@dotzen/dotzen 0.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +45 -0
- package/bin/dotzen.js +3 -0
- package/dist/cli/check.d.ts +9 -0
- package/dist/cli/check.js +79 -0
- package/dist/cli/main.d.ts +1 -0
- package/dist/cli/main.js +141 -0
- package/dist/cli/scaffold.d.ts +36 -0
- package/dist/cli/scaffold.js +171 -0
- package/dist/engine/evaluate.d.ts +31 -0
- package/dist/engine/evaluate.js +590 -0
- package/dist/hcl/model.d.ts +91 -0
- package/dist/hcl/model.js +5 -0
- package/dist/hcl/normalize.d.ts +16 -0
- package/dist/hcl/normalize.js +462 -0
- package/dist/hcl/parse.d.ts +13 -0
- package/dist/hcl/parse.js +85 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.js +37 -0
- package/dist/report/report.d.ts +18 -0
- package/dist/report/report.js +109 -0
- package/dist/result/errors.d.ts +27 -0
- package/dist/result/errors.js +3 -0
- package/dist/result/result.d.ts +22 -0
- package/dist/result/result.js +37 -0
- package/dist/spec/load.d.ts +14 -0
- package/dist/spec/load.js +78 -0
- package/dist/spec/rule.d.ts +161 -0
- package/dist/spec/rule.js +190 -0
- package/dist/version/config.d.ts +29 -0
- package/dist/version/config.js +66 -0
- package/dist/vocabulary/azure.d.ts +63 -0
- package/dist/vocabulary/azure.js +88 -0
- package/dist/vocabulary/gcp.d.ts +57 -0
- package/dist/vocabulary/gcp.js +80 -0
- package/dist/vocabulary/index.d.ts +174 -0
- package/dist/vocabulary/index.js +235 -0
- package/package.json +74 -0
|
@@ -0,0 +1,235 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.Approver = exports.Environment = exports.Acl = exports.HttpTokens = exports.EksLogType = exports.Protocol = exports.TlsPolicy = exports.AwsAttribute = exports.Tag = exports.Effect = exports.Cidr = exports.Port = exports.SqlSslMode = exports.OauthScope = exports.PrimitiveRole = exports.IamMember = exports.PublicAccessPreventionMode = exports.GcpAttribute = exports.GcpResource = exports.NetworkDefaultAction = exports.BuiltInRole = exports.SqlTlsVersion = exports.StorageTlsVersion = exports.AzureAttribute = exports.AzureResource = exports.ApiGatewayAuthorization = exports.Wildcard = exports.Block = exports.AwsResource = void 0;
|
|
4
|
+
/**
|
|
5
|
+
* Closed vocabulary for every domain value (doc 02). No bare strings.
|
|
6
|
+
*
|
|
7
|
+
* NOTE: doc 02 specifies `const enum`. We use regular `enum` here because
|
|
8
|
+
* `const enum` cannot be inlined across files by the esbuild/Vitest
|
|
9
|
+
* transpiler under `isolatedModules`. Regular `enum` gives the identical
|
|
10
|
+
* typo-safety (a misspelled member is a compile error); only cross-file
|
|
11
|
+
* inlining differs, which is irrelevant here. See doc 02 note.
|
|
12
|
+
*/
|
|
13
|
+
var AwsResource;
|
|
14
|
+
(function (AwsResource) {
|
|
15
|
+
AwsResource["SecurityGroup"] = "aws_security_group";
|
|
16
|
+
// The modern decomposed form of security-group ingress.
|
|
17
|
+
AwsResource["VpcSecurityGroupIngressRule"] = "aws_vpc_security_group_ingress_rule";
|
|
18
|
+
AwsResource["DbInstance"] = "aws_db_instance";
|
|
19
|
+
AwsResource["S3Bucket"] = "aws_s3_bucket";
|
|
20
|
+
// The modern decomposed form of an S3 bucket ACL (inline `acl` was
|
|
21
|
+
// deprecated in AWS provider v4).
