@vibecheckai/cli 3.5.0 → 3.5.1

package/bin/runners/runShip.js

@@ -1,11 +1,6 @@
 /**
- * vibecheck ship - Comprehensive Production Readiness Analysis [PRO]
- * 
- * The comprehensive analysis command running:
- * - ALL 17+ scan engines (vs 5 in quick scan)
- * - Ship-only validators (route integrity, contracts, deps, licenses, env, dead exports)
- * - Production Readiness Score calculation
- * - SHIP/WARN/BLOCK verdict with proof certificate
+ * vibecheck ship - The Vibe Coder's Best Friend
+ * Zero config. Plain English. One command to ship with confidence.
  * 
  * ═══════════════════════════════════════════════════════════════════════════════
  * ENTERPRISE EDITION - World-Class Terminal Experience
@@ -16,73 +11,20 @@ const path = require("path");
 const fs = require("fs");
 const { withErrorHandling } = require("./lib/error-handler");
 const { ensureOutputDir, detectProjectFeatures } = require("./utils");
-const { enforceLimit, enforceFeature, trackUsage, getCurrentTier } = require("./lib/entitlements-v2");
+const { enforceLimit, enforceFeature, trackUsage, getCurrentTier } = require("./lib/entitlements");
 const { emitShipCheck } = require("./lib/audit-bridge");
 const { parseGlobalFlags, shouldShowBanner } = require("./lib/global-flags");
 const { 
   generateRunId, 
   createJsonOutput, 
   writeJsonOutput, 
+  exitCodeToVerdict,
+  verdictToExitCode,
   saveArtifact 
 } = require("./lib/cli-output");
-const { EXIT, verdictToExitCode, exitCodeToVerdict } = require("./lib/exit-codes");
-
-// NEW: Import orchestrator and validators
-const { runShipEngines, ALL_ENGINES } = require("./lib/engines/orchestrator");
-const { runShipValidators } = require("./lib/validators");
 
 // Route Truth v1 - Fake endpoint detection
 const { buildTruthpack, writeTruthpack, detectFastifyEntry } = require("./lib/truth");
-
-// Helper to normalize severity for ship verdict
-function normalizeSeverityForShip(sev) {
-  if (!sev) return 'WARN';
-  const s = String(sev).toLowerCase();
-  if (s === 'block' || s === 'critical' || s === 'high') return 'BLOCK';
-  if (s === 'warn' || s === 'warning' || s === 'medium') return 'WARN';
-  return 'INFO';
-}
-
-// Helper to categorize findings for score breakdown
-function categorizeFindings(finding) {
-  const category = (finding.category || '').toLowerCase();
-  const engine = (finding.engine || '').toLowerCase();
-  const validator = (finding.validator || '').toLowerCase();
-  
-  // Security
-  if (category.includes('secret') || category.includes('security') || 
-      category.includes('auth') || category.includes('billing') ||
-      engine.includes('secret') || engine.includes('security')) {
-    return 'security';
-  }
-  
-  // Hallucinations
-  if (category.includes('hallucination') || category.includes('fake') ||
-      category.includes('mock') || engine.includes('hallucination')) {
-    return 'hallucination';
-  }
-  
-  // Routes
-  if (category.includes('route') || category.includes('missing') ||
-      validator.includes('route')) {
-    return 'routes';
-  }
-  
-  // Contracts
-  if (category.includes('contract') || category.includes('drift') ||
-      validator.includes('contract')) {
-    return 'contracts';
-  }
-  
-  // Dependencies
-  if (category.includes('dependency') || category.includes('license') ||
-      validator.includes('dep') || validator.includes('license')) {
-    return 'dependencies';
-  }
-  
-  // Default to quality
-  return 'quality';
-}
 const {
   findMissingRoutes,
   findEnvGaps,
@@ -97,213 +39,6 @@ const { findContractDrift, loadContracts, hasContracts, getDriftSummary } = requ
 const upsell = require("./lib/upsell");
 const entitlements = require("./lib/entitlements-v2");
 
