.ts.map +1 -0
package/dist/commands/a11y.js +76 -0
package/dist/commands/audit/artifacts.d.ts +27 -0
package/dist/commands/audit/artifacts.d.ts.map +1 -0
package/dist/commands/audit/artifacts.js +158 -0
package/dist/commands/audit/ci-detection.d.ts +18 -0
package/dist/commands/audit/ci-detection.d.ts.map +1 -0
package/dist/commands/audit/ci-detection.js +71 -0
package/dist/commands/audit/explain.d.ts +11 -0
package/dist/commands/audit/explain.d.ts.map +1 -0
package/dist/commands/audit/explain.js +45 -0
package/dist/commands/audit/filters.d.ts +17 -0
package/dist/commands/audit/filters.d.ts.map +1 -0
package/dist/commands/audit/filters.js +40 -0
package/dist/commands/audit/index.d.ts +18 -0
package/dist/commands/audit/index.d.ts.map +1 -0
package/dist/commands/audit/index.js +564 -0
package/dist/commands/audit/output.d.ts +32 -0
package/dist/commands/audit/output.d.ts.map +1 -0
package/dist/commands/audit/output.js +130 -0
package/dist/commands/audit/policy.d.ts +19 -0
package/dist/commands/audit/policy.d.ts.map +1 -0
package/dist/commands/audit/policy.js +102 -0
package/dist/commands/audit/scoring.d.ts +23 -0
package/dist/commands/audit/scoring.d.ts.map +1 -0
package/dist/commands/audit/scoring.js +70 -0
package/dist/commands/audit/types.d.ts +88 -0
package/dist/commands/audit/types.d.ts.map +1 -0
package/dist/commands/audit/types.js +8 -0
package/dist/commands/audit.d.ts +2 -60
package/dist/commands/audit.d.ts.map +1 -1
package/dist/commands/audit.js +2 -1038
package/dist/commands/baseline.d.ts +1 -0
package/dist/commands/baseline.d.ts.map +1 -1
package/dist/commands/baseline.js +205 -121
package/dist/commands/comment.d.ts +22 -0
package/dist/commands/comment.d.ts.map +1 -1
package/dist/commands/comment.js +122 -58
package/dist/commands/compare.d.ts +17 -0
package/dist/commands/compare.d.ts.map +1 -1
package/dist/commands/compare.js +287 -180
package/dist/commands/diff.d.ts +5 -0
package/dist/commands/diff.d.ts.map +1 -1
package/dist/commands/diff.js +168 -141
package/dist/commands/doc.d.ts +10 -0
package/dist/commands/doc.d.ts.map +1 -1
package/dist/commands/doc.js +134 -76
package/dist/commands/doctor.d.ts +2 -0
package/dist/commands/doctor.d.ts.map +1 -1
package/dist/commands/doctor.js +164 -17
package/dist/commands/download.d.ts +10 -0
package/dist/commands/download.d.ts.map +1 -1
package/dist/commands/download.js +169 -112
package/dist/commands/explain.d.ts +5 -0
package/dist/commands/explain.d.ts.map +1 -1
package/dist/commands/explain.js +241 -155
package/dist/commands/fix-all.d.ts +25 -0
package/dist/commands/fix-all.d.ts.map +1 -0
package/dist/commands/fix-all.js +206 -0
package/dist/commands/fix-plan.d.ts +9 -0
package/dist/commands/fix-plan.d.ts.map +1 -1
package/dist/commands/fix-plan.js +152 -89
package/dist/commands/fix.d.ts +17 -0
package/dist/commands/fix.d.ts.map +1 -0
package/dist/commands/fix.js +111 -0
package/dist/commands/init.d.ts +11 -0
package/dist/commands/init.d.ts.map +1 -1
package/dist/commands/init.js +94 -42
package/dist/commands/login.d.ts +18 -0
package/dist/commands/login.d.ts.map +1 -1
package/dist/commands/login.js +268 -95
package/dist/commands/patch-review.d.ts +11 -0
package/dist/commands/patch-review.d.ts.map +1 -1
package/dist/commands/patch-review.js +159 -97
package/dist/commands/policy.d.ts +31 -0
package/dist/commands/policy.d.ts.map +1 -1
package/dist/commands/policy.js +269 -124
package/dist/commands/release-notes.d.ts +10 -0
package/dist/commands/release-notes.d.ts.map +1 -1
package/dist/commands/release-notes.js +127 -73
package/dist/commands/scan.d.ts +13 -0
package/dist/commands/scan.d.ts.map +1 -0
package/dist/commands/scan.js +133 -0
package/dist/commands/status.d.ts +9 -0
package/dist/commands/status.d.ts.map +1 -0
package/dist/commands/status.js +81 -0
package/dist/commands/suggest.d.ts +10 -0
package/dist/commands/suggest.d.ts.map +1 -1
