create-qa-architect 5.0.0 → 5.0.6

package/.github/RELEASE_CHECKLIST.md

@@ -27,14 +27,12 @@ Use this checklist before any version bump or npm publication.
 
 ### Security Audit Compliance
 
-- [ ] `KEYFLASH_INSPIRED_SECURITY_AUDIT.md` findings remain resolved
+- [ ] `npm audit` shows no high/critical vulnerabilities
+- [ ] `gitleaks detect --source . --redact` passes (no secrets)
 - [ ] **CRITICAL**: Gitleaks checksums are real SHA256 values, not placeholders
 - [ ] `lib/validation/config-security.js` GITLEAKS_CHECKSUMS contains verified hashes
 - [ ] No "PLACEHOLDER_CHECKSUM" strings exist in security validation code
 - [ ] Gitleaks pinned version in code matches documented security version
-- [ ] No new security vulnerabilities introduced since audit
-- [ ] All security fixes from audit still in place
-- [ ] Security audit document references current version (or base version for pre-releases like `4.0.1-rc.1`)
 
 ### Real Binary Verification
 

package/.github/workflows/daily-deploy-check.yml

@@ -0,0 +1,136 @@
+# Daily Deploy Check Workflow
+# Copy this to .github/workflows/daily-deploy-check.yml in each project
+#
+# Required secrets:
+#   AUDIT_WEBHOOK_SECRET - shared secret for authenticating with vibebuildlab API
+#
+# Required variables (set in repo settings):
+#   PRODUCTION_URL - the production URL to check (e.g., https://saas.vibebuildlab.com)
+#
+# This workflow:
+# 1. Runs daily at 6am UTC
+# 2. Checks if production URL responds and SSL is valid
+# 3. Reports deploy stage status to vibebuildlab dashboard
+
+name: Daily Deploy Check
+
+on:
+  schedule:
+    # Every day at 6am UTC
+    - cron: '0 6 * * *'
+  workflow_dispatch: # Manual trigger
+
+env:
+  VIBEBUILDLAB_API: https://dash.vibebuildlab.com/api/audit-results
+
+jobs:
+  deploy-check:
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+
+    steps:
+      - name: Check URL responds
+        id: url_check
+        run: |
+          URL="${{ vars.PRODUCTION_URL }}"
+
+          if [ -z "$URL" ]; then
+            echo "::error::PRODUCTION_URL variable not set"
+            echo "responds=false" >> $GITHUB_OUTPUT
+            exit 0
+          fi
+
+          STATUS=$(curl -s -o /dev/null -w "%{http_code}" "$URL" --max-time 30 || echo "000")
+
+          echo "status_code=$STATUS" >> $GITHUB_OUTPUT
+
+          if [ "$STATUS" = "200" ] || [ "$STATUS" = "301" ] || [ "$STATUS" = "302" ]; then
+            echo "responds=true" >> $GITHUB_OUTPUT
+          else
+            echo "responds=false" >> $GITHUB_OUTPUT
+          fi
+        continue-on-error: true
+
+      - name: Check SSL certificate
+        id: ssl_check
+        run: |
+          URL="${{ vars.PRODUCTION_URL }}"
+
+          if [ -z "$URL" ]; then
+            echo "valid=false" >> $GITHUB_OUTPUT
+            exit 0
+          fi
+
+          # Extract domain from URL
+          DOMAIN=$(echo "$URL" | sed -E 's|https?://([^/]+).*|\1|')
+
+          # Check SSL expiry
+          EXPIRY=$(echo | openssl s_client -servername "$DOMAIN" -connect "$DOMAIN:443" 2>/dev/null | openssl x509 -noout -enddate 2>/dev/null | cut -d= -f2 || echo "")
+
+          if [ -n "$EXPIRY" ]; then
+            echo "valid=true" >> $GITHUB_OUTPUT
+            echo "expiry=$EXPIRY" >> $GITHUB_OUTPUT
+
+            # Check if expiring within 7 days
+            EXPIRY_EPOCH=$(date -d "$EXPIRY" +%s 2>/dev/null || date -j -f "%b %d %H:%M:%S %Y %Z" "$EXPIRY" +%s 2>/dev/null || echo "0")
+            NOW_EPOCH=$(date +%s)
+            DAYS_LEFT=$(( (EXPIRY_EPOCH - NOW_EPOCH) / 86400 ))
+
+            echo "days_left=$DAYS_LEFT" >> $GITHUB_OUTPUT
+
+            if [ "$DAYS_LEFT" -lt 7 ]; then
+              echo "::warning::SSL certificate expires in $DAYS_LEFT days!"
+            fi
+          else
+            echo "valid=false" >> $GITHUB_OUTPUT
+          fi
+        continue-on-error: true
+
+      - name: Determine deploy status
+        id: result
+        run: |
+          if [ "${{ steps.url_check.outputs.responds }}" = "true" ]; then
+            echo "deploy=pass" >> $GITHUB_OUTPUT
+          else
+            echo "deploy=fail" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Report to vibebuildlab
+        if: always()
+        run: |
+          # Get project slug from repo name
+          PROJECT_SLUG="${{ github.event.repository.name }}"
+
+          curl -X POST "$VIBEBUILDLAB_API" \
+            -H "Content-Type: application/json" \
+            -H "Authorization: Bearer ${{ secrets.AUDIT_WEBHOOK_SECRET }}" \
+            -d "{
+              \"project\": \"${PROJECT_SLUG}\",
+              \"stages\": {
+                \"deploy\": \"${{ steps.result.outputs.deploy }}\"
+              },
+              \"details\": {
+                \"url_responds\": ${{ steps.url_check.outputs.responds }},
+                \"ssl_valid\": ${{ steps.ssl_check.outputs.valid || false }},
+                \"status_code\": ${{ steps.url_check.outputs.status_code || 0 }}
+              },
+              \"timestamp\": \"$(date -u +%Y-%m-%dT%H:%M:%SZ)\"
+            }"
+        continue-on-error: true
+
+      - name: Summary
+        if: always()
+        run: |
+          echo "## Deploy Check Results" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "**URL:** ${{ vars.PRODUCTION_URL }}" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "| Check | Status |" >> $GITHUB_STEP_SUMMARY
+          echo "|-------|--------|" >> $GITHUB_STEP_SUMMARY
+          echo "| URL Responds | ${{ steps.url_check.outputs.responds == 'true' && '✅' || '❌' }} (HTTP ${{ steps.url_check.outputs.status_code }}) |" >> $GITHUB_STEP_SUMMARY
+          echo "| SSL Valid | ${{ steps.ssl_check.outputs.valid == 'true' && '✅' || '❌' }} |" >> $GITHUB_STEP_SUMMARY
+          if [ -n "${{ steps.ssl_check.outputs.expiry }}" ]; then
+            echo "| SSL Expiry | ${{ steps.ssl_check.outputs.expiry }} (${{ steps.ssl_check.outputs.days_left }} days) |" >> $GITHUB_STEP_SUMMARY
+          fi
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "**Deploy Stage:** ${{ steps.result.outputs.deploy }}" >> $GITHUB_STEP_SUMMARY

