npm - @vibecheckai/cli - Versions diffs - 3.5.0 → 3.5.1 - Mend

@vibecheckai/cli 3.5.0 → 3.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (326) hide show

package/bin/registry.js +174 -449
package/bin/runners/cli-utils.js +33 -2
package/bin/runners/context/generators/cursor.js +2 -49
package/bin/runners/context/generators/mcp.js +13 -15
package/bin/runners/context/proof-context.js +1 -248
package/bin/runners/lib/analysis-core.js +180 -198
package/bin/runners/lib/analyzers.js +241 -2212
package/bin/runners/lib/cli-output.js +210 -242
package/bin/runners/lib/detectors-v2.js +785 -547
package/bin/runners/lib/entitlements-v2.js +431 -161
package/bin/runners/lib/error-handler.js +9 -16
package/bin/runners/lib/global-flags.js +0 -37
package/bin/runners/lib/html-proof-report.js +700 -350
package/bin/runners/lib/missions/plan.js +6 -46
package/bin/runners/lib/missions/templates.js +0 -232
package/bin/runners/lib/route-truth.js +322 -1167
package/bin/runners/lib/scan-output.js +467 -493
package/bin/runners/lib/ship-output.js +27 -280
package/bin/runners/lib/terminal-ui.js +700 -310
package/bin/runners/lib/truth.js +321 -1004
package/bin/runners/lib/unified-output.js +158 -162
package/bin/runners/lib/upsell.js +204 -104
package/bin/runners/runAIAgent.js +10 -5
package/bin/runners/runAllowlist.js +324 -0
package/bin/runners/runAuth.js +94 -344
package/bin/runners/runCheckpoint.js +45 -43
package/bin/runners/runContext.js +24 -139
package/bin/runners/runDoctor.js +101 -136
package/bin/runners/runEvidencePack.js +219 -0
package/bin/runners/runFix.js +71 -82
package/bin/runners/runGuard.js +119 -606
package/bin/runners/runInit.js +60 -22
package/bin/runners/runInstall.js +281 -0
package/bin/runners/runLabs.js +341 -0
package/bin/runners/runMcp.js +62 -139
package/bin/runners/runPolish.js +83 -282
package/bin/runners/runPromptFirewall.js +12 -5
package/bin/runners/runProve.js +58 -33
package/bin/runners/runReality.js +58 -81
package/bin/runners/runReport.js +7 -34
package/bin/runners/runRuntime.js +8 -5
package/bin/runners/runScan.js +844 -219
package/bin/runners/runShip.js +59 -721
package/bin/runners/runValidate.js +11 -24
package/bin/runners/runWatch.js +76 -131
package/bin/vibecheck.js +69 -295
package/mcp-server/ARCHITECTURE.md +339 -0
package/mcp-server/__tests__/cache.test.ts +313 -0
package/mcp-server/__tests__/executor.test.ts +239 -0
package/mcp-server/__tests__/fixtures/exclusion-test/.cache/webpack/cache.pack +1 -0
package/mcp-server/__tests__/fixtures/exclusion-test/.next/server/chunk.js +3 -0
package/mcp-server/__tests__/fixtures/exclusion-test/.turbo/cache.json +3 -0
package/mcp-server/__tests__/fixtures/exclusion-test/.venv/lib/env.py +3 -0
package/mcp-server/__tests__/fixtures/exclusion-test/dist/bundle.js +3 -0
package/mcp-server/__tests__/fixtures/exclusion-test/package.json +5 -0
package/mcp-server/__tests__/fixtures/exclusion-test/src/app.ts +5 -0
package/mcp-server/__tests__/fixtures/exclusion-test/venv/lib/config.py +4 -0
package/mcp-server/__tests__/ids.test.ts +345 -0
package/mcp-server/__tests__/integration/tools.test.ts +410 -0
package/mcp-server/__tests__/registry.test.ts +365 -0
package/mcp-server/__tests__/sandbox.test.ts +323 -0
package/mcp-server/__tests__/schemas.test.ts +372 -0
package/mcp-server/benchmarks/run-benchmarks.ts +304 -0
package/mcp-server/examples/doctor.request.json +14 -0
package/mcp-server/examples/doctor.response.json +53 -0
package/mcp-server/examples/error.response.json +15 -0
package/mcp-server/examples/scan.request.json +14 -0
package/mcp-server/examples/scan.response.json +108 -0
package/mcp-server/handlers/tool-handler.ts +671 -0
package/mcp-server/index-v1.js +698 -0
package/mcp-server/index-v3.ts +293 -0
package/mcp-server/index.js +1080 -1757
package/mcp-server/index.old.js +4137 -0
package/mcp-server/lib/cache.ts +341 -0
package/mcp-server/lib/errors.ts +346 -0
package/mcp-server/lib/executor.ts +792 -0
package/mcp-server/lib/ids.ts +238 -0
package/mcp-server/lib/logger.ts +368 -0
package/mcp-server/lib/metrics.ts +365 -0
package/mcp-server/lib/sandbox.ts +337 -0
package/mcp-server/lib/validator.ts +229 -0
package/mcp-server/package-lock.json +165 -0
package/mcp-server/package.json +32 -7
package/mcp-server/premium-tools.js +2 -2
package/mcp-server/registry/tools.json +476 -0
package/mcp-server/schemas/error-envelope.schema.json +125 -0
package/mcp-server/schemas/finding.schema.json +167 -0
package/mcp-server/schemas/report-artifact.schema.json +88 -0
package/mcp-server/schemas/run-request.schema.json +75 -0
