npm - @vibecheckai/cli - Versions diffs - 2.8.2 → 3.0.0 - Mend

@vibecheckai/cli 2.8.2 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (454) hide show

package/README.md +8 -8
package/bin/_deprecations.js +35 -0
package/bin/_router.js +46 -0
package/bin/cli-hygiene.js +241 -0
package/bin/guardrail.js +834 -0
package/bin/runners/cli-utils.js +1070 -0
package/bin/runners/context/ai-task-decomposer.js +337 -0
package/bin/runners/context/analyzer.js +462 -0
package/bin/runners/context/api-contracts.js +427 -0
package/bin/runners/context/context-diff.js +342 -0
package/bin/runners/context/context-pruner.js +291 -0
package/bin/runners/context/dependency-graph.js +414 -0
package/bin/runners/context/generators/claude.js +107 -0
package/bin/runners/context/generators/codex.js +108 -0
package/bin/runners/context/generators/copilot.js +119 -0
package/bin/runners/context/generators/cursor.js +514 -0
package/bin/runners/context/generators/mcp.js +151 -0
package/bin/runners/context/generators/windsurf.js +180 -0
package/bin/runners/context/git-context.js +302 -0
package/bin/runners/context/index.js +1042 -0
package/bin/runners/context/insights.js +173 -0
package/bin/runners/context/mcp-server/generate-rules.js +337 -0
package/bin/runners/context/mcp-server/index.js +1176 -0
package/bin/runners/context/mcp-server/package.json +24 -0
package/bin/runners/context/memory.js +200 -0
package/bin/runners/context/monorepo.js +215 -0
package/bin/runners/context/multi-repo-federation.js +404 -0
package/bin/runners/context/patterns.js +253 -0
package/bin/runners/context/proof-context.js +972 -0
package/bin/runners/context/security-scanner.js +303 -0
package/bin/runners/context/semantic-search.js +350 -0
package/bin/runners/context/shared.js +264 -0
package/bin/runners/context/team-conventions.js +310 -0
package/bin/runners/lib/ai-bridge.js +416 -0
package/bin/runners/lib/analysis-core.js +271 -0
package/bin/runners/lib/analyzers.js +541 -0
package/bin/runners/lib/audit-bridge.js +391 -0
package/bin/runners/lib/auth-truth.js +193 -0
package/bin/runners/lib/auth.js +215 -0
package/bin/runners/lib/backup.js +62 -0
package/bin/runners/lib/billing.js +107 -0
package/bin/runners/lib/claims.js +118 -0
package/bin/runners/lib/cli-ui.js +540 -0
package/bin/runners/lib/compliance-bridge-new.js +0 -0
package/bin/runners/lib/compliance-bridge.js +165 -0
package/bin/runners/lib/contracts/auth-contract.js +194 -0
package/bin/runners/lib/contracts/env-contract.js +178 -0
package/bin/runners/lib/contracts/external-contract.js +198 -0
package/bin/runners/lib/contracts/guard.js +168 -0
package/bin/runners/lib/contracts/index.js +89 -0
package/bin/runners/lib/contracts/plan-validator.js +311 -0
package/bin/runners/lib/contracts/route-contract.js +192 -0
package/bin/runners/lib/detect.js +89 -0
package/bin/runners/lib/doctor/autofix.js +254 -0
package/bin/runners/lib/doctor/index.js +37 -0
package/bin/runners/lib/doctor/modules/dependencies.js +325 -0
package/bin/runners/lib/doctor/modules/index.js +46 -0
package/bin/runners/lib/doctor/modules/network.js +250 -0
package/bin/runners/lib/doctor/modules/project.js +312 -0
package/bin/runners/lib/doctor/modules/runtime.js +224 -0
package/bin/runners/lib/doctor/modules/security.js +348 -0
package/bin/runners/lib/doctor/modules/system.js +213 -0
package/bin/runners/lib/doctor/modules/vibecheck.js +394 -0
package/bin/runners/lib/doctor/reporter.js +262 -0
package/bin/runners/lib/doctor/service.js +262 -0
package/bin/runners/lib/doctor/types.js +113 -0
package/bin/runners/lib/doctor/ui.js +263 -0
package/bin/runners/lib/doctor-enhanced.js +233 -0
package/bin/runners/lib/doctor-v2.js +608 -0
package/bin/runners/lib/enforcement.js +72 -0
package/bin/runners/lib/enterprise-detect.js +603 -0
package/bin/runners/lib/enterprise-init.js +942 -0
package/bin/runners/lib/entitlements-v2.js +381 -0
package/bin/runners/lib/entitlements.generated.js +0 -0
package/bin/runners/lib/entitlements.js +332 -0
package/bin/runners/lib/env-template.js +66 -0
package/bin/runners/lib/env.js +189 -0
package/bin/runners/lib/error-handler.js +320 -0
package/bin/runners/lib/firewall-prompt.js +50 -0
package/bin/runners/lib/graph/graph-builder.js +265 -0
package/bin/runners/lib/graph/html-renderer.js +413 -0
package/bin/runners/lib/graph/index.js +32 -0
package/bin/runners/lib/graph/runtime-collector.js +215 -0
package/bin/runners/lib/graph/static-extractor.js +518 -0
package/bin/runners/lib/init-wizard.js +308 -0
package/bin/runners/lib/json-output.js +76 -0
package/bin/runners/lib/llm.js +75 -0
package/bin/runners/lib/meter.js +61 -0
package/bin/runners/lib/missions/evidence.js +126 -0
package/bin/runners/lib/missions/plan.js +69 -0
package/bin/runners/lib/missions/templates.js +147 -0
package/bin/runners/lib/patch.js +40 -0
package/bin/runners/lib/permissions/auth-model.js +213 -0
package/bin/runners/lib/permissions/idor-prover.js +205 -0
package/bin/runners/lib/permissions/index.js +45 -0
package/bin/runners/lib/permissions/matrix-builder.js +198 -0
package/bin/runners/lib/pkgjson.js +28 -0
package/bin/runners/lib/preflight.js +142 -0
package/bin/runners/lib/reality-findings.js +84 -0
package/bin/runners/lib/redact.js +29 -0
package/bin/runners/lib/replay/capsule-manager.js +154 -0
package/bin/runners/lib/replay/index.js +263 -0
