securenow 5.18.0 → 6.0.0

package/cli/auth.js

@@ -1,280 +0,0 @@
-'use strict';
-
-const http = require('http');
-const crypto = require('crypto');
-const { execFileSync } = require('child_process');
-const config = require('./config');
-const { api, CLIError } = require('./client');
-const ui = require('./ui');
-
-function openBrowser(url) {
-  try {
-    const platform = process.platform;
-    if (platform === 'darwin') execFileSync('open', [url], { stdio: 'ignore' });
-    else if (platform === 'win32') execFileSync('rundll32', ['url.dll,FileProtocolHandler', url], { stdio: 'ignore' });
-    else execFileSync('xdg-open', [url], { stdio: 'ignore' });
-    return true;
-  } catch {
-    return false;
-  }
-}
-
-function decodeJwtPayload(token) {
-  try {
-    const parts = token.split('.');
-    if (parts.length !== 3) return null;
-    const payload = Buffer.from(parts[1], 'base64url').toString('utf8');
-    return JSON.parse(payload);
-  } catch {
-    try {
-      const parts = token.split('.');
-      const base64 = parts[1].replace(/-/g, '+').replace(/_/g, '/');
-      const padded = base64 + '='.repeat((4 - base64.length % 4) % 4);
-      const payload = Buffer.from(padded, 'base64').toString('utf8');
-      return JSON.parse(payload);
-    } catch {
-      return null;
-    }
-  }
-}
-
-async function loginWithBrowser() {
-  const appUrl = config.getAppUrl();
-  const nonce = crypto.randomBytes(24).toString('base64url');
-
-  return new Promise((resolve, reject) => {
-    let pendingToken = null;
-
-    const server = http.createServer((req, res) => {
-      const url = new URL(req.url, `http://127.0.0.1`);
-
-      if (url.pathname === '/callback') {
-        const token = url.searchParams.get('token');
-        const error = url.searchParams.get('error');
-        const returnedState = url.searchParams.get('state');
-
-        res.writeHead(200, { 'Content-Type': 'text/html; charset=utf-8' });
-
-        if (error) {
-          res.end('<html><body style="font-family:system-ui;text-align:center;padding:60px"><h2>Authentication Failed</h2><p>You can close this window.</p></body></html>');
-          server.close();
-          reject(new CLIError(`Authentication failed: ${error}`));
-          return;
-        }
-
-        if (returnedState !== nonce) {
-          res.end('<html><body style="font-family:system-ui;text-align:center;padding:60px"><h2>Security Error</h2><p>State mismatch — this request may not have originated from your CLI. Please try again.</p></body></html>');
-          server.close();
-          reject(new CLIError('State mismatch on callback — possible CSRF. Please retry `securenow login`.'));
-          return;
-        }
-
-        if (token) {
-          pendingToken = token;
-          const payload = decodeJwtPayload(token);
-          const email = payload?.email || 'unknown account';
-          const safeEmail = email.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
-          const port = server.address().port;
-          const switchUrl = `${appUrl}/cli/auth?callback=http://127.0.0.1:${port}/callback&state=${encodeURIComponent(nonce)}&force_login=1`;
-
-          res.end([
-            '<!DOCTYPE html><html><head><meta charset="utf-8"><title>SecureNow CLI Login</title></head>',
-            '<body style="font-family:system-ui,sans-serif;text-align:center;padding:60px;margin:0;background:#fafafa">',
-            '<div style="max-width:420px;margin:0 auto;background:#fff;border-radius:12px;padding:40px 32px;box-shadow:0 2px 12px rgba(0,0,0,.08)">',
-            '<div style="width:56px;height:56px;margin:0 auto 20px;background:#f0fdf4;border-radius:50%;display:flex;align-items:center;justify-content:center">',
-            '<svg width="28" height="28" fill="none" viewBox="0 0 24 24"><path d="M12 2a5 5 0 015 5v1a2 2 0 012 2v8a2 2 0 01-2 2H7a2 2 0 01-2-2v-8a2 2 0 012-2V7a5 5 0 015-5zm0 2a3 3 0 00-3 3v1h6V7a3 3 0 00-3-3z" fill="#22c55e"/></svg>',
