@westbayberry/dg 1.0.53 → 1.0.56

package/dist/packages/cli/src/telemetry.js

@@ -0,0 +1,141 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.initTelemetry = initTelemetry;
+exports.redact = redact;
+exports.captureError = captureError;
+exports.flush = flush;
+/**
+ * Anonymous crash reporting via Sentry.
+ *
+ * Sends: error message, stack trace, Node version, OS, CLI version, command name.
+ * Never sends: package names, file paths, API keys, lockfile contents.
+ * Disable: DG_TELEMETRY=0 or DO_NOT_TRACK=1
+ */
+const Sentry = __importStar(require("@sentry/node"));
+// Sentry DSNs are public ingest endpoints, not secrets.
+const CLI_DSN = "https://0b48c008cee0061b41bd45029fac2342@o4510904601935872.ingest.us.sentry.io/4511197701931008";
+let initialized = false;
+function initTelemetry(version) {
+    if (process.env.DG_TELEMETRY === "0" || process.env.DO_NOT_TRACK === "1")
+        return;
+    try {
+        Sentry.init({
+            dsn: CLI_DSN,
+            release: `dg-cli@${version}`,
+            environment: process.env.CI ? "ci" : "local",
+            // TODO: reduce sample rate when CLI usage exceeds ~10k DAU
+            sampleRate: 1.0,
+            sendDefaultPii: false,
+            beforeSend(event) {
+                // Drop errors hitting RFC 2606 reserved hostnames (negative-path tests)
+                if (event.exception?.values?.some(ex => ex.value && /\.(invalid|test|example|localhost)\b/i.test(ex.value))) {
+                    return null;
+                }
+                if (event.request) {
+                    delete event.request.headers;
+                    delete event.request.data;
+                    delete event.request.cookies;
+                }
+                if (event.breadcrumbs) {
+                    event.breadcrumbs = event.breadcrumbs.map(b => {
+                        if (b.message)
+                            b.message = redact(b.message);
+                        if (b.data) {
+                            for (const key of Object.keys(b.data)) {
+                                if (typeof b.data[key] === "string") {
+                                    b.data[key] = redact(b.data[key]);
+                                }
+                            }
+                        }
+                        return b;
+                    });
+                }
+                if (event.exception?.values) {
+                    for (const ex of event.exception.values) {
+                        if (ex.value)
+                            ex.value = redact(ex.value);
+                        if (ex.stacktrace?.frames) {
+                            for (const frame of ex.stacktrace.frames) {
+                                if (frame.filename) {
+                                    frame.filename = frame.filename
+                                        .replace(/^\/Users\/[^/]+/, "[HOME]")
+                                        .replace(/^\/home\/[^/]+/, "[HOME]")
+                                        .replace(/^C:\\Users\\[^\\]+/, "[HOME]");
+                                }
+                            }
+                        }
+                    }
+                }
+                return event;
+            },
+        });
+        initialized = true;
+    }
+    catch {
+        // Sentry init failure should never block the CLI
+    }
+}
+// Redact secrets before sending to Sentry. Intentionally broad on API keys —
+// tighter bounds like {8,} would miss short dev/test tokens and leak them.
+// Being greedy here is the right default.
