@vibecheckai/cli 3.1.8 → 3.2.0

package/bin/runners/runPolish.js

@@ -16,6 +16,10 @@
  * - Configuration: Environment variables, feature flags, logging
  * - Documentation: README, API docs, CHANGELOG, contributing guide
  * - Infrastructure: Docker, CI/CD, monitoring, backups
+ * - Observability: OpenTelemetry, structured logging, metrics, tracing
+ * - Resilience: Circuit breakers, retry logic, timeouts, graceful shutdown
+ * - Internationalization: i18n setup, RTL support, locale detection
+ * - Privacy: GDPR compliance, cookie consent, data export, account deletion
  */
 
 const fs = require("fs");
@@ -148,6 +152,185 @@ async function findAllFiles(dir, pattern, maxDepth = 5, currentDepth = 0) {
   return results;
 }
 
+// ═══════════════════════════════════════════════════════════════════════════════
+// LIBRARY DETECTION - Reduces false positives by detecting library alternatives
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/**
+ * Common libraries that provide specific functionality
+ * Used to skip checks when a library already handles it
+ */
+const LIBRARY_ALTERNATIVES = {
+  // Error handling libraries
+  errorBoundary: [
+    'react-error-boundary',
+    '@sentry/react',
+    'bugsnag-react',
+  ],
+  
+  // Toast/notification libraries
+  toast: [
+    'react-hot-toast',
+    'react-toastify',
+    'sonner',
+    '@radix-ui/react-toast',
+    'notistack',
+    'react-notifications',
+  ],
+  
+  // Loading/spinner libraries
+  spinner: [
+    'react-spinners',
+    'react-loader-spinner',
+    'react-loading',
+    '@chakra-ui/react',  // Has Spinner
+    '@mantine/core',     // Has Loader
+  ],
+  
+  // Skeleton libraries
+  skeleton: [
+    'react-loading-skeleton',
+    'react-content-loader',
+    '@chakra-ui/react',  // Has Skeleton
+    '@mantine/core',     // Has Skeleton
+    '@radix-ui/themes',
+  ],
+  
+  // Form validation libraries
+  formValidation: [
+    'react-hook-form',
+    'formik',
+    '@tanstack/react-form',
+    'react-final-form',
+    'zod', // Often paired with RHF
+    'yup',
+  ],
+  
+  // UI component libraries (provide many components)
+  uiLibrary: [
+    '@chakra-ui/react',
+    '@mantine/core',
+    '@radix-ui/themes',
+    '@mui/material',
+    'antd',
+    '@nextui-org/react',
+    'shadcn',
+    '@headlessui/react',
+  ],
+  
+  // State management (affects how data flows)
+  stateManagement: [
+    'zustand',
+    '@reduxjs/toolkit',
+    'jotai',
+    'recoil',
+    'mobx',
+    '@tanstack/react-query',
+  ],
+  
+  // Internationalization
+  i18n: [
+    'next-intl',
+    'react-i18next',
+    'next-translate',
+    '@formatjs/intl',
+    'lingui',
+  ],
+  
+  // Analytics/monitoring
+  analytics: [
+    '@sentry/nextjs',
+    '@sentry/react',
+    '@vercel/analytics',
+    'posthog-js',
+    'mixpanel-browser',
+    '@segment/analytics-next',
+  ],
+};
+
+/**
+ * Check if package.json contains any of the specified libraries
+ * @param {string} packageJsonContent - Raw package.json content
+ * @param {string[]} libraries - List of library names to check
+ * @returns {string|null} - Name of found library or null
+ */
+function hasLibrary(packageJsonContent, libraries) {
+  if (!packageJsonContent) return null;
+  
+  for (const lib of libraries) {
+    // Check both dependencies and devDependencies
+    // Use word boundary to avoid partial matches
+    const pattern = new RegExp(`"${lib.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')}"\\s*:`, 'i');
+    if (pattern.test(packageJsonContent)) {
+      return lib;
+    }
+  }
+  
+  return null;
+}
+
+/**
+ * Detect project type for context-aware checking
+ * @param {string} projectPath - Path to project root
+ * @param {string} packageJsonContent - Raw package.json content
+ * @returns {Object} Project type info
+ */
+async function detectProjectType(projectPath, packageJsonContent) {
+  const hasApp = await pathExists(path.join(projectPath, 'app'));
+  const hasPages = await pathExists(path.join(projectPath, 'pages'));
+  const hasSrc = await pathExists(path.join(projectPath, 'src'));
+  
+  const isNextJs = packageJsonContent && /["']next["']/.test(packageJsonContent);
+  const isRemix = packageJsonContent && /["']@remix-run\//.test(packageJsonContent);
+  const isVite = packageJsonContent && /["']vite["']/.test(packageJsonContent);
+  const isAstro = packageJsonContent && /["']astro["']/.test(packageJsonContent);
+  
+  // Check for specific project patterns
+  const isLibrary = packageJsonContent && /"main"|"module"|"exports"/.test(packageJsonContent);
+  const isCli = packageJsonContent && /"bin"/.test(packageJsonContent);
+  const isApi = !hasApp && !hasPages && packageJsonContent && /["']express["']|["']fastify["']|["']hono["']/.test(packageJsonContent);
+  
+  // Check if using a comprehensive UI library
+  const uiLib = hasLibrary(packageJsonContent, LIBRARY_ALTERNATIVES.uiLibrary);
+  
+  return {
+    isNextJs,
+    isRemix,
+    isVite,
+    isAstro,
+    isLibrary,
+    isCli,
+    isApi,
+    hasAppRouter: hasApp && isNextJs,
+    hasPagesRouter: hasPages && isNextJs,
+    hasSrc,
+    uiLibrary: uiLib,
+    // Skip frontend polish checks for non-frontend projects
+    skipFrontend: isLibrary || isCli || isApi,
+  };
+}
+
+/**
+ * Calculate issue severity based on project context
+ * Some issues are less important for certain project types
+ */
+function adjustSeverity(baseSeverity, projectType, issueId) {
+  // For libraries/CLIs, frontend issues are less critical
+  if (projectType.skipFrontend && issueId.startsWith('missing-')) {
+    return 'low';
+  }
+  
+  // If using a comprehensive UI library, component issues are less critical
+  if (projectType.uiLibrary) {
+    const componentIssues = ['missing-spinner', 'missing-skeleton', 'missing-toast', 'missing-empty-states'];
+    if (componentIssues.includes(issueId)) {
+      return 'low';
+    }
+  }
+  
+  return baseSeverity;
+}
+
 // ═══════════════════════════════════════════════════════════════════════════════
 // POLISH CHECKERS
 // ═══════════════════════════════════════════════════════════════════════════════
@@ -155,6 +338,7 @@ async function findAllFiles(dir, pattern, maxDepth = 5, currentDepth = 0) {
 const checkers = {
   // ─────────────────────────────────────────────────────────────────────────────
   // FRONTEND CHECKER - Comprehensive UX/UI Polish Analysis
+  // Enhanced with library detection and false positive reduction
   // ─────────────────────────────────────────────────────────────────────────────
   async frontend(projectPath) {
     const issues = [];
@@ -172,20 +356,37 @@ const checkers = {
     const searchPath = hasSrc ? srcPath : (hasApp ? appPath : pagesPath);
     const packageJson = await readFileSafe(path.join(projectPath, 'package.json'));
     
