@blamejs/exceptd-skills 0.15.45 → 0.15.46
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -0
- package/CONTEXT.md +1 -1
- package/bin/exceptd.js +59 -111
- package/data/_indexes/_meta.json +2 -2
- package/lib/flag-suggest.js +5 -9
- package/lib/lint-skills.js +18 -19
- package/lib/playbook-runner.js +11 -3
- package/lib/validate-catalog-meta.js +6 -5
- package/lib/validate-cve-catalog.js +8 -8
- package/lib/validate-playbooks.js +14 -14
- package/manifest.json +44 -44
- package/orchestrator/index.js +5 -1
- package/orchestrator/scanner.js +1 -1
- package/package.json +1 -1
- package/sbom.cdx.json +34 -34
- package/scripts/check-test-count.js +11 -4
package/sbom.cdx.json
CHANGED
|
@@ -1,22 +1,22 @@
|
|
|
1
1
|
{
|
|
2
2
|
"bomFormat": "CycloneDX",
|
|
3
3
|
"specVersion": "1.6",
|
|
4
|
-
"serialNumber": "urn:uuid:
|
|
4
|
+
"serialNumber": "urn:uuid:887e056b-6ac3-4123-9b51-d1d0d75be945",
|
|
5
5
|
"version": 1,
|
|
6
6
|
"metadata": {
|
|
7
|
-
"timestamp": "
|
|
7
|
+
"timestamp": "2098-07-26T04:04:59.000Z",
|
|
8
8
|
"tools": [
|
|
9
9
|
{
|
|
10
10
|
"vendor": "blamejs",
|
|
11
11
|
"name": "scripts/refresh-sbom.js",
|
|
12
|
-
"version": "0.15.
|
|
12
|
+
"version": "0.15.46"
|
|
13
13
|
}
|
|
14
14
|
],
|
|
15
15
|
"component": {
|
|
16
|
-
"bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.15.
|
|
16
|
+
"bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.15.46",
|
|
17
17
|
"type": "application",
|
|
18
18
|
"name": "@blamejs/exceptd-skills",
|
|
19
|
-
"version": "0.15.
|
|
19
|
+
"version": "0.15.46",
|
|
20
20
|
"description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 42 skills, 11 catalogs (427 CVEs / 173 CWEs / 805 ATT&CK + ICS / 170 ATLAS / 468 D3FEND / 8888 RFCs), 35 jurisdictions, 10-class catalog gap detector + budget gate, real XML parser + canonical-form diff + content-pattern regression detection, Ed25519-signed.",
|
|
21
21
|
"licenses": [
|
|
22
22
|
{
|
|
@@ -25,17 +25,17 @@
|
|
|
25
25
|
}
|
|
26
26
|
}
|
|
27
27
|
],
|
|
28
|
-
"purl": "pkg:npm/%40blamejs/exceptd-skills@0.15.
|
|
28
|
+
"purl": "pkg:npm/%40blamejs/exceptd-skills@0.15.46",
|
|
29
29
|
"hashes": [
|
|
30
30
|
{
|
|
31
31
|
"alg": "SHA-256",
|
|
32
|
-
"content": "
|
|
32
|
+
"content": "906dd3f415bfd8f2f6cef4d06c5735545ef6885584c2898336e54f6946a50798"
|
|
33
33
|
}
|
|
34
34
|
],
|
|
35
35
|
"externalReferences": [
|
|
36
36
|
{
|
|
37
37
|
"type": "distribution",
|
|
38
|
-
"url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.15.
