codebakers 2.5.4 → 3.1.0

package/src/commands/prd.ts

@@ -1,419 +0,0 @@
-import * as p from '@clack/prompts';
-import chalk from 'chalk';
-import fs from 'fs-extra';
-import * as path from 'path';
-import Anthropic from '@anthropic-ai/sdk';
-import { Config } from '../utils/config.js';
-
-interface PRDSection {
-  title: string;
-  content: string;
-}
-
-interface ParsedPRD {
-  name: string;
-  description: string;
-  features: string[];
-  pages: string[];
-  database: string[];
-  integrations: string[];
-  design: {
-    profile?: string;
-    brandColor?: string;
-  };
-}
-
-export async function prdCommand(filePath?: string): Promise<void> {
-  const config = new Config();
-
-  if (!config.isConfigured()) {
-    p.log.error('Please run `codebakers setup` first.');
-    return;
-  }
-
-  p.intro(chalk.bgCyan.black(' Build from PRD '));
-
-  // Get PRD file
-  let prdPath = filePath;
-  if (!prdPath) {
-    const file = await p.text({
-      message: 'Path to PRD file:',
-      placeholder: './PRD.md or paste URL',
-      validate: (v) => !v ? 'File path required' : undefined,
-    });
-    if (p.isCancel(file)) return;
-    prdPath = file as string;
-  }
-
-  // Read PRD
-  const spinner = p.spinner();
-  spinner.start('Reading PRD...');
-
-  let prdContent: string;
-  try {
-    if (prdPath.startsWith('http')) {
-      const response = await fetch(prdPath);
-      prdContent = await response.text();
-    } else {
-      prdContent = await fs.readFile(prdPath, 'utf-8');
-    }
-  } catch (error) {
-    spinner.stop('Error');
-    p.log.error(`Could not read PRD: ${error instanceof Error ? error.message : 'Unknown error'}`);
-    return;
-  }
-
-  spinner.stop('PRD loaded');
-
-  // Parse PRD with AI
-  spinner.start('Analyzing PRD...');
-  
-  const anthropicCreds = config.getCredentials('anthropic');
-  if (!anthropicCreds?.apiKey) {
-    spinner.stop('Error');
-    p.log.error('Anthropic API key not configured.');
-    return;
-  }
-
-  const anthropic = new Anthropic({ apiKey: anthropicCreds.apiKey });
-
-  const parsed = await parsePRD(anthropic, prdContent);
-  spinner.stop('PRD analyzed');
-
-  // Show what was extracted
-  console.log(chalk.bold('\n📋 Extracted from PRD:\n'));
-  console.log(`  ${chalk.cyan('Name:')} ${parsed.name}`);
-  console.log(`  ${chalk.cyan('Description:')} ${parsed.description}`);
-  console.log(`  ${chalk.cyan('Features:')} ${parsed.features.length} features`);
-  console.log(`  ${chalk.cyan('Pages:')} ${parsed.pages.join(', ') || 'Auto-detect'}`);
-  console.log(`  ${chalk.cyan('Database:')} ${parsed.database.length} tables`);
-  console.log(`  ${chalk.cyan('Integrations:')} ${parsed.integrations.join(', ') || 'None'}`);
-  console.log('');
-
-  // Show features
-  if (parsed.features.length > 0) {
-    console.log(chalk.bold('Features to build:'));
-    parsed.features.slice(0, 10).forEach((f, i) => {
-      console.log(chalk.dim(`  ${i + 1}. ${f}`));
-    });
-    if (parsed.features.length > 10) {
-      console.log(chalk.dim(`  ... and ${parsed.features.length - 10} more`));
-    }
-    console.log('');
-  }
-
-  // Confirm
-  const proceed = await p.confirm({
-    message: 'Build this project?',
-    initialValue: true,
-  });
-
-  if (!proceed || p.isCancel(proceed)) {
-    p.cancel('Cancelled');
-    return;
-  }
-
-  // Build options
-  const options = await p.group({
-    createInfra: () => p.confirm({
-      message: 'Create GitHub + Vercel + Supabase?',
-      initialValue: true,
-    }),
-    designProfile: () => p.select({
-      message: 'Design profile:',
-      options: [
-        { value: 'minimal', label: 'Minimal (Linear, Notion)' },
-        { value: 'bold', label: 'Bold (Stripe, Ramp)' },
-        { value: 'editorial', label: 'Editorial (Medium, Substack)' },
-        { value: 'playful', label: 'Playful (Figma, Slack)' },
-        { value: 'premium', label: 'Premium (Apple, Porsche)' },
-        { value: 'dashboard', label: 'Dashboard (Datadog, Linear)' },
-      ],
-      initialValue: parsed.design.profile || 'minimal',
-    }),
-  });
-
-  if (p.isCancel(options)) return;
-
-  // Build the project
-  await buildFromPRD(parsed, options, anthropic, config);
-}
-
-async function parsePRD(anthropic: Anthropic, content: string): Promise<ParsedPRD> {
-  const response = await anthropic.messages.create({
-    model: 'claude-sonnet-4-5-20250929',
-    max_tokens: 4096,
-    messages: [{
-      role: 'user',
-      content: `Analyze this PRD and extract structured information. Return JSON only, no explanation.
