vibe-audit-scan 1.2.10 → 1.2.12

package/bin/vibe-audit.js

@@ -2,13 +2,37 @@
 import { program } from 'commander';
 import chalk from 'chalk';
 import boxen from 'boxen';
+import fs from 'fs-extra';
+import path from 'path';
+import os from 'os';
+import { fileURLToPath } from 'url';
 import { scan } from '../src/commands/scan.js';
 import { login, logout, whoami } from '../src/commands/auth.js';
 import { printWelcome, printHelpCheatsheet } from '../src/utils/welcome.js';
 
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+const pkg = fs.readJsonSync(path.join(__dirname, '..', 'package.json'));
+const version = pkg.version;
+
+const WELCOME_MARKER = path.join(os.homedir(), '.vibe-audit-scan', '.welcome_shown');
+
+function checkFirstRunWelcome() {
+  try {
+    if (!fs.existsSync(WELCOME_MARKER)) {
+      printWelcome();
+      fs.ensureDirSync(path.dirname(WELCOME_MARKER));
+      fs.writeFileSync(WELCOME_MARKER, 'true');
+      console.log('\n' + '='.repeat(107) + '\n');
+    }
+  } catch (err) {
+    // Fail-silent to not block main execution
+  }
+}
+
 program
   .name('vibe')
-  .version('1.2.6', '-V, --version', 'output the version number')
+  .version(version, '-V, --version', 'output the version number')
   .description('Vibe Audit CLI - Scan your codebase for vulnerabilities')
   .configureOutput({
     writeOut: (str) => {
@@ -102,8 +126,14 @@ program
 
 // Handle vibe without command - show welcome screen
 if (process.argv.length <= 2) {
+  try {
+    fs.ensureDirSync(path.dirname(WELCOME_MARKER));
+    fs.writeFileSync(WELCOME_MARKER, 'true');
+  } catch (err) {}
   printWelcome();
   process.exit(0);
+} else {
+  checkFirstRunWelcome();
 }
 
 program.parse();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "vibe-audit-scan",
-  "version": "1.2.10",
+  "version": "1.2.12",
   "type": "module",
   "license": "UNLICENSED",
   "author": "Vibe Audit",
@@ -10,7 +10,7 @@
     "vibe-audit-scan": "./bin/vibe-audit.js"
   },
   "scripts": {
-    "postinstall": "node -e \"console.log('\\n\\n🎉 Vibe Audit CLI installed successfully!\\n\\n🚀 Run \\\"vibe scan\\\" inside your project folder to start scanning.\\n\\n')\""
+    "postinstall": "node ./bin/vibe-audit.js"
   },
   "dependencies": {
     "adm-zip": "^0.5.17",

package/src/utils/trivyInstaller.js

@@ -89,13 +89,57 @@ async function installLocalTrivy() {
 
   // Download the asset
   console.log(`📥 Downloading scanner updates v${latestVersion}...`);
-  const downloadRes = await axios.get(asset.browser_download_url, {
-    responseType: 'arraybuffer'
+  const tempPath = path.join(os.tmpdir(), `trivy_${latestVersion}.${ext}`);
+  const writer = fs.createWriteStream(tempPath);
+
+  const response = await axios({
+    url: asset.browser_download_url,
+    method: 'GET',
+    responseType: 'stream',
+    timeout: 30000 // 30s connection timeout
   });
 
-  // Create temp file
-  const tempPath = path.join(os.tmpdir(), `trivy_${latestVersion}.${ext}`);
-  await fs.writeFile(tempPath, downloadRes.data);
+  const totalLength = parseInt(response.headers['content-length'], 10) || 0;
+  let downloadedBytes = 0;
+  let lastPercentage = -10;
+
+  response.data.pipe(writer);
+
+  let downloadTimeout = setTimeout(() => {
+    response.data.destroy();
+    writer.destroy();
+  }, 60000); // 60s inactivity timeout
+
+  response.data.on('data', (chunk) => {
+    // Reset inactivity timeout
+    clearTimeout(downloadTimeout);
+    downloadTimeout = setTimeout(() => {
+      response.data.destroy();
+      writer.destroy();
+    }, 60000);
+
+    downloadedBytes += chunk.length;
+    if (totalLength > 0) {
+      const percentage = Math.floor((downloadedBytes / totalLength) * 10);
+      if (percentage > lastPercentage) {
+        lastPercentage = percentage;
+        console.log(`📥 Download progress: ${percentage * 10}% (${(downloadedBytes / 1024 / 1024).toFixed(1)}MB / ${(totalLength / 1024 / 1024).toFixed(1)}MB)...`);
+      }
+    } else {
+      console.log(`📥 Downloaded ${(downloadedBytes / 1024 / 1024).toFixed(1)}MB...`);
+    }
+  });
+
+  await new Promise((resolve, reject) => {
+    writer.on('finish', () => {
+      clearTimeout(downloadTimeout);
+      resolve();
+    });
+    writer.on('error', (err) => {
+      clearTimeout(downloadTimeout);
+      reject(err);
+    });
+  });
 
   // Extract the binary
   console.log('📦 Extracting scanner components...');

package/src/utils/welcome.js

@@ -1,5 +1,13 @@
 import chalk from 'chalk';
 import boxen from 'boxen';
+import fs from 'fs-extra';
+import path from 'path';
+import { fileURLToPath } from 'url';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+const pkg = fs.readJsonSync(path.join(__dirname, '..', '..', 'package.json'));
+const version = pkg.version;
 
 const asciiArt = [
   '█████   █████ █████ ███████████  ██████████      █████████   █████  █████ ██████████   █████ ███████████ ',
@@ -12,60 +20,89 @@ const asciiArt = [
   '     ░░░      ░░░░░ ░░░░░░░░░░░  ░░░░░░░░░░    ░░░░░   ░░░░░   ░░░░░░░░   ░░░░░░░░░░   ░░░░░    ░░░░░    '
 ];
 