-            '</div>',
-            '<h2 style="margin:0 0 8px;font-size:22px;color:#111">Connect to SecureNow CLI</h2>',
-            `<p style="margin:0 0 24px;color:#666;font-size:15px">You are signing in as</p>`,
-            `<div style="background:#f8fafc;border:1px solid #e2e8f0;border-radius:8px;padding:14px 18px;margin:0 0 28px">`,
-            `<span style="font-size:17px;font-weight:600;color:#0f172a">${safeEmail}</span>`,
-            '</div>',
-            '<button id="confirm-btn" style="width:100%;padding:13px 24px;font-size:16px;font-weight:600;color:#fff;background:#22c55e;border:none;border-radius:8px;cursor:pointer;transition:background .15s" ',
-            'onmouseover="this.style.background=\'#16a34a\'" onmouseout="this.style.background=\'#22c55e\'">',
-            'Confirm &amp; Continue</button>',
-            `<p style="margin:20px 0 0"><a href="${switchUrl}" style="color:#6366f1;font-size:14px;text-decoration:none" `,
-            'onmouseover="this.style.textDecoration=\'underline\'" onmouseout="this.style.textDecoration=\'none\'">Use a different account</a></p>',
-            '<div id="done-msg" style="display:none;margin-top:24px">',
-            '<p style="color:#22c55e;font-weight:600;font-size:17px">\u2713 Connected! You can close this window.</p>',
-            '</div>',
-            '</div>',
-            '<script>',
-            'document.getElementById("confirm-btn").addEventListener("click", function(){',
-            '  this.disabled=true;this.textContent="Connecting\u2026";this.style.background="#86efac";this.style.cursor="default";',
-            `  fetch("/confirm?nonce=${encodeURIComponent(nonce)}").then(function(){`,
-            '    document.getElementById("confirm-btn").style.display="none";',
-            '    document.getElementById("done-msg").style.display="block";',
-            '  });',
-            '});',
-            '</script>',
-            '</body></html>',
-          ].join(''));
-          return;
-        }
-
-        res.end('<html><body style="font-family:system-ui;text-align:center;padding:60px"><h2>Something went wrong</h2><p>No token received. Please try again.</p></body></html>');
-        server.close();
-        reject(new CLIError('No token received in callback'));
-        return;
-      }
-
-      if (url.pathname === '/confirm' && pendingToken) {
-        if (url.searchParams.get('nonce') !== nonce) {
-          res.writeHead(403, { 'Content-Type': 'application/json' });
-          res.end('{"error":"invalid nonce"}');
-          return;
-        }
-        res.writeHead(200, { 'Content-Type': 'application/json' });
-        res.end('{"ok":true}');
-        const token = pendingToken;
-        pendingToken = null;
-        server.close();
-        resolve(token);
-        return;
-      }
-
-      res.writeHead(404);
-      res.end();
-    });
-
-    server.listen(0, '127.0.0.1', () => {
-      const port = server.address().port;
-      const authUrl = `${appUrl}/cli/auth?callback=http://127.0.0.1:${port}/callback&state=${encodeURIComponent(nonce)}`;
-
-      console.log('');
-      ui.info('Opening browser for authentication...');
-      console.log('');
-
-      const opened = openBrowser(authUrl);
-      if (!opened) {
-        console.log('  Open this URL in your browser to log in:\n');
-        console.log(`  ${ui.c.underline(ui.c.cyan(authUrl))}\n`);
-      } else {
-        console.log(`  If the browser didn't open, visit:`);
-        console.log(`  ${ui.c.underline(ui.c.cyan(authUrl))}\n`);
-      }
-
-      console.log(ui.c.dim('  Waiting for authentication...'));
-
-      const timeout = setTimeout(() => {
-        server.close();
-        reject(new CLIError('Login timed out after 5 minutes. Try `securenow login --token <TOKEN>` instead.'));
-      }, 5 * 60 * 1000);
-
-      server.on('close', () => clearTimeout(timeout));
-    });
