@vibecheckai/cli 3.6.1 → 3.8.0

package/bin/runners/lib/packs/bundle.js

@@ -0,0 +1,675 @@
+// bin/runners/lib/packs/bundle.js
+// ═══════════════════════════════════════════════════════════════════════════════
+// BUNDLE - One command to produce ZIP bundle + manifest + HTML index
+// Combines permissions, proof graph, evidence, and reports into shareable bundle
+// ═══════════════════════════════════════════════════════════════════════════════
+
+const fs = require('fs');
+const path = require('path');
+const crypto = require('crypto');
+const {
+  createPackBuilder,
+  PACK_TYPE,
+  ARTIFACT_TYPE,
+  generatePackId,
+  collectReceiptReferences,
+  getGitInfo,
+  formatSize,
+} = require('./pack-factory');
+const { buildPermissionsPack } = require('./permissions-pack');
+const { buildProofGraphPack } = require('./proof-graph-pack');
+const { buildEvidencePack } = require('./evidence-pack');
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// BUNDLE SCHEMA
+// ═══════════════════════════════════════════════════════════════════════════════
+
+const BUNDLE_SCHEMA = 'vibecheck/bundle/v1';
+const BUNDLE_VERSION = '1.0.0';
+
+/**
+ * Bundle component types
+ */
+const BUNDLE_COMPONENTS = {
+  EVIDENCE: 'evidence',
+  PERMISSIONS: 'permissions',
+  PROOF_GRAPH: 'proof-graph',
+  REPORT: 'report',
+};
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// REPORT LOADING
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/**
+ * Load report data from .vibecheck
+ * @param {string} repoRoot - Repository root
+ * @returns {object} Report data
+ */
+function loadReportData(repoRoot) {
+  const data = {
+    scan: null,
+    findings: [],
+    verdict: null,
+    score: null,
+  };
+  
+  // Load latest scan
+  const scanPath = path.join(repoRoot, '.vibecheck/results/latest.json');
+  if (fs.existsSync(scanPath)) {
+    try {
+      data.scan = JSON.parse(fs.readFileSync(scanPath, 'utf8'));
+      data.findings = data.scan.findings || data.scan.report?.findings || [];
+      data.verdict = data.scan.verdict || data.scan.report?.verdict;
+      data.score = data.scan.score || data.scan.report?.score;
+    } catch (e) {
+      // Skip
+    }
+  }
+  
+  // Load ship manifest for verdict
+  const shipPath = path.join(repoRoot, '.vibecheck/ship/manifest.json');
+  if (fs.existsSync(shipPath)) {
+    try {
+      const ship = JSON.parse(fs.readFileSync(shipPath, 'utf8'));
+      data.verdict = ship.verdict?.status || data.verdict;
+      data.score = ship.verdict?.score || data.score;
+    } catch (e) {
+      // Skip
+    }
+  }
+  
+  return data;
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// HTML INDEX GENERATION
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/**
+ * Generate unified bundle HTML index
+ * @param {object} bundleManifest - Bundle manifest
+ * @param {object} components - Component manifests
+ * @returns {string} HTML content
+ */
+function generateBundleHtml(bundleManifest, components) {
+  const componentCards = Object.entries(components)
+    .filter(([_, c]) => c !== null)
+    .map(([type, comp]) => {
+      const artifactCount = comp.manifest?.artifacts?.length || 0;
+      const icon = {
+        evidence: '📸',
+        permissions: '🔐',
+        'proof-graph': '🕸️',
+        report: '📊',
+      }[type] || '📦';
+      
+      return `
+        <div class="component-card">
+          <div class="component-icon">${icon}</div>
+          <div class="component-info">
+            <h3>${type.charAt(0).toUpperCase() + type.slice(1).replace('-', ' ')}</h3>
+            <p>${artifactCount} artifacts</p>
+            <a href="${type}/index.html" class="btn">View</a>
+          </div>
+        </div>
+      `;
+    }).join('');
+  
+  const receiptBadges = [];
+  if (bundleManifest.receipts?.ship) {
+    const verdict = bundleManifest.receipts.ship.verdict;