+function getColors() {
+  const isLight = (() => {
+    if (process.env.COLORFGBG) {
+      const parts = process.env.COLORFGBG.split(';');
+      if (parts.length > 1) {
+        const bg = parseInt(parts[parts.length - 1], 10);
+        return bg === 7 || bg === 15 || bg > 10;
+      }
+    }
+    if (process.env.ITERM_PROFILE && process.env.ITERM_PROFILE.toLowerCase().includes('light')) {
+      return true;
+    }
+    return false;
+  })();
+
+  return {
+    brand: isLight ? chalk.blue : chalk.cyan,
+    brandBold: isLight ? chalk.blue.bold : chalk.cyan.bold,
+    text: isLight ? chalk.black : chalk.white,
+    textBold: isLight ? chalk.black.bold : chalk.white.bold,
+    muted: isLight ? chalk.blue.dim : chalk.gray,
+    border: isLight ? 'blue' : 'cyan'
+  };
+}
+
 export function printWelcome() {
+  const colors = getColors();
+
   // Print ASCII art first
   console.log('');
   asciiArt.forEach(line => {
-    console.log(chalk.cyan(line));
+    console.log(colors.brand(line));
   });
   console.log('');
 
   const welcomeContent = `
-${chalk.cyan.bold('Vibe Audit')}${chalk.gray(' v1.2.6 | Terminal-First Security')}
-${chalk.gray('-'.repeat(50))}
+${colors.brandBold('Vibe Audit')}${colors.muted(` v${version} | Terminal-First Security`)}
+${colors.muted('-'.repeat(50))}
 
-${chalk.white.bold('🚀 Ready to secure your code?')}
+${colors.textBold('🚀 Ready to secure your code?')}
 
-${chalk.cyan.bold('Quick Start:')}
-  ${chalk.gray('$')} ${chalk.white('vibe scan .')}${chalk.gray('        # Scan current directory')}
-  ${chalk.gray('$')} ${chalk.white('vibe login')}${chalk.gray('         # Authenticate your account')}
+${colors.brandBold('Quick Start:')}
+  ${colors.muted('$')} ${colors.text('vibe scan .')}${colors.muted('        # Scan current directory')}
+  ${colors.muted('$')} ${colors.text('vibe login')}${colors.muted('         # Authenticate your account')}
 
-${chalk.cyan.bold('Need help?')}
-  ${chalk.gray('$')} ${chalk.white('vibe --help')}${chalk.gray('        # View all available commands')}
-  ${chalk.gray('$')} ${chalk.white('vibe cheatsheet')}${chalk.gray('  # List shortcuts and status')}
+${colors.brandBold('Need help?')}
+  ${colors.muted('$')} ${colors.text('vibe --help')}${colors.muted('        # View all available commands')}
+  ${colors.muted('$')} ${colors.text('vibe cheatsheet')}${colors.muted('  # List shortcuts and status')}
 `;
 
   console.log(boxen(welcomeContent, {
     padding: 1,
     margin: 1,
     borderStyle: 'round',
-    borderColor: 'cyan',
+    borderColor: colors.border,
     titleAlignment: 'left'
   }));
 }
 
 export function printHelpCheatsheet() {
+  const colors = getColors();
+
   const cheatsheet = `
-${chalk.cyan.bold('Vibe Audit Command Cheatsheet')}
+${colors.brandBold('Vibe Audit Command Cheatsheet')}
 
-${chalk.white.bold('Auth Commands:')}
-  ${chalk.white('vibe login')}${chalk.gray('       - Authenticate your CLI with the Vibe Cloud backend')}
-  ${chalk.white('vibe whoami')}${chalk.gray('     - Displays the currently logged-in user profile')}
-  ${chalk.white('vibe logout')}${chalk.gray('     - Revokes your session and clears local tokens')}
+${colors.textBold('Auth Commands:')}
+  ${colors.text('vibe login')}${colors.muted('       - Authenticate your CLI with the Vibe Cloud backend')}
+  ${colors.text('vibe whoami')}${colors.muted('     - Displays the currently logged-in user profile')}
+  ${colors.text('vibe logout')}${colors.muted('     - Revokes your session and clears local tokens')}
 
-${chalk.white.bold('Scan Commands:')}
-  ${chalk.white('vibe scan <dir>')}${chalk.gray('  - Scans a directory and sends results to the AI engine')}
-  ${chalk.white('vibe status <id>')}${chalk.gray(' - Checks the real-time processing status of an audit')}
+${colors.textBold('Scan Commands:')}
+  ${colors.text('vibe scan <dir>')}${colors.muted('  - Scans a directory and sends results to the AI engine')}
+  ${colors.text('vibe status <id>')}${colors.muted(' - Checks the real-time processing status of an audit')}
 
-${chalk.white.bold('System Commands:')}
-  ${chalk.white('vibe cheatsheet')}${chalk.gray('  - Lists all commands and current system status')}
-  ${chalk.white('vibe install-deps')}${chalk.gray(' - Auto-installs/verifies Trivy binary dependencies')}
+${colors.textBold('System Commands:')}
+  ${colors.text('vibe cheatsheet')}${colors.muted('  - Lists all commands and current system status')}
+  ${colors.text('vibe install-deps')}${colors.muted(' - Auto-installs/verifies Trivy binary dependencies')}
   `;
   
   console.log(boxen(cheatsheet, {
     padding: 1,
     margin: 1,
     borderStyle: 'round',
-    borderColor: 'cyan'
+    borderColor: colors.border
   }));
 }