package/mcp-server/schemas/verdict.schema.json +168 -0
package/mcp-server/tier-auth.d.ts +71 -0
package/mcp-server/tier-auth.js +371 -183
package/mcp-server/truth-context.js +90 -131
package/mcp-server/truth-firewall-tools.js +1000 -1611
package/mcp-server/tsconfig.json +34 -0
package/mcp-server/vibecheck-tools.js +2 -2
package/mcp-server/vitest.config.ts +16 -0
package/package.json +3 -4
package/bin/runners/lib/agent-firewall/ai/false-positive-analyzer.js +0 -474
package/bin/runners/lib/agent-firewall/change-packet/builder.js +0 -488
package/bin/runners/lib/agent-firewall/change-packet/schema.json +0 -228
package/bin/runners/lib/agent-firewall/change-packet/store.js +0 -200
package/bin/runners/lib/agent-firewall/claims/claim-types.js +0 -21
package/bin/runners/lib/agent-firewall/claims/extractor.js +0 -303
package/bin/runners/lib/agent-firewall/claims/patterns.js +0 -24
package/bin/runners/lib/agent-firewall/critic/index.js +0 -151
package/bin/runners/lib/agent-firewall/critic/judge.js +0 -432
package/bin/runners/lib/agent-firewall/critic/prompts.js +0 -305
package/bin/runners/lib/agent-firewall/evidence/auth-evidence.js +0 -88
package/bin/runners/lib/agent-firewall/evidence/contract-evidence.js +0 -75
package/bin/runners/lib/agent-firewall/evidence/env-evidence.js +0 -127
package/bin/runners/lib/agent-firewall/evidence/resolver.js +0 -102
package/bin/runners/lib/agent-firewall/evidence/route-evidence.js +0 -213
package/bin/runners/lib/agent-firewall/evidence/side-effect-evidence.js +0 -145
package/bin/runners/lib/agent-firewall/fs-hook/daemon.js +0 -19
package/bin/runners/lib/agent-firewall/fs-hook/installer.js +0 -87
package/bin/runners/lib/agent-firewall/fs-hook/watcher.js +0 -184
package/bin/runners/lib/agent-firewall/git-hook/pre-commit.js +0 -163
package/bin/runners/lib/agent-firewall/ide-extension/cursor.js +0 -107
package/bin/runners/lib/agent-firewall/ide-extension/vscode.js +0 -68
package/bin/runners/lib/agent-firewall/ide-extension/windsurf.js +0 -66
package/bin/runners/lib/agent-firewall/interceptor/base.js +0 -304
package/bin/runners/lib/agent-firewall/interceptor/cursor.js +0 -35
package/bin/runners/lib/agent-firewall/interceptor/vscode.js +0 -35
package/bin/runners/lib/agent-firewall/interceptor/windsurf.js +0 -34
package/bin/runners/lib/agent-firewall/lawbook/distributor.js +0 -465
package/bin/runners/lib/agent-firewall/lawbook/evaluator.js +0 -604
package/bin/runners/lib/agent-firewall/lawbook/index.js +0 -304
package/bin/runners/lib/agent-firewall/lawbook/registry.js +0 -514
package/bin/runners/lib/agent-firewall/lawbook/schema.js +0 -420
package/bin/runners/lib/agent-firewall/learning/learning-engine.js +0 -849
package/bin/runners/lib/agent-firewall/logger.js +0 -141
package/bin/runners/lib/agent-firewall/policy/default-policy.json +0 -90
package/bin/runners/lib/agent-firewall/policy/engine.js +0 -103
package/bin/runners/lib/agent-firewall/policy/loader.js +0 -451
package/bin/runners/lib/agent-firewall/policy/rules/auth-drift.js +0 -50
package/bin/runners/lib/agent-firewall/policy/rules/contract-drift.js +0 -50
package/bin/runners/lib/agent-firewall/policy/rules/fake-success.js +0 -86
package/bin/runners/lib/agent-firewall/policy/rules/ghost-env.js +0 -162
package/bin/runners/lib/agent-firewall/policy/rules/ghost-route.js +0 -189
package/bin/runners/lib/agent-firewall/policy/rules/scope.js +0 -93
package/bin/runners/lib/agent-firewall/policy/rules/unsafe-side-effect.js +0 -57
package/bin/runners/lib/agent-firewall/policy/schema.json +0 -183
package/bin/runners/lib/agent-firewall/policy/verdict.js +0 -54
package/bin/runners/lib/agent-firewall/proposal/extractor.js +0 -394
package/bin/runners/lib/agent-firewall/proposal/index.js +0 -212
package/bin/runners/lib/agent-firewall/proposal/schema.js +0 -251
package/bin/runners/lib/agent-firewall/proposal/validator.js +0 -386
package/bin/runners/lib/agent-firewall/reality/index.js +0 -332
package/bin/runners/lib/agent-firewall/reality/state.js +0 -625
package/bin/runners/lib/agent-firewall/reality/watcher.js +0 -322
package/bin/runners/lib/agent-firewall/risk/index.js +0 -173
package/bin/runners/lib/agent-firewall/risk/scorer.js +0 -328
package/bin/runners/lib/agent-firewall/risk/thresholds.js +0 -321
package/bin/runners/lib/agent-firewall/risk/vectors.js +0 -421
package/bin/runners/lib/agent-firewall/simulator/diff-simulator.js +0 -472
package/bin/runners/lib/agent-firewall/simulator/import-resolver.js +0 -346
package/bin/runners/lib/agent-firewall/simulator/index.js +0 -181
package/bin/runners/lib/agent-firewall/simulator/route-validator.js +0 -380
