@vibecheckai/cli 3.6.1 → 3.8.0

package/bin/runners/runShip.js

@@ -22,6 +22,46 @@ const {
 } = require("./lib/cli-output");
 const { EXIT, verdictToExitCode, exitCodeToVerdict } = require("./lib/exit-codes");
 
+// ═══════════════════════════════════════════════════════════════════════════════
+// NEW: Ship Gate System (v2) - Deterministic, Evidence-backed
+// ═══════════════════════════════════════════════════════════════════════════════
+let _shipGate = null;
+let _shipManifest = null;
+let _whyTree = null;
+
+function getShipGate() {
+  if (!_shipGate) {
+    try {
+      _shipGate = require("./lib/ship-gate");
+    } catch {
+      _shipGate = false;
+    }
+  }
+  return _shipGate;
+}
+
+function getShipManifest() {
+  if (!_shipManifest) {
+    try {
+      _shipManifest = require("./lib/ship-manifest");
+    } catch {
+      _shipManifest = false;
+    }
+  }
+  return _shipManifest;
+}
+
+function getWhyTree() {
+  if (!_whyTree) {
+    try {
+      _whyTree = require("./lib/why-tree");
+    } catch {
+      _whyTree = false;
+    }
+  }
+  return _whyTree;
+}
+
 // Route Truth - Fake endpoint detection (V2 engine-aware)
 const { buildTruthpackSmart, writeTruthpack, detectFastifyEntry } = require("./lib/truth");
 const {
@@ -73,20 +113,23 @@ const {
 } = require("./lib/ship-output-enterprise");
 
 // ═══════════════════════════════════════════════════════════════════════════════
-// PREMIUM BANNER
+// UNIFIED CLI OUTPUT
 // ═══════════════════════════════════════════════════════════════════════════════
 
-const BANNER = `
+let _cliOutput = null;
+function getCliOutput() {
+  if (!_cliOutput) _cliOutput = require("./lib/unified-cli-output");
+  return _cliOutput;
+}
+
+// Fallback banner if unified not available
+const BANNER_FALLBACK = `
 ${ansi.rgb(0, 255, 200)}  ██╗   ██╗██╗██████╗ ███████╗ ██████╗██╗  ██╗███████╗ ██████╗██╗  ██╗${ansi.reset}
 ${ansi.rgb(0, 230, 220)}  ██║   ██║██║██╔══██╗██╔════╝██╔════╝██║  ██║██╔════╝██╔════╝██║ ██╔╝${ansi.reset}
 ${ansi.rgb(0, 200, 255)}  ██║   ██║██║██████╔╝█████╗  ██║     ███████║█████╗  ██║     █████╔╝ ${ansi.reset}
 ${ansi.rgb(50, 150, 255)}  ╚██╗ ██╔╝██║██╔══██╗██╔══╝  ██║     ██╔══██║██╔══╝  ██║     ██╔═██╗ ${ansi.reset}
 ${ansi.rgb(100, 100, 255)}   ╚████╔╝ ██║██████╔╝███████╗╚██████╗██║  ██║███████╗╚██████╗██║  ██╗${ansi.reset}
 ${ansi.rgb(150, 50, 255)}    ╚═══╝  ╚═╝╚═════╝ ╚══════╝ ╚═════╝╚═╝  ╚═╝╚══════╝ ╚═════╝╚═╝  ╚═╝${ansi.reset}
-
-${ansi.dim}  ┌─────────────────────────────────────────────────────────────────────┐${ansi.reset}
-${ansi.dim}  │${ansi.reset}  ${ansi.rgb(0, 255, 200)}🚀${ansi.reset} ${ansi.bold}SHIP${ansi.reset} ${ansi.dim}•${ansi.reset} ${ansi.rgb(200, 200, 200)}The One Command${ansi.reset} ${ansi.dim}•${ansi.reset} ${ansi.rgb(150, 150, 150)}Zero Config${ansi.reset} ${ansi.dim}•${ansi.reset} ${ansi.rgb(100, 100, 100)}Plain English${ansi.reset}      ${ansi.dim}│${ansi.reset}
-${ansi.dim}  └─────────────────────────────────────────────────────────────────────┘${ansi.reset}
 `;
 
 // ═══════════════════════════════════════════════════════════════════════════════
@@ -210,8 +253,8 @@ function stopSpinner(message, success = true) {
   spinnerStartTime = null;
 }
 
