vibecheck-ai 2.0.1 → 5.0.0

package/bin/runners/lib/agent-firewall/fs-hook/watcher.js

@@ -0,0 +1,184 @@
+/**
+ * File System Hook - Intercepts ALL file writes at OS level
+ * 
+ * Uses chokidar to watch for file changes and intercepts them
+ * before they're written to disk.
+ */
+
+"use strict";
+
+const chokidar = require("chokidar");
+const fs = require("fs");
+const path = require("path");
+const { interceptFileWrite } = require("../interceptor/base");
+const { loadPolicy } = require("../policy/loader");
+
+class FileSystemHook {
+  constructor(projectRoot) {
+    this.projectRoot = projectRoot;
+    this.watcher = null;
+    this.pendingWrites = new Map(); // Track writes in progress
+    this.isEnabled = false;
+  }
+
+  /**
+   * Start watching for file writes
+   */
+  async start() {
+    if (this.watcher) {
+      return; // Already watching
+    }
+
+    const policy = loadPolicy(this.projectRoot);
+    if (policy.mode !== "enforce") {
+      console.log("⚠️  File system hook only active in enforce mode");
+      return;
+    }
+
+    this.isEnabled = true;
+
+    // Watch for file changes
+    this.watcher = chokidar.watch([
+      "**/*.ts",
+      "**/*.tsx",
+      "**/*.js",
+      "**/*.jsx",
+      "**/*.py",
+      "**/*.go",
+      "**/*.rs"
+    ], {
+      cwd: this.projectRoot,
+      ignored: [
+        "**/node_modules/**",
+        "**/dist/**",
+        "**/.next/**",
+        "**/.vibecheck/**",
+        "**/.git/**",
+        "**/build/**"
+      ],
+      persistent: true,
+      ignoreInitial: true,
+      awaitWriteFinish: {
+        stabilityThreshold: 100,
+        pollInterval: 50
+      }
+    });
+
+    // Intercept file writes
+    this.watcher.on("add", (filePath) => this.handleFileWrite(filePath, "create"));
+    this.watcher.on("change", (filePath) => this.handleFileWrite(filePath, "modify"));
+
+    console.log("🛡️  File System Hook ACTIVE - intercepting all file writes");
+  }
+
+  /**
+   * Handle file write event
+   */
+  async handleFileWrite(filePath, operation) {
+    // Skip if we're already processing this file
+    if (this.pendingWrites.has(filePath)) {
+      return;
+    }
+
+    this.pendingWrites.set(filePath, true);
+
+    try {
+      // Read the new content
+      const fileAbs = path.join(this.projectRoot, filePath);
+      if (!fs.existsSync(fileAbs)) {
+        this.pendingWrites.delete(filePath);
+        return;
+      }
+
+      const newContent = fs.readFileSync(fileAbs, "utf8");
+
+      // Try to get old content from git or backup
+      let oldContent = null;
+      try {
+        // Check if file existed before (for modifications)
+        if (operation === "modify") {
+          // Try to read from git index
+          const { execSync } = require("child_process");
+          try {
+            oldContent = execSync(
+              `git show :${filePath}`,
+              { cwd: this.projectRoot, encoding: "utf8", stdio: "pipe" }
+            );
+          } catch {
+            // File not in git, that's okay
+          }
+        }
+      } catch {
+        // Couldn't get old content, that's okay
+      }
+
+      // Intercept the write
+      const result = await interceptFileWrite({
+        projectRoot: this.projectRoot,
+        agentId: "filesystem-hook",
+        intent: `File ${operation} via filesystem`,
+        filePath: filePath,
+        content: newContent,
+        oldContent: oldContent
+      });
+
+      const policy = loadPolicy(this.projectRoot);
+
+      // If blocked and in enforce mode, revert the file
+      if (!result.allowed && policy.mode === "enforce") {
+        console.error(`\n❌ BLOCKED: ${filePath}`);
+        console.error(`   ${result.message}`);
+
+        if (result.violations) {
+          result.violations.forEach(v => {
+            console.error(`   - ${v.rule}: ${v.message}`);
+          });
+        }
+
+        // Revert the file
+        if (oldContent !== null) {
+          fs.writeFileSync(fileAbs, oldContent, "utf8");
+          console.error(`   ✅ File reverted to previous version\n`);
+        } else {
+          // Delete the file if it was newly created
+          fs.unlinkSync(fileAbs);
+          console.error(`   ✅ File deleted (was newly created)\n`);
+        }
+
+        // Show unblock plan
+        if (result.unblockPlan && result.unblockPlan.steps.length > 0) {
+          console.error("   To fix:");
+          result.unblockPlan.steps.forEach((step, i) => {
+            console.error(`     ${i + 1}. ${step.action}: ${step.description}`);
+          });
+          console.error("");
+        }
+      } else if (result.allowed || policy.mode === "observe") {
+        // Log in observe mode
+        if (policy.mode === "observe" && result.violations && result.violations.length > 0) {
+          console.log(`📊 OBSERVE: ${filePath} - violations logged (not blocked)`);
+        }
+      }
+    } catch (error) {
+      console.error(`Error intercepting file write: ${error.message}`);
+    } finally {
+      this.pendingWrites.delete(filePath);
+    }
+  }
+
+  /**
+   * Stop watching
+   */
+  stop() {
+    if (this.watcher) {
+      this.watcher.close();
+      this.watcher = null;
+      this.isEnabled = false;
+      console.log("🛡️  File System Hook stopped");
+    }
+  }
+}
+
+module.exports = {
+  FileSystemHook
+};