package/bin/runners/lib/agent-firewall/time-machine/incident-correlator.js +0 -661
package/bin/runners/lib/agent-firewall/time-machine/index.js +0 -267
package/bin/runners/lib/agent-firewall/time-machine/replay-engine.js +0 -436
package/bin/runners/lib/agent-firewall/time-machine/state-reconstructor.js +0 -490
package/bin/runners/lib/agent-firewall/time-machine/timeline-builder.js +0 -530
package/bin/runners/lib/agent-firewall/truthpack/index.js +0 -67
package/bin/runners/lib/agent-firewall/truthpack/loader.js +0 -137
package/bin/runners/lib/agent-firewall/unblock/planner.js +0 -337
package/bin/runners/lib/agent-firewall/utils/ignore-checker.js +0 -118
package/bin/runners/lib/api-client.js +0 -269
package/bin/runners/lib/audit-logger.js +0 -532
package/bin/runners/lib/authority/authorities/architecture.js +0 -364
package/bin/runners/lib/authority/authorities/compliance.js +0 -341
package/bin/runners/lib/authority/authorities/human.js +0 -343
package/bin/runners/lib/authority/authorities/quality.js +0 -420
package/bin/runners/lib/authority/authorities/security.js +0 -228
package/bin/runners/lib/authority/index.js +0 -293
package/bin/runners/lib/authority-badge.js +0 -425
package/bin/runners/lib/bundle/bundle-intelligence.js +0 -846
package/bin/runners/lib/cli-charts.js +0 -368
package/bin/runners/lib/cli-config-display.js +0 -405
package/bin/runners/lib/cli-demo.js +0 -275
package/bin/runners/lib/cli-errors.js +0 -438
package/bin/runners/lib/cli-help-formatter.js +0 -439
package/bin/runners/lib/cli-interactive-menu.js +0 -509
package/bin/runners/lib/cli-prompts.js +0 -441
package/bin/runners/lib/cli-scan-cards.js +0 -362
package/bin/runners/lib/compliance-reporter.js +0 -710
package/bin/runners/lib/conductor/index.js +0 -671
package/bin/runners/lib/easy/README.md +0 -123
package/bin/runners/lib/easy/index.js +0 -140
package/bin/runners/lib/easy/interactive-wizard.js +0 -788
package/bin/runners/lib/easy/one-click-firewall.js +0 -564
package/bin/runners/lib/easy/zero-config-reality.js +0 -714
package/bin/runners/lib/engines/accessibility-engine.js +0 -390
package/bin/runners/lib/engines/api-consistency-engine.js +0 -467
package/bin/runners/lib/engines/ast-cache.js +0 -99
package/bin/runners/lib/engines/async-patterns-engine.js +0 -444
package/bin/runners/lib/engines/bundle-size-engine.js +0 -433
package/bin/runners/lib/engines/code-quality-engine.js +0 -255
package/bin/runners/lib/engines/confidence-scoring.js +0 -276
package/bin/runners/lib/engines/console-logs-engine.js +0 -115
package/bin/runners/lib/engines/context-detection.js +0 -264
package/bin/runners/lib/engines/cross-file-analysis-engine.js +0 -533
package/bin/runners/lib/engines/database-patterns-engine.js +0 -429
package/bin/runners/lib/engines/dead-code-engine.js +0 -198
package/bin/runners/lib/engines/deprecated-api-engine.js +0 -226
package/bin/runners/lib/engines/duplicate-code-engine.js +0 -354
package/bin/runners/lib/engines/empty-catch-engine.js +0 -260
package/bin/runners/lib/engines/env-variables-engine.js +0 -458
package/bin/runners/lib/engines/error-handling-engine.js +0 -437
package/bin/runners/lib/engines/false-positive-prevention.js +0 -630
package/bin/runners/lib/engines/file-filter.js +0 -131
package/bin/runners/lib/engines/framework-adapters/index.js +0 -607
package/bin/runners/lib/engines/framework-detection.js +0 -508
package/bin/runners/lib/engines/hardcoded-secrets-engine.js +0 -251
package/bin/runners/lib/engines/import-order-engine.js +0 -429
package/bin/runners/lib/engines/mock-data-engine.js +0 -315
package/bin/runners/lib/engines/naming-conventions-engine.js +0 -544
package/bin/runners/lib/engines/noise-reduction-engine.js +0 -452
package/bin/runners/lib/engines/orchestrator.js +0 -334
package/bin/runners/lib/engines/parallel-processor.js +0 -71
package/bin/runners/lib/engines/performance-issues-engine.js +0 -405
package/bin/runners/lib/engines/react-patterns-engine.js +0 -457
package/bin/runners/lib/engines/security-vulnerabilities-engine.js +0 -571
package/bin/runners/lib/engines/todo-fixme-engine.js +0 -115
package/bin/runners/lib/engines/type-aware-engine.js +0 -376
package/bin/runners/lib/engines/unsafe-regex-engine.js +0 -225
package/bin/runners/lib/engines/vibecheck-engines/README.md +0 -53
package/bin/runners/lib/engines/vibecheck-engines/index.js +0 -124
package/bin/runners/lib/engines/vibecheck-engines/lib/ai-hallucination-engine.js +0 -806
package/bin/runners/lib/engines/vibecheck-engines/lib/hardcoded-secrets-engine.js +0 -439
package/bin/runners/lib/engines/vibecheck-engines/lib/smart-fix-engine.js +0 -577