-
-    server.on('error', (err) => {
-      reject(new CLIError(`Failed to start local server: ${err.message}`));
-    });
-  });
-}
-
-async function loginWithToken(token) {
-  const s = ui.spinner('Validating token');
-  try {
-    await api.get('/applications', { token });
-    s.stop('Token is valid');
-    return token;
-  } catch (err) {
-    s.fail('Token validation failed');
-    throw new CLIError(`Invalid token: ${err.message}`);
-  }
-}
-
-async function login(args, flags) {
-  const local = !!flags.local;
-
-  if (flags.token) {
-    const token = flags.token;
-    await loginWithToken(token);
-    const payload = decodeJwtPayload(token);
-    const email = payload?.email || 'unknown';
-    const exp = payload?.exp ? payload.exp * 1000 : null;
-
-    config.setAuth(token, email, exp, { local });
-    if (local) config.ensureLocalGitignore();
-    console.log('');
-    ui.success(`Logged in as ${ui.c.bold(email)}`);
-    if (local) ui.info('Credentials saved to project .securenow/ (local)');
-    if (exp) {
-      const days = Math.ceil((exp - Date.now()) / (1000 * 60 * 60 * 24));
-      ui.info(`Session expires in ${days} days`);
-    }
-    return;
-  }
-
-  try {
-    const token = await loginWithBrowser();
-    const payload = decodeJwtPayload(token);
-    const email = payload?.email || 'unknown';
-    const exp = payload?.exp ? payload.exp * 1000 : null;
-
-    config.setAuth(token, email, exp, { local });
-    if (local) config.ensureLocalGitignore();
-    console.log('');
-    ui.success(`Logged in as ${ui.c.bold(email)}`);
-    if (local) ui.info('Credentials saved to project .securenow/ (local)');
-    if (exp) {
-      const days = Math.ceil((exp - Date.now()) / (1000 * 60 * 60 * 24));
-      ui.info(`Session expires in ${days} days`);
-    }
-  } catch (err) {
-    if (err.message.includes('timed out')) {
-      console.log('');
-      ui.warn('Browser login timed out. You can also login with a token:');
-      console.log('');
-      console.log(`  1. Go to ${ui.c.cyan(config.getAppUrl() + '/dashboard/settings')}`);
-      console.log(`  2. Copy your CLI token`);
-      console.log(`  3. Run: ${ui.c.bold('securenow login --token <YOUR_TOKEN>')}`);
-      console.log('');
-    } else {
-      throw err;
-    }
-  }
-}
-
-async function logout(args, flags) {
-  const local = flags ? flags.local : undefined;
-  const creds = config.loadCredentials();
-  config.clearCredentials({ local });
-  if (creds.email) {
-    ui.success(`Logged out from ${ui.c.bold(creds.email)}`);
-  } else {
-    ui.success('Logged out');
-  }
-  if (local) ui.info('Cleared project-local credentials');
-}
-
-async function whoami() {
-  const creds = config.loadCredentials();
-  const token = config.getToken();
-
-  if (!token) {
-    ui.error('Not logged in. Run `securenow login` to authenticate.');
-    process.exit(1);
-  }
-
-  const payload = decodeJwtPayload(token);
-
-  ui.heading('Current Session');
-  console.log('');
-  const pairs = [
-    ['Email', creds.email || payload?.email || 'unknown'],
-    ['User ID', payload?.sub || 'unknown'],
-    ['API', config.getApiUrl()],
-    ['Auth Source', config.getAuthSource()],
-  ];
-  if (creds.expiresAt) {
-    const days = Math.ceil((creds.expiresAt - Date.now()) / (1000 * 60 * 60 * 24));
-    pairs.push(['Expires', days > 0 ? `in ${days} days` : ui.c.red('expired')]);
-  }
-  const defaultApp = config.getDefaultApp();
-  if (defaultApp) {
-    pairs.push(['Default App', defaultApp]);
-  }
-  ui.keyValue(pairs);
-  console.log('');
-}
-
-module.exports = { login, logout, whoami };

package/cli/client.js

@@ -1,115 +0,0 @@
-'use strict';
-
-const https = require('https');
-const http = require('http');
-const { URL } = require('url');
-const config = require('./config');
-const ui = require('./ui');
-
-function buildQueryString(params) {
-  if (!params) return '';
