@vibecheckai/cli 3.0.4 → 3.0.7

package/bin/runners/runMdc.js

@@ -1,2 +1,204 @@
-async function runMdc(args) { console.log("MDC generator not yet implemented"); return 0; }
+/**
+ * vibecheck mdc - Generate MDC (Markdown Context) documentation
+ * 
+ * Generates .mdc specification files for AI coding agents.
+ * These files help AI understand your codebase architecture.
+ */
+
+const path = require("path");
+const fs = require("fs");
+
+// ANSI colors
+const c = {
+  reset: "\x1b[0m",
+  dim: "\x1b[2m",
+  bold: "\x1b[1m",
+  cyan: "\x1b[36m",
+  green: "\x1b[32m",
+  yellow: "\x1b[33m",
+  red: "\x1b[31m",
+};
+
+function printHelp() {
+  console.log(`
+${c.cyan}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${c.reset}
+  ${c.bold}vibecheck mdc${c.reset} - Generate MDC Specifications
+${c.cyan}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${c.reset}
+
+${c.green}USAGE${c.reset}
+  vibecheck mdc [options]
+
+${c.yellow}OPTIONS${c.reset}
+  --output, -o <dir>      Output directory (default: .specs)
+  --categories <list>     Categories: architecture,security,data-flow,design-system
+  --depth <level>         Analysis depth: shallow, medium, deep (default: medium)
+  --min-score <n>         Minimum importance score 0-100 (default: 70)
+  --no-examples           Skip code examples
+  --json                  Output JSON instead of MDC files
+
+${c.dim}EXAMPLE${c.reset}
+  vibecheck mdc --output .cursor/rules --categories architecture,security
+
+${c.dim}MDC files help AI coding agents understand your codebase structure.${c.reset}
+`);
+}
+
+async function runMdc(args = []) {
+  if (args.includes("--help") || args.includes("-h")) {
+    printHelp();
+    return 0;
+  }
+
+  // Parse arguments
+  const outputIdx = args.findIndex(a => a === "--output" || a === "-o");
+  const outputDir = outputIdx !== -1 ? args[outputIdx + 1] : ".specs";
+  
+  const catIdx = args.findIndex(a => a === "--categories");
+  const categories = catIdx !== -1 ? args[catIdx + 1] : null;
+  
+  const depthIdx = args.findIndex(a => a === "--depth");
+  const depth = depthIdx !== -1 ? args[depthIdx + 1] : "medium";
+  
+  const minScoreIdx = args.findIndex(a => a === "--min-score");
+  const minScore = minScoreIdx !== -1 ? parseInt(args[minScoreIdx + 1]) : 70;
+  
+  const noExamples = args.includes("--no-examples");
+  const jsonOutput = args.includes("--json");
+
+  console.log(`
+${c.cyan}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${c.reset}
+  ${c.bold}📄 VIBECHECK MDC${c.reset} - Generating Specifications
+${c.cyan}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${c.reset}
+`);
+
+  const repoRoot = process.cwd();
+  
+  // Try to use the context module for MDC generation
+  try {
+    const { runContext } = require("./runContext");
+    
+    // Build args for context command which can generate rules
+    const contextArgs = ["--output", outputDir];
+    if (categories) {
+      contextArgs.push("--categories", categories);
+    }
+    
+    console.log(`${c.dim}▸ Analyzing codebase...${c.reset}`);
+    
+    // Generate context which includes MDC-compatible output
+    const exitCode = await runContext(contextArgs);
+    
+    if (exitCode === 0) {
+      console.log(`
+${c.green}✓${c.reset} MDC specifications generated in ${c.cyan}${outputDir}/${c.reset}
+