package/bin/runners/lib/replay/player.js +348 -0
package/bin/runners/lib/replay/recorder.js +331 -0
package/bin/runners/lib/report-engine.js +447 -0
package/bin/runners/lib/report-html.js +1117 -0
package/bin/runners/lib/report-templates.js +964 -0
package/bin/runners/lib/route-detection.js +1140 -0
package/bin/runners/lib/route-truth.js +477 -0
package/bin/runners/lib/sandbox/index.js +59 -0
package/bin/runners/lib/sandbox/proof-chain.js +399 -0
package/bin/runners/lib/sandbox/sandbox-runner.js +205 -0
package/bin/runners/lib/sandbox/worktree.js +174 -0
package/bin/runners/lib/scan-cache.js +330 -0
package/bin/runners/lib/scan-output-schema.js +344 -0
package/bin/runners/lib/score-history.js +282 -0
package/bin/runners/lib/security-bridge.js +249 -0
package/bin/runners/lib/server-usage.js +513 -0
package/bin/runners/lib/share-pack.js +239 -0
package/bin/runners/lib/snippets.js +67 -0
package/bin/runners/lib/truth.js +667 -0
package/bin/runners/lib/unified-output.js +189 -0
package/bin/runners/lib/validate-patch.js +156 -0
package/bin/runners/lib/verification.js +345 -0
package/bin/runners/reality/engine.js +917 -0
package/bin/runners/reality/flows.js +122 -0
package/bin/runners/reality/report.js +378 -0
package/bin/runners/reality/session.js +193 -0
package/bin/runners/runAIAgent.js +2 -0
package/bin/runners/runAudit.js +2 -0
package/bin/runners/runAuth.js +106 -0
package/bin/runners/runAutopilot.js +2 -0
package/bin/runners/runBadge.js +2 -0
package/bin/runners/runCertify.js +2 -0
package/bin/runners/runClaimVerifier.js +483 -0
package/bin/runners/runContext.js +56 -0
package/bin/runners/runContextCompiler.js +385 -0
package/bin/runners/runCtx.js +187 -0
package/bin/runners/runCtxGuard.js +176 -0
package/bin/runners/runCtxSync.js +116 -0
package/bin/runners/runDashboard.js +10 -0
package/bin/runners/runDoctor.js +245 -0
package/bin/runners/runEnhancedShip.js +2 -0
package/bin/runners/runFix.js +735 -0
package/bin/runners/runFixPacks.js +2 -0
package/bin/runners/runGate.js +17 -0
package/bin/runners/runGraph.js +283 -0
package/bin/runners/runInit.js +260 -0
package/bin/runners/runInitGha.js +101 -0
package/bin/runners/runInstall.js +76 -0
package/bin/runners/runInteractive.js +388 -0
package/bin/runners/runLaunch.js +2 -0
package/bin/runners/runMcp.js +19 -0
package/bin/runners/runMdc.js +2 -0
package/bin/runners/runMissionGenerator.js +282 -0
package/bin/runners/runNaturalLanguage.js +3 -0
package/bin/runners/runPR.js +96 -0
package/bin/runners/runPermissions.js +290 -0
package/bin/runners/runPromptFirewall.js +211 -0
package/bin/runners/runProof.js +2 -0
package/bin/runners/runProve.js +392 -0
package/bin/runners/runReality.js +489 -0
package/bin/runners/runRealitySniff.js +2 -0
package/bin/runners/runReplay.js +469 -0
package/bin/runners/runReport.js +478 -0
package/bin/runners/runScan.js +835 -0
package/bin/runners/runShare.js +34 -0
package/bin/runners/runShip.js +1062 -0
package/bin/runners/runStatus.js +136 -0
package/bin/runners/runTruthpack.js +634 -0
package/bin/runners/runUpgrade.js +2 -0
package/bin/runners/runValidate.js +2 -0
package/bin/runners/runVerifyAgentOutput.js +2 -0
package/bin/runners/runWatch.js +230 -0
package/bin/runners/utils.js +360 -0
package/bin/scan.js +612 -0
package/bin/vibecheck.js +834 -0
package/package.json +11 -11
package/dist/autopatch/verified-autopatch.d.ts +0 -111
package/dist/autopatch/verified-autopatch.d.ts.map +0 -1
package/dist/autopatch/verified-autopatch.js +0 -503
package/dist/autopatch/verified-autopatch.js.map +0 -1
package/dist/bundles/index.js +0 -8
package/dist/bundles/vibecheck-core.js +0 -25799
package/dist/bundles/vibecheck-security.js +0 -208693
package/dist/bundles/vibecheck-ship.js +0 -2318
package/dist/commands/baseline.d.ts +0 -7
package/dist/commands/baseline.d.ts.map +0 -1
package/dist/commands/baseline.js +0 -79
package/dist/commands/baseline.js.map +0 -1
package/dist/commands/cache.d.ts +0 -13
package/dist/commands/cache.d.ts.map +0 -1
package/dist/commands/cache.js +0 -165
package/dist/commands/cache.js.map +0 -1
package/dist/commands/checkpoint.d.ts +0 -8
package/dist/commands/checkpoint.d.ts.map +0 -1
package/dist/commands/checkpoint.js +0 -35
package/dist/commands/checkpoint.js.map +0 -1
package/dist/commands/doctor.d.ts +0 -17
package/dist/commands/doctor.d.ts.map +0 -1
package/dist/commands/doctor.js +0 -226
package/dist/commands/doctor.js.map +0 -1
package/dist/commands/evidence.d.ts +0 -45
package/dist/commands/evidence.d.ts.map +0 -1
package/dist/commands/evidence.js +0 -197
package/dist/commands/evidence.js.map +0 -1
package/dist/commands/explain.d.ts +0 -8
package/dist/commands/explain.d.ts.map +0 -1
package/dist/commands/explain.js +0 -52
package/dist/commands/explain.js.map +0 -1
package/dist/commands/fix-consolidated.d.ts +0 -19
package/dist/commands/fix-consolidated.d.ts.map +0 -1
package/dist/commands/fix-consolidated.js +0 -165
package/dist/commands/fix-consolidated.js.map +0 -1
package/dist/commands/index.d.ts +0 -8
package/dist/commands/index.d.ts.map +0 -1
package/dist/commands/index.js +0 -15
package/dist/commands/index.js.map +0 -1
package/dist/commands/init.d.ts +0 -8
package/dist/commands/init.d.ts.map +0 -1
package/dist/commands/init.js +0 -125
package/dist/commands/init.js.map +0 -1
package/dist/commands/launcher.d.ts +0 -10