-// Compact banner for fix mode
-const SHIP_BANNER = `
+// Compact banner for fix mode (fallback)
+const SHIP_BANNER_FALLBACK = `
 ${ansi.rgb(0, 255, 200)}  ███████╗██╗  ██╗██╗██████╗ ${ansi.reset}
 ${ansi.rgb(0, 230, 220)}  ██╔════╝██║  ██║██║██╔══██╗${ansi.reset}
 ${ansi.rgb(0, 200, 255)}  ███████╗███████║██║██████╔╝${ansi.reset}
@@ -220,8 +263,23 @@ ${ansi.rgb(100, 100, 255)}  ███████║██║  ██║██
 ${ansi.rgb(150, 50, 255)}  ╚══════╝╚═╝  ╚═╝╚═╝╚═╝     ${ansi.reset}
 `;
 
-function printBanner(compact = false) {
-  console.log(compact ? SHIP_BANNER : BANNER);
+function printBanner(compact = false, projectRoot = process.cwd()) {
+  if (compact) {
+    console.log(SHIP_BANNER_FALLBACK);
+    return;
+  }
+  
+  try {
+    const cli = getCliOutput();
+    console.log(cli.renderFullHeader("ship", {
+      version: "4.0.0",
+      tier: "FREE",
+      target: projectRoot,
+      sessionId: cli.generateSessionId(),
+    }));
+  } catch {
+    console.log(BANNER_FALLBACK);
+  }
 }
 
 function printDivider(char = '─', width = 69, color = c.dim) {
@@ -627,15 +685,26 @@ function printHelp(showBanner = true) {
 
   ${ansi.bold}The One Command${ansi.reset} — Get a ship verdict: ${colors.success}SHIP${ansi.reset} | ${colors.warning}WARN${ansi.reset} | ${colors.error}BLOCK${ansi.reset}
 
-  ${ansi.bold}Options:${ansi.reset}
+  ${ansi.bold}Verdict Options:${ansi.reset}
+    ${colors.accent}--strict${ansi.reset}        Treat warnings as blockers
+    ${colors.accent}--why${ansi.reset}           Show detailed "why tree" (top blockers + evidence)
+    ${colors.accent}--cached${ansi.reset}        Use cached verdict if repo unchanged
+
+  ${ansi.bold}Output Options:${ansi.reset}
+    ${colors.accent}--json${ansi.reset}          Output full manifest as JSON
+    ${colors.accent}--ci${ansi.reset}            Machine output (KEY=VALUE format for CI/CD)
+    ${colors.accent}--receipt${ansi.reset}       Single-line receipt (parseable)
+    ${colors.accent}--manifest${ansi.reset}      Output full signed manifest
+    ${colors.accent}--badge, -b${ansi.reset}     Generate embeddable badge for README
+
+  ${ansi.bold}Fix Options:${ansi.reset}
     ${colors.accent}--fix, -f${ansi.reset}       Try safe mechanical fixes ${ansi.dim}(shows plan first)${ansi.reset}
     ${colors.accent}--assist${ansi.reset}        Generate AI mission prompts for complex issues
-    ${colors.accent}--badge, -b${ansi.reset}     Generate embeddable badge for README
-    ${colors.accent}--strict${ansi.reset}        Treat warnings as blockers
-    ${colors.accent}--ci${ansi.reset}            Machine output for CI/CD pipelines
-    ${colors.accent}--json${ansi.reset}          Output results as JSON
+
+  ${ansi.bold}General Options:${ansi.reset}
     ${colors.accent}--path, -p${ansi.reset}      Project path ${ansi.dim}(default: current directory)${ansi.reset}
     ${colors.accent}--verbose, -v${ansi.reset}   Show detailed progress
+    ${colors.accent}--legacy${ansi.reset}        Use legacy (non-gate) evaluation
     ${colors.accent}--help, -h${ansi.reset}      Show this help
 
   ${ansi.bold}Exit Codes:${ansi.reset}
@@ -643,10 +712,23 @@ function printHelp(showBanner = true) {
     ${colors.warning}1${ansi.reset}  WARN  — Warnings found, review recommended
     ${colors.error}2${ansi.reset}  BLOCK — Blockers found, must fix before shipping
 
