@vibecheckai/cli 3.5.1 → 3.5.2

package/bin/runners/runAllowlist.js

@@ -11,7 +11,6 @@
 
 const fs = require("fs");
 const path = require("path");
-const { parseGlobalFlags, shouldShowBanner } = require("./lib/global-flags");
 
 // Colors
 const c = {
@@ -27,10 +26,10 @@ const c = {
 const rgb = (r, g, b) => `\x1b[38;2;${r};${g};${b}m`;
 
 const colors = {
-  accent: rgb(150, 100, 255),
-  success: rgb(0, 255, 150),
-  warning: rgb(255, 200, 0),
-  error: rgb(255, 80, 80),
+  accent: rgb(0, 212, 255),
+  success: rgb(16, 185, 129),
+  warning: rgb(245, 158, 11),
+  error: rgb(239, 68, 68),
 };
 
 const ICONS = {
@@ -41,43 +40,30 @@ const ICONS = {
   remove: '-',
 };
 
-function printHelp(opts = {}) {
-  if (shouldShowBanner(opts)) {
-    console.log(`
-${colors.accent}  █████╗ ██╗     ██╗      ██████╗ ██╗    ██╗${c.reset}
-${colors.accent}  ██╔══██╗██║     ██║     ██╔═══██╗██║    ██║${c.reset}
-${colors.accent}  ███████║██║     ██║     ██║   ██║██║ █╗ ██║${c.reset}
-${colors.accent}  ██╔══██║██║     ██║     ██║   ██║██║███╗██║${c.reset}
-${colors.accent}  ██║  ██║███████╗███████╗╚██████╔╝╚███╔███╔╝${c.reset}
-${colors.accent}  ╚═╝  ╚═╝╚══════╝╚══════╝ ╚═════╝  ╚══╝╚══╝ ${c.reset}
-`);
-  }
-  
+function printHelp() {
   console.log(`
-  ${c.bold}Usage:${c.reset} vibecheck allowlist <action> [options]
+  ${c.bold}vibecheck allowlist${c.reset} - Manage Finding Allowlist
 
-  ${c.bold}Manage Finding Allowlist${c.reset} — Suppress known false positives.
+  ${c.bold}Usage:${c.reset} vibecheck allowlist <action> [options]
 
   ${c.bold}Actions:${c.reset}
     ${colors.accent}list${c.reset}                   Show all allowlist entries ${c.dim}(default)${c.reset}
     ${colors.accent}add${c.reset}                    Add entry to allowlist
     ${colors.accent}remove${c.reset}                 Remove entry from allowlist
     ${colors.accent}check${c.reset}                  Check if finding is allowlisted
+    ${colors.accent}clear${c.reset}                  Remove all allowlist entries
 
   ${c.bold}Options (add):${c.reset}
     ${colors.accent}--id <finding-id>${c.reset}      Finding ID to allowlist
-    ${colors.accent}--pattern <regex>${c.reset}     Pattern to match (title, file, URL)
-    ${colors.accent}--reason <text>${c.reset}       Reason for allowlisting ${c.dim}(required)${c.reset}
-    ${colors.accent}--scope <scope>${c.reset}       Scope: global, file, line ${c.dim}(default: global)${c.reset}
-    ${colors.accent}--expires <days>${c.reset}      Auto-expire after N days
-    ${colors.accent}--file <path>${c.reset}         File scope (for scope=file|line)
-    ${colors.accent}--lines <start-end>${c.reset}   Line range (for scope=line)
+    ${colors.accent}--pattern <regex>${c.reset}      Pattern to match (message, file, category)
+    ${colors.accent}--reason <text>${c.reset}        Reason for allowlisting ${c.dim}(required)${c.reset}
+    ${colors.accent}--scope <scope>${c.reset}        Scope: global, file, line ${c.dim}(default: global)${c.reset}
+    ${colors.accent}--expires <days>${c.reset}       Auto-expire after N days
+    ${colors.accent}--file <path>${c.reset}          File scope (for scope=file|line)
+    ${colors.accent}--lines <start-end>${c.reset}    Line range (for scope=line)
 
-  ${c.bold}Options (remove):${c.reset}
-    ${colors.accent}--id <entry-id>${c.reset}        Allowlist entry ID to remove
-
-  ${c.bold}Options (check):${c.reset}
-    ${colors.accent}--id <finding-id>${c.reset}      Finding ID to check
+  ${c.bold}Options (remove/check):${c.reset}
+    ${colors.accent}--id <entry-id>${c.reset}        Allowlist entry ID
 
