npm - @vibecheckai/cli - Versions diffs - 2.8.2 → 3.0.0 - Mend

@vibecheckai/cli 2.8.2 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (454) hide show

package/README.md +8 -8
package/bin/_deprecations.js +35 -0
package/bin/_router.js +46 -0
package/bin/cli-hygiene.js +241 -0
package/bin/guardrail.js +834 -0
package/bin/runners/cli-utils.js +1070 -0
package/bin/runners/context/ai-task-decomposer.js +337 -0
package/bin/runners/context/analyzer.js +462 -0
package/bin/runners/context/api-contracts.js +427 -0
package/bin/runners/context/context-diff.js +342 -0
package/bin/runners/context/context-pruner.js +291 -0
package/bin/runners/context/dependency-graph.js +414 -0
package/bin/runners/context/generators/claude.js +107 -0
package/bin/runners/context/generators/codex.js +108 -0
package/bin/runners/context/generators/copilot.js +119 -0
package/bin/runners/context/generators/cursor.js +514 -0
package/bin/runners/context/generators/mcp.js +151 -0
package/bin/runners/context/generators/windsurf.js +180 -0
package/bin/runners/context/git-context.js +302 -0
package/bin/runners/context/index.js +1042 -0
package/bin/runners/context/insights.js +173 -0
package/bin/runners/context/mcp-server/generate-rules.js +337 -0
package/bin/runners/context/mcp-server/index.js +1176 -0
package/bin/runners/context/mcp-server/package.json +24 -0
package/bin/runners/context/memory.js +200 -0
package/bin/runners/context/monorepo.js +215 -0
package/bin/runners/context/multi-repo-federation.js +404 -0
package/bin/runners/context/patterns.js +253 -0
package/bin/runners/context/proof-context.js +972 -0
package/bin/runners/context/security-scanner.js +303 -0
package/bin/runners/context/semantic-search.js +350 -0
package/bin/runners/context/shared.js +264 -0
package/bin/runners/context/team-conventions.js +310 -0
package/bin/runners/lib/ai-bridge.js +416 -0
package/bin/runners/lib/analysis-core.js +271 -0
package/bin/runners/lib/analyzers.js +541 -0
package/bin/runners/lib/audit-bridge.js +391 -0
package/bin/runners/lib/auth-truth.js +193 -0
package/bin/runners/lib/auth.js +215 -0
package/bin/runners/lib/backup.js +62 -0
package/bin/runners/lib/billing.js +107 -0
package/bin/runners/lib/claims.js +118 -0
package/bin/runners/lib/cli-ui.js +540 -0
package/bin/runners/lib/compliance-bridge-new.js +0 -0
package/bin/runners/lib/compliance-bridge.js +165 -0
package/bin/runners/lib/contracts/auth-contract.js +194 -0
package/bin/runners/lib/contracts/env-contract.js +178 -0
package/bin/runners/lib/contracts/external-contract.js +198 -0
package/bin/runners/lib/contracts/guard.js +168 -0
package/bin/runners/lib/contracts/index.js +89 -0
package/bin/runners/lib/contracts/plan-validator.js +311 -0
package/bin/runners/lib/contracts/route-contract.js +192 -0
package/bin/runners/lib/detect.js +89 -0
package/bin/runners/lib/doctor/autofix.js +254 -0
package/bin/runners/lib/doctor/index.js +37 -0
package/bin/runners/lib/doctor/modules/dependencies.js +325 -0
package/bin/runners/lib/doctor/modules/index.js +46 -0
package/bin/runners/lib/doctor/modules/network.js +250 -0
package/bin/runners/lib/doctor/modules/project.js +312 -0
package/bin/runners/lib/doctor/modules/runtime.js +224 -0
package/bin/runners/lib/doctor/modules/security.js +348 -0
package/bin/runners/lib/doctor/modules/system.js +213 -0
package/bin/runners/lib/doctor/modules/vibecheck.js +394 -0
package/bin/runners/lib/doctor/reporter.js +262 -0
package/bin/runners/lib/doctor/service.js +262 -0
package/bin/runners/lib/doctor/types.js +113 -0
package/bin/runners/lib/doctor/ui.js +263 -0
package/bin/runners/lib/doctor-enhanced.js +233 -0
package/bin/runners/lib/doctor-v2.js +608 -0
package/bin/runners/lib/enforcement.js +72 -0
package/bin/runners/lib/enterprise-detect.js +603 -0
package/bin/runners/lib/enterprise-init.js +942 -0
package/bin/runners/lib/entitlements-v2.js +381 -0
package/bin/runners/lib/entitlements.generated.js +0 -0
package/bin/runners/lib/entitlements.js +332 -0