package/dist/commands/suggest.js +153 -82
package/dist/commands/triage.d.ts +35 -0
package/dist/commands/triage.d.ts.map +1 -1
package/dist/commands/triage.js +206 -81
package/dist/commands/upload.d.ts +9 -0
package/dist/commands/upload.d.ts.map +1 -1
package/dist/commands/upload.js +140 -101
package/dist/commands/verify.d.ts +13 -0
package/dist/commands/verify.d.ts.map +1 -0
package/dist/commands/verify.js +118 -0
package/dist/index.d.ts +3 -2
package/dist/index.d.ts.map +1 -1
package/dist/index.js +125 -990
package/dist/interactive/fix-wizard.d.ts +3 -0
package/dist/interactive/fix-wizard.d.ts.map +1 -1
package/dist/interactive/fix-wizard.js +130 -112
package/dist/interactive/init-wizard.d.ts +3 -1
package/dist/interactive/init-wizard.d.ts.map +1 -1
package/dist/interactive/init-wizard.js +207 -138
package/dist/interactive/prompts.d.ts +7 -3
package/dist/interactive/prompts.d.ts.map +1 -1
package/dist/interactive/prompts.js +44 -23
package/dist/output/envelope.d.ts +2 -0
package/dist/output/envelope.d.ts.map +1 -1
package/dist/output/envelope.js +18 -2
package/dist/output/factory.d.ts +9 -1
package/dist/output/factory.d.ts.map +1 -1
package/dist/output/html.d.ts +2 -1
package/dist/output/html.d.ts.map +1 -1
package/dist/output/html.js +3 -2
package/dist/output/human.d.ts +9 -1
package/dist/output/human.d.ts.map +1 -1
package/dist/output/human.js +17 -2
package/dist/output/json.d.ts +2 -1
package/dist/output/json.d.ts.map +1 -1
package/dist/output/junit.d.ts +2 -1
package/dist/output/junit.d.ts.map +1 -1
package/dist/output/sarif.d.ts +2 -1
package/dist/output/sarif.d.ts.map +1 -1
package/dist/types.d.ts +74 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +5 -0
package/dist/ui/banner.d.ts +34 -0
package/dist/ui/banner.d.ts.map +1 -1
package/dist/ui/banner.js +97 -5
package/dist/ui/diagnostics.d.ts +9 -4
package/dist/ui/diagnostics.d.ts.map +1 -1
package/dist/ui/diagnostics.js +32 -82
package/dist/ui/strings.d.ts +373 -0
package/dist/ui/strings.d.ts.map +1 -0
package/dist/ui/strings.js +499 -0
package/dist/ui/table.d.ts +0 -2
package/dist/ui/table.d.ts.map +1 -1
package/dist/ui/table.js +3 -4
package/dist/utils/api-client.d.ts +46 -0
package/dist/utils/api-client.d.ts.map +1 -0
package/dist/utils/api-client.js +170 -0
package/dist/utils/client.d.ts +29 -18
package/dist/utils/client.d.ts.map +1 -1
package/dist/utils/client.js +102 -12
package/dist/utils/formatters.d.ts +38 -0
package/dist/utils/formatters.d.ts.map +1 -0
package/dist/utils/formatters.js +277 -0
package/dist/utils/local-capture.d.ts +25 -0
package/dist/utils/local-capture.d.ts.map +1 -0
package/dist/utils/local-capture.js +57 -0
package/dist/utils/url-classify.d.ts +18 -0
package/dist/utils/url-classify.d.ts.map +1 -0
package/dist/utils/url-classify.js +106 -0
package/node_modules/@vertaaux/tui/dist/index.cjs +713 -20
package/node_modules/@vertaaux/tui/dist/index.cjs.map +1 -1
package/node_modules/@vertaaux/tui/dist/index.d.cts +361 -4
package/node_modules/@vertaaux/tui/dist/index.d.ts +361 -4
package/node_modules/@vertaaux/tui/dist/index.js +689 -21
package/node_modules/@vertaaux/tui/dist/index.js.map +1 -1
package/package.json +13 -5
package/dist/commands/client.d.ts +0 -14
package/dist/commands/client.d.ts.map +0 -1
package/dist/commands/client.js +0 -362
package/dist/commands/drift.d.ts +0 -15
package/dist/commands/drift.d.ts.map +0 -1
package/dist/commands/drift.js +0 -309
package/dist/commands/protect.d.ts +0 -16
package/dist/commands/protect.d.ts.map +0 -1
package/dist/commands/protect.js +0 -323
package/dist/commands/report.d.ts +0 -15
package/dist/commands/report.d.ts.map +0 -1
package/dist/commands/report.js +0 -214
package/dist/policy/sync.d.ts +0 -67
package/dist/policy/sync.d.ts.map +0 -1
package/dist/policy/sync.js +0 -147

package/dist/commands/doctor.js CHANGED Viewed

@@ -5,7 +5,7 @@
  * Reports pass/fail with actionable remediation instructions.
