vibecheck-ai 2.0.1 → 5.0.0

package/bin/runners/runShip.js

@@ -0,0 +1,1660 @@
+/**
+ * vibecheck ship - The Vibe Coder's Best Friend
+ * Zero config. Plain English. One command to ship with confidence.
+ * 
+ * ═══════════════════════════════════════════════════════════════════════════════
+ * ENTERPRISE EDITION - World-Class Terminal Experience
+ * ═══════════════════════════════════════════════════════════════════════════════
+ */
+
+const path = require("path");
+const fs = require("fs");
+const { withErrorHandling } = require("./lib/error-handler");
+const { ensureOutputDir, detectProjectFeatures } = require("./utils");
+const { enforceLimit, enforceFeature, trackUsage, getCurrentTier } = require("./lib/entitlements");
+const { emitShipCheck } = require("./lib/audit-bridge");
+const { parseGlobalFlags, shouldShowBanner } = require("./lib/global-flags");
+const { 
+  generateRunId, 
+  createJsonOutput, 
+  writeJsonOutput, 
+  saveArtifact 
+} = require("./lib/cli-output");
+const { EXIT, verdictToExitCode, exitCodeToVerdict } = require("./lib/exit-codes");
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// NEW: Ship Gate System (v2) - Deterministic, Evidence-backed
+// ═══════════════════════════════════════════════════════════════════════════════
+let _shipGate = null;
+let _shipManifest = null;
+let _whyTree = null;
+
+function getShipGate() {
+  if (!_shipGate) {
+    try {
+      _shipGate = require("./lib/ship-gate");
+    } catch {
+      _shipGate = false;
+    }
+  }
+  return _shipGate;
+}
+
+function getShipManifest() {
+  if (!_shipManifest) {
+    try {
+      _shipManifest = require("./lib/ship-manifest");
+    } catch {
+      _shipManifest = false;
+    }
+  }
+  return _shipManifest;
+}
+
+function getWhyTree() {
+  if (!_whyTree) {
+    try {
+      _whyTree = require("./lib/why-tree");
+    } catch {
+      _whyTree = false;
+    }
+  }
+  return _whyTree;
+}
+
+// Route Truth - Fake endpoint detection (V2 engine-aware)
+const { buildTruthpackSmart, writeTruthpack, detectFastifyEntry } = require("./lib/truth");
+const {
+  findMissingRoutes,
+  findEnvGaps,
+  findFakeSuccess,
+  findGhostAuth,
+  findStripeWebhookViolations,
+  findPaidSurfaceNotEnforced,
+  findOwnerModeBypass,
+  // NEW: AI Hallucination Detectors
+  findOptimisticNoRollback,
+  findSilentCatch,
+  findMethodMismatch,
+  findDeadUI,
+} = require("./lib/analyzers");
+const { findingsFromReality } = require("./lib/reality-findings");
+const { findContractDrift, loadContracts, hasContracts, getDriftSummary } = require("./lib/drift");
+const upsell = require("./lib/upsell");
+const entitlements = require("./lib/entitlements-v2");
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// ENHANCED TERMINAL UI & OUTPUT MODULES
+// ═══════════════════════════════════════════════════════════════════════════════
+
+const {
+  ansi,
+  colors,
+  icons,
+  Spinner,
+  renderBanner,
+  renderSection,
+  formatDuration,
+} = require("./lib/terminal-ui");
+
+const {
+  formatShipOutput: formatShipOutputLegacy,
+  renderVerdictCard,
+  renderFixModeHeader,
+  renderFixResults,
+  renderBadgeOutput,
+  getExitCode,
+  EXIT_CODES,
+  shipIcons,
+} = require("./lib/ship-output");
+
+const {
+  formatShipOutput,
+} = require("./lib/ship-output-enterprise");
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// UNIFIED CLI OUTPUT
+// ═══════════════════════════════════════════════════════════════════════════════
+
+let _cliOutput = null;
+function getCliOutput() {
+  if (!_cliOutput) _cliOutput = require("./lib/unified-cli-output");
+  return _cliOutput;
+}
+
+// Fallback banner if unified not available
+const BANNER_FALLBACK = `
+${ansi.rgb(0, 255, 200)}  ██╗   ██╗██╗██████╗ ███████╗ ██████╗██╗  ██╗███████╗ ██████╗██╗  ██╗${ansi.reset}
+${ansi.rgb(0, 230, 220)}  ██║   ██║██║██╔══██╗██╔════╝██╔════╝██║  ██║██╔════╝██╔════╝██║ ██╔╝${ansi.reset}
+${ansi.rgb(0, 200, 255)}  ██║   ██║██║██████╔╝█████╗  ██║     ███████║█████╗  ██║     █████╔╝ ${ansi.reset}
+${ansi.rgb(50, 150, 255)}  ╚██╗ ██╔╝██║██╔══██╗██╔══╝  ██║     ██╔══██║██╔══╝  ██║     ██╔═██╗ ${ansi.reset}
+${ansi.rgb(100, 100, 255)}   ╚████╔╝ ██║██████╔╝███████╗╚██████╗██║  ██║███████╗╚██████╗██║  ██╗${ansi.reset}
+${ansi.rgb(150, 50, 255)}    ╚═══╝  ╚═╝╚═════╝ ╚══════╝ ╚═════╝╚═╝  ╚═╝╚══════╝ ╚═════╝╚═╝  ╚═╝${ansi.reset}
+`;
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// TERMINAL UTILITIES
+// ═══════════════════════════════════════════════════════════════════════════════
+
+const BOX = {
+  topLeft: '╭', topRight: '╮', bottomLeft: '╰', bottomRight: '╯',
+  horizontal: '─', vertical: '│',
+  teeRight: '├', teeLeft: '┤', teeDown: '┬', teeUp: '┴',
+  cross: '┼',
+  // Double line variants
+  dTopLeft: '╔', dTopRight: '╗', dBottomLeft: '╚', dBottomRight: '╝',
+  dHorizontal: '═', dVertical: '║',
+};
+
+const ICONS = {
+  ship: '🚀',
+  check: '✓',
+  cross: '✗',
+  warning: '⚠',
+  error: '✗',
+  info: 'ℹ',
+  arrow: '→',
+  bullet: '•',
+  star: '★',
+  sparkle: '✨',
+  fire: '🔥',
+  lock: '🔐',
+  key: '🔑',
+  link: '🔗',
+  graph: '📊',
+  map: '🗺️',
+  doc: '📄',
+  folder: '📁',
+  clock: '⏱',
+  target: '🎯',
+  shield: '🛡️',
+  bug: '🐛',
+  wrench: '🔧',
+  lightning: '⚡',
+  package: '📦',
+  route: '🛤️',
+  env: '🌍',
+  auth: '🔒',
+  money: '💰',
+  ghost: '👻',
+  dead: '💀',
+};
+
+const SPINNER_FRAMES = ['⠋', '⠙', '⠹', '⠸', '⠼', '⠴', '⠦', '⠧', '⠇', '⠏'];
+const SPINNER_DOTS = ['⣾', '⣽', '⣻', '⢿', '⡿', '⣟', '⣯', '⣷'];
+const SPINNER_ARROWS = ['←', '↖', '↑', '↗', '→', '↘', '↓', '↙'];
+
+let spinnerIndex = 0;
+let spinnerInterval = null;
+let spinnerStartTime = null;
+
+// formatDuration is imported from terminal-ui.js
+
+function formatNumber(num) {
+  return num.toString().replace(/\B(?=(\d{3})+(?!\d))/g, ',');
+}
+
+function truncate(str, len) {
+  if (!str) return '';
+  if (str.length <= len) return str;
+  return str.slice(0, len - 3) + '...';
+}
+
+function padCenter(str, width) {
+  const padding = Math.max(0, width - str.length);
+  const left = Math.floor(padding / 2);
+  const right = padding - left;
+  return ' '.repeat(left) + str + ' '.repeat(right);
+}
+
+function progressBar(percent, width = 30, opts = {}) {
+  const filled = Math.round((percent / 100) * width);
+  const empty = width - filled;
+  
+  let filledColor;
+  if (opts.color) {
+    filledColor = opts.color;
+  } else if (percent >= 80) {
+    filledColor = colors.shipGreen;
+  } else if (percent >= 50) {
+    filledColor = colors.warnAmber;
+  } else {
+    filledColor = colors.blockRed;
+  }
+  
+  const filledChar = opts.filled || '█';
+  const emptyChar = opts.empty || '░';
+  
+  return `${filledColor}${filledChar.repeat(filled)}${c.dim}${emptyChar.repeat(empty)}${c.reset}`;
+}
+
+function startSpinner(message, style = 'dots') {
+  const frames = style === 'arrows' ? SPINNER_ARROWS : 
+                 style === 'dots' ? SPINNER_DOTS : SPINNER_FRAMES;
+  spinnerStartTime = Date.now();
+  process.stdout.write(c.hideCursor);
+  
+  spinnerInterval = setInterval(() => {
+    const elapsed = formatDuration(Date.now() - spinnerStartTime);
+    process.stdout.write(`\r${c.clearLine}  ${colors.accent}${frames[spinnerIndex]}${c.reset} ${message} ${c.dim}${elapsed}${c.reset}`);
+    spinnerIndex = (spinnerIndex + 1) % frames.length;
+  }, 80);
+}
+
+function stopSpinner(message, success = true) {
+  if (spinnerInterval) {
+    clearInterval(spinnerInterval);
+    spinnerInterval = null;
