@chainpatrol/cli 0.1.0

package/dist/completions-EGQIARFC.js

@@ -0,0 +1,12 @@
+import {
+  getCompletionScript,
+  installCompletions,
+  printCompletions,
+  uninstallCompletions
+} from "./chunk-IUZB3DQW.js";
+export {
+  getCompletionScript,
+  installCompletions,
+  printCompletions,
+  uninstallCompletions
+};

package/dist/config-Z3TASRME.js

@@ -0,0 +1,10 @@
+import {
+  getConfig,
+  getConfigDir,
+  saveConfig
+} from "./chunk-U73SABXK.js";
+export {
+  getConfig,
+  getConfigDir,
+  saveConfig
+};

package/dist/configs-update-BK2S6AZ6.js

@@ -0,0 +1,101 @@
+import {
+  CliExitError,
+  ExitCode
+} from "./chunk-E2LAMILJ.js";
+import {
+  printOutput
+} from "./chunk-VFT3TD3E.js";
+import {
+  createApiClient
+} from "./chunk-H7UKKLCV.js";
+import "./chunk-EEG7T6WT.js";
+import "./chunk-U73SABXK.js";
+
+// src/commands/detections/configs-update.ts
+async function runDetectionsConfigsUpdate(options) {
+  if (options.enable && options.disable) {
+    throw new CliExitError("Use either --enable or --disable, not both.", ExitCode.USAGE);
+  }
+  const status = options.enable ? "ENABLED" : options.disable ? "DISABLED" : void 0;
+  const outputFormat = options.outputFormat ?? (options.json ? "json" : "human");
+  const payload = {
+    slug: options.org,
+    configId: options.configId,
+    status,
+    title: options.title,
+    description: options.description,
+    cron: options.cron,
+    config: options.configPatch,
+    mergeConfig: options.mergeConfig ?? true
+  };
+  if (options.dryRun) {
+    printOutput({
+      outputFormat,
+      json: {
+        dryRun: true,
+        mutation: "detection.configs.update",
+        payload,
+        explanation: options.explain ? "This command updates status/metadata/config values on a detection config." : void 0
+      },
+      markdown: [
+        "# Dry Run: Detection Config Update",
+        "",
+        `- Org: ${payload.slug}`,
+        `- Config ID: ${payload.configId}`,
+        `- Status update: ${payload.status ?? "none"}`
+      ].join("\n"),
+      human: () => {
+        console.log("Dry run only. No config changes were saved.");
+        console.log(
+          `Would update config ${payload.configId} for org=${payload.slug}${payload.status ? ` status=${payload.status}` : ""}`
+        );
+      }
+    });
+    return;
+  }
+  const client = options.apiClient ?? createApiClient();
+  const result = await client.updateDetectionConfig(payload);
+  printOutput({
+    outputFormat,
+    json: {
+      ...result,
+      explanation: options.explain ? "Applied mutation to update detection config metadata and/or configuration payload." : void 0
+    },
+    markdown: [
+      `# Detection Config Updated (${options.org})`,
+      "",
+      `- Config: ${result.config.id}`,
+      `- Source: ${result.config.source}`,
+      `- Status: ${result.config.status}`,
+      `- Updated at: ${result.config.updatedAt}`
+    ].join("\n"),
+    human: () => {
+      console.log(
+        `Updated config ${result.config.id} [${result.config.source}] status=${result.config.status}`
+      );
+      if (result.config.title) {
+        console.log(`Title: ${result.config.title}`);
+      }
+      if (result.config.cron) {
+        console.log(`Cron: ${result.config.cron}`);
+      }
+      if (Object.keys(result.config.config).length > 0) {
+        console.log(`Config keys: ${Object.keys(result.config.config).join(", ")}`);
+      }
+      if (options.explain) {
+        console.log(
+          `Changed fields: ${[
+            status ? "status" : null,
+            options.title !== void 0 ? "title" : null,
+            options.description !== void 0 ? "description" : null,
+            options.cron !== void 0 ? "cron" : null,
+            options.configPatch ? "config" : null
+          ].filter(Boolean).join(", ") || "none"}`
+        );
+      }
+    }
+  });
+}
+export {
+  runDetectionsConfigsUpdate
+};

