npm - @vibecheckai/cli - Versions diffs - 3.5.1 → 3.5.3 - Mend

@vibecheckai/cli 3.5.1 → 3.5.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (272) hide show

package/bin/registry.js +406 -154
package/bin/runners/context/analyzer.js +52 -1
package/bin/runners/context/generators/mcp.js +15 -13
package/bin/runners/context/git-context.js +3 -1
package/bin/runners/context/proof-context.js +248 -1
package/bin/runners/context/team-conventions.js +33 -7
package/bin/runners/lib/agent-firewall/ai/false-positive-analyzer.js +474 -0
package/bin/runners/lib/agent-firewall/change-packet/builder.js +488 -0
package/bin/runners/lib/agent-firewall/change-packet/schema.json +228 -0
package/bin/runners/lib/agent-firewall/change-packet/store.js +200 -0
package/bin/runners/lib/agent-firewall/claims/claim-types.js +21 -0
package/bin/runners/lib/agent-firewall/claims/extractor.js +303 -0
package/bin/runners/lib/agent-firewall/claims/patterns.js +24 -0
package/bin/runners/lib/agent-firewall/critic/index.js +151 -0
package/bin/runners/lib/agent-firewall/critic/judge.js +432 -0
package/bin/runners/lib/agent-firewall/critic/prompts.js +305 -0
package/bin/runners/lib/agent-firewall/evidence/auth-evidence.js +88 -0
package/bin/runners/lib/agent-firewall/evidence/contract-evidence.js +75 -0
package/bin/runners/lib/agent-firewall/evidence/env-evidence.js +127 -0
package/bin/runners/lib/agent-firewall/evidence/resolver.js +102 -0
package/bin/runners/lib/agent-firewall/evidence/route-evidence.js +213 -0
package/bin/runners/lib/agent-firewall/evidence/side-effect-evidence.js +145 -0
package/bin/runners/lib/agent-firewall/fs-hook/daemon.js +19 -0
package/bin/runners/lib/agent-firewall/fs-hook/installer.js +87 -0
package/bin/runners/lib/agent-firewall/fs-hook/watcher.js +184 -0
package/bin/runners/lib/agent-firewall/git-hook/pre-commit.js +163 -0
package/bin/runners/lib/agent-firewall/ide-extension/cursor.js +107 -0
package/bin/runners/lib/agent-firewall/ide-extension/vscode.js +68 -0
package/bin/runners/lib/agent-firewall/ide-extension/windsurf.js +66 -0
package/bin/runners/lib/agent-firewall/interceptor/base.js +304 -0
package/bin/runners/lib/agent-firewall/interceptor/cursor.js +35 -0
package/bin/runners/lib/agent-firewall/interceptor/vscode.js +35 -0
package/bin/runners/lib/agent-firewall/interceptor/windsurf.js +34 -0
package/bin/runners/lib/agent-firewall/lawbook/distributor.js +465 -0
package/bin/runners/lib/agent-firewall/lawbook/evaluator.js +604 -0
package/bin/runners/lib/agent-firewall/lawbook/index.js +304 -0
package/bin/runners/lib/agent-firewall/lawbook/registry.js +514 -0
package/bin/runners/lib/agent-firewall/lawbook/schema.js +420 -0
package/bin/runners/lib/agent-firewall/logger.js +141 -0
package/bin/runners/lib/agent-firewall/policy/default-policy.json +90 -0
package/bin/runners/lib/agent-firewall/policy/engine.js +103 -0
package/bin/runners/lib/agent-firewall/policy/loader.js +451 -0
package/bin/runners/lib/agent-firewall/policy/rules/auth-drift.js +50 -0
package/bin/runners/lib/agent-firewall/policy/rules/contract-drift.js +50 -0
package/bin/runners/lib/agent-firewall/policy/rules/fake-success.js +86 -0
package/bin/runners/lib/agent-firewall/policy/rules/ghost-env.js +162 -0
package/bin/runners/lib/agent-firewall/policy/rules/ghost-route.js +189 -0
package/bin/runners/lib/agent-firewall/policy/rules/scope.js +93 -0
package/bin/runners/lib/agent-firewall/policy/rules/unsafe-side-effect.js +57 -0
package/bin/runners/lib/agent-firewall/policy/schema.json +183 -0
package/bin/runners/lib/agent-firewall/policy/verdict.js +54 -0
package/bin/runners/lib/agent-firewall/proposal/extractor.js +394 -0
package/bin/runners/lib/agent-firewall/proposal/index.js +212 -0
package/bin/runners/lib/agent-firewall/proposal/schema.js +251 -0
package/bin/runners/lib/agent-firewall/proposal/validator.js +386 -0
package/bin/runners/lib/agent-firewall/reality/index.js +332 -0
package/bin/runners/lib/agent-firewall/reality/state.js +625 -0
package/bin/runners/lib/agent-firewall/reality/watcher.js +322 -0
package/bin/runners/lib/agent-firewall/risk/index.js +173 -0
package/bin/runners/lib/agent-firewall/risk/scorer.js +328 -0
package/bin/runners/lib/agent-firewall/risk/thresholds.js +321 -0
package/bin/runners/lib/agent-firewall/risk/vectors.js +421 -0
package/bin/runners/lib/agent-firewall/simulator/diff-simulator.js +472 -0
