npm - @vibecheckai/cli - Versions diffs - 3.9.1 → 4.0.0 - Mend

@vibecheckai/cli 3.9.1 → 4.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (85) hide show

package/README.md +1 -1
package/bin/runners/context/generators/cursor-enhanced.js +99 -13
package/mcp-server/.eslintrc.json +24 -0
package/mcp-server/README.md +425 -135
package/mcp-server/SPEC.md +583 -0
package/mcp-server/configs/README.md +172 -0
package/mcp-server/configs/claude-desktop-pro.json +31 -0
package/mcp-server/configs/claude-desktop-with-workspace.json +25 -0
package/mcp-server/configs/claude-desktop.json +19 -0
package/mcp-server/configs/cursor-mcp.json +21 -0
package/mcp-server/configs/windsurf-mcp.json +17 -0
package/mcp-server/mcp-config.example.json +9 -0
package/mcp-server/package.json +49 -34
package/mcp-server/src/cli.ts +185 -0
package/mcp-server/src/index.ts +85 -0
package/mcp-server/src/server.ts +1933 -0
package/mcp-server/src/services/cache-service.ts +466 -0
package/mcp-server/src/services/cli-service.ts +345 -0
package/mcp-server/src/services/context-manager.ts +717 -0
package/mcp-server/src/services/firewall-service.ts +662 -0
package/mcp-server/src/services/git-service.ts +671 -0
package/mcp-server/src/services/index.ts +52 -0
package/mcp-server/src/services/prompt-builder-service.ts +1031 -0
package/mcp-server/src/services/session-service.ts +550 -0
package/mcp-server/src/services/tier-service.ts +470 -0
package/mcp-server/src/types.ts +351 -0
package/mcp-server/tsconfig.json +16 -27
package/package.json +6 -6
package/mcp-server/.guardrail/audit/audit.log.jsonl +0 -2
package/mcp-server/.specs/architecture.mdc +0 -90
package/mcp-server/.specs/security.mdc +0 -30
package/mcp-server/HARDENING_SUMMARY.md +0 -299
package/mcp-server/agent-checkpoint.js +0 -364
package/mcp-server/agent-firewall-interceptor.js +0 -500
package/mcp-server/architect-tools.js +0 -707
package/mcp-server/audit-mcp.js +0 -206
package/mcp-server/authority-tools.js +0 -569
package/mcp-server/codebase-architect-tools.js +0 -838
package/mcp-server/conductor/conflict-resolver.js +0 -588
package/mcp-server/conductor/execution-planner.js +0 -544
package/mcp-server/conductor/index.js +0 -377
package/mcp-server/conductor/lock-manager.js +0 -615
package/mcp-server/conductor/request-queue.js +0 -550
package/mcp-server/conductor/session-manager.js +0 -500
package/mcp-server/conductor/tools.js +0 -510
package/mcp-server/consolidated-tools.js +0 -1170
package/mcp-server/deprecation-middleware.js +0 -282
package/mcp-server/handlers/index.ts +0 -15
package/mcp-server/handlers/tool-handler.ts +0 -593
package/mcp-server/hygiene-tools.js +0 -428
package/mcp-server/index-v1.js +0 -698
package/mcp-server/index.js +0 -2940
package/mcp-server/intelligence-tools.js +0 -664
package/mcp-server/intent-drift-tools.js +0 -873
package/mcp-server/intent-firewall-interceptor.js +0 -529
package/mcp-server/lib/api-client.cjs +0 -13
package/mcp-server/lib/cache-wrapper.cjs +0 -383
package/mcp-server/lib/error-envelope.js +0 -138
package/mcp-server/lib/executor.ts +0 -499
package/mcp-server/lib/index.ts +0 -29
package/mcp-server/lib/logger.cjs +0 -30
package/mcp-server/lib/rate-limiter.js +0 -166
package/mcp-server/lib/sandbox.test.ts +0 -519
package/mcp-server/lib/sandbox.ts +0 -395
package/mcp-server/lib/types.ts +0 -267
package/mcp-server/logger.js +0 -173
package/mcp-server/manifest.json +0 -473
package/mcp-server/mdc-generator.js +0 -298
package/mcp-server/premium-tools.js +0 -1275
package/mcp-server/proof-tools.js +0 -571
package/mcp-server/registry/tool-registry.js +0 -586
package/mcp-server/registry/tools.json +0 -619
package/mcp-server/registry.test.ts +0 -340
package/mcp-server/test-mcp.js +0 -108
package/mcp-server/test-tools.js +0 -36
package/mcp-server/tests/tier-gating.test.js +0 -297
package/mcp-server/tier-auth.js +0 -767
package/mcp-server/tools/index.js +0 -72
package/mcp-server/tools-reorganized.ts +0 -244
package/mcp-server/tools-v3.js +0 -1004
package/mcp-server/truth-context.js +0 -622
package/mcp-server/truth-firewall-tools.js +0 -2183
package/mcp-server/vibecheck-2.0-tools.js +0 -761
package/mcp-server/vibecheck-mcp-server-3.2.0.tgz +0 -0
package/mcp-server/vibecheck-tools.js +0 -1075

package/mcp-server/intent-firewall-interceptor.js DELETED Viewed

@@ -1,529 +0,0 @@
-/**
- * Intent-Aware Firewall Interceptor - MCP Tool v3.0
- *
- * ═══════════════════════════════════════════════════════════════════════════════
- * AGENT FIREWALL™ v3.0 - UNIFIED ENFORCEMENT GATEWAY
- * ═══════════════════════════════════════════════════════════════════════════════
- *
- * SEAMLESS UX: When no intent is declared, changes are OBSERVED (not blocked).
