@vibecheckai/cli 3.1.8 → 3.2.1

package/bin/runners/runFix.js

@@ -330,6 +330,17 @@ function getMissionIcon(missionType) {
     'FIX_FAKE_SUCCESS': ICONS.ghost,
     'FIX_ENV_CONTRACT': ICONS.env,
     'FIX_DEAD_UI': ICONS.dead,
+    // New enhanced mission types
+    'FIX_EMPTY_CATCH': ICONS.bug,
+    'FIX_TEST_KEYS': ICONS.key,
+    'FIX_MOCK_DOMAINS': ICONS.link,
+    'FIX_PLACEHOLDER_DATA': ICONS.doc,
+    'FIX_HARDCODED_SECRETS': ICONS.lock,
+    'FIX_SIMULATED_BILLING': ICONS.money,
+    'FIX_SILENT_FALLBACK': ICONS.warning,
+    'SYNC_CONTRACTS': ICONS.graph,
+    'FIX_ROUTE_DRIFT': ICONS.route,
+    'FIX_AUTH_DRIFT': ICONS.shield,
   };
   return icons[missionType] || ICONS.mission;
 }
@@ -344,6 +355,17 @@ function getMissionColor(missionType) {
     'FIX_FAKE_SUCCESS': colors.medium,
     'FIX_ENV_CONTRACT': colors.low,
     'FIX_DEAD_UI': colors.low,
+    // New enhanced mission types
+    'FIX_EMPTY_CATCH': colors.high,
+    'FIX_TEST_KEYS': colors.critical,
+    'FIX_MOCK_DOMAINS': colors.critical,
+    'FIX_PLACEHOLDER_DATA': colors.medium,
+    'FIX_HARDCODED_SECRETS': colors.critical,
+    'FIX_SIMULATED_BILLING': colors.critical,
+    'FIX_SILENT_FALLBACK': colors.high,
+    'SYNC_CONTRACTS': colors.medium,
+    'FIX_ROUTE_DRIFT': colors.medium,
+    'FIX_AUTH_DRIFT': colors.critical,
   };
   return colorMap[missionType] || colors.accent;
 }
@@ -579,7 +601,7 @@ async function runFix(args) {
 
   // Show autopilot header if in autopilot mode
   if (opts.autopilot) {
-    printAutopilotHeader(maxSteps, stagnationLimit);
+    printLoopHeader(maxSteps, stagnationLimit);
   }
 
   for (let step = 1; step <= maxSteps; step++) {
@@ -801,349 +823,21 @@ async function runFix(args) {
   return 1;
 }
 