package/bin/runners/lib/env-template.js +66 -0
package/bin/runners/lib/env.js +189 -0
package/bin/runners/lib/error-handler.js +320 -0
package/bin/runners/lib/firewall-prompt.js +50 -0
package/bin/runners/lib/graph/graph-builder.js +265 -0
package/bin/runners/lib/graph/html-renderer.js +413 -0
package/bin/runners/lib/graph/index.js +32 -0
package/bin/runners/lib/graph/runtime-collector.js +215 -0
package/bin/runners/lib/graph/static-extractor.js +518 -0
package/bin/runners/lib/init-wizard.js +308 -0
package/bin/runners/lib/json-output.js +76 -0
package/bin/runners/lib/llm.js +75 -0
package/bin/runners/lib/meter.js +61 -0
package/bin/runners/lib/missions/evidence.js +126 -0
package/bin/runners/lib/missions/plan.js +69 -0
package/bin/runners/lib/missions/templates.js +147 -0
package/bin/runners/lib/patch.js +40 -0
package/bin/runners/lib/permissions/auth-model.js +213 -0
package/bin/runners/lib/permissions/idor-prover.js +205 -0
package/bin/runners/lib/permissions/index.js +45 -0
package/bin/runners/lib/permissions/matrix-builder.js +198 -0
package/bin/runners/lib/pkgjson.js +28 -0
package/bin/runners/lib/preflight.js +142 -0
package/bin/runners/lib/reality-findings.js +84 -0
package/bin/runners/lib/redact.js +29 -0
package/bin/runners/lib/replay/capsule-manager.js +154 -0
package/bin/runners/lib/replay/index.js +263 -0
package/bin/runners/lib/replay/player.js +348 -0
package/bin/runners/lib/replay/recorder.js +331 -0
package/bin/runners/lib/report-engine.js +447 -0
package/bin/runners/lib/report-html.js +1117 -0
package/bin/runners/lib/report-templates.js +964 -0
package/bin/runners/lib/route-detection.js +1140 -0
package/bin/runners/lib/route-truth.js +477 -0
package/bin/runners/lib/sandbox/index.js +59 -0
package/bin/runners/lib/sandbox/proof-chain.js +399 -0
package/bin/runners/lib/sandbox/sandbox-runner.js +205 -0
package/bin/runners/lib/sandbox/worktree.js +174 -0
package/bin/runners/lib/scan-cache.js +330 -0
package/bin/runners/lib/scan-output-schema.js +344 -0
package/bin/runners/lib/score-history.js +282 -0
package/bin/runners/lib/security-bridge.js +249 -0
package/bin/runners/lib/server-usage.js +513 -0
package/bin/runners/lib/share-pack.js +239 -0
package/bin/runners/lib/snippets.js +67 -0
package/bin/runners/lib/truth.js +667 -0
package/bin/runners/lib/unified-output.js +189 -0
package/bin/runners/lib/validate-patch.js +156 -0
package/bin/runners/lib/verification.js +345 -0
package/bin/runners/reality/engine.js +917 -0
package/bin/runners/reality/flows.js +122 -0
package/bin/runners/reality/report.js +378 -0
package/bin/runners/reality/session.js +193 -0
package/bin/runners/runAIAgent.js +2 -0
package/bin/runners/runAudit.js +2 -0
package/bin/runners/runAuth.js +106 -0
package/bin/runners/runAutopilot.js +2 -0
package/bin/runners/runBadge.js +2 -0
package/bin/runners/runCertify.js +2 -0
package/bin/runners/runClaimVerifier.js +483 -0
package/bin/runners/runContext.js +56 -0
package/bin/runners/runContextCompiler.js +385 -0
package/bin/runners/runCtx.js +187 -0
package/bin/runners/runCtxGuard.js +176 -0
package/bin/runners/runCtxSync.js +116 -0
package/bin/runners/runDashboard.js +10 -0
package/bin/runners/runDoctor.js +245 -0
package/bin/runners/runEnhancedShip.js +2 -0
package/bin/runners/runFix.js +735 -0
package/bin/runners/runFixPacks.js +2 -0
package/bin/runners/runGate.js +17 -0
package/bin/runners/runGraph.js +283 -0
package/bin/runners/runInit.js +260 -0
package/bin/runners/runInitGha.js +101 -0
package/bin/runners/runInstall.js +76 -0
package/bin/runners/runInteractive.js +388 -0
package/bin/runners/runLaunch.js +2 -0
package/bin/runners/runMcp.js +19 -0
package/bin/runners/runMdc.js +2 -0
package/bin/runners/runMissionGenerator.js +282 -0
package/bin/runners/runNaturalLanguage.js +3 -0
package/bin/runners/runPR.js +96 -0
package/bin/runners/runPermissions.js +290 -0
package/bin/runners/runPromptFirewall.js +211 -0
package/bin/runners/runProof.js +2 -0
package/bin/runners/runProve.js +392 -0
package/bin/runners/runReality.js +489 -0
