coderifts 1.1.0

package/README.md

@@ -0,0 +1,111 @@
+# CodeRifts CLI
+
+Detect breaking API changes between OpenAPI specs from the command line. Works locally or with the CodeRifts cloud API.
+
+## Installation
+
+```bash
+npm install -g coderifts
+```
+
+Or run without installing:
+
+```bash
+npx coderifts diff old-api.yaml new-api.yaml
+```
+
+## Quick Start
+
+```bash
+# Compare two specs locally
+coderifts diff old-api.yaml new-api.yaml
+
+# Use cloud API for full governance report
+coderifts login
+coderifts diff old-api.yaml new-api.yaml --cloud
+
+# CI mode — exit 1 if risk score exceeds threshold
+coderifts diff old-api.yaml new-api.yaml --ci --threshold 50
+```
+
+## Commands
+
+### `coderifts diff <old-spec> <new-spec>`
+
+Compare two OpenAPI specs and report breaking changes.
+
+| Flag | Description | Default |
+|------|-------------|---------|
+| `-f, --format <format>` | Output format: `terminal`, `json`, `markdown` | `terminal` |
+| `--ci` | CI mode — exit code 1 if breaking changes exceed threshold | `false` |
+| `--threshold <number>` | Risk score threshold for CI mode (0-100) | `50` |
+| `--cloud` | Use CodeRifts cloud API instead of local analysis | `false` |
+| `-c, --config <path>` | Path to `.coderifts.yml` config file | auto-detect |
+
+**Output formats:**
+
+- **terminal** — Colored tables and risk score box (default)
+- **json** — Full structured report for programmatic use
+- **markdown** — Markdown table for CI comments
+
+A `coderifts-report.json` file is always saved to the current directory.
+
+### `coderifts init`
+
+Interactive configuration generator. Creates a `.coderifts.yml` file with industry-specific presets:
+
+- Default (recommended)
+- Fintech / Payments
+- Healthcare / HIPAA
+- Platform / API-First
+- E-commerce
+
+### `coderifts login`
+
+Save your CodeRifts API key for cloud features. Get a free key at [app.coderifts.com/api/signup](https://app.coderifts.com/api/signup).
+
+## CI/CD Integration
+
+### GitHub Actions
+
+```yaml
+- name: Check API breaking changes
+  run: npx coderifts diff old-api.yaml new-api.yaml --ci --format json
+```
+
+### GitLab CI
+
+```yaml
+api-check:
+  script:
+    - npx coderifts diff old-api.yaml new-api.yaml --ci --threshold 40
+```
+
+### Jenkins
+
+```groovy
+sh 'npx coderifts diff old-api.yaml new-api.yaml --ci'
+```
+
+## Environment Variables
+
+| Variable | Description |
+|----------|-------------|
+| `CODERIFTS_API_KEY` | API key (alternative to `coderifts login`) |
+| `NO_COLOR` | Disable colored output |
+
+## Exit Codes
+
+| Code | Meaning |
+|------|---------|
+| `0` | No breaking changes (or below threshold) |
+| `1` | Breaking changes found (in CI mode) or analysis failed |
+
+## Links
+
+- [Website](https://coderifts.com)
+- [CLI Integration Page](https://coderifts.com/integrations/cli/)
+- [API Docs](https://app.coderifts.com/api/docs)
+- [Get API Key](https://app.coderifts.com/api/signup)
+- [GitHub](https://github.com/coderifts/app)
+- [npm](https://www.npmjs.com/package/coderifts)

