@ceon-oy/monitor-sdk 1.0.3 → 1.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +44 -43
- package/dist/index.mjs +44 -50
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -286,12 +286,12 @@ var MonitorClient = class {
|
|
|
286
286
|
/**
|
|
287
287
|
* Fetch with timeout to prevent hanging requests
|
|
288
288
|
*/
|
|
289
|
-
async fetchWithTimeout(url,
|
|
289
|
+
async fetchWithTimeout(url, options2, timeoutMs = this.requestTimeoutMs) {
|
|
290
290
|
const controller = new AbortController();
|
|
291
291
|
const timeoutId = setTimeout(() => controller.abort(), timeoutMs);
|
|
292
292
|
try {
|
|
293
293
|
const response = await fetch(url, {
|
|
294
|
-
...
|
|
294
|
+
...options2,
|
|
295
295
|
signal: controller.signal
|
|
296
296
|
});
|
|
297
297
|
return response;
|
|
@@ -374,13 +374,13 @@ var MonitorClient = class {
|
|
|
374
374
|
try {
|
|
375
375
|
const fsModule = await import("fs");
|
|
376
376
|
const pathModule = await import("path");
|
|
377
|
-
const
|
|
378
|
-
const
|
|
377
|
+
const fs2 = fsModule.default || fsModule;
|
|
378
|
+
const path2 = pathModule.default || pathModule;
|
|
379
379
|
const baseDir = process.cwd();
|
|
380
|
-
const resolvedPath =
|
|
381
|
-
const normalizedPath =
|
|
382
|
-
const normalizedBase =
|
|
383
|
-
if (!
|
|
380
|
+
const resolvedPath = path2.isAbsolute(packagePath) ? packagePath : path2.join(baseDir, packagePath);
|
|
381
|
+
const normalizedPath = path2.normalize(resolvedPath);
|
|
382
|
+
const normalizedBase = path2.normalize(baseDir);
|
|
383
|
+
if (!path2.isAbsolute(packagePath)) {
|
|
384
384
|
if (!normalizedPath.startsWith(normalizedBase)) {
|
|
385
385
|
console.warn("[MonitorClient] Path traversal attempt blocked:", packagePath);
|
|
386
386
|
return [];
|
|
@@ -394,10 +394,10 @@ var MonitorClient = class {
|
|
|
394
394
|
console.warn("[MonitorClient] Path must point to package.json");
|
|
395
395
|
return [];
|
|
396
396
|
}
|
|
397
|
-
if (!
|
|
397
|
+
if (!fs2.existsSync(normalizedPath)) {
|
|
398
398
|
return [];
|
|
399
399
|
}
|
|
400
|
-
const packageJson = JSON.parse(
|
|
400
|
+
const packageJson = JSON.parse(fs2.readFileSync(normalizedPath, "utf-8"));
|
|
401
401
|
const technologies = [];
|
|
402
402
|
const deps = {
|
|
403
403
|
...packageJson.dependencies,
|
|
@@ -431,7 +431,7 @@ var MonitorClient = class {
|
|
|
431
431
|
async sendTechnologies(technologies) {
|
|
432
432
|
await this.sendTechnologiesWithEnvironment(technologies, this.environment);
|
|
433
433
|
}
|
|
434
|
-
async sendTechnologiesWithEnvironment(technologies,
|
|
434
|
+
async sendTechnologiesWithEnvironment(technologies, environment2) {
|
|
435
435
|
const response = await this.fetchWithTimeout(`${this.endpoint}/api/v1/technologies/sync`, {
|
|
436
436
|
method: "POST",
|
|
437
437
|
headers: {
|
|
@@ -439,7 +439,7 @@ var MonitorClient = class {
|
|
|
439
439
|
Authorization: `Bearer ${this.apiKey}`
|
|
440
440
|
},
|
|
441
441
|
body: JSON.stringify({
|
|
442
|
-
environment,
|
|
442
|
+
environment: environment2,