package/dist/commands/launcher.d.ts.map +0 -1
package/dist/commands/launcher.js +0 -174
package/dist/commands/launcher.js.map +0 -1
package/dist/commands/on.d.ts +0 -8
package/dist/commands/on.d.ts.map +0 -1
package/dist/commands/on.js +0 -123
package/dist/commands/on.js.map +0 -1
package/dist/commands/replay.d.ts +0 -8
package/dist/commands/replay.d.ts.map +0 -1
package/dist/commands/replay.js +0 -52
package/dist/commands/replay.js.map +0 -1
package/dist/commands/scan-consolidated.d.ts +0 -61
package/dist/commands/scan-consolidated.d.ts.map +0 -1
package/dist/commands/scan-consolidated.js +0 -243
package/dist/commands/scan-consolidated.js.map +0 -1
package/dist/commands/scan-secrets.d.ts +0 -47
package/dist/commands/scan-secrets.d.ts.map +0 -1
package/dist/commands/scan-secrets.js +0 -225
package/dist/commands/scan-secrets.js.map +0 -1
package/dist/commands/scan-vulnerabilities-enhanced.d.ts +0 -41
package/dist/commands/scan-vulnerabilities-enhanced.d.ts.map +0 -1
package/dist/commands/scan-vulnerabilities-enhanced.js +0 -368
package/dist/commands/scan-vulnerabilities-enhanced.js.map +0 -1
package/dist/commands/scan-vulnerabilities-osv.d.ts +0 -58
package/dist/commands/scan-vulnerabilities-osv.d.ts.map +0 -1
package/dist/commands/scan-vulnerabilities-osv.js +0 -722
package/dist/commands/scan-vulnerabilities-osv.js.map +0 -1
package/dist/commands/scan-vulnerabilities.d.ts +0 -32
package/dist/commands/scan-vulnerabilities.d.ts.map +0 -1
package/dist/commands/scan-vulnerabilities.js +0 -283
package/dist/commands/scan-vulnerabilities.js.map +0 -1
package/dist/commands/secrets-allowlist.d.ts +0 -7
package/dist/commands/secrets-allowlist.d.ts.map +0 -1
package/dist/commands/secrets-allowlist.js +0 -85
package/dist/commands/secrets-allowlist.js.map +0 -1
package/dist/commands/ship-consolidated.d.ts +0 -58
package/dist/commands/ship-consolidated.d.ts.map +0 -1
package/dist/commands/ship-consolidated.js +0 -515
package/dist/commands/ship-consolidated.js.map +0 -1
package/dist/commands/stats.d.ts +0 -8
package/dist/commands/stats.d.ts.map +0 -1
package/dist/commands/stats.js +0 -134
package/dist/commands/stats.js.map +0 -1
package/dist/commands/upgrade.d.ts +0 -8
package/dist/commands/upgrade.d.ts.map +0 -1
package/dist/commands/upgrade.js +0 -30
package/dist/commands/upgrade.js.map +0 -1
package/dist/fix/applicator.d.ts +0 -44
package/dist/fix/applicator.d.ts.map +0 -1
package/dist/fix/applicator.js +0 -144
package/dist/fix/applicator.js.map +0 -1
package/dist/fix/backup.d.ts +0 -38
package/dist/fix/backup.d.ts.map +0 -1
package/dist/fix/backup.js +0 -154
package/dist/fix/backup.js.map +0 -1
package/dist/fix/engine.d.ts +0 -55
package/dist/fix/engine.d.ts.map +0 -1
package/dist/fix/engine.js +0 -285
package/dist/fix/engine.js.map +0 -1
package/dist/fix/index.d.ts +0 -5
package/dist/fix/index.d.ts.map +0 -1
package/dist/fix/index.js +0 -12
package/dist/fix/index.js.map +0 -1
package/dist/fix/interactive.d.ts +0 -22
package/dist/fix/interactive.d.ts.map +0 -1
package/dist/fix/interactive.js +0 -172
package/dist/fix/interactive.js.map +0 -1
package/dist/formatters/index.d.ts +0 -6
package/dist/formatters/index.d.ts.map +0 -1
package/dist/formatters/index.js +0 -11
package/dist/formatters/index.js.map +0 -1
package/dist/formatters/sarif-enhanced.d.ts +0 -78
package/dist/formatters/sarif-enhanced.d.ts.map +0 -1
package/dist/formatters/sarif-enhanced.js +0 -144
package/dist/formatters/sarif-enhanced.js.map +0 -1
package/dist/formatters/sarif-v2.d.ts +0 -121
package/dist/formatters/sarif-v2.d.ts.map +0 -1
package/dist/formatters/sarif-v2.js +0 -356
package/dist/formatters/sarif-v2.js.map +0 -1
package/dist/formatters/sarif.d.ts +0 -72
package/dist/formatters/sarif.d.ts.map +0 -1
package/dist/formatters/sarif.js +0 -146
package/dist/formatters/sarif.js.map +0 -1
package/dist/index.d.ts +0 -61
package/dist/index.d.ts.map +0 -1
package/dist/index.js +0 -4388
package/dist/index.js.map +0 -1
package/dist/init/ci-generator.d.ts +0 -18
package/dist/init/ci-generator.d.ts.map +0 -1
package/dist/init/ci-generator.js +0 -317
package/dist/init/ci-generator.js.map +0 -1
package/dist/init/detect-framework.d.ts +0 -15
package/dist/init/detect-framework.d.ts.map +0 -1
package/dist/init/detect-framework.js +0 -301
package/dist/init/detect-framework.js.map +0 -1
package/dist/init/hooks-installer.d.ts +0 -22
package/dist/init/hooks-installer.d.ts.map +0 -1
package/dist/init/hooks-installer.js +0 -310
package/dist/init/hooks-installer.js.map +0 -1
package/dist/init/index.d.ts +0 -8
package/dist/init/index.d.ts.map +0 -1
package/dist/init/index.js +0 -22
package/dist/init/index.js.map +0 -1
package/dist/init/templates.d.ts +0 -402
package/dist/init/templates.d.ts.map +0 -1
package/dist/init/templates.js +0 -240
package/dist/init/templates.js.map +0 -1
package/dist/mcp/server.d.ts +0 -12
package/dist/mcp/server.d.ts.map +0 -1
package/dist/mcp/server.js +0 -42
package/dist/mcp/server.js.map +0 -1
package/dist/mcp/telemetry.d.ts +0 -40
package/dist/mcp/telemetry.d.ts.map +0 -1
package/dist/mcp/telemetry.js +0 -98
package/dist/mcp/telemetry.js.map +0 -1
package/dist/reality/no-dead-buttons/button-sweep-generator.d.ts +0 -32
package/dist/reality/no-dead-buttons/button-sweep-generator.d.ts.map +0 -1
