vibecodingmachine-cli 2026.2.26-1752 → 2026.3.9-1621

package/src/utils/auth.js

@@ -8,101 +8,50 @@ const sharedAuth = require('vibecodingmachine-core/src/auth/shared-auth-storage'
 // AWS Cognito configuration
 const COGNITO_DOMAIN = process.env.COGNITO_DOMAIN || 'vibecodingmachine-auth-1763598779.auth.us-east-1.amazoncognito.com';
 const CLIENT_ID = process.env.COGNITO_APP_CLIENT_ID || '3tbe1i2g36uqule92iuk6snuo3'; // Public client (no secret)
-const PREFERRED_PORT = 3001; // Use 3001 to avoid conflict with web dev server on 3000
+const PREFERRED_PORT = 3001;
 
-// Load shared access denied HTML
 function getAccessDeniedHTML() {
   const accessDeniedPath = require.resolve('vibecodingmachine-core/src/auth/access-denied.html');
   return fs.readFileSync(accessDeniedPath, 'utf8');
 }
 
-// PKCE helper functions
-function generateCodeVerifier() {
-  return crypto.randomBytes(32).toString('base64url');
-}
-
-function generateCodeChallenge(verifier) {
-  return crypto.createHash('sha256').update(verifier).digest('base64url');
-}
+function generateCodeVerifier() { return crypto.randomBytes(32).toString('base64url'); }
+function generateCodeChallenge(verifier) { return crypto.createHash('sha256').update(verifier).digest('base64url'); }
 
 class CLIAuth {
-  /**
-   * Check if authenticated (uses shared storage)
-   */
   async isAuthenticated() {
-    // First check if current token is valid
     const isValid = await sharedAuth.isAuthenticated();
     if (isValid) {
-      // Update user activity in database
       await this._updateUserActivity();
       return true;
     }
-
-    // If not valid, try to refresh
     try {
       const refreshToken = await sharedAuth.getRefreshToken();
       if (refreshToken) {
-        // console.log(chalk.gray('Refreshing session...'));
         const newTokens = await this._refreshTokens(refreshToken);
-
-        // Validate new ID token
         await this._validateToken(newTokens.id_token);
-
-        // Save new tokens
         await sharedAuth.saveToken(newTokens);
-
-        // Update user activity in database
         await this._updateUserActivity();
         return true;
       }
-    } catch (error) {
-      // Refresh failed (token expired or revoked), user needs to login again
-      // console.log(chalk.gray('Session refresh failed, please login again.'));
-    }
-
+    } catch (error) {}
     return false;
   }
 
-  /**
-   * Get stored token (uses shared storage)
-   */
-  async getToken() {
-    return await sharedAuth.getToken();
-  }
+  async getToken() { return await sharedAuth.getToken(); }
 
-  /**
-   * Get auth token string for API requests
-   * Ensures the token is valid and refreshed if necessary
-   */
   async getAuthToken() {
-    // Check if authenticated and refresh if needed
     const isAuth = await this.isAuthenticated();
     if (!isAuth) return null;
-
     const token = await sharedAuth.getToken();
     if (!token) return null;
-
-    // Handle both string token and object with id_token
     return typeof token === 'string' ? token : token.id_token;
   }
 
-  /**
-   * Get user profile (uses shared storage)
-   */
-  async getUserProfile() {
-    return await sharedAuth.getUserProfile();
-  }
+  async getUserProfile() { return await sharedAuth.getUserProfile(); }
 