package/bin/runners/lib/agent-firewall/git-hook/pre-commit.js

@@ -0,0 +1,163 @@
+/**
+ * Git Pre-Commit Hook
+ * 
+ * Validates all staged changes against firewall policy before allowing commit.
+ */
+
+"use strict";
+
+const { execSync } = require("child_process");
+const fs = require("fs");
+const path = require("path");
+const { interceptFileWrite } = require("../interceptor/base");
+const { loadPolicy } = require("../policy/loader");
+
+/**
+ * Run pre-commit validation
+ * @param {string} projectRoot - Project root directory
+ * @returns {object} Validation result
+ */
+async function validatePreCommit(projectRoot) {
+  const policy = loadPolicy(projectRoot);
+
+  // Only enforce in enforce mode
+  if (policy.mode !== "enforce") {
+    return { allowed: true, message: "Firewall in observe mode - commit allowed" };
+  }
+
+  try {
+    // Get staged files
+    const stagedFiles = getStagedFiles(projectRoot);
+    
+    if (stagedFiles.length === 0) {
+      return { allowed: true, message: "No files staged" };
+    }
+
+    console.log(`🛡️  Agent Firewall: Validating ${stagedFiles.length} staged file(s)...\n`);
+
+    const violations = [];
+    const blockedFiles = [];
+
+    // Validate each staged file
+    for (const filePath of stagedFiles) {
+      const fileAbs = path.join(projectRoot, filePath);
+      
+      if (!fs.existsSync(fileAbs)) {
+        continue; // File was deleted, skip
+      }
+
+      // Get old content from git
+      let oldContent = null;
+      try {
+        oldContent = execSync(
+          `git show :${filePath}`,
+          { cwd: projectRoot, encoding: "utf8", stdio: "pipe" }
+        );
+      } catch {
+        // File not in git (new file), that's okay
+      }
+
+      // Get new content
+      const newContent = fs.readFileSync(fileAbs, "utf8");
+
+      // Intercept the change
+      const result = await interceptFileWrite({
+        projectRoot,
+        agentId: "git-pre-commit",
+        intent: `Git commit: ${filePath}`,
+        filePath: filePath,
+        content: newContent,
+        oldContent: oldContent
+      });
+
+      if (!result.allowed) {
+        violations.push(...(result.violations || []));
+        blockedFiles.push({
+          file: filePath,
+          violations: result.violations || [],
+          unblockPlan: result.unblockPlan
+        });
+      }
+    }
+
+    if (blockedFiles.length > 0) {
+      console.error("\n❌ COMMIT BLOCKED by Agent Firewall\n");
+      console.error("Violations detected:\n");
+
+      blockedFiles.forEach(({ file, violations: fileViolations }) => {
+        console.error(`  ${file}:`);
+        fileViolations.forEach(v => {
+          console.error(`    - ${v.rule}: ${v.message}`);
+        });
+        console.error("");
+      });
+
+      // Show unblock plans
+      const allPlans = blockedFiles
+        .filter(bf => bf.unblockPlan && bf.unblockPlan.steps.length > 0)
+        .flatMap(bf => bf.unblockPlan.steps);
+
+      if (allPlans.length > 0) {
+        console.error("To fix:");
+        const uniqueSteps = new Map();
+        allPlans.forEach(step => {
+          const key = `${step.action}:${step.file}`;
+          if (!uniqueSteps.has(key)) {
+            uniqueSteps.set(key, step);
+          }
+        });
+        Array.from(uniqueSteps.values()).forEach((step, i) => {
+          console.error(`  ${i + 1}. ${step.action.toUpperCase()}: ${step.file}`);
+          console.error(`     ${step.description}`);
+        });
+        console.error("");
+      }
+
+      return {
+        allowed: false,
+        message: `Commit blocked: ${blockedFiles.length} file(s) have violations`,
+        blockedFiles,
+        violations
+      };
+    }
+
+    console.log("✅ All staged files validated - commit allowed\n");
+    return { allowed: true, message: "All files validated" };
+
+  } catch (error) {
+    console.error(`Error validating commit: ${error.message}`);
+    // In case of error, allow commit (fail open)
+    return { allowed: true, message: `Validation error: ${error.message}` };
+  }
+}
+
+/**
+ * Get list of staged files
+ * @param {string} projectRoot - Project root directory
+ * @returns {array} Array of staged file paths
+ */
+function getStagedFiles(projectRoot) {
+  try {
+    const output = execSync(
+      "git diff --cached --name-only --diff-filter=ACMR",
+      { cwd: projectRoot, encoding: "utf8", stdio: "pipe" }
+    );
+    return output
+      .trim()
+      .split("\n")
+      .filter(Boolean)
+      .filter(file => {
+        // Only check code files
+        const ext = path.extname(file);
+        return [".ts", ".tsx", ".js", ".jsx", ".py", ".go", ".rs"].includes(ext);
+      });
+  } catch (error) {
+    // Not a git repo or no staged files
+    return [];
+  }
+}
+
+module.exports = {
+  validatePreCommit,
+  getStagedFiles
+};