  * Never crashes -- all checks are wrapped in try/catch.
  */
-import chalk from "chalk";
+import { bold, dim, colorize, brand, severity as severityPalette, runSteps, createRenderer, renderWarning, isCI, isTTY } from "@vertaaux/tui";
 import { createRequire } from "module";
 import { resolveConfig } from "../config/loader.js";
 import { ConfigValidationError, ConfigLoadError } from "../config/loader.js";
@@ -16,6 +16,7 @@ import { ExitCode } from "../utils/exit-codes.js";
 import { writeJsonOutput, writeOutput } from "../output/envelope.js";
 import { COMMAND_FORMATS } from "../output/formats.js";
 import { getVersion } from "../ui/banner.js";
+import { strings } from "../ui/strings.js";
 const require = createRequire(import.meta.url);
 // ---------------------------------------------------------------------------
 // Individual health checks
@@ -249,51 +250,194 @@ export function checkOutputContracts(deep) {
 // ---------------------------------------------------------------------------
 export function formatDoctorHuman(result) {
     const statusIcons = {
-        pass: chalk.green("PASS"),
-        fail: chalk.red("FAIL"),
-        warn: chalk.yellow("WARN"),
-        skip: chalk.dim("SKIP"),
+        pass: colorize("PASS", brand.lime),
+        fail: colorize("FAIL", severityPalette.error),
+        warn: colorize("WARN", severityPalette.warning),
+        skip: dim("SKIP"),
     };
     const lines = [];
     const version = getVersion();
-    lines.push(chalk.bold(`VertaaUX Doctor`) + chalk.dim(` v${version}`));
+    lines.push(bold(strings.doctor.title(version)));
     lines.push("");
     for (const check of result.checks) {
         lines.push(`  ${statusIcons[check.status]}  ${check.name}: ${check.message}`);
         if (check.remediation) {
-            lines.push(`        ${chalk.cyan("Fix:")} ${check.remediation}`);
+            lines.push(`        ${colorize(strings.doctor.checks.fix, brand.cyan)} ${check.remediation}`);
         }
         if (check.detail) {
-            lines.push(`        ${chalk.dim(check.detail)}`);
+            lines.push(`        ${dim(check.detail)}`);
         }
     }
     lines.push("");
     const { pass, fail, warn } = result.summary;
     if (fail > 0) {
-        lines.push(chalk.red(`${fail} check(s) failed.`) +
+        lines.push(colorize(strings.doctor.results.withFailures(fail, pass + fail + warn), severityPalette.error) +
             " Run the suggested fix commands above.");
     }
     else if (warn > 0) {
-        lines.push(chalk.yellow(`All checks passed (${warn} warning(s)).`));
+        lines.push(colorize(strings.doctor.results.withWarnings(warn), severityPalette.warning));
     }
     else {
-        lines.push(chalk.green(`All ${pass} checks passed.`));
+        lines.push(colorize(strings.doctor.results.allPassed(pass), brand.lime));
     }
     return lines.join("\n");
 }
 // ---------------------------------------------------------------------------
+// Step failure mode diagnostic
+// ---------------------------------------------------------------------------
+/**
+ * Build a DoctorCheck describing the current step failure mode and how to override it.
+ * This is always informational (status: "pass").
