@vibecheckai/cli 3.2.2 → 3.2.4

package/bin/runners/lib/graph/index.js

@@ -1,32 +1,32 @@
-/**
- * Reality Proof Graph - Module Index
- * 
- * Exports all graph functionality for CLI and MCP use
- */
-
-"use strict";
-
-const { extractStaticGraph } = require("./static-extractor");
-const { buildProofGraph, mergeRuntimeResults, computeGraphDiff, getFindingsFromGraph } = require("./graph-builder");
-const { renderGraphHtml, renderGraphMermaid } = require("./html-renderer");
-const { generateFetchWrapper, collectRequests, buildRuntimeEdges } = require("./runtime-collector");
-
-module.exports = {
-  // Static extraction
-  extractStaticGraph,
-  
-  // Graph building
-  buildProofGraph,
-  mergeRuntimeResults,
-  computeGraphDiff,
-  getFindingsFromGraph,
-  
-  // Rendering
-  renderGraphHtml,
-  renderGraphMermaid,
-  
-  // Runtime collection
-  generateFetchWrapper,
-  collectRequests,
-  buildRuntimeEdges
-};
+/**
+ * Reality Proof Graph - Module Index
+ * 
+ * Exports all graph functionality for CLI and MCP use
+ */
+
+"use strict";
+
+const { extractStaticGraph } = require("./static-extractor");
+const { buildProofGraph, mergeRuntimeResults, computeGraphDiff, getFindingsFromGraph } = require("./graph-builder");
+const { renderGraphHtml, renderGraphMermaid } = require("./html-renderer");
+const { generateFetchWrapper, collectRequests, buildRuntimeEdges } = require("./runtime-collector");
+
+module.exports = {
+  // Static extraction
+  extractStaticGraph,
+  
+  // Graph building
+  buildProofGraph,
+  mergeRuntimeResults,
+  computeGraphDiff,
+  getFindingsFromGraph,
+  
+  // Rendering
+  renderGraphHtml,
+  renderGraphMermaid,
+  
+  // Runtime collection
+  generateFetchWrapper,
+  collectRequests,
+  buildRuntimeEdges
+};

package/bin/runners/lib/graph/runtime-collector.js

@@ -1,215 +1,215 @@
-/**
- * Runtime Collector
- * Collects runtime edges during reality mode execution
- */
-
-"use strict";
-
-const crypto = require("crypto");
-
-function sha256(text) {
-  return crypto.createHash("sha256").update(text).digest("hex").slice(0, 16);
-}
-
-/**
- * Generate client-side fetch wrapper code to inject
- */
-function generateFetchWrapper() {
-  return `
-(function() {
-  if (window.__vibecheck_fetch_patched) return;
-  window.__vibecheck_fetch_patched = true;
-  window.__vibecheck_requests = [];
-  
-  const originalFetch = window.fetch;
-  window.fetch = async function(...args) {
-    const start = Date.now();
-    const url = typeof args[0] === 'string' ? args[0] : args[0]?.url;
-    const method = args[1]?.method || 'GET';
-    const correlationId = Math.random().toString(36).slice(2);
-    
-    try {
-      const newArgs = [...args];
-      if (typeof newArgs[1] === 'object') {
-        newArgs[1] = { ...newArgs[1], headers: { ...newArgs[1].headers, 'x-vibecheck-trace': correlationId } };
-      } else {
-        newArgs[1] = { headers: { 'x-vibecheck-trace': correlationId } };
-      }
-      
-      const response = await originalFetch.apply(this, newArgs);
-      const latencyMs = Date.now() - start;
-      
-      window.__vibecheck_requests.push({
-        correlationId,
-        method: method.toUpperCase(),
-        url,
-        status: response.status,
-        latencyMs,
-        error: null,
-        timestamp: Date.now()
-      });
-      
-      return response;
-    } catch (error) {
-      window.__vibecheck_requests.push({
-        correlationId,
-        method: method.toUpperCase(),
-        url,
-        status: 0,
-        latencyMs: Date.now() - start,
-        error: error.message,
-        timestamp: Date.now()
-      });
-      throw error;
-    }
-  };
-})();
-`;
-}
-
-/**
- * Collect requests from page
- */
-async function collectRequests(page) {
-  try {
-    return await page.evaluate(() => {
-      const requests = window.__vibecheck_requests || [];
-      window.__vibecheck_requests = [];
-      return requests;
-    });
-  } catch {
-    return [];
-  }
-}
-
-/**
- * Build runtime edges from collected requests
- */
-function buildRuntimeEdges(requests, staticGraph) {
-  const edges = [];
-  const nodeMap = new Map(staticGraph.nodes.map(n => [n.id, n]));
-  
-  // Find network_call nodes that match requests
-  const networkNodes = staticGraph.nodes.filter(n => n.type === "network_call");
-  const routeNodes = staticGraph.nodes.filter(n => n.type === "server_route");
-  
-  for (const req of requests) {
-    // Find matching network call node
-    const networkNode = networkNodes.find(n => 
-      n.url === req.url && 