|
|
22
|
+
AwsResource["S3BucketAcl"] = "aws_s3_bucket_acl";
|
|
23
|
+
AwsResource["S3BucketPublicAccessBlock"] = "aws_s3_bucket_public_access_block";
|
|
24
|
+
AwsResource["S3BucketPolicy"] = "aws_s3_bucket_policy";
|
|
25
|
+
AwsResource["EbsVolume"] = "aws_ebs_volume";
|
|
26
|
+
AwsResource["EfsFileSystem"] = "aws_efs_file_system";
|
|
27
|
+
AwsResource["KmsKey"] = "aws_kms_key";
|
|
28
|
+
AwsResource["Instance"] = "aws_instance";
|
|
29
|
+
AwsResource["DynamodbTable"] = "aws_dynamodb_table";
|
|
30
|
+
AwsResource["EcrRepository"] = "aws_ecr_repository";
|
|
31
|
+
AwsResource["IamPolicy"] = "aws_iam_policy";
|
|
32
|
+
AwsResource["IamRolePolicy"] = "aws_iam_role_policy";
|
|
33
|
+
AwsResource["EcsService"] = "aws_ecs_service";
|
|
34
|
+
AwsResource["EksCluster"] = "aws_eks_cluster";
|
|
35
|
+
AwsResource["Lb"] = "aws_lb";
|
|
36
|
+
AwsResource["LbListener"] = "aws_lb_listener";
|
|
37
|
+
AwsResource["EcsTaskDefinition"] = "aws_ecs_task_definition";
|
|
38
|
+
AwsResource["SecretsmanagerSecretVersion"] = "aws_secretsmanager_secret_version";
|
|
39
|
+
AwsResource["RdsCluster"] = "aws_rds_cluster";
|
|
40
|
+
AwsResource["RedshiftCluster"] = "aws_redshift_cluster";
|
|
41
|
+
AwsResource["ElasticacheReplicationGroup"] = "aws_elasticache_replication_group";
|
|
42
|
+
AwsResource["S3BucketServerSideEncryptionConfiguration"] = "aws_s3_bucket_server_side_encryption_configuration";
|
|
43
|
+
AwsResource["S3BucketVersioning"] = "aws_s3_bucket_versioning";
|
|
44
|
+
AwsResource["SecretsmanagerSecret"] = "aws_secretsmanager_secret";
|
|
45
|
+
AwsResource["SecretsmanagerSecretRotation"] = "aws_secretsmanager_secret_rotation";
|
|
46
|
+
AwsResource["Vpc"] = "aws_vpc";
|
|
47
|
+
AwsResource["FlowLog"] = "aws_flow_log";
|
|
48
|
+
AwsResource["Subnet"] = "aws_subnet";
|
|
49
|
+
AwsResource["Cloudtrail"] = "aws_cloudtrail";
|
|
50
|
+
AwsResource["IamAccountPasswordPolicy"] = "aws_iam_account_password_policy";
|
|
51
|
+
AwsResource["ApiGatewayMethod"] = "aws_api_gateway_method";
|
|
52
|
+
AwsResource["ApiGatewayStage"] = "aws_api_gateway_stage";
|
|
53
|
+
AwsResource["Apigatewayv2Stage"] = "aws_apigatewayv2_stage";
|
|
54
|
+
})(AwsResource || (exports.AwsResource = AwsResource = {}));
|
|
55
|
+
// Nested block names/paths, for `mustHaveBlock` / `denyBlockPresence`.
|
|
56
|
+
var Block;
|
|
57
|
+
(function (Block) {
|
|
58
|
+
Block["EncryptionConfig"] = "encryption_config";
|
|
59
|
+
// A GCP instance access_config (nested in network_interface) = public IP.
|
|
60
|
+
Block["NetworkInterfaceAccessConfig"] = "network_interface.access_config";
|
|
61
|
+
// GCP subnetwork VPC flow logs / storage bucket access logging.
|
|
62
|
+
Block["LogConfig"] = "log_config";
|
|
63
|
+
Block["Logging"] = "logging";
|
|
64
|
+
// AWS API Gateway stage access logging.
|
|
65
|
+
Block["AccessLogSettings"] = "access_log_settings";
|
|
66
|
+
})(Block || (exports.Block = Block = {}));
|
|
67
|
+
// Wildcard sentinel for list/value checks (e.g. an IAM/RBAC action of "*").
|
|
68
|
+
var Wildcard;
|
|
69
|
+
(function (Wildcard) {
|
|
70
|
+
Wildcard["All"] = "*";
|
|
71
|
+
})(Wildcard || (exports.Wildcard = Wildcard = {}));
|
|
72
|
+
// AWS API Gateway method authorization types. `NONE` = unauthenticated.
