npm - @vibecheckai/cli - Versions diffs - 3.2.6 → 3.3.0 - Mend

@vibecheckai/cli 3.2.6 → 3.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (84) hide show

package/bin/registry.js +192 -5
package/bin/runners/lib/agent-firewall/change-packet/builder.js +280 -6
package/bin/runners/lib/agent-firewall/critic/index.js +151 -0
package/bin/runners/lib/agent-firewall/critic/judge.js +432 -0
package/bin/runners/lib/agent-firewall/critic/prompts.js +305 -0
package/bin/runners/lib/agent-firewall/lawbook/distributor.js +465 -0
package/bin/runners/lib/agent-firewall/lawbook/evaluator.js +604 -0
package/bin/runners/lib/agent-firewall/lawbook/index.js +304 -0
package/bin/runners/lib/agent-firewall/lawbook/registry.js +514 -0
package/bin/runners/lib/agent-firewall/lawbook/schema.js +420 -0
package/bin/runners/lib/agent-firewall/logger.js +141 -0
package/bin/runners/lib/agent-firewall/policy/loader.js +312 -4
package/bin/runners/lib/agent-firewall/policy/rules/ghost-env.js +113 -1
package/bin/runners/lib/agent-firewall/policy/rules/ghost-route.js +133 -6
package/bin/runners/lib/agent-firewall/proposal/extractor.js +394 -0
package/bin/runners/lib/agent-firewall/proposal/index.js +212 -0
package/bin/runners/lib/agent-firewall/proposal/schema.js +251 -0
package/bin/runners/lib/agent-firewall/proposal/validator.js +386 -0
package/bin/runners/lib/agent-firewall/reality/index.js +332 -0
package/bin/runners/lib/agent-firewall/reality/state.js +625 -0
package/bin/runners/lib/agent-firewall/reality/watcher.js +322 -0
package/bin/runners/lib/agent-firewall/risk/index.js +173 -0
package/bin/runners/lib/agent-firewall/risk/scorer.js +328 -0
package/bin/runners/lib/agent-firewall/risk/thresholds.js +321 -0
package/bin/runners/lib/agent-firewall/risk/vectors.js +421 -0
package/bin/runners/lib/agent-firewall/simulator/diff-simulator.js +472 -0
package/bin/runners/lib/agent-firewall/simulator/import-resolver.js +346 -0
package/bin/runners/lib/agent-firewall/simulator/index.js +181 -0
package/bin/runners/lib/agent-firewall/simulator/route-validator.js +380 -0
package/bin/runners/lib/agent-firewall/time-machine/incident-correlator.js +661 -0
package/bin/runners/lib/agent-firewall/time-machine/index.js +267 -0
package/bin/runners/lib/agent-firewall/time-machine/replay-engine.js +436 -0
package/bin/runners/lib/agent-firewall/time-machine/state-reconstructor.js +490 -0
package/bin/runners/lib/agent-firewall/time-machine/timeline-builder.js +530 -0
package/bin/runners/lib/analyzers.js +81 -18
package/bin/runners/lib/authority-badge.js +425 -0
package/bin/runners/lib/cli-output.js +7 -1
package/bin/runners/lib/error-handler.js +16 -9
package/bin/runners/lib/exit-codes.js +275 -0
package/bin/runners/lib/global-flags.js +37 -0
package/bin/runners/lib/help-formatter.js +413 -0
package/bin/runners/lib/logger.js +38 -0
package/bin/runners/lib/unified-cli-output.js +604 -0
package/bin/runners/lib/upsell.js +148 -0
package/bin/runners/runApprove.js +1200 -0
package/bin/runners/runAuth.js +324 -95
package/bin/runners/runCheckpoint.js +39 -21
package/bin/runners/runClassify.js +859 -0
package/bin/runners/runContext.js +136 -24
package/bin/runners/runDoctor.js +108 -68
package/bin/runners/runFix.js +6 -5
package/bin/runners/runGuard.js +212 -118
package/bin/runners/runInit.js +3 -2
package/bin/runners/runMcp.js +130 -52
package/bin/runners/runPolish.js +43 -20
package/bin/runners/runProve.js +1 -2
package/bin/runners/runReport.js +3 -2
package/bin/runners/runScan.js +63 -44
package/bin/runners/runShip.js +3 -4
package/bin/runners/runValidate.js +19 -2
package/bin/runners/runWatch.js +104 -53
package/bin/vibecheck.js +106 -19
package/mcp-server/HARDENING_SUMMARY.md +299 -0
package/mcp-server/agent-firewall-interceptor.js +367 -31
package/mcp-server/authority-tools.js +569 -0
package/mcp-server/conductor/conflict-resolver.js +588 -0
package/mcp-server/conductor/execution-planner.js +544 -0
package/mcp-server/conductor/index.js +377 -0
package/mcp-server/conductor/lock-manager.js +615 -0
package/mcp-server/conductor/request-queue.js +550 -0
package/mcp-server/conductor/session-manager.js +500 -0
package/mcp-server/conductor/tools.js +510 -0
package/mcp-server/index.js +1149 -243
package/mcp-server/lib/{api-client.js → api-client.cjs} +40 -4
package/mcp-server/lib/logger.cjs +30 -0
package/mcp-server/logger.js +173 -0
package/mcp-server/package.json +2 -2
package/mcp-server/premium-tools.js +2 -2
package/mcp-server/tier-auth.js +245 -35
package/mcp-server/truth-firewall-tools.js +145 -15
package/mcp-server/vibecheck-tools.js +2 -2
package/package.json +2 -3
package/mcp-server/index.old.js +0 -4137
package/mcp-server/package-lock.json +0 -165

package/bin/runners/lib/authority-badge.js ADDED Viewed

@@ -0,0 +1,425 @@
+/**
+ * Authority Badge Generator
+ *
+ * Generates SVG badges for PROCEED verdicts from the Authority System.