+${c.dim}Generated files can be used with:${c.reset}
+  • Cursor (.cursor/rules/)
+  • Windsurf (.windsurf/rules/)
+  • GitHub Copilot (.github/copilot-instructions.md)
+  • Claude (.claude/project-context.md)
+`);
+    }
+    
+    return exitCode;
+  } catch (e) {
+    // Fallback: generate basic MDC from truthpack
+    console.log(`${c.dim}▸ Using basic MDC generation...${c.reset}`);
+    
+    try {
+      const truthpackPath = path.join(repoRoot, ".vibecheck", "truth", "truthpack.json");
+      
+      if (!fs.existsSync(truthpackPath)) {
+        console.log(`${c.yellow}⚠${c.reset} No truthpack found. Run ${c.cyan}vibecheck ctx${c.reset} first.`);
+        return 1;
+      }
+      
+      const truthpack = JSON.parse(fs.readFileSync(truthpackPath, "utf8"));
+      
+      // Generate basic MDC content
+      const mdcContent = generateBasicMDC(truthpack, repoRoot);
+      
+      // Ensure output directory exists
+      const fullOutputDir = path.join(repoRoot, outputDir);
+      if (!fs.existsSync(fullOutputDir)) {
+        fs.mkdirSync(fullOutputDir, { recursive: true });
+      }
+      
+      // Write MDC file
+      const mdcPath = path.join(fullOutputDir, "architecture.mdc");
+      fs.writeFileSync(mdcPath, mdcContent, "utf8");
+      
+      console.log(`${c.green}✓${c.reset} Generated ${c.cyan}${outputDir}/architecture.mdc${c.reset}`);
+      return 0;
+    } catch (err) {
+      console.error(`${c.red}✗${c.reset} MDC generation failed:`, err.message);
+      return 1;
+    }
+  }
+}
+
+function generateBasicMDC(truthpack, repoRoot) {
+  const routes = truthpack.routes?.server || [];
+  const env = truthpack.env?.vars || [];
+  const auth = truthpack.auth || {};
+  
+  let content = `---
+description: Auto-generated architecture context from vibecheck
+globs: ["**/*.ts", "**/*.tsx", "**/*.js", "**/*.jsx"]
+---
+
+# Project Architecture
+
+## API Routes (${routes.length} total)
+
+`;
+
+  // Group routes by method
+  const byMethod = {};
+  routes.forEach(r => {
+    const method = r.method || "GET";
+    if (!byMethod[method]) byMethod[method] = [];
+    byMethod[method].push(r);
+  });
+  
+  for (const [method, rs] of Object.entries(byMethod)) {
+    content += `### ${method}\n`;
+    rs.slice(0, 10).forEach(r => {
+      content += `- \`${r.path}\`\n`;
+    });
+    if (rs.length > 10) {
+      content += `- ... and ${rs.length - 10} more\n`;
+    }
+    content += "\n";
+  }
+
+  if (env.length > 0) {
+    content += `## Environment Variables (${env.length} total)\n\n`;
+    env.slice(0, 15).forEach(e => {
+      content += `- \`${e.name}\` - ${e.required ? "required" : "optional"}\n`;
+    });
+    if (env.length > 15) {
+      content += `- ... and ${env.length - 15} more\n`;
+    }
+    content += "\n";
+  }
+
+  if (auth.nextMiddleware?.length > 0 || auth.fastify?.hooks?.length > 0) {
+    content += `## Authentication\n\n`;
+    if (auth.nextMiddleware?.length > 0) {
+      content += `- Next.js middleware: ${auth.nextMiddleware.length} rules\n`;
+    }
+    if (auth.fastify?.hooks?.length > 0) {
+      content += `- Fastify hooks: ${auth.fastify.hooks.length} hooks\n`;
+    }
+    content += "\n";
+  }
+
+  content += `---
+*Generated by vibecheck on ${new Date().toISOString().split("T")[0]}*
+`;
+
+  return content;
+}
+
 module.exports = { runMdc };