+  }
+  const elapsed = spinnerStartTime ? formatDuration(Date.now() - spinnerStartTime) : '';
+  const icon = success ? `${colors.shipGreen}${ICONS.check}${c.reset}` : `${colors.blockRed}${ICONS.cross}${c.reset}`;
+  process.stdout.write(`\r${c.clearLine}  ${icon} ${message} ${c.dim}${elapsed}${c.reset}\n`);
+  process.stdout.write(c.showCursor);
+  spinnerStartTime = null;
+}
+
+// Compact banner for fix mode (fallback)
+const SHIP_BANNER_FALLBACK = `
+${ansi.rgb(0, 255, 200)}  ███████╗██╗  ██╗██╗██████╗ ${ansi.reset}
+${ansi.rgb(0, 230, 220)}  ██╔════╝██║  ██║██║██╔══██╗${ansi.reset}
+${ansi.rgb(0, 200, 255)}  ███████╗███████║██║██████╔╝${ansi.reset}
+${ansi.rgb(50, 150, 255)}  ╚════██║██╔══██║██║██╔═══╝ ${ansi.reset}
+${ansi.rgb(100, 100, 255)}  ███████║██║  ██║██║██║     ${ansi.reset}
+${ansi.rgb(150, 50, 255)}  ╚══════╝╚═╝  ╚═╝╚═╝╚═╝     ${ansi.reset}
+`;
+
+function printBanner(compact = false, projectRoot = process.cwd()) {
+  if (compact) {
+    console.log(SHIP_BANNER_FALLBACK);
+    return;
+  }
+  
+  try {
+    const cli = getCliOutput();
+    console.log(cli.renderFullHeader("ship", {
+      version: "4.0.0",
+      tier: "FREE",
+      target: projectRoot,
+      sessionId: cli.generateSessionId(),
+    }));
+  } catch {
+    console.log(BANNER_FALLBACK);
+  }
+}
+
+function printDivider(char = '─', width = 69, color = c.dim) {
+  console.log(`${color}  ${char.repeat(width)}${c.reset}`);
+}
+
+function printSection(title, icon = '◆') {
+  console.log();
+  console.log(`  ${colors.accent}${icon}${c.reset} ${c.bold}${title}${c.reset}`);
+  printDivider();
+}
+
+function printSubSection(title) {
+  console.log();
+  console.log(`  ${c.dim}${BOX.teeRight}${BOX.horizontal}${c.reset} ${c.bold}${title}${c.reset}`);
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// VERDICT DISPLAY - THE HERO MOMENT
+// ═══════════════════════════════════════════════════════════════════════════════
+
+function getVerdictConfig(verdict, score, blockers, warnings) {
+  if (verdict === 'SHIP' || (score >= 90 && blockers === 0)) {
+    return {
+      verdict: 'SHIP',
+      icon: '🚀',
+      headline: 'CLEAR TO SHIP',
+      tagline: 'Your app is production ready!',
+      color: colors.shipGreen,
+      bgColor: bgRgb(0, 80, 50),
+      borderColor: rgb(0, 200, 120),
+      glow: rgb(0, 255, 150),
+    };
+  }
+  
+  if (verdict === 'WARN' || (score >= 50 && blockers <= 2)) {
+    return {
+      verdict: 'WARN',
+      icon: '⚠️',
+      headline: 'REVIEW BEFORE SHIP',
+      tagline: `${warnings} warning${warnings !== 1 ? 's' : ''} to address`,
+      color: colors.warnAmber,
+      bgColor: bgRgb(80, 60, 0),
+      borderColor: rgb(200, 160, 0),
+      glow: rgb(255, 200, 0),
+    };
+  }
+  
+  return {
+    verdict: 'BLOCK',
+    icon: '🛑',
+    headline: 'NOT SHIP READY',
+    tagline: `${blockers} blocker${blockers !== 1 ? 's' : ''} must be fixed`,
+    color: colors.blockRed,
+    bgColor: bgRgb(80, 20, 20),
+    borderColor: rgb(200, 60, 60),
+    glow: rgb(255, 80, 80),
+  };
+}
+
+function printVerdictCard(verdict, score, blockers, warnings, duration) {
+  const config = getVerdictConfig(verdict, score, blockers, warnings);
+  const w = 68; // Inner width
+  
+  console.log();
+  console.log();
+  
+  // Top border with glow effect
+  console.log(`  ${config.borderColor}${BOX.dTopLeft}${BOX.dHorizontal.repeat(w)}${BOX.dTopRight}${c.reset}`);
+  
+  // Empty line
+  console.log(`  ${config.borderColor}${BOX.dVertical}${c.reset}${' '.repeat(w)}${config.borderColor}${BOX.dVertical}${c.reset}`);
+  
+  // Verdict icon and headline
+  const headlineText = `${config.icon}  ${config.headline}`;
+  const headlinePadded = padCenter(headlineText, w);
+  console.log(`  ${config.borderColor}${BOX.dVertical}${c.reset}${config.color}${c.bold}${headlinePadded}${c.reset}${config.borderColor}${BOX.dVertical}${c.reset}`);
+  
+  // Tagline
+  const taglinePadded = padCenter(config.tagline, w);
+  console.log(`  ${config.borderColor}${BOX.dVertical}${c.reset}${c.dim}${taglinePadded}${c.reset}${config.borderColor}${BOX.dVertical}${c.reset}`);
+  
+  // Empty line
+  console.log(`  ${config.borderColor}${BOX.dVertical}${c.reset}${' '.repeat(w)}${config.borderColor}${BOX.dVertical}${c.reset}`);
+  
+  // Score bar
+  const scoreLabel = `VIBE SCORE`;
+  const scoreValue = `${score}/100`;
+  const scoreBar = progressBar(score, 35, { color: config.color });
+  const scoreLine = `     ${scoreLabel}  ${scoreBar}  ${config.color}${c.bold}${scoreValue}${c.reset}`;
+  const scoreLinePadded = scoreLine + ' '.repeat(Math.max(0, w - 60));
+  console.log(`  ${config.borderColor}${BOX.dVertical}${c.reset}${scoreLinePadded}${config.borderColor}${BOX.dVertical}${c.reset}`);
+  
+  // Empty line
+  console.log(`  ${config.borderColor}${BOX.dVertical}${c.reset}${' '.repeat(w)}${config.borderColor}${BOX.dVertical}${c.reset}`);
+  
+  // Stats row
+  const stats = [
+    { label: 'Blockers', value: blockers, color: blockers > 0 ? colors.blockRed : colors.shipGreen },
+    { label: 'Warnings', value: warnings, color: warnings > 0 ? colors.warnAmber : colors.shipGreen },
+    { label: 'Duration', value: formatDuration(duration), color: colors.accent },
+  ];
+  
+  let statsLine = '     ';
+  for (const stat of stats) {
+    statsLine += `${c.dim}${stat.label}:${c.reset} ${stat.color}${c.bold}${stat.value}${c.reset}    `;
+  }
+  const statsLinePadded = statsLine + ' '.repeat(Math.max(0, w - statsLine.length + 20));
+  console.log(`  ${config.borderColor}${BOX.dVertical}${c.reset}${statsLinePadded}${config.borderColor}${BOX.dVertical}${c.reset}`);
+  
+  // Empty line
+  console.log(`  ${config.borderColor}${BOX.dVertical}${c.reset}${' '.repeat(w)}${config.borderColor}${BOX.dVertical}${c.reset}`);
+  
+  // Bottom border
+  console.log(`  ${config.borderColor}${BOX.dBottomLeft}${BOX.dHorizontal.repeat(w)}${BOX.dBottomRight}${c.reset}`);
+  
+  console.log();
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// FINDINGS DISPLAY
+// ═══════════════════════════════════════════════════════════════════════════════
+
+function getSeverityStyle(severity) {
+  const styles = {
+    BLOCK: { color: colors.critical, bg: bgRgb(80, 20, 20), icon: '●', label: 'BLOCKER' },
+    critical: { color: colors.critical, bg: bgRgb(80, 20, 20), icon: '●', label: 'CRITICAL' },
+    WARN: { color: colors.warnAmber, bg: bgRgb(80, 60, 0), icon: '◐', label: 'WARNING' },
+    warning: { color: colors.warnAmber, bg: bgRgb(80, 60, 0), icon: '◐', label: 'WARNING' },
+    high: { color: colors.high, bg: bgRgb(80, 40, 20), icon: '○', label: 'HIGH' },
+    medium: { color: colors.medium, bg: bgRgb(60, 50, 0), icon: '○', label: 'MEDIUM' },
+    low: { color: colors.low, bg: bgRgb(20, 40, 60), icon: '○', label: 'LOW' },
+    info: { color: colors.info, bg: bgRgb(40, 40, 50), icon: '○', label: 'INFO' },
+  };
+  return styles[severity] || styles.info;
+}
+
+function getCategoryIcon(category) {
+  const icons = {
+    'MissingRoute': ICONS.route,
+    'EnvContract': ICONS.env,
+    'EnvGap': ICONS.env,
+    'FakeSuccess': ICONS.ghost,
+    'GhostAuth': ICONS.auth,
+    'StripeWebhook': ICONS.money,
+    'PaidSurface': ICONS.money,
+    'OwnerModeBypass': ICONS.lock,
+    'DeadUI': ICONS.dead,
+    'ContractDrift': ICONS.warning,
+    'Security': ICONS.shield,
+    'Auth': ICONS.lock,
+    'Fake Code': ICONS.ghost,
+  };
+  return icons[category] || ICONS.bug;
+}
+
