npm - @vibecheckai/cli - Versions diffs - 2.5.6 → 2.7.0 - Mend

@vibecheckai/cli 2.5.6 → 2.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (159) hide show

package/LICENSE +1 -1
package/dist/bundles/vibecheck-core.js +20 -20
package/dist/commands/secrets-allowlist.js +4 -4
package/dist/commands/secrets-allowlist.js.map +1 -1
package/dist/commands/ship-consolidated.js +193 -193
package/dist/index.d.ts.map +1 -1
package/dist/index.js +103 -17
package/dist/index.js.map +1 -1
package/dist/init/ci-generator.d.ts +2 -2
package/dist/init/hooks-installer.d.ts +2 -2
package/dist/init/index.d.ts +1 -1
package/dist/init/index.d.ts.map +1 -1
package/dist/init/index.js +2 -2
package/dist/init/index.js.map +1 -1
package/dist/init/templates.d.ts +6 -285
package/dist/init/templates.d.ts.map +1 -1
package/dist/init/templates.js +2 -3
package/dist/init/templates.js.map +1 -1
package/dist/runtime/json-output.d.ts +2 -2
package/package.json +11 -3
package/dist/bundles/guardrail-core.js +0 -25799
package/dist/bundles/guardrail-security.js +0 -208687
package/dist/bundles/guardrail-ship.js +0 -2318
package/dist/commands/autopilot-decision.d.ts +0 -24
package/dist/commands/autopilot-decision.d.ts.map +0 -1
package/dist/commands/autopilot-decision.js +0 -304
package/dist/commands/autopilot-decision.js.map +0 -1
package/dist/commands/autopilot.d.ts +0 -33
package/dist/commands/autopilot.d.ts.map +0 -1
package/dist/commands/autopilot.js +0 -1539
package/dist/commands/autopilot.js.map +0 -1
package/dist/commands/context.d.ts +0 -8
package/dist/commands/context.d.ts.map +0 -1
package/dist/commands/context.js +0 -340
package/dist/commands/context.js.map +0 -1
package/dist/commands/debug.d.ts +0 -78
package/dist/commands/debug.d.ts.map +0 -1
package/dist/commands/debug.js +0 -381
package/dist/commands/debug.js.map +0 -1
package/dist/commands/preview.d.ts +0 -54
package/dist/commands/preview.d.ts.map +0 -1
package/dist/commands/preview.js +0 -352
package/dist/commands/preview.js.map +0 -1
package/dist/commands/quality/check.d.ts +0 -31
package/dist/commands/quality/check.d.ts.map +0 -1
package/dist/commands/quality/check.js +0 -242
package/dist/commands/quality/check.js.map +0 -1
package/dist/commands/quality/index.d.ts +0 -8
package/dist/commands/quality/index.d.ts.map +0 -1
package/dist/commands/quality/index.js +0 -14
package/dist/commands/quality/index.js.map +0 -1
package/dist/commands/quality/setup-quality.d.ts +0 -23
package/dist/commands/quality/setup-quality.d.ts.map +0 -1
package/dist/commands/quality/setup-quality.js +0 -452
package/dist/commands/quality/setup-quality.js.map +0 -1
package/dist/commands/quality/tidy.d.ts +0 -41
package/dist/commands/quality/tidy.d.ts.map +0 -1
package/dist/commands/quality/tidy.js +0 -466
package/dist/commands/quality/tidy.js.map +0 -1
package/dist/commands/quality/utils.d.ts +0 -73
package/dist/commands/quality/utils.d.ts.map +0 -1
package/dist/commands/quality/utils.js +0 -158
package/dist/commands/quality/utils.js.map +0 -1
package/dist/fix/analytics.d.ts +0 -121
package/dist/fix/analytics.d.ts.map +0 -1
package/dist/fix/analytics.js +0 -289
package/dist/fix/analytics.js.map +0 -1
package/dist/fix/audit.d.ts +0 -61
package/dist/fix/audit.d.ts.map +0 -1
package/dist/fix/audit.js +0 -149
package/dist/fix/audit.js.map +0 -1
package/dist/fix/config.d.ts +0 -78
package/dist/fix/config.d.ts.map +0 -1