-// V7: World-class proof certificate and risk radar
-let proofCertificate;
-try {
-  proofCertificate = require("./lib/proof-certificate");
-} catch (e) {
-  proofCertificate = null;
-}
-
-// Import vibecheck engines for enhanced analysis
-let vibeEngines;
-try {
-  vibeEngines = require("./lib/engines/vibecheck-engines");
-} catch (e) {
-  vibeEngines = null;
-}
-
-// ═══════════════════════════════════════════════════════════════════════════════
-// ENHANCED ANALYSIS WITH VIBECHECK ENGINES
-// ═══════════════════════════════════════════════════════════════════════════════
-
-const CODE_EXTENSIONS = ['.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs'];
-const IGNORE_PATTERNS = ['node_modules', '.git', 'dist', 'build', '.next', '.nuxt', 'coverage', '__pycache__', '.vibecheck'];
-
-function* walkFilesForShip(dir, depth = 0, maxDepth = 8) {
-  if (depth > maxDepth) return;
-  
-  let entries;
-  try {
-    entries = fs.readdirSync(dir, { withFileTypes: true });
-  } catch {
-    return;
-  }
-  
-  for (const entry of entries) {
-    const fullPath = path.join(dir, entry.name);
-    
-    if (entry.isDirectory()) {
-      if (IGNORE_PATTERNS.some(p => entry.name.includes(p))) continue;
-      yield* walkFilesForShip(fullPath, depth + 1, maxDepth);
-    } else if (entry.isFile()) {
-      const ext = path.extname(entry.name);
-      if (CODE_EXTENSIONS.includes(ext)) {
-        yield fullPath;
-      }
-    }
-  }
-}
-
-async function runVibeEngineAnalysis(projectPath, opts = {}) {
-  if (!vibeEngines) return [];
-  
-  const findings = [];
-  const files = Array.from(walkFilesForShip(projectPath));
-  
-  // Limit files to analyze in ship mode (performance)
-  const filesToAnalyze = files.slice(0, 500);
-  
-  for (const filePath of filesToAnalyze) {
-    try {
-      const content = fs.readFileSync(filePath, 'utf-8');
-      
-      // Skip test files unless explicitly included
-      if (!opts.includeTests && (
-        filePath.includes('.test.') || 
-        filePath.includes('.spec.') ||
-        filePath.includes('__tests__')
-      )) {
-        continue;
-      }
-      
-      // Run async patterns analysis - critical for production
-      if (vibeEngines.analyzeAsyncPatterns) {
-        try {
-          const asyncFindings = vibeEngines.analyzeAsyncPatterns(content, filePath);
-          findings.push(...asyncFindings.filter(f => 
-            f.severity === 'BLOCK' || f.severity === 'WARN'
-          ).map(f => ({
-            ...f,
-            category: f.category || 'AsyncPatterns',
-            // Map to ship finding format
-            title: f.title,
-            why: f.message,
-            severity: f.severity,
-            evidence: [{ file: f.file, lines: String(f.line) }],
-            fixHints: [f.fixHint].filter(Boolean),
-          })));
-        } catch {}
-      }
-      
-      // Run env variable analysis - security critical
-      if (vibeEngines.analyzeEnvVariables) {
-        try {
-          const envFindings = vibeEngines.analyzeEnvVariables(content, filePath);
-          findings.push(...envFindings.filter(f => 
-            f.severity === 'BLOCK' || f.severity === 'WARN'
-          ).map(f => ({
-            ...f,
-            category: f.category || 'EnvVariable',
-            title: f.title,
-            why: f.message,
-            severity: f.severity,
-            evidence: [{ file: f.file, lines: String(f.line) }],
-            fixHints: [f.fixHint].filter(Boolean),
-          })));
-        } catch {}
-      }
-      
-      // Run AI hallucination detection - core vibecheck functionality
-      if (vibeEngines.analyzeAIHallucinations) {
-        try {
-          const aiFindings = vibeEngines.analyzeAIHallucinations(content, filePath, {
-            includeTests: opts.includeTests || false,
-          });
-          findings.push(...aiFindings.filter(f => 
-            f.severity === 'BLOCK' || f.severity === 'WARN'
-          ).map(f => ({
-            ...f,
-            category: f.category || 'AIHallucination',
-            title: f.title || f.type,
-            why: f.message,
-            severity: f.severity,
-            evidence: [{ file: f.file, lines: String(f.line) }],
-            fixHints: [f.fixHint].filter(Boolean),
-          })));
-        } catch {}
-      }
-      
-      // Run React patterns analysis (critical for React apps)
-      if (vibeEngines.analyzeReactPatterns) {
-        try {
-          const reactFindings = vibeEngines.analyzeReactPatterns(content, filePath);
-          findings.push(...reactFindings.filter(f => 
-            f.severity === 'BLOCK' || f.severity === 'WARN'
-          ).map(f => ({
-            ...f,
-            category: f.category || 'ReactPatterns',
-            title: f.title,
-            why: f.message,
-            severity: f.severity,
-            evidence: [{ file: f.file, lines: String(f.line) }],
-            fixHints: [f.fixHint].filter(Boolean),
-          })));
-        } catch {}
-      }
-      
-      // Run database patterns analysis (critical for production)
-      if (vibeEngines.analyzeDatabasePatterns) {
-        try {
-          const dbFindings = vibeEngines.analyzeDatabasePatterns(content, filePath);
-          findings.push(...dbFindings.filter(f => 
-            f.severity === 'BLOCK' || f.severity === 'WARN'
-          ).map(f => ({
-            ...f,
-            category: f.category || 'DatabasePatterns',
-            title: f.title,
-            why: f.message,
-            severity: f.severity,
-            evidence: [{ file: f.file, lines: String(f.line) }],
-            fixHints: [f.fixHint].filter(Boolean),
-          })));
-        } catch {}
-      }
-      
-      // Run error handling analysis
-      if (vibeEngines.analyzeErrorHandling) {
-        try {
-          const errorFindings = vibeEngines.analyzeErrorHandling(content, filePath);
-          findings.push(...errorFindings.filter(f => 
-            f.severity === 'BLOCK' || f.severity === 'WARN'
-          ).map(f => ({
-            ...f,
-            category: f.category || 'ErrorHandling',
-            title: f.title,
-            why: f.message,
-            severity: f.severity,
-            evidence: [{ file: f.file, lines: String(f.line) }],
-            fixHints: [f.fixHint].filter(Boolean),
-          })));
-        } catch {}
-      }
-      
-    } catch (e) {
-      // Skip files that can't be read
-    }
-  }
-  
-  // Run env setup analysis at project level
-  if (vibeEngines.analyzeEnvSetup) {
-    try {
-      const setupFindings = vibeEngines.analyzeEnvSetup(projectPath);
-      findings.push(...setupFindings.filter(f => 
-        f.severity === 'BLOCK' || f.severity === 'WARN'
-      ).map(f => ({
-        ...f,
-        category: f.category || 'EnvSetup',
-        title: f.title,
-        why: f.message,
-        severity: f.severity,
-        evidence: [{ file: f.file, lines: String(f.line) }],
-        fixHints: [f.fixHint].filter(Boolean),
-      })));
-    } catch {}
-  }
-  
-  return findings;
-}
-
 // ═══════════════════════════════════════════════════════════════════════════════
 // ENHANCED TERMINAL UI & OUTPUT MODULES
 // ═══════════════════════════════════════════════════════════════════════════════
@@ -319,7 +54,7 @@ const {
 } = require("./lib/terminal-ui");
 