package/bin/coderifts.js

@@ -0,0 +1,45 @@
+#!/usr/bin/env node
+
+'use strict';
+
+const { program } = require('commander');
+const pkg = require('../package.json');
+
+program
+  .name('coderifts')
+  .description('Detect breaking API changes between OpenAPI specs')
+  .version(pkg.version, '-v, --version');
+
+// ── diff command ──
+program
+  .command('diff <old-spec> <new-spec>')
+  .description('Compare two OpenAPI specs and report breaking changes')
+  .option('-f, --format <format>', 'Output format: terminal (default), json, markdown', 'terminal')
+  .option('--ci', 'CI mode — exit with code 1 if breaking changes exceed threshold')
+  .option('--threshold <number>', 'Risk score threshold for CI mode (0-100)', '50')
+  .option('--cloud', 'Use the CodeRifts cloud API instead of local analysis')
+  .option('-c, --config <path>', 'Path to .coderifts.yml config file')
+  .action(async (oldSpec, newSpec, options) => {
+    const { diff } = require('../src/commands/diff');
+    await diff(oldSpec, newSpec, options);
+  });
+
+// ── init command ──
+program
+  .command('init')
+  .description('Generate a .coderifts.yml configuration file')
+  .action(async () => {
+    const { init } = require('../src/commands/init');
+    await init();
+  });
+
+// ── login command ──
+program
+  .command('login')
+  .description('Save your API key for cloud features')
+  .action(async () => {
+    const { login } = require('../src/commands/login');
+    await login();
+  });
+
+program.parse();

package/package.json

@@ -0,0 +1,49 @@
+{
+  "name": "coderifts",
+  "version": "1.1.0",
+  "description": "Detect breaking API changes from the command line. Works locally or with the CodeRifts cloud API.",
+  "author": "CodeRifts <hello@coderifts.com>",
+  "license": "MIT",
+  "bin": {
+    "coderifts": "./bin/coderifts.js"
+  },
+  "main": "src/commands/diff.js",
+  "files": [
+    "bin/",
+    "src/",
+    "README.md"
+  ],
+  "keywords": [
+    "openapi",
+    "api",
+    "breaking-changes",
+    "diff",
+    "governance",
+    "cli",
+    "ci-cd",
+    "swagger",
+    "devtools"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/coderifts/app",
+    "directory": "packages/cli"
+  },
+  "homepage": "https://coderifts.com",
+  "bugs": "https://github.com/coderifts/app/issues",
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "scripts": {
+    "test": "node --test test/*.test.js"
+  },
+  "dependencies": {
+    "commander": "^12.0.0",
+    "chalk": "^4.1.2",
+    "cli-table3": "^0.6.4",
+    "inquirer": "^8.2.6",
+    "ora": "^5.4.1",
+    "js-yaml": "^4.1.0",
+    "openapi-diff": "^0.23.5"
+  }
+}

package/src/cloud.js

@@ -0,0 +1,51 @@
+'use strict';
+
+const https = require('https');
+
+const API_BASE = 'https://app.coderifts.com';
+
+/**
+ * Send specs to the CodeRifts cloud API for analysis.
+ */
+function cloudDiff(oldSpec, newSpec, apiKey) {
+  return new Promise((resolve, reject) => {
+    const body = JSON.stringify({ old_spec: oldSpec, new_spec: newSpec });
+
+    const url = new URL('/api/v1/diff', API_BASE);
+    const options = {
+      hostname: url.hostname,
+      port: 443,
+      path: url.pathname,
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        'Content-Length': Buffer.byteLength(body),
+        'Authorization': `Bearer ${apiKey}`,
+        'User-Agent': '@coderifts/cli',
+      },
+    };
+
+    const req = https.request(options, (res) => {
+      let data = '';
+      res.on('data', (chunk) => { data += chunk; });
+      res.on('end', () => {
+        try {
+          const parsed = JSON.parse(data);
+          if (res.statusCode >= 400) {
+            reject(new Error(parsed.message || parsed.error || `HTTP ${res.statusCode}`));
+          } else {
+            resolve(parsed);
+          }
+        } catch {
+          reject(new Error(`Invalid JSON response (HTTP ${res.statusCode})`));
+        }
+      });
+    });
+
+    req.on('error', reject);
+    req.write(body);
+    req.end();
+  });
+}
+
+module.exports = { cloudDiff };