+function printFindingsBreakdown(findings) {
+  if (!findings || findings.length === 0) {
+    printSection('FINDINGS', ICONS.check);
+    console.log();
+    console.log(`  ${colors.shipGreen}${c.bold}${ICONS.sparkle} No issues found! Your code is clean.${c.reset}`);
+    return;
+  }
+  
+  // Group by category
+  const byCategory = {};
+  for (const f of findings) {
+    const cat = f.category || 'Other';
+    if (!byCategory[cat]) byCategory[cat] = [];
+    byCategory[cat].push(f);
+  }
+  
+  const blockers = findings.filter(f => f.severity === 'BLOCK' || f.severity === 'critical');
+  const warnings = findings.filter(f => f.severity === 'WARN' || f.severity === 'warning');
+  
+  printSection(`FINDINGS (${blockers.length} blockers, ${warnings.length} warnings)`, ICONS.graph);
+  console.log();
+  
+  // Summary by category
+  const categories = Object.entries(byCategory).sort((a, b) => {
+    const aBlockers = a[1].filter(f => f.severity === 'BLOCK').length;
+    const bBlockers = b[1].filter(f => f.severity === 'BLOCK').length;
+    return bBlockers - aBlockers;
+  });
+  
+  for (const [category, catFindings] of categories) {
+    const catBlockers = catFindings.filter(f => f.severity === 'BLOCK' || f.severity === 'critical').length;
+    const catWarnings = catFindings.filter(f => f.severity === 'WARN' || f.severity === 'warning').length;
+    const icon = getCategoryIcon(category);
+    
+    const statusColor = catBlockers > 0 ? colors.blockRed : catWarnings > 0 ? colors.warnAmber : colors.shipGreen;
+    const statusIcon = catBlockers > 0 ? ICONS.cross : catWarnings > 0 ? ICONS.warning : ICONS.check;
+    
+    console.log(`  ${statusColor}${statusIcon}${c.reset} ${icon} ${c.bold}${category.padEnd(20)}${c.reset} ${catBlockers > 0 ? `${colors.blockRed}${catBlockers} blockers${c.reset}` : ''}${catWarnings > 0 ? ` ${colors.warnAmber}${catWarnings} warnings${c.reset}` : ''}`);
+  }
+}
+
+function printBlockerDetails(findings, maxShow = 8) {
+  const blockers = findings.filter(f => f.severity === 'BLOCK' || f.severity === 'critical');
+  
+  if (blockers.length === 0) return;
+  
+  printSection(`BLOCKERS (${blockers.length})`, '🚨');
+  console.log();
+  
+  for (const blocker of blockers.slice(0, maxShow)) {
+    const style = getSeverityStyle(blocker.severity);
+    const icon = getCategoryIcon(blocker.category);
+    
+    // Severity badge
+    console.log(`  ${style.bg}${c.bold} ${style.label} ${c.reset} ${icon} ${c.bold}${truncate(blocker.title, 50)}${c.reset}`);
+    
+    // Details
+    if (blocker.why) {
+      console.log(`  ${' '.repeat(10)} ${c.dim}${truncate(blocker.why, 55)}${c.reset}`);
+    }
+    
+    // File location
+    if (blocker.evidence && blocker.evidence.length > 0) {
+      const ev = blocker.evidence[0];
+      const fileDisplay = `${path.basename(ev.file || '')}${ev.lines ? `:${ev.lines}` : ''}`;
+      console.log(`  ${' '.repeat(10)} ${colors.accent}${ICONS.doc} ${fileDisplay}${c.reset}`);
+    }
+    
+    // Fix hint
+    if (blocker.fixHints && blocker.fixHints.length > 0) {
+      console.log(`  ${' '.repeat(10)} ${colors.shipGreen}${ICONS.arrow} ${truncate(blocker.fixHints[0], 50)}${c.reset}`);
+    }
+    
+    console.log();
+  }
+  
+  if (blockers.length > maxShow) {
+    console.log(`  ${c.dim}... and ${blockers.length - maxShow} more blockers (see full report)${c.reset}`);
+    console.log();
+  }
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// ROUTE TRUTH VISUALIZATION
+// ═══════════════════════════════════════════════════════════════════════════════
+
+function printRouteTruthMap(truthpack) {
+  if (!truthpack) return;
+  
+  printSection('ROUTE TRUTH MAP', ICONS.map);
+  console.log();
+  
+  const serverRoutes = truthpack.routes?.server?.length || 0;
+  const clientRefs = truthpack.routes?.clientRefs?.length || 0;
+  const envVars = truthpack.env?.vars?.length || 0;
+  const envDeclared = truthpack.env?.declared?.length || 0;
+  
+  // Routes coverage
+  const routeCoverage = serverRoutes > 0 ? Math.round((clientRefs / serverRoutes) * 100) : 100;
+  const routeColor = routeCoverage >= 80 ? colors.shipGreen : routeCoverage >= 50 ? colors.warnAmber : colors.blockRed;
+  
+  console.log(`  ${ICONS.route} ${c.bold}Routes${c.reset}`);
+  console.log(`     Server: ${colors.accent}${serverRoutes}${c.reset} defined`);
+  console.log(`     Client: ${colors.accent}${clientRefs}${c.reset} references`);
+  console.log(`     Coverage: ${progressBar(routeCoverage, 20)} ${routeColor}${routeCoverage}%${c.reset}`);
+  console.log();
+  
+  // Env coverage
+  const envCoverage = envVars > 0 ? Math.round((envDeclared / envVars) * 100) : 100;
+  const envColor = envCoverage >= 80 ? colors.shipGreen : envCoverage >= 50 ? colors.warnAmber : colors.blockRed;
+  
+  console.log(`  ${ICONS.env} ${c.bold}Environment${c.reset}`);
+  console.log(`     Used: ${colors.accent}${envVars}${c.reset} variables`);
+  console.log(`     Declared: ${colors.accent}${envDeclared}${c.reset} in .env`);
+  console.log(`     Coverage: ${progressBar(envCoverage, 20)} ${envColor}${envCoverage}%${c.reset}`);
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// PROOF GRAPH VISUALIZATION
+// ═══════════════════════════════════════════════════════════════════════════════
+
+function printProofGraph(proofGraph) {
+  if (!proofGraph || !proofGraph.summary) return;
+  
+  printSection('PROOF GRAPH', ICONS.graph);
+  console.log();
+  
+  const { summary } = proofGraph;
+  
+  // Confidence gauge
+  const confidence = Math.round((summary.confidence || 0) * 100);
+  const confColor = confidence >= 80 ? colors.shipGreen : confidence >= 50 ? colors.warnAmber : colors.blockRed;
+  
+  console.log(`  ${c.bold}Analysis Confidence${c.reset}`);
+  console.log(`  ${progressBar(confidence, 40)} ${confColor}${c.bold}${confidence}%${c.reset}`);
+  console.log();
+  
+  // Claims summary
+  console.log(`  ${c.dim}Claims:${c.reset} ${colors.shipGreen}${summary.verifiedClaims || 0}${c.reset} verified ${c.dim}/${c.reset} ${colors.blockRed}${summary.failedClaims || 0}${c.reset} failed ${c.dim}of${c.reset} ${summary.totalClaims || 0} total`);
+  console.log(`  ${c.dim}Gaps:${c.reset} ${summary.gaps || 0} identified`);
+  console.log(`  ${c.dim}Risk Score:${c.reset} ${summary.riskScore || 0}/100`);
+  
+  // Top blockers from proof graph
+  if (proofGraph.topBlockers && proofGraph.topBlockers.length > 0) {
+    console.log();
+    console.log(`  ${c.bold}Top Unverified Claims:${c.reset}`);
+    for (const blocker of proofGraph.topBlockers.slice(0, 3)) {
+      console.log(`    ${colors.blockRed}${ICONS.cross}${c.reset} ${truncate(blocker.assertion, 50)}`);
+    }
+  }
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// BADGE DISPLAY
+// ═══════════════════════════════════════════════════════════════════════════════
+
+function printBadgeOutput(projectPath, verdict, score) {
+  const projectName = path.basename(projectPath);
+  const projectId = projectName.toLowerCase().replace(/[^a-z0-9]/g, '-');
+  
+  const config = getVerdictConfig(verdict, score, verdict === 'BLOCK' ? 1 : 0, verdict === 'WARN' ? 1 : 0);
+  
+  printSection('SHIP BADGE', '📛');
+  console.log();
+  
+  // Badge preview box
+  const badgeText = `vibecheck | ${verdict} | ${score}`;
+  console.log(`  ${config.bgColor}${c.bold}  ${badgeText}  ${c.reset}`);
+  console.log();
+  
+  const badgeUrl = `https://vibecheck.dev/badge/${projectId}.svg`;