package/bin/runners/runProve.js

@@ -17,6 +17,7 @@ const fs = require("fs");
 const path = require("path");
 const { buildTruthpack, writeTruthpack, detectFastifyEntry } = require("./lib/truth");
 const { shipCore } = require("./runShip");
+const { findContractDrift, loadContracts, hasContracts, getDriftSummary } = require("./lib/drift");
 
 let runReality;
 try {
@@ -105,6 +106,28 @@ ${c.cyan}${c.bold}╔═══════════════════
     });
     
     console.log(`  ${c.green}✓${c.reset} Truthpack refreshed (${truthpack.routes?.server?.length || 0} routes, ${truthpack.env?.vars?.length || 0} env vars)`);
+    
+    // Check for contract drift after truthpack refresh
+    if (hasContracts(root)) {
+      const contracts = loadContracts(root);
+      const driftFindings = findContractDrift(contracts, truthpack);
+      const driftSummary = getDriftSummary(driftFindings);
+      
+      if (driftSummary.hasDrift) {
+        console.log(`  ${driftSummary.blocks > 0 ? c.yellow + '⚠️' : c.dim + 'ℹ️'} Contract drift: ${driftSummary.blocks} blocks, ${driftSummary.warns} warnings${c.reset}`);
+        timeline.push({
+          step: "1.5",
+          action: "drift_check",
+          status: driftSummary.verdict,
+          blocks: driftSummary.blocks,
+          warns: driftSummary.warns
+        });
+        
+        if (driftSummary.blocks > 0) {
+          console.log(`  ${c.dim}Run 'vibecheck ctx sync' to update contracts${c.reset}`);
+        }
+      }
+    }
   } catch (err) {
     timeline.push({ step: 1, action: "ctx", status: "error", error: err.message });
     console.log(`  ${c.yellow}⚠️ Context refresh failed: ${err.message}${c.reset}`);

package/bin/runners/runReplay.js

@@ -1,5 +1,3 @@
-#!/usr/bin/env node
-
 /**
  * Vibecheck Replay CLI
  * 
@@ -13,13 +11,11 @@
  *   vibecheck replay import <file>          Import a replay capsule
  */
 
-const { program } = require('commander');
-const chalk = require('chalk');
-const fs = require('fs').promises;
+const { Command } = require('commander');
 const path = require('path');
-const { chromium } = require('playwright');
-const { createReplayEngine } = require('./lib/replay');
-const { version } = require('../../package.json');
+
+// Lazy-load heavy dependencies
+let chalk, fs, chromium, createReplayEngine, version;
 
 // Global options
 let verbose = false;
@@ -28,10 +24,28 @@ let outputDir = path.join(process.cwd(), '.vibecheck', 'replays');
 // Initialize replay engine
 let replayEngine;
 
+/**
+ * Load heavy dependencies on demand
+ */
+function loadDeps() {
+  if (!chalk) {
+    chalk = require('chalk');
+    fs = require('fs').promises;
+    chromium = require('playwright').chromium;
+    createReplayEngine = require('./lib/replay').createReplayEngine;
+    try {
+      version = require('../../package.json').version;
+    } catch {
+      version = '0.0.0';
+    }
+  }
+}
+
 /**
  * Initialize the replay engine
  */
 async function initEngine() {
+  loadDeps();
   if (!replayEngine) {
     replayEngine = await createReplayEngine({
       basePath: process.cwd(),
@@ -45,6 +59,7 @@ async function initEngine() {
  * Record a user session
  */
 async function recordSession(url, options) {
+  loadDeps();
   console.log(chalk.blue(`\n🚀 Starting recording session for ${url}\n`));
   
   const browser = await chromium.launch({
@@ -115,6 +130,7 @@ async function recordSession(url, options) {
  * Replay a recorded session
  */
 async function replaySession(capsuleId, options) {
+  loadDeps();
   console.log(chalk.blue(`\n▶️  Replaying capsule: ${capsuleId}\n`));
   
   const browser = await chromium.launch({
@@ -381,89 +397,103 @@ async function importCapsule(filePath) {
   }
 }
 
-// Set up CLI
-program
-  .name('vibecheck replay')
-  .description('Record and replay user interactions for testing and debugging')
-  .version(version)
-  .option('-v, --verbose', 'Enable verbose output', false)
-  .option('--output-dir <dir>', 'Directory to save replay files', outputDir)
-  .hook('preAction', (thisCommand) => {
-    verbose = thisCommand.opts().verbose;
-    outputDir = thisCommand.opts().outputDir || outputDir;
-  });
+/**
+ * Main entry point for replay command
+ * Only parses args when explicitly called
+ */
+async function runReplay(args = []) {
+  loadDeps();
+  
+  const program = new Command();
+  
+  program
+    .name('vibecheck replay')
+    .description('Record and replay user interactions for testing and debugging')
+    .version(version || '0.0.0')
+    .option('-v, --verbose', 'Enable verbose output', false)
+    .option('--output-dir <dir>', 'Directory to save replay files', outputDir)
+    .hook('preAction', (thisCommand) => {
+      verbose = thisCommand.opts().verbose;
+      outputDir = thisCommand.opts().outputDir || outputDir;
+    });
 
