@vibecheckai/cli 3.8.0 → 3.9.1

package/mcp-server/handlers/index.ts

@@ -10,6 +10,6 @@ export {
   getToolsByTier,
   getToolsByCategory,
   validateRegistry,
-} from "./tool-handler";
+} from "./tool-handler.js";
 
-export { default as ToolHandler } from "./tool-handler";
+export { default as ToolHandler } from "./tool-handler.js";

package/mcp-server/handlers/tool-handler.ts

@@ -13,8 +13,9 @@
  * 7) Return response with error envelope
  */
 
-import * as fs from "fs";
-import * as path from "path";
+import * as fs from "node:fs";
+import * as path from "node:path";
+import { fileURLToPath } from "node:url";
 import Ajv from "ajv";
 import type {
   RunRequest,
@@ -25,9 +26,46 @@ import type {
   ToolResult,
   ValidationError,
   Finding,
-} from "../lib/types";
-import { PathSandbox } from "../lib/sandbox";
-import { CliExecutor, parseCliOutput, sortFindings, buildCliArgs } from "../lib/executor";
+} from "../lib/types.js";
+import { resolveSandboxPath, configFromRunRequest, type SandboxConfig } from "../lib/sandbox.js";
+import { CliExecutor, parseCliOutput, sortFindings, buildCliArgs } from "../lib/executor.js";
+
+// ESM __dirname equivalent
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+
+/**
+ * Simple PathSandbox wrapper class using the sandbox functions
+ */
+class PathSandbox {
+  private config: SandboxConfig;
+
+  constructor(options: { projectRoot: string }) {
+    this.config = {
+      workspaceRoot: options.projectRoot,
+      includeThirdParty: false,
+      includeGenerated: false,
+    };
+  }
+
+  assertAllowed(inputPath: string): string {
+    const result = resolveSandboxPath(inputPath, this.config);
+    if (!result.valid) {
+      const error = new Error(result.error || "Path not allowed") as Error & { violationType?: string };
+      error.violationType = result.errorCode;
+      throw error;
+    }
+    return result.resolvedPath!;
+  }
+
+  validate(inputPath: string): { allowed: boolean; error?: string } {
+    const result = resolveSandboxPath(inputPath, this.config);
+    return {
+      allowed: result.valid,
+      error: result.error,
+    };
+  }
+}
 
 // ═══════════════════════════════════════════════════════════════════════════════
 // REGISTRY
@@ -78,7 +116,8 @@ function getToolDefinition(toolName: string): ToolDefinition | null {
 // VALIDATION
 // ═══════════════════════════════════════════════════════════════════════════════
 
-const ajv = new Ajv({ allErrors: true, strict: false });
+const AjvClass = Ajv.default || Ajv;
+const ajv = new AjvClass({ allErrors: true, strict: false });
 
 /**
  * Validate data against JSON schema
@@ -86,14 +125,14 @@ const ajv = new Ajv({ allErrors: true, strict: false });
 function validateSchema(
   data: unknown,
   schema: unknown,
-  schemaName: string
+  _schemaName: string
 ): ValidationError[] {
   const validate = ajv.compile(schema as object);
   const valid = validate(data);
 
   if (valid) return [];
 
-  return (validate.errors || []).map((err) => ({
+  return (validate.errors || []).map((err: { instancePath?: string; message?: string; params?: { allowedValues?: string[] }; data?: unknown }) => ({
     path: err.instancePath || "/",
     message: err.message || "Validation failed",
     expected: err.params?.allowedValues?.join(", "),

package/mcp-server/lib/executor.ts

@@ -8,9 +8,9 @@
  * - Output capture and parsing
  */
 
-import { spawn, SpawnOptions } from "child_process";
-import type { ExecutorOptions, ExecutorResult, Finding, ToolResult } from "./types";
-import { createHash } from "crypto";
+import { spawn, SpawnOptions } from "node:child_process";
+import type { ExecutorOptions, ExecutorResult, Finding, ToolResult } from "./types.js";
+import { createHash } from "node:crypto";
 
 // ═══════════════════════════════════════════════════════════════════════════════
 // CONSTANTS
@@ -148,7 +148,7 @@ export class CliExecutor {
       }, this.timeoutMs);
 
       // Handle process exit
-      proc.on("close", (code) => {
+      proc.on("close", (code: number | null) => {
         clearTimeout(timeoutHandle);
         const durationMs = Date.now() - startTime;
 
@@ -162,7 +162,7 @@ export class CliExecutor {
       });
 
       // Handle spawn errors
-      proc.on("error", (err) => {
+      proc.on("error", (err: Error) => {
         clearTimeout(timeoutHandle);
         const durationMs = Date.now() - startTime;
 

package/mcp-server/lib/index.ts

@@ -3,11 +3,21 @@
  */
 
 // Types
-export * from "./types";
+export * from "./types.js";
 
 // Sandbox
-export { PathSandbox, createSandbox, validatePath, sanitizePath } from "./sandbox";
-export type { SandboxConfig, SandboxResult, SandboxViolationType } from "./sandbox";
+export {
+  resolveSandboxPath,
+  validateSandboxPaths,
+  getActiveExclusions,
+  configFromRunRequest,
+  validateRunRequest,
+  createSandboxResolver,
+  DEFAULT_EXCLUSIONS,
+  THIRD_PARTY_DIRS,
+  GENERATED_DIRS,
+} from "./sandbox.js";
+export type { SandboxConfig, SandboxResult, RunRequest as SandboxRunRequest } from "./sandbox.js";
 
