@vibecheckai/cli 3.5.0 → 3.5.2

package/mcp-server/lib/executor.ts

@@ -0,0 +1,499 @@
+/**
+ * CLI Executor Module
+ * 
+ * Executes CLI commands in a controlled, secure manner with:
+ * - Command allowlisting
+ * - Argument sanitization
+ * - Timeout enforcement
+ * - Output capture and parsing
+ */
+
+import { spawn, SpawnOptions } from "child_process";
+import type { ExecutorOptions, ExecutorResult, Finding, ToolResult } from "./types";
+import { createHash } from "crypto";
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// CONSTANTS
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/** Allowed CLI commands (vibecheck subcommands) */
+const ALLOWED_COMMANDS = new Set([
+  // FREE - Inspect & Observe
+  "init",
+  "doctor",
+  "watch",
+  "scan",
+  "report",
+  "context",
+  "classify",
+  "login",
+  "logout",
+  "whoami",
+  "allowlist",
+  "evidence-pack",
+  "labs",
+  // PRO - Fix, Prove & Enforce
+  "ship",
+  "fix",
+  "prove",
+  "reality",
+  "gate",
+  "guard",
+  "mcp",
+  "checkpoint",
+  "approve",
+  "polish",
+]);
+
+/** Maximum output size (10MB) */
+const MAX_OUTPUT_SIZE = 10 * 1024 * 1024;
+
+/** Default timeout (5 minutes) */
+const DEFAULT_TIMEOUT_MS = 5 * 60 * 1000;
+
+/** Environment variables to pass through */
+const PASSTHROUGH_ENV_VARS = [
+  "PATH",
+  "NODE_ENV",
+  "HOME",
+  "USERPROFILE",
+  "VIBECHECK_API_KEY",
+  "VIBECHECK_API_URL",
+  "VIBECHECK_DEBUG",
+  "DEBUG",
+];
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// EXECUTOR CLASS
+// ═══════════════════════════════════════════════════════════════════════════════
+
+export class CliExecutor {
+  private readonly cwd: string;
+  private readonly timeoutMs: number;
+  private readonly env: Record<string, string>;
+  private readonly requestId: string;
+  private readonly traceId?: string;
+
+  constructor(options: ExecutorOptions) {
+    this.cwd = options.cwd;
+    this.timeoutMs = options.timeoutMs || DEFAULT_TIMEOUT_MS;
+    this.requestId = options.requestId;
+    this.traceId = options.traceId;
+
+    // Build sanitized environment
+    this.env = this.buildEnvironment(options.env);
+  }
+
+  /**
+   * Execute a vibecheck CLI command
+   */
+  async execute(command: string, args: string[]): Promise<ExecutorResult> {
+    // Validate command is allowed
+    if (!this.isCommandAllowed(command)) {
+      return {
+        exitCode: 126,
+        stdout: "",
+        stderr: `Command not allowed: ${command}`,
+        timedOut: false,
+        durationMs: 0,
+      };
+    }
+
+    // Sanitize arguments
+    const sanitizedArgs = this.sanitizeArgs(args);
+
+    // Build full command: npx vibecheck <command> <args> --json
+    const fullArgs = [
+      "vibecheck",
+      command,
+      ...sanitizedArgs,
+      "--json", // Always request JSON output
+    ];
+
+    const startTime = Date.now();
+
+    return new Promise((resolve) => {
+      const spawnOptions: SpawnOptions = {
+        cwd: this.cwd,
+        env: this.env,
+        shell: false, // Security: don't use shell
+        timeout: this.timeoutMs,
+      };
+
+      let stdout = "";
+      let stderr = "";
+      let timedOut = false;
+
+      const proc = spawn("npx", fullArgs, spawnOptions);
+
+      // Collect stdout with size limit
+      proc.stdout?.on("data", (data: Buffer) => {
+        if (stdout.length < MAX_OUTPUT_SIZE) {
+          stdout += data.toString();
+        }
+      });
+
+      // Collect stderr with size limit
+      proc.stderr?.on("data", (data: Buffer) => {
