@vibecheckai/cli 3.0.4 → 3.0.7

package/mcp-server/truth-context.js

@@ -0,0 +1,581 @@
+/**
+ * Truth Context - MCP Tools for Evidence-Backed AI
+ * 
+ * Core Context Engine tools that provide truth-backed context for AI agents.
+ * All responses include citations (file/line) and confidence levels.
+ * 
+ * This is the "Truth Firewall" made visible as "Evidence Pack" / "Truth Pack".
+ * 
+ * Tools:
+ *   vibecheck.ctx          - Get repo truth bundle (routes, auth, billing, env, schema)
+ *   vibecheck.verify_claim - Verify a claim has evidence
+ *   vibecheck.evidence     - Get evidence for a specific file/function
+ */
+
+import fs from "fs/promises";
+import path from "path";
+import { execSync } from "child_process";
+
+// ============================================================================
+// TRUTH CONTEXT TOOLS
+// ============================================================================
+
+export const TRUTH_CONTEXT_TOOLS = [
+  {
+    name: "vibecheck.ctx",
+    description: `📋 Get repo Truth Pack — routes, auth, billing, env vars, schema.
+    
+Returns evidence-backed context with file/line citations.
+Use this before making any claims about the codebase.
+
+Returns:
+- routes: All defined routes with handlers and middleware
+- auth: Auth guards, protected routes, auth flow
+- billing: Payment gates, subscription checks, paid features
+- env: Environment variables (declared vs used)
+- schema: Database schema, API contracts
+- confidence: Overall confidence score (0-1)`,
+    inputSchema: {
+      type: "object",
+      properties: {
+        scope: {
+          type: "string",
+          enum: ["all", "routes", "auth", "billing", "env", "schema"],
+          description: "What context to extract (default: all)",
+          default: "all",
+        },
+        path: {
+          type: "string",
+          description: "Project path (default: current directory)",
+        },
+      },
+    },
+  },
+  {
+    name: "vibecheck.verify_claim",
+    description: `🔍 Verify a claim has evidence — Truth Firewall check.
+    
+Before claiming something exists or works, verify it.
+Returns evidence (file/line) or rejection with reason.
+
+Examples:
+- "Route /api/users exists" → Verified with handler at src/routes/users.ts:45
+- "Auth is required for /admin" → Verified with middleware at src/middleware/auth.ts:12
+- "Stripe is configured" → REJECTED: No evidence of Stripe integration found`,
+    inputSchema: {
+      type: "object",
+      properties: {
+        claim_type: {
+          type: "string",
+          enum: ["route", "endpoint", "env_var", "middleware", "auth_guard", "billing_gate", "file", "function"],
+          description: "Type of claim to verify",
+        },
+        claim: {
+          type: "string",
+          description: "The claim to verify (e.g., '/api/users', 'AUTH_SECRET', 'authMiddleware')",
+        },
+        path: {
+          type: "string",
+          description: "Project path (default: current directory)",
+        },
+      },
+      required: ["claim_type", "claim"],
+    },
+  },
+  {
+    name: "vibecheck.evidence",
+    description: `📎 Get evidence for a file/function — citations with context.
+    
+Returns the actual code with line numbers for citation.
