@vibecheckai/cli 3.2.0 → 3.2.2

package/bin/runners/lib/agent-firewall/git-hook/pre-commit.js

@@ -0,0 +1,163 @@
+/**
+ * Git Pre-Commit Hook
+ * 
+ * Validates all staged changes against firewall policy before allowing commit.
+ */
+
+"use strict";
+
+const { execSync } = require("child_process");
+const fs = require("fs");
+const path = require("path");
+const { interceptFileWrite } = require("../interceptor/base");
+const { loadPolicy } = require("../policy/loader");
+
+/**
+ * Run pre-commit validation
+ * @param {string} projectRoot - Project root directory
+ * @returns {object} Validation result
+ */
+async function validatePreCommit(projectRoot) {
+  const policy = loadPolicy(projectRoot);
+
+  // Only enforce in enforce mode
+  if (policy.mode !== "enforce") {
+    return { allowed: true, message: "Firewall in observe mode - commit allowed" };
+  }
+
+  try {
+    // Get staged files
+    const stagedFiles = getStagedFiles(projectRoot);
+    
+    if (stagedFiles.length === 0) {
+      return { allowed: true, message: "No files staged" };
+    }
+
+    console.log(`🛡️  Agent Firewall: Validating ${stagedFiles.length} staged file(s)...\n`);
+
+    const violations = [];
+    const blockedFiles = [];
+
+    // Validate each staged file
+    for (const filePath of stagedFiles) {
+      const fileAbs = path.join(projectRoot, filePath);
+      
+      if (!fs.existsSync(fileAbs)) {
+        continue; // File was deleted, skip
+      }
+
+      // Get old content from git
+      let oldContent = null;
+      try {
+        oldContent = execSync(
+          `git show :${filePath}`,
+          { cwd: projectRoot, encoding: "utf8", stdio: "pipe" }
+        );
+      } catch {
+        // File not in git (new file), that's okay
+      }
+
+      // Get new content
+      const newContent = fs.readFileSync(fileAbs, "utf8");
+
+      // Intercept the change
+      const result = await interceptFileWrite({
+        projectRoot,
+        agentId: "git-pre-commit",
+        intent: `Git commit: ${filePath}`,
+        filePath: filePath,
+        content: newContent,
+        oldContent: oldContent
+      });
+
+      if (!result.allowed) {
+        violations.push(...(result.violations || []));
+        blockedFiles.push({
+          file: filePath,
+          violations: result.violations || [],
+          unblockPlan: result.unblockPlan
+        });
+      }
+    }
+
+    if (blockedFiles.length > 0) {
+      console.error("\n❌ COMMIT BLOCKED by Agent Firewall\n");
+      console.error("Violations detected:\n");
+
+      blockedFiles.forEach(({ file, violations: fileViolations }) => {
+        console.error(`  ${file}:`);
+        fileViolations.forEach(v => {
+          console.error(`    - ${v.rule}: ${v.message}`);
+        });
+        console.error("");
+      });
+
+      // Show unblock plans
+      const allPlans = blockedFiles
+        .filter(bf => bf.unblockPlan && bf.unblockPlan.steps.length > 0)
+        .flatMap(bf => bf.unblockPlan.steps);
+
+      if (allPlans.length > 0) {
+        console.error("To fix:");
+        const uniqueSteps = new Map();
+        allPlans.forEach(step => {
+          const key = `${step.action}:${step.file}`;
+          if (!uniqueSteps.has(key)) {
+            uniqueSteps.set(key, step);
+          }
+        });
+        Array.from(uniqueSteps.values()).forEach((step, i) => {
+          console.error(`  ${i + 1}. ${step.action.toUpperCase()}: ${step.file}`);
+          console.error(`     ${step.description}`);
+        });
+        console.error("");
+      }
+
+      return {
+        allowed: false,
+        message: `Commit blocked: ${blockedFiles.length} file(s) have violations`,
+        blockedFiles,
+        violations
+      };
+    }
+
+    console.log("✅ All staged files validated - commit allowed\n");
+    return { allowed: true, message: "All files validated" };
+
+  } catch (error) {
+    console.error(`Error validating commit: ${error.message}`);
+    // In case of error, allow commit (fail open)
+    return { allowed: true, message: `Validation error: ${error.message}` };
+  }
+}
+
+/**
+ * Get list of staged files
+ * @param {string} projectRoot - Project root directory
+ * @returns {array} Array of staged file paths
+ */
+function getStagedFiles(projectRoot) {
+  try {
+    const output = execSync(
+      "git diff --cached --name-only --diff-filter=ACMR",
+      { cwd: projectRoot, encoding: "utf8", stdio: "pipe" }
+    );
+    return output
+      .trim()
+      .split("\n")
+      .filter(Boolean)
+      .filter(file => {
+        // Only check code files
+        const ext = path.extname(file);
+        return [".ts", ".tsx", ".js", ".jsx", ".py", ".go", ".rs"].includes(ext);
+      });
+  } catch (error) {
+    // Not a git repo or no staged files
+    return [];
+  }
+}
+
+module.exports = {
+  validatePreCommit,
+  getStagedFiles
+};