package/dist/create-4SQUBQI7.js

@@ -0,0 +1,128 @@
+import {
+  CliExitError,
+  ExitCode
+} from "./chunk-E2LAMILJ.js";
+import {
+  printOutput,
+  toCsvRows
+} from "./chunk-VFT3TD3E.js";
+import {
+  createApiClient
+} from "./chunk-H7UKKLCV.js";
+import "./chunk-EEG7T6WT.js";
+import "./chunk-U73SABXK.js";
+
+// src/commands/reports/create.ts
+import { readFileSync } from "fs";
+function parseAssetStatus(value) {
+  const normalized = value.trim().toUpperCase();
+  if (normalized === "BLOCKED" || normalized === "ALLOWED" || normalized === "UNKNOWN") {
+    return normalized;
+  }
+  throw new Error(`Invalid asset status '${value}'. Use BLOCKED, ALLOWED, or UNKNOWN.`);
+}
+var ASSET_STATUS_SUFFIX = /:(BLOCKED|ALLOWED|UNKNOWN)$/i;
+function parseAssetValue(value) {
+  const trimmed = value.trim();
+  const match = trimmed.match(ASSET_STATUS_SUFFIX);
+  if (!match) {
+    return { content: trimmed, status: "BLOCKED" };
+  }
+  const content = trimmed.slice(0, match.index).trim();
+  if (!content) {
+    throw new Error(`Invalid --asset value '${value}'.`);
+  }
+  return { content, status: parseAssetStatus(match[1]) };
+}
+function readPayloadFile(payloadFile) {
+  const content = readFileSync(payloadFile, "utf-8");
+  const parsed = JSON.parse(content);
+  return parsed;
+}
+async function runReportsCreate(options) {
+  const filePayload = options.payloadFile ? readPayloadFile(options.payloadFile) : void 0;
+  const cliAssets = options.assets?.map(parseAssetValue) ?? [];
+  const payload = {
+    ...filePayload ?? {},
+    organizationSlug: options.org ?? filePayload?.organizationSlug,
+    title: options.title ?? filePayload?.title,
+    description: options.description ?? filePayload?.description,
+    contactInfo: options.contactInfo ?? filePayload?.contactInfo,
+    attachmentUrls: options.attachmentUrls ?? filePayload?.attachmentUrls,
+    externalSubmissionLink: options.externalSubmissionLink ?? filePayload?.externalSubmissionLink,
+    userAgent: options.userAgent ?? filePayload?.userAgent,
+    referrer: options.referrer ?? filePayload?.referrer,
+    assets: cliAssets.length > 0 ? cliAssets : filePayload?.assets ?? [],
+    rawAssetsInput: filePayload?.rawAssetsInput,
+    externalReporter: filePayload?.externalReporter
+  };
+  if (!payload.assets || payload.assets.length === 0) {
+    throw new CliExitError(
+      "At least one asset is required. Use --asset content[:status] or provide assets in --payload-file.",
+      ExitCode.USAGE
+    );
+  }
+  const outputFormat = options.outputFormat ?? (options.json ? "json" : "human");
+  if (options.dryRun) {
+    printOutput({
+      outputFormat,
+      json: {
+        dryRun: true,
+        mutation: "reports.create",
+        payload,
+        explanation: options.explain ? "This command creates a report and proposal assets for triage." : void 0
+      },
+      markdown: [
+        "# Dry Run: Report Create",
+        "",
+        `- Org: ${payload.organizationSlug ?? "from token context"}`,
+        `- Title: ${payload.title ?? "(none)"}`,
+        `- Assets: ${payload.assets.length}`
+      ].join("\n"),
+      csv: toCsvRows(
+        payload.assets.map((asset) => ({
+          content: asset.content,
+          status: asset.status ?? "BLOCKED"
+        }))
+      ),
+      human: () => {
+        console.log("Dry run only. No report was created.");
+        console.log(
+          `Would create report for org=${payload.organizationSlug ?? "default"} with ${payload.assets.length} asset(s).`
+        );
+      }
+    });
+    return;
+  }
+  const client = options.apiClient ?? createApiClient();
+  const result = await client.createReport(payload);
+  printOutput({
+    outputFormat,
+    json: {
+      ...result,
+      explanation: options.explain ? "Report creation succeeds after payload validation and report service processing." : void 0
+    },
+    markdown: [
+      "# Report Created",
+      "",
+      `- Report ID: ${result.id}`,
+      `- Organization: ${result.organization?.slug ?? "unknown"}`,
+      `- Created at: ${result.createdAt}`
+    ].join("\n"),
+    human: () => {
+      console.log(`Created report ${result.id}`);
+      if (result.organization) {
+        console.log(`Organization: ${result.organization.slug}`);
+      }
+      console.log(`Created at: ${result.createdAt}`);
+      if (options.explain) {
+        console.log(
+          `Submitted ${payload.assets.length} asset(s) for report triage and classification.`
+        );
+      }
+    }
+  });
+}
+export {
+  runReportsCreate
+};