package/bin/runners/lib/agent-firewall/simulator/import-resolver.js +346 -0
package/bin/runners/lib/agent-firewall/simulator/index.js +181 -0
package/bin/runners/lib/agent-firewall/simulator/route-validator.js +380 -0
package/bin/runners/lib/agent-firewall/time-machine/incident-correlator.js +661 -0
package/bin/runners/lib/agent-firewall/time-machine/index.js +267 -0
package/bin/runners/lib/agent-firewall/time-machine/replay-engine.js +436 -0
package/bin/runners/lib/agent-firewall/time-machine/state-reconstructor.js +490 -0
package/bin/runners/lib/agent-firewall/time-machine/timeline-builder.js +530 -0
package/bin/runners/lib/agent-firewall/truthpack/index.js +67 -0
package/bin/runners/lib/agent-firewall/truthpack/loader.js +137 -0
package/bin/runners/lib/agent-firewall/unblock/planner.js +337 -0
package/bin/runners/lib/agent-firewall/utils/ignore-checker.js +118 -0
package/bin/runners/lib/analysis-core.js +220 -182
package/bin/runners/lib/analyzers.js +2145 -224
package/bin/runners/lib/api-client.js +269 -0
package/bin/runners/lib/authority-badge.js +425 -0
package/bin/runners/lib/cli-output.js +242 -210
package/bin/runners/lib/default-config.js +127 -0
package/bin/runners/lib/detectors-v2.js +547 -785
package/bin/runners/lib/doctor/modules/security.js +3 -1
package/bin/runners/lib/engine/ast-cache.js +210 -0
package/bin/runners/lib/engine/auth-extractor.js +211 -0
package/bin/runners/lib/engine/billing-extractor.js +112 -0
package/bin/runners/lib/engine/enforcement-extractor.js +100 -0
package/bin/runners/lib/engine/env-extractor.js +207 -0
package/bin/runners/lib/engine/express-extractor.js +208 -0
package/bin/runners/lib/engine/extractors.js +849 -0
package/bin/runners/lib/engine/index.js +207 -0
package/bin/runners/lib/engine/repo-index.js +514 -0
package/bin/runners/lib/engine/types.js +124 -0
package/bin/runners/lib/engines/accessibility-engine.js +190 -0
package/bin/runners/lib/engines/api-consistency-engine.js +162 -0
package/bin/runners/lib/engines/ast-cache.js +99 -0
package/bin/runners/lib/engines/code-quality-engine.js +255 -0
package/bin/runners/lib/engines/console-logs-engine.js +115 -0
package/bin/runners/lib/engines/cross-file-analysis-engine.js +268 -0
package/bin/runners/lib/engines/dead-code-engine.js +198 -0
package/bin/runners/lib/engines/deprecated-api-engine.js +226 -0
package/bin/runners/lib/engines/empty-catch-engine.js +150 -0
package/bin/runners/lib/engines/file-filter.js +131 -0
package/bin/runners/lib/engines/hardcoded-secrets-engine.js +251 -0
package/bin/runners/lib/engines/mock-data-engine.js +272 -0
package/bin/runners/lib/engines/parallel-processor.js +71 -0
package/bin/runners/lib/engines/performance-issues-engine.js +265 -0
package/bin/runners/lib/engines/security-vulnerabilities-engine.js +243 -0
package/bin/runners/lib/engines/todo-fixme-engine.js +115 -0
package/bin/runners/lib/engines/type-aware-engine.js +152 -0
package/bin/runners/lib/engines/unsafe-regex-engine.js +225 -0
package/bin/runners/lib/engines/vibecheck-engines/README.md +53 -0
package/bin/runners/lib/engines/vibecheck-engines/index.js +15 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/ast-cache.js +164 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/code-quality-engine.js +291 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/console-logs-engine.js +83 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/dead-code-engine.js +198 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/deprecated-api-engine.js +275 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/empty-catch-engine.js +167 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/file-filter.js +217 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/hardcoded-secrets-engine.js +139 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/mock-data-engine.js +140 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/parallel-processor.js +164 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/performance-issues-engine.js +234 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/type-aware-engine.js +217 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/unsafe-regex-engine.js +78 -0
package/bin/runners/lib/engines/vibecheck-engines/package.json +13 -0
package/bin/runners/lib/entitlements-v2.js +152 -446
package/bin/runners/lib/error-handler.js +60 -12