 const {
-  formatShipOutput: formatShipOutputLegacy,
+  formatShipOutput,
   renderVerdictCard,
   renderFixModeHeader,
   renderFixResults,
@@ -329,13 +64,6 @@ const {
   shipIcons,
 } = require("./lib/ship-output");
 
-// Unified Output System
-const { output } = require("./lib/output/index.js");
-
-const {
-  formatShipOutput,
-} = require("./lib/ship-output-enterprise");
-
 // ═══════════════════════════════════════════════════════════════════════════════
 // PREMIUM BANNER
 // ═══════════════════════════════════════════════════════════════════════════════
@@ -628,8 +356,6 @@ function getCategoryIcon(category) {
     'MissingRoute': ICONS.route,
     'EnvContract': ICONS.env,
     'EnvGap': ICONS.env,
-    'EnvVariable': ICONS.env,
-    'EnvSetup': ICONS.env,
     'FakeSuccess': ICONS.ghost,
     'GhostAuth': ICONS.auth,
     'StripeWebhook': ICONS.money,
@@ -640,33 +366,6 @@ function getCategoryIcon(category) {
     'Security': ICONS.shield,
     'Auth': ICONS.lock,
     'Fake Code': ICONS.ghost,
-    // New engine categories
-    'AsyncPatterns': ICONS.lightning,
-    'AIHallucination': ICONS.ghost,
-    'NamingConventions': '📝',
-    'floating_promise': ICONS.lightning,
-    'empty_async_catch': ICONS.bug,
-    'exposed_secret': ICONS.key,
-    'insecure_default': ICONS.warning,
-    // React patterns
-    'ReactPatterns': '⚛️',
-    'missing_key': '⚛️',
-    'conditional_hook': '⚛️',
-    'direct_state_mutation': '⚛️',
-    'stale_closure': '⚛️',
-    // Database patterns
-    'DatabasePatterns': '🗃️',
-    'n_plus_1_query': '🗃️',
-    'query_in_loop': '🗃️',
-    'unbounded_query': '🗃️',
-    'missing_transaction': '🗃️',
-    'raw_query_interpolation': ICONS.key,
-    // Error handling
-    'ErrorHandling': ICONS.bug,
-    'empty_catch': ICONS.bug,
-    'generic_error_message': ICONS.bug,
-    // Import order
-    'ImportOrder': '📦',
   };
   return icons[category] || ICONS.bug;
 }
@@ -931,11 +630,6 @@ function printHelp(showBanner = true) {
     ${colors.accent}--verbose, -v${ansi.reset}   Show detailed progress
     ${colors.accent}--help, -h${ansi.reset}      Show this help
 
-  ${ansi.bold}${colors.accent}Deploy Gate (CI/CD Integration):${ansi.reset}
-    ${colors.accent}--gate, -g${ansi.reset}      Enable deploy gate mode ${ansi.dim}(blocks deploys on failures)${ansi.reset}
-    ${colors.accent}--fail-on${ansi.reset}       What triggers failure: fake-features, warnings, any, blockers
-                    ${ansi.dim}(default: fake-features)${ansi.reset}
-
   ${ansi.bold}Exit Codes:${ansi.reset}
     ${colors.success}0${ansi.reset}  SHIP  — Ready to ship
     ${colors.warning}1${ansi.reset}  WARN  — Warnings found, review recommended
@@ -953,20 +647,6 @@ function printHelp(showBanner = true) {
 
     ${ansi.dim}# Strict CI mode (warnings = failure)${ansi.reset}
     vibecheck ship --strict --ci
-
-  ${ansi.bold}${colors.accent}Deploy Gate Examples:${ansi.reset}
-
-    ${ansi.dim}# Block deploy if fake features detected (default)${ansi.reset}
-    vibecheck ship --gate
-
-    ${ansi.dim}# Block deploy on any warning${ansi.reset}
-    vibecheck ship --gate --fail-on=warnings
-
-    ${ansi.dim}# Block deploy only on critical blockers${ansi.reset}
-    vibecheck ship --gate --fail-on=blockers
-
-    ${ansi.dim}# Use in GitHub Actions / Vercel / Netlify${ansi.reset}
-    vibecheck ship --gate && npm run build
 `);
 }
 