-  /**
-   * Exchange authorization code for tokens using Cognito token endpoint
-   * @param {string} code - Authorization code
-   * @param {string} codeVerifier - PKCE code verifier
-   * @param {string} redirectUri - Redirect URI used in authorization request
-   * @returns {Promise<string>} ID token
-   */
   async _exchangeCodeForTokens(code, codeVerifier, redirectUri) {
     const https = require('https');
-
     const tokenEndpoint = `https://${COGNITO_DOMAIN}/oauth2/token`;
     const postData = new URLSearchParams({
       grant_type: 'authorization_code',
@@ -111,7 +60,6 @@ class CLIAuth {
       redirect_uri: redirectUri,
       code_verifier: codeVerifier
     }).toString();
-
     return new Promise((resolve, reject) => {
       const options = {
         method: 'POST',
@@ -120,41 +68,34 @@ class CLIAuth {
           'Content-Length': postData.length
         }
       };
-
       const req = https.request(tokenEndpoint, options, (res) => {
         let data = '';
         res.on('data', (chunk) => { data += chunk; });
         res.on('end', () => {
           if (res.statusCode === 200) {
             const tokens = JSON.parse(data);
-            resolve(tokens); // Return full tokens object
+            resolve(tokens);
           } else {
             reject(new Error(`Token exchange failed: ${res.statusCode} - ${data}`));
           }
         });
       });
-
       req.on('error', (error) => {
         reject(new Error(`Token exchange request failed: ${error.message}`));
       });
-
       req.write(postData);
       req.end();
     });
   }
-  /**
-   * Refresh tokens using refresh_token
-   */
+
   async _refreshTokens(refreshToken) {
     const https = require('https');
-
     const tokenEndpoint = `https://${COGNITO_DOMAIN}/oauth2/token`;
     const postData = new URLSearchParams({
       grant_type: 'refresh_token',
       client_id: CLIENT_ID,
       refresh_token: refreshToken
     }).toString();
-
     return new Promise((resolve, reject) => {
       const options = {
         method: 'POST',
@@ -163,14 +104,12 @@ class CLIAuth {
           'Content-Length': postData.length
         }
       };
-
       const req = https.request(tokenEndpoint, options, (res) => {
         let data = '';
         res.on('data', (chunk) => { data += chunk; });
         res.on('end', () => {
           if (res.statusCode === 200) {
             const tokens = JSON.parse(data);
-            // Cognito might not return a new refresh token, so we keep the old one if not provided
             if (!tokens.refresh_token) {
               tokens.refresh_token = refreshToken;
             }
@@ -180,33 +119,22 @@ class CLIAuth {
           }
         });
       });
-
       req.on('error', (error) => {
         reject(new Error(`Token refresh request failed: ${error.message}`));
       });
-
       req.write(postData);
       req.end();
     });
   }
-  /**
-   * Validate JWT token with signature verification
-   * @param {string} idToken - JWT token to validate
-   * @throws {Error} If token is invalid
-   */
+
   async _validateToken(idToken) {
-    // Validate token is a string
     if (!idToken || typeof idToken !== 'string') {
       throw new Error('Token must be a non-empty string');
     }
-
-    // Validate JWT format (must have 3 parts)
     const parts = idToken.split('.');
     if (parts.length !== 3) {
       throw new Error('Invalid JWT format - must have 3 parts separated by dots');
     }
-
-    // CRITICAL: Verify JWT signature using Cognito's public keys
     const jwt = require('jsonwebtoken');
     const jwksClient = require('jwks-rsa');
 
@@ -688,37 +616,11 @@ class CLIAuth {
     }
   }
 
-  /**
-   * Logout (uses shared storage)
-   */
-  async logout() {
-    return await sharedAuth.logout();
-  }
-
-  /**
-   * Check if can run auto mode (uses shared storage)
-   */
-  async canRunAutoMode() {
-    return await sharedAuth.canRunAutoMode();
-  }
+  async logout() { return await sharedAuth.logout(); }
+  async canRunAutoMode() { return await sharedAuth.canRunAutoMode(); }
+  async logIteration() { return await sharedAuth.logIteration(); }
+  async activateLicense(licenseKey) { return await sharedAuth.activateLicense(licenseKey); }
 
-  /**
-   * Log iteration (uses shared storage)
-   */
-  async logIteration() {
-    return await sharedAuth.logIteration();
-  }
-
-  /**
-   * Activate license key (uses shared storage)
-   */
-  async activateLicense(licenseKey) {
-    return await sharedAuth.activateLicense(licenseKey);
-  }
-
-  /**
-   * Register or update user in enhanced database system
-   */
   async _registerUserInDatabase(idToken) {
     try {
       // Decode JWT to get user info (without verification since we already validated)

package/src/utils/config.js

@@ -51,6 +51,10 @@ async function getEffectiveRepoPath() {
   const configured = await getRepoPath();
   if (configured) return configured;
   try {
+    // Skip git operations if environment variable is set
+    if (process.env.VCM_SKIP_GIT_CHECKS) {
+      return process.cwd();
+    }
     return execSync('git rev-parse --show-toplevel', {
       encoding: 'utf8',
       cwd: process.cwd(),

package/src/utils/interactive/requirements-navigation.js

@@ -192,7 +192,7 @@ async function showRequirementDetails(req, sectionKey, tree) {
       type: 'list',
       name: 'action',
       message: 'What would you like to do?',
-      choices: getRequirementActions(sectionKey)
+      choices: getRequirementActions(sectionKey, req.title)
     }
   ]);
 