package/dist/fix/config.js +0 -200
package/dist/fix/config.js.map +0 -1
package/dist/fix/impact.d.ts +0 -74
package/dist/fix/impact.d.ts.map +0 -1
package/dist/fix/impact.js +0 -281
package/dist/fix/impact.js.map +0 -1
package/dist/fix/learning.d.ts +0 -109
package/dist/fix/learning.d.ts.map +0 -1
package/dist/fix/learning.js +0 -296
package/dist/fix/learning.js.map +0 -1
package/dist/fix/metrics.d.ts +0 -106
package/dist/fix/metrics.d.ts.map +0 -1
package/dist/fix/metrics.js +0 -138
package/dist/fix/metrics.js.map +0 -1
package/dist/fix/parallel.d.ts +0 -69
package/dist/fix/parallel.d.ts.map +0 -1
package/dist/fix/parallel.js +0 -203
package/dist/fix/parallel.js.map +0 -1
package/dist/fix/report.d.ts +0 -40
package/dist/fix/report.d.ts.map +0 -1
package/dist/fix/report.js +0 -212
package/dist/fix/report.js.map +0 -1
package/dist/fix/strategy.d.ts +0 -53
package/dist/fix/strategy.d.ts.map +0 -1
package/dist/fix/strategy.js +0 -143
package/dist/fix/strategy.js.map +0 -1
package/dist/fix/templates.d.ts +0 -58
package/dist/fix/templates.d.ts.map +0 -1
package/dist/fix/templates.js +0 -259
package/dist/fix/templates.js.map +0 -1
package/dist/fix/testing.d.ts +0 -68
package/dist/fix/testing.d.ts.map +0 -1
package/dist/fix/testing.js +0 -245
package/dist/fix/testing.js.map +0 -1
package/dist/fix/validation.d.ts +0 -71
package/dist/fix/validation.d.ts.map +0 -1
package/dist/fix/validation.js +0 -267
package/dist/fix/validation.js.map +0 -1
package/dist/fix/visualization.d.ts +0 -73
package/dist/fix/visualization.d.ts.map +0 -1
package/dist/fix/visualization.js +0 -243
package/dist/fix/visualization.js.map +0 -1
package/dist/runtime/cli-errors.d.ts +0 -38
package/dist/runtime/cli-errors.d.ts.map +0 -1
package/dist/runtime/cli-errors.js +0 -354
package/dist/runtime/cli-errors.js.map +0 -1
package/dist/runtime/owner-mode.d.ts +0 -48
package/dist/runtime/owner-mode.d.ts.map +0 -1
package/dist/runtime/owner-mode.js +0 -284
package/dist/runtime/owner-mode.js.map +0 -1
package/dist/scanner/index.d.ts +0 -8
package/dist/scanner/index.d.ts.map +0 -1
package/dist/scanner/index.js +0 -15
package/dist/scanner/index.js.map +0 -1
package/dist/scanner/placeholder-detector.d.ts +0 -56
package/dist/scanner/placeholder-detector.d.ts.map +0 -1
package/dist/scanner/placeholder-detector.js +0 -220
package/dist/scanner/placeholder-detector.js.map +0 -1
package/dist/scanner/route-detector.d.ts +0 -100
package/dist/scanner/route-detector.d.ts.map +0 -1
package/dist/scanner/route-detector.js +0 -455
package/dist/scanner/route-detector.js.map +0 -1
package/dist/scanner/scoring.d.ts +0 -67
package/dist/scanner/scoring.d.ts.map +0 -1
package/dist/scanner/scoring.js +0 -284
package/dist/scanner/scoring.js.map +0 -1
package/dist/ship-baseline.d.ts +0 -56
package/dist/ship-baseline.d.ts.map +0 -1
package/dist/ship-baseline.js +0 -194
package/dist/ship-baseline.js.map +0 -1
package/dist/ship-config.d.ts +0 -91
package/dist/ship-config.d.ts.map +0 -1
package/dist/ship-config.js +0 -133
package/dist/ship-config.js.map +0 -1
package/dist/ship-data-loader.d.ts +0 -70
package/dist/ship-data-loader.d.ts.map +0 -1
package/dist/ship-data-loader.js +0 -301
package/dist/ship-data-loader.js.map +0 -1
package/dist/utils/ai-helpers.d.ts +0 -72
package/dist/utils/ai-helpers.d.ts.map +0 -1
package/dist/utils/ai-helpers.js +0 -339
package/dist/utils/ai-helpers.js.map +0 -1