- * Changes are logged to the session collector for later approval.
- *
- * Now uses the unified EnforcementGateway for all operations:
- * - Real-time interception with explainable blocks
- * - Signed verdicts for audit trail
- * - Fix guidance for each violation
- *
- * Modes:
- * - No intent → OBSERVE: Log changes, allow to proceed, prompt for intent
- * - Intent exists → ENFORCE: Check alignment, block if not aligned
- *
- * @module intent-firewall-interceptor
- * @version 3.0.0
- */
-import path from "path";
-import fs from "fs";
-import { createRequire } from "module";
-// Import tier auth for secure tier validation
-import { getMcpToolAccess } from "./tier-auth.js";
-const require = createRequire(import.meta.url);
-// Import v3 unified enforcement gateway
-let createGateway, IntentStore, checkAlignment, MODE, VERDICT, SessionCollector;
-let createOrchestrator, ModeConfig; // Legacy compatibility
-try {
-  const agentFirewall = require("../bin/runners/lib/agent-firewall");
-  createGateway = agentFirewall.createGateway;
-  IntentStore = agentFirewall.IntentStore;
-  checkAlignment = agentFirewall.checkAlignment;
-  MODE = agentFirewall.MODE;
-  VERDICT = agentFirewall.VERDICT;
-  SessionCollector = agentFirewall.SessionCollector;
-  // Legacy compatibility
-  createOrchestrator = agentFirewall.createOrchestrator;
-  ModeConfig = agentFirewall.ModeConfig;
-} catch (err) {
-  console.warn(`[Intent Firewall] v3 modules not available: ${err.message}`);
-  // Fallback to v2 imports
-  try {
-    const enforcement = require("../bin/runners/lib/agent-firewall/enforcement");
-    createOrchestrator = enforcement.createOrchestrator;
-    createGateway = enforcement.createGateway;
-    MODE = enforcement.MODE;
-    VERDICT = enforcement.VERDICT;
-    ModeConfig = enforcement.ModeConfig;
-    const intent = require("../bin/runners/lib/agent-firewall/intent");
-    IntentStore = intent.IntentStore;
-    checkAlignment = intent.checkAlignment;
-    const session = require("../bin/runners/lib/agent-firewall/session");
-    SessionCollector = session.SessionCollector;
-  } catch (err2) {
-    console.warn(`[Intent Firewall] Fallback failed: ${err2.message}`);
-  }
-}
-/**
- * MCP Tool Definition for Intent-Aware Interception
- */
-const INTENT_FIREWALL_TOOL = {
-  name: "vibecheck_intent_firewall_intercept",
-  description: `🛡️ Intent-Aware Agent Firewall v2.1 - SEAMLESS enforcement.
-Intercepts AI code changes with seamless UX:
-- No intent declared? → OBSERVE mode (changes logged, allowed to proceed)
-- Intent declared? → ENFORCE mode (check alignment, block if not aligned)
-After a vibe session, run: vibecheck approve
-This reviews logged changes and creates intent retroactively.
