@cloud-copilot/iam-shrink 0.1.26 → 0.1.28
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +9 -0
- package/dist/cjs/cli.js +24 -27
- package/dist/cjs/cli.js.map +1 -1
- package/dist/cjs/cli_utils.js +1 -1
- package/dist/cjs/cli_utils.js.map +1 -1
- package/dist/cjs/readPackageFile.d.ts +2 -1
- package/dist/cjs/readPackageFile.d.ts.map +1 -1
- package/dist/cjs/readPackageFile.js +7 -4
- package/dist/cjs/readPackageFile.js.map +1 -1
- package/dist/esm/cli.js +25 -28
- package/dist/esm/cli.js.map +1 -1
- package/dist/esm/cli_utils.js +2 -2
- package/dist/esm/cli_utils.js.map +1 -1
- package/dist/esm/readPackageFile.d.ts +2 -1
- package/dist/esm/readPackageFile.d.ts.map +1 -1
- package/dist/esm/readPackageFile.js +8 -5
- package/dist/esm/readPackageFile.js.map +1 -1
- package/dist/esm/readPackageFileEsm.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/cli.ts +30 -28
- package/src/cli_utils.ts +2 -2
- package/src/readPackageFile.ts +8 -4
- package/src/readPackageFileEsm.ts +9 -5
package/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,12 @@
|
|
|
1
|
+
## [0.1.28](https://github.com/cloud-copilot/iam-shrink/compare/v0.1.27...v0.1.28) (2025-08-05)
|
|
2
|
+
|
|
3
|
+
|
|
4
|
+
### Features
|
|
5
|
+
|
|
6
|
+
* Upgrade CLI ([838d88d](https://github.com/cloud-copilot/iam-shrink/commit/838d88d688aa264aeed81941af3c40683c5ca2c1))
|
|
7
|
+
|
|
8
|
+
## [0.1.27](https://github.com/cloud-copilot/iam-shrink/compare/v0.1.26...v0.1.27) (2025-08-03)
|
|
9
|
+
|
|
1
10
|
## [0.1.26](https://github.com/cloud-copilot/iam-shrink/compare/v0.1.25...v0.1.26) (2025-07-19)
|
|
2
11
|
|
|
3
12
|
## [0.1.25](https://github.com/cloud-copilot/iam-shrink/compare/v0.1.24...v0.1.25) (2025-07-12)
|
package/dist/cjs/cli.js
CHANGED
|
@@ -19,43 +19,40 @@ async function shrinkAndPrint(actions, shrinkOptions) {
|
|
|
19
19
|
}
|
|
20
20
|
}
|
|
21
21
|
async function run() {
|
|
22
|
-
const
|
|
23
|
-
|
|
24
|
-
removeSids: {
|
|
25
|
-
type: 'boolean',
|
|
22
|
+
const cli = await (0, cli_1.parseCliArguments)('iam-shrink', {}, {
|
|
23
|
+
removeSids: (0, cli_1.booleanArgument)({
|
|
26
24
|
description: 'Remove Sid fields from the policy statements',
|
|
27
25
|
character: 's'
|
|
28
|
-
},
|
|
29
|
-
removeWhitespace: {
|
|
30
|
-
type: 'boolean',
|
|
26
|
+
}),
|
|
27
|
+
removeWhitespace: (0, cli_1.booleanArgument)({
|
|
31
28
|
description: 'Remove whitespace from the policy output',
|
|
32
29
|
character: 'w'
|
|
33
|
-
},
|
|
34
|
-
iterations: {
|
|
35
|
-
type: 'number',
|
|
30
|
+
}),
|
|
31
|
+
iterations: (0, cli_1.numberArgument)({
|
|
36
32
|
description: 'How many iterations of shrinking should be executed, defaults to 2; zero or less means no limit',
|
|
37
|
-
|
|
38
|
-
},
|
|
39
|
-
levels: {
|
|
40
|
-
type: 'enum',
|
|
33
|
+
defaultValue: 2
|
|
34
|
+
}),
|
|
35
|
+
levels: (0, cli_1.enumArrayArgument)({
|
|
41
36
|
description: 'The access levels to reduce in the policy, defaults to all levels',
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
},
|
|
45
|
-
readWaitMs: {
|
|
46
|
-
description: 'Milliseconds to wait for the first byte from stdin before timing out'
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
},
|
|
50
|
-
showDataVersion: {
|
|
37
|
+
validValues: shrink_js_1.allActionAccessLevels,
|
|
38
|
+
defaultValue: []
|
|
39
|
+
}),
|
|
40
|
+
readWaitMs: (0, cli_1.numberArgument)({
|
|
41
|
+
description: 'Milliseconds to wait for the first byte from stdin before timing out'
