guardvibe 3.1.2 → 3.1.4

package/README.md

@@ -450,9 +450,10 @@ If your AI agent cannot connect to GuardVibe:
 
 1. **Restart your IDE/agent.** MCP servers are started by the host application. After running `npx guardvibe init`, restart Claude Code, Cursor, or Gemini CLI for the config to take effect.
 2. **Check the config path.** Run `npx guardvibe init claude` again and verify the output shows the correct config file location (`.mcp.json` in your project root for Claude Code, `.cursor/mcp.json` for Cursor).
-3. **Re-run `init` to upgrade.** When upgrading GuardVibe, re-run `npx guardvibe init claude` — `.mcp.json` is pinned to a specific version (e.g. `guardvibe@3.0.41`) at init time for fast deterministic startup. Stale pins won't auto-update.
-4. **Verify Node.js version.** GuardVibe requires Node.js >= 18.0.0. Check with `node --version`.
-5. **Check npx cache.** If you upgraded GuardVibe and the old version is cached, run `npx -y guardvibe@latest` to force the latest version.
+3. **Re-run `init` to upgrade.** When upgrading GuardVibe, re-run `npx guardvibe init claude` — `.mcp.json` is pinned to a specific version (e.g. `guardvibe@3.1.3`) at init time for fast deterministic startup. As of v3.1.2 the re-run also rewrites stale pins automatically (`Upgraded GuardVibe pin (3.0.55 → 3.1.3)`). The same applies to `npx guardvibe hook install` and `npx guardvibe ci github` (since v3.1.3) — both are version-pinned at install/generate time and re-run to upgrade.
+4. **Pre-3.1.1 users won't see the auto-update banner.** GuardVibe started writing a once-per-day "newer version available" notice to stderr in v3.1.1. If your install predates that, you'll never see it — run `npx -y guardvibe@latest init <host>` once to bake in the latest pin and start receiving banners on subsequent sessions.
+5. **Verify Node.js version.** GuardVibe requires Node.js >= 18.0.0. Check with `node --version`.
+6. **Check npx cache.** If you upgraded GuardVibe and the old version is cached, run `npx -y guardvibe@latest` to force the latest version.
 
 ### Node.js version requirements
 

package/build/cli/ci.js

@@ -2,9 +2,14 @@
  * CLI: guardvibe ci <provider>
  * Generates CI/CD workflow configurations.
  */
-import { writeFileSync, mkdirSync, existsSync } from "fs";
+import { createRequire } from "module";
+import { readFileSync, writeFileSync, mkdirSync, existsSync } from "fs";
 import { join } from "path";
-const GITHUB_ACTIONS_WORKFLOW = `name: GuardVibe Security Scan
+const require = createRequire(import.meta.url);
+const pkg = require("../../package.json");
+function buildGithubActionsWorkflow(version) {
+    return `name: GuardVibe Security Scan
+# Pinned to guardvibe@${version} for reproducible CI builds. Re-run \`npx guardvibe ci github\` to upgrade.
 
 on:
   pull_request:
@@ -30,7 +35,7 @@ jobs:
           node-version: "22"
 
       - name: Run GuardVibe security scan
-        run: npx -y guardvibe-scan --format sarif --output guardvibe-results.sarif
+        run: npx -y guardvibe@${version} scan --format sarif --output guardvibe-results.sarif
 