package/.github/workflows/nightly-gitleaks-verification.yml

@@ -42,7 +42,7 @@ jobs:
         run: |
           echo "🔐 Running REAL gitleaks download and verification test..."
           echo "Platform: $(uname -s)-$(uname -m)"
-          echo "Expected checksum: a65b5253807a68ac0cafa4414031fd740aeb55f54fb7e55f386acb52e6a840eb"
+          echo "Expected checksum: 5fd1b3b0073269484d40078662e921d07427340ab9e6ed526ccd215a565b3298"
 
           # Create a test script that downloads and verifies gitleaks
           cat > test-real-download.js << 'EOF'

package/.github/workflows/quality.yml

@@ -434,3 +434,6 @@ jobs:
           echo "- ${{ needs.detect-maturity.outputs.has-deps == 'true' && '✅' || '⏭️' }} Security: ${{ needs.detect-maturity.outputs.has-deps == 'true' && 'Enabled' || 'Skipped (no dependencies)' }}" >> $GITHUB_STEP_SUMMARY
           echo "- ${{ needs.detect-maturity.outputs.test-count > 0 && '✅' || '⏭️' }} Tests: ${{ needs.detect-maturity.outputs.test-count > 0 && 'Enabled' || 'Skipped (no test files)' }}" >> $GITHUB_STEP_SUMMARY
           echo "- ${{ needs.detect-maturity.outputs.maturity == 'production-ready' && '✅' || '⏭️' }} Documentation: ${{ needs.detect-maturity.outputs.maturity == 'production-ready' && 'Enabled' || 'Skipped (not production-ready)' }}" >> $GITHUB_STEP_SUMMARY
+      # PR_COMMENTS_PLACEHOLDER
+
+# ALERTS_PLACEHOLDER

package/.github/workflows/release.yml

@@ -4,6 +4,10 @@ on:
   push:
     tags: ['v*']
 