|
|
42
|
+
}),
|
|
43
|
+
showDataVersion: (0, cli_1.booleanArgument)({
|
|
51
44
|
character: 'd',
|
|
52
|
-
description: 'Print the version of the iam-data package being used and exit'
|
|
53
|
-
|
|
54
|
-
}
|
|
45
|
+
description: 'Print the version of the iam-data package being used and exit'
|
|
46
|
+
})
|
|
55
47
|
}, {
|
|
56
48
|
operandsName: 'action',
|
|
57
49
|
allowOperandsFromStdin: true,
|
|
58
|
-
version:
|
|
50
|
+
version: {
|
|
51
|
+
currentVersion() {
|
|
52
|
+
return (0, cli_utils_js_1.getPackageVersion)();
|
|
53
|
+
},
|
|
54
|
+
checkForUpdates: '@cloud-copilot/iam-shrink'
|
|
55
|
+
}
|
|
59
56
|
});
|
|
60
57
|
if (cli.args.showDataVersion) {
|
|
61
58
|
const version = await (0, iam_data_1.iamDataVersion)();
|
package/dist/cjs/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";;;AAEA,
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";;;AAEA,4CAK2B;AAC3B,sDAA0E;AAC1E,iDAKuB;AACvB,2CAA0E;AAE1E,MAAM,WAAW,GAAG,yBAAyB,CAAA;AAE7C,KAAK,UAAU,cAAc,CAAC,OAAiB,EAAE,aAAqC;IACpF,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,IAAA,kBAAM,EAAC,OAAO,EAAE,aAAa,CAAC,CAAA;QACnD,KAAK,MAAM,MAAM,IAAI,MAAM,EAAE,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QACrB,CAAC;IACH,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;QACxB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,GAAG,GAAG,MAAM,IAAA,uBAAiB,EACjC,YAAY,EACZ,EAAE,EACF;QACE,UAAU,EAAE,IAAA,qBAAe,EAAC;YAC1B,WAAW,EAAE,8CAA8C;YAC3D,SAAS,EAAE,GAAG;SACf,CAAC;QACF,gBAAgB,EAAE,IAAA,qBAAe,EAAC;YAChC,WAAW,EAAE,0CAA0C;YACvD,SAAS,EAAE,GAAG;SACf,CAAC;QACF,UAAU,EAAE,IAAA,oBAAc,EAAC;YACzB,WAAW,EACT,iGAAiG;YACnG,YAAY,EAAE,CAAC;SAChB,CAAC;QACF,MAAM,EAAE,IAAA,uBAAiB,EAAC;YACxB,WAAW,EAAE,mEAAmE;YAChF,WAAW,EAAE,iCAAqB;YAClC,YAAY,EAAE,EAAE;SACjB,CAAC;QACF,UAAU,EAAE,IAAA,oBAAc,EAAC;YACzB,WAAW,EAAE,sEAAsE;SACpF,CAAC;QACF,eAAe,EAAE,IAAA,qBAAe,EAAC;YAC/B,SAAS,EAAE,GAAG;YACd,WAAW,EAAE,+DAA+D;SAC7E,CAAC;KACH,EACD;QACE,YAAY,EAAE,QAAQ;QACtB,sBAAsB,EAAE,IAAI;QAC5B,OAAO,EAAE;YACP,cAAc;gBACZ,OAAO,IAAA,gCAAiB,GAAE,CAAA;YAC5B,CAAC;YACD,eAAe,EAAE,2BAA2B;SAC7C;KACF,CACF,CAAA;IAED,IAAI,GAAG,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;QAC7B,MAAM,OAAO,GAAG,MAAM,IAAA,yBAAc,GAAE,CAAA;QACtC,OAAO,CAAC,GAAG,CAAC,GAAG,WAAW,aAAa,OAAO,EAAE,CAAC,CAAA;QACjD,OAAO,CAAC,GAAG,CAAC,sBAAsB,MAAM,IAAA,2BAAgB,GAAE,EAAE,CAAC,CAAA;QAC7D,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAA;QAClC,OAAO,CAAC,GAAG,CAAC,gBAAgB,WAAW,EAAE,CAAC,CAAA;QAC1C,OAAO,CAAC,GAAG,CAAC,mBAAmB,WAAW,EAAE,CAAC,CAAA;QAC7C,OAAM;IACR,CAAC;IAED,MAAM,aAAa,GAAG,GAAG,CAAC,QAAQ,CAAA;IAElC,MAAM,UAAU,GAAG;QACjB,GAAG,GAAG,CAAC,IAAI;QACX,UAAU,EAAE,IAAA,wCAAyB,EAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC;QAC1D,MAAM,EAAE,IAAA,4BAAa,EAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC;KACvC,CAAA;IACD,IAAI,UAAU,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACxC,OAAO,UAAU,CAAC,UAAU,CAAA;IAC9B,CAAC;IAED,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,6CAA6C;QAC7C,MAAM,WAAW,GAAG,MAAM,IAAA,yBAAU,EAAC,UAAU,CAAC,CAAA;QAChD,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;YACvB,MAAM,MAAM,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YAClD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC,CAAA;YAC7D,OAAM;QACR,CAAC;aAAM,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC;YAC/B,aAAa,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,OAAO,CAAC,CAAA;QAC5C,CAAC;IACH,CAAC;IAED,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,MAAM,cAAc,CAAC,aAAa,EAAE,UAAU,CAAC,CAAA;QAC/C,OAAM;IACR,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAA;IACtD,GAAG,CAAC,SAAS,EAAE,CAAA;AACjB,CAAC;AAED,GAAG,EAAE;KACF,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IACX,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC,CAAC;KACD,IAAI,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC;KACd,OAAO,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA"}