@@ -1048,40 +728,13 @@ function getClaimType(category) {
   const map = {
     'MissingRoute': 'route_exists',
     'EnvContract': 'env_declared',
-    'EnvVariable': 'env_validated',
-    'EnvSetup': 'env_secured',
     'FakeSuccess': 'success_verified',
     'GhostAuth': 'auth_protected',
     'StripeWebhook': 'billing_enforced',
     'PaidSurface': 'billing_enforced',
     'OwnerModeBypass': 'billing_enforced',
     'DeadUI': 'ui_wired',
-    'ContractDrift': 'contract_satisfied',
-    // New engine claim types
-    'AsyncPatterns': 'promises_handled',
-    'AIHallucination': 'implementation_real',
-    'NamingConventions': 'code_quality',
-    'floating_promise': 'promises_handled',
-    'empty_async_catch': 'errors_handled',
-    'exposed_secret': 'secrets_secured',
-    'insecure_default': 'config_secured',
-    // React patterns
-    'ReactPatterns': 'react_patterns_valid',
-    'missing_key': 'list_keys_present',
-    'conditional_hook': 'hooks_order_valid',
-    'direct_state_mutation': 'state_immutable',
-    'stale_closure': 'deps_correct',
-    // Database patterns
-    'DatabasePatterns': 'db_patterns_optimal',
-    'n_plus_1_query': 'queries_optimized',
-    'query_in_loop': 'queries_batched',
-    'unbounded_query': 'queries_limited',
-    'missing_transaction': 'transactions_used',
-    'raw_query_interpolation': 'queries_parameterized',
-    // Error handling
-    'ErrorHandling': 'errors_handled',
-    'empty_catch': 'errors_logged',
-    'generic_error_message': 'errors_descriptive',
+    'ContractDrift': 'contract_satisfied'
   };
   return map[category] || 'ui_wired';
 }
@@ -1090,40 +743,13 @@ function getGapType(category) {
   const map = {
     'MissingRoute': 'missing_handler',
     'EnvContract': 'missing_verification',
-    'EnvVariable': 'missing_validation',
-    'EnvSetup': 'missing_security',
     'FakeSuccess': 'missing_verification',
     'GhostAuth': 'missing_gate',
     'StripeWebhook': 'missing_verification',
     'PaidSurface': 'missing_gate',
     'OwnerModeBypass': 'missing_gate',
     'DeadUI': 'missing_handler',
-    'ContractDrift': 'contract_drift',
-    // New engine gap types
-    'AsyncPatterns': 'unhandled_async',
-    'AIHallucination': 'stub_implementation',
-    'NamingConventions': 'naming_issue',
-    'floating_promise': 'unhandled_promise',
-    'empty_async_catch': 'swallowed_error',
-    'exposed_secret': 'exposed_credential',
-    'insecure_default': 'insecure_config',
-    // React patterns
-    'ReactPatterns': 'react_antipattern',
-    'missing_key': 'missing_list_key',
-    'conditional_hook': 'invalid_hook_call',
-    'direct_state_mutation': 'state_mutation',
-    'stale_closure': 'stale_deps',
-    // Database patterns
-    'DatabasePatterns': 'db_antipattern',
-    'n_plus_1_query': 'n_plus_1',
-    'query_in_loop': 'loop_query',
-    'unbounded_query': 'no_limit',
-    'missing_transaction': 'no_transaction',
-    'raw_query_interpolation': 'sql_injection_risk',
-    // Error handling
-    'ErrorHandling': 'poor_error_handling',
-    'empty_catch': 'swallowed_error',
-    'generic_error_message': 'generic_error',
+    'ContractDrift': 'contract_drift'
   };
   return map[category] || 'untested_path';
 }
@@ -1150,10 +776,6 @@ function parseArgs(args) {
     help: globalFlags.help || false,
     noBanner: globalFlags.noBanner || false,
     quiet: globalFlags.quiet || false,
-    // Deploy Gate mode - for CI/CD integration (Vercel, Netlify, GitHub Actions)
-    gate: false,
-    // Deploy Gate options
-    failOn: "fake-features", // fake-features, warnings, any
   };
   
   // Parse command-specific args
@@ -1169,21 +791,6 @@ function parseArgs(args) {
     }
     else if (a.startsWith("--path=")) opts.path = a.split("=")[1];
     else if (a === "--path" || a === "-p") opts.path = args[++i];
-    // Deploy Gate flags for CI/CD integration
-    else if (a === "--gate" || a === "-g") {
-      opts.gate = true;
-      opts.ci = true; // Gate mode implies CI mode
-      opts.json = true; // Gate mode outputs JSON for parsing
-    }
-    else if (a === "--fail-on") {
-      const next = cleanArgs[++i];
-      if (["fake-features", "warnings", "any", "blockers"].includes(next)) {
-        opts.failOn = next;
-      }
-    }
-    else if (a.startsWith("--fail-on=")) {
-      opts.failOn = a.split("=")[1];
-    }
   }
   
   return opts;
@@ -1201,13 +808,6 @@ async function runShip(args, context = {}) {
   const opts = parseArgs(args);
   const executionStart = Date.now();
 
-  // Configure unified output mode
-  output.setMode({ 
-    json: opts.json, 
-    quiet: opts.quiet, 
-    ci: opts.ci 
-  });
-
   // Show help if requested
   if (opts.help) {
     printHelp(shouldShowBanner(opts));
@@ -1224,7 +824,7 @@ async function runShip(args, context = {}) {
   } catch (err) {
     if (err.code === 'LIMIT_EXCEEDED' || err.code === 'FEATURE_NOT_AVAILABLE') {
       console.error(`\n  ${colors.error}${icons.error}${ansi.reset} ${err.upgradePrompt || err.message}\n`);
-      return EXIT.TIER_REQUIRED;
+      return EXIT_CODES.WARN;
     }
     throw err;
   }
@@ -1262,36 +862,26 @@ async function runShip(args, context = {}) {
       spinner = new Spinner({ color: colors.accent });
     }
 