+  const reportUrl = `https://vibecheck.dev/report/${projectId}`;
+  const markdown = `[![Vibecheck](${badgeUrl})](${reportUrl})`;
+  
+  console.log(`  ${c.dim}Badge URL:${c.reset}`);
+  console.log(`  ${colors.accent}${badgeUrl}${c.reset}`);
+  console.log();
+  console.log(`  ${c.dim}Report URL:${c.reset}`);
+  console.log(`  ${colors.accent}${reportUrl}${c.reset}`);
+  console.log();
+  console.log(`  ${c.dim}Add to README.md:${c.reset}`);
+  console.log(`  ${colors.shipGreen}${markdown}${c.reset}`);
+  
+  return { projectId, badgeUrl, reportUrl, markdown };
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// FIX MODE DISPLAY
+// ═══════════════════════════════════════════════════════════════════════════════
+
+function printFixModeHeader() {
+  console.log();
+  console.log(`  ${bgRgb(40, 80, 120)}${c.bold}  ${ICONS.wrench} AUTO-FIX MODE  ${c.reset}`);
+  console.log();
+}
+
+function printFixResults(fixResults) {
+  if (!fixResults) return;
+  
+  printSection('FIX RESULTS', ICONS.wrench);
+  console.log();
+  
+  if (fixResults.errors && fixResults.errors.length > 0) {
+    for (const err of fixResults.errors) {
+      console.log(`  ${colors.blockRed}${ICONS.cross}${c.reset} ${err}`);
+    }
+    console.log();
+  }
+  
+  const actions = [
+    { done: fixResults.envExampleCreated, label: 'Created .env.example', icon: ICONS.env },
+    { done: fixResults.gitignoreUpdated, label: 'Updated .gitignore', icon: ICONS.shield },
+    { done: fixResults.fixesMdCreated, label: 'Generated fixes.md', icon: ICONS.doc },
+  ];
+  
+  for (const action of actions) {
+    const icon = action.done ? `${colors.shipGreen}${ICONS.check}` : `${c.dim}${ICONS.bullet}`;
+    const label = action.done ? c.reset + action.label : c.dim + action.label + c.reset;
+    console.log(`  ${icon}${c.reset} ${action.icon} ${label}`);
+  }
+  
+  if (fixResults.secretsFound && fixResults.secretsFound.length > 0) {
+    console.log();
+    console.log(`  ${c.bold}Secrets to migrate:${c.reset}`);
+    for (const secret of fixResults.secretsFound.slice(0, 5)) {
+      console.log(`    ${ICONS.key} ${secret.varName} ${c.dim}(${secret.type})${c.reset}`);
+    }
+  }
+  
+  console.log();
+  console.log(`  ${colors.shipGreen}${ICONS.check}${c.reset} ${c.bold}Safe fixes applied!${c.reset}`);
+  console.log(`  ${c.dim}Review changes and follow instructions in ${colors.accent}.vibecheck/fixes.md${c.reset}`);
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// HELP DISPLAY
+// ═══════════════════════════════════════════════════════════════════════════════
+
+function printHelp(showBanner = true) {
+  if (showBanner && shouldShowBanner({})) {
+    console.log(BANNER);
+  }
+  console.log(`
+  ${ansi.bold}Usage:${ansi.reset} vibecheck ship ${ansi.dim}(go)${ansi.reset} [options]
+  
+  ${ansi.bold}Aliases:${ansi.reset} ${ansi.dim}go${ansi.reset}
+
+  ${ansi.bold}The One Command${ansi.reset} — Get a ship verdict: ${colors.success}SHIP${ansi.reset} | ${colors.warning}WARN${ansi.reset} | ${colors.error}BLOCK${ansi.reset}
+
+  ${ansi.bold}Verdict Options:${ansi.reset}
+    ${colors.accent}--strict${ansi.reset}        Treat warnings as blockers
+    ${colors.accent}--why${ansi.reset}           Show detailed "why tree" (top blockers + evidence)
+    ${colors.accent}--cached${ansi.reset}        Use cached verdict if repo unchanged
+
+  ${ansi.bold}Output Options:${ansi.reset}
+    ${colors.accent}--json${ansi.reset}          Output full manifest as JSON
+    ${colors.accent}--ci${ansi.reset}            Machine output (KEY=VALUE format for CI/CD)
+    ${colors.accent}--receipt${ansi.reset}       Single-line receipt (parseable)
+    ${colors.accent}--manifest${ansi.reset}      Output full signed manifest
+    ${colors.accent}--badge, -b${ansi.reset}     Generate embeddable badge for README
+
+  ${ansi.bold}Fix Options:${ansi.reset}
+    ${colors.accent}--fix, -f${ansi.reset}       Try safe mechanical fixes ${ansi.dim}(shows plan first)${ansi.reset}
+    ${colors.accent}--assist${ansi.reset}        Generate AI mission prompts for complex issues
+
+  ${ansi.bold}General Options:${ansi.reset}
+    ${colors.accent}--path, -p${ansi.reset}      Project path ${ansi.dim}(default: current directory)${ansi.reset}
+    ${colors.accent}--verbose, -v${ansi.reset}   Show detailed progress
+    ${colors.accent}--legacy${ansi.reset}        Use legacy (non-gate) evaluation
+    ${colors.accent}--help, -h${ansi.reset}      Show this help
+
+  ${ansi.bold}Exit Codes:${ansi.reset}
+    ${colors.success}0${ansi.reset}  SHIP  — Ready to ship
+    ${colors.warning}1${ansi.reset}  WARN  — Warnings found, review recommended
+    ${colors.error}2${ansi.reset}  BLOCK — Blockers found, must fix before shipping
+
+  ${ansi.bold}CI Integration:${ansi.reset}
+    ${ansi.dim}# GitHub Actions - set output variables${ansi.reset}
+    vibecheck ship --ci >> $$GITHUB_OUTPUT
+
+    ${ansi.dim}# Get receipt for artifact storage${ansi.reset}
+    vibecheck ship --receipt > .vibecheck/receipt.txt
+
+    ${ansi.dim}# Cache-aware evaluation (fast re-runs)${ansi.reset}
+    vibecheck ship --cached
+
+  ${ansi.bold}Examples:${ansi.reset}
+    ${ansi.dim}# Quick ship check${ansi.reset}
+    vibecheck ship
+
+    ${ansi.dim}# Show why a verdict was reached${ansi.reset}
+    vibecheck ship --why
+
+    ${ansi.dim}# Auto-fix what can be fixed${ansi.reset}
+    vibecheck ship --fix
+
+    ${ansi.dim}# Generate README badge${ansi.reset}
+    vibecheck ship --badge
+
+    ${ansi.dim}# Strict CI mode (warnings = failure)${ansi.reset}
+    vibecheck ship --strict --ci
+
+  ${ansi.bold}Artifacts Generated:${ansi.reset}
+    ${ansi.dim}.vibecheck/ship/manifest.json${ansi.reset}   Full signed manifest
+    ${ansi.dim}.vibecheck/ship/receipt.txt${ansi.reset}     CI-friendly receipt
+    ${ansi.dim}.vibecheck/ship/github-output.txt${ansi.reset} GitHub Actions output
+`);
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// PROOF GRAPH BUILDER
+// ═══════════════════════════════════════════════════════════════════════════════
+
+function buildProofGraph(findings, truthpack, root) {
+  const claims = [];
+  let claimId = 0;
+  
+  for (const finding of findings) {
+    const claim = {
+      id: `claim-${++claimId}`,
+      type: getClaimType(finding.category),
+      assertion: finding.title || finding.message,
+      verified: finding.severity !== 'BLOCK',
+      confidence: finding.confidence === 'high' ? 0.9 : finding.confidence === 'medium' ? 0.7 : 0.5,
+      evidence: (finding.evidence || []).map((e, i) => ({
+        id: `evidence-${claimId}-${i}`,
+        type: 'file_citation',
+        file: e.file,
+        line: parseInt(e.lines?.split('-')[0]) || e.line || 1,
+        snippet: e.snippetHash || '',
+        strength: 0.8,
+        verifiedAt: new Date().toISOString(),
+        method: 'static'
+      })),
+      gaps: [{
+        id: `gap-${claimId}`,
+        type: getGapType(finding.category),
+        description: finding.why || finding.title,
+        severity: finding.severity === 'BLOCK' ? 'critical' : finding.severity === 'WARN' ? 'medium' : 'low',
+        suggestion: (finding.fixHints || [])[0] || ''
+      }],
+      severity: finding.severity === 'BLOCK' ? 'critical' : finding.severity === 'WARN' ? 'medium' : 'low',
+      file: finding.evidence?.[0]?.file || '',
+      line: parseInt(finding.evidence?.[0]?.lines?.split('-')[0]) || 1
+    };
+    claims.push(claim);