package/bin/runners/lib/error-messages.js +289 -0
package/bin/runners/lib/evidence-pack.js +7 -1
package/bin/runners/lib/exit-codes.js +275 -0
package/bin/runners/lib/finding-id.js +69 -0
package/bin/runners/lib/finding-sorter.js +89 -0
package/bin/runners/lib/fingerprint.js +377 -0
package/bin/runners/lib/global-flags.js +37 -0
package/bin/runners/lib/help-formatter.js +413 -0
package/bin/runners/lib/logger.js +38 -0
package/bin/runners/lib/next-action.js +560 -0
package/bin/runners/lib/prerequisites.js +149 -0
package/bin/runners/lib/route-detection.js +137 -68
package/bin/runners/lib/route-truth.js +1167 -322
package/bin/runners/lib/scan-output.js +504 -463
package/bin/runners/lib/scan-runner.js +135 -0
package/bin/runners/lib/schemas/ajv-validator.js +464 -0
package/bin/runners/lib/schemas/error-envelope.schema.json +105 -0
package/bin/runners/lib/schemas/finding-v3.schema.json +151 -0
package/bin/runners/lib/schemas/report-artifact.schema.json +120 -0
package/bin/runners/lib/schemas/run-request.schema.json +108 -0
package/bin/runners/lib/schemas/validator.js +27 -0
package/bin/runners/lib/schemas/verdict.schema.json +140 -0
package/bin/runners/lib/ship-output-enterprise.js +239 -0
package/bin/runners/lib/ship-output.js +328 -31
package/bin/runners/lib/terminal-ui.js +234 -731
package/bin/runners/lib/truth.js +1332 -308
package/bin/runners/lib/unified-cli-output.js +604 -0
package/bin/runners/lib/unified-output.js +163 -155
package/bin/runners/lib/upsell.js +104 -204
package/bin/runners/runAgent.d.ts +5 -0
package/bin/runners/runAgent.js +161 -0
package/bin/runners/runAllowlist.js +166 -101
package/bin/runners/runApprove.js +1200 -0
package/bin/runners/runAuth.js +373 -95
package/bin/runners/runCheckpoint.js +59 -21
package/bin/runners/runClassify.js +926 -0
package/bin/runners/runContext.d.ts +4 -0
package/bin/runners/runContext.js +136 -24
package/bin/runners/runDoctor.js +115 -67
package/bin/runners/runEvidencePack.js +239 -96
package/bin/runners/runFirewall.d.ts +5 -0
package/bin/runners/runFirewall.js +134 -0
package/bin/runners/runFirewallHook.d.ts +5 -0
package/bin/runners/runFirewallHook.js +56 -0
package/bin/runners/runFix.js +6 -5
package/bin/runners/runGuard.js +212 -118
package/bin/runners/runInit.js +66 -21
package/bin/runners/runLabs.js +204 -121
package/bin/runners/runMcp.js +131 -60
package/bin/runners/runPolish.d.ts +4 -0
package/bin/runners/runPolish.js +43 -20
package/bin/runners/runProof.zip +0 -0
package/bin/runners/runProve.js +15 -5
package/bin/runners/runQuickstart.js +531 -0
package/bin/runners/runReality.js +14 -0
package/bin/runners/runReport.js +36 -4
package/bin/runners/runScan.js +689 -91
package/bin/runners/runShip.js +96 -40
package/bin/runners/runTruth.d.ts +5 -0
package/bin/runners/runTruth.js +101 -0
package/bin/runners/runValidate.js +21 -4
package/bin/runners/runWatch.js +118 -54
package/bin/scan.js +6 -1
package/bin/vibecheck.js +297 -52
package/mcp-server/HARDENING_SUMMARY.md +299 -0
package/mcp-server/agent-firewall-interceptor.js +500 -0
package/mcp-server/authority-tools.js +569 -0
package/mcp-server/conductor/conflict-resolver.js +588 -0
package/mcp-server/conductor/execution-planner.js +544 -0
package/mcp-server/conductor/index.js +377 -0
package/mcp-server/conductor/lock-manager.js +615 -0
package/mcp-server/conductor/request-queue.js +550 -0
package/mcp-server/conductor/session-manager.js +500 -0
package/mcp-server/conductor/tools.js +510 -0
package/mcp-server/deprecation-middleware.js +282 -0
package/mcp-server/handlers/index.ts +15 -0
package/mcp-server/handlers/tool-handler.ts +474 -591
package/mcp-server/index.js +1748 -1099
package/mcp-server/lib/api-client.cjs +13 -0
package/mcp-server/lib/cache-wrapper.cjs +383 -0
package/mcp-server/lib/error-envelope.js +138 -0
package/mcp-server/lib/executor.ts +428 -721
package/mcp-server/lib/index.ts +19 -0
package/mcp-server/lib/logger.cjs +30 -0
package/mcp-server/lib/rate-limiter.js +166 -0
package/mcp-server/lib/sandbox.test.ts +519 -0
package/mcp-server/lib/sandbox.ts +342 -284
package/mcp-server/lib/types.ts +267 -0
package/mcp-server/logger.js +173 -0
package/mcp-server/package.json +11 -27
package/mcp-server/premium-tools.js +2 -2
package/mcp-server/registry/tool-registry.js +794 -0
package/mcp-server/registry/tools.json +507 -378
package/mcp-server/registry.test.ts +334 -0