-/**
- * Show Fix Plan (default behavior - no changes applied)
- */
-async function showFixPlan(projectPath, opts) {
-  console.log(`\n${c.cyan}${c.bold}📋 FIX PLAN${c.reset}\n`);
-  console.log(`${c.dim}This shows what CAN be fixed. No changes will be made.${c.reset}`);
-  console.log(`${c.dim}Use --apply to apply changes (requires clean git state).${c.reset}\n`);
-
-  const scanResult = await loadLatestScan(projectPath);
-  if (!scanResult) {
-    console.error(`${c.red}Error:${c.reset} No scan results found. Run 'vibecheck scan' first.\n`);
-    return EXIT_CODES.MISCONFIG;
-  }
-
-  // Filter to fixable findings
-  const fixable = scanResult.findings.filter(f => {
-    const ruleId = f.ruleId || '';
-    return f.autofixAvailable && ALLOWED_FIX_TYPES.includes(ruleId);
-  });
-
-  if (fixable.length === 0) {
-    console.log(`${c.green}✓${c.reset} No mechanical fixes available.\n`);
-    console.log(`${c.dim}All remaining issues require manual intervention.${c.reset}\n`);
-    return EXIT_CODES.PASS;
-  }
-
-  console.log(`${c.bold}Fixable Issues (${fixable.length}):${c.reset}\n`);
-
-  for (const finding of fixable) {
-    const patch = generatePatchPreview(projectPath, finding);
-    
-    console.log(`${c.blue}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${c.reset}`);
-    console.log(`${c.bold}${finding.id?.full || finding.id}${c.reset} - ${finding.ruleId}`);
-    console.log(`${c.dim}File:${c.reset} ${finding.file}:${finding.line}`);
-    console.log(`${c.dim}Why:${c.reset} ${finding.message || finding.description}`);
-    console.log(`${c.dim}Evidence:${c.reset} ${finding.evidence?.[0]?.snippet || 'See file'}`);
-    console.log('');
-    console.log(`${c.bold}Proposed Change:${c.reset}`);
-    console.log(patch.preview);
-    console.log('');
-    console.log(`${c.dim}Risk:${c.reset} ${patch.risk}`);
-    console.log(`${c.dim}Verification:${c.reset} Re-run scan to confirm no regression`);
-    console.log('');
-  }
-
-  console.log(`${c.blue}━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━${c.reset}`);
-  console.log(`\n${c.bold}To apply these fixes:${c.reset}`);
-  console.log(`  ${c.cyan}vibecheck fix --apply${c.reset}\n`);
-  console.log(`${c.dim}This will:${c.reset}`);
-  console.log(`  1. Check for clean git state`);
-  console.log(`  2. Create branch: vibecheck/fix-<timestamp>`);
-  console.log(`  3. Apply patches with structured commits`);
-  console.log(`  4. Re-run scan to verify no regression\n`);
-
-  return EXIT_CODES.PASS;
-}
-
-/**
- * Apply fixes with proof-gating
- */
-async function applyFixes(projectPath, opts) {
-  console.log(`\n${c.cyan}${c.bold}🔧 APPLYING FIXES${c.reset}\n`);
-
-  // Step 1: Check git state
-  if (!isGitClean(projectPath)) {
-    console.error(`${c.red}Error:${c.reset} Git working directory is not clean.`);
-    console.error(`${c.dim}Commit or stash your changes before applying fixes.${c.reset}\n`);
-    return EXIT_CODES.MISCONFIG;
-  }
-
-  const scanResult = await loadLatestScan(projectPath);
-  if (!scanResult) {
-    console.error(`${c.red}Error:${c.reset} No scan results found. Run 'vibecheck scan' first.\n`);
-    return EXIT_CODES.MISCONFIG;
-  }
-
-  const fixable = scanResult.findings.filter(f => {
-    const ruleId = f.ruleId || '';
-    return f.autofixAvailable && ALLOWED_FIX_TYPES.includes(ruleId);
-  });
-
-  if (fixable.length === 0) {
-    console.log(`${c.green}✓${c.reset} No fixes to apply.\n`);
-    return EXIT_CODES.PASS;
-  }
-
-  // Step 2: Create branch
-  const branchName = `vibecheck/fix-${Date.now()}`;
-  try {
-    execSync(`git checkout -b ${branchName}`, { cwd: projectPath, stdio: 'pipe' });
-    console.log(`${c.green}✓${c.reset} Created branch: ${branchName}\n`);
-  } catch (err) {
-    console.error(`${c.red}Error:${c.reset} Failed to create branch: ${err.message}\n`);
-    return EXIT_CODES.INTERNAL;
-  }
-
-  // Step 3: Apply fixes
-  let applied = 0;
-  let failed = 0;
-