@@ -201,39 +201,41 @@ async function showRequirementDetails(req, sectionKey, tree) {
   }
 }
 
-function getRequirementActions(sectionKey) {
+function getRequirementActions(sectionKey, requirementTitle = '') {
   const baseActions = [
     { name: '⬅️  Back', value: 'back' }
   ];
 
+  const escTitle = requirementTitle.replace(/'/g, "\\'");
+  
   switch (sectionKey) {
     case 'todo':
       return [
-        { name: '✏️  Rename/Edit', value: 'rename' },
-        { name: '👍 Thumbs up (promote to Verified)', value: 'thumbs-up' },
-        { name: '❓ Needs clarification', value: 'needs-clarification' },
-        { name: '🗑️  Delete', value: 'delete' },
-        { name: '⬆️  Move up', value: 'move-up' },
-        { name: '⬇️  Move down', value: 'move-down' },
+        { name: `✏️  Rename/Edit\n   ${chalk.gray(`Equivalent: app update requirements --rename '${escTitle}' '<new-title>'`)}`, value: 'rename' },
+        { name: `👍 Thumbs up (promote to Verified)\n   ${chalk.gray(`Equivalent: app update requirements --promote '${escTitle}'`)}`, value: 'thumbs-up' },
+        { name: `❓ Needs clarification\n   ${chalk.gray(`Equivalent: app update requirements --clarify '${escTitle}'`)}`, value: 'needs-clarification' },
+        { name: `🗑️  Delete\n   ${chalk.gray(`Equivalent: app remove requirements '${escTitle}'`)}`, value: 'delete' },
+        { name: `⬆️  Move up\n   ${chalk.gray(`Equivalent: app update requirements --move-up '${escTitle}'`)}`, value: 'move-up' },
+        { name: `⬇️  Move down\n   ${chalk.gray(`Equivalent: app update requirements --move-down '${escTitle}'`)}`, value: 'move-down' },
         ...baseActions
       ];
     case 'clarification':
       return [
-        { name: '✍️  Add/Edit Responses', value: 'edit-responses' },
-        { name: '↩️  Move back to TODO (after clarification)', value: 'move-to-todo' },
-        { name: '🗑️  Delete', value: 'delete' },
+        { name: `✍️  Add/Edit Responses\n   ${chalk.gray(`Equivalent: app update requirements --edit-response '${escTitle}'`)}`, value: 'edit-responses' },
+        { name: `↩️  Move back to TODO (after clarification)\n   ${chalk.gray(`Equivalent: app update requirements --move-to-todo '${escTitle}'`)}`, value: 'move-to-todo' },
+        { name: `🗑️  Delete\n   ${chalk.gray(`Equivalent: app remove requirements '${escTitle}'`)}`, value: 'delete' },
         ...baseActions
       ];
     case 'verify':
       return [
-        { name: '↩️  Move back to TODO', value: 'move-to-todo' },
-        { name: '🗑️  Delete', value: 'delete' },
+        { name: `↩️  Move back to TODO\n   ${chalk.gray(`Equivalent: app update requirements --move-to-todo '${escTitle}'`)}`, value: 'move-to-todo' },
+        { name: `🗑️  Delete\n   ${chalk.gray(`Equivalent: app remove requirements '${escTitle}'`)}`, value: 'delete' },
         ...baseActions
       ];
     case 'recycled':
       return [
-        { name: '♻️  Restore to TODO', value: 'restore' },
-        { name: '🗑️  Permanently delete', value: 'permanent-delete' },
+        { name: `♻️  Restore to TODO\n   ${chalk.gray(`Equivalent: app update requirements --restore '${escTitle}'`)}`, value: 'restore' },
+        { name: `🗑️  Permanently delete\n   ${chalk.gray(`Equivalent: app remove requirements '${escTitle}' --permanent`)}`, value: 'permanent-delete' },
         ...baseActions
       ];
     default:

package/src/utils/interactive-broken.js

@@ -120,9 +120,9 @@ async function startInteractive() {
       const repoPath = process.cwd();
       console.log(chalk.gray(t('system.repo').padEnd(25)), formatPath(repoPath));
 