package/mcp-server/tests/tier-gating.test.js +297 -0
package/mcp-server/tier-auth.js +492 -347
package/mcp-server/tools-v3.js +950 -0
package/mcp-server/truth-context.js +131 -90
package/mcp-server/truth-firewall-tools.js +1612 -1001
package/mcp-server/tsconfig.json +8 -5
package/mcp-server/vibecheck-2.0-tools.js +14 -1
package/mcp-server/vibecheck-mcp-server-3.2.0.tgz +0 -0
package/mcp-server/vibecheck-tools.js +2 -2
package/package.json +4 -3
package/bin/runners/runInstall.js +0 -281
package/mcp-server/ARCHITECTURE.md +0 -339
package/mcp-server/__tests__/cache.test.ts +0 -313
package/mcp-server/__tests__/executor.test.ts +0 -239
package/mcp-server/__tests__/fixtures/exclusion-test/.cache/webpack/cache.pack +0 -1
package/mcp-server/__tests__/fixtures/exclusion-test/.next/server/chunk.js +0 -3
package/mcp-server/__tests__/fixtures/exclusion-test/.turbo/cache.json +0 -3
package/mcp-server/__tests__/fixtures/exclusion-test/.venv/lib/env.py +0 -3
package/mcp-server/__tests__/fixtures/exclusion-test/dist/bundle.js +0 -3
package/mcp-server/__tests__/fixtures/exclusion-test/package.json +0 -5
package/mcp-server/__tests__/fixtures/exclusion-test/src/app.ts +0 -5
package/mcp-server/__tests__/fixtures/exclusion-test/venv/lib/config.py +0 -4
package/mcp-server/__tests__/ids.test.ts +0 -345
package/mcp-server/__tests__/integration/tools.test.ts +0 -410
package/mcp-server/__tests__/registry.test.ts +0 -365
package/mcp-server/__tests__/sandbox.test.ts +0 -323
package/mcp-server/__tests__/schemas.test.ts +0 -372
package/mcp-server/benchmarks/run-benchmarks.ts +0 -304
package/mcp-server/examples/doctor.request.json +0 -14
package/mcp-server/examples/doctor.response.json +0 -53
package/mcp-server/examples/error.response.json +0 -15
package/mcp-server/examples/scan.request.json +0 -14
package/mcp-server/examples/scan.response.json +0 -108
package/mcp-server/index-v3.ts +0 -293
package/mcp-server/index.old.js +0 -4137
package/mcp-server/lib/cache.ts +0 -341
package/mcp-server/lib/errors.ts +0 -346
package/mcp-server/lib/ids.ts +0 -238
package/mcp-server/lib/logger.ts +0 -368
package/mcp-server/lib/metrics.ts +0 -365
package/mcp-server/lib/validator.ts +0 -229
package/mcp-server/package-lock.json +0 -165
package/mcp-server/schemas/error-envelope.schema.json +0 -125
package/mcp-server/schemas/finding.schema.json +0 -167
package/mcp-server/schemas/report-artifact.schema.json +0 -88
package/mcp-server/schemas/run-request.schema.json +0 -75
package/mcp-server/schemas/verdict.schema.json +0 -168
package/mcp-server/tier-auth.d.ts +0 -71
package/mcp-server/vitest.config.ts +0 -16

package/bin/runners/lib/api-client.js ADDED Viewed

@@ -0,0 +1,269 @@
+/**
+ * API Client for Vibecheck Dashboard Integration
+ *
+ * Handles communication with the web dashboard API for:
+ * - Creating scan records
+ * - Updating scan progress
+ * - Submitting scan results
+ * - Broadcasting real-time updates
+ */
+"use strict";
+const https = require("https");
+const http = require("http");
+const { logger } = require("./logger");
+// Configuration
+const API_BASE_URL = process.env.VIBECHECK_API_URL || "https://api.vibecheckai.dev";
+const API_TIMEOUT = 30000; // 30 seconds
+/**
+ * Make HTTP request to API
+ */
+async function makeRequest(path, options = {}) {
+  const url = new URL(path, API_BASE_URL);
+  const isHttps = url.protocol === "https:";
+  const client = isHttps ? https : http;
+  const defaultOptions = {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/json",
+      "User-Agent": "vibecheck-cli/3.3.0",
+    },
+    timeout: API_TIMEOUT,
+  };
+  const requestOptions = {
+    ...defaultOptions,
+    ...options,
+    hostname: url.hostname,
+    port: url.port || (isHttps ? 443 : 80),
+    path: url.pathname + url.search,
+  };
+  // Add Authorization header if API key is available
+  const apiKey = process.env.VIBECHECK_API_KEY || getApiKey();
+  if (apiKey) {
+    requestOptions.headers.Authorization = `Bearer ${apiKey}`;
+  }
+  return new Promise((resolve, reject) => {
+    const req = client.request(requestOptions, (res) => {
+      let data = "";
+      res.on("data", (chunk) => {
+        data += chunk;
+      });
+      res.on("end", () => {
+        try {
+          const jsonData = data ? JSON.parse(data) : {};
+          resolve({
+            ok: res.statusCode >= 200 && res.statusCode < 300,