package/dist/utils/validation.d.ts +0 -34
package/dist/utils/validation.d.ts.map +0 -1
package/dist/utils/validation.js +0 -160
package/dist/utils/validation.js.map +0 -1

package/dist/index.js CHANGED Viewed

@@ -48,7 +48,7 @@ const fs_1 = require("fs");
 const path_2 = require("path");
 // Use package.json version instead of hardcoding
 const { version: CLI_VERSION = '0.0.0' } = require('../package.json');
-const vibecheck_security_1 = require('./bundles/vibecheck-security');
+const security_1 = require('./bundles/vibecheck-security');
 const creds_1 = require("./runtime/creds");
 const client_1 = require("./runtime/client");
 const exit_codes_1 = require("./runtime/exit-codes");
@@ -486,6 +486,43 @@ async function delay(ms) {
 // Config file path for storing API key
 const CONFIG_DIR = (0, path_2.join)(process.env.HOME || process.env.USERPROFILE || '.', '.vibecheck');
 const CONFIG_FILE = (0, path_2.join)(CONFIG_DIR, 'credentials.json');
+const FREE_SCANS_PER_MONTH = 5;
+// Get current month key (YYYY-MM)
+function getCurrentMonthKey() {
+    const now = new Date();
+    return `${now.getFullYear()}-${String(now.getMonth() + 1).padStart(2, '0')}`;
+}
+// Check and track free tier usage
+function checkFreeTierUsage() {
+    const config = loadConfig();
+    const currentMonth = getCurrentMonthKey();
+    // Reset counter if new month
+    if (config.freeScansResetDate !== currentMonth) {
+        config.freeScansUsed = 0;
+        config.freeScansResetDate = currentMonth;
+        saveConfig(config);
+    }
+    const used = config.freeScansUsed || 0;
+    const remaining = FREE_SCANS_PER_MONTH - used;
+    return {
+        allowed: remaining > 0,
+        remaining,
+        used,
+    };
+}
+// Increment free tier usage
+function incrementFreeTierUsage() {
+    const config = loadConfig();
+    const currentMonth = getCurrentMonthKey();
+    if (config.freeScansResetDate !== currentMonth) {
+        config.freeScansUsed = 1;
+        config.freeScansResetDate = currentMonth;
+    }
+    else {
+        config.freeScansUsed = (config.freeScansUsed || 0) + 1;
+    }
+    saveConfig(config);
+}
 function loadConfig() {
     try {
         if ((0, fs_1.existsSync)(CONFIG_FILE)) {
@@ -551,11 +588,34 @@ async function requireAuthAsync(requiredTier) {
     const state = cachedAuthState || await (0, creds_1.loadAuthState)();
     cachedAuthState = state;
     if (!state.apiKey && !state.accessToken) {
-        console.error(`\n${c.critical('ERROR')} Authentication required\n`);
-        console.log(`  ${c.dim('Run')} ${c.bold('vibecheck auth --key YOUR_API_KEY')} ${c.dim('to authenticate')}`);
-        console.log(`  ${c.dim('Get your API key from')} ${c.info('https://vibecheckai.dev/api-key')}\n`);
-        console.log(`  ${c.dim('Or use')} ${c.bold('--demo')} ${c.dim('for local testing')}\n`);
-        (0, exit_codes_1.exitWith)(exit_codes_1.ExitCode.AUTH_FAILURE);
+        // Premium features always require auth
+        if (requiredTier && requiredTier !== 'free') {
+            console.error(`\n${c.critical('ERROR')} ${requiredTier.toUpperCase()} tier required\n`);
+            console.log(`  ${c.dim('Run')} ${c.bold('vibecheck auth --key YOUR_API_KEY')} ${c.dim('to authenticate')}`);
+            console.log(`  ${c.dim('Get your API key from')} ${c.info('https://vibecheckai.dev/api-key')}\n`);
+            (0, exit_codes_1.exitWith)(exit_codes_1.ExitCode.AUTH_FAILURE);