package/bin/runners/lib/engines/vibecheck-engines/lib/vibe-score-engine.js +0 -543
package/bin/runners/lib/engines/vibecheck-engines/package.json +0 -13
package/bin/runners/lib/engines/vibecheck-engines.js +0 -514
package/bin/runners/lib/enhanced-features/index.js +0 -305
package/bin/runners/lib/enhanced-output.js +0 -631
package/bin/runners/lib/enterprise.js +0 -300
package/bin/runners/lib/exit-codes.js +0 -275
package/bin/runners/lib/fingerprint.js +0 -377
package/bin/runners/lib/firewall/command-validator.js +0 -351
package/bin/runners/lib/firewall/config.js +0 -341
package/bin/runners/lib/firewall/content-validator.js +0 -519
package/bin/runners/lib/firewall/index.js +0 -101
package/bin/runners/lib/firewall/path-validator.js +0 -256
package/bin/runners/lib/help-formatter.js +0 -413
package/bin/runners/lib/intelligence/cross-repo-intelligence.js +0 -817
package/bin/runners/lib/logger.js +0 -38
package/bin/runners/lib/mcp-utils.js +0 -425
package/bin/runners/lib/output/index.js +0 -1022
package/bin/runners/lib/policy-engine.js +0 -652
package/bin/runners/lib/polish/autofix/accessibility-fixes.js +0 -333
package/bin/runners/lib/polish/autofix/async-handlers.js +0 -273
package/bin/runners/lib/polish/autofix/dead-code.js +0 -280
package/bin/runners/lib/polish/autofix/imports-optimizer.js +0 -344
package/bin/runners/lib/polish/autofix/index.js +0 -200
package/bin/runners/lib/polish/autofix/remove-consoles.js +0 -209
package/bin/runners/lib/polish/autofix/strengthen-types.js +0 -245
package/bin/runners/lib/polish/backend-checks.js +0 -148
package/bin/runners/lib/polish/documentation-checks.js +0 -111
package/bin/runners/lib/polish/frontend-checks.js +0 -168
package/bin/runners/lib/polish/index.js +0 -71
package/bin/runners/lib/polish/infrastructure-checks.js +0 -131
package/bin/runners/lib/polish/library-detection.js +0 -175
package/bin/runners/lib/polish/performance-checks.js +0 -100
package/bin/runners/lib/polish/security-checks.js +0 -148
package/bin/runners/lib/polish/utils.js +0 -203
package/bin/runners/lib/prompt-builder.js +0 -540
package/bin/runners/lib/proof-certificate.js +0 -634
package/bin/runners/lib/reality/accessibility-audit.js +0 -946
package/bin/runners/lib/reality/api-contract-validator.js +0 -1012
package/bin/runners/lib/reality/chaos-engineering.js +0 -1084
package/bin/runners/lib/reality/performance-tracker.js +0 -1077
package/bin/runners/lib/reality/scenario-generator.js +0 -1404
package/bin/runners/lib/reality/visual-regression.js +0 -852
package/bin/runners/lib/reality-profiler.js +0 -717
package/bin/runners/lib/replay/flight-recorder-viewer.js +0 -1160
package/bin/runners/lib/review/ai-code-review.js +0 -832
package/bin/runners/lib/rules/custom-rule-engine.js +0 -985
package/bin/runners/lib/sbom-generator.js +0 -641
package/bin/runners/lib/scan-output-enhanced.js +0 -512
package/bin/runners/lib/security/owasp-scanner.js +0 -939
package/bin/runners/lib/ship-output-enterprise.js +0 -239
package/bin/runners/lib/unified-cli-output.js +0 -777
package/bin/runners/lib/validators/contract-validator.js +0 -283
package/bin/runners/lib/validators/dead-export-detector.js +0 -279
package/bin/runners/lib/validators/dep-audit.js +0 -245
package/bin/runners/lib/validators/env-validator.js +0 -319
package/bin/runners/lib/validators/index.js +0 -120
package/bin/runners/lib/validators/license-checker.js +0 -252
package/bin/runners/lib/validators/route-validator.js +0 -290
package/bin/runners/runAgent.d.ts +0 -5
package/bin/runners/runAgent.js +0 -164
package/bin/runners/runApprove.js +0 -1233
package/bin/runners/runAuthority.js +0 -528
package/bin/runners/runClassify.js +0 -862
package/bin/runners/runConductor.js +0 -772
package/bin/runners/runContainer.js +0 -366
package/bin/runners/runContext.d.ts +0 -4
package/bin/runners/runEasy.js +0 -410
package/bin/runners/runFirewall.d.ts +0 -5
package/bin/runners/runFirewall.js +0 -137
package/bin/runners/runFirewallHook.d.ts +0 -5
package/bin/runners/runFirewallHook.js +0 -59
package/bin/runners/runIaC.js +0 -372
package/bin/runners/runPolish.d.ts +0 -4
package/bin/runners/runProof.zip +0 -0
package/bin/runners/runTruth.d.ts +0 -5
package/bin/runners/runTruth.js +0 -104
package/bin/runners/runVibe.js +0 -791
package/mcp-server/HARDENING_SUMMARY.md +0 -299
package/mcp-server/agent-firewall-interceptor.js +0 -500
package/mcp-server/authority-tools.js +0 -569
package/mcp-server/conductor/conflict-resolver.js +0 -588
package/mcp-server/conductor/execution-planner.js +0 -544
package/mcp-server/conductor/index.js +0 -377