package/bin/runners/lib/agent-firewall/ide-extension/cursor.js

@@ -0,0 +1,107 @@
+/**
+ * Cursor IDE Extension Hook
+ * 
+ * Intercepts file writes at the IDE level for Cursor.
+ * Uses Cursor's extension API to hook into file save events.
+ */
+
+"use strict";
+
+const { interceptFileWrite } = require("../interceptor/base");
+const { loadPolicy } = require("../policy/loader");
+const fs = require("fs");
+const path = require("path");
+
+/**
+ * Cursor extension hook
+ * This would be called by a Cursor extension
+ */
+class CursorFirewallHook {
+  constructor(projectRoot) {
+    this.projectRoot = projectRoot;
+    this.isEnabled = false;
+  }
+
+  /**
+   * Enable the hook
+   */
+  enable() {
+    this.isEnabled = true;
+    this.createCursorConfig();
+  }
+
+  /**
+   * Create Cursor configuration file
+   */
+  createCursorConfig() {
+    const cursorDir = path.join(this.projectRoot, ".cursor");
+    if (!fs.existsSync(cursorDir)) {
+      fs.mkdirSync(cursorDir, { recursive: true });
+    }
+
+    const configFile = path.join(cursorDir, "firewall-hook.json");
+    const config = {
+      enabled: true,
+      mode: "enforce",
+      interceptOnSave: true,
+      interceptOnCreate: true,
+      interceptOnEdit: false // Only on save/create, not every keystroke
+    };
+
+    fs.writeFileSync(configFile, JSON.stringify(config, null, 2));
+  }
+
+  /**
+   * Intercept file save (called by Cursor extension)
+   */
+  async interceptSave(filePath, content, oldContent) {
+    if (!this.isEnabled) {
+      return { allowed: true };
+    }
+
+    const policy = loadPolicy(this.projectRoot);
+
+    // In observe mode, just log
+    if (policy.mode === "observe") {
+      const result = await interceptFileWrite({
+        projectRoot: this.projectRoot,
+        agentId: "cursor-ide",
+        intent: "File save in Cursor",
+        filePath: filePath,
+        content: content,
+        oldContent: oldContent
+      });
+
+      if (result.violations && result.violations.length > 0) {
+        console.log(`📊 OBSERVE: ${filePath} - violations logged`);
+      }
+
+      return { allowed: true };
+    }
+
+    // In enforce mode, block violations
+    const result = await interceptFileWrite({
+      projectRoot: this.projectRoot,
+      agentId: "cursor-ide",
+      intent: "File save in Cursor",
+      filePath: filePath,
+      content: content,
+      oldContent: oldContent
+    });
+
+    if (!result.allowed) {
+      return {
+        allowed: false,
+        message: result.message,
+        violations: result.violations,
+        unblockPlan: result.unblockPlan
+      };
+    }
+
+    return { allowed: true };
+  }
+}
+
+module.exports = {
+  CursorFirewallHook
+};