+        }
+        // Check free tier usage
+        const usage = checkFreeTierUsage();
+        if (usage.allowed) {
+            // Increment usage and allow
+            incrementFreeTierUsage();
+            console.log(`  ${c.dim('Free tier:')} ${c.info(`${usage.remaining - 1} scans remaining this month`)}`);
+            console.log(`  ${c.dim('Get unlimited scans at')} ${c.info('https://vibecheckai.dev/pricing')}\n`);
+            return {
+                tier: 'free',
+                authenticatedAt: new Date().toISOString(),
+            };
+        }
+        else {
+            // Free tier exhausted
+            console.error(`\n${c.critical('FREE TIER LIMIT REACHED')} You've used all ${FREE_SCANS_PER_MONTH} free scans this month\n`);
+            console.log(`  ${c.dim('Options:')}`);
+            console.log(`    ${c.bold('1.')} Get an API key at ${c.info('https://vibecheckai.dev/api-key')}`);
+            console.log(`    ${c.bold('2.')} Upgrade for unlimited scans at ${c.info('https://vibecheckai.dev/pricing')}`);
+            console.log(`    ${c.bold('3.')} Wait until next month for free scans to reset\n`);
+            (0, exit_codes_1.exitWith)(exit_codes_1.ExitCode.AUTH_FAILURE);
+        }
     }
     // Check if cached entitlements are still valid
     if ((0, creds_1.isCacheValid)(state) && state.tier) {
@@ -613,19 +673,45 @@ function requireAuth(tier) {
         };
     }
     const config = loadConfig();
+    // If no API key, check free tier allowance (only for basic commands, not premium tiers)
     if (!config.apiKey) {
-        console.error(`\n${c.critical('ERROR')} Authentication required\n`);
-        console.log(`  ${c.dim('Run')} ${c.bold('vibecheck auth --key YOUR_API_KEY')} ${c.dim('to authenticate')}`);
-        console.log(`  ${c.dim('Get your API key from')} ${c.info('https://vibecheckai.dev/api-key')}\n`);
-        console.log(`  ${c.dim('Or use')} ${c.bold('--demo')} ${c.dim('for local testing')}\n`);
-        (0, exit_codes_1.exitWith)(exit_codes_1.ExitCode.AUTH_FAILURE);
+        // Premium features always require auth
+        if (tier && tier !== 'free') {
+            console.error(`\n${c.critical('ERROR')} ${tier.toUpperCase()} tier required\n`);
+            console.log(`  ${c.dim('Run')} ${c.bold('vibecheck auth --key YOUR_API_KEY')} ${c.dim('to authenticate')}`);
+            console.log(`  ${c.dim('Get your API key from')} ${c.info('https://vibecheckai.dev/api-key')}\n`);
+            (0, exit_codes_1.exitWith)(exit_codes_1.ExitCode.AUTH_FAILURE);
+        }
+        // Check free tier usage
+        const usage = checkFreeTierUsage();
+        if (usage.allowed) {
+            // Increment usage and allow
+            incrementFreeTierUsage();
+            console.log(`  ${c.dim('Free tier:')} ${c.info(`${usage.remaining - 1} scans remaining this month`)}`);
+            console.log(`  ${c.dim('Get unlimited scans at')} ${c.info('https://vibecheckai.dev/pricing')}\n`);
+            return {
+                tier: 'free',
+                authenticatedAt: new Date().toISOString(),
+            };
+        }
+        else {
+            // Free tier exhausted
+            console.error(`\n${c.critical('FREE TIER LIMIT REACHED')} You've used all ${FREE_SCANS_PER_MONTH} free scans this month\n`);
+            console.log(`  ${c.dim('Options:')}`);