+  ${ansi.bold}CI Integration:${ansi.reset}
+    ${ansi.dim}# GitHub Actions - set output variables${ansi.reset}
+    vibecheck ship --ci >> $$GITHUB_OUTPUT
+
+    ${ansi.dim}# Get receipt for artifact storage${ansi.reset}
+    vibecheck ship --receipt > .vibecheck/receipt.txt
+
+    ${ansi.dim}# Cache-aware evaluation (fast re-runs)${ansi.reset}
+    vibecheck ship --cached
+
   ${ansi.bold}Examples:${ansi.reset}
     ${ansi.dim}# Quick ship check${ansi.reset}
     vibecheck ship
 
+    ${ansi.dim}# Show why a verdict was reached${ansi.reset}
+    vibecheck ship --why
+
     ${ansi.dim}# Auto-fix what can be fixed${ansi.reset}
     vibecheck ship --fix
 
@@ -655,6 +737,11 @@ function printHelp(showBanner = true) {
 
     ${ansi.dim}# Strict CI mode (warnings = failure)${ansi.reset}
     vibecheck ship --strict --ci
+
+  ${ansi.bold}Artifacts Generated:${ansi.reset}
+    ${ansi.dim}.vibecheck/ship/manifest.json${ansi.reset}   Full signed manifest
+    ${ansi.dim}.vibecheck/ship/receipt.txt${ansi.reset}     CI-friendly receipt
+    ${ansi.dim}.vibecheck/ship/github-output.txt${ansi.reset} GitHub Actions output
 `);
 }
 
@@ -784,6 +871,12 @@ function parseArgs(args) {
     help: globalFlags.help || false,
     noBanner: globalFlags.noBanner || false,
     quiet: globalFlags.quiet || false,
+    // NEW: Gate mode options
+    useGate: true, // Use new gate system by default
+    cached: false, // Use cached verdict if valid
+    manifest: false, // Output full manifest
+    receipt: false, // Output CI receipt
+    whyTree: false, // Show detailed why tree
   };
   
   // Parse command-specific args
@@ -799,6 +892,12 @@ function parseArgs(args) {
     }
     else if (a.startsWith("--path=")) opts.path = a.split("=")[1];
     else if (a === "--path" || a === "-p") opts.path = args[++i];
+    // NEW: Gate options
+    else if (a === "--legacy") opts.useGate = false;
+    else if (a === "--cached") opts.cached = true;
+    else if (a === "--manifest") opts.manifest = true;
+    else if (a === "--receipt") opts.receipt = true;
+    else if (a === "--why") opts.whyTree = true;
   }
   
   return opts;
@@ -822,6 +921,24 @@ async function runShip(args, context = {}) {
     return 0;
   }
 
+  // ═══════════════════════════════════════════════════════════════════════════
+  // NEW: Use Ship Gate (v2) system for deterministic, evidence-backed verdicts
+  // ═══════════════════════════════════════════════════════════════════════════
+  if (opts.useGate && !opts.fix && !opts.assist) {
+    try {
+      const gateResult = await runShipGate(opts, context);
+      if (gateResult !== null) {
+        return gateResult;
+      }
+      // If null returned, fall through to legacy mode
+    } catch (err) {
+      if (opts.verbose) {
+        console.error(`  Gate evaluation failed: ${err.message}, using legacy mode`);
+      }
+      // Fall through to legacy mode
+    }
+  }
+
   // Entitlement check
   try {
     await enforceLimit('scans');
@@ -1204,6 +1321,141 @@ async function runAutoFix(projectPath, results, outputDir, findings) {
   return fixResults;
 }
 