       - name: Upload SARIF to GitHub Security
         if: always()
@@ -39,18 +44,45 @@ jobs:
           sarif_file: guardvibe-results.sarif
           category: guardvibe
 `;
+}
+/** Extract a pinned guardvibe version from a generated workflow YAML, or "latest"/null for legacy/unrecognized forms. */
+function extractPinnedVersionFromWorkflow(content) {
+    const pinned = content.match(/guardvibe@(\d+\.\d+\.\d+(?:-[\w.]+)?)/);
+    if (pinned)
+        return pinned[1];
+    if (/guardvibe-scan|guardvibe@latest/.test(content))
+        return "latest";
+    return null;
+}
 function generateGitHubActions() {
     const workflowDir = join(process.cwd(), ".github", "workflows");
     if (!existsSync(workflowDir)) {
         mkdirSync(workflowDir, { recursive: true });
     }
     const workflowPath = join(workflowDir, "guardvibe.yml");
+    const fresh = buildGithubActionsWorkflow(pkg.version);
     if (existsSync(workflowPath)) {
-        console.log("  [OK] .github/workflows/guardvibe.yml already exists.");
+        const existing = readFileSync(workflowPath, "utf-8");
+        const existingPin = extractPinnedVersionFromWorkflow(existing);
+        if (existingPin === pkg.version) {
+            console.log(`  [OK] .github/workflows/guardvibe.yml already up-to-date (pinned to v${pkg.version}).`);
+            return;
+        }
+        if (existingPin && existingPin !== "latest") {
+            writeFileSync(workflowPath, fresh, "utf-8");
+            console.log(`  [OK] Upgraded .github/workflows/guardvibe.yml (${existingPin} → ${pkg.version}).`);
+            return;
+        }
+        if (existingPin === "latest") {
+            writeFileSync(workflowPath, fresh, "utf-8");
+            console.log(`  [OK] Pinned .github/workflows/guardvibe.yml (was unpinned → ${pkg.version}).`);
+            return;
+        }
+        console.log("  [OK] .github/workflows/guardvibe.yml exists with custom contents — leaving as-is.");
         return;
     }
-    writeFileSync(workflowPath, GITHUB_ACTIONS_WORKFLOW, "utf-8");
-    console.log("  [OK] Created .github/workflows/guardvibe.yml");
+    writeFileSync(workflowPath, fresh, "utf-8");
+    console.log(`  [OK] Created .github/workflows/guardvibe.yml (pinned to v${pkg.version}).`);
     console.log("  [OK] SARIF results will appear in GitHub Security tab.");
 }
 export function runCi(args) {

package/build/cli/hook.js

@@ -2,16 +2,23 @@
  * CLI: guardvibe hook install|uninstall
  * Manages pre-commit security hooks.
  */
+import { createRequire } from "module";
 import { readFileSync, writeFileSync, mkdirSync, existsSync, chmodSync, unlinkSync } from "fs";
 import { join } from "path";
-const HOOK_SCRIPT = `#!/bin/sh
-# GuardVibe pre-commit security hook
+const require = createRequire(import.meta.url);
+const pkg = require("../../package.json");
+const GUARDVIBE_BLOCK_START = "# GuardVibe pre-commit security hook";
+const GUARDVIBE_BLOCK_END = "✅ GuardVibe: all checks passed.";
+function buildHookScript(version) {
+    return `#!/bin/sh
+${GUARDVIBE_BLOCK_START}
 # Installed by: npx guardvibe hook install
+# Pinned to v${version} for reproducible CI/local behavior. Re-run install to upgrade.
 
 echo "🔒 GuardVibe: scanning staged files..."
 
 # Run guardvibe scan on staged files
-RESULT=$(npx -y guardvibe@latest scan --staged 2>&1)
+RESULT=$(npx -y guardvibe@${version} scan --staged 2>&1)
 EXIT_CODE=$?
 
 if [ $EXIT_CODE -ne 0 ]; then
@@ -22,8 +29,33 @@ if [ $EXIT_CODE -ne 0 ]; then
   exit 1
 fi
 