+  }
+  
+  const verifiedClaims = claims.filter(c => c.verified);
+  const failedClaims = claims.filter(c => !c.verified);
+  const allGaps = claims.flatMap(c => c.gaps);
+  
+  const riskScore = Math.min(100, failedClaims.reduce((sum, c) => {
+    if (c.severity === 'critical') return sum + 30;
+    if (c.severity === 'high') return sum + 20;
+    if (c.severity === 'medium') return sum + 10;
+    return sum + 5;
+  }, 0));
+  
+  const confidence = claims.length > 0 
+    ? claims.reduce((sum, c) => sum + c.confidence, 0) / claims.length 
+    : 1.0;
+  
+  return {
+    version: '1.0.0',
+    generatedAt: new Date().toISOString(),
+    projectPath: root,
+    claims,
+    summary: {
+      totalClaims: claims.length,
+      verifiedClaims: verifiedClaims.length,
+      failedClaims: failedClaims.length,
+      gaps: allGaps.length,
+      riskScore,
+      confidence
+    },
+    verdict: findings.some(f => f.severity === 'BLOCK') ? 'BLOCK' :
+             findings.some(f => f.severity === 'WARN') ? 'WARN' : 'SHIP',
+    topBlockers: failedClaims.filter(c => c.severity === 'critical' || c.severity === 'high').slice(0, 5),
+    topGaps: allGaps.filter(g => g.severity === 'critical' || g.severity === 'high').slice(0, 5)
+  };
+}
+
+function getClaimType(category) {
+  const map = {
+    'MissingRoute': 'route_exists',
+    'EnvContract': 'env_declared',
+    'FakeSuccess': 'success_verified',
+    'GhostAuth': 'auth_protected',
+    'StripeWebhook': 'billing_enforced',
+    'PaidSurface': 'billing_enforced',
+    'OwnerModeBypass': 'billing_enforced',
+    'DeadUI': 'ui_wired',
+    'ContractDrift': 'contract_satisfied'
+  };
+  return map[category] || 'ui_wired';
+}
+
+function getGapType(category) {
+  const map = {
+    'MissingRoute': 'missing_handler',
+    'EnvContract': 'missing_verification',
+    'FakeSuccess': 'missing_verification',
+    'GhostAuth': 'missing_gate',
+    'StripeWebhook': 'missing_verification',
+    'PaidSurface': 'missing_gate',
+    'OwnerModeBypass': 'missing_gate',
+    'DeadUI': 'missing_handler',
+    'ContractDrift': 'contract_drift'
+  };
+  return map[category] || 'untested_path';
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// ARGS PARSER
+// ═══════════════════════════════════════════════════════════════════════════════
+
+function parseArgs(args) {
+  // Parse global flags first
+  const { flags: globalFlags, cleanArgs } = parseGlobalFlags(args);
+  
+  const opts = { 
+    fix: false, 
+    path: globalFlags.path || ".", 
+    verbose: globalFlags.verbose || false, 
+    json: globalFlags.json || false,
+    badge: false,
+    assist: false,
+    strict: globalFlags.strict || false,
+    ci: globalFlags.ci || false,
+    mode: null, // "scan" for scan mode
+    withRuntime: false, // merge runtime results
+    help: globalFlags.help || false,
+    noBanner: globalFlags.noBanner || false,
+    quiet: globalFlags.quiet || false,
+    // NEW: Gate mode options
+    useGate: true, // Use new gate system by default
+    cached: false, // Use cached verdict if valid
+    manifest: false, // Output full manifest
+    receipt: false, // Output CI receipt
+    whyTree: false, // Show detailed why tree
+  };
+  
+  // Parse command-specific args
+  for (let i = 0; i < cleanArgs.length; i++) {
+    const a = cleanArgs[i];
+    if (a === "--fix" || a === "-f") opts.fix = true;
+    else if (a === "--badge" || a === "-b") opts.badge = true;
+    else if (a === "--assist") opts.assist = true;
+    else if (a === "--mode") opts.mode = cleanArgs[++i];
+    else if (a === "--with") {
+      const next = cleanArgs[++i];
+      if (next === "runtime") opts.withRuntime = true;
+    }
+    else if (a.startsWith("--path=")) opts.path = a.split("=")[1];
+    else if (a === "--path" || a === "-p") opts.path = args[++i];
+    // NEW: Gate options
+    else if (a === "--legacy") opts.useGate = false;
+    else if (a === "--cached") opts.cached = true;
+    else if (a === "--manifest") opts.manifest = true;
+    else if (a === "--receipt") opts.receipt = true;
+    else if (a === "--why") opts.whyTree = true;
+  }
+  
+  return opts;
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// MAIN SHIP FUNCTION
+// ═══════════════════════════════════════════════════════════════════════════════
+
+async function runShip(args, context = {}) {
+  // Extract runId from context or generate new one
+  const runId = context.runId || generateRunId();
+  const startTime = context.startTime || new Date().toISOString();
+  
+  const opts = parseArgs(args);
+  const executionStart = Date.now();
+
+  // Show help if requested
+  if (opts.help) {
+    printHelp(shouldShowBanner(opts));
+    return 0;
+  }
+
+  // ═══════════════════════════════════════════════════════════════════════════
+  // NEW: Use Ship Gate (v2) system for deterministic, evidence-backed verdicts
+  // ═══════════════════════════════════════════════════════════════════════════
+  if (opts.useGate && !opts.fix && !opts.assist) {
+    try {
+      const gateResult = await runShipGate(opts, context);
+      if (gateResult !== null) {
+        return gateResult;
+      }
+      // If null returned, fall through to legacy mode
+    } catch (err) {
+      if (opts.verbose) {
+        console.error(`  Gate evaluation failed: ${err.message}, using legacy mode`);
+      }
+      // Fall through to legacy mode
+    }
+  }
+
+  // Entitlement check
+  try {
+    await enforceLimit('scans');
+    await enforceFeature('ship');
+    if (opts.fix) {
+      await enforceFeature('fix');
+    }
+  } catch (err) {
+    if (err.code === 'LIMIT_EXCEEDED' || err.code === 'FEATURE_NOT_AVAILABLE') {
+      console.error(`\n  ${colors.error}${icons.error}${ansi.reset} ${err.upgradePrompt || err.message}\n`);
+      return EXIT.TIER_REQUIRED;
+    }
+    throw err;
+  }
+  
+  await trackUsage('scans');
+
+  const projectPath = path.resolve(opts.path);
+  const outputDir = path.join(projectPath, ".vibecheck");
+  const projectName = path.basename(projectPath);
+
+  // Print banner (respects --no-banner, VIBECHECK_NO_BANNER, --ci, --quiet, --json)
+  if (shouldShowBanner(opts)) {
+    printBanner();
+    console.log(`  ${ansi.dim}Project:${ansi.reset}  ${ansi.bold}${projectName}${ansi.reset}`);
+    console.log(`  ${ansi.dim}Path:${ansi.reset}     ${projectPath}`);
+    console.log();
+  }
+
+  let results = {
+    score: 100,
+    grade: "A",
+    canShip: true,
+    deductions: [],
+    blockers: [],
+    warnings: [],
+    findings: [],
+    truthpack: null,
+    proofGraph: null,
+  };
+
+  // Initialize spinner outside try block so it's in scope for catch
+  let spinner;
+  if (!opts.json && !opts.ci) {
+    spinner = new Spinner({ color: colors.accent });
+  }
+
+  try {
+
+    // Phase 1: Production Integrity Check
+    if (spinner) spinner.start('Checking production integrity...');
+    
+    try {
+      const { auditProductionIntegrity } = require(
+        path.join(__dirname, "../../scripts/audit-production-integrity.js"),
+      );
+      const { results: integrityResults, integrity } = await auditProductionIntegrity(projectPath);
+      results.score = integrity.score;
+      results.grade = integrity.grade;
+      results.canShip = integrity.canShip;
+      results.deductions = integrity.deductions;
+      results.integrity = integrityResults;
+    } catch (err) {
+      if (opts.verbose) console.warn(`  ${ansi.dim}Integrity check skipped: ${err.message}${ansi.reset}`);