+permissions:
+  id-token: write # Required for OIDC trusted publishing to npm
+  contents: write # Required for creating GitHub releases
+
 jobs:
   release:
     runs-on: ubuntu-latest
@@ -14,27 +18,25 @@ jobs:
       - name: Setup Node.js
         uses: actions/setup-node@v4
         with:
-          node-version: '20'
+          node-version: '22'
           registry-url: 'https://registry.npmjs.org'
 
+      - name: Upgrade npm for OIDC trusted publishing
+        run: npm install -g npm@latest
+
       - name: Install dependencies
         run: npm ci
 
       - name: Run pre-release checks
         run: npm run prerelease
 
-      - name: Publish to npm
-        run: npm publish
-        env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+      - name: Publish to npm with provenance
+        run: npm publish --provenance
 
       - name: Create GitHub Release
-        uses: actions/create-release@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        uses: softprops/action-gh-release@v2
         with:
-          tag_name: ${{ github.ref_name }}
-          release_name: Release ${{ github.ref_name }}
+          name: Release ${{ github.ref_name }}
           body: |
             ## Changes in ${{ github.ref_name }}
 

package/.github/workflows/weekly-audit.yml

@@ -0,0 +1,173 @@
+# Weekly Audit Workflow
+# Copy this to .github/workflows/weekly-audit.yml in each project
+#
+# Required secrets:
+#   AUDIT_WEBHOOK_SECRET - shared secret for authenticating with vibebuildlab API
+#
+# This workflow:
+# 1. Runs weekly (Sunday 2am UTC) and on manual trigger
+# 2. Checks build, tests, lint, typecheck, security
+# 3. Reports results to vibebuildlab dashboard
+
+name: Weekly Audit
+
+on:
+  schedule:
+    # Every Sunday at 2am UTC
+    - cron: '0 2 * * 0'
+  workflow_dispatch: # Manual trigger
+
+env:
+  VIBEBUILDLAB_API: https://dash.vibebuildlab.com/api/audit-results
+
+jobs:
+  audit:
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run build
+        id: build
+        run: |
+          if npm run build; then
+            echo "success=true" >> $GITHUB_OUTPUT
+          else
+            echo "success=false" >> $GITHUB_OUTPUT
+          fi
+        continue-on-error: true
+
+      - name: Run tests
+        id: tests
+        run: |
+          # Run tests and capture output
+          TEST_OUTPUT=$(npm test 2>&1) || true
+          echo "$TEST_OUTPUT"
+
+          # Parse results
+          PASSED=$(echo "$TEST_OUTPUT" | grep -oE '[0-9]+ passed' | tail -1 | awk '{print $1}' || echo "0")
+          FAILED=$(echo "$TEST_OUTPUT" | grep -oE '[0-9]+ failed' | tail -1 | awk '{print $1}' || echo "0")
+
+          echo "passed=${PASSED:-0}" >> $GITHUB_OUTPUT
+          echo "failed=${FAILED:-0}" >> $GITHUB_OUTPUT
+
+          if [ "${FAILED:-0}" = "0" ] && [ "${PASSED:-0}" != "0" ]; then
+            echo "success=true" >> $GITHUB_OUTPUT
+          else
+            echo "success=false" >> $GITHUB_OUTPUT
+          fi
+        continue-on-error: true
+
+      - name: Run lint
+        id: lint
+        run: |
+          LINT_OUTPUT=$(npm run lint 2>&1) || true
+          ERRORS=$(echo "$LINT_OUTPUT" | grep -cE '^\s+[0-9]+:[0-9]+\s+error' || echo "0")
+          echo "errors=${ERRORS:-0}" >> $GITHUB_OUTPUT
+
+          if [ "${ERRORS:-0}" = "0" ]; then
+            echo "success=true" >> $GITHUB_OUTPUT
+          else
+            echo "success=false" >> $GITHUB_OUTPUT
+          fi
+        continue-on-error: true
+
+      - name: Run typecheck
+        id: typecheck
+        run: |
+          if npm run typecheck 2>/dev/null || npx tsc --noEmit 2>/dev/null; then
+            echo "success=true" >> $GITHUB_OUTPUT
+            echo "errors=0" >> $GITHUB_OUTPUT
+          else
+            echo "success=false" >> $GITHUB_OUTPUT
+            echo "errors=1" >> $GITHUB_OUTPUT