package/dist/drift-VRZKQC4P.js

@@ -0,0 +1,80 @@
+import {
+  CliExitError,
+  ExitCode
+} from "./chunk-E2LAMILJ.js";
+import {
+  printOutput,
+  toCsvRows
+} from "./chunk-VFT3TD3E.js";
+import {
+  createApiClient
+} from "./chunk-H7UKKLCV.js";
+import "./chunk-EEG7T6WT.js";
+import "./chunk-U73SABXK.js";
+
+// src/commands/detections/drift.ts
+async function runDetectionsDrift(options) {
+  const client = options.apiClient ?? createApiClient();
+  const outputFormat = options.outputFormat ?? (options.json ? "json" : "human");
+  const result = await client.getDetectionDrift({
+    slug: options.org,
+    source: options.source,
+    configIds: options.configId ? [options.configId] : void 0,
+    includeDisabled: options.includeDisabled ?? false,
+    lookbackHours: options.lookbackHours
+  });
+  printOutput({
+    outputFormat,
+    json: {
+      ...result,
+      explanation: options.explain ? {
+        signalTypes: ["zero_results_too_long", "noisy_source", "stale_query"],
+        failureCondition: "summary.signalCount > 0"
+      } : void 0
+    },
+    markdown: [
+      `# Detection Drift (${options.org})`,
+      "",
+      `- Checked configs: ${result.summary.checkedConfigs}`,
+      `- Signals: ${result.summary.signalCount}`,
+      `- Zero results too long: ${result.summary.zeroResultsCount}`,
+      `- Noisy source: ${result.summary.noisyCount}`,
+      `- Stale query: ${result.summary.staleCount}`,
+      "",
+      ...result.signals.map(
+        (signal) => `- ${signal.severity.toUpperCase()} ${signal.signal} [${signal.source}] #${signal.configId}`
+      )
+    ].join("\n"),
+    csv: toCsvRows(
+      result.signals.map((signal) => ({
+        signal: signal.signal,
+        severity: signal.severity,
+        configId: signal.configId,
+        source: signal.source,
+        title: signal.title,
+        status: signal.status
+      }))
+    ),
+    human: () => {
+      console.log(
+        `Detection drift for ${options.org}: ${result.summary.signalCount} signal(s) across ${result.summary.checkedConfigs} config(s)`
+      );
+      for (const signal of result.signals) {
+        console.log(
+          `- ${signal.severity.toUpperCase()} ${signal.signal} [${signal.source}] config ${signal.configId}`
+        );
+      }
+      if (options.explain) {
+        console.log(
+          "Signals are based on zero results over threshold, noisy result/allow ratios, and stale query updates."
+        );
+      }
+    }
+  });
+  if (result.summary.signalCount > 0) {
+    throw new CliExitError("Detection drift signals found.", ExitCode.CHECK_FAILED);
+  }
+}
+export {
+  runDetectionsDrift
+};

package/dist/found-4O3AISNI.js

@@ -0,0 +1,93 @@
+import {
+  printOutput,
+  toCsvRows
+} from "./chunk-VFT3TD3E.js";
+import {
+  DateTime,
+  createApiClient
+} from "./chunk-H7UKKLCV.js";
+import "./chunk-EEG7T6WT.js";
+import "./chunk-U73SABXK.js";
+
+// src/lib/date-range.ts
+function resolveDateRange({
+  from,
+  to,
+  thisWeek
+}) {
+  if (from && to) {
+    return {
+      startDate: DateTime.fromISO(from).toUTC().toISO() ?? from,
+      endDate: DateTime.fromISO(to).toUTC().toISO() ?? to
+    };
+  }
+  if (from && !to) {
+    const now2 = DateTime.now().toUTC();
+    return {
+      startDate: DateTime.fromISO(from).toUTC().toISO() ?? from,
+      endDate: now2.toISO() ?? ""
+    };
+  }
+  if (!from && to) {
+    const end = DateTime.fromISO(to).toUTC();
+    return {
+      startDate: end.minus({ days: 7 }).toISO() ?? "",
+      endDate: end.toISO() ?? to
+    };
+  }
+  if (thisWeek) {
+    const now2 = DateTime.now().toUTC();
+    return {
+      startDate: now2.startOf("week").toISO() ?? now2.minus({ days: 7 }).toISO() ?? "",
+      endDate: now2.endOf("week").toISO() ?? now2.toISO() ?? ""
+    };
+  }
+  const now = DateTime.now().toUTC();
+  return {
+    startDate: now.minus({ days: 7 }).toISO() ?? "",
+    endDate: now.toISO() ?? ""
+  };
+}
+
+// src/commands/metrics/found.ts
+async function runMetricsFound(options) {
+  const range = resolveDateRange({
+    from: options.from,
+    to: options.to,
+    thisWeek: options.thisWeek
+  });
+  const client = options.apiClient ?? createApiClient();
+  const result = await client.getMetricsFound({
+    slug: options.org,
+    startDate: range.startDate,
+    endDate: range.endDate,
+    brandIds: options.brandIds
+  });
+  const outputFormat = options.outputFormat ?? (options.json ? "json" : "human");
+  printOutput({
+    outputFormat,
+    json: result,
+    markdown: [
+      `# Found Threats (${options.org})`,
+      "",
+      `- Metric: ${result.metric}`,
+      `- Found: ${result.found}`,
+      `- Range: ${range.startDate} -> ${range.endDate}`
+    ].join("\n"),
+    csv: toCsvRows([
+      {
+        metric: result.metric,
+        found: result.found,
+        startDate: range.startDate,
+        endDate: range.endDate
+      }
+    ]),
+    human: () => {
+      console.log(`Found threats (${result.metric}) for ${options.org}: ${result.found}`);
+      console.log(`Range: ${range.startDate} -> ${range.endDate}`);
+    }
+  });
+}
+export {
+  runMetricsFound
+};