+    // Detect project type and installed libraries for context-aware checking
+    const projectType = await detectProjectType(projectPath, packageJson);
+    
+    // Skip frontend checks for non-frontend projects
+    if (projectType.skipFrontend) {
+      return issues;
+    }
+    
+    // Check for library alternatives to reduce false positives
+    const errorBoundaryLib = hasLibrary(packageJson, LIBRARY_ALTERNATIVES.errorBoundary);
+    const toastLib = hasLibrary(packageJson, LIBRARY_ALTERNATIVES.toast);
+    const spinnerLib = hasLibrary(packageJson, LIBRARY_ALTERNATIVES.spinner);
+    const skeletonLib = hasLibrary(packageJson, LIBRARY_ALTERNATIVES.skeleton);
+    const formLib = hasLibrary(packageJson, LIBRARY_ALTERNATIVES.formValidation);
+    
     // ═══════════════════════════════════════════════════════════════════════════
     // ERROR HANDLING & BOUNDARIES
     // ═══════════════════════════════════════════════════════════════════════════
     
     const hasErrorBoundary = await findFile(searchPath, /ErrorBoundary|error\.(tsx?|jsx?)$/i);
-    if (!hasErrorBoundary) {
+    if (!hasErrorBoundary && !errorBoundaryLib && !projectType.uiLibrary) {
+      const severity = adjustSeverity('critical', projectType, 'missing-error-boundary');
       issues.push({
         id: 'missing-error-boundary',
         category: 'Frontend',
-        severity: 'critical',
+        severity,
         title: 'Missing Error Boundary',
         description: 'No error boundary component found. React errors will crash the entire app.',
         suggestion: 'Add ErrorBoundary component to catch and handle React errors gracefully.',
         autoFixable: true,
+        confidence: 0.9, // High confidence - error boundaries are critical
         aiPrompt: `Create a reusable ErrorBoundary component for React/Next.js that:
 1. Catches JavaScript errors anywhere in the child component tree
 2. Logs errors to console and optionally to an error tracking service
@@ -200,18 +401,24 @@ const checkers = {
 
 Place it in src/components/ErrorBoundary.tsx`,
       });
+    } else if (errorBoundaryLib) {
+      // Library provides this - no issue needed
     }
     
     const has404 = await findFile(searchPath, /not-found|NotFound|404/i);
-    if (!has404) {
+    // For Next.js app router, check the specific convention
+    const hasNextAppRouter404 = hasApp && await pathExists(path.join(appPath, 'not-found.tsx'));
+    if (!has404 && !hasNextAppRouter404) {
+      const severity = adjustSeverity('medium', projectType, 'missing-404');
       issues.push({
         id: 'missing-404',
         category: 'Frontend',
-        severity: 'medium',
+        severity,
         title: 'Missing 404 Page',
         description: 'No custom 404/NotFound page found. Users will see default browser error.',
         suggestion: 'Add a custom 404 page with navigation options.',
         autoFixable: true,
+        confidence: 0.85, // High confidence but not critical
         aiPrompt: `Create a beautiful, user-friendly 404 Not Found page that:
 1. Has a visually appealing design with subtle animations
 2. Shows a clear "Page Not Found" message
@@ -234,16 +441,21 @@ For Pages Router: Create pages/404.tsx`,
     // LOADING STATES & SKELETONS
     // ═══════════════════════════════════════════════════════════════════════════
     
-    const hasLoadingSpinner = await findFile(searchPath, /Spinner|LoadingSpinner/i);
-    if (!hasLoadingSpinner) {
+    const hasLoadingSpinner = await findFile(searchPath, /Spinner|LoadingSpinner|Loading\.(tsx?|jsx?)$/i);
+    // Skip if a spinner library or UI library is installed
+    if (!hasLoadingSpinner && !spinnerLib && !projectType.uiLibrary) {
+      const severity = adjustSeverity('high', projectType, 'missing-spinner');
       issues.push({
         id: 'missing-spinner',
         category: 'Frontend',
-        severity: 'high',
+        severity,
         title: 'Missing Loading Spinner',
         description: 'No spinner component found. Users need visual feedback during loading.',
-        suggestion: 'Add a reusable Spinner component with multiple sizes and variants.',
+        suggestion: spinnerLib 
+          ? `Consider using the ${spinnerLib} library you have installed.`
+          : 'Add a reusable Spinner component with multiple sizes and variants.',
         autoFixable: true,
+        confidence: 0.7, // Medium confidence - could be using inline styles or library
         aiPrompt: `Create a modern, reusable Spinner/Loading component that:
 1. Has multiple size variants: sm, md, lg, xl
 2. Supports custom colors via props or CSS variables
@@ -259,16 +471,21 @@ Create: src/components/ui/Spinner.tsx and src/components/ui/Spinner.css`,
       });
     }
     
-    const hasSkeleton = await findFile(searchPath, /Skeleton|Shimmer|Placeholder/i);
-    if (!hasSkeleton) {
+    const hasSkeleton = await findFile(searchPath, /Skeleton|Shimmer|ContentLoader/i);
+    // Skip if a skeleton library or UI library is installed
+    if (!hasSkeleton && !skeletonLib && !projectType.uiLibrary) {
+      const severity = adjustSeverity('high', projectType, 'missing-skeleton');
       issues.push({
         id: 'missing-skeleton',
         category: 'Frontend',
-        severity: 'high',
+        severity,
         title: 'Missing Skeleton Loaders',
         description: 'No skeleton/shimmer components found. Skeleton loaders provide better perceived performance than spinners.',
-        suggestion: 'Add skeleton components for content placeholders.',
+        suggestion: skeletonLib
+          ? `Consider using the ${skeletonLib} library you have installed.`
+          : 'Add skeleton components for content placeholders.',
         autoFixable: true,
+        confidence: 0.65, // Medium-low confidence - many apps don't need skeletons
         aiPrompt: `Create a comprehensive Skeleton loading system with:
 