-    // ═══════════════════════════════════════════════════════════════════════════
-    // PHASE 1: Run ALL 17+ Scan Engines (comprehensive analysis)
-    // ═══════════════════════════════════════════════════════════════════════════
-    if (spinner) spinner.start(`Running comprehensive analysis (${ALL_ENGINES.length} engines)...`);
-    
-    const engineResult = await runShipEngines(projectPath, {
-      maxFiles: 2000,
-      onProgress: opts.verbose ? (phase, pct) => {
-        if (spinner) spinner.text = `${phase}: ${pct}%`;
-      } : undefined,
-    });
+    // Phase 1: Production Integrity Check
+    if (spinner) spinner.start('Checking production integrity...');
     
-    if (spinner) spinner.succeed(`Engines complete (${engineResult.findings.length} findings from ${ALL_ENGINES.length} engines)`);
-
-    // ═══════════════════════════════════════════════════════════════════════════
-    // PHASE 2: Run Ship-Only Validators
-    // ═══════════════════════════════════════════════════════════════════════════
-    if (spinner) spinner.start('Running ship-only validators...');
-    
-    const validatorResult = await runShipValidators(projectPath, {
-      onProgress: opts.verbose ? (name, status) => {
-        if (spinner) spinner.text = `${name}: ${status}`;
-      } : undefined,
-    });
+    try {
+      const { auditProductionIntegrity } = require(
+        path.join(__dirname, "../../scripts/audit-production-integrity.js"),
+      );
+      const { results: integrityResults, integrity } = await auditProductionIntegrity(projectPath);
+      results.score = integrity.score;
+      results.grade = integrity.grade;
+      results.canShip = integrity.canShip;
+      results.deductions = integrity.deductions;
+      results.integrity = integrityResults;
+    } catch (err) {
+      if (opts.verbose) console.warn(`  ${ansi.dim}Integrity check skipped: ${err.message}${ansi.reset}`);
+    }
     
-    if (spinner) spinner.succeed(`Validators complete (${validatorResult.findings.length} findings from ${Object.keys(validatorResult.stats.findingsPerValidator).length} validators)`);
+    if (spinner) spinner.succeed('Production integrity checked');
 
-    // ═══════════════════════════════════════════════════════════════════════════
-    // PHASE 3: Legacy analyzers (route truth, billing, etc.)
-    // ═══════════════════════════════════════════════════════════════════════════
+    // Phase 2: Route Truth Analysis
     if (spinner) spinner.start('Building route truth map...');
     
     const fastifyEntry = detectFastifyEntry(projectPath);
@@ -1299,8 +889,8 @@ async function runShip(args, context = {}) {
     writeTruthpack(projectPath, truthpack);
     results.truthpack = truthpack;
     
-    // Run legacy analyzers that aren't in the orchestrator
-    const legacyFindings = [
+    // Run all analyzers
+    const allFindings = [
       ...findMissingRoutes(truthpack),
       ...findEnvGaps(truthpack),
       ...findFakeSuccess(projectPath),
@@ -1308,6 +898,7 @@ async function runShip(args, context = {}) {
       ...findStripeWebhookViolations(truthpack),
       ...findPaidSurfaceNotEnforced(truthpack),
       ...findOwnerModeBypass(projectPath),
+      // Merge runtime findings if --with runtime is specified
       ...(opts.withRuntime ? findingsFromReality(projectPath) : [])
     ];
     
@@ -1315,38 +906,12 @@ async function runShip(args, context = {}) {
     if (hasContracts(projectPath)) {
       const contracts = loadContracts(projectPath);
       const driftFindings = findContractDrift(contracts, truthpack);
-      legacyFindings.push(...driftFindings);
+      allFindings.push(...driftFindings);
     }
     
-    if (spinner) spinner.succeed(`Route truth mapped (${truthpack.routes?.server?.length || 0} routes)`);
-
-    // ═══════════════════════════════════════════════════════════════════════════
-    // Combine all findings
-    // ═══════════════════════════════════════════════════════════════════════════
-    const allFindings = [
-      // Engine findings (17+ engines)
-      ...engineResult.findings.map(f => ({
-        ...f,
-        source: 'engine',
-        severity: normalizeSeverityForShip(f.severity),
-      })),
-      // Validator findings (6 ship-only validators)
-      ...validatorResult.findings.map(f => ({
-        ...f,
-        source: 'validator',
-        severity: normalizeSeverityForShip(f.severity),
-      })),
-      // Legacy analyzer findings
-      ...legacyFindings.map(f => ({
-        ...f,
-        source: 'legacy',
-        severity: normalizeSeverityForShip(f.severity),
-      })),
-    ];
-    
     results.findings = allFindings;
-    results.engineStats = engineResult.stats;
-    results.validatorStats = validatorResult.stats;
+    
+    if (spinner) spinner.succeed(`Route truth mapped (${truthpack.routes?.server?.length || 0} routes)`);
 
