@vibecheckai/cli 3.9.0 → 4.0.0

package/mcp-server/truth-context.js

@@ -1,622 +0,0 @@
-/**
- * Truth Context – MCP Tools for Evidence‑Backed AI
- *
- * Core context-engine tools that surface **truth-backed** context for AI agents.
- * Every response is grounded in concrete evidence with file/line citations
- * and explicit confidence scores.
- *
- * This is the "Truth Firewall", exposed to agents as an "Evidence Pack" / "Truth Pack". [web:3]
- *
- * Tools:
- *   - vibecheck.ctx           – Build a repo-level Truth Pack (routes, auth, billing, env, schema)
- *   - vibecheck.verify_claim  – Check whether a claim is backed by real evidence
- *   - vibecheck.evidence      – Pull code-level evidence for a specific file/function
- */
-
-import fs from "fs/promises";
-import path from "path";
-import { execSync } from "child_process";
-
-// ============================================================================
-// TRUTH CONTEXT TOOLS
-// ============================================================================
-
-export const TRUTH_CONTEXT_TOOLS = [
-  {
-    name: "vibecheck.ctx",
-    description: `📋 Build a repo Truth Pack: routes, auth, billing, env vars, schema.
-
-Generates an evidence-backed context bundle with file/line citations.
-Use this before the agent makes any architectural or behavioral claims
-about the codebase.
-
-Returns:
-- routes: All detected routes with handlers and middleware
-- auth: Auth guards, protected routes, auth flow indicators
-- billing: Payment gates, subscription checks, paid feature indicators
-- env: Environment variables (declared vs used, mismatches)
-- schema: Database schema and TypeScript contracts
-- confidence: Aggregate confidence score (0–1) for the extracted view`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        scope: {
-          type: "string",
-          enum: ["all", "routes", "auth", "billing", "env", "schema"],
-          description: "Which slice of context to extract (default: all)",
-          default: "all",
-        },
-        path: {
-          type: "string",
-          description: "Project root path (default: current working directory)",
-        },
-      },
-    },
-  },
-  {
-    name: "vibecheck.verify_claim",
-    description: `🔍 Truth Firewall check – verify that a claim is backed by code.
-
-Run this before asserting that something exists, is configured, or is enforced.
-Returns concrete evidence (file/line) when the claim is supported,
-or a structured rejection with an explanation when it is not.
-
-Examples:
-- "Route /api/users exists"        → VERIFIED with handler at src/routes/users.ts:45
-- "Auth is required for /admin"    → VERIFIED via middleware at src/middleware/auth.ts:12
-- "Stripe is configured"           → REJECTED: No evidence of Stripe integration found`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        claim_type: {
-          type: "string",
-          enum: [
-            "route",
-            "endpoint",
-            "env_var",
-            "middleware",
-            "auth_guard",
-            "billing_gate",
-            "file",
-            "function",
-          ],
-          description: "Category of claim to verify",
-        },
-        claim: {
-          type: "string",
-          description:
-            "The claim subject (e.g. '/api/users', 'AUTH_SECRET', 'authMiddleware')",
-        },
-        path: {
-          type: "string",
-          description: "Project root path (default: current working directory)",
-        },
-      },
-      required: ["claim_type", "claim"],
-    },
-  },
-  {
-    name: "vibecheck.evidence",
-    description: `📎 Retrieve code evidence for a file or symbol.
-
-Returns an annotated code snippet with line numbers for precise citation.