 1. Base Skeleton component with:
@@ -358,16 +575,21 @@ Create: src/components/ui/EmptyState.tsx with all variants`,
       });
     }
     
-    const hasToast = await findFile(searchPath, /Toast|Notification|Snackbar/i);
-    if (!hasToast) {
+    const hasToast = await findFile(searchPath, /Toast|Notification|Snackbar|Toaster/i);
+    // Skip if a toast library or UI library is installed
+    if (!hasToast && !toastLib && !projectType.uiLibrary) {
+      const severity = adjustSeverity('high', projectType, 'missing-toast');
       issues.push({
         id: 'missing-toast',
         category: 'Frontend',
-        severity: 'high',
+        severity,
         title: 'Missing Toast/Notification System',
         description: 'No toast or notification component found for user feedback.',
-        suggestion: 'Add a toast/notification system for user feedback on actions.',
+        suggestion: toastLib
+          ? `Consider using the ${toastLib} library you have installed.`
+          : 'Add a toast/notification system for user feedback on actions.',
         autoFixable: true,
+        confidence: 0.75, // Medium-high confidence
         aiPrompt: `Create a complete Toast notification system with:
 
 1. Toast component with:
@@ -401,16 +623,20 @@ Create: src/components/ui/Toast.tsx and src/hooks/useToast.ts`,
     // ═══════════════════════════════════════════════════════════════════════════
     
     const hasFormValidation = await findFile(searchPath, /FormError|FieldError|ValidationMessage/i);
-    const hasReactHookForm = packageJson && /react-hook-form/i.test(packageJson);
-    if (!hasFormValidation && !hasReactHookForm) {
+    // Skip if a form library is installed
+    if (!hasFormValidation && !formLib && !projectType.uiLibrary) {
+      const severity = adjustSeverity('high', projectType, 'missing-form-validation-ui');
       issues.push({
         id: 'missing-form-validation-ui',
         category: 'Frontend',
-        severity: 'high',
+        severity,
         title: 'Missing Form Validation UI',
         description: 'No form validation components found. Users need clear feedback on form errors.',
-        suggestion: 'Add form validation components with clear error states.',
+        suggestion: formLib
+          ? `The ${formLib} library you have installed provides form validation. Make sure to display errors.`
+          : 'Add form validation components with clear error states.',
         autoFixable: true,
+        confidence: 0.65, // Medium confidence - many libraries provide this
         aiPrompt: `Create a comprehensive form validation UI system with:
 