+    const color = verdict === 'SHIP' ? 'success' : verdict === 'WARN' ? 'warning' : 'danger';
+    receiptBadges.push(`<span class="badge ${color}">Ship: ${verdict}</span>`);
+  }
+  if (bundleManifest.receipts?.reality) {
+    receiptBadges.push(`<span class="badge info">Reality: ${bundleManifest.receipts.reality.verdict || 'N/A'}</span>`);
+  }
+  
+  return `<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Vibecheck Bundle - ${bundleManifest.project.name}</title>
+  <style>
+    :root {
+      --bg: #0d1117;
+      --surface: #161b22;
+      --border: #30363d;
+      --text: #c9d1d9;
+      --text-muted: #8b949e;
+      --accent: #ff9650;
+      --success: #3fb950;
+      --warning: #d29922;
+      --danger: #f85149;
+      --info: #58a6ff;
+    }
+    
+    * { box-sizing: border-box; margin: 0; padding: 0; }
+    
+    body {
+      font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
+      background: var(--bg);
+      color: var(--text);
+      line-height: 1.6;
+      min-height: 100vh;
+    }
+    
+    .hero {
+      background: linear-gradient(135deg, var(--surface) 0%, var(--bg) 100%);
+      border-bottom: 1px solid var(--border);
+      padding: 4rem 2rem;
+      text-align: center;
+    }
+    
+    .logo {
+      font-size: 4rem;
+      margin-bottom: 1rem;
+    }
+    
+    h1 {
+      font-size: 2.5rem;
+      color: var(--text);
+      margin-bottom: 0.5rem;
+    }
+    
+    h1 span { color: var(--accent); }
+    
+    .project-name {
+      font-size: 1.25rem;
+      color: var(--text-muted);
+      margin-bottom: 1.5rem;
+    }
+    
+    .badges {
+      display: flex;
+      justify-content: center;
+      gap: 0.5rem;
+      flex-wrap: wrap;
+      margin-bottom: 2rem;
+    }
+    
+    .badge {
+      display: inline-block;
+      padding: 0.5rem 1rem;
+      border-radius: 20px;
+      font-size: 0.875rem;
+      font-weight: 500;
+    }
+    
+    .badge.success { background: var(--success)22; color: var(--success); }
+    .badge.warning { background: var(--warning)22; color: var(--warning); }
+    .badge.danger { background: var(--danger)22; color: var(--danger); }
+    .badge.info { background: var(--info)22; color: var(--info); }
+    
+    .meta {
+      display: flex;
+      justify-content: center;
+      gap: 2rem;
+      flex-wrap: wrap;
+      font-size: 0.875rem;
+      color: var(--text-muted);
+    }
+    
+    .meta-item strong { color: var(--text); }
+    
+    .container {
+      max-width: 1200px;
+      margin: 0 auto;
+      padding: 3rem 2rem;
+    }
+    
+    h2 {
+      font-size: 1.5rem;
+      margin-bottom: 1.5rem;
+      text-align: center;
+    }
+    
+    .components {
+      display: grid;
+      grid-template-columns: repeat(auto-fit, minmax(280px, 1fr));
+      gap: 1.5rem;
+      margin-bottom: 3rem;
+    }
+    
+    .component-card {
+      background: var(--surface);
+      border: 1px solid var(--border);
+      border-radius: 12px;
+      padding: 2rem;
+      text-align: center;
+      transition: border-color 0.2s, transform 0.2s;
+    }
+    
+    .component-card:hover {
+      border-color: var(--accent);
+      transform: translateY(-2px);
+    }
+    
+    .component-icon {
+      font-size: 3rem;
+      margin-bottom: 1rem;
+    }
+    
+    .component-info h3 {
+      margin-bottom: 0.5rem;
+    }
+    
+    .component-info p {
+      color: var(--text-muted);
+      margin-bottom: 1rem;
+    }
+    
+    .btn {
+      display: inline-block;
+      background: var(--accent);
+      color: var(--bg);
+      padding: 0.5rem 1.5rem;
+      border-radius: 6px;
+      text-decoration: none;
+      font-weight: 500;
+      transition: opacity 0.2s;
+    }
+    
+    .btn:hover { opacity: 0.9; }
+    
+    .info-section {
+      background: var(--surface);
+      border: 1px solid var(--border);
+      border-radius: 12px;