+ * Part of the PRO tier - requires verified verdicts.
+ *
+ * Badge Types:
+ * - authority-approved: Standard approval badge
+ * - safe-consolidation: Safe Consolidation authority badge
+ * - inventory: Inventory analysis badge
+ *
+ * Output formats:
+ * - SVG (default, scalable)
+ * - Markdown (for README embedding)
+ * - HTML (for web embedding)
+ */
+const path = require("path");
+const fs = require("fs");
+// ═══════════════════════════════════════════════════════════════════════════════
+// COLOR PALETTE
+// ═══════════════════════════════════════════════════════════════════════════════
+const BADGE_COLORS = {
+  PROCEED: {
+    background: '#22C55E',
+    text: '#FFFFFF',
+  },
+  DEFER: {
+    background: '#F59E0B',
+    text: '#000000',
+  },
+  STOP: {
+    background: '#EF4444',
+    text: '#FFFFFF',
+  },
+  neutral: {
+    background: '#555555',
+    text: '#FFFFFF',
+  },
+};
+// ═══════════════════════════════════════════════════════════════════════════════
+// SVG TEMPLATES
+// ═══════════════════════════════════════════════════════════════════════════════
+/**
+ * Generate an SVG badge
+ */
+function generateSVGBadge(options) {
+  const {
+    label = 'Authority Approved',
+    message,
+    color,
+    textColor = '#FFFFFF',
+    logo = null,
+    style = 'flat',
+  } = options;
+  // Calculate widths based on text length
+  const labelWidth = Math.max(label.length * 7 + 10, 80);
+  const messageWidth = Math.max(message.length * 7 + 10, 50);
+  const totalWidth = labelWidth + messageWidth;
+  if (style === 'flat-square') {
+    return generateFlatSquareBadge({ label, message, color, textColor, labelWidth, messageWidth, totalWidth, logo });
+  }
+  return generateFlatBadge({ label, message, color, textColor, labelWidth, messageWidth, totalWidth, logo });
+}
+function generateFlatBadge(opts) {
+  const { label, message, color, textColor, labelWidth, messageWidth, totalWidth, logo } = opts;
+  let logoSvg = '';
+  let logoOffset = 0;
+  if (logo === 'vibecheck') {
+    logoOffset = 16;
+    logoSvg = `
+    <g transform="translate(5, 3)">
+      <path fill="${textColor}" d="M7 1l7 12H0L7 1zm0 3l-4 7h8L7 4z"/>
+    </g>`;
+  }
+  return `<svg xmlns="http://www.w3.org/2000/svg" width="${totalWidth + logoOffset}" height="20" role="img" aria-label="${label}: ${message}">
+  <title>${label}: ${message}</title>
+  <linearGradient id="s" x2="0" y2="100%">
+    <stop offset="0" stop-color="#bbb" stop-opacity=".1"/>
+    <stop offset="1" stop-opacity=".1"/>
+  </linearGradient>
+  <clipPath id="r">
+    <rect width="${totalWidth + logoOffset}" height="20" rx="3" fill="#fff"/>
+  </clipPath>
+  <g clip-path="url(#r)">
+    <rect width="${labelWidth + logoOffset}" height="20" fill="#555"/>
+    <rect x="${labelWidth + logoOffset}" width="${messageWidth}" height="20" fill="${color}"/>
+    <rect width="${totalWidth + logoOffset}" height="20" fill="url(#s)"/>
+  </g>
+  ${logoSvg}
+  <g fill="#fff" text-anchor="middle" font-family="Verdana,Geneva,DejaVu Sans,sans-serif" text-rendering="geometricPrecision" font-size="11">
+    <text aria-hidden="true" x="${(labelWidth + logoOffset) / 2 + logoOffset/2}" y="15" fill="#010101" fill-opacity=".3">${label}</text>
+    <text x="${(labelWidth + logoOffset) / 2 + logoOffset/2}" y="14" fill="#fff">${label}</text>
+    <text aria-hidden="true" x="${labelWidth + logoOffset + messageWidth / 2}" y="15" fill="#010101" fill-opacity=".3">${message}</text>
+    <text x="${labelWidth + logoOffset + messageWidth / 2}" y="14" fill="${textColor}">${message}</text>
+  </g>
+</svg>`;
+}
+function generateFlatSquareBadge(opts) {
+  const { label, message, color, textColor, labelWidth, messageWidth, totalWidth, logo } = opts;