 1. FormField wrapper component with:
@@ -2099,6 +2325,350 @@ export const UploadProgress = ({ progress, fileName }) => (
     
     return issues;
   },
+
+  // ─────────────────────────────────────────────────────────────────────────────
+  // OBSERVABILITY CHECKER - Logging, Metrics, Tracing
+  // ─────────────────────────────────────────────────────────────────────────────
+  async observability(projectPath) {
+    const issues = [];
+    const packageJson = await readFileSafe(path.join(projectPath, 'package.json'));
+    const srcPath = path.join(projectPath, 'src');
+    const hasSrc = await pathExists(srcPath);
+    const searchPath = hasSrc ? srcPath : projectPath;
+
+    // Check for OpenTelemetry
+    const hasOpenTelemetry = packageJson && /@opentelemetry|otel/i.test(packageJson);
+    if (!hasOpenTelemetry) {
+      issues.push({
+        id: 'missing-opentelemetry',
+        category: 'Observability',
+        severity: 'medium',
+        title: 'Missing OpenTelemetry',
+        description: 'No OpenTelemetry setup found. Distributed tracing helps debug production issues.',
+        suggestion: 'Add @opentelemetry/sdk-node and configure tracing for your application.',
+        autoFixable: false,
+        aiPrompt: 'Set up OpenTelemetry for distributed tracing in my Node.js/Next.js application. Include automatic instrumentation for HTTP requests, database queries, and external API calls. Configure exporters for Jaeger or similar backend.',
+      });
+    }
+
+    // Check for structured logging
+    const hasStructuredLogging = packageJson && /pino|winston|bunyan|@elastic\/ecs-pino-format/i.test(packageJson);
+    if (!hasStructuredLogging) {
+      issues.push({
+        id: 'missing-structured-logging',
+        category: 'Observability',
+        severity: 'high',
+        title: 'Missing Structured Logging',
+        description: 'No structured logging library found. console.log is hard to parse in production.',
+        suggestion: 'Add pino or winston for structured JSON logging.',
+        autoFixable: false,
+        aiPrompt: 'Set up structured logging using pino in my application. Configure it to output JSON logs in production with request ID correlation, log levels, and proper error serialization. Include a development mode with pretty-printing.',
+      });
+    }
+
+    // Check for metrics
+    const hasMetrics = packageJson && /prom-client|@opentelemetry\/sdk-metrics|datadog-metrics/i.test(packageJson);
+    if (!hasMetrics) {
+      issues.push({
+        id: 'missing-metrics',
+        category: 'Observability',
+        severity: 'medium',
+        title: 'Missing Metrics Collection',
+        description: 'No metrics library found. You won\'t have visibility into application performance.',
+        suggestion: 'Add prom-client or OpenTelemetry metrics for application monitoring.',
+        autoFixable: false,
+        aiPrompt: 'Set up Prometheus metrics collection in my application using prom-client. Include default metrics (CPU, memory, event loop lag) and custom business metrics for key operations.',
+      });
+    }
+
+    // Check for correlation IDs
+    const hasCorrelationId = await findFile(searchPath, /correlation|request.*id|trace.*id|x-request-id/i);
+    if (!hasCorrelationId && hasSrc) {
+      issues.push({
+        id: 'missing-correlation-ids',
+        category: 'Observability',
+        severity: 'medium',
+        title: 'Missing Request Correlation IDs',
+        description: 'No correlation ID handling found. Debugging distributed requests is difficult.',
+        suggestion: 'Add correlation ID middleware to trace requests across services.',
+        autoFixable: true,
+        aiPrompt: 'Add request correlation ID middleware to my Express/Next.js application. Generate unique IDs for each request, propagate them in headers, and include them in all log output.',
+      });
+    }
+
+    return issues;
+  },
+
+  // ─────────────────────────────────────────────────────────────────────────────
+  // RESILIENCE CHECKER - Circuit Breakers, Retry, Graceful Degradation
+  // ─────────────────────────────────────────────────────────────────────────────
+  async resilience(projectPath) {
+    const issues = [];
+    const packageJson = await readFileSafe(path.join(projectPath, 'package.json'));
+    const srcPath = path.join(projectPath, 'src');
+    const hasSrc = await pathExists(srcPath);
+    const searchPath = hasSrc ? srcPath : projectPath;
+
+    // Check for circuit breaker