+function redact(s) {
+    return s
+        .replace(/dg_(?:live|test)_[A-Za-z0-9_-]{3,}/gi, "[DG_KEY_REDACTED]")
+        .replace(/\/Users\/[^\s:]+/g, "[USER_PATH]")
+        .replace(/\/home\/[^\s:]+/g, "[USER_PATH]")
+        .replace(/C:\\Users\\[^\s:]+/g, "[USER_PATH]")
+        .replace(/Bearer [^\s]+/g, "Bearer [REDACTED]");
+}
+function captureError(error, context) {
+    if (!initialized)
+        return;
+    try {
+        if (context)
+            Sentry.setContext("scan", context);
+        Sentry.captureException(error);
+    }
+    catch {
+        // Silent
+    }
+}
+async function flush() {
+    if (!initialized)
+        return;
+    try {
+        await Sentry.flush(2000);
+    }
+    catch { /* ignore — best-effort */ }
+}

package/dist/packages/cli/src/ui/App.js

@@ -0,0 +1,137 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.App = void 0;
+const jsx_runtime_1 = require("react/jsx-runtime");
+const react_1 = require("react");
+const ink_1 = require("ink");
+const auth_1 = require("../auth");
+const useScan_1 = require("./hooks/useScan");
+const Spinner_1 = require("./components/Spinner");
+const ProgressBar_1 = require("./components/ProgressBar");
+const InteractiveResultsView_1 = require("./components/InteractiveResultsView");
+const ErrorView_1 = require("./components/ErrorView");
+const ProjectSelector_1 = require("./components/ProjectSelector");
+const SetupBanner_1 = require("./components/SetupBanner");
+const useTerminalSize_1 = require("./hooks/useTerminalSize");
+const App = ({ config, userStatus, scanUsage, setupIssues = [] }) => {
+    const { state, scanSelectedProjects, restartSelection } = (0, useScan_1.useScan)(config);
+    const { exit } = (0, ink_1.useApp)();
+    (0, useTerminalSize_1.useTerminalSize)(); // keep hook active for resize-triggered re-renders
+    const prevPhaseRef = (0, react_1.useRef)(state.phase);
+    const altScreenActiveRef = (0, react_1.useRef)(false);
+    // Enter alternate screen buffer for the entire app lifecycle
+    (0, react_1.useEffect)(() => {
+        if (!process.stdout.isTTY)
+            return;
+        process.stdout.write("\x1b[?1049h"); // enter alternate screen
+        process.stdout.write("\x1b[2J\x1b[H"); // clear + home
+        process.stdout.write("\x1b[?1003l"); // disable mouse all-events (prevents scroll → arrow key)
+        process.stdout.write("\x1b[?1000l"); // disable mouse click tracking
+        altScreenActiveRef.current = true;
+        return () => {
+            if (altScreenActiveRef.current) {
+                process.stdout.write("\x1b[?1049l"); // exit alternate screen
+                altScreenActiveRef.current = false;
+            }
+            process.stdout.write("\x1b[?25h"); // restore cursor
+        };
+    }, []);
+    // Track phase transitions (Ink handles repainting automatically)
+    (0, react_1.useEffect)(() => {
+        prevPhaseRef.current = state.phase;
+    }, [state.phase]);
+    const leaveAltScreen = (0, react_1.useCallback)(() => {
+        if (altScreenActiveRef.current && process.stdout.isTTY) {
+            process.stdout.write("\x1b[?1049l");
+            altScreenActiveRef.current = false;
+        }
+        process.stdout.write("\x1b[?25h");
+    }, []);
+    const handleResultsExit = (0, react_1.useCallback)(() => {
+        if (state.phase === "results") {
+            const { result } = state;
+            if (result.action === "block" && config.mode === "block") {
+                process.exitCode = 2;
+            }
+            else if (result.action === "block" || result.action === "warn") {
+                process.exitCode = 1;
+            }
+            else {
+                process.exitCode = 0;
+            }
+        }
+        leaveAltScreen();
+        exit();
+    }, [state, config, exit, leaveAltScreen]);
+    // Exit alt screen BEFORE writing messages so they appear on the main screen
+    const exitWithMessage = (0, react_1.useCallback)((message, exitCode) => {
+        process.exitCode = exitCode;
+        leaveAltScreen();
+        process.stderr.write(message);
+        return setTimeout(() => exit(), 0);
+    }, [exit, leaveAltScreen]);
+    (0, react_1.useEffect)(() => {
+        if (state.phase === "empty") {
+            const timer = exitWithMessage(`${state.message}\n`, 0);