-  for (const finding of fixable) {
-    try {
-      const result = await applyAutofix(projectPath, finding, opts);
-      if (result) {
-        applied++;
-        
-        // Commit with structured message
-        const commitMsg = `fix(${finding.ruleId}): ${finding.id?.full || finding.id}\n\nFile: ${finding.file}:${finding.line}\nEvidence: ${finding.evidence?.[0]?.snippet || 'See scan results'}\n\nApplied by vibecheck fix --apply`;
-        
-        try {
-          execSync(`git add "${finding.file}"`, { cwd: projectPath, stdio: 'pipe' });
-          execSync(`git commit -m "${commitMsg.replace(/"/g, '\\"')}"`, { cwd: projectPath, stdio: 'pipe' });
-        } catch {
-          // File might not have changed, continue
-        }
-        
-        console.log(`${c.green}✓${c.reset} Fixed: ${finding.id?.full || finding.id}`);
-      } else {
-        failed++;
-        console.log(`${c.yellow}⚠${c.reset} Skipped: ${finding.id?.full || finding.id}`);
-      }
-    } catch (error) {
-      failed++;
-      console.log(`${c.red}✗${c.reset} Error: ${finding.id?.full || finding.id} - ${error.message}`);
-    }
-  }
-
-  console.log('');
-  console.log(`${c.bold}Summary:${c.reset}`);
-  console.log(`  Applied: ${c.green}${applied}${c.reset}`);
-  console.log(`  Skipped: ${c.yellow}${failed}${c.reset}`);
-  console.log('');
-
-  // Step 4: Re-run scan to verify
-  console.log(`${c.dim}Verifying fixes...${c.reset}\n`);
-  
-  try {
-    const { runScan } = require('./runScan');
-    const verifyResult = await runScan(['--json', '--path', projectPath]);
-    
-    if (verifyResult === 0 || verifyResult === EXIT_CODES.PASS) {
-      console.log(`${c.green}✓${c.reset} Verification passed - no regressions\n`);
-    } else {
-      console.log(`${c.yellow}⚠${c.reset} Verification found issues - review before merging\n`);
-    }
-  } catch {
-    console.log(`${c.dim}Run 'vibecheck scan' to verify manually.${c.reset}\n`);
-  }
-
-  console.log(`${c.bold}Rollback:${c.reset}`);
-  console.log(`  ${c.cyan}git checkout main && git branch -D ${branchName}${c.reset}\n`);
-
-  return applied > 0 ? EXIT_CODES.PASS : EXIT_CODES.FAIL;
-}
-
-/**
- * Check if git working directory is clean
- */
-function isGitClean(projectPath) {
-  try {
-    const status = execSync('git status --porcelain', { cwd: projectPath, encoding: 'utf8' });
-    return status.trim() === '';
-  } catch {
-    return false;
-  }
-}
-
-/**
- * Generate patch preview for a finding
- */
-function generatePatchPreview(projectPath, finding) {
-  const filePath = path.join(projectPath, finding.file);
-  
-  if (!fs.existsSync(filePath)) {
-    return { preview: `  ${c.red}File not found${c.reset}`, risk: 'N/A' };
-  }
-
-  const content = fs.readFileSync(filePath, 'utf8');
-  const lines = content.split('\n');
-  const lineIndex = finding.line - 1;
-
-  if (lineIndex < 0 || lineIndex >= lines.length) {
-    return { preview: `  ${c.red}Invalid line number${c.reset}`, risk: 'N/A' };
-  }
-
-  const before = lines[lineIndex];
-  let after = before;
-  let risk = 'Low';
-
-  // Generate preview based on rule type
-  switch (finding.ruleId) {
-    case 'empty-catch':
-      after = before.replace(/catch\s*(?:\(([^)]*)\))?\s*\{\s*\}/, (m, v) => {
-        const varName = v || 'err';
-        return `catch (${varName}) { console.error('Error:', ${varName}); throw ${varName}; }`;
-      });
-      risk = 'Low - adds proper error handling';
-      break;
-    case 'dangerous-default':
-      after = before.replace(/\s*(\|\||\?\?)\s*['"][^'"]*['"]/, '');
-      risk = 'Medium - removes fallback (may require env var)';
-      break;
-    case 'placeholder-value':
-      after = before.replace(/(CHANGEME|REPLACE_ME|YOUR_\w+|INSERT_\w+)/g, "/* TODO: Replace $1 */ ''");
-      risk = 'Low - flags for manual replacement';
-      break;
-    default:
-      return { preview: `  ${c.dim}No preview available${c.reset}`, risk: 'Unknown' };
-  }
-
-  return {