+            status: res.statusCode,
+            data: jsonData,
+          });
+        } catch (err) {
+          resolve({
+            ok: false,
+            status: res.statusCode,
+            data: { error: "Invalid JSON response" },
+          });
+        }
+      });
+    });
+    req.on("error", (err) => {
+      logger.debug(`API request failed: ${err.message}`);
+      resolve({
+        ok: false,
+        error: err.message,
+        data: { error: err.message },
+      });
+    });
+    req.on("timeout", () => {
+      req.destroy();
+      resolve({
+        ok: false,
+        error: "Request timeout",
+        data: { error: "Request timeout" },
+      });
+    });
+    if (options.body) {
+      req.write(JSON.stringify(options.body));
+    }
+    req.end();
+  });
+}
+/**
+ * Get API key from environment or config
+ */
+function getApiKey() {
+  // Try various environment variables
+  const envVars = [
+    "VIBECHECK_API_KEY",
+    "VIBECHECK_TOKEN",
+    "API_KEY",
+    "TOKEN",
+  ];
+  for (const envVar of envVars) {
+    if (process.env[envVar]) {
+      return process.env[envVar];
+    }
+  }
+  // Try to read from config file
+  try {
+    const fs = require("fs");
+    const path = require("path");
+    const os = require("os");
+    const configPaths = [
+      path.join(os.homedir(), ".vibecheck", "config.json"),
+      path.join(process.cwd(), ".vibecheckrc.json"),
+      path.join(process.cwd(), "vibecheck.config.json"),
+    ];
+    for (const configPath of configPaths) {
+      if (fs.existsSync(configPath)) {
+        const config = JSON.parse(fs.readFileSync(configPath, "utf8"));
+        if (config.apiKey || config.token) {
+          return config.apiKey || config.token;
+        }
+      }
+    }
+  } catch (err) {
+    // Ignore config file errors
+  }
+  return null;
+}
+/**
+ * Create a new scan record
+ */
+async function createScan(options) {
+  const {
+    repositoryId,
+    repositoryUrl,
+    localPath,
+    branch = "main",
+    enableLLM = false,
+  } = options;
+  const response = await makeRequest("/api/scans", {
+    body: {
+      repositoryId,
+      repositoryUrl,
+      localPath,
+      branch,
+      enableLLM,
+    },
+  });
+  if (!response.ok) {
+    throw new Error(`Failed to create scan: ${response.data?.error || response.error}`);
+  }
+  return response.data.data;
+}
+/**
+ * Update scan progress
+ */
+async function updateScanProgress(scanId, progress, status = null) {
+  const response = await makeRequest(`/api/scans/${scanId}/progress`, {
+    body: {
+      progress,
+      status,
+    },
+  });
+  if (!response.ok) {
+    logger.debug(`Failed to update scan progress: ${response.data?.error || response.error}`);
+  }
+  return response.data;
+}
+/**
+ * Submit scan results
+ */
+async function submitScanResults(scanId, results) {
+  const {
+    verdict,
+    score,
+    findings,
+    filesScanned,
+    linesScanned,
+    durationMs,
+    metadata = {},
+  } = results;
+  const response = await makeRequest(`/api/scans/${scanId}/complete`, {
+    body: {
+      verdict,
+      score,
+      findings,
+      filesScanned,
+      linesScanned,
+      durationMs,
+      metadata,
+    },
+  });
+  if (!response.ok) {
+    throw new Error(`Failed to submit scan results: ${response.data?.error || response.error}`);
+  }
+  return response.data;
+}
+/**
+ * Report scan error
+ */
+async function reportScanError(scanId, error) {
+  const response = await makeRequest(`/api/scans/${scanId}/error`, {
+    body: {
+      error: error.message || String(error),
+      stack: error.stack,
+    },
+  });
+  if (!response.ok) {
+    logger.debug(`Failed to report scan error: ${response.data?.error || response.error}`);
+  }
+  return response.data;
+}
+/**
+ * Check if API is available
+ */
+async function isApiAvailable() {
+  try {
+    const response = await makeRequest("/api/health", {
+      method: "GET",
+      timeout: 5000,
+    });
+    return response.ok;
+  } catch (err) {
+    return false;
+  }
+}
+module.exports = {
+  createScan,
+  updateScanProgress,
+  submitScanResults,
+  reportScanError,
+  isApiAvailable,
+  getApiKey,
+};

package/bin/runners/lib/authority-badge.js ADDED Viewed

@@ -0,0 +1,425 @@
+/**
+ * Authority Badge Generator
+ *
+ * Generates SVG badges for PROCEED verdicts from the Authority System.