|
package/dist/cjs/cli_utils.js
CHANGED
|
@@ -55,7 +55,7 @@ async function parseStdIn(options) {
|
|
|
55
55
|
* @returns the package version
|
|
56
56
|
*/
|
|
57
57
|
async function getPackageVersion() {
|
|
58
|
-
const packageData = await (0, readPackageFile_js_1.
|
|
58
|
+
const packageData = await (0, readPackageFile_js_1.getPackageFileReader)().readFile(['package.json']);
|
|
59
59
|
const packageInfo = JSON.parse(packageData);
|
|
60
60
|
return packageInfo.version;
|
|
61
61
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli_utils.js","sourceRoot":"","sources":["../../src/cli_utils.ts"],"names":[],"mappings":";;AAUA,8DAMC;AAED,sCAMC;AAGD,sEAMC;AAOD,gCAgBC;AAOD,8CAIC;AAnED,4CAA8C;AAC9C,
|
|
1
|
+
{"version":3,"file":"cli_utils.js","sourceRoot":"","sources":["../../src/cli_utils.ts"],"names":[],"mappings":";;AAUA,8DAMC;AAED,sCAMC;AAGD,sEAMC;AAOD,gCAgBC;AAOD,8CAIC;AAnED,4CAA8C;AAC9C,6DAA2D;AAC3D,2CAAqF;AACrF,qDAAqD;AAOrD,SAAgB,yBAAyB,CAAC,UAA8B;IACtE,IAAI,UAAU,IAAI,SAAS,IAAI,UAAU,IAAI,CAAC,EAAE,CAAC;QAC/C,OAAO,QAAQ,CAAA;IACjB,CAAC;SAAM,CAAC;QACN,OAAO,UAAU,CAAA;IACnB,CAAC;AACH,CAAC;AAED,SAAgB,aAAa,CAAC,MAA2B;IACvD,IAAI,MAAM,KAAK,SAAS,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChD,MAAM,GAAG,iCAAqB,CAAA;IAChC,CAAC;IAED,OAAO,MAAM,CAAA;AACf,CAAC;AAED,MAAM,aAAa,GAAG,mCAAmC,CAAA;AACzD,SAAgB,6BAA6B,CAAC,IAAY;IACxD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAA;IAE5C,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC;SACvB,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;SAC5E,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;AAC7B,CAAC;AAED;;;;GAIG;AACI,KAAK,UAAU,UAAU,CAC9B,OAA4B;IAE5B,MAAM,IAAI,GAAG,MAAM,IAAA,eAAS,EAAC,OAAO,CAAC,UAAU,CAAC,CAAA;IAChD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,IAAA,mCAAkB,EAAC,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAA;QAClE,OAAO,EAAE,MAAM,EAAE,CAAA;IACnB,CAAC;IAAC,OAAO,GAAQ,EAAE,CAAC,CAAA,CAAC;IAErB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAC9B,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,6BAA6B,CAAC,IAAI,CAAC,CAAC,CAAA;IAC5E,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAA;AAC7B,CAAC;AAED;;;;GAIG;AACI,KAAK,UAAU,iBAAiB;IACrC,MAAM,WAAW,GAAG,MAAM,IAAA,yCAAoB,GAAE,CAAC,QAAQ,CAAC,CAAC,cAAc,CAAC,CAAC,CAAA;IAC3E,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;IAC3C,OAAO,WAAW,CAAC,OAAO,CAAA;AAC5B,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"readPackageFile.d.ts","sourceRoot":"","sources":["../../src/readPackageFile.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"readPackageFile.d.ts","sourceRoot":"","sources":["../../src/readPackageFile.ts"],"names":[],"mappings":"AAAA,OAAO,EAA2B,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AAS/E,wBAAgB,oBAAoB,IAAI,iBAAiB,CAKxD"}
|
|
@@ -1,13 +1,16 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.getPackageFileReader = getPackageFileReader;
|
|
4
4
|
const cli_1 = require("@cloud-copilot/cli");
|
|
5
5
|
let levels = 2;
|
|
6
6
|
if (__filename.includes('src')) {
|
|
7
7
|
levels = 1;
|
|
8
8
|
}