package/dist/reality/no-dead-buttons/button-sweep-generator.js +0 -236
package/dist/reality/no-dead-buttons/button-sweep-generator.js.map +0 -1
package/dist/reality/no-dead-buttons/index.d.ts +0 -11
package/dist/reality/no-dead-buttons/index.d.ts.map +0 -1
package/dist/reality/no-dead-buttons/index.js +0 -18
package/dist/reality/no-dead-buttons/index.js.map +0 -1
package/dist/reality/no-dead-buttons/static-scanner.d.ts +0 -34
package/dist/reality/no-dead-buttons/static-scanner.d.ts.map +0 -1
package/dist/reality/no-dead-buttons/static-scanner.js +0 -230
package/dist/reality/no-dead-buttons/static-scanner.js.map +0 -1
package/dist/reality/reality-graph.d.ts +0 -192
package/dist/reality/reality-graph.d.ts.map +0 -1
package/dist/reality/reality-graph.js +0 -600
package/dist/reality/reality-graph.js.map +0 -1
package/dist/reality/reality-runner.d.ts +0 -89
package/dist/reality/reality-runner.d.ts.map +0 -1
package/dist/reality/reality-runner.js +0 -540
package/dist/reality/reality-runner.js.map +0 -1
package/dist/reality/receipt-generator.d.ts +0 -152
package/dist/reality/receipt-generator.d.ts.map +0 -1
package/dist/reality/receipt-generator.js +0 -495
package/dist/reality/receipt-generator.js.map +0 -1
package/dist/reality/runtime-tracer.d.ts +0 -75
package/dist/reality/runtime-tracer.d.ts.map +0 -1
package/dist/reality/runtime-tracer.js +0 -109
package/dist/reality/runtime-tracer.js.map +0 -1
package/dist/runtime/auth-utils.d.ts +0 -43
package/dist/runtime/auth-utils.d.ts.map +0 -1
package/dist/runtime/auth-utils.js +0 -130
package/dist/runtime/auth-utils.js.map +0 -1
package/dist/runtime/client.d.ts +0 -74
package/dist/runtime/client.d.ts.map +0 -1
package/dist/runtime/client.js +0 -222
package/dist/runtime/client.js.map +0 -1
package/dist/runtime/creds.d.ts +0 -48
package/dist/runtime/creds.d.ts.map +0 -1
package/dist/runtime/creds.js +0 -245
package/dist/runtime/creds.js.map +0 -1
package/dist/runtime/exit-codes.d.ts +0 -49
package/dist/runtime/exit-codes.d.ts.map +0 -1
package/dist/runtime/exit-codes.js +0 -93
package/dist/runtime/exit-codes.js.map +0 -1
package/dist/runtime/index.d.ts +0 -9
package/dist/runtime/index.d.ts.map +0 -1
package/dist/runtime/index.js +0 -25
package/dist/runtime/index.js.map +0 -1
package/dist/runtime/json-output.d.ts +0 -42
package/dist/runtime/json-output.d.ts.map +0 -1
package/dist/runtime/json-output.js +0 -59
package/dist/runtime/json-output.js.map +0 -1
package/dist/runtime/semver.d.ts +0 -37
package/dist/runtime/semver.d.ts.map +0 -1
package/dist/runtime/semver.js +0 -110
package/dist/runtime/semver.js.map +0 -1
package/dist/scan/dead-ui-detector.d.ts +0 -48
package/dist/scan/dead-ui-detector.d.ts.map +0 -1
package/dist/scan/dead-ui-detector.js +0 -170
package/dist/scan/dead-ui-detector.js.map +0 -1
package/dist/scan/playwright-sweep.d.ts +0 -40
package/dist/scan/playwright-sweep.d.ts.map +0 -1
package/dist/scan/playwright-sweep.js +0 -216
package/dist/scan/playwright-sweep.js.map +0 -1
package/dist/scan/proof-bundle.d.ts +0 -25
package/dist/scan/proof-bundle.d.ts.map +0 -1
package/dist/scan/proof-bundle.js +0 -203
package/dist/scan/proof-bundle.js.map +0 -1
package/dist/scan/proof-graph.d.ts +0 -59
package/dist/scan/proof-graph.d.ts.map +0 -1
package/dist/scan/proof-graph.js +0 -64
package/dist/scan/proof-graph.js.map +0 -1
package/dist/scan/reality-sniff.d.ts +0 -56
package/dist/scan/reality-sniff.d.ts.map +0 -1
package/dist/scan/reality-sniff.js +0 -200
package/dist/scan/reality-sniff.js.map +0 -1
package/dist/scan/structural-verifier.d.ts +0 -20
package/dist/scan/structural-verifier.d.ts.map +0 -1
package/dist/scan/structural-verifier.js +0 -112
package/dist/scan/structural-verifier.js.map +0 -1
package/dist/scan/verification-engine.d.ts +0 -47
package/dist/scan/verification-engine.d.ts.map +0 -1
package/dist/scan/verification-engine.js +0 -141
package/dist/scan/verification-engine.js.map +0 -1
package/dist/scanner/baseline.d.ts +0 -52
package/dist/scanner/baseline.d.ts.map +0 -1
package/dist/scanner/baseline.js +0 -85
package/dist/scanner/baseline.js.map +0 -1
package/dist/scanner/incremental.d.ts +0 -30
package/dist/scanner/incremental.d.ts.map +0 -1
package/dist/scanner/incremental.js +0 -82
package/dist/scanner/incremental.js.map +0 -1
package/dist/scanner/parallel.d.ts +0 -43
package/dist/scanner/parallel.d.ts.map +0 -1
package/dist/scanner/parallel.js +0 -99
package/dist/scanner/parallel.js.map +0 -1
package/dist/standalone.d.ts +0 -1
package/dist/standalone.d.ts.map +0 -1
package/dist/standalone.js +0 -1
package/dist/standalone.js.map +0 -1
package/dist/truth-pack/index.d.ts +0 -102
package/dist/truth-pack/index.d.ts.map +0 -1
package/dist/truth-pack/index.js +0 -694
package/dist/truth-pack/index.js.map +0 -1
package/dist/ui/frame.d.ts +0 -68
package/dist/ui/frame.d.ts.map +0 -1
package/dist/ui/frame.js +0 -165
package/dist/ui/frame.js.map +0 -1
package/dist/ui/index.d.ts +0 -5
package/dist/ui/index.d.ts.map +0 -1
package/dist/ui/index.js +0 -16
package/dist/ui/index.js.map +0 -1
package/dist/ui.d.ts +0 -36
package/dist/ui.d.ts.map +0 -1
package/dist/ui.js +0 -45
package/dist/ui.js.map +0 -1

package/bin/runners/runContextCompiler.js ADDED Viewed

@@ -0,0 +1,385 @@
+#!/usr/bin/env node
+/**
+ * Context Compiler v1
+ *
+ * Generates task-targeted context slices from the Truth Pack.