+        if (stderr.length < MAX_OUTPUT_SIZE) {
+          stderr += data.toString();
+        }
+      });
+
+      // Handle timeout
+      const timeoutHandle = setTimeout(() => {
+        timedOut = true;
+        proc.kill("SIGTERM");
+        setTimeout(() => proc.kill("SIGKILL"), 1000);
+      }, this.timeoutMs);
+
+      // Handle process exit
+      proc.on("close", (code) => {
+        clearTimeout(timeoutHandle);
+        const durationMs = Date.now() - startTime;
+
+        resolve({
+          exitCode: code ?? 1,
+          stdout: this.sanitizeOutput(stdout),
+          stderr: this.sanitizeOutput(stderr),
+          timedOut,
+          durationMs,
+        });
+      });
+
+      // Handle spawn errors
+      proc.on("error", (err) => {
+        clearTimeout(timeoutHandle);
+        const durationMs = Date.now() - startTime;
+
+        resolve({
+          exitCode: 127,
+          stdout: "",
+          stderr: `Spawn error: ${err.message}`,
+          timedOut: false,
+          durationMs,
+        });
+      });
+    });
+  }
+
+  /**
+   * Check if a command is allowed
+   */
+  private isCommandAllowed(command: string): boolean {
+    return ALLOWED_COMMANDS.has(command);
+  }
+
+  /**
+   * Sanitize command arguments
+   */
+  private sanitizeArgs(args: string[]): string[] {
+    return args.map((arg) => {
+      // Remove shell metacharacters
+      let sanitized = arg.replace(/[;&|`$(){}[\]<>!#*?~]/g, "");
+      
+      // Limit argument length
+      if (sanitized.length > 1000) {
+        sanitized = sanitized.slice(0, 1000);
+      }
+      
+      return sanitized;
+    }).filter(Boolean);
+  }
+
+  /**
+   * Build sanitized environment
+   */
+  private buildEnvironment(extra?: Record<string, string>): Record<string, string> {
+    const env: Record<string, string> = {};
+
+    // Pass through allowed env vars
+    for (const key of PASSTHROUGH_ENV_VARS) {
+      if (process.env[key]) {
+        env[key] = process.env[key]!;
+      }
+    }
+
+    // Add tracing headers
+    env.VIBECHECK_REQUEST_ID = this.requestId;
+    if (this.traceId) {
+      env.VIBECHECK_TRACE_ID = this.traceId;
+    }
+
+    // Merge extra env (sanitized)
+    if (extra) {
+      for (const [key, value] of Object.entries(extra)) {
+        // Only allow alphanumeric env var names
+        if (/^[A-Z][A-Z0-9_]*$/.test(key)) {
+          env[key] = String(value).slice(0, 1000);
+        }
+      }
+    }
+
+    return env;
+  }
+
+  /**
+   * Sanitize command output (redact secrets)
+   */
+  private sanitizeOutput(output: string): string {
+    // Redact potential secrets
+    let sanitized = output;
+    
+    // API keys
+    sanitized = sanitized.replace(
+      /(api[_-]?key|token|secret|password|auth)[=:]["']?[\w-]{20,}/gi,
+      "$1=<REDACTED>"
+    );
+    
+    // JWT tokens
+    sanitized = sanitized.replace(
+      /eyJ[A-Za-z0-9_-]+\.eyJ[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+/g,
+      "<JWT_REDACTED>"
+    );
+    
+    // Truncate if too long
+    if (sanitized.length > MAX_OUTPUT_SIZE) {
+      sanitized = sanitized.slice(0, MAX_OUTPUT_SIZE) + "\n... (truncated)";
+    }
+    
+    return sanitized;
+  }
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// OUTPUT PARSING
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/**
+ * Parse CLI JSON output into canonical ToolResult
+ */
+export function parseCliOutput(stdout: string, stderr: string): ToolResult {
+  // Try to parse JSON from stdout
+  let parsed: Record<string, unknown> | null = null;
