@viberaven/cli 1.1.7 → 1.1.8

package/README.md

@@ -67,6 +67,26 @@ Chat output is intentionally limited to focused actions, provider targets, copy
 
 Provider dashboard checks are not cleared by repo-code edits. Billing/product configuration, DNS, webhooks, credentials, quotas, and live provider verification must be completed or verified in the provider dashboard or through read-only provider evidence.
 
+Preview the action surface without login, scan, or API spend:
+
+```bash
+npx -y viberaven preview --agent-mode
+```
+
+The preview uses sample renderer data to show the intended chat-native shape. It is not a production verdict for the current repository.
+
+## Agent infrastructure direction
+
+VibeRaven's action model is designed for normal Codex, Claude Code, Cursor, and MCP workflows today, and for richer agent hosts later.
+
+Managed-agent systems need durable sessions, observable event history, credential boundaries, bounded execution, and resumable action state. VibeRaven keeps those concerns in the manifest contract:
+
+- `.viberaven/actions.json` is the current action surface.
+- `.viberaven/action-registry.json` preserves stable IDs and lifecycle history.
+- Future session events can add an append-only timeline without changing the current action model.
+- Provider credentials and raw env values must stay out of chat output, manifests, MCP resources, and UI renderers.
+- Future local/hosted consoles should execute only narrow VibeRaven commands, not arbitrary shell text.
+
 ## Production Copilot Loop
 
 VibeRaven runs a batch-disciplined loop until the production gate clears. Do not stop at "scan complete."

package/dist/cli.js

@@ -621,12 +621,12 @@ function createOpenCommand(target, platform = process.platform) {
 }
 async function openWithSystemDefault(target) {
   const { command, args, shell } = createOpenCommand(target);
-  await new Promise((resolve5, reject) => {
+  await new Promise((resolve6, reject) => {
     const child = (0, import_node_child_process.spawn)(command, args, { stdio: "ignore", shell });
     child.on("error", reject);
     child.on("exit", (code) => {
       if (code === 0) {
-        resolve5();
+        resolve6();
       } else {
         reject(new Error(`Could not open browser (exit ${code ?? "unknown"}). Open manually: ${target}`));
       }
@@ -666,7 +666,7 @@ function healPlanGapCommand(gapId) {
 // src/auth.ts
 var PUBLIC_LOGIN_COMMAND = `${PUBLIC_COMMAND} login`;
 function sleep(ms) {
-  return new Promise((resolve5) => setTimeout(resolve5, ms));
+  return new Promise((resolve6) => setTimeout(resolve6, ms));
 }
 async function runDeviceLogin(apiBaseUrl) {
   const signIn = await startManagedSignIn(apiBaseUrl);
@@ -9444,8 +9444,8 @@ function stripWindowsDrive(value) {
 }
 function stripAbsolutePrefix(value) {
   const normalized = slashPath(value);
-  const isAbsolute2 = /^[a-z]:\//i.test(normalized) || normalized.startsWith("/");
-  if (!isAbsolute2) {
+  const isAbsolute3 = /^[a-z]:\//i.test(normalized) || normalized.startsWith("/");
+  if (!isAbsolute3) {
     return normalized;
   }
   const lower = normalized.toLowerCase();
@@ -9901,12 +9901,12 @@ async function copyToClipboard(text) {
   }
 }
 function pipeToCommand(command, text, extraArgs = []) {
-  return new Promise((resolve5, reject) => {
+  return new Promise((resolve6, reject) => {
     const child = (0, import_node_child_process2.spawn)(command, extraArgs, { stdio: ["pipe", "ignore", "ignore"] });
     child.on("error", reject);
     child.on("close", (code) => {
       if (code === 0) {
-        resolve5();
+        resolve6();
       } else {
         reject(new Error(`${command} exited with code ${code ?? "unknown"}`));
       }
@@ -10302,10 +10302,10 @@ function sleepForRunnerPoll(ms, signal) {
   if (signal?.aborted) {
     return Promise.reject(createRunnerWatchAbortError());
   }
-  return new Promise((resolve5, reject) => {
+  return new Promise((resolve6, reject) => {
     const timer = setTimeout(() => {
       cleanup();
-      resolve5();
+      resolve6();
     }, ms);
     const onAbort = () => {
       cleanup();
@@ -10877,9 +10877,9 @@ function formatRepoMatch(repoMatch) {
   }
 }
 async function runCommand(command, args, cwd) {
-  return new Promise((resolve5) => {
+  return new Promise((resolve6) => {
     (0, import_node_child_process3.execFile)(command, args, { cwd, windowsHide: true }, (error, stdout, stderr) => {
-      resolve5({
+      resolve6({
         ok: !error,
         stdout: String(stdout ?? ""),
         stderr: String(stderr ?? "")
@@ -11589,7 +11589,7 @@ function buildAgentFixPrompt(artifact, gap) {
 }
 