package/bin/runners/lib/agent-firewall/ide-extension/cursor.js

@@ -0,0 +1,107 @@
+/**
+ * Cursor IDE Extension Hook
+ * 
+ * Intercepts file writes at the IDE level for Cursor.
+ * Uses Cursor's extension API to hook into file save events.
+ */
+
+"use strict";
+
+const { interceptFileWrite } = require("../interceptor/base");
+const { loadPolicy } = require("../policy/loader");
+const fs = require("fs");
+const path = require("path");
+
+/**
+ * Cursor extension hook
+ * This would be called by a Cursor extension
+ */
+class CursorFirewallHook {
+  constructor(projectRoot) {
+    this.projectRoot = projectRoot;
+    this.isEnabled = false;
+  }
+
+  /**
+   * Enable the hook
+   */
+  enable() {
+    this.isEnabled = true;
+    this.createCursorConfig();
+  }
+
+  /**
+   * Create Cursor configuration file
+   */
+  createCursorConfig() {
+    const cursorDir = path.join(this.projectRoot, ".cursor");
+    if (!fs.existsSync(cursorDir)) {
+      fs.mkdirSync(cursorDir, { recursive: true });
+    }
+
+    const configFile = path.join(cursorDir, "firewall-hook.json");
+    const config = {
+      enabled: true,
+      mode: "enforce",
+      interceptOnSave: true,
+      interceptOnCreate: true,
+      interceptOnEdit: false // Only on save/create, not every keystroke
+    };
+
+    fs.writeFileSync(configFile, JSON.stringify(config, null, 2));
+  }
+
+  /**
+   * Intercept file save (called by Cursor extension)
+   */
+  async interceptSave(filePath, content, oldContent) {
+    if (!this.isEnabled) {
+      return { allowed: true };
+    }
+
+    const policy = loadPolicy(this.projectRoot);
+
+    // In observe mode, just log
+    if (policy.mode === "observe") {
+      const result = await interceptFileWrite({
+        projectRoot: this.projectRoot,
+        agentId: "cursor-ide",
+        intent: "File save in Cursor",
+        filePath: filePath,
+        content: content,
+        oldContent: oldContent
+      });
+
+      if (result.violations && result.violations.length > 0) {
+        console.log(`📊 OBSERVE: ${filePath} - violations logged`);
+      }
+
+      return { allowed: true };
+    }
+
+    // In enforce mode, block violations
+    const result = await interceptFileWrite({
+      projectRoot: this.projectRoot,
+      agentId: "cursor-ide",
+      intent: "File save in Cursor",
+      filePath: filePath,
+      content: content,
+      oldContent: oldContent
+    });
+
+    if (!result.allowed) {
+      return {
+        allowed: false,
+        message: result.message,
+        violations: result.violations,
+        unblockPlan: result.unblockPlan
+      };
+    }
+
+    return { allowed: true };
+  }
+}
+
+module.exports = {
+  CursorFirewallHook
+};