+  let logoSvg = '';
+  let logoOffset = 0;
+  if (logo === 'vibecheck') {
+    logoOffset = 16;
+    logoSvg = `
+    <g transform="translate(5, 3)">
+      <path fill="${textColor}" d="M7 1l7 12H0L7 1zm0 3l-4 7h8L7 4z"/>
+    </g>`;
+  }
+  return `<svg xmlns="http://www.w3.org/2000/svg" width="${totalWidth + logoOffset}" height="20" role="img" aria-label="${label}: ${message}">
+  <title>${label}: ${message}</title>
+  <g shape-rendering="crispEdges">
+    <rect width="${labelWidth + logoOffset}" height="20" fill="#555"/>
+    <rect x="${labelWidth + logoOffset}" width="${messageWidth}" height="20" fill="${color}"/>
+  </g>
+  ${logoSvg}
+  <g fill="#fff" text-anchor="middle" font-family="Verdana,Geneva,DejaVu Sans,sans-serif" text-rendering="geometricPrecision" font-size="11">
+    <text x="${(labelWidth + logoOffset) / 2 + logoOffset/2}" y="14" fill="#fff">${label}</text>
+    <text x="${labelWidth + logoOffset + messageWidth / 2}" y="14" fill="${textColor}">${message}</text>
+  </g>
+</svg>`;
+}
+// ═══════════════════════════════════════════════════════════════════════════════
+// BADGE GENERATORS
+// ═══════════════════════════════════════════════════════════════════════════════
+/**
+ * Generate an authority verdict badge
+ */
+function generateVerdictBadge(verdict, options = {}) {
+  const {
+    style = 'flat',
+    logo = 'vibecheck',
+    includeConfidence = true,
+  } = options;
+  const action = verdict.action || 'UNKNOWN';
+  const confidence = verdict.confidence || 0;
+  const authorityId = verdict.authority || 'authority';
+  const colors = BADGE_COLORS[action] || BADGE_COLORS.neutral;
+  let message = action;
+  if (includeConfidence && action !== 'STOP') {
+    message = `${action} ${Math.round(confidence * 100)}%`;
+  }
+  return generateSVGBadge({
+    label: `Authority: ${authorityId}`,
+    message,
+    color: colors.background,
+    textColor: colors.text,
+    logo,
+    style,
+  });
+}
+/**
+ * Generate a simple "Authority Approved" badge
+ */
+function generateApprovedBadge(options = {}) {
+  const {
+    authority = 'vibecheck',
+    confidence = 100,
+    version = '1.0',
+    style = 'flat',
+  } = options;
+  return generateSVGBadge({
+    label: 'Authority Approved',
+    message: `${authority} v${version}`,
+    color: BADGE_COLORS.PROCEED.background,
+    textColor: BADGE_COLORS.PROCEED.text,
+    logo: 'vibecheck',
+    style,
+  });
+}
+/**
+ * Generate a Safe Consolidation badge
+ */
+function generateSafeConsolidationBadge(verdict, options = {}) {
+  const {
+    style = 'flat',
+  } = options;
+  const action = verdict.action || 'PROCEED';
+  const confidence = verdict.confidence || 0.95;
+  const colors = BADGE_COLORS[action] || BADGE_COLORS.PROCEED;
+  return generateSVGBadge({
+    label: 'Safe Consolidation',
+    message: `${action} ${Math.round(confidence * 100)}%`,
+    color: colors.background,
+    textColor: colors.text,
+    logo: 'vibecheck',
+    style,
+  });
+}
+/**
+ * Generate a CI status badge
+ */
+function generateCIBadge(verdict, options = {}) {
+  const {
+    style = 'flat',
+    ciName = 'CI',
+  } = options;
+  const action = verdict.action || 'UNKNOWN';
+  const exitCode = verdict.exitCode ?? (action === 'PROCEED' ? 0 : action === 'DEFER' ? 1 : 2);
+  let status, color;
+  if (exitCode === 0) {
+    status = 'passing';
+    color = BADGE_COLORS.PROCEED.background;
+  } else if (exitCode === 1) {
+    status = 'review';
+    color = BADGE_COLORS.DEFER.background;
+  } else {
+    status = 'failing';
+    color = BADGE_COLORS.STOP.background;
+  }
+  return generateSVGBadge({
+    label: ciName,