+// ═══════════════════════════════════════════════════════════════════════════════
+// SHIP GATE (v2) - Deterministic, Evidence-backed Verdict
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/**
+ * Run ship using the new gate system.
+ * 
+ * The gate system provides:
+ * - Deterministic verdicts (same repo state → same verdict)
+ * - Evidence-backed decisions (why tree)
+ * - CI-ready artifacts (manifest, receipt, badge)
+ * 
+ * @param {Object} opts - Options from parseArgs
+ * @param {Object} context - Execution context
+ * @returns {number} Exit code
+ */
+async function runShipGate(opts, context = {}) {
+  const shipGate = getShipGate();
+  const shipManifest = getShipManifest();
+  const whyTreeModule = getWhyTree();
+  
+  if (!shipGate || !shipManifest) {
+    // Fall back to legacy mode if gate modules not available
+    console.error("  Ship gate modules not available, using legacy mode");
+    return null; // Signal to use legacy
+  }
+  
+  const projectPath = path.resolve(opts.path);
+  const startTime = Date.now();
+  
+  // Check cache first if requested
+  if (opts.cached) {
+    const cacheResult = shipGate.checkVerdictCache(projectPath);
+    if (cacheResult.valid) {
+      const manifest = cacheResult.manifest;
+      
+      if (opts.json || opts.manifest) {
+        console.log(JSON.stringify(manifest, null, 2));
+      } else if (opts.receipt) {
+        console.log(shipManifest.generateCIReceipt(manifest));
+      } else if (!opts.quiet) {
+        console.log(`  Using cached verdict: ${manifest.verdict.status} (${cacheResult.age}ms old)`);
+        console.log(`  Fingerprint: ${manifest.repo.fingerprint}`);
+      }
+      
+      return manifest.verdict.exitCode;
+    }
+    
+    if (!opts.quiet && !opts.json) {
+      console.log(`  Cache invalid: ${cacheResult.reason}`);
+    }
+  }
+  
+  // Run full gate evaluation
+  const gate = new shipGate.ShipGate(projectPath, {
+    strict: opts.strict,
+  });
+  
+  const result = await gate.evaluate({
+    skipReality: !opts.withRuntime,
+  });
+  
+  // Output based on mode
+  if (opts.json || opts.manifest) {
+    console.log(JSON.stringify(result.manifest, null, 2));
+    return result.exitCode;
+  }
+  
+  if (opts.receipt) {
+    console.log(shipManifest.generateCIReceipt(result.manifest));
+    return result.exitCode;
+  }
+  
+  if (opts.ci) {
+    // CI mode: minimal key=value output
+    const envVars = shipManifest.generateCIEnvVars(result.manifest);
+    for (const [key, value] of Object.entries(envVars)) {
+      console.log(`${key}=${value}`);
+    }
+    return result.exitCode;
+  }
+  
+  // Human-readable output
+  if (!opts.quiet) {
+    // Print verdict card
+    printVerdictCard(
+      result.verdict, 
+      result.score, 
+      result.evidence.audit.blockers, 
+      result.evidence.audit.warnings, 
+      result.durationMs
+    );
+    
+    // Print why tree if requested or if blocked
+    if (opts.whyTree || result.verdict !== "SHIP") {
+      if (whyTreeModule) {
+        const whyTree = whyTreeModule.buildWhyTree(result.findings);
+        console.log(whyTreeModule.renderWhyTreeTerminal(whyTree));
+      } else {
+        // Fallback: simple why tree from manifest
+        const why = result.manifest.evidence.whyTree;
+        console.log(`\n  ${ansi.bold}WHY: ${result.verdict}${ansi.reset}`);
+        console.log(`  ${ansi.dim}${why.summary}${ansi.reset}\n`);
+        
+        for (const issue of why.topIssues || []) {
+          console.log(`  ${colors.blockRed}•${ansi.reset} ${issue.title}`);
+          if (issue.evidence?.file) {
+            console.log(`    ${ansi.dim}→ ${issue.evidence.file}:${issue.evidence.lines || ""}${ansi.reset}`);
+          }
+          if (issue.fixHint) {
+            console.log(`    ${colors.shipGreen}Fix: ${issue.fixHint}${ansi.reset}`);
+          }
+          console.log();
+        }
+      }
+    }
+    
+    // Print artifact paths
+    console.log(`  ${ansi.dim}Artifacts:${ansi.reset}`);
+    console.log(`    ${ansi.dim}Manifest: ${result.artifactPaths.manifest}${ansi.reset}`);
+    console.log(`    ${ansi.dim}Receipt:  ${result.artifactPaths.receipt}${ansi.reset}`);
+    console.log();
+    
+    // Badge info if requested
+    if (opts.badge) {
+      const badgeInfo = shipManifest.generateBadgeInfo(result.manifest);
+      console.log(`  ${ansi.bold}Badge:${ansi.reset}`);
+      console.log(`    ${badgeInfo.markdown}`);
+      console.log();
+    }
+  }
+  
+  return result.exitCode;
+}
+
 // ═══════════════════════════════════════════════════════════════════════════════
 // SHIP CORE (for programmatic use)
 // ═══════════════════════════════════════════════════════════════════════════════
@@ -1275,7 +1527,134 @@ async function shipCore({ repoRoot, fastifyEntry, jsonOut, noWrite } = {}) {
 // EXPORTS
 // ═══════════════════════════════════════════════════════════════════════════════
 