+    const hasCircuitBreaker = packageJson && /opossum|cockatiel|resilience4j|circuit.*breaker/i.test(packageJson);
+    if (!hasCircuitBreaker) {
+      issues.push({
+        id: 'missing-circuit-breaker',
+        category: 'Resilience',
+        severity: 'medium',
+        title: 'Missing Circuit Breaker',
+        description: 'No circuit breaker library found. External service failures can cascade.',
+        suggestion: 'Add opossum or cockatiel for circuit breaker patterns on external calls.',
+        autoFixable: false,
+        aiPrompt: 'Implement circuit breaker pattern using opossum for external API calls in my application. Configure appropriate thresholds, fallback responses, and health checks for third-party services.',
+      });
+    }
+
+    // Check for retry logic
+    const hasRetry = packageJson && /axios-retry|got|ky|p-retry|async-retry/i.test(packageJson);
+    const hasRetryInCode = await findFile(searchPath, /retry|exponential.*backoff|maxRetries/i);
+    if (!hasRetry && !hasRetryInCode) {
+      issues.push({
+        id: 'missing-retry-logic',
+        category: 'Resilience',
+        severity: 'high',
+        title: 'Missing Retry Logic',
+        description: 'No retry mechanism found. Transient failures will cause immediate errors.',
+        suggestion: 'Add retry logic with exponential backoff for external API calls.',
+        autoFixable: false,
+        aiPrompt: 'Add retry logic with exponential backoff to external API calls in my application. Use axios-retry or p-retry with configurable max retries, backoff multiplier, and jitter.',
+      });
+    }
+
+    // Check for timeout configuration
+    const hasTimeoutConfig = await findFile(searchPath, /timeout|AbortController|AbortSignal/i);
+    if (!hasTimeoutConfig && hasSrc) {
+      issues.push({
+        id: 'missing-timeouts',
+        category: 'Resilience',
+        severity: 'high',
+        title: 'Missing Request Timeouts',
+        description: 'No timeout configuration found. Slow external services can hang your app.',
+        suggestion: 'Add timeouts to all external HTTP calls and database queries.',
+        autoFixable: false,
+        aiPrompt: 'Add proper timeout handling to all external API calls and database queries in my application. Use AbortController for fetch requests and configure connection/query timeouts for database operations.',
+      });
+    }
+
+    // Check for graceful shutdown
+    const hasGracefulShutdown = await findFile(searchPath, /graceful.*shutdown|SIGTERM|SIGINT|beforeExit/i);
+    if (!hasGracefulShutdown) {
+      issues.push({
+        id: 'missing-graceful-shutdown',
+        category: 'Resilience',
+        severity: 'high',
+        title: 'Missing Graceful Shutdown',
+        description: 'No graceful shutdown handling found. In-flight requests may be dropped.',
+        suggestion: 'Add SIGTERM/SIGINT handlers to drain connections before shutdown.',
+        autoFixable: true,
+        aiPrompt: 'Implement graceful shutdown in my Node.js application. Handle SIGTERM and SIGINT signals, stop accepting new connections, drain existing connections, close database pools, and exit cleanly.',
+      });
+    }
+
+    // Check for bulkhead pattern
+    const hasBulkhead = packageJson && /bottleneck|p-limit|p-queue|semaphore/i.test(packageJson);
+    if (!hasBulkhead) {
+      issues.push({
+        id: 'missing-bulkhead',
+        category: 'Resilience',
+        severity: 'low',
+        title: 'Missing Bulkhead/Rate Limiting for Internal Operations',
+        description: 'No internal concurrency limiting found. Resource exhaustion possible.',
+        suggestion: 'Add bottleneck or p-limit to limit concurrent operations.',
+        autoFixable: false,
+        aiPrompt: 'Add concurrency limiting using bottleneck or p-limit for resource-intensive operations (file uploads, heavy computations, external API calls) to prevent resource exhaustion.',
+      });
+    }
+
+    return issues;
+  },
+
+  // ─────────────────────────────────────────────────────────────────────────────
+  // INTERNATIONALIZATION CHECKER - i18n Setup
+  // ─────────────────────────────────────────────────────────────────────────────
+  async internationalization(projectPath) {
+    const issues = [];
+    const packageJson = await readFileSafe(path.join(projectPath, 'package.json'));
+    const srcPath = path.join(projectPath, 'src');
+    const hasSrc = await pathExists(srcPath);