package/bin/runners/runRealitySniff.js +2 -0
package/bin/runners/runReplay.js +469 -0
package/bin/runners/runReport.js +478 -0
package/bin/runners/runScan.js +835 -0
package/bin/runners/runShare.js +34 -0
package/bin/runners/runShip.js +1062 -0
package/bin/runners/runStatus.js +136 -0
package/bin/runners/runTruthpack.js +634 -0
package/bin/runners/runUpgrade.js +2 -0
package/bin/runners/runValidate.js +2 -0
package/bin/runners/runVerifyAgentOutput.js +2 -0
package/bin/runners/runWatch.js +230 -0
package/bin/runners/utils.js +360 -0
package/bin/scan.js +612 -0
package/bin/vibecheck.js +834 -0
package/package.json +11 -11
package/dist/autopatch/verified-autopatch.d.ts +0 -111
package/dist/autopatch/verified-autopatch.d.ts.map +0 -1
package/dist/autopatch/verified-autopatch.js +0 -503
package/dist/autopatch/verified-autopatch.js.map +0 -1
package/dist/bundles/index.js +0 -8
package/dist/bundles/vibecheck-core.js +0 -25799
package/dist/bundles/vibecheck-security.js +0 -208693
package/dist/bundles/vibecheck-ship.js +0 -2318
package/dist/commands/baseline.d.ts +0 -7
package/dist/commands/baseline.d.ts.map +0 -1
package/dist/commands/baseline.js +0 -79
package/dist/commands/baseline.js.map +0 -1
package/dist/commands/cache.d.ts +0 -13
package/dist/commands/cache.d.ts.map +0 -1
package/dist/commands/cache.js +0 -165
package/dist/commands/cache.js.map +0 -1
package/dist/commands/checkpoint.d.ts +0 -8
package/dist/commands/checkpoint.d.ts.map +0 -1
package/dist/commands/checkpoint.js +0 -35
package/dist/commands/checkpoint.js.map +0 -1
package/dist/commands/doctor.d.ts +0 -17
package/dist/commands/doctor.d.ts.map +0 -1
package/dist/commands/doctor.js +0 -226
package/dist/commands/doctor.js.map +0 -1
package/dist/commands/evidence.d.ts +0 -45
package/dist/commands/evidence.d.ts.map +0 -1
package/dist/commands/evidence.js +0 -197
package/dist/commands/evidence.js.map +0 -1
package/dist/commands/explain.d.ts +0 -8
package/dist/commands/explain.d.ts.map +0 -1
package/dist/commands/explain.js +0 -52
package/dist/commands/explain.js.map +0 -1
package/dist/commands/fix-consolidated.d.ts +0 -19
package/dist/commands/fix-consolidated.d.ts.map +0 -1
package/dist/commands/fix-consolidated.js +0 -165
package/dist/commands/fix-consolidated.js.map +0 -1
package/dist/commands/index.d.ts +0 -8
package/dist/commands/index.d.ts.map +0 -1
package/dist/commands/index.js +0 -15
package/dist/commands/index.js.map +0 -1
package/dist/commands/init.d.ts +0 -8
package/dist/commands/init.d.ts.map +0 -1
package/dist/commands/init.js +0 -125
package/dist/commands/init.js.map +0 -1
package/dist/commands/launcher.d.ts +0 -10
package/dist/commands/launcher.d.ts.map +0 -1
package/dist/commands/launcher.js +0 -174
package/dist/commands/launcher.js.map +0 -1
package/dist/commands/on.d.ts +0 -8
package/dist/commands/on.d.ts.map +0 -1
package/dist/commands/on.js +0 -123
package/dist/commands/on.js.map +0 -1
package/dist/commands/replay.d.ts +0 -8
package/dist/commands/replay.d.ts.map +0 -1
package/dist/commands/replay.js +0 -52
package/dist/commands/replay.js.map +0 -1
package/dist/commands/scan-consolidated.d.ts +0 -61
package/dist/commands/scan-consolidated.d.ts.map +0 -1
package/dist/commands/scan-consolidated.js +0 -243
package/dist/commands/scan-consolidated.js.map +0 -1
package/dist/commands/scan-secrets.d.ts +0 -47
package/dist/commands/scan-secrets.d.ts.map +0 -1
package/dist/commands/scan-secrets.js +0 -225
package/dist/commands/scan-secrets.js.map +0 -1
package/dist/commands/scan-vulnerabilities-enhanced.d.ts +0 -41
package/dist/commands/scan-vulnerabilities-enhanced.d.ts.map +0 -1
package/dist/commands/scan-vulnerabilities-enhanced.js +0 -368
package/dist/commands/scan-vulnerabilities-enhanced.js.map +0 -1
package/dist/commands/scan-vulnerabilities-osv.d.ts +0 -58
package/dist/commands/scan-vulnerabilities-osv.d.ts.map +0 -1
package/dist/commands/scan-vulnerabilities-osv.js +0 -722
package/dist/commands/scan-vulnerabilities-osv.js.map +0 -1