 // src/version.ts
-var VERSION = "1.1.7";
+var VERSION = "1.1.8";
 
 // src/commands/guide.ts
 var import_picocolors3 = __toESM(require_picocolors());
@@ -14473,7 +14473,7 @@ function resolveConsoleCommandArgs(request) {
 }
 async function runAllowedConsoleCommand(input) {
   const args = resolveConsoleCommandArgs(input.request);
-  return new Promise((resolve5, reject) => {
+  return new Promise((resolve6, reject) => {
     let settled = false;
     const settle = (callback) => {
       if (settled) return;
@@ -14497,7 +14497,7 @@ async function runAllowedConsoleCommand(input) {
       settle(() => reject(error));
     });
     child.on("close", (exitCode) => {
-      settle(() => resolve5({ exitCode, stdout, stderr }));
+      settle(() => resolve6({ exitCode, stdout, stderr }));
     });
   });
 }
@@ -14863,7 +14863,7 @@ async function createConsoleServer(input) {
     }
     sendJson(response, 404, { ok: false, error: "Not found." });
   });
-  await new Promise((resolve5, reject) => {
+  await new Promise((resolve6, reject) => {
     const handleListenError = (error) => {
       closeWatcher();
       reject(error);
@@ -14871,14 +14871,14 @@ async function createConsoleServer(input) {
     server.once("error", handleListenError);
     server.listen(input.port ?? 0, "127.0.0.1", () => {
       server.off("error", handleListenError);
-      resolve5();
+      resolve6();
     });
   });
   const actualPort = getServerPort(server);
   return {
     url: `http://127.0.0.1:${actualPort}`,
     token,
-    close: () => new Promise((resolve5, reject) => {
+    close: () => new Promise((resolve6, reject) => {
       closeWatcher();
       for (const client of eventClients) {
         client.response.end();
@@ -14889,7 +14889,7 @@ async function createConsoleServer(input) {
           reject(error);
           return;
         }
-        resolve5();
+        resolve6();
       });
     })
   };
@@ -14931,15 +14931,120 @@ async function runConsoleCliCommand(input) {
   if (input.once) {
     return closeServer(server);
   }
-  return new Promise((resolve5) => {
+  return new Promise((resolve6) => {
     const onSigint = () => {
       process.off("SIGINT", onSigint);
-      void closeServer(server).then(resolve5);
+      void closeServer(server).then(resolve6);
     };
     process.once("SIGINT", onSigint);
   });
 }
 