package/dist/healthcheck-7DR5MGEQ.js

@@ -0,0 +1,94 @@
+import {
+  CliExitError,
+  ExitCode
+} from "./chunk-E2LAMILJ.js";
+import {
+  printOutput,
+  toCsvRows
+} from "./chunk-VFT3TD3E.js";
+import {
+  createApiClient
+} from "./chunk-H7UKKLCV.js";
+import "./chunk-EEG7T6WT.js";
+import "./chunk-U73SABXK.js";
+
+// src/commands/detections/healthcheck.ts
+async function runDetectionsHealthcheck(options) {
+  const client = options.apiClient ?? createApiClient();
+  const result = await client.validateDetectionConfigs({
+    slug: options.org,
+    source: options.source,
+    minResults: options.minResults,
+    lookbackHours: options.lookbackHours,
+    runBeforeValidate: options.run ?? false,
+    includeDisabled: options.includeDisabled ?? false
+  });
+  const outputFormat = options.outputFormat ?? (options.json ? "json" : "human");
+  const csv = toCsvRows(
+    result.validations.map((validation) => ({
+      configId: validation.configId,
+      source: validation.source,
+      status: validation.status,
+      valid: validation.valid,
+      ran: validation.ran,
+      runOk: validation.runOk,
+      recentResultCount: validation.recentResultCount,
+      runMessage: validation.runMessage
+    }))
+  );
+  const markdown = [
+    `# Detection Healthcheck (${options.org})`,
+    "",
+    `- Checked: ${result.summary.checkedConfigs}`,
+    `- Passing: ${result.summary.passingConfigs}`,
+    `- Failing: ${result.summary.failingConfigs}`,
+    `- Lookback hours: ${result.summary.lookbackHours}`,
+    `- Min results: ${result.summary.minResults}`,
+    "",
+    ...result.validations.map((validation) => {
+      const runState = validation.ran ? validation.runOk ? "run-ok" : "run-failed" : "not-run";
+      return `- ${validation.valid ? "PASS" : "FAIL"} [${validation.source}] #${validation.configId} results=${validation.recentResultCount} ${runState}`;
+    })
+  ].join("\n");
+  printOutput({
+    outputFormat,
+    json: {
+      ...result,
+      explanation: options.explain ? {
+        checkType: "detection_healthcheck",
+        failureCondition: "result.ok === false"
+      } : void 0
+    },
+    markdown,
+    csv,
+    human: () => {
+      console.log(
+        `Checked ${result.summary.checkedConfigs} config(s), ${result.summary.passingConfigs} passing, ${result.summary.failingConfigs} failing`
+      );
+      console.log(
+        `Lookback: ${result.summary.lookbackHours}h, minimum results per config: ${result.summary.minResults}`
+      );
+      for (const validation of result.validations) {
+        const icon = validation.valid ? "\u2713" : "\u2717";
+        const runState = validation.ran ? validation.runOk ? "run-ok" : "run-failed" : "not-run";
+        console.log(
+          `${icon} [${validation.source}] config ${validation.configId} (${validation.status}) results=${validation.recentResultCount} ${runState}`
+        );
+        if (validation.runMessage) {
+          console.log(`  ${validation.runMessage}`);
+        }
+      }
+      if (options.explain) {
+        console.log(
+          "Healthcheck fails when any config is below min-results or run check fails."
+        );
+      }
+    }
+  });
+  if (!result.ok) {
+    throw new CliExitError("Detection healthcheck failed.", ExitCode.CHECK_FAILED);
+  }
+}
+export {
+  runDetectionsHealthcheck
+};