+          fi
+        continue-on-error: true
+
+      - name: Security audit
+        id: security
+        run: |
+          AUDIT_OUTPUT=$(npm audit 2>&1) || true
+
+          if echo "$AUDIT_OUTPUT" | grep -qiE '[0-9]+ (high|critical)'; then
+            echo "vulnerabilities=1" >> $GITHUB_OUTPUT
+            echo "success=false" >> $GITHUB_OUTPUT
+          else
+            echo "vulnerabilities=0" >> $GITHUB_OUTPUT
+            echo "success=true" >> $GITHUB_OUTPUT
+          fi
+        continue-on-error: true
+
+      - name: Determine audit result
+        id: result
+        run: |
+          # execute stage: build must pass
+          if [ "${{ steps.build.outputs.success }}" = "true" ]; then
+            echo "execute=pass" >> $GITHUB_OUTPUT
+          else
+            echo "execute=fail" >> $GITHUB_OUTPUT
+          fi
+
+          # audit stage: tests + lint + typecheck + security
+          if [ "${{ steps.tests.outputs.success }}" = "true" ] && \
+             [ "${{ steps.lint.outputs.success }}" = "true" ] && \
+             [ "${{ steps.typecheck.outputs.success }}" = "true" ] && \
+             [ "${{ steps.security.outputs.success }}" = "true" ]; then
+            echo "audit=pass" >> $GITHUB_OUTPUT
+          else
+            echo "audit=fail" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Report to vibebuildlab
+        if: always()
+        run: |
+          # Get project slug from package.json name or repo name
+          PROJECT_SLUG=$(node -e "console.log(require('./package.json').name)" 2>/dev/null || echo "${{ github.event.repository.name }}")
+
+          curl -X POST "$VIBEBUILDLAB_API" \
+            -H "Content-Type: application/json" \
+            -H "Authorization: Bearer ${{ secrets.AUDIT_WEBHOOK_SECRET }}" \
+            -d "{
+              \"project\": \"${PROJECT_SLUG}\",
+              \"stages\": {
+                \"execute\": \"${{ steps.result.outputs.execute }}\",
+                \"audit\": \"${{ steps.result.outputs.audit }}\"
+              },
+              \"details\": {
+                \"tests_passed\": ${{ steps.tests.outputs.passed || 0 }},
+                \"tests_failed\": ${{ steps.tests.outputs.failed || 0 }},
+                \"lint_errors\": ${{ steps.lint.outputs.errors || 0 }},
+                \"type_errors\": ${{ steps.typecheck.outputs.errors || 0 }},
+                \"vulnerabilities\": ${{ steps.security.outputs.vulnerabilities || 0 }},
+                \"build_success\": ${{ steps.build.outputs.success }}
+              },
+              \"timestamp\": \"$(date -u +%Y-%m-%dT%H:%M:%SZ)\"
+            }"
+        continue-on-error: true
+
+      - name: Summary
+        if: always()
+        run: |
+          echo "## Audit Results" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "| Check | Status |" >> $GITHUB_STEP_SUMMARY
+          echo "|-------|--------|" >> $GITHUB_STEP_SUMMARY
+          echo "| Build | ${{ steps.build.outputs.success == 'true' && '✅' || '❌' }} |" >> $GITHUB_STEP_SUMMARY
+          echo "| Tests | ${{ steps.tests.outputs.success == 'true' && '✅' || '❌' }} (${{ steps.tests.outputs.passed }} passed, ${{ steps.tests.outputs.failed }} failed) |" >> $GITHUB_STEP_SUMMARY
+          echo "| Lint | ${{ steps.lint.outputs.success == 'true' && '✅' || '❌' }} (${{ steps.lint.outputs.errors }} errors) |" >> $GITHUB_STEP_SUMMARY
+          echo "| TypeScript | ${{ steps.typecheck.outputs.success == 'true' && '✅' || '❌' }} |" >> $GITHUB_STEP_SUMMARY
+          echo "| Security | ${{ steps.security.outputs.success == 'true' && '✅' || '❌' }} |" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "**Execute Stage:** ${{ steps.result.outputs.execute }}" >> $GITHUB_STEP_SUMMARY
+          echo "**Audit Stage:** ${{ steps.result.outputs.audit }}" >> $GITHUB_STEP_SUMMARY