-      (n.method === "*" || n.method === req.method)
-    );
-    
-    // Find matching server route node
-    const routeNode = routeNodes.find(n =>
-      matchesRoute(n.path, req.url) &&
-      (n.method === "*" || n.method === req.method)
-    );
-    
-    if (networkNode && routeNode) {
-      edges.push({
-        id: `runtime_${sha256(networkNode.id + "_" + routeNode.id + "_" + req.correlationId)}`,
-        from: networkNode.id,
-        to: routeNode.id,
-        type: "runtime_verified",
-        confidence: "high",
-        data: {
-          status: req.status,
-          latencyMs: req.latencyMs,
-          error: req.error,
-          correlationId: req.correlationId
-        }
-      });
-    }
-    
-    // Check for failed requests that indicate broken edges
-    if (req.status >= 400 || req.error) {
-      edges.push({
-        id: `runtime_error_${sha256(req.url + "_" + req.correlationId)}`,
-        from: networkNode?.id || `client_${sha256(req.url)}`,
-        to: routeNode?.id || `route_${sha256(req.url)}`,
-        type: "runtime_error",
-        confidence: "high",
-        broken: true,
-        brokenReason: req.error || `Server returned ${req.status}`,
-        data: {
-          status: req.status,
-          latencyMs: req.latencyMs,
-          error: req.error,
-          url: req.url,
-          method: req.method
-        }
-      });
-    }
-  }
-  
-  return edges;
-}
-
-function matchesRoute(pattern, url) {
-  // Extract path from URL
-  let path;
-  try {
-    path = new URL(url, "http://localhost").pathname;
-  } catch {
-    path = url;
-  }
-  
-  // Normalize
-  const normPattern = pattern.replace(/\/$/, "") || "/";
-  const normPath = path.replace(/\/$/, "") || "/";
-  
-  if (normPattern === normPath) return true;
-  
-  // Check parameterized match
-  const patternParts = normPattern.split("/").filter(Boolean);
-  const pathParts = normPath.split("/").filter(Boolean);
-  
-  if (patternParts.length !== pathParts.length) return false;
-  
-  for (let i = 0; i < patternParts.length; i++) {
-    const p = patternParts[i];
-    if (p.startsWith(":") || p.startsWith("*")) continue;
-    if (p !== pathParts[i]) return false;
-  }
-  
-  return true;
-}
-
-/**
- * Generate Fastify hooks code for server-side tracing
- */
-function generateFastifyHooks() {
-  return `
-// Add to your Fastify server for runtime tracing
-fastify.addHook('onRequest', async (request, reply) => {
-  request.vibecheckTrace = {
-    correlationId: request.headers['x-vibecheck-trace'] || null,
-    startTime: Date.now()
-  };
-});
-
-fastify.addHook('onResponse', async (request, reply) => {
-  if (!request.vibecheckTrace) return;
-  
-  const trace = {
-    correlationId: request.vibecheckTrace.correlationId,
-    routeId: request.routeOptions?.url || request.url,
-    method: request.method,
-    status: reply.statusCode,
-    latencyMs: Date.now() - request.vibecheckTrace.startTime,
-    authed: !!request.user
-  };
-  
-  // Log or send to vibecheck collector
-  console.log('[vibecheck-trace]', JSON.stringify(trace));
-});
-`;
-}
-
-module.exports = {
-  generateFetchWrapper,
-  collectRequests,
-  buildRuntimeEdges,
-  generateFastifyHooks
-};
+/**
+ * Runtime Collector
+ * Collects runtime edges during reality mode execution
+ */
+
+"use strict";
+
+const crypto = require("crypto");
+
+function sha256(text) {
+  return crypto.createHash("sha256").update(text).digest("hex").slice(0, 16);
+}
+
+/**
+ * Generate client-side fetch wrapper code to inject
+ */
+function generateFetchWrapper() {
+  return `
+(function() {
+  if (window.__vibecheck_fetch_patched) return;
+  window.__vibecheck_fetch_patched = true;
+  window.__vibecheck_requests = [];
+  
+  const originalFetch = window.fetch;
+  window.fetch = async function(...args) {
+    const start = Date.now();
+    const url = typeof args[0] === 'string' ? args[0] : args[0]?.url;
+    const method = args[1]?.method || 'GET';
+    const correlationId = Math.random().toString(36).slice(2);
+    
+    try {
+      const newArgs = [...args];
+      if (typeof newArgs[1] === 'object') {
+        newArgs[1] = { ...newArgs[1], headers: { ...newArgs[1].headers, 'x-vibecheck-trace': correlationId } };
+      } else {
+        newArgs[1] = { headers: { 'x-vibecheck-trace': correlationId } };
+      }
+      
+      const response = await originalFetch.apply(this, newArgs);
+      const latencyMs = Date.now() - start;
+      
+      window.__vibecheck_requests.push({
+        correlationId,
+        method: method.toUpperCase(),
+        url,