-Use this when the agent needs to quote or reason about specific code blocks
-in its response.`,
-    inputSchema: {
-      type: "object",
-      properties: {
-        file: {
-          type: "string",
-          description: "File path relative to the project root",
-        },
-        function_name: {
-          type: "string",
-          description: "Optional function/class name to locate within the file",
-        },
-        line: {
-          type: "number",
-          description: "Optional 1-based line number to center the snippet on",
-        },
-        context_lines: {
-          type: "number",
-          description:
-            "Number of lines of context before/after the target (default: 10)",
-          default: 10,
-        },
-        path: {
-          type: "string",
-          description: "Project root path (default: current working directory)",
-        },
-      },
-      required: ["file"],
-    },
-  },
-];
-
-// ============================================================================
-// TOOL DISPATCH
-// ============================================================================
-
-export async function handleTruthContextTool(toolName, args) {
-  const projectPath = args.path || process.cwd();
-
-  switch (toolName) {
-    case "vibecheck.ctx":
-      return await getTruthPack(projectPath, args.scope || "all");
-    case "vibecheck.verify_claim":
-      return await verifyClaim(projectPath, args.claim_type, args.claim);
-    case "vibecheck.evidence":
-      return await getEvidence(projectPath, args.file, args);
-    default:
-      return { error: `Unknown tool: ${toolName}` };
-  }
-}
-
-// ============================================================================
-// CONTEXT EXTRACTION
-// ============================================================================
-
-async function getTruthPack(projectPath, scope) {
-  const truthPack = {
-    version: "1.0.0",
-    generatedAt: new Date().toISOString(),
-    projectPath,
-    scope,
-    confidence: 0,
-    sections: {},
-  };
-
-  try {
-    if (scope === "all" || scope === "routes") {
-      truthPack.sections.routes = await extractRoutes(projectPath);
-    }
-    if (scope === "all" || scope === "auth") {
-      truthPack.sections.auth = await extractAuth(projectPath);
-    }
-    if (scope === "all" || scope === "billing") {
-      truthPack.sections.billing = await extractBilling(projectPath);
-    }
-    if (scope === "all" || scope === "env") {
-      truthPack.sections.env = await extractEnvVars(projectPath);
-    }
-    if (scope === "all" || scope === "schema") {
-      truthPack.sections.schema = await extractSchema(projectPath);
-    }
-
-    const sections = Object.values(truthPack.sections);
-    if (sections.length > 0) {
-      truthPack.confidence =
-        sections.reduce((sum, section) => sum + (section.confidence || 0), 0) /
-        sections.length;
-    }
-
-    return truthPack;
-  } catch (error) {
-    return {
-      error: error.message,
-      projectPath,
-      suggestion: "Run `vibecheck init` to set up the project",
-    };
-  }
-}
-
-async function extractRoutes(projectPath) {
-  const routes = [];
-  const routePatterns = [
-    /app\.(get|post|put|patch|delete|use)\s*\(\s*['"`]([^'"`]+)['"`]/gi,
-    /router\.(get|post|put|patch|delete|use)\s*\(\s*['"`]([^'"`]+)['"`]/gi,
-    /@(Get|Post|Put|Patch|Delete)\s*\(\s*['"`]([^'"`]+)['"`]/gi,
-  ];
-
-  const files = await findSourceFiles(projectPath, [".ts", ".js", ".tsx", ".jsx"]);
-
-  for (const file of files.slice(0, 50)) {
-    try {
-      const content = await fs.readFile(file, "utf8");
-      const relPath = path.relative(projectPath, file);
-
-      for (const pattern of routePatterns) {
-        let match;
-        pattern.lastIndex = 0;
-        while ((match = pattern.exec(content)) !== null) {
-          const line = content.substring(0, match.index).split("\n").length;
-          routes.push({
-            method: match[1].toUpperCase(),
-            path: match[2],
-            file: relPath,
-            line,
-            evidence: {
-              snippet: content.split("\n")[line - 1]?.trim(),
-              verifiedAt: new Date().toISOString(),
-            },
-          });
-        }
-      }
-    } catch {
-      // Skip unreadable files
-    }
-  }
-
-  return {
-    count: routes.length,
-    routes: routes.slice(0, 100),
-    confidence: routes.length > 0 ? 0.8 : 0.2,
-  };
-}
-
-async function extractAuth(projectPath) {
-  const authIndicators = [];
-  const authPatterns = [
-    /auth(enticate|orize|Middleware|Guard|Check)/gi,
-    /isAuthenticated|requireAuth|verifyToken|jwt\.verify/gi,
-    /passport\.(authenticate|use)/gi,
-    /session\.|cookie\./gi,
-  ];
-
-  const files = await findSourceFiles(projectPath, [".ts", ".js"]);
-
-  for (const file of files.slice(0, 50)) {
-    try {
-      const content = await fs.readFile(file, "utf8");
-      const relPath = path.relative(projectPath, file);
-
-      for (const pattern of authPatterns) {
-        let match;