+            return () => clearTimeout(timer);
+        }
+        if (state.phase === "error") {
+            const timer = exitWithMessage(`Error: ${state.error.message}\n`, 3);
+            return () => clearTimeout(timer);
+        }
+        if (state.phase === "trial_exhausted") {
+            let msg = "Free trial scans used up. Run `dg login` to create a free account and continue scanning.\n";
+            try {
+                if ((0, auth_1.getStoredApiKey)()) {
+                    msg = "Your API key may be invalid or expired. Run `dg logout` then `dg login` to re-authenticate.\n";
+                }
+            }
+            catch { /* ignore — best-effort */ }
+            const timer = exitWithMessage(msg, 1);
+            return () => clearTimeout(timer);
+        }
+    }, [state, exitWithMessage]);
+    // Global q/ESC handler for phases that lack their own input handling
+    (0, ink_1.useInput)((input, key) => {
+        if (state.phase === "discovering" || state.phase === "scanning") {
+            if (input === "q" || key.escape) {
+                process.exitCode = 0;
+                leaveAltScreen();
+                exit();
+            }
+        }
+    });
+    const content = (() => {
+        switch (state.phase) {
+            case "discovering":
+                return (0, jsx_runtime_1.jsx)(Spinner_1.Spinner, { label: `Searching for dependencies in ${process.cwd()} ...` });
+            case "selecting":
+                return ((0, jsx_runtime_1.jsx)(ProjectSelector_1.ProjectSelector, { projects: state.projects, onConfirm: scanSelectedProjects, onCancel: () => { process.exitCode = 0; leaveAltScreen(); exit(); }, userStatus: userStatus }));
+            case "scanning":
+                return ((0, jsx_runtime_1.jsx)(ProgressBar_1.ProgressBar, { value: state.done, total: state.total, label: state.currentBatch.length > 0
+                        ? state.currentBatch[state.currentBatch.length - 1]
+                        : undefined }));
+            case "results":
+                return ((0, jsx_runtime_1.jsx)(InteractiveResultsView_1.InteractiveResultsView, { result: state.result, config: config, durationMs: state.durationMs, onExit: handleResultsExit, onBack: restartSelection ?? undefined, discoveredTotal: state.discoveredTotal, userStatus: userStatus, scanUsage: scanUsage }));
+            case "empty":
+                return (0, jsx_runtime_1.jsx)(ink_1.Text, { dimColor: true, children: state.message });
+            case "error":
+                return (0, jsx_runtime_1.jsx)(ErrorView_1.ErrorView, { error: state.error });
+            case "trial_exhausted": {
+                let hasKey = false;
+                try {
+                    hasKey = !!(0, auth_1.getStoredApiKey)();
+                }
+                catch { /* ignore — best-effort */ }
+                return ((0, jsx_runtime_1.jsx)(ink_1.Box, { flexDirection: "column", paddingLeft: 2, children: hasKey ? ((0, jsx_runtime_1.jsxs)(jsx_runtime_1.Fragment, { children: [(0, jsx_runtime_1.jsx)(ink_1.Text, { color: "yellow", bold: true, children: "Your API key may be invalid or expired." }), (0, jsx_runtime_1.jsxs)(ink_1.Text, { children: ["Run ", (0, jsx_runtime_1.jsx)(ink_1.Text, { color: "cyan", bold: true, children: "dg logout" }), " then ", (0, jsx_runtime_1.jsx)(ink_1.Text, { color: "cyan", bold: true, children: "dg login" }), " to re-authenticate."] })] })) : ((0, jsx_runtime_1.jsxs)(jsx_runtime_1.Fragment, { children: [(0, jsx_runtime_1.jsx)(ink_1.Text, { color: "yellow", bold: true, children: "Free trial scans used up." }), (0, jsx_runtime_1.jsxs)(ink_1.Text, { children: ["Run ", (0, jsx_runtime_1.jsx)(ink_1.Text, { color: "cyan", bold: true, children: "dg login" }), " to create a free account and continue scanning."] })] })) }));
+            }
+        }
+    })();
+    // Show the setup banner above the results — but not during empty/error/
+    // trial_exhausted phases where it would compete with the message the user
+    // actually needs to read.
+    const showBanner = state.phase === "selecting" &&
+        setupIssues.length > 0;
+    return ((0, jsx_runtime_1.jsxs)(ink_1.Box, { flexDirection: "column", children: [showBanner ? (0, jsx_runtime_1.jsx)(SetupBanner_1.SetupBanner, { issues: setupIssues }) : null, content] }));
+};
+exports.App = App;