+ * Part of the PRO tier - requires verified verdicts.
+ *
+ * Badge Types:
+ * - authority-approved: Standard approval badge
+ * - safe-consolidation: Safe Consolidation authority badge
+ * - inventory: Inventory analysis badge
+ *
+ * Output formats:
+ * - SVG (default, scalable)
+ * - Markdown (for README embedding)
+ * - HTML (for web embedding)
+ */
+const path = require("path");
+const fs = require("fs");
+// ═══════════════════════════════════════════════════════════════════════════════
+// COLOR PALETTE
+// ═══════════════════════════════════════════════════════════════════════════════
+const BADGE_COLORS = {
+  PROCEED: {
+    background: '#22C55E',
+    text: '#FFFFFF',
+  },
+  DEFER: {
+    background: '#F59E0B',
+    text: '#000000',
+  },
+  STOP: {
+    background: '#EF4444',
+    text: '#FFFFFF',
+  },
+  neutral: {
+    background: '#555555',
+    text: '#FFFFFF',
+  },
+};
+// ═══════════════════════════════════════════════════════════════════════════════
+// SVG TEMPLATES
+// ═══════════════════════════════════════════════════════════════════════════════
+/**
+ * Generate an SVG badge
+ */
+function generateSVGBadge(options) {
+  const {
+    label = 'Authority Approved',
+    message,
+    color,
+    textColor = '#FFFFFF',
+    logo = null,
+    style = 'flat',
+  } = options;
+  // Calculate widths based on text length
+  const labelWidth = Math.max(label.length * 7 + 10, 80);
+  const messageWidth = Math.max(message.length * 7 + 10, 50);
+  const totalWidth = labelWidth + messageWidth;
+  if (style === 'flat-square') {
+    return generateFlatSquareBadge({ label, message, color, textColor, labelWidth, messageWidth, totalWidth, logo });
+  }
+  return generateFlatBadge({ label, message, color, textColor, labelWidth, messageWidth, totalWidth, logo });
+}
+function generateFlatBadge(opts) {
+  const { label, message, color, textColor, labelWidth, messageWidth, totalWidth, logo } = opts;
+  let logoSvg = '';
+  let logoOffset = 0;
+  if (logo === 'vibecheck') {
+    logoOffset = 16;
+    logoSvg = `
+    <g transform="translate(5, 3)">
+      <path fill="${textColor}" d="M7 1l7 12H0L7 1zm0 3l-4 7h8L7 4z"/>
+    </g>`;
+  }
+  return `<svg xmlns="http://www.w3.org/2000/svg" width="${totalWidth + logoOffset}" height="20" role="img" aria-label="${label}: ${message}">
+  <title>${label}: ${message}</title>
+  <linearGradient id="s" x2="0" y2="100%">
+    <stop offset="0" stop-color="#bbb" stop-opacity=".1"/>
+    <stop offset="1" stop-opacity=".1"/>
+  </linearGradient>
+  <clipPath id="r">
+    <rect width="${totalWidth + logoOffset}" height="20" rx="3" fill="#fff"/>
+  </clipPath>
+  <g clip-path="url(#r)">
+    <rect width="${labelWidth + logoOffset}" height="20" fill="#555"/>
+    <rect x="${labelWidth + logoOffset}" width="${messageWidth}" height="20" fill="${color}"/>
+    <rect width="${totalWidth + logoOffset}" height="20" fill="url(#s)"/>
+  </g>
+  ${logoSvg}
+  <g fill="#fff" text-anchor="middle" font-family="Verdana,Geneva,DejaVu Sans,sans-serif" text-rendering="geometricPrecision" font-size="11">
+    <text aria-hidden="true" x="${(labelWidth + logoOffset) / 2 + logoOffset/2}" y="15" fill="#010101" fill-opacity=".3">${label}</text>
+    <text x="${(labelWidth + logoOffset) / 2 + logoOffset/2}" y="14" fill="#fff">${label}</text>
+    <text aria-hidden="true" x="${labelWidth + logoOffset + messageWidth / 2}" y="15" fill="#010101" fill-opacity=".3">${message}</text>
+    <text x="${labelWidth + logoOffset + messageWidth / 2}" y="14" fill="${textColor}">${message}</text>
+  </g>
+</svg>`;
+}
+function generateFlatSquareBadge(opts) {
+  const { label, message, color, textColor, labelWidth, messageWidth, totalWidth, logo } = opts;
+  let logoSvg = '';
+  let logoOffset = 0;
+  if (logo === 'vibecheck') {
+    logoOffset = 16;
+    logoSvg = `
+    <g transform="translate(5, 3)">
+      <path fill="${textColor}" d="M7 1l7 12H0L7 1zm0 3l-4 7h8L7 4z"/>