+    message: status,
+    color,
+    textColor: '#FFFFFF',
+    style,
+  });
+}
+// ═══════════════════════════════════════════════════════════════════════════════
+// OUTPUT FORMATTERS
+// ═══════════════════════════════════════════════════════════════════════════════
+/**
+ * Format badge for markdown embedding
+ */
+function formatBadgeMarkdown(badge, options = {}) {
+  const {
+    altText = 'Authority Approved by VibeCheck',
+    link = 'https://vibecheckai.dev',
+  } = options;
+  // Encode SVG for data URI
+  const encoded = encodeURIComponent(badge)
+    .replace(/'/g, '%27')
+    .replace(/"/g, '%22');
+  const dataUri = `data:image/svg+xml,${encoded}`;
+  if (link) {
+    return `[![${altText}](${dataUri})](${link})`;
+  }
+  return `![${altText}](${dataUri})`;
+}
+/**
+ * Format badge for HTML embedding
+ */
+function formatBadgeHTML(badge, options = {}) {
+  const {
+    altText = 'Authority Approved by VibeCheck',
+    link = 'https://vibecheckai.dev',
+    className = 'vibecheck-badge',
+  } = options;
+  // Encode SVG for data URI
+  const encoded = encodeURIComponent(badge)
+    .replace(/'/g, '%27')
+    .replace(/"/g, '%22');
+  const dataUri = `data:image/svg+xml,${encoded}`;
+  const img = `<img src="${dataUri}" alt="${altText}" class="${className}">`;
+  if (link) {
+    return `<a href="${link}" target="_blank" rel="noopener noreferrer">${img}</a>`;
+  }
+  return img;
+}
+// ═══════════════════════════════════════════════════════════════════════════════
+// FILE OUTPUT
+// ═══════════════════════════════════════════════════════════════════════════════
+/**
+ * Save badge to file
+ */
+async function saveBadge(badge, filePath, format = 'svg') {
+  const dir = path.dirname(filePath);
+  // Ensure directory exists
+  if (!fs.existsSync(dir)) {
+    fs.mkdirSync(dir, { recursive: true });
+  }
+  let content = badge;
+  let ext = '.svg';
+  if (format === 'markdown' || format === 'md') {
+    content = formatBadgeMarkdown(badge);
+    ext = '.md';
+  } else if (format === 'html') {
+    content = formatBadgeHTML(badge);
+    ext = '.html';
+  }
+  // Ensure file has correct extension
+  let finalPath = filePath;
+  if (!filePath.endsWith(ext) && format !== 'svg') {
+    finalPath = filePath.replace(/\.[^.]+$/, ext);
+  }
+  await fs.promises.writeFile(finalPath, content);
+  return finalPath;
+}
+/**
+ * Generate and save all badge variants
+ */
+async function generateAllBadges(verdict, outputDir, options = {}) {
+  const {
+    prefix = verdict.authority || 'authority',
+  } = options;
+  const badges = {};
+  // Main verdict badge
+  const verdictBadge = generateVerdictBadge(verdict, options);
+  badges.verdict = await saveBadge(
+    verdictBadge,
+    path.join(outputDir, `${prefix}-badge.svg`)
+  );
+  // If PROCEED, also generate approved badge
+  if (verdict.action === 'PROCEED') {
+    const approvedBadge = generateApprovedBadge({
+      authority: verdict.authority,
+      confidence: verdict.confidence,
+      version: verdict.version,
+    });
+    badges.approved = await saveBadge(
+      approvedBadge,
+      path.join(outputDir, `${prefix}-approved-badge.svg`)
+    );
+    // CI badge
+    const ciBadge = generateCIBadge(verdict);
+    badges.ci = await saveBadge(
+      ciBadge,
+      path.join(outputDir, `${prefix}-ci-badge.svg`)
+    );
+  }
+  // Generate markdown snippet
+  const mdContent = `# ${verdict.authority || 'Authority'} Badge
+${formatBadgeMarkdown(verdictBadge, { altText: \`\${verdict.authority} - \${verdict.action}\` })}
+## Embed Code
+### Markdown
+\`\`\`markdown
+${formatBadgeMarkdown(verdictBadge, { altText: \`\${verdict.authority} - \${verdict.action}\` })}