   ${c.bold}Global Options:${c.reset}
     ${colors.accent}--json${c.reset}                 Output as JSON
@@ -88,10 +74,10 @@ ${colors.accent}  ╚═╝  ╚═╝╚══════╝╚═════
     vibecheck allowlist list
 
     ${c.dim}# Add specific finding to allowlist${c.reset}
-    vibecheck allowlist add --id R_ANON_DEAD_abc123 --reason "Known toggle behavior"
+    vibecheck allowlist add --id MOCK_DATA_abc123 --reason "Test fixture data"
 
     ${c.dim}# Add pattern-based allowlist${c.reset}
-    vibecheck allowlist add --pattern "lorem ipsum" --reason "Docs page placeholder"
+    vibecheck allowlist add --pattern "lorem ipsum" --reason "Placeholder text"
 
     ${c.dim}# Add file-scoped allowlist${c.reset}
     vibecheck allowlist add --pattern "test data" --scope file --file "src/fixtures.ts" --reason "Test fixtures"
@@ -103,76 +89,115 @@ ${colors.accent}  ╚═╝  ╚═╝╚══════╝╚═════
     vibecheck allowlist remove --id AL_abc123
 
     ${c.dim}# Check if finding is allowlisted${c.reset}
-    vibecheck allowlist check --id R_ANON_DEAD_abc123
+    vibecheck allowlist check --id MOCK_DATA_abc123
   `);
 }
 
-async function runAllowlist(argsOrOpts = {}) {
-  // Handle array args from CLI
-  let globalOpts = { noBanner: false, json: false, quiet: false, ci: false };
-  if (Array.isArray(argsOrOpts)) {
-    const { flags } = parseGlobalFlags(argsOrOpts);
-    globalOpts = { ...globalOpts, ...flags };
+function loadAllowlist(root) {
+  const allowlistPath = path.join(root, ".vibecheck", "allowlist.json");
+  
+  if (!fs.existsSync(allowlistPath)) {
+    return { version: 1, entries: [] };
+  }
+  
+  try {
+    return JSON.parse(fs.readFileSync(allowlistPath, "utf-8"));
+  } catch {
+    return { version: 1, entries: [] };
+  }
+}
+
+function saveAllowlist(root, allowlist) {
+  const vibecheckDir = path.join(root, ".vibecheck");
+  const allowlistPath = path.join(vibecheckDir, "allowlist.json");
+  
+  fs.mkdirSync(vibecheckDir, { recursive: true });
+  fs.writeFileSync(allowlistPath, JSON.stringify(allowlist, null, 2));
+}
+
+function generateEntryId() {
+  return `AL_${Date.now().toString(36)}_${Math.random().toString(36).slice(2, 6)}`;
+}
+
+function isAllowlisted(finding, allowlist, filePath = null) {
+  const now = Date.now();
+  
+  for (const entry of allowlist.entries) {
+    // Check expiration
+    if (entry.expiresAt && new Date(entry.expiresAt).getTime() < now) {
+      continue;
+    }
     
-    if (globalOpts.help) {
-      printHelp(globalOpts);
-      return 0;
+    // Check direct ID match
+    if (entry.findingId && finding.id === entry.findingId) {
+      return { allowed: true, reason: entry.reason, entry };
     }
     
-    const getArg = (flags) => {
-      for (const f of flags) {
-        const idx = argsOrOpts.indexOf(f);
-        if (idx !== -1 && idx < argsOrOpts.length - 1) return argsOrOpts[idx + 1];
+    // Check pattern match
+    if (entry.pattern) {
+      const regex = new RegExp(entry.pattern, 'i');
+      const targets = [
+        finding.message,
+        finding.category,
+        finding.file,
+        finding.id,
+      ].filter(Boolean);
+      
+      if (targets.some(t => regex.test(t))) {
+        // Check scope
+        if (entry.scope === 'file' && entry.file) {
+          if (filePath && path.normalize(filePath).includes(path.normalize(entry.file))) {
+            return { allowed: true, reason: entry.reason, entry };
+          }
+        } else if (entry.scope === 'line' && entry.file && entry.lines) {
+          if (filePath && finding.line) {
+            const normalized = path.normalize(filePath);
+            if (normalized.includes(path.normalize(entry.file))) {
+              const [start, end] = entry.lines;
+              if (finding.line >= start && finding.line <= end) {
+                return { allowed: true, reason: entry.reason, entry };
+              }
+            }
+          }
+        } else {
+          // Global scope
+          return { allowed: true, reason: entry.reason, entry };
+        }
       }
-      return undefined;
-    };
-    
-    // Get action (first positional arg)
-    const action = argsOrOpts.find(a => !a.startsWith("-") && a !== "allowlist") || "list";
-    
-    argsOrOpts = {
-      repoRoot: process.cwd(),
-      action,
-      id: getArg(["--id"]),
-      pattern: getArg(["--pattern"]),
-      reason: getArg(["--reason"]),
-      scope: getArg(["--scope"]) || "global",
-      file: getArg(["--file"]),
-      lines: getArg(["--lines"]),
-      expires: getArg(["--expires"]),
-      ...globalOpts,
-    };
+    }
   }
+  
+  return { allowed: false };
+}
 