+    }
+    
+    if (spinner) spinner.succeed('Production integrity checked');
+
+    // Phase 2: Route Truth Analysis
+    if (spinner) spinner.start('Building route truth map...');
+    
+    const fastifyEntry = detectFastifyEntry(projectPath);
+    const truthpack = await buildTruthpackSmart({ repoRoot: projectPath, fastifyEntry });
+    writeTruthpack(projectPath, truthpack);
+    results.truthpack = truthpack;
+    
+    // Run all analyzers in parallel for performance (independent analyzers)
+    // Group 1: File-based analyzers (can run fully in parallel)
+    const fileAnalyzerPromises = [
+      Promise.resolve(findFakeSuccess(projectPath)),
+      Promise.resolve(findOptimisticNoRollback(projectPath)),
+      Promise.resolve(findSilentCatch(projectPath)),
+      Promise.resolve(findDeadUI(projectPath)),
+      Promise.resolve(findOwnerModeBypass(projectPath)),
+    ];
+    
+    // Group 2: Truthpack-based analyzers (depend on truthpack but not each other)
+    const truthpackAnalyzerPromises = [
+      Promise.resolve(findMissingRoutes(truthpack)),
+      Promise.resolve(findMethodMismatch(truthpack)),
+      Promise.resolve(findEnvGaps(truthpack)),
+      Promise.resolve(findGhostAuth(truthpack, projectPath)),
+      Promise.resolve(findStripeWebhookViolations(truthpack)),
+      Promise.resolve(findPaidSurfaceNotEnforced(truthpack)),
+    ];
+    
+    // Run both groups in parallel
+    const [fileResults, truthpackResults] = await Promise.all([
+      Promise.all(fileAnalyzerPromises),
+      Promise.all(truthpackAnalyzerPromises),
+    ]);
+    
+    // Flatten results
+    const allFindings = [
+      ...fileResults.flat(),
+      ...truthpackResults.flat(),
+      // Runtime findings (if requested)
+      ...(opts.withRuntime ? findingsFromReality(projectPath) : [])
+    ];
+    
+    // Contract drift detection
+    if (hasContracts(projectPath)) {
+      const contracts = loadContracts(projectPath);
+      const driftFindings = findContractDrift(contracts, truthpack);
+      allFindings.push(...driftFindings);
+    }
+    
+    results.findings = allFindings;
+    
+    if (spinner) spinner.succeed(`Route truth mapped (${truthpack.routes?.server?.length || 0} routes)`);
+
+    // Phase 3: Build Proof Graph
+    if (spinner) spinner.start('Building proof graph...');
+    
+    const proofGraph = buildProofGraph(allFindings, truthpack, projectPath);
+    results.proofGraph = proofGraph;
+    
+    if (spinner) spinner.succeed(`Proof graph built (${proofGraph.summary.totalClaims} claims)`);
+
+    // Calculate final verdict
+    const blockers = allFindings.filter(f => f.severity === 'BLOCK' || f.severity === 'critical');
+    const warnings = allFindings.filter(f => f.severity === 'WARN' || f.severity === 'warning');
+    
+    results.blockers = blockers;
+    results.warnings = warnings;
+    
+    // Apply strict mode
+    if (opts.strict && warnings.length > 0) {
+      results.canShip = false;
+    }
+    
+    if (blockers.length > 0) {
+      results.canShip = false;
+    }
+    
+    // Deduct score for findings
+    for (const finding of allFindings) {
+      if (finding.severity === 'BLOCK') {
+        results.score = Math.max(0, results.score - 15);
+      } else if (finding.severity === 'WARN') {
+        results.score = Math.max(0, results.score - 5);
+      }
+    }
+    
+    const verdict = results.canShip ? 'SHIP' : blockers.length > 0 ? 'BLOCK' : 'WARN';
+    const duration = Date.now() - startTime;
+
+    // ═══════════════════════════════════════════════════════════════════════════
+    // OUTPUT
+    // ═══════════════════════════════════════════════════════════════════════════
+
+    // JSON output mode
+    if (opts.json) {
+      const output = createJsonOutput({
+        runId,
+        command: "ship",
+        startTime,
+        exitCode: getExitCode(verdict),
+        verdict,
+        result: {
+          verdict,
+          score: results.score,
+          grade: results.grade,
+          canShip: results.canShip,
+          summary: {
+            blockers: blockers.length,
+            warnings: warnings.length,
+            total: allFindings.length,
+          },
+          findings: allFindings,
+          proofGraph: proofGraph.summary,
+          duration: Date.now() - executionStart,
+        },
+        tier: getCurrentTier(),
+        version: require("../../package.json").version,
+        artifacts: [
+          {
+            type: "report",
+            path: path.join(outputDir, "report.json"),
+            description: "Ship report with findings"
+          },
+          {
+            type: "proof",
+            path: path.join(outputDir, "proof-graph.json"),
+            description: "Proof graph analysis"
+          }
+        ]
+      });
+      
+      writeJsonOutput(output, opts.output);
+      
+      // Save artifacts
+      const reportPath = saveArtifact(runId, "report", {
+        ...output.result,
+        truthpack,
+        integrity: results.integrity
+      });
+      const proofPath = saveArtifact(runId, "proof-graph", proofGraph);
+      
+      return getExitCode(verdict);
+    }
+
+    // CI output mode (minimal)
+    if (opts.ci) {
+      console.log(`VERDICT=${verdict}`);
+      console.log(`SCORE=${results.score}`);
+      console.log(`BLOCKERS=${blockers.length}`);
+      console.log(`WARNINGS=${warnings.length}`);
+      
+      // Save CI artifacts
+      saveArtifact(runId, "ci-summary", {
+        verdict,
+        score: results.score,
+        blockers: blockers.length,
+        warnings: warnings.length,
+        timestamp: new Date().toISOString()
+      });
+      
+      return getExitCode(verdict);
+    }
+
+    // Fix mode
+    let fixResults = null;
+    if (opts.fix) {
+      if (spinner) spinner.start('Applying safe fixes...');
+      fixResults = await runAutoFix(projectPath, results, outputDir, allFindings);
+      if (spinner) spinner.succeed('Safe fixes applied');
+    }
+
+    // Human-readable output using enterprise ship-output module
+    const result = {
+      verdict,
+      score: results.score,
+      findings: allFindings,
+      blockers,
+      warnings,
+      truthpack,
+      proofGraph,
+      fixResults,
+      duration: Date.now() - executionStart,
+    };
+
+    // Get current tier for output formatting
+    const currentTier = context?.authInfo?.access?.tier || getCurrentTier() || "free";
+    
+    // Use enterprise format
+    console.log(formatShipOutput(result, {
+      tier: currentTier,
+    }));
+
+    // Badge file generation (STARTER+ only)
+    if (opts.badge) {
+      const isVerified = opts.withRuntime && (currentTier === 'pro' || currentTier === 'compliance');
+      const { data: badgeData } = renderBadgeOutput(projectPath, verdict, results.score, { 
+        tier: currentTier, 
+        isVerified 
+      });
+      
+      // Save badge info
+      fs.mkdirSync(outputDir, { recursive: true });
+      fs.writeFileSync(
+        path.join(outputDir, 'badge.json'),
+        JSON.stringify({ 
+          ...badgeData, 
+          verdict, 
+          score: results.score, 
+          tier: currentTier,
+          isVerified,
+          generatedAt: new Date().toISOString() 
+        }, null, 2)
+      );
+    }
+
+    // Earned upsell: Badge withheld when verdict != SHIP
+    if (!results.canShip) {