package/bin/runners/lib/agent-firewall/ide-extension/vscode.js

@@ -0,0 +1,68 @@
+/**
+ * VS Code Extension Hook
+ * 
+ * Intercepts file writes at the IDE level for VS Code.
+ * Uses VS Code's extension API.
+ */
+
+"use strict";
+
+const { interceptFileWrite } = require("../interceptor/base");
+const { loadPolicy } = require("../policy/loader");
+
+/**
+ * VS Code extension hook
+ * This would be called by a VS Code extension
+ */
+class VSCodeFirewallHook {
+  constructor(projectRoot) {
+    this.projectRoot = projectRoot;
+    this.isEnabled = false;
+  }
+
+  /**
+   * Enable the hook
+   */
+  enable() {
+    this.isEnabled = true;
+  }
+
+  /**
+   * Intercept file save (called by VS Code extension)
+   */
+  async interceptSave(filePath, content, oldContent) {
+    if (!this.isEnabled) {
+      return { allowed: true };
+    }
+
+    const policy = loadPolicy(this.projectRoot);
+
+    const result = await interceptFileWrite({
+      projectRoot: this.projectRoot,
+      agentId: "vscode-ide",
+      intent: "File save in VS Code",
+      filePath: filePath,
+      content: content,
+      oldContent: oldContent
+    });
+
+    if (policy.mode === "observe") {
+      return { allowed: true }; // Always allow in observe mode
+    }
+
+    if (!result.allowed) {
+      return {
+        allowed: false,
+        message: result.message,
+        violations: result.violations,
+        unblockPlan: result.unblockPlan
+      };
+    }
+
+    return { allowed: true };
+  }
+}
+
+module.exports = {
+  VSCodeFirewallHook
+};

package/bin/runners/lib/agent-firewall/ide-extension/windsurf.js

@@ -0,0 +1,66 @@
+/**
+ * Windsurf IDE Extension Hook
+ * 
+ * Intercepts file writes at the IDE level for Windsurf.
+ */
+
+"use strict";
+
+const { interceptFileWrite } = require("../interceptor/base");
+const { loadPolicy } = require("../policy/loader");
+
+/**
+ * Windsurf extension hook
+ */
+class WindsurfFirewallHook {
+  constructor(projectRoot) {
+    this.projectRoot = projectRoot;
+    this.isEnabled = false;
+  }
+
+  /**
+   * Enable the hook
+   */
+  enable() {
+    this.isEnabled = true;
+  }
+
+  /**
+   * Intercept file save
+   */
+  async interceptSave(filePath, content, oldContent) {
+    if (!this.isEnabled) {
+      return { allowed: true };
+    }
+
+    const policy = loadPolicy(this.projectRoot);
+
+    const result = await interceptFileWrite({
+      projectRoot: this.projectRoot,
+      agentId: "windsurf-ide",
+      intent: "File save in Windsurf",
+      filePath: filePath,
+      content: content,
+      oldContent: oldContent
+    });
+
+    if (policy.mode === "observe") {
+      return { allowed: true };
+    }
+
+    if (!result.allowed) {
+      return {
+        allowed: false,
+        message: result.message,
+        violations: result.violations,
+        unblockPlan: result.unblockPlan
+      };
+    }
+
+    return { allowed: true };
+  }
+}
+
+module.exports = {
+  WindsurfFirewallHook
+};