-  const {
-    repoRoot = process.cwd(),
-    action = "list",
-    id = null,
-    pattern = null,
-    reason = null,
-    scope = "global",
-    file = null,
-    lines = null,
-    expires = null,
-    json = false,
-    quiet = false
-  } = argsOrOpts;
-
-  const root = repoRoot || process.cwd();
+async function runAllowlist(args = [], context = {}) {
+  // Parse arguments
+  const getArg = (flags) => {
+    for (const f of flags) {
+      const idx = args.indexOf(f);
+      if (idx !== -1 && idx < args.length - 1) return args[idx + 1];
+    }
+    return undefined;
+  };
+  
+  const hasFlag = (flags) => flags.some(f => args.includes(f));
 
-  // Import evidence-pack module
-  let evidencePack;
-  try {
-    evidencePack = require("./lib/evidence-pack");
-  } catch (e) {
-    console.error(`${colors.error}${ICONS.block}${c.reset} Failed to load evidence-pack module: ${e.message}`);
-    return 1;
+  if (hasFlag(["--help", "-h"])) {
+    printHelp();
+    return 0;
   }
 
+  const root = context.repoRoot || process.cwd();
+  const json = hasFlag(["--json"]);
+  const quiet = hasFlag(["--quiet", "-q"]);
+  
+  // Get action (first positional arg)
+  const action = args.find(a => !a.startsWith("-") && !getArg([a])) || "list";
+
   try {
     switch (action) {
       case "list": {
-        const allowlist = evidencePack.loadAllowlist(root);
+        const allowlist = loadAllowlist(root);
         
         if (json) {
           console.log(JSON.stringify(allowlist, null, 2));
@@ -183,13 +208,19 @@ async function runAllowlist(argsOrOpts = {}) {
           console.log(`\n  ${ICONS.list} ${c.bold}Allowlist Entries${c.reset}\n`);
         }
         
-        if (!allowlist.entries || allowlist.entries.length === 0) {
+        // Remove expired entries
+        const now = Date.now();
+        const activeEntries = allowlist.entries.filter(e => 
+          !e.expiresAt || new Date(e.expiresAt).getTime() > now
+        );
+        
+        if (activeEntries.length === 0) {
           console.log(`  ${c.dim}No entries in allowlist.${c.reset}\n`);
           console.log(`  ${c.dim}Add entries with: vibecheck allowlist add --id <id> --reason "..."${c.reset}\n`);
           return 0;
         }
         
-        for (const entry of allowlist.entries) {
+        for (const entry of activeEntries) {
           const expireStr = entry.expiresAt 
             ? `${c.dim}expires ${new Date(entry.expiresAt).toLocaleDateString()}${c.reset}` 
             : '';
@@ -205,16 +236,27 @@ async function runAllowlist(argsOrOpts = {}) {
           if (entry.pattern) {
             console.log(`    ${c.dim}Pattern:${c.reset} ${entry.pattern}`);
           }
+          if (entry.file) {
+            console.log(`    ${c.dim}File:${c.reset} ${entry.file}`);
+          }
           console.log(`    ${c.dim}Reason:${c.reset} ${entry.reason || 'No reason provided'}`);
           console.log(`    ${c.dim}Added:${c.reset} ${entry.addedAt} by ${entry.addedBy || 'user'}`);
           console.log();
         }
         