+      padding: 2rem;
+    }
+    
+    .info-grid {
+      display: grid;
+      grid-template-columns: repeat(auto-fit, minmax(200px, 1fr));
+      gap: 1.5rem;
+    }
+    
+    .info-item {
+      text-align: center;
+    }
+    
+    .info-label {
+      font-size: 0.75rem;
+      color: var(--text-muted);
+      text-transform: uppercase;
+      letter-spacing: 0.05em;
+      margin-bottom: 0.25rem;
+    }
+    
+    .info-value {
+      font-family: monospace;
+      font-size: 0.875rem;
+      word-break: break-all;
+    }
+    
+    footer {
+      text-align: center;
+      padding: 2rem;
+      border-top: 1px solid var(--border);
+      margin-top: 3rem;
+      color: var(--text-muted);
+      font-size: 0.875rem;
+    }
+  </style>
+</head>
+<body>
+  <div class="hero">
+    <div class="logo">📦</div>
+    <h1>Vibecheck <span>Bundle</span></h1>
+    <p class="project-name">${bundleManifest.project.name}</p>
+    
+    <div class="badges">
+      ${receiptBadges.join('')}
+      <span class="badge info">v${BUNDLE_VERSION}</span>
+    </div>
+    
+    <div class="meta">
+      <span class="meta-item"><strong>Generated:</strong> ${new Date(bundleManifest.generatedAt).toLocaleString()}</span>
+      <span class="meta-item"><strong>Git:</strong> ${bundleManifest.git.branch || 'N/A'} @ ${bundleManifest.git.commit?.slice(0, 7) || 'N/A'}</span>
+      <span class="meta-item"><strong>Components:</strong> ${Object.keys(components).filter(k => components[k]).length}</span>
+    </div>
+  </div>
+  
+  <div class="container">
+    <h2>Components</h2>
+    
+    <div class="components">
+      ${componentCards}
+    </div>
+    
+    <div class="info-section">
+      <h2>Build Info</h2>
+      <div class="info-grid">
+        <div class="info-item">
+          <div class="info-label">Bundle ID</div>
+          <div class="info-value">${bundleManifest.id}</div>
+        </div>
+        <div class="info-item">
+          <div class="info-label">Reproducible</div>
+          <div class="info-value">${bundleManifest.build.reproducible ? '✓ Yes' : '✗ No (dirty)'}</div>
+        </div>
+        <div class="info-item">
+          <div class="info-label">Platform</div>
+          <div class="info-value">${bundleManifest.build.platform}</div>
+        </div>
+        <div class="info-item">
+          <div class="info-label">Fingerprint</div>
+          <div class="info-value">${bundleManifest.build.fingerprint.slice(0, 16)}...</div>
+        </div>
+      </div>
+    </div>
+  </div>
+  
+  <footer>
+    <p>Generated by <strong>Vibecheck</strong> • Schema: ${bundleManifest.$schema}</p>
+  </footer>
+  
+  <script>
+    window.VIBECHECK_BUNDLE = ${JSON.stringify(bundleManifest, null, 2)};
+  </script>
+</body>
+</html>`;
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// BUNDLE BUILDER
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/**
+ * Build unified bundle
+ * @param {string} repoRoot - Repository root
+ * @param {object} options - Build options
+ * @returns {Promise<object>} Build result
+ */
+async function buildBundle(repoRoot, options = {}) {
+  const {
+    outputDir,
+    createZip = true,
+    includeEvidence = true,
+    includePermissions = true,
+    includeProofGraph = true,
+    includeReport = true,
+  } = options;
+  
+  const projectName = path.basename(repoRoot);
+  const bundleId = generatePackId('bundle', projectName, Date.now().toString());
+  
+  // Determine output directory
+  const bundleDir = outputDir || path.join(repoRoot, '.vibecheck/bundles', bundleId);
+  fs.mkdirSync(bundleDir, { recursive: true });
+  
+  const components = {
+    evidence: null,
+    permissions: null,
+    'proof-graph': null,
+    report: null,
+  };
+  
+  // Build components
+  console.log('📦 Building bundle components...\n');
+  
+  if (includeEvidence) {