-// Record command
-program
-  .command('record <url>')
-  .description('Record a user session')
-  .option('-n, --name <name>', 'Name for this recording')
-  .option('-d, --description <description>', 'Description of the recording')
-  .option('--tags <tags>', 'Comma-separated list of tags')
-  .option('--duration <seconds>', 'Auto-stop after specified seconds')
-  .option('--headed', 'Run browser in headed mode', false)
-  .option('--devtools', 'Open devtools', false)
-  .option('--video', 'Record video', false)
-  .action((url, options) => {
-    recordSession(url, options).catch(console.error);
-  });
+  // Record command
+  program
+    .command('record <url>')
+    .description('Record a user session')
+    .option('-n, --name <name>', 'Name for this recording')
+    .option('-d, --description <description>', 'Description of the recording')
+    .option('--tags <tags>', 'Comma-separated list of tags')
+    .option('--duration <seconds>', 'Auto-stop after specified seconds')
+    .option('--headed', 'Run browser in headed mode', false)
+    .option('--devtools', 'Open devtools', false)
+    .option('--video', 'Record video', false)
+    .action((url, options) => {
+      recordSession(url, options).catch(console.error);
+    });
 
-// Play command
-program
-  .command('play <capsule>')
-  .description('Replay a recorded session')
-  .option('--speed <speed>', 'Playback speed (1.0 = normal, 2.0 = 2x, etc.)', parseFloat, 1.0)
-  .option('--headed', 'Run browser in headed mode', false)
-  .option('--devtools', 'Open devtools', false)
-  .option('--stop-on-failure', 'Stop on first failure', false)
-  .action((capsule, options) => {
-    replaySession(capsule, options).catch(console.error);
-  });
+  // Play command
+  program
+    .command('play <capsule>')
+    .description('Replay a recorded session')
+    .option('--speed <speed>', 'Playback speed (1.0 = normal, 2.0 = 2x, etc.)', parseFloat, 1.0)
+    .option('--headed', 'Run browser in headed mode', false)
+    .option('--devtools', 'Open devtools', false)
+    .option('--stop-on-failure', 'Stop on first failure', false)
+    .action((capsule, options) => {
+      replaySession(capsule, options).catch(console.error);
+    });
 
-// List command
-program
-  .command('list')
-  .description('List available replay capsules')
-  .action(() => {
-    listCapsules().catch(console.error);
-  });
+  // List command
+  program
+    .command('list')
+    .description('List available replay capsules')
+    .action(() => {
+      listCapsules().catch(console.error);
+    });
 
-// Show command
-program
-  .command('show <id>')
-  .description('Show details of a replay capsule')
-  .action((id) => {
-    showCapsule(id).catch(console.error);
-  });
+  // Show command
+  program
+    .command('show <id>')
+    .description('Show details of a replay capsule')
+    .action((id) => {
+      showCapsule(id).catch(console.error);
+    });
 
-// Delete command
-program
-  .command('delete <id>')
-  .description('Delete a replay capsule')
-  .action((id) => {
-    deleteCapsule(id).catch(console.error);
-  });
+  // Delete command
+  program
+    .command('delete <id>')
+    .description('Delete a replay capsule')
+    .action((id) => {
+      deleteCapsule(id).catch(console.error);
+    });
 
-// Export command
-program
-  .command('export <id> <file>')
-  .description('Export a replay capsule to a file')
-  .action((id, file) => {
-    exportCapsule(id, file).catch(console.error);
-  });
+  // Export command
+  program
+    .command('export <id> <file>')
+    .description('Export a replay capsule to a file')
+    .action((id, file) => {
+      exportCapsule(id, file).catch(console.error);
+    });
 