+Use this when you need to reference specific code in your response.`,
+    inputSchema: {
+      type: "object",
+      properties: {
+        file: {
+          type: "string",
+          description: "File path relative to project root",
+        },
+        function_name: {
+          type: "string",
+          description: "Optional function/class name to find",
+        },
+        line: {
+          type: "number",
+          description: "Optional specific line number",
+        },
+        context_lines: {
+          type: "number",
+          description: "Lines of context around target (default: 10)",
+          default: 10,
+        },
+        path: {
+          type: "string",
+          description: "Project path (default: current directory)",
+        },
+      },
+      required: ["file"],
+    },
+  },
+];
+
+// ============================================================================
+// TOOL HANDLERS
+// ============================================================================
+
+export async function handleTruthContextTool(toolName, args) {
+  const projectPath = args.path || process.cwd();
+
+  switch (toolName) {
+    case "vibecheck.ctx":
+      return await getTruthPack(projectPath, args.scope || "all");
+    case "vibecheck.verify_claim":
+      return await verifyClaim(projectPath, args.claim_type, args.claim);
+    case "vibecheck.evidence":
+      return await getEvidence(projectPath, args.file, args);
+    default:
+      return { error: `Unknown tool: ${toolName}` };
+  }
+}
+
+// ============================================================================
+// CONTEXT EXTRACTION
+// ============================================================================
+
+async function getTruthPack(projectPath, scope) {
+  const truthPack = {
+    version: "1.0.0",
+    generatedAt: new Date().toISOString(),
+    projectPath,
+    scope,
+    confidence: 0,
+    sections: {},
+  };
+
+  try {
+    if (scope === "all" || scope === "routes") {
+      truthPack.sections.routes = await extractRoutes(projectPath);
+    }
+    if (scope === "all" || scope === "auth") {
+      truthPack.sections.auth = await extractAuth(projectPath);
+    }
+    if (scope === "all" || scope === "billing") {
+      truthPack.sections.billing = await extractBilling(projectPath);
+    }
+    if (scope === "all" || scope === "env") {
+      truthPack.sections.env = await extractEnvVars(projectPath);
+    }
+    if (scope === "all" || scope === "schema") {
+      truthPack.sections.schema = await extractSchema(projectPath);
+    }
+
+    // Calculate overall confidence
+    const sections = Object.values(truthPack.sections);
+    if (sections.length > 0) {
+      truthPack.confidence = sections.reduce((sum, s) => sum + (s.confidence || 0), 0) / sections.length;
+    }
+
+    return truthPack;
+  } catch (error) {
+    return {
+      error: error.message,
+      projectPath,
+      suggestion: "Run 'vibecheck init' to set up the project",
+    };
+  }
+}
+
+async function extractRoutes(projectPath) {
+  const routes = [];
+  const routePatterns = [
+    /app\.(get|post|put|patch|delete|use)\s*\(\s*['"`]([^'"`]+)['"`]/gi,
+    /router\.(get|post|put|patch|delete|use)\s*\(\s*['"`]([^'"`]+)['"`]/gi,
+    /@(Get|Post|Put|Patch|Delete)\s*\(\s*['"`]([^'"`]+)['"`]/gi,
+  ];
+
+  const files = await findSourceFiles(projectPath, [".ts", ".js", ".tsx", ".jsx"]);
+  
+  for (const file of files.slice(0, 50)) { // Limit for performance
+    try {
+      const content = await fs.readFile(file, "utf8");
+      const relPath = path.relative(projectPath, file);
+      
+      for (const pattern of routePatterns) {
+        let match;
+        pattern.lastIndex = 0;
+        while ((match = pattern.exec(content)) !== null) {
+          const line = content.substring(0, match.index).split("\n").length;
+          routes.push({
+            method: match[1].toUpperCase(),
+            path: match[2],
+            file: relPath,
+            line,
+            evidence: {
+              snippet: content.split("\n")[line - 1]?.trim(),
+              verifiedAt: new Date().toISOString(),
+            },
+          });
+        }
+      }
+    } catch {
+      // Skip unreadable files
+    }
+  }
+
+  return {
+    count: routes.length,
+    routes: routes.slice(0, 100), // Limit output
+    confidence: routes.length > 0 ? 0.8 : 0.2,
+  };
+}
+
+async function extractAuth(projectPath) {
+  const authIndicators = [];
+  const authPatterns = [
+    /auth(enticate|orize|Middleware|Guard|Check)/gi,
+    /isAuthenticated|requireAuth|verifyToken|jwt\.verify/gi,
+    /passport\.(authenticate|use)/gi,
+    /session\.|cookie\./gi,
+  ];
+
+  const files = await findSourceFiles(projectPath, [".ts", ".js"]);
+  
+  for (const file of files.slice(0, 50)) {
+    try {
+      const content = await fs.readFile(file, "utf8");
+      const relPath = path.relative(projectPath, file);
+      
+      for (const pattern of authPatterns) {
+        let match;
+        pattern.lastIndex = 0;
+        while ((match = pattern.exec(content)) !== null) {
+          const line = content.substring(0, match.index).split("\n").length;
+          authIndicators.push({
+            type: "auth_indicator",
+            match: match[0],
+            file: relPath,
+            line,
+          });
+        }
+      }
+    } catch {
+      // Skip
+    }
+  }
+
+  return {
+    count: authIndicators.length,
+    indicators: authIndicators.slice(0, 50),
+    confidence: authIndicators.length > 5 ? 0.8 : authIndicators.length > 0 ? 0.5 : 0.1,
+  };
+}
+
+async function extractBilling(projectPath) {
+  const billingIndicators = [];
+  const billingPatterns = [
+    /stripe|paddle|lemonsqueezy|gumroad/gi,
+    /subscription|payment|checkout|invoice/gi,
+    /isPro|isPremium|isEnterprise|hasPaid/gi,
+    /price|tier|plan/gi,
+  ];
+
+  const files = await findSourceFiles(projectPath, [".ts", ".js"]);
+  
+  for (const file of files.slice(0, 30)) {
+    try {
+      const content = await fs.readFile(file, "utf8");
+      const relPath = path.relative(projectPath, file);
+      
+      for (const pattern of billingPatterns) {
+        let match;
+        pattern.lastIndex = 0;
+        while ((match = pattern.exec(content)) !== null) {
+          const line = content.substring(0, match.index).split("\n").length;
+          billingIndicators.push({
+            type: "billing_indicator",
+            match: match[0],
+            file: relPath,
+            line,
+          });
+        }
+      }
+    } catch {
+      // Skip
+    }
+  }
+
+  return {
+    count: billingIndicators.length,
+    indicators: billingIndicators.slice(0, 30),
+    confidence: billingIndicators.length > 3 ? 0.7 : billingIndicators.length > 0 ? 0.4 : 0.1,
+  };
+}
+
+async function extractEnvVars(projectPath) {
+  const declared = [];
+  const used = [];
+
+  // Check .env.example, .env.local.example, etc.