-Returns: { mode, decision, logged, intent_prompt }`,
-  inputSchema: {
-    type: "object",
-    required: ["agentId", "filePath", "content"],
-    properties: {
-      agentId: {
-        type: "string",
-        description: "Agent identifier (e.g., 'cursor', 'windsurf', 'copilot')"
-      },
-      filePath: {
-        type: "string",
-        description: "File path relative to project root"
-      },
-      content: {
-        type: "string",
-        description: "New file content"
-      },
-      oldContent: {
-        type: "string",
-        description: "Old file content (optional, for diff generation)"
-      },
-      intent: {
-        type: "string",
-        description: "Agent's stated intent for this change (NOT user intent - user intent must be declared via CLI)"
-      },
-      projectRoot: {
-        type: "string",
-        default: ".",
-        description: "Project root directory"
-      },
-      apiKey: {
-        type: "string",
-        description: "API key for authentication"
-      }
-    }
-  }
-};
-/**
- * Handle MCP tool call for intent-aware interception
- * Uses the unified EnforcementGateway for all operations
- *
- * @param {string} name - Tool name (unused)
- * @param {object} args - Tool arguments
- * @returns {object} MCP tool response
- */
-async function handleIntentFirewallIntercept(name, args) {
-  const projectRoot = path.resolve(args.projectRoot || ".");
-  const agentId = args.agentId || "unknown";
-  const filePath = args.filePath;
-  const content = args.content;
-  const oldContent = args.oldContent || null;
-  const agentIntent = args.intent || "No intent provided";
-  // Validate modules are available
-  if (!createGateway && !IntentStore) {
-    return {
-      content: [{
-        type: "text",
-        text: `⚠️ Intent Firewall modules not available. Change allowed but not tracked.`
-      }]
-    };
-  }
-  // Validate file path is within project root
-  const fileAbs = path.resolve(projectRoot, filePath);
-  if (!fileAbs.startsWith(projectRoot + path.sep) && fileAbs !== projectRoot) {
-    return {
-      content: [{
-        type: "text",
-        text: `❌ BLOCKED: File path outside project root: ${filePath}`
-      }],
-      isError: true
-    };
-  }
-  try {
-    // Create enforcement gateway
-    const gateway = createGateway ? createGateway(projectRoot) : null;
-    // Build raw change for gateway
-    const rawChange = {
-      type: oldContent ? "file_write" : "file_create",
-      path: filePath,
-      content,
-      diff: oldContent ? {
-        before: oldContent,
-        after: content,
-      } : null,
-    };
-    // Use gateway if available
-    if (gateway) {
-      const verdict = await gateway.intercept(rawChange, {
-        agentId,
-        interceptionPoint: "mcp_tool",
-        toolName: "vibecheck_intent_firewall_intercept",
-      });
-      // Handle OBSERVE mode (WOULD_PASS/WOULD_BLOCK)
-      if (verdict.decision === "WOULD_PASS" || verdict.decision === "WOULD_BLOCK") {
-        const wouldBlock = verdict.decision === "WOULD_BLOCK";
-        return {
-          content: [{
-            type: "text",
-            text: `📋 OBSERVE MODE - Change ${wouldBlock ? "would be blocked" : "logged"}
-File: ${filePath}
-Agent: ${agentId}
-✓ Logged to session for later review
-${wouldBlock ? `\n⚠️ Would block: ${verdict.summary}` : ""}
-═══════════════════════════════════════════════════════════════
-No intent declared - running in OBSERVE mode.
-Changes are allowed but logged for review.
-After your vibe session, run:
-  vibecheck approve
-Or declare intent now for enforcement:
-  vibecheck i "${agentIntent || "your intent"}"
-═══════════════════════════════════════════════════════════════
-💡 TIP: Quick intent declaration:
-  vibecheck i "fix login bug"
-This auto-infers constraints from your git context.`
-          }]
-        };
-      }
-      // Handle BLOCK
-      if (verdict.decision === "BLOCK") {
-        // Format violations with fix guidance
-        const violationLines = verdict.violations.map(v => {
-          let line = `❌ [${v.code}] ${v.message}`;
-          if (v.evidence?.file) line += `\n   File: ${v.evidence.file}:${v.evidence.line || ''}`;
-          if (v.evidence?.snippet) line += `\n   Snippet: ${v.evidence.snippet.substring(0, 60)}...`;
-          if (v.fix_hint) line += `\n   Fix: ${v.fix_hint}`;
-          return line;
-        }).join("\n\n");
-        // Format fix guidance
-        const fixCommands = (verdict.fix_guidance || [])
-          .filter(f => f.command)
-          .map(f => `  ${f.command}`)
-          .join("\n");
-        return {
-          content: [{
-            type: "text",
-            text: `═══════════════════════════════════════════════════════════════════════════════
-BLOCKED BY AGENT FIREWALL
-═══════════════════════════════════════════════════════════════════════════════
-${violationLines}
-═══════════════════════════════════════════════════════════════════════════════
-Verdict: ${verdict.decision}
-Violations: ${verdict.violations.length}
-Intent Hash: ${verdict.intent_hash?.slice(0, 16) || "NONE"}...
