Merge pull request #290 from shivasurya/shiva/ux-improvements

secureflow-cli: ux improvements in logs

Author: shivasurya

extension/secureflow/packages/secureflow-cli/lib/animated-loader.js

@@ -262,6 +262,8 @@ async function withLoader(text, asyncFn, options = {}) {
  * Convenience function for security analysis with random meme text
  */
 async function withSecurityLoader(asyncFn, options = {}) {
+  // Add a newline before starting the loader for better spacing
+  console.log('');
   const randomMeme = getRandomSecurityMeme();
   return await withLoader(randomMeme, asyncFn, options);
 }

extension/secureflow/packages/secureflow-cli/lib/token-display.js

@@ -104,11 +104,11 @@ class TokenDisplay {
 
     console.log();
     console.log(
-      green(`I:${currentInput} O:${currentOutput}${reasoningText}`) + ' | ' +
-      cyan(`Total I:${totalInput} O:${totalOutput}`) + ' | ' +
-      contextColor(`C:${remainingContext}`) + ' ' +
-      outputColor(`O:${remainingOutput}`) + ' | ' +
-      magenta(`${contextPercentage}%`)
+      green(`Input :${currentInput} Output :${currentOutput} ${reasoningText}`) + ' | ' +
+      cyan(`Total Input :${totalInput} Output :${totalOutput}`) + ' | ' +
+      contextColor(`Context :${remainingContext}`) + ' ' +
+      outputColor(`Output :${remainingOutput}`) + ' | ' +
+      magenta(`Context Usage :${contextPercentage}%`)
     );
     console.log();
   }

extension/secureflow/packages/secureflow-cli/scanner/ai-security-analyzer.js

@@ -20,7 +20,7 @@ class AISecurityAnalyzer {
    * Perform iterative security analysis with file requests
    */
   async analyzeProject(profileInfo, projectSummary, reviewPrompt) {
-    console.log(magenta('🔍 Starting AI-driven security analysis...'));
+  // console.log(magenta('🔍 Starting AI-driven security analysis...'));
 
     let iteration = 0;
     let currentContext = await this._buildInitialContext(profileInfo, projectSummary, reviewPrompt);
@@ -31,7 +31,6 @@ class AISecurityAnalyzer {
 
     while (iteration < this.maxIterations) {
       iteration++;
-      console.log(cyan(`\n📋 Analysis iteration ${iteration}/${this.maxIterations}`));
 
       // Send context to AI and get response
       const aiResponse = await this._sendToAI(null, iteration, messages);

extension/secureflow/packages/secureflow-cli/tools/mgmt/analyze-plugins.sh

@@ -165,7 +165,28 @@ download_plugin() {
         log "Downloaded $slug successfully"
 
         # Extract with size limits (prevent zip bombs)
-        if unzip -q -j -o "$zip_file" -d "$plugin_dir" 2>/dev/null; then
+        if unzip -q -o "$zip_file" -d "/tmp/extract_$$" 2>/dev/null; then
+            # Handle WordPress plugin directory structure
+            # Plugins are typically packaged as plugin-name/plugin-name/* 
+            local extracted_dir="/tmp/extract_$$"
+            local plugin_content_dir
+            
+            # Find the actual plugin directory (should be the only directory in extracted_dir)
+            plugin_content_dir=$(find "$extracted_dir" -mindepth 1 -maxdepth 1 -type d | head -1)
+            
+            if [[ -n "$plugin_content_dir" && -d "$plugin_content_dir" ]]; then
+                # Move the plugin content to our target directory
+                mv "$plugin_content_dir"/* "$plugin_dir"/ 2>/dev/null || true
+                # Handle hidden files if any
+                mv "$plugin_content_dir"/.[^.]* "$plugin_dir"/ 2>/dev/null || true
+                # Clean up temporary extraction directory
+                rm -rf "$extracted_dir"
+            else
+                # Fallback: move everything from extraction directory
+                mv "$extracted_dir"/* "$plugin_dir"/ 2>/dev/null || true
+                mv "$extracted_dir"/.[^.]* "$plugin_dir"/ 2>/dev/null || true
+                rm -rf "$extracted_dir"
+            fi
             # Check extracted size (limit to 100MB)
             local size=$(du -sm "$plugin_dir" | cut -f1)
             if [[ $size -gt 100 ]]; then
@@ -183,7 +204,7 @@ download_plugin() {
             return 0
         else
             error "Failed to extract $slug"
-            rm -rf "$plugin_dir" "$zip_file"
+            rm -rf "/tmp/extract_$$" "$zip_file"
             return 1
         fi
     else