package/dist/commands/scan-vulnerabilities.d.ts +0 -32
package/dist/commands/scan-vulnerabilities.d.ts.map +0 -1
package/dist/commands/scan-vulnerabilities.js +0 -283
package/dist/commands/scan-vulnerabilities.js.map +0 -1
package/dist/commands/secrets-allowlist.d.ts +0 -7
package/dist/commands/secrets-allowlist.d.ts.map +0 -1
package/dist/commands/secrets-allowlist.js +0 -85
package/dist/commands/secrets-allowlist.js.map +0 -1
package/dist/commands/ship-consolidated.d.ts +0 -58
package/dist/commands/ship-consolidated.d.ts.map +0 -1
package/dist/commands/ship-consolidated.js +0 -515
package/dist/commands/ship-consolidated.js.map +0 -1
package/dist/commands/stats.d.ts +0 -8
package/dist/commands/stats.d.ts.map +0 -1
package/dist/commands/stats.js +0 -134
package/dist/commands/stats.js.map +0 -1
package/dist/commands/upgrade.d.ts +0 -8
package/dist/commands/upgrade.d.ts.map +0 -1
package/dist/commands/upgrade.js +0 -30
package/dist/commands/upgrade.js.map +0 -1
package/dist/fix/applicator.d.ts +0 -44
package/dist/fix/applicator.d.ts.map +0 -1
package/dist/fix/applicator.js +0 -144
package/dist/fix/applicator.js.map +0 -1
package/dist/fix/backup.d.ts +0 -38
package/dist/fix/backup.d.ts.map +0 -1
package/dist/fix/backup.js +0 -154
package/dist/fix/backup.js.map +0 -1
package/dist/fix/engine.d.ts +0 -55
package/dist/fix/engine.d.ts.map +0 -1
package/dist/fix/engine.js +0 -285
package/dist/fix/engine.js.map +0 -1
package/dist/fix/index.d.ts +0 -5
package/dist/fix/index.d.ts.map +0 -1
package/dist/fix/index.js +0 -12
package/dist/fix/index.js.map +0 -1
package/dist/fix/interactive.d.ts +0 -22
package/dist/fix/interactive.d.ts.map +0 -1
package/dist/fix/interactive.js +0 -172
package/dist/fix/interactive.js.map +0 -1
package/dist/formatters/index.d.ts +0 -6
package/dist/formatters/index.d.ts.map +0 -1
package/dist/formatters/index.js +0 -11
package/dist/formatters/index.js.map +0 -1
package/dist/formatters/sarif-enhanced.d.ts +0 -78
package/dist/formatters/sarif-enhanced.d.ts.map +0 -1
package/dist/formatters/sarif-enhanced.js +0 -144
package/dist/formatters/sarif-enhanced.js.map +0 -1
package/dist/formatters/sarif-v2.d.ts +0 -121
package/dist/formatters/sarif-v2.d.ts.map +0 -1
package/dist/formatters/sarif-v2.js +0 -356
package/dist/formatters/sarif-v2.js.map +0 -1
package/dist/formatters/sarif.d.ts +0 -72
package/dist/formatters/sarif.d.ts.map +0 -1
package/dist/formatters/sarif.js +0 -146
package/dist/formatters/sarif.js.map +0 -1
package/dist/index.d.ts +0 -61
package/dist/index.d.ts.map +0 -1
package/dist/index.js +0 -4388
package/dist/index.js.map +0 -1
package/dist/init/ci-generator.d.ts +0 -18
package/dist/init/ci-generator.d.ts.map +0 -1
package/dist/init/ci-generator.js +0 -317
package/dist/init/ci-generator.js.map +0 -1
package/dist/init/detect-framework.d.ts +0 -15
package/dist/init/detect-framework.d.ts.map +0 -1
package/dist/init/detect-framework.js +0 -301
package/dist/init/detect-framework.js.map +0 -1
package/dist/init/hooks-installer.d.ts +0 -22
package/dist/init/hooks-installer.d.ts.map +0 -1
package/dist/init/hooks-installer.js +0 -310
package/dist/init/hooks-installer.js.map +0 -1
package/dist/init/index.d.ts +0 -8
package/dist/init/index.d.ts.map +0 -1
package/dist/init/index.js +0 -22
package/dist/init/index.js.map +0 -1
package/dist/init/templates.d.ts +0 -402
package/dist/init/templates.d.ts.map +0 -1
package/dist/init/templates.js +0 -240
package/dist/init/templates.js.map +0 -1
package/dist/mcp/server.d.ts +0 -12
package/dist/mcp/server.d.ts.map +0 -1
package/dist/mcp/server.js +0 -42
package/dist/mcp/server.js.map +0 -1
package/dist/mcp/telemetry.d.ts +0 -40
package/dist/mcp/telemetry.d.ts.map +0 -1
package/dist/mcp/telemetry.js +0 -98
package/dist/mcp/telemetry.js.map +0 -1
package/dist/reality/no-dead-buttons/button-sweep-generator.d.ts +0 -32
package/dist/reality/no-dead-buttons/button-sweep-generator.d.ts.map +0 -1
package/dist/reality/no-dead-buttons/button-sweep-generator.js +0 -236