     // Phase 3: Build Proof Graph
     if (spinner) spinner.start('Building proof graph...');
@@ -1356,94 +921,33 @@ async function runShip(args, context = {}) {
     
     if (spinner) spinner.succeed(`Proof graph built (${proofGraph.summary.totalClaims} claims)`);
 
-    // ═══════════════════════════════════════════════════════════════════════════
-    // Calculate Production Readiness Score and Verdict
-    // ═══════════════════════════════════════════════════════════════════════════
-    const blockers = allFindings.filter(f => f.severity === 'BLOCK');
-    const warnings = allFindings.filter(f => f.severity === 'WARN');
-    const infos = allFindings.filter(f => f.severity === 'INFO');
-    
-    // Check for hallucinations (critical for vibecheck)
-    const hallucinations = allFindings.filter(f => 
-      f.engine === 'ai-hallucination-engine' || 
-      f.category?.includes('AIHallucination') ||
-      f.category?.includes('Hallucination')
-    );
+    // Calculate final verdict
+    const blockers = allFindings.filter(f => f.severity === 'BLOCK' || f.severity === 'critical');
+    const warnings = allFindings.filter(f => f.severity === 'WARN' || f.severity === 'warning');
     
     results.blockers = blockers;
     results.warnings = warnings;
     
-    // Calculate Production Readiness Score (0-100)
-    // Start at 100 and deduct based on findings
-    let score = 100;
+    // Apply strict mode
+    if (opts.strict && warnings.length > 0) {
+      results.canShip = false;
+    }
     
-    // Category-based deductions
-    const categoryDeductions = {
-      security: 0,
-      quality: 0,
-      hallucination: 0,
-      routes: 0,
-      contracts: 0,
-      dependencies: 0,
-    };
+    if (blockers.length > 0) {
+      results.canShip = false;
+    }
     
+    // Deduct score for findings
     for (const finding of allFindings) {
-      const category = categorizeFindings(finding);
-      
       if (finding.severity === 'BLOCK') {
-        categoryDeductions[category] += 15;
+        results.score = Math.max(0, results.score - 15);
       } else if (finding.severity === 'WARN') {
-        categoryDeductions[category] += 5;
-      } else {
-        categoryDeductions[category] += 1;
+        results.score = Math.max(0, results.score - 5);
       }
     }
     
-    // Apply weighted deductions (max 100 points deducted)
-    const totalDeduction = Math.min(100, 
-      categoryDeductions.security * 1.5 +  // Security issues weighted higher
-      categoryDeductions.hallucination * 2.0 + // AI hallucinations weighted highest
-      categoryDeductions.quality * 0.8 +
-      categoryDeductions.routes * 1.0 +
-      categoryDeductions.contracts * 1.0 +
-      categoryDeductions.dependencies * 0.5
-    );
-    
-    score = Math.max(0, Math.round(100 - totalDeduction));
-    results.score = score;
-    
-    // Determine grade
-    results.grade = score >= 90 ? 'A' : score >= 80 ? 'B' : score >= 70 ? 'C' : score >= 50 ? 'D' : 'F';
-    
-    // Determine verdict using the specified rules
-    let verdict;
-    const hasCritical = blockers.length > 0;
-    const hasHallucinations = hallucinations.filter(f => f.severity !== 'INFO').length > 0;
-    
-    if (hasCritical || score < 50) {
-      verdict = 'BLOCK';
-      results.canShip = false;
-    } else if (hasHallucinations || score < 75 || (opts.strict && warnings.length > 0)) {
-      verdict = 'WARN';
-      results.canShip = false;
-    } else {
-      verdict = 'SHIP';
-      results.canShip = true;
-    }
-    
-    // Build breakdown by category
-    const breakdown = {
-      security: allFindings.filter(f => categorizeFindings(f) === 'security'),
-      quality: allFindings.filter(f => categorizeFindings(f) === 'quality'),
-      hallucination: hallucinations,
-      routes: allFindings.filter(f => categorizeFindings(f) === 'routes'),
-      contracts: allFindings.filter(f => categorizeFindings(f) === 'contracts'),
-      dependencies: allFindings.filter(f => categorizeFindings(f) === 'dependencies'),
-    };
-    
-    results.breakdown = breakdown;
-    
-    const duration = Date.now() - executionStart;
+    const verdict = results.canShip ? 'SHIP' : blockers.length > 0 ? 'BLOCK' : 'WARN';
+    const duration = Date.now() - startTime;
 
     // ═══════════════════════════════════════════════════════════════════════════
     // OUTPUT
@@ -1527,7 +1031,7 @@ async function runShip(args, context = {}) {
       if (spinner) spinner.succeed('Safe fixes applied');
     }
 
-    // Human-readable output using enterprise ship-output module
+    // Human-readable output using ship-output module
     const result = {
       verdict,
       score: results.score,
@@ -1540,109 +1044,30 @@ async function runShip(args, context = {}) {
       duration: Date.now() - executionStart,
     };
 
-    // Get current tier for output formatting
-    const currentTier = context?.authInfo?.access?.tier || getCurrentTier() || "free";
-    
-    // Use enterprise format
     console.log(formatShipOutput(result, {
-      tier: currentTier,
+      verbose: opts.verbose,
+      showFix: opts.fix,
+      showBadge: opts.badge,
+      outputDir,
+      projectPath,
     }));
 