+      const currentTier = context?.authInfo?.access?.tier || "free";
+      if (entitlements.tierMeetsMinimum(currentTier, "starter")) {
+        // User has badge access but verdict prevents it
+        console.log(upsell.formatEarnedUpsell({
+          cmd: "ship",
+          verdict,
+          topIssues: blockers.slice(0, 3),
+          withheldArtifact: "badge",
+          currentTier,
+          suggestedCmd: currentTier === "free" ? "vibecheck fix --plan-only" : "vibecheck fix",
+        }));
+      }
+    }
+
+    // Emit audit event
+    emitShipCheck(projectPath, results.canShip ? 'success' : 'failure', {
+      score: results.score,
+      grade: results.grade,
+      canShip: results.canShip,
+      issueCount: allFindings.length,
+    });
+
+    // Write artifacts (no HTML report - use 'vibecheck report' command instead)
+    try {
+      const { writeArtifacts } = require("./utils");
+      writeArtifacts(outputDir, results, { skipHtmlReport: true });
+    } catch {}
+
+    // Exit code: 0=SHIP, 1=WARN, 2=BLOCK
+    const exitCode = getExitCode(verdict);
+    
+    // Save final results
+    saveArtifact(runId, "summary", {
+      verdict,
+      score: results.score,
+      canShip: results.canShip,
+      exitCode,
+      timestamp: new Date().toISOString()
+    });
+    
+    return exitCode;
+
+  } catch (error) {
+    if (spinner) spinner.fail(`Ship check failed: ${error.message}`);
+    
+    console.error(`\n  ${colors.error}${icons.error}${ansi.reset} ${ansi.bold}Error:${ansi.reset} ${error.message}`);
+    if (opts.verbose) {
+      console.error(`  ${ansi.dim}${error.stack}${ansi.reset}`);
+    }
+    
+    return EXIT.INTERNAL_ERROR;
+  }
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// AUTO-FIX (Placeholder - would import from original)
+// ═══════════════════════════════════════════════════════════════════════════════
+
+async function runAutoFix(projectPath, results, outputDir, findings) {
+  // This would be the full auto-fix implementation from the original
+  // Keeping it as a placeholder for now
+  const fixResults = {
+    envExampleCreated: false,
+    gitignoreUpdated: false,
+    fixesMdCreated: false,
+    secretsFound: [],
+    errors: [],
+  };
+  
+  fs.mkdirSync(outputDir, { recursive: true });
+  
+  // Generate fixes.md with modern findings
+  const fixesMdPath = path.join(outputDir, "fixes.md");
+  let md = "# 🔧 vibecheck Fix Guide\n\n";
+  md += `Generated: ${new Date().toISOString()}\n\n`;
+  md += `**${findings.length} issues found**\n\n---\n\n`;
+  
+  for (const finding of findings) {
+    md += `## ${finding.category}: ${finding.title}\n\n`;
+    md += `**Severity:** ${finding.severity}\n\n`;
+    if (finding.why) md += `**Why:** ${finding.why}\n\n`;
+    if (finding.fixHints?.length) {
+      md += "**Fix:**\n";
+      for (const hint of finding.fixHints) {
+        md += `- ${hint}\n`;
+      }
+      md += "\n";
+    }
+    md += "---\n\n";
+  }
+  
+  fs.writeFileSync(fixesMdPath, md);
+  fixResults.fixesMdCreated = true;
+  
+  return fixResults;
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// SHIP GATE (v2) - Deterministic, Evidence-backed Verdict
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/**
+ * Run ship using the new gate system.
+ * 
+ * The gate system provides:
+ * - Deterministic verdicts (same repo state → same verdict)
+ * - Evidence-backed decisions (why tree)
+ * - CI-ready artifacts (manifest, receipt, badge)
+ * 
+ * @param {Object} opts - Options from parseArgs
+ * @param {Object} context - Execution context
+ * @returns {number} Exit code
+ */
+async function runShipGate(opts, context = {}) {
+  const shipGate = getShipGate();
+  const shipManifest = getShipManifest();
+  const whyTreeModule = getWhyTree();
+  
+  if (!shipGate || !shipManifest) {
+    // Fall back to legacy mode if gate modules not available
+    console.error("  Ship gate modules not available, using legacy mode");
+    return null; // Signal to use legacy
+  }
+  
+  const projectPath = path.resolve(opts.path);
+  const startTime = Date.now();
+  
+  // Check cache first if requested
+  if (opts.cached) {
+    const cacheResult = shipGate.checkVerdictCache(projectPath);
+    if (cacheResult.valid) {
+      const manifest = cacheResult.manifest;
+      
+      if (opts.json || opts.manifest) {
+        console.log(JSON.stringify(manifest, null, 2));
+      } else if (opts.receipt) {
+        console.log(shipManifest.generateCIReceipt(manifest));
+      } else if (!opts.quiet) {
+        console.log(`  Using cached verdict: ${manifest.verdict.status} (${cacheResult.age}ms old)`);
+        console.log(`  Fingerprint: ${manifest.repo.fingerprint}`);
+      }
+      
+      return manifest.verdict.exitCode;
+    }
+    
+    if (!opts.quiet && !opts.json) {
+      console.log(`  Cache invalid: ${cacheResult.reason}`);
+    }
+  }
+  
+  // Run full gate evaluation
+  const gate = new shipGate.ShipGate(projectPath, {
+    strict: opts.strict,
+  });
+  
+  const result = await gate.evaluate({
+    skipReality: !opts.withRuntime,
+  });
+  
+  // Output based on mode
+  if (opts.json || opts.manifest) {
+    console.log(JSON.stringify(result.manifest, null, 2));
+    return result.exitCode;
+  }
+  
+  if (opts.receipt) {
+    console.log(shipManifest.generateCIReceipt(result.manifest));
+    return result.exitCode;
+  }
+  
+  if (opts.ci) {
+    // CI mode: minimal key=value output
+    const envVars = shipManifest.generateCIEnvVars(result.manifest);
+    for (const [key, value] of Object.entries(envVars)) {
+      console.log(`${key}=${value}`);
+    }
+    return result.exitCode;
+  }
+  
+  // Human-readable output
+  if (!opts.quiet) {
+    // Print verdict card
+    printVerdictCard(
+      result.verdict, 
+      result.score, 
+      result.evidence.audit.blockers, 
+      result.evidence.audit.warnings, 
+      result.durationMs
+    );
+    
+    // Print why tree if requested or if blocked
+    if (opts.whyTree || result.verdict !== "SHIP") {
+      if (whyTreeModule) {
+        const whyTree = whyTreeModule.buildWhyTree(result.findings);
+        console.log(whyTreeModule.renderWhyTreeTerminal(whyTree));
+      } else {
+        // Fallback: simple why tree from manifest
+        const why = result.manifest.evidence.whyTree;
+        console.log(`\n  ${ansi.bold}WHY: ${result.verdict}${ansi.reset}`);
+        console.log(`  ${ansi.dim}${why.summary}${ansi.reset}\n`);
+        
+        for (const issue of why.topIssues || []) {
+          console.log(`  ${colors.blockRed}•${ansi.reset} ${issue.title}`);
+          if (issue.evidence?.file) {
+            console.log(`    ${ansi.dim}→ ${issue.evidence.file}:${issue.evidence.lines || ""}${ansi.reset}`);
+          }
+          if (issue.fixHint) {
+            console.log(`    ${colors.shipGreen}Fix: ${issue.fixHint}${ansi.reset}`);
+          }
+          console.log();
+        }
+      }
+    }
+    
+    // Print artifact paths
+    console.log(`  ${ansi.dim}Artifacts:${ansi.reset}`);
+    console.log(`    ${ansi.dim}Manifest: ${result.artifactPaths.manifest}${ansi.reset}`);
+    console.log(`    ${ansi.dim}Receipt:  ${result.artifactPaths.receipt}${ansi.reset}`);
+    console.log();
+    
+    // Badge info if requested
+    if (opts.badge) {
+      const badgeInfo = shipManifest.generateBadgeInfo(result.manifest);
+      console.log(`  ${ansi.bold}Badge:${ansi.reset}`);