|
|
73
|
+
var ApiGatewayAuthorization;
|
|
74
|
+
(function (ApiGatewayAuthorization) {
|
|
75
|
+
ApiGatewayAuthorization["None"] = "NONE";
|
|
76
|
+
})(ApiGatewayAuthorization || (exports.ApiGatewayAuthorization = ApiGatewayAuthorization = {}));
|
|
77
|
+
// Multi-provider surface: the cloud-neutral engine (rules, conditions,
|
|
78
|
+
// normalized model) accepts any provider's resource/attribute vocabulary
|
|
79
|
+
// via these unions. Add a provider = add its module to the union here.
|
|
80
|
+
var azure_1 = require("./azure");
|
|
81
|
+
Object.defineProperty(exports, "AzureResource", { enumerable: true, get: function () { return azure_1.AzureResource; } });
|
|
82
|
+
Object.defineProperty(exports, "AzureAttribute", { enumerable: true, get: function () { return azure_1.AzureAttribute; } });
|
|
83
|
+
Object.defineProperty(exports, "StorageTlsVersion", { enumerable: true, get: function () { return azure_1.StorageTlsVersion; } });
|
|
84
|
+
Object.defineProperty(exports, "SqlTlsVersion", { enumerable: true, get: function () { return azure_1.SqlTlsVersion; } });
|
|
85
|
+
Object.defineProperty(exports, "BuiltInRole", { enumerable: true, get: function () { return azure_1.BuiltInRole; } });
|
|
86
|
+
Object.defineProperty(exports, "NetworkDefaultAction", { enumerable: true, get: function () { return azure_1.NetworkDefaultAction; } });
|
|
87
|
+
var gcp_1 = require("./gcp");
|
|
88
|
+
Object.defineProperty(exports, "GcpResource", { enumerable: true, get: function () { return gcp_1.GcpResource; } });
|
|
89
|
+
Object.defineProperty(exports, "GcpAttribute", { enumerable: true, get: function () { return gcp_1.GcpAttribute; } });
|
|
90
|
+
Object.defineProperty(exports, "PublicAccessPreventionMode", { enumerable: true, get: function () { return gcp_1.PublicAccessPreventionMode; } });
|
|
91
|
+
Object.defineProperty(exports, "IamMember", { enumerable: true, get: function () { return gcp_1.IamMember; } });
|
|
92
|
+
Object.defineProperty(exports, "PrimitiveRole", { enumerable: true, get: function () { return gcp_1.PrimitiveRole; } });
|
|
93
|
+
Object.defineProperty(exports, "OauthScope", { enumerable: true, get: function () { return gcp_1.OauthScope; } });
|
|
94
|
+
Object.defineProperty(exports, "SqlSslMode", { enumerable: true, get: function () { return gcp_1.SqlSslMode; } });
|
|
95
|
+
var Port;
|
|
96
|
+
(function (Port) {
|
|
97
|
+
Port[Port["SSH"] = 22] = "SSH";
|
|
98
|
+
Port[Port["RDP"] = 3389] = "RDP";
|
|
99
|
+
Port[Port["Postgres"] = 5432] = "Postgres";
|
|
100
|
+
Port[Port["MySQL"] = 3306] = "MySQL";
|
|
101
|
+
})(Port || (exports.Port = Port = {}));
|
|
102
|
+
var Cidr;
|
|
103
|
+
(function (Cidr) {
|
|
104
|
+
Cidr["Internet"] = "0.0.0.0/0";
|
|
105
|
+
Cidr["InternetV6"] = "::/0";
|
|
106
|
+
})(Cidr || (exports.Cidr = Cidr = {}));
|
|
107
|
+
var Effect;
|
|
108
|
+
(function (Effect) {
|
|
109
|
+
Effect["Block"] = "block";
|
|
110
|
+
Effect["Warn"] = "warn";
|
|
111
|
+
Effect["RequireApproval"] = "require_approval";
|
|
112
|
+
})(Effect || (exports.Effect = Effect = {}));
|
|
113
|
+
var Tag;
|
|
114
|
+
(function (Tag) {
|
|
115
|
+
Tag["Team"] = "team";
|
|
116
|
+
Tag["CostCenter"] = "cost_center";
|
|
117
|
+
Tag["Environment"] = "environment";
|
|
118
|
+
Tag["DataClassification"] = "data_classification";