-    preview: `  ${c.red}- ${before.trim()}${c.reset}\n  ${c.green}+ ${after.trim()}${c.reset}`,
-    risk,
-  };
-}
-
-async function applyAutofix(projectPath, finding, options) {
-  const filePath = path.join(projectPath, finding.file);
-  
-  if (!fs.existsSync(filePath)) {
-    throw new Error(`File not found: ${finding.file}`);
-  }
-
-  const content = fs.readFileSync(filePath, 'utf8');
-  const lines = content.split('\n');
-  const lineIndex = finding.line - 1;
-
-  if (lineIndex < 0 || lineIndex >= lines.length) {
-    throw new Error(`Invalid line number: ${finding.line}`);
-  }
-
-  let newContent = content;
-  const ruleId = finding.ruleId;
-
-  // Apply fixes based on rule type
-  switch (ruleId) {
-    case 'empty-catch':
-      newContent = fixEmptyCatch(lines, lineIndex, filePath);
-      break;
-    case 'dangerous-default':
-      newContent = fixDangerousDefault(lines, lineIndex, filePath);
-      break;
-    case 'placeholder-value':
-      newContent = fixPlaceholderValue(lines, lineIndex, filePath);
-      break;
-    default:
-      return false;
-  }
-
-  if (newContent !== content) {
-    if (!options.dryRun) {
-      fs.writeFileSync(filePath, newContent, 'utf8');
-    }
-    return true;
-  }
-
-  return false;
-}
-
-function fixEmptyCatch(lines, lineIndex, filePath) {
-  const line = lines[lineIndex];
-  const newLines = [...lines];
-
-  // Find the catch block
-  if (line.includes('catch') && line.includes('{')) {
-    // Simple case: catch {} on one line
-    if (line.match(/catch\s*(?:\([^)]*\))?\s*\{\s*\}/)) {
-      const indent = line.match(/^(\s*)/)?.[1] || '';
-      newLines[lineIndex] = line.replace(
-        /catch\s*(?:\(([^)]*)\))?\s*\{\s*\}/,
-        (match, errVar) => {
-          const varName = errVar || 'err';
-          return `catch (${varName}) {\n${indent}  console.error('Error:', ${varName});\n${indent}  throw ${varName};\n${indent}}`;
-        }
-      );
-    }
-  }
-
-  return newLines.join('\n');
-}
-
-function fixDangerousDefault(lines, lineIndex, filePath) {
-  const line = lines[lineIndex];
-  const newLines = [...lines];
-
-  // Remove dangerous default
-  if (line.includes('process.env.') && (line.includes('||') || line.includes('??'))) {
-    newLines[lineIndex] = line.replace(
-      /\s*(\|\||\?\?)\s*['"][^'"]*['"]/,
-      ''
-    );
-  }
-
-  return newLines.join('\n');
-}
-
-function fixPlaceholderValue(lines, lineIndex, filePath) {
-  const line = lines[lineIndex];
-  const newLines = [...lines];
-
-  // Replace placeholder with TODO comment
-  newLines[lineIndex] = line.replace(
-    /(CHANGEME|REPLACE_ME|YOUR_[A-Z0-9_]+|INSERT_[A-Z0-9_]+)/g,
-    (match) => `/* TODO: Replace ${match} */ ''`
-  );
-
-  return newLines.join('\n');
-}
-
-async function loadLatestScan(projectPath) {
-  const scanDir = path.join(projectPath, '.vibecheck', 'reality-sniff', 'scans');
-  
-  if (!fs.existsSync(scanDir)) {
-    return null;
-  }
-
-  try {
-    const files = fs.readdirSync(scanDir)
-      .filter(f => f.endsWith('.json'))
-      .map(f => ({
-        name: f,
-        path: path.join(scanDir, f),
-        mtime: fs.statSync(path.join(scanDir, f)).mtime,
-      }))
-      .sort((a, b) => b.mtime - a.mtime);
-
-    if (files.length === 0) {
-      return null;
-    }
-
-    const content = fs.readFileSync(files[0].path, 'utf8');
-    return JSON.parse(content);
-  } catch {
-    return null;
-  }
-}
+// ═══════════════════════════════════════════════════════════════════════════════
+// NOTE: Legacy rule-based fix functions (showFixPlan, applyFixes, etc.) were removed.
+// The fix command now uses the mission-based system exclusively, which provides:
+// - LLM-generated patches with Reality Firewall prompt
+// - Automatic backup/restore on failure
+// - Progress detection and stagnation handling
+// - Integration with ship verification
+// ═══════════════════════════════════════════════════════════════════════════════
 