-      // Display git branch if in a git repo
+      // Display git branch if in a git repo (skip if environment variable is set)
       try {
-        if (isGitRepo(repoPath)) {
+        if (!process.env.VCM_SKIP_GIT_CHECKS && isGitRepo(repoPath)) {
           const branch = getCurrentBranch(repoPath);
           if (branch) {
             const isDirty = hasUncommittedChanges(repoPath);

package/src/utils/provider-checker/agent-runner.js

@@ -24,6 +24,10 @@ const CLI_ENTRY_POINT = path.resolve(path.join(__dirname, '../../../bin/vibecodi
 async function runAgentCheck(providerId, def, repoPath, resultFile, timeoutMs, signal = null, onProgress = null) {
   const checkedAt = new Date().toISOString();
 
+  if (onProgress) {
+    onProgress(providerId, 'loading', null, 'Loading...');
+  }
+
   // Ensure temp dir exists
   fs.mkdirSync(path.dirname(resultFile), { recursive: true });
   // Remove stale result file so we detect a fresh write
@@ -157,6 +161,7 @@ async function runAgentCheck(providerId, def, repoPath, resultFile, timeoutMs, s
         try {
           const content = fs.readFileSync(resultFile, 'utf8');
           if (content.includes('VCM_CHECK_OK')) {
+            if (onProgress) onProgress(providerId, 'response_detected', null, 'Response detected.');
             done({ status: 'success', message: 'End-to-end check passed', checkedAt });
           }
         } catch { }
@@ -180,7 +185,7 @@ async function runAgentCheck(providerId, def, repoPath, resultFile, timeoutMs, s
       }
       console.warn(`[AGENT CHECK] Timeout for ${providerId} after ${timeoutMs / 1000}s${diagnosis}`);
 
-      const timeoutResult = { status: 'error', message: `No response within ${timeoutMs / 1000}s${ideLaunchNote}${diagnosis}`, checkedAt };
+      const timeoutResult = { status: 'error', message: `Timeout${ideLaunchNote}${diagnosis}`, checkedAt };
 
       // For IDE timeout, also check for quota limit (in output + UI)
       if (def.type === 'ide') {
@@ -200,6 +205,11 @@ async function runAgentCheck(providerId, def, repoPath, resultFile, timeoutMs, s
       }
     }, 1000); // Check every second
 
+    // Send initial checking status
+    if (onProgress) {
+      onProgress(providerId, 'awaiting', null, 'Awaiting response...');
+    }
+
     let args;
     if (def.type === 'ide') {
       args = [CLI_ENTRY_POINT, 'auto:start', '--ide', def.ide || providerId, '--max-chats', '1'];
@@ -265,6 +275,10 @@ async function runAgentCheck(providerId, def, repoPath, resultFile, timeoutMs, s
       detached: false
     });
 
+    if (onProgress) {
+      onProgress(providerId, 'sending', null, 'Sending text...');
+    }
+
     console.log(`[AGENT CHECK] Child process spawned for ${providerId}, PID: ${child.pid}`);
 
     child.stdout.on('data', d => {

package/src/utils/provider-checker/cli-installer.js

@@ -17,6 +17,22 @@ const CLI_AUTO_INSTALL = {
       path.join(os.homedir(), '.opencode', 'bin'),
     ]
   },
+  'vscode-copilot-cli': {
+    cmd: 'copilot',
+    type: 'homebrew',
+    installScript: 'brew install --cask copilot-cli',
+    // Alternative installation methods
+    alternatives: [
+      { type: 'npm', cmd: 'npm install -g @github/copilot' },
+      { type: 'winget', cmd: 'winget install GitHub.Copilot' },
+      { type: 'direct', cmd: 'curl -fsSL https://gh.io/copilot-install | bash' }
+    ],
+    // Well-known install locations that may not be in Electron's PATH
+    knownPaths: [
+      path.join(os.homedir(), '.local', 'bin'),
+      '/usr/local/bin',
+    ]
+  },
 };
 