-// Import command
-program
-  .command('import <file>')
-  .description('Import a replay capsule from a file')
-  .action((file) => {
-    importCapsule(file).catch(console.error);
-  });
+  // Import command
+  program
+    .command('import <file>')
+    .description('Import a replay capsule from a file')
+    .action((file) => {
+      importCapsule(file).catch(console.error);
+    });
 
-// Show help if no arguments
-if (process.argv.length <= 2) {
-  program.help();
+  // Parse the provided args (prepend fake node/script path for commander)
+  const argv = ['node', 'vibecheck-replay', ...args];
+  
+  if (args.length === 0) {
+    program.help();
+    return 0;
+  }
+  
+  await program.parseAsync(argv);
+  return 0;
 }
 
-// Parse command line arguments
-program.parse(process.argv);
+module.exports = { runReplay };

package/bin/runners/runScan.js

@@ -478,8 +478,65 @@ async function runScan(args) {
   }
 
   try {
-    // Import systems
-    const { scanRouteIntegrity } = require('../../dist/lib/route-integrity');
+    // Import systems - try TypeScript compiled first, fallback to JS runtime
+    let scanRouteIntegrity;
+    let useFallbackScanner = false;
+    
+    try {
+      scanRouteIntegrity = require('../../dist/lib/route-integrity').scanRouteIntegrity;
+    } catch (e) {
+      // Fallback to JS-based scanner using truth.js and analyzers.js
+      useFallbackScanner = true;
+      const { buildTruthpack } = require('./lib/truth');
+      const { findMissingRoutes, findEnvGaps, findFakeSuccess, findGhostAuth } = require('./lib/analyzers');
+      
+      scanRouteIntegrity = async function({ projectPath, layers, baseUrl, verbose }) {
+        // Build truthpack for route analysis
+        const truthpack = await buildTruthpack({ repoRoot: projectPath });
+        
+        // Run analyzers
+        const findings = [];
+        findings.push(...findMissingRoutes(truthpack));
+        findings.push(...findEnvGaps(truthpack));
+        findings.push(...findFakeSuccess(projectPath));
+        findings.push(...findGhostAuth(truthpack, projectPath));
+        
+        // Convert to scan format matching TypeScript scanner output
+        const shipBlockers = findings.map((f, i) => ({
+          id: f.id || `finding-${i}`,
+          ruleId: f.category,
+          category: f.category,
+          severity: f.severity === 'BLOCK' ? 'critical' : f.severity === 'WARN' ? 'warning' : 'info',
+          title: f.title,
+          message: f.title,
+          description: f.why,
+          file: f.evidence?.[0]?.file || '',
+          line: parseInt(f.evidence?.[0]?.lines?.split('-')[0]) || 1,
+          evidence: f.evidence || [],
+          fixHints: f.fixHints || [],
+          autofixAvailable: false,
+          verdict: f.severity === 'BLOCK' ? 'FAIL' : 'WARN',
+        }));
+        
+        // Return structure matching TypeScript scanner
+        return {
+          report: {
+            shipBlockers,
+            realitySniffFindings: [],
+            routeMap: truthpack.routes,
+            summary: {
+              total: shipBlockers.length,
+              critical: shipBlockers.filter(f => f.severity === 'critical').length,
+              warning: shipBlockers.filter(f => f.severity === 'warning').length,
+            },
+            verdict: shipBlockers.some(f => f.severity === 'critical') ? 'BLOCK' : 
+                     shipBlockers.some(f => f.severity === 'warning') ? 'WARN' : 'SHIP'
+          },
+          outputPaths: {},
+          truthpack
+        };
+      };
+    }
     
     // Try to import new unified output system (may not be compiled yet)
     let buildVerdictOutput, normalizeFinding, formatStandardOutput, formatScanOutput, getExitCode, CacheManager;
@@ -648,35 +705,6 @@ async function runScan(args) {
 
     const { report, outputPaths } = result;
 