+ */
+function buildStepFailureModeDiagnostic(strict, continueOnError) {
+    let detectedMode;
+    let overrideHint;
+    if (strict) {
+        detectedMode = "fail-fast (--strict flag)";
+        overrideHint = "Use --continue-on-error to continue on step errors";
+    }
+    else if (continueOnError) {
+        detectedMode = "continue (--continue-on-error flag)";
+        overrideHint = "Use --strict to fail immediately on first step error";
+    }
+    else if (isCI()) {
+        detectedMode = "fail-fast (CI detected)";
+        overrideHint = "Use --continue-on-error to get partial results in CI";
+    }
+    else if (isTTY()) {
+        detectedMode = "continue (interactive TTY)";
+        overrideHint = "Use --strict to fail-fast in interactive mode";
+    }
+    else {
+        detectedMode = "fail-fast (non-TTY)";
+        overrideHint = "Use --continue-on-error to get partial results";
+    }
+    return {
+        name: "Step failure mode",
+        status: "pass",
+        message: detectedMode,
+        detail: `Override: ${overrideHint}. Use --strict to fail-fast in interactive mode, --continue-on-error for partial results in CI`,
+    };
+}
+// ---------------------------------------------------------------------------
 // Command handler
 // ---------------------------------------------------------------------------
 export async function handleDoctor(options) {
     const format = options.format || "human";
     const online = options.online || false;
     const deep = options.deep || false;
+    // Resolve fail-fast mode: --strict > --continue-on-error > auto-detect
+    let failFast;
+    if (options.strict && options.continueOnError) {
+        writeOutput(renderWarning({ message: "--strict and --continue-on-error both set — --strict takes precedence" }));
+        failFast = true;
+    }
+    else if (options.strict) {
+        failFast = true;
+    }
+    else if (options.continueOnError) {
+        failFast = false;
+    }
+    else {
+        failFast = isCI() || !isTTY();
+    }
     const checks = [];
-    // Run checks in dependency order
-    checks.push(await checkConfig());
-    checks.push(await checkAuth(online));
-    checks.push(await checkNetwork());
-    checks.push(checkOutputContracts(deep));
+    const checkResults = [];
+    const renderer = createRenderer("auto");
+    const baseState = {
+        phase: "doctor",
+        phaseIndex: 1,
+        phaseTotal: 4,
+        url: "",
+        mode: "doctor",
+        progress: {},
+        totals: {},
+        issueCount: 0,
+        scorePreview: null,
+        verbose: false,
+        elapsed: 0,
+    };
+    // Define doctor check steps with 1:1 mapping to check functions
+    const steps = [
+        {
+            id: "config",
+            actionText: "Checking configuration...",
+            summaryText: "Configuration checked",
+            run: async () => {
+                const result = await checkConfig();
+                checkResults.push(result);
+                if (result.status === "fail") {
+                    throw new Error(result.message);
+                }
+            },
+        },
+        {
+            id: "auth",
+            actionText: "Checking authentication...",
+            summaryText: "Authentication checked",
+            run: async () => {
+                const result = await checkAuth(online);
+                checkResults.push(result);
+                if (result.status === "fail") {
+                    throw new Error(result.message);
+                }
+            },
+        },
+        {
+            id: "network",
+            actionText: "Checking network connectivity...",
+            summaryText: "Network checked",
+            run: async () => {
+                const result = await checkNetwork();
+                checkResults.push(result);
+                if (result.status === "fail") {
+                    throw new Error(result.message);
+                }
+            },
+        },
+        {
+            id: "contracts",
+            actionText: "Checking output contracts...",
+            summaryText: "Output contracts checked",
+            run: async () => {
+                const result = checkOutputContracts(deep);
+                checkResults.push(result);
+                if (result.status === "fail") {
+                    throw new Error(result.message);
+                }
+            },
+        },
+    ];
+    const startTime = Date.now();
+    await runSteps(steps, {
+        failFast,
+        onStateChange: (stepStates) => {
+            renderer.update({ ...baseState, stepStates, elapsed: Date.now() - startTime });
+        },
+    });
+    renderer.finish({
+        url: "",
+        mode: "doctor",
+        overallScore: 0,
+        scores: {},
+        issueCount: 0,
+        passed: true,
+        elapsed: Date.now() - startTime,
+    });
+    // Collect checks: use results captured during runSteps for ran steps.
+    // For steps skipped by fail-fast, create a skip placeholder.