package/src/commands/diff.js

@@ -0,0 +1,237 @@
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const chalk = require('chalk');
+const ora = require('ora');
+const yaml = require('js-yaml');
+const { loadProjectConfig, getApiKey } = require('../config');
+const { cloudDiff } = require('../cloud');
+const { renderTerminal } = require('../output/terminal');
+const { renderJson } = require('../output/json');
+
+// Respect NO_COLOR
+if (process.env.NO_COLOR) chalk.level = 0;
+
+/**
+ * Read and parse an OpenAPI spec file.
+ * Returns the raw string content (for cloud mode) and parsed object (for local mode).
+ */
+function readSpec(filePath) {
+  const resolved = path.resolve(filePath);
+  if (!fs.existsSync(resolved)) {
+    console.error(chalk.red(`Error: File not found: ${filePath}`));
+    process.exit(1);
+  }
+  const raw = fs.readFileSync(resolved, 'utf-8');
+  return raw;
+}
+
+/**
+ * Run local analysis using the bundled core analyzer.
+ */
+async function localAnalyze(oldSpecRaw, newSpecRaw, config) {
+  // Parse specs
+  let oldSpec, newSpec;
+  try {
+    oldSpec = yaml.load(oldSpecRaw);
+  } catch (e) {
+    throw new Error(`Failed to parse old spec: ${e.message}`);
+  }
+  try {
+    newSpec = yaml.load(newSpecRaw);
+  } catch (e) {
+    throw new Error(`Failed to parse new spec: ${e.message}`);
+  }
+
+  // Use openapi-diff for the raw diff
+  const { diffSpecs } = require('openapi-diff');
+
+  // Convert specs to JSON strings for openapi-diff
+  const oldJson = JSON.stringify(oldSpec);
+  const newJson = JSON.stringify(newSpec);
+
+  let diffResult;
+  try {
+    diffResult = await diffSpecs({
+      sourceSpec: { content: oldJson, location: 'old-spec.json', format: 'openapi3' },
+      destinationSpec: { content: newJson, location: 'new-spec.json', format: 'openapi3' },
+    });
+  } catch (e) {
+    throw new Error(`Diff engine error: ${e.message}`);
+  }
+
+  // Classify breaking changes
+  const breakingChanges = [];
+  const nonBreakingChanges = [];
+
+  if (diffResult.breakingDifferences) {
+    for (const diff of diffResult.breakingDifferences) {
+      breakingChanges.push({
+        type: diff.code || 'unknown',
+        path: diff.sourceSpecEntityDetails?.[0]?.location || diff.entity || '',
+        method: '',
+        field: '',
+        severity: 'high',
+        description: diff.action || diff.code || '',
+      });
+    }
+  }
+
+  if (diffResult.nonBreakingDifferences) {
+    for (const diff of diffResult.nonBreakingDifferences) {
+      nonBreakingChanges.push({
+        type: diff.code || 'unknown',
+        path: diff.sourceSpecEntityDetails?.[0]?.location || diff.entity || '',
+        method: '',
+        field: '',
+        severity: 'low',
+        description: diff.action || diff.code || '',
+      });
+    }
+  }
+
+  // Calculate risk score
+  const breakingCount = breakingChanges.length;
+  const baseScore = Math.min(breakingCount * 15, 80);
+  const riskScore = Math.min(baseScore + (breakingCount > 3 ? 20 : 0), 100);
+
+  let riskLevel = 'minimal';
+  if (riskScore >= 80) riskLevel = 'critical';
+  else if (riskScore >= 60) riskLevel = 'high';
+  else if (riskScore >= 40) riskLevel = 'moderate';
+  else if (riskScore >= 20) riskLevel = 'low';
+
+  // Semver suggestion
+  let semverSuggestion = 'patch';
+  if (breakingCount > 0) semverSuggestion = 'major';
+  else if (nonBreakingChanges.length > 0) semverSuggestion = 'minor';
+
+  // Policy check
+  const policyViolations = [];
+  const blockOn = config?.rules?.block_on || [];
+  const threshold = config?.rules?.risk_threshold ?? 50;
+
+  for (const change of breakingChanges) {
+    for (const rule of blockOn) {
+      if (change.type.includes(rule) || change.description.includes(rule)) {
+        policyViolations.push({