+            console.log(`    ${c.bold('1.')} Get an API key at ${c.info('https://vibecheckai.dev/api-key')}`);
+            console.log(`    ${c.bold('2.')} Upgrade for unlimited scans at ${c.info('https://vibecheckai.dev/pricing')}`);
+            console.log(`    ${c.bold('3.')} Wait until next month for free scans to reset\n`);
+            (0, exit_codes_1.exitWith)(exit_codes_1.ExitCode.AUTH_FAILURE);
+        }
     }
     if (tier) {
-        const tierLevels = { free: 0, starter: 1, pro: 2, enterprise: 3 };
+        // Tier levels: free=0, starter=1, pro=2, compliance=3 (enterprise is alias for compliance)
+        const tierLevels = { free: 0, starter: 1, pro: 2, compliance: 3, enterprise: 3 };
         const requiredLevel = tierLevels[tier] || 0;
         const currentLevel = tierLevels[config.tier || 'free'] || 0;
         if (currentLevel < requiredLevel) {
-            console.error(`\n${c.critical('UPGRADE REQUIRED')} This feature requires ${c.bold(tier.toUpperCase())} tier\n`);
+            const tierName = tier === 'enterprise' ? 'COMPLIANCE' : tier.toUpperCase();
+            console.error(`\n${c.critical('UPGRADE REQUIRED')} This feature requires ${c.bold(tierName)} tier\n`);
             console.log(`  ${c.dim('Current tier:')} ${c.info(config.tier || 'free')}`);
             console.log(`  ${c.dim('Upgrade at')} ${c.info('https://vibecheckai.dev/pricing')}\n`);
             (0, exit_codes_1.exitWith)(exit_codes_1.ExitCode.AUTH_FAILURE);
@@ -2972,7 +3058,7 @@ function countFiles(dir) {
 }
 async function generateFindings(projectPath) {
     const findings = [];
-    const guardian = new vibecheck_security_1.SecretsGuardian();
+    const guardian = new security_1.SecretsGuardian();
     // File extensions to scan for secrets
     const scanExtensions = ['.ts', '.js', '.tsx', '.jsx', '.json', '.env', '.yaml', '.yml', '.toml', '.py', '.rb'];
     // Recursively get files to scan
@@ -3069,7 +3155,7 @@ async function generateFindings(projectPath) {
 }
 async function scanSecrets(projectPath, options) {
     const s = spinner('Scanning for hardcoded secrets...');
-    const guardian = new vibecheck_security_1.SecretsGuardian();
+    const guardian = new security_1.SecretsGuardian();
     // Use enterprise-grade scanProject instead of custom file walking
     // Handles: ignores, binary files, size caps, concurrency, dedupe
     const report = await guardian.scanProject(projectPath, 'cli-scan', {
@@ -3245,7 +3331,7 @@ async function scanCompliance(projectPath, options) {
 }
 async function generateSBOM(projectPath, options) {
     const s = spinner('Generating Software Bill of Materials...');
-    const sbomGenerator = new vibecheck_security_1.SBOMGenerator();
+    const sbomGenerator = new security_1.SBOMGenerator();
     try {
         const sbom = await sbomGenerator.generate(projectPath, {
             format: options.format || 'cyclonedx',
@@ -3321,7 +3407,7 @@ async function generateSBOM(projectPath, options) {
 }
 async function generateContainerSBOM(imageName, options) {
     const s = spinner('Generating container SBOM...');
-    const sbomGenerator = new vibecheck_security_1.SBOMGenerator();
+    const sbomGenerator = new security_1.SBOMGenerator();
     try {
         const sbom = await sbomGenerator.generateContainerSBOM(imageName, {
             format: options.format || 'cyclonedx',