-
-PRD:
-${content}
-
-Return this exact JSON structure:
-{
-  "name": "project name (lowercase, hyphenated)",
-  "description": "one sentence description",
-  "features": ["feature 1", "feature 2", ...],
-  "pages": ["page1", "page2", ...],
-  "database": ["table1", "table2", ...],
-  "integrations": ["stripe", "supabase", ...],
-  "design": {
-    "profile": "minimal|bold|editorial|playful|premium|dashboard or null",
-    "brandColor": "#hexcolor or null"
-  }
-}
-
-Extract ALL features mentioned. Include auth, payments, dashboards, etc.
-For pages, list actual pages/routes needed.
-For database, list tables/entities needed.
-For integrations, list third-party services mentioned.`
-    }],
-  });
-
-  const text = response.content[0].type === 'text' ? response.content[0].text : '';
-  
-  // Extract JSON from response
-  const jsonMatch = text.match(/\{[\s\S]*\}/);
-  if (!jsonMatch) {
-    throw new Error('Could not parse PRD');
-  }
-
-  return JSON.parse(jsonMatch[0]);
-}
-
-async function buildFromPRD(
-  prd: ParsedPRD,
-  options: { createInfra: boolean; designProfile: string },
-  anthropic: Anthropic,
-  config: Config
-): Promise<void> {
-  const spinner = p.spinner();
-  const projectPath = path.join(process.cwd(), prd.name);
-
-  // Step 1: Create project structure
-  spinner.start('Creating project structure...');
-  await fs.ensureDir(projectPath);
-  await fs.ensureDir(path.join(projectPath, '.codebakers'));
-  await fs.ensureDir(path.join(projectPath, 'src', 'app'));
-  await fs.ensureDir(path.join(projectPath, 'src', 'components'));
-  await fs.ensureDir(path.join(projectPath, 'src', 'lib'));
-  spinner.stop('Project structure created');
-
-  // Step 2: Save PRD to project
-  spinner.start('Saving PRD...');
-  await fs.writeFile(path.join(projectPath, 'PRD.md'), await fs.readFile(process.cwd(), 'utf-8').catch(() => JSON.stringify(prd, null, 2)));
-  await fs.writeJson(path.join(projectPath, '.codebakers', 'prd.json'), prd, { spaces: 2 });
-  await fs.writeJson(path.join(projectPath, '.codebakers', 'design.json'), {
-    profile: options.designProfile,
-    colors: prd.design.brandColor ? { brand: prd.design.brandColor } : undefined,
-  }, { spaces: 2 });
-  spinner.stop('PRD saved');
-
-  // Step 3: Generate build plan
-  spinner.start('Generating build plan...');
-  const buildPlan = await generateBuildPlan(anthropic, prd, options.designProfile);
-  await fs.writeJson(path.join(projectPath, '.codebakers', 'build-plan.json'), buildPlan, { spaces: 2 });
-  spinner.stop('Build plan generated');
-
-  // Show build plan
-  console.log(chalk.bold('\n🏗️  Build Plan:\n'));
-  buildPlan.phases.forEach((phase: any, i: number) => {
-    console.log(chalk.cyan(`Phase ${i + 1}: ${phase.name}`));
-    phase.tasks.forEach((task: string) => {
-      console.log(chalk.dim(`  • ${task}`));
-    });
-  });
-  console.log('');
-
-  // Step 4: Execute build plan
-  const startBuild = await p.confirm({
-    message: 'Start building?',
-    initialValue: true,
-  });
-
-  if (!startBuild || p.isCancel(startBuild)) {
-    p.log.info(`Build plan saved to ${prd.name}/.codebakers/build-plan.json`);
-    p.log.info(`Run \`cd ${prd.name} && codebakers code\` to continue building.`);
-    return;
-  }
-
-  // Execute each phase
-  for (let i = 0; i < buildPlan.phases.length; i++) {
-    const phase = buildPlan.phases[i];
-    console.log(chalk.bold(`\n📦 Phase ${i + 1}: ${phase.name}\n`));
-
-    for (const task of phase.tasks) {