+    const ranNames = new Set(checkResults.map((c) => c.name));
+    const checkNames = ["Configuration", "Authentication", "Network", "Output Contracts"];
+    for (const name of checkNames) {
+        if (ranNames.has(name)) {
+            checks.push(checkResults.find((c) => c.name === name));
+        }
+        else {
+            checks.push({ name, status: "skip", message: "Skipped due to earlier failure" });
+        }
+    }
+    // Add step failure mode diagnostic (always informational, always passes)
+    checks.push(buildStepFailureModeDiagnostic(options.strict, options.continueOnError));
     // Build summary
     const summary = { pass: 0, fail: 0, warn: 0, skip: 0 };
     for (const check of checks) {
@@ -325,12 +469,15 @@ export function registerDoctorCommand(program) {
         .option("--online", "Verify auth credentials against API (default: offline check)")
         .option("--deep", "Run output contract self-tests")
         .option("--format <format>", "Output format: human, json", "human")
+        .option("--strict", "Fail immediately on first check failure")
+        .option("--continue-on-error", "Continue running checks even after failures")
         .action(async (options) => {
         try {
             await handleDoctor(options);
         }
         catch (error) {
-            // Doctor must NEVER crash -- fallback error reporting
+            // Doctor must NEVER crash — raw fallback to avoid renderError() recursion
+            // eslint-disable-next-line no-restricted-syntax
             process.stderr.write(`Error: ${error instanceof Error ? error.message : String(error)}\n`);
             process.exit(ExitCode.ERROR);
         }

package/dist/commands/download.d.ts CHANGED Viewed

@@ -5,6 +5,16 @@
  * Enables pulling results from CI runs or shared audits.
  */
 import { Command } from "commander";
+/**
+ * Handle the download command.
+ */
+export declare function handleDownload(jobId: string, options: {
+    baseline?: boolean;
+    output?: string;
+    base?: string;
+    force?: boolean;
+    configPath?: string;
+}): Promise<void>;
 /**
  * Register the download command with the Commander program.
  */

package/dist/commands/download.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"download.d.ts","sourceRoot":"","sources":["../../src/commands/download.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;~~AAuNpC~~;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,~~CAkB9D~~"}
1	+ {"version":3,"file":"download.d.ts","sourceRoot":"","sources":["../../src/commands/download.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAqDpC;;GAEG;AACH,wBAAsB,cAAc,CAClC,KAAK,EAAE,MAAM,EACb,OAAO,EAAE;IACP,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB,GACA,OAAO,CAAC,IAAI,CAAC,CAgNf;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CA6B9D"}

package/dist/commands/download.js CHANGED Viewed

@@ -6,16 +6,17 @@
  */
 import fs from "fs";
 import path from "path";
-import chalk from "chalk";
-import { createSpinner, succeedSpinner, failSpinner, warnSpinner, infoSpinner } from "../ui/spinner.js";
+import { renderError, runSteps, createRenderer } from "@vertaaux/tui";
 import { loadToken } from "../auth/token-store.js";
 import { getCIToken } from "../auth/ci-token.js";
-import { resolveApiBase } from "../utils/client.js";
+import { apiRequest, resolveApiBase } from "../utils/client.js";
 import { resolveConfig } from "../config/loader.js";
 import { saveBaseline } from "../baseline/manager.js";
 import { isInteractive, confirmAction } from "../interactive/prompts.js";
 import { ExitCode } from "../utils/exit-codes.js";
 import { assertPathContainment } from "../utils/sanitize.js";
+import { writeOutput } from "../output/envelope.js";
+import { strings } from "../ui/strings.js";
 /**
  * Default output directory.
  */
@@ -35,135 +36,181 @@ async function getAuthToken() {
 /**
  * Handle the download command.