+          rule: rule,
+          message: `Blocked by policy: ${rule} — ${change.path}`,
+        });
+      }
+    }
+  }
+
+  const shouldBlock = riskScore >= threshold || policyViolations.length > 0;
+
+  return {
+    risk_score: riskScore,
+    risk_level: riskLevel,
+    risk_dimensions: {
+      revenue_impact: Math.min(breakingCount * 3, 10),
+      blast_radius: Math.min(breakingCount * 2, 10),
+      app_compatibility: Math.min(breakingCount * 2, 10),
+      security: 0,
+    },
+    semver_suggestion: semverSuggestion,
+    breaking_changes: breakingChanges,
+    non_breaking_changes: nonBreakingChanges,
+    security_findings: [],
+    changelog: {
+      breaking: breakingChanges.map(c => `**${c.type}** ${c.path}`),
+      added: [],
+      changed: nonBreakingChanges.map(c => `${c.type} ${c.path}`),
+      deprecated: [],
+    },
+    policy_violations: policyViolations,
+    should_block: shouldBlock,
+    stats: {
+      total_changes: breakingCount + nonBreakingChanges.length,
+      breaking_count: breakingCount,
+      non_breaking_count: nonBreakingChanges.length,
+      security_count: 0,
+    },
+  };
+}
+
+/**
+ * Main diff command handler.
+ */
+async function diff(oldSpecPath, newSpecPath, options) {
+  const spinner = ora('Analyzing specs...').start();
+
+  try {
+    // Read specs
+    const oldSpecRaw = readSpec(oldSpecPath);
+    const newSpecRaw = readSpec(newSpecPath);
+
+    // Load config
+    const projectConfig = loadProjectConfig(options.config);
+
+    // Determine mode: cloud or local
+    const useCloud = options.cloud || false;
+    const apiKey = getApiKey();
+
+    let result;
+
+    if (useCloud) {
+      if (!apiKey) {
+        spinner.fail('Cloud mode requires an API key. Run `coderifts login` first.');
+        process.exit(1);
+      }
+      spinner.text = 'Sending to CodeRifts cloud API...';
+      result = await cloudDiff(oldSpecRaw, newSpecRaw, apiKey);
+    } else {
+      spinner.text = 'Running local analysis...';
+      result = await localAnalyze(oldSpecRaw, newSpecRaw, projectConfig);
+    }
+
+    spinner.stop();
+
+    // Output based on format
+    const format = options.format || 'terminal';
+
+    if (format === 'json') {
+      console.log(renderJson(result));
+    } else if (format === 'markdown') {
+      // Simple markdown output
+      console.log(`# CodeRifts Report\n`);
+      console.log(`**Risk Score:** ${result.risk_score}/100 (${result.risk_level})`);
+      console.log(`**Semver:** ${result.semver_suggestion}`);
+      console.log(`**Breaking Changes:** ${result.stats?.breaking_count || 0}`);
+      console.log(`**Non-Breaking:** ${result.stats?.non_breaking_count || 0}\n`);
+      if (result.breaking_changes?.length > 0) {
+        console.log('## Breaking Changes\n');
+        console.log('| Type | Path | Severity |');
+        console.log('|------|------|----------|');
+        for (const c of result.breaking_changes) {
+          console.log(`| ${c.type} | ${c.path} | ${c.severity} |`);
+        }
+      }
+    } else {
+      console.log(renderTerminal(result));
+    }
+
+    // Save JSON report
+    const reportPath = path.join(process.cwd(), 'coderifts-report.json');
+    fs.writeFileSync(reportPath, JSON.stringify(result, null, 2) + '\n');
+    if (format === 'terminal') {
+      console.log(chalk.dim(`  Full report: ${reportPath} (saved)`));
+      console.log('');
+    }
+
+    // CI mode: exit with code 1 if should_block
+    if (options.ci) {
+      const threshold = parseInt(options.threshold, 10) || 50;
+      if (result.risk_score >= threshold || result.should_block) {
+        process.exit(1);
+      }
+    }
+  } catch (err) {
+    spinner.fail(`Analysis failed: ${err.message}`);
+    process.exit(1);
+  }
+}
+
+module.exports = { diff };