 /**
@@ -74,44 +90,170 @@ function isCLIAvailable(cmd, providerId) {
  * Returns { installed: bool, note: string }.
  */
 async function installCLI(providerId) {
+  console.log(`[CLI INSTALLER] Starting installation for provider: ${providerId}`);
+  
   const config = CLI_AUTO_INSTALL[providerId];
   if (!config) {
+    console.log(`[CLI INSTALLER] No auto-install config found for ${providerId}`);
     return { installed: false, note: `Unknown provider: ${providerId}` };
   }
 
+  console.log(`[CLI INSTALLER] Install config for ${providerId}:`, config);
+
+  // Check if already installed first
+  console.log(`[CLI INSTALLER] Checking if ${providerId} is already installed...`);
+  if (isCLIAvailable(config.cmd, providerId)) {
+    console.log(`[CLI INSTALLER] ${providerId} is already installed`);
+    return { installed: true, note: 'Already installed' };
+  }
+  console.log(`[CLI INSTALLER] ${providerId} is not installed, proceeding with installation...`);
+
   // Augmented PATH so the install script and post-install verification can find binaries
   const augPath = getAugmentedPath(providerId);
   const spawnEnv = { ...process.env, PATH: augPath };
+  console.log(`[CLI INSTALLER] Using augmented PATH: ${augPath}`);
 