+  const envFiles = [".env.example", ".env.local.example", ".env.sample"];
+  for (const envFile of envFiles) {
+    try {
+      const content = await fs.readFile(path.join(projectPath, envFile), "utf8");
+      const lines = content.split("\n");
+      for (let i = 0; i < lines.length; i++) {
+        const match = lines[i].match(/^([A-Z][A-Z0-9_]*)=/);
+        if (match) {
+          declared.push({
+            name: match[1],
+            file: envFile,
+            line: i + 1,
+          });
+        }
+      }
+    } catch {
+      // File doesn't exist
+    }
+  }
+
+  // Find process.env usage in code
+  const files = await findSourceFiles(projectPath, [".ts", ".js"]);
+  for (const file of files.slice(0, 30)) {
+    try {
+      const content = await fs.readFile(file, "utf8");
+      const relPath = path.relative(projectPath, file);
+      const pattern = /process\.env\.([A-Z][A-Z0-9_]*)/g;
+      let match;
+      while ((match = pattern.exec(content)) !== null) {
+        const line = content.substring(0, match.index).split("\n").length;
+        used.push({
+          name: match[1],
+          file: relPath,
+          line,
+        });
+      }
+    } catch {
+      // Skip
+    }
+  }
+
+  // Find mismatches
+  const declaredNames = new Set(declared.map(d => d.name));
+  const usedNames = new Set(used.map(u => u.name));
+  const undeclared = [...usedNames].filter(n => !declaredNames.has(n));
+  const unused = [...declaredNames].filter(n => !usedNames.has(n));
+
+  return {
+    declared: declared.slice(0, 50),
+    used: used.slice(0, 50),
+    mismatches: {
+      undeclared,
+      unused,
+    },
+    confidence: undeclared.length === 0 ? 0.9 : 0.5,
+  };
+}
+
+async function extractSchema(projectPath) {
+  const schemas = [];
+
+  // Check for Prisma schema
+  try {
+    const prismaPath = path.join(projectPath, "prisma", "schema.prisma");
+    const content = await fs.readFile(prismaPath, "utf8");
+    const modelMatches = content.matchAll(/model\s+(\w+)\s*\{/g);
+    for (const match of modelMatches) {
+      schemas.push({
+        type: "prisma_model",
+        name: match[1],
+        file: "prisma/schema.prisma",
+      });
+    }
+  } catch {
+    // No Prisma
+  }
+
+  // Check for TypeScript types/interfaces
+  const files = await findSourceFiles(projectPath, [".ts", ".tsx"]);
+  for (const file of files.slice(0, 20)) {
+    try {
+      const content = await fs.readFile(file, "utf8");
+      const relPath = path.relative(projectPath, file);
+      
+      const typeMatches = content.matchAll(/(?:interface|type)\s+(\w+)/g);
+      for (const match of typeMatches) {
+        const line = content.substring(0, match.index).split("\n").length;
+        schemas.push({
+          type: "typescript_type",
+          name: match[1],
+          file: relPath,
+          line,
+        });
+      }
+    } catch {
+      // Skip
+    }
+  }
+
+  return {
+    count: schemas.length,
+    schemas: schemas.slice(0, 50),
+    confidence: schemas.length > 5 ? 0.7 : schemas.length > 0 ? 0.4 : 0.2,
+  };
+}
+
+// ============================================================================
+// CLAIM VERIFICATION
+// ============================================================================
+
+async function verifyClaim(projectPath, claimType, claim) {
+  const result = {
+    claim: { type: claimType, value: claim },
+    verified: false,
+    evidence: null,
+    confidence: 0,
+    rejection: null,
+  };
+
+  try {
+    switch (claimType) {
+      case "file":
+        const filePath = path.join(projectPath, claim);
+        try {
+          await fs.access(filePath);
+          const stats = await fs.stat(filePath);
+          result.verified = true;
+          result.confidence = 1.0;
+          result.evidence = {
+            file: claim,
+            exists: true,
+            size: stats.size,
+            verifiedAt: new Date().toISOString(),
+          };
+        } catch {
+          result.rejection = `File does not exist: ${claim}`;