package/LICENSE

@@ -0,0 +1,66 @@
+VIBE BUILD LAB COMMERCIAL LICENSE
+
+Copyright (c) 2025 Vibe Build Lab LLC. All rights reserved.
+
+COMMERCIAL SOFTWARE - FREEMIUM MODEL
+
+This software and associated documentation files (the "Software") are
+proprietary commercial products of Vibe Build Lab LLC.
+
+TERMS OF USE:
+
+1. FREE TIER
+   The basic CLI tool is available free of charge for personal and commercial use.
+   Free tier includes:
+   - Basic quality automation setup
+   - ESLint, Prettier, Husky configuration
+   - Standard pre-commit hooks
+
+2. PAID TIERS
+   - Pro: $59/month or $590/year
+     - Security scanning (Gitleaks + ESLint security)
+     - Smart Test Strategy
+     - Multi-language support
+     - Unlimited repos
+   - Team: $15/user/month (5-seat minimum)
+     - All Pro features
+     - RBAC and team policies
+     - Slack alerts
+     - Multi-repo dashboard
+   - Enterprise: $249/month + $499 onboarding
+     - All Team features
+     - SSO/SAML integration
+     - Custom policies
+     - Compliance pack
+     - Dedicated TAM
+
+3. VIBE LAB PRO BUNDLE
+   Pro tier is included in the Vibe Lab Pro subscription.
+   Team and Enterprise tiers are standalone purchases.
+
+4. PERMITTED USES
+   - Use the free tier without restriction
+   - Use paid features with active subscription
+   - Use for personal and commercial projects
+
+5. RESTRICTIONS
+   - NO redistribution of paid features
+   - NO resale or sublicensing
+   - NO circumventing license validation
+   - NO removal of copyright notices
+
+6. NO WARRANTY
+   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+   IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+
+7. LIMITATION OF LIABILITY
+   IN NO EVENT SHALL VIBE BUILD LAB LLC BE LIABLE FOR ANY CLAIM, DAMAGES OR
+   OTHER LIABILITY ARISING FROM THE USE OF THE SOFTWARE.
+
+For licensing inquiries: support@vibebuildlab.com
+
+---
+
+Vibe Build Lab LLC
+https://vibebuildlab.com

package/README.md

@@ -1,6 +1,8 @@
-# Create Quality Automation
+# QA Architect
 
-Bootstrap quality automation in JavaScript/TypeScript and Python projects with comprehensive tooling. One command adds ESLint, Prettier, Husky, lint-staged, security scanning, and GitHub Actions to any project.
+Quality automation CLI for JavaScript/TypeScript and Python projects. One command adds ESLint, Prettier, Husky, lint-staged, and GitHub Actions. Pro tiers add security scanning (Gitleaks), Smart Test Strategy, and multi-language support.
+
+**This repo = the free CLI.** For the Pro dashboard with repo analytics, CI integration, and automation workflows, see [QA Architect Pro](https://vibebuildlab.com/tools/qa-architect) (included in VBL Starter Kit).
 