package/dist/reality/no-dead-buttons/button-sweep-generator.js.map +0 -1
package/dist/reality/no-dead-buttons/index.d.ts +0 -11
package/dist/reality/no-dead-buttons/index.d.ts.map +0 -1
package/dist/reality/no-dead-buttons/index.js +0 -18
package/dist/reality/no-dead-buttons/index.js.map +0 -1
package/dist/reality/no-dead-buttons/static-scanner.d.ts +0 -34
package/dist/reality/no-dead-buttons/static-scanner.d.ts.map +0 -1
package/dist/reality/no-dead-buttons/static-scanner.js +0 -230
package/dist/reality/no-dead-buttons/static-scanner.js.map +0 -1
package/dist/reality/reality-graph.d.ts +0 -192
package/dist/reality/reality-graph.d.ts.map +0 -1
package/dist/reality/reality-graph.js +0 -600
package/dist/reality/reality-graph.js.map +0 -1
package/dist/reality/reality-runner.d.ts +0 -89
package/dist/reality/reality-runner.d.ts.map +0 -1
package/dist/reality/reality-runner.js +0 -540
package/dist/reality/reality-runner.js.map +0 -1
package/dist/reality/receipt-generator.d.ts +0 -152
package/dist/reality/receipt-generator.d.ts.map +0 -1
package/dist/reality/receipt-generator.js +0 -495
package/dist/reality/receipt-generator.js.map +0 -1
package/dist/reality/runtime-tracer.d.ts +0 -75
package/dist/reality/runtime-tracer.d.ts.map +0 -1
package/dist/reality/runtime-tracer.js +0 -109
package/dist/reality/runtime-tracer.js.map +0 -1
package/dist/runtime/auth-utils.d.ts +0 -43
package/dist/runtime/auth-utils.d.ts.map +0 -1
package/dist/runtime/auth-utils.js +0 -130
package/dist/runtime/auth-utils.js.map +0 -1
package/dist/runtime/client.d.ts +0 -74
package/dist/runtime/client.d.ts.map +0 -1
package/dist/runtime/client.js +0 -222
package/dist/runtime/client.js.map +0 -1
package/dist/runtime/creds.d.ts +0 -48
package/dist/runtime/creds.d.ts.map +0 -1
package/dist/runtime/creds.js +0 -245
package/dist/runtime/creds.js.map +0 -1
package/dist/runtime/exit-codes.d.ts +0 -49
package/dist/runtime/exit-codes.d.ts.map +0 -1
package/dist/runtime/exit-codes.js +0 -93
package/dist/runtime/exit-codes.js.map +0 -1
package/dist/runtime/index.d.ts +0 -9
package/dist/runtime/index.d.ts.map +0 -1
package/dist/runtime/index.js +0 -25
package/dist/runtime/index.js.map +0 -1
package/dist/runtime/json-output.d.ts +0 -42
package/dist/runtime/json-output.d.ts.map +0 -1
package/dist/runtime/json-output.js +0 -59
package/dist/runtime/json-output.js.map +0 -1
package/dist/runtime/semver.d.ts +0 -37
package/dist/runtime/semver.d.ts.map +0 -1
package/dist/runtime/semver.js +0 -110
package/dist/runtime/semver.js.map +0 -1
package/dist/scan/dead-ui-detector.d.ts +0 -48
package/dist/scan/dead-ui-detector.d.ts.map +0 -1
package/dist/scan/dead-ui-detector.js +0 -170
package/dist/scan/dead-ui-detector.js.map +0 -1
package/dist/scan/playwright-sweep.d.ts +0 -40
package/dist/scan/playwright-sweep.d.ts.map +0 -1
package/dist/scan/playwright-sweep.js +0 -216
package/dist/scan/playwright-sweep.js.map +0 -1
package/dist/scan/proof-bundle.d.ts +0 -25
package/dist/scan/proof-bundle.d.ts.map +0 -1
package/dist/scan/proof-bundle.js +0 -203
package/dist/scan/proof-bundle.js.map +0 -1
package/dist/scan/proof-graph.d.ts +0 -59
package/dist/scan/proof-graph.d.ts.map +0 -1
package/dist/scan/proof-graph.js +0 -64
package/dist/scan/proof-graph.js.map +0 -1
package/dist/scan/reality-sniff.d.ts +0 -56
package/dist/scan/reality-sniff.d.ts.map +0 -1
package/dist/scan/reality-sniff.js +0 -200
package/dist/scan/reality-sniff.js.map +0 -1
package/dist/scan/structural-verifier.d.ts +0 -20
package/dist/scan/structural-verifier.d.ts.map +0 -1
package/dist/scan/structural-verifier.js +0 -112
package/dist/scan/structural-verifier.js.map +0 -1
package/dist/scan/verification-engine.d.ts +0 -47
package/dist/scan/verification-engine.d.ts.map +0 -1
package/dist/scan/verification-engine.js +0 -141
package/dist/scan/verification-engine.js.map +0 -1
package/dist/scanner/baseline.d.ts +0 -52
package/dist/scanner/baseline.d.ts.map +0 -1
package/dist/scanner/baseline.js +0 -85
package/dist/scanner/baseline.js.map +0 -1
