@exelerus/openclaw-vexscan 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CLAUDE.md +112 -0
- package/README.md +149 -0
- package/SKILL.md +129 -0
- package/dist/index.d.ts +20 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +466 -0
- package/dist/index.js.map +1 -0
- package/dist/src/cli-wrapper.d.ts +18 -0
- package/dist/src/cli-wrapper.d.ts.map +1 -0
- package/dist/src/cli-wrapper.js +151 -0
- package/dist/src/cli-wrapper.js.map +1 -0
- package/dist/src/types.d.ts +48 -0
- package/dist/src/types.d.ts.map +1 -0
- package/dist/src/types.js +2 -0
- package/dist/src/types.js.map +1 -0
- package/index.ts +499 -0
- package/openclaw.plugin.json +52 -0
- package/package.json +44 -0
- package/src/cli-wrapper.ts +177 -0
- package/src/openclaw-sdk.d.ts +84 -0
- package/src/types.ts +53 -0
- package/tsconfig.json +18 -0
|
@@ -0,0 +1,151 @@
|
|
|
1
|
+
import { spawn } from "child_process";
|
|
2
|
+
import { existsSync } from "fs";
|
|
3
|
+
import { homedir, platform, arch } from "os";
|
|
4
|
+
import { join } from "path";
|
|
5
|
+
const REPO = "edimuj/vexscan";
|
|
6
|
+
const INSTALL_DIR = join(homedir(), ".local", "bin");
|
|
7
|
+
/**
|
|
8
|
+
* Common locations to search for the vexscan binary
|
|
9
|
+
*/
|
|
10
|
+
const SEARCH_PATHS = [
|
|
11
|
+
join(INSTALL_DIR, "vexscan"),
|
|
12
|
+
join(homedir(), ".cargo", "bin", "vexscan"),
|
|
13
|
+
"/usr/local/bin/vexscan",
|
|
14
|
+
"/opt/homebrew/bin/vexscan",
|
|
15
|
+
];
|
|
16
|
+
/**
|
|
17
|
+
* Find vexscan binary in common locations
|
|
18
|
+
*/
|
|
19
|
+
export async function findVexscan() {
|
|
20
|
+
// Check if in PATH
|
|
21
|
+
const inPath = await checkInPath("vexscan");
|
|
22
|
+
if (inPath)
|
|
23
|
+
return "vexscan";
|
|
24
|
+
// Check common locations
|
|
25
|
+
for (const path of SEARCH_PATHS) {
|
|
26
|
+
if (existsSync(path)) {
|
|
27
|
+
return path;
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
return null;
|
|
31
|
+
}
|
|
32
|
+
/**
|
|
33
|
+
* Check if a command exists in PATH
|
|
34
|
+
*/
|
|
35
|
+
async function checkInPath(cmd) {
|
|
36
|
+
return new Promise((resolve) => {
|
|
37
|
+
const proc = spawn("which", [cmd], { stdio: "pipe" });
|
|
38
|
+
proc.on("close", (code) => resolve(code === 0));
|
|
39
|
+
proc.on("error", () => resolve(false));
|
|
40
|
+
});
|
|
41
|
+
}
|
|
42
|
+
/**
|
|
43
|
+
* Install vexscan from GitHub releases
|
|
44
|
+
*/
|
|
45
|
+
export async function installVexscan() {
|
|
46
|
+
const os = platform();
|
|
47
|
+
const cpu = arch();
|
|
48
|
+
// Determine asset name
|
|
49
|
+
let osName;
|
|
50
|
+
switch (os) {
|
|
51
|
+
case "darwin":
|
|
52
|
+
osName = "macos";
|
|
53
|
+
break;
|
|
54
|
+
case "linux":
|
|
55
|
+
osName = "linux";
|
|
56
|
+
break;
|
|
57
|
+
default:
|
|
58
|
+
return null; // Windows not supported via this method
|
|
59
|
+
}
|
|
60
|
+
let archName;
|
|
61
|
+
switch (cpu) {
|
|
62
|
+
case "x64":
|
|
63
|
+
archName = "x86_64";
|
|
64
|
+
break;
|
|
65
|
+
case "arm64":
|
|
66
|
+
archName = "aarch64";
|
|
67
|
+
break;
|
|
68
|
+
default:
|
|
69
|
+
return null;
|
|
70
|
+
}
|
|
71
|
+
const assetName = `vexscan-${osName}-${archName}`;
|
|
72
|
+
try {
|
|
73
|
+
// Get latest version
|
|
74
|
+
const response = await fetch(`https://api.github.com/repos/${REPO}/releases/latest`);
|
|
75
|
+
if (!response.ok)
|
|
76
|
+
return null;
|
|
77
|
+
const release = (await response.json());
|
|
78
|
+
const version = release.tag_name;
|
|
79
|
+
const downloadUrl = `https://github.com/${REPO}/releases/download/${version}/${assetName}`;
|
|
80
|
+
// Download binary
|
|
81
|
+
const binaryResponse = await fetch(downloadUrl);
|
|
82
|
+
if (!binaryResponse.ok)
|
|
83
|
+
return null;
|
|
84
|
+
const binary = await binaryResponse.arrayBuffer();
|
|
85
|
+
// Write to install dir
|
|
86
|
+
const { mkdir, writeFile, chmod } = await import("fs/promises");
|
|
87
|
+
await mkdir(INSTALL_DIR, { recursive: true });
|
|
88
|
+
const binaryPath = join(INSTALL_DIR, "vexscan");
|
|
89
|
+
await writeFile(binaryPath, Buffer.from(binary));
|
|
90