-        pattern.lastIndex = 0;
-        while ((match = pattern.exec(content)) !== null) {
-          const line = content.substring(0, match.index).split("\n").length;
-          authIndicators.push({
-            type: "auth_indicator",
-            match: match[0],
-            file: relPath,
-            line,
-          });
-        }
-      }
-    } catch {
-      // Skip
-    }
-  }
-
-  return {
-    count: authIndicators.length,
-    indicators: authIndicators.slice(0, 50),
-    confidence:
-      authIndicators.length > 5
-        ? 0.8
-        : authIndicators.length > 0
-        ? 0.5
-        : 0.1,
-  };
-}
-
-async function extractBilling(projectPath) {
-  const billingIndicators = [];
-  const billingPatterns = [
-    /stripe|paddle|lemonsqueezy|gumroad/gi,
-    /subscription|payment|checkout|invoice/gi,
-    /isPro|isPremium|isEnterprise|hasPaid/gi,
-    /price|tier|plan/gi,
-  ];
-
-  const files = await findSourceFiles(projectPath, [".ts", ".js"]);
-
-  for (const file of files.slice(0, 30)) {
-    try {
-      const content = await fs.readFile(file, "utf8");
-      const relPath = path.relative(projectPath, file);
-
-      for (const pattern of billingPatterns) {
-        let match;
-        pattern.lastIndex = 0;
-        while ((match = pattern.exec(content)) !== null) {
-          const line = content.substring(0, match.index).split("\n").length;
-          billingIndicators.push({
-            type: "billing_indicator",
-            match: match[0],
-            file: relPath,
-            line,
-          });
-        }
-      }
-    } catch {
-      // Skip
-    }
-  }
-
-  return {
-    count: billingIndicators.length,
-    indicators: billingIndicators.slice(0, 30),
-    confidence:
-      billingIndicators.length > 3
-        ? 0.7
-        : billingIndicators.length > 0
-        ? 0.4
-        : 0.1,
-  };
-}
-
-async function extractEnvVars(projectPath) {
-  const declared = [];
-  const used = [];
-
-  const envFiles = [".env.example", ".env.local.example", ".env.sample"];
-  for (const envFile of envFiles) {
-    try {
-      const content = await fs.readFile(path.join(projectPath, envFile), "utf8");
-      const lines = content.split("\n");
-      for (let i = 0; i < lines.length; i++) {
-        const match = lines[i].match(/^([A-Z][A-Z0-9_]*)=/);
-        if (match) {
-          declared.push({
-            name: match[1],
-            file: envFile,
-            line: i + 1,
-          });
-        }
-      }
-    } catch {
-      // File does not exist
-    }
-  }
-
-  const files = await findSourceFiles(projectPath, [".ts", ".js"]);
-  for (const file of files.slice(0, 30)) {
-    try {
-      const content = await fs.readFile(file, "utf8");
-      const relPath = path.relative(projectPath, file);
-      const pattern = /process\.env\.([A-Z][A-Z0-9_]*)/g;
-      let match;
-      while ((match = pattern.exec(content)) !== null) {
-        const line = content.substring(0, match.index).split("\n").length;
-        used.push({
-          name: match[1],
-          file: relPath,
-          line,
-        });
-      }
-    } catch {
-      // Skip
-    }
-  }
-
-  const declaredNames = new Set(declared.map((d) => d.name));
-  const usedNames = new Set(used.map((u) => u.name));
-  const undeclared = [...usedNames].filter((name) => !declaredNames.has(name));
-  const unused = [...declaredNames].filter((name) => !usedNames.has(name));
-
-  return {
-    declared: declared.slice(0, 50),
-    used: used.slice(0, 50),
-    mismatches: {
-      undeclared,
-      unused,
-    },
-    confidence: undeclared.length === 0 ? 0.9 : 0.5,
-  };
-}
-
-async function extractSchema(projectPath) {
-  const schemas = [];
-
-  try {
-    const prismaPath = path.join(projectPath, "prisma", "schema.prisma");
-    const content = await fs.readFile(prismaPath, "utf8");
-    const modelMatches = content.matchAll(/model\s+(\w+)\s*\{/g);
-    for (const match of modelMatches) {
-      schemas.push({
-        type: "prisma_model",
-        name: match[1],
-        file: "prisma/schema.prisma",
-      });
-    }
-  } catch {
-    // No Prisma schema
-  }
-
-  const files = await findSourceFiles(projectPath, [".ts", ".tsx"]);
-  for (const file of files.slice(0, 20)) {
-    try {
-      const content = await fs.readFile(file, "utf8");
-      const relPath = path.relative(projectPath, file);
-
-      const typeMatches = content.matchAll(/(?:interface|type)\s+(\w+)/g);
-      for (const match of typeMatches) {
-        const line = content.substring(0, match.index).split("\n").length;
-        schemas.push({
-          type: "typescript_type",
-          name: match[1],
-          file: relPath,
-          line,
-        });
-      }
-    } catch {
-      // Skip
-    }
-  }
-
-  return {
-    count: schemas.length,
-    schemas: schemas.slice(0, 50),
-    confidence:
-      schemas.length > 5 ? 0.7 : schemas.length > 0 ? 0.4 : 0.2,
-  };
-}
-
-// ============================================================================
-// CLAIM VERIFICATION