+ * Big context = noise. Small context = missing facts.
+ * This compiles exactly what you need for the task.
+ *
+ * Usage:
+ *   compileContext({ task: 'Fix dead login button', focus: { files: [...], routes: [...] } })
+ */
+import fs from 'fs/promises';
+import path from 'path';
+import crypto from 'crypto';
+import yaml from 'js-yaml';
+/**
+ * Load the truth pack from disk
+ */
+async function loadTruthpack(projectPath) {
+  const truthpackPath = path.join(projectPath, '.vibecheck', 'truth', 'truthpack.json');
+  try {
+    const content = await fs.readFile(truthpackPath, 'utf8');
+    return JSON.parse(content);
+  } catch {
+    return null;
+  }
+}
+/**
+ * Load invariants from disk
+ */
+async function loadInvariants(projectPath) {
+  const invariantsPath = path.join(projectPath, '.vibecheck', 'invariants.yml');
+  try {
+    const content = await fs.readFile(invariantsPath, 'utf8');
+    return yaml.load(content);
+  } catch {
+    return { invariants: [] };
+  }
+}
+/**
+ * Compile context for a specific task
+ *
+ * @param {Object} request - Context compilation request
+ * @param {string} request.task - What you're trying to do
+ * @param {Object} request.focus - Optional focus areas
+ * @param {string[]} request.focus.files - Specific files to include
+ * @param {string[]} request.focus.routes - Specific routes to include
+ * @param {string[]} request.constraints - Constraints to apply
+ * @param {number} request.maxTokensHint - Max tokens hint
+ * @param {string} projectPath - Project root path
+ * @returns {Object} Compiled context slice
+ */
+export async function compileContext(request, projectPath = process.cwd()) {
+  const contextId = `ctxslice_${crypto.randomBytes(4).toString('hex')}`;
+  const { task, focus = {}, constraints = [], maxTokensHint = 4000 } = request;
+  const truthpack = await loadTruthpack(projectPath);
+  if (!truthpack) {
+    return {
+      contextId,
+      error: 'No truth pack found. Run `vibecheck ctx` first.',
+      summary: null,
+      truthSlice: null,
+      evidence: [],
+      invariants: [],
+    };
+  }
+  const invariantsData = await loadInvariants(projectPath);
+  // Analyze task to determine relevant domains
+  const analysis = analyzeTask(task);
+  // Filter truth pack to relevant content
+  const truthSlice = buildTruthSlice(truthpack, analysis, focus);
+  // Gather evidence for the slice
+  const evidence = gatherEvidence(truthSlice);
+  // Select applicable invariants
+  const applicableInvariants = selectInvariants(invariantsData, analysis);
+  // Generate summary
+  const summary = generateSummary(task, truthSlice, analysis);
+  // Apply constraints
+  const appliedConstraints = applyConstraints(truthSlice, constraints);
+  // Estimate token count
+  const tokenEstimate = estimateTokens(truthSlice, evidence);
+  return {
+    contextId,
+    summary,
+    task,
+    analysis: {
+      domains: analysis.domains,
+      keywords: analysis.keywords,
+      action: analysis.action,
+    },
+    truthSlice,
+    evidence: evidence.slice(0, 50), // Limit evidence
+    invariants: applicableInvariants.map(i => i.id),
+    constraints: appliedConstraints,
+    tokenEstimate,
+    warnings: generateWarnings(analysis, tokenEstimate, maxTokensHint),
+  };
+}
+/**
+ * Analyze task to determine domains, keywords, and action
+ */
+function analyzeTask(task) {
+  const taskLower = task.toLowerCase();
+  // Detect domains
+  const domains = [];
+  if (/auth|login|logout|session|password|jwt|token/i.test(task)) domains.push('auth');
+  if (/billing|payment|stripe|subscription|checkout|tier|pro|enterprise/i.test(task)) domains.push('billing');
+  if (/route|endpoint|api|handler|fetch|axios/i.test(task)) domains.push('api');
+  if (/component|button|form|ui|page|modal|dialog/i.test(task)) domains.push('ui');
+  if (/database|prisma|model|schema|query|db/i.test(task)) domains.push('data');
+  if (/test|spec|jest|vitest/i.test(task)) domains.push('testing');
+  if (/security|xss|csrf|injection|sanitize/i.test(task)) domains.push('security');
+  if (/env|environment|config|secret/i.test(task)) domains.push('env');
+  if (domains.length === 0) domains.push('general');
+  // Detect action type
+  let action = 'unknown';
+  if (/fix|bug|broken|error|issue|problem|dead/i.test(task)) action = 'fix';
+  else if (/add|create|implement|build|new/i.test(task)) action = 'create';
+  else if (/update|change|modify|refactor/i.test(task)) action = 'update';
+  else if (/delete|remove|drop/i.test(task)) action = 'delete';
+  else if (/wire|connect|integrate|link/i.test(task)) action = 'integrate';
+  else if (/verify|check|validate|test/i.test(task)) action = 'verify';
+  // Extract keywords
+  const stopWords = new Set(['the', 'a', 'an', 'is', 'are', 'was', 'were', 'be', 'been', 'have', 'has', 'do', 'does', 'did', 'will', 'would', 'could', 'should', 'may', 'might', 'must', 'to', 'of', 'in', 'for', 'on', 'with', 'at', 'by', 'from', 'as', 'into', 'through', 'this', 'that', 'these', 'those', 'i', 'me', 'my', 'we', 'our', 'you', 'your', 'it', 'its', 'they', 'them', 'their', 'what', 'which', 'who', 'and', 'but', 'if', 'or', 'because', 'fix', 'add', 'update', 'create', 'make', 'build']);
