@chain305/x-security 0.2.2 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +19 -1
  2. package/bin/xsecurity.mjs +1685 -1685
  3. package/package.json +1 -1
package/README.md CHANGED
@@ -1,6 +1,24 @@
1
1
  # x-security CLI
2
2
 
3
- Compile, validate, test, and report on `x-security` policies in OpenAPI specs deterministic, no LLM calls, no API keys.
3
+ Your API gateway and WAF already ship most of the security you need auth, rate
4
+ limits, request validation, ownership/BOLA rules. Most teams run them on
5
+ defaults. `x-security` lets you write that policy **once**, as an extension of
6
+ the OpenAPI spec you already have, and compile it to whichever gateway you run.
7
+
8
+ - **No new DSL** — policy lives in your OpenAPI file, next to the route it protects.
9
+ - **No vendor lock-in** — one spec compiles to Kong, Coraza, BunkerWeb, OpenAppSec, Envoy, or a firewall bundle. Switch gateways without rewriting a line of policy.
10
+ - **No config drift** — the spec is the source of truth; it versions and diffs like code, and `validate` catches drift against a running gateway.
11
+
12
+ Deterministic. No LLM calls, no API keys.
13
+
14
+ ## Install
15
+
16
+ ```
17
+ npm i -g @chain305/x-security # installs the `xsecurity` command
18
+ xsecurity --help
19
+ ```
20
+
21
+ Or run it without installing:
4
22
 
5
23
  ```
6
24
  npx @chain305/x-security --help