+\`\`\`
+### HTML
+\`\`\`html
+${formatBadgeHTML(verdictBadge, { altText: \`\${verdict.authority} - \${verdict.action}\` })}
+\`\`\`
+---
+Generated: ${new Date().toISOString()}
+`;
+  badges.readme = await saveBadge(mdContent, path.join(outputDir, `${prefix}-BADGE.md`), 'md');
+  return badges;
+}
+// ═══════════════════════════════════════════════════════════════════════════════
+// EXPORTS
+// ═══════════════════════════════════════════════════════════════════════════════
+module.exports = {
+  // Badge generators
+  generateSVGBadge,
+  generateVerdictBadge,
+  generateApprovedBadge,
+  generateSafeConsolidationBadge,
+  generateCIBadge,
+  // Formatters
+  formatBadgeMarkdown,
+  formatBadgeHTML,
+  // File operations
+  saveBadge,
+  generateAllBadges,
+  // Constants
+  BADGE_COLORS,
+};

package/bin/runners/lib/cli-output.js CHANGED Viewed

@@ -19,6 +19,9 @@ const os = require("os");
 const childProcess = require("child_process");
 const chalk = require("chalk"); // Added for premium error reporting
+// Re-export exit codes for backward compatibility
+const { EXIT, verdictToExitCode } = require("./exit-codes");
 // ═══════════════════════════════════════════════════════════════════════════════
 // CONFIGURATION
 // ═══════════════════════════════════════════════════════════════════════════════
@@ -388,7 +391,10 @@ module.exports = {
   saveArtifact,
   createJsonOutput,
   writeJsonOutput,
-  exitCodeToVerdict,
+  exitCodeToVerdict, // Local function
+  // Re-exported from exit-codes.js
+  verdictToExitCode,
+  EXIT,
   withStandardOutput,
   parseStandardFlags,
 };

package/bin/runners/lib/error-handler.js CHANGED Viewed

@@ -1,12 +1,20 @@
 /**
  * Standardized error handling for CLI runners
  *
+ * ═══════════════════════════════════════════════════════════════════════════════
+ * World-Class Error Handling
+ * ═══════════════════════════════════════════════════════════════════════════════
+ *
  * Design principles:
  * - Every error has a human-readable message
  * - Every error suggests a next step
  * - Exit codes are consistent and documented
+ * - Errors include "receipt" (file:line evidence) where possible
+ * - Debug mode shows stack traces
  */
+const { EXIT, getExitInfo, getHint } = require("./exit-codes");
 const colors = {
   reset: "\x1b[0m",
   red: "\x1b[31m",
@@ -24,16 +32,15 @@ const c = {
   dim: (text) => `\x1b[2m${text}${colors.reset}`,
 };
-// Standard exit codes for CI/CD integration
-// Unified with packages/cli/src/runtime/exit-codes.ts
-// IMPORTANT: These codes are part of the CLI contract - do not change without migration guide
+// Re-export EXIT for backward compatibility
+// NOTE: Prefer importing from exit-codes.js directly
 const EXIT_CODES = {
-  SUCCESS: 0,           // Scan passed, no policy violations
-  POLICY_FAIL: 1,       // Findings above threshold (policy fail) - actionable by user
-  USER_ERROR: 2,        // User error: invalid args, bad config, missing required options
-  SYSTEM_ERROR: 3,      // System error: crash, filesystem issues, unexpected exceptions
-  AUTH_FAILURE: 4,      // Auth/entitlement failure: invalid key, expired token, insufficient tier
-  NETWORK_FAILURE: 5,   // Network/backend failure: API unreachable, timeout
+  SUCCESS: EXIT.SUCCESS,
+  POLICY_FAIL: EXIT.WARNINGS,       // Findings above threshold (policy fail)
+  USER_ERROR: EXIT.USER_ERROR,      // User error: invalid args, bad config
+  SYSTEM_ERROR: EXIT.INTERNAL_ERROR, // System error: crash, unexpected exceptions
+  AUTH_FAILURE: EXIT.AUTH_REQUIRED,  // Auth/entitlement failure
+  NETWORK_FAILURE: EXIT.NETWORK_ERROR, // Network/backend failure
 };
 // Error-specific guidance