package/bin/runners/lib/agent-firewall/interceptor/base.js

@@ -0,0 +1,304 @@
+/**
+ * Base Interceptor
+ * 
+ * Common logic for all IDE interceptors.
+ */
+
+"use strict";
+
+const path = require("path");
+const fs = require("fs");
+const { extractClaims } = require("../claims/extractor");
+const { resolveEvidence } = require("../evidence/resolver");
+const { evaluatePolicy } = require("../policy/engine");
+const { buildChangePacket, buildMultiFileChangePacket } = require("../change-packet/builder");
+const { storePacket } = require("../change-packet/store");
+const { generateUnblockPlan } = require("../unblock/planner");
+const { loadPolicy } = require("../policy/loader");
+
+/**
+ * Intercept a file write attempt
+ * @param {object} params
+ * @param {string} params.projectRoot - Project root directory
+ * @param {string} params.agentId - Agent identifier
+ * @param {string} params.intent - Agent intent message
+ * @param {string} params.filePath - File path (relative to project root)
+ * @param {string} params.content - New file content
+ * @param {string} params.oldContent - Old file content (optional)
+ * @returns {object} Interception result
+ */
+async function interceptFileWrite({
+  projectRoot,
+  agentId,
+  intent,
+  filePath,
+  content,
+  oldContent = null
+}) {
+  // Load policy
+  const policy = loadPolicy(projectRoot);
+  
+  // Generate diff
+  const diff = generateDiff(oldContent, content);
+  
+  // Extract claims - write content to temp file if file doesn't exist
+  const fileAbs = path.join(projectRoot, filePath);
+  let tempFile = null;
+  
+  if (!fs.existsSync(fileAbs) && content) {
+    // Write content to temp file for extraction
+    const tempDir = path.join(projectRoot, ".vibecheck", "temp");
+    if (!fs.existsSync(tempDir)) {
+      fs.mkdirSync(tempDir, { recursive: true });
+    }
+    tempFile = path.join(tempDir, path.basename(filePath));
+    fs.writeFileSync(tempFile, content, "utf8");
+  }
+  
+  const fileToExtract = fs.existsSync(fileAbs) ? fileAbs : (tempFile || fileAbs);
+  const { claims } = extractClaims({
+    repoRoot: projectRoot,
+    changedFilesAbs: [fileToExtract]
+  });
+  
+  // Clean up temp file
+  if (tempFile && fs.existsSync(tempFile)) {
+    fs.unlinkSync(tempFile);
+  }
+  
+  // Resolve evidence
+  const evidence = resolveEvidence(projectRoot, claims);
+  
+  // Build file info
+  const files = [{
+    path: filePath,
+    linesChanged: calculateLinesChanged(diff),
+    domain: classifyFileDomain(filePath)
+  }];
+  
+  // Evaluate policy
+  const verdict = evaluatePolicy({
+    policy,
+    claims,
+    evidence,
+    files,
+    intent
+  });
+  
+  // Generate unblock plan if blocked
+  let unblockPlan = null;
+  if (verdict.decision === "BLOCK") {
+    unblockPlan = generateUnblockPlan({
+      violations: verdict.violations,
+      claims,
+      projectRoot
+    });
+  }
+  
+  // Build change packet
+  const packet = buildChangePacket({
+    agentId,
+    intent,
+    diff,
+    filePath,
+    claims,
+    evidence,
+    verdict,
+    unblockPlan,
+    policy
+  });
+  
+  // Store packet if policy requires it
+  if (policy.output?.write_change_packets !== false) {
+    storePacket(projectRoot, packet);
+  }
+  
+  // Return interception result
+  return {
+    allowed: verdict.decision === "ALLOW",
+    verdict: verdict.decision,
+    violations: verdict.violations,
+    unblockPlan,
+    packetId: packet.id,
+    message: verdict.message
+  };
+}
+
+/**
+ * Intercept multiple file writes
+ */
+async function interceptMultiFileWrite({
+  projectRoot,
+  agentId,
+  intent,
+  changes
+}) {
+  // Load policy
+  const policy = loadPolicy(projectRoot);
+  
+  // Extract claims from all files
+  const allClaims = [];
+  const allFiles = [];
+  
+  for (const change of changes) {
+    const fileAbs = path.join(projectRoot, change.filePath);
+    const { claims } = extractClaims({