|
|
38
|
+
"url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.15.46"
|
|
39
39
|
},
|
|
40
40
|
{
|
|
41
41
|
"type": "vcs",
|
|
@@ -116,11 +116,11 @@
|
|
|
116
116
|
"hashes": [
|
|
117
117
|
{
|
|
118
118
|
"alg": "SHA-256",
|
|
119
|
-
"content": "
|
|
119
|
+
"content": "f8b32c1247f8c166d245184a92614ae2c289696db6b83134fde8ebf2ac7d23df"
|
|
120
120
|
},
|
|
121
121
|
{
|
|
122
122
|
"alg": "SHA3-512",
|
|
123
|
-
"content": "
|
|
123
|
+
"content": "864998a54fe27eff54a6479485b70f18850ebff112547ba531474b66e4d573677fb5b1b79d4b911bf9c2bf143600bb4d41f01dccdda1ab6d3a498bdedff38a14"
|
|
124
124
|
}
|
|
125
125
|
]
|
|
126
126
|
},
|
|
@@ -131,11 +131,11 @@
|
|
|
131
131
|
"hashes": [
|
|
132
132
|
{
|
|
133
133
|
"alg": "SHA-256",
|
|
134
|
-
"content": "
|
|
134
|
+
"content": "2ac160a3a720881eb86cc3e26f2caa76ee96058ccc7a046c263c2efa8156c117"
|
|
135
135
|
},
|
|
136
136
|
{
|
|
137
137
|
"alg": "SHA3-512",
|
|
138
|
-
"content": "
|
|
138
|
+
"content": "c86fa7ad3f8b5166374ed37b4c4ee97a842fa137d0cba9b21e064380a8dc33480e6384737f8e3b530aa5a85ccd4dbbb40f07924743e43bc520037a46694eb3d3"
|
|
139
139
|
}
|
|
140
140
|
]
|
|
141
141
|
},
|
|
@@ -281,11 +281,11 @@
|
|
|
281
281
|
"hashes": [
|
|
282
282
|
{
|
|
283
283
|
"alg": "SHA-256",
|
|
284
|
-
"content": "
|
|
284
|
+
"content": "04da95ad0aae43df6869d40d08640e893669e5342b930df55a3b7fad5fd9265c"
|
|
285
285
|
},
|
|
286
286
|
{
|
|
287
287
|
"alg": "SHA3-512",
|
|
288
|
-
"content": "
|
|
288
|
+
"content": "7eeb691122f0f5f83b9fe4434e6329226a1a8ab56579c4d79ef122436920cfe8682c68d89903f76093e84b970c1ea8cabde7518c3e3c889c269150e6025531fb"
|
|
289
289
|
}
|
|
290
290
|
]
|
|
291
291
|
},
|
|
@@ -1226,11 +1226,11 @@
|
|
|
1226
1226
|
"hashes": [
|
|
1227
1227
|
{
|
|
1228
1228
|
"alg": "SHA-256",
|
|
1229
|
-
"content": "
|
|
1229
|
+
"content": "5286c1a929e1cd8f3bf9909df7c3516c6de6752094a8767307c60a0fca29be33"
|
|
1230
1230
|
},
|
|
1231
1231
|
{
|
|
1232
1232
|
"alg": "SHA3-512",
|
|
1233
|
-
"content": "
|
|
1233
|
+
"content": "81913d711b92f2a942441078359e2311e714a9bbb6c865532f237e29ab50e1d7836f3b8757038ad259ca74075fa650b2d6a2920dcf0dc715a55fe380f1f5b1e6"
|
|
1234
1234
|
}
|
|
1235
1235
|
]
|
|
1236
1236
|
},
|
|
@@ -1301,11 +1301,11 @@
|
|
|
1301
1301
|
"hashes": [
|
|
1302
1302
|
{
|
|
1303
1303
|
"alg": "SHA-256",
|
|
1304
|
-
"content": "
|
|
1304
|
+
"content": "36ea50afc8d8141ae994a989d82e873028261c66a79a31f857f98481ffb241bf"
|
|
1305
1305
|
},
|
|
1306
1306
|
{
|
|
1307
1307
|
"alg": "SHA3-512",
|
|
1308
|
-
"content": "
|
|
1308
|
+
"content": "aaec7c047f0d271822967f1758ca3aeb7e65bc7c1a24e18b572856fb7a285048357f1aa1efa516e95489a94ce5af19a04856a13f7c8dab0db78a74a53c4a836f"
|
|
1309
1309
|
}
|
|
1310
1310
|
]
|
|
1311
1311
|
},
|
|
@@ -1316,11 +1316,11 @@
|
|
|
1316
1316