-echo "✅ GuardVibe: all checks passed."
+echo "${GUARDVIBE_BLOCK_END}"
 `;
+}
+/**
+ * Extract the pinned GuardVibe version from an existing pre-commit hook.
+ * Returns the version string, "latest" for legacy unpinned hooks, or null if no GuardVibe block found.
+ */
+function extractPinnedVersionFromHook(content) {
+    const pinnedMatch = content.match(/guardvibe@(\d+\.\d+\.\d+(?:-[\w.]+)?)/);
+    if (pinnedMatch)
+        return pinnedMatch[1];
+    if (/guardvibe@latest|npx\s+-y\s+guardvibe(?:\s|\b)/.test(content) && content.includes("GuardVibe")) {
+        return "latest";
+    }
+    return null;
+}
+function replaceGuardVibeBlock(existing, fresh) {
+    // Strip any prior GuardVibe block (with or without leading shebang) and append the fresh one.
+    const cleaned = existing
+        .replace(/\n?# GuardVibe pre-commit security hook[\s\S]*?GuardVibe: all checks passed[."]*\n?/g, "")
+        .trimEnd();
+    if (!cleaned || cleaned === "#!/bin/sh")
+        return fresh;
+    // Splice the GuardVibe section in (without its shebang) onto the existing hook.
+    const freshNoShebang = fresh.replace(/^#!\/bin\/sh\n/, "");
+    return cleaned + "\n\n" + freshNoShebang;
+}
 function installHook() {
     const gitDir = join(process.cwd(), ".git");
     if (!existsSync(gitDir)) {
@@ -35,19 +67,33 @@ function installHook() {
         mkdirSync(hooksDir, { recursive: true });
     }
     const hookPath = join(hooksDir, "pre-commit");
+    const freshScript = buildHookScript(pkg.version);
     if (existsSync(hookPath)) {
         const existing = readFileSync(hookPath, "utf-8");
-        if (existing.includes("GuardVibe")) {
-            console.log("  [OK] GuardVibe pre-commit hook already installed.");
+        const existingPin = extractPinnedVersionFromHook(existing);
+        if (existingPin === pkg.version) {
+            console.log(`  [OK] GuardVibe pre-commit hook already up-to-date (v${pkg.version}).`);
+            return;
+        }
+        if (existingPin && existingPin !== "latest") {
+            writeFileSync(hookPath, replaceGuardVibeBlock(existing, freshScript), "utf-8");
+            chmodSync(hookPath, 0o755);
+            console.log(`  [OK] Upgraded GuardVibe pre-commit hook (${existingPin} → ${pkg.version}).`);
+            return;
+        }
+        if (existingPin === "latest") {
+            writeFileSync(hookPath, replaceGuardVibeBlock(existing, freshScript), "utf-8");
+            chmodSync(hookPath, 0o755);
+            console.log(`  [OK] Pinned GuardVibe pre-commit hook (was unpinned → ${pkg.version}).`);
             return;
         }
-        writeFileSync(hookPath, existing + "\n" + HOOK_SCRIPT, "utf-8");
+        writeFileSync(hookPath, existing.trimEnd() + "\n\n" + freshScript, "utf-8");
         console.log("  [OK] GuardVibe added to existing pre-commit hook.");
     }
     else {
-        writeFileSync(hookPath, HOOK_SCRIPT, "utf-8");
+        writeFileSync(hookPath, freshScript, "utf-8");
         chmodSync(hookPath, 0o755);
-        console.log("  [OK] Pre-commit hook installed at .git/hooks/pre-commit");
+        console.log(`  [OK] Pre-commit hook installed at .git/hooks/pre-commit (pinned to v${pkg.version}).`);
     }
 }
 function uninstallHook() {

package/build/data/compliance-metadata.js

@@ -15,8 +15,8 @@ export const complianceMetadata = {
     VG002: {
         gdpr: ["GDPR:Art32(1)(b)"],
         iso27001: ["ISO27001:A.8.3", "ISO27001:A.8.24"],
-        exploit: "Attacker sends crafted SQL input through unvalidated form fields or URL parameters to extract, modify, or delete database records.",
-        audit: "Demonstrate that all database queries use parameterized statements or ORM methods. Show code review checklist that includes SQL injection testing.",
+        exploit: "Attacker accesses API endpoints or resources without authentication, reading or modifying data belonging to other users.",
+        audit: "Show middleware/auth layer that protects all sensitive endpoints. Demonstrate that unauthenticated requests return 401/403.",
     },
     VG003: {
         gdpr: ["GDPR:Art32(1)(a)"],
@@ -27,8 +27,8 @@ export const complianceMetadata = {
     VG010: {
         gdpr: ["GDPR:Art32(1)(b)", "GDPR:Art25"],
         iso27001: ["ISO27001:A.8.3", "ISO27001:A.5.15"],
-        exploit: "Attacker accesses API endpoints or resources without authentication, reading or modifying data belonging to other users.",
-        audit: "Show middleware/auth layer that protects all sensitive endpoints. Demonstrate that unauthenticated requests return 401/403.",
+        exploit: "Attacker sends crafted SQL input (e.g., ' OR 1=1--, UNION SELECT, ;DROP TABLE) through unvalidated form fields, URL parameters, or JSON body to extract, modify, or delete database records.",
+        audit: "Demonstrate that all database queries use parameterized statements or ORM methods. Show code review checklist that includes SQL injection testing.",
     },
     VG042: {
         gdpr: ["GDPR:Art32(1)(a)"],