 function parseArgs(args) {
   // Parse global flags first
   const { flags: globalFlags, cleanArgs } = parseGlobalFlags(args);
   
   const opts = {
-    ...globalFlags, // Merge global flags (json, verbose, noBanner, quiet, ci, etc.)
+    ...globalFlags, // Merge global flags (json, verbose, noBanner, quiet, ci, help, etc.)
     path: globalFlags.path || process.cwd(),
     apply: false,
     promptOnly: false,
@@ -1153,7 +847,7 @@ function parseArgs(args) {
     maxSteps: 10,
     stagnationLimit: 2,
     fastifyEntry: null,
-    help: false,
+    // Note: help comes from globalFlags, don't override it here
   };
 
   // Parse command-specific args from cleanArgs
@@ -1208,13 +902,29 @@ function printHelp(showBanner = true) {
     ${colors.shipGreen}${ICONS.stop}${c.reset} Progress detector stops on stagnation
 
   ${c.bold}Mission Types:${c.reset}
+    ${c.dim}Security & Auth:${c.reset}
     ${colors.critical}${ICONS.lock}${c.reset} REMOVE_OWNER_MODE      ${c.dim}Delete backdoor env bypass${c.reset}
+    ${colors.critical}${ICONS.lock}${c.reset} FIX_HARDCODED_SECRETS  ${c.dim}Move secrets to env vars${c.reset}
+    ${colors.critical}${ICONS.key}${c.reset} FIX_TEST_KEYS          ${c.dim}Replace test API keys${c.reset}
+    ${colors.critical}${ICONS.shield}${c.reset} FIX_AUTH_DRIFT         ${c.dim}Restore removed auth patterns${c.reset}
+    ${colors.medium}${ICONS.auth}${c.reset} ADD_SERVER_AUTH        ${c.dim}Add auth to sensitive endpoints${c.reset}
+
+    ${c.dim}Billing & Payments:${c.reset}
     ${colors.high}${ICONS.money}${c.reset} FIX_STRIPE_WEBHOOKS    ${c.dim}Add signature verification + idempotency${c.reset}
     ${colors.high}${ICONS.shield}${c.reset} ENFORCE_PAID_SURFACE   ${c.dim}Add server-side entitlement checks${c.reset}
-    ${colors.medium}${ICONS.auth}${c.reset} ADD_SERVER_AUTH        ${c.dim}Add auth to sensitive endpoints${c.reset}
-    ${colors.medium}${ICONS.route}${c.reset} FIX_MISSING_ROUTE      ${c.dim}Wire client refs to server routes${c.reset}
+    ${colors.critical}${ICONS.money}${c.reset} FIX_SIMULATED_BILLING  ${c.dim}Replace fake billing with real${c.reset}
+
+    ${c.dim}Reality & Data:${c.reset}
+    ${colors.critical}${ICONS.link}${c.reset} FIX_MOCK_DOMAINS       ${c.dim}Replace localhost/mock URLs${c.reset}
     ${colors.medium}${ICONS.ghost}${c.reset} FIX_FAKE_SUCCESS       ${c.dim}Gate success UI on network result${c.reset}
+    ${colors.medium}${ICONS.doc}${c.reset} FIX_PLACEHOLDER_DATA   ${c.dim}Replace lorem ipsum with real data${c.reset}
+    ${colors.high}${ICONS.warning}${c.reset} FIX_SILENT_FALLBACK    ${c.dim}Make failures visible${c.reset}
+
+    ${c.dim}Code Quality:${c.reset}
+    ${colors.high}${ICONS.bug}${c.reset} FIX_EMPTY_CATCH        ${c.dim}Add error handling to catch blocks${c.reset}
+    ${colors.medium}${ICONS.route}${c.reset} FIX_MISSING_ROUTE      ${c.dim}Wire client refs to server routes${c.reset}
     ${colors.low}${ICONS.env}${c.reset} FIX_ENV_CONTRACT       ${c.dim}Add missing env vars to templates${c.reset}
+    ${colors.low}${ICONS.dead}${c.reset} FIX_DEAD_UI            ${c.dim}Make UI actions functional${c.reset}
 
   ${c.bold}LLM Configuration:${c.reset}
     ${c.dim}Set these environment variables:${c.reset}

package/bin/runners/runInit.js

@@ -1054,6 +1054,17 @@ function printNextSteps(options = {}) {
   console.log();
   console.log(`  ${c.dim}Full docs:${c.reset} ${colors.info}https://docs.vibecheckai.dev${c.reset}`);
   console.log();
+  
+  // Upsell box
+  console.log(`  ${c.dim}╭────────────────────────────────────────────────────────────╮${c.reset}`);
+  console.log(`  ${c.dim}│${c.reset}                                                            ${c.dim}│${c.reset}`);
+  console.log(`  ${c.dim}│${c.reset}  ${colors.accent}⚡ STARTER${c.reset} ${c.dim}•${c.reset} AI-powered fixes, GitHub CI, MCP tools       ${c.dim}│${c.reset}`);
+  console.log(`  ${c.dim}│${c.reset}  ${colors.accent}🏆 PRO${c.reset}     ${c.dim}•${c.reset} Runtime proof, verified badges, AI testing   ${c.dim}│${c.reset}`);
+  console.log(`  ${c.dim}│${c.reset}                                                            ${c.dim}│${c.reset}`);
+  console.log(`  ${c.dim}│${c.reset}  ${colors.info}vibecheck login${c.reset} ${c.dim}to upgrade • vibecheck.dev/pricing${c.reset}       ${c.dim}│${c.reset}`);
+  console.log(`  ${c.dim}│${c.reset}                                                            ${c.dim}│${c.reset}`);
+  console.log(`  ${c.dim}╰────────────────────────────────────────────────────────────╯${c.reset}`);
+  console.log();
 }
 
 // ═══════════════════════════════════════════════════════════════════════════════

package/bin/runners/runPolish.d.ts

@@ -0,0 +1,4 @@
+/**
+ * Type declarations for runPolish.js
+ */
+export function runPolish(args: string[]): Promise<number>;