-    // V7: World-class Risk Radar and Pre-flight Checklist
-    if (proofCertificate && !opts.quiet && !opts.json && !opts.ci) {
-      // Risk Radar visualization
-      const riskRadar = proofCertificate.calculateRiskRadar(allFindings);
-      console.log();
-      console.log(proofCertificate.renderRiskRadar(riskRadar));
-      
-      // Pre-flight Checklist
-      const preflight = proofCertificate.runPreflightChecklist(allFindings, proofGraph);
-      console.log();
-      console.log(proofCertificate.renderPreflightChecklist(preflight));
-      
-      // Generate and save Proof Certificate
-      const certificate = proofCertificate.generateProofCertificate({
-        projectPath,
-        projectName: path.basename(projectPath),
-        verdict,
-        score: results.score,
-        findings: allFindings,
-        truthpack,
-        proofGraph,
-        duration: Date.now() - executionStart,
-        tier: currentTier,
-        version: require('../../package.json').version || '1.0.0',
-      });
-      
-      // Save certificate
-      fs.mkdirSync(outputDir, { recursive: true });
-      fs.writeFileSync(
-        path.join(outputDir, 'proof-certificate.json'),
-        JSON.stringify(certificate.certificate, null, 2)
-      );
-      
-      // Show certificate ID
-      console.log();
-      console.log(`  ${ansi.dim}╭${'─'.repeat(58)}╮${ansi.reset}`);
-      console.log(`  ${ansi.dim}│${ansi.reset} ${colors.accent}📜 PROOF CERTIFICATE${ansi.reset}                                     ${ansi.dim}│${ansi.reset}`);
-      console.log(`  ${ansi.dim}├${'─'.repeat(58)}┤${ansi.reset}`);
-      console.log(`  ${ansi.dim}│${ansi.reset} ID: ${ansi.cyan}${certificate.certificate.certificateId}${ansi.reset}                       ${ansi.dim}│${ansi.reset}`);
-      console.log(`  ${ansi.dim}│${ansi.reset} Short Code: ${ansi.bold}${certificate.shortCode}${ansi.reset}                             ${ansi.dim}│${ansi.reset}`);
-      console.log(`  ${ansi.dim}│${ansi.reset} Confidence: ${ansi.bold}${certificate.certificate.verdict.confidence}%${ansi.reset}                                   ${ansi.dim}│${ansi.reset}`);
-      console.log(`  ${ansi.dim}│${ansi.reset} Expires: ${certificate.certificate.expires.slice(0, 10)}                             ${ansi.dim}│${ansi.reset}`);
-      console.log(`  ${ansi.dim}├${'─'.repeat(58)}┤${ansi.reset}`);
-      console.log(`  ${ansi.dim}│${ansi.reset} ${ansi.dim}Verify at:${ansi.reset} ${ansi.cyan}${certificate.certificate.verificationUrl.slice(0, 45)}${ansi.reset} ${ansi.dim}│${ansi.reset}`);
-      console.log(`  ${ansi.dim}╰${'─'.repeat(58)}╯${ansi.reset}`);
-    }
-
-    // Pro upsell for free users
-    if (currentTier === 'free' && !opts.quiet) {
-      console.log();
-      console.log(`  ${ansi.gray}${BOX.dTopLeft}${BOX.dHorizontal.repeat(66)}${BOX.dTopRight}${ansi.reset}`);
-      console.log(`  ${ansi.gray}${BOX.dVertical}${ansi.reset}${' '.repeat(66)}${ansi.gray}${BOX.dVertical}${ansi.reset}`);
-      
-      if (verdict === 'SHIP') {
-        console.log(`  ${ansi.gray}${BOX.dVertical}${ansi.reset}  ${ansi.magenta}★ PRO${ansi.reset} Generate a ${ansi.bold}status badge${ansi.reset} to show off your clean code!       ${ansi.gray}${BOX.dVertical}${ansi.reset}`);
-        console.log(`  ${ansi.gray}${BOX.dVertical}${ansi.reset}       Run: ${ansi.cyan}vibecheck ship --badge${ansi.reset}                                   ${ansi.gray}${BOX.dVertical}${ansi.reset}`);
-      } else if (allFindings.length > 0) {
-        console.log(`  ${ansi.gray}${BOX.dVertical}${ansi.reset}  ${ansi.magenta}★ PRO${ansi.reset} Auto-fix all ${ansi.bold}${allFindings.length} issues${ansi.reset} instantly with AI              ${ansi.gray}${BOX.dVertical}${ansi.reset}`);
-        console.log(`  ${ansi.gray}${BOX.dVertical}${ansi.reset}       Run: ${ansi.cyan}vibecheck fix --apply${ansi.reset}                                    ${ansi.gray}${BOX.dVertical}${ansi.reset}`);
-      }
-      
-      console.log(`  ${ansi.gray}${BOX.dVertical}${ansi.reset}${' '.repeat(66)}${ansi.gray}${BOX.dVertical}${ansi.reset}`);
-      console.log(`  ${ansi.gray}${BOX.dVertical}${ansi.reset}       Upgrade: ${ansi.cyan}https://vibecheckai.dev/pricing${ansi.reset}                      ${ansi.gray}${BOX.dVertical}${ansi.reset}`);
-      console.log(`  ${ansi.gray}${BOX.dVertical}${ansi.reset}${' '.repeat(66)}${ansi.gray}${BOX.dVertical}${ansi.reset}`);
-      console.log(`  ${ansi.gray}${BOX.dBottomLeft}${BOX.dHorizontal.repeat(66)}${BOX.dBottomRight}${ansi.reset}`);
-      console.log();
-    }
-
-    // Badge file generation (PRO only)
+    // Badge file generation
     if (opts.badge) {
-      const isVerified = opts.withRuntime && currentTier === 'pro';
-      const { data: badgeData } = renderBadgeOutput(projectPath, verdict, results.score, { 
-        tier: currentTier, 
-        isVerified 
-      });
+      const { data: badgeData } = renderBadgeOutput(projectPath, verdict, results.score);
       