-  const entries = Object.entries(params).filter(([, v]) => v != null && v !== '');
-  if (!entries.length) return '';
-  return '?' + entries.map(([k, v]) => `${encodeURIComponent(k)}=${encodeURIComponent(v)}`).join('&');
-}
-
-function request(method, endpoint, { body, query, token, raw } = {}) {
-  const baseUrl = config.getApiUrl();
-  const qs = buildQueryString(query);
-  const urlStr = `${baseUrl}/api${endpoint}${qs}`;
-  const url = new URL(urlStr);
-  const mod = url.protocol === 'https:' ? https : http;
-
-  const authToken = token || config.getToken();
-
-  return new Promise((resolve, reject) => {
-    const options = {
-      hostname: url.hostname,
-      port: url.port || (url.protocol === 'https:' ? 443 : 80),
-      path: url.pathname + url.search,
-      method,
-      headers: { 'Content-Type': 'application/json', 'User-Agent': 'securenow-cli' },
-    };
-
-    if (authToken) {
-      options.headers['Authorization'] = `Bearer ${authToken}`;
-    }
-
-    const req = mod.request(options, (res) => {
-      let data = '';
-      res.on('data', (chunk) => (data += chunk));
-      res.on('end', () => {
-        if (raw) {
-          return resolve({ status: res.statusCode, headers: res.headers, body: data });
-        }
-
-        let parsed;
-        try {
-          parsed = JSON.parse(data);
-        } catch {
-          parsed = data;
-        }
-
-        if (res.statusCode === 401) {
-          reject(new CLIError('Session expired. Run `securenow login` to re-authenticate.', 401));
-          return;
-        }
-        if (res.statusCode === 403) {
-          reject(new CLIError('Access denied. You may need to upgrade your plan.', 403));
-          return;
-        }
-        if (res.statusCode >= 400) {
-          const msg = parsed?.error || parsed?.message || `Request failed (HTTP ${res.statusCode})`;
-          const details = parsed?.details || parsed?.unauthorizedKeys;
-          const err = new CLIError(details ? `${msg} — ${details}` : msg, res.statusCode);
-          reject(err);
-          return;
-        }
-
-        resolve(parsed);
-      });
-    });
-
-    req.on('error', (err) => {
-      if (err.code === 'ECONNREFUSED') {
-        reject(new CLIError(`Cannot connect to ${baseUrl}. Is the API server running?`));
-      } else if (err.code === 'ENOTFOUND') {
-        reject(new CLIError(`Cannot resolve ${url.hostname}. Check your internet connection.`));
-      } else {
-        reject(new CLIError(`Network error: ${err.message}`));
-      }
-    });
-
-    if (body) {
-      req.write(JSON.stringify(body));
-    }
-    req.end();
-  });
-}
-
-class CLIError extends Error {
-  constructor(message, statusCode) {
-    super(message);
-    this.name = 'CLIError';
-    this.statusCode = statusCode;
-  }
-}
-
-function requireAuth() {
-  const token = config.getToken();
-  if (!token) {
-    ui.error('Not logged in. Run `securenow login` first.');
-    process.exit(1);
-  }
-  return token;
-}
-
-const api = {
-  get: (endpoint, opts) => request('GET', endpoint, opts),
-  post: (endpoint, body, opts) => request('POST', endpoint, { body, ...opts }),
-  put: (endpoint, body, opts) => request('PUT', endpoint, { body, ...opts }),
-  patch: (endpoint, body, opts) => request('PATCH', endpoint, { body, ...opts }),
-  delete: (endpoint, opts) => request('DELETE', endpoint, opts),
-};
-
-module.exports = { api, CLIError, requireAuth, buildQueryString };

package/cli/config.js

@@ -1,173 +0,0 @@
-'use strict';
-
-const fs = require('fs');
-const path = require('path');
-const os = require('os');
-
-const CONFIG_DIR = path.join(os.homedir(), '.securenow');
-const CONFIG_FILE = path.join(CONFIG_DIR, 'config.json');
-const CREDENTIALS_FILE = path.join(CONFIG_DIR, 'credentials.json');
-
-const LOCAL_CONFIG_DIR = path.join(process.cwd(), '.securenow');
-const LOCAL_CONFIG_FILE = path.join(LOCAL_CONFIG_DIR, 'config.json');
