@vibgrate/cli 1.0.66 → 1.0.67

package/dist/{baseline-IEG2JITU.js → baseline-YGEO4GK7.js}

@@ -1,8 +1,8 @@
 import {
   baselineCommand,
   runBaseline
-} from "./chunk-IHDUX5MC.js";
-import "./chunk-DMYMJUQP.js";
+} from "./chunk-NASOHLRL.js";
+import "./chunk-56UAFVE4.js";
 import "./chunk-TBE6NQ5Z.js";
 export {
   baselineCommand,

package/dist/{chunk-DMYMJUQP.js → chunk-56UAFVE4.js}

@@ -319,20 +319,6 @@ function formatText(artifact) {
   if (artifact.extended?.architecture) {
     lines.push(...formatArchitectureDiagram(artifact.extended.architecture));
   }
-  if (artifact.relationshipDiagram?.mermaid) {
-    lines.push(chalk.bold.cyan("\u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557"));
-    lines.push(chalk.bold.cyan("\u2551      Project Relationship Diagram        \u2551"));
-    lines.push(chalk.bold.cyan("\u255A\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255D"));
-    lines.push("");
-    lines.push(chalk.bold("  Mermaid") + chalk.dim("  (copy into https://mermaid.live or a ```mermaid code block)"));
-    lines.push("");
-    lines.push(chalk.dim("  ```mermaid"));
-    for (const mLine of artifact.relationshipDiagram.mermaid.split("\n")) {
-      lines.push(chalk.dim(`  ${mLine}`));
-    }
-    lines.push(chalk.dim("  ```"));
-    lines.push("");
-  }
   if (artifact.solutions && artifact.solutions.length > 0) {
     lines.push(chalk.bold.cyan("\u2554\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557"));
     lines.push(chalk.bold.cyan("\u2551        Solution Drift Summary            \u2551"));
@@ -1308,7 +1294,9 @@ function compactApiSurface(result) {
     parameters: [],
     // Don't include params
     configOptions: [],
-    authHints: []
+    authHints: [],
+    files: []
+    // Don't include file paths
   }));
   return {
     integrations: uniqueIntegrations,
@@ -7726,6 +7714,17 @@ function extract(content, pattern, sourceFile) {
   }
   return out;
 }
+var LOCKFILE_NAMES = /* @__PURE__ */ new Set([
+  "package-lock.json",
+  "pnpm-lock.yaml",
+  "yarn.lock",
+  "composer.lock",
+  "Gemfile.lock",
+  "Cargo.lock",
+  "poetry.lock",
+  "Pipfile.lock",
+  "packages.lock.json"
+]);
 function detectDbBrand(raw) {
   const value = raw.toLowerCase();
   if (value.includes("postgres")) return { kind: "sql", brand: "PostgreSQL", version: null, evidence: raw };
@@ -7736,6 +7735,7 @@ function detectDbBrand(raw) {
   if (value.includes("mongodb")) return { kind: "nosql", brand: "MongoDB", version: null, evidence: raw };
   if (value.includes("redis")) return { kind: "nosql", brand: "Redis", version: null, evidence: raw };
   if (value.includes("cassandra")) return { kind: "nosql", brand: "Cassandra", version: null, evidence: raw };
+  if (value.includes("cosmosdb") || value.includes("@azure/cosmos") || value.includes("cosmos")) return { kind: "nosql", brand: "CosmosDB", version: null, evidence: raw };
   if (value.includes("dynamodb")) return { kind: "nosql", brand: "DynamoDB", version: null, evidence: raw };
   if (value.includes("neo4j")) return { kind: "nosql", brand: "Neo4j", version: null, evidence: raw };
   return null;
@@ -7817,13 +7817,16 @@ async function scanDataStores(rootDir, fileCache) {
   for (const file of files) {
     const connStrings = extract(file.content, /\b(?:postgres(?:ql)?:\/\/[^\s'"`]+|mysql:\/\/[^\s'"`]+|mongodb(?:\+srv)?:\/\/[^\s'"`]+|redis:\/\/[^\s'"`]+)\b/gi, file.relPath);
     result.connectionStrings.push(...connStrings);
-    const dbEvidence = [
-      ...extract(file.content, /\b(?:postgres|postgresql|mysql|mariadb|mssql|sqlserver|oracle|sqlite|mongodb|redis|cassandra|dynamodb|neo4j)\b/gi, file.relPath),
-      ...connStrings
-    ];
-    for (const evidence of dbEvidence) {
-      const detected = detectDbBrand(evidence);
-      if (detected) dbTechnologies.push(detected);
+    const isLockFile = LOCKFILE_NAMES.has(path23.basename(file.relPath));
+    if (!isLockFile) {
+      const dbEvidence = [
+        ...extract(file.content, /\b(?:postgres|postgresql|mysql|mariadb|mssql|sqlserver|oracle|sqlite|mongodb|redis|cassandra|cosmosdb|cosmos|dynamodb|neo4j)\b/gi, file.relPath),
+        ...connStrings
+      ];
+      for (const evidence of dbEvidence) {
+        const detected = detectDbBrand(evidence);