+  
+  try {
+    // Find JSON in output (may have other text before/after)
+    const jsonMatch = stdout.match(/\{[\s\S]*\}/);
+    if (jsonMatch) {
+      parsed = JSON.parse(jsonMatch[0]);
+    }
+  } catch {
+    // Not valid JSON
+  }
+
+  if (!parsed) {
+    return {
+      raw: { stdout, stderr },
+    };
+  }
+
+  // Extract verdict
+  const verdict = normalizeVerdict(parsed.verdict || parsed.status);
+
+  // Extract and normalize findings
+  const rawFindings = (parsed.findings || parsed.issues || parsed.results || []) as unknown[];
+  const findings = normalizeFindings(rawFindings);
+
+  // Extract summary
+  const summary = normalizeSummary(parsed.summary || parsed.stats, findings);
+
+  return {
+    verdict,
+    findings,
+    summary,
+    raw: parsed,
+  };
+}
+
+/**
+ * Normalize verdict string
+ */
+function normalizeVerdict(input: unknown): ToolResult["verdict"] | undefined {
+  if (!input) return undefined;
+  
+  const v = String(input).toUpperCase();
+  switch (v) {
+    case "SHIP":
+    case "PASS":
+    case "SUCCESS":
+    case "OK":
+      return "PASS";
+    case "WARN":
+    case "WARNING":
+    case "WARNINGS":
+      return "WARN";
+    case "BLOCK":
+    case "FAIL":
+    case "FAILURE":
+    case "ERROR":
+      return "BLOCK";
+    default:
+      return undefined;
+  }
+}
+
+/**
+ * Normalize findings array
+ */
+function normalizeFindings(raw: unknown[]): Finding[] {
+  if (!Array.isArray(raw)) return [];
+
+  return raw.map((item) => {
+    const f = item as Record<string, unknown>;
+    
+    const ruleId = String(f.ruleId || f.rule_id || f.rule || f.code || "unknown");
+    const filePath = String(f.path || f.file || f.filePath || "unknown");
+    const line = Number(f.line || f.lineNumber || f.startLine || 1);
+    const message = String(f.message || f.msg || f.description || "");
+    
+    return {
+      id: generateFindingId(ruleId, filePath, line, message),
+      ruleId,
+      severity: normalizeSeverity(f.severity || f.level),
+      message,
+      path: filePath,
+      line,
+      column: f.column ? Number(f.column) : undefined,
+      snippet: f.snippet ? String(f.snippet) : undefined,
+      category: f.category ? String(f.category) : undefined,
+      fix: f.fix ? String(f.fix) : undefined,
+    };
+  });
+}
+
+/**
+ * Normalize severity string
+ */
+function normalizeSeverity(input: unknown): Finding["severity"] {
+  if (!input) return "medium";
+  
+  const s = String(input).toLowerCase();
+  switch (s) {
+    case "critical":
+    case "crit":
+    case "fatal":
+      return "critical";
+    case "high":
+    case "error":
+      return "high";
+    case "medium":
+    case "med":
+    case "warning":
+    case "warn":
+      return "medium";
+    case "low":
+    case "minor":
+      return "low";
+    case "info":
+    case "information":
+    case "hint":
+      return "info";
+    default:
+      return "medium";
+  }
+}
+
+/**
+ * Generate stable finding ID
+ */
+export function generateFindingId(ruleId: string, path: string, line: number, message: string): string {
+  const input = `${ruleId}|${path}|${line}|${message}`;
+  return createHash("sha256").update(input).digest("hex").slice(0, 16);
+}
+
+/**
+ * Normalize summary
+ */
+function normalizeSummary(raw: unknown, findings: Finding[]): ToolResult["summary"] {
+  const summary: ToolResult["summary"] = {
+    total: findings.length,
+    bySeverity: {},
+  };
+
+  // Count by severity
+  for (const f of findings) {