package/dist/scanner/incremental.d.ts +0 -30
package/dist/scanner/incremental.d.ts.map +0 -1
package/dist/scanner/incremental.js +0 -82
package/dist/scanner/incremental.js.map +0 -1
package/dist/scanner/parallel.d.ts +0 -43
package/dist/scanner/parallel.d.ts.map +0 -1
package/dist/scanner/parallel.js +0 -99
package/dist/scanner/parallel.js.map +0 -1
package/dist/standalone.d.ts +0 -1
package/dist/standalone.d.ts.map +0 -1
package/dist/standalone.js +0 -1
package/dist/standalone.js.map +0 -1
package/dist/truth-pack/index.d.ts +0 -102
package/dist/truth-pack/index.d.ts.map +0 -1
package/dist/truth-pack/index.js +0 -694
package/dist/truth-pack/index.js.map +0 -1
package/dist/ui/frame.d.ts +0 -68
package/dist/ui/frame.d.ts.map +0 -1
package/dist/ui/frame.js +0 -165
package/dist/ui/frame.js.map +0 -1
package/dist/ui/index.d.ts +0 -5
package/dist/ui/index.d.ts.map +0 -1
package/dist/ui/index.js +0 -16
package/dist/ui/index.js.map +0 -1
package/dist/ui.d.ts +0 -36
package/dist/ui.d.ts.map +0 -1
package/dist/ui.js +0 -45
package/dist/ui.js.map +0 -1

package/README.md CHANGED Viewed

@@ -1,14 +1,14 @@
-# vibecheck CLI v2.8.0 🎉
+# vibecheck CLI v3.0.0 🚀
-The official command-line interface for vibecheck - AI-native code security and vibecheck platform.
+Ship with confidence. One verdict: **SHIP | WARN | BLOCK**
-## ✨ What's New in v2.8.0
+## ✨ What's New in v3.0.0
-- 🌐 **Multi-Framework Route Detection** - Express, Flask, FastAPI, Django, Hono, Koa, Go (Gin/Echo/Fiber/Chi/Gorilla)
-- 📄 **OpenAPI/Swagger Support** - Automatic route extraction from spec files
-- 🔮 **GraphQL Detection** - Apollo, Yoga, Express-GraphQL, Strawberry
-- 🛡️ **Improved Vuln Scanner** - Better OSV query failure handling with clear warnings
-- 🧹 **Clean JSON Output** - `--format json` now outputs pure JSON without banners
+- 🎯 **Unified CLI** - All spec commands now available: `install`, `ship`, `reality`, `fix`, `pr`, `share`, `ctx`
+- 📜 **Context Contracts** - `ctx sync` writes routes.json, env.json, auth.json, external.json
+- 🤖 **MCP Server v1** - AI agent integration with `validate_plan` hallucination stopper
+- 🔒 **Signed Entitlements** - Server-side metering with 24h offline grace
+- 🏃 **Reality → Ship Integration** - Runtime findings (DeadUI, AuthCoverage) affect verdict
 ## Installation

package/bin/_deprecations.js ADDED Viewed

@@ -0,0 +1,35 @@
+const fs = require("fs");
+const os = require("os");
+const path = require("path");
+function cachePath() {
+  return path.join(os.homedir(), ".vibecheck", "deprecations.json");
+}
+function warnDeprecationOnce(legacyFrom, suggestion, version = "dev") {
+  if (!legacyFrom) return;
+  if (process.env.VIBECHECK_SILENCE_DEPRECATIONS === "1") return;
+  const file = cachePath();
+  let cache = {};
+  try {
+    cache = JSON.parse(fs.readFileSync(file, "utf8"));
+  } catch {}
+  const key = `${legacyFrom}@${version}`;
+  if (cache[key]) return;
+  process.stderr.write(
+    `Deprecation: 'vibecheck ${legacyFrom}' → use 'vibecheck ${suggestion}'\n`,
+  );
+  cache[key] = new Date().toISOString();
+  try {
+    fs.mkdirSync(path.dirname(file), { recursive: true });
+    fs.writeFileSync(file, JSON.stringify(cache, null, 2));
+  } catch (err) {
+    // Ignore cache write errors (e.g. permission issues)
+  }
+}
+module.exports = { warnDeprecationOnce };

package/bin/_router.js ADDED Viewed

@@ -0,0 +1,46 @@
+const LEGACY_MAP = {
+  // ship is now first-class command, not legacy
+  // reality is now its own command - no longer routes to proof
+  mockproof: { to: ["proof", "mocks"] },
+  hygiene: { to: ["scan", "--only=hygiene"] },
+  security: { to: ["scan", "--only=security"] },
+  auth: { to: ["scan", "--only=auth"] },
+  routes: { to: ["scan", "--only=routes"] },
+  api: { to: ["scan", "--only=contracts"] }, // rename internal concept to contracts
+  mock: { to: ["scan", "--only=mocks"] },
+};
+function routeArgv(argv) {
+  const args = argv.slice(2);
+  const first = args[0];