+    const searchPath = hasSrc ? srcPath : projectPath;
+
+    // Check for i18n library
+    const hasI18n = packageJson && /next-intl|react-i18next|i18next|lingui|formatjs|react-intl/i.test(packageJson);
+    if (!hasI18n) {
+      issues.push({
+        id: 'missing-i18n',
+        category: 'Internationalization',
+        severity: 'low',
+        title: 'Missing Internationalization (i18n)',
+        description: 'No i18n library found. Adding translations later is costly.',
+        suggestion: 'Add next-intl or react-i18next for internationalization support.',
+        autoFixable: false,
+        aiPrompt: 'Set up internationalization in my Next.js/React application using next-intl or react-i18next. Include locale detection, language switching, and a translation extraction workflow.',
+      });
+    }
+
+    // Check for locale detection
+    const hasLocaleDetection = await findFile(searchPath, /locale|navigator\.language|accept-language|getLocale/i);
+    if (hasI18n && !hasLocaleDetection) {
+      issues.push({
+        id: 'missing-locale-detection',
+        category: 'Internationalization',
+        severity: 'medium',
+        title: 'Missing Locale Detection',
+        description: 'i18n setup found but no automatic locale detection.',
+        suggestion: 'Add automatic locale detection from browser settings or Accept-Language header.',
+        autoFixable: false,
+        aiPrompt: 'Add automatic locale detection to my internationalized application. Detect from Accept-Language header on server, navigator.language on client, and allow user override with persistence.',
+      });
+    }
+
+    // Check for RTL support
+    const hasRTL = await findFile(searchPath, /rtl|dir=.*rtl|direction.*rtl|ltr.*rtl/i);
+    if (hasI18n && !hasRTL) {
+      issues.push({
+        id: 'missing-rtl-support',
+        category: 'Internationalization',
+        severity: 'low',
+        title: 'Missing RTL Support',
+        description: 'No RTL (right-to-left) support found. Arabic/Hebrew users affected.',
+        suggestion: 'Add RTL layout support using CSS logical properties or rtlcss.',
+        autoFixable: false,
+        aiPrompt: 'Add RTL (right-to-left) support to my application for Arabic and Hebrew locales. Use CSS logical properties (start/end instead of left/right), directional icons, and proper text alignment.',
+      });
+    }
+
+    // Check for translation files
+    const hasTranslationFiles = await pathExists(path.join(projectPath, 'locales')) ||
+                                await pathExists(path.join(projectPath, 'translations')) ||
+                                await pathExists(path.join(projectPath, 'messages')) ||
+                                await pathExists(path.join(srcPath, 'locales'));
+    if (hasI18n && !hasTranslationFiles) {
+      issues.push({
+        id: 'missing-translation-files',
+        category: 'Internationalization',
+        severity: 'medium',
+        title: 'Missing Translation Files',
+        description: 'i18n library found but no translation files directory.',
+        suggestion: 'Create locales/ directory with JSON translation files for each language.',
+        autoFixable: true,
+        aiPrompt: 'Create a translation file structure for my i18n setup. Include English as the base language with organized namespaces, and add a script to extract translation keys from code.',
+      });
+    }
+
+    return issues;
+  },
+
+  // ─────────────────────────────────────────────────────────────────────────────
+  // PRIVACY CHECKER - GDPR, Cookie Consent, Data Handling
+  // ─────────────────────────────────────────────────────────────────────────────
+  async privacy(projectPath) {
+    const issues = [];
+    const packageJson = await readFileSafe(path.join(projectPath, 'package.json'));
+    const srcPath = path.join(projectPath, 'src');
+    const hasSrc = await pathExists(srcPath);
+    const searchPath = hasSrc ? srcPath : projectPath;
+
+    // Check for cookie consent
+    const hasCookieConsent = packageJson && /cookie-consent|cookieconsent|react-cookie-consent|gdpr|onetrust|cookiebot/i.test(packageJson);
+    const hasCookieConsentInCode = await findFile(searchPath, /cookie.*consent|gdpr.*consent|consent.*banner/i);
+    if (!hasCookieConsent && !hasCookieConsentInCode) {
+      issues.push({
+        id: 'missing-cookie-consent',
+        category: 'Privacy',
+        severity: 'high',
+        title: 'Missing Cookie Consent',
