Open
Conversation
Implements defensive-mode subcommands for VIP-CLI: - vip @app.env defensive-mode enable: Enable bot/DDoS protection - vip @app.env defensive-mode disable: Disable protection with confirmation - vip @app.env defensive-mode status: Display current config and status Features: - REST API integration via existing http client - JSON output format for automation (--format=json) - Interactive confirmation prompt for disable (--confirm to skip) - Permission-aware error messages - Analytics tracking via trackEvent - Follows existing VIP-CLI patterns and conventions Related: VIP CLI-Dashboard Parity Initiative (24 feature gaps identified)
Tests cover: - Enable command: success cases, JSON output, already enabled state, error handling - Disable command: confirmation prompt, --confirm flag, cancellation, error handling - Status command: active/inactive states, WordPress/Node.js thresholds, custom vs default values, JSON output All 24 tests passing: - 8 enable command tests - 8 disable command tests - 8 status command tests Includes proper mocking of API, exit, tracker, and prompt modules.
Test Plan (test-plan-defensive-mode.md): - 20 comprehensive test cases - Prerequisites and environment setup - Manual validation procedures - Dashboard verification steps - Bulk operations testing - Sign-off checklist User Documentation (docs/defensive-mode.md): - Complete CLI reference for all 3 commands - Configuration field explanations - Bulk operations examples - CI/CD integration examples - Best practices and troubleshooting - Error message reference - Permission requirements Addresses steps 3 (staging validation) and 4 (documentation).
Add defensive-mode to command registry in vip.js to make it accessible via: vip @app.env defensive-mode <subcommand> Placed alphabetically between 'db' and 'dev-env' commands.
Issue: REST endpoints (/v1/sites/:siteId/defensive-mode) return 404 Cause: REST API not deployed to production Parker yet Solution: Use GraphQL queries/mutations instead (what Dashboard uses) Changes: - getDefensiveMode: Uses GraphQL query or appQuery data - updateDefensiveMode: Uses GraphQL mutation - Expanded appQuery to include defensiveMode.config fields - Fixed status display: correct env name, show only active threshold - Tested successfully on vip-lucas-radke production (6633) Result: All commands now working against production API ✅
- Use updateDefensiveModeStatus mutation for enable/disable (not updateDefensiveModeConfig) - Query for updated config after mutation (mutation only returns success/message) - Fix environment name display in all commands (use type instead of name) - Fix threshold display to only show non-null value (percentage OR absolute, not both) Tested successfully: - Disable: vip-lucas-radke production -> INACTIVE ✅ - Enable: vip-lucas-radke production -> ACTIVE ✅ - Status: Shows correct config with proper formatting ✅ All 3 commands working end-to-end on production.
Purpose and Context: Fixed TypeScript linting errors related to unsafe 'any' type access on GraphQL responses. Added proper type definitions for all API responses and parameters. Key Changes: - Added DefensiveModeGraphQLConfig interface - Added UpdateDefensiveModeConfigResponse interface - Added UpdateDefensiveModeStatusResponse interface - Added DefensiveModeQueryResponse interface - Added EnvironmentData interface for envData parameter - Added type parameters to api.query() and api.mutate() calls - Added null checks for message.includes() calls Impact and Considerations: Improves type safety and IDE autocomplete support. No runtime behavior changes. Reduces linting errors from 31 to 4 (warnings only). Testing and Validation: - Build successful - All 24 tests still passing - Linting errors resolved (0 errors, 4 warnings)
Contributor
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.Scanned FilesNone |
- Update test to expect third parameter (envData) in getDefensiveMode call - Fix Prettier formatting in docs/defensive-mode.md Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Prefix unused parameters with underscore to comply with no-unused-vars rule Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Remove redundant error message fallbacks that confused static analysis Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
- Remove redundant null checks (numbers can't be null in TypeScript) - Extract common status update logic to reduce duplication from 16.8% to <3% - Simplify enable/disable to use shared helper function Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This PR adds CLI commands for managing Defensive Mode (bot/DDoS protection) on VIP environments. Customers can now automate defensive mode operations via
vip-cliinstead of manually managing each environment through the Dashboard.Commands Added
vip @app.env defensive-mode enable- Enable bot/DDoS protectionvip @app.env defensive-mode disable- Disable protection (with confirmation)vip @app.env defensive-mode status- View current configurationImplementation Details
API Integration: Uses GraphQL API (not REST) via existing VIP-CLI patterns
app.environments.defensiveModefor statusupdateDefensiveModeStatusfor enable/disableSecurity Features:
--confirmflag for automation (non-interactive mode)Changelog Description
Added
vip defensive-mode enablecommand to enable bot and DDoS protection for an environmentvip defensive-mode disablecommand to disable bot and DDoS protection with confirmation promptvip defensive-mode statuscommand to view current Defensive Mode configuration and statePull Request Checklist
docs/defensive-mode.md)New Release Checklist
Steps to Test
Prerequisites
Test Enable Command
Check out PR and build:
Check initial status (should show current state):
Enable defensive mode:
./dist/bin/vip.js @your-app.production defensive-mode enableVerify:
Test Disable Command (Interactive)
Disable with confirmation prompt:
Verify:
Test cancellation:
Test Disable Command (Non-Interactive)
Re-enable first:
./dist/bin/vip.js @your-app.production defensive-mode enableDisable with --confirm flag:
Verify:
Test JSON Output
Enable with JSON output:
./dist/bin/vip.js @your-app.production defensive-mode enable --format=jsonVerify:
data.effectiveanddata.storedobjectsTest Status Display
Check status on WordPress site:
Check status on Node.js site (if available):
Test Error Handling
Test with insufficient permissions (if possible):
Test with invalid app:
Verify Tests
npm test -- --testPathPatterns=defensive-modeExpected: 24 tests passing