|
"hashes": [
|
|
1317
1317
|
{
|
|
1318
1318
|
"alg": "SHA-256",
|
|
1319
|
-
"content": "
|
|
1319
|
+
"content": "f70dc1e6b2a5c138a03c75d062851dd6e725142696f73c9600cc92a4ebad0035"
|
|
1320
1320
|
},
|
|
1321
1321
|
{
|
|
1322
1322
|
"alg": "SHA3-512",
|
|
1323
|
-
"content": "
|
|
1323
|
+
"content": "a151fc6d212218c0672c105c4063b5ec243cc2bf9eb27d6528012279a7bdac142d0d8598cd9df2ced0a16c1e2bbe10a40fd97550fa73ad31af521cf22ae8ec63"
|
|
1324
1324
|
}
|
|
1325
1325
|
]
|
|
1326
1326
|
},
|
|
@@ -1571,11 +1571,11 @@
|
|
|
1571
1571
|
"hashes": [
|
|
1572
1572
|
{
|
|
1573
1573
|
"alg": "SHA-256",
|
|
1574
|
-
"content": "
|
|
1574
|
+
"content": "a94cd7378c1f7be400c8d62cf40037bd20a7ceed47f8aa94a230faceb24dbc86"
|
|
1575
1575
|
},
|
|
1576
1576
|
{
|
|
1577
1577
|
"alg": "SHA3-512",
|
|
1578
|
-
"content": "
|
|
1578
|
+
"content": "0dfd3a618f89705b57bdf632a9c3d1c5d7e8386f18cb9b5fdb6e905def8f441095c8ff2cfe1061a900e1db4e971b7985ff2df5bd3eb9bed4a4d69d2346a1058c"
|
|
1579
1579
|
}
|
|
1580
1580
|
]
|
|
1581
1581
|
},
|
|
@@ -1586,11 +1586,11 @@
|
|
|
1586
1586
|
"hashes": [
|
|
1587
1587
|
{
|
|
1588
1588
|
"alg": "SHA-256",
|
|
1589
|
-
"content": "
|
|
1589
|
+
"content": "da4a2d83d2b91e018b95c91076ca2af960a575fe25c50fbedc06b376f60d4d0f"
|
|
1590
1590
|
},
|
|
1591
1591
|
{
|
|
1592
1592
|
"alg": "SHA3-512",
|
|
1593
|
-
"content": "
|
|
1593
|
+
"content": "70efdfefa759f40fb50494524c37167c05a0e6f07521080f167837bdb0b55b1cc3eb35ce16cdc33ff1f019aa8e81eebb1eab62a08c28542cdafff7f8f0d0739a"
|
|
1594
1594
|
}
|
|
1595
1595
|
]
|
|
1596
1596
|
},
|
|
@@ -1631,11 +1631,11 @@
|
|
|
1631
1631
|
"hashes": [
|
|
1632
1632
|
{
|
|
1633
1633
|
"alg": "SHA-256",
|
|
1634
|
-
"content": "
|
|
1634
|
+
"content": "4c5869064e22ac74b1e5cc7214bf8ef09a53326a4657b8c9b62be7d6ce98d4a0"
|
|
1635
1635
|
},
|
|
1636
1636
|
{
|
|
1637
1637
|
"alg": "SHA3-512",
|
|
1638
|
-
"content": "
|
|
1638
|
+
"content": "6f5205ec7297ae100a1ec6528ca47ad6c825b0ab9d794c5b416582f98b20c5846145f6002d5457028e2cc02d07306800209ff2eff2d49a0e235fce40c4c0fe2f"
|
|
1639
1639
|
}
|
|
1640
1640
|
]
|
|
1641
1641
|
},
|
|
@@ -1751,11 +1751,11 @@
|
|
|
1751
1751
|
"hashes": [
|
|
1752
1752
|
{
|
|
1753
1753
|
"alg": "SHA-256",
|
|
1754
|
-
"content": "
|
|
1754
|
+
"content": "cfe4088da8f1fdddb4218f88bbadce04004046ad7105c5e16cc58fdf1aa958b8"
|
|
1755
1755
|
},
|
|
1756
1756
|
{
|
|
1757
1757
|
"alg": "SHA3-512",
|
|
1758
|
-
"content": "
|
|
1758
|
+
"content": "1fcf44033f7dff0ec9bb7acfdeac9e72f36ce7da5390a6d28038abd634acb9312b0cc0b3114ea5df67e58f116389432036784d8d922a55ae7eb1b22c80423bc7"
|
|
1759
1759
|
}
|
|
1760
1760
|
]
|
|
1761
1761
|
},
|
|
@@ -1811,11 +1811,11 @@
|
|
|
1811
1811
|
"hashes": [
|
|
1812
1812
|
{
|
|
1813
1813
|
"alg": "SHA-256",
|
|
1814
|
-
"content": "
|
|
1814
|