+  const keywords = task
+    .toLowerCase()
+    .replace(/[^a-z0-9\s]/g, ' ')
+    .split(/\s+/)
+    .filter(word => word.length > 2 && !stopWords.has(word));
+  return { domains, action, keywords };
+}
+/**
+ * Build a filtered truth slice based on analysis and focus
+ */
+function buildTruthSlice(truthpack, analysis, focus) {
+  const slice = {
+    routes: { server: [], clientRefs: [] },
+    env: { vars: [] },
+    auth: null,
+    billing: null,
+  };
+  // Filter routes
+  if (focus.routes && focus.routes.length > 0) {
+    slice.routes.server = truthpack.routes.server.filter(r =>
+      focus.routes.some(fr => r.path.includes(fr) || fr.includes(r.path))
+    );
+    slice.routes.clientRefs = truthpack.routes.clientRefs.filter(r =>
+      focus.routes.some(fr => r.path.includes(fr) || fr.includes(r.path))
+    );
+  } else if (analysis.keywords.length > 0) {
+    slice.routes.server = truthpack.routes.server.filter(r =>
+      analysis.keywords.some(k => r.path.includes(k) || r.handler.includes(k))
+    );
+    slice.routes.clientRefs = truthpack.routes.clientRefs.filter(r =>
+      analysis.keywords.some(k => r.path.includes(k) || r.source.includes(k))
+    );
+  }
+  // Include routes from focused files
+  if (focus.files && focus.files.length > 0) {
+    const fileRoutes = truthpack.routes.server.filter(r =>
+      focus.files.some(f => r.handler.includes(f))
+    );
+    const fileClientRefs = truthpack.routes.clientRefs.filter(r =>
+      focus.files.some(f => r.source.includes(f))
+    );
+    slice.routes.server.push(...fileRoutes.filter(r => !slice.routes.server.includes(r)));
+    slice.routes.clientRefs.push(...fileClientRefs.filter(r => !slice.routes.clientRefs.includes(r)));
+  }
+  // Filter env vars based on keywords
+  if (analysis.keywords.length > 0) {
+    slice.env.vars = truthpack.env.vars.filter(v =>
+      analysis.keywords.some(k => v.name.toLowerCase().includes(k))
+    );
+  }
+  // Include auth if relevant
+  if (analysis.domains.includes('auth')) {
+    slice.auth = truthpack.auth;
+  }
+  // Include billing if relevant
+  if (analysis.domains.includes('billing')) {
+    slice.billing = truthpack.billing;
+  }
+  return slice;
+}
+/**
+ * Gather evidence from the truth slice
+ */
+function gatherEvidence(truthSlice) {
+  const evidence = [];
+  for (const route of truthSlice.routes.server) {
+    if (route.evidence) evidence.push(...route.evidence);
+  }
+  for (const ref of truthSlice.routes.clientRefs) {
+    if (ref.evidence) evidence.push(...ref.evidence);
+  }
+  for (const v of truthSlice.env.vars) {
+    if (v.references) evidence.push(...v.references);
+  }
+  if (truthSlice.auth?.model?.signals) {
+    for (const s of truthSlice.auth.model.signals) {
+      if (s.evidence) evidence.push(...s.evidence);
+    }
+  }
+  return evidence;
+}
+/**
+ * Select applicable invariants based on task analysis
+ */
+function selectInvariants(invariantsData, analysis) {
+  const invariants = invariantsData.invariants || [];
+  const domainToApplies = {
+    auth: ['server', 'middleware', 'api'],
+    billing: ['server', 'ui'],
+    api: ['api', 'server'],
+    ui: ['ui'],
+    security: ['all', 'server'],
+  };
+  const relevantApplies = new Set();
+  for (const domain of analysis.domains) {
+    const applies = domainToApplies[domain] || [];
+    applies.forEach(a => relevantApplies.add(a));
+  }
+  // Always include security-related invariants for fix/integrate actions
+  if (analysis.action === 'fix' || analysis.action === 'integrate') {
+    relevantApplies.add('server');
+    relevantApplies.add('middleware');
+  }
+  return invariants.filter(inv => {
+    if (!inv.appliesTo) return true;
+    return inv.appliesTo.some(a => relevantApplies.has(a) || a === 'all');
+  });
+}
+/**
+ * Generate a summary of the context
+ */
+function generateSummary(task, truthSlice, analysis) {
+  const parts = [];
+  parts.push(`Task: ${task}`);
+  parts.push(`Domains: ${analysis.domains.join(', ')}`);
+  parts.push(`Action: ${analysis.action}`);
+  if (truthSlice.routes.server.length > 0) {
+    parts.push(`Server routes: ${truthSlice.routes.server.length}`);
+  }
+  if (truthSlice.routes.clientRefs.length > 0) {
+    parts.push(`Client refs: ${truthSlice.routes.clientRefs.length}`);
+  }
+  // Check for mismatches (gaps)
+  const serverPaths = new Set(truthSlice.routes.server.map(r => r.path));
+  const clientPaths = truthSlice.routes.clientRefs.map(r => r.path);
+  const mismatches = clientPaths.filter(p => !serverPaths.has(p));
+  if (mismatches.length > 0) {
+    parts.push(`⚠️ Route mismatches: ${mismatches.join(', ')}`);
+  }
+  return parts.join(' | ');
+}
+/**
+ * Apply constraints to the truth slice
+ */
+function applyConstraints(truthSlice, constraints) {
+  const applied = [];
+  for (const constraint of constraints) {
+    switch (constraint) {
+      case 'do_not_invent_routes':