+// ═══════════════════════════════════════════════════════════════════════════════
+// SEAL COMMAND - Badge and Attestation Generator
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/**
+ * Generate seal (badge) and attestation from the latest ship manifest.
+ * 
+ * @param {string[]} args - Command arguments
+ * @param {Object} context - Execution context
+ * @returns {number} Exit code
+ */
+async function runSeal(args = [], context = {}) {
+  const { parseGlobalFlags } = require("./lib/global-flags");
+  const { EXIT } = require("./lib/exit-codes");
+  
+  const { flags: globalFlags } = parseGlobalFlags(args);
+  const quiet = globalFlags.quiet || args.includes("--quiet") || args.includes("-q");
+  const json = globalFlags.json || args.includes("--json");
+  const projectRoot = context.repoRoot || globalFlags.path || process.cwd();
+  
+  const shipManifest = getShipManifest();
+  
+  if (!shipManifest) {
+    if (!quiet) {
+      console.error("  Seal module not available");
+    }
+    return EXIT.INTERNAL_ERROR;
+  }
+  
+  // Load latest manifest
+  const manifest = shipManifest.loadShipManifest(projectRoot);
+  
+  if (!manifest) {
+    if (json) {
+      console.log(JSON.stringify({ 
+        success: false, 
+        error: "No ship manifest found. Run 'vibecheck ship' first." 
+      }));
+    } else if (!quiet) {
+      console.error("  No ship manifest found. Run 'vibecheck ship' first.");
+    }
+    return EXIT.NOT_FOUND;
+  }
+  
+  // Verify signature
+  const verification = shipManifest.verifyManifestSignature(manifest);
+  
+  // Generate badge info
+  const badge = shipManifest.generateBadgeInfo(manifest);
+  
+  // Build seal output
+  const seal = {
+    verdict: manifest.verdict.status,
+    score: manifest.verdict.score,
+    canShip: manifest.verdict.canShip,
+    
+    // Repo info
+    repo: {
+      name: manifest.repo.name,
+      commit: manifest.repo.commit,
+      branch: manifest.repo.branch,
+      fingerprint: manifest.repo.fingerprint,
+    },
+    
+    // Badge URLs
+    badge: {
+      shields: badge.url.shields,
+      badgen: badge.url.badgen,
+      markdown: badge.markdown,
+    },
+    
+    // Attestation
+    attestation: {
+      signatureValid: verification.valid,
+      digest: manifest.signature.digest,
+      algorithm: manifest.signature.algorithm,
+      generatedAt: manifest.meta.generatedAt,
+    },
+    
+    // Evidence summary
+    evidence: {
+      blockers: manifest.evidence.summary.blockers,
+      warnings: manifest.evidence.summary.warnings,
+      totalFindings: manifest.evidence.summary.total,
+    },
+  };
+  
+  if (json) {
+    console.log(JSON.stringify(seal, null, 2));
+  } else if (!quiet) {
+    console.log(`
+  ${ansi.bold}${ansi.cyan}╔═══════════════════════════════════════════════════════════════════╗
+  ║                                                                   ║
+  ║   SHIP SEAL                                                       ║
+  ║                                                                   ║
+  ╚═══════════════════════════════════════════════════════════════════╝${ansi.reset}
+
+  ${ansi.bold}Verdict:${ansi.reset} ${seal.verdict === "SHIP" ? colors.shipGreen : seal.verdict === "WARN" ? colors.warnAmber : colors.blockRed}${seal.verdict}${ansi.reset}
+  ${ansi.bold}Score:${ansi.reset}   ${seal.score}/100
+
+  ${ansi.bold}Repository${ansi.reset}
+    ${ansi.dim}Name:${ansi.reset}        ${seal.repo.name}
+    ${ansi.dim}Commit:${ansi.reset}      ${seal.repo.commit}
+    ${ansi.dim}Branch:${ansi.reset}      ${seal.repo.branch}
+    ${ansi.dim}Fingerprint:${ansi.reset} ${seal.repo.fingerprint}
+
+  ${ansi.bold}Attestation${ansi.reset}
+    ${ansi.dim}Signature:${ansi.reset}   ${verification.valid ? colors.shipGreen + "✓ Valid" : colors.blockRed + "✗ Invalid"}${ansi.reset}
+    ${ansi.dim}Digest:${ansi.reset}      ${seal.attestation.digest}
+    ${ansi.dim}Generated:${ansi.reset}   ${seal.attestation.generatedAt}
+
+  ${ansi.bold}Badge (copy to README.md):${ansi.reset}
+    ${colors.shipGreen}${seal.badge.markdown}${ansi.reset}
+
+  ${ansi.dim}Evidence: ${seal.evidence.blockers} blockers, ${seal.evidence.warnings} warnings${ansi.reset}
+`);
+  }
+  
+  return manifest.verdict.exitCode;
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// EXPORTS
+// ═══════════════════════════════════════════════════════════════════════════════
+
 module.exports = { 
   runShip: withErrorHandling(runShip, "Ship check failed"),
-  shipCore
+  runSeal: withErrorHandling(runSeal, "Seal generation failed"),
+  runShipGate,
+  shipCore,
 };