-const LOCAL_CREDENTIALS_FILE = path.join(LOCAL_CONFIG_DIR, 'credentials.json');
-
-const DEFAULTS = {
-  apiUrl: 'https://api.securenow.ai',
-  appUrl: 'https://app.securenow.ai',
-  defaultApp: null,
-  output: 'table',
-};
-
-function ensureDir(dir) {
-  if (!fs.existsSync(dir || CONFIG_DIR)) {
-    fs.mkdirSync(dir || CONFIG_DIR, { recursive: true, mode: 0o700 });
-  }
-}
-
-function loadJSON(filepath) {
-  try {
-    return JSON.parse(fs.readFileSync(filepath, 'utf8'));
-  } catch {
-    return {};
-  }
-}
-
-function saveJSON(filepath, data) {
-  ensureDir(path.dirname(filepath));
-  fs.writeFileSync(filepath, JSON.stringify(data, null, 2), { encoding: 'utf8', mode: 0o600 });
-  if (process.platform === 'win32') {
-    try {
-      const { execFileSync } = require('child_process');
-      execFileSync('icacls', [filepath, '/inheritance:r', '/grant:r', `${process.env.USERNAME}:F`], { stdio: 'ignore' });
-    } catch (_) {}
-  }
-}
-
-function hasLocalCredentials() {
-  return fs.existsSync(LOCAL_CREDENTIALS_FILE);
-}
-
-function resolveCredentialsFile() {
-  if (fs.existsSync(LOCAL_CREDENTIALS_FILE)) return LOCAL_CREDENTIALS_FILE;
-  return CREDENTIALS_FILE;
-}
-
-function getAuthSource() {
-  if (process.env.SECURENOW_TOKEN) return 'env (SECURENOW_TOKEN)';
-  if (fs.existsSync(LOCAL_CREDENTIALS_FILE)) return 'project (.securenow/)';
-  return 'global (~/.securenow/)';
-}
-
-function loadConfig() {
-  const global = loadJSON(CONFIG_FILE);
-  const local = fs.existsSync(LOCAL_CONFIG_FILE) ? loadJSON(LOCAL_CONFIG_FILE) : {};
-  if (hasLocalCredentials()) {
-    const { defaultApp: _ignored, ...globalWithoutAccountScoped } = global;
-    return { ...DEFAULTS, ...globalWithoutAccountScoped, ...local };
-  }
-  return { ...DEFAULTS, ...global, ...local };
-}
-
-function saveConfig(config, { local } = {}) {
-  const useLocal = local === true || (local == null && hasLocalCredentials());
-  const targetFile = useLocal ? LOCAL_CONFIG_FILE : CONFIG_FILE;
-  const existing = loadJSON(targetFile);
-  saveJSON(targetFile, { ...existing, ...config });
-}
-
-function getConfigValue(key) {
-  const config = loadConfig();
-  return config[key];
-}
-
-function setConfigValue(key, value) {
-  saveConfig({ [key]: value });
-}
-
-function loadCredentials() {
-  return loadJSON(resolveCredentialsFile());
-}
-
-function saveCredentials(creds, { local = false } = {}) {
-  const targetFile = local ? LOCAL_CREDENTIALS_FILE : CREDENTIALS_FILE;
-  saveJSON(targetFile, creds);
-}
-
-function clearCredentials({ local } = {}) {
-  try {
-    if (local === true) {
-      fs.unlinkSync(LOCAL_CREDENTIALS_FILE);
-    } else if (local === false || !hasLocalCredentials()) {
-      fs.unlinkSync(CREDENTIALS_FILE);
-    } else {
-      fs.unlinkSync(LOCAL_CREDENTIALS_FILE);
-    }
-  } catch {}
-}
-
-function getToken() {
-  if (process.env.SECURENOW_TOKEN) return process.env.SECURENOW_TOKEN;
-
-  const creds = loadCredentials();
-  if (!creds.token) return null;
-
-  if (creds.expiresAt && Date.now() > creds.expiresAt) {
-    return null;
-  }
-  return creds.token;
-}
-
-function setAuth(token, email, expiresAt, { local = false } = {}) {
-  saveCredentials({ token, email, expiresAt }, { local });
-}
-
-function ensureLocalGitignore() {
-  const gitignorePath = path.join(process.cwd(), '.gitignore');
-  const entry = '.securenow/';
-  try {
-    if (fs.existsSync(gitignorePath)) {
-      const content = fs.readFileSync(gitignorePath, 'utf8');
-      if (!content.split('\n').some(line => line.trim() === entry)) {
-        fs.appendFileSync(gitignorePath, `\n# SecureNow local credentials\n${entry}\n`);
-      }
-    } else {
-      fs.writeFileSync(gitignorePath, `# SecureNow local credentials\n${entry}\n`);
-    }
-  } catch {}
-}
-
-function getApiUrl() {
-  return process.env.SECURENOW_API_URL || loadConfig().apiUrl;
-}
-
-function getAppUrl() {
-  return process.env.SECURENOW_APP_URL || loadConfig().appUrl;
-}
-