+    console.log('  📸 Building evidence pack...');
+    try {
+      const evidenceDir = path.join(bundleDir, 'evidence');
+      const result = await buildEvidencePack(repoRoot, { outputDir: evidenceDir });
+      components.evidence = result;
+      console.log(`     ✓ ${result.artifactCount} artifacts`);
+    } catch (e) {
+      console.log(`     ✗ Failed: ${e.message}`);
+    }
+  }
+  
+  if (includePermissions) {
+    console.log('  🔐 Building permissions pack...');
+    try {
+      const permDir = path.join(bundleDir, 'permissions');
+      const result = await buildPermissionsPack(repoRoot, { outputDir: permDir });
+      components.permissions = result;
+      console.log(`     ✓ ${result.manifest.metadata.rolesCount || 0} roles, ${result.manifest.metadata.permissionsCount || 0} permissions`);
+    } catch (e) {
+      console.log(`     ✗ Failed: ${e.message}`);
+    }
+  }
+  
+  if (includeProofGraph) {
+    console.log('  🕸️  Building proof graph pack...');
+    try {
+      const graphDir = path.join(bundleDir, 'proof-graph');
+      const result = await buildProofGraphPack(repoRoot, { outputDir: graphDir });
+      components['proof-graph'] = result;
+      console.log(`     ✓ ${result.manifest.metadata.nodeCount || 0} nodes, ${result.manifest.metadata.edgeCount || 0} edges`);
+    } catch (e) {
+      console.log(`     ✗ Failed: ${e.message}`);
+    }
+  }
+  
+  if (includeReport) {
+    console.log('  📊 Building report pack...');
+    try {
+      const reportDir = path.join(bundleDir, 'report');
+      fs.mkdirSync(reportDir, { recursive: true });
+      
+      const reportData = loadReportData(repoRoot);
+      
+      // Create simple report artifacts
+      const reportJson = JSON.stringify(reportData, null, 2);
+      fs.writeFileSync(path.join(reportDir, 'report.json'), reportJson);
+      
+      components.report = {
+        packId: `report_${bundleId}`,
+        outputDir: reportDir,
+        manifest: {
+          artifacts: [{ filename: 'report.json', type: 'json' }],
+          metadata: {
+            findingCount: reportData.findings.length,
+            verdict: reportData.verdict,
+            score: reportData.score,
+          },
+        },
+      };
+      console.log(`     ✓ ${reportData.findings.length} findings, verdict: ${reportData.verdict || 'N/A'}`);
+    } catch (e) {
+      console.log(`     ✗ Failed: ${e.message}`);
+    }
+  }
+  
+  console.log('');
+  
+  // Collect receipts and git info
+  const receipts = collectReceiptReferences(repoRoot);
+  const git = getGitInfo(repoRoot);
+  
+  // Create bundle manifest
+  const bundleManifest = {
+    $schema: BUNDLE_SCHEMA,
+    schemaVersion: BUNDLE_VERSION,
+    id: bundleId,
+    type: 'bundle',
+    generatedAt: new Date().toISOString(),
+    project: {
+      name: projectName,
+      root: repoRoot,
+    },
+    git,
+    build: {
+      fingerprint: crypto.createHash('sha256')
+        .update(JSON.stringify({ bundleId, projectName, git, components: Object.keys(components).filter(k => components[k]) }))
+        .digest('hex'),
+      reproducible: !git.dirty,
+      nodeVersion: process.version,
+      platform: process.platform,
+    },
+    receipts,
+    components: Object.entries(components).reduce((acc, [key, val]) => {
+      if (val) {
+        acc[key] = {
+          packId: val.packId,
+          artifactCount: val.manifest?.artifacts?.length || val.artifactCount || 0,
+          indexPath: `${key}/index.html`,
+        };
+      }
+      return acc;
+    }, {}),
+    summary: {
+      componentCount: Object.values(components).filter(Boolean).length,
+      hasShipReceipt: !!receipts.ship,
+      hasRealityReceipt: !!receipts.reality,
+      verdict: receipts.ship?.verdict || null,
+    },
+  };
+  
+  // Write bundle manifest
+  fs.writeFileSync(
+    path.join(bundleDir, 'manifest.json'),