-        console.log(`  ${c.dim}Total: ${allowlist.entries.length} entries${c.reset}\n`);
+        console.log(`  ${c.dim}Total: ${activeEntries.length} entries${c.reset}\n`);
         return 0;
       }
       
       case "add": {
+        const id = getArg(["--id"]);
+        const pattern = getArg(["--pattern"]);
+        const reason = getArg(["--reason"]);
+        const scope = getArg(["--scope"]) || "global";
+        const file = getArg(["--file"]);
+        const lines = getArg(["--lines"]);
+        const expires = getArg(["--expires"]);
+        
         if (!id && !pattern) {
           console.error(`\n  ${colors.error}${ICONS.block}${c.reset} Either --id or --pattern is required\n`);
           return 1;
@@ -226,10 +268,12 @@ async function runAllowlist(argsOrOpts = {}) {
         }
         
         const entry = {
-          findingId: id,
-          pattern,
+          id: generateEntryId(),
+          findingId: id || null,
+          pattern: pattern || null,
           reason,
           scope,
+          addedAt: new Date().toISOString(),
           addedBy: 'cli'
         };
         
@@ -243,30 +287,34 @@ async function runAllowlist(argsOrOpts = {}) {
           entry.expiresAt = new Date(Date.now() + days * 24 * 60 * 60 * 1000).toISOString();
         }
         
-        const added = evidencePack.addToAllowlist(root, entry);
+        const allowlist = loadAllowlist(root);
+        allowlist.entries.push(entry);
+        saveAllowlist(root, allowlist);
         
         if (json) {
-          console.log(JSON.stringify({ added }, null, 2));
+          console.log(JSON.stringify({ added: entry }, null, 2));
           return 0;
         }
         
-        console.log(`\n  ${colors.success}${ICONS.add}${c.reset} Added allowlist entry: ${c.bold}${added.id}${c.reset}\n`);
+        console.log(`\n  ${colors.success}${ICONS.add}${c.reset} Added allowlist entry: ${c.bold}${entry.id}${c.reset}\n`);
         return 0;
       }
       
       case "remove": {
+        const id = getArg(["--id"]);
+        
         if (!id) {
           console.error(`\n  ${colors.error}${ICONS.block}${c.reset} --id is required for remove\n`);
           return 1;
         }
         
-        const allowlist = evidencePack.loadAllowlist(root);
+        const allowlist = loadAllowlist(root);
         const before = allowlist.entries.length;
         allowlist.entries = allowlist.entries.filter(e => e.id !== id && e.findingId !== id);
         const removed = before - allowlist.entries.length;
         
         if (removed > 0) {
-          evidencePack.saveAllowlist(root, allowlist);
+          saveAllowlist(root, allowlist);
         }
         
         if (json) {
@@ -283,13 +331,15 @@ async function runAllowlist(argsOrOpts = {}) {
       }
       
       case "check": {
+        const id = getArg(["--id"]);
+        
         if (!id) {
           console.error(`\n  ${colors.error}${ICONS.block}${c.reset} --id is required for check\n`);
           return 1;
         }
         
-        const allowlist = evidencePack.loadAllowlist(root);
-        const result = evidencePack.isAllowlisted({ id }, allowlist);
+        const allowlist = loadAllowlist(root);
+        const result = isAllowlisted({ id }, allowlist);
         
         if (json) {
           console.log(JSON.stringify(result, null, 2));
@@ -306,9 +356,24 @@ async function runAllowlist(argsOrOpts = {}) {
         return result.allowed ? 0 : 1;
       }
       
+      case "clear": {
+        const allowlist = loadAllowlist(root);
+        const count = allowlist.entries.length;
+        allowlist.entries = [];
+        saveAllowlist(root, allowlist);
+        
+        if (json) {
+          console.log(JSON.stringify({ cleared: count }, null, 2));
+          return 0;
+        }
+        
+        console.log(`\n  ${colors.success}${ICONS.remove}${c.reset} Cleared ${count} entries from allowlist\n`);
+        return 0;
+      }
+      
       default:
         console.error(`\n  ${colors.error}${ICONS.block}${c.reset} Unknown action: ${action}\n`);
-        printHelp(globalOpts);
+        printHelp();
         return 1;
     }
   } catch (error) {
@@ -321,4 +386,4 @@ async function runAllowlist(argsOrOpts = {}) {
   }
 }
 
-module.exports = { runAllowlist };
+module.exports = { runAllowlist, loadAllowlist, saveAllowlist, isAllowlisted };