package/src/commands/init.js

@@ -0,0 +1,223 @@
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const chalk = require('chalk');
+const inquirer = require('inquirer');
+
+if (process.env.NO_COLOR) chalk.level = 0;
+
+const TEMPLATES = {
+  'Default (recommended)': `# CodeRifts Configuration — Recommended Default
+version: 1
+
+rules:
+  block_on:
+    - removed-endpoint
+    - auth-removed
+
+  risk_threshold: 50
+
+  semver:
+    enforce: false  # Suggest but don't block
+
+  changelog:
+    auto_generate: true
+`,
+
+  'Fintech / Payments': `# CodeRifts Configuration — Fintech / Payment APIs
+version: 1
+preset: fintech
+
+rules:
+  block_on:
+    - removed-endpoint
+    - required-field-added
+    - field-type-changed
+    - auth-scope-removed
+
+  protected_fields:
+    - amount
+    - currency
+    - transaction_id
+    - payment_method
+    - card_number
+    - account_id
+    - routing_number
+    - iban
+    - swift_code
+
+  security:
+    sensitive_fields:
+      - card_number
+      - cvv
+      - pin
+      - account_number
+      - ssn
+      - tax_id
+    alert_on_exposure: true
+
+  risk_threshold: 30
+
+  semver:
+    enforce: true
+    block_on_missing_bump: true
+
+  deprecation:
+    require_sunset_header: true
+    minimum_deprecation_period_days: 90
+`,
+
+  'Healthcare / HIPAA': `# CodeRifts Configuration — Healthcare / HIPAA
+version: 1
+preset: healthcare
+
+rules:
+  block_on:
+    - removed-endpoint
+    - required-field-added
+    - field-type-changed
+    - auth-scope-removed
+    - auth-removed
+
+  protected_fields:
+    - patient_id
+    - medical_record_number
+    - diagnosis_code
+    - provider_id
+    - insurance_id
+    - date_of_birth
+    - prescription_id
+
+  security:
+    sensitive_fields:
+      - ssn
+      - date_of_birth
+      - medical_record_number
+      - diagnosis
+      - medication
+      - insurance_num
+    alert_on_exposure: true
+    require_auth_on_phi_endpoints: true
+
+  risk_threshold: 20
+
+  semver:
+    enforce: true
+    block_on_missing_bump: true
+
+  deprecation:
+    require_sunset_header: true
+    minimum_deprecation_period_days: 180
+`,
+
+  'Platform / API-First': `# CodeRifts Configuration — Platform / API-First Teams
+version: 1
+preset: platform
+
+rules:
+  block_on:
+    - removed-endpoint
+    - required-field-added
+    - field-type-changed
+    - response-field-removed
+
+  semver:
+    enforce: true
+    block_on_missing_bump: true
+    auto_label_pr: true
+
+  deprecation:
+    require_sunset_header: true
+    require_deprecation_notice: true
+    minimum_deprecation_period_days: 60
+
+  changelog:
+    auto_generate: true
+    format: keep-a-changelog
+
+  risk_threshold: 40
+
+  governance:
+    require_review_on_breaking: true
+    breaking_change_label: "api:breaking"
+    notify_channels: []
+`,
+
+  'E-commerce': `# CodeRifts Configuration — E-commerce
+version: 1
+preset: ecommerce
+
+rules:
+  block_on:
+    - removed-endpoint
+    - required-field-added
+    - field-type-changed
+
+  protected_fields:
+    - product_id
+    - sku
+    - price
+    - inventory_count
+    - cart_id
+    - order_id
+    - checkout_session
+    - shipping_address
+    - tracking_number
+
+  security:
+    sensitive_fields:
+      - card_number
+      - billing_address
+      - email
+      - phone
+    alert_on_exposure: true
+
+  risk_threshold: 35
+
+  semver:
+    enforce: true
+
+  deprecation:
+    minimum_deprecation_period_days: 30
+`,
+};
+
+async function init() {
+  console.log('');
+  console.log(chalk.bold('  CodeRifts — Configuration Generator'));
+  console.log('');
+
+  const outputPath = path.join(process.cwd(), '.coderifts.yml');
+
+  // Check if config already exists
+  if (fs.existsSync(outputPath)) {
+    const { overwrite } = await inquirer.prompt([{
+      type: 'confirm',
+      name: 'overwrite',
+      message: '.coderifts.yml already exists. Overwrite?',
+      default: false,
+    }]);
+    if (!overwrite) {
+      console.log(chalk.dim('  Cancelled.'));
+      return;
+    }
+  }
+
+  const { industry } = await inquirer.prompt([{
+    type: 'list',
+    name: 'industry',
+    message: 'Select your industry:',
+    choices: Object.keys(TEMPLATES),
+  }]);
+
+  const template = TEMPLATES[industry];
+  fs.writeFileSync(outputPath, template);
+
+  console.log('');
+  console.log(chalk.green(`  ✓ Created .coderifts.yml with ${industry.toLowerCase()} preset`));
+  console.log(chalk.dim(`    ${outputPath}`));
+  console.log('');
+}
+
+module.exports = { init };