package/build/data/rules/dockerfile.js

@@ -53,7 +53,10 @@ export const dockerfileRules = [
         severity: "medium",
         owasp: "A05:2025 Security Misconfiguration",
         description: "ADD has extra features (URL fetch, tar extraction) that can introduce unexpected behavior. Use COPY for local files.",
-        pattern: /ADD\s+(?!https?:\/\/)\S+\s+\S+/gi,
+        // Anchor to start of line + case-sensitive: Docker `ADD` instruction is uppercase and
+        // begins a line. Matching `add` case-insensitive caught `RUN pnpm add`, `apk add`,
+        // `yarn add`, etc. — package-manager subcommands inside RUN, not Docker instructions.
+        pattern: /^ADD\s+(?!https?:\/\/)\S+\s+\S+/gm,
         languages: ["dockerfile"],
         fix: "Use COPY instead of ADD for local files. Only use ADD for URLs or tar extraction.",
         fixCode: "# Use COPY for local files\nCOPY ./src /app/src\n# Only use ADD for remote files or tar extraction\n# ADD https://example.com/file.tar.gz /app/",

package/build/data/rules/nextjs.js

@@ -90,7 +90,10 @@ export const nextjsRules = [
         severity: "high",
         owasp: "A01:2025 Broken Access Control",
         description: "Sensitive data (tokens, secrets, internal IDs) appears to be passed from server to client component as props.",
-        pattern: /(?:(?:^|[^a-zA-Z])(?:secret|token|password|apiKey|api_key|privateKey|private_key|internalId|ssn|creditCard|credit_card))\s*=\s*\{[\s\S]*?\}/g,
+        // Require no-space `=` to match JSX prop syntax (`token={value}`) and exclude JS object
+        // literal assignments (`apiKey = { ... }`, `token = { ... }`) common in test helpers,
+        // default-param destructuring, and config objects.
+        pattern: /(?:(?:^|[^a-zA-Z])(?:secret|token|password|apiKey|api_key|privateKey|private_key|internalId|ssn|creditCard|credit_card))=\{[\s\S]*?\}/g,
         languages: ["javascript", "typescript"],
         fix: "Never pass sensitive data as props to client components. Keep secrets server-side.",
         fixCode: "// Keep sensitive data server-side\nexport default async function Page() {\n  const secret = process.env.API_SECRET;\n  const publicData = await fetchData(secret);\n  return <ClientComponent data={publicData} />;\n}",

package/build/tools/check-code.js

@@ -471,6 +471,33 @@ export function analyzeCode(code, language, framework, filePath, configDir, rule
         // Skip destructive DDL rules (VG540-VG542) and view rules (VG439) in migration directories
         if ((rule.id.startsWith("VG54") || rule.id === "VG439") && isMigrationFile)
             continue;
+        // VG146 (Unquoted .env Value): only fire on `.env` / `.env.local` / `.env.production` etc.
+        // Bash scripts use `${VAR:-default}` and similar expansions that legitimately contain
+        // `{`, `}`, `:` characters; matching them as "unquoted env values" is a FP class.
+        if (rule.id === "VG146" && filePath && !/(?:^|\/)\.env(?:\.[\w.-]+)?$/.test(filePath))
+            continue;
+        // VG200 (Container running as root): skip when a USER directive exists anywhere in the file.
+        // The rule's regex with `(?:(?!^USER)[\s\S])*` is unreliable across multi-stage builds; a
+        // file-level check is more robust.
+        if (rule.id === "VG200" && /^USER\s+\S+/m.test(code))
+            continue;
+        // VG206 (Missing HEALTHCHECK): skip when a HEALTHCHECK directive exists anywhere. The
+        // rule's regex requires HEALTHCHECK *after* CMD/ENTRYPOINT, but Dockerfiles commonly place
+        // HEALTHCHECK before CMD (nginx production stage), producing FPs.
+        if (rule.id === "VG206" && /^HEALTHCHECK\s+/m.test(code))
+            continue;
+        // VG407 (Server Data Leaked to Client Component): skip files that ARE client components.
+        // Signals: the `"use client"` directive (Next.js App Router) OR usage of React state/effect
+        // hooks (universal client-render signal — Remix, Vite-React, Pages Router, etc.). The rule
+        // targets server→client prop-boundary leaks; intra-client passing of local form state to
+        // a child component (e.g. PasswordStrengthIndicator) is not the same boundary.
+        if (rule.id === "VG407") {
+            const head = code.slice(0, 1000);
+            const hasUseClient = /^\s*['"]use client['"];?\s*$/m.test(head);
+            const hasReactStateHooks = /\b(?:useState|useReducer|useEffect|useLayoutEffect|useRef|useMemo|useCallback|useContext|useTransition|useSyncExternalStore)\s*\(/.test(code);
+            if (hasUseClient || hasReactStateHooks)
+                continue;
+        }
         // Skip SQL injection rules in schema/migration .sql files (DDL, not user input)
         if (rule.id === "VG543" && (isMigrationFile || isSqlSchemaFile))
             continue;
@@ -651,12 +678,24 @@ export function analyzeCode(code, language, framework, filePath, configDir, rule
                 effectiveRule = { ...effectiveRule, severity: "low" };
             }
         }
+        // VG202 (latest/untagged image): pre-compute `AS <alias>` names from the file so
+        // matches against intermediate-stage references (`FROM base AS builder`) can be
+        // filtered out at match time. The set is null for other rules to avoid wasted work.
+        const dockerStageAliases = rule.id === "VG202"
+            ? new Set(Array.from(code.matchAll(/^FROM\s+\S+\s+AS\s+(\w[\w.-]*)/gim)).map(m => m[1].toLowerCase()))
+            : null;
         let match;
         while ((match = rule.pattern.exec(code)) !== null) {
             const beforeMatch = code.substring(0, match.index);
             const lineNumber = beforeMatch.split("\n").length;
             if (isLineSuppressed(suppressions, lineNumber, rule.id))
                 continue;
+            // VG202: skip when the FROM target matches a previous AS-alias in the same file.
+            if (dockerStageAliases) {
+                const target = match[0].replace(/^FROM\s+/i, "").split(/[:@\s]/)[0].toLowerCase();
+                if (dockerStageAliases.has(target))
+                    continue;
+            }
             // Skip matches on comment lines and inside string literals.
             // CVE version-pin rules (VG900-VG931) are exempt — they scan package.json
             // dependency declarations where these contexts don't apply.