+        description: 'No cookie consent mechanism found. GDPR/CCPA compliance required.',
+        suggestion: 'Add a cookie consent banner for EU/California visitors.',
+        autoFixable: false,
+        aiPrompt: 'Implement a GDPR-compliant cookie consent banner for my application. Include categories (necessary, analytics, marketing), remember user choice, and only load tracking scripts after consent.',
+      });
+    }
+
+    // Check for privacy policy
+    const hasPrivacyPolicy = await pathExists(path.join(projectPath, 'public', 'privacy.html')) ||
+                            await pathExists(path.join(projectPath, 'public', 'privacy-policy.html')) ||
+                            await findFile(searchPath, /privacy.*policy|PrivacyPolicy/i);
+    if (!hasPrivacyPolicy) {
+      issues.push({
+        id: 'missing-privacy-policy',
+        category: 'Privacy',
+        severity: 'high',
+        title: 'Missing Privacy Policy',
+        description: 'No privacy policy page found. Required by law in many jurisdictions.',
+        suggestion: 'Add a privacy policy page explaining data collection and usage.',
+        autoFixable: false,
+        aiPrompt: 'Create a privacy policy page for my application that covers: what data is collected, how it is used, third-party services, cookies, user rights (GDPR), and contact information.',
+      });
+    }
+
+    // Check for data export/deletion capability
+    const hasDataExport = await findFile(searchPath, /export.*data|download.*data|gdpr.*export|data.*portability/i);
+    if (!hasDataExport) {
+      issues.push({
+        id: 'missing-data-export',
+        category: 'Privacy',
+        severity: 'medium',
+        title: 'Missing Data Export Feature',
+        description: 'No data export capability found. GDPR requires data portability.',
+        suggestion: 'Add ability for users to export their data in a standard format.',
+        autoFixable: false,
+        aiPrompt: 'Implement a data export feature for GDPR compliance. Allow users to download all their personal data in JSON or CSV format, including profile, activity history, and any stored preferences.',
+      });
+    }
+
+    // Check for account deletion
+    const hasAccountDeletion = await findFile(searchPath, /delete.*account|account.*deletion|remove.*account|gdpr.*delete/i);
+    if (!hasAccountDeletion) {
+      issues.push({
+        id: 'missing-account-deletion',
+        category: 'Privacy',
+        severity: 'high',
+        title: 'Missing Account Deletion',
+        description: 'No account deletion feature found. GDPR requires right to erasure.',
+        suggestion: 'Add ability for users to delete their account and all associated data.',
+        autoFixable: false,
+        aiPrompt: 'Implement account deletion functionality with GDPR right to erasure. Include confirmation flow, grace period option, cascade deletion of related data, and anonymization of non-deletable records.',
+      });
+    }
+
+    // Check for data retention policy
+    const hasDataRetention = await findFile(searchPath, /retention|data.*cleanup|purge.*old|ttl.*expire/i);
+    if (!hasDataRetention) {
+      issues.push({
+        id: 'missing-data-retention',
+        category: 'Privacy',
+        severity: 'medium',
+        title: 'Missing Data Retention Policy',
+        description: 'No data retention/cleanup logic found. Old data should be purged.',
+        suggestion: 'Implement data retention policies to automatically purge old data.',
+        autoFixable: false,
+        aiPrompt: 'Implement a data retention policy for my application. Add scheduled jobs to purge old sessions, logs, and inactive accounts. Document retention periods for each data type.',
+      });
+    }
+
+    // Check for PII encryption
+    const hasEncryption = await findFile(searchPath, /encrypt|crypto.*cipher|aes|bcrypt|argon2/i);
+    if (!hasEncryption) {
+      issues.push({
+        id: 'missing-pii-encryption',
+        category: 'Privacy',
+        severity: 'high',
+        title: 'Missing Data Encryption',
+        description: 'No encryption utilities found. Sensitive data should be encrypted.',
+        suggestion: 'Add encryption for PII at rest and ensure passwords use bcrypt/argon2.',
+        autoFixable: false,
+        aiPrompt: 'Set up encryption for sensitive data in my application. Use bcrypt or argon2 for passwords, field-level encryption for PII, and ensure encryption keys are properly managed.',
+      });
+    }
+
+    return issues;
+  },
 };
 