package/src/commands/login.js

@@ -0,0 +1,38 @@
+'use strict';
+
+const chalk = require('chalk');
+const inquirer = require('inquirer');
+const { saveUserConfig, loadUserConfig, CONFIG_FILE } = require('../config');
+
+if (process.env.NO_COLOR) chalk.level = 0;
+
+async function login() {
+  console.log('');
+  console.log(chalk.bold('  CodeRifts — API Key Setup'));
+  console.log('');
+  console.log(chalk.dim('  Get a free API key at: https://app.coderifts.com/api/signup'));
+  console.log('');
+
+  const { apiKey } = await inquirer.prompt([{
+    type: 'password',
+    name: 'apiKey',
+    message: 'Paste your API key:',
+    mask: '*',
+    validate: (input) => {
+      if (!input || input.trim().length === 0) return 'API key is required';
+      if (!input.startsWith('cr_live_')) return 'Invalid key format — keys start with cr_live_';
+      return true;
+    },
+  }]);
+
+  const config = loadUserConfig();
+  config.api_key = apiKey.trim();
+  saveUserConfig(config);
+
+  console.log('');
+  console.log(chalk.green(`  ✓ API key saved to ${CONFIG_FILE}`));
+  console.log(chalk.dim('  Use --cloud flag with diff command to use the cloud API.'));
+  console.log('');
+}
+
+module.exports = { login };

