npm - valicode - Versions diffs - 2.0.0 - Mend

valicode 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,58 @@
+# valicode
+Official npm wrapper for the Valicode CLI.
+Valicode audits AI-generated code before it reaches production. The npm package uses the same Python CLI published as `valicode` on PyPI, so npm and pip users get the same scan engine and API behavior.
+## Requirements
+- Node.js 18+
+- Python 3.10+
+## Install
+```bash
+npm install -g valicode
+```
+Then run:
+```bash
+valicode --version
+valicode login
+valicode scan .
+```
+## One-off use
+```bash
+npx valicode scan . --output summary
+```
+## CI
+```bash
+npx valicode scan . --fail-under 60 --format sarif > valicode.sarif
+```
+## How it works
+This package provides the `valicode` command for npm users. On first run, it checks for Python 3.10 or newer, creates an isolated Python environment under your user cache directory, and installs/updates the PyPI package with:
+```bash
+python -m pip install --upgrade valicode
+```
+Then it runs the Python CLI module directly.
+If automatic install is blocked by your Python environment, install Valicode manually:
+```bash
+pipx install valicode
+```
+or:
+```bash
+python3 -m pip install --user valicode
+```

package/bin/valicode.js ADDED Viewed

@@ -0,0 +1,170 @@
+#!/usr/bin/env node
+const { spawnSync } = require("node:child_process");
+const { existsSync, mkdirSync } = require("node:fs");
+const { homedir } = require("node:os");
+const { join } = require("node:path");
+const MIN_PYTHON = { major: 3, minor: 10 };
+const PYTHON_CANDIDATES = process.platform === "win32" ? ["py", "python3", "python"] : ["python3", "python"];
+function run(command, args, options = {}) {
+  return spawnSync(command, args, {
+    encoding: "utf8",
+    stdio: options.stdio || "pipe",
+    env: process.env
+  });
+}
+function parseVersion(output) {
+  const match = output.match(/Python\s+(\d+)\.(\d+)\.(\d+)/);
+  if (!match) return null;
+  return {
+    major: Number(match[1]),
+    minor: Number(match[2]),
+    patch: Number(match[3])
+  };
+}
+function isSupportedPython(version) {
+  if (!version) return false;
+  if (version.major > MIN_PYTHON.major) return true;
+  return version.major === MIN_PYTHON.major && version.minor >= MIN_PYTHON.minor;
+}
+function findPython() {
+  for (const candidate of PYTHON_CANDIDATES) {
+    const args = candidate === "py" ? ["-3", "--version"] : ["--version"];
+    const result = run(candidate, args);
+    const version = parseVersion(`${result.stdout || ""}${result.stderr || ""}`);
+    if (result.status === 0 && isSupportedPython(version)) {
+      return {
+        command: candidate,
+        prefixArgs: candidate === "py" ? ["-3"] : [],
+        version
+      };
+    }
+  }
+  return null;
+}
+function pythonArgs(python, args) {
+  return [...python.prefixArgs, ...args];
+}
+function hasValicodeModule(python) {
+  const result = run(python.command, pythonArgs(python, ["-c", "import aov.cli"]));
+  return result.status === 0;
+}
+function getCacheDir() {
+  if (process.env.VALICODE_NPM_CACHE_DIR) return process.env.VALICODE_NPM_CACHE_DIR;
+  const base = process.env.XDG_CACHE_HOME || join(homedir(), ".cache");
+  return join(base, "valicode", "npm-cli");
+}
+function getVenvPythonPath(venvDir) {
+  return process.platform === "win32" ? join(venvDir, "Scripts", "python.exe") : join(venvDir, "bin", "python");
+}
+function createVenv(systemPython, venvDir) {
+  mkdirSync(venvDir, { recursive: true });
+  return run(systemPython.command, pythonArgs(systemPython, ["-m", "venv", venvDir]), { stdio: "inherit" });
+}
+function venvPython(venvDir) {
+  return {
+    command: getVenvPythonPath(venvDir),
+    prefixArgs: []
+  };
+}
+function ensureVenv(systemPython) {
+  const venvDir = join(getCacheDir(), "python");
+  const pythonPath = getVenvPythonPath(venvDir);
+  if (!existsSync(pythonPath)) {
+    process.stderr.write(`Creating Valicode Python environment at ${venvDir}\n`);
+    const created = createVenv(systemPython, venvDir);
+    if (created.status !== 0 || !existsSync(pythonPath)) {
+      process.stderr.write(
+        [
+          "",
+          "Could not create a Python virtual environment for Valicode.",
+          "Install Python with venv support, then try again.",
+          "On Ubuntu/Debian: sudo apt install python3-venv",
+          "On macOS: install Python from python.org or Homebrew.",
+          ""
+        ].join("\n")
+      );
+      process.exit(created.status || 1);
+    }
+  }
+  return venvPython(venvDir);
+}
+function installValicode(python) {
+  process.stderr.write("Installing/updating Valicode CLI from PyPI...\n");
+  return run(
+    python.command,
+    pythonArgs(python, ["-m", "pip", "install", "--upgrade", "valicode"]),
+    { stdio: "inherit" }
+  );
+}
+function printPythonHelp() {
+  process.stderr.write(
+    [
+      "Valicode requires Python 3.10 or newer.",
+      "",
+      "Install Python with venv support, then run one of:",
+      "  npm install -g valicode",
+      "  pipx install valicode",
+      "  python3 -m pip install valicode",
+      ""
+    ].join("\n")
+  );
+}
+function main() {
+  const python = findPython();
+  if (!python) {
+    printPythonHelp();
+    process.exit(1);
+  }
+  const runtimePython = ensureVenv(python);
+  if (!hasValicodeModule(runtimePython)) {
+    const install = installValicode(runtimePython);
+    if (install.status !== 0 || !hasValicodeModule(runtimePython)) {
+      process.stderr.write(
+        [
+          "",
+          "Could not install the Valicode Python CLI automatically.",
+          "Try: pipx install valicode",
+          "Or install directly with pip inside your own virtual environment.",
+          ""
+        ].join("\n")
+      );
+      process.exit(install.status || 1);
+    }
+  }
+  const result = spawnSync(
+    runtimePython.command,
+    pythonArgs(runtimePython, [
+      "-c",
+      "import sys; sys.argv[0] = 'valicode'; from aov.cli import cli; cli()",
+      ...process.argv.slice(2)
+    ]),
+    { stdio: "inherit", env: process.env }
+  );
+  if (result.error) {
+    process.stderr.write(`${result.error.message}\n`);
+    process.exit(1);
+  }
+  process.exit(result.status ?? 0);
+}
+main();

package/package.json ADDED Viewed

@@ -0,0 +1,39 @@
+{
+  "name": "valicode",
+  "version": "2.0.0",
+  "description": "Valicode CLI npm wrapper",
+  "license": "UNLICENSED",
+  "homepage": "https://valicode.sbs",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/in1v/valicode.git",
+    "directory": "packages/npm-cli"
+  },
+  "bugs": {
+    "url": "https://github.com/in1v/valicode-cli/issues"
+  },
+  "keywords": [
+    "ai",
+    "code-review",
+    "security",
+    "cli",
+    "github",
+    "valicode"
+  ],
+  "bin": {
+    "valicode": "bin/valicode.js"
+  },
+  "files": [
+    "bin",
+    "README.md"
+  ],
+  "engines": {
+    "node": ">=18"
+  },
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "test": "node test/smoke.js"
+  }
+}