-    // Normalize findings with stable IDs
-    const existingIDs = new Set();
-    const normalizedFindings = [];
-    
-    // Normalize route integrity findings
-    if (report.shipBlockers) {
-      for (let i = 0; i < report.shipBlockers.length; i++) {
-        const blocker = report.shipBlockers[i];
-        const category = blocker.category || 'ROUTE';
-        const normalized = normalizeFinding(blocker, category, i, existingIDs);
-        normalizedFindings.push(normalized);
-      }
-    }
-
-    // Normalize Reality Sniff findings if present
-    if (report.realitySniffFindings) {
-      for (let i = 0; i < report.realitySniffFindings.length; i++) {
-        const finding = report.realitySniffFindings[i];
-        const category = finding.ruleId?.startsWith('auth') ? 'AUTH' : 'REALITY';
-        const normalized = normalizeFinding(finding, category, normalizedFindings.length, existingIDs);
-        normalizedFindings.push(normalized);
-      }
-    }
-    
-    // Add detection engine findings (Dead UI, Billing, Fake Success)
-    for (const finding of detectionFindings) {
-      normalizedFindings.push(finding);
-    }
-
     // Use new unified output if available, otherwise fallback to old format
     if (useUnifiedOutput && buildVerdictOutput && normalizeFinding) {
       // Normalize findings with stable IDs
@@ -778,7 +806,58 @@ async function runScan(args) {
     });
 
     return getExitCode(verdict);
-    } // End of if (useUnifiedOutput)
+    } else {
+      // Legacy fallback output when unified output system isn't available
+      const findings = [...(report.shipBlockers || []), ...detectionFindings];
+      const criticalCount = findings.filter(f => f.severity === 'critical' || f.severity === 'BLOCK').length;
+      const warningCount = findings.filter(f => f.severity === 'warning' || f.severity === 'WARN').length;
+      
+      const verdict = criticalCount > 0 ? 'BLOCK' : warningCount > 0 ? 'WARN' : 'SHIP';
+      
+      // Print simple output
+      console.log();
+      console.log(`  ${c.bold}═══════════════════════════════════════════════════════════════════${c.reset}`);
+      
+      if (verdict === 'SHIP') {
+        console.log(`  ${c.bgGreen}${c.white}${c.bold}  ✓ SHIP  ${c.reset} ${c.green}Ready to ship!${c.reset}`);
+      } else if (verdict === 'WARN') {
+        console.log(`  ${c.bgYellow}${c.black}${c.bold}  ⚠ WARN  ${c.reset} ${c.yellow}Review recommended before shipping${c.reset}`);
+      } else {
+        console.log(`  ${c.bgRed}${c.white}${c.bold}  ✗ BLOCK ${c.reset} ${c.red}Issues must be fixed before shipping${c.reset}`);
+      }
+      
+      console.log(`  ${c.bold}═══════════════════════════════════════════════════════════════════${c.reset}`);
+      console.log();
+      
+      if (findings.length > 0) {
+        console.log(`  ${c.bold}Findings (${findings.length})${c.reset}`);
+        console.log();
+        
+        for (const finding of findings.slice(0, 10)) {
+          const severityIcon = finding.severity === 'critical' || finding.severity === 'BLOCK' 
+            ? `${c.red}✗${c.reset}` 
+            : `${c.yellow}⚠${c.reset}`;
+          console.log(`  ${severityIcon} ${finding.title || finding.message}`);
+          if (finding.file) {
+            console.log(`    ${c.dim}${finding.file}${finding.line ? `:${finding.line}` : ''}${c.reset}`);
+          }
+        }
+        
+        if (findings.length > 10) {
+          console.log(`  ${c.dim}... and ${findings.length - 10} more findings${c.reset}`);
+        }
+        console.log();
+      }
+      
+      // Emit audit event
+      emitScanComplete(projectPath, verdict === 'SHIP' ? 'success' : 'failure', {
+        score: verdict === 'SHIP' ? 100 : verdict === 'WARN' ? 70 : 40,
+        issueCount: criticalCount + warningCount,
+        durationMs: timings.total,
+      });
+      
+      return verdict === 'SHIP' ? 0 : verdict === 'WARN' ? 1 : 2;
+    }
 
   } catch (error) {
     stopSpinner(`Scan failed: ${error.message}`, false);