+// src/commands/preview.ts
+var import_picocolors5 = __toESM(require_picocolors());
+function buildPreviewManifest() {
+  return {
+    version: 1,
+    generatedAt: "2026-06-16T00:00:00.000Z",
+    workspaceRoot: ".",
+    gateStatus: "not_clear",
+    actions: [
+      {
+        id: "VR-A1",
+        actionKey: "provider-action:stripe:stripe-webhook:/api/stripe/webhook:checkout.session.completed,customer.subscription.deleted,customer.subscription.updated",
+        revision: 1,
+        kind: "provider-action",
+        provider: "stripe",
+        title: "Connect Stripe Webhook",
+        status: "waiting-on-provider",
+        severity: "critical",
+        gapId: "stripe_webhook_secret_missing",
+        readiness: ["Webhook endpoint path detected", "Required events prepared"],
+        target: {
+          type: "provider",
+          provider: "stripe",
+          label: "Create Stripe webhook endpoint for /api/stripe/webhook."
+        },
+        copyPayloads: [
+          {
+            label: "Required webhook events",
+            format: "text",
+            value: [
+              "checkout.session.completed",
+              "customer.subscription.updated",
+              "customer.subscription.deleted"
+            ]
+          }
+        ],
+        verifyCommand: `${PUBLIC_COMMAND} verify --action VR-A1`,
+        resumeInstruction: "Stripe webhook is configured. Continue VibeRaven from VR-A1."
+      },
+      {
+        id: "VR-A2",
+        actionKey: "repo-code:supabase:rls:supabase/migrations/20260615_rls.sql:user-owned-tables",
+        revision: 1,
+        kind: "repo-code",
+        provider: "supabase",
+        title: "Apply Supabase RLS",
+        status: "waiting-on-database-proof",
+        severity: "critical",
+        gapId: "supabase_rls_policy_proof",
+        readiness: ["Affected tables detected", "Migration file target prepared"],
+        target: {
+          type: "file",
+          label: "RLS migration",
+          path: "supabase/migrations/20260615_rls.sql"
+        },
+        copyPayloads: [
+          {
+            label: "Tiny SQL shape",
+            format: "sql",
+            value: 'alter table public.example enable row level security;\ncreate policy "Users manage own rows" on public.example for all using (auth.uid() = user_id);'
+          }
+        ],
+        verifyCommand: `${PUBLIC_COMMAND} verify --action VR-A2`,
+        resumeInstruction: "Supabase RLS is applied. Continue VibeRaven from VR-A2."
+      },
+      {
+        id: "VR-A3",
+        actionKey: "verify:gate:final:npx-y-viberaven-strict",
+        revision: 1,
+        kind: "verify",
+        title: "Run Final Verification",
+        status: "blocked",
+        severity: "warning",
+        readiness: ["Run after repo-code and provider actions are complete"],
+        target: {
+          type: "command",
+          label: "Strict gate",
+          command: `${PUBLIC_COMMAND} --strict`
+        },
+        resumeInstruction: "Final verification finished. Continue VibeRaven from VR-A3."
+      }
+    ]
+  };
+}
+async function runPreviewCommand(options) {
+  const manifest = buildPreviewManifest();
+  if (options.json) {
+    console.log(JSON.stringify({ manifest }, null, 2));
+    return 0;
+  }
+  console.log(import_picocolors5.default.dim(`VibeRaven ${VERSION} preview - local rehearsal, no login or API spend.`));
+  console.log(import_picocolors5.default.dim("This is sample renderer data, not a production verdict for this repository."));
+  console.log("");
+  console.log(renderActionSurface(manifest, { limit: 3 }).trimEnd());
+  if (options.agentMode) {
+    console.log("");
+    console.log(
+      import_picocolors5.default.dim(
+        "Agent note: treat each visible action as the next production action surface. Do not mark provider actions resolved until provider proof exists."
+      )
+    );
+  }
+  return 0;
+}
+
 // src/output/nextActionBlock.ts
 function buildNextActionBlock(tasks, loopState, plan) {
   const batchSize = plan === "pro" ? 10 : 3;
@@ -15177,6 +15282,9 @@ Usage:
   viberaven actions [--json] [path]
                        Print current chat-native production action surface
 
+  viberaven preview [--agent-mode] [--json]
+                       Local chat-native action preview for videos and onboarding; no login or API spend
+
   viberaven connect --session <id> --token <token> [--once] [--api-url <url>]
                        Handshake, save runner session, then watch for jobs (Ctrl+C to stop)
 
@@ -15254,6 +15362,12 @@ Security:
 
 `);
 }
+function resolveCliWorkspacePath(input) {
+  if (!input) {
+    return process.cwd();
+  }
+  return (0, import_node_path31.isAbsolute)(input) ? input : (0, import_node_path31.resolve)(process.cwd(), input);
+}
 function parseArgs(argv) {
   const flags = {};
   const positional = [];
@@ -15840,7 +15954,13 @@ async function main() {
       return cmdStatus(flags, positional);
     case "actions":
       return runActionsCommand({
-        cwd: positional[0] ? (0, import_node_path31.join)(process.cwd(), positional[0]) : process.cwd(),
+        cwd: resolveCliWorkspacePath(positional[0]),
+        json: Boolean(flags.json)
+      });
+    case "preview":
+      return runPreviewCommand({
+        cwd: resolveCliWorkspacePath(positional[0]),
+        agentMode: flags["agent-mode"] === true,
         json: Boolean(flags.json)
       });
     case "console":
@@ -15851,7 +15971,7 @@ async function main() {
         return 1;
       }
       return runConsoleCliCommand({
-        cwd: positional[0] ? (0, import_node_path31.join)(process.cwd(), positional[0]) : process.cwd(),
+        cwd: resolveCliWorkspacePath(positional[0]),
         port: typeof flags.port === "string" ? Number.parseInt(flags.port, 10) : void 0,
         open: flags.open === true
       });