+    summary.bySeverity[f.severity] = (summary.bySeverity[f.severity] || 0) + 1;
+  }
+
+  // Merge with raw summary if available
+  if (raw && typeof raw === "object") {
+    const r = raw as Record<string, unknown>;
+    if (r.filesScanned) summary.filesScanned = Number(r.filesScanned);
+    if (r.scanDurationMs) summary.scanDurationMs = Number(r.scanDurationMs);
+    if (r.byCategory) summary.byCategory = r.byCategory as Record<string, number>;
+  }
+
+  return summary;
+}
+
+/**
+ * Sort findings in stable order:
+ * - severity desc (critical > high > medium > low > info)
+ * - rule_id asc
+ * - path asc  
+ * - line asc
+ */
+export function sortFindings(findings: Finding[]): Finding[] {
+  const severityOrder: Record<string, number> = {
+    critical: 0,
+    high: 1,
+    medium: 2,
+    low: 3,
+    info: 4,
+  };
+
+  return [...findings].sort((a, b) => {
+    // Severity descending (critical first)
+    const sevDiff = severityOrder[a.severity] - severityOrder[b.severity];
+    if (sevDiff !== 0) return sevDiff;
+
+    // Rule ID ascending
+    const ruleDiff = a.ruleId.localeCompare(b.ruleId);
+    if (ruleDiff !== 0) return ruleDiff;
+
+    // Path ascending
+    const pathDiff = a.path.localeCompare(b.path);
+    if (pathDiff !== 0) return pathDiff;
+
+    // Line ascending
+    return a.line - b.line;
+  });
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// CONVENIENCE FUNCTIONS
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/**
+ * Build CLI arguments from tool args and arg map
+ */
+export function buildCliArgs(
+  toolArgs: Record<string, unknown>,
+  argMap: Record<string, string>,
+  fixedFlags?: string[]
+): string[] {
+  const args: string[] = [];
+
+  // Add fixed flags
+  if (fixedFlags) {
+    args.push(...fixedFlags);
+  }
+
+  // Map tool args to CLI flags
+  for (const [key, flag] of Object.entries(argMap)) {
+    const value = toolArgs[key];
+    
+    if (value === undefined || value === null) continue;
+    
+    if (typeof value === "boolean") {
+      if (value) args.push(flag);
+    } else if (Array.isArray(value)) {
+      args.push(flag, value.join(","));
+    } else {
+      args.push(flag, String(value));
+    }
+  }
+
+  return args;
+}

package/mcp-server/lib/index.ts

@@ -0,0 +1,19 @@
+/**
+ * MCP Server Library Exports
+ */
+
+// Types
+export * from "./types";
+
+// Sandbox
+export { PathSandbox, createSandbox, validatePath, sanitizePath } from "./sandbox";
+export type { SandboxConfig, SandboxResult, SandboxViolationType } from "./sandbox";
+
+// Executor
+export {
+  CliExecutor,
+  parseCliOutput,
+  sortFindings,
+  buildCliArgs,
+  generateFindingId,
+} from "./executor";

package/mcp-server/lib/rate-limiter.js

@@ -0,0 +1,166 @@
+/**
+ * Per-user rate limiting for MCP tools
+ * 
+ * Enforces rate limits per user (identified by userId/apiKey) rather than
+ * per server instance. This prevents users from bypassing limits by creating
+ * multiple connections.
+ */
+
+const TIER_LIMITS = {
+  free: { perMinute: 30, perHour: 200 },
+  starter: { perMinute: 60, perHour: 500 },
+  pro: { perMinute: 120, perHour: 2000 },
+  enterprise: { perMinute: 300, perHour: 10000 },
+};
+
+class PerUserRateLimiter {
+  constructor() {
+    this.windowMs = 60 * 1000; // 1 minute window
+    this.store = new Map(); // userId -> { count, windowStart, hourlyCount, hourlyWindowStart }
+  }
+
+  /**
+   * Check if a request is allowed for a user
+   * @param {string} userId - User identifier (API key hash or user ID)
+   * @param {string} tier - User tier (free, pro, etc.)