package/dist/list-6L7XR4SZ.js

@@ -0,0 +1,94 @@
+import {
+  CliExitError,
+  ExitCode
+} from "./chunk-E2LAMILJ.js";
+import {
+  printOutput,
+  toCsvRows
+} from "./chunk-VFT3TD3E.js";
+import {
+  createApiClient
+} from "./chunk-H7UKKLCV.js";
+import "./chunk-EEG7T6WT.js";
+import "./chunk-U73SABXK.js";
+
+// src/commands/reports/list.ts
+function toReportRow(report) {
+  return {
+    id: report.id,
+    title: report.title,
+    status: report.status ?? "TODO",
+    createdAt: report.createdAt,
+    updatedAt: report.updatedAt,
+    assets: report.proposals.length,
+    reporter: report.externalReporter?.displayName ?? report.reporter?.fullName ?? report.externalReporter?.platform ?? "Unknown"
+  };
+}
+async function runReportsList(options) {
+  const outputFormat = options.outputFormat ?? (options.json ? "json" : "human");
+  const limit = options.limit ?? 10;
+  if (limit < 1 || limit > 20) {
+    throw new CliExitError(
+      "reports list requires --limit between 1 and 20.",
+      ExitCode.USAGE
+    );
+  }
+  const client = options.apiClient ?? createApiClient();
+  const result = await client.listOrganizationReports({
+    slug: options.org,
+    limit,
+    cursor: options.cursor,
+    status: options.status,
+    searchQuery: options.searchQuery
+  });
+  const rows = result.reports.map(toReportRow);
+  printOutput({
+    outputFormat,
+    json: {
+      ...result,
+      explanation: options.explain ? {
+        listMode: "organization_reports",
+        filters: {
+          limit,
+          cursor: options.cursor,
+          status: options.status,
+          searchQuery: options.searchQuery
+        }
+      } : void 0
+    },
+    markdown: [
+      `# Reports (${options.org})`,
+      "",
+      `- Returned: ${result.reports.length}`,
+      `- Next cursor: ${result.nextCursor ?? "none"}`,
+      "",
+      ...rows.map(
+        (row) => `- #${row.id} ${row.status} | ${row.title} | assets=${row.assets} | created=${row.createdAt}`
+      )
+    ].join("\n"),
+    csv: toCsvRows(rows),
+    human: () => {
+      if (result.reports.length === 0) {
+        console.log("No reports found.");
+        return;
+      }
+      console.log(`Reports for ${options.org} (returned ${result.reports.length})`);
+      for (const row of rows) {
+        console.log(
+          `#${row.id} [${row.status}] ${row.title} assets=${row.assets} created=${row.createdAt}`
+        );
+      }
+      if (result.nextCursor !== null) {
+        console.log(`Next cursor: ${result.nextCursor}`);
+      }
+      if (options.explain) {
+        console.log(
+          "Use --cursor <nextCursor> to paginate older reports and confirm creation history."
+        );
+      }
+    }
+  });
+}
+export {
+  runReportsList
+};

package/dist/list-HZAHEHDM.js

@@ -0,0 +1,40 @@
+import {
+  PRESETS
+} from "./chunk-D2QGXYXZ.js";
+import "./chunk-E2LAMILJ.js";
+import {
+  printOutput,
+  toCsvRows
+} from "./chunk-VFT3TD3E.js";
+import "./chunk-H7UKKLCV.js";
+import "./chunk-EEG7T6WT.js";
+import "./chunk-U73SABXK.js";
+
+// src/commands/presets/list.ts
+async function runPresetsList({ outputFormat }) {
+  printOutput({
+    outputFormat,
+    json: { presets: PRESETS },
+    markdown: [
+      "# Available Presets",
+      "",
+      ...PRESETS.map((preset) => `- \`${preset.id}\`: ${preset.description}`)
+    ].join("\n"),
+    csv: toCsvRows(
+      PRESETS.map((preset) => ({
+        id: preset.id,
+        title: preset.title,
+        description: preset.description
+      }))
+    ),
+    human: () => {
+      console.log("Available presets:");
+      for (const preset of PRESETS) {
+        console.log(`- ${preset.id}: ${preset.description}`);
+      }
+    }
+  });
+}
+export {
+  runPresetsList
+};