package/src/config.js

@@ -0,0 +1,65 @@
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const yaml = require('js-yaml');
+const os = require('os');
+
+const CONFIG_DIR = path.join(os.homedir(), '.coderifts');
+const CONFIG_FILE = path.join(CONFIG_DIR, 'config.json');
+
+/**
+ * Load the project .coderifts.yml config from the given path or cwd.
+ */
+function loadProjectConfig(configPath) {
+  const candidates = configPath
+    ? [configPath]
+    : [
+        path.join(process.cwd(), '.coderifts.yml'),
+        path.join(process.cwd(), '.coderifts.yaml'),
+      ];
+
+  for (const p of candidates) {
+    if (fs.existsSync(p)) {
+      try {
+        const raw = fs.readFileSync(p, 'utf-8');
+        return yaml.load(raw) || {};
+      } catch {
+        return {};
+      }
+    }
+  }
+  return {};
+}
+
+/**
+ * Load the user's global config (~/.coderifts/config.json).
+ */
+function loadUserConfig() {
+  if (!fs.existsSync(CONFIG_FILE)) return {};
+  try {
+    return JSON.parse(fs.readFileSync(CONFIG_FILE, 'utf-8'));
+  } catch {
+    return {};
+  }
+}
+
+/**
+ * Save the user's global config.
+ */
+function saveUserConfig(config) {
+  if (!fs.existsSync(CONFIG_DIR)) {
+    fs.mkdirSync(CONFIG_DIR, { recursive: true });
+  }
+  fs.writeFileSync(CONFIG_FILE, JSON.stringify(config, null, 2) + '\n');
+}
+
+/**
+ * Get the stored API key.
+ */
+function getApiKey() {
+  const userConfig = loadUserConfig();
+  return userConfig.api_key || process.env.CODERIFTS_API_KEY || null;
+}
+
+module.exports = { loadProjectConfig, loadUserConfig, saveUserConfig, getApiKey, CONFIG_DIR, CONFIG_FILE };

package/src/output/json.js

@@ -0,0 +1,10 @@
+'use strict';
+
+/**
+ * Render the analysis result as formatted JSON.
+ */
+function renderJson(result) {
+  return JSON.stringify(result, null, 2);
+}
+
+module.exports = { renderJson };