+  // Handle top-level flags that act as commands
+  if (first === "--version" || first === "-v") {
+    return { legacyFrom: null, routed: ["version"] };
+  }
+  if (first === "--help" || first === "-h") {
+    return { legacyFrom: null, routed: ["help"] };
+  }
+  // Default command if none
+  if (!first || first.startsWith("-")) {
+    return { legacyFrom: null, routed: ["scan", ...args] };
+  }
+  // Legacy alias handling
+  if (LEGACY_MAP[first]) {
+    const mapped = LEGACY_MAP[first].to;
+    const rest = args.slice(1);
+    return { legacyFrom: first, routed: [...mapped, ...rest] };
+  }
+  // validate logic
+  if (first === "validate") {
+    return { legacyFrom: null, routed: args };
+  }
+  // Already new-style
+  return { legacyFrom: null, routed: args };
+}
+module.exports = { routeArgv };

package/bin/cli-hygiene.js ADDED Viewed

@@ -0,0 +1,241 @@
+#!/usr/bin/env node
+/**
+ * vibecheck Repo Hygiene CLI
+ *
+ * Enhanced false-positive detection for framework-managed files.
+ *
+ * Usage:
+ *   node bin/cli-hygiene.js [command] [options]
+ *
+ * Commands:
+ *   scan          Full hygiene scan (default)
+ *   duplicates    Scan for duplicate files only
+ *   unused        Scan for unused files only
+ *   errors        Scan for lint/type errors only
+ *
+ * Options:
+ *   --path, -p        Project path (default: current directory)
+ *   --json            Output JSON instead of markdown
+ *   --no-interactive  Skip prompts
+ */
+const path = require("path");
+const fs = require("fs");
+// Import hygiene modules
+const {
+  findDuplicates,
+  findUnusedFiles,
+  collectAllErrors,
+  analyzeRootDirectory,
+  generateHygieneReport,
+  calculateHygieneScore,
+} = require("../scripts/hygiene");
+// Parse arguments
+const args = process.argv.slice(2);
+const command = args.find((a) => !a.startsWith("-")) || "scan";
+const projectPath = getArg("--path", "-p") || ".";
+const jsonOutput = args.includes("--json");
+function getArg(long, short) {
+  const longIdx = args.findIndex((a) => a.startsWith(long + "=") || a === long);
+  if (longIdx !== -1) {
+    if (args[longIdx].includes("=")) return args[longIdx].split("=")[1];
+    return args[longIdx + 1];
+  }
+  if (short) {
+    const shortIdx = args.findIndex((a) => a === short);
+    if (shortIdx !== -1) return args[shortIdx + 1];
+  }
+  return null;
+}
+async function runFullScan(resolvedPath) {
+  console.log("🔍 Scanning for duplicates...");
+  const duplicates = findDuplicates(resolvedPath);
+  console.log("📦 Building import graph...");
+  const unused = findUnusedFiles(resolvedPath);
+  console.log("🔴 Collecting errors...");
+  const errors = collectAllErrors(resolvedPath);
+  console.log("🏠 Analyzing root directory...");
+  const rootCleanup = analyzeRootDirectory(resolvedPath);
+  return { projectPath: resolvedPath, duplicates, unused, errors, rootCleanup };
+}
+async function main() {
+  const resolvedPath = path.resolve(projectPath);
+  console.log(`\n🧹 vibecheck Repo Hygiene\n`);
+  console.log(`📁 Project: ${resolvedPath}\n`);
+  switch (command) {
+    case "scan":
+      await handleScan(resolvedPath);
+      break;
+    case "duplicates":
+      await handleDuplicates(resolvedPath);
+      break;
+    case "unused":
+      await handleUnused(resolvedPath);
+      break;
+    case "errors":
+      await handleErrors(resolvedPath);
+      break;
+    default:
+      console.error(`Unknown command: ${command}`);
+      console.error("Available: scan, duplicates, unused, errors");
+      process.exit(1);
+  }
+}
+async function handleScan(resolvedPath) {
+  const results = await runFullScan(resolvedPath);
+  const score = calculateHygieneScore(results);
+  if (jsonOutput) {
+    console.log(JSON.stringify({ ...results, score }, null, 2));
+    return;
+  }
+  // Print report
+  const report = generateHygieneReport(results);
+  console.log("\n" + report);
+  // Print false-positive summary
+  printFalsePositiveSummary(results.unused);
+  // Save artifacts