|
|
119
|
+
})(Tag || (exports.Tag = Tag = {}));
|
|
120
|
+
var AwsAttribute;
|
|
121
|
+
(function (AwsAttribute) {
|
|
122
|
+
AwsAttribute["StorageEncrypted"] = "storage_encrypted";
|
|
123
|
+
AwsAttribute["PubliclyAccessible"] = "publicly_accessible";
|
|
124
|
+
AwsAttribute["MultiAz"] = "multi_az";
|
|
125
|
+
AwsAttribute["DeletionProtection"] = "deletion_protection";
|
|
126
|
+
AwsAttribute["IamDatabaseAuthenticationEnabled"] = "iam_database_authentication_enabled";
|
|
127
|
+
// Encryption at rest (aws_ebs_volume, aws_efs_file_system)
|
|
128
|
+
AwsAttribute["Encrypted"] = "encrypted";
|
|
129
|
+
// aws_kms_key
|
|
130
|
+
AwsAttribute["EnableKeyRotation"] = "enable_key_rotation";
|
|
131
|
+
// aws_s3_bucket_public_access_block
|
|
132
|
+
AwsAttribute["BlockPublicAcls"] = "block_public_acls";
|
|
133
|
+
AwsAttribute["BlockPublicPolicy"] = "block_public_policy";
|
|
134
|
+
AwsAttribute["IgnorePublicAcls"] = "ignore_public_acls";
|
|
135
|
+
AwsAttribute["RestrictPublicBuckets"] = "restrict_public_buckets";
|
|
136
|
+
AwsAttribute["BackupRetentionPeriod"] = "backup_retention_period";
|
|
137
|
+
// Nested-block attributes are addressed with a dotted path (the engine
|
|
138
|
+
// flattens `block { attr = ... }` to `block.attr`).
|
|
139
|
+
AwsAttribute["HttpTokens"] = "metadata_options.http_tokens";
|
|
140
|
+
AwsAttribute["ServerSideEncryptionEnabled"] = "server_side_encryption.enabled";
|
|
141
|
+
AwsAttribute["PointInTimeRecoveryEnabled"] = "point_in_time_recovery.enabled";
|
|
142
|
+
AwsAttribute["ImageScanOnPush"] = "image_scanning_configuration.scan_on_push";
|
|
143
|
+
// EC2 instance
|
|
144
|
+
AwsAttribute["RootBlockDeviceEncrypted"] = "root_block_device.encrypted";
|
|
145
|
+
AwsAttribute["AssociatePublicIpAddress"] = "associate_public_ip_address";
|
|
146
|
+
// ECS / EKS / ELB
|
|
147
|
+
AwsAttribute["AssignPublicIp"] = "network_configuration.assign_public_ip";
|
|
148
|
+
AwsAttribute["EndpointPublicAccess"] = "vpc_config.endpoint_public_access";
|
|
149
|
+
AwsAttribute["AccessLogsEnabled"] = "access_logs.enabled";
|
|
150
|
+
AwsAttribute["DropInvalidHeaderFields"] = "drop_invalid_header_fields";
|
|
151
|
+
// List-valued (EKS)
|
|
152
|
+
AwsAttribute["PublicAccessCidrs"] = "vpc_config.public_access_cidrs";
|
|
153
|
+
AwsAttribute["EnabledClusterLogTypes"] = "enabled_cluster_log_types";
|
|
154
|
+
// ALB / NLB listener
|
|
155
|
+
AwsAttribute["SslPolicy"] = "ssl_policy";
|
|
156
|
+
AwsAttribute["Protocol"] = "protocol";
|
|
157
|
+
// Secret-bearing attributes (must be a reference, never a literal)
|
|
158
|
+
AwsAttribute["SecretString"] = "secret_string";
|
|
159
|
+
AwsAttribute["Password"] = "password";
|
|
160
|
+
AwsAttribute["MasterPassword"] = "master_password";
|
|
161
|
+
AwsAttribute["AuthToken"] = "auth_token";
|
|
162
|
+
// Cross-resource association keys (child -> parent, for mustHaveAssociated)
|
|
163
|
+
AwsAttribute["Bucket"] = "bucket";
|
|
164
|
+
AwsAttribute["SecretId"] = "secret_id";
|
|
165
|
+
AwsAttribute["VpcId"] = "vpc_id";
|
|
166
|
+
// VPC subnet exposure
|
|
167
|
+
AwsAttribute["MapPublicIpOnLaunch"] = "map_public_ip_on_launch";
|
|
168
|
+
AwsAttribute["AssignIpv6AddressOnCreation"] = "assign_ipv6_address_on_creation";
|
|
169
|
+
// CloudTrail (audit logging)