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
9
|
+
let fileReader = undefined;
|
|
10
|
+
function getPackageFileReader() {
|
|
11
|
+
if (!fileReader) {
|
|
12
|
+
fileReader = (0, cli_1.createPackageFileReader)(__filename, levels);
|
|
13
|
+
}
|
|
14
|
+
return fileReader;
|
|
12
15
|
}
|
|
13
16
|
//# sourceMappingURL=readPackageFile.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"readPackageFile.js","sourceRoot":"","sources":["../../src/readPackageFile.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"readPackageFile.js","sourceRoot":"","sources":["../../src/readPackageFile.ts"],"names":[],"mappings":";;AASA,oDAKC;AAdD,4CAA+E;AAE/E,IAAI,MAAM,GAAG,CAAC,CAAA;AACd,IAAI,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;IAC/B,MAAM,GAAG,CAAC,CAAA;AACZ,CAAC;AAED,IAAI,UAAU,GAAkC,SAAS,CAAA;AAEzD,SAAgB,oBAAoB;IAClC,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,UAAU,GAAG,IAAA,6BAAuB,EAAC,UAAU,EAAE,MAAM,CAAC,CAAA;IAC1D,CAAC;IACD,OAAO,UAAU,CAAA;AACnB,CAAC"}
|
package/dist/esm/cli.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
|
-
import { parseCliArguments } from '@cloud-copilot/cli';
|
|
2
|
+
import { booleanArgument, enumArrayArgument, numberArgument, parseCliArguments } from '@cloud-copilot/cli';
|
|
3
3
|
import { iamDataUpdatedAt, iamDataVersion } from '@cloud-copilot/iam-data';
|
|
4
4
|
import { convertLevels, convertNumberOfIterations, getPackageVersion, parseStdIn } from './cli_utils.js';
|
|
5
5
|
import { allActionAccessLevels, shrink } from './shrink.js';
|
|
@@ -17,43 +17,40 @@ async function shrinkAndPrint(actions, shrinkOptions) {
|
|
|
17
17
|
}
|
|
18
18
|
}
|
|
19
19
|
async function run() {
|
|
20
|
-
const
|
|
21
|
-
|
|
22
|
-
removeSids: {
|
|
23
|
-
type: 'boolean',
|
|
20
|
+
const cli = await parseCliArguments('iam-shrink', {}, {
|
|
21
|
+
removeSids: booleanArgument({
|
|
24
22
|
description: 'Remove Sid fields from the policy statements',
|
|
25
23
|
character: 's'
|
|
26
|
-
},
|
|
27
|
-
removeWhitespace: {
|
|
28
|
-
type: 'boolean',
|
|
24
|
+
}),
|
|
25
|
+
removeWhitespace: booleanArgument({
|
|
29
26
|
description: 'Remove whitespace from the policy output',
|
|
30
27
|
character: 'w'
|
|
31
|
-
},
|
|
32
|
-
iterations: {
|
|
33
|
-
type: 'number',
|
|
28
|
+
}),
|
|
29
|
+
iterations: numberArgument({
|
|
34
30
|
description: 'How many iterations of shrinking should be executed, defaults to 2; zero or less means no limit',
|
|
35
|
-
|
|
36
|
-
},
|
|
37
|
-
levels: {
|
|
38
|
-
type: 'enum',
|
|
31
|
+
defaultValue: 2
|
|
32
|
+
}),
|
|
33
|
+
levels: enumArrayArgument({
|
|
39
34
|
description: 'The access levels to reduce in the policy, defaults to all levels',
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
},
|
|
43
|
-
readWaitMs: {
|
|
44
|
-
description: 'Milliseconds to wait for the first byte from stdin before timing out'
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
},
|
|
48
|
-
showDataVersion: {
|
|
35
|
+
validValues: allActionAccessLevels,
|
|
36
|
+
defaultValue: []
|
|
37
|
+
}),
|
|
38
|
+
readWaitMs: numberArgument({
|
|
39
|
+
description: 'Milliseconds to wait for the first byte from stdin before timing out'
|
|
40
|
+
}),
|
|
41
|
+
showDataVersion: booleanArgument({
|
|
49
42
|
character: 'd',
|
|
50
|
-
description: 'Print the version of the iam-data package being used and exit'
|
|
51
|
-
|
|
52
|
-
}
|
|
43
|
+
description: 'Print the version of the iam-data package being used and exit'
|
|
44