  */
-async function handleDownload(jobId, options) {
+export async function handleDownload(jobId, options) {
     // Get auth token
     const token = await getAuthToken();
     if (!token) {
-        console.error(chalk.red("Error: Not authenticated."));
-        console.error("Run `vertaa login` to authenticate or set VERTAAUX_TOKEN environment variable.");
+        process.stderr.write(renderError({
+            message: strings.download.errors.notAuthenticated,
+            suggestion: "vertaa login",
+            exitCode: ExitCode.ERROR,
+        }) + "\n");
         process.exit(ExitCode.ERROR);
     }
     // Load config for API base (supports --config global option)
-    const config = await resolveConfig(options.configPath);
+    await resolveConfig(options.configPath);
     const apiBase = resolveApiBase(options.base);
     const outputDir = options.output || DEFAULT_OUTPUT_DIR;
-    const spinner = createSpinner(`Downloading audit ${jobId}...`);
-    spinner.start();
-    try {
-        // Build request URL
-        let url = `${apiBase}/sync/download/${jobId}`;
-        if (options.baseline) {
-            url += "?include_baseline=true";
-        }
-        // Make API request
-        const response = await fetch(url, {
-            method: "GET",
-            headers: {
-                "Content-Type": "application/json",
-                "X-API-Key": token,
+    const renderer = createRenderer("auto");
+    const baseState = {
+        phase: "download",
+        phaseIndex: 1,
+        phaseTotal: 1,
+        url: "",
+        mode: "download",
+        progress: {},
+        totals: {},
+        issueCount: 0,
+        scorePreview: null,
+        verbose: false,
+        elapsed: 0,
+    };
+    const startTime = Date.now();
+    // Use a container so TypeScript can track the value across step closures
+    const ctx = {
+        downloadResult: null,
+        resolvedOutputDir: "",
+        skippedFiles: [],
+    };
+    const steps = [
+        {
+            id: "fetch",
+            actionText: strings.download.run.action,
+            summaryText: "Audit data retrieved",
+            run: async () => {
+                // Make API request via apiRequest() — auth header constructed in client.ts only
+                const downloadPath = `/sync/download/${jobId}${options.baseline ? "?include_baseline=true" : ""}`;
+                const result = await apiRequest(apiBase, downloadPath, { method: "GET" }, token);
+                if (!result.success) {
+                    throw new Error(result.error?.message || "Download failed");
+                }
+                ctx.downloadResult = result;
             },
-        });
-        if (!response.ok) {
-            const error = await response.json().catch(() => ({ error: { message: response.statusText } }));
-            throw new Error(error.error?.message || `HTTP ${response.status}`);
-        }
-        const result = (await response.json());
-        if (!result.success) {
-            throw new Error(result.error?.message || "Download failed");
-        }
-        // Create output directory
-        const resolvedOutputDir = path.resolve(process.cwd(), outputDir);
-        if (!fs.existsSync(resolvedOutputDir)) {
-            fs.mkdirSync(resolvedOutputDir, { recursive: true });
-        }
-        // Save audit results
-        if (result.audit) {
-            const auditPath = path.join(resolvedOutputDir, `audit-${jobId}.json`);
-            // Check for existing file
-            if (fs.existsSync(auditPath) && !options.force) {
-                if (isInteractive()) {
-                    const overwrite = await confirmAction(`File ${auditPath} already exists. Overwrite?`, false);
-                    if (!overwrite) {
-                        infoSpinner(spinner, "Skipping audit results (file exists).");
+        },
+        {
+            id: "save",
+            actionText: "Writing to file...",
+            summaryText: "File saved",
+            run: async () => {
+                const dlResult = ctx.downloadResult;
+                if (!dlResult)
+                    throw new Error("No download result");
+                // Create output directory
+                ctx.resolvedOutputDir = path.resolve(process.cwd(), outputDir);
+                if (!fs.existsSync(ctx.resolvedOutputDir)) {
+                    fs.mkdirSync(ctx.resolvedOutputDir, { recursive: true });
+                }
+                // Save audit results
+                if (dlResult.audit) {
+                    const auditPath = path.join(ctx.resolvedOutputDir, `audit-${jobId}.json`);
+                    // Check for existing file
+                    if (fs.existsSync(auditPath) && !options.force) {
+                        if (isInteractive()) {
+                            const overwrite = await confirmAction(`File ${auditPath} already exists. Overwrite?`, false);
+                            if (!overwrite) {
+                                ctx.skippedFiles.push("audit results");
+                            }
+                            else {
+                                fs.writeFileSync(auditPath, JSON.stringify(dlResult.audit, null, 2), "utf-8");
+                            }
+                        }
+                        else {
+                            ctx.skippedFiles.push("audit results (non-interactive)");