+
"content": "e17ffb803ef3f80afe2be092331ab23095076b0cb9c14d39eae85af20739d93d"
|
|
1815
1815
|
},
|
|
1816
1816
|
{
|
|
1817
1817
|
"alg": "SHA3-512",
|
|
1818
|
-
"content": "
|
|
1818
|
+
"content": "39d5373a2e579971dd171b131d42c2b345ab293af86ceb16ba16d350cf28f095e5c4aca6c6aa3055af4508d5b351786651524bbac9d5bf3b8b6d1b34fffc2515"
|
|
1819
1819
|
}
|
|
1820
1820
|
]
|
|
1821
1821
|
},
|
|
@@ -1841,11 +1841,11 @@
|
|
|
1841
1841
|
"hashes": [
|
|
1842
1842
|
{
|
|
1843
1843
|
"alg": "SHA-256",
|
|
1844
|
-
"content": "
|
|
1844
|
+
"content": "96f7c1b43cdaaa7c96faeb33fec29b9a2e7d1a677c9979ec60de6b53942afdc0"
|
|
1845
1845
|
},
|
|
1846
1846
|
{
|
|
1847
1847
|
"alg": "SHA3-512",
|
|
1848
|
-
"content": "
|
|
1848
|
+
"content": "6fbb01ee40ce8a9f5988118491d7c4b219ecbc5ab6b77240b040070042a20a9ea478b81d31397382c1c364edc16454cccafa164180db8ae1da5e35be4a5cff40"
|
|
1849
1849
|
}
|
|
1850
1850
|
]
|
|
1851
1851
|
},
|
|
@@ -2216,11 +2216,11 @@
|
|
|
2216
2216
|
"hashes": [
|
|
2217
2217
|
{
|
|
2218
2218
|
"alg": "SHA-256",
|
|
2219
|
-
"content": "
|
|
2219
|
+
"content": "8748d74589b7cad24ca8fb7cdb8a425b16830ac1709c08e0294bb65bea218cc6"
|
|
2220
2220
|
},
|
|
2221
2221
|
{
|
|
2222
2222
|
"alg": "SHA3-512",
|
|
2223
|
-
"content": "
|
|
2223
|
+
"content": "aa40992693b3a2c4d901801729858c97ec877ff249d50569cf470a2050a60ea36651456dc9b2797ca930c3faff69fb5fd1d4f28a2296bc485741287f7a804272"
|
|
2224
2224
|
}
|
|
2225
2225
|
]
|
|
2226
2226
|
},
|
|
@@ -5,10 +5,17 @@
|
|
|
5
5
|
* scripts/check-test-count.js — v0.13.2 canonical-test-count predeploy gate.
|
|
6
6
|
*
|
|
7
7
|
* Why this exists. The v0.12 audit flagged that nothing in the suite asserts
|
|
8
|
-
* "we expect N tests today." A test file
|
|
9
|
-
*
|
|
10
|
-
*
|
|
11
|
-
*
|
|
8
|
+
* "we expect N tests today." A deleted test file, a removed `test(` call, or a
|
|
9
|
+
* misnamed file glob-excluded would all silently drop tests without anyone
|
|
10
|
+
* noticing. The lint + diff-coverage gates catch source changes; this gate
|
|
11
|
+
* catches test-set shrinkage.
|
|
12
|
+
*
|
|
13
|
+
* Scope + blind spot. This counts test DECLARATIONS, so it detects deleted
|
|
14
|
+
* files / removed `test(` calls / glob-exclusions. It does NOT detect a test
|
|
15
|
+
* neutered in place: `test('name', { skip: true }, fn)` and `test.skip(` both
|
|
16
|
+
* still count as one declaration, so flipping a running test to permanently
|
|
17
|
+
* skipped leaves the count unchanged. Guarding against skip-in-place would
|
|
18
|
+
* need runnable-vs-skipped tracking; that is out of scope for this gate.
|
|
12
19
|
*
|
|
13
20
|
* Mechanism: count `test(`, `test.only(`, and `test.skip(` declarations
|
|
14
21
|
* across `tests/*.test.js` via static analysis (faster than running). Compare
|