package/mcp-server/conductor/lock-manager.js +0 -615
package/mcp-server/conductor/request-queue.js +0 -550
package/mcp-server/conductor/session-manager.js +0 -500
package/mcp-server/conductor/tools.js +0 -510
package/mcp-server/lib/api-client.cjs +0 -13
package/mcp-server/lib/logger.cjs +0 -30
package/mcp-server/logger.js +0 -173
package/mcp-server/tools-v3.js +0 -1039
package/mcp-server/tools.js +0 -495
package/mcp-server/vibecheck-mcp-server-3.2.0.tgz +0 -0

package/bin/runners/lib/agent-firewall/time-machine/timeline-builder.js DELETED Viewed

@@ -1,530 +0,0 @@
-/**
- * Time Machine Timeline Builder
- *
- * Builds event timelines from multiple sources.
- * Correlates agent actions with outcomes and incidents.
- *
- * Codename: Time Machine
- */
-"use strict";
-const fs = require("fs");
-const path = require("path");
-const { timeMachineLogger: log, getErrorMessage } = require("../logger.js");
-/**
- * @typedef {Object} TimelineEvent
- * @property {string} id - Event ID
- * @property {Date} timestamp - When event occurred
- * @property {string} type - Event type
- * @property {string} source - Event source (firewall, conductor, git, etc.)
- * @property {string} summary - Human-readable summary
- * @property {Object} details - Full event details
- * @property {string[]} relatedEvents - IDs of related events
- * @property {Object} [causalLink] - Link to caused/causing events
- */
-/**
- * @typedef {Object} ForensicTimeline
- * @property {string} timelineId - Timeline ID
- * @property {Object} incident - Incident info if applicable
- * @property {TimelineEvent[]} events - All events in timeline
- * @property {Object[]} causalChain - Causal relationships
- * @property {TimelineEvent} [rootCause] - Identified root cause
- * @property {Date} generatedAt - When timeline was generated
- */
-/**
- * Event types for timeline
- */
-const EVENT_TYPES = {
-  PROPOSAL_SUBMITTED: "proposal_submitted",
-  PROPOSAL_ALLOWED: "proposal_allowed",
-  PROPOSAL_BLOCKED: "proposal_blocked",
-  PROPOSAL_WARNED: "proposal_warned",
-  OVERRIDE_USED: "override_used",
-  FILE_CHANGED: "file_changed",
-  SESSION_STARTED: "session_started",
-  SESSION_ENDED: "session_ended",
-  LOCK_ACQUIRED: "lock_acquired",
-  LOCK_RELEASED: "lock_released",
-  CONFLICT_DETECTED: "conflict_detected",
-  INCIDENT_REPORTED: "incident_reported",
-  BUILD_FAILED: "build_failed",
-  TEST_FAILED: "test_failed",
-};
-/**
- * Timeline Builder class
- */
-class TimelineBuilder {
-  constructor(options = {}) {
-    this.projectRoot = options.projectRoot || process.cwd();
-    this.auditDir = path.join(this.projectRoot, ".vibecheck", "audit");
-    this.packetsDir = path.join(this.projectRoot, ".vibecheck", "packets");
-    this.incidentsDir = path.join(this.projectRoot, ".vibecheck", "incidents");
-  }
-  /**
-   * Build a timeline for a time range
-   * @param {Object} options - Build options
-   * @returns {ForensicTimeline} Built timeline
-   */
-  async buildTimeline(options = {}) {
-    const {
-      startTime,
-      endTime = new Date(),
-      file = null,
-      agentId = null,
-      includeGit = true,
-      includeIncidents = true,
-    } = options;
-    const timelineId = `timeline_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`;
-    const events = [];
-    // Load firewall events
-    const firewallEvents = await this.loadFirewallEvents(startTime, endTime, file, agentId);
-    events.push(...firewallEvents);
-    // Load conductor events
-    const conductorEvents = await this.loadConductorEvents(startTime, endTime, agentId);
-    events.push(...conductorEvents);
-    // Load git events if requested
-    if (includeGit) {
-      const gitEvents = await this.loadGitEvents(startTime, endTime, file);
-      events.push(...gitEvents);
-    }
-    // Load incident events if requested
-    let incidentInfo = null;
-    if (includeIncidents) {
-      const incidentEvents = await this.loadIncidentEvents(startTime, endTime, file);
-      events.push(...incidentEvents);
-      // Find the main incident if any
-      incidentInfo = incidentEvents.find(e => e.type === EVENT_TYPES.INCIDENT_REPORTED)?.details;
-    }
-    // Sort by timestamp
-    events.sort((a, b) => new Date(a.timestamp).getTime() - new Date(b.timestamp).getTime());
-    // Build causal relationships
-    const { causalChain, rootCause } = this.buildCausalChain(events);
-    // Link related events
-    this.linkRelatedEvents(events);
-    return {
-      timelineId,
-      incident: incidentInfo,
-      events,
-      causalChain,