-Verdict Hash: ${verdict.verdict_hash?.slice(0, 16)}...
-To proceed:
-${fixCommands || "  Review and fix the violations above"}
-═══════════════════════════════════════════════════════════════════════════════`
-          }],
-          isError: true
-        };
-      }
-      // Handle PASS
-      const intentStore = new IntentStore(projectRoot);
-      const userIntent = intentStore.getCurrent({ allowMissing: true });
-      return {
-        content: [{
-          type: "text",
-          text: `✅ ALLOWED BY AGENT FIREWALL
-Verdict: ${verdict.decision}
-File: ${filePath}
-Intent Aligned:
-  "${userIntent?.summary || "No intent"}"
-═══════════════════════════════════════════════════════════════════════════════
-Intent Hash: ${verdict.intent_hash?.slice(0, 16) || "NONE"}...
-Verdict Hash: ${verdict.verdict_hash?.slice(0, 16)}...
-Proofs: ${verdict.proofs?.length || 0} verified
-═══════════════════════════════════════════════════════════════════════════════
-Change may proceed.`
-        }]
-      };
-    }
-    // Fallback to legacy orchestrator if gateway not available
-    const intentStore = new IntentStore(projectRoot);
-    const userIntent = intentStore.getCurrent({ allowMissing: true });
-    const hasUserIntent = intentStore.hasIntent();
-    const isBlockingIntent = userIntent?.summary?.includes("NO INTENT DECLARED");
-    // OBSERVE mode fallback
-    if (!hasUserIntent || isBlockingIntent) {
-      if (SessionCollector) {
-        try {
-          const collector = new SessionCollector(projectRoot);
-          collector.record({
-            type: oldContent ? "file_modify" : "file_create",
-            path: filePath,
-            agent_id: agentId,
-          });
-        } catch {}
-      }
-      return {
-        content: [{
-          type: "text",
-          text: `📋 OBSERVE MODE - Change logged
-File: ${filePath}
-Agent: ${agentId}
-═══════════════════════════════════════════════════════════════
-No intent declared. Run: vibecheck approve after session.
-═══════════════════════════════════════════════════════════════`
-        }]
-      };
-    }
-    // Legacy alignment check
-    const changeEvent = {
-      type: oldContent ? "file_write" : "file_create",
-      location: filePath,
-      diff: oldContent ? { before: oldContent, after: content } : null,
-      content,
-      domain: classifyDomain(filePath),
-      claims: [],
-      timestamp: new Date().toISOString(),
-    };
-    const alignmentResult = checkAlignment(userIntent, changeEvent);
-    if (!alignmentResult.aligned) {
-      const violations = alignmentResult.violations.map(v =>
-        `- [${v.code}] ${v.message}\n  Resource: ${v.resource}`
-      ).join("\n\n");
-      return {
-        content: [{
-          type: "text",
-          text: `❌ BLOCKED BY AGENT FIREWALL
-${violations}
-Intent: "${userIntent.summary}"
-Intent Hash: ${userIntent.hash?.slice(0, 16)}...`
-        }],
-        isError: true
-      };
-    }
-    return {
-      content: [{
-        type: "text",
-        text: `✅ ALLOWED - Intent aligned: "${userIntent.summary}"`
-      }]
-    };
-  } catch (error) {
-    return {
-      content: [{
-        type: "text",
-        text: `❌ BLOCKED: Enforcement error: ${error.message}\n\n${error.stack}`
-      }],
-      isError: true
-    };
-  }
-}
-/**
- * Classify file domain
- * @param {string} filePath - File path
- * @returns {string} Domain
- */
-function classifyDomain(filePath) {
-  if (!filePath) return "general";
-  const s = filePath.toLowerCase();
-  if (s.includes("auth")) return "auth";
-  if (s.includes("stripe") || s.includes("payment")) return "payments";
-  if (s.includes("routes") || s.includes("router") || s.includes("api")) return "routes";
-  if (s.includes("schema") || s.includes("contract")) return "contracts";
-  if (s.includes("ui") || s.includes("components") || s.includes("pages")) return "ui";
-  if (s.includes("database") || s.includes("prisma") || s.includes("migration")) return "database";
-  return "general";
-}
-/**
- * MCP Tool for getting current intent status
- */
-const INTENT_STATUS_TOOL = {
-  name: "vibecheck_intent_status",
-  description: `📋 Get current firewall status and pending changes.