+        status: response.status,
+        latencyMs,
+        error: null,
+        timestamp: Date.now()
+      });
+      
+      return response;
+    } catch (error) {
+      window.__vibecheck_requests.push({
+        correlationId,
+        method: method.toUpperCase(),
+        url,
+        status: 0,
+        latencyMs: Date.now() - start,
+        error: error.message,
+        timestamp: Date.now()
+      });
+      throw error;
+    }
+  };
+})();
+`;
+}
+
+/**
+ * Collect requests from page
+ */
+async function collectRequests(page) {
+  try {
+    return await page.evaluate(() => {
+      const requests = window.__vibecheck_requests || [];
+      window.__vibecheck_requests = [];
+      return requests;
+    });
+  } catch {
+    return [];
+  }
+}
+
+/**
+ * Build runtime edges from collected requests
+ */
+function buildRuntimeEdges(requests, staticGraph) {
+  const edges = [];
+  const nodeMap = new Map(staticGraph.nodes.map(n => [n.id, n]));
+  
+  // Find network_call nodes that match requests
+  const networkNodes = staticGraph.nodes.filter(n => n.type === "network_call");
+  const routeNodes = staticGraph.nodes.filter(n => n.type === "server_route");
+  
+  for (const req of requests) {
+    // Find matching network call node
+    const networkNode = networkNodes.find(n => 
+      n.url === req.url && 
+      (n.method === "*" || n.method === req.method)
+    );
+    
+    // Find matching server route node
+    const routeNode = routeNodes.find(n =>
+      matchesRoute(n.path, req.url) &&
+      (n.method === "*" || n.method === req.method)
+    );
+    
+    if (networkNode && routeNode) {
+      edges.push({
+        id: `runtime_${sha256(networkNode.id + "_" + routeNode.id + "_" + req.correlationId)}`,
+        from: networkNode.id,
+        to: routeNode.id,
+        type: "runtime_verified",
+        confidence: "high",
+        data: {
+          status: req.status,
+          latencyMs: req.latencyMs,
+          error: req.error,
+          correlationId: req.correlationId
+        }
+      });
+    }
+    
+    // Check for failed requests that indicate broken edges
+    if (req.status >= 400 || req.error) {
+      edges.push({
+        id: `runtime_error_${sha256(req.url + "_" + req.correlationId)}`,
+        from: networkNode?.id || `client_${sha256(req.url)}`,
+        to: routeNode?.id || `route_${sha256(req.url)}`,
+        type: "runtime_error",
+        confidence: "high",
+        broken: true,
+        brokenReason: req.error || `Server returned ${req.status}`,
+        data: {
+          status: req.status,
+          latencyMs: req.latencyMs,
+          error: req.error,
+          url: req.url,
+          method: req.method
+        }
+      });
+    }
+  }
+  
+  return edges;
+}
+
+function matchesRoute(pattern, url) {
+  // Extract path from URL
+  let path;
+  try {
+    path = new URL(url, "http://localhost").pathname;
+  } catch {
+    path = url;
+  }
+  
+  // Normalize
+  const normPattern = pattern.replace(/\/$/, "") || "/";
+  const normPath = path.replace(/\/$/, "") || "/";
+  
+  if (normPattern === normPath) return true;
+  
+  // Check parameterized match
+  const patternParts = normPattern.split("/").filter(Boolean);
+  const pathParts = normPath.split("/").filter(Boolean);
+  
+  if (patternParts.length !== pathParts.length) return false;
+  
+  for (let i = 0; i < patternParts.length; i++) {
+    const p = patternParts[i];
+    if (p.startsWith(":") || p.startsWith("*")) continue;
+    if (p !== pathParts[i]) return false;
+  }
+  
+  return true;
+}
+
+/**
+ * Generate Fastify hooks code for server-side tracing
+ */
+function generateFastifyHooks() {
+  return `
+// Add to your Fastify server for runtime tracing
+fastify.addHook('onRequest', async (request, reply) => {
+  request.vibecheckTrace = {
+    correlationId: request.headers['x-vibecheck-trace'] || null,
+    startTime: Date.now()
+  };
+});
+
+fastify.addHook('onResponse', async (request, reply) => {
+  if (!request.vibecheckTrace) return;
+  
+  const trace = {
+    correlationId: request.vibecheckTrace.correlationId,
+    routeId: request.routeOptions?.url || request.url,
+    method: request.method,
+    status: reply.statusCode,
+    latencyMs: Date.now() - request.vibecheckTrace.startTime,
+    authed: !!request.user
+  };
+  
+  // Log or send to vibecheck collector
+  console.log('[vibecheck-trace]', JSON.stringify(trace));
+});
+`;
+}
+
+module.exports = {
+  generateFetchWrapper,
+  collectRequests,
+  buildRuntimeEdges,
+  generateFastifyHooks
+};