 // ═══════════════════════════════════════════════════════════════════════════════
@@ -2217,15 +2787,19 @@ ${c.bold}OPTIONS${c.reset}
   --json                  Output as JSON (includes AI prompts)
 
 ${c.bold}CATEGORIES${c.reset}
-  frontend       Error boundaries, skeletons, ARIA, haptics, animations, caching
-  backend        Health endpoints, validation, rate limiting, error handling
-  security       .env files, security headers, CORS, secrets management
-  performance    Image optimization, caching, bundle analysis
-  accessibility  A11y testing, skip links, focus management
-  seo            Meta tags, sitemap, robots.txt, Open Graph
-  configuration  TypeScript, ESLint, Prettier, EditorConfig
-  documentation  README, CHANGELOG, CONTRIBUTING, LICENSE
-  infrastructure Docker, CI/CD, deployment config, env validation
+  frontend            Error boundaries, skeletons, ARIA, haptics, animations, caching
+  backend             Health endpoints, validation, rate limiting, error handling
+  security            .env files, security headers, CORS, secrets management
+  performance         Image optimization, caching, bundle analysis
+  accessibility       A11y testing, skip links, focus management
+  seo                 Meta tags, sitemap, robots.txt, Open Graph
+  configuration       TypeScript, ESLint, Prettier, EditorConfig
+  documentation       README, CHANGELOG, CONTRIBUTING, LICENSE
+  infrastructure      Docker, CI/CD, deployment config, env validation
+  observability       OpenTelemetry, structured logging, metrics, tracing
+  resilience          Circuit breakers, retry logic, timeouts, graceful shutdown
+  internationalization  i18n setup, RTL support, locale detection, translations
+  privacy             GDPR, cookie consent, data export, account deletion
 
 ${c.bold}EXAMPLES${c.reset}
   vibecheck polish                     # Analyze current project
@@ -2271,6 +2845,11 @@ function getCategoryIcon(category) {
     Configuration: icons.gear,
     Documentation: icons.book,
     Infrastructure: icons.rocket,
+    // New world-class categories
+    Observability: '📊',
+    Resilience: '🛡️',
+    Internationalization: '🌍',
+    Privacy: '🔐',
   };
   return categoryIcons[category] || icons.star;
 }