       // Save badge info
       fs.mkdirSync(outputDir, { recursive: true });
       fs.writeFileSync(
         path.join(outputDir, 'badge.json'),
-        JSON.stringify({ 
-          ...badgeData, 
-          verdict, 
-          score: results.score, 
-          tier: currentTier,
-          isVerified,
-          generatedAt: new Date().toISOString() 
-        }, null, 2)
+        JSON.stringify({ ...badgeData, verdict, score: results.score, generatedAt: new Date().toISOString() }, null, 2)
       );
     }
 
     // Earned upsell: Badge withheld when verdict != SHIP
     if (!results.canShip) {
       const currentTier = context?.authInfo?.access?.tier || "free";
-      if (currentTier === "pro") {
+      if (entitlements.tierMeetsMinimum(currentTier, "starter")) {
         // User has badge access but verdict prevents it
         console.log(upsell.formatEarnedUpsell({
           cmd: "ship",
@@ -1670,92 +1095,7 @@ async function runShip(args, context = {}) {
     } catch {}
 
     // Exit code: 0=SHIP, 1=WARN, 2=BLOCK
-    let exitCode = getExitCode(verdict);
-    
-    // Deploy Gate Mode: Stricter exit code logic for CI/CD integration
-    if (opts.gate) {
-      const hasFakeFeatures = allFindings.some(f => 
-        f.category?.toLowerCase().includes('fake') ||
-        f.category?.toLowerCase().includes('mock') ||
-        f.type?.toLowerCase().includes('fake') ||
-        f.title?.toLowerCase().includes('fake') ||
-        f.title?.toLowerCase().includes('mock data')
-      );
-      
-      const hasBlockers = allFindings.some(f => 
-        f.severity === 'BLOCK' || f.severity === 'critical' || f.severity === 'high'
-      );
-      
-      const hasWarnings = allFindings.some(f => 
-        f.severity === 'WARN' || f.severity === 'warning' || f.severity === 'medium'
-      );
-      
-      // Determine gate failure based on --fail-on option
-      let gateBlocked = false;
-      let gateReason = '';
-      
-      switch (opts.failOn) {
-        case 'fake-features':
-          gateBlocked = hasFakeFeatures;
-          gateReason = 'Fake features detected';
-          break;
-        case 'warnings':
-          gateBlocked = hasWarnings || hasBlockers || hasFakeFeatures;
-          gateReason = hasBlockers ? 'Blockers found' : hasFakeFeatures ? 'Fake features detected' : 'Warnings found';
-          break;
-        case 'any':
-          gateBlocked = allFindings.length > 0;
-          gateReason = 'Issues detected';
-          break;
-        case 'blockers':
-        default:
-          gateBlocked = hasBlockers || hasFakeFeatures;
-          gateReason = hasFakeFeatures ? 'Fake features detected' : 'Blockers found';
-          break;
-      }
-      
-      if (gateBlocked) {
-        exitCode = EXIT.BLOCKING;
-        
-        // Output gate-specific JSON for CI/CD parsing
-        if (opts.json) {
-          console.log(JSON.stringify({
-            gate: {
-              blocked: true,
-              reason: gateReason,
-              failOn: opts.failOn,
-              hasFakeFeatures,
-              hasBlockers,
-              hasWarnings,
-              issueCount: allFindings.length,
-            },
-            verdict,
-            score: results.score,
-            canShip: false,
-            exitCode,
-            findings: allFindings.slice(0, 20), // Top 20 findings
-            timestamp: new Date().toISOString(),
-          }, null, 2));
-        }
-      } else if (opts.json) {
-        console.log(JSON.stringify({
-          gate: {
-            blocked: false,
-            reason: 'All checks passed',
-            failOn: opts.failOn,
-            hasFakeFeatures: false,
-            hasBlockers: false,
-            hasWarnings,
-            issueCount: allFindings.length,
-          },
-          verdict,
-          score: results.score,
-          canShip: true,
-          exitCode,
-          timestamp: new Date().toISOString(),
-        }, null, 2));
-      }
-    }
+    const exitCode = getExitCode(verdict);
     
     // Save final results
     saveArtifact(runId, "summary", {
@@ -1763,8 +1103,6 @@ async function runShip(args, context = {}) {
       score: results.score,
       canShip: results.canShip,
       exitCode,
-      gateMode: opts.gate,
-      failOn: opts.failOn,
       timestamp: new Date().toISOString()
     });
     
@@ -1778,7 +1116,7 @@ async function runShip(args, context = {}) {
       console.error(`  ${ansi.dim}${error.stack}${ansi.reset}`);
     }
     
-    return EXIT.INTERNAL_ERROR;
+    return EXIT_CODES.ERROR;
   }
 }