|
+
})
|
|
53
45
|
}, {
|
|
54
46
|
operandsName: 'action',
|
|
55
47
|
allowOperandsFromStdin: true,
|
|
56
|
-
version:
|
|
48
|
+
version: {
|
|
49
|
+
currentVersion() {
|
|
50
|
+
return getPackageVersion();
|
|
51
|
+
},
|
|
52
|
+
checkForUpdates: '@cloud-copilot/iam-shrink'
|
|
53
|
+
}
|
|
57
54
|
});
|
|
58
55
|
if (cli.args.showDataVersion) {
|
|
59
56
|
const version = await iamDataVersion();
|
package/dist/esm/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EACL,eAAe,EACf,iBAAiB,EACjB,cAAc,EACd,iBAAiB,EAClB,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAC1E,OAAO,EACL,aAAa,EACb,yBAAyB,EACzB,iBAAiB,EACjB,UAAU,EACX,MAAM,gBAAgB,CAAA;AACvB,OAAO,EAAE,qBAAqB,EAAE,MAAM,EAAiB,MAAM,aAAa,CAAA;AAE1E,MAAM,WAAW,GAAG,yBAAyB,CAAA;AAE7C,KAAK,UAAU,cAAc,CAAC,OAAiB,EAAE,aAAqC;IACpF,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;QACnD,KAAK,MAAM,MAAM,IAAI,MAAM,EAAE,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QACrB,CAAC;IACH,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;QACxB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,GAAG,GAAG,MAAM,iBAAiB,CACjC,YAAY,EACZ,EAAE,EACF;QACE,UAAU,EAAE,eAAe,CAAC;YAC1B,WAAW,EAAE,8CAA8C;YAC3D,SAAS,EAAE,GAAG;SACf,CAAC;QACF,gBAAgB,EAAE,eAAe,CAAC;YAChC,WAAW,EAAE,0CAA0C;YACvD,SAAS,EAAE,GAAG;SACf,CAAC;QACF,UAAU,EAAE,cAAc,CAAC;YACzB,WAAW,EACT,iGAAiG;YACnG,YAAY,EAAE,CAAC;SAChB,CAAC;QACF,MAAM,EAAE,iBAAiB,CAAC;YACxB,WAAW,EAAE,mEAAmE;YAChF,WAAW,EAAE,qBAAqB;YAClC,YAAY,EAAE,EAAE;SACjB,CAAC;QACF,UAAU,EAAE,cAAc,CAAC;YACzB,WAAW,EAAE,sEAAsE;SACpF,CAAC;QACF,eAAe,EAAE,eAAe,CAAC;YAC/B,SAAS,EAAE,GAAG;YACd,WAAW,EAAE,+DAA+D;SAC7E,CAAC;KACH,EACD;QACE,YAAY,EAAE,QAAQ;QACtB,sBAAsB,EAAE,IAAI;QAC5B,OAAO,EAAE;YACP,cAAc;gBACZ,OAAO,iBAAiB,EAAE,CAAA;YAC5B,CAAC;YACD,eAAe,EAAE,2BAA2B;SAC7C;KACF,CACF,CAAA;IAED,IAAI,GAAG,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;QAC7B,MAAM,OAAO,GAAG,MAAM,cAAc,EAAE,CAAA;QACtC,OAAO,CAAC,GAAG,CAAC,GAAG,WAAW,aAAa,OAAO,EAAE,CAAC,CAAA;QACjD,OAAO,CAAC,GAAG,CAAC,sBAAsB,MAAM,gBAAgB,EAAE,EAAE,CAAC,CAAA;QAC7D,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAA;QAClC,OAAO,CAAC,GAAG,CAAC,gBAAgB,WAAW,EAAE,CAAC,CAAA;QAC1C,OAAO,CAAC,GAAG,CAAC,mBAAmB,WAAW,EAAE,CAAC,CAAA;QAC7C,OAAM;IACR,CAAC;IAED,MAAM,aAAa,GAAG,GAAG,CAAC,QAAQ,CAAA;IAElC,MAAM,UAAU,GAAG;QACjB,GAAG,GAAG,CAAC,IAAI;QACX,UAAU,EAAE,yBAAyB,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC;QAC1D,MAAM,EAAE,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC;KACvC,CAAA;IACD,IAAI,UAAU,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACxC,OAAO,UAAU,CAAC,UAAU,CAAA;IAC9B,CAAC;IAED,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,6CAA6C;QAC7C,MAAM,WAAW,GAAG,MAAM,UAAU,CAAC,UAAU,CAAC,CAAA;QAChD,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;YACvB,MAAM,MAAM,GAAG,UAAU,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;YAClD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC,CAAA;YAC7D,OAAM;QACR,CAAC;aAAM,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC;YAC/B,aAAa,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,OAAO,CAAC,CAAA;QAC5C,CAAC;IACH,CAAC;IAED,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,MAAM,cAAc,CAAC,aAAa,EAAE,UAAU,CAAC,CAAA;QAC/C,OAAM;IACR,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAA;IACtD,GAAG,CAAC,SAAS,EAAE,CAAA;AACjB,CAAC;AAED,GAAG,EAAE;KACF,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IACX,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC,CAAC;KACD,IAAI,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC;KACd,OAAO,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA"}