-// ============================================================================
-
-async function verifyClaim(projectPath, claimType, claim) {
-  const result = {
-    claim: { type: claimType, value: claim },
-    verified: false,
-    evidence: null,
-    confidence: 0,
-    rejection: null,
-  };
-
-  try {
-    switch (claimType) {
-      case "file": {
-        const filePath = path.join(projectPath, claim);
-        try {
-          await fs.access(filePath);
-          const stats = await fs.stat(filePath);
-          result.verified = true;
-          result.confidence = 1.0;
-          result.evidence = {
-            file: claim,
-            exists: true,
-            size: stats.size,
-            verifiedAt: new Date().toISOString(),
-          };
-        } catch {
-          result.rejection = `File does not exist: ${claim}`;
-        }
-        break;
-      }
-
-      case "route":
-      case "endpoint": {
-        const routes = await extractRoutes(projectPath);
-        const matchingRoute = routes.routes.find(
-          (route) => route.path === claim || route.path.includes(claim),
-        );
-        if (matchingRoute) {
-          result.verified = true;
-          result.confidence = 0.9;
-          result.evidence = matchingRoute;
-        } else {
-          result.rejection = `No route matching "${claim}" found in codebase`;
-        }
-        break;
-      }
-
-      case "env_var": {
-        const envData = await extractEnvVars(projectPath);
-        const isDeclared = envData.declared.some((env) => env.name === claim);
-        const isUsed = envData.used.some((env) => env.name === claim);
-        if (isDeclared || isUsed) {
-          result.verified = true;
-          result.confidence = isDeclared && isUsed ? 1.0 : 0.7;
-          result.evidence = {
-            declared: isDeclared,
-            used: isUsed,
-            locations: [
-              ...envData.declared.filter((env) => env.name === claim),
-              ...envData.used.filter((env) => env.name === claim),
-            ],
-          };
-        } else {
-          result.rejection = `Environment variable "${claim}" not found`;
-        }
-        break;
-      }
-
-      default:
-        result.rejection = `Claim type "${claimType}" verification is not implemented yet`;
-    }
-  } catch (error) {
-    result.rejection = `Verification error: ${error.message}`;
-  }
-
-  return result;
-}
-
-// ============================================================================
-// EVIDENCE EXTRACTION
-// ============================================================================
-
-async function getEvidence(projectPath, file, options) {
-  const filePath = path.join(projectPath, file);
-
-  try {
-    const content = await fs.readFile(filePath, "utf8");
-    const lines = content.split("\n");
-
-    let targetLine = options.line || 1;
-    const contextLines = options.context_lines || 10;
-
-    if (options.function_name) {
-      const pattern = new RegExp(
-        `(function|const|let|var|class)\\s+${options.function_name}`,
-        "i",
-      );
-      for (let i = 0; i < lines.length; i++) {
-        if (pattern.test(lines[i])) {
-          targetLine = i + 1;
-          break;
-        }
-      }
-    }
-
-    const startLine = Math.max(1, targetLine - contextLines);
-    const endLine = Math.min(lines.length, targetLine + contextLines);
-
-    const snippet = lines
-      .slice(startLine - 1, endLine)
-      .map(
-        (line, index) =>
-          `${String(startLine + index).padStart(4, " ")} | ${line}`,
-      )
-      .join("\n");
-
-    return {
-      file,
-      targetLine,
-      startLine,
-      endLine,
-      totalLines: lines.length,
-      snippet,
-      verifiedAt: new Date().toISOString(),
-    };
-  } catch (error) {
-    return {
-      error: `Cannot read file: ${error.message}`,
-      file,
-    };
-  }
-}
-
-// ============================================================================
-// UTILITIES
-// ============================================================================
-
-async function findSourceFiles(projectPath, extensions) {
-  const files = [];
-
-  async function walk(dir) {
-    try {
-      const entries = await fs.readdir(dir, { withFileTypes: true });
-      for (const entry of entries) {
-        const fullPath = path.join(dir, entry.name);
-        if (entry.isDirectory()) {
-          if (
-            !entry.name.startsWith(".") &&
-            entry.name !== "node_modules" &&
-            entry.name !== "dist" &&
-            entry.name !== "build"
-          ) {
-            await walk(fullPath);
-          }
-        } else if (entry.isFile()) {
-          const ext = path.extname(entry.name).toLowerCase();
-          if (extensions.includes(ext)) {
-            files.push(fullPath);
-          }
-        }
-      }
-    } catch {
-      // Skip inaccessible directories
-    }
-  }
-
-  await walk(projectPath);
-  return files;
-}
-
-export default {
-  TRUTH_CONTEXT_TOOLS,
-  handleTruthContextTool,
-};