tlc-claude-code 1.4.9 → 1.5.2

package/server/lib/secure-errors.test.js

@@ -0,0 +1,298 @@
+/**
+ * Secure Errors Tests
+ *
+ * Secure error handling patterns for code generation
+ */
+
+const { describe, it, beforeEach } = require('node:test');
+const assert = require('node:assert');
+
+const {
+  createSecureErrors,
+  generateErrorHandler,
+  generateStructuredLogging,
+  generateGracefulDegradation,
+  sanitizeErrorMessage,
+  generateErrorCode,
+} = require('./secure-errors.js');
+
+describe('Secure Errors', () => {
+  let errorHandler;
+
+  beforeEach(() => {
+    errorHandler = createSecureErrors();
+  });
+
+  describe('createSecureErrors', () => {
+    it('creates handler with default config', () => {
+      assert.ok(errorHandler);
+      assert.ok(errorHandler.production !== undefined);
+    });
+
+    it('hides stack traces in production', () => {
+      const prod = createSecureErrors({ production: true });
+
+      assert.strictEqual(prod.showStack, false);
+    });
+
+    it('shows stack traces in development', () => {
+      const dev = createSecureErrors({ production: false });
+
+      assert.strictEqual(dev.showStack, true);
+    });
+  });
+
+  describe('generateErrorHandler', () => {
+    it('generates Express error handler', () => {
+      const code = generateErrorHandler({
+        framework: 'express',
+        language: 'javascript',
+      });
+
+      assert.ok(code.includes('err') && code.includes('req') && code.includes('res'));
+    });
+
+    it('hides internal errors in production', () => {
+      const code = generateErrorHandler({
+        production: true,
+      });
+
+      assert.ok(code.includes('Internal') || code.includes('generic') || code.includes('production'));
+    });
+
+    it('includes error ID for support', () => {
+      const code = generateErrorHandler({
+        includeErrorId: true,
+      });
+
+      assert.ok(code.includes('errorId') || code.includes('requestId') || code.includes('uuid'));
+    });
+
+    it('generates status code mapping', () => {
+      const code = generateErrorHandler({
+        statusCodes: true,
+      });
+
+      assert.ok(code.includes('400') || code.includes('500') || code.includes('status'));
+    });
+
+    it('generates Fastify error handler', () => {
+      const code = generateErrorHandler({
+        framework: 'fastify',
+      });
+
+      assert.ok(code.includes('request') || code.includes('reply'));
+    });
+
+    it('generates async error handler', () => {
+      const code = generateErrorHandler({
+        async: true,
+      });
+
+      assert.ok(code.includes('async') || code.includes('Promise'));
+    });
+  });
+
+  describe('generateStructuredLogging', () => {
+    it('generates JSON log format', () => {
+      const code = generateStructuredLogging({
+        format: 'json',
+      });
+
+      assert.ok(code.includes('JSON') || code.includes('stringify'));
+    });
+
+    it('excludes sensitive fields', () => {
+      const code = generateStructuredLogging({
+        excludeFields: ['password', 'token', 'secret'],
+      });
+
+      assert.ok(code.includes('password') || code.includes('redact') || code.includes('exclude'));
+    });
+
+    it('includes request context', () => {
+      const code = generateStructuredLogging({
+        includeContext: true,
+      });
+
+      assert.ok(code.includes('requestId') || code.includes('userId') || code.includes('context'));
+    });
+
+    it('generates log levels', () => {
+      const code = generateStructuredLogging({
+        levels: ['error', 'warn', 'info', 'debug'],
+      });
+
+      assert.ok(code.includes('error') && code.includes('warn'));
+    });
+
+    it('generates Pino logger', () => {
+      const code = generateStructuredLogging({
+        library: 'pino',
+      });
+
+      assert.ok(code.includes('pino'));
+    });
+
+    it('generates Winston logger', () => {
+      const code = generateStructuredLogging({
+        library: 'winston',
+      });
+
+      assert.ok(code.includes('winston'));
+    });
+
+    it('redacts PII', () => {
+      const code = generateStructuredLogging({
+        redactPii: true,
+      });
+
+      assert.ok(code.includes('email') || code.includes('redact') || code.includes('mask'));
+    });
+  });
+
+  describe('generateGracefulDegradation', () => {
+    it('generates fallback response', () => {