+   * @returns {{ allowed: boolean, retryAfter?: number, limit?: number, remaining?: number }}
+   */
+  check(userId, tier) {
+    const limits = TIER_LIMITS[tier] || TIER_LIMITS.free;
+    const now = Date.now();
+    const key = userId;
+    
+    let record = this.store.get(key);
+    
+    // Initialize or reset window if expired
+    if (!record || now - record.windowStart > this.windowMs) {
+      record = {
+        count: 0,
+        windowStart: now,
+        hourlyCount: record?.hourlyCount || 0,
+        hourlyWindowStart: record?.hourlyWindowStart || now,
+      };
+    }
+    
+    // Reset hourly window if expired
+    if (now - record.hourlyWindowStart > 60 * 60 * 1000) {
+      record.hourlyCount = 0;
+      record.hourlyWindowStart = now;
+    }
+    
+    // Check per-minute limit
+    if (record.count >= limits.perMinute) {
+      const retryAfter = Math.ceil((record.windowStart + this.windowMs - now) / 1000);
+      return {
+        allowed: false,
+        retryAfter,
+        limit: limits.perMinute,
+        remaining: 0,
+        window: 'minute',
+      };
+    }
+    
+    // Check per-hour limit
+    if (limits.perHour && record.hourlyCount >= limits.perHour) {
+      const retryAfter = Math.ceil((record.hourlyWindowStart + 60 * 60 * 1000 - now) / 1000);
+      return {
+        allowed: false,
+        retryAfter,
+        limit: limits.perHour,
+        remaining: 0,
+        window: 'hour',
+      };
+    }
+    
+    // Increment counters
+    record.count++;
+    if (limits.perHour) {
+      record.hourlyCount++;
+    }
+    this.store.set(key, record);
+    
+    return {
+      allowed: true,
+      limit: limits.perMinute,
+      remaining: limits.perMinute - record.count,
+      hourlyLimit: limits.perHour,
+      hourlyRemaining: limits.perHour ? limits.perHour - record.hourlyCount : undefined,
+    };
+  }
+
+  /**
+   * Get current rate limit status for a user (without incrementing)
+   * @param {string} userId - User identifier
+   * @param {string} tier - User tier
+   * @returns {{ limit: number, remaining: number, resetAt: Date }}
+   */
+  getStatus(userId, tier) {
+    const limits = TIER_LIMITS[tier] || TIER_LIMITS.free;
+    const record = this.store.get(userId);
+    
+    if (!record) {
+      return {
+        limit: limits.perMinute,
+        remaining: limits.perMinute,
+        resetAt: new Date(Date.now() + this.windowMs),
+      };
+    }
+    
+    const now = Date.now();
+    if (now - record.windowStart > this.windowMs) {
+      return {
+        limit: limits.perMinute,
+        remaining: limits.perMinute,
+        resetAt: new Date(now + this.windowMs),
+      };
+    }
+    
+    return {
+      limit: limits.perMinute,
+      remaining: limits.perMinute - record.count,
+      resetAt: new Date(record.windowStart + this.windowMs),
+    };
+  }
+
+  /**
+   * Cleanup expired entries periodically
+   * Should be called periodically to prevent memory leaks
+   */
+  cleanup() {
+    const now = Date.now();
+    for (const [key, record] of this.store.entries()) {
+      // Remove entries that are older than 2 windows (2 minutes)
+      if (now - record.windowStart > this.windowMs * 2) {
+        this.store.delete(key);
+      }
+    }
+  }
+
+  /**
+   * Reset rate limits for a specific user (for testing/admin)
+   * @param {string} userId - User identifier
+   */
+  reset(userId) {
+    this.store.delete(userId);
+  }
+
+  /**
+   * Clear all rate limit data (for testing)
+   */
+  clear() {
+    this.store.clear();
+  }
+}
+
+const rateLimiter = new PerUserRateLimiter();
+
+// Cleanup expired entries every 5 minutes
+if (typeof setInterval !== 'undefined') {
+  setInterval(() => rateLimiter.cleanup(), 5 * 60 * 1000);
+}
+
+module.exports = {
+  rateLimiter,
+  TIER_LIMITS,
+  PerUserRateLimiter,
+};