|
|
443
443
|
technologies
|
|
444
444
|
})
|
|
445
445
|
});
|
|
@@ -476,74 +476,74 @@ var MonitorClient = class {
|
|
|
476
476
|
/**
|
|
477
477
|
* Capture a login failure event (convenience method)
|
|
478
478
|
*/
|
|
479
|
-
async captureLoginFailure(
|
|
479
|
+
async captureLoginFailure(options2) {
|
|
480
480
|
return this.captureSecurityEvent({
|
|
481
|
-
eventType: `login_failed_${
|
|
481
|
+
eventType: `login_failed_${options2.authMethod || "other"}`,
|
|
482
482
|
category: "AUTHENTICATION",
|
|
483
483
|
severity: "MEDIUM",
|
|
484
|
-
ip:
|
|
485
|
-
identifier:
|
|
486
|
-
endpoint:
|
|
487
|
-
userAgent:
|
|
488
|
-
metadata: { reason:
|
|
484
|
+
ip: options2.ip,
|
|
485
|
+
identifier: options2.identifier,
|
|
486
|
+
endpoint: options2.endpoint,
|
|
487
|
+
userAgent: options2.userAgent,
|
|
488
|
+
metadata: { reason: options2.reason, authMethod: options2.authMethod }
|
|
489
489
|
});
|
|
490
490
|
}
|
|
491
491
|
/**
|
|
492
492
|
* Capture a successful login event
|
|
493
493
|
*/
|
|
494
|
-
async captureLoginSuccess(
|
|
494
|
+
async captureLoginSuccess(options2) {
|
|
495
495
|
await this.captureSecurityEvent({
|
|
496
|
-
eventType: `login_success_${
|
|
496
|
+
eventType: `login_success_${options2.authMethod || "other"}`,
|
|
497
497
|
category: "AUTHENTICATION",
|
|
498
498
|
severity: "LOW",
|
|
499
|
-
ip:
|
|
500
|
-
identifier:
|
|
501
|
-
endpoint:
|
|
502
|
-
userAgent:
|
|
503
|
-
metadata: { authMethod:
|
|
499
|
+
ip: options2.ip,
|
|
500
|
+
identifier: options2.identifier,
|
|
501
|
+
endpoint: options2.endpoint,
|
|
502
|
+
userAgent: options2.userAgent,
|
|
503
|
+
metadata: { authMethod: options2.authMethod }
|
|
504
504
|
});
|
|
505
505
|
}
|
|
506
506
|
/**
|
|
507
507
|
* Capture a rate limit event
|
|
508
508
|
*/
|
|
509
|
-
async captureRateLimit(
|
|
509
|
+
async captureRateLimit(options2) {
|
|
510
510
|
await this.captureSecurityEvent({
|
|
511
511
|
eventType: "rate_limit_exceeded",
|
|
512
512
|
category: "RATE_LIMIT",
|
|
513
513
|
severity: "MEDIUM",
|
|
514
|
-
ip:
|
|
515
|
-
identifier:
|
|
516
|
-
endpoint:
|
|
517
|
-
userAgent:
|
|
518
|
-
metadata: { limit:
|
|
514
|
+
ip: options2.ip,
|
|
515
|
+
identifier: options2.identifier,
|
|
516
|
+
endpoint: options2.endpoint,
|
|
517
|
+
userAgent: options2.userAgent,
|
|
518
|
+
metadata: { limit: options2.limit, window: options2.window }
|
|
519
519
|
});
|
|
520
520
|
}
|
|
521
521
|
/**
|
|
522
522
|
* Capture an authorization failure (user tried to access unauthorized resource)
|
|
523
523
|
*/
|
|
524
|
-
async captureAuthorizationFailure(
|
|
524
|
+
async captureAuthorizationFailure(options2) {
|
|
525
525
|
await this.captureSecurityEvent({
|
|
526
526
|
eventType: "authorization_denied",
|
|
527
527
|
category: "AUTHORIZATION",
|
|
528
528
|
severity: "MEDIUM",
|
|
529
|
-
ip:
|
|
530
|
-
identifier:
|
|
531
|
-
endpoint:
|
|
532
|
-
userAgent:
|
|
533
|
-
metadata: { resource:
|
|
529
|
+
ip: options2.ip,
|
|
530
|
+
identifier: options2.identifier,