package/bin/vibecheck.js

@@ -946,7 +946,7 @@ ${c.dim}${sym.boxHorizontal.repeat(64)}${c.reset}
 ${c.green}${sym.star} PRICING TIERS${c.reset}
 
   ${c.green}FREE${c.reset}      ${c.dim}$0${c.reset}       scan, ship, report, context, doctor, polish - full visibility
-  ${c.magenta}PRO${c.reset}       ${c.dim}$69/mo${c.reset}   + autofix, prove, reality, mcp, guard, ai-test, PR comments
+  ${c.magenta}PRO${c.reset}       ${c.dim}$49/mo${c.reset}   + autofix, prove, reality, mcp, guard, ai-test, PR comments
 
 ${c.green}${sym.rocket} QUICK START (2 minutes to first proof)${c.reset}
 
@@ -1247,14 +1247,42 @@ async function main() {
 
   // Load registry for command resolution
   const registry = getRegistry();
-  const { COMMANDS, ALIAS_MAP, ALL_COMMANDS } = registry;
+  const { COMMANDS, ALIAS_MAP, ALL_COMMANDS, isDeprecated, getDeprecationTarget } = registry;
 
   let cmd = cleanArgs[0];
+  const originalCmd = cmd; // Save original for deprecation warning
+  
   // Prefer exact match, then alias
+  let prependSubcommand = null;
   if (!COMMANDS[cmd] && ALIAS_MAP[cmd]) {
-    cmd = ALIAS_MAP[cmd];
+    const target = ALIAS_MAP[cmd];
+    // For auth aliases (login, logout, whoami, me, signin, signout),
+    // prepend the original command as a subcommand to runAuth
+    const authAliases = ['login', 'logout', 'whoami', 'me', 'signin', 'signout'];
+    if (target === 'auth' && authAliases.includes(cmd)) {
+      prependSubcommand = cmd === 'signin' ? 'login' : cmd === 'signout' ? 'logout' : cmd;
+    }
+    cmd = target;
+  }
+  let cmdArgs = prependSubcommand ? [prependSubcommand, ...cleanArgs.slice(1)] : cleanArgs.slice(1);
+  
+  // ═══════════════════════════════════════════════════════════════════════════════
+  // DEPRECATION WARNING
+  // Show warning if user used a deprecated command name
+  // ═══════════════════════════════════════════════════════════════════════════════
+  if (cmd && COMMANDS[cmd]) {
+    const cmdDef = COMMANDS[cmd];
+    // Check if original command is deprecated (either via alias or direct deprecated command)
+    if (cmdDef.deprecated && cmdDef.deprecatedBy) {
+      // Direct deprecated command
+      const { warnDeprecationOnce } = require("./_deprecations");
+      warnDeprecationOnce(originalCmd, cmdDef.deprecatedBy, getVersion());
+    } else if (originalCmd !== cmd) {
+      // Used an alias - check if it's in the deprecation map
+      const { warnIfDeprecated } = require("./_deprecations");
+      warnIfDeprecated(originalCmd, getVersion());
+    }
   }
-  let cmdArgs = cleanArgs.slice(1);
 
   // Handle command-specific help (vibecheck <cmd> --help)
   if (globalFlags.help && cmd && COMMANDS[cmd]) {
@@ -1319,8 +1347,8 @@ async function main() {
                     isDevProAllowed;
 
   // Auth check (unless skipAuth or offline mode)
-  // Only allow login, logout, whoami, and help without auth
-  const authExemptCommands = ['login', 'logout', 'whoami', 'help', '--help', '-h', 'version', '--version'];
+  // Allow auth commands and help without prior auth
+  const authExemptCommands = ['auth', 'login', 'logout', 'whoami', 'me', 'signin', 'signout', 'help', '--help', '-h', 'version', '--version'];
   const needsAuth = !authExemptCommands.includes(cmd) && !cmdDef.skipAuth && !isOffline;
   
   if (needsAuth) {