package/src/output/terminal.js

@@ -0,0 +1,156 @@
+'use strict';
+
+const chalk = require('chalk');
+const Table = require('cli-table3');
+
+// Respect NO_COLOR env var
+if (process.env.NO_COLOR) {
+  chalk.level = 0;
+}
+
+const RISK_COLORS = {
+  minimal: chalk.green,
+  low: chalk.green,
+  moderate: chalk.yellow,
+  high: chalk.red,
+  critical: chalk.bgRed.white,
+};
+
+const SEVERITY_ICONS = {
+  high: chalk.red('●'),
+  medium: chalk.yellow('●'),
+  low: chalk.blue('●'),
+};
+
+function riskEmoji(level) {
+  switch (level) {
+    case 'minimal': return chalk.green('●');
+    case 'low': return chalk.green('●');
+    case 'moderate': return chalk.yellow('●');
+    case 'high': return chalk.red('●');
+    case 'critical': return chalk.bgRed.white(' ● ');
+    default: return '●';
+  }
+}
+
+function semverEmoji(suggestion) {
+  switch (suggestion) {
+    case 'major': return chalk.red('● MAJOR');
+    case 'minor': return chalk.yellow('● MINOR');
+    case 'patch': return chalk.green('● PATCH');
+    default: return chalk.dim('none');
+  }
+}
+
+/**
+ * Render the full terminal report.
+ */
+function renderTerminal(result) {
+  const lines = [];
+
+  // ── Header box ──
+  const color = RISK_COLORS[result.risk_level] || chalk.white;
+  lines.push('');
+  lines.push(chalk.bold('  ╔══════════════════════════════════════════╗'));
+  lines.push(chalk.bold('  ║  CodeRifts — API Breaking Change Report  ║'));
+  lines.push(chalk.bold('  ╠══════════════════════════════════════════╣'));
+  lines.push(chalk.bold(`  ║  Risk Score:     ${color(`${result.risk_score}/100 (${capitalize(result.risk_level)})`).padEnd(32)}║`));
+  lines.push(chalk.bold(`  ║  Semver:         ${semverEmoji(result.semver_suggestion).padEnd(32)}║`));
+  lines.push(chalk.bold(`  ║  Breaking:       ${String(result.stats?.breaking_count || 0).padEnd(22)}║`));
+  lines.push(chalk.bold(`  ║  Non-Breaking:   ${String(result.stats?.non_breaking_count || 0).padEnd(22)}║`));
+  lines.push(chalk.bold(`  ║  Security:       ${String(result.stats?.security_count || 0).padEnd(22)}║`));
+  lines.push(chalk.bold('  ╚══════════════════════════════════════════╝'));
+  lines.push('');
+
+  // ── Risk Dimensions ──
+  if (result.risk_dimensions) {
+    const dims = result.risk_dimensions;
+    lines.push(chalk.bold('  Risk Dimensions:'));
+    const dimTable = new Table({
+      head: ['Dimension', 'Score'],
+      style: { head: ['cyan'], border: ['dim'] },
+      colWidths: [25, 10],
+    });
+    dimTable.push(
+      ['Revenue Impact', dims.revenue_impact || 0],
+      ['Blast Radius', dims.blast_radius || 0],
+      ['App Compatibility', dims.app_compatibility || 0],
+      ['Security', dims.security || 0],
+    );
+    lines.push(dimTable.toString());
+    lines.push('');
+  }
+
+  // ── Breaking Changes ──
+  if (result.breaking_changes && result.breaking_changes.length > 0) {
+    lines.push(chalk.bold.red(`  Breaking Changes (${result.breaking_changes.length}):`));
+    const breakTable = new Table({
+      head: ['Type', 'Path', 'Severity'],
+      style: { head: ['red'], border: ['dim'] },
+      colWidths: [25, 25, 12],
+    });
+    for (const change of result.breaking_changes) {
+      const sev = SEVERITY_ICONS[change.severity] || change.severity;
+      breakTable.push([
+        change.type || '',
+        `${change.method || ''} ${change.path || ''}`.trim(),
+        `${sev} ${change.severity || ''}`,
+      ]);
+    }
+    lines.push(breakTable.toString());
+    lines.push('');
+  }
+
+  // ── Non-Breaking Changes ──
+  if (result.non_breaking_changes && result.non_breaking_changes.length > 0) {
+    lines.push(chalk.bold.green(`  Non-Breaking Changes (${result.non_breaking_changes.length}):`));
+    const nbTable = new Table({
+      head: ['Type', 'Path', 'Description'],
+      style: { head: ['green'], border: ['dim'] },
+      colWidths: [25, 25, 25],
+    });
+    for (const change of result.non_breaking_changes.slice(0, 10)) {
+      nbTable.push([
+        change.type || '',
+        `${change.method || ''} ${change.path || ''}`.trim(),
+        (change.description || '').substring(0, 22),
+      ]);
+    }
+    lines.push(nbTable.toString());
+    lines.push('');
+  }
+
+  // ── Security Findings ──
+  if (result.security_findings && result.security_findings.length > 0) {
+    lines.push(chalk.bold.yellow(`  Security Findings (${result.security_findings.length}):`));
+    for (const finding of result.security_findings) {
+      lines.push(`  ${chalk.yellow('⚠')}  ${finding.description || finding.type || JSON.stringify(finding)}`);
+    }
+    lines.push('');
+  }
+
+  // ── Policy Violations ──
+  if (result.policy_violations && result.policy_violations.length > 0) {
+    lines.push(chalk.bold.red(`  Policy Violations (${result.policy_violations.length}):`));
+    for (const v of result.policy_violations) {
+      lines.push(`  ${chalk.red('✗')}  ${v.message || v.rule || JSON.stringify(v)}`);
+    }
+    lines.push('');
+  }
+
+  // ── Should Block ──
+  if (result.should_block) {
+    lines.push(chalk.bgRed.white.bold('  ✗ BLOCKED — breaking changes exceed threshold  '));
+  } else {
+    lines.push(chalk.green.bold('  ✓ PASSED — within acceptable risk threshold'));
+  }
+  lines.push('');
+
+  return lines.join('\n');
+}
+
+function capitalize(s) {
+  return s ? s.charAt(0).toUpperCase() + s.slice(1) : '';
+}
+
+module.exports = { renderTerminal };