|
|
531
|
+
endpoint: options2.endpoint,
|
|
532
|
+
userAgent: options2.userAgent,
|
|
533
|
+
metadata: { resource: options2.resource, action: options2.action }
|
|
534
534
|
});
|
|
535
535
|
}
|
|
536
536
|
/**
|
|
537
537
|
* Check if an IP or identifier has triggered brute force detection
|
|
538
538
|
*/
|
|
539
|
-
async checkBruteForce(
|
|
539
|
+
async checkBruteForce(options2) {
|
|
540
540
|
const response = await this.fetchWithTimeout(`${this.endpoint}/api/v1/security/detect/brute-force`, {
|
|
541
541
|
method: "POST",
|
|
542
542
|
headers: {
|
|
543
543
|
"Content-Type": "application/json",
|
|
544
544
|
Authorization: `Bearer ${this.apiKey}`
|
|
545
545
|
},
|
|
546
|
-
body: JSON.stringify(
|
|
546
|
+
body: JSON.stringify(options2)
|
|
547
547
|
});
|
|
548
548
|
if (!response.ok) {
|
|
549
549
|
const errorText = await response.text().catch(() => "");
|
|
@@ -569,9 +569,10 @@ var MonitorClient = class {
|
|
|
569
569
|
let path;
|
|
570
570
|
let fs;
|
|
571
571
|
try {
|
|
572
|
-
|
|
573
|
-
|
|
574
|
-
|
|
572
|
+
const _require = eval("require");
|
|
573
|
+
execSync = _require("child_process").execSync;
|
|
574
|
+
path = _require("path");
|
|
575
|
+
fs = _require("fs");
|
|
575
576
|
} catch {
|
|
576
577
|
console.warn("[MonitorClient] auditDependencies requires Node.js (not available in bundled/browser environments)");
|
|
577
578
|
return null;
|
package/dist/index.mjs
CHANGED
|
@@ -1,10 +1,3 @@
|
|
|
1
|
-
var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
|
|
2
|
-
get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
|
|
3
|
-
}) : x)(function(x) {
|
|
4
|
-
if (typeof require !== "undefined") return require.apply(this, arguments);
|
|
5
|
-
throw Error('Dynamic require of "' + x + '" is not supported');
|
|
6
|
-
});
|
|
7
|
-
|
|
8
1
|
// src/MonitorClient.ts
|
|
9
2
|
var MonitorClient = class {
|
|
10
3
|
constructor(config) {
|
|
@@ -257,12 +250,12 @@ var MonitorClient = class {
|
|
|
257
250
|
/**
|
|
258
251
|
* Fetch with timeout to prevent hanging requests
|
|
259
252
|
*/
|
|
260
|
-
async fetchWithTimeout(url,
|
|
253
|
+
async fetchWithTimeout(url, options2, timeoutMs = this.requestTimeoutMs) {
|
|
261
254
|
const controller = new AbortController();
|
|
262
255
|
const timeoutId = setTimeout(() => controller.abort(), timeoutMs);
|
|
263
256
|
try {
|
|
264
257
|
const response = await fetch(url, {
|
|
265
|
-
...
|
|
258
|
+
...options2,
|
|
266
259
|
signal: controller.signal
|
|
267
260
|
});
|
|
268
261
|
return response;
|
|
@@ -345,13 +338,13 @@ var MonitorClient = class {
|
|
|
345
338
|
try {
|
|
346
339
|
const fsModule = await import("fs");
|
|
347
340
|
const pathModule = await import("path");
|
|
348
|
-
const
|
|
349
|
-
const
|
|
341
|
+
const fs2 = fsModule.default || fsModule;
|
|
342
|
+
const path2 = pathModule.default || pathModule;
|
|
350
343
|
const baseDir = process.cwd();
|
|
351
|
-
const resolvedPath =
|
|
352
|
-
const normalizedPath =
|
|
353
|
-
const normalizedBase =
|
|
354
|
-
if (!