   return new Promise((resolve) => {
     if (config.type === 'direct' && config.installScript) {
+      console.log(`[CLI INSTALLER] Installing ${providerId} via direct script...`);
       // Direct installation using shell script
       const proc = spawn('bash', ['-c', config.installScript], { stdio: ['ignore', 'pipe', 'pipe'], env: spawnEnv });
       let out = '';
-      proc.stdout.on('data', d => { out += d.toString(); });
-      proc.stderr.on('data', d => { out += d.toString(); });
-      proc.on('error', () => resolve({ installed: false, note: `Failed to run install script for ${providerId}` }));
+      let hasStartedDownload = false;
+      let hasStartedInstall = false;
+      
+      proc.stdout.on('data', d => { 
+        out += d.toString(); 
+        console.log(`[CLI INSTALLER] STDOUT: ${d.toString().trim()}`);
+        
+        // Detect actual progress from output
+        const output = d.toString().toLowerCase();
+        if (output.includes('download') || output.includes('fetch')) {
+          hasStartedDownload = true;
+          // We could emit a progress event here if we had access to onProgress
+        }
+        if (output.includes('install') || output.includes('unpack')) {
+          hasStartedInstall = true;
+          // We could emit a progress event here if we had access to onProgress
+        }
+      });
+      
+      proc.stderr.on('data', d => { 
+        out += d.toString(); 
+        console.log(`[CLI INSTALLER] STDERR: ${d.toString().trim()}`);
+      });
+      
+      proc.on('error', (err) => {
+        console.log(`[CLI INSTALLER] Process error for ${providerId}: ${err.message}`);
+        resolve({ installed: false, note: `Failed to run install script for ${providerId}` });
+      });
+      
       proc.on('close', (code) => {
+        console.log(`[CLI INSTALLER] Install script for ${providerId} exited with code: ${code}`);
+        console.log(`[CLI INSTALLER] Checking if ${providerId} is now available...`);
         if (code === 0 && isCLIAvailable(config.cmd, providerId)) {
+          console.log(`[CLI INSTALLER] ${providerId} successfully installed via direct script`);
           resolve({ installed: true, note: `Installed ${providerId} via direct script` });
         } else {
+          console.log(`[CLI INSTALLER] Install script for ${providerId} failed or tool not found after install`);
           resolve({ installed: false, note: `Install script for ${providerId} exited (${code})` });
         }
       });
-    } else {
+    } else if (config.type === 'homebrew' && config.installScript) {
+      console.log(`[CLI INSTALLER] Installing ${providerId} via homebrew...`);
+      // Homebrew installation
+      const proc = spawn('bash', ['-c', config.installScript], { stdio: ['ignore', 'pipe', 'pipe'], env: spawnEnv });
+      let out = '';
+      let hasStartedDownload = false;
+      let hasStartedInstall = false;
+      
+      proc.stdout.on('data', d => { 
+        out += d.toString(); 
+        console.log(`[CLI INSTALLER] STDOUT: ${d.toString().trim()}`);
+        
+        // Detect actual progress from output
+        const output = d.toString().toLowerCase();
+        if (output.includes('download') || output.includes('fetch')) {
+          hasStartedDownload = true;
+        }
+        if (output.includes('install') || output.includes('unpack')) {
+          hasStartedInstall = true;
+        }
+      });
+      
+      proc.stderr.on('data', d => { 
+        out += d.toString(); 
+        console.log(`[CLI INSTALLER] STDERR: ${d.toString().trim()}`);
+      });
+      
+      proc.on('error', (err) => {
+        console.log(`[CLI INSTALLER] Process error for ${providerId}: ${err.message}`);
+        resolve({ installed: false, note: `Failed to run homebrew install for ${providerId}` });
+      });
+      
+      proc.on('close', (code) => {
+        console.log(`[CLI INSTALLER] Homebrew install for ${providerId} exited with code: ${code}`);
+        console.log(`[CLI INSTALLER] Checking if ${providerId} is now available...`);
+        if (code === 0 && isCLIAvailable(config.cmd, providerId)) {
+          console.log(`[CLI INSTALLER] ${providerId} successfully installed via homebrew`);
+          resolve({ installed: true, note: `Installed ${providerId} via homebrew` });
+        } else {
+          // Try alternatives if homebrew fails
+          if (config.alternatives && config.alternatives.length > 0) {
+            console.log(`[CLI INSTALLER] Homebrew failed for ${providerId}, trying alternatives`);
+            resolve({ installed: false, note: `Homebrew install failed, trying alternatives for ${providerId}` });
+          } else {
+            console.log(`[CLI INSTALLER] Homebrew install for ${providerId} failed with no alternatives`);
+            resolve({ installed: false, note: `Homebrew install for ${providerId} exited (${code})` });
+          }
+        }
+      });
+    } else if (config.type === 'npm') {
+      console.log(`[CLI INSTALLER] Installing ${providerId} via npm...`);
       // NPM installation
       const proc = spawn('npm', ['install', '-g', config.pkg], { stdio: ['ignore', 'pipe', 'pipe'], env: spawnEnv });
       let out = '';
-      proc.stdout.on('data', d => { out += d.toString(); });
-      proc.stderr.on('data', d => { out += d.toString(); });
-      proc.on('error', () => resolve({ installed: false, note: `Failed to run npm install -g ${config.pkg}` }));
+      let hasStartedDownload = false;
+      let hasStartedInstall = false;
+      
+      proc.stdout.on('data', d => { 
+        out += d.toString(); 
+        console.log(`[CLI INSTALLER] STDOUT: ${d.toString().trim()}`);
+        
+        // Detect actual progress from output
+        const output = d.toString().toLowerCase();
+        if (output.includes('download') || output.includes('fetch')) {
+          hasStartedDownload = true;
+        }
+        if (output.includes('install') || output.includes('unpack')) {
+          hasStartedInstall = true;
+        }
+      });
+      
+      proc.stderr.on('data', d => { 
+        out += d.toString(); 
+        console.log(`[CLI INSTALLER] STDERR: ${d.toString().trim()}`);
+      });
+      
+      proc.on('error', (err) => {
+        console.log(`[CLI INSTALLER] Process error for ${providerId}: ${err.message}`);
+        resolve({ installed: false, note: `Failed to run npm install -g ${config.pkg}` });
+      });
+      
       proc.on('close', (code) => {
+        console.log(`[CLI INSTALLER] npm install for ${providerId} exited with code: ${code}`);
+        console.log(`[CLI INSTALLER] Checking if ${providerId} is now available...`);
         if (code === 0 && isCLIAvailable(config.cmd, providerId)) {
+          console.log(`[CLI INSTALLER] ${providerId} successfully installed via npm`);
           resolve({ installed: true, note: `Installed ${config.pkg} via npm` });
         } else {
+          console.log(`[CLI INSTALLER] npm install for ${providerId} failed or tool not found after install`);
           resolve({ installed: false, note: `npm install -g ${config.pkg} exited (${code})` });
         }
       });
+    } else {
+      console.log(`[CLI INSTALLER] No installation method available for ${providerId} (type: ${config.type})`);
+      resolve({ installed: false, note: `No installation method for ${providerId}` });
     }
   });
 }