-      rootCause,
-      generatedAt: new Date(),
-      options,
-    };
-  }
-  /**
-   * Load firewall events from audit log
-   * @param {Date} startTime - Start time
-   * @param {Date} endTime - End time
-   * @param {string} file - File filter
-   * @param {string} agentId - Agent filter
-   * @returns {TimelineEvent[]} Firewall events
-   */
-  async loadFirewallEvents(startTime, endTime, file, agentId) {
-    const events = [];
-    const auditFile = path.join(this.auditDir, "firewall-events.jsonl");
-    if (!fs.existsSync(auditFile)) {
-      return events;
-    }
-    try {
-      const content = fs.readFileSync(auditFile, "utf-8");
-      const lines = content.trim().split("\n").filter(l => l);
-      for (const line of lines) {
-        try {
-          const raw = JSON.parse(line);
-          const eventTime = new Date(raw.timestamp);
-          // Apply filters
-          if (startTime && eventTime < new Date(startTime)) continue;
-          if (endTime && eventTime > new Date(endTime)) continue;
-          if (file && raw.file !== file && !raw.file?.includes(file)) continue;
-          if (agentId && raw.agentId !== agentId) continue;
-          events.push({
-            id: raw.id || `evt_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`,
-            timestamp: eventTime,
-            type: this.mapVerdictToEventType(raw.verdict, raw.action),
-            source: "firewall",
-            summary: this.buildFirewallSummary(raw),
-            details: raw,
-            relatedEvents: [],
-          });
-        } catch {
-          // Skip invalid lines
-        }
-      }
-    } catch (error) {
-      log.warn(`Failed to load firewall events: ${getErrorMessage(error)}`);
-    }
-    return events;
-  }
-  /**
-   * Load conductor events
-   * @param {Date} startTime - Start time
-   * @param {Date} endTime - End time
-   * @param {string} agentId - Agent filter
-   * @returns {TimelineEvent[]} Conductor events
-   */
-  async loadConductorEvents(startTime, endTime, agentId) {
-    const events = [];
-    const conductorFile = path.join(this.auditDir, "conductor-events.jsonl");
-    if (!fs.existsSync(conductorFile)) {
-      return events;
-    }
-    try {
-      const content = fs.readFileSync(conductorFile, "utf-8");
-      const lines = content.trim().split("\n").filter(l => l);
-      for (const line of lines) {
-        try {
-          const raw = JSON.parse(line);
-          const eventTime = new Date(raw.timestamp);
-          if (startTime && eventTime < new Date(startTime)) continue;
-          if (endTime && eventTime > new Date(endTime)) continue;
-          if (agentId && raw.agentId !== agentId) continue;
-          events.push({
-            id: raw.id || `evt_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`,
-            timestamp: eventTime,
-            type: raw.type || raw.action,
-            source: "conductor",
-            summary: this.buildConductorSummary(raw),
-            details: raw,
-            relatedEvents: [],
-          });
-        } catch {
-          // Skip invalid lines
-        }
-      }
-    } catch (error) {
-      log.warn(`Failed to load conductor events: ${getErrorMessage(error)}`);
-    }
-    return events;
-  }
-  /**
-   * Load git events (commits, merges)
-   * @param {Date} startTime - Start time
-   * @param {Date} endTime - End time
-   * @param {string} file - File filter
-   * @returns {TimelineEvent[]} Git events
-   */
-  async loadGitEvents(startTime, endTime, file) {
-    const events = [];
-    // This would typically call git log
-    // For now, return empty - would be implemented with git integration
-    return events;
-  }
-  /**
-   * Load incident events
-   * @param {Date} startTime - Start time
-   * @param {Date} endTime - End time
-   * @param {string} file - File filter
-   * @returns {TimelineEvent[]} Incident events
-   */
-  async loadIncidentEvents(startTime, endTime, file) {
-    const events = [];
-    const incidentsFile = path.join(this.incidentsDir, "incidents.jsonl");
-    if (!fs.existsSync(incidentsFile)) {
-      return events;
-    }
-    try {
-      const content = fs.readFileSync(incidentsFile, "utf-8");
-      const lines = content.trim().split("\n").filter(l => l);
-      for (const line of lines) {
-        try {
-          const raw = JSON.parse(line);
-          const eventTime = new Date(raw.timestamp || raw.reportedAt);
-          if (startTime && eventTime < new Date(startTime)) continue;
-          if (endTime && eventTime > new Date(endTime)) continue;