+                        }
                     }
                     else {
-                        fs.writeFileSync(auditPath, JSON.stringify(result.audit, null, 2), "utf-8");
+                        fs.writeFileSync(auditPath, JSON.stringify(dlResult.audit, null, 2), "utf-8");
                     }
                 }
-                else {
-                    warnSpinner(spinner, `Skipping ${auditPath} (already exists, use --force to overwrite)`);
-                }
-            }
-            else {
-                fs.writeFileSync(auditPath, JSON.stringify(result.audit, null, 2), "utf-8");
-            }
-        }
-        // Save baseline if included
-        if (options.baseline && result.baseline) {
-            const baselinePath = path.join(resolvedOutputDir, "baseline.json");
-            // Check for existing baseline
-            if (fs.existsSync(baselinePath) && !options.force) {
-                if (isInteractive()) {
-                    const overwrite = await confirmAction(`Baseline file already exists. Overwrite?`, false);
-                    if (!overwrite) {
-                        infoSpinner(spinner, "Skipping baseline (file exists).");
+                // Save baseline if included
+                if (options.baseline && dlResult.baseline) {
+                    const baselinePath = path.join(ctx.resolvedOutputDir, "baseline.json");
+                    // Check for existing baseline
+                    if (fs.existsSync(baselinePath) && !options.force) {
+                        if (isInteractive()) {
+                            const overwrite = await confirmAction(`Baseline file already exists. Overwrite?`, false);
+                            if (!overwrite) {
+                                ctx.skippedFiles.push("baseline");
+                            }
+                            else {
+                                await saveBaseline(dlResult.baseline, baselinePath);
+                            }
+                        }
+                        else {
+                            ctx.skippedFiles.push("baseline (non-interactive)");
+                        }
                     }
                     else {
-                        await saveBaseline(result.baseline, baselinePath);
+                        await saveBaseline(dlResult.baseline, baselinePath);
                     }
                 }
-                else {
-                    warnSpinner(spinner, `Skipping baseline (already exists, use --force to overwrite)`);
-                }
-            }
-            else {
-                await saveBaseline(result.baseline, baselinePath);
-            }
-        }
-        // Save artifacts if included
-        if (result.artifacts) {
-            const artifactsDir = path.join(resolvedOutputDir, "artifacts", jobId);
-            if (!fs.existsSync(artifactsDir)) {
-                fs.mkdirSync(artifactsDir, { recursive: true });
-            }
-            for (const [filename, content] of Object.entries(result.artifacts)) {
-                let filePath;
-                try {
-                    filePath = assertPathContainment(filename, artifactsDir);
-                }
-                catch {
-                    console.error(`Security: Rejected artifact "${filename}" -- path traversal outside output directory.`);
-                    continue;
-                }
-                const ext = path.extname(filename).toLowerCase();
-                const isBinary = [".png", ".jpg", ".jpeg", ".gif", ".zip"].includes(ext);
-                if (isBinary) {
-                    fs.writeFileSync(filePath, Buffer.from(content, "base64"));
-                }
-                else {
-                    fs.writeFileSync(filePath, content, "utf-8");
+                // Save artifacts if included
+                if (dlResult.artifacts) {
+                    const artifactsDir = path.join(ctx.resolvedOutputDir, "artifacts", jobId);
+                    if (!fs.existsSync(artifactsDir)) {
+                        fs.mkdirSync(artifactsDir, { recursive: true });
+                    }
+                    for (const [filename, content] of Object.entries(dlResult.artifacts)) {
+                        let filePath;
+                        try {
+                            filePath = assertPathContainment(filename, artifactsDir);
+                        }
+                        catch {
+                            ctx.skippedFiles.push(`${filename} (path traversal)`);
+                            continue;
+                        }
+                        const ext = path.extname(filename).toLowerCase();
+                        const isBinary = [".png", ".jpg", ".jpeg", ".gif", ".zip"].includes(ext);
+                        if (isBinary) {
+                            fs.writeFileSync(filePath, Buffer.from(content, "base64"));
+                        }
+                        else {
+                            fs.writeFileSync(filePath, content, "utf-8");
+                        }
+                    }
                 }
+            },
+        },
+    ];
+    const { success, states } = await runSteps(steps, {
+        failFast: true,
+        onStateChange: (stepStates) => {
+            renderer.update({ ...baseState, stepStates, elapsed: Date.now() - startTime });
+        },
+    });