|
package/dist/esm/cli_utils.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { readStdin } from '@cloud-copilot/cli';
|
|
2
|
-
import {
|
|
2
|
+
import { getPackageFileReader } from './readPackageFile.js';
|
|
3
3
|
import { allActionAccessLevels } from './shrink.js';
|
|
4
4
|
import { shrinkJsonDocument } from './shrink_file.js';
|
|
5
5
|
export function convertNumberOfIterations(iterations) {
|
|
@@ -48,7 +48,7 @@ export async function parseStdIn(options) {
|
|
|
48
48
|
* @returns the package version
|
|
49
49
|
*/
|
|
50
50
|
export async function getPackageVersion() {
|
|
51
|
-
const packageData = await
|
|
51
|
+
const packageData = await getPackageFileReader().readFile(['package.json']);
|
|
52
52
|
const packageInfo = JSON.parse(packageData);
|
|
53
53
|
return packageInfo.version;
|
|
54
54
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli_utils.js","sourceRoot":"","sources":["../../src/cli_utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAC9C,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"cli_utils.js","sourceRoot":"","sources":["../../src/cli_utils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAA;AAC9C,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAA;AAC3D,OAAO,EAAqB,qBAAqB,EAAiB,MAAM,aAAa,CAAA;AACrF,OAAO,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAA;AAOrD,MAAM,UAAU,yBAAyB,CAAC,UAA8B;IACtE,IAAI,UAAU,IAAI,SAAS,IAAI,UAAU,IAAI,CAAC,EAAE,CAAC;QAC/C,OAAO,QAAQ,CAAA;IACjB,CAAC;SAAM,CAAC;QACN,OAAO,UAAU,CAAA;IACnB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,MAA2B;IACvD,IAAI,MAAM,KAAK,SAAS,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChD,MAAM,GAAG,qBAAqB,CAAA;IAChC,CAAC;IAED,OAAO,MAAM,CAAA;AACf,CAAC;AAED,MAAM,aAAa,GAAG,mCAAmC,CAAA;AACzD,MAAM,UAAU,6BAA6B,CAAC,IAAY;IACxD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAA;IAE5C,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC;SACvB,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;SAC5E,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;AAC7B,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,OAA4B;IAE5B,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;IAChD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAA;QAClE,OAAO,EAAE,MAAM,EAAE,CAAA;IACnB,CAAC;IAAC,OAAO,GAAQ,EAAE,CAAC,CAAA,CAAC;IAErB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAC9B,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,6BAA6B,CAAC,IAAI,CAAC,CAAC,CAAA;IAC5E,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAA;AAC7B,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB;IACrC,MAAM,WAAW,GAAG,MAAM,oBAAoB,EAAE,CAAC,QAAQ,CAAC,CAAC,cAAc,CAAC,CAAC,CAAA;IAC3E,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;IAC3C,OAAO,WAAW,CAAC,OAAO,CAAA;AAC5B,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"readPackageFile.d.ts","sourceRoot":"","sources":["../../src/readPackageFile.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"readPackageFile.d.ts","sourceRoot":"","sources":["../../src/readPackageFile.ts"],"names":[],"mappings":"AAAA,OAAO,EAA2B,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AAS/E,wBAAgB,oBAAoB,IAAI,iBAAiB,CAKxD"}
|
|
@@ -1,12 +1,15 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { createPackageFileReader } from '@cloud-copilot/cli';
|
|
2
2
|
let levels = 2;
|
|
3
3
|
//@ts-ignore
|
|
4
4
|
if (import.meta.url.includes('src')) {
|
|
5
5
|
levels = 1;
|
|
6
6
|
}