+      const code = generateGracefulDegradation({
+        type: 'fallback',
+      });
+
+      assert.ok(code.includes('fallback') || code.includes('default'));
+    });
+
+    it('generates circuit breaker', () => {
+      const code = generateGracefulDegradation({
+        type: 'circuit-breaker',
+      });
+
+      assert.ok(code.includes('circuit') || code.includes('breaker') || code.includes('state'));
+    });
+
+    it('generates retry logic', () => {
+      const code = generateGracefulDegradation({
+        type: 'retry',
+        maxRetries: 3,
+      });
+
+      assert.ok(code.includes('retry') || code.includes('attempt'));
+    });
+
+    it('generates timeout handling', () => {
+      const code = generateGracefulDegradation({
+        type: 'timeout',
+        timeoutMs: 5000,
+      });
+
+      assert.ok(code.includes('timeout') || code.includes('5000'));
+    });
+
+    it('generates cache fallback', () => {
+      const code = generateGracefulDegradation({
+        type: 'cache-fallback',
+      });
+
+      assert.ok(code.includes('cache') || code.includes('stale'));
+    });
+
+    it('generates health check based routing', () => {
+      const code = generateGracefulDegradation({
+        type: 'health-routing',
+      });
+
+      assert.ok(code.includes('health') || code.includes('healthy'));
+    });
+  });
+
+  describe('sanitizeErrorMessage', () => {
+    it('removes file paths', () => {
+      const message = 'Error at /home/user/app/src/index.js:42';
+
+      const result = sanitizeErrorMessage(message);
+
+      assert.ok(!result.includes('/home/user'));
+    });
+
+    it('removes IP addresses', () => {
+      const message = 'Connection from 192.168.1.100 failed';
+
+      const result = sanitizeErrorMessage(message);
+
+      assert.ok(!result.includes('192.168.1.100'));
+    });
+
+    it('removes database connection strings', () => {
+      const message = 'postgres://user:pass@localhost:5432/db connection failed';
+
+      const result = sanitizeErrorMessage(message);
+
+      assert.ok(!result.includes('pass'));
+    });
+
+    it('removes email addresses', () => {
+      const message = 'User user@example.com not found';
+
+      const result = sanitizeErrorMessage(message);
+
+      assert.ok(!result.includes('user@example.com'));
+    });
+
+    it('removes stack traces', () => {
+      const message = 'Error\n    at Function.Module._load\n    at Object.<anonymous>';
+
+      const result = sanitizeErrorMessage(message);
+
+      assert.ok(!result.includes('Module._load'));
+    });
+
+    it('preserves error type', () => {
+      const message = 'TypeError: Cannot read property';
+
+      const result = sanitizeErrorMessage(message);
+
+      assert.ok(result.includes('TypeError') || result.includes('error'));
+    });
+  });
+
+  describe('generateErrorCode', () => {
+    it('generates complete error handling module', () => {
+      const code = generateErrorCode({
+        language: 'javascript',
+        features: ['handler', 'logging', 'degradation'],
+      });
+
+      assert.ok(code.includes('function') || code.includes('class'));
+    });
+
+    it('generates TypeScript error handling', () => {
+      const code = generateErrorCode({
+        language: 'typescript',
+      });
+
+      assert.ok(code.includes('interface') || code.includes(':'));
+    });
+
+    it('generates Python error handling', () => {
+      const code = generateErrorCode({
+        language: 'python',
+      });
+
+      assert.ok(code.includes('def') || code.includes('class'));
+    });
+
+    it('includes error types', () => {
+      const code = generateErrorCode({
+        errorTypes: ['ValidationError', 'AuthError', 'NotFoundError'],
+      });
+
+      assert.ok(code.includes('ValidationError') || code.includes('Error'));
+    });
+
+    it('generates HTTP error responses', () => {
+      const code = generateErrorCode({
+        httpErrors: true,
+      });
+
+      assert.ok(code.includes('400') || code.includes('404') || code.includes('500'));
+    });
+  });
+});

package/server/lib/vision-command.js

@@ -0,0 +1,372 @@
+/**
+ * Vision Command Module
+ *
+ * CLI commands for vision operations
+ */
+
+const {
+  analyzeImage,
+  compareImages,
+  extractComponents,
+  auditAccessibility,
+} = require('./gemini-vision.js');