-function getDefaultApp() {
-  return process.env.SECURENOW_APP || loadConfig().defaultApp;
-}
-
-module.exports = {
-  CONFIG_DIR,
-  CONFIG_FILE,
-  CREDENTIALS_FILE,
-  LOCAL_CONFIG_DIR,
-  LOCAL_CREDENTIALS_FILE,
-  loadConfig,
-  saveConfig,
-  getConfigValue,
-  setConfigValue,
-  loadCredentials,
-  saveCredentials,
-  clearCredentials,
-  getToken,
-  setAuth,
-  getAuthSource,
-  hasLocalCredentials,
-  ensureLocalGitignore,
-  getApiUrl,
-  getAppUrl,
-  getDefaultApp,
-};

package/cli/firewall.js

@@ -1,100 +0,0 @@
-'use strict';
-
-const { api, requireAuth } = require('./client');
-const ui = require('./ui');
-
-async function status(args, flags) {
-  requireAuth();
-  const s = ui.spinner('Checking firewall status');
-
-  try {
-    const data = await api.get('/firewall/status');
-
-    s.stop('Firewall status retrieved');
-
-    if (flags.json) {
-      ui.json(data);
-      return;
-    }
-
-    console.log('');
-    console.log(`  ${ui.c.bold(ui.c.green('Firewall: ENABLED'))}`);
-    console.log('');
-    ui.keyValue([
-      ['Blocked IPs', `${data.totalIps} total (${data.exactCount} exact + ${data.cidrCount} CIDR ranges)`],
-      ['Last updated', data.updatedAt || 'unknown'],
-      ['Allowed IPs', data.allowlistCount != null ? `${data.allowlistCount} total (${data.allowlistExactCount} exact + ${data.allowlistCidrCount} CIDR ranges)` : '0'],
-      ['Allowlist updated', data.allowlistUpdatedAt || 'never'],
-      ['Sync TTL', `${data.ttl || 60}s`],
-    ]);
-    if (data.allowlistCount > 0) {
-      console.log('');
-      console.log(`  ${ui.c.yellow('!')} Allowlist is active — only ${data.allowlistCount} IP(s) can reach your app`);
-    }
-    console.log('');
-    console.log(`  ${ui.c.dim('Manage your blocklist:')} securenow blocklist`);
-    console.log(`  ${ui.c.dim('Manage your allowlist:')} securenow allowlist`);
-    console.log(`  ${ui.c.dim('Test an IP:')} securenow firewall test-ip <ip>`);
-    console.log('');
-  } catch (err) {
-    if (err.statusCode === 401 || err.status === 401) {
-      s.fail('Authentication failed');
-      ui.error('API key is invalid or missing the firewall:read scope.');
-      ui.info('Create an API key with firewall:read scope in the dashboard.');
-    } else {
-      s.fail('Failed to check firewall status');
-      throw err;
-    }
-  }
-}
-
-async function testIp(args, flags) {
-  requireAuth();
-  const ip = args[0];
-  if (!ip) {
-    ui.error('Usage: securenow firewall test-ip <ip-address>');
-    process.exit(1);
-  }
-
-  const s = ui.spinner(`Testing IP ${ip}`);
-
-  try {
-    const data = await api.get(`/firewall/check/${encodeURIComponent(ip)}`);
-
-    s.stop(`IP ${ip} checked`);
-
-    if (flags.json) {
-      ui.json(data);
-      return;
-    }
-
-    console.log('');
-    if (data.blocked) {
-      if (data.allowlistActive && !data.allowlisted) {
-        console.log(`  ${ui.c.bold(ui.c.red('BLOCKED'))} — ${ip} is not on the allowlist`);
-        console.log(`  ${ui.c.dim('Allowlist is active — only listed IPs are permitted')}`);
-      } else {
-        console.log(`  ${ui.c.bold(ui.c.red('BLOCKED'))} — ${ip} is in the blocklist`);
-        if (data.matchedEntry && data.matchedEntry !== ip) {
-          console.log(`  ${ui.c.dim(`Matched by: ${data.matchedEntry}`)}`);
-        }
-      }
-    } else {
-      if (data.allowlisted) {
-        console.log(`  ${ui.c.bold(ui.c.green('ALLOWED'))} — ${ip} is on the allowlist`);
-      } else {
-        console.log(`  ${ui.c.bold(ui.c.green('ALLOWED'))} — ${ip} is not in the blocklist`);
-      }
-    }
-    console.log(`  ${ui.c.dim(`Blocklist contains ${data.totalBlockedIps} entries`)}`);
-    if (data.allowlistActive) {
-      console.log(`  ${ui.c.dim('Allowlist is active')}`);
-    }
-    console.log('');
-  } catch (err) {
-    s.fail('Failed to test IP');
-    throw err;
-  }
-}
-
-module.exports = { status, testIp };