 ---
 
@@ -19,7 +21,7 @@ Bootstrap quality automation in JavaScript/TypeScript and Python projects with c
 - **GitHub Actions** - Automated quality checks in CI/CD
 - **TypeScript Smart** - Auto-detects and configures TypeScript projects
 - **Python Support** - Complete Python toolchain with Black, Ruff, isort, mypy, pytest
-- **Security Automation** - npm audit and hardcoded secrets scanning
+- **Security Automation** - npm audit (Free), Gitleaks + ESLint security (Pro)
 - **Progressive Quality** - Adaptive checks based on project maturity
 - **Smart Test Strategy** - Risk-based pre-push validation (Pro feature)
 
@@ -37,35 +39,41 @@ Bootstrap quality automation in JavaScript/TypeScript and Python projects with c
 npx create-qa-architect@latest
 ```
 
-## Pricing & Licensing
+## Pricing
 
-### Freemium Model
+| Tier           | Price                     | What You Get                                                                                       |
+| -------------- | ------------------------- | -------------------------------------------------------------------------------------------------- |
+| **Free**       | $0                        | CLI tool, basic linting/formatting, npm audit (capped: 1 private repo, 50 runs/mo)                 |
+| **Pro**        | $59/mo or $590/yr         | **Security scanning (Gitleaks + ESLint security)**, Smart Test Strategy, multi-language, unlimited |
+| **Team**       | $15/user/mo (5-seat min)  | + RBAC, Slack alerts, multi-repo dashboard, team audit log                                         |
+| **Enterprise** | $249/mo + $499 onboarding | + SSO/SAML, custom policies, compliance pack, dedicated TAM                                        |
 
-| Tier           | Price       | Features                                                |
-| -------------- | ----------- | ------------------------------------------------------- |
-| **Free**       | $0          | Basic quality automation, 1 private repo, 2k LOC        |
-| **Pro**        | $59/mo      | Unlimited repos, Smart Test Strategy, security scanning |
-| **Team**       | $15/user/mo | All Pro features + shared quota, team policies          |
-| **Enterprise** | $249/mo     | SSO/SAML, custom patterns, compliance pack              |
+> **Pro included in [VBL Starter Kit](https://vibebuildlab.com/starter-kit)** — Team/Enterprise are standalone purchases.
 
-### License
+### Security Features by Tier
+
+| Feature                     | Free | Pro+ |
+| --------------------------- | ---- | ---- |
+| npm audit (basic)           | ✅   | ✅   |
+| Gitleaks (secrets scanning) | ❌   | ✅   |
+| ESLint security rules       | ❌   | ✅   |
 
-**Open Source (MIT)** - Free for personal and commercial use.
+### License
 
-[Get Started with Pro](https://vibebuildlab.com/cqa)
+**Commercial License (freemium)** — free tier covers the basic CLI; Pro/Team/Enterprise features require a paid subscription. See [LICENSE](LICENSE).
 
 ## Tech Stack
 
-| Component       | Technology                |
-| --------------- | ------------------------- |
-| **Runtime**     | Node.js 20+               |
-| **Linting**     | ESLint 9 (flat config)    |
-| **Formatting**  | Prettier 3                |
-| **CSS Linting** | Stylelint 16              |
-| **Git Hooks**   | Husky 9 + lint-staged 15  |
-| **Python**      | Black, Ruff, mypy, pytest |
-| **Performance** | Lighthouse CI             |
-| **Security**    | Gitleaks, npm audit       |
+| Component       | Technology                                         |
+| --------------- | -------------------------------------------------- |
+| **Runtime**     | Node.js 20+                                        |
+| **Linting**     | ESLint 9 (flat config)                             |
+| **Formatting**  | Prettier 3                                         |
+| **CSS Linting** | Stylelint 16                                       |
+| **Git Hooks**   | Husky 9 + lint-staged 15                           |
+| **Python**      | Black, Ruff, mypy, pytest                          |
+| **Performance** | Lighthouse CI                                      |