+    </g>`;
+  }
+  return `<svg xmlns="http://www.w3.org/2000/svg" width="${totalWidth + logoOffset}" height="20" role="img" aria-label="${label}: ${message}">
+  <title>${label}: ${message}</title>
+  <g shape-rendering="crispEdges">
+    <rect width="${labelWidth + logoOffset}" height="20" fill="#555"/>
+    <rect x="${labelWidth + logoOffset}" width="${messageWidth}" height="20" fill="${color}"/>
+  </g>
+  ${logoSvg}
+  <g fill="#fff" text-anchor="middle" font-family="Verdana,Geneva,DejaVu Sans,sans-serif" text-rendering="geometricPrecision" font-size="11">
+    <text x="${(labelWidth + logoOffset) / 2 + logoOffset/2}" y="14" fill="#fff">${label}</text>
+    <text x="${labelWidth + logoOffset + messageWidth / 2}" y="14" fill="${textColor}">${message}</text>
+  </g>
+</svg>`;
+}
+// ═══════════════════════════════════════════════════════════════════════════════
+// BADGE GENERATORS
+// ═══════════════════════════════════════════════════════════════════════════════
+/**
+ * Generate an authority verdict badge
+ */
+function generateVerdictBadge(verdict, options = {}) {
+  const {
+    style = 'flat',
+    logo = 'vibecheck',
+    includeConfidence = true,
+  } = options;
+  const action = verdict.action || 'UNKNOWN';
+  const confidence = verdict.confidence || 0;
+  const authorityId = verdict.authority || 'authority';
+  const colors = BADGE_COLORS[action] || BADGE_COLORS.neutral;
+  let message = action;
+  if (includeConfidence && action !== 'STOP') {
+    message = `${action} ${Math.round(confidence * 100)}%`;
+  }
+  return generateSVGBadge({
+    label: `Authority: ${authorityId}`,
+    message,
+    color: colors.background,
+    textColor: colors.text,
+    logo,
+    style,
+  });
+}
+/**
+ * Generate a simple "Authority Approved" badge
+ */
+function generateApprovedBadge(options = {}) {
+  const {
+    authority = 'vibecheck',
+    confidence = 100,
+    version = '1.0',
+    style = 'flat',
+  } = options;
+  return generateSVGBadge({
+    label: 'Authority Approved',
+    message: `${authority} v${version}`,
+    color: BADGE_COLORS.PROCEED.background,
+    textColor: BADGE_COLORS.PROCEED.text,
+    logo: 'vibecheck',
+    style,
+  });
+}
+/**
+ * Generate a Safe Consolidation badge
+ */
+function generateSafeConsolidationBadge(verdict, options = {}) {
+  const {
+    style = 'flat',
+  } = options;
+  const action = verdict.action || 'PROCEED';
+  const confidence = verdict.confidence || 0.95;
+  const colors = BADGE_COLORS[action] || BADGE_COLORS.PROCEED;
+  return generateSVGBadge({
+    label: 'Safe Consolidation',
+    message: `${action} ${Math.round(confidence * 100)}%`,
+    color: colors.background,
+    textColor: colors.text,
+    logo: 'vibecheck',
+    style,
+  });
+}
+/**
+ * Generate a CI status badge
+ */
+function generateCIBadge(verdict, options = {}) {
+  const {
+    style = 'flat',
+    ciName = 'CI',
+  } = options;
+  const action = verdict.action || 'UNKNOWN';
+  const exitCode = verdict.exitCode ?? (action === 'PROCEED' ? 0 : action === 'DEFER' ? 1 : 2);
+  let status, color;
+  if (exitCode === 0) {
+    status = 'passing';
+    color = BADGE_COLORS.PROCEED.background;
+  } else if (exitCode === 1) {
+    status = 'review';
+    color = BADGE_COLORS.DEFER.background;
+  } else {
+    status = 'failing';
+    color = BADGE_COLORS.STOP.background;
+  }
+  return generateSVGBadge({
+    label: ciName,
+    message: status,
+    color,
+    textColor: '#FFFFFF',
+    style,
+  });
+}
+// ═══════════════════════════════════════════════════════════════════════════════
+// OUTPUT FORMATTERS
+// ═══════════════════════════════════════════════════════════════════════════════
+/**
+ * Format badge for markdown embedding
+ */
+function formatBadgeMarkdown(badge, options = {}) {
+  const {
+    altText = 'Authority Approved by VibeCheck',
+    link = 'https://vibecheckai.dev',
+  } = options;
+  // Encode SVG for data URI