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
7
|
+
let fileReader = undefined;
|
|
8
|
+
export function getPackageFileReader() {
|
|
9
|
+
if (!fileReader) {
|
|
10
|
+
//@ts-ignore
|
|
11
|
+
fileReader = createPackageFileReader(import.meta.url, levels);
|
|
12
|
+
}
|
|
13
|
+
return fileReader;
|
|
11
14
|
}
|
|
12
15
|
//# sourceMappingURL=readPackageFileEsm.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"readPackageFileEsm.js","sourceRoot":"","sources":["../../src/readPackageFileEsm.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"readPackageFileEsm.js","sourceRoot":"","sources":["../../src/readPackageFileEsm.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAqB,MAAM,oBAAoB,CAAA;AAE/E,IAAI,MAAM,GAAG,CAAC,CAAA;AACd,YAAY;AACZ,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;IACpC,MAAM,GAAG,CAAC,CAAA;AACZ,CAAC;AAED,IAAI,UAAU,GAAkC,SAAS,CAAA;AAEzD,MAAM,UAAU,oBAAoB;IAClC,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,YAAY;QACZ,UAAU,GAAG,uBAAuB,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;IAC/D,CAAC;IACD,OAAO,UAAU,CAAA;AACnB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"readPackageFileEsm.d.ts","sourceRoot":"","sources":["../../src/readPackageFileEsm.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"readPackageFileEsm.d.ts","sourceRoot":"","sources":["../../src/readPackageFileEsm.ts"],"names":[],"mappings":"AAAA,OAAO,EAA2B,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AAU/E,wBAAgB,oBAAoB,IAAI,iBAAiB,CAMxD"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cloud-copilot/iam-shrink",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.28",
|
|
4
4
|
"description": "Shrink IAM Policies",
|
|
5
5
|
"scripts": {
|
|
6
6
|
"build": "npx tsc -p tsconfig.cjs.json && npx tsc -p tsconfig.esm.json && ./postbuild.sh",
|
|
@@ -111,6 +111,6 @@
|
|
|
111
111
|
]
|
|
112
112
|
},
|
|
113
113
|
"dependencies": {
|
|
114
|
-
"@cloud-copilot/cli": "^0.
|
|
114
|
+
"@cloud-copilot/cli": "^0.2.2"
|
|
115
115
|
}
|
|
116
116
|
}
|
package/src/cli.ts
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
2
|
|
|
3
|
-
import {
|
|
3
|
+
import {
|
|
4
|
+
booleanArgument,
|
|
5
|
+
enumArrayArgument,
|
|
6
|
+
numberArgument,
|
|
7
|
+
parseCliArguments
|
|
8
|
+
} from '@cloud-copilot/cli'
|
|
4
9
|
import { iamDataUpdatedAt, iamDataVersion } from '@cloud-copilot/iam-data'
|
|
5
10
|
import {
|
|
6
11
|
convertLevels,
|
|
@@ -25,48 +30,45 @@ async function shrinkAndPrint(actions: string[], shrinkOptions: Partial<ShrinkOp
|
|
|
25
30
|
}
|
|
26
31
|
|
|
27
32
|
async function run() {
|
|
28
|
-
const
|
|
29
|
-
const cli = parseCliArguments(
|
|
33
|
+
const cli = await parseCliArguments(
|
|
30
34
|
'iam-shrink',
|
|
31
35
|
{},
|
|
32
36
|
{
|
|
33
|
-
removeSids: {
|
|
34
|
-
type: 'boolean',
|
|
37
|
+
removeSids: booleanArgument({
|
|
35
38
|
description: 'Remove Sid fields from the policy statements',
|
|
36
39
|
character: 's'
|
|
37
|
-
},
|
|
38
|
-
removeWhitespace: {
|
|
39
|
-
type: 'boolean',
|
|
40
|
+
}),
|
|
41
|
+
removeWhitespace: booleanArgument({
|
|
40
42
|
description: 'Remove whitespace from the policy output',
|
|
41
43
|
character: 'w'
|
|
42
|
-
},
|
|
43
|
-
iterations: {
|
|
44
|
-
type: 'number',
|
|
44
|
+
}),
|
|
45
|
+
iterations: numberArgument({
|
|
45
46
|
description:
|
|
46
47
|
'How many iterations of shrinking should be executed, defaults to 2; zero or less means no limit',
|
|
47
|
-
|
|
48
|
-
},
|
|
49
|
-
levels: {
|
|
50