 // Executor
 export {
@@ -16,4 +26,4 @@ export {
   sortFindings,
   buildCliArgs,
   generateFindingId,
-} from "./executor";
+} from "./executor.js";

package/mcp-server/lib/sandbox.test.ts

@@ -6,9 +6,9 @@
  */
 
 import { describe, it, expect, beforeAll, afterAll } from 'vitest';
-import * as path from 'path';
-import * as fs from 'fs';
-import * as os from 'os';
+import * as path from 'node:path';
+import * as fs from 'node:fs';
+import * as os from 'node:os';
 import {
   resolveSandboxPath,
   validateSandboxPaths,
@@ -18,7 +18,7 @@ import {
   createSandboxResolver,
   SandboxConfig,
   DEFAULT_EXCLUSIONS,
-} from './sandbox';
+} from './sandbox.js';
 
 // Test workspace root
 const TEST_ROOT = path.join(os.tmpdir(), 'sandbox-test-workspace');

package/mcp-server/lib/sandbox.ts

@@ -7,8 +7,8 @@
  * @module mcp-server/lib/sandbox
  */
 
-import * as path from 'path';
-import * as fs from 'fs';
+import * as path from 'node:path';
+import * as fs from 'node:fs';
 
 /**
  * Default excluded directory patterns.

package/mcp-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "vibecheck-mcp-server",
-  "version": "4.1.0",
+  "version": "4.2.0",
   "description": "Professional MCP server for vibecheck - Intelligent development environment vibechecks",
   "type": "module",
   "main": "index.js",

package/mcp-server/registry.test.ts

@@ -9,8 +9,9 @@
  */
 
 import { describe, it, expect, beforeAll } from "vitest";
-import * as fs from "fs";
-import * as path from "path";
+import * as fs from "node:fs";
+import * as path from "node:path";
+import { fileURLToPath } from "node:url";
 import Ajv from "ajv";
 
 import {
@@ -20,14 +21,19 @@ import {
   getToolsByTier,
   getToolsByCategory,
   validateRegistry,
-} from "./handlers/tool-handler";
-import type { ToolDefinition } from "./lib/types";
+} from "./handlers/tool-handler.js";
+import type { ToolDefinition } from "./lib/types.js";
+
+// ESM __dirname equivalent
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
 
 // ═══════════════════════════════════════════════════════════════════════════════
 // TEST SETUP
 // ═══════════════════════════════════════════════════════════════════════════════
 
-const ajv = new Ajv({ allErrors: true, strict: false });
+const AjvClass = Ajv.default || Ajv;
+const ajv = new AjvClass({ allErrors: true, strict: false });
 
 // Load registry directly for raw tests
 const registryPath = path.join(__dirname, "registry/tools.json");
@@ -72,7 +78,7 @@ describe("Tool Definitions", () => {
     expect(tools.length).toBeGreaterThan(0);
   });
 
-  describe.each(tools.map((t) => [t.name, t]))("%s", (name, tool) => {
+  describe.each(tools.map((t) => [t.name, t] as const))("%s", (name: string, tool: ToolDefinition) => {
     // Required Fields
     it("should have name matching key", () => {
       expect(tool.name).toBe(name);
@@ -180,7 +186,7 @@ describe("Tier Distribution", () => {
   });
 
   it("free tools should include scan, report, doctor, classify", () => {
-    const freeTools = getToolsByTier("free").map((t) => t.name);
+    const freeTools = getToolsByTier("free").map((t: ToolDefinition) => t.name);
     expect(freeTools).toContain("vibecheck.scan");
     expect(freeTools).toContain("vibecheck.report");
     expect(freeTools).toContain("vibecheck.doctor");
@@ -188,7 +194,7 @@ describe("Tier Distribution", () => {
   });
 
   it("pro tools should include ship, fix, prove, reality", () => {
-    const proTools = getToolsByTier("pro").map((t) => t.name);
+    const proTools = getToolsByTier("pro").map((t: ToolDefinition) => t.name);
     expect(proTools).toContain("vibecheck.ship");
     expect(proTools).toContain("vibecheck.fix");
     expect(proTools).toContain("vibecheck.prove");
@@ -288,8 +294,8 @@ describe("Schema Completeness", () => {
     
     for (const tool of tools) {
       const props = tool.inputSchema.properties || {};
-      for (const [propName, propSchema] of Object.entries(props)) {
-        expect(propSchema.description).toBeDefined();
+      for (const [_propName, propSchema] of Object.entries(props)) {
+        expect((propSchema as { description?: string }).description).toBeDefined();
       }
     }
   });
@@ -299,8 +305,8 @@ describe("Schema Completeness", () => {
     
     for (const tool of tools) {
       const props = tool.inputSchema.properties || {};
-      for (const [propName, propSchema] of Object.entries(props)) {
-        expect(propSchema.type).toBeDefined();
+      for (const [_propName, propSchema] of Object.entries(props)) {
+        expect((propSchema as { type?: string }).type).toBeDefined();
       }
     }
   });

package/mcp-server/tsconfig.json

@@ -4,6 +4,7 @@
     "module": "NodeNext",
     "moduleResolution": "NodeNext",
     "lib": ["ES2022"],
+    "types": ["node"],
     "outDir": "./dist",
     "rootDir": ".",
     "strict": true,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vibecheckai/cli",
-  "version": "3.8.0",
+  "version": "3.9.1",
   "description": "Vibecheck CLI - Ship with confidence. One verdict: SHIP | WARN | BLOCK.",
   "main": "bin/vibecheck.js",
   "bin": {
@@ -33,6 +33,7 @@
     "debug": "^4.3.4",
     "fast-glob": "^3.3.0",
     "js-yaml": "^4.1.0",
+    "open": "^10.0.0",
     "ora": "^8.0.0",
     "uuid": "^9.0.0",
     "zod": "^3.23.0"