+        if (detected) dbTechnologies.push(detected);
+      }
     }
     result.connectionPoolSettings.push(...extract(file.content, /\b(?:pool(?:Size|_size)?|maxPoolSize|minPoolSize|connectionLimit)\b[^\n]*/gi, file.relPath));
     result.replicationSettings.push(...extract(file.content, /\b(?:replication|cluster|replicaSet)\b[^\n]*/gi, file.relPath));
@@ -7840,7 +7843,10 @@ async function scanDataStores(rootDir, fileCache) {
     result.otherServices.push(...extract(file.content, /\b(?:redis:\/\/[^\s'"`]+|amqp:\/\/[^\s'"`]+|kafka:\/\/[^\s'"`]+|elasticsearch:\/\/[^\s'"`]+)\b/gi, file.relPath));
   }
   const dedupDb = /* @__PURE__ */ new Map();
-  for (const db of dbTechnologies) dedupDb.set(`${db.kind}:${db.brand}:${db.evidence}`, db);
+  for (const db of dbTechnologies) {
+    const key = `${db.kind}:${db.brand}`;
+    if (!dedupDb.has(key)) dedupDb.set(key, db);
+  }
   result.databaseTechnologies = [...dedupDb.values()].sort((a, b) => a.brand.localeCompare(b.brand));
   result.connectionStrings = uniq(result.connectionStrings);
   result.connectionPoolSettings = uniq(result.connectionPoolSettings);
@@ -7870,6 +7876,17 @@ function detectOpenApiSpecification(relPath, content) {
   const endpointCount = content.match(/(^|\n)\s*\/[^\n:]+:\s*(get|post|put|patch|delete|options|head)/gim)?.length ?? content.match(/"\/[^"]+"\s*:\s*\{/g)?.length ?? null;
   return { path: relPath, format, version, title, endpointCount };
 }
+function isInternalHost(hostname) {
+  const h = hostname.toLowerCase();
+  if (h === "localhost" || h === "127.0.0.1" || h === "::1" || h === "0.0.0.0") return true;
+  if (/^192\.168\./.test(h) || /^10\./.test(h) || /^172\.(1[6-9]|2\d|3[01])\./.test(h)) return true;
+  if (!h.includes(".")) return true;
+  if (/^(example|test|localhost|local|internal)\b/.test(h)) return true;
+  return false;
+}
+function normalizeUrl(raw) {
+  return raw.replace(/[\u0000-\u001F\u007F-\u009F\u200B-\u200F\u202A-\u202E\u2066-\u2069\uFEFF]/g, "").trim();
+}
 async function scanApiSurface(rootDir, fileCache) {
   const files = await scanTextFiles(rootDir, fileCache);
   const integrations = [];
@@ -7889,18 +7906,29 @@ async function scanApiSurface(rootDir, fileCache) {
   for (const file of files) {
     const openApiSpec = detectOpenApiSpecification(file.relPath, file.content);
     if (openApiSpec) result.openApiSpecifications.push(openApiSpec);
-    const endpoints = extract(file.content, /\bhttps?:\/\/[^\s'"`]+/gi, file.relPath);
-    for (const endpoint of endpoints) {
-      const provider = endpoint.replace(/^https?:\/\//, "").split("/")[0] ?? "unknown";
-      const versionMatch = endpoint.match(/\/(v\d+(?:\.\d+)?)\b/i);
-      const params = endpoint.match(/[?&]([a-zA-Z0-9_.-]+)=/g)?.map((p) => p.replace(/[?&=]/g, "")) ?? [];
+    const urlRegex = /\bhttps?:\/\/[^\s'"`]+/gi;
+    let match;
+    while ((match = urlRegex.exec(file.content)) !== null) {
+      const rawUrl = match[0].replace(/[,;)\]}"'`]+$/, "");
+      const cleanUrl = normalizeUrl(rawUrl);
+      if (!cleanUrl.startsWith("http")) continue;
+      let hostname;
+      try {
+        hostname = new URL(cleanUrl).hostname;
+      } catch {
+        continue;
+      }
+      if (isInternalHost(hostname)) continue;
+      const versionMatch = cleanUrl.match(/\/(v\d+(?:\.\d+)?)\b/i);
+      const params = cleanUrl.match(/[?&]([a-zA-Z0-9_.-]+)=/g)?.map((p) => p.replace(/[?&=]/g, "")) ?? [];
       integrations.push({
-        provider,
-        endpoint,
+        provider: hostname,
+        endpoint: cleanUrl,
         version: versionMatch ? versionMatch[1] : null,
         parameters: params,
         configOptions: extract(file.content, /\b(?:baseUrl|apiUrl|endpoint|timeout|retries|apiVersion)\b[^\n]*/gi, file.relPath),
-        authHints: extract(file.content, /\b(?:api[_-]?key|bearer\s+[a-z0-9_.-]+|client[_-]?secret|oauth)\b[^\n]*/gi, file.relPath)
+        authHints: extract(file.content, /\b(?:api[_-]?key|bearer\s+[a-z0-9_.-]+|client[_-]?secret|oauth)\b[^\n]*/gi, file.relPath),
+        files: [file.relPath]
       });
     }
     result.webhookUrls.push(...extract(file.content, /\bhttps?:\/\/[^\s'"`]*(?:webhook|hooks?)[^\s'"`]*/gi, file.relPath));
@@ -7910,18 +7938,27 @@ async function scanApiSurface(rootDir, fileCache) {