-      spinner.start(task);
-      
-      try {
-        await executeTask(anthropic, projectPath, task, prd, options.designProfile);
-        spinner.stop(`✓ ${task}`);
-      } catch (error) {
-        spinner.stop(`✗ ${task}`);
-        p.log.error(error instanceof Error ? error.message : 'Task failed');
-        
-        const continueBuilding = await p.confirm({
-          message: 'Continue with next task?',
-          initialValue: true,
-        });
-        
-        if (!continueBuilding || p.isCancel(continueBuilding)) {
-          p.log.info('Build paused. Run `codebakers code` to continue.');
-          return;
-        }
-      }
-    }
-  }
-
-  // Step 5: Infrastructure (if selected)
-  if (options.createInfra) {
-    console.log(chalk.bold('\n🚀 Setting up infrastructure...\n'));
-    
-    spinner.start('Creating GitHub repository...');
-    // Would call GitHub service
-    spinner.stop('GitHub repository created');
-
-    spinner.start('Creating Supabase project...');
-    // Would call Supabase service  
-    spinner.stop('Supabase project created');
-
-    spinner.start('Creating Vercel project...');
-    // Would call Vercel service
-    spinner.stop('Vercel project created');
-
-    spinner.start('Deploying...');
-    // Would deploy
-    spinner.stop('Deployed!');
-  }
-
-  // Done!
-  p.outro(chalk.green(`
-✓ Project built from PRD!
-
-${chalk.bold('Your project:')}
-  ${chalk.cyan(`cd ${prd.name}`)}
-  ${chalk.cyan('npm run dev')}
-
-${chalk.bold('Continue building:')}
-  ${chalk.cyan('codebakers code')} — AI agent
-  ${chalk.cyan('codebakers check')} — Verify patterns
-  ${chalk.cyan('codebakers deploy')} — Deploy changes
-`));
-}
-
-async function generateBuildPlan(
-  anthropic: Anthropic,
-  prd: ParsedPRD,
-  designProfile: string
-): Promise<{ phases: Array<{ name: string; tasks: string[] }> }> {
-  const response = await anthropic.messages.create({
-    model: 'claude-sonnet-4-5-20250929',
-    max_tokens: 4096,
-    messages: [{
-      role: 'user',
-      content: `Create a build plan for this project. Return JSON only.
-
-Project: ${prd.name}
-Description: ${prd.description}
-Features: ${prd.features.join(', ')}
-Pages: ${prd.pages.join(', ')}
-Database tables: ${prd.database.join(', ')}
-Integrations: ${prd.integrations.join(', ')}
-Design: ${designProfile}
-
-Return this structure:
-{
-  "phases": [
-    {
-      "name": "Phase name",
-      "tasks": ["task 1", "task 2", ...]
-    }
-  ]
-}
-
-Phases should be:
-1. Setup (package.json, config, base files)
-2. Database (schema, migrations, types)
-3. Auth (if needed)
-4. Core Features (main functionality)
-5. UI/Pages (frontend)
-6. Integrations (third-party services)
-7. Polish (loading states, error handling, empty states)
-
-Keep tasks specific and actionable.`
-    }],
-  });
-
-  const text = response.content[0].type === 'text' ? response.content[0].text : '';
-  const jsonMatch = text.match(/\{[\s\S]*\}/);
-  if (!jsonMatch) {
-    throw new Error('Could not generate build plan');
-  }
-
-  return JSON.parse(jsonMatch[0]);
-}
-
-async function executeTask(
-  anthropic: Anthropic,
-  projectPath: string,
-  task: string,
-  prd: ParsedPRD,
-  designProfile: string
-): Promise<void> {
-  const response = await anthropic.messages.create({
-    model: 'claude-sonnet-4-5-20250929',
-    max_tokens: 8192,
-    messages: [{
-      role: 'user',
-      content: `Execute this task for the project.