|
|
170
|
+
AwsAttribute["IsMultiRegionTrail"] = "is_multi_region_trail";
|
|
171
|
+
AwsAttribute["EnableLogFileValidation"] = "enable_log_file_validation";
|
|
172
|
+
AwsAttribute["KmsKeyId"] = "kms_key_id";
|
|
173
|
+
// IAM account password policy
|
|
174
|
+
AwsAttribute["MinimumPasswordLength"] = "minimum_password_length";
|
|
175
|
+
AwsAttribute["RequireSymbols"] = "require_symbols";
|
|
176
|
+
AwsAttribute["RequireNumbers"] = "require_numbers";
|
|
177
|
+
AwsAttribute["RequireUppercaseCharacters"] = "require_uppercase_characters";
|
|
178
|
+
AwsAttribute["RequireLowercaseCharacters"] = "require_lowercase_characters";
|
|
179
|
+
AwsAttribute["PasswordReusePrevention"] = "password_reuse_prevention";
|
|
180
|
+
AwsAttribute["MaxPasswordAge"] = "max_password_age";
|
|
181
|
+
// API Gateway
|
|
182
|
+
AwsAttribute["Authorization"] = "authorization";
|
|
183
|
+
AwsAttribute["XrayTracingEnabled"] = "xray_tracing_enabled";
|
|
184
|
+
})(AwsAttribute || (exports.AwsAttribute = AwsAttribute = {}));
|
|
185
|
+
// Known weak ELB TLS policies (permit TLS 1.0/1.1). Use with `denyValue`.
|
|
186
|
+
var TlsPolicy;
|
|
187
|
+
(function (TlsPolicy) {
|
|
188
|
+
TlsPolicy["Legacy2015"] = "ELBSecurityPolicy-2015-05";
|
|
189
|
+
TlsPolicy["Tls10"] = "ELBSecurityPolicy-TLS-1-0-2015-04";
|
|
190
|
+
TlsPolicy["Tls11"] = "ELBSecurityPolicy-TLS-1-1-2017-01";
|
|
191
|
+
})(TlsPolicy || (exports.TlsPolicy = TlsPolicy = {}));
|
|
192
|
+
// Listener protocols (for `denyValue` on plaintext).
|
|
193
|
+
var Protocol;
|
|
194
|
+
(function (Protocol) {
|
|
195
|
+
Protocol["Http"] = "HTTP";
|
|
196
|
+
Protocol["Https"] = "HTTPS";
|
|
197
|
+
Protocol["Tcp"] = "TCP";
|
|
198
|
+
Protocol["Tls"] = "TLS";
|
|
199
|
+
})(Protocol || (exports.Protocol = Protocol = {}));
|
|
200
|
+
// EKS control-plane log types (for `listMustInclude`).
|
|
201
|
+
var EksLogType;
|
|
202
|
+
(function (EksLogType) {
|
|
203
|
+
EksLogType["Api"] = "api";
|
|
204
|
+
EksLogType["Audit"] = "audit";
|
|
205
|
+
EksLogType["Authenticator"] = "authenticator";
|
|
206
|
+
EksLogType["ControllerManager"] = "controllerManager";
|
|
207
|
+
EksLogType["Scheduler"] = "scheduler";
|
|
208
|
+
})(EksLogType || (exports.EksLogType = EksLogType = {}));
|
|
209
|
+
// Closed value set for EC2 instance metadata tokens (IMDSv1 vs IMDSv2).
|
|
210
|
+
var HttpTokens;
|
|
211
|
+
(function (HttpTokens) {
|
|
212
|
+
HttpTokens["Optional"] = "optional";
|
|
213
|
+
HttpTokens["Required"] = "required";
|
|
214
|
+
})(HttpTokens || (exports.HttpTokens = HttpTokens = {}));
|
|
215
|
+
var Acl;
|
|
216
|
+
(function (Acl) {
|
|
217
|
+
Acl["Private"] = "private";
|
|
218
|
+
Acl["PublicRead"] = "public-read";
|
|
219
|
+
Acl["PublicReadWrite"] = "public-read-write";
|
|
220
|
+
})(Acl || (exports.Acl = Acl = {}));
|
|
221
|
+
var Environment;
|
|
222
|
+
(function (Environment) {
|
|
223
|
+
Environment["Development"] = "development";
|
|
224
|
+
Environment["Staging"] = "staging";
|
|
225
|
+
Environment["Production"] = "production";
|
|
226
|
+
})(Environment || (exports.Environment = Environment = {}));
|
|
227
|
+
// Org-defined approval groups/roles. Enum-backed like every other domain
|
|
228
|
+
// value so a typo'd approver is a compile error, not a misrouted approval.