|
|
344
|
+
const resolvedPath = path2.isAbsolute(packagePath) ? packagePath : path2.join(baseDir, packagePath);
|
|
345
|
+
const normalizedPath = path2.normalize(resolvedPath);
|
|
346
|
+
const normalizedBase = path2.normalize(baseDir);
|
|
347
|
+
if (!path2.isAbsolute(packagePath)) {
|
|
355
348
|
if (!normalizedPath.startsWith(normalizedBase)) {
|
|
356
349
|
console.warn("[MonitorClient] Path traversal attempt blocked:", packagePath);
|
|
357
350
|
return [];
|
|
@@ -365,10 +358,10 @@ var MonitorClient = class {
|
|
|
365
358
|
console.warn("[MonitorClient] Path must point to package.json");
|
|
366
359
|
return [];
|
|
367
360
|
}
|
|
368
|
-
if (!
|
|
361
|
+
if (!fs2.existsSync(normalizedPath)) {
|
|
369
362
|
return [];
|
|
370
363
|
}
|
|
371
|
-
const packageJson = JSON.parse(
|
|
364
|
+
const packageJson = JSON.parse(fs2.readFileSync(normalizedPath, "utf-8"));
|
|
372
365
|
const technologies = [];
|
|
373
366
|
const deps = {
|
|
374
367
|
...packageJson.dependencies,
|
|
@@ -402,7 +395,7 @@ var MonitorClient = class {
|
|
|
402
395
|
async sendTechnologies(technologies) {
|
|
403
396
|
await this.sendTechnologiesWithEnvironment(technologies, this.environment);
|
|
404
397
|
}
|
|
405
|
-
async sendTechnologiesWithEnvironment(technologies,
|
|
398
|
+
async sendTechnologiesWithEnvironment(technologies, environment2) {
|
|
406
399
|
const response = await this.fetchWithTimeout(`${this.endpoint}/api/v1/technologies/sync`, {
|
|
407
400
|
method: "POST",
|
|
408
401
|
headers: {
|
|
@@ -410,7 +403,7 @@ var MonitorClient = class {
|
|
|
410
403
|
Authorization: `Bearer ${this.apiKey}`
|
|
411
404
|
},
|
|
412
405
|
body: JSON.stringify({
|
|
413
|
-
environment,
|
|
406
|
+
environment: environment2,
|
|
414
407
|
technologies
|
|
415
408
|
})
|
|
416
409
|
});
|
|
@@ -447,74 +440,74 @@ var MonitorClient = class {
|
|
|
447
440
|
/**
|
|
448
441
|
* Capture a login failure event (convenience method)
|
|
449
442
|
*/
|
|
450
|
-
async captureLoginFailure(
|
|
443
|
+
async captureLoginFailure(options2) {
|
|
451
444
|
return this.captureSecurityEvent({
|
|
452
|
-
eventType: `login_failed_${
|
|
445
|
+
eventType: `login_failed_${options2.authMethod || "other"}`,
|
|
453
446
|
category: "AUTHENTICATION",
|
|
454
447
|
severity: "MEDIUM",
|
|
455
|
-
ip:
|
|
456
|
-
identifier:
|
|
457
|
-
endpoint:
|
|
458
|
-
userAgent:
|
|
459
|
-
metadata: { reason:
|
|
448
|
+
ip: options2.ip,
|
|
449
|
+
identifier: options2.identifier,
|
|
450
|
+
endpoint: options2.endpoint,
|
|
451
|
+
userAgent: options2.userAgent,
|
|
452
|
+
metadata: { reason: options2.reason, authMethod: options2.authMethod }
|
|
460
453
|
});
|
|
461
454
|
}
|
|
462
455
|
/**
|
|
463
456
|
* Capture a successful login event
|
|
464
457
|
*/
|
|
465
|
-
async captureLoginSuccess(
|
|
458
|
+
async captureLoginSuccess(options2) {
|
|
466
459
|
await this.captureSecurityEvent({
|
|
467
|
-
eventType: `login_success_${
|
|
460
|
+
eventType: `login_success_${options2.authMethod || "other"}`,
|
|
468
461
|
category: "AUTHENTICATION",
|
|
469
462
|
severity: "LOW",
|
|
470
