npm - @devshub198211/devguard - Versions diffs - 2.0.2 → 2.0.3 - Mend

@devshub198211/devguard 2.0.2 → 2.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

package/MODULES.md +261 -102
package/README.md +130 -139
package/SETUP.md +66 -123
package/dist/ai.d.ts +8 -0
package/dist/ai.js +1 -1
package/dist/{chunk-4WCL5IUZ.js → chunk-UXM7HRTI.js} +12 -2
package/dist/cli.js +530 -173
package/dist/index.js +1 -1
package/package.json +13 -38
package/dist/ai.cjs +0 -867
package/dist/ai.d.cts +0 -169
package/dist/api-contract-5kJEwFIh.d.cts +0 -157
package/dist/auth.cjs +0 -787
package/dist/auth.d.cts +0 -245
package/dist/cli.cjs +0 -1162
package/dist/cli.d.cts +0 -1
package/dist/dx.cjs +0 -747
package/dist/dx.d.cts +0 -96
package/dist/index.cjs +0 -2655
package/dist/index.d.cts +0 -38
package/dist/security.cjs +0 -654
package/dist/security.d.cts +0 -114

package/dist/security.d.cts DELETED Viewed

@@ -1,114 +0,0 @@
-interface LockfileEntry {
-    file: string;
-    hash: string;
-    size: number;
-    mtime: number;
-}
-interface LockfileReport {
-    valid: boolean;
-    tampered: string[];
-    missing: string[];
-    added: string[];
-    entries: LockfileEntry[];
-    scannedAt: string;
-}
-interface LockfileSnapshot {
-    version: 2;
-    createdAt: string;
-    host: string;
-    entries: Record<string, {
-        hash: string;
-        size: number;
-    }>;
-}
-declare function hashFile(filePath: string): string;
-declare function verifyLockfile(root?: string, snapshotPath?: string): LockfileReport;
-declare function createSnapshot(root?: string, snapshotPath?: string): LockfileSnapshot;
-/** Parse package-lock.json and extract all transitive dependency versions */
-declare function extractTransitiveDeps(root?: string): Record<string, string>;
-interface ScanRule {
-    id: string;
-    label: string;
-    severity: "critical" | "high" | "medium" | "low";
-    test: (script: string, decoded?: string) => boolean;
-}
-interface HookFinding {
-    package: string;
-    version: string;
-    script: string;
-    ruleId: string;
-    pattern: string;
-    severity: "critical" | "high" | "medium" | "low";
-    raw: string;
-    deobfuscated?: string;
-}
-declare function scanPackage(pkgJsonPath: string): HookFinding[];
-declare function scanNodeModules(root?: string): HookFinding[];
-declare function scanProject(root?: string): HookFinding[];
-interface TokenConfig {
-    name: string;
-    value: string;
-    provider: "github" | "npm" | "generic";
-    maxAgeDays?: number;
-    createdAt?: number;
-}
-interface TokenStatus {
-    name: string;
-    provider: string;
-    status: "ok" | "expiring_soon" | "stale" | "invalid" | "unknown";
-    ageDays: number | null;
-    maxAgeDays: number;
-    message: string;
-}
-interface RotationResult {
-    success: boolean;
-    newToken?: string;
-    error?: string;
-}
-declare function inspectGitHubToken(token: string, name?: string): Promise<TokenStatus>;
-declare function inspectNpmToken(token: string, name?: string): Promise<TokenStatus>;
-/**
- * Create a new npm token using an existing token.
- * WARNING: This uses the existing token for authentication. The caller should
- * revoke the old token after successful rotation.
- */
-declare function createNpmToken(existingToken: string, opts?: {
-    readonly?: boolean;
-    cidr?: string[];
-}): Promise<RotationResult>;
-declare function checkTokenAge(configs: TokenConfig[]): TokenStatus[];
-declare function maskToken(token: string): string;
-declare function loadTokensFromEnv(names: string[], maxAgeDays?: number): TokenConfig[];
-interface PinViolation {
-    name: string;
-    specifier: string;
-    field: "dependencies" | "devDependencies" | "peerDependencies" | "optionalDependencies";
-    suggestion: string;
-}
-interface SRICheck {
-    name: string;
-    version: string;
-    lockfileHash: string;
-    registryHash: string | null;
-    match: boolean | null;
-}
-declare function enforceExactPins(pkgJsonPath: string): PinViolation[];
-declare function extractLockfileSRI(root?: string): Record<string, {
-    version: string;
-    integrity: string;
-}>;
-declare function fetchRegistrySRI(name: string, version: string): Promise<string | null>;
-/**
- * Deterministic alphabetical sampling instead of Math.random().
- * Samples the first N packages alphabetically — reproducible across runs.
- */
-declare function verifySRI(root?: string, sampleSize?: number): Promise<SRICheck[]>;
-declare function autoPin(pkgJsonPath: string, dryRun?: boolean): {
-    fixed: number;
-    content?: string;
-};
-export { type HookFinding, type LockfileEntry, type LockfileReport, type LockfileSnapshot, type PinViolation, type RotationResult, type SRICheck, type ScanRule, type TokenConfig, type TokenStatus, autoPin, checkTokenAge, createNpmToken, createSnapshot, enforceExactPins, extractLockfileSRI, extractTransitiveDeps, fetchRegistrySRI, hashFile, inspectGitHubToken, inspectNpmToken, loadTokensFromEnv, maskToken, scanNodeModules, scanPackage, scanProject, verifyLockfile, verifySRI };