package/build/tools/explain-remediation.js

@@ -66,8 +66,10 @@ function getBreakingRisk(rule) {
     const id = rule.id;
     if (["VG001", "VG062", "VG060"].includes(id))
         return "LOW — Moving to env vars requires .env setup but no code logic changes.";
-    if (["VG402", "VG010", "VG952"].includes(id))
+    if (["VG402", "VG952"].includes(id))
         return "MEDIUM — Adding auth checks may break unauthenticated flows that were working. Test all affected endpoints.";
+    if (["VG010", "VG011", "VG013", "VG014"].includes(id))
+        return "LOW — Parameterized queries are drop-in replacements for most drivers/ORMs. Manual string-concat call sites may need light refactoring; run query coverage after the swap.";
     if (["VG401", "VG960"].includes(id))
         return "MEDIUM — Adding schema validation will reject previously accepted invalid input. Test with real user data.";
     if (["VG403", "VG500", "VG510"].includes(id))
@@ -88,8 +90,10 @@ function getTestStrategy(rule) {
     const id = rule.id;
     if (["VG001", "VG062", "VG060"].includes(id))
         return "1. Move value to .env\n2. Verify app still reads from env\n3. Confirm old hardcoded value removed from git history";
-    if (["VG402", "VG010"].includes(id))
+    if (["VG402"].includes(id))
         return "1. Call endpoint without auth token → expect 401\n2. Call with valid token → expect success\n3. Call with expired token → expect 401";
+    if (["VG010", "VG011", "VG013", "VG014"].includes(id))
+        return "1. Replace concatenated SQL with parameterized query / prepared statement\n2. Submit a malicious payload (`' OR 1=1--`, `;DROP TABLE--`, `UNION SELECT`) → expect literal match, no row exposure, no execution\n3. Re-run normal-input regression tests to confirm queries still return correct results";
     if (["VG401", "VG960"].includes(id))
         return "1. Submit valid data → expect success\n2. Submit empty/malformed data → expect 400 with validation error\n3. Submit oversized data → expect rejection";
     if (["VG403", "VG500"].includes(id))

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "guardvibe",
-  "version": "3.1.2",
+  "version": "3.1.4",
   "mcpName": "io.github.goklab/guardvibe",
   "description": "Security MCP for vibe coding. 390 rules, 36 tools, CLI + doctor. Host security, auth coverage mapping, LLM-powered deep scan (IDOR/business logic), taint analysis, +25 AI-native rules (MCP supply-chain, RAG/vector poisoning, agent loop DoS, public-prefix LLM keys, sandbox bypass). Plus Next.js, Supabase, Clerk, Stripe, Prisma, tRPC, Hono, GraphQL, Convex, Turso, Uploadthing, AI SDK, and the full AI-generated stack.",
   "type": "module",