|
-
ip:
|
|
471
|
-
identifier:
|
|
472
|
-
endpoint:
|
|
473
|
-
userAgent:
|
|
474
|
-
metadata: { authMethod:
|
|
463
|
+
ip: options2.ip,
|
|
464
|
+
identifier: options2.identifier,
|
|
465
|
+
endpoint: options2.endpoint,
|
|
466
|
+
userAgent: options2.userAgent,
|
|
467
|
+
metadata: { authMethod: options2.authMethod }
|
|
475
468
|
});
|
|
476
469
|
}
|
|
477
470
|
/**
|
|
478
471
|
* Capture a rate limit event
|
|
479
472
|
*/
|
|
480
|
-
async captureRateLimit(
|
|
473
|
+
async captureRateLimit(options2) {
|
|
481
474
|
await this.captureSecurityEvent({
|
|
482
475
|
eventType: "rate_limit_exceeded",
|
|
483
476
|
category: "RATE_LIMIT",
|
|
484
477
|
severity: "MEDIUM",
|
|
485
|
-
ip:
|
|
486
|
-
identifier:
|
|
487
|
-
endpoint:
|
|
488
|
-
userAgent:
|
|
489
|
-
metadata: { limit:
|
|
478
|
+
ip: options2.ip,
|
|
479
|
+
identifier: options2.identifier,
|
|
480
|
+
endpoint: options2.endpoint,
|
|
481
|
+
userAgent: options2.userAgent,
|
|
482
|
+
metadata: { limit: options2.limit, window: options2.window }
|
|
490
483
|
});
|
|
491
484
|
}
|
|
492
485
|
/**
|
|
493
486
|
* Capture an authorization failure (user tried to access unauthorized resource)
|
|
494
487
|
*/
|
|
495
|
-
async captureAuthorizationFailure(
|
|
488
|
+
async captureAuthorizationFailure(options2) {
|
|
496
489
|
await this.captureSecurityEvent({
|
|
497
490
|
eventType: "authorization_denied",
|
|
498
491
|
category: "AUTHORIZATION",
|
|
499
492
|
severity: "MEDIUM",
|
|
500
|
-
ip:
|
|
501
|
-
identifier:
|
|
502
|
-
endpoint:
|
|
503
|
-
userAgent:
|
|
504
|
-
metadata: { resource:
|
|
493
|
+
ip: options2.ip,
|
|
494
|
+
identifier: options2.identifier,
|
|
495
|
+
endpoint: options2.endpoint,
|
|
496
|
+
userAgent: options2.userAgent,
|
|
497
|
+
metadata: { resource: options2.resource, action: options2.action }
|
|
505
498
|
});
|
|
506
499
|
}
|
|
507
500
|
/**
|
|
508
501
|
* Check if an IP or identifier has triggered brute force detection
|
|
509
502
|
*/
|
|
510
|
-
async checkBruteForce(
|
|
503
|
+
async checkBruteForce(options2) {
|
|
511
504
|
const response = await this.fetchWithTimeout(`${this.endpoint}/api/v1/security/detect/brute-force`, {
|
|
512
505
|
method: "POST",
|
|
513
506
|
headers: {
|
|
514
507
|
"Content-Type": "application/json",
|
|
515
508
|
Authorization: `Bearer ${this.apiKey}`
|
|
516
509
|
},
|
|
517
|
-
body: JSON.stringify(
|
|
510
|
+
body: JSON.stringify(options2)
|
|
518
511
|
});
|
|
519
512
|
if (!response.ok) {
|
|
520
513
|
const errorText = await response.text().catch(() => "");
|
|
@@ -540,9 +533,10 @@ var MonitorClient = class {
|
|
|
540
533
|
let path;
|
|
541
534
|
let fs;
|
|
542
535
|
try {
|
|
543
|
-
|
|
544
|
-
|
|
545
|
-
|
|
536
|
+
const _require = eval("require");
|
|
537
|
+
execSync = _require("child_process").execSync;
|
|
538
|
+
path = _require("path");
|
|
539
|
+
fs = _require("fs");
|
|
546
540
|
} catch {
|
|
547
541
|
console.warn("[MonitorClient] auditDependencies requires Node.js (not available in bundled/browser environments)");
|
|
548
542
|
return null;
|
package/package.json
CHANGED