+        }
+        break;
+
+      case "route":
+      case "endpoint":
+        const routes = await extractRoutes(projectPath);
+        const matchingRoute = routes.routes.find(r => r.path === claim || r.path.includes(claim));
+        if (matchingRoute) {
+          result.verified = true;
+          result.confidence = 0.9;
+          result.evidence = matchingRoute;
+        } else {
+          result.rejection = `No route matching "${claim}" found in codebase`;
+        }
+        break;
+
+      case "env_var":
+        const envData = await extractEnvVars(projectPath);
+        const isDeclared = envData.declared.some(d => d.name === claim);
+        const isUsed = envData.used.some(u => u.name === claim);
+        if (isDeclared || isUsed) {
+          result.verified = true;
+          result.confidence = isDeclared && isUsed ? 1.0 : 0.7;
+          result.evidence = {
+            declared: isDeclared,
+            used: isUsed,
+            locations: [...envData.declared.filter(d => d.name === claim), ...envData.used.filter(u => u.name === claim)],
+          };
+        } else {
+          result.rejection = `Environment variable "${claim}" not found`;
+        }
+        break;
+
+      default:
+        result.rejection = `Claim type "${claimType}" verification not yet implemented`;
+    }
+  } catch (error) {
+    result.rejection = `Verification error: ${error.message}`;
+  }
+
+  return result;
+}
+
+// ============================================================================
+// EVIDENCE EXTRACTION
+// ============================================================================
+
+async function getEvidence(projectPath, file, options) {
+  const filePath = path.join(projectPath, file);
+  
+  try {
+    const content = await fs.readFile(filePath, "utf8");
+    const lines = content.split("\n");
+    
+    let targetLine = options.line || 1;
+    const contextLines = options.context_lines || 10;
+    
+    // If function_name provided, find it
+    if (options.function_name) {
+      const pattern = new RegExp(`(function|const|let|var|class)\\s+${options.function_name}`, "i");
+      for (let i = 0; i < lines.length; i++) {
+        if (pattern.test(lines[i])) {
+          targetLine = i + 1;
+          break;
+        }
+      }
+    }
+    
+    const startLine = Math.max(1, targetLine - contextLines);
+    const endLine = Math.min(lines.length, targetLine + contextLines);
+    
+    const snippet = lines.slice(startLine - 1, endLine)
+      .map((line, i) => `${String(startLine + i).padStart(4, " ")} | ${line}`)
+      .join("\n");
+    
+    return {
+      file,
+      targetLine,
+      startLine,
+      endLine,
+      totalLines: lines.length,
+      snippet,
+      verifiedAt: new Date().toISOString(),
+    };
+  } catch (error) {
+    return {
+      error: `Cannot read file: ${error.message}`,
+      file,
+    };
+  }
+}
+
+// ============================================================================
+// UTILITIES
+// ============================================================================
+
+async function findSourceFiles(projectPath, extensions) {
+  const files = [];
+  
+  async function walk(dir) {
+    try {
+      const entries = await fs.readdir(dir, { withFileTypes: true });
+      for (const entry of entries) {
+        const fullPath = path.join(dir, entry.name);
+        if (entry.isDirectory()) {
+          if (!entry.name.startsWith(".") && entry.name !== "node_modules" && entry.name !== "dist" && entry.name !== "build") {
+            await walk(fullPath);
+          }
+        } else if (entry.isFile()) {
+          const ext = path.extname(entry.name).toLowerCase();
+          if (extensions.includes(ext)) {
+            files.push(fullPath);
+          }
+        }
+      }
+    } catch {
+      // Skip inaccessible directories
+    }
+  }
+  
+  await walk(projectPath);
+  return files;
+}
+
+export default {
+  TRUTH_CONTEXT_TOOLS,
+  handleTruthContextTool,
+};