+
+/**
+ * Parse command line arguments
+ * @param {string} input - Command input
+ * @returns {Object} Parsed arguments
+ */
+function parseArgs(input) {
+  const parts = [];
+  let current = '';
+  let inQuotes = false;
+
+  for (const char of input) {
+    if (char === '"' && !inQuotes) {
+      inQuotes = true;
+    } else if (char === '"' && inQuotes) {
+      inQuotes = false;
+    } else if (char === ' ' && !inQuotes) {
+      if (current) {
+        parts.push(current);
+        current = '';
+      }
+    } else {
+      current += char;
+    }
+  }
+  if (current) parts.push(current);
+
+  const result = {
+    command: parts[0] || 'analyze',
+  };
+
+  let argIndex = 1;
+
+  // Handle positional arguments based on command
+  if (result.command === 'analyze' || result.command === 'a11y' || result.command === 'extract') {
+    if (parts[1] && !parts[1].startsWith('--')) {
+      result.imagePath = parts[1];
+      argIndex = 2;
+    }
+  } else if (result.command === 'compare') {
+    if (parts[1] && !parts[1].startsWith('--')) {
+      result.beforeImage = parts[1];
+      argIndex = 2;
+    }
+    if (parts[2] && !parts[2].startsWith('--')) {
+      result.afterImage = parts[2];
+      argIndex = 3;
+    }
+  }
+
+  // Parse flags
+  for (let i = argIndex; i < parts.length; i++) {
+    const part = parts[i];
+
+    if (part === '--prompt' && parts[i + 1]) {
+      result.prompt = parts[i + 1];
+      i++;
+    } else if (part === '--type' && parts[i + 1]) {
+      result.type = parts[i + 1];
+      i++;
+    } else if (part === '--format' && parts[i + 1]) {
+      result.format = parts[i + 1];
+      i++;
+    }
+  }
+
+  return result;
+}
+
+/**
+ * Format analysis output
+ * @param {Object} analysis - Analysis result
+ * @returns {string} Formatted output
+ */
+function formatAnalysis(analysis) {
+  const lines = [
+    'Image Analysis',
+    '═'.repeat(40),
+    '',
+    'Description:',
+    analysis.description || 'No description available',
+    '',
+  ];
+
+  if (analysis.elements && analysis.elements.length > 0) {
+    lines.push('Elements Found:');
+    for (const element of analysis.elements) {
+      lines.push(`  - ${element}`);
+    }
+  }
+
+  return lines.join('\n');
+}
+
+/**
+ * Format comparison output
+ * @param {Object} comparison - Comparison result
+ * @returns {string} Formatted output
+ */
+function formatComparison(comparison) {
+  const lines = [
+    'Image Comparison',
+    '═'.repeat(40),
+    '',
+    `Similarity: ${Math.round(comparison.similarity * 100)}%`,
+    '',
+  ];
+
+  if (comparison.differences.length === 0) {
+    lines.push('Images are identical - no differences found.');
+  } else {
+    lines.push(`Found ${comparison.differences.length} difference(s):`);
+    lines.push('');
+
+    for (const diff of comparison.differences) {
+      const icon = diff.type === 'added' ? '+' : diff.type === 'removed' ? '-' : '~';
+      lines.push(`  ${icon} [${diff.type.toUpperCase()}] ${diff.description}`);
+    }
+  }
+
+  return lines.join('\n');
+}
+
+/**
+ * Format accessibility report
+ * @param {Object} audit - Accessibility audit
+ * @returns {string} Formatted output
+ */
+function formatAccessibilityReport(audit) {
+  const lines = [
+    'Accessibility Audit',
+    '═'.repeat(40),
+    '',
+    `Score: ${audit.score}/100`,
+    '',
+  ];
+
+  if (audit.issues.length === 0) {
+    lines.push('No accessibility issues found!');
+  } else {
+    // Group by severity
+    const bySeverity = {
+      high: [],
+      medium: [],
+      low: [],
+    };
+
+    for (const issue of audit.issues) {
+      const severity = issue.severity || 'medium';
+      if (!bySeverity[severity]) bySeverity[severity] = [];
+      bySeverity[severity].push(issue);
+    }
+
+    if (bySeverity.high.length > 0) {
+      lines.push('HIGH Severity:');
+      for (const issue of bySeverity.high) {
+        lines.push(`  - [${issue.type}] ${issue.description}`);
+      }
+      lines.push('');
+    }
+
+    if (bySeverity.medium.length > 0) {
+      lines.push('MEDIUM Severity:');
+      for (const issue of bySeverity.medium) {
+        lines.push(`  - [${issue.type}] ${issue.description}`);
+      }
+      lines.push('');
+    }
+
+    if (bySeverity.low.length > 0) {
+      lines.push('LOW Severity:');
+      for (const issue of bySeverity.low) {