package/bin/runners/lib/agent-firewall/ide-extension/vscode.js

@@ -0,0 +1,68 @@
+/**
+ * VS Code Extension Hook
+ * 
+ * Intercepts file writes at the IDE level for VS Code.
+ * Uses VS Code's extension API.
+ */
+
+"use strict";
+
+const { interceptFileWrite } = require("../interceptor/base");
+const { loadPolicy } = require("../policy/loader");
+
+/**
+ * VS Code extension hook
+ * This would be called by a VS Code extension
+ */
+class VSCodeFirewallHook {
+  constructor(projectRoot) {
+    this.projectRoot = projectRoot;
+    this.isEnabled = false;
+  }
+
+  /**
+   * Enable the hook
+   */
+  enable() {
+    this.isEnabled = true;
+  }
+
+  /**
+   * Intercept file save (called by VS Code extension)
+   */
+  async interceptSave(filePath, content, oldContent) {
+    if (!this.isEnabled) {
+      return { allowed: true };
+    }
+
+    const policy = loadPolicy(this.projectRoot);
+
+    const result = await interceptFileWrite({
+      projectRoot: this.projectRoot,
+      agentId: "vscode-ide",
+      intent: "File save in VS Code",
+      filePath: filePath,
+      content: content,
+      oldContent: oldContent
+    });
+
+    if (policy.mode === "observe") {
+      return { allowed: true }; // Always allow in observe mode
+    }
+
+    if (!result.allowed) {
+      return {
+        allowed: false,
+        message: result.message,
+        violations: result.violations,
+        unblockPlan: result.unblockPlan
+      };
+    }
+
+    return { allowed: true };
+  }
+}
+
+module.exports = {
+  VSCodeFirewallHook
+};

package/bin/runners/lib/agent-firewall/ide-extension/windsurf.js

@@ -0,0 +1,66 @@
+/**
+ * Windsurf IDE Extension Hook
+ * 
+ * Intercepts file writes at the IDE level for Windsurf.
+ */
+
+"use strict";
+
+const { interceptFileWrite } = require("../interceptor/base");
+const { loadPolicy } = require("../policy/loader");
+
+/**
+ * Windsurf extension hook
+ */
+class WindsurfFirewallHook {
+  constructor(projectRoot) {
+    this.projectRoot = projectRoot;
+    this.isEnabled = false;
+  }
+
+  /**
+   * Enable the hook
+   */
+  enable() {
+    this.isEnabled = true;
+  }
+
+  /**
+   * Intercept file save
+   */
+  async interceptSave(filePath, content, oldContent) {
+    if (!this.isEnabled) {
+      return { allowed: true };
+    }
+
+    const policy = loadPolicy(this.projectRoot);
+
+    const result = await interceptFileWrite({
+      projectRoot: this.projectRoot,
+      agentId: "windsurf-ide",
+      intent: "File save in Windsurf",
+      filePath: filePath,
+      content: content,
+      oldContent: oldContent
+    });
+
+    if (policy.mode === "observe") {
+      return { allowed: true };
+    }
+
+    if (!result.allowed) {
+      return {
+        allowed: false,
+        message: result.message,
+        violations: result.violations,
+        unblockPlan: result.unblockPlan
+      };
+    }
+
+    return { allowed: true };
+  }
+}
+
+module.exports = {
+  WindsurfFirewallHook
+};