+      console.log(`    ${badgeInfo.markdown}`);
+      console.log();
+    }
+  }
+  
+  return result.exitCode;
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// SHIP CORE (for programmatic use)
+// ═══════════════════════════════════════════════════════════════════════════════
+
+async function shipCore({ repoRoot, fastifyEntry, jsonOut, noWrite } = {}) {
+  const root = repoRoot || process.cwd();
+  const fastEntry = fastifyEntry || detectFastifyEntry(root);
+
+  const truthpack = await buildTruthpackSmart({ repoRoot: root, fastifyEntry: fastEntry });
+  if (!noWrite) writeTruthpack(root, truthpack);
+
+  // Run analyzers in parallel for performance
+  const [fileResults, truthpackResults] = await Promise.all([
+    Promise.all([
+      Promise.resolve(findFakeSuccess(root)),
+      Promise.resolve(findOptimisticNoRollback(root)),
+      Promise.resolve(findSilentCatch(root)),
+      Promise.resolve(findDeadUI(root)),
+      Promise.resolve(findOwnerModeBypass(root)),
+    ]),
+    Promise.all([
+      Promise.resolve(findMissingRoutes(truthpack)),
+      Promise.resolve(findMethodMismatch(truthpack)),
+      Promise.resolve(findEnvGaps(truthpack)),
+      Promise.resolve(findGhostAuth(truthpack, root)),
+      Promise.resolve(findStripeWebhookViolations(truthpack)),
+      Promise.resolve(findPaidSurfaceNotEnforced(truthpack)),
+    ]),
+  ]);
+
+  const allFindings = [
+    ...fileResults.flat(),
+    ...truthpackResults.flat(),
+    // Runtime findings
+    ...findingsFromReality(root)
+  ];
+
+  const verdict = allFindings.some(f => f.severity === "BLOCK") ? "BLOCK" :
+                  allFindings.some(f => f.severity === "WARN") ? "WARN" : "SHIP";
+
+  const proofGraph = buildProofGraph(allFindings, truthpack, root);
+
+  const report = {
+    meta: { generatedAt: new Date().toISOString(), verdict },
+    truthpackHash: truthpack.index?.hashes?.truthpackHash,
+    findings: allFindings,
+    proofGraph: {
+      summary: proofGraph.summary,
+      topBlockers: proofGraph.topBlockers.slice(0, 5),
+      topGaps: proofGraph.topGaps.slice(0, 5)
+    }
+  };
+
+  const outDir = path.join(root, ".vibecheck");
+  fs.mkdirSync(outDir, { recursive: true });
+  fs.writeFileSync(path.join(outDir, "last_ship.json"), JSON.stringify(report, null, 2));
+  fs.writeFileSync(path.join(outDir, "proof-graph.json"), JSON.stringify(proofGraph, null, 2));
+
+  // Note: HTML reports are generated by 'vibecheck report' command, not here
+
+  if (jsonOut) {
+    fs.writeFileSync(path.isAbsolute(jsonOut) ? jsonOut : path.join(root, jsonOut), JSON.stringify(report, null, 2));
+  }
+
+  return { report, truthpack, verdict };
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// EXPORTS
+// ═══════════════════════════════════════════════════════════════════════════════
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// SEAL COMMAND - Badge and Attestation Generator
+// ═══════════════════════════════════════════════════════════════════════════════
+
+/**
+ * Generate seal (badge) and attestation from the latest ship manifest.
+ * 
+ * @param {string[]} args - Command arguments
+ * @param {Object} context - Execution context
+ * @returns {number} Exit code
+ */
+async function runSeal(args = [], context = {}) {
+  const { parseGlobalFlags } = require("./lib/global-flags");
+  const { EXIT } = require("./lib/exit-codes");
+  
+  const { flags: globalFlags } = parseGlobalFlags(args);
+  const quiet = globalFlags.quiet || args.includes("--quiet") || args.includes("-q");
+  const json = globalFlags.json || args.includes("--json");
+  const projectRoot = context.repoRoot || globalFlags.path || process.cwd();
+  
+  const shipManifest = getShipManifest();
+  
+  if (!shipManifest) {
+    if (!quiet) {
+      console.error("  Seal module not available");
+    }
+    return EXIT.INTERNAL_ERROR;
+  }
+  
+  // Load latest manifest
+  const manifest = shipManifest.loadShipManifest(projectRoot);
+  
+  if (!manifest) {
+    if (json) {
+      console.log(JSON.stringify({ 
+        success: false, 
+        error: "No ship manifest found. Run 'vibecheck ship' first." 
+      }));
+    } else if (!quiet) {
+      console.error("  No ship manifest found. Run 'vibecheck ship' first.");
+    }
+    return EXIT.NOT_FOUND;
+  }
+  
+  // Verify signature
+  const verification = shipManifest.verifyManifestSignature(manifest);
+  
+  // Generate badge info
+  const badge = shipManifest.generateBadgeInfo(manifest);
+  
+  // Build seal output
+  const seal = {
+    verdict: manifest.verdict.status,
+    score: manifest.verdict.score,
+    canShip: manifest.verdict.canShip,
+    
+    // Repo info
+    repo: {
+      name: manifest.repo.name,
+      commit: manifest.repo.commit,
+      branch: manifest.repo.branch,
+      fingerprint: manifest.repo.fingerprint,
+    },
+    
+    // Badge URLs
+    badge: {
+      shields: badge.url.shields,
+      badgen: badge.url.badgen,
+      markdown: badge.markdown,
+    },
+    
+    // Attestation
+    attestation: {
+      signatureValid: verification.valid,
+      digest: manifest.signature.digest,
+      algorithm: manifest.signature.algorithm,
+      generatedAt: manifest.meta.generatedAt,
+    },
+    
+    // Evidence summary
+    evidence: {
+      blockers: manifest.evidence.summary.blockers,
+      warnings: manifest.evidence.summary.warnings,
+      totalFindings: manifest.evidence.summary.total,
+    },
+  };
+  
+  if (json) {
+    console.log(JSON.stringify(seal, null, 2));
+  } else if (!quiet) {
+    console.log(`
+  ${ansi.bold}${ansi.cyan}╔═══════════════════════════════════════════════════════════════════╗
+  ║                                                                   ║
+  ║   SHIP SEAL                                                       ║
+  ║                                                                   ║
+  ╚═══════════════════════════════════════════════════════════════════╝${ansi.reset}
+
+  ${ansi.bold}Verdict:${ansi.reset} ${seal.verdict === "SHIP" ? colors.shipGreen : seal.verdict === "WARN" ? colors.warnAmber : colors.blockRed}${seal.verdict}${ansi.reset}
+  ${ansi.bold}Score:${ansi.reset}   ${seal.score}/100
+
+  ${ansi.bold}Repository${ansi.reset}
+    ${ansi.dim}Name:${ansi.reset}        ${seal.repo.name}
+    ${ansi.dim}Commit:${ansi.reset}      ${seal.repo.commit}
+    ${ansi.dim}Branch:${ansi.reset}      ${seal.repo.branch}
+    ${ansi.dim}Fingerprint:${ansi.reset} ${seal.repo.fingerprint}
+
+  ${ansi.bold}Attestation${ansi.reset}
+    ${ansi.dim}Signature:${ansi.reset}   ${verification.valid ? colors.shipGreen + "✓ Valid" : colors.blockRed + "✗ Invalid"}${ansi.reset}
+    ${ansi.dim}Digest:${ansi.reset}      ${seal.attestation.digest}
+    ${ansi.dim}Generated:${ansi.reset}   ${seal.attestation.generatedAt}
+
+  ${ansi.bold}Badge (copy to README.md):${ansi.reset}
+    ${colors.shipGreen}${seal.badge.markdown}${ansi.reset}
+
+  ${ansi.dim}Evidence: ${seal.evidence.blockers} blockers, ${seal.evidence.warnings} warnings${ansi.reset}
+`);
+  }
+  
+  return manifest.verdict.exitCode;
+}
+
+// ═══════════════════════════════════════════════════════════════════════════════
+// EXPORTS
+// ═══════════════════════════════════════════════════════════════════════════════
+
+module.exports = { 
+  runShip: withErrorHandling(runShip, "Ship check failed"),
+  runSeal: withErrorHandling(runSeal, "Seal generation failed"),
+  runShipGate,
+  shipCore,
+};