|
-
type: 'enum',
|
|
48
|
+
defaultValue: 2
|
|
49
|
+
}),
|
|
50
|
+
levels: enumArrayArgument({
|
|
51
51
|
description: 'The access levels to reduce in the policy, defaults to all levels',
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
},
|
|
55
|
-
readWaitMs: {
|
|
56
|
-
description: 'Milliseconds to wait for the first byte from stdin before timing out'
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
},
|
|
60
|
-
showDataVersion: {
|
|
52
|
+
validValues: allActionAccessLevels,
|
|
53
|
+
defaultValue: []
|
|
54
|
+
}),
|
|
55
|
+
readWaitMs: numberArgument({
|
|
56
|
+
description: 'Milliseconds to wait for the first byte from stdin before timing out'
|
|
57
|
+
}),
|
|
58
|
+
showDataVersion: booleanArgument({
|
|
61
59
|
character: 'd',
|
|
62
|
-
description: 'Print the version of the iam-data package being used and exit'
|
|
63
|
-
|
|
64
|
-
}
|
|
60
|
+
description: 'Print the version of the iam-data package being used and exit'
|
|
61
|
+
})
|
|
65
62
|
},
|
|
66
63
|
{
|
|
67
64
|
operandsName: 'action',
|
|
68
65
|
allowOperandsFromStdin: true,
|
|
69
|
-
version:
|
|
66
|
+
version: {
|
|
67
|
+
currentVersion() {
|
|
68
|
+
return getPackageVersion()
|
|
69
|
+
},
|
|
70
|
+
checkForUpdates: '@cloud-copilot/iam-shrink'
|
|
71
|
+
}
|
|
70
72
|
}
|
|
71
73
|
)
|
|
72
74
|
|
package/src/cli_utils.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { readStdin } from '@cloud-copilot/cli'
|
|
2
|
-
import {
|
|
2
|
+
import { getPackageFileReader } from './readPackageFile.js'
|
|
3
3
|
import { ActionAccessLevel, allActionAccessLevels, ShrinkOptions } from './shrink.js'
|
|
4
4
|
import { shrinkJsonDocument } from './shrink_file.js'
|
|
5
5
|
|
|
@@ -62,7 +62,7 @@ export async function parseStdIn(
|
|
|
62
62
|
* @returns the package version
|
|
63
63
|
*/
|
|
64
64
|
export async function getPackageVersion(): Promise<string> {
|
|
65
|
-
const packageData = await
|
|
65
|
+
const packageData = await getPackageFileReader().readFile(['package.json'])
|
|
66
66
|
const packageInfo = JSON.parse(packageData)
|
|
67
67
|
return packageInfo.version
|
|
68
68
|
}
|
package/src/readPackageFile.ts
CHANGED
|
@@ -1,11 +1,15 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { createPackageFileReader, PackageFileReader } from '@cloud-copilot/cli'
|
|
2
2
|
|
|
3
3
|
let levels = 2
|
|
4
4
|
if (__filename.includes('src')) {
|
|
5
5
|
levels = 1
|
|
6
6
|
}
|
|
7
7
|
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
8
|
+
let fileReader: PackageFileReader | undefined = undefined
|
|
9
|
+
|
|
10
|
+
export function getPackageFileReader(): PackageFileReader {
|
|
11
|
+
if (!fileReader) {
|
|
12
|
+
fileReader = createPackageFileReader(__filename, levels)
|
|
13
|
+
}
|
|
14
|
+
return fileReader
|
|
11
15
|
}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { createPackageFileReader, PackageFileReader } from '@cloud-copilot/cli'
|
|
2
2
|
|
|
3
3
|
let levels = 2
|
|
4
4
|
//@ts-ignore
|
|
@@ -6,8 +6,12 @@ if (import.meta.url.includes('src')) {
|
|
|
6
6
|
levels = 1
|
|
7
7
|
}
|
|
8
8
|
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
9
|
+
let fileReader: PackageFileReader | undefined = undefined
|
|
10
|
+
|
|
11
|
+
export function getPackageFileReader(): PackageFileReader {
|
|
12
|
+
if (!fileReader) {
|
|
13
|
+
//@ts-ignore
|
|
14
|
+
fileReader = createPackageFileReader(import.meta.url, levels)
|
|
15
|
+
}
|
|
16
|
+
return fileReader
|
|
13
17
|
}
|