|
|
229
|
+
var Approver;
|
|
230
|
+
(function (Approver) {
|
|
231
|
+
Approver["PlatformTeam"] = "platform-team";
|
|
232
|
+
Approver["SecurityArchitect"] = "security-architect";
|
|
233
|
+
Approver["FinOps"] = "finops";
|
|
234
|
+
Approver["SRE"] = "sre";
|
|
235
|
+
})(Approver || (exports.Approver = Approver = {}));
|
package/package.json
ADDED
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@dotzen/dotzen",
|
|
3
|
+
"version": "0.0.1",
|
|
4
|
+
"description": "Prose as Code — governance for AI-generated Terraform (AWS, Azure, GCP).",
|
|
5
|
+
"license": "MIT",
|
|
6
|
+
"keywords": [
|
|
7
|
+
"terraform",
|
|
8
|
+
"hcl",
|
|
9
|
+
"governance",
|
|
10
|
+
"policy-as-code",
|
|
11
|
+
"iac",
|
|
12
|
+
"security",
|
|
13
|
+
"cis",
|
|
14
|
+
"compliance",
|
|
15
|
+
"aws",
|
|
16
|
+
"azure",
|
|
17
|
+
"gcp"
|
|
18
|
+
],
|
|
19
|
+
"repository": {
|
|
20
|
+
"type": "git",
|
|
21
|
+
"url": "git+https://gitlab.com/governance-tools/dotzen.git",
|
|
22
|
+
"directory": "packages/cli"
|
|
23
|
+
},
|
|
24
|
+
"homepage": "https://gitlab.com/governance-tools/dotzen#readme",
|
|
25
|
+
"bugs": {
|
|
26
|
+
"url": "https://gitlab.com/governance-tools/dotzen/-/issues"
|
|
27
|
+
},
|
|
28
|
+
"bin": {
|
|
29
|
+
"dotzen": "./bin/dotzen.js"
|
|
30
|
+
},
|
|
31
|
+
"main": "./dist/index.js",
|
|
32
|
+
"types": "./dist/index.d.ts",
|
|
33
|
+
"exports": {
|
|
34
|
+
".": {
|
|
35
|
+
"types": "./dist/index.d.ts",
|
|
36
|
+
"default": "./dist/index.js"
|
|
37
|
+
}
|
|
38
|
+
},
|
|
39
|
+
"files": [
|
|
40
|
+
"dist",
|
|
41
|
+
"bin"
|
|
42
|
+
],
|
|
43
|
+
"engines": {
|
|
44
|
+
"node": ">=18"
|
|
45
|
+
},
|
|
46
|
+
"publishConfig": {
|
|
47
|
+
"access": "public"
|
|
48
|
+
},
|
|
49
|
+
"scripts": {
|
|
50
|
+
"build": "tsc -p tsconfig.build.json",
|
|
51
|
+
"typecheck": "tsc --noEmit",
|
|
52
|
+
"test": "vitest run src",
|
|
53
|
+
"test:integration": "vitest run tests",
|
|
54
|
+
"coverage": "vitest run --coverage",
|
|
55
|
+
"lint": "eslint .",
|
|
56
|
+
"format:check": "prettier --check .",
|
|
57
|
+
"format": "prettier --write .",
|
|
58
|
+
"prepublishOnly": "npm run build"
|
|
59
|
+
},
|
|
60
|
+
"dependencies": {
|
|
61
|
+
"@cdktf/hcl2json": "^0.21.0",
|
|
62
|
+
"jiti": "^2.4.2"
|
|
63
|
+
},
|
|
64
|
+
"devDependencies": {
|
|
65
|
+
"@types/node": "^22.10.5",
|
|
66
|
+
"@vitest/coverage-v8": "^4.1.10",
|
|
67
|
+
"eslint": "^9.17.0",
|
|
68
|
+
"eslint-plugin-security": "^3.0.1",
|
|
69
|
+
"prettier": "^3.4.2",
|
|
70
|
+
"typescript": "^5.7.2",
|
|
71
|
+
"typescript-eslint": "^8.19.0",
|
|
72
|
+
"vitest": "^4.1.10"
|
|
73
|
+
}
|
|
74
|
+
}
|