|
+
await chmod(binaryPath, 0o755);
|
|
91
|
+
return binaryPath;
|
|
92
|
+
}
|
|
93
|
+
catch {
|
|
94
|
+
return null;
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
/**
|
|
98
|
+
* Execute an arbitrary command with arguments
|
|
99
|
+
*/
|
|
100
|
+
export async function execCommand(cmd, args) {
|
|
101
|
+
return new Promise((resolve, reject) => {
|
|
102
|
+
const proc = spawn(cmd, args, {
|
|
103
|
+
stdio: ["ignore", "pipe", "pipe"],
|
|
104
|
+
env: { ...process.env, NO_COLOR: "1" },
|
|
105
|
+
});
|
|
106
|
+
let stdout = "";
|
|
107
|
+
let stderr = "";
|
|
108
|
+
proc.stdout.on("data", (data) => {
|
|
109
|
+
stdout += data.toString();
|
|
110
|
+
});
|
|
111
|
+
proc.stderr.on("data", (data) => {
|
|
112
|
+
stderr += data.toString();
|
|
113
|
+
});
|
|
114
|
+
proc.on("close", (code) => {
|
|
115
|
+
resolve({ stdout, stderr, exitCode: code ?? 0 });
|
|
116
|
+
});
|
|
117
|
+
proc.on("error", (err) => {
|
|
118
|
+
reject(err);
|
|
119
|
+
});
|
|
120
|
+
});
|
|
121
|
+
}
|
|
122
|
+
/**
|
|
123
|
+
* Execute vexscan CLI with arguments
|
|
124
|
+
*/
|
|
125
|
+
export async function execVexscan(cliPath, args) {
|
|
126
|
+
return new Promise((resolve, reject) => {
|
|
127
|
+
const proc = spawn(cliPath, args, {
|
|
128
|
+
stdio: ["ignore", "pipe", "pipe"],
|
|
129
|
+
env: { ...process.env, NO_COLOR: "1" },
|
|
130
|
+
});
|
|
131
|
+
let stdout = "";
|
|
132
|
+
let stderr = "";
|
|
133
|
+
proc.stdout.on("data", (data) => {
|
|
134
|
+
stdout += data.toString();
|
|
135
|
+
});
|
|
136
|
+
proc.stderr.on("data", (data) => {
|
|
137
|
+
stderr += data.toString();
|
|
138
|
+
});
|
|
139
|
+
proc.on("close", (code) => {
|
|
140
|
+
resolve({
|
|
141
|
+
stdout,
|
|
142
|
+
stderr,
|
|
143
|
+
exitCode: code ?? 0,
|
|
144
|
+
});
|
|
145
|
+
});
|
|
146
|
+
proc.on("error", (err) => {
|
|
147
|
+
reject(err);
|
|
148
|
+
});
|
|
149
|
+
});
|
|
150
|
+
}
|
|
151
|
+
//# sourceMappingURL=cli-wrapper.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"cli-wrapper.js","sourceRoot":"","sources":["../../src/cli-wrapper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAChC,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,IAAI,CAAC;AAC7C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,MAAM,IAAI,GAAG,gBAAgB,CAAC;AAC9B,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;AAErD;;GAEG;AACH,MAAM,YAAY,GAAG;IACnB,IAAI,CAAC,WAAW,EAAE,SAAS,CAAC;IAC5B,IAAI,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,SAAS,CAAC;IAC3C,wBAAwB;IACxB,2BAA2B;CAC5B,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,mBAAmB;IACnB,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,SAAS,CAAC,CAAC;IAC5C,IAAI,MAAM;QAAE,OAAO,SAAS,CAAC;IAE7B,yBAAyB;IACzB,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;QAChC,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACrB,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,WAAW,CAAC,GAAW;IACpC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC;QACtD,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;QAChD,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,MAAM,EAAE,GAAG,QAAQ,EAAE,CAAC;IACtB,MAAM,GAAG,GAAG,IAAI,EAAE,CAAC;IAEnB,uBAAuB;IACvB,IAAI,MAAc,CAAC;IACnB,QAAQ,EAAE,EAAE,CAAC;QACX,KAAK,QAAQ;YACX,MAAM,GAAG,OAAO,CAAC;YACjB,MAAM;QACR,KAAK,OAAO;YACV,MAAM,GAAG,OAAO,CAAC;YACjB,MAAM;QACR;YACE,OAAO,IAAI,CAAC,CAAC,wCAAwC;IACzD,CAAC;IAED,IAAI,QAAgB,CAAC;IACrB,QAAQ,GAAG,EAAE,CAAC;QACZ,KAAK,KAAK;YACR,QAAQ,GAAG,QAAQ,CAAC;YACpB,MAAM;QACR,KAAK,OAAO;YACV,QAAQ,GAAG,SAAS,CAAC;YACrB,MAAM;QACR;YACE,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,MAAM,SAAS,GAAG,WAAW,MAAM,IAAI,QAAQ,EAAE,CAAC;IAElD,IAAI,CAAC;QACH,qBAAqB;QACrB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,gCAAgC,IAAI,kBAAkB,CAAC,CAAC;QACrF,IAAI,CAAC,QAAQ,CAAC,EAAE;YAAE,OAAO,IAAI,CAAC;QAE9B,MAAM,OAAO,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAyB,CAAC;QAChE,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC;QAEjC,MAAM,WAAW,GAAG,sBAAsB,IAAI,sBAAsB,OAAO,IAAI,SAAS,EAAE,CAAC;QAE3F,kBAAkB;QAClB,MAAM,cAAc,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,CAAC;QAChD,IAAI,CAAC,cAAc,CAAC,EAAE;YAAE,OAAO,IAAI,CAAC;QAEpC,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,WAAW,EAAE,CAAC;QAElD,uBAAuB;QACvB,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAChE,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAE9C,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;QAChD,MAAM,SAAS,CAAC,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;QACjD,MAAM,KAAK,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QAE/B,OAAO,UAAU,CAAC;IACpB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,GAAW,EAAE,IAAc;IAC3D,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE;YAC5B,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;YACjC,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE;SACvC,CAAC,CAAC;QAEH,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,IAAI,MAAM,GAAG,EAAE,CAAC;QAEhB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YAC9B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YAC9B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;YACxB,OAAO,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC,EAAE,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YACvB,MAAM,CAAC,GAAG,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,OAAe,EAAE,IAAc;IAC/D,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,EAAE,IAAI,EAAE;YAChC,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;YACjC,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE;SACvC,CAAC,CAAC;QAEH,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,IAAI,MAAM,GAAG,EAAE,CAAC;QAEhB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YAC9B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YAC9B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;YACxB,OAAO,CAAC;gBACN,MAAM;gBACN,MAAM;gBACN,QAAQ,EAAE,IAAI,IAAI,CAAC;aACpB,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YACvB,MAAM,CAAC,GAAG,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
export interface VexscanConfig {
|
|
2
|
+
enabled: boolean;
|
|
3
|
+
scanOnInstall: boolean;
|
|
4
|
+
minSeverity: string;
|
|
5
|
+
thirdPartyOnly: boolean;
|
|
6
|
+
skipDeps: boolean;
|
|
7
|
+
cliPath?: string;
|
|
8
|
+
}
|
|
9
|
+
export interface ScanResult {
|
|
10
|
+
scan_root: string;
|
|
11
|
+
platform?: string;
|
|
12
|
+
total_findings?: number;
|
|
13
|
+
max_severity?: string;
|
|
14
|
+
findings_by_severity?: Record<string, number>;
|
|
15
|
+
total_time_ms: number;
|
|
16
|
+
results: FileResult[];
|
|
17
|
+
}
|
|
18
|
+
export interface FileResult {
|
|
19
|
+
path: string;
|
|
20
|
+
findings: Finding[];
|
|
21
|
+
}
|
|
22
|
+
export interface Finding {
|
|
23
|
+
rule_id: string;
|
|
24
|
+
title: string;
|
|
25
|
+
description: string;
|
|
26
|
+
severity: string;
|
|
27
|
+
category: string;
|
|
28
|
+
location: Location;
|
|
29
|
+
snippet: string;
|
|
30
|
+
remediation?: string;
|
|
31
|
+
}
|
|
32
|
+
export interface Location {
|
|
33
|
+
file: string;
|
|
34
|
+
start_line: number;
|
|
35
|
+
end_line: number;
|
|
36
|
+
start_column: number;
|
|
37
|
+
end_column: number;
|
|
38
|
+
}
|
|
39
|
+
export interface VetResult extends ScanResult {
|
|
40
|
+
source: string;
|
|
41
|
+
branch?: string;
|
|
42
|
+
}
|
|
43
|
+
export interface ExecResult {
|
|
44
|
+
stdout: string;
|
|
45
|
+
stderr: string;
|
|
46
|
+
exitCode: number;
|
|
47
|
+
}
|
|
48
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,aAAa,EAAE,OAAO,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,OAAO,CAAC;IACxB,QAAQ,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,UAAU;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,oBAAoB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC9C,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,UAAU,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,OAAO,EAAE,CAAC;CACrB;AAED,MAAM,WAAW,OAAO;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,QAAQ,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,SAAU,SAAQ,UAAU;IAC3C,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;CAClB"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/types.ts"],"names":[],"mappings":""}
|