-          if (file && !raw.affectedFiles?.includes(file)) continue;
-          events.push({
-            id: raw.id || raw.incidentId,
-            timestamp: eventTime,
-            type: EVENT_TYPES.INCIDENT_REPORTED,
-            source: "incident",
-            summary: `Incident: ${raw.title || raw.description || "Unknown"}`,
-            details: raw,
-            relatedEvents: [],
-          });
-        } catch {
-          // Skip invalid lines
-        }
-      }
-    } catch (error) {
-      log.warn(`Failed to load incident events: ${getErrorMessage(error)}`);
-    }
-    return events;
-  }
-  /**
-   * Map verdict to event type
-   * @param {string} verdict - Verdict
-   * @param {string} action - Action
-   * @returns {string} Event type
-   */
-  mapVerdictToEventType(verdict, action) {
-    if (action === "override") return EVENT_TYPES.OVERRIDE_USED;
-    switch (verdict) {
-      case "ALLOW":
-        return EVENT_TYPES.PROPOSAL_ALLOWED;
-      case "BLOCK":
-        return EVENT_TYPES.PROPOSAL_BLOCKED;
-      case "WARN":
-        return EVENT_TYPES.PROPOSAL_WARNED;
-      default:
-        return EVENT_TYPES.PROPOSAL_SUBMITTED;
-    }
-  }
-  /**
-   * Build summary for firewall event
-   * @param {Object} raw - Raw event data
-   * @returns {string} Summary
-   */
-  buildFirewallSummary(raw) {
-    const parts = [];
-    if (raw.verdict) {
-      parts.push(`[${raw.verdict}]`);
-    }
-    if (raw.agentId) {
-      parts.push(`Agent: ${raw.agentId}`);
-    }
-    if (raw.file) {
-      parts.push(`File: ${path.basename(raw.file)}`);
-    }
-    if (raw.intent) {
-      parts.push(raw.intent.slice(0, 50) + (raw.intent.length > 50 ? "..." : ""));
-    }
-    return parts.join(" | ") || "Firewall event";
-  }
-  /**
-   * Build summary for conductor event
-   * @param {Object} raw - Raw event data
-   * @returns {string} Summary
-   */
-  buildConductorSummary(raw) {
-    const parts = [];
-    if (raw.type || raw.action) {
-      parts.push(`[${raw.type || raw.action}]`);
-    }
-    if (raw.agentId) {
-      parts.push(`Agent: ${raw.agentId}`);
-    }
-    if (raw.sessionId) {
-      parts.push(`Session: ${raw.sessionId.slice(0, 12)}...`);
-    }
-    return parts.join(" | ") || "Conductor event";
-  }
-  /**
-   * Build causal chain from events
-   * @param {TimelineEvent[]} events - Events to analyze
-   * @returns {Object} Causal chain and root cause
-   */
-  buildCausalChain(events) {
-    const causalChain = [];
-    let rootCause = null;
-    // Find incident events
-    const incidents = events.filter(e => e.type === EVENT_TYPES.INCIDENT_REPORTED);
-    if (incidents.length === 0) {
-      return { causalChain, rootCause };
-    }
-    // For each incident, trace back to find potential causes
-    for (const incident of incidents) {
-      const affectedFiles = incident.details.affectedFiles || [];
-      const incidentTime = new Date(incident.timestamp);
-      // Find events that affected the same files before the incident
-      const potentialCauses = events.filter(e => {
-        const eventTime = new Date(e.timestamp);
-        if (eventTime >= incidentTime) return false;
-        const eventFile = e.details?.file;
-        if (!eventFile) return false;
-        return affectedFiles.some(f => f.includes(eventFile) || eventFile.includes(f));
-      });
-      // Look for overrides or blocked proposals that were overridden
-      for (const cause of potentialCauses) {
-        if (cause.type === EVENT_TYPES.OVERRIDE_USED ||
-            (cause.type === EVENT_TYPES.PROPOSAL_ALLOWED && cause.details?.overrideUsed)) {
-          causalChain.push({
-            cause: cause.id,
-            effect: incident.id,
-            relationship: "override_led_to_incident",
-            confidence: 0.8,
-          });
-          if (!rootCause) {
-            rootCause = cause;
-          }
-        }
-      }
-      // Also look for the first suspicious change
-      const firstSuspicious = potentialCauses.find(e =>
-        e.type === EVENT_TYPES.PROPOSAL_ALLOWED &&
-        (e.details?.riskScore || 0) >= 50
-      );
-      if (firstSuspicious && !rootCause) {
-        rootCause = firstSuspicious;
-        causalChain.push({
-          cause: firstSuspicious.id,
-          effect: incident.id,
-          relationship: "high_risk_change_led_to_incident",
-          confidence: 0.6,
-        });
-      }
-    }
-    return { causalChain, rootCause };
-  }
-  /**
-   * Link related events together
-   * @param {TimelineEvent[]} events - Events to link