+        applied.push({
+          id: 'do_not_invent_routes',
+          description: 'Only use routes that exist in the truth pack',
+          enforced: true,
+        });
+        break;
+      case 'no_new_env_vars_without_proof':
+        applied.push({
+          id: 'no_new_env_vars_without_proof',
+          description: 'Do not add env vars that are not declared in .env.example',
+          enforced: true,
+        });
+        break;
+      case 'require_auth_verification':
+        applied.push({
+          id: 'require_auth_verification',
+          description: 'Verify auth is enforced on protected routes',
+          enforced: true,
+        });
+        break;
+    }
+  }
+  return applied;
+}
+/**
+ * Estimate token count for the context
+ */
+function estimateTokens(truthSlice, evidence) {
+  let tokens = 0;
+  // Routes: ~50 tokens each
+  tokens += truthSlice.routes.server.length * 50;
+  tokens += truthSlice.routes.clientRefs.length * 30;
+  // Env vars: ~20 tokens each
+  tokens += truthSlice.env.vars.length * 20;
+  // Auth/billing: ~200 tokens each if present
+  if (truthSlice.auth) tokens += 200;
+  if (truthSlice.billing) tokens += 200;
+  // Evidence: ~100 tokens each
+  tokens += evidence.length * 100;
+  return tokens;
+}
+/**
+ * Generate warnings based on context
+ */
+function generateWarnings(analysis, tokenEstimate, maxTokensHint) {
+  const warnings = [];
+  if (analysis.domains.includes('auth') || analysis.domains.includes('billing')) {
+    warnings.push('High-stakes domain detected - verify all claims before making changes');
+  }
+  if (tokenEstimate > maxTokensHint) {
+    warnings.push(`Context exceeds ${maxTokensHint} token hint (est: ${tokenEstimate}). Consider narrowing focus.`);
+  }
+  if (analysis.action === 'fix' && analysis.domains.includes('auth')) {
+    warnings.push('Auth fix - ensure changes do not weaken security');
+  }
+  return warnings;
+}
+export default { compileContext };

package/bin/runners/runCtx.js ADDED Viewed

@@ -0,0 +1,187 @@
+// bin/runners/runCtx.js
+const path = require("path");
+const fs = require("fs");
+const { buildTruthpack, writeTruthpack, detectFastifyEntry } = require("./lib/truth");
+const c = {
+  reset: '\x1b[0m',
+  bold: '\x1b[1m',
+  dim: '\x1b[2m',
+  red: '\x1b[31m',
+  green: '\x1b[32m',
+  yellow: '\x1b[33m',
+  blue: '\x1b[34m',
+  cyan: '\x1b[36m',
+  magenta: '\x1b[35m',
+};
+function parseArgs(args) {
+  const opts = {
+    path: process.cwd(),
+    fastifyEntry: null,
+    json: false,
+    snapshot: false,
+    help: false,
+  };
+  for (let i = 0; i < args.length; i++) {
+    const arg = args[i];
+    if (arg === '--json' || arg === '-j') opts.json = true;
+    else if (arg === '--snapshot' || arg === '-s') opts.snapshot = true;
+    else if (arg === '--fastify-entry') opts.fastifyEntry = args[++i];
+    else if (arg === '--path' || arg === '-p') opts.path = args[++i];
+    else if (arg === '--help' || arg === '-h') opts.help = true;
+  }
+  return opts;
+}
+function printHelp() {
+  console.log(`
+${c.cyan}${c.bold}📦 vibecheck ctx${c.reset} — Truth Pack Generator
+${c.dim}Build a comprehensive truth pack of your codebase for AI agents.${c.reset}
+${c.bold}USAGE${c.reset}
+  vibecheck ctx                Generate truth pack
+  vibecheck ctx --snapshot     Save timestamped snapshot
+  vibecheck ctx --json         Output as JSON
+${c.bold}OPTIONS${c.reset}
+  --json, -j          Output raw JSON
+  --snapshot, -s      Save to snapshots/ with timestamp
+  --fastify-entry     Fastify entry file (e.g. src/server.ts)
+  --path, -p          Project path (default: current directory)
+  --help, -h          Show this help
+${c.bold}TRUTH PACK CONTENTS${c.reset}
+  • ${c.cyan}routes${c.reset}      Server routes + client refs + gaps
+  • ${c.cyan}env${c.reset}         Used vars + declared vars + sources
+  • ${c.cyan}auth${c.reset}        Middleware + patterns + signals
+  • ${c.cyan}billing${c.reset}     Stripe usage + webhooks + gates
+  • ${c.cyan}enforcement${c.reset} Paid surface checks
+${c.bold}OUTPUT${c.reset}
+  .vibecheck/truth/truthpack.json   Main truth pack
+  .vibecheck/truth/truthpack.md     Human-readable summary
+${c.bold}EXAMPLES${c.reset}
+  vibecheck ctx                          # Generate truth pack
+  vibecheck ctx --snapshot               # Save snapshot
+  vibecheck ctx --json > truthpack.json  # Export as JSON
+`);
+}
+async function runCtx(args) {
+  const opts = typeof args === 'object' && !Array.isArray(args)
+    ? args  // Legacy object format
+    : parseArgs(args || []);
+  if (opts.help) {
+    printHelp();
+    return 0;
+  }
+  const root = opts.repoRoot || opts.path || process.cwd();
+  const entry = opts.fastifyEntry || detectFastifyEntry(root);
+  // Print header
+  if (!opts.json && !opts.print) {
+    console.log('');
+    console.log(`${c.cyan}╔══════════════════════════════════════════════════════════════════════╗${c.reset}`);
+    console.log(`${c.cyan}║${c.reset}                                                                      ${c.cyan}║${c.reset}`);