+| **Security**    | npm audit (Free), Gitleaks + ESLint security (Pro) |
 
 ## Getting Started
 
@@ -157,6 +165,8 @@ your-project/
 ├── .husky/                      # Pre-commit hooks
 ├── .editorconfig                # Editor defaults
 ├── .eslintignore                # ESLint ignore patterns
+├── .lighthouserc.js             # Lighthouse CI config
+├── .npmrc                       # npm configuration
 ├── .nvmrc                       # Node version pinning
 ├── .prettierrc                  # Prettier configuration
 ├── .stylelintrc.json            # Stylelint rules
@@ -182,9 +192,9 @@ npm run validate:pre-push   # Pre-push validation
 - [x] Progressive quality (maturity detection)
 - [x] Python toolchain support
 - [x] Smart test strategy (Pro)
+- [x] Monorepo support (Nx, Turborepo, Lerna, Rush, npm/pnpm/yarn workspaces)
 - [ ] Rust and Go support
 - [ ] VS Code extension
-- [ ] Monorepo support
 
 ## Contributing
 
@@ -199,14 +209,18 @@ See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
 
 ## Support
 
-1. Check the [Troubleshooting Guide](./TROUBLESHOOTING.md)
-2. Review GitHub Actions logs
-3. Open an issue in this repository
+1. Review GitHub Actions logs
+2. Open an issue in this repository
 
 ## License
 
-MIT License - free to use in any project. See [LICENSE](LICENSE) for details.
+Commercial freemium license — the base CLI is free to use; Pro/Team/Enterprise features require a paid subscription. See [LICENSE](LICENSE) for details.
+
+## Legal
+
+- [Privacy Policy](https://vibebuildlab.com/privacy-policy)
+- [Terms of Service](https://vibebuildlab.com/terms)
 
 ---
 
-> Discover more tools at **https://www.vibebuildlab.com**.
+> **Vibe Build Lab LLC** · [vibebuildlab.com](https://vibebuildlab.com)

package/config/defaults.js

@@ -4,6 +4,13 @@
 const STYLELINT_EXTENSIONS = ['css', 'scss', 'sass', 'less', 'pcss']
 const DEFAULT_STYLELINT_TARGET = `**/*.{${STYLELINT_EXTENSIONS.join(',')}}`
 
+/**
+ * @typedef {Object} DefaultsOptions
+ * @property {string[]=} stylelintTargets
+ * @property {boolean=} typescript
+ * @property {boolean=} python
+ */
+
 const baseScripts = {
   format: 'prettier --write .',
   'format:check': 'prettier --check .',
@@ -41,7 +48,12 @@ const stylelintBraceGroup = stylelintTargets => {
   return `{${targets.join(',')}}`
 }
 
-const baseLintScripts = ({ stylelintTargets }) => {
+/**
+ * @param {DefaultsOptions} [options]
+ * @returns {Record<string, string>}
+ */
+const baseLintScripts = (options = {}) => {
+  const { stylelintTargets } = options
   const stylelintTarget = stylelintBraceGroup(stylelintTargets)
   return {
     lint: `eslint . && stylelint "${stylelintTarget}" --allow-empty-input`,
@@ -96,6 +108,9 @@ const TS_LINT_STAGED_PATTERN = '**/*.{js,jsx,ts,tsx,mjs,cjs,html}'
 
 const clone = value => JSON.parse(JSON.stringify(value))
 
+/**
+ * @param {DefaultsOptions} [options]
+ */
 function getDefaultScripts({ stylelintTargets } = {}) {
   return {
     ...clone(baseScripts),
@@ -103,6 +118,9 @@ function getDefaultScripts({ stylelintTargets } = {}) {
   }
 }
 
+/**
+ * @param {DefaultsOptions} [options]
+ */
 function getDefaultDevDependencies({ typescript } = {}) {
   const devDeps = { ...clone(baseDevDependencies) }
   if (typescript) {
@@ -111,6 +129,9 @@ function getDefaultDevDependencies({ typescript } = {}) {
   return devDeps
 }
 
+/**
+ * @param {DefaultsOptions} [options]
+ */
 function getDefaultLintStaged({ typescript, stylelintTargets, python } = {}) {
   const pattern = typescript ? TS_LINT_STAGED_PATTERN : JS_LINT_STAGED_PATTERN
   return clone(baseLintStaged(pattern, stylelintTargets, python))

package/config/quality-config.schema.json

@@ -1,6 +1,6 @@
 {
   "$schema": "http://json-schema.org/draft-07/schema#",
-  "$id": "https://github.com/brettstark73/create-qa-architect/blob/main/config/quality-config.schema.json",
+  "$id": "https://github.com/vibebuildlab/qa-architect/blob/main/config/quality-config.schema.json",
   "title": "Quality Automation Configuration",
   "description": "Configuration for create-qa-architect progressive quality checks",
   "type": "object",