+    JSON.stringify(bundleManifest, null, 2)
+  );
+  
+  // Generate bundle HTML index
+  const bundleHtml = generateBundleHtml(bundleManifest, components);
+  fs.writeFileSync(path.join(bundleDir, 'index.html'), bundleHtml);
+  
+  // Create ZIP if requested
+  let zipPath = null;
+  let zipSize = 0;
+  
+  if (createZip) {
+    try {
+      const archiver = require('archiver');
+      zipPath = `${bundleDir}.zip`;
+      
+      console.log('📦 Creating ZIP bundle...');
+      
+      const output = fs.createWriteStream(zipPath);
+      const archive = archiver('zip', { zlib: { level: 9 } });
+      
+      await new Promise((resolve, reject) => {
+        output.on('close', () => {
+          zipSize = archive.pointer();
+          resolve();
+        });
+        archive.on('error', reject);
+        archive.pipe(output);
+        archive.directory(bundleDir, false);
+        archive.finalize();
+      });
+      
+      console.log(`   ✓ Created: ${path.basename(zipPath)} (${formatSize(zipSize)})`);
+    } catch (e) {
+      console.log(`   ⚠ ZIP creation skipped: archiver not available`);
+    }
+  }
+  
+  return {
+    bundleId,
+    bundleDir,
+    manifest: bundleManifest,
+    components,
+    zipPath,
+    zipSize,
+  };
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// LIST AND CLEANUP
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/**
+ * List all bundles
+ * @param {string} repoRoot - Repository root
+ * @returns {Array} Bundle list
+ */
+function listBundles(repoRoot) {
+  const bundlesDir = path.join(repoRoot, '.vibecheck/bundles');
+  if (!fs.existsSync(bundlesDir)) return [];
+  
+  const bundles = [];
+  const dirs = fs.readdirSync(bundlesDir, { withFileTypes: true })
+    .filter(d => d.isDirectory())
+    .map(d => d.name);
+  
+  for (const dir of dirs) {
+    const manifestPath = path.join(bundlesDir, dir, 'manifest.json');
+    if (fs.existsSync(manifestPath)) {
+      try {
+        const manifest = JSON.parse(fs.readFileSync(manifestPath, 'utf8'));
+        bundles.push({
+          id: manifest.id,
+          generatedAt: manifest.generatedAt,
+          componentCount: manifest.summary?.componentCount || 0,
+          verdict: manifest.summary?.verdict,
+          path: path.join(bundlesDir, dir),
+        });
+      } catch (e) {
+        // Skip invalid
+      }
+    }
+  }
+  
+  return bundles.sort((a, b) => new Date(b.generatedAt) - new Date(a.generatedAt));
+}
+
+/**
+ * Cleanup old bundles
+ * @param {string} repoRoot - Repository root
+ * @param {object} options - Cleanup options
+ * @returns {number} Number of bundles removed
+ */
+function cleanupBundles(repoRoot, options = {}) {
+  const { maxCount = 5, maxAgeDays = 30 } = options;
+  
+  const bundles = listBundles(repoRoot);
+  const now = new Date();
+  const maxAge = maxAgeDays * 24 * 60 * 60 * 1000;
+  
+  let removed = 0;
+  
+  for (let i = 0; i < bundles.length; i++) {
+    const bundle = bundles[i];
+    const age = now - new Date(bundle.generatedAt);
+    
+    if (i >= maxCount || age > maxAge) {
+      try {
+        fs.rmSync(bundle.path, { recursive: true, force: true });
+        
+        // Also remove ZIP if exists
+        if (fs.existsSync(`${bundle.path}.zip`)) {
+          fs.unlinkSync(`${bundle.path}.zip`);
+        }
+        
+        removed++;
+      } catch (e) {
+        // Skip if can't remove
+      }
+    }
+  }
+  
+  return removed;
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// EXPORTS
+// ═══════════════════════════════════════════════════════════════════════════════
+
+module.exports = {
+  // Constants
+  BUNDLE_SCHEMA,
+  BUNDLE_VERSION,
+  BUNDLE_COMPONENTS,
+  
+  // Loading
+  loadReportData,
+  
+  // HTML
+  generateBundleHtml,
+  
+  // Builder
+  buildBundle,
+  
+  // Management
+  listBundles,
+  cleanupBundles,
+};