+    console.log(`${c.cyan}║${c.reset}   ${c.bold}📦 TRUTH PACK GENERATOR${c.reset}                                          ${c.cyan}║${c.reset}`);
+    console.log(`${c.cyan}║${c.reset}   ${c.dim}Building ground truth for AI agents${c.reset}                              ${c.cyan}║${c.reset}`);
+    console.log(`${c.cyan}║${c.reset}                                                                      ${c.cyan}║${c.reset}`);
+    console.log(`${c.cyan}╚══════════════════════════════════════════════════════════════════════╝${c.reset}`);
+    console.log('');
+  }
+  // Build truthpack with progress
+  if (!opts.json && !opts.print) {
+    process.stdout.write(`${c.dim}○${c.reset} Building truth pack...`);
+  }
+  const truthpack = await buildTruthpack({ repoRoot: root, fastifyEntry: entry });
+  writeTruthpack(root, truthpack);
+  if (!opts.json && !opts.print) {
+    process.stdout.write(`\r${c.green}✓${c.reset} Truth pack built        \n`);
+  }
+  // Handle snapshot
+  if (opts.snapshot) {
+    const snapshotsDir = path.join(root, ".vibecheck", "truth", "snapshots");
+    fs.mkdirSync(snapshotsDir, { recursive: true });
+    const timestamp = new Date().toISOString().replace(/[:.]/g, '-');
+    const snapshotPath = path.join(snapshotsDir, `truthpack-${timestamp}.json`);
+    fs.writeFileSync(snapshotPath, JSON.stringify(truthpack, null, 2));
+    if (!opts.json) {
+      console.log(`${c.green}✓${c.reset} Snapshot saved: ${c.dim}${path.relative(root, snapshotPath)}${c.reset}`);
+    }
+  }
+  // JSON output
+  if (opts.json || opts.print) {
+    console.log(JSON.stringify(truthpack, null, 2));
+    return 0;
+  }
+  // Beautiful summary
+  const nextRoutes = (truthpack.routes?.server || []).filter(r =>
+    r.handler?.includes("app/api") || r.handler?.includes("pages/api")
+  ).length;
+  const fastifyRoutes = (truthpack.routes?.server || []).filter(r =>
+    !r.handler?.includes("app/api") && !r.handler?.includes("pages/api")
+  ).length;
+  const clientRefs = truthpack.routes?.clientRefs?.length || 0;
+  const gaps = truthpack.routes?.gaps?.length || 0;
+  const envUsed = truthpack.env?.vars?.length || 0;
+  const envDeclared = truthpack.env?.declared?.length || 0;
+  const envSources = (truthpack.env?.declaredSources || []).join(", ") || "none";
+  const nextMiddleware = truthpack.auth?.nextMiddleware?.length || 0;
+  const fastifySignals = truthpack.auth?.fastify?.signalTypes?.length || 0;
+  const hasStripe = truthpack.billing?.hasStripe;
+  const webhooks = truthpack.billing?.summary?.webhookHandlersFound || 0;
+  const enforced = truthpack.enforcement?.enforcedCount || 0;
+  const checked = truthpack.enforcement?.checkedCount || 0;
+  console.log('');
+  console.log(`${c.cyan}┌─ Routes ──────────────────────────────────────────────────────────────┐${c.reset}`);
+  console.log(`${c.cyan}│${c.reset}  ${c.bold}▲ Next.js:${c.reset}  ${nextRoutes} routes`);
+  console.log(`${c.cyan}│${c.reset}  ${c.bold}⚡ Fastify:${c.reset} ${fastifyRoutes} routes`);
+  console.log(`${c.cyan}│${c.reset}  ${c.dim}Client refs:${c.reset} ${clientRefs}  ${gaps > 0 ? `${c.yellow}⚠ ${gaps} gaps${c.reset}` : `${c.green}✓ no gaps${c.reset}`}`);
+  console.log(`${c.cyan}└───────────────────────────────────────────────────────────────────────┘${c.reset}`);
+  console.log(`${c.magenta}┌─ Environment ─────────────────────────────────────────────────────────┐${c.reset}`);
+  console.log(`${c.magenta}│${c.reset}  ${c.bold}Used:${c.reset}     ${envUsed} env vars`);
+  console.log(`${c.magenta}│${c.reset}  ${c.bold}Declared:${c.reset} ${envDeclared} (${envSources})`);
+  console.log(`${c.magenta}└───────────────────────────────────────────────────────────────────────┘${c.reset}`);
+  console.log(`${c.blue}┌─ Auth ─────────────────────────────────────────────────────────────────┐${c.reset}`);
+  console.log(`${c.blue}│${c.reset}  ${c.bold}Next middleware:${c.reset} ${nextMiddleware}`);
+  console.log(`${c.blue}│${c.reset}  ${c.bold}Fastify signals:${c.reset} ${fastifySignals}`);
+  console.log(`${c.blue}└───────────────────────────────────────────────────────────────────────┘${c.reset}`);
+  console.log(`${c.yellow}┌─ Billing ──────────────────────────────────────────────────────────────┐${c.reset}`);
+  console.log(`${c.yellow}│${c.reset}  ${c.bold}Stripe:${c.reset}   ${hasStripe ? `${c.green}✓ detected${c.reset}` : `${c.dim}not detected${c.reset}`}`);
+  console.log(`${c.yellow}│${c.reset}  ${c.bold}Webhooks:${c.reset} ${webhooks} handlers`);
+  console.log(`${c.yellow}│${c.reset}  ${c.bold}Enforced:${c.reset} ${enforced}/${checked} paid routes`);
+  console.log(`${c.yellow}└───────────────────────────────────────────────────────────────────────┘${c.reset}`);
+  console.log('');
+  console.log(`${c.green}${c.bold}✓ Truth pack saved${c.reset}`);
+  console.log(`  ${c.dim}→${c.reset} ${path.join(root, ".vibecheck", "truth", "truthpack.json")}`);
+  if (entry) {
+    console.log(`  ${c.dim}Fastify entry:${c.reset} ${entry}`);
+  }
+  console.log('');
+  return 0;
+}
+module.exports = { runCtx };