-   */
-  linkRelatedEvents(events) {
-    // Group events by file
-    const byFile = new Map();
-    for (const event of events) {
-      const file = event.details?.file;
-      if (file) {
-        if (!byFile.has(file)) {
-          byFile.set(file, []);
-        }
-        byFile.get(file).push(event);
-      }
-    }
-    // Link events that share the same file
-    for (const [, fileEvents] of byFile) {
-      for (let i = 0; i < fileEvents.length; i++) {
-        for (let j = i + 1; j < fileEvents.length; j++) {
-          fileEvents[i].relatedEvents.push(fileEvents[j].id);
-          fileEvents[j].relatedEvents.push(fileEvents[i].id);
-        }
-      }
-    }
-    // Group events by session
-    const bySession = new Map();
-    for (const event of events) {
-      const sessionId = event.details?.sessionId;
-      if (sessionId) {
-        if (!bySession.has(sessionId)) {
-          bySession.set(sessionId, []);
-        }
-        bySession.get(sessionId).push(event);
-      }
-    }
-    // Link events in same session
-    for (const [, sessionEvents] of bySession) {
-      for (let i = 0; i < sessionEvents.length; i++) {
-        for (let j = i + 1; j < sessionEvents.length; j++) {
-          if (!sessionEvents[i].relatedEvents.includes(sessionEvents[j].id)) {
-            sessionEvents[i].relatedEvents.push(sessionEvents[j].id);
-          }
-          if (!sessionEvents[j].relatedEvents.includes(sessionEvents[i].id)) {
-            sessionEvents[j].relatedEvents.push(sessionEvents[i].id);
-          }
-        }
-      }
-    }
-  }
-  /**
-   * Generate a timeline report
-   * @param {ForensicTimeline} timeline - Timeline to report on
-   * @returns {Object} Report
-   */
-  generateReport(timeline) {
-    const eventCounts = {};
-    const sourceCounts = {};
-    for (const event of timeline.events) {
-      eventCounts[event.type] = (eventCounts[event.type] || 0) + 1;
-      sourceCounts[event.source] = (sourceCounts[event.source] || 0) + 1;
-    }
-    return {
-      timelineId: timeline.timelineId,
-      generatedAt: timeline.generatedAt,
-      totalEvents: timeline.events.length,
-      eventCounts,
-      sourceCounts,
-      hasIncident: !!timeline.incident,
-      rootCauseIdentified: !!timeline.rootCause,
-      causalChainLength: timeline.causalChain.length,
-      timeRange: {
-        start: timeline.events[0]?.timestamp,
-        end: timeline.events[timeline.events.length - 1]?.timestamp,
-      },
-    };
-  }
-}
-/**
- * Create a timeline builder instance
- * @param {Object} options - Options
- * @returns {TimelineBuilder} Timeline builder
- */
-function createTimelineBuilder(options = {}) {
-  return new TimelineBuilder(options);
-}
-module.exports = { TimelineBuilder, createTimelineBuilder, EVENT_TYPES };

package/bin/runners/lib/agent-firewall/truthpack/index.js DELETED Viewed

@@ -1,67 +0,0 @@
-/**
- * Truthpack Accessor
- *
- * Unified interface for accessing truthpack data.
- */
-"use strict";
-const { loadTruthpack } = require("./loader");
-/**
- * Get routes from truthpack
- * @param {string} projectRoot - Project root directory
- * @returns {array} Array of routes
- */
-function getRoutes(projectRoot) {
-  const truthpack = loadTruthpack(projectRoot);
-  return truthpack.routes?.routes || [];
-}
-/**
- * Get environment variables from truthpack
- * @param {string} projectRoot - Project root directory
- * @returns {object} Env vars data
- */
-function getEnvVars(projectRoot) {
-  const truthpack = loadTruthpack(projectRoot);
-  return truthpack.env || { vars: [], declared: [], declaredSources: [] };
-}
-/**
- * Get auth rules from truthpack
- * @param {string} projectRoot - Project root directory
- * @returns {object} Auth rules data
- */
-function getAuthRules(projectRoot) {
-  const truthpack = loadTruthpack(projectRoot);
-  return truthpack.auth || { nextMiddleware: [], nextMatcherPatterns: [], fastify: {} };
-}
-/**
- * Get contracts from truthpack
- * @param {string} projectRoot - Project root directory
- * @returns {object} Contracts data
- */
-function getContracts(projectRoot) {
-  const truthpack = loadTruthpack(projectRoot);
-  return truthpack.contracts || {};
-}
-/**
- * Get UI graph from truthpack
- * @param {string} projectRoot - Project root directory
- * @returns {object|null} UI graph or null
- */
-function getUIGraph(projectRoot) {
-  const truthpack = loadTruthpack(projectRoot);
-  return truthpack.uiGraph || null;
-}
-module.exports = {
-  getRoutes,
-  getEnvVars,
-  getAuthRules,
-  getContracts,
-  getUIGraph
-};