     result.rateLimitOverrides.push(...extract(file.content, /\b(?:rate[_-]?limit|max[_-]?requests|throttle)\b[^\n]*/gi, file.relPath));
     result.customHeaders.push(...extract(file.content, /\b(?:x-[a-z0-9-]+|authorization|user-agent)\b[^\n]*/gi, file.relPath));
     result.corsPolicies.push(...extract(file.content, /\b(?:cors|access-control-allow-origin|allowedOrigins)\b[^\n]*/gi, file.relPath));
-    result.oauthScopes.push(...extract(file.content, /\b(?:scope|scopes)\b[^\n]*(?:openid|profile|email|read|write)/gi, file.relPath));
+    result.oauthScopes.push(...extract(file.content, /\bscopes?\s*[=:]\s*['"][^'"]*(?:openid|profile|email|offline_access|read(?::\w+)?|write(?::\w+)?)[^'"]*['"]/gi, file.relPath));
     result.apiTokens.push(...extract(file.content, /\b(?:api[_-]?token|access[_-]?token|bearer[_-]?token)\b[^\n]*/gi, file.relPath));
   }
   const integrationMap = /* @__PURE__ */ new Map();
   for (const integration of integrations) {
-    const key = `${integration.provider}:${integration.endpoint}`;
-    integrationMap.set(key, {
-      ...integration,
-      parameters: uniq(integration.parameters),
-      configOptions: uniq(integration.configOptions),
-      authHints: uniq(integration.authHints)
-    });
+    const key = integration.endpoint;
+    const existing = integrationMap.get(key);
+    if (existing) {
+      existing.files = uniq([...existing.files, ...integration.files]);
+      existing.parameters = uniq([...existing.parameters, ...integration.parameters]);
+      existing.configOptions = uniq([...existing.configOptions, ...integration.configOptions]);
+      existing.authHints = uniq([...existing.authHints, ...integration.authHints]);
+    } else {
+      integrationMap.set(key, {
+        ...integration,
+        parameters: uniq(integration.parameters),
+        configOptions: uniq(integration.configOptions),
+        authHints: uniq(integration.authHints),
+        files: [...integration.files]
+      });
+    }
   }
   result.integrations = [...integrationMap.values()].sort((a, b) => a.provider.localeCompare(b.provider));
   result.openApiSpecifications = [...new Map(result.openApiSpecifications.map((spec) => [spec.path, spec])).values()].sort((a, b) => a.path.localeCompare(b.path));
@@ -7936,8 +7973,27 @@ async function scanApiSurface(rootDir, fileCache) {
   result.apiTokens = uniq(result.apiTokens);
   return result;
 }
+var NON_CODE_EXTENSIONS = /* @__PURE__ */ new Set([
+  ".md",
+  ".mdx",
+  ".markdown",
+  ".txt",
+  ".rst",
+  ".adoc",
+  ".asciidoc",
+  ".html",
+  ".htm",
+  ".pdf",
+  ".docx",
+  ".doc",
+  ".rtf"
+]);
 async function scanOperationalResilience(rootDir, fileCache) {
-  const files = await scanTextFiles(rootDir, fileCache);
+  const allFiles = await scanTextFiles(rootDir, fileCache);
+  const files = allFiles.filter((f) => {
+    const ext = path23.extname(f.relPath).toLowerCase();
+    return !NON_CODE_EXTENSIONS.has(ext);
+  });
   const result = {
     implicitTimeouts: [],
     defaultPaginationSize: [],
@@ -8912,12 +8968,10 @@ async function runScan(rootDir, opts) {
     steps: progress.getStepTimings()
   });
   if (!opts.noLocalArtifacts && !maxPrivacyMode) {
+    const projectScores = {};
     for (const project of allProjects) {
       if (project.drift && project.path) {
-        const projectDir = path24.resolve(rootDir, project.path);
-        const projectVibgrateDir = path24.join(projectDir, ".vibgrate");
-        await ensureDir(projectVibgrateDir);
-        await writeJsonFile(path24.join(projectVibgrateDir, "project_score.json"), {
+        projectScores[project.path] = {
           projectId: project.projectId,
           name: project.name,
           type: project.type,
@@ -8930,9 +8984,14 @@ async function runScan(rootDir, opts) {
           vibgrateVersion: VERSION,
           solutionId: project.solutionId,
           solutionName: project.solutionName
-        });
+        };
       }
     }
+    if (Object.keys(projectScores).length > 0) {
+      const vibgrateDir = path24.join(rootDir, ".vibgrate");
+      await ensureDir(vibgrateDir);
+      await writeJsonFile(path24.join(vibgrateDir, "project_scores.json"), projectScores);
+    }
   }
   if (opts.format === "json") {
     const jsonStr = JSON.stringify(artifact, null, 2);

