npm - vibe-audit-scan - Versions diffs - 1.2.11 → 1.2.14 - Mend

vibe-audit-scan 1.2.11 → 1.2.14

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/bin/vibe-audit.js +31 -1
package/package.json +1 -1
package/src/commands/scan.js +1 -1
package/src/utils/trivyInstaller.js +49 -5
package/src/utils/welcome.js +9 -1

package/bin/vibe-audit.js CHANGED Viewed

@@ -2,13 +2,37 @@
 import { program } from 'commander';
 import chalk from 'chalk';
 import boxen from 'boxen';
+import fs from 'fs-extra';
+import path from 'path';
+import os from 'os';
+import { fileURLToPath } from 'url';
 import { scan } from '../src/commands/scan.js';
 import { login, logout, whoami } from '../src/commands/auth.js';
 import { printWelcome, printHelpCheatsheet } from '../src/utils/welcome.js';
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+const pkg = fs.readJsonSync(path.join(__dirname, '..', 'package.json'));
+const version = pkg.version;
+const WELCOME_MARKER = path.join(os.homedir(), '.vibe-audit-scan', '.welcome_shown');
+function checkFirstRunWelcome() {
+  try {
+    if (!fs.existsSync(WELCOME_MARKER)) {
+      printWelcome();
+      fs.ensureDirSync(path.dirname(WELCOME_MARKER));
+      fs.writeFileSync(WELCOME_MARKER, 'true');
+      console.log('\n' + '='.repeat(107) + '\n');
+    }
+  } catch (err) {
+    // Fail-silent to not block main execution
+  }
+}
 program
   .name('vibe')
-  .version('1.2.6', '-V, --version', 'output the version number')
+  .version(version, '-V, --version', 'output the version number')
   .description('Vibe Audit CLI - Scan your codebase for vulnerabilities')
   .configureOutput({
     writeOut: (str) => {
@@ -102,8 +126,14 @@ program
 // Handle vibe without command - show welcome screen
 if (process.argv.length <= 2) {
+  try {
+    fs.ensureDirSync(path.dirname(WELCOME_MARKER));
+    fs.writeFileSync(WELCOME_MARKER, 'true');
+  } catch (err) {}
   printWelcome();
   process.exit(0);
+} else {
+  checkFirstRunWelcome();
 }
 program.parse();

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "vibe-audit-scan",
-  "version": "1.2.11",
+  "version": "1.2.14",
   "type": "module",
   "license": "UNLICENSED",
   "author": "Vibe Audit",

package/src/commands/scan.js CHANGED Viewed

@@ -61,7 +61,7 @@ export async function scan(directory, options) {
       ? `${rawApiUrl}api/audit/gateway`
       : `${rawApiUrl}/api/audit/gateway`;
-    console.log(`📡 Sending scan data to Vibe Gateway at ${gatewayUrl}...`);
+    console.log('📡 Syncing report with Vibe Cloud Gateway...');
     try {
       const result = await sendToAPI(gatewayUrl, filteredData, directory, token, codeFiles);
       console.log('✅ Scan data sent successfully!');

package/src/utils/trivyInstaller.js CHANGED Viewed

@@ -89,13 +89,57 @@ async function installLocalTrivy() {
   // Download the asset
   console.log(`📥 Downloading scanner updates v${latestVersion}...`);
-  const downloadRes = await axios.get(asset.browser_download_url, {
-    responseType: 'arraybuffer'
+  const tempPath = path.join(os.tmpdir(), `trivy_${latestVersion}.${ext}`);
+  const writer = fs.createWriteStream(tempPath);
+  const response = await axios({
+    url: asset.browser_download_url,
+    method: 'GET',
+    responseType: 'stream',
+    timeout: 30000 // 30s connection timeout
   });
-  // Create temp file
-  const tempPath = path.join(os.tmpdir(), `trivy_${latestVersion}.${ext}`);
-  await fs.writeFile(tempPath, downloadRes.data);
+  const totalLength = parseInt(response.headers['content-length'], 10) || 0;
+  let downloadedBytes = 0;
+  let lastPercentage = -10;
+  response.data.pipe(writer);
+  let downloadTimeout = setTimeout(() => {
+    response.data.destroy();
+    writer.destroy();
+  }, 60000); // 60s inactivity timeout
+  response.data.on('data', (chunk) => {
+    // Reset inactivity timeout
+    clearTimeout(downloadTimeout);
+    downloadTimeout = setTimeout(() => {
+      response.data.destroy();
+      writer.destroy();
+    }, 60000);
+    downloadedBytes += chunk.length;
+    if (totalLength > 0) {
+      const percentage = Math.floor((downloadedBytes / totalLength) * 10);
+      if (percentage > lastPercentage) {
+        lastPercentage = percentage;
+        console.log(`📥 Download progress: ${percentage * 10}% (${(downloadedBytes / 1024 / 1024).toFixed(1)}MB / ${(totalLength / 1024 / 1024).toFixed(1)}MB)...`);
+      }
+    } else {
+      console.log(`📥 Downloaded ${(downloadedBytes / 1024 / 1024).toFixed(1)}MB...`);
+    }
+  });
+  await new Promise((resolve, reject) => {
+    writer.on('finish', () => {
+      clearTimeout(downloadTimeout);
+      resolve();
+    });
+    writer.on('error', (err) => {
+      clearTimeout(downloadTimeout);
+      reject(err);
+    });
+  });
   // Extract the binary
   console.log('📦 Extracting scanner components...');

package/src/utils/welcome.js CHANGED Viewed

@@ -1,5 +1,13 @@
 import chalk from 'chalk';
 import boxen from 'boxen';
+import fs from 'fs-extra';
+import path from 'path';
+import { fileURLToPath } from 'url';
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+const pkg = fs.readJsonSync(path.join(__dirname, '..', '..', 'package.json'));
+const version = pkg.version;
 const asciiArt = [
   '█████   █████ █████ ███████████  ██████████      █████████   █████  █████ ██████████   █████ ███████████ ',
@@ -48,7 +56,7 @@ export function printWelcome() {
   console.log('');
   const welcomeContent = `
-${colors.brandBold('Vibe Audit')}${colors.muted(' v1.2.6 | Terminal-First Security')}
+${colors.brandBold('Vibe Audit')}${colors.muted(` v${version} | Terminal-First Security`)}
 ${colors.muted('-'.repeat(50))}
 ${colors.textBold('🚀 Ready to secure your code?')}