+      repoRoot: projectRoot,
+      changedFilesAbs: [fileAbs]
+    });
+    
+    allClaims.push(...claims.map(c => ({ ...c, file: change.filePath })));
+    allFiles.push({
+      path: change.filePath,
+      linesChanged: calculateLinesChanged(change.diff),
+      domain: classifyFileDomain(change.filePath)
+    });
+  }
+  
+  // Resolve evidence
+  const evidence = resolveEvidence(projectRoot, allClaims);
+  
+  // Evaluate policy
+  const verdict = evaluatePolicy({
+    policy,
+    claims: allClaims,
+    evidence,
+    files: allFiles,
+    intent
+  });
+  
+  // Generate unblock plan if blocked
+  let unblockPlan = null;
+  if (verdict.decision === "BLOCK") {
+    unblockPlan = generateUnblockPlan({
+      violations: verdict.violations,
+      claims: allClaims,
+      projectRoot
+    });
+  }
+  
+  // Build change packet
+  const packet = buildMultiFileChangePacket({
+    agentId,
+    intent,
+    changes: changes.map(c => ({
+      filePath: c.filePath,
+      diff: c.diff,
+      claims: allClaims.filter(cl => cl.file === c.filePath)
+    })),
+    evidence,
+    verdict,
+    unblockPlan,
+    policy
+  });
+  
+  // Store packet if policy requires it
+  if (policy.output?.write_change_packets !== false) {
+    storePacket(projectRoot, packet);
+  }
+  
+  // Return interception result
+  return {
+    allowed: verdict.decision === "ALLOW",
+    verdict: verdict.decision,
+    violations: verdict.violations,
+    unblockPlan,
+    packetId: packet.id,
+    message: verdict.message
+  };
+}
+
+/**
+ * Generate unified diff
+ */
+function generateDiff(oldContent, newContent) {
+  if (!oldContent) {
+    return {
+      before: "",
+      after: newContent,
+      unified: generateUnifiedDiff("", newContent)
+    };
+  }
+  
+  return {
+    before: oldContent,
+    after: newContent,
+    unified: generateUnifiedDiff(oldContent, newContent)
+  };
+}
+
+/**
+ * Generate unified diff format
+ */
+function generateUnifiedDiff(oldContent, newContent) {
+  const oldLines = oldContent.split(/\r?\n/);
+  const newLines = newContent.split(/\r?\n/);
+  
+  const diff = [];
+  let i = 0, j = 0;
+  
+  while (i < oldLines.length || j < newLines.length) {
+    if (i >= oldLines.length) {
+      diff.push(`+${newLines[j]}`);
+      j++;
+    } else if (j >= newLines.length) {
+      diff.push(`-${oldLines[i]}`);
+      i++;
+    } else if (oldLines[i] === newLines[j]) {
+      diff.push(` ${oldLines[i]}`);
+      i++;
+      j++;
+    } else {
+      // Try to find matching line ahead
+      let found = false;
+      for (let k = j + 1; k < Math.min(j + 10, newLines.length); k++) {
+        if (oldLines[i] === newLines[k]) {
+          // Add new lines
+          for (let l = j; l < k; l++) {
+            diff.push(`+${newLines[l]}`);
+          }
+          j = k;
+          found = true;
+          break;
+        }
+      }
+      
+      if (!found) {
+        diff.push(`-${oldLines[i]}`);
+        diff.push(`+${newLines[j]}`);
+        i++;
+        j++;
+      }
+    }
+  }
+  
+  return diff.join("\n");
+}
+
+/**
+ * Calculate lines changed from diff
+ */
+function calculateLinesChanged(diff) {
+  if (!diff || !diff.unified) return 0;
+  return diff.unified.split('\n').filter(line => 
+    line.startsWith('+') || line.startsWith('-')
+  ).length;
+}
+
+/**
+ * Classify file domain
+ */
+function classifyFileDomain(filePath) {
+  const s = filePath.toLowerCase();
+  if (s.includes("auth")) return "auth";
+  if (s.includes("stripe") || s.includes("payment")) return "payments";
+  if (s.includes("routes") || s.includes("router") || s.includes("api")) return "routes";
+  if (s.includes("schema") || s.includes("contract") || s.includes("openapi")) return "contracts";
+  if (s.includes("ui") || s.includes("components") || s.includes("pages")) return "ui";
+  return "general";
+}
+
+module.exports = {
+  interceptFileWrite,
+  interceptMultiFileWrite
+};