-Shows:
-- Current mode (OBSERVE/ENFORCE)
-- Intent status (if declared)
-- Pending session changes (if in OBSERVE mode)
-Returns: { mode, hasIntent, pendingChanges, summary }`,
-  inputSchema: {
-    type: "object",
-    properties: {
-      projectRoot: {
-        type: "string",
-        default: ".",
-        description: "Project root directory"
-      }
-    }
-  }
-};
-/**
- * Handle intent status tool call
- */
-async function handleIntentStatus(name, args) {
-  const projectRoot = path.resolve(args.projectRoot || ".");
-  if (!IntentStore) {
-    return {
-      content: [{
-        type: "text",
-        text: `⚠️ Intent system not available`
-      }]
-    };
-  }
-  try {
-    const intentStore = new IntentStore(projectRoot);
-    const intent = intentStore.getCurrent({ allowMissing: true });
-    const hasIntent = intentStore.hasIntent();
-    const isBlocking = intent?.summary?.includes("NO INTENT DECLARED");
-    // Get session info if available
-    let sessionInfo = null;
-    if (SessionCollector) {
-      try {
-        const collector = new SessionCollector(projectRoot);
-        if (collector.hasPending()) {
-          sessionInfo = collector.getSummary();
-        }
-      } catch {
-        // Ignore session errors
-      }
-    }
-    if (!hasIntent || isBlocking) {
-      // OBSERVE MODE - show session info
-      let response = `📋 OBSERVE MODE (no intent declared)\n\n`;
-      response += `Changes are allowed and logged for later review.\n\n`;
-      if (sessionInfo) {
-        response += `═══════════════════════════════════════════════════════════════\n`;
-        response += `SESSION CHANGES\n`;
-        response += `  Files touched: ${sessionInfo.files_touched}\n`;
-        response += `  Total changes: ${sessionInfo.total_changes}\n`;
-        response += `  Duration: ${sessionInfo.duration_minutes} minutes\n`;
-        response += `  Domains: ${sessionInfo.domains.join(", ") || "(none)"}\n`;
-        response += `═══════════════════════════════════════════════════════════════\n\n`;
-        response += `When done, run: vibecheck approve\n`;
-      } else {
-        response += `No changes logged yet in this session.\n`;
-      }
-      response += `\n💡 Quick intent: vibecheck i "your intent"\n`;
-      return {
-        content: [{
-          type: "text",
-          text: response
-        }]
-      };
-    }
-    // ENFORCE MODE - show intent
-    let response = `✅ ENFORCE MODE (intent active)\n\n`;
-    response += `Summary: ${intent.summary}\n\n`;
-    if (intent.constraints && intent.constraints.length > 0) {
-      response += `Constraints:\n`;
-      for (const c of intent.constraints) {
-        response += `  - ${c}\n`;
-      }
-      response += "\n";
-    }
-    if (intent.allowed_changes && intent.allowed_changes.length > 0) {
-      response += `Allowed Changes:\n`;
-      for (const ac of intent.allowed_changes) {
-        response += `  - [${ac.type}] ${ac.target || ac.pattern}\n`;
-      }
-      response += "\n";
-    }
-    if (intent.scope) {
-      response += `Scope:\n`;
-      if (intent.scope.directories) {
-        response += `  Directories: ${intent.scope.directories.join(", ")}\n`;
-      }
-      if (intent.scope.domains) {
-        response += `  Domains: ${intent.scope.domains.join(", ")}\n`;
-      }
-      response += "\n";
-    }
-    response += `Hash: ${intent.hash?.slice(0, 16)}...\n`;
-    response += `Version: ${intent.version || 1}\n`;
-    response += `Created: ${intent.created_at}`;
-    return {
-      content: [{
-        type: "text",
-        text: response
-      }]
-    };
-  } catch (error) {
-    return {
-      content: [{
-        type: "text",
-        text: `❌ Error: ${error.message}`
-      }],
-      isError: true
-    };
-  }
-}
-export {
-  INTENT_FIREWALL_TOOL,
-  handleIntentFirewallIntercept,
-  INTENT_STATUS_TOOL,
-  handleIntentStatus
-};

package/mcp-server/lib/api-client.cjs DELETED Viewed

@@ -1,13 +0,0 @@
-/**
- * API Client - MCP Server Re-export
- *
- * This module re-exports from the canonical bin/runners/lib/api-client.js
- * DO NOT add implementation here.
- *
- * @see ../../../bin/runners/lib/api-client.js for the canonical implementation
- */
-"use strict";
-// Re-export everything from the canonical api-client
-module.exports = require('../../bin/runners/lib/api-client.js');