-
-Project: ${prd.name}
-Task: ${task}
-Design Profile: ${designProfile}
-
-Context:
-- Features: ${prd.features.join(', ')}
-- Database: ${prd.database.join(', ')}
-
-Output files in this format:
-
-<<<FILE: path/to/file.ts>>>
-file content here
-<<<END_FILE>>>
-
-<<<FILE: another/file.tsx>>>
-file content here  
-<<<END_FILE>>>
-
-Follow these rules:
-- Use TypeScript
-- Use Next.js App Router
-- Use Tailwind CSS
-- Use shadcn/ui components
-- Every button needs onClick handler
-- Every form needs Zod validation
-- Every async operation needs loading/error states
-- Every list needs empty state
-- No generic gradient heroes
-- No icon spam
-- Generous spacing (py-16 or larger for sections)
-
-Generate ALL files needed for this task.`
-    }],
-  });
-
-  const text = response.content[0].type === 'text' ? response.content[0].text : '';
-
-  // Parse and write files
-  const fileRegex = /<<<FILE:\s*(.+?)>>>([\s\S]*?)<<<END_FILE>>>/g;
-  let match;
-
-  while ((match = fileRegex.exec(text)) !== null) {
-    const filePath = path.join(projectPath, match[1].trim());
-    const content = match[2].trim();
-
-    await fs.ensureDir(path.dirname(filePath));
-    await fs.writeFile(filePath, content);
-  }
-}

package/src/commands/security.ts

@@ -1,102 +0,0 @@
-import * as p from '@clack/prompts';
-import chalk from 'chalk';
-import fs from 'fs-extra';
-import glob from 'fast-glob';
-import * as path from 'path';
-
-export async function securityCommand(): Promise<void> {
-  p.intro(chalk.bgCyan.black(' Security Audit '));
-
-  const spinner = p.spinner();
-  spinner.start('Scanning for security issues...');
-
-  const issues = await runSecurityScan();
-
-  spinner.stop('Scan complete');
-
-  if (issues.length === 0) {
-    console.log(chalk.green('\n✓ No security issues found!\n'));
-    displaySecurityScore(100);
-  } else {
-    console.log(chalk.yellow(`\n⚠️  ${issues.length} security issues found:\n`));
-    
-    for (const issue of issues) {
-      const icon = issue.severity === 'critical' ? chalk.red('🔴') :
-                   issue.severity === 'high' ? chalk.red('🟠') :
-                   chalk.yellow('🟡');
-      
-      console.log(`${icon} ${chalk.bold(issue.title)}`);
-      console.log(chalk.dim(`   ${issue.file}:${issue.line}`));
-      console.log(`   ${issue.description}\n`);
-    }
-
-    const score = Math.max(0, 100 - 
-      (issues.filter(i => i.severity === 'critical').length * 30) -
-      (issues.filter(i => i.severity === 'high').length * 15));
-    displaySecurityScore(score);
-  }
-
-  p.outro('');
-}
-
-interface SecurityIssue {
-  title: string;
-  description: string;
-  file: string;
-  line: number;
-  severity: 'critical' | 'high' | 'medium';
-}
-
-async function runSecurityScan(): Promise<SecurityIssue[]> {
-  const cwd = process.cwd();
-  const issues: SecurityIssue[] = [];
-
-  const files = await glob(['src/**/*.{ts,tsx,js,jsx}'], { 
-    cwd,
-    ignore: ['**/node_modules/**'],
-  });
-
-  const patterns = [
-    {
-      pattern: /(sk_live_|sk_test_)[a-zA-Z0-9]+/g,
-      title: 'Hardcoded Stripe key',
-      severity: 'critical' as const,
-      description: 'Stripe API key should be in environment variables',
-    },
-    {
-      pattern: /\beval\s*\(/g,
-      title: 'Use of eval()',
-      severity: 'critical' as const,
-      description: 'eval() is a security vulnerability',
-    },
-    {
-      pattern: /dangerouslySetInnerHTML/g,
-      title: 'dangerouslySetInnerHTML',
-      severity: 'high' as const,
-      description: 'Ensure content is sanitized with DOMPurify',
-    },
-  ];
-
-  for (const file of files) {
-    const content = await fs.readFile(path.join(cwd, file), 'utf-8');
-
-    for (const { pattern, title, severity, description } of patterns) {
-      let match;
-      const regex = new RegExp(pattern.source, pattern.flags);
-      while ((match = regex.exec(content)) !== null) {
-        const line = content.substring(0, match.index).split('\n').length;
-        issues.push({ title, description, file, line, severity });
-      }
-    }
-  }
-
-  return issues;
-}
-
-function displaySecurityScore(score: number): void {
-  const color = score >= 80 ? chalk.green : score >= 50 ? chalk.yellow : chalk.red;
-  const grade = score >= 90 ? 'A' : score >= 80 ? 'B' : score >= 70 ? 'C' : 'F';
-  
-  console.log(chalk.bold('Security Score:'));
-  console.log(color(`\n  ${score}/100  Grade: ${grade}\n`));
-}