+  const encoded = encodeURIComponent(badge)
+    .replace(/'/g, '%27')
+    .replace(/"/g, '%22');
+  const dataUri = `data:image/svg+xml,${encoded}`;
+  if (link) {
+    return `[![${altText}](${dataUri})](${link})`;
+  }
+  return `![${altText}](${dataUri})`;
+}
+/**
+ * Format badge for HTML embedding
+ */
+function formatBadgeHTML(badge, options = {}) {
+  const {
+    altText = 'Authority Approved by VibeCheck',
+    link = 'https://vibecheckai.dev',
+    className = 'vibecheck-badge',
+  } = options;
+  // Encode SVG for data URI
+  const encoded = encodeURIComponent(badge)
+    .replace(/'/g, '%27')
+    .replace(/"/g, '%22');
+  const dataUri = `data:image/svg+xml,${encoded}`;
+  const img = `<img src="${dataUri}" alt="${altText}" class="${className}">`;
+  if (link) {
+    return `<a href="${link}" target="_blank" rel="noopener noreferrer">${img}</a>`;
+  }
+  return img;
+}
+// ═══════════════════════════════════════════════════════════════════════════════
+// FILE OUTPUT
+// ═══════════════════════════════════════════════════════════════════════════════
+/**
+ * Save badge to file
+ */
+async function saveBadge(badge, filePath, format = 'svg') {
+  const dir = path.dirname(filePath);
+  // Ensure directory exists
+  if (!fs.existsSync(dir)) {
+    fs.mkdirSync(dir, { recursive: true });
+  }
+  let content = badge;
+  let ext = '.svg';
+  if (format === 'markdown' || format === 'md') {
+    content = formatBadgeMarkdown(badge);
+    ext = '.md';
+  } else if (format === 'html') {
+    content = formatBadgeHTML(badge);
+    ext = '.html';
+  }
+  // Ensure file has correct extension
+  let finalPath = filePath;
+  if (!filePath.endsWith(ext) && format !== 'svg') {
+    finalPath = filePath.replace(/\.[^.]+$/, ext);
+  }
+  await fs.promises.writeFile(finalPath, content);
+  return finalPath;
+}
+/**
+ * Generate and save all badge variants
+ */
+async function generateAllBadges(verdict, outputDir, options = {}) {
+  const {
+    prefix = verdict.authority || 'authority',
+  } = options;
+  const badges = {};
+  // Main verdict badge
+  const verdictBadge = generateVerdictBadge(verdict, options);
+  badges.verdict = await saveBadge(
+    verdictBadge,
+    path.join(outputDir, `${prefix}-badge.svg`)
+  );
+  // If PROCEED, also generate approved badge
+  if (verdict.action === 'PROCEED') {
+    const approvedBadge = generateApprovedBadge({
+      authority: verdict.authority,
+      confidence: verdict.confidence,
+      version: verdict.version,
+    });
+    badges.approved = await saveBadge(
+      approvedBadge,
+      path.join(outputDir, `${prefix}-approved-badge.svg`)
+    );
+    // CI badge
+    const ciBadge = generateCIBadge(verdict);
+    badges.ci = await saveBadge(
+      ciBadge,
+      path.join(outputDir, `${prefix}-ci-badge.svg`)
+    );
+  }
+  // Generate markdown snippet
+  const mdContent = `# ${verdict.authority || 'Authority'} Badge
+${formatBadgeMarkdown(verdictBadge, { altText: \`\${verdict.authority} - \${verdict.action}\` })}
+## Embed Code
+### Markdown
+\`\`\`markdown
+${formatBadgeMarkdown(verdictBadge, { altText: \`\${verdict.authority} - \${verdict.action}\` })}
+\`\`\`
+### HTML
+\`\`\`html
+${formatBadgeHTML(verdictBadge, { altText: \`\${verdict.authority} - \${verdict.action}\` })}
+\`\`\`
+---
+Generated: ${new Date().toISOString()}
+`;
+  badges.readme = await saveBadge(mdContent, path.join(outputDir, `${prefix}-BADGE.md`), 'md');
+  return badges;
+}
+// ═══════════════════════════════════════════════════════════════════════════════
+// EXPORTS
+// ═══════════════════════════════════════════════════════════════════════════════
+module.exports = {
+  // Badge generators
+  generateSVGBadge,
+  generateVerdictBadge,
+  generateApprovedBadge,
+  generateSafeConsolidationBadge,
+  generateCIBadge,
+  // Formatters
+  formatBadgeMarkdown,
+  formatBadgeHTML,
+  // File operations
+  saveBadge,
+  generateAllBadges,
+  // Constants
+  BADGE_COLORS,
+};