+  const reportDir = path.join(resolvedPath, ".vibecheck");
+  if (!fs.existsSync(reportDir)) fs.mkdirSync(reportDir, { recursive: true });
+  fs.writeFileSync(path.join(reportDir, "hygiene-report.md"), report);
+  fs.writeFileSync(
+    path.join(reportDir, "hygiene-results.json"),
+    JSON.stringify(results, null, 2),
+  );
+  fs.writeFileSync(
+    path.join(reportDir, "hygiene-score.json"),
+    JSON.stringify(score, null, 2),
+  );
+  fs.writeFileSync(
+    path.join(reportDir, "unused-files.json"),
+    JSON.stringify(results.unused, null, 2),
+  );
+  fs.writeFileSync(
+    path.join(reportDir, "duplicates.json"),
+    JSON.stringify(results.duplicates, null, 2),
+  );
+  console.log(`\n📄 Reports saved to: ${reportDir}/\n`);
+  // Exit code based on score
+  if (score.score < 60) {
+    process.exit(1);
+  }
+}
+function printFalsePositiveSummary(unused) {
+  if (!unused?.stats) return;
+  const { falsePositives, trueUnused } = unused.stats;
+  console.log("\n" + "─".repeat(60));
+  console.log("\n📊 **False-Positive Detection Summary**\n");
+  console.log(`   ✅ Framework-managed files detected: ${falsePositives || 0}`);
+  console.log(`   🗑️  Truly unused files: ${trueUnused || 0}`);
+  if (unused.unused?.definitelyUnused?.length > 0) {
+    console.log("\n   **Safe to delete:**");
+    for (const file of unused.unused.definitelyUnused.slice(0, 10)) {
+      console.log(`      - ${file.file}`);
+    }
+    if (unused.unused.definitelyUnused.length > 10) {
+      console.log(
+        `      ... and ${unused.unused.definitelyUnused.length - 10} more`,
+      );
+    }
+  }
+  console.log("");
+}
+async function handleDuplicates(resolvedPath) {
+  console.log("🔍 Scanning for duplicates...");
+  const duplicates = findDuplicates(resolvedPath);
+  if (jsonOutput) {
+    console.log(JSON.stringify(duplicates, null, 2));
+    return;
+  }
+  console.log("\n## Duplicate Analysis\n");
+  console.log(`| Type | Count |`);
+  console.log(`|------|-------|`);
+  console.log(`| Exact duplicates | ${duplicates.exact?.length || 0} |`);
+  console.log(`| Near-duplicates | ${duplicates.near?.length || 0} |`);
+  console.log(`| Copy-paste blocks | ${duplicates.copyPaste?.length || 0} |`);
+  if (duplicates.exact?.length > 0) {
+    console.log("\n### Exact Duplicates\n");
+    for (const dup of duplicates.exact.slice(0, 10)) {
+      console.log(
+        `- ${dup.files?.map((f) => f.path).join(" = ") || JSON.stringify(dup)}`,
+      );
+    }
+  }
+}
+async function handleUnused(resolvedPath) {
+  console.log("📦 Building import graph...");
+  const unused = findUnusedFiles(resolvedPath);
+  if (jsonOutput) {
+    console.log(JSON.stringify(unused, null, 2));
+    return;
+  }
+  console.log("\n## Unused File Analysis\n");
+  console.log(`| Category | Count |`);
+  console.log(`|----------|-------|`);
+  console.log(
+    `| Framework-managed (false positives) | ${unused.unused?.falsePositives?.length || 0} |`,
+  );
+  console.log(
+    `| Definitely unused | ${unused.unused?.definitelyUnused?.length || 0} |`,
+  );
+  console.log(
+    `| Probably unused | ${unused.unused?.probablyUnused?.length || 0} |`,
+  );
+  console.log(`| Test files | ${unused.unused?.testOnly?.length || 0} |`);
+  printFalsePositiveSummary(unused);
+}
+async function handleErrors(resolvedPath) {
+  console.log("🔴 Collecting errors...");
+  const errors = collectAllErrors(resolvedPath);
+  if (jsonOutput) {
+    console.log(JSON.stringify(errors, null, 2));
+    return;
+  }
+  console.log("\n## Error Analysis\n");
+  console.log(`| Type | Count |`);
+  console.log(`|------|-------|`);
+  console.log(`| TypeScript errors | ${errors.typescript?.length || 0} |`);
+  console.log(`| ESLint errors | ${errors.eslint?.length || 0} |`);
+  console.log(`| Syntax errors | ${errors.syntax?.length || 0} |`);
+  console.log(`| Import errors | ${errors.imports?.length || 0} |`);
+}
+main().catch((err) => {
+  console.error("Error:", err.message);
+  process.exit(1);
+});