+        lines.push(`  - [${issue.type}] ${issue.description}`);
+      }
+    }
+  }
+
+  return lines.join('\n');
+}
+
+/**
+ * Format components output
+ * @param {Array} components - Extracted components
+ * @returns {string} Formatted output
+ */
+function formatComponents(components) {
+  const lines = [
+    'Extracted Components',
+    '═'.repeat(40),
+    '',
+    `Found ${components.length} component(s):`,
+    '',
+  ];
+
+  for (const comp of components) {
+    let line = `  - [${comp.type}]`;
+    if (comp.label) line += ` "${comp.label}"`;
+    else if (comp.placeholder) line += ` (placeholder: "${comp.placeholder}")`;
+    else if (comp.content) line += ` "${comp.content.substring(0, 30)}..."`;
+    lines.push(line);
+  }
+
+  return lines.join('\n');
+}
+
+/**
+ * Vision Command class
+ */
+class VisionCommand {
+  /**
+   * Create a vision command handler
+   * @param {Object} options - Dependencies
+   * @param {Object} options.client - Gemini vision client
+   */
+  constructor(options) {
+    this.client = options.client;
+  }
+
+  /**
+   * Execute a command
+   * @param {string} input - Command input
+   * @returns {Promise<Object>} Execution result
+   */
+  async execute(input) {
+    const args = parseArgs(input);
+
+    switch (args.command) {
+      case 'analyze':
+        return this.executeAnalyze(args);
+
+      case 'compare':
+        return this.executeCompare(args);
+
+      case 'a11y':
+        return this.executeA11y(args);
+
+      case 'extract':
+        return this.executeExtract(args);
+
+      default:
+        return {
+          success: false,
+          output: `Unknown command: ${args.command}`,
+        };
+    }
+  }
+
+  /**
+   * Execute analyze command
+   * @param {Object} args - Parsed arguments
+   * @returns {Promise<Object>} Analysis result
+   */
+  async executeAnalyze(args) {
+    try {
+      const analysis = await analyzeImage(this.client, {
+        imagePath: args.imagePath,
+        prompt: args.prompt,
+      });
+
+      return {
+        success: true,
+        output: formatAnalysis(analysis),
+        analysis,
+      };
+    } catch (error) {
+      return {
+        success: false,
+        output: `Analysis failed: ${error.message}`,
+        error: error.message,
+      };
+    }
+  }
+
+  /**
+   * Execute compare command
+   * @param {Object} args - Parsed arguments
+   * @returns {Promise<Object>} Comparison result
+   */
+  async executeCompare(args) {
+    try {
+      const comparison = await compareImages(this.client, {
+        beforeImage: args.beforeImage,
+        afterImage: args.afterImage,
+      });
+
+      return {
+        success: true,
+        output: formatComparison(comparison),
+        comparison,
+      };
+    } catch (error) {
+      return {
+        success: false,
+        output: `Comparison failed: ${error.message}`,
+        error: error.message,
+      };
+    }
+  }
+
+  /**
+   * Execute accessibility audit command
+   * @param {Object} args - Parsed arguments
+   * @returns {Promise<Object>} Audit result
+   */
+  async executeA11y(args) {
+    try {
+      const audit = await auditAccessibility(this.client, {
+        imagePath: args.imagePath,
+      });
+
+      return {
+        success: true,
+        output: formatAccessibilityReport(audit),
+        audit,
+      };
+    } catch (error) {
+      return {
+        success: false,
+        output: `Audit failed: ${error.message}`,
+        error: error.message,
+      };
+    }
+  }
+
+  /**
+   * Execute component extraction command
+   * @param {Object} args - Parsed arguments
+   * @returns {Promise<Object>} Extraction result
+   */
+  async executeExtract(args) {
+    try {
+      const types = args.type ? [args.type] : undefined;
+      const result = await extractComponents(this.client, {
+        imagePath: args.imagePath,
+        types,
+      });
+
+      return {
+        success: true,
+        output: formatComponents(result.components),
+        components: result.components,
+      };
+    } catch (error) {
+      return {
+        success: false,
+        output: `Extraction failed: ${error.message}`,
+        error: error.message,
+      };
+    }
+  }
+}
+
+module.exports = {
+  VisionCommand,
+  parseArgs,
+  formatAnalysis,
+  formatComparison,
+  formatAccessibilityReport,
+  formatComponents,
+};