package/dist/{chunk-IHDUX5MC.js → chunk-NASOHLRL.js}

@@ -1,6 +1,6 @@
 import {
   runScan
-} from "./chunk-DMYMJUQP.js";
+} from "./chunk-56UAFVE4.js";
 import {
   writeJsonFile
 } from "./chunk-TBE6NQ5Z.js";

package/dist/cli.js

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 import {
   baselineCommand
-} from "./chunk-IHDUX5MC.js";
+} from "./chunk-NASOHLRL.js";
 import {
   VERSION,
   dsnCommand,
@@ -10,7 +10,7 @@ import {
   pushCommand,
   scanCommand,
   writeDefaultConfig
-} from "./chunk-DMYMJUQP.js";
+} from "./chunk-56UAFVE4.js";
 import {
   ensureDir,
   pathExists,
@@ -39,7 +39,7 @@ var initCommand = new Command("init").description("Initialize vibgrate in a proj
     console.log(chalk.green("\u2714") + ` Created ${chalk.bold("vibgrate.config.ts")}`);
   }
   if (opts.baseline) {
-    const { runBaseline } = await import("./baseline-IEG2JITU.js");
+    const { runBaseline } = await import("./baseline-YGEO4GK7.js");
     await runBaseline(rootDir);
   }
   console.log("");

package/dist/index.d.ts

@@ -541,6 +541,7 @@ interface ApiIntegration {
     parameters: string[];
     configOptions: string[];
     authHints: string[];
+    files: string[];
 }
 interface ApiSurfaceResult {
     integrations: ApiIntegration[];

package/dist/index.js

@@ -5,7 +5,7 @@ import {
   formatText,
   generateFindings,
   runScan
-} from "./chunk-DMYMJUQP.js";
+} from "./chunk-56UAFVE4.js";
 import "./chunk-TBE6NQ5Z.js";
 export {
   computeDriftScore,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vibgrate/cli",
-  "version": "1.0.66",
+  "version": "1.0.67",
   "description": "CLI for measuring upgrade drift across Node, .NET, Python & Java projects",
   "type": "module",
   "bin": {