+    renderer.finish({ url: "", mode: "download", overallScore: 0, scores: {}, issueCount: 0, passed: success, elapsed: Date.now() - startTime });
+    if (!success) {
+        const failed = states.find(s => s.status === "failed");
+        process.stderr.write(renderError({
+            message: failed?.failReason || "Command failed",
+            suggestion: "vertaa doctor",
+        }) + "\n");
+        process.exitCode = ExitCode.ERROR;
+    }
+    const { downloadResult, resolvedOutputDir, skippedFiles } = ctx;
+    if (downloadResult) {
+        const artifactCount = downloadResult.artifacts ? Object.keys(downloadResult.artifacts).length : (downloadResult.audit ? 1 : 0);
+        const lines = [
+            strings.download.run.done(artifactCount),
+            "",
+            `  Job ID:  ${downloadResult.job_id}`,
+            `  Output:  ${resolvedOutputDir}`,
+        ];
+        if (downloadResult.audit) {
+            lines.push(`  Status:  ${downloadResult.audit.status}`);
+            if (downloadResult.audit.url) {
+                lines.push(`  URL:     ${downloadResult.audit.url}`);
             }
         }
-        succeedSpinner(spinner, "Download complete!");
-        console.error("");
-        console.error(`  Job ID:  ${result.job_id}`);
-        console.error(`  Output:  ${resolvedOutputDir}`);
-        if (result.audit) {
-            console.error(`  Status:  ${result.audit.status}`);
-            if (result.audit.url) {
-                console.error(`  URL:     ${result.audit.url}`);
-            }
+        if (options.baseline && downloadResult.baseline) {
+            lines.push(`  Baseline: ${downloadResult.baseline.issues.length} issues`);
         }
-        if (options.baseline && result.baseline) {
-            console.error(`  Baseline: ${result.baseline.issues.length} issues`);
+        if (skippedFiles.length > 0) {
+            lines.push("");
+            lines.push(`  Skipped: ${skippedFiles.join(", ")}`);
         }
-        console.error("");
-    }
-    catch (error) {
-        failSpinner(spinner, "Download failed");
-        console.error(chalk.red("Error:"), error instanceof Error ? error.message : String(error));
-        process.exit(ExitCode.ERROR);
+        lines.push("");
+        writeOutput(lines.join("\n"));
     }
 }
 /**
@@ -178,7 +225,17 @@ export function registerDownloadCommand(program) {
         .option("-b, --base <url>", "API base URL")
         .option("-f, --force", "Overwrite existing files without prompting")
         .action(async (jobId, options, command) => {
-        const globalOpts = command.optsWithGlobals();
-        await handleDownload(jobId, { ...options, configPath: globalOpts.config });
+        try {
+            const globalOpts = command.optsWithGlobals();
+            await handleDownload(jobId, { ...options, configPath: globalOpts.config });
+        }
+        catch (error) {
+            process.stderr.write(renderError({
+                message: error instanceof Error ? error.message : String(error),
+                suggestion: "vertaa doctor",
+                exitCode: ExitCode.ERROR,
+            }) + "\n");
+            process.exit(ExitCode.ERROR);
+        }
     });
 }

package/dist/commands/explain.d.ts CHANGED Viewed

@@ -34,10 +34,15 @@ export declare function formatEvidenceJson(issue: EvidenceIssue): string;
 /** Exported for reuse in fix-wizard. */
 export declare function explainIssue(issue: EvidenceIssue): string;
 export interface ExplainCommandOptions {
+    findingId?: string;
     job?: string;
     file?: string;
     format?: string;
     base?: string;
+    verbose?: boolean;
+    machine?: boolean;
+    apiKey?: string;
 }
+export declare function handleExplain(opts: ExplainCommandOptions): Promise<void>;
 export declare function registerExplainCommand(program: Command): void;
 //# sourceMappingURL=explain.d.ts.map

package/dist/commands/explain.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"explain.d.ts","sourceRoot":"","sources":["../../src/commands/explain.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;~~AAYpC~~,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;~~AAMjD~~;;GAEG;AACH,MAAM,WAAW,aAAc,SAAQ,KAAK;IAC1C,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAiFD;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,aAAa,GAAG,MAAM,CAyCjE;AAED,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,aAAa,GAAG,MAAM,CAmB/D;AAED,wCAAwC;AACxC,wBAAgB,YAAY,CAAC,KAAK,EAAE,aAAa,GAAG,MAAM,CAEzD;~~AAqRD~~,MAAM,WAAW,qBAAqB;IACpC,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;~~CACf~~;AAED,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,~~CA+C7D~~"}
1	+ {"version":3,"file":"explain.d.ts","sourceRoot":"","sources":["../../src/commands/explain.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAWpC,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAC;AAOjD;;GAEG;AACH,MAAM,WAAW,aAAc,SAAQ,KAAK;IAC1C,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAiFD;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,aAAa,GAAG,MAAM,CAyCjE;AAED,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,aAAa,GAAG,MAAM,CAmB/D;AAED,wCAAwC;AACxC,wBAAgB,YAAY,CAAC,KAAK,EAAE,aAAa,GAAG,MAAM,CAEzD;AAmID,MAAM,WAAW,qBAAqB;IACpC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,wBAAsB,aAAa,CAAC,IAAI,EAAE,qBAAqB,GAAG,OAAO,CAAC,IAAI,CAAC,CAsO9E;AAMD,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAoD7D"}